[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-OPENSUSE-SU-2019:2464-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":32,"duplicates":33,"related":34,"reserved_at":9,"published_at":44,"modified_at":45,"state":9,"summary":46,"references_raw":48,"kevs":117,"epss":9,"epss_history":118,"metrics":119,"affected":120},"OPENSUSE-SU-2019:2464-1","Recommended update for MozillaThunderbird\n\nThis update for MozillaThunderbird to version 68.2.1 provides the following fixes:\n\n- Security issues fixed (bsc#1154738):\n  * CVE-2019-15903: Fixed a heap overflow in the expat library (bsc#1149429).\n  * CVE-2019-11757: Fixed a use-after-free when creating index updates in IndexedDB (bsc#1154738).\n  * CVE-2019-11758: Fixed a potentially exploitable crash due to 360 Total Security (bsc#1154738).\n  * CVE-2019-11759: Fixed a stack buffer overflow in HKDF output (bsc#1154738).\n  * CVE-2019-11760: Fixed a stack buffer overflow in WebRTC networking (bsc#1154738).\n  * CVE-2019-11761: Fixed an unintended access to a privileged JSONView object (bsc#1154738).\n  * CVE-2019-11762: Fixed a same-origin-property violation (bsc#1154738).\n  * CVE-2019-11763: Fixed an XSS bypass (bsc#1154738).\n  * CVE-2019-11764: Fixed several memory safety bugs (bsc#1154738).\n\nOther fixes (bsc#1153879):\n  * Some attachments couldn't be opened in messages originating from MS Outlook 2016.\n  * Address book import from CSV.\n  * Performance problem in message body search.\n  * Ctrl+Enter to send a message would open an attachment if the attachment pane had focus.\n  * Calendar: Issues with 'Today Pane' start-up.\n  * Calendar: Glitches with custom repeat and reminder number input.\n  * Calendar: Problems with WCAP provider.\n  * A language for the user interface can now be chosen in\n    the advanced settings  \n  * Fixed an issue with Google authentication (OAuth2)\n  * Fixed an issue where selected or unread messages were not \n    shown in the correct color in the thread pane under some\n    circumstances\n  * Fixed an issue where when using a language pack, names of \n    standard folders were not localized (bsc#1149126)\n  * Fixed an issue where the address book default startup directory \n    in preferences panel not persisted\n  * Fixed various visual glitches\n  * Fixed issues with the  chat\n  * Fixed building with rust >= 1.38.\n  * Fixrd LTO build without PGO.\n  * Removed kde.js since disabling instantApply breaks extensions and is now obsolete with\n    the move to HTML views for preferences. (bsc#1151186)\n  * Updated create-tar.sh. (bsc#1152778)\n  * Deactivated the crashreporter for the last remaining arch.\n\nThis update was imported from the SUSE:SLE-15:Update update project.",null,[],[],[],[14,16,18,20,22,24,26,28,30],{"_key":15},"CVE-2019-11757",{"_key":17},"CVE-2019-11758",{"_key":19},"CVE-2019-11759",{"_key":21},"CVE-2019-11760",{"_key":23},"CVE-2019-11761",{"_key":25},"CVE-2019-11762",{"_key":27},"CVE-2019-11763",{"_key":29},"CVE-2019-11764",{"_key":31},"CVE-2019-15903",[],[],[35,36,37,38,39,40,41,42,43],{"_key":15},{"_key":17},{"_key":19},{"_key":21},{"_key":23},{"_key":25},{"_key":27},{"_key":29},{"_key":31},"2019-11-09T12:48:20Z","2026-02-04T04:38:28.945627Z",{"cisa_kev":47,"cisa_ransomware":47,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[49,55,60,64,68,72,76,80,85,89,93,97,101,105,109,113],{"url":50,"sources":51,"tags":53},"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ISVN7BSIYJ7GDXZNJMHOFE6I6LYX7RUX/#ISVN7BSIYJ7GDXZNJMHOFE6I6LYX7RUX",[52],"osv_opensuse",[54],"Advisory",{"url":56,"sources":57,"tags":58},"https://bugzilla.suse.com/1149126",[52],[59],"REPORT",{"url":61,"sources":62,"tags":63},"https://bugzilla.suse.com/1149429",[52],[59],{"url":65,"sources":66,"tags":67},"https://bugzilla.suse.com/1151186",[52],[59],{"url":69,"sources":70,"tags":71},"https://bugzilla.suse.com/1152778",[52],[59],{"url":73,"sources":74,"tags":75},"https://bugzilla.suse.com/1153879",[52],[59],{"url":77,"sources":78,"tags":79},"https://bugzilla.suse.com/1154738",[52],[59],{"url":81,"sources":82,"tags":83},"https://www.suse.com/security/cve/CVE-2019-11757",[52],[84],"WEB",{"url":86,"sources":87,"tags":88},"https://www.suse.com/security/cve/CVE-2019-11758",[52],[84],{"url":90,"sources":91,"tags":92},"https://www.suse.com/security/cve/CVE-2019-11759",[52],[84],{"url":94,"sources":95,"tags":96},"https://www.suse.com/security/cve/CVE-2019-11760",[52],[84],{"url":98,"sources":99,"tags":100},"https://www.suse.com/security/cve/CVE-2019-11761",[52],[84],{"url":102,"sources":103,"tags":104},"https://www.suse.com/security/cve/CVE-2019-11762",[52],[84],{"url":106,"sources":107,"tags":108},"https://www.suse.com/security/cve/CVE-2019-11763",[52],[84],{"url":110,"sources":111,"tags":112},"https://www.suse.com/security/cve/CVE-2019-11764",[52],[84],{"url":114,"sources":115,"tags":116},"https://www.suse.com/security/cve/CVE-2019-15903",[52],[84],[],[],[],[121],{"ecosystem":122,"name":123,"vendor":124,"product":125,"cpe_part":9,"purl_type":126,"purl_namespace":124,"purl_name":125,"source":9,"versions":127},"openSUSE","MozillaThunderbird","opensuse","MozillaThunderbird&distro=openSUSE Leap 15.0","rpm",[128],{"version":129,"is_range":130,"range_type":131,"version_start":9,"version_start_type":9,"version_end":132,"version_end_type":133,"fixed_in":9},"lt68_2_1_lp150_3_54_1",true,"ecosystem","68.2.1-lp150.3.54.1","excluding"]