Hi, Thunderbird 60.9 has been released (September 6). References: https://www.thunderbird.net/en-US/thunderbird/60.9.0/releasenotes/ Best regards, Nico.
Source RPM: (none) => thunderbird, thunderbird-l10n
Assignee: bugsquad => nicolas.salguero
60.9.0-1 mga6 - 64 bit + Swedish working nicely here on Plasma - tested for some hours in production, offline IMAP + SMTP, but not tested Calendar. This system is fully updated to testing repos.
CC: (none) => fri
Depends on: (none) => 25396
Suggested advisory: ======================== The updated packages fix some bugs and security issues. References: https://www.thunderbird.net/en-US/thunderbird/60.9.0/releasenotes/ ======================== Updated packages in core/updates_testing: ======================== thunderbird-60.9.0-1.mga6 thunderbird-enigmail-60.9.0-1.mga6 thunderbird-ar-60.9.0-1.mga6 thunderbird-ast-60.9.0-1.mga6 thunderbird-be-60.9.0-1.mga6 thunderbird-bg-60.9.0-1.mga6 thunderbird-br-60.9.0-1.mga6 thunderbird-ca-60.9.0-1.mga6 thunderbird-cs-60.9.0-1.mga6 thunderbird-cy-60.9.0-1.mga6 thunderbird-da-60.9.0-1.mga6 thunderbird-de-60.9.0-1.mga6 thunderbird-el-60.9.0-1.mga6 thunderbird-en_GB-60.9.0-1.mga6 thunderbird-en_US-60.9.0-1.mga6 thunderbird-es_AR-60.9.0-1.mga6 thunderbird-es_ES-60.9.0-1.mga6 thunderbird-et-60.9.0-1.mga6 thunderbird-eu-60.9.0-1.mga6 thunderbird-fi-60.9.0-1.mga6 thunderbird-fr-60.9.0-1.mga6 thunderbird-fy_NL-60.9.0-1.mga6 thunderbird-ga_IE-60.9.0-1.mga6 thunderbird-gd-60.9.0-1.mga6 thunderbird-gl-60.9.0-1.mga6 thunderbird-he-60.9.0-1.mga6 thunderbird-hr-60.9.0-1.mga6 thunderbird-hsb-60.9.0-1.mga6 thunderbird-hu-60.9.0-1.mga6 thunderbird-hy_AM-60.9.0-1.mga6 thunderbird-id-60.9.0-1.mga6 thunderbird-is-60.9.0-1.mga6 thunderbird-it-60.9.0-1.mga6 thunderbird-ja-60.9.0-1.mga6 thunderbird-ko-60.9.0-1.mga6 thunderbird-lt-60.9.0-1.mga6 thunderbird-nb_NO-60.9.0-1.mga6 thunderbird-nl-60.9.0-1.mga6 thunderbird-nn_NO-60.9.0-1.mga6 thunderbird-pl-60.9.0-1.mga6 thunderbird-pt_BR-60.9.0-1.mga6 thunderbird-pt_PT-60.9.0-1.mga6 thunderbird-ro-60.9.0-1.mga6 thunderbird-ru-60.9.0-1.mga6 thunderbird-si-60.9.0-1.mga6 thunderbird-sk-60.9.0-1.mga6 thunderbird-sl-60.9.0-1.mga6 thunderbird-sq-60.9.0-1.mga6 thunderbird-sv_SE-60.9.0-1.mga6 thunderbird-tr-60.9.0-1.mga6 thunderbird-uk-60.9.0-1.mga6 thunderbird-vi-60.9.0-1.mga6 thunderbird-zh_CN-60.9.0-1.mga6 thunderbird-zh_TW-60.9.0-1.mga6 from SRPMS: thunderbird-60.9.0-1.mga6.src.rpm thunderbird-l10n-60.9.0-1.mga6.src.rpm
Assignee: nicolas.salguero => qa-bugsStatus: NEW => ASSIGNED
mga6, x86_64 The new thunderbird works fine here for a gmail account. Updated in the middle of checking email. After restart all looked the same but there are many changes under the hood, too many to check. The calendar/reminder function is working fine and contains the new location option for tasks. Good for 64bits.
CC: (none) => tarazed25
Tested MGA6-32: Send/Recieve/Move/Delete over IMAP/SMTP all ok. Calendar OK
CC: (none) => wrw105Whiteboard: (none) => MGA6-32-OK
(In reply to Len Lawrence from comment #3) > mga6, x86_64 > > The new thunderbird works fine here for a gmail account. Updated in the > middle of checking email. After restart all looked the same but there are > many changes under the hood, too many to check. The calendar/reminder > function is working fine and contains the new location option for tasks. > > Good for 64bits. Thank you, Len. Adding a 64-bit OK based on Morgan's and your tests, and validating. Advisory in Comment 2.
Keywords: (none) => validated_updateWhiteboard: MGA6-32-OK => MGA6-32-OK MGA6-64-OKCC: (none) => andrewsfarm, sysadmin-bugs
Better advisory, added to svn: type: security subject: Updated thunderbird packages fix security vulnerabilities CVE: - CVE-2019-11739 - CVE-2019-11740 - CVE-2019-11742 - CVE-2019-11743 - CVE-2019-11744 - CVE-2019-11752 src: 6: core: - thunderbird-60.9.0-1.mga6 - thunderbird-l10n-60.9.0-1.mga6 description: | Updated thunderbird packages fix security vulnerabilities: Covert Content Attack on S/MIME encryption using a crafted multipart/ alternative message (CVE-2019-11739). Memory safety bugs fixed in Firefox 69, Firefox ESR 68.1, Firefox ESR 60.9, Thunderbird 68.1, and Thunderbird 60.9 (CVE-2019-11740) Same-origin policy violation with SVG filters and canvas to steal cross-origin images (CVE-2019-11742) Cross-origin access to unload event attributes (CVE-2019-11743) XSS by breaking out of title and textarea elements using innerHTML (CVE-2019-11744) Use-after-free while manipulating video (CVE-2019-11746) Use-after-free while extracting a key value in IndexedDB (CVE-2019-11752) references: - https://bugs.mageia.org/show_bug.cgi?id=25415 - https://www.thunderbird.net/en-US/thunderbird/60.9.0/releasenotes/
CC: (none) => tmbKeywords: (none) => advisory
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2019-0275.html
Status: ASSIGNED => RESOLVEDResolution: (none) => FIXED
RedHat has issued an advisory for this today (September 16): https://access.redhat.com/errata/RHSA-2019:2774