{"affected":[{"ecosystem_specific":{"binaries":[{"MozillaThunderbird":"115.14.0-150200.8.174.1","MozillaThunderbird-translations-common":"115.14.0-150200.8.174.1","MozillaThunderbird-translations-other":"115.14.0-150200.8.174.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Package Hub 15 SP5","name":"MozillaThunderbird","purl":"pkg:rpm/suse/MozillaThunderbird&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"115.14.0-150200.8.174.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"MozillaThunderbird":"115.14.0-150200.8.174.1","MozillaThunderbird-translations-common":"115.14.0-150200.8.174.1","MozillaThunderbird-translations-other":"115.14.0-150200.8.174.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Package Hub 15 SP6","name":"MozillaThunderbird","purl":"pkg:rpm/suse/MozillaThunderbird&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"115.14.0-150200.8.174.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"MozillaThunderbird":"115.14.0-150200.8.174.1","MozillaThunderbird-translations-common":"115.14.0-150200.8.174.1","MozillaThunderbird-translations-other":"115.14.0-150200.8.174.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Workstation Extension 15 SP5","name":"MozillaThunderbird","purl":"pkg:rpm/suse/MozillaThunderbird&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"115.14.0-150200.8.174.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"MozillaThunderbird":"115.14.0-150200.8.174.1","MozillaThunderbird-translations-common":"115.14.0-150200.8.174.1","MozillaThunderbird-translations-other":"115.14.0-150200.8.174.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Workstation Extension 15 SP6","name":"MozillaThunderbird","purl":"pkg:rpm/suse/MozillaThunderbird&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"115.14.0-150200.8.174.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"MozillaThunderbird":"115.14.0-150200.8.174.1","MozillaThunderbird-translations-common":"115.14.0-150200.8.174.1","MozillaThunderbird-translations-other":"115.14.0-150200.8.174.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.5","name":"MozillaThunderbird","purl":"pkg:rpm/opensuse/MozillaThunderbird&distro=openSUSE%20Leap%2015.5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"115.14.0-150200.8.174.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"MozillaThunderbird":"115.14.0-150200.8.174.1","MozillaThunderbird-translations-common":"115.14.0-150200.8.174.1","MozillaThunderbird-translations-other":"115.14.0-150200.8.174.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.6","name":"MozillaThunderbird","purl":"pkg:rpm/opensuse/MozillaThunderbird&distro=openSUSE%20Leap%2015.6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"115.14.0-150200.8.174.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for MozillaThunderbird fixes the following issues:\n\n- Mozilla Thunderbird 115.14\n  * fixed: When using an external installation of GnuPG,\n    Thunderbird occassionally sent/received corrupted messages\n  * fixed: Users of external GnuPG were unable to decrypt\n    incorrectly encoded messages (bmo#1906903)\n  * fixed: Flatpak install of 128.0esr was incorrectly downgraded\n    to 115.13.0esr (bmo#1908299)\n  * fixed: Security fixes\n  MFSA 2024-38 (bsc#1228648)\n  * CVE-2024-7519: Out of bounds memory access in graphics shared memory handling\n  * CVE-2024-7521: Incomplete WebAssembly exception handing\n  * CVE-2024-7522: Out of bounds read in editor component\n  * CVE-2024-7525: Missing permission check when creating a StreamFilter\n  * CVE-2024-7526: Uninitialized memory used by WebGL\n  * CVE-2024-7527: Use-after-free in JavaScript garbage collection\n  * CVE-2024-7529: Document content could partially obscure security prompts\n","id":"SUSE-SU-2024:3112-1","modified":"2024-09-03T15:03:52Z","published":"2024-09-03T15:03:52Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2024/suse-su-20243112-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1228648"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-7519"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-7521"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-7522"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-7525"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-7526"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-7527"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-7529"}],"related":["CVE-2024-7519","CVE-2024-7521","CVE-2024-7522","CVE-2024-7525","CVE-2024-7526","CVE-2024-7527","CVE-2024-7529"],"summary":"Security update for MozillaThunderbird","upstream":["CVE-2024-7519","CVE-2024-7521","CVE-2024-7522","CVE-2024-7525","CVE-2024-7526","CVE-2024-7527","CVE-2024-7529"]}