MGASA-2025-0010 Updated thunderbird packages fix security vulnerabilities

WebChannel APIs susceptible to confused deputy attack. CVE-2025-0237 Use-after-free when breaking lines in text. CVE-2025-0238 Alt-Svc ALPN validation failure when redirected. CVE-2025-0239 Compartment mismatch when parsing JavaScript JSON module. CVE-2025-0240 Memory corruption when using...

MGASA-2021-0217 Updated thunderbird packages fix security vulnerabilities

The updated packages fix security vulnerabilities: Thunderbird stored OpenPGP secret keys without master password protection CVE-2021-29956. Partial protection of inline OpenPGP message not indicated CVE-2021-29957...

MGASA-2019-0285 Updated thunderbird packages fix security vulnerabilities

The updated thunderbird packages fix security issues: Covert Content Attack on S/MIME encryption using a crafted multipart/ alternative message. CVE-2019-11739 Memory safety bugs fixed in Firefox 69, Firefox ESR 68.1, Firefox ESR 60.9, Thunderbird 68.1, and Thunderbird 60.9. CVE-2019-11740...

MGASA-2018-0480 Updated thunderbird packages fix security issues & bugs

Buffer overflow using computed size of canvas element. CVE-2018-12359 - Use-after-free when using focus. CVE-2018-12360 - Integer overflow in SwizzleData. CVE-2018-12361 - Integer overflow in SSSE3 scaler. CVE-2018-12362 - Media recorder segmentation fault when track type is changed during...

MGASA-2017-0180 Updated thunderbird packages fix security vulnerability and bugs

Use-after-free using destroyed node when regenerating trees CVE-2017-5472. Use-after-free during docshell reloading CVE-2017-7749. Use-after-free with track elements CVE-2017-7750. Use-after-free with content viewer listeners CVE-2017-7751. Use-after-free with IME input CVE-2017-7752. Out-of-boun...