openSUSE Security Update : MozillaThunderbird (openSUSE-2015-374)
Critical Nessus Plugin ID 83800
SynopsisThe remote openSUSE host is missing a security update.
DescriptionThe Mozilla Thunderbird email, news, and chat client was updated to version 31.7.0 to fix several security issues.
The following vulnerabilities were fixed (bnc#930622) :
- MFSA 2015-46/CVE-2015-2708 Miscellaneous memory safety hazards
- MFSA 2015-47/CVE-2015-0797 (bmo#1080995) Buffer overflow parsing H.264 video with Linux Gstreamer
- MFSA 2015-48/CVE-2015-2710 (bmo#1149542) Buffer overflow with SVG content and CSS
- MFSA 2015-51/CVE-2015-2713 (bmo#1153478) Use-after-free during text processing with vertical text enabled
- MFSA 2015-54/CVE-2015-2716 (bmo#1140537) Buffer overflow when parsing compressed XML
- MFSA 2015-57/CVE-2011-3079 (bmo#1087565) Privilege escalation through IPC channel messages
SolutionUpdate the affected MozillaThunderbird packages.