Mozilla has released Thunderbird 78.12.0 on July 13: https://www.thunderbird.net/en-US/thunderbird/78.12.0/releasenotes/ Security issues fixed: https://www.mozilla.org/en-US/security/advisories/mfsa2021-30/
Suggested advisory: ======================== The updated packages fix a security vulnerability: IMAP server responses sent by a MITM prior to STARTTLS could be processed. (CVE-2021-29969) Use-after-free in accessibility features of a document. (CVE-2021-29970) Out of bounds write in ANGLE. (CVE-2021-30547) Memory safety bugs fixed in Thunderbird 78.12. (CVE-2021-29976) References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29969 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29970 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30547 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29976 https://www.thunderbird.net/en-US/thunderbird/78.12.0/releasenotes/ https://www.mozilla.org/en-US/security/advisories/mfsa2021-30/ ======================== Updated packages in core/updates_testing: ======================== thunderbird-78.12.0-1.mga8 thunderbird-enigmail-78.12.0-1.mga8 thunderbird-ar-78.12.0-1.mga8 thunderbird-ast-78.12.0-1.mga8 thunderbird-be-78.12.0-1.mga8 thunderbird-bg-78.12.0-1.mga8 thunderbird-br-78.12.0-1.mga8 thunderbird-ca-78.12.0-1.mga8 thunderbird-cs-78.12.0-1.mga8 thunderbird-cy-78.12.0-1.mga8 thunderbird-da-78.12.0-1.mga8 thunderbird-de-78.12.0-1.mga8 thunderbird-el-78.12.0-1.mga8 thunderbird-en_GB-78.12.0-1.mga8 thunderbird-en_US-78.12.0-1.mga8 thunderbird-es_AR-78.12.0-1.mga8 thunderbird-es_ES-78.12.0-1.mga8 thunderbird-et-78.12.0-1.mga8 thunderbird-eu-78.12.0-1.mga8 thunderbird-fi-78.12.0-1.mga8 thunderbird-fr-78.12.0-1.mga8 thunderbird-fy_NL-78.12.0-1.mga8 thunderbird-ga_IE-78.12.0-1.mga8 thunderbird-gd-78.12.0-1.mga8 thunderbird-gl-78.12.0-1.mga8 thunderbird-he-78.12.0-1.mga8 thunderbird-hr-78.12.0-1.mga8 thunderbird-hsb-78.12.0-1.mga8 thunderbird-hu-78.12.0-1.mga8 thunderbird-hy_AM-78.12.0-1.mga8 thunderbird-id-78.12.0-1.mga8 thunderbird-is-78.12.0-1.mga8 thunderbird-it-78.12.0-1.mga8 thunderbird-ja-78.12.0-1.mga8 thunderbird-ka-78.12.0-1.mga8 thunderbird-kab-78.12.0-1.mga8 thunderbird-kk-78.12.0-1.mga8 thunderbird-ko-78.12.0-1.mga8 thunderbird-lt-78.12.0-1.mga8 thunderbird-ms-78.12.0-1.mga8 thunderbird-nb_NO-78.12.0-1.mga8 thunderbird-nl-78.12.0-1.mga8 thunderbird-nn_NO-78.12.0-1.mga8 thunderbird-pl-78.12.0-1.mga8 thunderbird-pt_BR-78.12.0-1.mga8 thunderbird-pt_PT-78.12.0-1.mga8 thunderbird-ro-78.12.0-1.mga8 thunderbird-ru-78.12.0-1.mga8 thunderbird-si-78.12.0-1.mga8 thunderbird-sk-78.12.0-1.mga8 thunderbird-sl-78.12.0-1.mga8 thunderbird-sq-78.12.0-1.mga8 thunderbird-sv_SE-78.12.0-1.mga8 thunderbird-tr-78.12.0-1.mga8 thunderbird-uk-78.12.0-1.mga8 thunderbird-uz-78.12.0-1.mga8 thunderbird-vi-78.12.0-1.mga8 thunderbird-zh_CN-78.12.0-1.mga8 thunderbird-zh_TW-78.12.0-1.mga8 from SRPMS: thunderbird-78.12.0-1.mga8.src.rpm thunderbird-l10n-78.12.0-1.mga8.src.rpm
Assignee: nicolas.salguero => qa-bugsStatus: NEW => ASSIGNEDCC: (none) => nicolas.salguero
Depends on: (none) => 29247
CC: (none) => wrw105Whiteboard: (none) => mga8-32-ok
Tested mga8-32 send/receive/move/delete over IMAP/SMTP ok.
Mageia X64 Gnome Installation ok. I needed to install lib64otr5 dependency before. Language settings are offered at installation. sended and received emails without any problems over IMAP and SMTP too.
CC: (none) => hdetavernier
tested mga8-x64 as above, all ok.
Whiteboard: mga8-32-ok => mga8-32-ok mga8-64-ok
MGA8-64 Plasma Thunderbird updated with QARepo. OK. SSL IMAP and SSL SMTP OK SSL POP3 OK. Built-in openPGP crypto OK Validating.
CVE: (none) => CVE-2021-29969, CVE-2021-29970, CVE-2021-29976, CVE-2021-30547Whiteboard: mga8-32-ok mga8-64-ok => MGA8-64-OK MGA8-32-OKKeywords: (none) => advisory, validated_updateCC: (none) => ouaurelien, sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2021-0355.html
Resolution: (none) => FIXEDStatus: ASSIGNED => RESOLVED
Good here too mga8-64 Plasma, nvidia, SMTP, IMAP, swedish
CC: (none) => fri
RedHat has issued an advisory for this today (July 26): https://access.redhat.com/errata/RHSA-2021:2881