* CVE-2018-12359 (bmo#1459162)
Buffer overflow using computed size of canvas element
* CVE-2018-12360 (bmo#1459693)
Use-after-free when using focus()
* CVE-2018-12372 (bmo#1419417)
S/MIME and PGP decryption oracles can be built with HTML emails
* CVE-2018-12373 (bmo#1464667, bmo#1464056)
S/MIME plaintext can be leaked through HTML reply/forward
* CVE-2018-12362 (bmo#1452375)
Integer overflow in SSSE3 scaler
* CVE-2018-12363 (bmo#1464784)
Use-after-free when appending DOM nodes
* CVE-2018-12364 (bmo#1436241)
CSRF attacks through 307 redirects and NPAPI plugins
* CVE-2018-12365 (bmo#1459206)
Compromised IPC child process can list local filenames
* CVE-2018-12366 (bmo#1464039)
Invalid data handling during QCMS transformations
* CVE-2018-12374 (bmo#1462910)
Using form to exfiltrate encrypted mail part by pressing enter in form field
* CVE-2018-5188 (bmo#1456189,bmo#1456975,bmo#1465898,bmo#1392739,
bmo#1451297,bmo#1464063,bmo#1437842,bmo#1442722,bmo#1452576,
bmo#1450688,bmo#1458264,bmo#1458270,bmo#1465108,bmo#1464829,
bmo#1464079,bmo#1463494,bmo#1458048)
Memory safety bugs fixed in Firefox 60, Firefox ESR 60.1, and Firefox ESR 52.9
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=410
- update to Thunderbird 52.8 (bsc#1092548)
MFSA 2018-13
* CVE-2018-5183 (bmo#1454692)
Backport critical security fixes in Skia
* CVE-2018-5184 (bmo#1411592, bsc#1093152)
Full plaintext recovery in S/MIME via chosen-ciphertext attack
* CVE-2018-5154 (bmo#1443092)
Use-after-free with SVG animations and clip paths
* CVE-2018-5155 (bmo#1448774)
Use-after-free with SVG animations and text paths
* CVE-2018-5159 (bmo#1441941)
Integer overflow and out-of-bounds write in Skia
* CVE-2018-5161 (bmo#1411720)
Hang via malformed headers
* CVE-2018-5162 (bmo#1457721, bsc#1093152)
Encrypted mail leaks plaintext through src attribute
* CVE-2018-5170 (bmo#1411732)
Filename spoofing for external attachments
* CVE-2018-5168 (bmo#1449548)
Lightweight themes can be installed without user interaction
* CVE-2018-5174 (bmo#1447080) (Windows only)
Windows Defender SmartScreen UI runs with less secure behavior
for downloaded files in Windows 10 April 2018 Update
* CVE-2018-5178 (bmo#1443891)
Buffer overflow during UTF-8 to Unicode string conversion
through legacy extension
* CVE-2018-5185 (bmo#1450345)
Leaking plaintext through HTML forms
* CVE-2018-5150 (bmo#1388020,bmo#1433609,bmo#1409440,bmo#1448705,
bmo#1451376,bmo#1452202,bmo#1444668,bmo#1393367,bmo#1411415,
OBS-URL: https://build.opensuse.org/request/show/610619
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=192
MFSA 2018-13
* CVE-2018-5183 (bmo#1454692)
Backport critical security fixes in Skia
* CVE-2018-5184 (bmo#1411592, bsc#1093152)
Full plaintext recovery in S/MIME via chosen-ciphertext attack
* CVE-2018-5154 (bmo#1443092)
Use-after-free with SVG animations and clip paths
* CVE-2018-5155 (bmo#1448774)
Use-after-free with SVG animations and text paths
* CVE-2018-5159 (bmo#1441941)
Integer overflow and out-of-bounds write in Skia
* CVE-2018-5161 (bmo#1411720)
Hang via malformed headers
* CVE-2018-5162 (bmo#1457721, bsc#1093152)
Encrypted mail leaks plaintext through src attribute
* CVE-2018-5170 (bmo#1411732)
Filename spoofing for external attachments
* CVE-2018-5168 (bmo#1449548)
Lightweight themes can be installed without user interaction
* CVE-2018-5174 (bmo#1447080) (Windows only)
Windows Defender SmartScreen UI runs with less secure behavior
for downloaded files in Windows 10 April 2018 Update
* CVE-2018-5178 (bmo#1443891)
Buffer overflow during UTF-8 to Unicode string conversion
through legacy extension
* CVE-2018-5185 (bmo#1450345)
Leaking plaintext through HTML forms
* CVE-2018-5150 (bmo#1388020,bmo#1433609,bmo#1409440,bmo#1448705,
bmo#1451376,bmo#1452202,bmo#1444668,bmo#1393367,bmo#1411415,
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=406
- update to Thunderbird 52.7
* Searching message bodies of messages in local folders, including
filter and quick filter operations, did not find content in
message attachments
* Better error handling for Yahoo accounts
- The following security fixes are included as part of the mozilla
platform. In general, these flaws cannot be exploited through
email in the Thunderbird product because scripting is disabled
when reading mail, but are potentially risks in browser or
browser-like contexts (MFSA 2018-09, bsc#1085130, bsc#1085671):
* CVE-2018-5127 (bmo#1430557)
Buffer overflow manipulating SVG animatedPathSegList
* CVE-2018-5129 (bmo#1428947)
Out-of-bounds write with malformed IPC messages
* CVE-2018-5144 (bmo#1440926)
Integer overflow during Unicode conversion
* CVE-2018-5146 (bmo#1446062)
Out of bounds memory write in libvorbis
* CVE-2018-5125 (bmo1416529,bmo#1434580,bmo#1434384,bmo#1437450,
bmo#1437507,bmo#1426988,bmo#1438425,bmo#1324042,bmo#1437087,
bmo#1443865,bmo#1425520)
Memory safety bugs fixed in Firefox 59, Firefox ESR 52.7, and
Thunderbird 52.7
* CVE-2018-5145 (bmo#1261175,bmo#1348955)
Memory safety bugs fixed in Firefox ESR 52.7 and Thunderbird
52.7
OBS-URL: https://build.opensuse.org/request/show/591025
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=190
* Searching message bodies of messages in local folders, including
filter and quick filter operations, did not find content in
message attachments
* Better error handling for Yahoo accounts
MFSA 2018-08
* CVE-2018-5146 (bmo#1446062)
Out of bounds memory write in libvorbis
* CVE-2018-5147 (bmo#1446365)
Out of bounds memory write in libtremor
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=401
- update to Thunderbird 52.6 (bsc#1077291)
* Searching message bodies of messages in local folders, including
filter and quick filter operations, not working reliably: Content
not found in base64-encode message parts, non-ASCII text not found
and false positives found.
* Defective messages (without at least one expected header) not shown
in IMAP folders but shown on mobile devices
* Calendar: Unintended task deletion if numlock is enabled
* Mozilla platform security fixes
MFSA 2018-04
* CVE-2018-5095 (bmo#1418447)
Integer overflow in Skia library during edge builder allocation
* CVE-2018-5096 (bmo#1418922)
Use-after-free while editing form elements
* CVE-2018-5097 (bmo#1387427)
Use-after-free when source document is manipulated during XSLT
* CVE-2018-5098 (bmo#1399400)
Use-after-free while manipulating form input elements
* CVE-2018-5099 (bmo#1416878)
Use-after-free with widget listener
* CVE-2018-5102 (bmo#1419363)
Use-after-free in HTML media elements
* CVE-2018-5103 (bmo#1423159)
Use-after-free during mouse event handling
* CVE-2018-5104 (bmo#1425000)
Use-after-free during font face manipulation
* CVE-2018-5117 (bmo#1395508)
URL spoofing with right-to-left text aligned left-to-right
* CVE-2018-5089
Memory safety bugs fixed in Firefox 58 and Firefox ESR 52.6
OBS-URL: https://build.opensuse.org/request/show/569795
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=188
* Searching message bodies of messages in local folders, including
filter and quick filter operations, not working reliably: Content
not found in base64-encode message parts, non-ASCII text not found
and false positives found.
* Defective messages (without at least one expected header) not shown
in IMAP folders but shown on mobile devices
* Calendar: Unintended task deletion if numlock is enabled
* Mozilla platform security fixes
MFSA 2018-04
* CVE-2018-5095 (bmo#1418447)
Integer overflow in Skia library during edge builder allocation
* CVE-2018-5096 (bmo#1418922)
Use-after-free while editing form elements
* CVE-2018-5097 (bmo#1387427)
Use-after-free when source document is manipulated during XSLT
* CVE-2018-5098 (bmo#1399400)
Use-after-free while manipulating form input elements
* CVE-2018-5099 (bmo#1416878)
Use-after-free with widget listener
* CVE-2018-5102 (bmo#1419363)
Use-after-free in HTML media elements
* CVE-2018-5103 (bmo#1423159)
Use-after-free during mouse event handling
* CVE-2018-5104 (bmo#1425000)
Use-after-free during font face manipulation
* CVE-2018-5117 (bmo#1395508)
URL spoofing with right-to-left text aligned left-to-right
* CVE-2018-5089
Memory safety bugs fixed in Firefox 58 and Firefox ESR 52.6
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=397
* This releases fixes the "Mailsploit" vulnerability and other
vulnerabilities detected by the "Cure53" audit
MFSA 2017-30
* CVE-2017-7845 (bmo#1402372)
Buffer overflow when drawing and validating elements with ANGLE
library using Direct 3D 9
* CVE-2017-7846 (bmo#1411716)
JavaScript Execution via RSS in mailbox:// origin
* CVE-2017-7847 (bmo#1411708)
Local path string can be leaked from RSS feed
* CVE-2017-7848 (bmo#1411699)
RSS Feed vulnerable to new line Injection
* CVE-2017-7829 (bmo#1423432)
Mailsploit part 1: From address with encoded null character is
cut off in message header display
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=394
- update to Thunderbird 52.5.0 (bsc#1068101)
* Better support for Charter/Spectrum IMAP: Thunderbird will now
detect Charter's IMAP service and send an additional IMAP select
command to the server. Check the various preferences ending in
"force_select" to see whether auto-detection has discovered this case.
* In search folders spanning multiple base folders clicking on a
message sometimes marked another message as read
* IMAP alerts have been corrected and now show the correct server
name in case of connection problems
* POP alerts have been corrected and now indicate connection problems
in case the configured POP server cannot be found
MFSA 2017-26
* CVE-2017-7828 (bmo#1406750. bmo#1412252)
Use-after-free of PressShell while restyling layout
* CVE-2017-7830 (bmo#1408990)
Cross-origin URL information leak through Resource Timing API
* CVE-2017-7826
Memory safety bugs fixed in Firefox 57 and Firefox ESR 52.5
- Drop obsolete libgnomeui-devel BuildRequires: No longer needed.
- Add explicit pkgconfig(gconf-2.0), pkgconfig(gobject-2.0),
pkgconfig(gtk+-2.0), pkgconfig(gtk+-unix-print-2.0),
pkgconfig(glib-2.0), pkgconfig(gobject-2.0) and
pkgconfig(gdk-x11-2.0) BuildRequires: Previously pulled in by
libgnomeui-devel, and is what configure really checks for.
OBS-URL: https://build.opensuse.org/request/show/545445
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=185
detect Charter's IMAP service and send an additional IMAP select
command to the server. Check the various preferences ending in
"force_select" to see whether auto-detection has discovered this case.
* In search folders spanning multiple base folders clicking on a
message sometimes marked another message as read
* IMAP alerts have been corrected and now show the correct server
name in case of connection problems
* POP alerts have been corrected and now indicate connection problems
in case the configured POP server cannot be found
MFSA 2017-26
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=390
- Mozilla Thunderbird 52.4.0 (bsc#1060445)
* new behavior was introduced for replies to mailing list posts:
"When replying to a mailing list, reply will be sent to address
in From header ignoring Reply-to header". A new preference
mail.override_list_reply_to allows to restore the previous behavior.
* Under certain circumstances (image attachment and non-image
attachment), attached images were shown truncated in messages
stored in IMAP folders not synchronised for offline use.
* IMAP UIDs > 0x7FFFFFFF now handled properly
Security fixes from Gecko 52.4esr
* CVE-2017-7793 (bmo#1371889)
Use-after-free with Fetch API
* CVE-2017-7818 (bmo#1363723)
Use-after-free during ARIA array manipulation
* CVE-2017-7819 (bmo#1380292)
Use-after-free while resizing images in design mode
* CVE-2017-7824 (bmo#1398381)
Buffer overflow when drawing and validating elements with ANGLE
* CVE-2017-7805 (bmo#1377618) (fixed via NSS requirement)
Use-after-free in TLS 1.2 generating handshake hashes
* CVE-2017-7814 (bmo#1376036)
Blob and data URLs bypass phishing and malware protection warnings
* CVE-2017-7825 (bmo#1393624, bmo#1390980) (OSX-only)
OS X fonts render some Tibetan and Arabic unicode characters as spaces
* CVE-2017-7823 (bmo#1396320)
CSP sandbox directive did not create a unique origin
* CVE-2017-7810
Memory safety bugs fixed in Firefox 56 and Firefox ESR 52.4
- Add alsa-devel BuildRequires: we care for ALSA support to be
OBS-URL: https://build.opensuse.org/request/show/532694
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=184
"When replying to a mailing list, reply will be sent to address
in From header ignoring Reply-to header". A new preference
mail.override_list_reply_to allows to restore the previous behavior.
* Under certain circumstances (image attachment and non-image
attachment), attached images were shown truncated in messages
stored in IMAP folders not synchronised for offline use.
* IMAP UIDs > 0x7FFFFFFF now handled properly
Security fixes from Gecko 52.4esr
* CVE-2017-7793 (bmo#1371889)
Use-after-free with Fetch API
* CVE-2017-7818 (bmo#1363723)
Use-after-free during ARIA array manipulation
* CVE-2017-7819 (bmo#1380292)
Use-after-free while resizing images in design mode
* CVE-2017-7824 (bmo#1398381)
Buffer overflow when drawing and validating elements with ANGLE
* CVE-2017-7805 (bmo#1377618) (fixed via NSS requirement)
Use-after-free in TLS 1.2 generating handshake hashes
* CVE-2017-7814 (bmo#1376036)
Blob and data URLs bypass phishing and malware protection warnings
* CVE-2017-7825 (bmo#1393624, bmo#1390980) (OSX-only)
OS X fonts render some Tibetan and Arabic unicode characters as spaces
* CVE-2017-7823 (bmo#1396320)
CSP sandbox directive did not create a unique origin
* CVE-2017-7810
Memory safety bugs fixed in Firefox 56 and Firefox ESR 52.4
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=386
