RHSA-2021:3155: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.13.0. Security Fix(es):

• Mozilla: Uninitialized memory in a canvas object could have led to memory corruption (CVE-2021-29980)
• Mozilla: Incorrect instruction reordering during JIT optimization (CVE-2021-29984)
• Mozilla: Race condition when resolving DNS names could have led to memory corruption (CVE-2021-29986)
• Mozilla: Memory corruption as a result of incorrect style treatment (CVE-2021-29988)
• Mozilla: Memory safety bugs fixed in Thunderbird 78.13 (CVE-2021-29989)
• Mozilla: Use-after-free media channels (CVE-2021-29985) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Related CVEs:
• CVE-2021-29980: Mozilla: Uninitialized memory in a canvas object could have led to memory corruption
• CVE-2021-29984: Mozilla: Incorrect instruction reordering during JIT optimization
• CVE-2021-29985: Mozilla: Use-after-free media channels
• CVE-2021-29986: Mozilla: Race condition when resolving DNS names could have led to memory corruption
• CVE-2021-29988: Mozilla: Memory corruption as a result of incorrect style treatment
• CVE-2021-29989: Mozilla: Memory safety bugs fixed in Thunderbird 78.13