Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

SUSE 15: 2019-0853-1 Important: MozillaThunderbird Memory Safety Update

suse
Calendar Grey April 3, 2019
Dist Suse Esm H88
Update for MozillaThunderbird fixes 16 critical memory safety issues that could lead to exploitable crashes.
An update that fixes 16 vulnerabilities is now available

Summary

This update for MozillaThunderbird to version 60.5.1 fixes the following issues: Security issues fixed: - Update to MozillaThunderbird 60.6.1 (bsc#1130262): - CVE-2019-9813: Fixed Ionmonkey type confusion with __proto__ mutations - CVE-2019-9810: Fixed IonMonkey MArraySlice incorrect alias information - Update to MozillaThunderbird 60.6 (bsc#1129821): - CVE-2018-18506: Fixed an issue with Proxy Auto-Configuration file - CVE-2019-9801: Fixed an issue which could allow Windows programs to be exposed to web content - CVE-2019-9788: Fixed multiple memory safety bugs - CVE-2019-9790: Fixed a Use-after-free vulnerability when removing in-use DOM elements - CVE-2019-9791: Fixed an incorrect Type inference for constructors entered through on-stack replacement with IonMonkey

Topics%20covered

Topics Covered

security advisory security update SUSE memory safety patch instructions MozillaThunderbird type confusion

References

#1125330 #1129821 #1130262

Cross- CVE-2018-18335 CVE-2018-18356 CVE-2018-18506

CVE-2018-18509 CVE-2019-5785 CVE-2019-9788

CVE-2019-9790 CVE-2019-9791 CVE-2019-9792

CVE-2019-9793 CVE-2019-9794 CVE-2019-9795

CVE-2019-9796 CVE-2019-9801 CVE-2019-9810

CVE-2019-9813

Affected Products:

SUSE Linux Enterprise Workstation Extension 15

https://www.suse.com/security/cve/CVE-2018-18335.html

https://www.suse.com/security/cve/CVE-2018-18356.html

https://www.suse.com/security/cve/CVE-2018-18506.html

https://www.suse.com/security/cve/CVE-2018-18509.html

https://www.suse.com/security/cve/CVE-2019-5785.html

https://www.suse.com/security/cve/CVE-2019-9788.html

https://www.suse.com/security/cve/CVE-2019-9790.html

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2019:0853-1
Rating: important

Topics%20covered

Topics Covered

security advisory security update SUSE memory safety patch instructions MozillaThunderbird type confusion

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here