Duplicate security issues in MFSA-2018-19 and MFSA-2018-18?
The following CVEs are present in MFSA-2018-19 as fixed in Thunderbird 60, but also in MFSA-2018-18 as fixed in 52.9. There don't seem to be any versions in between 52.9 and 60. Were the fixes in 52.9 incomplete and require an update to 60 to mitigate, or were the entries in MFSA-2018-19 incorrect?
CVE-2018-12359 CVE-2018-12360 CVE-2018-12362 CVE-2018-12363 CVE-2018-12364 CVE-2018-12365 CVE-2018-12366 CVE-2018-12368 CVE-2018-5188
The following CVEs are present in MFSA-2018-19 as fixed in Thunderbird 60, but also in MFSA-2018-18 as fixed in 52.9. There don't seem to be any versions in between 52.9 and 60. Were the fixes in 52.9 incomplete and require an update to 60 to mitigate, or were the entries in MFSA-2018-19 incorrect?
CVE-2018-12359
CVE-2018-12360
CVE-2018-12362
CVE-2018-12363
CVE-2018-12364
CVE-2018-12365
CVE-2018-12366
CVE-2018-12368
CVE-2018-5188
All Replies (1)
Given the two versions are both supported at the moment, I would guess both channels will have been updated. That is usually what happens.
52 being an ESR release and 60 not being released for update till next week.