ALSA-2025:2899

[ALSA-2025:2899] Important: thunderbird security update

Type:

security

Severity:

important

Release date:

2025-03-21

Description:

Mozilla Thunderbird is a standalone mail and newsgroup client.  

Security Fix(es):  

  * firefox: thunderbird: Memory safety bugs fixed in Firefox 136, Thunderbird 136, Firefox ESR 128.8, and Thunderbird 128.8 (CVE-2025-1938)
  * firefox: thunderbird: Memory safety bugs fixed in Firefox 136, Thunderbird 136, Firefox ESR 115.21, Firefox ESR 128.8, and Thunderbird 128.8 (CVE-2025-1937)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	thunderbird-128.8.0-2.el9_5.alma.1.aarch64.rpm	9ec19b246d6b3df80870553ec3a3294c2d184cfbd042e0e1f9a89a05017066ca
ppc64le	thunderbird-128.8.0-2.el9_5.alma.1.ppc64le.rpm	27bb927d832fe982fb4e3164e82d183e7b5707668ec366b8c43bfead95e73647
s390x	thunderbird-128.8.0-2.el9_5.alma.1.s390x.rpm	27cb131404d0c7415e739b8eeaea9967eeb95b3efc8b0050400acfdcb2382d35
x86_64	thunderbird-128.8.0-2.el9_5.alma.1.x86_64.rpm	91cdb04f978fa48e609635fd1d21168610770530cfccffc3689f6d5bdeaff3b3

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.