USN-1758-2: Thunderbird vulnerability
Ubuntu Security Notice USN-1758-2
12th March, 2013
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.10
- Ubuntu 12.04 LTS
- Ubuntu 11.10
- Ubuntu 10.04 LTS
Thunderbird could be made to crash or run programs as your login.
- thunderbird - Mozilla Open Source mail and newsgroup client
USN-1758-1 fixed vulnerabilities in Firefox. This update provides the
corresponding update for Thunderbird.
Original advisory details:
It was discovered that Firefox contained a memory safety issue. If a user
were tricked into opening a specially crafted page with the HTML editor, a
remote attacker could exploit this to execute arbitrary code with the
privileges of the user invoking the program.
The problem can be corrected by updating your system to the following package version:
- Ubuntu 12.10:
- thunderbird 17.0.4+build1-0ubuntu0.12.10.1
- Ubuntu 12.04 LTS:
- thunderbird 17.0.4+build1-0ubuntu0.12.04.1
- Ubuntu 11.10:
- thunderbird 17.0.4+build1-0ubuntu0.11.10.1
- Ubuntu 10.04 LTS:
- thunderbird 17.0.4+build1-0ubuntu0.10.04.1
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
After a standard system update you need to restart Thunderbird to make all
the necessary changes.