[SUSE-SU-2023:3228-1] Security update for MozillaThunderbird
Severity
Important
Affected Packages
24
CVEs
11
Security update for MozillaThunderbird
This update for MozillaThunderbird fixes the following issues:
Update Mozilla Thunderbird 115.1.0 (bsc#1213746):
- CVE-2023-4045: Fixed cross-origin restrictions bypass with Offscreen Canvas (bmo#1833876).
- CVE-2023-4046: Fixed incorrect value used during WASM compilation (bmo#1837686).
- CVE-2023-4047: Fixed potential permissions request bypass via clickjacking (bmo#1839073).
- CVE-2023-4048: Fixed crash in DOMParser due to out-of-memory conditions (bmo#1841368).
- CVE-2023-4049: Fixed potential race conditions when releasing platform objects (bmo#1842658).
- CVE-2023-4050: Fixed stack buffer overflow in StorageManager (bmo#1843038).
- CVE-2023-4052: Fixed file deletion and privilege escalation through Firefox uninstaller (bmo#1824420).
- CVE-2023-4054: Fixed lack of warning when opening appref-ms files (bmo#1840777).
- CVE-2023-4055: Fixed cookie jar overflow caused unexpected cookie jar state (bmo#1782561).
- CVE-2023-4056: Fixed memory safety bugs (bmo#1820587, bmo#1824634, bmo#1839235, bmo#1842325, bmo#1843847).
- CVE-2023-4057: Fixed memory safety bugs (bmo#1841682).
Bugfixes:
- Remove bashisms from startup-script (bsc#1213657).
- ID
- SUSE-SU-2023:3228-1
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2023/suse-su-20233228-1/
- Published
-
2023-08-08T11:54:49
(13 months ago) - Modified
-
2023-08-08T11:54:49
(13 months ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
- ALAS2-2023-2248
- ALPINE:CVE-2023-4045
- ALPINE:CVE-2023-4046
- ALPINE:CVE-2023-4047
- ALPINE:CVE-2023-4048
- ALPINE:CVE-2023-4049
- ALPINE:CVE-2023-4050
- ALPINE:CVE-2023-4052
- ALPINE:CVE-2023-4054
- ALPINE:CVE-2023-4055
- ALPINE:CVE-2023-4056
- ALPINE:CVE-2023-4057
- ALSA-2023:4462
- ALSA-2023:4468
- ALSA-2023:4497
- ALSA-2023:4499
- DSA-5464-1
- DSA-5469-1
- ELSA-2023-4461
- ELSA-2023-4462
- ELSA-2023-4468
- ELSA-2023-4495
- ELSA-2023-4497
- ELSA-2023-4499
- GLSA-202402-25
- MFSA-2023-29
- MFSA-2023-30
- MFSA-2023-31
- MFSA-2023-32
- MFSA-2023-33
- RHSA-2023:4461
- RHSA-2023:4462
- RHSA-2023:4468
- RHSA-2023:4495
- RHSA-2023:4497
- RHSA-2023:4499
- RLSA-2023:4462
- RLSA-2023:4468
- RLSA-2023:4497
- RLSA-2023:4499
- SSA:2023-216-01
- SUSE-SU-2023:3161-1
- SUSE-SU-2023:3162-1
- SUSE-SU-2023:3163-1
- USN-6267-1
- USN-6333-1
- USN-6405-1
- USN-6406-1
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/suse/MozillaThunderbird?arch=x86_64&distro=opensuse-leap-15.5 | suse | MozillaThunderbird | < 115.1.0-150200.8.127.1 | opensuse-leap-15.5 | x86_64 | |
Affected | pkg:rpm/suse/MozillaThunderbird?arch=x86_64&distro=opensuse-leap-15.4 | suse | MozillaThunderbird | < 115.1.0-150200.8.127.1 | opensuse-leap-15.4 | x86_64 | |
Affected | pkg:rpm/suse/MozillaThunderbird?arch=s390x&distro=opensuse-leap-15.5 | suse | MozillaThunderbird | < 115.1.0-150200.8.127.1 | opensuse-leap-15.5 | s390x | |
Affected | pkg:rpm/suse/MozillaThunderbird?arch=s390x&distro=opensuse-leap-15.4 | suse | MozillaThunderbird | < 115.1.0-150200.8.127.1 | opensuse-leap-15.4 | s390x | |
Affected | pkg:rpm/suse/MozillaThunderbird?arch=ppc64le&distro=opensuse-leap-15.5 | suse | MozillaThunderbird | < 115.1.0-150200.8.127.1 | opensuse-leap-15.5 | ppc64le | |
Affected | pkg:rpm/suse/MozillaThunderbird?arch=ppc64le&distro=opensuse-leap-15.4 | suse | MozillaThunderbird | < 115.1.0-150200.8.127.1 | opensuse-leap-15.4 | ppc64le | |
Affected | pkg:rpm/suse/MozillaThunderbird?arch=aarch64&distro=opensuse-leap-15.5 | suse | MozillaThunderbird | < 115.1.0-150200.8.127.1 | opensuse-leap-15.5 | aarch64 | |
Affected | pkg:rpm/suse/MozillaThunderbird?arch=aarch64&distro=opensuse-leap-15.4 | suse | MozillaThunderbird | < 115.1.0-150200.8.127.1 | opensuse-leap-15.4 | aarch64 | |
Affected | pkg:rpm/suse/MozillaThunderbird-translations-other?arch=x86_64&distro=opensuse-leap-15.5 | suse | MozillaThunderbird-translations-other | < 115.1.0-150200.8.127.1 | opensuse-leap-15.5 | x86_64 | |
Affected | pkg:rpm/suse/MozillaThunderbird-translations-other?arch=x86_64&distro=opensuse-leap-15.4 | suse | MozillaThunderbird-translations-other | < 115.1.0-150200.8.127.1 | opensuse-leap-15.4 | x86_64 | |
Affected | pkg:rpm/suse/MozillaThunderbird-translations-other?arch=s390x&distro=opensuse-leap-15.5 | suse | MozillaThunderbird-translations-other | < 115.1.0-150200.8.127.1 | opensuse-leap-15.5 | s390x | |
Affected | pkg:rpm/suse/MozillaThunderbird-translations-other?arch=s390x&distro=opensuse-leap-15.4 | suse | MozillaThunderbird-translations-other | < 115.1.0-150200.8.127.1 | opensuse-leap-15.4 | s390x | |
Affected | pkg:rpm/suse/MozillaThunderbird-translations-other?arch=ppc64le&distro=opensuse-leap-15.5 | suse | MozillaThunderbird-translations-other | < 115.1.0-150200.8.127.1 | opensuse-leap-15.5 | ppc64le | |
Affected | pkg:rpm/suse/MozillaThunderbird-translations-other?arch=ppc64le&distro=opensuse-leap-15.4 | suse | MozillaThunderbird-translations-other | < 115.1.0-150200.8.127.1 | opensuse-leap-15.4 | ppc64le | |
Affected | pkg:rpm/suse/MozillaThunderbird-translations-other?arch=aarch64&distro=opensuse-leap-15.5 | suse | MozillaThunderbird-translations-other | < 115.1.0-150200.8.127.1 | opensuse-leap-15.5 | aarch64 | |
Affected | pkg:rpm/suse/MozillaThunderbird-translations-other?arch=aarch64&distro=opensuse-leap-15.4 | suse | MozillaThunderbird-translations-other | < 115.1.0-150200.8.127.1 | opensuse-leap-15.4 | aarch64 | |
Affected | pkg:rpm/suse/MozillaThunderbird-translations-common?arch=x86_64&distro=opensuse-leap-15.5 | suse | MozillaThunderbird-translations-common | < 115.1.0-150200.8.127.1 | opensuse-leap-15.5 | x86_64 | |
Affected | pkg:rpm/suse/MozillaThunderbird-translations-common?arch=x86_64&distro=opensuse-leap-15.4 | suse | MozillaThunderbird-translations-common | < 115.1.0-150200.8.127.1 | opensuse-leap-15.4 | x86_64 | |
Affected | pkg:rpm/suse/MozillaThunderbird-translations-common?arch=s390x&distro=opensuse-leap-15.5 | suse | MozillaThunderbird-translations-common | < 115.1.0-150200.8.127.1 | opensuse-leap-15.5 | s390x | |
Affected | pkg:rpm/suse/MozillaThunderbird-translations-common?arch=s390x&distro=opensuse-leap-15.4 | suse | MozillaThunderbird-translations-common | < 115.1.0-150200.8.127.1 | opensuse-leap-15.4 | s390x | |
Affected | pkg:rpm/suse/MozillaThunderbird-translations-common?arch=ppc64le&distro=opensuse-leap-15.5 | suse | MozillaThunderbird-translations-common | < 115.1.0-150200.8.127.1 | opensuse-leap-15.5 | ppc64le | |
Affected | pkg:rpm/suse/MozillaThunderbird-translations-common?arch=ppc64le&distro=opensuse-leap-15.4 | suse | MozillaThunderbird-translations-common | < 115.1.0-150200.8.127.1 | opensuse-leap-15.4 | ppc64le | |
Affected | pkg:rpm/suse/MozillaThunderbird-translations-common?arch=aarch64&distro=opensuse-leap-15.5 | suse | MozillaThunderbird-translations-common | < 115.1.0-150200.8.127.1 | opensuse-leap-15.5 | aarch64 | |
Affected | pkg:rpm/suse/MozillaThunderbird-translations-common?arch=aarch64&distro=opensuse-leap-15.4 | suse | MozillaThunderbird-translations-common | < 115.1.0-150200.8.127.1 | opensuse-leap-15.4 | aarch64 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |