Overview

File _patchinfo of Package patchinfo.14710

<patchinfo incident="14710">
  <issue tracker="bnc" id="1168874">VUL-0: MozillaFirefox,MozillaThunderbird: 75 / 68.7esr: MSFA 2020-12 / 2020-13</issue>
  <issue tracker="bnc" id="1168630">EMU: VUL-0: CVE-2020-6819,CVE-2020-6820: MozillaFirefox,MozillaThunderbird: use-after-free vulnerabilities fixed in 74.0.1, ESR 68.6.1 (MFSA 2020-11)</issue>
  <issue tracker="cve" id="2020-6820"/>
  <issue tracker="cve" id="2020-6821"/>
  <issue tracker="cve" id="2020-6822"/>
  <issue tracker="cve" id="2020-6819"/>
  <issue tracker="cve" id="2020-6825"/>
  <packager>MSirringhaus</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for MozillaThunderbird</summary>
  <description>This update for MozillaThunderbird to version 68.7.0 fixes the following issues:

- CVE-2020-6819: Use-after-free while running the nsDocShell destructor (boo#1168630)
- CVE-2020-6820: Use-after-free when handling a ReadableStream (boo#1168630)
- CVE-2020-6821: Uninitialized memory could be read when using the WebGL copyTexSubImage() (boo#1168874)
- CVE-2020-6822: Out of bounds write in GMPDecodeData when processing large images (boo#1168874)
- CVE-2020-6825: Memory safety bugs fixed (boo#1168874)
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places