Security update for Mozilla Thunderbird SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2018:0818-1 Final 1 1 2018-03-26T11:29:18Z current 2018-03-26T11:29:18Z 2018-03-26T11:29:18Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for Mozilla Thunderbird This update for Mozilla Thunderbird to version 52.7 fixes multiple issues. The following bugs were fixed: - Searching message bodies of messages in local folders, including filter and quick filter operations, did not find content in message attachments - Better error handling for Yahoo accounts The following security fixes are included as part of the mozilla platform. In general, these flaws cannot be exploited through email in Thunderbird because scripting is disabled when reading mail, but are potentially risks in browser or browser-like contexts (MFSA 2018-09, bsc#1085130, bsc#1085671): - CVE-2018-5127: Buffer overflow manipulating SVG animatedPathSegList - CVE-2018-5129: Out-of-bounds write with malformed IPC messages - CVE-2018-5144: Integer overflow during Unicode conversion - CVE-2018-5146: Out of bounds memory write in libvorbis - CVE-2018-5125: Memory safety bugs fixed in Thunderbird 52.7 - CVE-2018-5145: Memory safety bugs fixed in Thunderbird 52.7 The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-2018-313 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1085130 SUSE Bug 1085130 https://bugzilla.suse.com/1085671 SUSE Bug 1085671 https://www.suse.com/security/cve/CVE-2018-5125/ SUSE CVE CVE-2018-5125 page https://www.suse.com/security/cve/CVE-2018-5127/ SUSE CVE CVE-2018-5127 page https://www.suse.com/security/cve/CVE-2018-5129/ SUSE CVE CVE-2018-5129 page https://www.suse.com/security/cve/CVE-2018-5144/ SUSE CVE CVE-2018-5144 page https://www.suse.com/security/cve/CVE-2018-5145/ SUSE CVE CVE-2018-5145 page https://www.suse.com/security/cve/CVE-2018-5146/ SUSE CVE CVE-2018-5146 page SUSE Package Hub 12 MozillaThunderbird-52.7-57.1 MozillaThunderbird-buildsymbols-52.7-57.1 MozillaThunderbird-devel-52.7-57.1 MozillaThunderbird-translations-common-52.7-57.1 MozillaThunderbird-translations-other-52.7-57.1 MozillaThunderbird-52.7-57.1 as a component of SUSE Package Hub 12 MozillaThunderbird-buildsymbols-52.7-57.1 as a component of SUSE Package Hub 12 MozillaThunderbird-devel-52.7-57.1 as a component of SUSE Package Hub 12 MozillaThunderbird-translations-common-52.7-57.1 as a component of SUSE Package Hub 12 MozillaThunderbird-translations-other-52.7-57.1 as a component of SUSE Package Hub 12 Memory safety bugs were reported in Firefox 58 and Firefox ESR 52.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 52.7, Firefox ESR < 52.7, and Firefox < 59. CVE-2018-5125 SUSE Package Hub 12:MozillaThunderbird-52.7-57.1 SUSE Package Hub 12:MozillaThunderbird-buildsymbols-52.7-57.1 SUSE Package Hub 12:MozillaThunderbird-devel-52.7-57.1 SUSE Package Hub 12:MozillaThunderbird-translations-common-52.7-57.1 SUSE Package Hub 12:MozillaThunderbird-translations-other-52.7-57.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-5125.html CVE-2018-5125 https://bugzilla.suse.com/1085130 SUSE Bug 1085130 A buffer overflow can occur when manipulating the SVG "animatedPathSegList" through script. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.7, Firefox ESR < 52.7, and Firefox < 59. CVE-2018-5127 SUSE Package Hub 12:MozillaThunderbird-52.7-57.1 SUSE Package Hub 12:MozillaThunderbird-buildsymbols-52.7-57.1 SUSE Package Hub 12:MozillaThunderbird-devel-52.7-57.1 SUSE Package Hub 12:MozillaThunderbird-translations-common-52.7-57.1 SUSE Package Hub 12:MozillaThunderbird-translations-other-52.7-57.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-5127.html CVE-2018-5127 https://bugzilla.suse.com/1085130 SUSE Bug 1085130 A lack of parameter validation on IPC messages results in a potential out-of-bounds write through malformed IPC messages. This can potentially allow for sandbox escape through memory corruption in the parent process. This vulnerability affects Thunderbird < 52.7, Firefox ESR < 52.7, and Firefox < 59. CVE-2018-5129 SUSE Package Hub 12:MozillaThunderbird-52.7-57.1 SUSE Package Hub 12:MozillaThunderbird-buildsymbols-52.7-57.1 SUSE Package Hub 12:MozillaThunderbird-devel-52.7-57.1 SUSE Package Hub 12:MozillaThunderbird-translations-common-52.7-57.1 SUSE Package Hub 12:MozillaThunderbird-translations-other-52.7-57.1 important 5 AV:N/AC:L/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-5129.html CVE-2018-5129 https://bugzilla.suse.com/1085130 SUSE Bug 1085130 An integer overflow can occur during conversion of text to some Unicode character sets due to an unchecked length parameter. This vulnerability affects Firefox ESR < 52.7 and Thunderbird < 52.7. CVE-2018-5144 SUSE Package Hub 12:MozillaThunderbird-52.7-57.1 SUSE Package Hub 12:MozillaThunderbird-buildsymbols-52.7-57.1 SUSE Package Hub 12:MozillaThunderbird-devel-52.7-57.1 SUSE Package Hub 12:MozillaThunderbird-translations-common-52.7-57.1 SUSE Package Hub 12:MozillaThunderbird-translations-other-52.7-57.1 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-5144.html CVE-2018-5144 https://bugzilla.suse.com/1085130 SUSE Bug 1085130 Memory safety bugs were reported in Firefox ESR 52.6. These bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox ESR < 52.7 and Thunderbird < 52.7. CVE-2018-5145 SUSE Package Hub 12:MozillaThunderbird-52.7-57.1 SUSE Package Hub 12:MozillaThunderbird-buildsymbols-52.7-57.1 SUSE Package Hub 12:MozillaThunderbird-devel-52.7-57.1 SUSE Package Hub 12:MozillaThunderbird-translations-common-52.7-57.1 SUSE Package Hub 12:MozillaThunderbird-translations-other-52.7-57.1 important 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-5145.html CVE-2018-5145 https://bugzilla.suse.com/1085130 SUSE Bug 1085130 An out of bounds memory write while processing Vorbis audio data was reported through the Pwn2Own contest. This vulnerability affects Firefox < 59.0.1, Firefox ESR < 52.7.2, and Thunderbird < 52.7. CVE-2018-5146 SUSE Package Hub 12:MozillaThunderbird-52.7-57.1 SUSE Package Hub 12:MozillaThunderbird-buildsymbols-52.7-57.1 SUSE Package Hub 12:MozillaThunderbird-devel-52.7-57.1 SUSE Package Hub 12:MozillaThunderbird-translations-common-52.7-57.1 SUSE Package Hub 12:MozillaThunderbird-translations-other-52.7-57.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-5146.html CVE-2018-5146 https://bugzilla.suse.com/1085671 SUSE Bug 1085671 https://bugzilla.suse.com/1085687 SUSE Bug 1085687 https://bugzilla.suse.com/1180395 SUSE Bug 1180395