[openSUSE-SU-2017:3110-1] Security update for Mozilla Thunderbird
Severity
Moderate
Affected Packages
5
CVEs
3
Security update for Mozilla Thunderbird
This update for Mozilla Thunderbird fixes the following issues:
Security issues fixed in 52.5.0 ESR as advised in MFSA 2017-26 (boo#1068101):
- CVE-2017-7828: Use-after-free of PressShell while restyling layout
- CVE-2017-7830: Cross-origin URL information leak through Resource Timing API
- CVE-2017-7826: Memory safety bugs fixed in Firefox 57 and Firefox ESR 52.5
The following bug fixes and improvements are included:
- Better support for Charter/Spectrum IMAP
- No longer mark other messages as read in search folders spanning multiple base folders
- IMAP alerts have been corrected and now show the correct server name in case of connection problems
- POP alerts have been corrected and now indicate connection problems in case the configured POP server cannot be found
- ID
- openSUSE-SU-2017:3110-1
- Severity
- moderate
- Published
-
2017-11-27T18:50:59
(6 years ago) - Modified
-
2017-11-27T18:50:59
(6 years ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
-
ASA-201711-23
-
ASA-201711-43
-
DSA-4035-1
-
DSA-4061-1
-
DSA-4075-1
-
ELSA-2017-3247
-
ELSA-2017-3372
-
FREEBSD:F78EAC48-C3D1-4666-8DE5-63CEEA25A578
-
GLSA-201803-14
-
MFSA-2017-24
-
MFSA-2017-25
-
MFSA-2017-26
-
openSUSE-SU-2017:3108-1
-
RHSA-2017:3247
-
RHSA-2017:3372
-
SUSE-SU-2017:3213-1
-
SUSE-SU-2017:3233-1
-
USN-3477-1
-
USN-3490-1
-
USN-3688-1
-
| Source | # ID | Name | URL |
|---|---|---|---|
| Suse | SUSE ratings |
|
|
| Suse | URL of this CSAF notice |
|
|
| Bugzilla | SUSE Bug 1068101 |
|
|
| CVE | SUSE CVE CVE-2017-7826 page |
|
|
| CVE | SUSE CVE CVE-2017-7828 page |
|
|
| CVE | SUSE CVE CVE-2017-7830 page |
|
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/opensuse/MozillaThunderbird?arch=x86_64&distro=opensuse-12&repo=suse-package-hub | opensuse |
 MozillaThunderbird
|
< 52.5.0-48.1 | opensuse-12 | x86_64 | |
| Affected | pkg:rpm/opensuse/MozillaThunderbird-translations-other?arch=x86_64&distro=opensuse-12&repo=suse-package-hub | opensuse |
MozillaThunderbird-translations-other
|
< 52.5.0-48.1 | opensuse-12 | x86_64 | |
| Affected | pkg:rpm/opensuse/MozillaThunderbird-translations-common?arch=x86_64&distro=opensuse-12&repo=suse-package-hub | opensuse |
MozillaThunderbird-translations-common
|
< 52.5.0-48.1 | opensuse-12 | x86_64 | |
| Affected | pkg:rpm/opensuse/MozillaThunderbird-devel?arch=x86_64&distro=opensuse-12&repo=suse-package-hub | opensuse |
MozillaThunderbird-devel
|
< 52.5.0-48.1 | opensuse-12 | x86_64 | |
| Affected | pkg:rpm/opensuse/MozillaThunderbird-buildsymbols?arch=x86_64&distro=opensuse-12&repo=suse-package-hub | opensuse |
MozillaThunderbird-buildsymbols
|
< 52.5.0-48.1 | opensuse-12 | x86_64 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |