Ubuntu Security Notice 958-1 – Several flaws were discovered in the browser engine of Thunderbird. An integer overflow was discovered in how Thunderbird processed CSS values. An integer overflow was discovered in how Thunderbird interpreted the XUL element. Aki Helin discovered that libpng did not properly handle certain malformed PNG images. Yosuke Hasegawa discovered that the same-origin check in Thunderbird could be bypassed by utilizing the importScripts Web Worker method. Chris Evans discovered that Thunderbird did not properly process improper CSS selectors. Soroush Dalili discovered that Thunderbird did not properly handle script error output.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/92156/USN-958-1.txt
Source: https://packetstormsecurity.com/files/92156/Ubuntu-Security-Notice-958-1.html