Oval Definition:oval:org.opensuse.security:def:53776
Revision Date:2020-12-01Version:1
Title:Security update for MozillaThunderbird (Important)
Description:

This update for MozillaThunderbird fixes the following issues:

Mozilla Thunderbird was updated to 60.7.0.

Attachment pane of Write window no longer focussed when attaching files using a keyboard shortcut

These security issues were fixed (MFSA 2019-15 bsc#1135824):

CVE-2019-9815: Disable hyperthreading on content JavaScript threads on macOS * CVE-2019-9816: Type confusion with object groups and UnboxedObjects * CVE-2019-9817: Stealing of cross-domain images using canvas * CVE-2019-9818: Use-after-free in crash generation server * CVE-2019-9819: Compartment mismatch with fetch API * CVE-2019-9820: Use-after-free of ChromeEventHandler by DocShell * CVE-2019-11691: Use-after-free in XMLHttpRequest * CVE-2019-11692: Use-after-free removing listeners in the event listener manager * CVE-2019-11693: Buffer overflow in WebGL bufferdata on Linux * CVE-2019-7317: Use-after-free in png_image_free of libpng library * CVE-2019-9797: Cross-origin theft of images with createImageBitmap * CVE-2018-18511: Cross-origin theft of images with ImageBitmapRenderingContext * CVE-2019-11694: (Windows only) Uninitialized memory memory leakage in Windows sandbox * CVE-2019-11698: Theft of user history data through drag and drop of hyperlinks to and from bookmarks * CVE-2019-5798: Out-of-bounds read in Skia * CVE-2019-9800: Memory safety bugs fixed in Firefox 67 and Firefox ESR 60.7
Family:unixClass:patch
Status:Reference(s):1008831
1008965
1011685
1012504
1012632
1012754
1019332
1020077
1020108
1020985
1022500
1023041
1025046
1032647
1052009
1064069
1064070
1064071
1064072
1064073
1064075
1064077
1064078
1064079
1064080
1064081
1064082
1064083
1064084
1064085
1064086
1111647
1130694
1133267
1135824
1155419
1160471
1170441
923144
928867
963448
994157
CVE-2009-0946
CVE-2010-2497
CVE-2010-2805
CVE-2010-3053
CVE-2010-3054
CVE-2010-3311
CVE-2010-3814
CVE-2010-3855
CVE-2011-0226
CVE-2011-3256
CVE-2011-3439
CVE-2012-1126
CVE-2012-1127
CVE-2012-1128
CVE-2012-1129
CVE-2012-1130
CVE-2012-1131
CVE-2012-1132
CVE-2012-1133
CVE-2012-1134
CVE-2012-1135
CVE-2012-1136
CVE-2012-1137
CVE-2012-1138
CVE-2012-1139
CVE-2012-1140
CVE-2012-1141
CVE-2012-1142
CVE-2012-1143
CVE-2012-1144
CVE-2012-5668
CVE-2012-5669
CVE-2012-5670
CVE-2014-2240
CVE-2014-2241
CVE-2014-3686
CVE-2014-9656
CVE-2014-9657
CVE-2014-9658
CVE-2014-9659
CVE-2014-9660
CVE-2014-9661
CVE-2014-9662
CVE-2014-9663
CVE-2014-9664
CVE-2014-9665
CVE-2014-9666
CVE-2014-9667
CVE-2014-9668
CVE-2014-9669
CVE-2014-9670
CVE-2014-9671
CVE-2014-9672
CVE-2014-9673
CVE-2014-9674
CVE-2014-9675
CVE-2015-0210
CVE-2015-1863
CVE-2015-3294
CVE-2015-4141
CVE-2015-4142
CVE-2015-4143
CVE-2015-5130
CVE-2015-5310
CVE-2015-8041
CVE-2016-10165
CVE-2016-10244
CVE-2016-2037
CVE-2016-6313
CVE-2016-8632
CVE-2016-8655
CVE-2016-9555
CVE-2016-9840
CVE-2016-9841
CVE-2016-9842
CVE-2016-9843
CVE-2017-0358
CVE-2017-10274
CVE-2017-10281
CVE-2017-10285
CVE-2017-10295
CVE-2017-10345
CVE-2017-10346
CVE-2017-10347
CVE-2017-10348
CVE-2017-10349
CVE-2017-10350
CVE-2017-10355
CVE-2017-10356
CVE-2017-10357
CVE-2017-10388
CVE-2017-10684
CVE-2017-10685
CVE-2017-11112
CVE-2017-11113
CVE-2017-13078
CVE-2017-13079
CVE-2017-13080
CVE-2017-13081
CVE-2017-13087
CVE-2017-13088
CVE-2017-13728
CVE-2017-13729
CVE-2017-13730
CVE-2017-13731
CVE-2017-13732
CVE-2017-13733
CVE-2017-13734
CVE-2017-14604
CVE-2017-2616
CVE-2017-2625
CVE-2017-8105
CVE-2017-8287
CVE-2018-12086
CVE-2018-14779
CVE-2018-14780
CVE-2018-18227
CVE-2018-18511
CVE-2019-11691
CVE-2019-11692
CVE-2019-11693
CVE-2019-11694
CVE-2019-11698
CVE-2019-15681
CVE-2019-15690
CVE-2019-20788
CVE-2019-5798
CVE-2019-7317
CVE-2019-9797
CVE-2019-9800
CVE-2019-9815
CVE-2019-9816
CVE-2019-9817
CVE-2019-9818
CVE-2019-9819
CVE-2019-9820
SUSE-SU-2015:0979-1
SUSE-SU-2016:2345-1
SUSE-SU-2016:3049-1
SUSE-SU-2017:0366-1
SUSE-SU-2017:0554-1
SUSE-SU-2017:2989-1
SUSE-SU-2018:0338-1
SUSE-SU-2018:3587-1
SUSE-SU-2018:3590-1
SUSE-SU-2019:1458-1
SUSE-SU-2020:1164-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Workstation Extension 15
SUSE Linux Enterprise Workstation Extension 15 SP1
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • bash-4.4-lp150.7 is installed
  • OR bash-doc-4.4-lp150.7 is installed
  • OR bash-lang-4.4-lp150.7 is installed
  • OR libreadline7-7.0-lp150.7 is installed
  • OR readline-doc-7.0-lp150.7 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • MozillaThunderbird-60.7.2-lp151.2.7 is installed
  • OR MozillaThunderbird-buildsymbols-60.7.2-lp151.2.7 is installed
  • OR MozillaThunderbird-translations-common-60.7.2-lp151.2.7 is installed
  • OR MozillaThunderbird-translations-other-60.7.2-lp151.2.7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND Package Information
  • MozillaFirefox-10.0.10-0.3 is installed
  • OR MozillaFirefox-translations-10.0.10-0.3 is installed
  • OR mozilla-nspr-4.9.3-0.2 is installed
  • OR mozilla-nspr-32bit-4.9.3-0.2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • MozillaFirefox-31.2.0esr-0.16 is installed
  • OR MozillaFirefox-branding-SLED-31.0-0.10 is installed
  • OR MozillaFirefox-translations-31.2.0esr-0.16 is installed
  • OR libfreebl3-3.17.2-0.8 is installed
  • OR libfreebl3-32bit-3.17.2-0.8 is installed
  • OR libsoftokn3-3.17.2-0.8 is installed
  • OR libsoftokn3-32bit-3.17.2-0.8 is installed
  • OR mozilla-nspr-4.10.7-0.3 is installed
  • OR mozilla-nspr-32bit-4.10.7-0.3 is installed
  • OR mozilla-nss-3.17.2-0.8 is installed
  • OR mozilla-nss-32bit-3.17.2-0.8 is installed
  • OR mozilla-nss-tools-3.17.2-0.8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP4 is installed
  • AND Package Information
  • gcc5-5.3.1+r233831-10 is installed
  • OR libgcc_s1-5.3.1+r233831-10 is installed
  • OR libgcc_s1-32bit-5.3.1+r233831-10 is installed
  • OR libgfortran3-5.3.1+r233831-10 is installed
  • OR libgfortran3-32bit-5.3.1+r233831-10 is installed
  • OR libgomp1-5.3.1+r233831-10 is installed
  • OR libgomp1-32bit-5.3.1+r233831-10 is installed
  • OR libquadmath0-5.3.1+r233831-10 is installed
  • OR libquadmath0-32bit-5.3.1+r233831-10 is installed
  • OR libstdc++6-5.3.1+r233831-10 is installed
  • OR libstdc++6-32bit-5.3.1+r233831-10 is installed
  • OR libstdc++6-locale-5.3.1+r233831-10 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND dnsmasq-2.71-4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • libgcrypt-1.6.1-16.33 is installed
  • OR libgcrypt20-1.6.1-16.33 is installed
  • OR libgcrypt20-32bit-1.6.1-16.33 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • kernel-default-4.4.21-84 is installed
  • OR kernel-default-devel-4.4.21-84 is installed
  • OR kernel-default-extra-4.4.21-84 is installed
  • OR kernel-devel-4.4.21-84 is installed
  • OR kernel-macros-4.4.21-84 is installed
  • OR kernel-source-4.4.21-84 is installed
  • OR kernel-syms-4.4.21-84 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • java-1_8_0-openjdk-1.8.0.151-27.8 is installed
  • OR java-1_8_0-openjdk-headless-1.8.0.151-27.8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • gnome-shell-search-provider-nautilus-3.20.3-23.6 is installed
  • OR libnautilus-extension1-3.20.3-23.6 is installed
  • OR libnautilus-extension1-32bit-3.20.3-23.6 is installed
  • OR nautilus-3.20.3-23.6 is installed
  • OR nautilus-lang-3.20.3-23.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • cyrus-sasl-2.1.26-7 is installed
  • OR cyrus-sasl-32bit-2.1.26-7 is installed
  • OR cyrus-sasl-crammd5-2.1.26-7 is installed
  • OR cyrus-sasl-crammd5-32bit-2.1.26-7 is installed
  • OR cyrus-sasl-digestmd5-2.1.26-7 is installed
  • OR cyrus-sasl-gssapi-2.1.26-7 is installed
  • OR cyrus-sasl-gssapi-32bit-2.1.26-7 is installed
  • OR cyrus-sasl-otp-2.1.26-7 is installed
  • OR cyrus-sasl-otp-32bit-2.1.26-7 is installed
  • OR cyrus-sasl-plain-2.1.26-7 is installed
  • OR cyrus-sasl-plain-32bit-2.1.26-7 is installed
  • OR cyrus-sasl-saslauthd-2.1.26-7 is installed
  • OR cyrus-sasl-sqlauxprop-2.1.26-7 is installed
  • OR cyrus-sasl-sqlauxprop-32bit-2.1.26-7 is installed
  • OR libsasl2-3-2.1.26-7 is installed
  • OR libsasl2-3-32bit-2.1.26-7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • java-1_8_0-openjdk-1.8.0.171-27.19 is installed
  • OR java-1_8_0-openjdk-demo-1.8.0.171-27.19 is installed
  • OR java-1_8_0-openjdk-devel-1.8.0.171-27.19 is installed
  • OR java-1_8_0-openjdk-headless-1.8.0.171-27.19 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • krb5-appl-clients-1.0.3-1 is installed
  • OR krb5-appl-servers-1.0.3-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • libpython2_7-1_0-2.7.13-28.26 is installed
  • OR libpython2_7-1_0-32bit-2.7.13-28.26 is installed
  • OR python-2.7.13-28.26 is installed
  • OR python-32bit-2.7.13-28.26 is installed
  • OR python-base-2.7.13-28.26 is installed
  • OR python-base-32bit-2.7.13-28.26 is installed
  • OR python-curses-2.7.13-28.26 is installed
  • OR python-demo-2.7.13-28.26 is installed
  • OR python-doc-2.7.13-28.26 is installed
  • OR python-doc-pdf-2.7.13-28.26 is installed
  • OR python-gdbm-2.7.13-28.26 is installed
  • OR python-idle-2.7.13-28.26 is installed
  • OR python-tk-2.7.13-28.26 is installed
  • OR python-xml-2.7.13-28.26 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • java-1_7_0-openjdk-1.7.0.181-43.15 is installed
  • OR java-1_7_0-openjdk-demo-1.7.0.181-43.15 is installed
  • OR java-1_7_0-openjdk-devel-1.7.0.181-43.15 is installed
  • OR java-1_7_0-openjdk-headless-1.7.0.181-43.15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_90-92_45-default-7-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_14-7-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • apache2-mod_apparmor-2.8.2-49 is installed
  • OR apparmor-docs-2.8.2-49 is installed
  • OR apparmor-parser-2.8.2-49 is installed
  • OR apparmor-profiles-2.8.2-49 is installed
  • OR apparmor-utils-2.8.2-49 is installed
  • OR libapparmor1-2.8.2-49 is installed
  • OR libapparmor1-32bit-2.8.2-49 is installed
  • OR pam_apparmor-2.8.2-49 is installed
  • OR pam_apparmor-32bit-2.8.2-49 is installed
  • OR perl-apparmor-2.8.2-49 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND binutils-2.32-9.33 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • MozillaFirefox-68.2.0-109.95 is installed
  • OR MozillaFirefox-translations-common-68.2.0-109.95 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • libsolv-0.6.36-2.16 is installed
  • OR libsolv-tools-0.6.36-2.16 is installed
  • OR libzypp-16.20.0-2.39 is installed
  • OR perl-solv-0.6.36-2.16 is installed
  • OR python-solv-0.6.36-2.16 is installed
  • OR zypper-1.13.51-21.26 is installed
  • OR zypper-log-1.13.51-21.26 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libsndfile-1.0.25-36.16 is installed
  • OR libsndfile1-1.0.25-36.16 is installed
  • OR libsndfile1-32bit-1.0.25-36.16 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • evince-3.20.2-6.22 is installed
  • OR evince-browser-plugin-3.20.2-6.22 is installed
  • OR evince-lang-3.20.2-6.22 is installed
  • OR evince-plugin-djvudocument-3.20.2-6.22 is installed
  • OR evince-plugin-dvidocument-3.20.2-6.22 is installed
  • OR evince-plugin-pdfdocument-3.20.2-6.22 is installed
  • OR evince-plugin-psdocument-3.20.2-6.22 is installed
  • OR evince-plugin-tiffdocument-3.20.2-6.22 is installed
  • OR evince-plugin-xpsdocument-3.20.2-6.22 is installed
  • OR libevdocument3-4-3.20.2-6.22 is installed
  • OR libevview3-3-3.20.2-6.22 is installed
  • OR nautilus-evince-3.20.2-6.22 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 is installed
  • AND Package Information
  • MozillaThunderbird-60.7.0-3.33 is installed
  • OR MozillaThunderbird-translations-common-60.7.0-3.33 is installed
  • OR MozillaThunderbird-translations-other-60.7.0-3.33 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP1 is installed
  • AND Package Information
  • LibVNCServer-0.9.10-4.14 is installed
  • OR libvncclient0-0.9.10-4.14 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND Package Information
  • qemu-2.3.1-33.3 is installed
  • OR qemu-block-curl-2.3.1-33.3 is installed
  • OR qemu-block-rbd-2.3.1-33.3 is installed
  • OR qemu-guest-agent-2.3.1-33.3 is installed
  • OR qemu-ipxe-1.0.0-33.3 is installed
  • OR qemu-kvm-2.3.1-33.3 is installed
  • OR qemu-lang-2.3.1-33.3 is installed
  • OR qemu-seabios-1.8.1-33.3 is installed
  • OR qemu-sgabios-8-33.3 is installed
  • OR qemu-tools-2.3.1-33.3 is installed
  • OR qemu-vgabios-1.8.1-33.3 is installed
  • OR qemu-x86-2.3.1-33.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • xen-4.7.5_04-43.33 is installed
  • OR xen-doc-html-4.7.5_04-43.33 is installed
  • OR xen-libs-4.7.5_04-43.33 is installed
  • OR xen-libs-32bit-4.7.5_04-43.33 is installed
  • OR xen-tools-4.7.5_04-43.33 is installed
  • OR xen-tools-domU-4.7.5_04-43.33 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • ibus-1.5.13-15.11 is installed
  • OR ibus-gtk-1.5.13-15.11 is installed
  • OR ibus-gtk3-1.5.13-15.11 is installed
  • OR ibus-lang-1.5.13-15.11 is installed
  • OR libibus-1_0-5-1.5.13-15.11 is installed
  • OR typelib-1_0-IBus-1_0-1.5.13-15.11 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 9 is installed
  • AND python-Django1-1.11.20-3.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND binutils-2.32-9.33 is installed
    • BACK