Alerts This Week
Warning Icon 1 916
Alerts This Week
Warning Icon 1 916

openSUSE: Mozilla Firefox Essential Security Patch 2026:20046-2

opensuse
Calendar Grey January 17, 2026
Dist Opensuse Esm H88
Addressing 10 issues in MozillaThunderbird for openSUSE with one bug fix and updates available.
An update that solves 10 vulnerabilities and has one bug fix can now be installed.

Description

This update for MozillaThunderbird fixes the following issues:

Changes in MozillaThunderbird:

- Mozilla Thunderbird 140.6.0 ESR

MFSA 2025-96 (bsc#1254551)

* CVE-2025-14321 (bmo#1992760)

Use-after-free in the WebRTC: Signaling component

* CVE-2025-14322 (bmo#1996473)

Sandbox escape due to incorrect boundary conditions in the

Graphics: CanvasWebGL component

* CVE-2025-14323 (bmo#1996555)

Privilege escalation in the DOM: Notifications component

* CVE-2025-14324 (bmo#1996840)

JIT miscompilation in the JavaScript Engine: JIT component

* CVE-2025-14325 (bmo#1998050)

JIT miscompilation in the JavaScript Engine: JIT component

* CVE-2025-14328 (bmo#1996761)

Privilege escalation in the Netmonitor component

* CVE-2025-14329 (bmo#1997018)

Privilege escalation in the Netmonitor component

* CVE-2025-14330 (bmo#1997503)

JIT miscompilation in the JavaScript Engine: JIT component

* CVE-2025-14331 (bmo#2000218)

Same-origin policy bypass in...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory bug fix threat important OpenSUSE mozilathunderbird

Patch

Package List

- openSUSE Leap 16.0:

MozillaThunderbird-140.6.0-bp160.1.1

MozillaThunderbird-openpgp-librnp-140.6.0-bp160.1.1

MozillaThunderbird-translations-common-140.6.0-bp160.1.1

MozillaThunderbird-translations-other-140.6.0-bp160.1.1

References

* bsc#1254551

References:

* https://www.suse.com/security/cve/CVE-2025-14321.html

* https://www.suse.com/security/cve/CVE-2025-14322.html

* https://www.suse.com/security/cve/CVE-2025-14323.html

* https://www.suse.com/security/cve/CVE-2025-14324.html

* https://www.suse.com/security/cve/CVE-2025-14325.html

* https://www.suse.com/security/cve/CVE-2025-14328.html

* https://www.suse.com/security/cve/CVE-2025-14329.html

* https://www.suse.com/security/cve/CVE-2025-14330.html

* https://www.suse.com/security/cve/CVE-2025-14331.html

* https://www.suse.com/security/cve/CVE-2025-14333.html

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2026:20046-1
Rating: important
Affected Products: openSUSE Leap 16.0 -------------------------------------------------------------

Topics%20covered

Topics Covered

security advisory bug fix threat important OpenSUSE mozilathunderbird

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here