Overview

File _patchinfo of Package patchinfo.34542

<patchinfo incident="34542">
  <issue tracker="cve" id="2024-34703"/>
  <issue tracker="bnc" id="1226495">Thunderbird 115.12.0 wasn't supposed to be released?</issue>
  <issue tracker="bnc" id="1227239">VUL-0: CVE-2024-34703: MozillaThunderbird: Botan: denial of service due to overly large elliptic curve parameters</issue>
  <packager>MSirringhaus</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for MozillaThunderbird</summary>
  <description>This update for MozillaThunderbird fixes the following issues:

Security fixes:

- CVE-2024-34703: Fixed denial of service due to overly large elliptic curve parameters in Botan (bsc#1227239)
    
Other fixes:    
    
- Mozilla Thunderbird 115.12.1
  * 115.12.0 got pulled because of upstream automation process errors
    and Windows installer signing changes.
    No code changes, changelog is the same as 115.12.0 (bsc#1226495)
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places