Bug 28941

Assigning to latest committers.

Assignee: bugsquad => nicolas.salguero
CC: (none) => ouaurelien

Suggested advisory:
========================

The updated packages fix security vulnerabilities:

Partial protection of inline OpenPGP message not indicated. (CVE-2021-29957)

Thunderbird stored OpenPGP secret keys without master password protection. (CVE-2021-29956)

References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29957
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29956
https://www.mozilla.org/en-US/security/advisories/mfsa2021-22/
https://www.thunderbird.net/en-US/thunderbird/78.10.1/releasenotes/
https://www.thunderbird.net/en-US/thunderbird/78.10.2/releasenotes/
========================

Updated packages in core/updates_testing:
========================
thunderbird-78.10.2-1.mga{7|8}
thunderbird-enigmail-78.10.2-1.mga{7|8}
thunderbird-ar-78.10.2-1.mga{7|8}
thunderbird-ast-78.10.2-1.mga{7|8}
thunderbird-be-78.10.2-1.mga{7|8}
thunderbird-bg-78.10.2-1.mga{7|8}
thunderbird-br-78.10.2-1.mga{7|8}
thunderbird-ca-78.10.2-1.mga{7|8}
thunderbird-cs-78.10.2-1.mga{7|8}
thunderbird-cy-78.10.2-1.mga{7|8}
thunderbird-da-78.10.2-1.mga{7|8}
thunderbird-de-78.10.2-1.mga{7|8}
thunderbird-el-78.10.2-1.mga{7|8}
thunderbird-en_GB-78.10.2-1.mga{7|8}
thunderbird-en_US-78.10.2-1.mga{7|8}
thunderbird-es_AR-78.10.2-1.mga{7|8}
thunderbird-es_ES-78.10.2-1.mga{7|8}
thunderbird-et-78.10.2-1.mga{7|8}
thunderbird-eu-78.10.2-1.mga{7|8}
thunderbird-fi-78.10.2-1.mga{7|8}
thunderbird-fr-78.10.2-1.mga{7|8}
thunderbird-fy_NL-78.10.2-1.mga{7|8}
thunderbird-ga_IE-78.10.2-1.mga{7|8}
thunderbird-gd-78.10.2-1.mga{7|8}
thunderbird-gl-78.10.2-1.mga{7|8}
thunderbird-he-78.10.2-1.mga{7|8}
thunderbird-hr-78.10.2-1.mga{7|8}
thunderbird-hsb-78.10.2-1.mga{7|8}
thunderbird-hu-78.10.2-1.mga{7|8}
thunderbird-hy_AM-78.10.2-1.mga{7|8}
thunderbird-id-78.10.2-1.mga{7|8}
thunderbird-is-78.10.2-1.mga{7|8}
thunderbird-it-78.10.2-1.mga{7|8}
thunderbird-ja-78.10.2-1.mga{7|8}
thunderbird-ka-78.10.2-1.mga{7|8}
thunderbird-kab-78.10.2-1.mga{7|8}
thunderbird-kk-78.10.2-1.mga{7|8}
thunderbird-ko-78.10.2-1.mga{7|8}
thunderbird-lt-78.10.2-1.mga{7|8}
thunderbird-ms-78.10.2-1.mga{7|8}
thunderbird-nb_NO-78.10.2-1.mga{7|8}
thunderbird-nl-78.10.2-1.mga{7|8}
thunderbird-nn_NO-78.10.2-1.mga{7|8}
thunderbird-pl-78.10.2-1.mga{7|8}
thunderbird-pt_BR-78.10.2-1.mga{7|8}
thunderbird-pt_PT-78.10.2-1.mga{7|8}
thunderbird-ro-78.10.2-1.mga{7|8}
thunderbird-ru-78.10.2-1.mga{7|8}
thunderbird-si-78.10.2-1.mga{7|8}
thunderbird-sk-78.10.2-1.mga{7|8}
thunderbird-sl-78.10.2-1.mga{7|8}
thunderbird-sq-78.10.2-1.mga{7|8}
thunderbird-sv_SE-78.10.2-1.mga{7|8}
thunderbird-tr-78.10.2-1.mga{7|8}
thunderbird-uk-78.10.2-1.mga{7|8}
thunderbird-uz-78.10.2-1.mga{7|8}
thunderbird-vi-78.10.2-1.mga{7|8}
thunderbird-zh_CN-78.10.2-1.mga{7|8}
thunderbird-zh_TW-78.10.2-1.mga{7|8}

from SRPMS:
thunderbird-78.10.2-1.mga{7|8}.src.rpm
thunderbird-l10n-78.10.2-1.mga{7|8}.src.rpm

Source RPM: thunderbird => thunderbird, thunderbird-l10n
Version: Cauldron => 8
CC: (none) => nicolas.salguero
CVE: (none) => CVE-2021-29957, CVE-2021-29956
Status: NEW => ASSIGNED
Assignee: nicolas.salguero => qa-bugs
Whiteboard: (none) => MGA7TOO

Mga8-64 clean update and launch
All settings, accounts, mails kept for several accounts.
IMAP and SMTP
Swedish localisation

CC: (none) => fri

No regressions found here (pop3, nntp). Openpgp shows a test message encrypted
with a valid sig. Validating the update.

CC: (none) => davidwhodgins, sysadmin-bugs
Keywords: (none) => validated_update
Whiteboard: MGA7TOO => MGA7TOO MGA7-64-OK

An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2021-0217.html

Resolution: (none) => FIXED
Status: ASSIGNED => RESOLVED