Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

openSUSE: 2020:1780-1 Important: Mozilla Thunderbird Memory Issues

opensuse
Calendar Grey October 30, 2020
Dist Opensuse Esm H88
The recent patch for MozillaThunderbird and mozilla-nspr delivers essential security improvements and upgrades, benefiting openSUSE users significantly.
An update that fixes 6 vulnerabilities is now available.

Description

This update for MozillaThunderbird and mozilla-nspr fixes the following

issues:

- Mozilla Thunderbird 78.4

* new: MailExtensions: browser.tabs.sendMessage API added

* new: MailExtensions: messageDisplayScripts API added

* changed: Yahoo and AOL mail users using password authentication will

be migrated to OAuth2

* changed: MailExtensions: messageDisplay APIs extended to support

multiple selected messages

* changed: MailExtensions: compose.begin functions now support creating

a message with attachments

* fixed: Thunderbird could freeze when updating global search index

* fixed: Multiple issues with handling of self-signed SSL certificates

addressed

* fixed: Recipient address fields in compose window could expand to fill

all available space

* fixed: Inserting emoji characters in message compose window caused

unexpected behavior

* fixed: Button to restore default folder icon color was...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory memory management software issues important update Mozilla Thunderbird openSUSE mozilla-nspr

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.2:

zypper in -t patch openSUSE-2020-1780=1

Package List

- openSUSE Leap 15.2 (i586 x86_64):

mozilla-nspr-4.25.1-lp152.2.3.1

mozilla-nspr-debuginfo-4.25.1-lp152.2.3.1

mozilla-nspr-debugsource-4.25.1-lp152.2.3.1

mozilla-nspr-devel-4.25.1-lp152.2.3.1

- openSUSE Leap 15.2 (x86_64):

MozillaThunderbird-78.4.0-lp152.2.13.1

MozillaThunderbird-debuginfo-78.4.0-lp152.2.13.1

MozillaThunderbird-debugsource-78.4.0-lp152.2.13.1

MozillaThunderbird-translations-common-78.4.0-lp152.2.13.1

MozillaThunderbird-translations-other-78.4.0-lp152.2.13.1

mozilla-nspr-32bit-4.25.1-lp152.2.3.1

mozilla-nspr-32bit-debuginfo-4.25.1-lp152.2.3.1

References

https://www.suse.com/security/cve/CVE-2020-15673.html

https://www.suse.com/security/cve/CVE-2020-15676.html

https://www.suse.com/security/cve/CVE-2020-15677.html

https://www.suse.com/security/cve/CVE-2020-15678.html

https://www.suse.com/security/cve/CVE-2020-15683.html

https://www.suse.com/security/cve/CVE-2020-15969.html

https://bugzilla.suse.com/1174230

https://bugzilla.suse.com/1176384

https://bugzilla.suse.com/1176756

https://bugzilla.suse.com/1176899

https://bugzilla.suse.com/1177977

--

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2020:1780-1
Rating: important
Affected Products: openSUSE Leap 15.2

Topics%20covered

Topics Covered

security advisory memory management software issues important update Mozilla Thunderbird openSUSE mozilla-nspr

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here