ALSA-2026:19153

[ALSA-2026:19153] Important: thunderbird security update

Type:

security

Severity:

important

Release date:

2026-05-26

Description:

Mozilla Thunderbird is a standalone mail and newsgroup client.  

Security Fix(es):  

  * firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.10.1 and Firefox 150.0.1 (CVE-2026-7323)
  * firefox: thunderbird: Information disclosure due to incorrect boundary conditions in the Audio/Video component (CVE-2026-7320)
  * firefox: thunderbird: Memory safety bugs fixed in Thunderbird ESR 140.10.1 and Thunderbird 150.0.1 (CVE-2026-7322)
  * firefox: thunderbird: webrtc: Sandbox escape due to incorrect boundary conditions in the WebRTC: Networking component (CVE-2026-7321)


For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	thunderbird-140.10.1-1.el10_2.alma.1.aarch64.rpm	17c5b966c85f20f42749d4d937dbb3f88bc5720b13f868d54b676297f2ffc924
ppc64le	thunderbird-140.10.1-1.el10_2.alma.1.ppc64le.rpm	0065e1f6b7435ee9151de5ebd4c551d7d2e87c3713d81f1e7a51fd425e0f63e0
s390x	thunderbird-140.10.1-1.el10_2.alma.1.s390x.rpm	941135fa79a4a26b1b1713bff2eb68d6f526aefcc0d9c596d70cbd19e4715c04
x86_64	thunderbird-140.10.1-1.el10_2.alma.1.x86_64.rpm	83ce7a155936d4eca0a89c96ee01a8a60a4988f2acf4bd063c561c34ba81665b
x86_64_v2	thunderbird-140.10.1-1.el10_2.alma.1.x86_64_v2.rpm	270dd24db823f03037431ca137f5efb3326c30892568b0ffce6ffddf678ad21d

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.