Security update for Mozilla Thunderbird (important)

ID OPENSUSE-SU-2017:3433-1
Type suse
Reporter Suse
Modified 2017-12-25T03:07:13


This update for Mozilla Thunderbird to version 52.5.2 fixes the following vulnerabilities:

  • CVE-2017-7846: JavaScript Execution via RSS in mailbox:// origin (bsc#1074043)
  • CVE-2017-7847: Local path string can be leaked from RSS feed (bsc#1074044)
  • CVE-2017-7848: RSS Feed vulnerable to new line Injection (bsc#1074045)
  • CVE-2017-7829: From address with encoded null character is cut off in message header display (bsc#1074046)