[SUSE-SU-2023:0329-1] Security update for MozillaThunderbird
Severity
Important
Affected Packages
12
CVEs
9
Security update for MozillaThunderbird
This update for MozillaThunderbird fixes the following issues:
Updated to version 102.7.1 (bsc#1207119):
* CVE-2022-46871: Fixed out of date libusrsctp.
* CVE-2023-23598: Fixed arbitrary file read from GTK drag and drop on Linux.
* CVE-2023-23599: Fixed issue where malicious command that could be hidden in devtools output on Windows.
* CVE-2023-23601: Fixed issue where URL being dragged from cross-origin iframe into same tab triggers navigation.
* CVE-2023-23602: Fixed Content Security Policy not being correctly applied to WebSockets in WebWorkers.
* CVE-2022-46877: Fixed fullscreen notification bypass.
* CVE-2023-23603: Fixed issue where calls to code tag allowed bypassing Content Security Policy via format directive.
* CVE-2023-23605: Fixed memory safety bugs.
- ID
- SUSE-SU-2023:0329-1
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2023/suse-su-20230329-1/
- Published
-
2023-02-09T09:20:22
(19 months ago) - Modified
-
2023-02-09T09:20:22
(19 months ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
-
ALAS2-2023-1951
-
ALPINE:CVE-2022-46871
-
ALPINE:CVE-2022-46877
-
ALPINE:CVE-2023-23598
-
ALPINE:CVE-2023-23599
-
ALPINE:CVE-2023-23601
-
ALPINE:CVE-2023-23602
-
ALPINE:CVE-2023-23603
-
ALPINE:CVE-2023-23605
-
ALSA-2023:0285
-
ALSA-2023:0288
-
ALSA-2023:0463
-
ALSA-2023:0476
-
ALSA-2023:0606
-
ALSA-2023:0608
-
DSA-5322-1
-
DSA-5355-1
-
ELSA-2023-0285
-
ELSA-2023-0288
-
ELSA-2023-0296
-
ELSA-2023-0456
-
ELSA-2023-0463
-
ELSA-2023-0476
-
ELSA-2023-0600
-
ELSA-2023-0606
-
ELSA-2023-0608
-
GLSA-202305-06
-
GLSA-202305-13
-
MFSA-2022-51
-
MFSA-2023-01
-
MFSA-2023-02
-
MFSA-2023-03
-
MFSA-2023-04
-
RHSA-2023:0285
-
RHSA-2023:0288
-
RHSA-2023:0296
-
RHSA-2023:0456
-
RHSA-2023:0463
-
RHSA-2023:0476
-
RHSA-2023:0600
-
RHSA-2023:0606
-
RHSA-2023:0608
-
RLSA-2023:0285
-
RLSA-2023:0288
-
RLSA-2023:0463
-
RLSA-2023:0476
-
RLSA-2023:0606
-
RLSA-2023:0608
-
SSA:2023-018-04
-
SSA:2023-032-03
-
SUSE-SU-2023:0111-1
-
SUSE-SU-2023:0112-1
-
SUSE-SU-2023:0113-1
-
USN-5782-1
-
USN-5816-1
-
USN-5824-1
-
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/suse/MozillaThunderbird?arch=x86_64&distro=opensuse-leap-15.4 | suse |
 MozillaThunderbird
|
< 102.7.1-150200.8.102.1 | opensuse-leap-15.4 | x86_64 | |
| Affected | pkg:rpm/suse/MozillaThunderbird?arch=s390x&distro=opensuse-leap-15.4 | suse |
MozillaThunderbird
|
< 102.7.1-150200.8.102.1 | opensuse-leap-15.4 | s390x | |
| Affected | pkg:rpm/suse/MozillaThunderbird?arch=ppc64le&distro=opensuse-leap-15.4 | suse |
MozillaThunderbird
|
< 102.7.1-150200.8.102.1 | opensuse-leap-15.4 | ppc64le | |
| Affected | pkg:rpm/suse/MozillaThunderbird?arch=aarch64&distro=opensuse-leap-15.4 | suse |
MozillaThunderbird
|
< 102.7.1-150200.8.102.1 | opensuse-leap-15.4 | aarch64 | |
| Affected | pkg:rpm/suse/MozillaThunderbird-translations-other?arch=x86_64&distro=opensuse-leap-15.4 | suse |
MozillaThunderbird-translations-other
|
< 102.7.1-150200.8.102.1 | opensuse-leap-15.4 | x86_64 | |
| Affected | pkg:rpm/suse/MozillaThunderbird-translations-other?arch=s390x&distro=opensuse-leap-15.4 | suse |
MozillaThunderbird-translations-other
|
< 102.7.1-150200.8.102.1 | opensuse-leap-15.4 | s390x | |
| Affected | pkg:rpm/suse/MozillaThunderbird-translations-other?arch=ppc64le&distro=opensuse-leap-15.4 | suse |
MozillaThunderbird-translations-other
|
< 102.7.1-150200.8.102.1 | opensuse-leap-15.4 | ppc64le | |
| Affected | pkg:rpm/suse/MozillaThunderbird-translations-other?arch=aarch64&distro=opensuse-leap-15.4 | suse |
MozillaThunderbird-translations-other
|
< 102.7.1-150200.8.102.1 | opensuse-leap-15.4 | aarch64 | |
| Affected | pkg:rpm/suse/MozillaThunderbird-translations-common?arch=x86_64&distro=opensuse-leap-15.4 | suse |
MozillaThunderbird-translations-common
|
< 102.7.1-150200.8.102.1 | opensuse-leap-15.4 | x86_64 | |
| Affected | pkg:rpm/suse/MozillaThunderbird-translations-common?arch=s390x&distro=opensuse-leap-15.4 | suse |
MozillaThunderbird-translations-common
|
< 102.7.1-150200.8.102.1 | opensuse-leap-15.4 | s390x | |
| Affected | pkg:rpm/suse/MozillaThunderbird-translations-common?arch=ppc64le&distro=opensuse-leap-15.4 | suse |
MozillaThunderbird-translations-common
|
< 102.7.1-150200.8.102.1 | opensuse-leap-15.4 | ppc64le | |
| Affected | pkg:rpm/suse/MozillaThunderbird-translations-common?arch=aarch64&distro=opensuse-leap-15.4 | suse |
MozillaThunderbird-translations-common
|
< 102.7.1-150200.8.102.1 | opensuse-leap-15.4 | aarch64 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |