Package thunderbird: Information
Source package: thunderbird
Version: 128.6.0-alt1
Build time: Jan 10, 2025, 10:11 PM in the task #368499
Category: Networking/Mail
Report package bugHome page: https://www.thunderbird.net
License: MPL-2.0
Summary: Thunderbird is Mozilla's e-mail client
Description:
Thunderbird is Mozilla's next generation e-mail client. Thunderbird makes emailing safer, faster and easier than ever before and can also scale to meet the most sophisticated organizational needs. The package contains Lightning - an integrated calendar for Thunderbird.
List of RPM packages built from this SRPM:
rpm-build-thunderbird (x86_64, ppc64le, i586, aarch64)
thunderbird (x86_64, ppc64le, i586, aarch64)
thunderbird-debuginfo (x86_64, ppc64le, i586, aarch64)
rpm-build-thunderbird (x86_64, ppc64le, i586, aarch64)
thunderbird (x86_64, ppc64le, i586, aarch64)
thunderbird-debuginfo (x86_64, ppc64le, i586, aarch64)
Maintainer: Ajrat Makhmutov
List of contributors:
Ajrat Makhmutov
Pavel Vasenkov
Andrey Cherepanov
Grigory Ustinov
Alexey Sheplyakov
Aleksei Nikiforov
Gleb Fotengauer-Malinovskiy
Paul Wolneykien
Anton Farygin
Vladimir Didenko
Alexey Gladkov
Alexey Morozov
Ajrat Makhmutov
Pavel Vasenkov
Andrey Cherepanov
Grigory Ustinov
Alexey Sheplyakov
Aleksei Nikiforov
Gleb Fotengauer-Malinovskiy
Paul Wolneykien
Anton Farygin
Vladimir Didenko
Alexey Gladkov
Alexey Morozov
Last changed
Jan. 9, 2025 Ajrat Makhmutov 128.6.0-alt1
- New version. - Security fixes: + CVE-2025-0237: WebChannel APIs susceptible to confused deputy attack + CVE-2025-0238: Use-after-free when breaking lines in text + CVE-2025-0239: Alt-Svc ALPN validation failure when redirected + CVE-2025-0240: Compartment mismatch when parsing JavaScript JSON module + CVE-2025-0241: Memory corruption when using JavaScript Text Segmentation + CVE-2025-0242: Memory safety bugs fixed in Firefox 134, Thunderbird 134, Firefox ESR 115.19, Firefox ESR 128.6, Thunderbird 115.19, and Thunderbird 128.6 + CVE-2025-0243: Memory safety bugs fixed in Firefox 134, Thunderbird 134, Firefox ESR 128.6, and Thunderbird 128.6
Dec. 20, 2024 Ajrat Makhmutov 128.5.2-alt1
- New version. - Security fixes: + CVE-2024-50336: matrix-js-sdk has insufficient MXC URI validation which could allow client-side path traversal - Fix FTBFS with python 3.12.8.
Nov. 28, 2024 Ajrat Makhmutov 128.5.0-alt1
- New version. - Security fixes: + CVE-2024-11691: Out-of-bounds write in Apple GPU drivers via WebGL + CVE-2024-11692: Select list elements could be shown over another site + CVE-2024-11693: Download Protections were bypassed by .library-ms files on Windows + CVE-2024-11694: CSP Bypass and XSS Exposure via Web Compatibility Shims + CVE-2024-11695: URL Bar Spoofing via Manipulated Punycode and Whitespace Characters + CVE-2024-11696: Unhandled Exception in Add-on Signature Verification + CVE-2024-11697: Improper Keypress Handling in Executable File Confirmation Dialog + CVE-2024-11698: Fullscreen Lock-Up When Modal Dialog Interrupts Transition on macOS + CVE-2024-11699: Memory safety bugs fixed in Firefox 133, Thunderbird 133, Firefox ESR 128.5, and Thunderbird 128.5