{"id":"MGASA-2026-0164","summary":"Updated thunderbird(-l10n) packages fix security vulnerabilities","details":"The updated packages fix security vulnerabilities:\nIncorrect boundary conditions in the Audio/Video: Web Codecs component.\n(CVE-2026-8946)\nIncorrect boundary conditions in the JavaScript Engine: JIT component.\n(CVE-2026-8388)\nUse-after-free in the DOM: Bindings (WebIDL) component. (CVE-2026-8947)\nOther issue in the JavaScript Engine component. (CVE-2026-8391)\nSandbox escape in the Profile Backup component. (CVE-2026-8401)\nSame-origin policy bypass in the Networking: HTTP component.\n(CVE-2026-8950)\nSandbox escape due to use-after-free in the Disability Access APIs\ncomponent. (CVE-2026-8953)\nIncorrect boundary conditions, integer overflow in the Audio/Video\ncomponent. (CVE-2026-8954)\nPrivilege escalation in the DOM: Workers component. (CVE-2026-8955)\nInteger overflow in the Networking: JAR component. (CVE-2026-8956)\nPrivilege escalation in the Enterprise Policies component.\n(CVE-2026-8957)\nInformation disclosure, sandbox escape in the Security: Process\nSandboxing component. (CVE-2026-8958)\nSpoofing issue in the Form Autofill component. (CVE-2026-8961)\nMitigation bypass in the DOM: Security component. (CVE-2026-8962)\nDenial-of-service due to invalid pointer in the Audio/Video: Web Codecs\ncomponent. (CVE-2026-8968)\nPrivilege escalation in the Security component. (CVE-2026-8970)\nMemory safety bugs fixed in Thunderbird 140.11 and Thunderbird 151.\n(CVE-2026-8974)\nMemory safety bugs fixed in Thunderbird 140.11 and Thunderbird 151.\n(CVE-2026-8975)\n","modified":"2026-05-29T05:15:04.524435698Z","published":"2026-05-29T05:12:50Z","upstream":["CVE-2026-8388","CVE-2026-8391","CVE-2026-8401","CVE-2026-8946","CVE-2026-8947","CVE-2026-8950","CVE-2026-8953","CVE-2026-8954","CVE-2026-8955","CVE-2026-8956","CVE-2026-8957","CVE-2026-8958","CVE-2026-8961","CVE-2026-8962","CVE-2026-8968","CVE-2026-8970","CVE-2026-8974","CVE-2026-8975"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2026-0164.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=35560"},{"type":"WEB","url":"https://www.thunderbird.net/en-US/thunderbird/140.11.0esr/releasenotes/"},{"type":"ADVISORY","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51/"}],"affected":[{"package":{"name":"thunderbird","ecosystem":"Mageia:9","purl":"pkg:rpm/mageia/thunderbird?arch=source&distro=mageia-9"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"140.11.0-1.mga9"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2026-0164.json"}},{"package":{"name":"thunderbird-l10n","ecosystem":"Mageia:9","purl":"pkg:rpm/mageia/thunderbird-l10n?arch=source&distro=mageia-9"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"140.11.0-1.mga9"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2026-0164.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}