Package thunderbird: Information

  • Default inline alert: Version in the repository: 149.0.1-alt1

Source package: thunderbird
Version: 148.0-alt1
Build time:  Feb 26, 2026, 04:20 PM
Category: Networking/Mail
Report package bug
Home page: https://www.thunderbird.net
License: MPL-2.0
Summary: Thunderbird is Mozilla's e-mail client
Description: 
Thunderbird is Mozilla's next generation e-mail client. Thunderbird makes
emailing safer, faster and easier than ever before and can also scale to meet
the most sophisticated organizational needs.

The package contains Lightning - an integrated calendar for Thunderbird.
List of RPM packages built from this SRPM:
thunderbird (riscv64)
thunderbird-debuginfo (riscv64)
Maintainer: Ajrat Makhmutov
List of contributors:
Ajrat Makhmutov
Ivan A. Melnikov
Pavel Vasenkov
Andrey Cherepanov
Grigory Ustinov
Alexey Sheplyakov
Aleksei Nikiforov
Gleb Fotengauer-Malinovskiy
Paul Wolneykien
Anton Farygin
Vladimir Didenko
Alexey Gladkov
Alexey Morozov
    1. /dev/shm
    2. clang
    3. clang-devel
    4. /proc
    5. libXft-devel
    6. libXi-devel
    7. pkgconfig(dav1d)
    8. pkgconfig(dbus-1)
    9. pkgconfig(dbus-glib-1)
    10. pkgconfig(dri)
    11. libdrm-devel
    12. dump_syms
    13. python3(sqlite3)
    14. pkgconfig(vpx)
    15. pkgconfig(x11)
    16. pkgconfig(xcomposite)
    17. pkgconfig(xcursor)
    18. pkgconfig(xdamage)
    19. alternatives
    20. pkgconfig(fontconfig)
    21. pkgconfig(freetype2)
    22. pkgconfig(gio-2.0)
    23. libXt-devel
    24. python3-base
    25. pkgconfig(xext)
    26. pkgconfig(xft)
    27. pkgconfig(xi)
    28. pkgconfig(xkbcommon)
    29. pkgconfig(xrandr)
    30. pkgconfig(xscrnsaver)
    31. pkgconfig(xt)
    32. pkgconfig(xtst)
    33. pkgconfig(zlib)
    34. libwireless-devel
    35. autoconf_2.13
    36. autoconf_2.13
    37. libevent-devel
    38. libalsa-devel
    39. rpm-macros-thunderbird
    40. fontconfig-devel
    41. python3(click)
    42. browser-plugins-npapi-devel
    43. libaom-devel
    44. gst-plugins-devel
    45. gstreamer-devel
    46. bzlib-devel
    47. pkgconfig(graphite2)
    48. pkgconfig(gtk+-2.0)
    49. pkgconfig(gtk+-3.0)
    50. python3(curses)
    51. libcairo-devel
    52. libxkbcommon-devel
    53. libnotify-devel
    54. libnspr-devel
    55. libnss-devel
    56. cbindgen
    57. pkgconfig(harfbuzz)
    58. pkgconfig(hunspell)
    59. pkgconfig(icu-i18n)
    60. libcurl-devel
    61. chrpath
    62. python3(hamcrest)
    63. pkgconfig(libcurl)
    64. pkgconfig(libdrm)
    65. pkgconfig(libevent)
    66. pkgconfig(libffi)
    67. libffi-devel
    68. libGL-devel
    69. pkgconfig(libjpeg)
    70. pkgconfig(libnotify)
    71. pkgconfig(libproxy-1.0)
    72. pkgconfig(libpulse)
    73. python3(imp)
    74. libfreetype-devel
    75. rust-cargo
    76. python3(pip)
    77. unzip
    78. libgio-devel
    79. xorg-cf-files
    80. pkgconfig(libstartup-notification-1.0)
    81. python3(setuptools)
    82. libdav1d-devel
    83. lld-devel
    84. yasm
    85. pkgconfig(opus)
    86. pkgconfig(pixman-1)
    87. libdbus-devel
    88. libdbus-glib-devel
    89. llvm-devel
    90. libgtk+2-devel
    91. libgtk+3-devel
    92. zip
    93. zlib-devel
    94. mozilla-common-devel
    95. libhunspell-devel
    96. nasm
    97. libjpeg-devel
    98. node
    99. pkgconfig(alsa)
    100. pkgconfig(aom)
    101. pkgconfig(bzip2)
    102. pkgconfig(cairo)
    103. libX11-devel
    104. libXScrnSaver-devel
    105. libXcomposite-devel
    106. libXcursor-devel
    107. libXdamage-devel
    108. libXext-devel
    109. libopus-devel
    110. libpixman-devel
    111. libproxy-devel
    112. libpulseaudio-devel
    113. libshell
    114. libstartup-notification-devel
    115. libstdc++-devel
    116. libvpx-devel

Last changed

Feb. 25, 2026 Ajrat Makhmutov 148.0-alt1
- New version.
- Fixes:
  + CVE-2026-2757: Incorrect boundary conditions in the WebRTC: Audio/Video component
  + CVE-2026-2758: Use-after-free in the JavaScript: GC component
  + CVE-2026-2759: Incorrect boundary conditions in the Graphics: ImageLib component
  + CVE-2026-2795: Use-after-free in the JavaScript: GC component
  + CVE-2026-2760: Sandbox escape due to incorrect boundary conditions in the Graphics: WebRender component
  + CVE-2026-2761: Sandbox escape in the Graphics: WebRender component
  + CVE-2026-2762: Integer overflow in the JavaScript: Standard Library component
  + CVE-2026-2763: Use-after-free in the JavaScript Engine component
  + CVE-2026-2764: JIT miscompilation, use-after-free in the JavaScript Engine: JIT component
  + CVE-2026-2796: JIT miscompilation in the JavaScript: WebAssembly component
  + CVE-2026-2797: Use-after-free in the JavaScript: GC component
  + CVE-2026-2765: Use-after-free in the JavaScript Engine component
  + CVE-2026-2766: Use-after-free in the JavaScript Engine: JIT component
  + CVE-2026-2767: Use-after-free in the JavaScript: WebAssembly component
  + CVE-2026-2768: Sandbox escape in the Storage: IndexedDB component
  + CVE-2026-2798: Use-after-free in the DOM: Core & HTML component
  + CVE-2026-2769: Use-after-free in the Storage: IndexedDB component
  + CVE-2026-2799: Use-after-free in the DOM: Core & HTML component
  + CVE-2026-2770: Use-after-free in the DOM: Bindings (WebIDL) component
  + CVE-2026-2771: Undefined behavior in the DOM: Core & HTML component
  + CVE-2026-2772: Use-after-free in the Audio/Video: Playback component
  + CVE-2026-2773: Incorrect boundary conditions in the Web Audio component
  + CVE-2026-2774: Integer overflow in the Audio/Video component
  + CVE-2026-2775: Mitigation bypass in the DOM: HTML Parser component
  + CVE-2026-2776: Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software
  + CVE-2026-2777: Privilege escalation in the Messaging System component
  + CVE-2026-2778: Sandbox escape due to incorrect boundary conditions in the DOM: Core & HTML component
  + CVE-2026-2779: Incorrect boundary conditions in the Networking: JAR component
  + CVE-2026-2800: Spoofing issue in the WebAuthn component in Firefox for Android
  + CVE-2026-2780: Privilege escalation in the Netmonitor component
  + CVE-2026-2781: Integer overflow in the Libraries component in NSS
  + CVE-2026-2801: Incorrect boundary conditions in the JavaScript: WebAssembly component
  + CVE-2026-2782: Privilege escalation in the Netmonitor component
  + CVE-2026-2783: Information disclosure due to JIT miscompilation in the JavaScript Engine: JIT component
  + CVE-2026-2802: Race condition in the JavaScript: GC component
  + CVE-2026-2803: Information disclosure, mitigation bypass in the Settings UI component
  + CVE-2026-2784: Mitigation bypass in the DOM: Security component
  + CVE-2026-2785: Invalid pointer in the JavaScript Engine component
  + CVE-2026-2804: Use-after-free in the JavaScript: WebAssembly component
  + CVE-2026-2786: Use-after-free in the JavaScript Engine component
  + CVE-2026-2805: Invalid pointer in the DOM: Core & HTML component
  + CVE-2026-2787: Use-after-free in the DOM: Window and Location component
  + CVE-2026-2788: Incorrect boundary conditions in the Audio/Video: GMP component
  + CVE-2026-2789: Use-after-free in the Graphics: ImageLib component
  + CVE-2026-2806: Uninitialized memory in the Graphics: Text component
  + CVE-2026-2790: Same-origin policy bypass in the Networking: JAR component
  + CVE-2026-2791: Mitigation bypass in the Networking: Cache component
  + CVE-2026-2807: Memory safety bugs fixed in Firefox 148 and Thunderbird 148
  + CVE-2026-2792: Memory safety bugs fixed in Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148
  + CVE-2026-2793: Memory safety bugs fixed in Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148
Feb. 20, 2026 Ajrat Makhmutov 147.0.2-alt1
- New version.
- Fixes:
  + CVE-2026-2447: Heap buffer overflow in libvpx
Feb. 12, 2026 Ajrat Makhmutov 147.0.1-alt1
- New version.
- Fixes:
  + CVE-2026-0818: CSS-based exfiltration of the content from partially encrypted emails when allowing remote content
VKontakte|Telegram|YouTube|Forum|ALT Linux Space|Bugzilla
Version: v26.2.2
Back to top