ALSA-2025:2900

[ALSA-2025:2900] Important: thunderbird security update

Type:

security

Severity:

important

Release date:

2025-03-17

Description:

Mozilla Thunderbird is a standalone mail and newsgroup client.  

Security Fix(es):  

  * firefox: thunderbird: Memory safety bugs fixed in Firefox 136, Thunderbird 136, Firefox ESR 128.8, and Thunderbird 128.8 (CVE-2025-1938)
  * firefox: thunderbird: Memory safety bugs fixed in Firefox 136, Thunderbird 136, Firefox ESR 115.21, Firefox ESR 128.8, and Thunderbird 128.8 (CVE-2025-1937)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	thunderbird-128.8.0-2.el8_10.alma.1.aarch64.rpm	28e381d7448da04a123e8f04bdff7d3b6748871998d0be1a8d51dac1b493dfce
ppc64le	thunderbird-128.8.0-2.el8_10.alma.1.ppc64le.rpm	fd9fe1e9815b65adcde7fea51e608e860bf03e2f618100c596312cddc16b4e49
s390x	thunderbird-128.8.0-2.el8_10.alma.1.s390x.rpm	01b373424f3908f7ff40dc7cacd228d2fada19da3c3f09e771aac0960e342a32
x86_64	thunderbird-128.8.0-2.el8_10.alma.1.x86_64.rpm	56be4f1e9f4b5649ada8bfe4d67686648e0b5134cbd89463bf22fdde9ebbb1bd

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.