Package thunderbird: Information

  • Default inline alert: Version in the repository: 115.9.0-alt1

Source package: thunderbird
Version: 91.6.0-alt1
Latest version according to Repology
Build time:  Feb 12, 2022, 03:04 PM in the task #295259
Category: Networking/Mail
Report package bug
Gear: https://git.altlinux.org/gears/t/thunderbird.git?a=tree;hb=ebce3…
Home page: https://www.thunderbird.net
License: MPL-2.0
Summary: Thunderbird is Mozilla's e-mail client
Description: 
Thunderbird is Mozilla's next generation e-mail client. Thunderbird makes
emailing safer, faster and easier than ever before and can also scale to meet
the most sophisticated organizational needs.

The package contains Lightning - an integrated calendar for Thunderbird.
List of rpms provided by this srpm:
rpm-build-thunderbird (x86_64, ppc64le, i586, aarch64)
thunderbird (x86_64, ppc64le, i586, aarch64)
thunderbird-wayland (x86_64, ppc64le, i586, aarch64)
Maintainer: Andrey Cherepanov
List of contributors:
Pavel Vasenkov
Andrey Cherepanov
Aleksei Nikiforov
Gleb Fotengauer-Malinovskiy
Paul Wolneykien
Anton Farygin
Vladimir Didenko
Alexey Gladkov
Alexey Morozov
ACL:
Pavel Vasenkov
Andrey Cherepanov
@everybody
    1. libdbus-glib-devel
    2. libwireless-devel
    3. alternatives
    4. /dev/shm
    5. libdrm-devel
    6. python3-base
    7. libxkbcommon-devel
    8. libevent-devel
    9. autoconf_2.13
    10. autoconf_2.13
    11. libffi-devel
    12. python3-module-pip
    13. python3-module-setuptools
    14. python3-modules-sqlite3
    15. browser-plugins-npapi-devel
    16. bzlib-devel
    17. lld12.0-devel
    18. llvm12.0-devel
    19. chrpath
    20. makedepend
    21. /proc
    22. clang12.0-devel
    23. libnotify-devel
    24. libnspr-devel
    25. libnss-devel
    26. libnss-devel-static
    27. libstartup-notification-devel
    28. libstdc++-devel
    29. mozilla-common-devel
    30. libopus-devel
    31. libotr-devel
    32. nasm
    33. rust
    34. rust-cargo
    35. node
    36. libpixman-devel
    37. libGL-devel
    38. rpm-build-mozilla.org
    39. doxygen
    40. libIDL-devel
    41. gst-plugins1.0-devel
    42. libgtk+3-devel >= 3.14
    43. libproxy-devel
    44. libX11-devel
    45. libhunspell-devel
    46. libXScrnSaver-devel
    47. gcc-c++
    48. libXcomposite-devel
    49. libXcursor-devel
    50. libXdamage-devel
    51. libXext-devel
    52. libjpeg-devel
    53. libpulseaudio-devel
    54. unzip
    55. libXft-devel
    56. libXi-devel
    57. libXt-devel
    58. libalsa-devel
    59. xorg-cf-files
    60. yasm
    61. zip
    62. imake
    63. libcurl-devel
    64. libvpx-devel

Last changed

Feb. 12, 2022 Pavel Vasenkov 91.6.0-alt1
- New version.
- Security fixes:
  + CVE-2022-22753 Privilege Escalation to SYSTEM on Windows via Maintenance Service
  + CVE-2022-22754 Extensions could have bypassed permission confirmation during update
  + CVE-2022-22756 Drag and dropping an image could have resulted in the dropped object being an executable
  + CVE-2022-22759 Sandboxed iframes could have executed script if the parent appended elements
  + CVE-2022-22760 Cross-Origin responses could be distinguished between script and non-script content-types
  + CVE-2022-22761 frame-ancestors Content Security Policy directive was not enforced for framed extension pages
  + CVE-2022-22763 Script Execution during invalid object state
  + CVE-2022-22764 Memory safety bugs fixed in Thunderbird 91.6
Jan. 25, 2022 Pavel Vasenkov 91.5.1-alt1
- New version.
Jan. 12, 2022 Andrey Cherepanov 91.5.0-alt1
- New version.
- Security fixes:
  + CVE-2022-22746 Calling into reportValidity could have lead to fullscreen window spoof
  + CVE-2022-22743 Browser window spoof using fullscreen mode
  + CVE-2022-22742 Out-of-bounds memory access when inserting text in edit mode
  + CVE-2022-22741 Browser window spoof using fullscreen mode
  + CVE-2022-22740 Use-after-free of ChannelEventQueue::mOwner
  + CVE-2022-22738 Heap-buffer-overflow in blendGaussianBlur
  + CVE-2022-22737 Race condition when playing audio files
  + CVE-2021-4140 Iframe sandbox bypass with XSLT
  + CVE-2022-22748 Spoofed origin on external protocol launch dialog
  + CVE-2022-22745 Leaking cross-origin URLs through securitypolicyviolation event
  + CVE-2022-22744 The 'Copy as curl' feature in DevTools did not fully escape website-controlled data, potentially leading to command injection
  + CVE-2022-22747 Crash when handling empty pkcs7 sequence
  + CVE-2022-22739 Missing throttling on external protocol launch dialog
  + CVE-2022-22751 Memory safety bugs fixed in Thunderbird 91.5
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Version: v24.4.2
Back to top