Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

openSUSE Leap 15.1: 2021:0127-1 Critical: MozillaThunderbird Use-After-Free

opensuse
Calendar Grey January 20, 2021
Dist Opensuse Esm H88
A crucial update for Mozilla Thunderbird has been released, addressing a major security vulnerability. Review the information for applying the necessary fixes.
An update that fixes one vulnerability is now available

Description

This update for MozillaThunderbird fixes the following issues:

- Mozilla Thunderbird 78.6.1

* changed: MailExtensions: browserAction, composeAction, and

messageDisplayAction toolbar buttons now support label and

default_label properties (bmo#1583478)

* fixed: Running a quicksearch that returned no results did not

offer to re-run as a global search (bmo#1663153)

* fixed: Message search toolbar fixes (bmo#1681010)

* fixed: Very long subject lines distorted the message compose and

display windows, making them unusable (bmo#77806)

* fixed: Compose window: Recipient addresses that had not yet been

autocompleted were lost when clicking Send button (bmo#1674054)

* fixed: Compose window: New message is no longer marked as "changed"

just from tabbing out of the recipient field without editing anything

(bmo#1681389)

* fixed: Account autodiscover fixes when using MS Exchange servers (bmo#1679759)

...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory security update security issue important important patch openSUSE use-after-free patch instructions MozillaThunderbird CVE-2020-16044

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.1:

zypper in -t patch openSUSE-2021-127=1

Package List

- openSUSE Leap 15.1 (x86_64):

MozillaThunderbird-78.6.1-lp151.2.66.1

MozillaThunderbird-debuginfo-78.6.1-lp151.2.66.1

MozillaThunderbird-debugsource-78.6.1-lp151.2.66.1

MozillaThunderbird-translations-common-78.6.1-lp151.2.66.1

MozillaThunderbird-translations-other-78.6.1-lp151.2.66.1

References

https://www.suse.com/security/cve/CVE-2020-16044.html

https://bugzilla.suse.com/1180623

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2021:0127-1
Rating: important
Affected Products: openSUSE Leap 15.1 .

Topics%20covered

Topics Covered

security advisory security update security issue important important patch openSUSE use-after-free patch instructions MozillaThunderbird CVE-2020-16044

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here