{"affected":[{"ecosystem_specific":{"binaries":[{"MozillaThunderbird":"78.12.0-lp152.2.48.2","MozillaThunderbird-translations-common":"78.12.0-lp152.2.48.2","MozillaThunderbird-translations-other":"78.12.0-lp152.2.48.2"}]},"package":{"ecosystem":"openSUSE:Leap 15.2","name":"MozillaThunderbird","purl":"pkg:rpm/opensuse/MozillaThunderbird&distro=openSUSE%20Leap%2015.2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"78.12.0-lp152.2.48.2"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for MozillaThunderbird fixes the following issues:\n\nMozilla Thunderbird 78.12\n\n  * fixed: Sending an email containing HTML links with spaces in\n    the URL sometimes resulted in broken links\n  * fixed: Folder Pane display theme fixes for macOS\n  * fixed: Chat account settings did not always save as expected\n  * fixed: RSS feed subscriptions sometimes lost\n  * fixed: Calendar: A parsing error for alarm triggers of type\n    'DURATION' caused sync problems for some users\n  * fixed: Various security fixes\n\nMFSA 2021-30 (bsc#1188275)\n\n* CVE-2021-29969: IMAP server responses sent by a MITM prior to STARTTLS could be processed\n* CVE-2021-29970: Use-after-free in accessibility features of a document\n* CVE-2021-30547: Out of bounds write in ANGLE\n* CVE-2021-29976: Memory safety bugs fixed in Thunderbird 78.12\n\nThis update was imported from the SUSE:SLE-15-SP2:Update update project.","id":"openSUSE-SU-2021:1091-1","modified":"2021-08-04T00:14:42Z","published":"2021-08-04T00:14:42Z","references":[{"type":"ADVISORY","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ABQT6TDIB2IQ4ZZNUZXMHLE7ZDVD4YBM/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1188275"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-29969"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-29970"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-29976"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-30547"}],"related":["CVE-2021-29969","CVE-2021-29970","CVE-2021-29976","CVE-2021-30547"],"summary":"Security update for MozillaThunderbird","upstream":["CVE-2021-29969","CVE-2021-29970","CVE-2021-29976","CVE-2021-30547"]}