An update that fixes four vulnerabilities is now available.
Description:
This update for MozillaThunderbird fixes the following issues:
Mozilla Thunderbird was updated to 60.7.1:
Security issues fixed with MFSA 2019-17 (boo#1137595)
- CVE-2019-11703: Fixed a heap-based buffer overflow in icalmemorystrdupanddequote() (bsc#1137595). - CVE-2019-11704: Fixed a heap-based buffer overflow in parser_get_next_char() (bsc#1137595). - CVE-2019-11705: Fixed a stack-based buffer overflow in icalrecur_add_bydayrules() (bsc#1137595). - CVE-2019-11706: Fixed a type confusion in icaltimezone_get_vtimezone_properties() (bsc#1137595).
Also fixed: - No prompt for smartcard PIN when S/MIME signing is used
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product: