Revision Date: | 2022-04-13 | Version: | 1 |
Title: | Security update for MozillaThunderbird (Important) |
Description: |
This update for MozillaThunderbird fixes the following issues:
- Updated to version 91.8 (bsc#1197903): - CVE-2022-1097: Fixed a memory corruption issue with NSSToken objects. - CVE-2022-28281: Fixed a memory corruption issue due to unexpected WebAuthN Extensions. - CVE-2022-1197: Fixed an issue where OpenPGP revocation information was ignored. - CVE-2022-1196: Fixed a memory corruption issue after VR process destruction. - CVE-2022-28282: Fixed a memory corruption issue in document translation. - CVE-2022-28285: Fixed a memory corruption issue in JIT code generation. - CVE-2022-28286: Fixed an iframe layout issue that could have been exploited to stage spoofing attacks. - CVE-2022-24713: Fixed a potential denial of service via complex regular expressions. - CVE-2022-28289: Fixed multiple memory corruption issues.
Non-security fixes:
- Changed Google accounts using password authentication to use OAuth2. - Fixed an issue where OpenPGP ECC keys created by Thunderbird could not be imported into GnuPG. - Fixed an issue where exporting multiple public PGP keys from Thunderbird was not possible. - Fixed an issue where replying to a newsgroup message erroneously displayed a 'No-reply' popup warning. - Fixed an issue with opening older address books. - Fixed an issue where LDAP directories would be lost when switching to 'Offline' mode. - Fixed an issue when importing webcals.
|
Family: | unix | Class: | patch |
Status: | | Reference(s): | 1182717 1183120 1183491 1197903 CVE-2021-27363 CVE-2021-27364 CVE-2021-27365 CVE-2022-1097 CVE-2022-1196 CVE-2022-1197 CVE-2022-24713 CVE-2022-28281 CVE-2022-28282 CVE-2022-28285 CVE-2022-28286 CVE-2022-28289 SUSE-SU-2022:1176-1
|
Platform(s): | SUSE Linux Enterprise Desktop 15 SP3 SUSE Linux Enterprise High Performance Computing 15 SP2 SUSE Linux Enterprise Module for Live Patching 15 SP2 SUSE Linux Enterprise Server 15 SP2 SUSE Linux Enterprise Server 15 SP3 SUSE Linux Enterprise Server for SAP Applications 15 SP2 SUSE Linux Enterprise Server for SAP Applications 15 SP3 SUSE Linux Enterprise Workstation Extension 15 SP3
| Product(s): | |
Definition Synopsis |
SUSE Linux Enterprise Module for Live Patching 15 SP2 is installed AND kernel-livepatch-5_3_18-24_9-default-8-2.2 is installed
|
Definition Synopsis |
Release Information
SUSE Linux Enterprise Desktop 15 SP3 is installed
OR SUSE Linux Enterprise Server 15 SP3 is installed
OR SUSE Linux Enterprise Server for SAP Applications 15 SP3 is installed
OR SUSE Linux Enterprise Workstation Extension 15 SP3 is installed
AND Package Information
MozillaThunderbird-91.8.0-150200.8.65.1 is installed
OR MozillaThunderbird-translations-common-91.8.0-150200.8.65.1 is installed
OR MozillaThunderbird-translations-other-91.8.0-150200.8.65.1 is installed
|