Bugzilla – Full Text Bug Listing |
Summary: | VUL-1: CVE-2021-29956: MozillaThunderbird: Thunderbird stored OpenPGP secret keys without master password protection | ||
---|---|---|---|
Product: | [Novell Products] SUSE Security Incidents | Reporter: | Gianluca Gabrielli <gianluca.gabrielli> |
Component: | Incidents | Assignee: | Martin Sirringhaus <martin.sirringhaus> |
Status: | RESOLVED FIXED | QA Contact: | Security Team bot <security-team> |
Severity: | Minor | ||
Priority: | P4 - Low | CC: | Andreas.Stieger, carlos.e.r, smash_bz, wolfgang |
Version: | unspecified | ||
Target Milestone: | --- | ||
Hardware: | Other | ||
OS: | Other | ||
URL: | https://smash.suse.de/issue/284545/ | ||
Whiteboard: | CVSSv3.1:SUSE:CVE-2021-29956:3.3:(AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N) | ||
Found By: | Security Response Team | Services Priority: | |
Business Priority: | Blocker: | --- | |
Marketing QA Status: | --- | IT Deployment: | --- |
Bug Depends on: | 1187759 | ||
Bug Blocks: |
Description
Gianluca Gabrielli
2021-05-18 12:10:38 UTC
Affected packages: - SUSE:SLE-15-SP2:Update/MozillaThunderbird 78.10.0 - openSUSE:Factory/MozillaThunderbird 78.10.1 Please update to version >= 78.10.2 *** Bug 1186464 has been marked as a duplicate of this bug. *** This is an autogenerated message for OBS integration: This bug (1186199) was mentioned in https://build.opensuse.org/request/show/897289 Factory / MozillaThunderbird SUSE-SU-2021:1854-1: An update that fixes four vulnerabilities is now available. Category: security (moderate) Bug References: 1185086,1185633,1186198,1186199 CVE References: CVE-2021-29950,CVE-2021-29951,CVE-2021-29956,CVE-2021-29957 JIRA References: Sources used: SUSE Linux Enterprise Workstation Extension 15-SP3 (src): MozillaThunderbird-78.10.2-8.27.1 SUSE Linux Enterprise Workstation Extension 15-SP2 (src): MozillaThunderbird-78.10.2-8.27.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination. openSUSE-SU-2021:1854-1: An update that fixes four vulnerabilities is now available. Category: security (moderate) Bug References: 1185086,1185633,1186198,1186199 CVE References: CVE-2021-29950,CVE-2021-29951,CVE-2021-29956,CVE-2021-29957 JIRA References: Sources used: openSUSE Leap 15.3 (src): MozillaThunderbird-78.10.2-8.27.1 done |