ALSA-2026:6342

[ALSA-2026:6342] Important: thunderbird security update

Type:

security

Severity:

important

Release date:

2026-04-01

Description:

Mozilla Thunderbird is a standalone mail and newsgroup client.  

Security Fix(es):  

  * firefox: thunderbird: Use-after-free in the JavaScript Engine component (CVE-2026-4701)
  * firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149 (CVE-2026-4721)
  * firefox: thunderbird: Privilege escalation in the Netmonitor component (CVE-2026-4717)
  * firefox: thunderbird: Sandbox escape due to use-after-free in the Disability Access APIs component (CVE-2026-4688)
  * firefox: thunderbird: Incorrect boundary conditions in the Graphics: Canvas2D component (CVE-2026-4706)
  * firefox: thunderbird: Incorrect boundary conditions in the Audio/Video: Web Codecs component (CVE-2026-4695)
  * firefox: thunderbird: Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component (CVE-2026-4689)
  * firefox: thunderbird: JIT miscompilation in the JavaScript Engine: JIT component (CVE-2026-4698)
  * firefox: thunderbird: Incorrect boundary conditions, uninitialized memory in the JavaScript Engine component (CVE-2026-4716)
  * firefox: thunderbird: Race condition, use-after-free in the Graphics: WebRender component (CVE-2026-4684)
  * firefox: thunderbird: Undefined behavior in the WebRTC: Signaling component (CVE-2026-4705)
  * firefox: thunderbird: Uninitialized memory in the Graphics: Canvas2D component (CVE-2026-4715)
  * firefox: thunderbird: Incorrect boundary conditions in the Graphics: Canvas2D component (CVE-2026-4685)
  * firefox: thunderbird: Incorrect boundary conditions in the Audio/Video component (CVE-2026-4714)
  * firefox: thunderbird: Incorrect boundary conditions in the Audio/Video: GMP component (CVE-2026-4709)
  * firefox: thunderbird: Incorrect boundary conditions in the Audio/Video component (CVE-2026-4710)
  * firefox: thunderbird: Information disclosure in the Widget: Cocoa component (CVE-2026-4712)
  * firefox: thunderbird: Incorrect boundary conditions in the Audio/Video: Web Codecs component (CVE-2026-4697)
  * firefox: thunderbird: Incorrect boundary conditions in the Graphics component (CVE-2026-4713)
  * firefox: thunderbird: Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component (CVE-2026-4690)
  * firefox: thunderbird: Use-after-free in the Widget: Cocoa component (CVE-2026-4711)
  * firefox: thunderbird: Incorrect boundary conditions in the Graphics: Canvas2D component (CVE-2026-4686)
  * firefox: thunderbird: Incorrect boundary conditions in the Graphics component (CVE-2026-4708)
  * firefox: thunderbird: Use-after-free in the CSS Parsing and Computation component (CVE-2026-4691)
  * firefox: thunderbird: Incorrect boundary conditions in the Layout: Text and Fonts component (CVE-2026-4699)
  * firefox: thunderbird: Use-after-free in the Layout: Text and Fonts component (CVE-2026-4696)
  * firefox: thunderbird: Incorrect boundary conditions in the Audio/Video: Playback component (CVE-2026-4693)
  * firefox: thunderbird: Undefined behavior in the WebRTC: Signaling component (CVE-2026-4718)
  * firefox: thunderbird: JIT miscompilation in the JavaScript Engine component (CVE-2026-4702)
  * firefox: thunderbird: Incorrect boundary conditions in the Graphics: Text component (CVE-2026-4719)
  * firefox: thunderbird: Incorrect boundary conditions, integer overflow in the Graphics component (CVE-2026-4694)
  * firefox: thunderbird: Sandbox escape in the Responsive Design Mode component (CVE-2026-4692)
  * firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149 (CVE-2026-4720)
  * firefox: thunderbird: Mitigation bypass in the Networking: HTTP component (CVE-2026-4700)
  * firefox: thunderbird: Incorrect boundary conditions in the Graphics: Canvas2D component (CVE-2026-4707)
  * firefox: thunderbird: Denial-of-service in the WebRTC: Signaling component (CVE-2026-4704)
  * firefox: thunderbird: Sandbox escape due to incorrect boundary conditions in the Telemetry component (CVE-2026-4687)
  * thunderbird: Out of bounds read in IMAP parsing (CVE-2026-4371)
  * thunderbird: Spoofing issue in Thunderbird (CVE-2026-3889)


For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

CVE-2026-3889
CVE-2026-4371
CVE-2026-4684
CVE-2026-4685
CVE-2026-4686
CVE-2026-4687
CVE-2026-4688
CVE-2026-4689
CVE-2026-4690
CVE-2026-4691
CVE-2026-4692
CVE-2026-4693
CVE-2026-4694
CVE-2026-4695
CVE-2026-4696
CVE-2026-4697
CVE-2026-4698
CVE-2026-4699
CVE-2026-4700
CVE-2026-4701
CVE-2026-4702
CVE-2026-4704
CVE-2026-4705
CVE-2026-4706
CVE-2026-4707
CVE-2026-4708
CVE-2026-4709
CVE-2026-4710
CVE-2026-4711
CVE-2026-4712
CVE-2026-4713
CVE-2026-4714
CVE-2026-4715
CVE-2026-4716
CVE-2026-4717
CVE-2026-4718
CVE-2026-4719
CVE-2026-4720
CVE-2026-4721
RHSA-2026:6342
ALSA-2026:6342

Updated packages listed below:

Architecture	Package	Checksum
aarch64	thunderbird-140.9.0-1.el10_1.alma.1.aarch64.rpm	a1c7c81cffee39fd55d3b9ed67845e34dccc0a32098ea358e7a5d9fad6b0907f
ppc64le	thunderbird-140.9.0-1.el10_1.alma.1.ppc64le.rpm	4cf138f9c91eb4e85364c4f9a3b24d7dd306627d24e3d11c42dd2d0da83c7eae
s390x	thunderbird-140.9.0-1.el10_1.alma.1.s390x.rpm	92ee9f79f3360638ac508ce04053dbfa4c72745a528d7e54751e116fe0acf319
x86_64	thunderbird-140.9.0-1.el10_1.alma.1.x86_64.rpm	da43a62355f1a81844edb05611c1d4c2e310fb9ca3580377cc8aa251138e2da9
x86_64_v2	thunderbird-140.9.0-1.el10_1.alma.1.x86_64_v2.rpm	b2ee3b5df5257ecbf570281467d1dc34d5856f25d4230bf64a223f9802d8ccc4

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.