Описание
Security update for MozillaThunderbird
This update for MozillaThunderbird fixes the following issues:
MFSA 2023-12 (bsc#1209953):
- CVE-2023-28427: Matrix SDK bundled with Thunderbird vulnerable to denial-of-service attack (bmo#1822595)
MFSA 2023-11 (bsc#1209173):
- CVE-2023-25751: Incorrect code generation during JIT compilation (bmo#1814899).
- CVE-2023-28164: URL being dragged from a removed cross-origin iframe into the same tab triggered navigation (bmo#1809122).
- CVE-2023-28162: Invalid downcast in Worklets (bmo#1811327).
- CVE-2023-25752: Potential out-of-bounds when accessing throttled streams (bmo#1811627).
- CVE-2023-28163: Windows Save As dialog resolved environment variables (bmo#1817768)
- CVE-2023-28176: Memory safety bugs fixed in Thunderbird 102.9 (bmo#1808352, bmo#1811637, bmo#1815904, bmo#1817442, bmo#1818674).
Mozilla Thunderbird 102.9:
- fixed: Notification about a sender's changed OpenPGP key was not immediately visible (bmo#1814003)
- fixed: TLS Certificate Override dialog did not appear when retrieving messages via IMAP using 'Get Messages' context menu (bmo#1816596)
- fixed: Spellcheck dictionaries were missing from localized Thunderbird builds that should have included them (bmo#1818257)
- fixed: Tooltips for 'Show/Hide' calendar toggle did not display (bmo#1809557)
- fixed: Various security fixes
Mozilla Thunderbird 102.9.1:
- fixed: Thunderbird was unable to open file URLs from command line (URLs beginning with 'file://') (bmo#1816343)
- fixed: Source strings for localized builds not uploaded to FTP as expected (bmo#1817086)
- fixed: Visual and theme improvements (bmo#1821358, bmo#1822286)
- fixed: Security fixes
Список пакетов
SUSE Linux Enterprise Module for Package Hub 15 SP4
SUSE Linux Enterprise Workstation Extension 15 SP4
openSUSE Leap 15.4
Ссылки
- Link for SUSE-SU-2023:1736-1
- E-Mail link for SUSE-SU-2023:1736-1
- SUSE Security Ratings
- SUSE Bug 1209173
- SUSE Bug 1209953
- SUSE CVE CVE-2023-25751 page
- SUSE CVE CVE-2023-25752 page
- SUSE CVE CVE-2023-28162 page
- SUSE CVE CVE-2023-28163 page
- SUSE CVE CVE-2023-28164 page
- SUSE CVE CVE-2023-28176 page
- SUSE CVE CVE-2023-28427 page
Описание
Sometimes, when invalidating JIT code while following an iterator, the newly generated code could be overwritten incorrectly. This could lead to a potentially exploitable crash. This vulnerability affects Firefox < 111, Firefox ESR < 102.9, and Thunderbird < 102.9.
Затронутые продукты
Ссылки
- CVE-2023-25751
Описание
When accessing throttled streams, the count of available bytes needed to be checked in the calling function to be within bounds. This may have lead future code to be incorrect and vulnerable. This vulnerability affects Firefox < 111, Firefox ESR < 102.9, and Thunderbird < 102.9.
Затронутые продукты
Ссылки
- CVE-2023-25752
Описание
While implementing AudioWorklets, some code may have casted one type to another, invalid, dynamic type. This could have led to a potentially exploitable crash. This vulnerability affects Firefox < 111, Firefox ESR < 102.9, and Thunderbird < 102.9.
Затронутые продукты
Ссылки
- CVE-2023-28162
Описание
When downloading files through the Save As dialog on Windows with suggested filenames containing environment variable names, Windows would have resolved those in the context of the current user. <br>*This bug only affects Firefox on Windows. Other versions of Firefox are unaffected.*. This vulnerability affects Firefox < 111, Firefox ESR < 102.9, and Thunderbird < 102.9.
Затронутые продукты
Ссылки
- CVE-2023-28163
Описание
Dragging a URL from a cross-origin iframe that was removed during the drag could have led to user confusion and website spoofing attacks. This vulnerability affects Firefox < 111, Firefox ESR < 102.9, and Thunderbird < 102.9.
Затронутые продукты
Ссылки
- CVE-2023-28164
Описание
Mozilla developers Timothy Nikkel, Andrew McCreight, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 110 and Firefox ESR 102.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 111, Firefox ESR < 102.9, and Thunderbird < 102.9.
Затронутые продукты
Ссылки
- CVE-2023-28176
Описание
matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. In versions prior to 24.0.0 events sent with special strings in key places can temporarily disrupt or impede the matrix-js-sdk from functioning properly, potentially impacting the consumer's ability to process data safely. Note that the matrix-js-sdk can appear to be operating normally but be excluding or corrupting runtime data presented to the consumer. This vulnerability is distinct from GHSA-rfv9-x7hh-xc32 which covers a similar issue. The issue has been patched in matrix-js-sdk 24.0.0 and users are advised to upgrade. There are no known workarounds for this vulnerability.
Затронутые продукты
Ссылки
- CVE-2023-28427
- SUSE Bug 1209953