Overview

File _patchinfo of Package patchinfo.7364

<patchinfo incident="7364">
  <issue id="1068101" tracker="bnc">VUL-0: MozillaFirefox: 57 / 52.5 release</issue>
  <issue id="2017-7828" tracker="cve" />
  <issue id="2017-7830" tracker="cve" />
  <issue id="2017-7826" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>wrosenauer</packager>
  <description>This update for Mozilla Thunderbird fixes the following issues:

Security issues fixed in 52.5.0 ESR as advised in MFSA 2017-26 (boo#1068101):

- CVE-2017-7828: Use-after-free of PressShell while restyling layout
- CVE-2017-7830: Cross-origin URL information leak through Resource Timing API
- CVE-2017-7826: Memory safety bugs fixed in Firefox 57 and Firefox ESR 52.5

The following bug fixes and improvements are included:

- Better support for Charter/Spectrum IMAP
- No longer mark other messages as read in search folders spanning multiple base folders
- IMAP alerts have been corrected and now show the correct server name in case of connection problems
- POP alerts have been corrected and now indicate connection problems in case the configured POP server cannot be found
</description>
  <summary>Security update for Mozilla Thunderbird</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places