Lucene search

K
suseSuseOPENSUSE-SU-2020:1179-1
HistoryAug 11, 2020 - 12:00 a.m.

Security update for MozillaThunderbird (important)

2020-08-1100:00:00
lists.opensuse.org
57
mozillathunderbird
security update
vulnerabilities
fix
webrtc
cve-2020-15652
cve-2020-6514
cve-2020-6463
mfsa-2020-35
memory safety bugs
suse
opensuse leap

EPSS

0.006

Percentile

79.3%

An update that fixes four vulnerabilities is now available.

Description:

This update for MozillaThunderbird fixes the following issues:

  • Updated to Mozilla Thunderbird 68.11:
    • Fixed various security issues (MFSA-2020-35, bsc#1174538).
    • Fixed CVE-2020-15652: Potential leak of redirect targets when loading
      scripts in a worker (bsc#1174538).
    • Fixed CVE-2020-6514: WebRTC data channel leaks internal address to
      peer (bsc#1174538).
    • Fixed CVE-2020-6463: Use-after-free in ANGLE
      gl::Texture::onUnbindAsSamplerTexture (bsc#1174538).
    • Fixed CVE-2020-15659: Memory safety bugs fixed in Thunderbird 68.11
      (bsc#1174538).
    • Fixed a bug with FileLink attachments included as a link and file when
      added from a network drive via drag & drop (bmo#793118).

This update was imported from the SUSE:SLE-15:Update update project.

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.

Alternatively you can run the command listed for your product:

  • openSUSE Leap 15.1:

    zypper in -t patch openSUSE-2020-1179=1

OSVersionArchitecturePackageVersionFilename
openSUSE Leap15.1x86_64< - openSUSE Leap 15.1 (x86_64):- openSUSE Leap 15.1 (x86_64):.x86_64.rpm