Overview

File _patchinfo of Package patchinfo.19943

<patchinfo incident="19943">
  <issue tracker="bnc" id="1186696">VUL-0: MozillaFirefox / MozillaThunderbird: update to 89 and 78.11.0esr</issue>
  <issue tracker="cve" id="2021-29967"/>
  <issue tracker="cve" id="2021-29964"/>
  <packager>MSirringhaus</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for MozillaThunderbird</summary>
  <description>This update for MozillaThunderbird fixes the following issues:

Mozilla Thunderbird 78.11 (bsc#1186696)

Security issues fixed:

- CVE-2021-29964: Out of bounds-read when parsing a `WM_COPYDATA` message
- CVE-2021-29967: Memory safety bugs fixed in Thunderbird 78.11

General improvements:

- OpenPGP could not be disabled for an account if a key was previously configured
- Recipients were unable to decrypt some messages when the sender had changed the message encryption from OpenPGP to S/MIME
- Contacts moved between CardDAV address books were not synced to the new server
- CardDAV compatibility fixes for Google Contacts
- Folder pane had no clear indication of focus on macOS
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places