[openSUSE-SU-2017:3110-1] Security update for Mozilla Thunderbird
Severity
Moderate
Affected Packages
5
CVEs
3
Security update for Mozilla Thunderbird
This update for Mozilla Thunderbird fixes the following issues:
Security issues fixed in 52.5.0 ESR as advised in MFSA 2017-26 (boo#1068101):
- CVE-2017-7828: Use-after-free of PressShell while restyling layout
- CVE-2017-7830: Cross-origin URL information leak through Resource Timing API
- CVE-2017-7826: Memory safety bugs fixed in Firefox 57 and Firefox ESR 52.5
The following bug fixes and improvements are included:
- Better support for Charter/Spectrum IMAP
- No longer mark other messages as read in search folders spanning multiple base folders
- IMAP alerts have been corrected and now show the correct server name in case of connection problems
- POP alerts have been corrected and now indicate connection problems in case the configured POP server cannot be found
- ID
- openSUSE-SU-2017:3110-1
- Severity
- moderate
- Published
-
2017-11-27T18:50:59
(6 years ago) - Modified
-
2017-11-27T18:50:59
(6 years ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
- ASA-201711-23
- ASA-201711-43
- DSA-4035-1
- DSA-4061-1
- DSA-4075-1
- ELSA-2017-3247
- ELSA-2017-3372
- FREEBSD:F78EAC48-C3D1-4666-8DE5-63CEEA25A578
- GLSA-201803-14
- MFSA-2017-24
- MFSA-2017-25
- MFSA-2017-26
- openSUSE-SU-2017:3108-1
- RHSA-2017:3247
- RHSA-2017:3372
- SUSE-SU-2017:3213-1
- SUSE-SU-2017:3233-1
- USN-3477-1
- USN-3490-1
- USN-3688-1
Source | # ID | Name | URL |
---|---|---|---|
Suse | SUSE ratings | https://www.suse.com/support/security/rating/ | |
Suse | URL of this CSAF notice | https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2017_3110-1.json | |
Bugzilla | SUSE Bug 1068101 | https://bugzilla.suse.com/1068101 | |
CVE | SUSE CVE CVE-2017-7826 page | https://www.suse.com/security/cve/CVE-2017-7826/ | |
CVE | SUSE CVE CVE-2017-7828 page | https://www.suse.com/security/cve/CVE-2017-7828/ | |
CVE | SUSE CVE CVE-2017-7830 page | https://www.suse.com/security/cve/CVE-2017-7830/ |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/opensuse/MozillaThunderbird?arch=x86_64&distro=opensuse-12&repo=suse-package-hub | opensuse | MozillaThunderbird | < 52.5.0-48.1 | opensuse-12 | x86_64 | |
Affected | pkg:rpm/opensuse/MozillaThunderbird-translations-other?arch=x86_64&distro=opensuse-12&repo=suse-package-hub | opensuse | MozillaThunderbird-translations-other | < 52.5.0-48.1 | opensuse-12 | x86_64 | |
Affected | pkg:rpm/opensuse/MozillaThunderbird-translations-common?arch=x86_64&distro=opensuse-12&repo=suse-package-hub | opensuse | MozillaThunderbird-translations-common | < 52.5.0-48.1 | opensuse-12 | x86_64 | |
Affected | pkg:rpm/opensuse/MozillaThunderbird-devel?arch=x86_64&distro=opensuse-12&repo=suse-package-hub | opensuse | MozillaThunderbird-devel | < 52.5.0-48.1 | opensuse-12 | x86_64 | |
Affected | pkg:rpm/opensuse/MozillaThunderbird-buildsymbols?arch=x86_64&distro=opensuse-12&repo=suse-package-hub | opensuse | MozillaThunderbird-buildsymbols | < 52.5.0-48.1 | opensuse-12 | x86_64 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |