Package thunderbird: Information
Default inline alert: Version in the repository: 115.9.0-alt1
Source package: thunderbird
Version: 91.5.1-alt1
Build time: Jan 27, 2022, 06:25 PM in the task #294221
Category: Networking/Mail
Report package bugHome page: https://www.thunderbird.net
License: MPL-2.0
Summary: Thunderbird is Mozilla's e-mail client
Description:
Thunderbird is Mozilla's next generation e-mail client. Thunderbird makes emailing safer, faster and easier than ever before and can also scale to meet the most sophisticated organizational needs. The package contains Lightning - an integrated calendar for Thunderbird.
List of rpms provided by this srpm:
rpm-build-thunderbird (x86_64, ppc64le, i586, aarch64)
thunderbird (x86_64, ppc64le, i586, aarch64)
thunderbird-wayland (x86_64, ppc64le, i586, aarch64)
rpm-build-thunderbird (x86_64, ppc64le, i586, aarch64)
thunderbird (x86_64, ppc64le, i586, aarch64)
thunderbird-wayland (x86_64, ppc64le, i586, aarch64)
Maintainer: Andrey Cherepanov
List of contributors:
Pavel Vasenkov
Andrey Cherepanov
Aleksei Nikiforov
Gleb Fotengauer-Malinovskiy
Paul Wolneykien
Anton Farygin
Vladimir Didenko
Alexey Gladkov
Alexey Morozov
Pavel Vasenkov
Andrey Cherepanov
Aleksei Nikiforov
Gleb Fotengauer-Malinovskiy
Paul Wolneykien
Anton Farygin
Vladimir Didenko
Alexey Gladkov
Alexey Morozov
Last changed
Jan. 25, 2022 Pavel Vasenkov 91.5.1-alt1
- New version.
Jan. 12, 2022 Andrey Cherepanov 91.5.0-alt1
- New version. - Security fixes: + CVE-2022-22746 Calling into reportValidity could have lead to fullscreen window spoof + CVE-2022-22743 Browser window spoof using fullscreen mode + CVE-2022-22742 Out-of-bounds memory access when inserting text in edit mode + CVE-2022-22741 Browser window spoof using fullscreen mode + CVE-2022-22740 Use-after-free of ChannelEventQueue::mOwner + CVE-2022-22738 Heap-buffer-overflow in blendGaussianBlur + CVE-2022-22737 Race condition when playing audio files + CVE-2021-4140 Iframe sandbox bypass with XSLT + CVE-2022-22748 Spoofed origin on external protocol launch dialog + CVE-2022-22745 Leaking cross-origin URLs through securitypolicyviolation event + CVE-2022-22744 The 'Copy as curl' feature in DevTools did not fully escape website-controlled data, potentially leading to command injection + CVE-2022-22747 Crash when handling empty pkcs7 sequence + CVE-2022-22739 Missing throttling on external protocol launch dialog + CVE-2022-22751 Memory safety bugs fixed in Thunderbird 91.5
Dec. 21, 2021 Andrey Cherepanov 91.4.1-alt1
- New version. - Security fixes: + CVE-2021-4126 OpenPGP signature status doesn't consider additional message content + CVE-2021-44538 Matrix chat library libolm bundled with Thunderbird vulnerable to a buffer overflow