Package thunderbird

Source package: thunderbird
Version: 91.7.0-alt1
Build time:  Mar 15, 2022, 06:54 PM
 in the task #296598
Category: Networking/Mail
Report package bug
Gear: https://git.altlinux.org/gears/t/thunderbird.git?a=tree;hb=4e824…
Home page: https://www.thunderbird.net
License:  MPL-2.0
Summary:  Thunderbird is Mozilla's e-mail client
Description: 
Thunderbird is Mozilla's next generation e-mail client. Thunderbird makes
emailing safer, faster and easier than ever before and can also scale to meet
the most sophisticated organizational needs.

The package contains Lightning - an integrated calendar for Thunderbird.
List of rpms provided by this srpm: 
rpm-build-thunderbird (x86_64, ppc64le, i586, aarch64)
thunderbird (x86_64, ppc64le, i586, aarch64)
thunderbird-wayland (x86_64, ppc64le, i586, aarch64)
Maintainer: Andrey Cherepanov
List of contributors: 
Pavel Vasenkov
Andrey Cherepanov
Aleksei Nikiforov
Gleb Fotengauer-Malinovskiy
Paul Wolneykien
Anton Farygin
Vladimir Didenko
Alexey Gladkov
Alexey Morozov
    1. libvpx-devel
    2. /dev/shm
    3. browser-plugins-npapi-devel
    4. libdrm-devel
    5. bzlib-devel
    6. libwireless-devel
    7. python3-base
    8. libevent-devel
    9. chrpath
    10. libxkbcommon-devel
    11. python3-module-pip
    12. libX11-devel
    13. clang12.0-devel
    14. /proc
    15. libffi-devel
    16. libpixman-devel
    17. python3-module-setuptools
    18. libXScrnSaver-devel
    19. python3-modules-sqlite3
    20. libXcomposite-devel
    21. libGL-devel
    22. libXcursor-devel
    23. lld12.0-devel
    24. libXdamage-devel
    25. llvm12.0-devel
    26. libXext-devel
    27. libXft-devel
    28. libXi-devel
    29. makedepend
    30. libIDL-devel
    31. mozilla-common-devel
    32. gst-plugins1.0-devel
    33. libXt-devel
    34. nasm
    35. alternatives
    36. libproxy-devel
    37. libalsa-devel
    38. imake
    39. rust
    40. rust-cargo
    41. rpm-build-mozilla.org
    42. node
    43. libgtk+3-devel >= 3.14
    44. autoconf_2.13
    45. autoconf_2.13
    46. libhunspell-devel
    47. libpulseaudio-devel
    48. libjpeg-devel
    49. unzip
    50. xorg-cf-files
    51. doxygen
    52. yasm
    53. zip
    54. libstartup-notification-devel
    55. libstdc++-devel
    56. gcc-c++
    57. libnotify-devel
    58. libcurl-devel
    59. libnspr-devel
    60. libdbus-glib-devel
    61. libnss-devel
    62. libnss-devel-static
    63. libopus-devel
    64. libotr-devel
Last changes:
March 13, 2022 Pavel Vasenkov 91.7.0-alt1
- New version.
- Security fixes:
  + CVE-2022-26383 Browser window spoof using fullscreen mode
  + CVE-2022-26384 iframe allow-scripts sandbox bypass
  + CVE-2022-26387 Time-of-check time-of-use bug when verifying add-on signatures
  + CVE-2022-26381 Use-after-free in text reflows
  + CVE-2022-26386 Temporary files downloaded to /tmp and accessible by other local users
March 8, 2022 Pavel Vasenkov 91.6.2-alt1
- New version.
- Security fixes:
  + CVE-2022-26485 Use-after-free in XSLT parameter processing
  + CVE-2022-26486 Use-after-free in WebGPU IPC Framework
Feb. 12, 2022 Pavel Vasenkov 91.6.0-alt1
- New version.
- Security fixes:
  + CVE-2022-22753 Privilege Escalation to SYSTEM on Windows via Maintenance Service
  + CVE-2022-22754 Extensions could have bypassed permission confirmation during update
  + CVE-2022-22756 Drag and dropping an image could have resulted in the dropped object being an executable
  + CVE-2022-22759 Sandboxed iframes could have executed script if the parent appended elements
  + CVE-2022-22760 Cross-Origin responses could be distinguished between script and non-script content-types
  + CVE-2022-22761 frame-ancestors Content Security Policy directive was not enforced for framed extension pages
  + CVE-2022-22763 Script Execution during invalid object state
  + CVE-2022-22764 Memory safety bugs fixed in Thunderbird 91.6

Back to Top