Summary
The remote host is missing updates announced in
advisory GLSA 200605-09.
Solution
All Mozilla Thunderbird users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose
'>=mail-client/mozilla-thunderbird-1.0.8'
All Mozilla Thunderbird binary users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose
'>=mail-client/mozilla-thunderbird-bin-1.0.8'
Note: There is no stable fixed version for the ALPHA architecture yet.
Users of Mozilla Thunderbird on ALPHA should consider unmerging it until such a version is available.
http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200605-09 http://bugs.gentoo.org/show_bug.cgi?id=130888
http://www.mozilla.org/projects/security/known-vulnerabilities.html#Thunderbird
Insight
Several vulnerabilities in Mozilla Thunderbird allow attacks ranging from script execution with elevated privileges to information leaks.
Severity
Classification
-
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities