{"id":"openSUSE-SU-2021:0387-1","summary":"Security update for MozillaThunderbird","details":"This update for MozillaThunderbird fixes the following issues:\n\n- Mozilla Thunderbird 78.8\n  * fixed: Importing an address book from a CSV file always reported an error\n  * fixed: Security information for S/MIME messages was not displayed correctly prior to a draft being saved\n  * fixed: Calendar: FileLink UI fixes for Caldav calendars\n  * fixed: Recurring tasks were always marked incomplete; unable to use filters\n  * fixed: Various UI widgets not working\n  * fixed: Dark theme improvements\n  * fixed: Extension manager was missing link to addon support web page\n  * fixed: Various security fixes\n  MFSA 2021-09 (bsc#1182614)\n  * CVE-2021-23969: Content Security Policy violation report could have contained the destination of a redirect\n  * CVE-2021-23968: Content Security Policy violation report could have contained the destination of a redirect\n  * CVE-2021-23973: MediaError message property could have leaked information about cross-origin resources\n  * CVE-2021-23978: Memory safety bugs fixed in Thunderbird 78.8\n\nThis update was imported from the SUSE:SLE-15-SP2:Update update project.","modified":"2026-02-04T03:41:25.547019Z","published":"2021-03-05T22:42:16Z","related":["CVE-2021-23968","CVE-2021-23969","CVE-2021-23973","CVE-2021-23978"],"upstream":["CVE-2021-23968","CVE-2021-23969","CVE-2021-23973","CVE-2021-23978"],"references":[{"type":"ADVISORY","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2REQ3DSH3BKY3CWSHN3VOQE3JTXUFINV/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1182357"},{"type":"REPORT","url":"https://bugzilla.suse.com/1182614"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-23968"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-23969"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-23973"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-23978"}],"affected":[{"package":{"name":"MozillaThunderbird","ecosystem":"openSUSE:Leap 15.2","purl":"pkg:rpm/opensuse/MozillaThunderbird&distro=openSUSE%20Leap%2015.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"78.8.0-lp152.2.35.1"}]}],"ecosystem_specific":{"binaries":[{"MozillaThunderbird-translations-common":"78.8.0-lp152.2.35.1","MozillaThunderbird-translations-other":"78.8.0-lp152.2.35.1","MozillaThunderbird":"78.8.0-lp152.2.35.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2021:0387-1.json"}}],"schema_version":"1.7.3"}