openSUSE Security Update : MozillaThunderbird (openSUSE-SU-2014:1098-1)
Critical Nessus Plugin ID 77619
SynopsisThe remote openSUSE host is missing a security update.
DescriptionMozillaThunderbird was updated to Thunderbird 31.1.0 (bnc#894370), fixinfg security issues :
- MFSA 2014-67/CVE-2014-1553/CVE-2014-1562 Miscellaneous memory safety hazards
- MFSA 2014-68/CVE-2014-1563 (bmo#1018524) Use-after-free during DOM interactions with SVG
- MFSA 2014-69/CVE-2014-1564 (bmo#1045977) Uninitialized memory use during GIF rendering
- MFSA 2014-70/CVE-2014-1565 (bmo#1047831) Out-of-bounds read in Web Audio audio timeline
- MFSA 2014-72/CVE-2014-1567 (bmo#1037641) Use-after-free setting text directionality
- update to Thunderbird 31.0
- based on Gecko 31
- Autocompleting email addresses now matches against any part of the name or email
- Composing a mail to a newsgroup will now autocomplete newsgroup names
- Insecure NTLM (pre-NTLMv2) authentication disabled
SolutionUpdate the affected MozillaThunderbird packages.