Alerts This Week
Warning Icon 1 560
Alerts This Week
Warning Icon 1 560

openSUSE 12: 2019:1126-1 Critical: MozillaThunderbird Security Fix

opensuse
Calendar Grey April 3, 2019
Dist Opensuse Esm H88
A recent update for openSUSE tackles 13 critical vulnerabilities in Mozilla Firefox, bolstering overall security. Full information available.
An update that fixes 13 vulnerabilities is now available.

Description

This update for MozillaThunderbird fixes the following issues:

Security issues fixed:

- Update to MozillaThunderbird 60.6.1 (bsc#1130262):

- CVE-2019-9813: Fixed Ionmonkey type confusion with __proto__ mutations

- CVE-2019-9810: Fixed IonMonkey MArraySlice incorrect alias information

- Update to MozillaThunderbird 60.6 (bsc#1129821):

- CVE-2018-18506: Fixed an issue with Proxy Auto-Configuration file

- CVE-2019-9801: Fixed an issue which could allow Windows programs to be

exposed to web content

- CVE-2019-9788: Fixed multiple memory safety bugs

- CVE-2019-9790: Fixed a Use-after-free vulnerability when removing in-use

DOM elements

- CVE-2019-9791: Fixed an incorrect Type inference for constructors entered through on-stack replacement with IonMonkey

- CVE-2019-9792: Fixed an issue where IonMonkey leaks JS_OPTIMIZED_OUT

magic value to script

- CVE-2019-9793: Fixed multiple improper bounds checks when Spectre

...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory critical security fix openSUSE moztllithunderbird 12

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- SUSE Package Hub for SUSE Linux Enterprise 12:

zypper in -t patch openSUSE-2019-1126=1

Package List

- SUSE Package Hub for SUSE Linux Enterprise 12 (x86_64):

MozillaThunderbird-60.6.1-82.1

MozillaThunderbird-buildsymbols-60.6.1-82.1

MozillaThunderbird-translations-common-60.6.1-82.1

MozillaThunderbird-translations-other-60.6.1-82.1

References

https://www.suse.com/security/cve/CVE-2018-18506.html

https://www.suse.com/security/cve/CVE-2019-5785.html

https://www.suse.com/security/cve/CVE-2019-9788.html

https://www.suse.com/security/cve/CVE-2019-9790.html

https://www.suse.com/security/cve/CVE-2019-9791.html

https://www.suse.com/security/cve/CVE-2019-9792.html

https://www.suse.com/security/cve/CVE-2019-9793.html

https://www.suse.com/security/cve/CVE-2019-9794.html

https://www.suse.com/security/cve/CVE-2019-9795.html

https://www.suse.com/security/cve/CVE-2019-9796.html

https://www.suse.com/security/cve/CVE-2019-9801.html

https://www.suse.com/security/cve/CVE-2019-9810.html

https://www.suse.com/security/cve/CVE-2019-9813.html

https://bugzilla.suse.com/1129821

https://bugzilla.suse.com/1130262

--

Severity
critical
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2019:1126-1
Rating: critical
Affected Products: SUSE Package Hub for SUSE Linux Enterprise 12

Topics%20covered

Topics Covered

security advisory critical security fix openSUSE moztllithunderbird 12

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here