Red Hat Product Errata RHSA-2021:3500 - Security Advisory
Issued:
2021-09-13
Updated:
2021-09-13

RHSA-2021:3500 - Security Advisory

Synopsis

Important: thunderbird security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for thunderbird is now available for Red Hat Enterprise Linux 8.2 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Mozilla Thunderbird is a standalone mail and newsgroup client.

This update upgrades Thunderbird to version 78.14.0.

Security Fix(es):

  • Mozilla: Memory safety bugs fixed in Firefox 92, Firefox ESR 78.14 and Firefox ESR 91.1 (CVE-2021-38493)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of Thunderbird must be restarted for the update to take effect.

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64
  • Red Hat Enterprise Linux Server - AUS 8.2 x86_64
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2 ppc64le
  • Red Hat Enterprise Linux Server - TUS 8.2 x86_64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.2 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.2 x86_64

Fixes

  • BZ - 2002119 - CVE-2021-38493 Mozilla: Memory safety bugs fixed in Firefox 92, Firefox ESR 78.14 and Firefox ESR 91.1

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2

SRPM
thunderbird-78.14.0-1.el8_2.src.rpm SHA-256: fade11944ff12fcd5b98f7d9f257995051760e830ce11a5d2eb5cc11ae709050
x86_64
thunderbird-78.14.0-1.el8_2.x86_64.rpm SHA-256: 2bd0cd8ffee9930872dc7ecb74262acda9eec4bae96cd724e28db89fd0eab7f9
thunderbird-debuginfo-78.14.0-1.el8_2.x86_64.rpm SHA-256: 54713e989601a0a2d472968b06275199e880259adc9281ca00268cb9e27aa86c
thunderbird-debugsource-78.14.0-1.el8_2.x86_64.rpm SHA-256: 0bb0f8c479a57f3628d62cc2c15cee575df10e70fa284b33232011287a332f37

Red Hat Enterprise Linux Server - AUS 8.2

SRPM
thunderbird-78.14.0-1.el8_2.src.rpm SHA-256: fade11944ff12fcd5b98f7d9f257995051760e830ce11a5d2eb5cc11ae709050
x86_64
thunderbird-78.14.0-1.el8_2.x86_64.rpm SHA-256: 2bd0cd8ffee9930872dc7ecb74262acda9eec4bae96cd724e28db89fd0eab7f9
thunderbird-debuginfo-78.14.0-1.el8_2.x86_64.rpm SHA-256: 54713e989601a0a2d472968b06275199e880259adc9281ca00268cb9e27aa86c
thunderbird-debugsource-78.14.0-1.el8_2.x86_64.rpm SHA-256: 0bb0f8c479a57f3628d62cc2c15cee575df10e70fa284b33232011287a332f37

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2

SRPM
thunderbird-78.14.0-1.el8_2.src.rpm SHA-256: fade11944ff12fcd5b98f7d9f257995051760e830ce11a5d2eb5cc11ae709050
ppc64le
thunderbird-78.14.0-1.el8_2.ppc64le.rpm SHA-256: a19acaa276b233155a208f0df4f15327f012c1e0fb8f331f2c367b04554bb37c
thunderbird-debuginfo-78.14.0-1.el8_2.ppc64le.rpm SHA-256: 29645e2bec6055fa888f606fd3b9145dbd1632e7833661096b67aa1a09705159
thunderbird-debugsource-78.14.0-1.el8_2.ppc64le.rpm SHA-256: 3061e3fcaf9edc21c87b0be89f550c9375c1694132ef32309cc05ec7a6b864b2

Red Hat Enterprise Linux Server - TUS 8.2

SRPM
thunderbird-78.14.0-1.el8_2.src.rpm SHA-256: fade11944ff12fcd5b98f7d9f257995051760e830ce11a5d2eb5cc11ae709050
x86_64
thunderbird-78.14.0-1.el8_2.x86_64.rpm SHA-256: 2bd0cd8ffee9930872dc7ecb74262acda9eec4bae96cd724e28db89fd0eab7f9
thunderbird-debuginfo-78.14.0-1.el8_2.x86_64.rpm SHA-256: 54713e989601a0a2d472968b06275199e880259adc9281ca00268cb9e27aa86c
thunderbird-debugsource-78.14.0-1.el8_2.x86_64.rpm SHA-256: 0bb0f8c479a57f3628d62cc2c15cee575df10e70fa284b33232011287a332f37

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2

SRPM
thunderbird-78.14.0-1.el8_2.src.rpm SHA-256: fade11944ff12fcd5b98f7d9f257995051760e830ce11a5d2eb5cc11ae709050
aarch64
thunderbird-78.14.0-1.el8_2.aarch64.rpm SHA-256: e51da7028c9a020e7f2c4a5c87e6270acae2c87105c36fd252992ebf435254d4
thunderbird-debuginfo-78.14.0-1.el8_2.aarch64.rpm SHA-256: 3afb3afbdd6b17251c123a921dcc8a650b17cdede2ac66b3a369922a5cff6568
thunderbird-debugsource-78.14.0-1.el8_2.aarch64.rpm SHA-256: 9ea7d60836400f71980a0515957ac3a6839a074dfef72cdc9be760291f1b2439

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.2

SRPM
thunderbird-78.14.0-1.el8_2.src.rpm SHA-256: fade11944ff12fcd5b98f7d9f257995051760e830ce11a5d2eb5cc11ae709050
ppc64le
thunderbird-78.14.0-1.el8_2.ppc64le.rpm SHA-256: a19acaa276b233155a208f0df4f15327f012c1e0fb8f331f2c367b04554bb37c
thunderbird-debuginfo-78.14.0-1.el8_2.ppc64le.rpm SHA-256: 29645e2bec6055fa888f606fd3b9145dbd1632e7833661096b67aa1a09705159
thunderbird-debugsource-78.14.0-1.el8_2.ppc64le.rpm SHA-256: 3061e3fcaf9edc21c87b0be89f550c9375c1694132ef32309cc05ec7a6b864b2

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.2

SRPM
thunderbird-78.14.0-1.el8_2.src.rpm SHA-256: fade11944ff12fcd5b98f7d9f257995051760e830ce11a5d2eb5cc11ae709050
x86_64
thunderbird-78.14.0-1.el8_2.x86_64.rpm SHA-256: 2bd0cd8ffee9930872dc7ecb74262acda9eec4bae96cd724e28db89fd0eab7f9
thunderbird-debuginfo-78.14.0-1.el8_2.x86_64.rpm SHA-256: 54713e989601a0a2d472968b06275199e880259adc9281ca00268cb9e27aa86c
thunderbird-debugsource-78.14.0-1.el8_2.x86_64.rpm SHA-256: 0bb0f8c479a57f3628d62cc2c15cee575df10e70fa284b33232011287a332f37

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.