{"id":"MGASA-2021-0427","summary":"Updated thunderbird packages fix security vulnerability","details":"Mozilla developers Tyson Smith and Gabriele Svelto reported memory safety\nbugs present in Thunderbird ESR 78.13. Some of these bugs showed evidence\nof memory corruption and we presume that with enough effort some of these\ncould have been exploited to run arbitrary code (CVE-2021-38493).\n\nThe thunderbird package has been updated to the 91 branch.  See the\nupstream release notes for details.\n","modified":"2026-01-30T10:12:50.270887Z","published":"2021-09-23T04:49:29Z","related":["CVE-2021-38493"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2021-0427.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=29378"},{"type":"REPORT","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-42/"},{"type":"REPORT","url":"https://www.thunderbird.net/en-US/thunderbird/91.0/releasenotes/"},{"type":"REPORT","url":"https://www.thunderbird.net/en-US/thunderbird/91.0.1/releasenotes/"},{"type":"REPORT","url":"https://www.thunderbird.net/en-US/thunderbird/91.0.2/releasenotes/"},{"type":"REPORT","url":"https://www.thunderbird.net/en-US/thunderbird/91.0.3/releasenotes/"},{"type":"REPORT","url":"https://www.thunderbird.net/en-US/thunderbird/91.1.0/releasenotes/"},{"type":"REPORT","url":"https://www.thunderbird.net/en-US/thunderbird/91.1.1/releasenotes/"},{"type":"REPORT","url":"https://access.redhat.com/errata/RHSA-2021:3494"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=29471"}],"affected":[{"package":{"name":"thunderbird","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/thunderbird?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"91.1.1-1.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2021-0427.json"}},{"package":{"name":"thunderbird-l10n","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/thunderbird-l10n?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"91.1.1-1.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2021-0427.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}