openSUSE-SU-2017:1268-1: moderate: Security update for MozillaThunderbird

15 May 2017

      openSUSE Security Update: Security update for MozillaThunderbird
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2017:1268-1
Rating:             moderate
References:         #1028391 #1035082 
Cross-References:   CVE-2017-5398 CVE-2017-5399 CVE-2017-5400
                    CVE-2017-5401 CVE-2017-5402 CVE-2017-5403
                    CVE-2017-5404 CVE-2017-5405 CVE-2017-5406
                    CVE-2017-5407 CVE-2017-5408 CVE-2017-5410
                    CVE-2017-5412 CVE-2017-5413 CVE-2017-5414
                    CVE-2017-5416 CVE-2017-5418 CVE-2017-5419
                    CVE-2017-5421 CVE-2017-5422 CVE-2017-5426
                    CVE-2017-5429 CVE-2017-5430 CVE-2017-5432
                    CVE-2017-5433 CVE-2017-5434 CVE-2017-5435
                    CVE-2017-5436 CVE-2017-5437 CVE-2017-5438
                    CVE-2017-5439 CVE-2017-5440 CVE-2017-5441
                    CVE-2017-5442 CVE-2017-5443 CVE-2017-5444
                    CVE-2017-5445 CVE-2017-5446 CVE-2017-5447
                    CVE-2017-5449 CVE-2017-5451 CVE-2017-5454
                    CVE-2017-5459 CVE-2017-5460 CVE-2017-5461
                    CVE-2017-5462 CVE-2017-5464 CVE-2017-5465
                    CVE-2017-5466 CVE-2017-5467 CVE-2017-5469

Affected Products:
                    SUSE Package Hub for SUSE Linux Enterprise 12
______________________________________________________________________________

   An update that fixes 51 vulnerabilities is now available.

Description:

   This update to MozillaThunderbird 51.1.0 fixes security issues and bugs.

   In general, these flaws cannot be exploited through email because
   scripting is disabled when reading mail, but are potentially risks in
   browser or browser-like contexts.

   The following vulnerabilities were fixed: boo#1035082, MFSA 2017-13,
   boo#1028391, MFSA 2017-09)

   - CVE-2017-5443: Out-of-bounds write during BinHex decoding
   - CVE-2017-5429: Memory safety bugs fixed in Firefox 53, Firefox ESR 45.9,
     and Firefox ESR 52.1
   - CVE-2017-5464: Memory corruption with accessibility and DOM manipulation
   - CVE-2017-5465: Out-of-bounds read in ConvolvePixel
   - CVE-2017-5466: Origin confusion when reloading isolated data:text/html
     URL
   - CVE-2017-5467: Memory corruption when drawing Skia content
   - CVE-2017-5460: Use-after-free in frame selection
   - CVE-2017-5449: Crash during bidirectional unicode manipulation with
     animation
   - CVE-2017-5446: Out-of-bounds read when HTTP/2 DATA frames are sent with
     incorrect data
   - CVE-2017-5447: Out-of-bounds read during glyph processing
   - CVE-2017-5444: Buffer overflow while parsing
     application/http-index-format content
   - CVE-2017-5445: Uninitialized values used while parsing
     application/http-index-format content
   - CVE-2017-5442: Use-after-free during style changes
   - CVE-2017-5469: Potential Buffer overflow in flex-generated code
   - CVE-2017-5440: Use-after-free in txExecutionState destructor during XSLT
     processing
   - CVE-2017-5441: Use-after-free with selection during scroll events
   - CVE-2017-5439: Use-after-free in nsTArray Length() during XSLT processing
   - CVE-2017-5438: Use-after-free in nsAutoPtr during XSLT processing
   - CVE-2017-5437: Vulnerabilities in Libevent library
   - CVE-2017-5436: Out-of-bounds write with malicious font in Graphite 2
   - CVE-2017-5435: Use-after-free during transaction processing in the editor
   - CVE-2017-5434: Use-after-free during focus handling
   - CVE-2017-5433: Use-after-free in SMIL animation functions
   - CVE-2017-5432: Use-after-free in text input selection
   - CVE-2017-5430: Memory safety bugs fixed in Firefox 53 and Firefox ESR
     52.1
   - CVE-2017-5459: Buffer overflow in WebGL
   - CVE-2017-5454; Sandbox escape allowing file system read access through
     file picker
   - CVE-2017-5451: Addressbar spoofing with onblur event
   - CVE-2017-5400: asm.js JIT-spray bypass of ASLR and DEP
   - CVE-2017-5401: Memory Corruption when handling ErrorResult
   - CVE-2017-5402: Use-after-free working with events in FontFace objects
   - CVE-2017-5403: Use-after-free using addRange to add range to an
     incorrect root object
   - CVE-2017-5404: Use-after-free working with ranges in selections
   - CVE-2017-5406: Segmentation fault in Skia with canvas operations
   - CVE-2017-5407: Pixel and history stealing via floating-point timing side
     channel with SVG filters
   - CVE-2017-5410: Memory corruption during JavaScript garbage collection
     incremental sweeping
   - CVE-2017-5408: Cross-origin reading of video captions in violation of
     CORS
   - CVE-2017-5412: Buffer overflow read in SVG filters
   - CVE-2017-5413: Segmentation fault during bidirectional operations
   - CVE-2017-5414: File picker can choose incorrect default directory
   - CVE-2017-5416: Null dereference crash in HttpChannel
   - CVE-2017-5426: Gecko Media Plugin sandbox is not started if seccomp-bpf
     filter is running
   - CVE-2017-5418: Out of bounds read when parsing HTTP digest authorization
     responses
   - CVE-2017-5419: Repeated authentication prompts lead to DOS attack
   - CVE-2017-5405: FTP response codes can cause use of uninitialized values
     for ports
   - CVE-2017-5421: Print preview spoofing
   - CVE-2017-5422: DOS attack by using view-source: protocol repeatedly in
     one hyperlink
   - CVE-2017-5399: Memory safety bugs fixed in Thunderbird 52
   - CVE-2017-5398: Memory safety bugs fixed in Thunderbird 52 and
     Thunderbird 45.8

   The following non-security changes are included:

   - Background images not working and other issues related to embedded
     images when composing email have been fixed
   - Google Oauth setup can sometimes not progress to the next step
   - Clicking on a link in an email may not open this link in the external
     browser
   - addon blocklist updates
   - enable ALSA for systems without PulseAudio
   - Optionally remove corresponding data files when removing an account
   - Possibility to copy message filter
   - Calendar: Event can now be created and edited in a tab
   - Calendar: Processing of received invitation counter proposals
   - Chat: Support Twitter Direct Messages
   - Chat: Liking and favoriting in Twitter
   - Chat: Removed Yahoo! Messenger support

Patch Instructions:

   To install this openSUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Package Hub for SUSE Linux Enterprise 12:

      zypper in -t patch openSUSE-2017-574=1

   To bring your system up-to-date, use "zypper patch".

Package List:

   - SUSE Package Hub for SUSE Linux Enterprise 12 (x86_64):

      MozillaThunderbird-52.1.0-30.1
      MozillaThunderbird-buildsymbols-52.1.0-30.1
      MozillaThunderbird-devel-52.1.0-30.1
      MozillaThunderbird-translations-common-52.1.0-30.1
      MozillaThunderbird-translations-other-52.1.0-30.1

References:

   https://www.suse.com/security/cve/CVE-2017-5398.html
   https://www.suse.com/security/cve/CVE-2017-5399.html
   https://www.suse.com/security/cve/CVE-2017-5400.html
   https://www.suse.com/security/cve/CVE-2017-5401.html
   https://www.suse.com/security/cve/CVE-2017-5402.html
   https://www.suse.com/security/cve/CVE-2017-5403.html
   https://www.suse.com/security/cve/CVE-2017-5404.html
   https://www.suse.com/security/cve/CVE-2017-5405.html
   https://www.suse.com/security/cve/CVE-2017-5406.html
   https://www.suse.com/security/cve/CVE-2017-5407.html
   https://www.suse.com/security/cve/CVE-2017-5408.html
   https://www.suse.com/security/cve/CVE-2017-5410.html
   https://www.suse.com/security/cve/CVE-2017-5412.html
   https://www.suse.com/security/cve/CVE-2017-5413.html
   https://www.suse.com/security/cve/CVE-2017-5414.html
   https://www.suse.com/security/cve/CVE-2017-5416.html
   https://www.suse.com/security/cve/CVE-2017-5418.html
   https://www.suse.com/security/cve/CVE-2017-5419.html
   https://www.suse.com/security/cve/CVE-2017-5421.html
   https://www.suse.com/security/cve/CVE-2017-5422.html
   https://www.suse.com/security/cve/CVE-2017-5426.html
   https://www.suse.com/security/cve/CVE-2017-5429.html
   https://www.suse.com/security/cve/CVE-2017-5430.html
   https://www.suse.com/security/cve/CVE-2017-5432.html
   https://www.suse.com/security/cve/CVE-2017-5433.html
   https://www.suse.com/security/cve/CVE-2017-5434.html
   https://www.suse.com/security/cve/CVE-2017-5435.html
   https://www.suse.com/security/cve/CVE-2017-5436.html
   https://www.suse.com/security/cve/CVE-2017-5437.html
   https://www.suse.com/security/cve/CVE-2017-5438.html
   https://www.suse.com/security/cve/CVE-2017-5439.html
   https://www.suse.com/security/cve/CVE-2017-5440.html
   https://www.suse.com/security/cve/CVE-2017-5441.html
   https://www.suse.com/security/cve/CVE-2017-5442.html
   https://www.suse.com/security/cve/CVE-2017-5443.html
   https://www.suse.com/security/cve/CVE-2017-5444.html
   https://www.suse.com/security/cve/CVE-2017-5445.html
   https://www.suse.com/security/cve/CVE-2017-5446.html
   https://www.suse.com/security/cve/CVE-2017-5447.html
   https://www.suse.com/security/cve/CVE-2017-5449.html
   https://www.suse.com/security/cve/CVE-2017-5451.html
   https://www.suse.com/security/cve/CVE-2017-5454.html
   https://www.suse.com/security/cve/CVE-2017-5459.html
   https://www.suse.com/security/cve/CVE-2017-5460.html
   https://www.suse.com/security/cve/CVE-2017-5461.html
   https://www.suse.com/security/cve/CVE-2017-5462.html
   https://www.suse.com/security/cve/CVE-2017-5464.html
   https://www.suse.com/security/cve/CVE-2017-5465.html
   https://www.suse.com/security/cve/CVE-2017-5466.html
   https://www.suse.com/security/cve/CVE-2017-5467.html
   https://www.suse.com/security/cve/CVE-2017-5469.html
   https://bugzilla.suse.com/1028391
   https://bugzilla.suse.com/1035082

openSUSE-SU-2017:1268-1: moderate: Security update for MozillaThunderbird

opensuse-security＠opensuse.org