Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Duplicate security issues in MFSA-2018-19 and MFSA-2018-18?

  • 1 reply
  • 1 has this problem
  • 1 view
  • Last reply by Matt

more options

The following CVEs are present in MFSA-2018-19 as fixed in Thunderbird 60, but also in MFSA-2018-18 as fixed in 52.9. There don't seem to be any versions in between 52.9 and 60. Were the fixes in 52.9 incomplete and require an update to 60 to mitigate, or were the entries in MFSA-2018-19 incorrect?

CVE-2018-12359 CVE-2018-12360 CVE-2018-12362 CVE-2018-12363 CVE-2018-12364 CVE-2018-12365 CVE-2018-12366 CVE-2018-12368 CVE-2018-5188

The following CVEs are present in MFSA-2018-19 as fixed in Thunderbird 60, but also in MFSA-2018-18 as fixed in 52.9. There don't seem to be any versions in between 52.9 and 60. Were the fixes in 52.9 incomplete and require an update to 60 to mitigate, or were the entries in MFSA-2018-19 incorrect? CVE-2018-12359 CVE-2018-12360 CVE-2018-12362 CVE-2018-12363 CVE-2018-12364 CVE-2018-12365 CVE-2018-12366 CVE-2018-12368 CVE-2018-5188

All Replies (1)

more options

Given the two versions are both supported at the moment, I would guess both channels will have been updated. That is usually what happens.

52 being an ESR release and 60 not being released for update till next week.