Oval Definition:oval:org.opensuse.security:def:95422
Revision Date:2022-05-17Version:1
Title:Security update for MozillaThunderbird (Important)
Description:

This update for MozillaThunderbird fixes the following issues:

Various security fixes MFSA 2022-18 (bsc#1198970):

- CVE-2022-1520: Incorrect security status shown after viewing an attached email (bmo#1745019). - CVE-2022-29914: Fullscreen notification bypass using popups (bmo#1746448). - CVE-2022-29909: Bypassing permission prompt in nested browsing contexts (bmo#1755081). - CVE-2022-29916: Leaking browser history with CSS variables (bmo#1760674). - CVE-2022-29911: iframe sandbox bypass (bmo#1761981). - CVE-2022-29912: Reader mode bypassed SameSite cookies (bmo#1692655). - CVE-2022-29913: Speech Synthesis feature not properly disabled (bmo#1764778). - CVE-2022-29917: Memory safety bugs fixed in Thunderbird 91.9 (bmo#1684739, bmo#1706441, bmo#1753298, bmo#1762614, bmo#1762620).
Family:unixClass:patch
Status:Reference(s):1173646
1180914
1183709
1198970
CVE-2020-14312
CVE-2021-3448
CVE-2022-1520
CVE-2022-29909
CVE-2022-29911
CVE-2022-29912
CVE-2022-29913
CVE-2022-29914
CVE-2022-29916
CVE-2022-29917
SUSE-SU-2022:1719-1
Platform(s):SUSE Linux Enterprise Desktop 15 SP4
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2
SUSE Linux Enterprise Server 15 SP4
SUSE Linux Enterprise Server for SAP Applications 15 SP4
SUSE Linux Enterprise Workstation Extension 15 SP4
Product(s):
Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 15 SP4 is installed
  • OR SUSE Linux Enterprise Server 15 SP4 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP4 is installed
  • OR SUSE Linux Enterprise Workstation Extension 15 SP4 is installed
  • AND Package Information
  • MozillaThunderbird-91.9.0-150200.8.68.2 is installed
  • OR MozillaThunderbird-translations-common-91.9.0-150200.8.68.2 is installed
  • OR MozillaThunderbird-translations-other-91.9.0-150200.8.68.2 is installed
    • BACK