[SUSE-SU-2020:1225-1] Security update for MozillaThunderbird
Security update for MozillaThunderbird
This update for MozillaThunderbird fixes the following issues:
- Update to 68.8.0 ESR
MFSA 2020-18 (bsc#1171186)
* CVE-2020-12397 (bmo#1617370)
Sender Email Address Spoofing using encoded Unicode
characters
* CVE-2020-12387 (bmo#1545345)
Use-after-free during worker shutdown
* CVE-2020-6831 (bmo#1632241)
Buffer overflow in SCTP chunk input validation
* CVE-2020-12392 (bmo#1614468)
Arbitrary local file access with 'Copy as cURL'
* CVE-2020-12393 (bmo#1615471)
Devtools' 'Copy as cURL' feature did not fully escape
website-controlled data, potentially leading to command
injection
* CVE-2020-12395 (bmo#1595886, bmo#1611482, bmo#1614704,
bmo#1624098, bmo#1625749, bmo#1626382, bmo#1628076,
bmo#1631508)
Memory safety bugs fixed in Thunderbird 68.8.0
- ID
- SUSE-SU-2020:1225-1
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2020/suse-su-20201225-1/
- Published
-
2020-05-08T08:48:22
(4 years ago) - Modified
-
2020-05-08T08:48:22
(4 years ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
-
ALAS2-2020-1429
-
ALPINE:CVE-2020-12387
-
ALPINE:CVE-2020-12392
-
ALPINE:CVE-2020-12393
-
ALPINE:CVE-2020-12395
-
ALPINE:CVE-2020-12397
-
ALPINE:CVE-2020-6831
-
ASA-202005-2
-
ASA-202005-3
-
ASA-202005-7
-
DSA-4678-1
-
DSA-4683-1
-
DSA-4714-1
-
ELSA-2020-2031
-
ELSA-2020-2036
-
ELSA-2020-2037
-
ELSA-2020-2046
-
ELSA-2020-2049
-
ELSA-2020-2050
-
GLSA-202005-03
-
GLSA-202005-04
-
MFSA-2020-16
-
MFSA-2020-17
-
MFSA-2020-18
-
openSUSE-SU-2020:0620-1
-
openSUSE-SU-2020:0621-1
-
openSUSE-SU-2020:0643-1
-
openSUSE-SU-2020:0648-1
-
openSUSE-SU-2020:0709-1
-
openSUSE-SU-2020:0917-1
-
RHSA-2020:2031
-
RHSA-2020:2036
-
RHSA-2020:2037
-
RHSA-2020:2046
-
RHSA-2020:2049
-
RHSA-2020:2050
-
RHSA-2020:2064
-
SSA:2020-126-01
-
SUSE-SU-2020:1209-1
-
SUSE-SU-2020:1218-1
-
USN-4353-1
-
USN-4373-1
-
| Source | # ID | Name | URL |
|---|---|---|---|
| Suse | SUSE ratings |
|
|
| Suse | URL of this CSAF notice |
|
|
| Suse | URL for SUSE-SU-2020:1225-1 |
|
|
| Suse | E-Mail link for SUSE-SU-2020:1225-1 |
|
|
| Bugzilla | SUSE Bug 1171186 |
|
|
| CVE | SUSE CVE CVE-2020-12387 page |
|
|
| CVE | SUSE CVE CVE-2020-12392 page |
|
|
| CVE | SUSE CVE CVE-2020-12393 page |
|
|
| CVE | SUSE CVE CVE-2020-12395 page |
|
|
| CVE | SUSE CVE CVE-2020-12397 page |
|
|
| CVE | SUSE CVE CVE-2020-6831 page |
|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |