RedHat has issued an advisory today (August 25): https://rhn.redhat.com/errata/RHSA-2015-1682.html So, Thunderbird 38.2 fixes some of the same issues as Firefox 38.2 after all. Updated packages uploaded for Mageia 4 and Mageia 5. Advisory: ======================== Updated thunderbird packages fix security vulnerabilities: Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird (CVE-2015-4473, CVE-2015-4491, CVE-2015-4487, CVE-2015-4488, CVE-2015-4489). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4473 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4487 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4488 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4489 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4491 https://www.mozilla.org/en-US/security/advisories/mfsa2015-79/ https://www.mozilla.org/en-US/security/advisories/mfsa2015-88/ https://www.mozilla.org/en-US/security/advisories/mfsa2015-90/ https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ https://rhn.redhat.com/errata/RHSA-2015-1682.html ======================== Updated packages in core/updates_testing: ======================== thunderbird-38.2.0-1.mga4 thunderbird-enigmail-38.2.0-1.mga4 thunderbird-ar-38.2.0-1.mga4 thunderbird-ast-38.2.0-1.mga4 thunderbird-be-38.2.0-1.mga4 thunderbird-bg-38.2.0-1.mga4 thunderbird-bn_BD-38.2.0-1.mga4 thunderbird-br-38.2.0-1.mga4 thunderbird-ca-38.2.0-1.mga4 thunderbird-cs-38.2.0-1.mga4 thunderbird-cy-38.2.0-1.mga4 thunderbird-da-38.2.0-1.mga4 thunderbird-de-38.2.0-1.mga4 thunderbird-el-38.2.0-1.mga4 thunderbird-en_GB-38.2.0-1.mga4 thunderbird-en_US-38.2.0-1.mga4 thunderbird-es_AR-38.2.0-1.mga4 thunderbird-es_ES-38.2.0-1.mga4 thunderbird-et-38.2.0-1.mga4 thunderbird-eu-38.2.0-1.mga4 thunderbird-fi-38.2.0-1.mga4 thunderbird-fr-38.2.0-1.mga4 thunderbird-fy_NL-38.2.0-1.mga4 thunderbird-ga_IE-38.2.0-1.mga4 thunderbird-gd-38.2.0-1.mga4 thunderbird-gl-38.2.0-1.mga4 thunderbird-he-38.2.0-1.mga4 thunderbird-hr-38.2.0-1.mga4 thunderbird-hsb-38.2.0-1.mga4 thunderbird-hu-38.2.0-1.mga4 thunderbird-hy_AM-38.2.0-1.mga4 thunderbird-id-38.2.0-1.mga4 thunderbird-is-38.2.0-1.mga4 thunderbird-it-38.2.0-1.mga4 thunderbird-ja-38.2.0-1.mga4 thunderbird-ko-38.2.0-1.mga4 thunderbird-lt-38.2.0-1.mga4 thunderbird-nb_NO-38.2.0-1.mga4 thunderbird-nl-38.2.0-1.mga4 thunderbird-nn_NO-38.2.0-1.mga4 thunderbird-pa_IN-38.2.0-1.mga4 thunderbird-pl-38.2.0-1.mga4 thunderbird-pt_BR-38.2.0-1.mga4 thunderbird-pt_PT-38.2.0-1.mga4 thunderbird-ro-38.2.0-1.mga4 thunderbird-ru-38.2.0-1.mga4 thunderbird-si-38.2.0-1.mga4 thunderbird-sk-38.2.0-1.mga4 thunderbird-sl-38.2.0-1.mga4 thunderbird-sq-38.2.0-1.mga4 thunderbird-sv_SE-38.2.0-1.mga4 thunderbird-ta_LK-38.2.0-1.mga4 thunderbird-tr-38.2.0-1.mga4 thunderbird-uk-38.2.0-1.mga4 thunderbird-vi-38.2.0-1.mga4 thunderbird-zh_CN-38.2.0-1.mga4 thunderbird-zh_TW-38.2.0-1.mga4 thunderbird-38.2.0-1.mga5 thunderbird-enigmail-38.2.0-1.mga5 thunderbird-ar-38.2.0-1.mga5 thunderbird-ast-38.2.0-1.mga5 thunderbird-be-38.2.0-1.mga5 thunderbird-bg-38.2.0-1.mga5 thunderbird-bn_BD-38.2.0-1.mga5 thunderbird-br-38.2.0-1.mga5 thunderbird-ca-38.2.0-1.mga5 thunderbird-cs-38.2.0-1.mga5 thunderbird-cy-38.2.0-1.mga5 thunderbird-da-38.2.0-1.mga5 thunderbird-de-38.2.0-1.mga5 thunderbird-el-38.2.0-1.mga5 thunderbird-en_GB-38.2.0-1.mga5 thunderbird-en_US-38.2.0-1.mga5 thunderbird-es_AR-38.2.0-1.mga5 thunderbird-es_ES-38.2.0-1.mga5 thunderbird-et-38.2.0-1.mga5 thunderbird-eu-38.2.0-1.mga5 thunderbird-fi-38.2.0-1.mga5 thunderbird-fr-38.2.0-1.mga5 thunderbird-fy_NL-38.2.0-1.mga5 thunderbird-ga_IE-38.2.0-1.mga5 thunderbird-gd-38.2.0-1.mga5 thunderbird-gl-38.2.0-1.mga5 thunderbird-he-38.2.0-1.mga5 thunderbird-hr-38.2.0-1.mga5 thunderbird-hsb-38.2.0-1.mga5 thunderbird-hu-38.2.0-1.mga5 thunderbird-hy_AM-38.2.0-1.mga5 thunderbird-id-38.2.0-1.mga5 thunderbird-is-38.2.0-1.mga5 thunderbird-it-38.2.0-1.mga5 thunderbird-ja-38.2.0-1.mga5 thunderbird-ko-38.2.0-1.mga5 thunderbird-lt-38.2.0-1.mga5 thunderbird-nb_NO-38.2.0-1.mga5 thunderbird-nl-38.2.0-1.mga5 thunderbird-nn_NO-38.2.0-1.mga5 thunderbird-pa_IN-38.2.0-1.mga5 thunderbird-pl-38.2.0-1.mga5 thunderbird-pt_BR-38.2.0-1.mga5 thunderbird-pt_PT-38.2.0-1.mga5 thunderbird-ro-38.2.0-1.mga5 thunderbird-ru-38.2.0-1.mga5 thunderbird-si-38.2.0-1.mga5 thunderbird-sk-38.2.0-1.mga5 thunderbird-sl-38.2.0-1.mga5 thunderbird-sq-38.2.0-1.mga5 thunderbird-sv_SE-38.2.0-1.mga5 thunderbird-ta_LK-38.2.0-1.mga5 thunderbird-tr-38.2.0-1.mga5 thunderbird-uk-38.2.0-1.mga5 thunderbird-vi-38.2.0-1.mga5 thunderbird-zh_CN-38.2.0-1.mga5 thunderbird-zh_TW-38.2.0-1.mga5 from SRPMS: thunderbird-38.2.0-1.mga4.src.rpm thunderbird-l10n-38.2.0-1.mga4.src.rpm thunderbird-38.2.0-1.mga5.src.rpm thunderbird-l10n-38.2.0-1.mga5.src.rpm Reproducible: Steps to Reproduce:
Whiteboard: (none) => MGA4TOO
mga5 64 LANG=fr_FR.UTF-8 Installed : thunderbird-38.2.0-1.mga5.x86_64.rpm thunderbird-fr-38.2.0-1.mga5.noarch.rpm I'm already using Thunderbird. Start fine, throw (process:307): GLib-CRITICAL **: g_slice_set_config: assertion 'sys_page_size == 0' failed Gtk-Message: Failed to load module "canberra-gtk-module" as usual. Correctly load prefs and mails, retrieve new mails. Update OK.
CC: (none) => yann.cantinWhiteboard: MGA4TOO => MGA4TOO MGA5-64-OK
Working fine on Mageia 4 i586.
Whiteboard: MGA4TOO MGA5-64-OK => MGA4TOO MGA5-64-OK MGA4-32-OK
Seems to work fine on Mageia 4 x86_64. Validating. Still needs advisory to be uploaded by QA.
Keywords: (none) => validated_updateWhiteboard: MGA4TOO MGA5-64-OK MGA4-32-OK => MGA4TOO MGA5-64-OK MGA4-32-OK MGA4-64-OKCC: (none) => sysadmin-bugs
Advisory uploaded.
Whiteboard: MGA4TOO MGA5-64-OK MGA4-32-OK MGA4-64-OK => MGA4TOO MGA5-64-OK MGA4-32-OK MGA4-64-OK advisory
An update for this issue has been pushed to Mageia Updates repository. http://advisories.mageia.org/MGASA-2015-0330.html
Status: NEW => RESOLVEDResolution: (none) => FIXED