Package thunderbird: Information

  • Default inline alert: Version in the repository: 115.9.0-alt1

Binary package: thunderbird
Version: 102.9.0-alt1
Architecture: x86_64
Build time:  Mar 22, 2023, 07:14 PM in the task #317199
Source package: thunderbird
Category: Networking/Mail
Report package bug
Gear: https://git.altlinux.org/gears/t/thunderbird.git?a=tree;hb=6ae34…
Download: thunderbird-102.9.0-alt1.x86_64.rpm
Build log: https://git.altlinux.org/tasks/317199/build/100/x86_64/log
Home page: https://www.thunderbird.net
License: MPL-2.0
Summary: Thunderbird is Mozilla's e-mail client
Description: 
Thunderbird is Mozilla's next generation e-mail client. Thunderbird makes
emailing safer, faster and easier than ever before and can also scale to meet
the most sophisticated organizational needs.

The package contains Lightning - an integrated calendar for Thunderbird.
Maintainer: Andrey Cherepanov
List of contributors:
Pavel Vasenkov
Andrey Cherepanov
Aleksei Nikiforov
Gleb Fotengauer-Malinovskiy
Paul Wolneykien
Anton Farygin
Vladimir Didenko
Alexey Gladkov
Alexey Morozov
ACL:
Pavel Vasenkov
Andrey Cherepanov
@everybody

Last changed

March 22, 2023 Pavel Vasenkov 102.9.0-alt1
- New version.
- Security fixes:
  + CVE-2023-25751 Incorrect code generation during JIT compilation
  + CVE-2023-28164 URL being dragged from a removed cross-origin iframe into the same tab triggered navigation
  + CVE-2023-28162 Invalid downcast in Worklets
  + CVE-2023-25752 Potential out-of-bounds when accessing throttled streams
  + CVE-2023-28163 Windows Save As dialog resolved environment variables
  + CVE-2023-28176 Memory safety bugs fixed in Thunderbird 102.9
Feb. 28, 2023 Pavel Vasenkov 102.8.0-alt1
- New version.
- Security fixes:
  + CVE-2023-0616 User Interface lockup with messages combining S/MIME and OpenPGP
  + CVE-2023-25728 Content security policy leak in violation reports using iframes
  + CVE-2023-25730 Screen hijack via browser fullscreen mode
  + CVE-2023-0767 Arbitrary memory write via PKCS 12 in NSS
  + CVE-2023-25735 Potential use-after-free from compartment mismatch in SpiderMonkey
  + CVE-2023-25737 Invalid downcast in SVGUtils::SetupStrokeGeometry
  + CVE-2023-25738 Printing on Windows could potentially crash Thunderbird with some device drivers
  + CVE-2023-25739 Use-after-free in mozilla::dom::ScriptLoadContext::~ScriptLoadContext
  + CVE-2023-25729 Extensions could have opened external schemes without user knowledge
  + CVE-2023-25732 Out of bounds memory write from EncodeInputStream
  + CVE-2023-25734 Opening local .url files could cause unexpected network loads
  + CVE-2023-25742 Web Crypto ImportKey crashes tab
  + CVE-2023-25746 Memory safety bugs fixed in Thunderbird 102.8
Feb. 3, 2023 Pavel Vasenkov 102.7.1-alt1
- New version.
- Security fixes:
  + CVE-2023-0430 Revocation status of S/Mime signature certificates was not checked
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Version: v24.4.2
Back to top