Security update for MozillaThunderbird SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2020:0003-1 Final 1 1 2020-01-09T16:29:51Z current 2020-01-09T16:29:51Z 2020-01-09T16:29:51Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for MozillaThunderbird This update for MozillaThunderbird fixes the following issues: Mozilla Thunderbird was updated to 68.3esr (MFSA 2019-38 bsc#1158328) Security issues fixed: - CVE-2019-17008: Fixed a use-after-free in worker destruction (bmo#1546331) - CVE-2019-13722: Fixed a stack corruption due to incorrect number of arguments in WebRTC code (bmo#1580156) - CVE-2019-11745: Fixed an out of bounds write in NSS when encrypting with a block cipher (bmo#1586176) - CVE-2019-17009: Fixed an issue where updater temporary files accessible to unprivileged processes (bmo#1510494) - CVE-2019-17010: Fixed a use-after-free when performing device orientation checks (bmo#1581084) - CVE-2019-17005: Fixed a buffer overflow in plain text serializer (bmo#1584170) - CVE-2019-17011: Fixed a use-after-free when retrieving a document in antitracking (bmo#1591334) - CVE-2019-17012: Fixed multiple memmory issues (bmo#1449736, bmo#1533957, bmo#1560667,bmo#1567209, bmo#1580288, bmo#1585760, bmo#1592502) Other issues addressed: - New: Message display toolbar action WebExtension API (bmo#1531597) - New: Navigation buttons are now available in content tabs (bmo#787683) - Fixed an issue where write window was not always correct (bmo#1593280) - Fixed toolbar issues (bmo#1584160) - Fixed issues with LDAP lookup when SSL was enabled (bmo#1576364) - Fixed an issue with scam link confirmation panel (bmo#1596413) - Fixed an issue with the write window where the Link Properties dialog was not showing named anchors in context menu (bmo#1593629) - Fixed issues with calendar (bmo#1588516) - Fixed issues with chat where reordering via drag-and-drop was not working on Instant messaging status dialog (bmo#1591505) This update was imported from the SUSE:SLE-15:Update update project. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-2020-3 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NRHDWT3QC423VY6ACEY346YD3PPCAECZ/ E-Mail link for openSUSE-SU-2020:0003-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2019-11745/ SUSE CVE CVE-2019-11745 page https://www.suse.com/security/cve/CVE-2019-13722/ SUSE CVE CVE-2019-13722 page https://www.suse.com/security/cve/CVE-2019-17005/ SUSE CVE CVE-2019-17005 page https://www.suse.com/security/cve/CVE-2019-17008/ SUSE CVE CVE-2019-17008 page https://www.suse.com/security/cve/CVE-2019-17009/ SUSE CVE CVE-2019-17009 page https://www.suse.com/security/cve/CVE-2019-17010/ SUSE CVE CVE-2019-17010 page https://www.suse.com/security/cve/CVE-2019-17011/ SUSE CVE CVE-2019-17011 page https://www.suse.com/security/cve/CVE-2019-17012/ SUSE CVE CVE-2019-17012 page openSUSE Leap 15.1 MozillaThunderbird-68.3.0-lp151.2.19.1 MozillaThunderbird-translations-common-68.3.0-lp151.2.19.1 MozillaThunderbird-translations-other-68.3.0-lp151.2.19.1 MozillaThunderbird-68.3.0-lp151.2.19.1 as a component of openSUSE Leap 15.1 MozillaThunderbird-translations-common-68.3.0-lp151.2.19.1 as a component of openSUSE Leap 15.1 MozillaThunderbird-translations-other-68.3.0-lp151.2.19.1 as a component of openSUSE Leap 15.1 When encrypting with a block cipher, if a call to NSC_EncryptUpdate was made with data smaller than the block size, a small out of bounds write could occur. This could have caused heap corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71. CVE-2019-11745 openSUSE Leap 15.1:MozillaThunderbird-68.3.0-lp151.2.19.1 openSUSE Leap 15.1:MozillaThunderbird-translations-common-68.3.0-lp151.2.19.1 openSUSE Leap 15.1:MozillaThunderbird-translations-other-68.3.0-lp151.2.19.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NRHDWT3QC423VY6ACEY346YD3PPCAECZ/ https://www.suse.com/security/cve/CVE-2019-11745.html CVE-2019-11745 https://bugzilla.suse.com/1158328 SUSE Bug 1158328 https://bugzilla.suse.com/1158527 SUSE Bug 1158527 Inappropriate implementation in WebRTC in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2019-13722 openSUSE Leap 15.1:MozillaThunderbird-68.3.0-lp151.2.19.1 openSUSE Leap 15.1:MozillaThunderbird-translations-common-68.3.0-lp151.2.19.1 openSUSE Leap 15.1:MozillaThunderbird-translations-other-68.3.0-lp151.2.19.1 important 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NRHDWT3QC423VY6ACEY346YD3PPCAECZ/ https://www.suse.com/security/cve/CVE-2019-13722.html CVE-2019-13722 https://bugzilla.suse.com/1158328 SUSE Bug 1158328 The plain text serializer used a fixed-size array for the number of <ol> elements it could process; however it was possible to overflow the static-sized array leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71. CVE-2019-17005 openSUSE Leap 15.1:MozillaThunderbird-68.3.0-lp151.2.19.1 openSUSE Leap 15.1:MozillaThunderbird-translations-common-68.3.0-lp151.2.19.1 openSUSE Leap 15.1:MozillaThunderbird-translations-other-68.3.0-lp151.2.19.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NRHDWT3QC423VY6ACEY346YD3PPCAECZ/ https://www.suse.com/security/cve/CVE-2019-17005.html CVE-2019-17005 https://bugzilla.suse.com/1158328 SUSE Bug 1158328 When using nested workers, a use-after-free could occur during worker destruction. This resulted in a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71. CVE-2019-17008 openSUSE Leap 15.1:MozillaThunderbird-68.3.0-lp151.2.19.1 openSUSE Leap 15.1:MozillaThunderbird-translations-common-68.3.0-lp151.2.19.1 openSUSE Leap 15.1:MozillaThunderbird-translations-other-68.3.0-lp151.2.19.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NRHDWT3QC423VY6ACEY346YD3PPCAECZ/ https://www.suse.com/security/cve/CVE-2019-17008.html CVE-2019-17008 https://bugzilla.suse.com/1158328 SUSE Bug 1158328 When running, the updater service wrote status and log files to an unrestricted location; potentially allowing an unprivileged process to locate and exploit a vulnerability in file handling in the updater service. *Note: This attack requires local system access and only affects Windows. Other operating systems are not affected.*. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71. CVE-2019-17009 openSUSE Leap 15.1:MozillaThunderbird-68.3.0-lp151.2.19.1 openSUSE Leap 15.1:MozillaThunderbird-translations-common-68.3.0-lp151.2.19.1 openSUSE Leap 15.1:MozillaThunderbird-translations-other-68.3.0-lp151.2.19.1 important 4.6 AV:L/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NRHDWT3QC423VY6ACEY346YD3PPCAECZ/ https://www.suse.com/security/cve/CVE-2019-17009.html CVE-2019-17009 https://bugzilla.suse.com/1158328 SUSE Bug 1158328 Under certain conditions, when checking the Resist Fingerprinting preference during device orientation checks, a race condition could have caused a use-after-free and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71. CVE-2019-17010 openSUSE Leap 15.1:MozillaThunderbird-68.3.0-lp151.2.19.1 openSUSE Leap 15.1:MozillaThunderbird-translations-common-68.3.0-lp151.2.19.1 openSUSE Leap 15.1:MozillaThunderbird-translations-other-68.3.0-lp151.2.19.1 important 5.1 AV:N/AC:H/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NRHDWT3QC423VY6ACEY346YD3PPCAECZ/ https://www.suse.com/security/cve/CVE-2019-17010.html CVE-2019-17010 https://bugzilla.suse.com/1158328 SUSE Bug 1158328 Under certain conditions, when retrieving a document from a DocShell in the antitracking code, a race condition could cause a use-after-free condition and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71. CVE-2019-17011 openSUSE Leap 15.1:MozillaThunderbird-68.3.0-lp151.2.19.1 openSUSE Leap 15.1:MozillaThunderbird-translations-common-68.3.0-lp151.2.19.1 openSUSE Leap 15.1:MozillaThunderbird-translations-other-68.3.0-lp151.2.19.1 important 5.1 AV:N/AC:H/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NRHDWT3QC423VY6ACEY346YD3PPCAECZ/ https://www.suse.com/security/cve/CVE-2019-17011.html CVE-2019-17011 https://bugzilla.suse.com/1158328 SUSE Bug 1158328 Mozilla developers reported memory safety bugs present in Firefox 70 and Firefox ESR 68.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71. CVE-2019-17012 openSUSE Leap 15.1:MozillaThunderbird-68.3.0-lp151.2.19.1 openSUSE Leap 15.1:MozillaThunderbird-translations-common-68.3.0-lp151.2.19.1 openSUSE Leap 15.1:MozillaThunderbird-translations-other-68.3.0-lp151.2.19.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NRHDWT3QC423VY6ACEY346YD3PPCAECZ/ https://www.suse.com/security/cve/CVE-2019-17012.html CVE-2019-17012 https://bugzilla.suse.com/1158328 SUSE Bug 1158328