Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

SUSE: 2020:1591-2 Important: Multiple Issues Fixed in MozillaThunderbird

suse
Calendar Grey July 8, 2020
Dist Suse Esm H88
SUSE Security Patch resolves several significant vulnerabilities in MozillaFirefox, bolstering user safety and system resilience.
An update that fixes four vulnerabilities is now available

Summary

This update for MozillaThunderbird fixes the following issues: Mozilla Thunderbird 68.9.0 (bsc#1172402) - CVE-2020-12405: Fixed a use-after-free in SharedWorkerService. - CVE-2020-12406: Fixed a JavaScript Type confusion with NativeTypes. - CVE-2020-12410: Fixed multiple memory safety issues - CVE-2020-12398: Fixed a potential information leak due to security downgrade with IMAP STARTTLS - Use a symbolic icon from branding internals Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 15-SP2: zypper in -t patch SUSE-SLE-Product-WE-15-SP2-2020-1591=1 Package List:

References

#1172402

Cross- CVE-2020-12398 CVE-2020-12405 CVE-2020-12406

CVE-2020-12410

Affected Products:

SUSE Linux Enterprise Workstation Extension 15-SP2

https://www.suse.com/security/cve/CVE-2020-12398.html

https://www.suse.com/security/cve/CVE-2020-12405.html

https://www.suse.com/security/cve/CVE-2020-12406.html

https://www.suse.com/security/cve/CVE-2020-12410.html

https://bugzilla.suse.com/1172402

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2020:1591-2
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here