Oval Definition:oval:org.opensuse.security:def:202129948
Revision Date:2022-09-02Version:1
Title:CVE-2021-29948
Description:

Signatures are written to disk before and read during verification, which might be subject to a race condition when a malicious local process or user is replacing the file. This vulnerability affects Thunderbird < 78.10.
Family:unixClass:vulnerability
Status:Reference(s):Mitre CVE-2021-29948
SUSE CVE-2021-29948
SUSE-SU-2021:1432-1
openSUSE-SU-2021:0644-1
Platform(s):openSUSE Leap 15.2
openSUSE Leap 15.3
openSUSE Leap 15.3 SLE Imports
openSUSE Leap 15.4
openSUSE Tumbleweed
SUSE Linux Enterprise Desktop 15 SP2
SUSE Linux Enterprise Desktop 15 SP4
SUSE Linux Enterprise High Performance Computing 12 SP5
SUSE Linux Enterprise Server 15 SP2
SUSE Linux Enterprise Server 15 SP4
SUSE Linux Enterprise Server for SAP Applications 15 SP2
SUSE Linux Enterprise Server for SAP Applications 15 SP4
SUSE Linux Enterprise Workstation Extension 15 SP2
SUSE Linux Enterprise Workstation Extension 15 SP4
Product(s):
Definition Synopsis
  • openSUSE Leap 15.3 SLE Imports is installed
  • AND Package Information
  • MozillaThunderbird-78.10.0-8.23.1 is installed
  • AND MozillaThunderbird is signed with openSUSE key
  • OR
  • MozillaThunderbird-translations-common-78.10.0-8.23.1 is installed
  • AND MozillaThunderbird-translations-common is signed with openSUSE key
  • OR
  • MozillaThunderbird-translations-other-78.10.0-8.23.1 is installed
  • AND MozillaThunderbird-translations-other is signed with openSUSE key
    • Definition Synopsis
  • openSUSE Tumbleweed is installed
  • AND Package Information
  • MozillaThunderbird-91.1.1-1.1 is installed
  • OR MozillaThunderbird-translations-common-91.1.1-1.1 is installed
  • OR MozillaThunderbird-translations-other-91.1.1-1.1 is installed
    • Definition Synopsis
  • openSUSE Leap 15.2 is installed
  • AND Package Information
  • MozillaThunderbird-78.10.0-lp152.2.41.1 is installed
  • AND MozillaThunderbird is signed with openSUSE key
  • OR
  • MozillaThunderbird-translations-common-78.10.0-lp152.2.41.1 is installed
  • AND MozillaThunderbird-translations-common is signed with openSUSE key
  • OR
  • MozillaThunderbird-translations-other-78.10.0-lp152.2.41.1 is installed
  • AND MozillaThunderbird-translations-other is signed with openSUSE key
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 15 SP2 is installed
  • OR SUSE Linux Enterprise Server 15 SP2 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP2 is installed
  • OR SUSE Linux Enterprise Workstation Extension 15 SP2 is installed
  • AND Package Information
  • MozillaThunderbird-78.10.0-8.23.1 is installed
  • OR MozillaThunderbird-translations-common-78.10.0-8.23.1 is installed
  • OR MozillaThunderbird-translations-other-78.10.0-8.23.1 is installed
    • Definition Synopsis
  • openSUSE Leap 15.3 is installed
  • AND Package Information
  • MozillaThunderbird-78.10.0-bp153.1.1 is installed
  • AND MozillaThunderbird is signed with openSUSE key
  • OR
  • MozillaThunderbird-translations-common-78.10.0-bp153.1.1 is installed
  • AND MozillaThunderbird-translations-common is signed with openSUSE key
  • OR
  • MozillaThunderbird-translations-other-78.10.0-bp153.1.1 is installed
  • AND MozillaThunderbird-translations-other is signed with openSUSE key
    • Definition Synopsis
  • openSUSE Leap 15.4 is installed
  • AND Package Information
  • MozillaThunderbird-91.8.0-150200.8.65.1 is installed
  • AND MozillaThunderbird is signed with openSUSE key
  • OR
  • MozillaThunderbird-translations-common-91.8.0-150200.8.65.1 is installed
  • AND MozillaThunderbird-translations-common is signed with openSUSE key
  • OR
  • MozillaThunderbird-translations-other-91.8.0-150200.8.65.1 is installed
  • AND MozillaThunderbird-translations-other is signed with openSUSE key
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 15 SP4 is installed
  • OR SUSE Linux Enterprise Server 15 SP4 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP4 is installed
  • OR SUSE Linux Enterprise Workstation Extension 15 SP4 is installed
  • AND Package Information
  • MozillaThunderbird-91.8.0-150200.8.65.1 is installed
  • OR MozillaThunderbird-translations-common-91.8.0-150200.8.65.1 is installed
  • OR MozillaThunderbird-translations-other-91.8.0-150200.8.65.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Performance Computing 12 SP5 is installed
  • AND MozillaFirefox is affected
    • BACK