Oval Definition:oval:org.opensuse.security:def:53820
Revision Date:2020-12-01Version:1
Title:Security update for MozillaThunderbird (Important)
Description:

This update for MozillaThunderbird fixes the following issues:

Mozilla Thunderbird was updated to 60.7.0.

Attachment pane of Write window no longer focussed when attaching files using a keyboard shortcut

These security issues were fixed (MFSA 2019-15 bsc#1135824):

CVE-2019-9815: Disable hyperthreading on content JavaScript threads on macOS * CVE-2019-9816: Type confusion with object groups and UnboxedObjects * CVE-2019-9817: Stealing of cross-domain images using canvas * CVE-2019-9818: Use-after-free in crash generation server * CVE-2019-9819: Compartment mismatch with fetch API * CVE-2019-9820: Use-after-free of ChromeEventHandler by DocShell * CVE-2019-11691: Use-after-free in XMLHttpRequest * CVE-2019-11692: Use-after-free removing listeners in the event listener manager * CVE-2019-11693: Buffer overflow in WebGL bufferdata on Linux * CVE-2019-7317: Use-after-free in png_image_free of libpng library * CVE-2019-9797: Cross-origin theft of images with createImageBitmap * CVE-2018-18511: Cross-origin theft of images with ImageBitmapRenderingContext * CVE-2019-11694: (Windows only) Uninitialized memory memory leakage in Windows sandbox * CVE-2019-11698: Theft of user history data through drag and drop of hyperlinks to and from bookmarks * CVE-2019-5798: Out-of-bounds read in Skia * CVE-2019-9800: Memory safety bugs fixed in Firefox 67 and Firefox ESR 60.7
Family:unixClass:patch
Status:Reference(s):1022703
1024051
1028655
1029827
1030144
1034843
1034844
1034994
1036146
1044000
1044002
1044006
1044008
1044009
1044077
1044122
1044970
1077724
1077725
1077978
1077983
1082060
1082290
1082484
1099257
1113094
1113672
1130694
1133267
1135824
1173477
870151
907257
921999
927806
927807
927808
939523
960996
962743
984650
CVE-2008-4225
CVE-2008-4226
CVE-2008-4409
CVE-2012-5134
CVE-2014-8439
CVE-2015-0295
CVE-2015-1858
CVE-2015-1859
CVE-2015-1860
CVE-2015-4871
CVE-2015-7575
CVE-2015-8126
CVE-2015-8472
CVE-2016-0402
CVE-2016-0448
CVE-2016-0466
CVE-2016-0483
CVE-2016-0494
CVE-2016-1372
CVE-2016-1762
CVE-2016-1833
CVE-2016-1834
CVE-2016-1835
CVE-2016-1836
CVE-2016-1837
CVE-2016-1838
CVE-2016-1839
CVE-2016-1840
CVE-2016-3627
CVE-2016-3705
CVE-2016-4483
CVE-2016-6153
CVE-2016-9603
CVE-2017-14731
CVE-2017-17969
CVE-2017-18922
CVE-2017-2816
CVE-2017-2920
CVE-2017-5838
CVE-2017-7718
CVE-2017-9122
CVE-2017-9123
CVE-2017-9124
CVE-2017-9125
CVE-2017-9126
CVE-2017-9127
CVE-2017-9128
CVE-2018-1000223
CVE-2018-1053
CVE-2018-12900
CVE-2018-18511
CVE-2018-18557
CVE-2018-18661
CVE-2018-5996
CVE-2018-7409
CVE-2018-7485
CVE-2019-11691
CVE-2019-11692
CVE-2019-11693
CVE-2019-11694
CVE-2019-11698
CVE-2019-5798
CVE-2019-7317
CVE-2019-9797
CVE-2019-9800
CVE-2019-9815
CVE-2019-9816
CVE-2019-9817
CVE-2019-9818
CVE-2019-9819
CVE-2019-9820
SUSE-SU-2015:1383-1
SUSE-SU-2016:0265-1
SUSE-SU-2017:0967-1
SUSE-SU-2017:1143-1
SUSE-SU-2017:1769-1
SUSE-SU-2018:0464-1
SUSE-SU-2018:0507-1
SUSE-SU-2018:1832-1
SUSE-SU-2018:3911-1
SUSE-SU-2019:1458-1
SUSE-SU-2020:1873-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Workstation Extension 15 SP1
SUSE Linux Enterprise Workstation Extension 15 SP2
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • elfutils-0.168-lp150.2 is installed
  • OR elfutils-lang-0.168-lp150.2 is installed
  • OR libasm1-0.168-lp150.2 is installed
  • OR libdw1-0.168-lp150.2 is installed
  • OR libdw1-32bit-0.168-lp150.2 is installed
  • OR libebl-plugins-0.168-lp150.2 is installed
  • OR libebl-plugins-32bit-0.168-lp150.2 is installed
  • OR libelf1-0.168-lp150.2 is installed
  • OR libelf1-32bit-0.168-lp150.2 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • exim-4.88-lp151.4.6 is installed
  • OR eximon-4.88-lp151.4.6 is installed
  • OR eximstats-html-4.88-lp151.4.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND Package Information
  • ghostscript-fonts-other-8.62-32.34 is installed
  • OR ghostscript-fonts-rus-8.62-32.34 is installed
  • OR ghostscript-fonts-std-8.62-32.34 is installed
  • OR ghostscript-library-8.62-32.34 is installed
  • OR ghostscript-omni-8.62-32.34 is installed
  • OR ghostscript-x11-8.62-32.34 is installed
  • OR libgimpprint-4.2.7-32.34 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND kdirstat-2.4.4-255.28 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP4 is installed
  • AND Package Information
  • xen-4.4.2_12-23 is installed
  • OR xen-doc-html-4.4.2_12-23 is installed
  • OR xen-kmp-default-4.4.2_12_3.0.101_63-23 is installed
  • OR xen-kmp-pae-4.4.2_12_3.0.101_63-23 is installed
  • OR xen-libs-4.4.2_12-23 is installed
  • OR xen-libs-32bit-4.4.2_12-23 is installed
  • OR xen-tools-4.4.2_12-23 is installed
  • OR xen-tools-domU-4.4.2_12-23 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • flash-player-11.2.202.424-15 is installed
  • OR flash-player-gnome-11.2.202.424-15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • java-1_7_0-openjdk-1.7.0.95-24 is installed
  • OR java-1_7_0-openjdk-headless-1.7.0.95-24 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • libquicktime-1.2.4-13 is installed
  • OR libquicktime0-1.2.4-13 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • unixODBC-2.3.6-7.9 is installed
  • OR unixODBC-32bit-2.3.6-7.9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • libSoundTouch0-1.7.1-5.3 is installed
  • OR libSoundTouch0-32bit-1.7.1-5.3 is installed
  • OR soundtouch-1.7.1-5.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • apache2-2.4.16-5 is installed
  • OR apache2-doc-2.4.16-5 is installed
  • OR apache2-example-pages-2.4.16-5 is installed
  • OR apache2-prefork-2.4.16-5 is installed
  • OR apache2-utils-2.4.16-5 is installed
  • OR apache2-worker-2.4.16-5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND sudo-1.8.10p3-2.16 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • libgssglue1-0.4-3 is installed
  • OR libgssglue1-32bit-0.4-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • libopenssl-devel-1.0.2j-60.55 is installed
  • OR libopenssl1_0_0-1.0.2j-60.55 is installed
  • OR libopenssl1_0_0-32bit-1.0.2j-60.55 is installed
  • OR libopenssl1_0_0-hmac-1.0.2j-60.55 is installed
  • OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.55 is installed
  • OR openssl-1.0.2j-60.55 is installed
  • OR openssl-doc-1.0.2j-60.55 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_121-92_80-default-6-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_22-6-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • perl-5.18.2-12.14 is installed
  • OR perl-32bit-5.18.2-12.14 is installed
  • OR perl-base-5.18.2-12.14 is installed
  • OR perl-doc-5.18.2-12.14 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND clamav-0.99.2-32 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • MozillaFirefox-68.5.0-109.106 is installed
  • OR MozillaFirefox-translations-common-68.5.0-109.106 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • java-1_8_0-ibm-1.8.0_sr6.0-30.60 is installed
  • OR java-1_8_0-ibm-alsa-1.8.0_sr6.0-30.60 is installed
  • OR java-1_8_0-ibm-plugin-1.8.0_sr6.0-30.60 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • evince-3.20.2-6.27 is installed
  • OR evince-browser-plugin-3.20.2-6.27 is installed
  • OR evince-lang-3.20.2-6.27 is installed
  • OR evince-plugin-djvudocument-3.20.2-6.27 is installed
  • OR evince-plugin-dvidocument-3.20.2-6.27 is installed
  • OR evince-plugin-pdfdocument-3.20.2-6.27 is installed
  • OR evince-plugin-psdocument-3.20.2-6.27 is installed
  • OR evince-plugin-tiffdocument-3.20.2-6.27 is installed
  • OR evince-plugin-xpsdocument-3.20.2-6.27 is installed
  • OR libevdocument3-4-3.20.2-6.27 is installed
  • OR libevview3-3-3.20.2-6.27 is installed
  • OR nautilus-evince-3.20.2-6.27 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libkpathsea6-6.2.0dev-22.3 is installed
  • OR texlive-2013.20130620-22.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • coreutils-8.25-13.7 is installed
  • OR coreutils-lang-8.25-13.7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP1 is installed
  • AND Package Information
  • MozillaThunderbird-60.7.0-3.33 is installed
  • OR MozillaThunderbird-translations-common-60.7.0-3.33 is installed
  • OR MozillaThunderbird-translations-other-60.7.0-3.33 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP2 is installed
  • AND Package Information
  • LibVNCServer-0.9.10-4.19 is installed
  • OR libvncclient0-0.9.10-4.19 is installed
  • OR libvncserver0-0.9.10-4.19 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND python-requests-2.8.1-6.9 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • cups-filters-1.0.58-15.2 is installed
  • OR cups-filters-cups-browsed-1.0.58-15.2 is installed
  • OR cups-filters-foomatic-rip-1.0.58-15.2 is installed
  • OR cups-filters-ghostscript-1.0.58-15.2 is installed
  • OR libqpdf18-7.1.1-3.3 is installed
  • OR qpdf-7.1.1-3.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • ardana-ansible-8.0+git.1583432621.24fa60e-3.70 is installed
  • OR ardana-barbican-8.0+git.1585152761.8ef3d61-4.33 is installed
  • OR ardana-db-8.0+git.1583944923.03cca6c-3.31 is installed
  • OR ardana-monasca-8.0+git.1583944894.38f023a-3.24 is installed
  • OR ardana-mq-8.0+git.1583944811.dc14403-3.19 is installed
  • OR ardana-neutron-8.0+git.1584715262.e4ea620-3.39 is installed
  • OR ardana-octavia-8.0+git.1585171918.418f5cf-3.26 is installed
  • OR ardana-tempest-8.0+git.1585311051.6ab5488-3.33 is installed
  • OR documentation-suse-openstack-cloud-installation-8.20200319-1.23 is installed
  • OR documentation-suse-openstack-cloud-operations-8.20200319-1.23 is installed
  • OR documentation-suse-openstack-cloud-opsconsole-8.20200319-1.23 is installed
  • OR documentation-suse-openstack-cloud-planning-8.20200319-1.23 is installed
  • OR documentation-suse-openstack-cloud-security-8.20200319-1.23 is installed
  • OR documentation-suse-openstack-cloud-supplement-8.20200319-1.23 is installed
  • OR documentation-suse-openstack-cloud-upstream-admin-8.20200319-1.23 is installed
  • OR documentation-suse-openstack-cloud-upstream-user-8.20200319-1.23 is installed
  • OR documentation-suse-openstack-cloud-user-8.20200319-1.23 is installed
  • OR memcached-1.5.17-3.3 is installed
  • OR openstack-manila-5.1.1~dev5-3.26 is installed
  • OR openstack-manila-api-5.1.1~dev5-3.26 is installed
  • OR openstack-manila-data-5.1.1~dev5-3.26 is installed
  • OR openstack-manila-doc-5.1.1~dev5-3.26 is installed
  • OR openstack-manila-scheduler-5.1.1~dev5-3.26 is installed
  • OR openstack-manila-share-5.1.1~dev5-3.26 is installed
  • OR openstack-neutron-11.0.9~dev63-3.30 is installed
  • OR openstack-neutron-dhcp-agent-11.0.9~dev63-3.30 is installed
  • OR openstack-neutron-doc-11.0.9~dev63-3.30 is installed
  • OR openstack-neutron-ha-tool-11.0.9~dev63-3.30 is installed
  • OR openstack-neutron-l3-agent-11.0.9~dev63-3.30 is installed
  • OR openstack-neutron-linuxbridge-agent-11.0.9~dev63-3.30 is installed
  • OR openstack-neutron-macvtap-agent-11.0.9~dev63-3.30 is installed
  • OR openstack-neutron-metadata-agent-11.0.9~dev63-3.30 is installed
  • OR openstack-neutron-metering-agent-11.0.9~dev63-3.30 is installed
  • OR openstack-neutron-openvswitch-agent-11.0.9~dev63-3.30 is installed
  • OR openstack-neutron-server-11.0.9~dev63-3.30 is installed
  • OR openstack-nova-16.1.9~dev61-3.35 is installed
  • OR openstack-nova-api-16.1.9~dev61-3.35 is installed
  • OR openstack-nova-cells-16.1.9~dev61-3.35 is installed
  • OR openstack-nova-compute-16.1.9~dev61-3.35 is installed
  • OR openstack-nova-conductor-16.1.9~dev61-3.35 is installed
  • OR openstack-nova-console-16.1.9~dev61-3.35 is installed
  • OR openstack-nova-consoleauth-16.1.9~dev61-3.35 is installed
  • OR openstack-nova-doc-16.1.9~dev61-3.35 is installed
  • OR openstack-nova-novncproxy-16.1.9~dev61-3.35 is installed
  • OR openstack-nova-placement-api-16.1.9~dev61-3.35 is installed
  • OR openstack-nova-scheduler-16.1.9~dev61-3.35 is installed
  • OR openstack-nova-serialproxy-16.1.9~dev61-3.35 is installed
  • OR openstack-nova-vncproxy-16.1.9~dev61-3.35 is installed
  • OR pdns-4.1.2-3.6 is installed
  • OR pdns-backend-mysql-4.1.2-3.6 is installed
  • OR python-amqp-2.4.2-3.9 is installed
  • OR python-manila-5.1.1~dev5-3.26 is installed
  • OR python-neutron-11.0.9~dev63-3.30 is installed
  • OR python-nova-16.1.9~dev61-3.35 is installed
  • OR venv-openstack-aodh-5.1.1~dev7-12.24 is installed
  • OR venv-openstack-aodh-x86_64-5.1.1~dev7-12.24 is installed
  • OR venv-openstack-barbican-5.0.2~dev3-12.25 is installed
  • OR venv-openstack-barbican-x86_64-5.0.2~dev3-12.25 is installed
  • OR venv-openstack-ceilometer-9.0.8~dev7-12.22 is installed
  • OR venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.22 is installed
  • OR venv-openstack-cinder-11.2.3~dev23-14.25 is installed
  • OR venv-openstack-cinder-x86_64-11.2.3~dev23-14.25 is installed
  • OR venv-openstack-designate-5.0.3~dev7-12.23 is installed
  • OR venv-openstack-designate-x86_64-5.0.3~dev7-12.23 is installed
  • OR venv-openstack-freezer-5.0.0.0~xrc2~dev2-10.20 is installed
  • OR venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.20 is installed
  • OR venv-openstack-glance-15.0.3~dev3-12.23 is installed
  • OR venv-openstack-glance-x86_64-15.0.3~dev3-12.23 is installed
  • OR venv-openstack-heat-9.0.8~dev22-12.25 is installed
  • OR venv-openstack-heat-x86_64-9.0.8~dev22-12.25 is installed
  • OR venv-openstack-ironic-9.1.8~dev8-12.25 is installed
  • OR venv-openstack-ironic-x86_64-9.1.8~dev8-12.25 is installed
  • OR venv-openstack-keystone-12.0.4~dev5-11.26 is installed
  • OR venv-openstack-keystone-x86_64-12.0.4~dev5-11.26 is installed
  • OR venv-openstack-magnum-5.0.2_5.0.2_5.0.2~dev31-11.24 is installed
  • OR venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.24 is installed
  • OR venv-openstack-manila-5.1.1~dev5-12.29 is installed
  • OR venv-openstack-manila-x86_64-5.1.1~dev5-12.29 is installed
  • OR venv-openstack-monasca-ceilometer-1.5.1_1.5.1_1.5.1~dev3-8.20 is installed
  • OR venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.20 is installed
  • OR venv-openstack-murano-4.0.2~dev2-12.20 is installed
  • OR venv-openstack-murano-x86_64-4.0.2~dev2-12.20 is installed
  • OR venv-openstack-neutron-11.0.9~dev63-13.28 is installed
  • OR venv-openstack-neutron-x86_64-11.0.9~dev63-13.28 is installed
  • OR venv-openstack-nova-16.1.9~dev61-11.26 is installed
  • OR venv-openstack-nova-x86_64-16.1.9~dev61-11.26 is installed
  • OR venv-openstack-octavia-1.0.6~dev3-12.25 is installed
  • OR venv-openstack-octavia-x86_64-1.0.6~dev3-12.25 is installed
  • OR venv-openstack-sahara-7.0.5~dev4-11.24 is installed
  • OR venv-openstack-sahara-x86_64-7.0.5~dev4-11.24 is installed
  • OR venv-openstack-trove-8.0.2~dev2-11.24 is installed
  • OR venv-openstack-trove-x86_64-8.0.2~dev2-11.24 is installed
  • OR zookeeper-3.4.10-3.6 is installed
  • OR zookeeper-server-3.4.10-3.6 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND python-Django-1.11.23-3.12 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND nodejs6-6.17.1-11.30 is installed
    • BACK