SUSE: 2020:0385-1 Important: MozillaThunderbird Security Update
suse
February 17, 2020
An update that fixes 7 vulnerabilities is now available
Summary
This update for MozillaThunderbird fixes the following issues: - Mozilla Thunderbird 68.5 (bsc#1162777) MFSA 2020-07 (bsc#1163368) * CVE-2020-6793 (bmo#1608539) Out-of-bounds read when processing certain email messages * CVE-2020-6794 (bmo#1606619) Setting a master password post-Thunderbird 52 does not delete unencrypted previously stored passwords * CVE-2020-6795 (bmo#1611105) Crash processing S/MIME messages with multiple signatures * CVE-2020-6797 (bmo#1596668) Extensions granted downloads.open permission could open arbitrary applications on Mac OSX * CVE-2020-6798 (bmo#1602944) Incorrect parsing of template tag could result in JavaScript injection * CVE-2020-6792 (bmo#1609607) Message ID calculcation was based on uninitialized data
References
#1162777 #1163368
Cross- CVE-2020-6792 CVE-2020-6793 CVE-2020-6794
CVE-2020-6795 CVE-2020-6797 CVE-2020-6798
CVE-2020-6800
Affected Products:
SUSE Linux Enterprise Workstation Extension 15-SP1
https://www.suse.com/security/cve/CVE-2020-6792.html
https://www.suse.com/security/cve/CVE-2020-6793.html
https://www.suse.com/security/cve/CVE-2020-6794.html
https://www.suse.com/security/cve/CVE-2020-6795.html
https://www.suse.com/security/cve/CVE-2020-6797.html
https://www.suse.com/security/cve/CVE-2020-6798.html
https://www.suse.com/security/cve/CVE-2020-6800.html
https://bugzilla.suse.com/1162777
https://bugzilla.suse.com/1163368
PREVIOUS 
NEXT Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: SUSE-SU-2020:0385-1
Rating: important
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!