TITLE: SUSE update for MozillaThunderbird SECUNIA ADVISORY ID: SA19823 VERIFY ADVISORY: http://secunia.com/advisories/19823/ CRITICAL: Highly critical IMPACT: Security Bypass, Cross Site Scripting, Spoofing, Manipulation of data, Exposure of system information, Exposure of sensitive information, System access WHERE: >From remote OPERATING SYSTEM: SUSE Linux 9.3 http://secunia.com/product/4933/ SUSE Linux 9.2 http://secunia.com/product/4258/ SuSE Linux 9.1 http://secunia.com/product/3473/ SUSE Linux 10 http://secunia.com/product/6221/ DESCRIPTION: SUSE has issued an update for MozillaThunderbird. This fixes some vulnerabilities, where the most critical ones can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting and spoofing attacks, potentially disclose sensitive information, and compromise a user's system. For more information: SA12956 SA13687 SA14017 SA14407 SA14671 SA14685 SA15907 SA16062 SA18704 SOLUTION: Apply updated packages. -- x86 Platform -- SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/MozillaThunderbird-1.0.8-0.2.i586.rpm 26cf86fce7501020613b5e7aa9d817c0 SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/MozillaThunderbird-1.0.8-0.2.i586.rpm cc56fcd7d79bdea6fe3f88fae36013e2 SUSE LINUX 9.2: ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/MozillaThunderbird-1.0.8-0.2.i586.rpm 1808acacd53e3248ac1b73c3b7d70557 SUSE LINUX 9.1: ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/MozillaThunderbird-1.0.8-0.1.i586.rpm c9ba754c65a76f7a7aae082b217b1add -- Power PC Platform -- SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/MozillaThunderbird-1.0.8-0.2.ppc.rpm 5ae486f9a4b72a632f1cd9bb6f5ae659 x86-64 Platform: SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/MozillaThunderbird-1.0.8-0.2.x86_64.rpm d798bd7e1b8c964ac6be1e46be870a34 SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/MozillaThunderbird-1.0.8-0.2.x86_64.rpm ddf99f2f040e5d559749b789bf2316d2 SUSE LINUX 9.2: ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/MozillaThunderbird-1.0.8-0.2.x86_64.rpm 67e96c7a21aa0bcfdea9ce1e003b02f2 SUSE LINUX 9.1: ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/MozillaThunderbird-1.0.8-0.1.x86_64.rpm 6705eb87ba914bfdc40b2af96b89e771 -- Sources -- SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/MozillaThunderbird-1.0.8-0.2.src.rpm a1d223c8c5baca6a3e156a7f574033f0 SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/MozillaThunderbird-1.0.8-0.2.src.rpm 69aa14a7c43b0bdae68a7777c8e70a94 SUSE LINUX 9.2: ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/src/MozillaThunderbird-1.0.8-0.2.src.rpm d7101dcb24d6686eaaa9d448a61ff49c SUSE LINUX 9.1: ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/MozillaThunderbird-1.0.8-0.1.src.rpm 2ddffcab2830abaac80470d1da121e1c ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/MozillaThunderbird-1.0.8-0.1.src.rpm c26b9d2f04a22a09da5393baa4a8e5e7 ORIGINAL ADVISORY: http://www.novell.com/linux/security/advisories/2006_04_25.html OTHER REFERENCES: SA12956: http://secunia.com/advisories/12956/ SA13687: http://secunia.com/advisories/13687/ SA14017: http://secunia.com/advisories/14017/ SA14407: http://secunia.com/advisories/14407/ SA14671: http://secunia.com/advisories/14671/ SA14685: http://secunia.com/advisories/14685/ SA15907: http://secunia.com/advisories/15907/ SA16062: http://secunia.com/advisories/16062/ SA18704: http://secunia.com/advisories/18704/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------