Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 579
Alerts This Week
Warning Icon 1 579

SUSE: 2021:0672-1 Critical: Mozilla Firefox Security Patches

suse
Calendar Grey March 1, 2021
Dist Suse Esm H88
Mozilla Thunderbird has released an update addressing critical security vulnerabilities. Review the full details for guidance and determine the severity rating.
An update that fixes four vulnerabilities is now available

Summary

This update for MozillaThunderbird fixes the following issues: - Mozilla Thunderbird 78.8 * fixed: Importing an address book from a CSV file always reported an error * fixed: Security information for S/MIME messages was not displayed correctly prior to a draft being saved * fixed: Calendar: FileLink UI fixes for Caldav calendars * fixed: Recurring tasks were always marked incomplete; unable to use filters * fixed: Various UI widgets not working * fixed: Dark theme improvements * fixed: Extension manager was missing link to addon support web page * fixed: Various security fixes MFSA 2021-09 (bsc#1182614) * CVE-2021-23969: Content Security Policy violation report could have contained the destination of a redirect * CVE-2021-23968: Content Security Policy violation report could have

References

#1182357 #1182614

Cross- CVE-2021-23968 CVE-2021-23969 CVE-2021-23973

CVE-2021-23978

CVSS scores:

CVE-2021-23968 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVE-2021-23969 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVE-2021-23973 (SUSE): 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

CVE-2021-23978 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products:

SUSE Linux Enterprise Workstation Extension 15-SP2

https://www.suse.com/security/cve/CVE-2021-23968.html

https://www.suse.com/security/cve/CVE-2021-23969.html

https://www.suse.com/security/cve/CVE-2021-23973.html

https://www.suse.com/security/cve/CVE-2021-23978.html

https://bugzilla.suse.com/1182357

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2021:0661-1
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.