SUSE-SU-2020:2179-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2020:2179-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2020:2179-1
- Related
- Published
- 2020-08-10T08:06:37Z
- Modified
- 2020-08-10T08:06:37Z
- Summary
- Security update for MozillaThunderbird
- Details
-
This update for MozillaThunderbird fixes the following issues:
- Updated to Mozilla Thunderbird 68.11:
- Fixed various security issues (MFSA-2020-35, bsc#1174538).
- Fixed CVE-2020-15652: Potential leak of redirect targets when loading scripts in a worker (bsc#1174538).
- Fixed CVE-2020-6514: WebRTC data channel leaks internal address to peer (bsc#1174538).
- Fixed CVE-2020-6463: Use-after-free in ANGLE gl::Texture::onUnbindAsSamplerTexture (bsc#1174538).
- Fixed CVE-2020-15659: Memory safety bugs fixed in Thunderbird 68.11 (bsc#1174538).
- Fixed a bug with FileLink attachments included as a link and file when added from a network drive via drag & drop (bmo#793118).
- Updated to Mozilla Thunderbird 68.11:
- References
-
- https://www.suse.com/support/update/announcement/2020/suse-su-20202179-1/
- https://bugzilla.suse.com/1174538
- https://www.suse.com/security/cve/CVE-2020-15652
- https://www.suse.com/security/cve/CVE-2020-15659
- https://www.suse.com/security/cve/CVE-2020-6463
- https://www.suse.com/security/cve/CVE-2020-6514
Affected packages
SUSE:Linux Enterprise Workstation Extension 15 SP1 / MozillaThunderbird
Package
- Name
- MozillaThunderbird
- Purl
- purl:rpm/suse/MozillaThunderbird&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP1