drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in Mozilla Thunderbird
Name: |
Mehrere Probleme in Mozilla Thunderbird |
|
ID: |
openSUSE-SU-2012:0917-1 |
|
Distribution: |
SUSE |
|
Plattformen: |
openSUSE 11.4, openSUSE 12.1 |
|
Datum: |
Fr, 27. Juli 2012, 17:19 |
|
Referenzen: |
Keine Angabe |
|
Applikationen: |
Mozilla Thunderbird |
|
Originalnachricht |
openSUSE Security Update: MozillaThunderbird: update to Thunderbird 14.0 ______________________________________________________________________________
Announcement ID: openSUSE-SU-2012:0917-1 Rating: important References: #771583 Affected Products: openSUSE 12.1 openSUSE 11.4 ______________________________________________________________________________
An update that contains security fixes can now be installed.
Description:
Mozilla Thunderbird was updated to version 14.0 (bnc#771583) * MFSA 2012-42/CVE-2012-1949/CVE-2012-1948 Miscellaneous memory safety hazards * MFSA 2012-44/CVE-2012-1951/CVE-2012-1954/CVE-2012-1953/CVE-2012-1 952 Gecko memory corruption * MFSA 2012-45/CVE-2012-1955 (bmo#757376) Spoofing issue with location * MFSA 2012-47/CVE-2012-1957 (bmo#750096) Improper filtering of javascript in HTML feed-view * MFSA 2012-48/CVE-2012-1958 (bmo#750820) use-after-free in nsGlobalWindow::PageHidden * MFSA 2012-49/CVE-2012-1959 (bmo#754044, bmo#737559) Same-compartment Security Wrappers can be bypassed * MFSA 2012-50/CVE-2012-1960 (bmo#761014) Out of bounds read in QCMS * MFSA 2012-51/CVE-2012-1961 (bmo#761655) X-Frame-Options header ignored when duplicated * MFSA 2012-52/CVE-2012-1962 (bmo#764296) JSDependentString::undepend string conversion results in memory corruption * MFSA 2012-53/CVE-2012-1963 (bmo#767778) Content Security Policy 1.0 implementation errors cause data leakage * MFSA 2012-56/CVE-2012-1967 (bmo#758344) Code execution through javascript: URLs * relicensed to MPL-2.0 - update Enigmail to 1.4.3
- no crashreport on %arm, fixing build
Patch Instructions:
To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product:
- openSUSE 12.1:
zypper in -t patch openSUSE-2012-443
- openSUSE 11.4:
zypper in -t patch openSUSE-2012-443
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE 12.1 (x86_64):
MozillaThunderbird-14.0-33.26.1 MozillaThunderbird-buildsymbols-14.0-33.26.1 MozillaThunderbird-debuginfo-14.0-33.26.1 MozillaThunderbird-debugsource-14.0-33.26.1 MozillaThunderbird-devel-14.0-33.26.1 MozillaThunderbird-devel-debuginfo-14.0-33.26.1 MozillaThunderbird-translations-common-14.0-33.26.1 MozillaThunderbird-translations-other-14.0-33.26.1 enigmail-1.4.3+14.0-33.26.1 enigmail-debuginfo-1.4.3+14.0-33.26.1
- openSUSE 12.1 (i586):
MozillaThunderbird-14.0-33.26.2 MozillaThunderbird-buildsymbols-14.0-33.26.2 MozillaThunderbird-debuginfo-14.0-33.26.2 MozillaThunderbird-debugsource-14.0-33.26.2 MozillaThunderbird-devel-14.0-33.26.2 MozillaThunderbird-devel-debuginfo-14.0-33.26.2 MozillaThunderbird-translations-common-14.0-33.26.2 MozillaThunderbird-translations-other-14.0-33.26.2 enigmail-1.4.3+14.0-33.26.2 enigmail-debuginfo-1.4.3+14.0-33.26.2
- openSUSE 11.4 (x86_64):
MozillaThunderbird-14.0-24.1 MozillaThunderbird-buildsymbols-14.0-24.1 MozillaThunderbird-debuginfo-14.0-24.1 MozillaThunderbird-debugsource-14.0-24.1 MozillaThunderbird-devel-14.0-24.1 MozillaThunderbird-devel-debuginfo-14.0-24.1 MozillaThunderbird-translations-common-14.0-24.1 MozillaThunderbird-translations-other-14.0-24.1 enigmail-1.4.3+14.0-24.1 enigmail-debuginfo-1.4.3+14.0-24.1
- openSUSE 11.4 (i586):
MozillaThunderbird-14.0-24.2 MozillaThunderbird-buildsymbols-14.0-24.2 MozillaThunderbird-debuginfo-14.0-24.2 MozillaThunderbird-debugsource-14.0-24.2 MozillaThunderbird-devel-14.0-24.2 MozillaThunderbird-devel-debuginfo-14.0-24.2 MozillaThunderbird-translations-common-14.0-24.2 MozillaThunderbird-translations-other-14.0-24.2 enigmail-1.4.3+14.0-24.2 enigmail-debuginfo-1.4.3+14.0-24.2
References:
https://bugzilla.novell.com/771583
-- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
|
|
|
|