Synopsis - Critical: thunderbird security update Type/Severity - Security Advisory: Critical Topic - An updated thunderbird package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6. Description - Several flaws were found in the processing of malformed content. Malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. - Content containing a malicious Scalable Vector Graphics (SVG) image file could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. Solution - Before applying this update, ensure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network: https://access.redhat.com/knowledge/articles/11258 Affected Products - Red Hat Enterprise Linux Server 6 x86_64 - Red Hat Enterprise Linux Server 6 i386 - Red Hat Enterprise Linux Server 5 x86_64 - Red Hat Enterprise Linux Server 5 i386 - Other affected products are listed in the "Affected Products" section. Fixes - BZ - 851909-Mozilla - CVE-2012-1970 - BZ - 851910 - Mozilla - MFSA 2012-58 - Other fixes are listed under "Fixes." CVEs - CVE-2012-3978 - CVE-2012-3972 - Other CVEs are listed under "CVEs." References - https://access.redhat.com/security/updates/classification/#critical