Mozilla has released Thunderbird 128.5.2 on December 11: https://www.thunderbird.net/en-US/thunderbird/128.5.2esr/releasenotes/ Security issue fixed: https://www.mozilla.org/en-US/security/advisories/mfsa2024-69/
CVE: (none) => CVE-2024-50336Whiteboard: (none) => MGA9TOOSource RPM: (none) => thunderbird, thunderbird-l10n
Suggested advisory: ======================== The updated packages fix a security vulnerability: Matrix-js-sdk has insufficient MXC URI validation which could allow client-side path traversal. (CVE-2024-50336) References: https://www.thunderbird.net/en-US/thunderbird/128.5.2esr/releasenotes/ https://www.mozilla.org/en-US/security/advisories/mfsa2024-69/ ======================== Updated packages in core/updates_testing: ======================== thunderbird-128.5.2-1.mga9 thunderbird-af-128.5.2-1.mga9 thunderbird-ar-128.5.2-1.mga9 thunderbird-ast-128.5.2-1.mga9 thunderbird-be-128.5.2-1.mga9 thunderbird-bg-128.5.2-1.mga9 thunderbird-br-128.5.2-1.mga9 thunderbird-ca-128.5.2-1.mga9 thunderbird-cs-128.5.2-1.mga9 thunderbird-cy-128.5.2-1.mga9 thunderbird-da-128.5.2-1.mga9 thunderbird-de-128.5.2-1.mga9 thunderbird-dsb-128.5.2-1.mga9 thunderbird-el-128.5.2-1.mga9 thunderbird-en_CA-128.5.2-1.mga9 thunderbird-en_GB-128.5.2-1.mga9 thunderbird-en_US-128.5.2-1.mga9 thunderbird-es_AR-128.5.2-1.mga9 thunderbird-es_ES-128.5.2-1.mga9 thunderbird-es_MX-128.5.2-1.mga9 thunderbird-et-128.5.2-1.mga9 thunderbird-eu-128.5.2-1.mga9 thunderbird-fi-128.5.2-1.mga9 thunderbird-fr-128.5.2-1.mga9 thunderbird-fy_NL-128.5.2-1.mga9 thunderbird-ga_IE-128.5.2-1.mga9 thunderbird-gd-128.5.2-1.mga9 thunderbird-gl-128.5.2-1.mga9 thunderbird-he-128.5.2-1.mga9 thunderbird-hr-128.5.2-1.mga9 thunderbird-hsb-128.5.2-1.mga9 thunderbird-hu-128.5.2-1.mga9 thunderbird-hy_AM-128.5.2-1.mga9 thunderbird-id-128.5.2-1.mga9 thunderbird-is-128.5.2-1.mga9 thunderbird-it-128.5.2-1.mga9 thunderbird-ja-128.5.2-1.mga9 thunderbird-ka-128.5.2-1.mga9 thunderbird-kab-128.5.2-1.mga9 thunderbird-kk-128.5.2-1.mga9 thunderbird-ko-128.5.2-1.mga9 thunderbird-lt-128.5.2-1.mga9 thunderbird-lv-128.5.2-1.mga9 thunderbird-ms-128.5.2-1.mga9 thunderbird-nb_NO-128.5.2-1.mga9 thunderbird-nl-128.5.2-1.mga9 thunderbird-nn_NO-128.5.2-1.mga9 thunderbird-pa_IN-128.5.2-1.mga9 thunderbird-pl-128.5.2-1.mga9 thunderbird-pt_BR-128.5.2-1.mga9 thunderbird-pt_PT-128.5.2-1.mga9 thunderbird-ro-128.5.2-1.mga9 thunderbird-ru-128.5.2-1.mga9 thunderbird-sk-128.5.2-1.mga9 thunderbird-sl-128.5.2-1.mga9 thunderbird-sq-128.5.2-1.mga9 thunderbird-sr-128.5.2-1.mga9 thunderbird-sv_SE-128.5.2-1.mga9 thunderbird-th-128.5.2-1.mga9 thunderbird-tr-128.5.2-1.mga9 thunderbird-uk-128.5.2-1.mga9 thunderbird-uz-128.5.2-1.mga9 thunderbird-vi-128.5.2-1.mga9 thunderbird-zh_CN-128.5.2-1.mga9 thunderbird-zh_TW-128.5.2-1.mga9 from SRPMS: thunderbird-128.5.2-1.mga9.src.rpm thunderbird-l10n-128.5.2-1.mga9.src.rpm
Status: NEW => ASSIGNEDWhiteboard: MGA9TOO => (none)Version: Cauldron => 9Assignee: bugsquad => qa-bugs
Keywords: (none) => advisory
MGA9-64 Plasma on two different systems. No installation issues for updating the US English version. Received POP mail and sent a reply, received newsgroup posts and sent a followup. No issues to report. I do not use the calendar.
CC: (none) => andrewsfarm
MGA9-64 Plasma Wayland on Compaq H000SB No installation issues with GB and US language packs. Sending and receiving mails without and with attachment. Added event to calendar and synched with google calendar, all works OK.
CC: (none) => herman.viaene
mga9-64 OK Plasma X11 Repeated tests like I use to perform: Closed Thunderbird, data backup, updated, started: Thunderbird just keep working OK: Opened tabs restored Settings and local mail kept Swedish locale IMAP (offline, IMAP to synk to server) SMTP Sent mail with both inline and attached jpg Received mail with both inline jpg and attached jpg, attached pdf Viewed attached pdf in Thunderbird, and printed to boomaga and network printer. I do not use calendar nor tasks or filters. Similar setup used on two systems, different accounts.
CC: (none) => fri
MGA 9 64 GNOME updated with rpms: thunderbird-128.5.2-1.mga9 thunderbird-fr-128.5.2-1.mga9 No issues after installation Calendar and contact synch ok Send and receive mail with IMAP ok
CC: (none) => guillaume.royer
Looks OK to me. Validating before they send out another one.
Keywords: (none) => validated_updateWhiteboard: (none) => MGA9-64-OKCC: (none) => sysadmin-bugs
Installed in mga9 x64 Works fine for me. Send and receive ok. Settings ok. Spanish translation ok. Imap and pop3 accounts ok. Signatures ok. Local task and calendar ok. Sync red calendar and task ok.
CC: (none) => Joselp
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2024-0395.html
Resolution: (none) => FIXEDStatus: ASSIGNED => RESOLVED