[SECURITY] Fedora 43 Update: rust-sequoia-octopus-librnp-1.11.1-6.fc43

Reimplementation of RNP's interface using Sequoia for use with Thunderbird...

[SECURITY] Fedora 42 Update: rust-sequoia-octopus-librnp-1.11.1-6.fc42

Reimplementation of RNP's interface using Sequoia for use with Thunderbird...

CLSA-2025-1751913634 xdg-utils: Fix of 2 CVEs

xdg-email: disable special support for Thunderbird to address following vulnerabilities: - CVE-2020-27748: local file inclusion vulnerability - CVE-2022-4055: improper parse of mailto URIs allows bypass of Thunderbird security mechanism for attachments...

PT-2023-7978 · Mozilla +9 · Thunderbird +10

Name of the Vulnerable Software and Affected Versions: Firefox ESR versions prior to 115.6 Thunderbird versions prior to 115.6 Description: A use-after-free was identified in the nsDNSService::Init. This issue appears to manifest rarely during start-up. The vulnerability may allow a remote attack...

Mozilla: Use-After-Free when aborting an operation

When aborting an operation, such as a fetch, an abort signal may be deleted while alerting the objects to be notified. This results in a use-after-free and we presume that with enough effort it could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR 68.12 and...