Summary: | <mail-client/thunderbird{-bin,}-91.3.2: ElGamal plaintext recovery via bundled dev-libs/botan (CVE-2021-40529) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | mozilla |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B4 [glsa+] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | |||
Bug Blocks: | 811909 |
Description
John Helmert III
![]() ![]() ![]() ![]() Fixed in 2.18.2. (In reply to John Helmert III from comment #1) > Fixed in 2.18.2. ... which is in Thunderbird 91.3.2. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=8856093f804feeda5fe9097d49ba3307aaefc9c2 commit 8856093f804feeda5fe9097d49ba3307aaefc9c2 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2022-08-10 04:08:55 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2022-08-10 04:17:36 +0000 [ GLSA 202208-14 ] Mozilla Thunderbird: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/794085 Bug: https://bugs.gentoo.org/802759 Bug: https://bugs.gentoo.org/807943 Bug: https://bugs.gentoo.org/811912 Bug: https://bugs.gentoo.org/813501 Bug: https://bugs.gentoo.org/822294 Bug: https://bugs.gentoo.org/828539 Bug: https://bugs.gentoo.org/831040 Bug: https://bugs.gentoo.org/833520 Bug: https://bugs.gentoo.org/834805 Bug: https://bugs.gentoo.org/845057 Bug: https://bugs.gentoo.org/846596 Bug: https://bugs.gentoo.org/849047 Bug: https://bugs.gentoo.org/857048 Bug: https://bugs.gentoo.org/864577 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: John Helmert III <ajak@gentoo.org> glsa-202208-14.xml | 165 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 165 insertions(+) GLSA released, all done! |