Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

SUSE: 2024:3112-1 Important: MozillaThunderbird Multiple Fixes

suse
Calendar Grey September 3, 2024
Dist Suse Esm H88
The latest release for Mozilla Thunderbird addresses a range of concerns, enhancing security features and rectifying several bugs for SUSE users.
* bsc#1228648 Cross-References: * CVE-2024-7519 * CVE-2024-7521

Summary

## This update for MozillaThunderbird fixes the following issues: * Mozilla Thunderbird 115.14 * fixed: When using an external installation of GnuPG, Thunderbird occassionally sent/received corrupted messages * fixed: Users of external GnuPG were unable to decrypt incorrectly encoded messages (bmo#1906903) * fixed: Flatpak install of 128.0esr was incorrectly downgraded to 115.13.0esr (bmo#1908299) * fixed: Security fixes MFSA 2024-38 (bsc#1228648) * CVE-2024-7519: Out of bounds memory access in graphics shared memory handling * CVE-2024-7521: Incomplete WebAssembly exception handing * CVE-2024-7522: Out of bounds read in editor component * CVE-2024-7525: Missing permission check when creating a StreamFilter * CVE-2024-7526: Uninitialized memory used by WebGL

Topics%20covered

Topics Covered

security advisory update buffer overflow important permission check mozilla thunderbird suse linux enterprise

References

* bsc#1228648

Cross-

* CVE-2024-7519

* CVE-2024-7521

* CVE-2024-7522

* CVE-2024-7525

* CVE-2024-7526

* CVE-2024-7527

* CVE-2024-7529

CVSS scores:

* CVE-2024-7519 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

* CVE-2024-7519 ( NVD ): 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

* CVE-2024-7521 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

* CVE-2024-7521 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

* CVE-2024-7522 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L

* CVE-2024-7522 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

* CVE-2024-7525 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

* CVE-2024-7525 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2024:3112-1
Rating: important

Topics%20covered

Topics Covered

security advisory update buffer overflow important permission check mozilla thunderbird suse linux enterprise

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here