SUSE: 2022:0199-1 important: MozillaThunderbird multiple issues
suse
January 26, 2022
An update that fixes 14 vulnerabilities is now available
Summary
This update for MozillaThunderbird fixes the following issues: - CVE-2021-4140: Fixed Iframe sandbox bypass with XSLT (bsc#1194547). - CVE-2022-22737: Fixed race condition when playing audio files (bsc#1194547). - CVE-2022-22738: Fixed heap-buffer-overflow in blendGaussianBlur (bsc#1194547). - CVE-2022-22739: Fixed missing throttling on external protocol launch dialog (bsc#1194547). - CVE-2022-22740: Fixed use-after-free of ChannelEventQueue::mOwner (bsc#1194547). - CVE-2022-22741: Fixed browser window spoof using fullscreen mode (bsc#1194547). - CVE-2022-22742: Fixed out-of-bounds memory access when inserting text in edit mode (bsc#1194547). - CVE-2022-22743: Fixed browser window spoof using fullscreen mode (bsc#1194547).
References
#1194547
Cross- CVE-2021-4140 CVE-2022-22737 CVE-2022-22738
CVE-2022-22739 CVE-2022-22740 CVE-2022-22741
CVE-2022-22742 CVE-2022-22743 CVE-2022-22744
CVE-2022-22745 CVE-2022-22746 CVE-2022-22747
CVE-2022-22748 CVE-2022-22751
Affected Products:
SUSE Linux Enterprise Workstation Extension 15-SP4
SUSE Linux Enterprise Workstation Extension 15-SP3
https://www.suse.com/security/cve/CVE-2021-4140.html
https://www.suse.com/security/cve/CVE-2022-22737.html
https://www.suse.com/security/cve/CVE-2022-22738.html
https://www.suse.com/security/cve/CVE-2022-22739.html
https://www.suse.com/security/cve/CVE-2022-22740.html
https://www.suse.com/security/cve/CVE-2022-22741.html
https://www.suse.com/security/cve/CVE-2022-22742.html
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: SUSE-SU-2022:0199-1
Rating: important
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!