1. Home
  2. Security Advisories
  3. AlmaLinux OS
  4. ALSA-2021:1193

[ALSA-2021:1193] thunderbird security update

Severity Moderate
Affected Packages 1
CVEs 5
Info Packages References Vulnerabilities

An update for thunderbird is now available for AlmaLinux AlmaLinux Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Mozilla Thunderbird is a standalone mail and newsgroup client.

This update upgrades Thunderbird to version 78.9.1.

Security Fix(es):

  • Mozilla: An attacker may use Thunderbird's OpenPGP key refresh mechanism to poison an existing key (CVE-2021-23991)

  • Mozilla: A crafted OpenPGP key with an invalid user ID could be used to confuse the user (CVE-2021-23992)

  • Mozilla: Inability to send encrypted OpenPGP email after importing a crafted OpenPGP key (CVE-2021-23993)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Package Affected Version
pkg:rpm/almalinux/thunderbird?arch=x86_64&distro=almalinux-8.3 < 78.9.1-1.el8_3.alma
ID
ALSA-2021:1193
Severity
moderate
URL
https://errata.almalinux.org/ALSA-2021:1193.html
Published
2021-04-14T13:36:43
(3 years ago)
Modified
2021-05-04T09:10:37
(3 years ago)
Rights
Copyright 2021 AlmaLinux OS
Other Advisories
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/almalinux/thunderbird?arch=x86_64&distro=almalinux-8.3 almalinux thunderbird < 78.9.1-1.el8_3.alma almalinux-8.3 x86_64
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date