[slackware-security] mozilla-thunderbird

April 29, 2025 invoker category_cve

Vulnerability Details

Basic Information

Title [slackware-security] mozilla-thunderbird
Type slackware
Published 2025-04-29T21:43:15
Last Seen 2025-04-29T21:53:16
CVSS Score 8.8 (HIGH)

CVSS v3 Details

Attack Vector NETWORK
Attack Complexity LOW
Privileges Required LOW
User Interaction NONE
Scope UNCHANGED
Confidentiality Impact HIGH
Integrity Impact HIGH
Availability Impact HIGH

CVE Information

CVE IDs CVE-2025-2817, CVE-2025-4082, CVE-2025-4083, CVE-2025-4084, CVE-2025-4087, CVE-2025-4091, CVE-2025-4093
CWE
Bulletin Family unix

Description

New mozilla-thunderbird packages are available for Slackware 15.0 and -current
to fix security issues.

Here are the details from the Slackware 15.0 ChangeLog:

patches/packages/mozilla-thunderbird-128.10.0esr-i686-1_slack15.0.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/128.10.0esr/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2025-32/
https://vulners.com/cve/CVE-2025-2817
https://vulners.com/cve/CVE-2025-4082
https://vulners.com/cve/CVE-2025-4083
https://vulners.com/cve/CVE-2025-4084
https://vulners.com/cve/CVE-2025-4087
https://vulners.com/cve/CVE-2025-4091
https://vulners.com/cve/CVE-2025-4093
(* Security fix *)

Where to find the new packages:

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project! 🙂

Also see the “Get Slack” section on http://slackware.com for
additional mirror sites near you.

Updated package for Slackware 15.0:
ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/mozilla-thunderbird-128.10.0esr-i686-1_slack15.0.txz

Updated package for Slackware x86_64 15.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/mozilla-thunderbird-128.10.0esr-x86_64-1_slack15.0.txz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/mozilla-thunderbird-128.10.0esr-i686-1.txz

Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/xap/mozilla-thunderbird-128.10.0esr-x86_64-1.txz

MD5 signatures:

Slackware 15.0 package:
82b0a5f7a64060de01eee93e9c818c68 mozilla-thunderbird-128.10.0esr-i686-1_slack15.0.txz

Slackware x86_64 15.0 package:
c41421aa931d7c344cc51ae937744964 mozilla-thunderbird-128.10.0esr-x86_64-1_slack15.0.txz

Slackware -current package:
2624e4adfbedb7e76e33a2bb28736a35 xap/mozilla-thunderbird-128.10.0esr-i686-1.txz

Slackware x86_64 -current package:
ff94ab00487e31b61a68e072af113c05 xap/mozilla-thunderbird-128.10.0esr-x86_64-1.txz

Installation instructions:

Upgrade the package as root:
> upgradepkg mozilla-thunderbird-128.10.0esr-i686-1_slack15.0.txz

Impact Assessment

Base Score 8.8
Severity HIGH

View full CVE details

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.