An update for thunderbird is now available for Red Hat Enterprise Linux 5, RedHat Enterprise Linux 6, and Red Hat Enterprise Linux 7.Red Hat Product Security has rated this update as having a security impact ofImportant.

A Common Vulnerability Scoring System (CVSS) base score, which givesa detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.
Mozilla Thunderbird is a standalone mail and newsgroup client.This update upgrades Thunderbird to version 45.6.0.Security Fix(es):* Multiple flaws were found in the processing of malformed web content.

A webpage containing malicious content could cause Thunderbird to crash or,potentially, execute arbitrary code with the privileges of the user runningThunderbird. (CVE-2016-9893, CVE-2016-9899, CVE-2016-9895, CVE-2016-9900,CVE-2016-9901, CVE-2016-9902, CVE-2016-9905)Red Hat would like to thank the Mozilla project for reporting these issues.Upstream acknowledges Wladimir Palant, Philipp, Andrew Krasichkov, insertscript,Jan de Mooij, Iris Hsiao, Christian Holler, Carsten Book, Timothy Nikkel,Christoph Diehl, Olli Pettay, Raymond Forbes, and Boris Zbarsky as the originalreporters.
For details on how to apply this update, which includes the changes described inthis advisory, refer to:https://access.redhat.com/articles/11258All running instances of Thunderbird must be restarted for the update to takeeffect.RHEL Optional Productivity Applications (v. 5 server)

SRPMS:
thunderbird-45.6.0-1.el5_11.src.rpm
    MD5: c62808d0b03356292a099a6d7ff53ae6SHA-256: 86b126093b2a3f7d3f1e53b10098109b719686a95ca5a0066e5588d1ffd9423e
 
IA-32:
thunderbird-45.6.0-1.el5_11.i386.rpm
    MD5: 857c3b49c10c597184f34060c9ab1135SHA-256: 1ce216019095d550bcac2a9c2946aa1181500cca830e0a5a2ddcbad176e8a6dc
thunderbird-debuginfo-45.6.0-1.el5_11.i386.rpm
    MD5: 562ba5e21ef2758119a9614c7adcec76SHA-256: c4682deb39a6d818e3c0ed5c434acb43e9a97f7f550c104848fcdc3addfc5b63
 
x86_64:
thunderbird-45.6.0-1.el5_11.x86_64.rpm
    MD5: 14aa6759aea1146e165c4640c06b7fe1SHA-256: ce934d607e344d263c174ee6a38d8a700721766a331462e76d70f2ef6b7b0266
thunderbird-debuginfo-45.6.0-1.el5_11.x86_64.rpm
    MD5: 22f0f986fbd8747aaf626284714863f0SHA-256: f9b7fd59a7a144af0d57e1df8c1f93a876db19ed3c395ab4d5bb791f5144495e
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
thunderbird-45.6.0-1.el5_11.src.rpm
    MD5: c62808d0b03356292a099a6d7ff53ae6SHA-256: 86b126093b2a3f7d3f1e53b10098109b719686a95ca5a0066e5588d1ffd9423e
 
IA-32:
thunderbird-45.6.0-1.el5_11.i386.rpm
    MD5: 857c3b49c10c597184f34060c9ab1135SHA-256: 1ce216019095d550bcac2a9c2946aa1181500cca830e0a5a2ddcbad176e8a6dc
thunderbird-debuginfo-45.6.0-1.el5_11.i386.rpm
    MD5: 562ba5e21ef2758119a9614c7adcec76SHA-256: c4682deb39a6d818e3c0ed5c434acb43e9a97f7f550c104848fcdc3addfc5b63
 
x86_64:
thunderbird-45.6.0-1.el5_11.x86_64.rpm
    MD5: 14aa6759aea1146e165c4640c06b7fe1SHA-256: ce934d607e344d263c174ee6a38d8a700721766a331462e76d70f2ef6b7b0266
thunderbird-debuginfo-45.6.0-1.el5_11.x86_64.rpm
    MD5: 22f0f986fbd8747aaf626284714863f0SHA-256: f9b7fd59a7a144af0d57e1df8c1f93a876db19ed3c395ab4d5bb791f5144495e
 
Red Hat Enterprise Linux Desktop (v. 6)

SRPMS:
thunderbird-45.6.0-1.el6_8.src.rpm
    MD5: 4a77c1a0b421367402019d7626bc7305SHA-256: a4d9835494fec495cae62942382aff9ffe82d5fba14871f445aab27eab95ed1d
 
IA-32:
thunderbird-45.6.0-1.el6_8.i686.rpm
    MD5: fab810cf2b469d781b34db69650e328aSHA-256: d1ed8a469767e4e166370edb28b0514d3ce526439594216eecec4e6e1d81c3de
thunderbird-debuginfo-45.6.0-1.el6_8.i686.rpm
    MD5: 7c60cea9506e48bfbaf16849c2674a92SHA-256: 696d3e9c2cae850cb85cda53e6d919c03d7fad2d79a20b5fccc992b8f42079af
 
x86_64:
thunderbird-45.6.0-1.el6_8.x86_64.rpm
    MD5: 914340bb6a89b7cc1625b3c19ee4bb61SHA-256: 58452427e0ff21b4e3b809488ffee27ad7d1f29e5b547c1566d8a327f0165fdc
thunderbird-debuginfo-45.6.0-1.el6_8.x86_64.rpm
    MD5: 7612a226f77b5c199838569a9406b566SHA-256: 4ed1af2db9f0213c9da8d15007ca45c24fc7d3d309a81f57e479b59a87e419fe
 
Red Hat Enterprise Linux Desktop (v. 7)

SRPMS:
thunderbird-45.6.0-1.el7_3.src.rpm
    MD5: 963cfce99ea3ac98fd2a98c80a3826a9SHA-256: 352819f0134288e21b552a5751013059f614ab11e7c0b77bfabc9bea235c7197
 
x86_64:
thunderbird-45.6.0-1.el7_3.x86_64.rpm
    MD5: 1e3685798a53d3f6167cc06877266993SHA-256: de87cff60eb02f74d112df9d828e253251427bbb8eccd2cd6a647ba14584e03c
thunderbird-debuginfo-45.6.0-1.el7_3.x86_64.rpm
    MD5: 09a333849b7ccbd7d6508bf8689e8c8aSHA-256: c0719271649e870a5c450874028979a88df09fa37b8db8682559f576d53f4f2c
 
Red Hat Enterprise Linux Server (v. 6)

SRPMS:
thunderbird-45.6.0-1.el6_8.src.rpm
    MD5: 4a77c1a0b421367402019d7626bc7305SHA-256: a4d9835494fec495cae62942382aff9ffe82d5fba14871f445aab27eab95ed1d
 
IA-32:
thunderbird-45.6.0-1.el6_8.i686.rpm
    MD5: fab810cf2b469d781b34db69650e328aSHA-256: d1ed8a469767e4e166370edb28b0514d3ce526439594216eecec4e6e1d81c3de
thunderbird-debuginfo-45.6.0-1.el6_8.i686.rpm
    MD5: 7c60cea9506e48bfbaf16849c2674a92SHA-256: 696d3e9c2cae850cb85cda53e6d919c03d7fad2d79a20b5fccc992b8f42079af
 
PPC:
thunderbird-45.6.0-1.el6_8.ppc64.rpm
    MD5: 7904a253600805eeb96c1802a8215530SHA-256: 2cca6bd8f40f367b1166a4d963471c777287b3b883aa0726a6ef56dcb5ab8cff
thunderbird-debuginfo-45.6.0-1.el6_8.ppc64.rpm
    MD5: 1ca9f9a02a0c15656a0ad5d0aed9e937SHA-256: 4d075f7ddf38c760f850fbf6da52d1e030754bc213af8d980efd9dc13b79bd64
 
s390x:
thunderbird-45.6.0-1.el6_8.s390x.rpm
    MD5: 9037a44964003453e2fa88c4593f319cSHA-256: 2e71a46739e518194a838b0e70e1b1dc8417812e5b4c5f3a8ffa20f49c48bd4b
thunderbird-debuginfo-45.6.0-1.el6_8.s390x.rpm
    MD5: fc062f6b2b05525d8a42e205d3d87ff1SHA-256: 4e4f8bcf83b273138b7e070f11f0c77ee1f35af2aeea992d329830fbf4af73f6
 
x86_64:
thunderbird-45.6.0-1.el6_8.x86_64.rpm
    MD5: 914340bb6a89b7cc1625b3c19ee4bb61SHA-256: 58452427e0ff21b4e3b809488ffee27ad7d1f29e5b547c1566d8a327f0165fdc
thunderbird-debuginfo-45.6.0-1.el6_8.x86_64.rpm
    MD5: 7612a226f77b5c199838569a9406b566SHA-256: 4ed1af2db9f0213c9da8d15007ca45c24fc7d3d309a81f57e479b59a87e419fe
 
Red Hat Enterprise Linux Server (v. 7)

SRPMS:
thunderbird-45.6.0-1.el7_3.src.rpm
    MD5: 963cfce99ea3ac98fd2a98c80a3826a9SHA-256: 352819f0134288e21b552a5751013059f614ab11e7c0b77bfabc9bea235c7197
 
PPC64LE:
thunderbird-45.6.0-1.el7_3.ppc64le.rpm
    MD5: d403f8e89199b333bb7d83e50c8058adSHA-256: 449ecb342e639ec31cb3412a36814be79e65c05c3e271e17d28a0febc96c6e2a
thunderbird-debuginfo-45.6.0-1.el7_3.ppc64le.rpm
    MD5: 15cd6718f169c78529b512b70bc5415eSHA-256: 8748d07bad822ac5ae315837985e27b228d0d2bd003b6187bc33186f883159b0
 
x86_64:
thunderbird-45.6.0-1.el7_3.x86_64.rpm
    MD5: 1e3685798a53d3f6167cc06877266993SHA-256: de87cff60eb02f74d112df9d828e253251427bbb8eccd2cd6a647ba14584e03c
thunderbird-debuginfo-45.6.0-1.el7_3.x86_64.rpm
    MD5: 09a333849b7ccbd7d6508bf8689e8c8aSHA-256: c0719271649e870a5c450874028979a88df09fa37b8db8682559f576d53f4f2c
 
Red Hat Enterprise Linux Server TUS (v. 7.3)

SRPMS:
thunderbird-45.6.0-1.el7_3.src.rpm
    MD5: 963cfce99ea3ac98fd2a98c80a3826a9SHA-256: 352819f0134288e21b552a5751013059f614ab11e7c0b77bfabc9bea235c7197
 
x86_64:
thunderbird-45.6.0-1.el7_3.x86_64.rpm
    MD5: 1e3685798a53d3f6167cc06877266993SHA-256: de87cff60eb02f74d112df9d828e253251427bbb8eccd2cd6a647ba14584e03c
thunderbird-debuginfo-45.6.0-1.el7_3.x86_64.rpm
    MD5: 09a333849b7ccbd7d6508bf8689e8c8aSHA-256: c0719271649e870a5c450874028979a88df09fa37b8db8682559f576d53f4f2c
 
Red Hat Enterprise Linux Workstation (v. 6)

SRPMS:
thunderbird-45.6.0-1.el6_8.src.rpm
    MD5: 4a77c1a0b421367402019d7626bc7305SHA-256: a4d9835494fec495cae62942382aff9ffe82d5fba14871f445aab27eab95ed1d
 
IA-32:
thunderbird-45.6.0-1.el6_8.i686.rpm
    MD5: fab810cf2b469d781b34db69650e328aSHA-256: d1ed8a469767e4e166370edb28b0514d3ce526439594216eecec4e6e1d81c3de
thunderbird-debuginfo-45.6.0-1.el6_8.i686.rpm
    MD5: 7c60cea9506e48bfbaf16849c2674a92SHA-256: 696d3e9c2cae850cb85cda53e6d919c03d7fad2d79a20b5fccc992b8f42079af
 
x86_64:
thunderbird-45.6.0-1.el6_8.x86_64.rpm
    MD5: 914340bb6a89b7cc1625b3c19ee4bb61SHA-256: 58452427e0ff21b4e3b809488ffee27ad7d1f29e5b547c1566d8a327f0165fdc
thunderbird-debuginfo-45.6.0-1.el6_8.x86_64.rpm
    MD5: 7612a226f77b5c199838569a9406b566SHA-256: 4ed1af2db9f0213c9da8d15007ca45c24fc7d3d309a81f57e479b59a87e419fe
 
Red Hat Enterprise Linux Workstation (v. 7)

SRPMS:
thunderbird-45.6.0-1.el7_3.src.rpm
    MD5: 963cfce99ea3ac98fd2a98c80a3826a9SHA-256: 352819f0134288e21b552a5751013059f614ab11e7c0b77bfabc9bea235c7197
 
x86_64:
thunderbird-45.6.0-1.el7_3.x86_64.rpm
    MD5: 1e3685798a53d3f6167cc06877266993SHA-256: de87cff60eb02f74d112df9d828e253251427bbb8eccd2cd6a647ba14584e03c
thunderbird-debuginfo-45.6.0-1.el7_3.x86_64.rpm
    MD5: 09a333849b7ccbd7d6508bf8689e8c8aSHA-256: c0719271649e870a5c450874028979a88df09fa37b8db8682559f576d53f4f2c
 
(The unlinked packages above are only available from the Red Hat Network)

1404083 – CVE-2016-9899 Mozilla: Use-after-free while manipulating DOM events and audio elements (MFSA 2016-94, MFSA 2016-95)1404086 – CVE-2016-9895 Mozilla: CSP bypass using marquee tag (MFSA 2016-94, MFSA 2016-95)1404090 – CVE-2016-9900 Mozilla: Restricted external resources can be loaded by SVG images through data URLs (MFSA 2016-94, MFSA 2016-95)1404094 – CVE-2016-9905 Mozilla: Crash in EnumerateSubDocuments (MFSA 2016-94, MFSA 2016-95)1404096 – CVE-2016-9893 Mozilla: Memory safety bugs fixed in Firefox 50.1 and Firefox ESR 45.6 (MFSA 2016-95)1404358 – CVE-2016-9901 Mozilla: Data from Pocket server improperly sanitized before execution (MFSA 2016-94, MFSA 2016-95)1404359 – CVE-2016-9902 Mozilla: Pocket extension does not validate the origin of events (MFSA 2016-94, MFSA 2016-95)

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:

Leave a Reply