Lucene search

K
suseSuseOPENSUSE-SU-2017:3434-1
HistoryDec 25, 2017 - 3:07 a.m.

Security update for Mozilla Thunderbird (important)

2017-12-2503:07:48
lists.opensuse.org
59

0.012 Low

EPSS

Percentile

85.2%

This update for Mozilla Thunderbird to version 52.5.2 fixes the following
vulnerabilities:

  • CVE-2017-7846: JavaScript Execution via RSS in mailbox:// origin
    (bsc#1074043)
  • CVE-2017-7847: Local path string can be leaked from RSS feed
    (bsc#1074044)
  • CVE-2017-7848: RSS Feed vulnerable to new line Injection (bsc#1074045)
  • CVE-2017-7829: From address with encoded null character is cut off in
    message header display (bsc#1074046)