ALSA-2026:6188

[ALSA-2026:6188] Important: thunderbird security update

Type:

security

Severity:

important

Release date:

2026-04-02

Description:

Mozilla Thunderbird is a standalone mail and newsgroup client.  

Security Fix(es):  

  * firefox: thunderbird: Use-after-free in the JavaScript Engine component (CVE-2026-4701)
  * firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149 (CVE-2026-4721)
  * firefox: thunderbird: Privilege escalation in the Netmonitor component (CVE-2026-4717)
  * firefox: thunderbird: Sandbox escape due to use-after-free in the Disability Access APIs component (CVE-2026-4688)
  * firefox: thunderbird: Incorrect boundary conditions in the Graphics: Canvas2D component (CVE-2026-4706)
  * firefox: thunderbird: Incorrect boundary conditions in the Audio/Video: Web Codecs component (CVE-2026-4695)
  * firefox: thunderbird: Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component (CVE-2026-4689)
  * firefox: thunderbird: JIT miscompilation in the JavaScript Engine: JIT component (CVE-2026-4698)
  * firefox: thunderbird: Incorrect boundary conditions, uninitialized memory in the JavaScript Engine component (CVE-2026-4716)
  * firefox: thunderbird: Race condition, use-after-free in the Graphics: WebRender component (CVE-2026-4684)
  * firefox: thunderbird: Undefined behavior in the WebRTC: Signaling component (CVE-2026-4705)
  * firefox: thunderbird: Uninitialized memory in the Graphics: Canvas2D component (CVE-2026-4715)
  * firefox: thunderbird: Incorrect boundary conditions in the Graphics: Canvas2D component (CVE-2026-4685)
  * firefox: thunderbird: Incorrect boundary conditions in the Audio/Video component (CVE-2026-4714)
  * firefox: thunderbird: Incorrect boundary conditions in the Audio/Video: GMP component (CVE-2026-4709)
  * firefox: thunderbird: Incorrect boundary conditions in the Audio/Video component (CVE-2026-4710)
  * firefox: thunderbird: Information disclosure in the Widget: Cocoa component (CVE-2026-4712)
  * firefox: thunderbird: Incorrect boundary conditions in the Audio/Video: Web Codecs component (CVE-2026-4697)
  * firefox: thunderbird: Incorrect boundary conditions in the Graphics component (CVE-2026-4713)
  * firefox: thunderbird: Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component (CVE-2026-4690)
  * firefox: thunderbird: Use-after-free in the Widget: Cocoa component (CVE-2026-4711)
  * firefox: thunderbird: Incorrect boundary conditions in the Graphics: Canvas2D component (CVE-2026-4686)
  * firefox: thunderbird: Incorrect boundary conditions in the Graphics component (CVE-2026-4708)
  * firefox: thunderbird: Use-after-free in the CSS Parsing and Computation component (CVE-2026-4691)
  * firefox: thunderbird: Incorrect boundary conditions in the Layout: Text and Fonts component (CVE-2026-4699)
  * firefox: thunderbird: Use-after-free in the Layout: Text and Fonts component (CVE-2026-4696)
  * firefox: thunderbird: Incorrect boundary conditions in the Audio/Video: Playback component (CVE-2026-4693)
  * firefox: thunderbird: Undefined behavior in the WebRTC: Signaling component (CVE-2026-4718)
  * firefox: thunderbird: JIT miscompilation in the JavaScript Engine component (CVE-2026-4702)
  * firefox: thunderbird: Incorrect boundary conditions in the Graphics: Text component (CVE-2026-4719)
  * firefox: thunderbird: Incorrect boundary conditions, integer overflow in the Graphics component (CVE-2026-4694)
  * firefox: thunderbird: Sandbox escape in the Responsive Design Mode component (CVE-2026-4692)
  * firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149 (CVE-2026-4720)
  * firefox: thunderbird: Mitigation bypass in the Networking: HTTP component (CVE-2026-4700)
  * firefox: thunderbird: Incorrect boundary conditions in the Graphics: Canvas2D component (CVE-2026-4707)
  * firefox: thunderbird: Denial-of-service in the WebRTC: Signaling component (CVE-2026-4704)
  * firefox: thunderbird: Sandbox escape due to incorrect boundary conditions in the Telemetry component (CVE-2026-4687)
  * thunderbird: Out of bounds read in IMAP parsing (CVE-2026-4371)
  * thunderbird: Spoofing issue in Thunderbird (CVE-2026-3889)


For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

CVE-2026-3889
CVE-2026-4371
CVE-2026-4684
CVE-2026-4685
CVE-2026-4686
CVE-2026-4687
CVE-2026-4688
CVE-2026-4689
CVE-2026-4690
CVE-2026-4691
CVE-2026-4692
CVE-2026-4693
CVE-2026-4694
CVE-2026-4695
CVE-2026-4696
CVE-2026-4697
CVE-2026-4698
CVE-2026-4699
CVE-2026-4700
CVE-2026-4701
CVE-2026-4702
CVE-2026-4704
CVE-2026-4705
CVE-2026-4706
CVE-2026-4707
CVE-2026-4708
CVE-2026-4709
CVE-2026-4710
CVE-2026-4711
CVE-2026-4712
CVE-2026-4713
CVE-2026-4714
CVE-2026-4715
CVE-2026-4716
CVE-2026-4717
CVE-2026-4718
CVE-2026-4719
CVE-2026-4720
CVE-2026-4721
RHSA-2026:6188
ALSA-2026:6188

Updated packages listed below:

Architecture	Package	Checksum
aarch64	thunderbird-140.9.0-1.el9_7.alma.1.aarch64.rpm	b41ce624dcafb33163f1bce2729b0478e5ce39f653c1104123f9b8945a1bf7e9
ppc64le	thunderbird-140.9.0-1.el9_7.alma.1.ppc64le.rpm	272c5a2cfd3f972f1e105b42a4cdb118407d6ba0bbb0d174c330e2356c7038ce
s390x	thunderbird-140.9.0-1.el9_7.alma.1.s390x.rpm	34824f0156968eb87c15c4472eff1c5feec03c620a6fb03dd56a51bbfe6558f0
x86_64	thunderbird-140.9.0-1.el9_7.alma.1.x86_64.rpm	013977d494982c091cd315cb994ad2ff65fe9a257b847ab25fa14eb68b2180fd

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.