Security update for MozillaThunderbird SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2021:1091-1 Final 1 1 2021-08-04T00:14:42Z current 2021-08-04T00:14:42Z 2021-08-04T00:14:42Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for MozillaThunderbird This update for MozillaThunderbird fixes the following issues: Mozilla Thunderbird 78.12 * fixed: Sending an email containing HTML links with spaces in the URL sometimes resulted in broken links * fixed: Folder Pane display theme fixes for macOS * fixed: Chat account settings did not always save as expected * fixed: RSS feed subscriptions sometimes lost * fixed: Calendar: A parsing error for alarm triggers of type 'DURATION' caused sync problems for some users * fixed: Various security fixes MFSA 2021-30 (bsc#1188275) * CVE-2021-29969: IMAP server responses sent by a MITM prior to STARTTLS could be processed * CVE-2021-29970: Use-after-free in accessibility features of a document * CVE-2021-30547: Out of bounds write in ANGLE * CVE-2021-29976: Memory safety bugs fixed in Thunderbird 78.12 This update was imported from the SUSE:SLE-15-SP2:Update update project. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-2021-1091 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ABQT6TDIB2IQ4ZZNUZXMHLE7ZDVD4YBM/ E-Mail link for openSUSE-SU-2021:1091-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1188275 SUSE Bug 1188275 https://www.suse.com/security/cve/CVE-2021-29969/ SUSE CVE CVE-2021-29969 page https://www.suse.com/security/cve/CVE-2021-29970/ SUSE CVE CVE-2021-29970 page https://www.suse.com/security/cve/CVE-2021-29976/ SUSE CVE CVE-2021-29976 page https://www.suse.com/security/cve/CVE-2021-30547/ SUSE CVE CVE-2021-30547 page openSUSE Leap 15.2 MozillaThunderbird-78.12.0-lp152.2.48.2 MozillaThunderbird-translations-common-78.12.0-lp152.2.48.2 MozillaThunderbird-translations-other-78.12.0-lp152.2.48.2 MozillaThunderbird-78.12.0-lp152.2.48.2 as a component of openSUSE Leap 15.2 MozillaThunderbird-translations-common-78.12.0-lp152.2.48.2 as a component of openSUSE Leap 15.2 MozillaThunderbird-translations-other-78.12.0-lp152.2.48.2 as a component of openSUSE Leap 15.2 If Thunderbird was configured to use STARTTLS for an IMAP connection, and an attacker injected IMAP server responses prior to the completion of the STARTTLS handshake, then Thunderbird didn't ignore the injected data. This could have resulted in Thunderbird showing incorrect information, for example the attacker could have tricked Thunderbird to show folders that didn't exist on the IMAP server. This vulnerability affects Thunderbird < 78.12. CVE-2021-29969 openSUSE Leap 15.2:MozillaThunderbird-78.12.0-lp152.2.48.2 openSUSE Leap 15.2:MozillaThunderbird-translations-common-78.12.0-lp152.2.48.2 openSUSE Leap 15.2:MozillaThunderbird-translations-other-78.12.0-lp152.2.48.2 important 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ABQT6TDIB2IQ4ZZNUZXMHLE7ZDVD4YBM/ https://www.suse.com/security/cve/CVE-2021-29969.html CVE-2021-29969 A malicious webpage could have triggered a use-after-free, memory corruption, and a potentially exploitable crash. *This bug could only be triggered when accessibility was enabled.*. This vulnerability affects Thunderbird < 78.12, Firefox ESR < 78.12, and Firefox < 90. CVE-2021-29970 openSUSE Leap 15.2:MozillaThunderbird-78.12.0-lp152.2.48.2 openSUSE Leap 15.2:MozillaThunderbird-translations-common-78.12.0-lp152.2.48.2 openSUSE Leap 15.2:MozillaThunderbird-translations-other-78.12.0-lp152.2.48.2 important 5.1 AV:N/AC:H/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ABQT6TDIB2IQ4ZZNUZXMHLE7ZDVD4YBM/ https://www.suse.com/security/cve/CVE-2021-29970.html CVE-2021-29970 https://bugzilla.suse.com/1188275 SUSE Bug 1188275 Mozilla developers reported memory safety bugs present in code shared between Firefox and Thunderbird. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 78.12, Firefox ESR < 78.12, and Firefox < 90. CVE-2021-29976 openSUSE Leap 15.2:MozillaThunderbird-78.12.0-lp152.2.48.2 openSUSE Leap 15.2:MozillaThunderbird-translations-common-78.12.0-lp152.2.48.2 openSUSE Leap 15.2:MozillaThunderbird-translations-other-78.12.0-lp152.2.48.2 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ABQT6TDIB2IQ4ZZNUZXMHLE7ZDVD4YBM/ https://www.suse.com/security/cve/CVE-2021-29976.html CVE-2021-29976 https://bugzilla.suse.com/1188275 SUSE Bug 1188275 Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. CVE-2021-30547 openSUSE Leap 15.2:MozillaThunderbird-78.12.0-lp152.2.48.2 openSUSE Leap 15.2:MozillaThunderbird-translations-common-78.12.0-lp152.2.48.2 openSUSE Leap 15.2:MozillaThunderbird-translations-other-78.12.0-lp152.2.48.2 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ABQT6TDIB2IQ4ZZNUZXMHLE7ZDVD4YBM/ https://www.suse.com/security/cve/CVE-2021-30547.html CVE-2021-30547 https://bugzilla.suse.com/1187141 SUSE Bug 1187141 https://bugzilla.suse.com/1188275 SUSE Bug 1188275