778272 – (MFSA-2021-12) <mail-client/thunderbird{-bin,}-78.9.0: multiple vulnerabilities (MFSA-2021-12)

Bug 778272 (MFSA-2021-12) - <mail-client/thunderbird{-bin,}-78.9.0: multiple vulnerabilities (MFSA-2021-12)

Summary: <mail-client/thunderbird{-bin,}-78.9.0: multiple vulnerabilities (MFSA-2021-12)

Status:	RESOLVED FIXED

Alias:	MFSA-2021-12

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal major (vote)
Assignee:	Gentoo Security

URL:	https://www.mozilla.org/en-US/securit...
Whiteboard:	A2 [glsa+ cve]
Keywords:

Depends on:
Blocks:	CVE-2021-23981, CVE-2021-23982, CVE-2021-23984, CVE-2021-23987, MOZ-2021-0002
	Show dependency tree

Reported:	2021-03-25 21:48 UTC by John Helmert III
Modified:	2021-05-01 00:02 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description John Helmert III archtester

2021-03-25 21:48:03 UTC

See tracker for details. Please bump to 78.9.

Comment 1 John Helmert III archtester

2021-03-27 02:20:04 UTC

Please stabilize when ready.

Comment 2 Larry the Git Cow gentoo-dev

2021-03-27 20:50:15 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2fe50f402bfbbacb3d32bf966c10217e32eb2319

commit 2fe50f402bfbbacb3d32bf966c10217e32eb2319
Author:     Thomas Deutschmann <whissi@gentoo.org>
AuthorDate: 2021-03-27 20:50:06 +0000
Commit:     Thomas Deutschmann <whissi@gentoo.org>
CommitDate: 2021-03-27 20:50:11 +0000

    mail-client/thunderbird: amd64 & x86 stable
    
    Bug: https://bugs.gentoo.org/778272
    Package-Manager: Portage-3.0.17, Repoman-3.0.2
    Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>

 mail-client/thunderbird/thunderbird-78.9.0.ebuild | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Comment 3 Larry the Git Cow gentoo-dev

2021-04-06 11:06:00 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=86c0d19af6a59d3a703a23c6f0068a3503990c51

commit 86c0d19af6a59d3a703a23c6f0068a3503990c51
Author:     Joonas Niilola <juippis@gentoo.org>
AuthorDate: 2021-04-06 11:05:05 +0000
Commit:     Joonas Niilola <juippis@gentoo.org>
CommitDate: 2021-04-06 11:05:54 +0000

    mail-client/thunderbird: security cleanup
    
    Bug: https://bugs.gentoo.org/778272
    Signed-off-by: Joonas Niilola <juippis@gentoo.org>

 mail-client/thunderbird/Manifest                  |   65 --
 mail-client/thunderbird/thunderbird-78.8.1.ebuild | 1108 ---------------------
 2 files changed, 1173 deletions(-)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=602fa6a1559d485a79cefd7e0ef668d319ec3521

commit 602fa6a1559d485a79cefd7e0ef668d319ec3521
Author:     Joonas Niilola <juippis@gentoo.org>
AuthorDate: 2021-04-06 11:04:43 +0000
Commit:     Joonas Niilola <juippis@gentoo.org>
CommitDate: 2021-04-06 11:05:54 +0000

    mail-client/thunderbird-bin: security cleanup
    
    Bug: https://bugs.gentoo.org/778272
    Signed-off-by: Joonas Niilola <juippis@gentoo.org>

 mail-client/thunderbird-bin/Manifest               |  66 ----
 .../thunderbird-bin/thunderbird-bin-78.8.1.ebuild  | 378 ---------------------
 2 files changed, 444 deletions(-)

Comment 4 Thomas Deutschmann (RETIRED) gentoo-dev

2021-04-30 22:31:51 UTC

Added to an existing GLSA.

Comment 5 GLSAMaker/CVETool Bot gentoo-dev

2021-05-01 00:02:58 UTC

This issue was resolved and addressed in
 GLSA 202104-09 at https://security.gentoo.org/glsa/202104-09
by GLSA coordinator Thomas Deutschmann (whissi).