Update Info

openSUSE-2017-1311


Security update for Mozilla Thunderbird


Type: security
Severity: moderate
Issued: 2017-11-27
Description:
This update for Mozilla Thunderbird fixes the following issues:

Security issues fixed in 52.5.0 ESR as advised in MFSA 2017-26 (boo#1068101):

- CVE-2017-7828: Use-after-free of PressShell while restyling layout
- CVE-2017-7830: Cross-origin URL information leak through Resource Timing API
- CVE-2017-7826: Memory safety bugs fixed in Firefox 57 and Firefox ESR 52.5

The following bug fixes and improvements are included:

- Better support for Charter/Spectrum IMAP
- No longer mark other messages as read in search folders spanning multiple base folders
- IMAP alerts have been corrected and now show the correct server name in case of connection problems
- POP alerts have been corrected and now indicate connection problems in case the configured POP server cannot be found


              

Packages


  • MozillaThunderbird-52.5.0-48.1