Oval Definition:oval:org.opensuse.security:def:486
Revision Date:2022-05-17Version:1
Title:Security update for MozillaThunderbird (Important)
Description:

This update for MozillaThunderbird fixes the following issues:

Various security fixes MFSA 2022-18 (bsc#1198970):

- CVE-2022-1520: Incorrect security status shown after viewing an attached email (bmo#1745019). - CVE-2022-29914: Fullscreen notification bypass using popups (bmo#1746448). - CVE-2022-29909: Bypassing permission prompt in nested browsing contexts (bmo#1755081). - CVE-2022-29916: Leaking browser history with CSS variables (bmo#1760674). - CVE-2022-29911: iframe sandbox bypass (bmo#1761981). - CVE-2022-29912: Reader mode bypassed SameSite cookies (bmo#1692655). - CVE-2022-29913: Speech Synthesis feature not properly disabled (bmo#1764778). - CVE-2022-29917: Memory safety bugs fixed in Thunderbird 91.9 (bmo#1684739, bmo#1706441, bmo#1753298, bmo#1762614, bmo#1762620).
Family:unixClass:patch
Status:Reference(s):1198970
CVE-2018-10873
CVE-2018-10873
CVE-2018-10893
CVE-2018-10893
CVE-2022-1520
CVE-2022-29909
CVE-2022-29911
CVE-2022-29912
CVE-2022-29913
CVE-2022-29914
CVE-2022-29916
CVE-2022-29917
SUSE-SU-2022:1719-1
Platform(s):openSUSE 13.1
openSUSE Leap 15.4
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 15 SP1
SUSE Linux Enterprise High Availability 12
SUSE Linux Enterprise High Availability 12 SP1
SUSE Linux Enterprise High Performance Computing 15 SP1
SUSE Linux Enterprise Live Patching 12
SUSE Linux Enterprise Module for Basesystem 15 SP1
SUSE Linux Enterprise Module for Containers 12
SUSE Linux Enterprise Module for Desktop Applications 15
SUSE Linux Enterprise Module for Legacy Software 12
SUSE Linux Enterprise Module for Public Cloud 12
SUSE Linux Enterprise Module for Server Applications 15
SUSE Linux Enterprise Server 15 SP1
SUSE Linux Enterprise Server for SAP Applications 15 SP1
SUSE Linux Enterprise Software Development Kit 12
SUSE Linux Enterprise Storage 6
SUSE Manager Proxy 4.0
SUSE Manager Server 4.0
Product(s):
Definition Synopsis
  • openSUSE Leap 15.4 is installed
  • AND Package Information
  • MozillaThunderbird-91.9.0-150200.8.68.2 is installed
  • OR MozillaThunderbird-translations-common-91.9.0-150200.8.68.2 is installed
  • OR MozillaThunderbird-translations-other-91.9.0-150200.8.68.2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • tigervnc-1.4.3-7 is installed
  • OR xorg-x11-Xvnc-1.4.3-7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed
  • AND Package Information
  • libspice-client-glib-2_0-8-0.35-1.48 is installed
  • OR libspice-client-glib-helper-0.35-1.48 is installed
  • OR libspice-client-gtk-3_0-5-0.35-1.48 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed
  • AND Package Information
  • libspice-client-glib-2_0-8-0.35-1 is installed
  • OR libspice-client-glib-helper-0.35-1 is installed
  • OR libspice-client-gtk-3_0-5-0.35-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Desktop Applications 15 is installed
  • AND Package Information
  • wireshark-2.4.9-3.9 is installed
  • OR wireshark-devel-2.4.9-3.9 is installed
  • OR wireshark-ui-qt-2.4.9-3.9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 is installed
  • AND Package Information
  • librelp-devel-1.2.15-1 is installed
  • OR librelp0-1.2.15-1 is installed
    • BACK