Description
Multiple vulnerabilies have been fixed in thunderbird.
* JavaScript Execution via RSS in mailbox:// origin (CVE-2017-7846).
* Local path string can be leaked from RSS feed (CVE-2017-7847).
* RSS Feed vulnerable to new line Injection (CVE-2017-7848).
* Mailsploit From address with encoded null character is cut off in
message header display (CVE-2017-7829).
Multiple vulnerabilies have been fixed in the bundled enigmail package.
* An issue was discovered that allows remote attackers to trigger use of
an intended public key for encryption, because incorrect regular
expressions are used for extraction of an e-mail address from a
comma-separated list (CVE-2017-17843).
* A remote attacker can obtain cleartext content by sending an encrypted
data block to a victim, and relying on the victim to automatically
decrypt that block and then send it back to the attacker as quoted text
(CVE-2017-17844).
* An issue was discovered where Improper Random Secret Generation occurs
because Math.Random() is used by pretty Easy privacy (pEp)
(CVE-2017-17845).
* An issue was discovered where regular expressions are exploitable for
Denial of Service, because of attempts to match arbitrarily long strings
(CVE-2017-17846).
* An issue was discovered that signature spoofing is possible because
the UI does not properly distinguish between an attachment signature,
and a signature that applies to the entire containing message
(CVE-2017-17847).
* In a variant of CVE-2017-17847, signature spoofing is possible for
multipart/related messages because a signed message part can be
referenced with a cid: URI but not actually displayed (CVE-2017-17848)