You routinely do Thunderbird, Nicolas; so assigning back to you.

Assignee: bugsquad => nicolas.salguero

Suggested advisory:
========================

The updated packages fix security vulnerabilities:

Permission leak via embed or object elements. (CVE-2024-10458)

Use-after-free in layout with accessibility. (CVE-2024-10459)

Confusing display of origin for external protocol handler prompt. (CVE-2024-10460)

XSS due to Content-Disposition being ignored in multipart/x-mixed-replace response. (CVE-2024-10461)

Origin of permission prompt could be spoofed by long URL. (CVE-2024-10462)

Cross origin video frame leak. (CVE-2024-10463)

History interface could have been used to cause a Denial of Service condition in the browser. (CVE-2024-10464)

Clipboard "paste" button persisted across tabs. (CVE-2024-10465)

DOM push subscription message could hang Firefox. (CVE-2024-10466)

Memory safety bugs fixed in Firefox 132, Thunderbird 132, Firefox ESR 128.4, and Thunderbird 128.4. (CVE-2024-10467)

References:
https://www.thunderbird.net/en-US/thunderbird/128.3.3esr/releasenotes/
https://www.thunderbird.net/en-US/thunderbird/128.4.0esr/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2024-58/
========================

Updated packages in core/updates_testing:
========================
thunderbird-128.4.0-1.mga9
thunderbird-af-128.4.0-1.mga9
thunderbird-ar-128.4.0-1.mga9
thunderbird-ast-128.4.0-1.mga9
thunderbird-be-128.4.0-1.mga9
thunderbird-bg-128.4.0-1.mga9
thunderbird-br-128.4.0-1.mga9
thunderbird-ca-128.4.0-1.mga9
thunderbird-cs-128.4.0-1.mga9
thunderbird-cy-128.4.0-1.mga9
thunderbird-da-128.4.0-1.mga9
thunderbird-de-128.4.0-1.mga9
thunderbird-dsb-128.4.0-1.mga9
thunderbird-el-128.4.0-1.mga9
thunderbird-en_CA-128.4.0-1.mga9
thunderbird-en_GB-128.4.0-1.mga9
thunderbird-en_US-128.4.0-1.mga9
thunderbird-es_AR-128.4.0-1.mga9
thunderbird-es_ES-128.4.0-1.mga9
thunderbird-es_MX-128.4.0-1.mga9
thunderbird-et-128.4.0-1.mga9
thunderbird-eu-128.4.0-1.mga9
thunderbird-fi-128.4.0-1.mga9
thunderbird-fr-128.4.0-1.mga9
thunderbird-fy_NL-128.4.0-1.mga9
thunderbird-ga_IE-128.4.0-1.mga9
thunderbird-gd-128.4.0-1.mga9
thunderbird-gl-128.4.0-1.mga9
thunderbird-he-128.4.0-1.mga9
thunderbird-hr-128.4.0-1.mga9
thunderbird-hsb-128.4.0-1.mga9
thunderbird-hu-128.4.0-1.mga9
thunderbird-hy_AM-128.4.0-1.mga9
thunderbird-id-128.4.0-1.mga9
thunderbird-is-128.4.0-1.mga9
thunderbird-it-128.4.0-1.mga9
thunderbird-ja-128.4.0-1.mga9
thunderbird-ka-128.4.0-1.mga9
thunderbird-kab-128.4.0-1.mga9
thunderbird-kk-128.4.0-1.mga9
thunderbird-ko-128.4.0-1.mga9
thunderbird-lt-128.4.0-1.mga9
thunderbird-lv-128.4.0-1.mga9
thunderbird-ms-128.4.0-1.mga9
thunderbird-nb_NO-128.4.0-1.mga9
thunderbird-nl-128.4.0-1.mga9
thunderbird-nn_NO-128.4.0-1.mga9
thunderbird-pa_IN-128.4.0-1.mga9
thunderbird-pl-128.4.0-1.mga9
thunderbird-pt_BR-128.4.0-1.mga9
thunderbird-pt_PT-128.4.0-1.mga9
thunderbird-ro-128.4.0-1.mga9
thunderbird-ru-128.4.0-1.mga9
thunderbird-sk-128.4.0-1.mga9
thunderbird-sl-128.4.0-1.mga9
thunderbird-sq-128.4.0-1.mga9
thunderbird-sr-128.4.0-1.mga9
thunderbird-sv_SE-128.4.0-1.mga9
thunderbird-th-128.4.0-1.mga9
thunderbird-tr-128.4.0-1.mga9
thunderbird-uk-128.4.0-1.mga9
thunderbird-uz-128.4.0-1.mga9
thunderbird-vi-128.4.0-1.mga9
thunderbird-zh_CN-128.4.0-1.mga9
thunderbird-zh_TW-128.4.0-1.mga9

from SRPMS:
thunderbird-128.4.0-1.mga9.src.rpm
thunderbird-l10n-128.4.0-1.mga9.src.rpm

Assignee: nicolas.salguero => qa-bugs
Whiteboard: MGA9TOO => (none)
Version: Cauldron => 9
Status: NEW => ASSIGNED

mga9-64 OK here, not full test
Plasma X11

After updating per Firefox bug.

Updated to
- thunderbird-128.4.0-1.mga9.x86_64
- thunderbird-sv_SE-128.4.0-1.mga9.noarch

Closed Thunderbird, updated, started:
Thunderbird just keep working OK:
Opened tabs restored
Settings and local mail kept
Swedish locale
IMAP (offline, IMAP to synk to server)
SMTP
Sent mail with inline jpg, and attached pdf
Received mail with inline jpg, attached pdf
Viewed and printed attached pdf.

I do not use calendar nor tasks or filters

CC: (none) => fri

mga9-64 OK in similar system setup and usage to Comment 3 on my wifes laptop

Installed in mga 9 x64

Ok for the moment without issues.

I have been working with this version since day 6.

Imap and pop3 accounts ok.
Addons and signatures ok.
Send and receive ok.
Settings and spanish translation ok.
Attachments ok.
Calendar and task ok.

Launched from terminal:

[jose@localhost ~]$ LC_ALL=C thunderbird
ATTENTION: default value of option mesa_glthread overridden by environment.
[Parent 757784, Main Thread] WARNING: /usr/share/applications/kde-mimeapps.list contains a [Added Associations] group, but it is not permitted here.  Only the non-desktop-specific mimeapps.list file may add or remove associations.: 'glib warning', file /home/iurt/rpmbuild/BUILD/thunderbird-128.3.2/thunderbird-128.3.2/toolkit/xre/nsSigHandlers.cpp:187

(thunderbird:757784): GLib-GIO-WARNING **: 12:32:15.072: /usr/share/applications/kde-mimeapps.list contains a [Added Associations] group, but it is not permitted here.  Only the non-desktop-specific mimeapps.list file may add or remove associations.

Greetings!

CC: (none) => Joselp

MGA 64 GNOME 

Updated with RPM: 

thunderbird                    128.4.0      1.mga9        x86_64  
thunderbird-fr                 128.4.0      1.mga9        noarch  

No issues at installation

Imap and pop3 accounts send and receive ok.
Calendar and contacts ok.

CC: (none) => guillaume.royer

Using this for several days in MGA9-64 on two Plasma systems for POP3 mail and newsgroups. No issues to report.

Giving it an OK, and validating.

Whiteboard: (none) => MGA9-64-OK
CC: (none) => andrewsfarm, sysadmin-bugs
Keywords: (none) => validated_update

An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2024-0350.html

Resolution: (none) => FIXED
Status: ASSIGNED => RESOLVED