Oval Definition:oval:org.opensuse.security:def:102105
Revision Date:2022-03-21Version:1
Title:Security update for MozillaThunderbird (Important)
Description:

This update for MozillaThunderbird fixes the following issues:

Updated to version 91.7 (bsc#1196900): - CVE-2022-26381: Fixed an invalid memory access due to text reflow when SVG objects were present. - CVE-2022-26383: Fixed an issue where, when resizing a popup after requesting fullscreen access, the popup would not display the fullscreen notification. - CVE-2022-26384: Fixed an iframe XSS sandbox bypass when allow-popups was used on the iframe. - CVE-2022-26386: Fixed an issue where downloadable temporary files were accessible to other local users. - CVE-2022-26387: Fixed a potential add-on signature verification bypass due to a race condition.
Family:unixClass:patch
Status:Reference(s):1190400
1196900
CVE-2021-40812
CVE-2022-26381
CVE-2022-26383
CVE-2022-26384
CVE-2022-26386
CVE-2022-26387
SUSE-SU-2022:0906-1
Platform(s):SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2
SUSE Linux Enterprise Module for Package Hub 15 SP3
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Package Hub 15 SP3 is installed
  • AND Package Information
  • MozillaThunderbird-91.7.0-150200.8.62.7 is installed
  • OR MozillaThunderbird-translations-common-91.7.0-150200.8.62.7 is installed
  • OR MozillaThunderbird-translations-other-91.7.0-150200.8.62.7 is installed
    • BACK