Bug 23277 - Thunderbird 52.9.1 (mga6)
Summary: Thunderbird 52.9.1 (mga6)
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 6
Hardware: All Linux
Priority: Normal critical
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL:
Whiteboard: MGA6-32-OK MGA6-64-OK
Keywords: advisory, validated_update
Depends on:
Blocks: 23140 23303
  Show dependency treegraph
 
Reported: 2018-07-04 00:39 CEST by David Walser
Modified: 2018-07-30 22:46 CEST (History)
12 users (show)

See Also:
Source RPM: thunderbird
CVE:
Status comment:


Attachments

Description David Walser 2018-07-04 00:39:42 CEST
Mozilla has released Thunderbird 52.9 today (July 3):
https://www.thunderbird.net/en-US/thunderbird/52.9.0/releasenotes/

The security issues fixed are listed here:
https://www.mozilla.org/en-US/security/advisories/mfsa2018-18/

Mageia 5 and Mageia 6 are also affected.

If it builds for Mageia 5, we can push the nspr, rootcerts, and nss packages from Bug 22904 with it.

Additionally, enigmail needs to be updated (see Bug 23140).
David Walser 2018-07-04 00:40:01 CEST

Whiteboard: (none) => MGA6TOO
Blocks: (none) => 23140

Comment 1 Marja Van Waes 2018-07-04 12:44:59 CEST
Assigning to the registered maintainer.
CC'ing some recent committers.

Assignee: bugsquad => doktor5000
CC: (none) => geiger.david68210, marja11, mrambo, nicolas.salguero

Comment 2 Nicolas Salguero 2018-07-05 14:18:48 CEST
Suggested advisory:
========================

The updated packages fix several bugs and some security issues:

Buffer overflow using computed size of canvas element. (CVE-2018-12359)

Use-after-free when using focus(). (CVE-2018-12360)

S/MIME and PGP decryption oracles can be built with HTML emails. (CVE-2018-12372)

S/MIME plaintext can be leaked through HTML reply/forward. (CVE-2018-12373)

Integer overflow in SSSE3 scaler. (CVE-2018-12362)

Use-after-free when appending DOM nodes. (CVE-2018-12363)

CSRF attacks through 307 redirects and NPAPI plugins. (CVE-2018-12364)

Compromised IPC child process can list local filenames. (CVE-2018-12365)

Invalid data handling during QCMS transformations. (CVE-2018-12366)

Using form to exfiltrate encrypted mail part by pressing enter in form field. (CVE-2018-12374)

Memory safety bugs fixed in Firefox 60, Firefox ESR 60.1, Firefox ESR 52.9, and Thunderbird 52.9. (CVE-2018-5188)

The signature verification routine in Enigmail before 2.0.7 interprets user ids as status/control messages and does not correctly keep track of the status of multiple signatures, which allows remote attackers to spoof arbitrary email signatures via public keys containing crafted primary user ids. (CVE-2018-12019)

mainproc.c in GnuPG before 2.2.8 mishandles the original filename during decryption and verification actions, which allows remote attackers to spoof the output that GnuPG sends on file descriptor 2 to other programs that use the "--status-fd 2" option. For example, the OpenPGP data might represent an original filename that contains line feed characters in conjunction with GOODSIG or VALIDSIG status codes. (CVE-2018-12020)

References:
========================
https://www.thunderbird.net/en-US/thunderbird/52.9.0/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2018-18/
https://lists.opensuse.org/opensuse-updates/2018-05/msg00133.html
https://neopg.io/blog/enigmail-signature-spoof/
http://openwall.com/lists/oss-security/2018/06/13/10
https://neopg.io/blog/gpg-signature-spoof/
https://sourceforge.net/p/enigmail/forum/announce/thread/b948279f/
https://lists.opensuse.org/opensuse-updates/2018-06/msg00094.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12359
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12360
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12372
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12373
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12362
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12363
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12364
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12365
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12366
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12374
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5188
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12019
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12020

Updated packages in 5/core/updates_testing:
========================
thunderbird-52.9.0-1.mga5
thunderbird-enigmail-52.9.0-1.mga5
thunderbird-ar-52.9.0-1.mga5
thunderbird-ast-52.9.0-1.mga5
thunderbird-be-52.9.0-1.mga5
thunderbird-bg-52.9.0-1.mga5
thunderbird-bn_BD-52.9.0-1.mga5
thunderbird-br-52.9.0-1.mga5
thunderbird-ca-52.9.0-1.mga5
thunderbird-cs-52.9.0-1.mga5
thunderbird-cy-52.9.0-1.mga5
thunderbird-da-52.9.0-1.mga5
thunderbird-de-52.9.0-1.mga5
thunderbird-el-52.9.0-1.mga5
thunderbird-en_GB-52.9.0-1.mga5
thunderbird-en_US-52.9.0-1.mga5
thunderbird-es_AR-52.9.0-1.mga5
thunderbird-es_ES-52.9.0-1.mga5
thunderbird-et-52.9.0-1.mga5
thunderbird-eu-52.9.0-1.mga5
thunderbird-fi-52.9.0-1.mga5
thunderbird-fr-52.9.0-1.mga5
thunderbird-fy_NL-52.9.0-1.mga5
thunderbird-ga_IE-52.9.0-1.mga5
thunderbird-gd-52.9.0-1.mga5
thunderbird-gl-52.9.0-1.mga5
thunderbird-he-52.9.0-1.mga5
thunderbird-hr-52.9.0-1.mga5
thunderbird-hsb-52.9.0-1.mga5
thunderbird-hu-52.9.0-1.mga5
thunderbird-hy_AM-52.9.0-1.mga5
thunderbird-id-52.9.0-1.mga5
thunderbird-is-52.9.0-1.mga5
thunderbird-it-52.9.0-1.mga5
thunderbird-ja-52.9.0-1.mga5
thunderbird-ko-52.9.0-1.mga5
thunderbird-lt-52.9.0-1.mga5
thunderbird-nb_NO-52.9.0-1.mga5
thunderbird-nl-52.9.0-1.mga5
thunderbird-nn_NO-52.9.0-1.mga5
thunderbird-pa_IN-52.9.0-1.mga5
thunderbird-pl-52.9.0-1.mga5
thunderbird-pt_BR-52.9.0-1.mga5
thunderbird-pt_PT-52.9.0-1.mga5
thunderbird-ro-52.9.0-1.mga5
thunderbird-ru-52.9.0-1.mga5
thunderbird-si-52.9.0-1.mga5
thunderbird-sk-52.9.0-1.mga5
thunderbird-sl-52.9.0-1.mga5
thunderbird-sq-52.9.0-1.mga5
thunderbird-sv_SE-52.9.0-1.mga5
thunderbird-ta_LK-52.9.0-1.mga5
thunderbird-tr-52.9.0-1.mga5
thunderbird-uk-52.9.0-1.mga5
thunderbird-vi-52.9.0-1.mga5
thunderbird-zh_CN-52.9.0-1.mga5
thunderbird-zh_TW-52.9.0-1.mga5
libnspr4-4.19-1.mga5
libnspr-devel-4.19-1.mga5
rootcerts-20180411.00-1.mga5
rootcerts-java-20180411.00-1.mga5
nss-3.28.6-1.4.mga5
nss-doc-3.28.6-1.4.mga5
libnss3-3.28.6-1.4.mga5
libnss-devel-3.28.6-1.4.mga5
libnss-static-devel-3.28.6-1.4.mga5

from SRPMS:
thunderbird-52.9.0-1.mga5.src.rpm
thunderbird-l10n-52.9.0-1.mga5.src.rpm
nspr-4.19-1.mga5.src.rpm
rootcerts-20180411.00-1.mga5.src.rpm
nss-3.28.6-1.4.mga5.src.rpm

Updated packages in 6/core/updates_testing:
========================
thunderbird-52.9.0-1.mga6
thunderbird-enigmail-52.9.0-1.mga6
thunderbird-ar-52.9.0-1.mga6
thunderbird-ast-52.9.0-1.mga6
thunderbird-be-52.9.0-1.mga6
thunderbird-bg-52.9.0-1.mga6
thunderbird-bn_BD-52.9.0-1.mga6
thunderbird-br-52.9.0-1.mga6
thunderbird-ca-52.9.0-1.mga6
thunderbird-cs-52.9.0-1.mga6
thunderbird-cy-52.9.0-1.mga6
thunderbird-da-52.9.0-1.mga6
thunderbird-de-52.9.0-1.mga6
thunderbird-el-52.9.0-1.mga6
thunderbird-en_GB-52.9.0-1.mga6
thunderbird-en_US-52.9.0-1.mga6
thunderbird-es_AR-52.9.0-1.mga6
thunderbird-es_ES-52.9.0-1.mga6
thunderbird-et-52.9.0-1.mga6
thunderbird-eu-52.9.0-1.mga6
thunderbird-fi-52.9.0-1.mga6
thunderbird-fr-52.9.0-1.mga6
thunderbird-fy_NL-52.9.0-1.mga6
thunderbird-ga_IE-52.9.0-1.mga6
thunderbird-gd-52.9.0-1.mga6
thunderbird-gl-52.9.0-1.mga6
thunderbird-he-52.9.0-1.mga6
thunderbird-hr-52.9.0-1.mga6
thunderbird-hsb-52.9.0-1.mga6
thunderbird-hu-52.9.0-1.mga6
thunderbird-hy_AM-52.9.0-1.mga6
thunderbird-id-52.9.0-1.mga6
thunderbird-is-52.9.0-1.mga6
thunderbird-it-52.9.0-1.mga6
thunderbird-ja-52.9.0-1.mga6
thunderbird-ko-52.9.0-1.mga6
thunderbird-lt-52.9.0-1.mga6
thunderbird-nb_NO-52.9.0-1.mga6
thunderbird-nl-52.9.0-1.mga6
thunderbird-nn_NO-52.9.0-1.mga6
thunderbird-pa_IN-52.9.0-1.mga6
thunderbird-pl-52.9.0-1.mga6
thunderbird-pt_BR-52.9.0-1.mga6
thunderbird-pt_PT-52.9.0-1.mga6
thunderbird-ro-52.9.0-1.mga6
thunderbird-ru-52.9.0-1.mga6
thunderbird-si-52.9.0-1.mga6
thunderbird-sk-52.9.0-1.mga6
thunderbird-sl-52.9.0-1.mga6
thunderbird-sq-52.9.0-1.mga6
thunderbird-sv_SE-52.9.0-1.mga6
thunderbird-ta_LK-52.9.0-1.mga6
thunderbird-tr-52.9.0-1.mga6
thunderbird-uk-52.9.0-1.mga6
thunderbird-vi-52.9.0-1.mga6
thunderbird-zh_CN-52.9.0-1.mga6
thunderbird-zh_TW-52.9.0-1.mga6

from SRPMS:
thunderbird-52.9.0-1.mga6.src.rpm
thunderbird-l10n-52.9.0-1.mga6.src.rpm

Status: NEW => ASSIGNED
Assignee: doktor5000 => qa-bugs
Version: Cauldron => 6
Whiteboard: MGA6TOO => MGA5TOO

Comment 3 David Walser 2018-07-05 14:24:40 CEST
It finally built for Mageia 5.  Yay!  Thanks Nicolas!  Is it possible to fix Firefox?

Advisory to come later.

Updated packages in core/updates_testing:
========================
libnspr4-4.19-1.mga5
libnspr-devel-4.19-1.mga5
rootcerts-20180411.00-1.mga5
rootcerts-java-20180411.00-1.mga5
nss-3.28.6-1.4.mga5
nss-doc-3.28.6-1.4.mga5
libnss3-3.28.6-1.4.mga5
libnss-devel-3.28.6-1.4.mga5
libnss-static-devel-3.28.6-1.4.mga5
thunderbird-52.9.0-1.mga5
thunderbird-ar-52.9.0-1.mga5
thunderbird-ast-52.9.0-1.mga5
thunderbird-be-52.9.0-1.mga5
thunderbird-bg-52.9.0-1.mga5
thunderbird-bn_BD-52.9.0-1.mga5
thunderbird-br-52.9.0-1.mga5
thunderbird-ca-52.9.0-1.mga5
thunderbird-cs-52.9.0-1.mga5
thunderbird-cy-52.9.0-1.mga5
thunderbird-da-52.9.0-1.mga5
thunderbird-de-52.9.0-1.mga5
thunderbird-el-52.9.0-1.mga5
thunderbird-en_GB-52.9.0-1.mga5
thunderbird-en_US-52.9.0-1.mga5
thunderbird-es_AR-52.9.0-1.mga5
thunderbird-es_ES-52.9.0-1.mga5
thunderbird-et-52.9.0-1.mga5
thunderbird-eu-52.9.0-1.mga5
thunderbird-fi-52.9.0-1.mga5
thunderbird-fr-52.9.0-1.mga5
thunderbird-fy_NL-52.9.0-1.mga5
thunderbird-ga_IE-52.9.0-1.mga5
thunderbird-gd-52.9.0-1.mga5
thunderbird-gl-52.9.0-1.mga5
thunderbird-he-52.9.0-1.mga5
thunderbird-hr-52.9.0-1.mga5
thunderbird-hsb-52.9.0-1.mga5
thunderbird-hu-52.9.0-1.mga5
thunderbird-hy_AM-52.9.0-1.mga5
thunderbird-id-52.9.0-1.mga5
thunderbird-is-52.9.0-1.mga5
thunderbird-it-52.9.0-1.mga5
thunderbird-ja-52.9.0-1.mga5
thunderbird-ko-52.9.0-1.mga5
thunderbird-lt-52.9.0-1.mga5
thunderbird-nb_NO-52.9.0-1.mga5
thunderbird-nl-52.9.0-1.mga5
thunderbird-nn_NO-52.9.0-1.mga5
thunderbird-pa_IN-52.9.0-1.mga5
thunderbird-pl-52.9.0-1.mga5
thunderbird-pt_BR-52.9.0-1.mga5
thunderbird-pt_PT-52.9.0-1.mga5
thunderbird-ro-52.9.0-1.mga5
thunderbird-ru-52.9.0-1.mga5
thunderbird-si-52.9.0-1.mga5
thunderbird-sk-52.9.0-1.mga5
thunderbird-sl-52.9.0-1.mga5
thunderbird-sq-52.9.0-1.mga5
thunderbird-sv_SE-52.9.0-1.mga5
thunderbird-ta_LK-52.9.0-1.mga5
thunderbird-tr-52.9.0-1.mga5
thunderbird-uk-52.9.0-1.mga5
thunderbird-vi-52.9.0-1.mga5
thunderbird-zh_CN-52.9.0-1.mga5
thunderbird-zh_TW-52.9.0-1.mga5
thunderbird-52.9.0-1.mga6
thunderbird-enigmail-52.9.0-1.mga6
thunderbird-ar-52.9.0-1.mga6
thunderbird-ast-52.9.0-1.mga6
thunderbird-be-52.9.0-1.mga6
thunderbird-bg-52.9.0-1.mga6
thunderbird-bn_BD-52.9.0-1.mga6
thunderbird-br-52.9.0-1.mga6
thunderbird-ca-52.9.0-1.mga6
thunderbird-cs-52.9.0-1.mga6
thunderbird-cy-52.9.0-1.mga6
thunderbird-da-52.9.0-1.mga6
thunderbird-de-52.9.0-1.mga6
thunderbird-el-52.9.0-1.mga6
thunderbird-en_GB-52.9.0-1.mga6
thunderbird-en_US-52.9.0-1.mga6
thunderbird-es_AR-52.9.0-1.mga6
thunderbird-es_ES-52.9.0-1.mga6
thunderbird-et-52.9.0-1.mga6
thunderbird-eu-52.9.0-1.mga6
thunderbird-fi-52.9.0-1.mga6
thunderbird-fr-52.9.0-1.mga6
thunderbird-fy_NL-52.9.0-1.mga6
thunderbird-ga_IE-52.9.0-1.mga6
thunderbird-gd-52.9.0-1.mga6
thunderbird-gl-52.9.0-1.mga6
thunderbird-he-52.9.0-1.mga6
thunderbird-hr-52.9.0-1.mga6
thunderbird-hsb-52.9.0-1.mga6
thunderbird-hu-52.9.0-1.mga6
thunderbird-hy_AM-52.9.0-1.mga6
thunderbird-id-52.9.0-1.mga6
thunderbird-is-52.9.0-1.mga6
thunderbird-it-52.9.0-1.mga6
thunderbird-ja-52.9.0-1.mga6
thunderbird-ko-52.9.0-1.mga6
thunderbird-lt-52.9.0-1.mga6
thunderbird-nb_NO-52.9.0-1.mga6
thunderbird-nl-52.9.0-1.mga6
thunderbird-nn_NO-52.9.0-1.mga6
thunderbird-pa_IN-52.9.0-1.mga6
thunderbird-pl-52.9.0-1.mga6
thunderbird-pt_BR-52.9.0-1.mga6
thunderbird-pt_PT-52.9.0-1.mga6
thunderbird-ro-52.9.0-1.mga6
thunderbird-ru-52.9.0-1.mga6
thunderbird-si-52.9.0-1.mga6
thunderbird-sk-52.9.0-1.mga6
thunderbird-sl-52.9.0-1.mga6
thunderbird-sq-52.9.0-1.mga6
thunderbird-sv_SE-52.9.0-1.mga6
thunderbird-ta_LK-52.9.0-1.mga6
thunderbird-tr-52.9.0-1.mga6
thunderbird-uk-52.9.0-1.mga6
thunderbird-vi-52.9.0-1.mga6
thunderbird-zh_CN-52.9.0-1.mga6
thunderbird-zh_TW-52.9.0-1.mga6

from SRPMS:
nspr-4.19-1.mga5.src.rpm
rootcerts-20180411.00-1.mga5.src.rpm
nss-3.28.6-1.4.mga5.src.rpm
thunderbird-52.9.0-1.mga5.src.rpm
thunderbird-l10n-52.9.0-1.mga5.src.rpm
thunderbird-52.9.0-1.mga6.src.rpm
thunderbird-l10n-52.9.0-1.mga6.src.rpm

CC: (none) => doktor5000
Status: ASSIGNED => NEW

Comment 4 David Walser 2018-07-05 14:25:31 CEST
Ahh mid-air collision.  Nicolas's advisory works.  Thanks :o)
Comment 5 Len Lawrence 2018-07-05 17:48:51 CEST
Mageia 6, x86_64

Updated the thunderbird packages for language en_GB and reloaded thunderbird.  Working as expected.  Filed messages in folders, received new mail, deleted entries, images display, followed links to browser.  It looks fine.  Calendar retained previous entries.  Added a new weekly entry for QA IRC meeting with an alert 30 minutes before.

Enigmail not in use for historical reasons but tried generating a new key pair.  That failed.  It was impossible to read the logs in enigmail console because of low contrast between black background and the dark grey text but the suspicion is that the problem might be related to gnome-keyring as in the past.

If enigmail is left out of the equation thunderbird is working perfectly.

CC: (none) => tarazed25

Comment 6 Len Lawrence 2018-07-05 18:47:47 CEST
Mageia 5, x86_64

Upgraded nss packages, rootcerts and thunderbird.
IMAP connection to googlemail.com OK.  Normal functions working OK, address books, tabs, internal filing, calendar, web links.

Enigmail complains that gnome-keyring is not a standard tool for handling passphrases.  Not possible to set or clear.  Tried keypair generation without a passphrase, stored a revocation certificate and configured enigmail to automatically encrypt sent messages and decrypt incoming mail.  Sent a test message to myself and that worked fine.

This looks OK for 64-bits.
Comment 7 Herman Viaene 2018-07-07 10:22:46 CEST
MGA5-32 Xfce on Dell Latitude D600
No installation issues, overwriting an existing version.
launching from CLI shows initial complaint that the current version of enigmail is not compatible. As I never used it before, I just disregard this, AFAICS it is not part of the update.
I was able to send a message from my gmail account to my ISP's account on another machine and get its response back. Addressbook OK.
OK for me.

CC: (none) => herman.viaene
Whiteboard: MGA5TOO => MGA5TOO MGA5-32-OK

Comment 8 Thomas Andrews 2018-07-07 14:19:49 CEST
Installed the 64-bit version on my HP 6550b MGA6 Plasma install. Sent and received emails, read newsgroups. I do not use the calendar, so did not check that. 

I also do not use enigmail. The enigmail issue appears to be an old, ongoing issue that was not meant to be addressed by this update. As such, and because of Len's tests, I am giving this an OK for MGA6-64.

Whiteboard: MGA5TOO MGA5-32-OK => MGA5TOO MGA5-32-OK MGA6-64-OK
CC: (none) => andrewsfarm

Comment 9 Herman Viaene 2018-07-07 15:53:36 CEST
MGA6-32 MATE on IBM Thinkpad R50e
No installation issues.
This was q fresh install of Thunderbird. I used its wizard to setup my existing gmail account: works OK.
Sending and receiving mail from/to it works OK.

Whiteboard: MGA5TOO MGA5-32-OK MGA6-64-OK => MGA5TOO MGA5-32-OK MGA6-64-OK MGA6-32-OK

Comment 10 claire robinson 2018-07-07 23:09:12 CEST
Enigmail should be part of the thunderbird srpm IINM

Name        : thunderbird-enigmail
Version     : 52.8.0
Release     : 4.mga6
Group       : Networking/Mail
Size        : 9052626                      Architecture: x86_64
Source RPM  : thunderbird-52.8.0-4.mga6.src.rpm

It possibly need upgrading.
Comment 11 Florian Hubold 2018-07-11 19:38:39 CEST
FWIW, please don't push this yet, 52.9.0 contains a bug when users remove attachments from mails, the mails then gets damaged. See more details at https://mail.mozilla.org/pipermail/tb-enterprise/2018-July/001409.html

52.9.1 was released yesterday and contains the fix for this:
https://www.thunderbird.net/en-US/thunderbird/52.9.1/releasenotes/

@QA: Feel free to assign this to me, I can also take a look at the enigmail upgrade from Bug 23140
Comment 12 Thomas Backlund 2018-07-11 20:38:10 CEST
Dropping OKs based on comment 11

Whiteboard: MGA5TOO MGA5-32-OK MGA6-64-OK MGA6-32-OK => MGA5TOO
CC: (none) => tmb

Thomas Backlund 2018-07-11 20:51:38 CEST

Keywords: (none) => feedback

Dave Hodgins 2018-07-11 22:32:52 CEST

CC: (none) => davidwhodgins
Assignee: qa-bugs => doktor5000

Comment 13 Florian Hubold 2018-07-13 16:23:26 CEST
Submitted both thunderbird-52.9.1-1.mga6 and thunderbird-l10n-52.9.1-1.mga6.

thunderbird build fails on i586 on the buildsystem with "virtual memory exhausted: Operation not permitted" but I cannot reproduce locally via iurt, builds fine for i586 here.

One of the sysadmins would need to take a look for that.

BTW, same failure occurs for firefox-52.9.0-1.mga5 and iceape-2.49.3-1.mga5 and also maybe other recent builds.

Assignee: doktor5000 => sysadmin-bugs

Comment 14 Thomas Backlund 2018-07-13 21:50:14 CEST

thunderbird-52.9.1-1.mga6 built on i586/x86_64

Keywords: feedback => (none)
Assignee: sysadmin-bugs => qa-bugs
Whiteboard: MGA5TOO => (none)

Comment 15 Herman Viaene 2018-07-14 10:30:17 CEST
MGA6-32 MATE on IBM Thinkpad R50e
Removed 52.9.0 completely including .thunderbird in home.
No installation issues.
This was a fresh install of Thunderbird. I used its wizard to setup my existing gmail account: works OK.
Sending and receiving and forwarding mail with or without attachment from/to it works OK.

Whiteboard: (none) => MGA6-32-OK

David Walser 2018-07-14 23:13:41 CEST

Summary: Thunderbird 52.9 => Thunderbird 52.9.1

David Walser 2018-07-14 23:14:39 CEST

Blocks: (none) => 23303

Comment 16 Thomas Andrews 2018-07-14 23:31:35 CEST
Updated my production system (Intel Core 2 Duo, 8GB, Intel graphics, wired Internet, 64-bit Plasma) This system had NOT been updated to Thunderbird 52.9.0.

Sent and received POP emails, looked at newsgroups. That's about all I do with Thunderbird. Looks OK here.
Comment 17 James Kerr 2018-07-16 11:46:08 CEST
on mga6-64

packages installed cleanly:
- thunderbird-52.9.1-1.mga6.x86_64
- thunderbird-en_GB-52.9.1-1.mga6.noarch

email - POP/SMTP - OK
calendar - OK
movemail - OK

not tested - IMAP, enigmail

to the extent tested, OK for mga6-64

CC: (none) => jim

Comment 18 James Kerr 2018-07-16 17:44:28 CEST
on mga6-32 

packages installed cleanly:
thunderbird-52.9.1-1.mga6.i586
thunderbird-en_GB-52.9.1-1.mga6.noarch

email - POP/SMTP - OK 
calendar - OK
movemail - OK

not tested IMAP, enigmail

To the extent tested OK for mga6-32
Comment 19 Thomas Backlund 2018-07-17 12:45:32 CEST
works on x86_64, tested smtp, nntp, imap
Len Lawrence 2018-07-19 22:04:51 CEST

Keywords: (none) => validated_update
Whiteboard: MGA6-32-OK => MGA6-32-OK MGA6-64-OK
CC: (none) => sysadmin-bugs

Rémi Verschelde 2018-07-23 12:36:07 CEST

Summary: Thunderbird 52.9.1 => Thunderbird 52.9.1 (mga6)

Comment 20 Rémi Verschelde 2018-07-23 12:42:56 CEST
Advisory uploaded (based on comment 2 + reference in comment 11 + SRPM in comment 14 (assuming same version/rel for -l10n package).
Comment 21 Rémi Verschelde 2018-07-23 12:47:39 CEST
Also added thunderbird-enigmail from comment 10 with version from comment 14 to advisory.

@packagers: When pushing new versions, please try to be crystal clear about what SRPMs are the latest one that are being validated, the exact SRPM NEVR is needed for the advisory.
Rémi Verschelde 2018-07-23 12:52:09 CEST

Keywords: (none) => advisory

Comment 22 David Walser 2018-07-23 12:54:00 CEST
Enigmail should not be in the SRPM list as it is not separate, it is part of the thunderbird SRPM.
Comment 23 Dave Hodgins 2018-07-23 22:51:45 CEST
Advisory corrected.
Comment 24 Mageia Robot 2018-07-24 00:28:57 CEST
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2018-0316.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED

Comment 25 David Walser 2018-07-30 16:26:57 CEST
RedHat has issued an advisory for this on July 24:
https://access.redhat.com/errata/RHSA-2018:2252

Note that we forgot to update Cauldron to 52.9.1.
Comment 26 Mike Rambo 2018-07-30 22:46:34 CEST
Version 52.9.1 uploaded for cauldron.

Note You need to log in before you can comment on or make changes to this bug.