1. Home
  2. Security Advisories
  3. Red Hat
  4. RHSA-2021:1192

[RHSA-2021:1192] thunderbird security update

Severity Moderate
Affected Packages 2
CVEs 5
Info Packages References Vulnerabilities

Mozilla Thunderbird is a standalone mail and newsgroup client.

This update upgrades Thunderbird to version 78.9.1.

Security Fix(es):

  • Mozilla: An attacker may use Thunderbird's OpenPGP key refresh mechanism to poison an existing key (CVE-2021-23991)

  • Mozilla: A crafted OpenPGP key with an invalid user ID could be used to confuse the user (CVE-2021-23992)

  • Mozilla: Inability to send encrypted OpenPGP email after importing a crafted OpenPGP key (CVE-2021-23993)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Package Affected Version
pkg:rpm/redhat/thunderbird?arch=x86_64&distro=redhat-7.9 < 78.9.1-1.el7_9
pkg:rpm/redhat/thunderbird?arch=ppc64le&distro=redhat-7.9 < 78.9.1-1.el7_9
ID
RHSA-2021:1192
Severity
moderate
URL
https://access.redhat.com/errata/RHSA-2021:1192
Published
2021-04-14T00:00:00
(3 years ago)
Modified
2021-04-14T00:00:00
(3 years ago)
Rights
Copyright 2021 Red Hat, Inc.
Other Advisories
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/redhat/thunderbird?arch=x86_64&distro=redhat-7.9 redhat thunderbird < 78.9.1-1.el7_9 redhat-7.9 x86_64
Affected pkg:rpm/redhat/thunderbird?arch=ppc64le&distro=redhat-7.9 redhat thunderbird < 78.9.1-1.el7_9 redhat-7.9 ppc64le
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date