Overview

File _patchinfo of Package patchinfo.19722

<patchinfo incident="19722">
  <issue tracker="cve" id="2021-29957"/>
  <issue tracker="cve" id="2021-29950"/>
  <issue tracker="cve" id="2021-29951"/>
  <issue tracker="cve" id="2021-29956"/>
  <issue tracker="bnc" id="1186198">VUL-1: CVE-2021-29957: MozillaThunderbird: Partial protection of inline OpenPGP message not indicated</issue>
  <issue tracker="bnc" id="1186199">VUL-1: CVE-2021-29956: MozillaThunderbird: Thunderbird stored OpenPGP secret keys without master password protection</issue>
  <issue tracker="bnc" id="1185633">VUL-0: CVE-2021-29951: MozillaFirefox, MozillaThunderbird: update to 88.0.1 and 78.10.1esr</issue>
  <issue tracker="bnc" id="1185086">VUL-0: CVE-2021-29950: MozillaThunderbird: Logic issue potentially leaves key material unlocked</issue>
  <packager>MSirringhaus</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for MozillaThunderbird</summary>
  <description>This update for MozillaThunderbird fixes the following issues:

- Mozilla Thunderbird 78.10.2
- CVE-2021-29957: Fixed partial protection of inline OpenPGP message not indicated (bsc#1186198).
- CVE-2021-29956: Fixed Thunderbird stored OpenPGP secret keys without master password protection (bsc#1186199).
- CVE-2021-29951: Fixed Thunderbird Maintenance Service could have been started or stopped by domain users (bsc#1185633).
- CVE-2021-29950: Fixed logic issue potentially leaves key material unlocked (bsc#1185086).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places