Important Notice: We're experiencing email notification issues. If you've posted a question in the community forums recently, please check your profile manually for responses while we're working to fix this.

On Monday the 3rd of March, around 5pm UTC (9am PT) users may experience a brief period of downtime while one of our underlying services is under maintenance.

Avatar for Username

Sykje yn Support

Mij stipescams. Wy sille jo nea freegje in telefoannûmer te beljen, der in sms nei ta te stjoeren of persoanlike gegevens te dielen. Meld fertochte aktiviteit mei de opsje ‘Misbrûk melde’.

Mear ynfo

Dizze konversaasje is argivearre. Stel in nije fraach as jo help nedich hawwe.

Duplicate security issues in MFSA-2018-19 and MFSA-2018-18?

  • 1 antwurd
  • 1 hat dit probleem
  • 1 werjefte
  • Lêste antwurd fan Matt

ebull
ebull
more options

The following CVEs are present in MFSA-2018-19 as fixed in Thunderbird 60, but also in MFSA-2018-18 as fixed in 52.9. There don't seem to be any versions in between 52.9 and 60. Were the fixes in 52.9 incomplete and require an update to 60 to mitigate, or were the entries in MFSA-2018-19 incorrect?

CVE-2018-12359 CVE-2018-12360 CVE-2018-12362 CVE-2018-12363 CVE-2018-12364 CVE-2018-12365 CVE-2018-12366 CVE-2018-12368 CVE-2018-5188

The following CVEs are present in MFSA-2018-19 as fixed in Thunderbird 60, but also in MFSA-2018-18 as fixed in 52.9. There don't seem to be any versions in between 52.9 and 60. Were the fixes in 52.9 incomplete and require an update to 60 to mitigate, or were the entries in MFSA-2018-19 incorrect? CVE-2018-12359 CVE-2018-12360 CVE-2018-12362 CVE-2018-12363 CVE-2018-12364 CVE-2018-12365 CVE-2018-12366 CVE-2018-12368 CVE-2018-5188

Alle antwurden (1)

Matt
Matt
  • Moderator
  • Top 10 Contributor
more options

Given the two versions are both supported at the moment, I would guess both channels will have been updated. That is usually what happens.

52 being an ESR release and 60 not being released for update till next week.