openSUSE Security Update : Mozilla Thunderbird (openSUSE-2017-1311)
Critical Nessus Plugin ID 104798
SynopsisThe remote openSUSE host is missing a security update.
DescriptionThis update for Mozilla Thunderbird fixes the following issues :
Security issues fixed in 52.5.0 ESR as advised in MFSA 2017-26 (boo#1068101) :
- CVE-2017-7828: Use-after-free of PressShell while restyling layout
- CVE-2017-7830: Cross-origin URL information leak through Resource Timing API
- CVE-2017-7826: Memory safety bugs fixed in Firefox 57 and Firefox ESR 52.5
The following bug fixes and improvements are included :
- Better support for Charter/Spectrum IMAP
- No longer mark other messages as read in search folders spanning multiple base folders
- IMAP alerts have been corrected and now show the correct server name in case of connection problems
- POP alerts have been corrected and now indicate connection problems in case the configured POP server cannot be found
SolutionUpdate the affected Mozilla Thunderbird packages.