Package thunderbird: Information

  • Default inline alert: Version in the repository: 149.0.1-alt1

Source package: thunderbird
Version: 148.0-alt1
Latest version according to Repology
Build time:  Feb 25, 2026, 06:31 PM in the task #409185
Category: Networking/Mail
Report package bug
Gear: https://git.altlinux.org/gears/t/thunderbird.git?a=tree;hb=f8730…
Home page: https://www.thunderbird.net
License: MPL-2.0
Summary: Thunderbird is Mozilla's e-mail client
Description: 
Thunderbird is Mozilla's next generation e-mail client. Thunderbird makes
emailing safer, faster and easier than ever before and can also scale to meet
the most sophisticated organizational needs.

The package contains Lightning - an integrated calendar for Thunderbird.
List of RPM packages built from this SRPM:
thunderbird (x86_64, aarch64)
thunderbird-debuginfo (x86_64, aarch64)
Maintainer: Ajrat Makhmutov
List of contributors:
Ajrat Makhmutov
Ivan A. Melnikov
Pavel Vasenkov
Andrey Cherepanov
Grigory Ustinov
Alexey Sheplyakov
Aleksei Nikiforov
Gleb Fotengauer-Malinovskiy
Paul Wolneykien
Anton Farygin
Vladimir Didenko
Alexey Gladkov
Alexey Morozov
ACL:
Ajrat Makhmutov
    1. /dev/shm
    2. /proc
    3. alternatives
    4. autoconf_2.13
    5. autoconf_2.13
    6. browser-plugins-npapi-devel
    7. bzlib-devel
    8. cbindgen
    9. chrpath
    10. clang
    11. clang-devel
    12. libX11-devel
    13. libXScrnSaver-devel
    14. libXcomposite-devel
    15. libXcursor-devel
    16. libXdamage-devel
    17. libXext-devel
    18. libXft-devel
    19. libXi-devel
    20. libXt-devel
    21. libalsa-devel
    22. libaom-devel
    23. libcairo-devel
    24. libcurl-devel
    25. dump_syms
    26. libdav1d-devel
    27. fontconfig-devel
    28. libdbus-devel
    29. libdbus-glib-devel
    30. libdrm-devel
    31. libevent-devel
    32. gst-plugins-devel
    33. gstreamer-devel
    34. libffi-devel
    35. libfreetype-devel
    36. libgio-devel
    37. libGL-devel
    38. libgtk+2-devel
    39. libgtk+3-devel
    40. libhunspell-devel
    41. libjpeg-devel
    42. libnotify-devel
    43. libnspr-devel
    44. libnss-devel
    45. python3(pip)
    46. libopus-devel
    47. libpixman-devel
    48. libproxy-devel
    49. libpulseaudio-devel
    50. python3(setuptools)
    51. python3(sqlite3)
    52. libshell
    53. libstartup-notification-devel
    54. libstdc++-devel
    55. lld-devel
    56. pkgconfig(vpx)
    57. pkgconfig(x11)
    58. pkgconfig(xcomposite)
    59. pkgconfig(xcursor)
    60. pkgconfig(xdamage)
    61. nasm
    62. python3(click)
    63. llvm-devel
    64. pkgconfig(xext)
    65. pkgconfig(xft)
    66. pkgconfig(xi)
    67. pkgconfig(xkbcommon)
    68. pkgconfig(xrandr)
    69. pkgconfig(xscrnsaver)
    70. pkgconfig(xt)
    71. pkgconfig(xtst)
    72. pkgconfig(zlib)
    73. pkgconfig(alsa)
    74. pkgconfig(aom)
    75. pkgconfig(bzip2)
    76. pkgconfig(cairo)
    77. node
    78. python3(imp)
    79. python3(hamcrest)
    80. libwireless-devel
    81. libvpx-devel
    82. python3-base
    83. rpm-macros-thunderbird
    84. pkgconfig(dav1d)
    85. pkgconfig(dbus-1)
    86. pkgconfig(dbus-glib-1)
    87. pkgconfig(dri)
    88. unzip
    89. pkgconfig(fontconfig)
    90. pkgconfig(freetype2)
    91. pkgconfig(gio-2.0)
    92. python3(curses)
    93. mozilla-common-devel
    94. rust-cargo
    95. pkgconfig(graphite2)
    96. pkgconfig(gtk+-2.0)
    97. pkgconfig(gtk+-3.0)
    98. libxkbcommon-devel
    99. xorg-cf-files
    100. pkgconfig(harfbuzz)
    101. pkgconfig(hunspell)
    102. pkgconfig(icu-i18n)
    103. pkgconfig(libcurl)
    104. pkgconfig(libdrm)
    105. pkgconfig(libevent)
    106. pkgconfig(libffi)
    107. yasm
    108. pkgconfig(libjpeg)
    109. pkgconfig(libnotify)
    110. pkgconfig(libproxy-1.0)
    111. pkgconfig(libpulse)
    112. zip
    113. pkgconfig(libstartup-notification-1.0)
    114. zlib-devel
    115. pkgconfig(opus)
    116. pkgconfig(pixman-1)

Last changed

Feb. 25, 2026 Ajrat Makhmutov 148.0-alt1
- New version.
- Fixes:
  + CVE-2026-2757: Incorrect boundary conditions in the WebRTC: Audio/Video component
  + CVE-2026-2758: Use-after-free in the JavaScript: GC component
  + CVE-2026-2759: Incorrect boundary conditions in the Graphics: ImageLib component
  + CVE-2026-2795: Use-after-free in the JavaScript: GC component
  + CVE-2026-2760: Sandbox escape due to incorrect boundary conditions in the Graphics: WebRender component
  + CVE-2026-2761: Sandbox escape in the Graphics: WebRender component
  + CVE-2026-2762: Integer overflow in the JavaScript: Standard Library component
  + CVE-2026-2763: Use-after-free in the JavaScript Engine component
  + CVE-2026-2764: JIT miscompilation, use-after-free in the JavaScript Engine: JIT component
  + CVE-2026-2796: JIT miscompilation in the JavaScript: WebAssembly component
  + CVE-2026-2797: Use-after-free in the JavaScript: GC component
  + CVE-2026-2765: Use-after-free in the JavaScript Engine component
  + CVE-2026-2766: Use-after-free in the JavaScript Engine: JIT component
  + CVE-2026-2767: Use-after-free in the JavaScript: WebAssembly component
  + CVE-2026-2768: Sandbox escape in the Storage: IndexedDB component
  + CVE-2026-2798: Use-after-free in the DOM: Core & HTML component
  + CVE-2026-2769: Use-after-free in the Storage: IndexedDB component
  + CVE-2026-2799: Use-after-free in the DOM: Core & HTML component
  + CVE-2026-2770: Use-after-free in the DOM: Bindings (WebIDL) component
  + CVE-2026-2771: Undefined behavior in the DOM: Core & HTML component
  + CVE-2026-2772: Use-after-free in the Audio/Video: Playback component
  + CVE-2026-2773: Incorrect boundary conditions in the Web Audio component
  + CVE-2026-2774: Integer overflow in the Audio/Video component
  + CVE-2026-2775: Mitigation bypass in the DOM: HTML Parser component
  + CVE-2026-2776: Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software
  + CVE-2026-2777: Privilege escalation in the Messaging System component
  + CVE-2026-2778: Sandbox escape due to incorrect boundary conditions in the DOM: Core & HTML component
  + CVE-2026-2779: Incorrect boundary conditions in the Networking: JAR component
  + CVE-2026-2800: Spoofing issue in the WebAuthn component in Firefox for Android
  + CVE-2026-2780: Privilege escalation in the Netmonitor component
  + CVE-2026-2781: Integer overflow in the Libraries component in NSS
  + CVE-2026-2801: Incorrect boundary conditions in the JavaScript: WebAssembly component
  + CVE-2026-2782: Privilege escalation in the Netmonitor component
  + CVE-2026-2783: Information disclosure due to JIT miscompilation in the JavaScript Engine: JIT component
  + CVE-2026-2802: Race condition in the JavaScript: GC component
  + CVE-2026-2803: Information disclosure, mitigation bypass in the Settings UI component
  + CVE-2026-2784: Mitigation bypass in the DOM: Security component
  + CVE-2026-2785: Invalid pointer in the JavaScript Engine component
  + CVE-2026-2804: Use-after-free in the JavaScript: WebAssembly component
  + CVE-2026-2786: Use-after-free in the JavaScript Engine component
  + CVE-2026-2805: Invalid pointer in the DOM: Core & HTML component
  + CVE-2026-2787: Use-after-free in the DOM: Window and Location component
  + CVE-2026-2788: Incorrect boundary conditions in the Audio/Video: GMP component
  + CVE-2026-2789: Use-after-free in the Graphics: ImageLib component
  + CVE-2026-2806: Uninitialized memory in the Graphics: Text component
  + CVE-2026-2790: Same-origin policy bypass in the Networking: JAR component
  + CVE-2026-2791: Mitigation bypass in the Networking: Cache component
  + CVE-2026-2807: Memory safety bugs fixed in Firefox 148 and Thunderbird 148
  + CVE-2026-2792: Memory safety bugs fixed in Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148
  + CVE-2026-2793: Memory safety bugs fixed in Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148
Feb. 20, 2026 Ajrat Makhmutov 147.0.2-alt1
- New version.
- Fixes:
  + CVE-2026-2447: Heap buffer overflow in libvpx
Feb. 12, 2026 Ajrat Makhmutov 147.0.1-alt1
- New version.
- Fixes:
  + CVE-2026-0818: CSS-based exfiltration of the content from partially encrypted emails when allowing remote content
VKontakte|Telegram|YouTube|Forum|ALT Linux Space|Bugzilla
Version: v26.2.2
Back to top