Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 953892 (CVE-2025-2830, CVE-2025-3523) - mail-client/thunderbird{-bin,}: multiple vulnerabilities
Summary: mail-client/thunderbird{-bin,}: multiple vulnerabilities
Status: CONFIRMED
Alias: CVE-2025-2830, CVE-2025-3523
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal
Assignee: Gentoo Security
URL: https://www.mozilla.org/en-US/securit...
Whiteboard: A2 [ebuild]
Keywords:
Depends on:
Blocks: MFSA2025-25, MFSA2025-26, MFSA2025-27
  Show dependency tree
 
Reported: 2025-04-15 19:20 UTC by Christopher Fore
Modified: 2025-04-18 07:13 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Christopher Fore 2025-04-15 19:20:27 UTC 
**No CVEs for solely this Mozilla product**
Comment 1 Christopher Fore 2025-04-15 19:23:37 UTC 
CVE-2025-2830:

By crafting a malformed file name for an attachment in a multipart
message, an attacker can trick Thunderbird into including a
directory listing of /tmp when the message is forwarded or edited
as a new message. This vulnerability could allow attackers to
disclose sensitive information from the victim's system. This
vulnerability is not limited to Linux; similar behavior has been
observed on Windows as well.


CVE-2025-3523:

When an email contains multiple attachments with external links
via the X-Mozilla-External-Attachment-URL header, only the last
link is shown when hovering over any attachment. Although the
correct link is used on click, the misleading hover text could
trick users into downloading content from untrusted sources.
Comment 2 Larry the Git Cow gentoo-dev 2025-04-16 05:03:25 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=15601c24816cf343e336e1a3a9510b2cfb7b3ced

commit 15601c24816cf343e336e1a3a9510b2cfb7b3ced
Author:     Joonas Niilola <juippis@gentoo.org>
AuthorDate: 2025-04-16 05:03:06 +0000
Commit:     Joonas Niilola <juippis@gentoo.org>
CommitDate: 2025-04-16 05:03:06 +0000

    mail-client/thunderbird-bin: drop 137.0.1
    
    Bug: https://bugs.gentoo.org/953892
    Signed-off-by: Joonas Niilola <juippis@gentoo.org>

 mail-client/thunderbird-bin/Manifest               |  66 -----
 .../thunderbird-bin/thunderbird-bin-137.0.1.ebuild | 279 ---------------------
 2 files changed, 345 deletions(-)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1f7d97dfe1d6e75b4d391018a2aa5d5edd1a9cb6

commit 1f7d97dfe1d6e75b4d391018a2aa5d5edd1a9cb6
Author:     Joonas Niilola <juippis@gentoo.org>
AuthorDate: 2025-04-16 05:03:00 +0000
Commit:     Joonas Niilola <juippis@gentoo.org>
CommitDate: 2025-04-16 05:03:00 +0000

    mail-client/thunderbird-bin: add 137.0.2
    
    Bug: https://bugs.gentoo.org/953892
    Signed-off-by: Joonas Niilola <juippis@gentoo.org>

 mail-client/thunderbird-bin/Manifest               |  66 +++++
 .../thunderbird-bin/thunderbird-bin-137.0.2.ebuild | 279 +++++++++++++++++++++
 2 files changed, 345 insertions(+)
Comment 3 Larry the Git Cow gentoo-dev 2025-04-16 10:44:16 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4a926e0cbcf4d722efe98c64aeb4774c73534c8f

commit 4a926e0cbcf4d722efe98c64aeb4774c73534c8f
Author:     Joonas Niilola <juippis@gentoo.org>
AuthorDate: 2025-04-16 10:43:46 +0000
Commit:     Joonas Niilola <juippis@gentoo.org>
CommitDate: 2025-04-16 10:44:13 +0000

    mail-client/thunderbird: add 137.0.2
    
    Bug: https://bugs.gentoo.org/953892
    Signed-off-by: Joonas Niilola <juippis@gentoo.org>

 mail-client/thunderbird/Manifest                   |   66 ++
 mail-client/thunderbird/thunderbird-137.0.2.ebuild | 1157 ++++++++++++++++++++
 2 files changed, 1223 insertions(+)
Comment 4 Larry the Git Cow gentoo-dev 2025-04-17 07:25:48 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7bd781d38cffb918546ca511c6999ff3863b462d

commit 7bd781d38cffb918546ca511c6999ff3863b462d
Author:     Joonas Niilola <juippis@gentoo.org>
AuthorDate: 2025-04-17 07:23:40 +0000
Commit:     Joonas Niilola <juippis@gentoo.org>
CommitDate: 2025-04-17 07:25:43 +0000

    mail-client/thunderbird-bin: add 128.9.2
    
    Bug: https://bugs.gentoo.org/953892
    Signed-off-by: Joonas Niilola <juippis@gentoo.org>

 mail-client/thunderbird-bin/Manifest               |  66 +++++
 .../thunderbird-bin/thunderbird-bin-128.9.2.ebuild | 279 +++++++++++++++++++++
 2 files changed, 345 insertions(+)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=45cd025fc7dba50fea5c6008621e0d40c81b3025

commit 45cd025fc7dba50fea5c6008621e0d40c81b3025
Author:     Joonas Niilola <juippis@gentoo.org>
AuthorDate: 2025-04-17 07:23:16 +0000
Commit:     Joonas Niilola <juippis@gentoo.org>
CommitDate: 2025-04-17 07:25:43 +0000

    mail-client/thunderbird: add 128.9.2
    
    Bug: https://bugs.gentoo.org/953892
    Signed-off-by: Joonas Niilola <juippis@gentoo.org>

 mail-client/thunderbird/Manifest                   |   65 ++
 mail-client/thunderbird/thunderbird-128.9.2.ebuild | 1171 ++++++++++++++++++++
 2 files changed, 1236 insertions(+)
Comment 5 Larry the Git Cow gentoo-dev 2025-04-18 07:13:54 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=39e141a550822813027aba517d0df3a9f0381aec

commit 39e141a550822813027aba517d0df3a9f0381aec
Author:     Joonas Niilola <juippis@gentoo.org>
AuthorDate: 2025-04-18 07:12:59 +0000
Commit:     Joonas Niilola <juippis@gentoo.org>
CommitDate: 2025-04-18 07:12:59 +0000

    mail-client/thunderbird: stabilize 128.9.2 for amd64
    
    Bug: https://bugs.gentoo.org/953892
    Signed-off-by: Joonas Niilola <juippis@gentoo.org>

 mail-client/thunderbird/thunderbird-128.9.2.ebuild | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)