Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
suseSuseSUSE-SU-2022:2062-1
HistoryJun 13, 2022 - 12:00 a.m.

Security update for MozillaThunderbird (important)

2022-06-1300:00:00
lists.opensuse.org
18
JSON

An update that fixes 11 vulnerabilities is now available.

Description:

This update for MozillaThunderbird fixes the following issues:

Update to Mozilla Thunderbird 91.9.1

MFSA 2022-19 (bsc#1199768):

  • CVE-2022-1802: Prototype pollution in Top-Level Await implementation
    (bmo#1770137).
  • CVE-2022-1529: Untrusted input used in JavaScript object indexing,
    leading to prototype pollution (bmo#1770048).

Update to Mozilla Thunderbird 91.10

MFSA 2022-22 (bsc#1200027):

  • CVE-2022-31736: Cross-Origin resource’s length leaked (bmo#1735923)
  • CVE-2022-31737: Heap buffer overflow in WebGL (bmo#1743767)
  • CVE-2022-31738: Browser window spoof using fullscreen mode (bmo#1756388)
  • CVE-2022-31739: Attacker-influenced path traversal when saving
    downloaded files (bmo#1765049)
  • CVE-2022-31740: Register allocation problem in WASM on arm64
    (bmo#1766806)
  • CVE-2022-31741: Uninitialized variable leads to invalid memory read
    (bmo#1767590)
  • CVE-2022-1834: Braille space character caused incorrect sender email to
    be shown for a digitally signed email (bmo#1767816)
  • CVE-2022-31742: Querying a WebAuthn token with a large number of
    allowCredential entries may have leaked cross-origin information
    (bmo#1730434)
  • CVE-2022-31747: Memory safety bugs fixed in Thunderbird 91.10
    (bmo#1760765, bmo#1765610, bmo#1766283, bmo#1767365, bmo#1768559,
    bmo#1768734)

Patch Instructions:

To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.

Alternatively you can run the command listed for your product:

  • openSUSE Leap 15.4:

    zypper in -t patch openSUSE-SLE-15.4-2022-2062=1

  • openSUSE Leap 15.3:

    zypper in -t patch openSUSE-SLE-15.3-2022-2062=1

  • SUSE Linux Enterprise Workstation Extension 15-SP4:

    zypper in -t patch SUSE-SLE-Product-WE-15-SP4-2022-2062=1

  • SUSE Linux Enterprise Workstation Extension 15-SP3:

    zypper in -t patch SUSE-SLE-Product-WE-15-SP3-2022-2062=1

  • SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4:

    zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2022-2062=1

  • SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3:

    zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-2062=1

OSVersionArchitecturePackageVersionFilename
openSUSE Leap15.4aarch64< - openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):.aarch64.rpm
openSUSE Leap15.4ppc64le< - openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):.ppc64le.rpm
openSUSE Leap15.4s390x< - openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):.s390x.rpm
openSUSE Leap15.4x86_64< - openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):.x86_64.rpm
openSUSE Leap15.3aarch64< - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):.aarch64.rpm
openSUSE Leap15.3ppc64le< - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):.ppc64le.rpm
openSUSE Leap15.3s390x< - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):.s390x.rpm
openSUSE Leap15.3x86_64< - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):.x86_64.rpm
SUSE Linux Enterprise Workstation Extension 15SP4x86_64<  SUSE Linux Enterprise Workstation Extension 15-SP4 (x86_64):- SUSE Linux Enterprise Workstation Extension 15-SP4 (x86_64):.x86_64.rpm
SUSE Linux Enterprise Workstation Extension 15SP3x86_64<  SUSE Linux Enterprise Workstation Extension 15-SP3 (x86_64):- SUSE Linux Enterprise Workstation Extension 15-SP3 (x86_64):.x86_64.rpm
Rows per page:
1-10 of 161

Related

altlinux 4
nessus 82
mozilla 3
openvas 37
kaspersky 6
centos 2
mageia 2
osv 11
debian 6
oraclelinux 11
redhat 18
slackware 3
amazon 2
suse 2
rocky 3
ubuntu 2
thn 1
redos 2
almalinux 1
malwarebytes 1
altlinux
altlinux
Security fix for the ALT Linux 10 package firefox-esr version 91.10.0-alt1
2022-06-03 00:00:00
Security fix for the ALT Linux 10 package thunderbird version 91.10.0-alt1
2022-06-03 00:00:00
Security fix for the ALT Linux 10 package thunderbird version 91.9.1-alt1
2022-05-27 00:00:00
nessus
nessus
SUSE SLES15 Security Update : MozillaFirefox (SUSE-SU-2022:1927-1)
2022-06-03 00:00:00
SUSE SLED15 / SLES15 Security Update : MozillaFirefox (SUSE-SU-2022:1920-1)
2022-06-03 00:00:00
Mozilla Firefox ESR < 91.10
2022-05-31 00:00:00
mozilla
mozilla
Security Vulnerabilities fixed in Firefox ESR 91.10 — Mozilla
2022-05-31 00:00:00
Security Vulnerabilities fixed in Thunderbird 91.10 — Mozilla
2022-05-31 00:00:00
Security Vulnerabilities fixed in Firefox 101 — Mozilla
2022-05-31 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2022:2062-1)
2022-06-14 00:00:00
Debian: Security Advisory (DLA-3041-1)
2022-06-04 00:00:00
Debian: Security Advisory (DSA-5158-1)
2022-06-09 00:00:00
kaspersky
kaspersky
KLA12547 Multiple vulnerabilities in Mozilla Thunderbird
2022-05-31 00:00:00
KLA12546 Multiple vulnerabilities in Mozilla Firefox ESR
2022-05-31 00:00:00
KLA12545 Multiple vulnerabilities in Mozilla Firefox
2022-05-31 00:00:00
centos
centos
thunderbird security update
2022-08-02 19:48:11
firefox security update
2022-08-02 19:45:49
mageia
mageia
Updated thunderbird packages fix security vulnerability
2022-06-04 23:25:39
Updated firefox/nss/nspr packages fix security vulnerability
2022-06-04 23:25:39
osv
osv
thunderbird - security update
2022-06-03 00:00:00
thunderbird - security update
2022-06-04 00:00:00
Important: thunderbird security update
2022-06-02 07:48:48
debian
debian
[SECURITY] [DSA 5158-1] thunderbird security update
2022-06-04 17:52:32
[SECURITY] [DLA 3041-1] thunderbird security update
2022-06-03 16:45:59
[SECURITY] [DLA 3040-1] firefox-esr security update
2022-06-03 16:36:45
oraclelinux
oraclelinux
firefox security update
2022-06-02 00:00:00
thunderbird security update
2022-06-03 00:00:00
thunderbird security update
2022-06-06 00:00:00
redhat
redhat
(RHSA-2022:4870) Important: firefox security update
2022-06-01 14:59:58
(RHSA-2022:4891) Important: thunderbird security update
2022-06-02 23:57:30
(RHSA-2022:4892) Important: thunderbird security update
2022-06-02 16:04:42
slackware
slackware
[slackware-security] mozilla-thunderbird
2022-06-02 19:43:23
[slackware-security] mozilla-firefox
2022-06-01 00:53:57
[slackware-security] mozilla-firefox
2022-05-21 01:42:04
amazon
amazon
Important: thunderbird
2022-07-19 01:23:00
Important: thunderbird
2022-07-19 01:23:00
suse
suse
Security update for MozillaFirefox (important)
2022-06-02 00:00:00
Security update for MozillaFirefox (important)
2022-05-24 00:00:00
rocky
rocky
thunderbird security update
2022-06-02 07:48:48
firefox security update
2022-06-01 20:09:36
firefox security update
2022-05-27 18:28:08
ubuntu
ubuntu
Firefox vulnerabilities
2022-06-13 00:00:00
Thunderbird vulnerabilities
2022-07-14 00:00:00
thn
thn
Tails OS Users Advised Not to Use Tor Browser Until Critical Firefox Bugs are Patched
2022-05-26 09:08:00
redos
redos
ROS-20220530-03
2022-05-30 00:00:00
ROS-20220530-04
2022-05-30 00:00:00
almalinux
almalinux
Critical: thunderbird security update
2022-05-27 18:24:54
malwarebytes
malwarebytes
Firefox, Thunderbird, receive patches for critical security issues
2022-05-27 11:06:49
JSON
Related for SUSE-SU-2022:2062-1
altlinux4nessus82mozilla3openvas37kaspersky6centos2mageia2osv11debian6oraclelinux11redhat18slackware3amazon2suse2rocky3ubuntu2thn1redos2almalinux1malwarebytes1