Release date:
2026-07-09 12:56:51 UTC
Description:
- CVE-2026-2759: out-of-bounds read in AVIF ByteStream reader; validate
offset/size via CheckedInt before pointer arithmetic and swap
the sign-mismatched >= for > in GetContiguousAccess (Bug 2010933,
upstream facd3303abe7)
- CVE-2026-2778: out-of-bounds heap read in StructuredCloneBlob IPC
deserialization; route BlobImpls copy through Span::Subspan so the
bounds check triggers a hard abort instead of leaking parent-process
memory (Bug 2016358, upstream 1479f78b642c)
- CVE-2026-4689: integer overflow / sandbox escape in SlicedInputStream
IPC deserialization; validate start+length via CheckedUint64 and
reject when curPos exceeds the computed end (Bug 2016374, upstream
14db1934383f)
Updated packages:
-
thunderbird-115.4.1-1.el9_2.alma.tuxcare.els19.x86_64.rpm
sha:46c9578b953bef480ddaeadf97c7ff463e23564de22da231e28107ba75904408
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.