openSUSE Local Security Checks : openSUSE Security Advisory (SUSE-SU-2024:3112-1)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.856421

Categoría: openSUSE Local Security Checks

Título: openSUSE Security Advisory (SUSE-SU-2024:3112-1)

Resumen: The remote host is missing an update for the 'MozillaThunderbird' package(s) announced via the SUSE-SU-2024:3112-1 advisory.

Descripción: Summary:
The remote host is missing an update for the 'MozillaThunderbird' package(s) announced via the SUSE-SU-2024:3112-1 advisory.

Vulnerability Insight:
This update for MozillaThunderbird fixes the following issues:

- Mozilla Thunderbird 115.14
* fixed: When using an external installation of GnuPG,
Thunderbird occassionally sent/received corrupted messages
* fixed: Users of external GnuPG were unable to decrypt
incorrectly encoded messages (bmo#1906903)
* fixed: Flatpak install of 128.0esr was incorrectly downgraded
to 115.13.0esr (bmo#1908299)
* fixed: Security fixes
MFSA 2024-38 (bsc#1228648)
* CVE-2024-7519: Out of bounds memory access in graphics shared memory handling
* CVE-2024-7521: Incomplete WebAssembly exception handing
* CVE-2024-7522: Out of bounds read in editor component
* CVE-2024-7525: Missing permission check when creating a StreamFilter
* CVE-2024-7526: Uninitialized memory used by WebGL
* CVE-2024-7527: Use-after-free in JavaScript garbage collection
* CVE-2024-7529: Document content could partially obscure security prompts

Affected Software/OS:
'MozillaThunderbird' package(s) on openSUSE Leap 15.5, openSUSE Leap 15.6.

Solution:
Please install the updated package(s).

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2024-7519
Common Vulnerability Exposure (CVE) ID: CVE-2024-7521
Common Vulnerability Exposure (CVE) ID: CVE-2024-7522
Common Vulnerability Exposure (CVE) ID: CVE-2024-7525
Common Vulnerability Exposure (CVE) ID: CVE-2024-7526
Common Vulnerability Exposure (CVE) ID: CVE-2024-7527
Common Vulnerability Exposure (CVE) ID: CVE-2024-7529

Copyright Copyright (C) 2024 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.856421
Categoría:	openSUSE Local Security Checks
Título:	openSUSE Security Advisory (SUSE-SU-2024:3112-1)
Resumen:	The remote host is missing an update for the 'MozillaThunderbird' package(s) announced via the SUSE-SU-2024:3112-1 advisory.
Descripción:	Summary: The remote host is missing an update for the 'MozillaThunderbird' package(s) announced via the SUSE-SU-2024:3112-1 advisory. Vulnerability Insight: This update for MozillaThunderbird fixes the following issues: - Mozilla Thunderbird 115.14 * fixed: When using an external installation of GnuPG, Thunderbird occassionally sent/received corrupted messages * fixed: Users of external GnuPG were unable to decrypt incorrectly encoded messages (bmo#1906903) * fixed: Flatpak install of 128.0esr was incorrectly downgraded to 115.13.0esr (bmo#1908299) * fixed: Security fixes MFSA 2024-38 (bsc#1228648) * CVE-2024-7519: Out of bounds memory access in graphics shared memory handling * CVE-2024-7521: Incomplete WebAssembly exception handing * CVE-2024-7522: Out of bounds read in editor component * CVE-2024-7525: Missing permission check when creating a StreamFilter * CVE-2024-7526: Uninitialized memory used by WebGL * CVE-2024-7527: Use-after-free in JavaScript garbage collection * CVE-2024-7529: Document content could partially obscure security prompts Affected Software/OS: 'MozillaThunderbird' package(s) on openSUSE Leap 15.5, openSUSE Leap 15.6. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2024-7519 Common Vulnerability Exposure (CVE) ID: CVE-2024-7521 Common Vulnerability Exposure (CVE) ID: CVE-2024-7522 Common Vulnerability Exposure (CVE) ID: CVE-2024-7525 Common Vulnerability Exposure (CVE) ID: CVE-2024-7526 Common Vulnerability Exposure (CVE) ID: CVE-2024-7527 Common Vulnerability Exposure (CVE) ID: CVE-2024-7529
Copyright	Copyright (C) 2024 Greenbone AG