[openSUSE-SU-2020:0094-1] Security update for MozillaThunderbird
Severity
Important
Affected Packages
3
CVEs
7
Security update for MozillaThunderbird
This update for MozillaThunderbird to version 68.4.1 fixes the following issues:
Security issues fixed:
- CVE-2019-17026: IonMonkey type confusion with StoreElementHole and FallibleStoreElement
- CVE-2019-17016: Bypass of @namespace CSS sanitization during pasting
- CVE-2019-17017: Type Confusion in XPCVariant.cpp
- CVE-2019-17022: CSS sanitization does not escape HTML tags
- CVE-2019-17024: multiple Memory safety bugs fixed
Non-security issues fixed:
- Various improvements when setting up an account for a Microsoft Exchange server. For example better detection for Office 365 accounts.
This update was imported from the SUSE:SLE-15:Update update project.
Package | Affected Version |
---|---|
pkg:rpm/opensuse/MozillaThunderbird?arch=x86_64&distro=opensuse-leap-15.1 | < 68.4.1-lp151.2.22.2 |
pkg:rpm/opensuse/MozillaThunderbird-translations-other?arch=x86_64&distro=opensuse-leap-15.1 | < 68.4.1-lp151.2.22.2 |
pkg:rpm/opensuse/MozillaThunderbird-translations-common?arch=x86_64&distro=opensuse-leap-15.1 | < 68.4.1-lp151.2.22.2 |
- ID
- openSUSE-SU-2020:0094-1
- Severity
- important
- URL
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/OJFCANPRYJXAXFVESLPVQQXRQHIF7VBS/
- Published
-
2020-01-22T12:57:08
(4 years ago) - Modified
-
2020-01-22T12:57:08
(4 years ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
- ALAS2-2020-1393
- ALPINE:CVE-2019-17016
- ALPINE:CVE-2019-17017
- ALPINE:CVE-2019-17022
- ALPINE:CVE-2019-17024
- ALPINE:CVE-2019-17026
- ASA-202001-1
- ASA-202001-3
- ASA-202001-4
- CISA-2021:1103
- DSA-4600-1
- DSA-4603-1
- ELSA-2020-0085
- ELSA-2020-0086
- ELSA-2020-0111
- ELSA-2020-0120
- ELSA-2020-0123
- ELSA-2020-0127
- GLSA-202003-02
- MFSA-2020-01
- MFSA-2020-02
- MFSA-2020-03
- MFSA-2020-04
- openSUSE-SU-2020:0060-1
- RHSA-2020:0085
- RHSA-2020:0086
- RHSA-2020:0111
- RHSA-2020:0120
- RHSA-2020:0123
- RHSA-2020:0127
- SSA:2020-010-01
- SUSE-SU-2020:0068-1
- SUSE-SU-2020:0078-1
- SUSE-SU-2020:0142-1
- USN-4234-1
- USN-4241-1
- USN-4335-1
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/opensuse/MozillaThunderbird?arch=x86_64&distro=opensuse-leap-15.1 | opensuse | MozillaThunderbird | < 68.4.1-lp151.2.22.2 | opensuse-leap-15.1 | x86_64 | |
Affected | pkg:rpm/opensuse/MozillaThunderbird-translations-other?arch=x86_64&distro=opensuse-leap-15.1 | opensuse | MozillaThunderbird-translations-other | < 68.4.1-lp151.2.22.2 | opensuse-leap-15.1 | x86_64 | |
Affected | pkg:rpm/opensuse/MozillaThunderbird-translations-common?arch=x86_64&distro=opensuse-leap-15.1 | opensuse | MozillaThunderbird-translations-common | < 68.4.1-lp151.2.22.2 | opensuse-leap-15.1 | x86_64 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |