SUSE: 2021:2003-1 Important: MozillaThunderbird Memory Safety Issues
suse
June 17, 2021
An update that fixes two vulnerabilities is now available
Summary
This update for MozillaThunderbird fixes the following issues: Mozilla Thunderbird 78.11 (bsc#1186696) Security issues fixed: - CVE-2021-29964: Out of bounds-read when parsing a `WM_COPYDATA` message - CVE-2021-29967: Memory safety bugs fixed in Thunderbird 78.11 General improvements: - OpenPGP could not be disabled for an account if a key was previously configured - Recipients were unable to decrypt some messages when the sender had changed the message encryption from OpenPGP to S/MIME - Contacts moved between CardDAV address books were not synced to the new server - CardDAV compatibility fixes for Google Contacts - Folder pane had no clear indication of focus on macOS Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods
References
#1186696
Cross- CVE-2021-29964 CVE-2021-29967
Affected Products:
SUSE Linux Enterprise Workstation Extension 15-SP3
SUSE Linux Enterprise Workstation Extension 15-SP2
https://www.suse.com/security/cve/CVE-2021-29964.html
https://www.suse.com/security/cve/CVE-2021-29967.html
https://bugzilla.suse.com/1186696
PREVIOUS 
NEXT Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: SUSE-SU-2021:2003-1
Rating: important
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!