Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

SUSE: 2024:4148-1 important: MozillaThunderbird multiple threats addressed

suse
Calendar Grey December 3, 2024
Dist Suse Esm H88
Important release for Mozilla Thunderbird resolving various concerns, featuring updates for security and improvements to functionality.
* bsc#1233650 * bsc#1233695 Cross-References: * CVE-2024-11691

Summary

## This update for MozillaThunderbird fixes the following issues: * Mozilla Thunderbird 128.5 * fixed: IMAP could crash when reading cached messages * fixed: Enabling "Show Folder Size" on Maildir profile could render Thunderbird unusable * fixed: Messages corrupted by folder compaction were only fixed by user intervention * fixed: Reading a message from past the end of an mbox file did not cause an error * fixed: View -> Folders had duplicate F access keys * fixed: Add-ons adding columns to the message list could fail and cause display issue * fixed: "Empty trash on exit" and "Expunge inbox on exit" did not always work * fixed: Selecting a display option in View -> Tasks did not apply in the Task interface * fixed: Security fixes MFSA 2024-68 (bsc#1233695) * CVE-2024-11691 Out-of-bounds write in Apple GPU drivers via WebGL

Topics%20covered

Topics Covered

security advisory update DoS important SUSE Linux memory safety Mozilla Thunderbird

References

* bsc#1233650

* bsc#1233695

Cross-

* CVE-2024-11691

* CVE-2024-11692

* CVE-2024-11693

* CVE-2024-11694

* CVE-2024-11695

* CVE-2024-11696

* CVE-2024-11697

* CVE-2024-11698

* CVE-2024-11699

CVSS scores:

* CVE-2024-11691 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

* CVE-2024-11692 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

* CVE-2024-11693 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

* CVE-2024-11694 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

* CVE-2024-11695 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

* CVE-2024-11696 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

* CVE-2024-11697 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2024:4148-1
Release Date: 2024-12-03T09:10:23Z
Rating: important

Topics%20covered

Topics Covered

security advisory update DoS important SUSE Linux memory safety Mozilla Thunderbird

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here