Mozilla has released Thunderbird 78.7 on January 26: https://www.thunderbird.net/en-US/thunderbird/78.7.0/releasenotes/ Security issues fixed: https://www.mozilla.org/en-US/security/advisories/mfsa2021-05/
Depends on: (none) => 28218Whiteboard: (none) => MGA8TOO, MGA7TOO
RedHat has issued an advisory for this today (January 28): https://access.redhat.com/errata/RHSA-2021:0298
Assigning to NicolasS who has done most of the more recent commits; CC'ing Florian, the registered maintainer.
Assignee: bugsquad => nicolas.salgueroCC: (none) => doktor5000
pushed in mga8 updates_testing ( l10n now )
CC: (none) => mageia
cauldron/mga8 ok
Whiteboard: MGA8TOO, MGA7TOO => (none)Version: Cauldron => 7
Suggested advisory: ======================== The updated packages fix a security vulnerability: Cross-origin information leakage via redirected PDF requests. (CVE-2021-23953) Type confusion when using logical assignment operators in JavaScript switch statements. (CVE-2021-23954) IMAP Response Injection when using STARTTLS. (CVE-2020-15685) HTTPS pages could have been intercepted by a registered service worker when they should not have been. (CVE-2020-26976) Use-after-poison for incorrectly redeclared JavaScript variables during GC. (CVE-2021-23960) Memory safety bugs fixed in Thunderbird 78.7. (CVE-2021-23964) References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23953 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23954 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15685 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26976 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23960 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23964 https://www.mozilla.org/en-US/security/advisories/mfsa2021-05/ https://www.thunderbird.net/en-US/thunderbird/78.7.0/releasenotes/ ======================== Updated packages in core/updates_testing: ======================== thunderbird-78.7.0-1.mga7 thunderbird-enigmail-78.7.0-1.mga7 thunderbird-ar-78.7.0-1.mga7 thunderbird-ast-78.7.0-1.mga7 thunderbird-be-78.7.0-1.mga7 thunderbird-bg-78.7.0-1.mga7 thunderbird-br-78.7.0-1.mga7 thunderbird-ca-78.7.0-1.mga7 thunderbird-cs-78.7.0-1.mga7 thunderbird-cy-78.7.0-1.mga7 thunderbird-da-78.7.0-1.mga7 thunderbird-de-78.7.0-1.mga7 thunderbird-el-78.7.0-1.mga7 thunderbird-en_GB-78.7.0-1.mga7 thunderbird-en_US-78.7.0-1.mga7 thunderbird-es_AR-78.7.0-1.mga7 thunderbird-es_ES-78.7.0-1.mga7 thunderbird-et-78.7.0-1.mga7 thunderbird-eu-78.7.0-1.mga7 thunderbird-fi-78.7.0-1.mga7 thunderbird-fr-78.7.0-1.mga7 thunderbird-fy_NL-78.7.0-1.mga7 thunderbird-ga_IE-78.7.0-1.mga7 thunderbird-gd-78.7.0-1.mga7 thunderbird-gl-78.7.0-1.mga7 thunderbird-he-78.7.0-1.mga7 thunderbird-hr-78.7.0-1.mga7 thunderbird-hsb-78.7.0-1.mga7 thunderbird-hu-78.7.0-1.mga7 thunderbird-hy_AM-78.7.0-1.mga7 thunderbird-id-78.7.0-1.mga7 thunderbird-is-78.7.0-1.mga7 thunderbird-it-78.7.0-1.mga7 thunderbird-ja-78.7.0-1.mga7 thunderbird-ka-78.7.0-1.mga7 thunderbird-kab-78.7.0-1.mga7 thunderbird-kk-78.7.0-1.mga7 thunderbird-ko-78.7.0-1.mga7 thunderbird-lt-78.7.0-1.mga7 thunderbird-ms-78.7.0-1.mga7 thunderbird-nb_NO-78.7.0-1.mga7 thunderbird-nl-78.7.0-1.mga7 thunderbird-nn_NO-78.7.0-1.mga7 thunderbird-pl-78.7.0-1.mga7 thunderbird-pt_BR-78.7.0-1.mga7 thunderbird-pt_PT-78.7.0-1.mga7 thunderbird-ro-78.7.0-1.mga7 thunderbird-ru-78.7.0-1.mga7 thunderbird-si-78.7.0-1.mga7 thunderbird-sk-78.7.0-1.mga7 thunderbird-sl-78.7.0-1.mga7 thunderbird-sq-78.7.0-1.mga7 thunderbird-sv_SE-78.7.0-1.mga7 thunderbird-tr-78.7.0-1.mga7 thunderbird-uk-78.7.0-1.mga7 thunderbird-uz-78.7.0-1.mga7 thunderbird-vi-78.7.0-1.mga7 thunderbird-zh_CN-78.7.0-1.mga7 thunderbird-zh_TW-78.7.0-1.mga7 from SRPMS: thunderbird-78.7.0-1.mga7.src.rpm thunderbird-l10n-78.7.0-1.mga7.src.rpm
Status: NEW => ASSIGNEDAssignee: nicolas.salguero => qa-bugsSource RPM: thunderbird => thunderbird, thunderbird-l10n
mga7-64 plasma Clean update, including swedish Tested a couple mail SMTP + IMAP A few accounts, ten thousands mail still here Keep using it.
CC: (none) => fri
MGA7 Plasma x86_64, Classic Install ISO. Updated with QA Repo. Packages updated: thunderbird-78.7.0-1.mga7 thunderbird-enigmail-78.7.0-1.mga7 thunderbird-fr-78.7.0-1.mga7 IMAP (SSL and /SSL) OK SMTP (SSL and without) OK POP3 (SSL and without) OK Calendar OK Enigmail crypt/decrypt sign OK Set new account OK Mails previously here: still here. OK UI in French OK Give this a OK - MGA7-64-OK Validating Advisory commited to SVN.
CC: (none) => ouaurelien
Whiteboard: (none) => MGA7-64-OKKeywords: (none) => advisory, validated_updateCC: (none) => sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2021-0066.html
Status: ASSIGNED => RESOLVEDResolution: (none) => FIXED