[SUSE-SU-2023:3228-1] Security update for MozillaThunderbird
Severity
Important
Affected Packages
24
CVEs
11
Security update for MozillaThunderbird
This update for MozillaThunderbird fixes the following issues:
Update Mozilla Thunderbird 115.1.0 (bsc#1213746):
- CVE-2023-4045: Fixed cross-origin restrictions bypass with Offscreen Canvas (bmo#1833876).
- CVE-2023-4046: Fixed incorrect value used during WASM compilation (bmo#1837686).
- CVE-2023-4047: Fixed potential permissions request bypass via clickjacking (bmo#1839073).
- CVE-2023-4048: Fixed crash in DOMParser due to out-of-memory conditions (bmo#1841368).
- CVE-2023-4049: Fixed potential race conditions when releasing platform objects (bmo#1842658).
- CVE-2023-4050: Fixed stack buffer overflow in StorageManager (bmo#1843038).
- CVE-2023-4052: Fixed file deletion and privilege escalation through Firefox uninstaller (bmo#1824420).
- CVE-2023-4054: Fixed lack of warning when opening appref-ms files (bmo#1840777).
- CVE-2023-4055: Fixed cookie jar overflow caused unexpected cookie jar state (bmo#1782561).
- CVE-2023-4056: Fixed memory safety bugs (bmo#1820587, bmo#1824634, bmo#1839235, bmo#1842325, bmo#1843847).
- CVE-2023-4057: Fixed memory safety bugs (bmo#1841682).
Bugfixes:
- Remove bashisms from startup-script (bsc#1213657).
- ID
- SUSE-SU-2023:3228-1
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2023/suse-su-20233228-1/
- Published
-
2023-08-08T11:54:49
(13 months ago) - Modified
-
2023-08-08T11:54:49
(13 months ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
-
ALAS2-2023-2248
-
ALPINE:CVE-2023-4045
-
ALPINE:CVE-2023-4046
-
ALPINE:CVE-2023-4047
-
ALPINE:CVE-2023-4048
-
ALPINE:CVE-2023-4049
-
ALPINE:CVE-2023-4050
-
ALPINE:CVE-2023-4052
-
ALPINE:CVE-2023-4054
-
ALPINE:CVE-2023-4055
-
ALPINE:CVE-2023-4056
-
ALPINE:CVE-2023-4057
-
ALSA-2023:4462
-
ALSA-2023:4468
-
ALSA-2023:4497
-
ALSA-2023:4499
-
DSA-5464-1
-
DSA-5469-1
-
ELSA-2023-4461
-
ELSA-2023-4462
-
ELSA-2023-4468
-
ELSA-2023-4495
-
ELSA-2023-4497
-
ELSA-2023-4499
-
GLSA-202402-25
-
MFSA-2023-29
-
MFSA-2023-30
-
MFSA-2023-31
-
MFSA-2023-32
-
MFSA-2023-33
-
RHSA-2023:4461
-
RHSA-2023:4462
-
RHSA-2023:4468
-
RHSA-2023:4495
-
RHSA-2023:4497
-
RHSA-2023:4499
-
RLSA-2023:4462
-
RLSA-2023:4468
-
RLSA-2023:4497
-
RLSA-2023:4499
-
SSA:2023-216-01
-
SUSE-SU-2023:3161-1
-
SUSE-SU-2023:3162-1
-
SUSE-SU-2023:3163-1
-
USN-6267-1
-
USN-6333-1
-
USN-6405-1
-
USN-6406-1
-
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/suse/MozillaThunderbird?arch=x86_64&distro=opensuse-leap-15.5 | suse |
 MozillaThunderbird
|
< 115.1.0-150200.8.127.1 | opensuse-leap-15.5 | x86_64 | |
| Affected | pkg:rpm/suse/MozillaThunderbird?arch=x86_64&distro=opensuse-leap-15.4 | suse |
MozillaThunderbird
|
< 115.1.0-150200.8.127.1 | opensuse-leap-15.4 | x86_64 | |
| Affected | pkg:rpm/suse/MozillaThunderbird?arch=s390x&distro=opensuse-leap-15.5 | suse |
MozillaThunderbird
|
< 115.1.0-150200.8.127.1 | opensuse-leap-15.5 | s390x | |
| Affected | pkg:rpm/suse/MozillaThunderbird?arch=s390x&distro=opensuse-leap-15.4 | suse |
MozillaThunderbird
|
< 115.1.0-150200.8.127.1 | opensuse-leap-15.4 | s390x | |
| Affected | pkg:rpm/suse/MozillaThunderbird?arch=ppc64le&distro=opensuse-leap-15.5 | suse |
MozillaThunderbird
|
< 115.1.0-150200.8.127.1 | opensuse-leap-15.5 | ppc64le | |
| Affected | pkg:rpm/suse/MozillaThunderbird?arch=ppc64le&distro=opensuse-leap-15.4 | suse |
MozillaThunderbird
|
< 115.1.0-150200.8.127.1 | opensuse-leap-15.4 | ppc64le | |
| Affected | pkg:rpm/suse/MozillaThunderbird?arch=aarch64&distro=opensuse-leap-15.5 | suse |
MozillaThunderbird
|
< 115.1.0-150200.8.127.1 | opensuse-leap-15.5 | aarch64 | |
| Affected | pkg:rpm/suse/MozillaThunderbird?arch=aarch64&distro=opensuse-leap-15.4 | suse |
MozillaThunderbird
|
< 115.1.0-150200.8.127.1 | opensuse-leap-15.4 | aarch64 | |
| Affected | pkg:rpm/suse/MozillaThunderbird-translations-other?arch=x86_64&distro=opensuse-leap-15.5 | suse |
MozillaThunderbird-translations-other
|
< 115.1.0-150200.8.127.1 | opensuse-leap-15.5 | x86_64 | |
| Affected | pkg:rpm/suse/MozillaThunderbird-translations-other?arch=x86_64&distro=opensuse-leap-15.4 | suse |
MozillaThunderbird-translations-other
|
< 115.1.0-150200.8.127.1 | opensuse-leap-15.4 | x86_64 | |
| Affected | pkg:rpm/suse/MozillaThunderbird-translations-other?arch=s390x&distro=opensuse-leap-15.5 | suse |
MozillaThunderbird-translations-other
|
< 115.1.0-150200.8.127.1 | opensuse-leap-15.5 | s390x | |
| Affected | pkg:rpm/suse/MozillaThunderbird-translations-other?arch=s390x&distro=opensuse-leap-15.4 | suse |
MozillaThunderbird-translations-other
|
< 115.1.0-150200.8.127.1 | opensuse-leap-15.4 | s390x | |
| Affected | pkg:rpm/suse/MozillaThunderbird-translations-other?arch=ppc64le&distro=opensuse-leap-15.5 | suse |
MozillaThunderbird-translations-other
|
< 115.1.0-150200.8.127.1 | opensuse-leap-15.5 | ppc64le | |
| Affected | pkg:rpm/suse/MozillaThunderbird-translations-other?arch=ppc64le&distro=opensuse-leap-15.4 | suse |
MozillaThunderbird-translations-other
|
< 115.1.0-150200.8.127.1 | opensuse-leap-15.4 | ppc64le | |
| Affected | pkg:rpm/suse/MozillaThunderbird-translations-other?arch=aarch64&distro=opensuse-leap-15.5 | suse |
MozillaThunderbird-translations-other
|
< 115.1.0-150200.8.127.1 | opensuse-leap-15.5 | aarch64 | |
| Affected | pkg:rpm/suse/MozillaThunderbird-translations-other?arch=aarch64&distro=opensuse-leap-15.4 | suse |
MozillaThunderbird-translations-other
|
< 115.1.0-150200.8.127.1 | opensuse-leap-15.4 | aarch64 | |
| Affected | pkg:rpm/suse/MozillaThunderbird-translations-common?arch=x86_64&distro=opensuse-leap-15.5 | suse |
MozillaThunderbird-translations-common
|
< 115.1.0-150200.8.127.1 | opensuse-leap-15.5 | x86_64 | |
| Affected | pkg:rpm/suse/MozillaThunderbird-translations-common?arch=x86_64&distro=opensuse-leap-15.4 | suse |
MozillaThunderbird-translations-common
|
< 115.1.0-150200.8.127.1 | opensuse-leap-15.4 | x86_64 | |
| Affected | pkg:rpm/suse/MozillaThunderbird-translations-common?arch=s390x&distro=opensuse-leap-15.5 | suse |
MozillaThunderbird-translations-common
|
< 115.1.0-150200.8.127.1 | opensuse-leap-15.5 | s390x | |
| Affected | pkg:rpm/suse/MozillaThunderbird-translations-common?arch=s390x&distro=opensuse-leap-15.4 | suse |
MozillaThunderbird-translations-common
|
< 115.1.0-150200.8.127.1 | opensuse-leap-15.4 | s390x | |
| Affected | pkg:rpm/suse/MozillaThunderbird-translations-common?arch=ppc64le&distro=opensuse-leap-15.5 | suse |
MozillaThunderbird-translations-common
|
< 115.1.0-150200.8.127.1 | opensuse-leap-15.5 | ppc64le | |
| Affected | pkg:rpm/suse/MozillaThunderbird-translations-common?arch=ppc64le&distro=opensuse-leap-15.4 | suse |
MozillaThunderbird-translations-common
|
< 115.1.0-150200.8.127.1 | opensuse-leap-15.4 | ppc64le | |
| Affected | pkg:rpm/suse/MozillaThunderbird-translations-common?arch=aarch64&distro=opensuse-leap-15.5 | suse |
MozillaThunderbird-translations-common
|
< 115.1.0-150200.8.127.1 | opensuse-leap-15.5 | aarch64 | |
| Affected | pkg:rpm/suse/MozillaThunderbird-translations-common?arch=aarch64&distro=opensuse-leap-15.4 | suse |
MozillaThunderbird-translations-common
|
< 115.1.0-150200.8.127.1 | opensuse-leap-15.4 | aarch64 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |