Oval Definition:oval:org.opensuse.security:def:95365
Revision Date:2022-05-17Version:1
Title:Security update for MozillaThunderbird (Important)
Description:

This update for MozillaThunderbird fixes the following issues:

Various security fixes MFSA 2022-18 (bsc#1198970):

- CVE-2022-1520: Incorrect security status shown after viewing an attached email (bmo#1745019). - CVE-2022-29914: Fullscreen notification bypass using popups (bmo#1746448). - CVE-2022-29909: Bypassing permission prompt in nested browsing contexts (bmo#1755081). - CVE-2022-29916: Leaking browser history with CSS variables (bmo#1760674). - CVE-2022-29911: iframe sandbox bypass (bmo#1761981). - CVE-2022-29912: Reader mode bypassed SameSite cookies (bmo#1692655). - CVE-2022-29913: Speech Synthesis feature not properly disabled (bmo#1764778). - CVE-2022-29917: Memory safety bugs fixed in Thunderbird 91.9 (bmo#1684739, bmo#1706441, bmo#1753298, bmo#1762614, bmo#1762620).
Family:unixClass:patch
Status:Reference(s):1189521
1198970
CVE-2021-3712
CVE-2022-1520
CVE-2022-29909
CVE-2022-29911
CVE-2022-29912
CVE-2022-29913
CVE-2022-29914
CVE-2022-29916
CVE-2022-29917
SUSE-SU-2022:1719-1
Platform(s):SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2
SUSE Linux Enterprise Module for Package Hub 15 SP4
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Package Hub 15 SP4 is installed
  • AND Package Information
  • MozillaThunderbird-91.9.0-150200.8.68.2 is installed
  • OR MozillaThunderbird-translations-common-91.9.0-150200.8.68.2 is installed
  • OR MozillaThunderbird-translations-other-91.9.0-150200.8.68.2 is installed
    • BACK