openSUSE-SU-2016:2991-1

Опубликовано: 04 дек. 2016

Источник: suse-cvrf

Описание

Security update for Mozilla Thunderbird

This update contains Mozilla Thunderbird 45.5.1 and fixes one vulnerability.

In Mozilla Thunderbird, this vulnerability may be exploited when used in a browser-like context.

CVE-2016-9079: SVG Animation Remote Code Execution (MFSA 2016-92, bsc#1012964, bmo#1321066)

Список пакетов

openSUSE Leap 42.1

MozillaThunderbird-45.5.1-28.2

MozillaThunderbird-buildsymbols-45.5.1-28.2

MozillaThunderbird-devel-45.5.1-28.2

MozillaThunderbird-translations-common-45.5.1-28.2

MozillaThunderbird-translations-other-45.5.1-28.2

openSUSE Leap 42.2

MozillaThunderbird-45.5.1-28.2

MozillaThunderbird-buildsymbols-45.5.1-28.2

MozillaThunderbird-devel-45.5.1-28.2

MozillaThunderbird-translations-common-45.5.1-28.2

MozillaThunderbird-translations-other-45.5.1-28.2

Ссылки

https://lists.opensuse.org/opensuse-security-announce/2016-12/msg00005.html
E-Mail link for openSUSE-SU-2016:2991-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

A use-after-free vulnerability in SVG Animation has been discovered. An exploit built on this vulnerability has been discovered in the wild targeting Firefox and Tor Browser users on Windows. This vulnerability affects Firefox < 50.0.2, Firefox ESR < 45.5.1, and Thunderbird < 45.5.1.

Затронутые продукты

openSUSE Leap 42.1:MozillaThunderbird-45.5.1-28.2

openSUSE Leap 42.1:MozillaThunderbird-buildsymbols-45.5.1-28.2

openSUSE Leap 42.1:MozillaThunderbird-devel-45.5.1-28.2

openSUSE Leap 42.1:MozillaThunderbird-translations-common-45.5.1-28.2

Ссылки

https://www.suse.com/security/cve/CVE-2016-9079.html
CVE-2016-9079
https://bugzilla.suse.com/1012964
SUSE Bug 1012964

openSUSE-SU-2016:2991-1

Описание

Список пакетов

openSUSE Leap 42.1

openSUSE Leap 42.2

Ссылки

Уязвимость: CVE-2016-9079

Описание

Затронутые продукты

Ссылки