Security update for MozillaThunderbird
This update for MozillaThunderbird to version 68.7.0 fixes the following issues:
- CVE-2020-6819: Use-after-free while running the nsDocShell destructor (boo#1168630)
- CVE-2020-6820: Use-after-free when handling a ReadableStream (boo#1168630)
- CVE-2020-6821: Uninitialized memory could be read when using the WebGL copyTexSubImage() (boo#1168874)
- CVE-2020-6822: Out of bounds write in GMPDecodeData when processing large images (boo#1168874)
- CVE-2020-6825: Memory safety bugs fixed (boo#1168874)
-
Submitted by
Andreas Stieger (AndreasStieger)
Fixed bugs
bnc#1168630
EMU: VUL-0: CVE-2020-6819,CVE-2020-6820: MozillaFirefox,MozillaThunderbird: use-after-free vulnerabilities fixed in 74.0.1, ESR 68.6.1 (MFSA 2020-11)
bnc#1168874
VUL-0: MozillaFirefox,MozillaThunderbird: 75 / 68.7esr: MSFA 2020-12 / 2020-13
