Mozilla has released Thunderbird 91.9.0 on May 3: https://www.thunderbird.net/en-US/thunderbird/91.9.0/releasenotes/ Security issues fixed are not posted yet, but should basically be the same as Firefox.
Depends on: (none) => 30367
Hi, Updated from 91.8 in Mga x86_84. No issues for the moment. Contacts, addons, send and receive ok. Task and calendar ok. Spanish locale ok. Greetings!!
CC: (none) => joselp
Suggested advisory: ======================== The updated packages fix security vulnerabilities: Incorrect security status shown after viewing an attached email. (CVE-2022-1520) Fullscreen notification bypass using popups. (CVE-2022-29914) Bypassing permission prompt in nested browsing contexts. (CVE-2022-29909) Leaking browser history with CSS variables. (CVE-2022-29916) iframe sandbox bypass. (CVE-2022-29911) Reader mode bypassed SameSite cookies. (CVE-2022-29912) Speech Synthesis feature not properly disabled. (CVE-2022-29913) Memory safety bugs fixed in Thunderbird 91.9. (CVE-2022-29917) References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1520 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29914 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29909 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29916 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29911 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29912 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29913 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29917 https://www.mozilla.org/en-US/security/advisories/mfsa2022-18/ https://www.thunderbird.net/en-US/thunderbird/91.9.0/releasenotes/ ======================== Updated packages in core/updates_testing: ======================== thunderbird-91.9.0-1.mga8 thunderbird-ru-91.9.0-1.mga8 thunderbird-uk-91.9.0-1.mga8 thunderbird-ka-91.9.0-1.mga8 thunderbird-el-91.9.0-1.mga8 thunderbird-th-91.9.0-1.mga8 thunderbird-ja-91.9.0-1.mga8 thunderbird-kk-91.9.0-1.mga8 thunderbird-zh_TW-91.9.0-1.mga8 thunderbird-zh_CN-91.9.0-1.mga8 thunderbird-hy_AM-91.9.0-1.mga8 thunderbird-sk-91.9.0-1.mga8 thunderbird-hu-91.9.0-1.mga8 thunderbird-dsb-91.9.0-1.mga8 thunderbird-vi-91.9.0-1.mga8 thunderbird-hsb-91.9.0-1.mga8 thunderbird-sr-91.9.0-1.mga8 thunderbird-cs-91.9.0-1.mga8 thunderbird-fr-91.9.0-1.mga8 thunderbird-ko-91.9.0-1.mga8 thunderbird-sq-91.9.0-1.mga8 thunderbird-lt-91.9.0-1.mga8 thunderbird-be-91.9.0-1.mga8 thunderbird-bg-91.9.0-1.mga8 thunderbird-es_AR-91.9.0-1.mga8 thunderbird-de-91.9.0-1.mga8 thunderbird-tr-91.9.0-1.mga8 thunderbird-pl-91.9.0-1.mga8 thunderbird-pt_BR-91.9.0-1.mga8 thunderbird-fy_NL-91.9.0-1.mga8 thunderbird-sv_SE-91.9.0-1.mga8 thunderbird-kab-91.9.0-1.mga8 thunderbird-nl-91.9.0-1.mga8 thunderbird-cy-91.9.0-1.mga8 thunderbird-gl-91.9.0-1.mga8 thunderbird-eu-91.9.0-1.mga8 thunderbird-he-91.9.0-1.mga8 thunderbird-pt_PT-91.9.0-1.mga8 thunderbird-fi-91.9.0-1.mga8 thunderbird-ar-91.9.0-1.mga8 thunderbird-sl-91.9.0-1.mga8 thunderbird-ro-91.9.0-1.mga8 thunderbird-da-91.9.0-1.mga8 thunderbird-nn_NO-91.9.0-1.mga8 thunderbird-nb_NO-91.9.0-1.mga8 thunderbird-pa_IN-91.9.0-1.mga8 thunderbird-hr-91.9.0-1.mga8 thunderbird-ca-91.9.0-1.mga8 thunderbird-id-91.9.0-1.mga8 thunderbird-en_GB-91.9.0-1.mga8 thunderbird-gd-91.9.0-1.mga8 thunderbird-en_CA-91.9.0-1.mga8 thunderbird-en_US-91.9.0-1.mga8 thunderbird-br-91.9.0-1.mga8 thunderbird-lv-91.9.0-1.mga8 thunderbird-it-91.9.0-1.mga8 thunderbird-ga_IE-91.9.0-1.mga8 thunderbird-et-91.9.0-1.mga8 thunderbird-uz-91.9.0-1.mga8 thunderbird-ast-91.9.0-1.mga8 thunderbird-is-91.9.0-1.mga8 thunderbird-ms-91.9.0-1.mga8 thunderbird-es_ES-91.9.0-1.mga8 thunderbird-af-91.9.0-1.mga8 from SRPMS: thunderbird-91.9.0-1.mga8.src.rpm thunderbird-l10n-91.9.0-1.mga8.src.rpm
CC: (none) => nicolas.salgueroAssignee: nicolas.salguero => qa-bugsStatus: NEW => ASSIGNEDSource RPM: thunderbird => thunderbird, thunderbird-l10n
RedHat has issued an advisory for this today (May 5): https://access.redhat.com/errata/RHSA-2022:1725
mga8, x64 Thunderbird en_GB working fine after update. IMAP server, google mail. Lost none of the pending messages in the transition.
CC: (none) => tarazed25
Hi Installation via QA Repo fails because I miss lib64nss3[>= 2:3.78.0] This version of lib64nss3 is in Testing, but not listed on the QA page. https://madb.mageia.org/package/show/application/0/release/8/arch/x86_64/name/lib64nss3 https://madb.mageia.org/tools/updates/application/0/release/8/arch/x86_64 But, actually, it is connected to Firefox... So, after adding the following package to QA Repo, I was able to install thunderbird: nss-3.78.0-1.mga8.x86_64.rpm nss-doc-3.78.0-1.mga8.noarch.rpm lib64nss3-3.78.0-1.mga8.x86_64.rpm lib64nss-devel-3.78.0-1.mga8.x86_64.rpm Tests done on Plasma x86_64 - Emails send/receive - New contact synched with Nextcloud contact. Then, deleted from my phone. - New event synched with Nextcloud calendar. Then, deleted from my phone. OK for me
CC: (none) => chb0
@christian: Actually, per the field "Depends on" above in this bug, the firefox bug is set :)
CC: (none) => fri
OK mga8-64, Plasma, Nvidia-current * Swedish locale * preserved settings and mail * offline IMAP, SMTP
(In reply to Morgan Leijström from comment #6) > @christian: Actually, per the field "Depends on" above in this bug, the > firefox bug is set :) Hi Morgan Indeed, I missed that and, actually, I learned something more today, which is what "Depends on" is here for! ;) That being said, as I don't use Firefox ESR, I need anyway to install nss updates specifically.
Updated the mga8-64 US English Firefox and Thunderbird in one operation. No issues to report with either.
CC: (none) => andrewsfarm
Validating the update. Advisory committed to svn.
Whiteboard: (none) => MGA8-64-OKKeywords: (none) => advisory, validated_updateCC: (none) => davidwhodgins, sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2022-0163.html
Status: ASSIGNED => RESOLVEDResolution: (none) => FIXED