Home / vulnerabilitiesPDF  

MDVSA-2008-155-1.txt

Posted on 28 July 2008
Source : packetstormsecurity.org Link

 


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2008:155-1
http://www.mandriva.com/security/
_______________________________________________________________________

Package : mozilla-thunderbird
Date : July 27, 2008
Affected: 2008.0, 2008.1
_______________________________________________________________________

Problem Description:

A number of security vulnerabilities have been discovered and
corrected in the latest Mozilla Thunderbird program, version 2.0.0.16
(CVE-2008-1233, CVE-2008-1234, CVE-2008-1235, CVE-2008-1236,
CVE-2008-1237, CVE-2008-2785, CVE-2008-2798, CVE-2008-2799,
CVE-2008-2802, CVE-2008-2803, CVE-2008-2807, CVE-2008-2809,
CVE-2008-2811).

This update provides the latest Thunderbird to correct these issues.
It also provides Thunderbird 2.x for Corporate 3.0 systems.

Update:

The previous update provided the incorrect version of the enigmail
locale files. This version correctly builds them for Thunderbird
2.0.0.16.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1233
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1234
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1235
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1236
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1237
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2785
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2798
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2799
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2802
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2803
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2807
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2809
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2811
http://www.mozilla.org/security/announce/2008/mfsa2008-14.html
http://www.mozilla.org/security/announce/2008/mfsa2008-15.html
http://www.mozilla.org/security/announce/2008/mfsa2008-21.html
http://www.mozilla.org/security/announce/2008/mfsa2008-24.html
http://www.mozilla.org/security/announce/2008/mfsa2008-25.html
http://www.mozilla.org/security/announce/2008/mfsa2008-26.html
http://www.mozilla.org/security/announce/2008/mfsa2008-29.html
http://www.mozilla.org/security/announce/2008/mfsa2008-31.html
http://www.mozilla.org/security/announce/2008/mfsa2008-33.html
http://www.mozilla.org/security/announce/2008/mfsa2008-34.html
_______________________________________________________________________

Updated Packages:

Mandriva Linux 2008.0:
9b079aaab7972ae365fbd4c3b97d482d 2008.0/i586/mozilla-thunderbird-enigmail-ar-2.0.0.16-1mdv2008.0.i586.rpm
99128dfcc40c1b3dfb586ccc310ee6f8 2008.0/i586/mozilla-thunderbird-enigmail-ca-2.0.0.16-1mdv2008.0.i586.rpm
28c70fc0c4042c76b9d68dfb701d7b55 2008.0/i586/mozilla-thunderbird-enigmail-cs-2.0.0.16-1mdv2008.0.i586.rpm
eff1fc27e4b70ea78687d4ac45ab084f 2008.0/i586/mozilla-thunderbird-enigmail-de-2.0.0.16-1mdv2008.0.i586.rpm
917d22cbad9f7b30a289e621e0ffe1c3 2008.0/i586/mozilla-thunderbird-enigmail-el-2.0.0.16-1mdv2008.0.i586.rpm
bd564d29f3bf9caf55be3838db3a7b91 2008.0/i586/mozilla-thunderbird-enigmail-es-2.0.0.16-1mdv2008.0.i586.rpm
e4893c48d9a7fd6a3154a8d11d65b233 2008.0/i586/mozilla-thunderbird-enigmail-es_AR-2.0.0.16-1mdv2008.0.i586.rpm
44678fd3b88d9f9947b1307008df26d7 2008.0/i586/mozilla-thunderbird-enigmail-fi-2.0.0.16-1mdv2008.0.i586.rpm
2f8f15dbbd0ff3891a93f58967de846e 2008.0/i586/mozilla-thunderbird-enigmail-fr-2.0.0.16-1mdv2008.0.i586.rpm
0c2dd8ffaf6c3713d8ad807bcd2c3ac4 2008.0/i586/mozilla-thunderbird-enigmail-hu-2.0.0.16-1mdv2008.0.i586.rpm
cae48d26eac5a12471d808328ab5207e 2008.0/i586/mozilla-thunderbird-enigmail-it-2.0.0.16-1mdv2008.0.i586.rpm
6f150b8c30856669374be70ce6250576 2008.0/i586/mozilla-thunderbird-enigmail-ja-2.0.0.16-1mdv2008.0.i586.rpm
7b4a97e139ff84f99d01315a4db5c902 2008.0/i586/mozilla-thunderbird-enigmail-ko-2.0.0.16-1mdv2008.0.i586.rpm
eb10016213cfcc76837c3b3a781c6e54 2008.0/i586/mozilla-thunderbird-enigmail-nb-2.0.0.16-1mdv2008.0.i586.rpm
afc68cd7975a95b34d360b53d3f177c3 2008.0/i586/mozilla-thunderbird-enigmail-nl-2.0.0.16-1mdv2008.0.i586.rpm
8a17a11dbe4ed02f5f360545ece83e9e 2008.0/i586/mozilla-thunderbird-enigmail-pl-2.0.0.16-1mdv2008.0.i586.rpm
5ac47a7949b9e680ab5e8cbb6d713c3a 2008.0/i586/mozilla-thunderbird-enigmail-pt-2.0.0.16-1mdv2008.0.i586.rpm
15ee426650afed7b0fcd5a600b13955b 2008.0/i586/mozilla-thunderbird-enigmail-pt_BR-2.0.0.16-1mdv2008.0.i586.rpm
a76ca0a3c52025165d339dc10287cebc 2008.0/i586/mozilla-thunderbird-enigmail-ro-2.0.0.16-1mdv2008.0.i586.rpm
9e533b0e5cffe3091e73ff7c27e95161 2008.0/i586/mozilla-thunderbird-enigmail-ru-2.0.0.16-1mdv2008.0.i586.rpm
28d43d6a2374d0a214ca2d80343cd704 2008.0/i586/mozilla-thunderbird-enigmail-sk-2.0.0.16-1mdv2008.0.i586.rpm
ebb287a66ef1dac3556bcde2724ce718 2008.0/i586/mozilla-thunderbird-enigmail-sl-2.0.0.16-1mdv2008.0.i586.rpm
99b0cdd29ef8814614b643f804b16044 2008.0/i586/mozilla-thunderbird-enigmail-sv-2.0.0.16-1mdv2008.0.i586.rpm
d9f7791aa51014a909476383830473a3 2008.0/i586/mozilla-thunderbird-enigmail-tr-2.0.0.16-1mdv2008.0.i586.rpm
d209aacc3aaef9e2dc0650083e5fdc5c 2008.0/i586/mozilla-thunderbird-enigmail-zh_CN-2.0.0.16-1mdv2008.0.i586.rpm
91959bab04537cc4b28b07d57090b54f 2008.0/i586/mozilla-thunderbird-enigmail-zh_TW-2.0.0.16-1mdv2008.0.i586.rpm
59a1896fe2aae393cc389058967d51fc 2008.0/SRPMS/mozilla-thunderbird-enigmail-l10n-2.0.0.16-1mdv2008.0.src.rpm

Mandriva Linux 2008.0/X86_64:
85fe2f8cffc914d4c476364f9c1154aa 2008.0/x86_64/mozilla-thunderbird-enigmail-ar-2.0.0.16-1mdv2008.0.x86_64.rpm
a0cc36f7307aab48e9d207bf697b7b48 2008.0/x86_64/mozilla-thunderbird-enigmail-ca-2.0.0.16-1mdv2008.0.x86_64.rpm
c0961b595c5fe5c7f833fbf643322fbd 2008.0/x86_64/mozilla-thunderbird-enigmail-cs-2.0.0.16-1mdv2008.0.x86_64.rpm
a3ddb4a14442c59ef03a8fcb914c647a 2008.0/x86_64/mozilla-thunderbird-enigmail-de-2.0.0.16-1mdv2008.0.x86_64.rpm
40a8b09b0fea07492028b4eb23feefc6 2008.0/x86_64/mozilla-thunderbird-enigmail-el-2.0.0.16-1mdv2008.0.x86_64.rpm
122982cb5218f389f6a8bc46d3dd0bed 2008.0/x86_64/mozilla-thunderbird-enigmail-es-2.0.0.16-1mdv2008.0.x86_64.rpm
c3ddd3e41fc46ca9f0c48aa63fb05418 2008.0/x86_64/mozilla-thunderbird-enigmail-es_AR-2.0.0.16-1mdv2008.0.x86_64.rpm
b25a12bde840b3421aa9cfc301bb16c2 2008.0/x86_64/mozilla-thunderbird-enigmail-fi-2.0.0.16-1mdv2008.0.x86_64.rpm
d6f71835be1910783fe461d4212b283e 2008.0/x86_64/mozilla-thunderbird-enigmail-fr-2.0.0.16-1mdv2008.0.x86_64.rpm
28cd85cd3540611b990d23dc931d227a 2008.0/x86_64/mozilla-thunderbird-enigmail-hu-2.0.0.16-1mdv2008.0.x86_64.rpm
3ab40b1c903d04017e2b483f6161ea0a 2008.0/x86_64/mozilla-thunderbird-enigmail-it-2.0.0.16-1mdv2008.0.x86_64.rpm
a508d6bc8aabbc5f9119cc76a03ad3b8 2008.0/x86_64/mozilla-thunderbird-enigmail-ja-2.0.0.16-1mdv2008.0.x86_64.rpm
1a579a83e32bc41e580c02ca63e39604 2008.0/x86_64/mozilla-thunderbird-enigmail-ko-2.0.0.16-1mdv2008.0.x86_64.rpm
bbf505d2a5764c3d51c7f70f216af449 2008.0/x86_64/mozilla-thunderbird-enigmail-nb-2.0.0.16-1mdv2008.0.x86_64.rpm
651334095f18aa92a6d763e874d418f9 2008.0/x86_64/mozilla-thunderbird-enigmail-nl-2.0.0.16-1mdv2008.0.x86_64.rpm
e6157d7b0db9eb438d481d4936ae4136 2008.0/x86_64/mozilla-thunderbird-enigmail-pl-2.0.0.16-1mdv2008.0.x86_64.rpm
f51f2da86e98483222be173e9f652a05 2008.0/x86_64/mozilla-thunderbird-enigmail-pt-2.0.0.16-1mdv2008.0.x86_64.rpm
03a4b461a50066c7a3d4ee489520bd16 2008.0/x86_64/mozilla-thunderbird-enigmail-pt_BR-2.0.0.16-1mdv2008.0.x86_64.rpm
fef233be8be29baee64d93a3a3ac151f 2008.0/x86_64/mozilla-thunderbird-enigmail-ro-2.0.0.16-1mdv2008.0.x86_64.rpm
138ffb53f1db70436930e0d3edfdaebb 2008.0/x86_64/mozilla-thunderbird-enigmail-ru-2.0.0.16-1mdv2008.0.x86_64.rpm
fd690f90b6ac6e9ed140fc27df44e62d 2008.0/x86_64/mozilla-thunderbird-enigmail-sk-2.0.0.16-1mdv2008.0.x86_64.rpm
cc554728aae81b90914e54fb7a62f3f0 2008.0/x86_64/mozilla-thunderbird-enigmail-sl-2.0.0.16-1mdv2008.0.x86_64.rpm
46863abedc5c3b03ff300ead0b121021 2008.0/x86_64/mozilla-thunderbird-enigmail-sv-2.0.0.16-1mdv2008.0.x86_64.rpm
794e549bd36194abef17a9eef269152e 2008.0/x86_64/mozilla-thunderbird-enigmail-tr-2.0.0.16-1mdv2008.0.x86_64.rpm
1142a44377ae9e2ef4bf13514786b5a2 2008.0/x86_64/mozilla-thunderbird-enigmail-zh_CN-2.0.0.16-1mdv2008.0.x86_64.rpm
33839b0ca0e0def41bb801342940a61e 2008.0/x86_64/mozilla-thunderbird-enigmail-zh_TW-2.0.0.16-1mdv2008.0.x86_64.rpm
59a1896fe2aae393cc389058967d51fc 2008.0/SRPMS/mozilla-thunderbird-enigmail-l10n-2.0.0.16-1mdv2008.0.src.rpm

Mandriva Linux 2008.1:
f6cf2ac34e0bff07f30e27450f1e858c 2008.1/i586/mozilla-thunderbird-enigmail-ar-2.0.0.16-1mdv2008.1.i586.rpm
ed24ed7ab605eb97c1e164071c5e0372 2008.1/i586/mozilla-thunderbird-enigmail-ca-2.0.0.16-1mdv2008.1.i586.rpm
b63770f6914513b17ed5b4d652bc3103 2008.1/i586/mozilla-thunderbird-enigmail-cs-2.0.0.16-1mdv2008.1.i586.rpm
9691615659ca64991ac5e6af350880ad 2008.1/i586/mozilla-thunderbird-enigmail-de-2.0.0.16-1mdv2008.1.i586.rpm
7511fd992f624b2511ac685f2ee07a6b 2008.1/i586/mozilla-thunderbird-enigmail-el-2.0.0.16-1mdv2008.1.i586.rpm
4ea8e7705bc3c18a267588c8130fa29c 2008.1/i586/mozilla-thunderbird-enigmail-es-2.0.0.16-1mdv2008.1.i586.rpm
100444753100ab77cc01e3ecc5067e27 2008.1/i586/mozilla-thunderbird-enigmail-es_AR-2.0.0.16-1mdv2008.1.i586.rpm
23b865f16b112c04b07595bb93c6e6c4 2008.1/i586/mozilla-thunderbird-enigmail-fi-2.0.0.16-1mdv2008.1.i586.rpm
9c798a90124db103f996a1bdab4d66a8 2008.1/i586/mozilla-thunderbird-enigmail-fr-2.0.0.16-1mdv2008.1.i586.rpm
969f11d844c5e1eeeeadd2859d3dac5c 2008.1/i586/mozilla-thunderbird-enigmail-hu-2.0.0.16-1mdv2008.1.i586.rpm
a31b7bfdca64777e5bf270a6d53b6e8f 2008.1/i586/mozilla-thunderbird-enigmail-it-2.0.0.16-1mdv2008.1.i586.rpm
0f9865fc519d626c509908ecfd2b3c9a 2008.1/i586/mozilla-thunderbird-enigmail-ja-2.0.0.16-1mdv2008.1.i586.rpm
c0699066b63f70069175d7d1f7fda0d6 2008.1/i586/mozilla-thunderbird-enigmail-ko-2.0.0.16-1mdv2008.1.i586.rpm
9fd23299dd66e902e1c27c6824690a90 2008.1/i586/mozilla-thunderbird-enigmail-nb-2.0.0.16-1mdv2008.1.i586.rpm
157ecaabda89ad40c2cf6910a9efefd2 2008.1/i586/mozilla-thunderbird-enigmail-nl-2.0.0.16-1mdv2008.1.i586.rpm
b9a54b1898af2f8747bf50be583042ff 2008.1/i586/mozilla-thunderbird-enigmail-pl-2.0.0.16-1mdv2008.1.i586.rpm
591f4770d42aab8db431fec22a31d7ff 2008.1/i586/mozilla-thunderbird-enigmail-pt-2.0.0.16-1mdv2008.1.i586.rpm
6b46b0216f379ee42a252661fd09e34d 2008.1/i586/mozilla-thunderbird-enigmail-pt_BR-2.0.0.16-1mdv2008.1.i586.rpm
e62766e42886225c9a149700de7c4655 2008.1/i586/mozilla-thunderbird-enigmail-ro-2.0.0.16-1mdv2008.1.i586.rpm
00c6395fc3fcff185a096cc5660a3172 2008.1/i586/mozilla-thunderbird-enigmail-ru-2.0.0.16-1mdv2008.1.i586.rpm
10a1729957bd7e2df5ea4d22cad866df 2008.1/i586/mozilla-thunderbird-enigmail-sk-2.0.0.16-1mdv2008.1.i586.rpm
791edb744c0f597d34a324c9317c0836 2008.1/i586/mozilla-thunderbird-enigmail-sl-2.0.0.16-1mdv2008.1.i586.rpm
ba94130af0841d4f74691d6a5751e804 2008.1/i586/mozilla-thunderbird-enigmail-sv-2.0.0.16-1mdv2008.1.i586.rpm
c6f4ac427fb06564610158b3315d7313 2008.1/i586/mozilla-thunderbird-enigmail-tr-2.0.0.16-1mdv2008.1.i586.rpm
874ccb15ebc89f64a965ea56dd8e04c3 2008.1/i586/mozilla-thunderbird-enigmail-zh_CN-2.0.0.16-1mdv2008.1.i586.rpm
cd3e14d0b33818ed51ea9aa862f9f749 2008.1/i586/mozilla-thunderbird-enigmail-zh_TW-2.0.0.16-1mdv2008.1.i586.rpm
c56b94b1d6b3fa44da39d96a4d3bca4d 2008.1/SRPMS/mozilla-thunderbird-enigmail-l10n-2.0.0.16-1mdv2008.1.src.rpm

Mandriva Linux 2008.1/X86_64:
688b67d73c4496c57f703102a2d5fca9 2008.1/x86_64/mozilla-thunderbird-enigmail-ar-2.0.0.16-1mdv2008.1.x86_64.rpm
511f3af7a7017fed3fba374fb8ddafd6 2008.1/x86_64/mozilla-thunderbird-enigmail-ca-2.0.0.16-1mdv2008.1.x86_64.rpm
22b02c7508c03276214a3d01e08c049e 2008.1/x86_64/mozilla-thunderbird-enigmail-cs-2.0.0.16-1mdv2008.1.x86_64.rpm
e239f36377b2411786d215c67ce5b021 2008.1/x86_64/mozilla-thunderbird-enigmail-de-2.0.0.16-1mdv2008.1.x86_64.rpm
598e67c1fdb69ee05dd0334dd2abb7a5 2008.1/x86_64/mozilla-thunderbird-enigmail-el-2.0.0.16-1mdv2008.1.x86_64.rpm
bf1597eb79e01f2a2bb76ae093149ca0 2008.1/x86_64/mozilla-thunderbird-enigmail-es-2.0.0.16-1mdv2008.1.x86_64.rpm
8d55ca0ee7169d9fd3a37bc58d8a67dd 2008.1/x86_64/mozilla-thunderbird-enigmail-es_AR-2.0.0.16-1mdv2008.1.x86_64.rpm
87d104e54d9dc3fd15e9511e1a43fcba 2008.1/x86_64/mozilla-thunderbird-enigmail-fi-2.0.0.16-1mdv2008.1.x86_64.rpm
d3d043ad79856eef9a250b480220cfe0 2008.1/x86_64/mozilla-thunderbird-enigmail-fr-2.0.0.16-1mdv2008.1.x86_64.rpm
d2604bdef5e189a7fdcfa78e5fb6c535 2008.1/x86_64/mozilla-thunderbird-enigmail-hu-2.0.0.16-1mdv2008.1.x86_64.rpm
8c12a6e985b9d06f7e04156bc6057de7 2008.1/x86_64/mozilla-thunderbird-enigmail-it-2.0.0.16-1mdv2008.1.x86_64.rpm
cad4b5ebc03a39c59c0d624905f35947 2008.1/x86_64/mozilla-thunderbird-enigmail-ja-2.0.0.16-1mdv2008.1.x86_64.rpm
5f0613001cc56c744d0ef58bf65c93dc 2008.1/x86_64/mozilla-thunderbird-enigmail-ko-2.0.0.16-1mdv2008.1.x86_64.rpm
5da93c69acee1ad9b74b763160c9bfe2 2008.1/x86_64/mozilla-thunderbird-enigmail-nb-2.0.0.16-1mdv2008.1.x86_64.rpm
7e0ce771ed2632d7ca4b465eecb949e5 2008.1/x86_64/mozilla-thunderbird-enigmail-nl-2.0.0.16-1mdv2008.1.x86_64.rpm
6600edbd2c214e823e31d14ea2e6b7b3 2008.1/x86_64/mozilla-thunderbird-enigmail-pl-2.0.0.16-1mdv2008.1.x86_64.rpm
297827a568ea42ed4f17faba1c65b4ec 2008.1/x86_64/mozilla-thunderbird-enigmail-pt-2.0.0.16-1mdv2008.1.x86_64.rpm
9710316057ab1b4275b9d7bb8f14bcc9 2008.1/x86_64/mozilla-thunderbird-enigmail-pt_BR-2.0.0.16-1mdv2008.1.x86_64.rpm
545613d01d7adb14eceab355fb795d34 2008.1/x86_64/mozilla-thunderbird-enigmail-ro-2.0.0.16-1mdv2008.1.x86_64.rpm
6fc439fac98e58e10c291bfdac9d9a8d 2008.1/x86_64/mozilla-thunderbird-enigmail-ru-2.0.0.16-1mdv2008.1.x86_64.rpm
a3e34394ad5ec48ef2ea9c36367fb3c6 2008.1/x86_64/mozilla-thunderbird-enigmail-sk-2.0.0.16-1mdv2008.1.x86_64.rpm
1a503519fb58dbfae6e1ef1cb36c124e 2008.1/x86_64/mozilla-thunderbird-enigmail-sl-2.0.0.16-1mdv2008.1.x86_64.rpm
3310d4acb08e30d01571b296295f3494 2008.1/x86_64/mozilla-thunderbird-enigmail-sv-2.0.0.16-1mdv2008.1.x86_64.rpm
0555de39aef1d7aec5ae62724afaff79 2008.1/x86_64/mozilla-thunderbird-enigmail-tr-2.0.0.16-1mdv2008.1.x86_64.rpm
c58fa13ff6f4098d75a923c9661e24a0 2008.1/x86_64/mozilla-thunderbird-enigmail-zh_CN-2.0.0.16-1mdv2008.1.x86_64.rpm
e03fad72bb53630b78627594dbb30e47 2008.1/x86_64/mozilla-thunderbird-enigmail-zh_TW-2.0.0.16-1mdv2008.1.x86_64.rpm
c56b94b1d6b3fa44da39d96a4d3bca4d 2008.1/SRPMS/mozilla-thunderbird-enigmail-l10n-2.0.0.16-1mdv2008.1.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFIjJaXmqjQ0CJFipgRAgrwAJwO2wRPkObPXc7KxYup6oApV38EugCfXNOv
Nxvy6qkeXUkpYIiA4kAIraQ=
=79pY
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

 

TOP