ALT-BU-2020-4176-1
Branch sisyphus update bulletin.
Package thunderbird updated to version 78.5.1-alt1 for branch sisyphus in task 262794.
Closed vulnerabilities
Modified: 2024-09-16
BDU:2021-01785
Уязвимость почтового клиента Thunderbird, связанная с записью за границами буфера в памяти, позволяющая нарушителю выполнить произвольный код
Modified: 2024-11-21
CVE-2020-26970
When reading SMTP server status codes, Thunderbird writes an integer value to a position on the stack that is intended to contain just one byte. Depending on processor architecture and stack layout, this leads to stack corruption that may be exploitable. This vulnerability affects Thunderbird < 78.5.1.
Closed vulnerabilities
Modified: 2025-01-29
BDU:2023-02341
Уязвимость реализации сценариев api_jsonrpc.php и index.php универсальной системы мониторинга Zabbix, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
Modified: 2024-11-21
CVE-2019-15132
Zabbix through 4.4.0alpha1 allows User Enumeration. With login requests, it is possible to enumerate application usernames based on the variability of server responses (e.g., the "Login name or password is incorrect" and "No permissions for system access" messages, or just blocking for a number of seconds). This affects both api_jsonrpc.php and index.php.
- https://lists.debian.org/debian-lts-announce/2021/04/msg00018.html
- https://lists.debian.org/debian-lts-announce/2023/04/msg00013.html
- https://support.zabbix.com/browse/ZBX-16532
- https://lists.debian.org/debian-lts-announce/2021/04/msg00018.html
- https://lists.debian.org/debian-lts-announce/2023/04/msg00013.html
- https://support.zabbix.com/browse/ZBX-16532
Closed bugs
обновить конфигурацию доступа для httpd-2.4