| Revision Date: | 2020-07-13 | Version: | 1 |
| Title: | Security update for MozillaThunderbird (Important) |
| Description: |
This update for MozillaThunderbird to version 68.10.0 ESR fixes the following issues:
- CVE-2020-12417: Memory corruption due to missing sign-extension for ValueTags on ARM64 (bsc#1173576). - CVE-2020-12418: Information disclosure due to manipulated URL object (bsc#1173576). - CVE-2020-12419: Use-after-free in nsGlobalWindowInner (bsc#1173576). - CVE-2020-12420: Use-After-Free when trying to connect to a STUN server (bsc#1173576). - CVE-2020-12421: Add-On updates did not respect the same certificate trust rules as software updates (bsc#1173576).
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | 1173576
CVE-2020-12417
CVE-2020-12418
CVE-2020-12419
CVE-2020-12420
CVE-2020-12421
SUSE-SU-2020:1900-1
|
| Platform(s): | SUSE Linux Enterprise Desktop 15 SP2
SUSE Linux Enterprise Server 15 SP2
SUSE Linux Enterprise Server for SAP Applications 15 SP2
SUSE Linux Enterprise Workstation Extension 15 SP2
| Product(s): | |
| Definition Synopsis |
| Release Information SUSE Linux Enterprise Desktop 15 SP2 is installed
OR SUSE Linux Enterprise Server 15 SP2 is installed
OR SUSE Linux Enterprise Server for SAP Applications 15 SP2 is installed
OR SUSE Linux Enterprise Workstation Extension 15 SP2 is installed
AND Package Information
MozillaThunderbird-68.10.0-3.88.1 is installed
OR MozillaThunderbird-translations-common-68.10.0-3.88.1 is installed
OR MozillaThunderbird-translations-other-68.10.0-3.88.1 is installed
|