[openSUSE-SU-2020:0366-1] Security update for MozillaThunderbird
Severity
Important
Affected Packages
3
CVEs
7
Security update for MozillaThunderbird
This update for MozillaThunderbird fixes the following issues:
MozillaThunderbird was updated to 68.6.0 ESR (MFSA 2020-10 bsc#1166238)
- CVE-2020-6805: Fixed a use-after-free when removing data about origins
- CVE-2020-6806: Fixed improper protections against state confusion
- CVE-2020-6807: Fixed a use-after-free in cubeb during stream destruction
- CVE-2020-6811: Fixed an issue where copy as cURL' feature did not fully escape website-controlled data potentially leading to command injection
- CVE-2019-20503: Fixed out of bounds reads in sctp_load_addresses_from_init
- CVE-2020-6812: Fixed an issue where the names of AirPods with personally identifiable information were exposed to websites with camera or microphone permission
- CVE-2020-6814: Fixed multiple memory safety bugs
This update was imported from the SUSE:SLE-15:Update update project.
| Package | Affected Version |
|---|---|
 pkg:rpm/opensuse/MozillaThunderbird?arch=x86_64&distro=opensuse-leap-15.1
|
< 68.6.0-lp151.2.28.1 |
|
pkg:rpm/opensuse/MozillaThunderbird-translations-other?arch=x86_64&distro=opensuse-leap-15.1
|
< 68.6.0-lp151.2.28.1 |
|
pkg:rpm/opensuse/MozillaThunderbird-translations-common?arch=x86_64&distro=opensuse-leap-15.1
|
< 68.6.0-lp151.2.28.1 |
- ID
- openSUSE-SU-2020:0366-1
- Severity
- important
- URL
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/M4XSGNQTGWEYYC34KIWMTBKR7IVQN3XO/
- Published
-
2020-03-22T11:16:48
(4 years ago) - Modified
-
2020-03-22T11:16:48
(4 years ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
-
ALAS2-2020-1414
-
ALPINE:CVE-2019-20503
-
ALPINE:CVE-2020-6805
-
ALPINE:CVE-2020-6806
-
ALPINE:CVE-2020-6807
-
ALPINE:CVE-2020-6811
-
ALPINE:CVE-2020-6812
-
ALPINE:CVE-2020-6814
-
ASA-202003-11
-
ASA-202003-12
-
ASA-202003-8
-
DSA-4639-1
-
DSA-4642-1
-
DSA-4645-1
-
ELSA-2020-0815
-
ELSA-2020-0816
-
ELSA-2020-0820
-
ELSA-2020-0905
-
ELSA-2020-0914
-
ELSA-2020-0919
-
FEDORA-2020-17149a4f3d
-
FEDORA-2020-39e0b8bd14
-
FEDORA-2020-7fd051b378
-
GLSA-202003-02
-
GLSA-202003-10
-
MFSA-2020-08
-
MFSA-2020-09
-
MFSA-2020-10
-
MS:CVE-2019-20503
-
openSUSE-SU-2020:0340-1
-
openSUSE-SU-2020:0365-1
-
openSUSE-SU-2020:0389-1
-
RHSA-2020:0815
-
RHSA-2020:0816
-
RHSA-2020:0820
-
RHSA-2020:0905
-
RHSA-2020:0914
-
RHSA-2020:0919
-
RHSA-2020:1270
-
SSA:2020-070-01
-
SSA:2020-073-01
-
SUSE-SU-2020:0686-1
-
SUSE-SU-2020:0717-1
-
SUSE-SU-2020:0721-1
-
USN-4299-1
-
USN-4328-1
-
USN-4335-1
-
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/opensuse/MozillaThunderbird?arch=x86_64&distro=opensuse-leap-15.1 | opensuse |
MozillaThunderbird
|
< 68.6.0-lp151.2.28.1 | opensuse-leap-15.1 | x86_64 | |
| Affected | pkg:rpm/opensuse/MozillaThunderbird-translations-other?arch=x86_64&distro=opensuse-leap-15.1 | opensuse |
MozillaThunderbird-translations-other
|
< 68.6.0-lp151.2.28.1 | opensuse-leap-15.1 | x86_64 | |
| Affected | pkg:rpm/opensuse/MozillaThunderbird-translations-common?arch=x86_64&distro=opensuse-leap-15.1 | opensuse |
MozillaThunderbird-translations-common
|
< 68.6.0-lp151.2.28.1 | opensuse-leap-15.1 | x86_64 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |