Mozilla has released Thunderbird 102.6.1 on December 20: https://www.thunderbird.net/en-US/thunderbird/102.6.1/releasenotes/ It fixes a security issue which hasn't been posted yet.
Suggested advisory: ======================== The updated packages fix a security vulnerability: Drag and Dropped Filenames could have been truncated to malicious extensions. (CVE-2022-46874) References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46874 https://www.thunderbird.net/en-US/thunderbird/102.6.1/releasenotes/ https://www.mozilla.org/en-US/security/advisories/mfsa2022-54/ ======================== Updated packages in core/updates_testing: ======================== thunderbird-102.6.1-1.mga8 thunderbird-ka-102.6.1-1.mga8 thunderbird-ru-102.6.1-1.mga8 thunderbird-uk-102.6.1-1.mga8 thunderbird-el-102.6.1-1.mga8 thunderbird-ja-102.6.1-1.mga8 thunderbird-zh_TW-102.6.1-1.mga8 thunderbird-kk-102.6.1-1.mga8 thunderbird-th-102.6.1-1.mga8 thunderbird-sk-102.6.1-1.mga8 thunderbird-vi-102.6.1-1.mga8 thunderbird-hu-102.6.1-1.mga8 thunderbird-zh_CN-102.6.1-1.mga8 thunderbird-cs-102.6.1-1.mga8 thunderbird-hsb-102.6.1-1.mga8 thunderbird-dsb-102.6.1-1.mga8 thunderbird-hy_AM-102.6.1-1.mga8 thunderbird-sr-102.6.1-1.mga8 thunderbird-es_MX-102.6.1-1.mga8 thunderbird-fr-102.6.1-1.mga8 thunderbird-de-102.6.1-1.mga8 thunderbird-tr-102.6.1-1.mga8 thunderbird-es_AR-102.6.1-1.mga8 thunderbird-pl-102.6.1-1.mga8 thunderbird-ko-102.6.1-1.mga8 thunderbird-kab-102.6.1-1.mga8 thunderbird-fy_NL-102.6.1-1.mga8 thunderbird-sq-102.6.1-1.mga8 thunderbird-pt_BR-102.6.1-1.mga8 thunderbird-cy-102.6.1-1.mga8 thunderbird-bg-102.6.1-1.mga8 thunderbird-sv_SE-102.6.1-1.mga8 thunderbird-be-102.6.1-1.mga8 thunderbird-sl-102.6.1-1.mga8 thunderbird-is-102.6.1-1.mga8 thunderbird-nl-102.6.1-1.mga8 thunderbird-lt-102.6.1-1.mga8 thunderbird-eu-102.6.1-1.mga8 thunderbird-et-102.6.1-1.mga8 thunderbird-da-102.6.1-1.mga8 thunderbird-fi-102.6.1-1.mga8 thunderbird-gl-102.6.1-1.mga8 thunderbird-pt_PT-102.6.1-1.mga8 thunderbird-he-102.6.1-1.mga8 thunderbird-hr-102.6.1-1.mga8 thunderbird-ro-102.6.1-1.mga8 thunderbird-ar-102.6.1-1.mga8 thunderbird-nn_NO-102.6.1-1.mga8 thunderbird-es_ES-102.6.1-1.mga8 thunderbird-en_GB-102.6.1-1.mga8 thunderbird-nb_NO-102.6.1-1.mga8 thunderbird-en_CA-102.6.1-1.mga8 thunderbird-pa_IN-102.6.1-1.mga8 thunderbird-en_US-102.6.1-1.mga8 thunderbird-ca-102.6.1-1.mga8 thunderbird-id-102.6.1-1.mga8 thunderbird-gd-102.6.1-1.mga8 thunderbird-it-102.6.1-1.mga8 thunderbird-lv-102.6.1-1.mga8 thunderbird-br-102.6.1-1.mga8 thunderbird-ga_IE-102.6.1-1.mga8 thunderbird-af-102.6.1-1.mga8 thunderbird-ms-102.6.1-1.mga8 thunderbird-ast-102.6.1-1.mga8 thunderbird-uz-102.6.1-1.mga8 from SRPMS: thunderbird-102.6.1-1.mga8.src.rpm thunderbird-l10n-102.6.1-1.mga8.src.rpm
CC: (none) => nicolas.salgueroStatus: NEW => ASSIGNEDSource RPM: thunderbird => thunderbird, thunderbird-l10nAssignee: nicolas.salguero => qa-bugs
mga8-64, Plasma, nvidia-current, old i7 - Swedish OK - settings and mails kept - IMAP - SMTP
CC: (none) => fri
MGA8-64 MATE on Acer Aspire 5253 No installation issues Sending and receiving mail without and with attachment to and from dektop PC, all works OK, with the continuing niggle that all mails sent get listed twice in the "Sent" folder, although they're received at the remote and only once correctly.
CC: (none) => herman.viaene
MGA8-64 Plasma, HP Probook 6550b, i3, Intel graphics, Broadcom wifi. US English version, using POP3 email. No installation issues. Sent and received email, checked newsgroups, clicked on a link to bring it up in Firefox. I do not use the calendar or Enigmail, but for what I do use, it works OK.
CC: (none) => andrewsfarm
No regressions here. pop3, usenet, mailing lists, calendar. Validating the update.
Whiteboard: (none) => MGA8-64-OKKeywords: (none) => validated_updateCC: (none) => davidwhodgins, sysadmin-bugs
Keywords: (none) => advisory
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2022-0484.html
Resolution: (none) => FIXEDStatus: ASSIGNED => RESOLVED