{"id":"MGASA-2021-0407","summary":"Updated thunderbird packages fix security vulnerabilities","details":"Updated thunderbird packages fix security vulnerabilities:\n\nUninitialized memory in a canvas object could have caused an incorrect\nfree() leading to memory corruption and a potentially exploitable crash\n(CVE-2021-29980).\n\nInstruction reordering during JIT optimization resulted in a sequence of\ninstructions that would cause an object to be incorrectly considered during\ngarbage collection. This led to memory corruption and a potentially\nexploitable crash (CVE-2021-29984).\n\nA use-after-free vulnerability in media channels could have led to memory\ncorruption and a potentially exploitable crash (CVE-2021-29985).\n\nA suspected race condition when calling getaddrinfo while resolving DNS\nnames could have led to memory corruption and a potentially exploitable\ncrash (CVE-2021-29986).\n\nThunderbird incorrectly treated an inline list-item element as a block\nelement, resulting in an out of bounds read or memory corruption, and a\npotentially exploitable crash (CVE-2021-29988).\n\nMozilla developers Christoph Kerschbaumer, Simon Giesecke, Sandor Molnar,\nand Olli Pettay reported memory safety bugs present in Thunderbird ESR\n78.12. Some of these bugs showed evidence of memory corruption and we\npresume that with enough effort some of these could have been exploited to\nrun arbitrary code (CVE-2021-29989).\n","modified":"2026-04-16T04:40:52.023704952Z","published":"2021-08-15T08:38:04Z","upstream":["CVE-2021-29980","CVE-2021-29984","CVE-2021-29985","CVE-2021-29986","CVE-2021-29988","CVE-2021-29989"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2021-0407.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=29355"},{"type":"WEB","url":"https://www.thunderbird.net/en-US/thunderbird/78.13.0/releasenotes/"},{"type":"ADVISORY","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-35/"}],"affected":[{"package":{"name":"thunderbird","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/thunderbird?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"78.13.0-1.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2021-0407.json"}},{"package":{"name":"thunderbird-l10n","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/thunderbird-l10n?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"78.13.0-1.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2021-0407.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}