Oval Definition:oval:org.opensuse.security:def:109881
Revision Date:2019-06-24Version:1
Title:Security update for MozillaThunderbird (Important)
Description:

This update for MozillaThunderbird fixes the following issues:

Security issues fixed:

- CVE-2019-11703: Fixed a heap-based buffer overflow in icalmemorystrdupanddequote() (bsc#1137595). - CVE-2019-11704: Fixed a heap-based buffer overflow in parser_get_next_char() (bsc#1137595). - CVE-2019-11705: Fixed a stack-based buffer overflow in icalrecur_add_bydayrules() (bsc#1137595). - CVE-2019-11706: Fixed a type confusion in icaltimezone_get_vtimezone_properties() (bsc#1137595). - CVE-2019-11707: Fixed a type confusion in Array.pop (bsc#1138872). - CVE-2019-11708: Fixed a sandbox escape using Prompt:Open (bsc#1138872).

This update was imported from the SUSE:SLE-15:Update update project.
Family:unixClass:patch
Status:Reference(s):1137595
1138872
CVE-2019-11703
CVE-2019-11704
CVE-2019-11705
CVE-2019-11706
CVE-2019-11707
CVE-2019-11708
openSUSE-SU-2019:1606-1
Platform(s):openSUSE Leap 15.1
Product(s):
Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • MozillaThunderbird-60.7.2-lp151.2.7.1 is installed
  • OR MozillaThunderbird-buildsymbols-60.7.2-lp151.2.7.1 is installed
  • OR MozillaThunderbird-translations-common-60.7.2-lp151.2.7.1 is installed
  • OR MozillaThunderbird-translations-other-60.7.2-lp151.2.7.1 is installed
    • BACK