[Bug 416646] Re: 18.104.22.168 is available
hito at kugutsu.org
Wed Aug 26 09:33:16 UTC 2009
USN-817-1 is really so?
| Several flaws were discovered in the rendering engine of Thunderbird.
This description seems 2.0.22's, but USN-817-1 points 2.0.23's.
(Thunderbird 2.0.22 is USN-782-1)
so our fix are CVE-2009-2408/MFSA2009-42.
maybe, valid details are below.: (from mitre.org)
| Thunderbird did not properly handle a NULL character in a domain name in the subject's
| Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers
| to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate
| Certification Authority.
** CVE added: http://www.cve.mitre.org/cgi-
22.214.171.124 is available
You received this bug notification because you are a member of Mozilla
Bugs, which is subscribed to thunderbird in ubuntu.
More information about the Ubuntu-mozillateam-bugs