Note to readers

This publication does not currently meet the Government of Canada's Web Standards. The information remains valid.

Mozilla ThunderBird security update

Number: AV16-210
Date: 29 December 2016

Purpose

The purpose of this advisory is to raise awareness of multiple vulnerabilities in Mozilla ThunderBird for which an upgrade his now available.

Assessment

Mozilla released a security update to address multiple vulnerabilities in ThunderBird. The severity of these issues ranges from high to critical.

Version affected:
ThunderBird version prior to 45.6

CVE References:
Critical: CVE-2016-9893, CVE-2016-9899
High: CVE-2016-9895, CVE-2016-9897, CVE-2016-9898, CVE-2016-9900, CVE-2016-9904, CVE-2016-9905

Suggested action

CCIRC recommends that system administrators test and deploy the vendor-released updates to affected applications accordingly.

References

https://www.mozilla.org/en-US/security/advisories/mfsa2016-96/

Date modified: