Package thunderbird: Information
Default inline alert: Version in the repository: 115.8.1-alt1
Source package: thunderbird
Version: 78.10.2-alt1
Build time: May 18, 2021, 08:41 PM in the task #272108
Category: Networking/Mail
Report package bugHome page: https://www.thunderbird.net
License: MPL-2.0
Summary: Thunderbird is Mozilla's e-mail client
Description:
Thunderbird is Mozilla's next generation e-mail client. Thunderbird makes emailing safer, faster and easier than ever before and can also scale to meet the most sophisticated organizational needs. The package contains Lightning - an integrated calendar for Thunderbird.
List of rpms provided by this srpm:
rpm-build-thunderbird (x86_64, i586, armh, aarch64)
thunderbird (x86_64, i586, armh, aarch64)
thunderbird-wayland (x86_64, i586, armh, aarch64)
rpm-build-thunderbird (x86_64, i586, armh, aarch64)
thunderbird (x86_64, i586, armh, aarch64)
thunderbird-wayland (x86_64, i586, armh, aarch64)
Maintainer: Andrey Cherepanov
List of contributors:
Andrey Cherepanov
Aleksei Nikiforov
Gleb Fotengauer-Malinovskiy
Paul Wolneykien
Anton Farygin
Vladimir Didenko
Alexey Gladkov
Alexey Morozov
Andrey Cherepanov
Aleksei Nikiforov
Gleb Fotengauer-Malinovskiy
Paul Wolneykien
Anton Farygin
Vladimir Didenko
Alexey Gladkov
Alexey Morozov
Last changed
May 18, 2021 Andrey Cherepanov 78.10.2-alt1
- New version (78.10.2). - Security fixes: + CVE-2021-29957 Partial protection of inline OpenPGP message not indicated + CVE-2021-29956 Thunderbird stored OpenPGP secret keys without master password protection
May 5, 2021 Andrey Cherepanov 78.10.1-alt1
- New version (78.10.1). - Security fixes: + CVE-2021-29951 Thunderbird Maintenance Service could have been started or stopped by domain users - Do not build for ppc64le.
April 26, 2021 Andrey Cherepanov 78.10.0-alt1
- New version (78.10.0). - Security fixes: + CVE-2021-23994 Out of bound write due to lazy initialization + CVE-2021-23995 Use-after-free in Responsive Design Mode + CVE-2021-23998 Secure Lock icon could have been spoofed + CVE-2021-23961 More internal network hosts could have been probed by a malicious webpage + CVE-2021-23999 Blob URLs may have been granted additional privileges + CVE-2021-24002 Arbitrary FTP command execution on FTP servers using an encoded URL + CVE-2021-29945 Incorrect size computation in WebAssembly JIT could lead to null-reads + CVE-2021-29946 Port blocking could be bypassed + CVE-2021-29948 Race condition when reading from disk while verifying signatures + CVE-2021-23991 An attacker may use Thunderbird's OpenPGP key refresh mechanism to poison an existing key + CVE-2021-23992 A crafted OpenPGP key with an invalid user ID could be used to confuse the user + CVE-2021-23993 Inability to send encrypted OpenPGP email after importing a crafted OpenPGP key + CVE-2021-29949 Thunderbird might execute an alternative OTR library + CVE-2021-23981 Texture upload into an unbound backing buffer resulted in an out-of-bound read + CVE-2021-23982 Internal network hosts could have been probed by a malicious webpage + CVE-2021-23984 Malicious extensions could have spoofed popup information + CVE-2021-23987 Memory safety bugs fixed in Thunderbird 78.9