Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

SUSE: 2022:2571-2 Critical: MozillaThunderbird Security Update

suse
Calendar Grey June 4, 2021
Dist Suse Esm H88
SUSE has released a new update for Mozilla Thunderbird addressing critical vulnerabilities to protect user data. It's crucial for users to apply this update swiftly for secure usage.
An update that fixes four vulnerabilities is now available

Summary

This update for MozillaThunderbird fixes the following issues: - Mozilla Thunderbird 78.10.2 - CVE-2021-29957: Fixed partial protection of inline OpenPGP message not indicated (bsc#1186198). - CVE-2021-29956: Fixed Thunderbird stored OpenPGP secret keys without master password protection (bsc#1186199). - CVE-2021-29951: Fixed Thunderbird Maintenance Service could have been started or stopped by domain users (bsc#1185633). - CVE-2021-29950: Fixed logic issue potentially leaves key material unlocked (bsc#1185086). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 15-SP3:

Topics%20covered

Topics Covered

security advisory critical software update SUSE threat fix MozillaThunderbird

References

#1185086 #1185633 #1186198 #1186199

Cross- CVE-2021-29950 CVE-2021-29951 CVE-2021-29956

CVE-2021-29957

CVSS scores:

CVE-2021-29950 (SUSE): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CVE-2021-29951 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

CVE-2021-29956 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CVE-2021-29957 (SUSE): 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N

Affected Products:

SUSE Linux Enterprise Workstation Extension 15-SP3

SUSE Linux Enterprise Workstation Extension 15-SP2

https://www.suse.com/security/cve/CVE-2021-29950.html

https://www.suse.com/security/cve/CVE-2021-29951.html

https://www.suse.com/security/cve/CVE-2021-29956.html

https://www.suse.com/security/cve/CVE-2021-29957.html

Announcement ID: SUSE-SU-2021:1854-1
Rating: moderate

Topics%20covered

Topics Covered

security advisory critical software update SUSE threat fix MozillaThunderbird

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here