Oval Definition:	oval:org.opensuse.security:def:53852
Revision Date: 2020-12-01 Version: 1 Title: Security update for MozillaThunderbird (Important) Description: This update for MozillaThunderbird fixes the following issues: - Update to 68.8.0 ESR MFSA 2020-18 (bsc#1171186) * CVE-2020-12397 (bmo#1617370) Sender Email Address Spoofing using encoded Unicode characters * CVE-2020-12387 (bmo#1545345) Use-after-free during worker shutdown * CVE-2020-6831 (bmo#1632241) Buffer overflow in SCTP chunk input validation * CVE-2020-12392 (bmo#1614468) Arbitrary local file access with 'Copy as cURL' * CVE-2020-12393 (bmo#1615471) Devtools' 'Copy as cURL' feature did not fully escape website-controlled data, potentially leading to command injection * CVE-2020-12395 (bmo#1595886, bmo#1611482, bmo#1614704, bmo#1624098, bmo#1625749, bmo#1626382, bmo#1628076, bmo#1631508) Memory safety bugs fixed in Thunderbird 68.8.0 Family: unix Class: patch Status: Reference(s): 1024287 1024292 1024294 1033054 1033914 1033915 1036943 1036944 1036945 1036946 1038856 1042948 1049373 1051412 1051643 1051644 1052252 1052771 1052916 1058082 1072902 1074122 1074425 1074610 1077080 1082692 1083302 1083303 1086036 1100097 1171186 923240 944208 944209 983273 CVE-2009-0035 CVE-2010-0624 CVE-2010-2891 CVE-2011-0421 CVE-2012-1162 CVE-2012-1163 CVE-2014-6272 CVE-2015-2331 CVE-2015-5234 CVE-2015-5235 CVE-2015-8899 CVE-2016-10195 CVE-2016-10196 CVE-2016-10197 CVE-2016-6321 CVE-2017-1000100 CVE-2017-1000101 CVE-2017-1000445 CVE-2017-1000476 CVE-2017-11449 CVE-2017-11751 CVE-2017-12430 CVE-2017-12642 CVE-2017-14107 CVE-2017-14249 CVE-2017-17680 CVE-2017-17882 CVE-2017-17997 CVE-2017-2581 CVE-2017-2586 CVE-2017-2587 CVE-2017-2885 CVE-2017-7585 CVE-2017-7741 CVE-2017-7742 CVE-2017-8361 CVE-2017-8362 CVE-2017-8363 CVE-2017-8365 CVE-2017-9409 CVE-2018-12910 CVE-2018-5732 CVE-2018-5733 CVE-2018-7320 CVE-2018-7321 CVE-2018-7322 CVE-2018-7323 CVE-2018-7324 CVE-2018-7325 CVE-2018-7326 CVE-2018-7327 CVE-2018-7328 CVE-2018-7329 CVE-2018-7330 CVE-2018-7331 CVE-2018-7332 CVE-2018-7333 CVE-2018-7334 CVE-2018-7335 CVE-2018-7336 CVE-2018-7337 CVE-2018-7417 CVE-2018-7418 CVE-2018-7419 CVE-2018-7420 CVE-2018-7421 CVE-2020-12387 CVE-2020-12392 CVE-2020-12393 CVE-2020-12395 CVE-2020-12397 CVE-2020-6831 SUSE-SU-2015:0668-1 SUSE-SU-2015:1682-1 SUSE-SU-2016:3269-1 SUSE-SU-2017:1367-1 SUSE-SU-2017:1603-1 SUSE-SU-2017:2174-1 SUSE-SU-2018:0055-1 SUSE-SU-2018:0811-1 SUSE-SU-2018:0812-1 SUSE-SU-2018:2204-1 SUSE-SU-2020:1225-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND cifs-utils-6.5-lp150.1 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND tcpdump-4.9.2-lp151.4.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information MozillaFirefox-17.0.10esr-0.4.2 is installed OR MozillaFirefox-branding-SLED-7-0.6.9 is installed OR MozillaFirefox-translations-17.0.10esr-0.4.2 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information libmysql55client18-5.5.39-0.7 is installed OR libmysql55client18-32bit-5.5.39-0.7 is installed OR libmysql55client_r18-5.5.39-0.7 is installed OR libmysql55client_r18-32bit-5.5.39-0.7 is installed OR libmysqlclient15-5.0.96-0.6 is installed OR libmysqlclient15-32bit-5.0.96-0.6 is installed OR libmysqlclient_r15-5.0.96-0.6 is installed OR libmysqlclient_r15-32bit-5.0.96-0.6 is installed OR mysql-5.5.39-0.7 is installed OR mysql-client-5.5.39-0.7 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND dhcpcd-3.2.3-45.5 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information alsa-1.0.27.2-11 is installed OR libasound2-1.0.27.2-11 is installed OR libasound2-32bit-1.0.27.2-11 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND dnsmasq-2.71-13 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information curl-7.37.0-37.3 is installed OR libcurl4-7.37.0-37.3 is installed OR libcurl4-32bit-7.37.0-37.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information libsoup-2.62.2-5.7 is installed OR libsoup-2_4-1-2.62.2-5.7 is installed OR libsoup-2_4-1-32bit-2.62.2-5.7 is installed OR libsoup-lang-2.62.2-5.7 is installed OR typelib-1_0-Soup-2_4-2.62.2-5.7 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND libevent-2_0-5-2.0.21-6.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information dovecot22-2.2.13-2 is installed OR dovecot22-backend-mysql-2.2.13-2 is installed OR dovecot22-backend-pgsql-2.2.13-2 is installed OR dovecot22-backend-sqlite-2.2.13-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND sudo-1.8.10p3-2.16 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND libotr5-4.0.0-9 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information strongswan-5.1.3-26.13 is installed OR strongswan-doc-5.1.3-26.13 is installed OR strongswan-hmac-5.1.3-26.13 is installed OR strongswan-ipsec-5.1.3-26.13 is installed OR strongswan-libs0-5.1.3-26.13 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.25-38.23 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.25-38.23 is installed OR java-1_7_1-ibm-devel-1.7.1_sr4.25-38.23 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.25-38.23 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.25-38.23 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_103-92_53-default-8-2 is installed OR kgraft-patch-SLE12-SP2_Update_16-8-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information fetchmail-6.3.26-12 is installed OR fetchmailconf-6.3.26-12 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information libecpg6-10.9-1.12 is installed OR libpq5-10.9-1.12 is installed OR libpq5-32bit-10.9-1.12 is installed OR postgresql10-10.9-1.12 is installed OR postgresql10-contrib-10.9-1.12 is installed OR postgresql10-docs-10.9-1.12 is installed OR postgresql10-libs-10.9-1.12 is installed OR postgresql10-plperl-10.9-1.12 is installed OR postgresql10-plpython-10.9-1.12 is installed OR postgresql10-pltcl-10.9-1.12 is installed OR postgresql10-server-10.9-1.12 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_140-94_42-default-10-2 is installed OR kgraft-patch-SLE12-SP3_Update_15-10-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libkpathsea6-6.2.0dev-22.3 is installed OR texlive-2013.20130620-22.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information apache2-mod_apparmor-2.8.2-49 is installed OR apparmor-docs-2.8.2-49 is installed OR apparmor-parser-2.8.2-49 is installed OR apparmor-profiles-2.8.2-49 is installed OR apparmor-utils-2.8.2-49 is installed OR libapparmor1-2.8.2-49 is installed OR libapparmor1-32bit-2.8.2-49 is installed OR pam_apparmor-2.8.2-49 is installed OR pam_apparmor-32bit-2.8.2-49 is installed OR perl-apparmor-2.8.2-49 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND Package Information MozillaThunderbird-68.8.0-3.80 is installed OR MozillaThunderbird-translations-common-68.8.0-3.80 is installed OR MozillaThunderbird-translations-other-68.8.0-3.80 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND sudo-1.8.10p3-2.19 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information erlang-17.5.6-3.3 is installed OR erlang-epmd-17.5.6-3.3 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information java-1_8_0-openjdk-1.8.0.222-27.35 is installed OR java-1_8_0-openjdk-demo-1.8.0.222-27.35 is installed OR java-1_8_0-openjdk-devel-1.8.0.222-27.35 is installed OR java-1_8_0-openjdk-headless-1.8.0.222-27.35 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information libseccomp-2.4.1-11.3 is installed OR libseccomp2-2.4.1-11.3 is installed OR libseccomp2-32bit-2.4.1-11.3 is installed
BACK