Package thunderbird: Information
Default inline alert: Version in the repository: 115.9.0-alt1
Source package: thunderbird
Version: 115.6.0-alt1
Build time: Dec 28, 2023, 05:23 PM
Category: Networking/Mail
Report package bugHome page: https://www.thunderbird.net
License: MPL-2.0
Summary: Thunderbird is Mozilla's e-mail client
Description:
Thunderbird is Mozilla's next generation e-mail client. Thunderbird makes emailing safer, faster and easier than ever before and can also scale to meet the most sophisticated organizational needs. The package contains Lightning - an integrated calendar for Thunderbird.
List of rpms provided by this srpm:
rpm-build-thunderbird (loongarch64)
thunderbird (loongarch64)
thunderbird-wayland (loongarch64)
rpm-build-thunderbird (loongarch64)
thunderbird (loongarch64)
thunderbird-wayland (loongarch64)
Maintainer: Andrey Cherepanov
List of contributors:
Pavel Vasenkov
Alexey Sheplyakov
Andrey Cherepanov
Aleksei Nikiforov
Gleb Fotengauer-Malinovskiy
Paul Wolneykien
Anton Farygin
Vladimir Didenko
Alexey Gladkov
Alexey Morozov
Pavel Vasenkov
Alexey Sheplyakov
Andrey Cherepanov
Aleksei Nikiforov
Gleb Fotengauer-Malinovskiy
Paul Wolneykien
Anton Farygin
Vladimir Didenko
Alexey Gladkov
Alexey Morozov
Last changed
Dec. 21, 2023 Pavel Vasenkov 115.6.0-alt1
- New version. - Security fixes: + CVE-2023-50762 Truncated signed text was shown with a valid OpenPGP signature + CVE-2023-50761 S/MIME signature accepted despite mismatching message date + CVE-2023-6856 Heap-buffer-overflow affecting WebGL DrawElementsInstanced method with Mesa VM driver + CVE-2023-6857 Symlinks may resolve to smaller than expected buffers + CVE-2023-6858 Heap buffer overflow in nsTextFragment + CVE-2023-6859 Use-after-free in PR_GetIdentitiesLayer + CVE-2023-6860 Potential sandbox escape due to VideoBridge lack of texture validation + CVE-2023-6861 Heap buffer overflow affected nsWindow::PickerOpen(void) in headless mode + CVE-2023-6862 Use-after-free in nsDNSService + CVE-2023-6863 Undefined behavior in ShutdownObserver()
Nov. 23, 2023 Pavel Vasenkov 115.5.0-alt1
- New version. - Security fixes: + CVE-2023-6204 Out-of-bound memory access in WebGL2 blitFramebuffer + CVE-2023-6205 Use-after-free in MessagePort::Entangled + CVE-2023-6206 Clickjacking permission prompts using the fullscreen transition + CVE-2023-6207 Use-after-free in ReadableByteStreamQueueEntry::Buffer + CVE-2023-6208 Using Selection API would copy contents into X11 primary selection. + CVE-2023-6209 Incorrect parsing of relative URLs starting with "///" + CVE-2023-6212 Memory safety bugs fixed in Firefox 120, Firefox ESR 115.5, and Thunderbird 115.5
Nov. 1, 2023 Pavel Vasenkov 115.4.1-alt1
- New version. - Security fixes: + CVE-2023-5721 Queued up rendering could have allowed websites to clickjack + CVE-2023-5732 Address bar spoofing via bidirectional characters + CVE-2023-5724 Large WebGL draw could have led to a crash + CVE-2023-5725 WebExtensions could open arbitrary URLs + CVE-2023-5726 Full screen notification obscured by file open dialog on macOS + CVE-2023-5727 Download Protections were bypassed by .msix, .msixbundle, .appx, and .appxbundle files on Windows + CVE-2023-5728 Improper object tracking during GC in the JavaScript engine could have led to a crash. + CVE-2023-5730 Memory safety bugs fixed in Firefox 119, Firefox ESR 115.4, and Thunderbird 115.4.1