Alerts This Week
Warning Icon 1 697
Alerts This Week
Warning Icon 1 697

Mageia 9 Thunderbird Security Update MGASA-2026-0081 Addresses Spoofing

mageia
Calendar Grey April 2, 2026
Dist Mageia Esm H88
Obtain essential updates for Mageia Thunderbird addressing multiple critical issues to enhance system reliability and security.
MGASA-2026-0081 - Updated thunderbird packages fix security vulnerabilities

Summary

Description: Denial-of-service in the XML component. (CVE-2025-59375) Spoofing issue in Thunderbird. (CVE-2026-3889) Race condition, use-after-free in the Graphics: WebRender component. (CVE-2026-4684) Incorrect boundary conditions in the Graphics: Canvas2D component. (CVE-2026-4685) Incorrect boundary conditions in the Graphics: Canvas2D component. (CVE-2026-4686) Sandbox escape due to incorrect boundary conditions in the Telemetry component. (CVE-2026-4687) Sandbox escape due to use-after-free in the Disability Access APIs component. (CVE-2026-4688) Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. (CVE-2026-4689) Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. (CVE-2026-4690) Use-after-free in the CSS Parsing and Computation component. (CVE-2026-4691) Sandbox escape in the Responsive Design Mode component. (CVE-2026-4692) Incorrect boundary conditions in the Audio/Video: Playback component. ...

References

- https://bugs.mageia.org/show_bug.cgi?id=35273

- https://www.thunderbird.net/en-US/thunderbird/140.9.0esr/releasenotes/

- https://www.mozilla.org/en-US/security/advisories/mfsa2026-24/

- https://www.cve.org/CVERecord?id=CVE-2025-59375

- https://www.cve.org/CVERecord?id=CVE-2026-3889

- https://www.cve.org/CVERecord?id=CVE-2026-4684

- https://www.cve.org/CVERecord?id=CVE-2026-4685

- https://www.cve.org/CVERecord?id=CVE-2026-4686

- https://www.cve.org/CVERecord?id=CVE-2026-4687

- https://www.cve.org/CVERecord?id=CVE-2026-4688

- https://www.cve.org/CVERecord?id=CVE-2026-4689

- https://www.cve.org/CVERecord?id=CVE-2026-4690

- https://www.cve.org/CVERecord?id=CVE-2026-4691

- https://www.cve.org/CVERecord?id=CVE-2026-4692

- https://www.cve.org/CVERecord?id=CVE-2026-4693

- https://www.cve.org/CVERecord?id=CVE-2026-4694

- https://www.cve.org/CVERecord?id=CVE-2026-4695

- https://www.cve.org/CVERecord?id=CVE-2026-4696

- https://www.cve.org/CVERecord?id=CVE-2026-4697

- https://www.cve.org/CVERecord?id=CVE-2026-4698

- https://www.cve.org/CVERecord?id=CVE-2026-4699

- https://www.cve.org/CVERecord?id=CVE-2026-4700

- https://www.cve.org/CVERecord?id=CVE-2026-4701

- https://www.cve.org/CVERecord?id=CVE-2026-4702

- https://www.cve.org/CVERecord?id=CVE-2026-4704

- https://www.cve.org/CVERecord?id=CVE-2026-4705

- https://www.cve.org/CVERecord?id=CVE-2026-4706

- https://www.cve.org/CVERecord?id=CVE-2026-4707

- https://www.cve.org/CVERecord?id=CVE-2026-4708

- https://www.cve.org/CVERecord?id=CVE-2026-4709

- https://www.cve.org/CVERecord?id=CVE-2026-4710

- https://www.cve.org/CVERecord?id=CVE-2026-4711

- https://www.cve.org/CVERecord?id=CVE-2026-4712

- https://www.cve.org/CVERecord?id=CVE-2026-4713

- https://www.cve.org/CVERecord?id=CVE-2026-4714

- https://www.cve.org/CVERecord?id=CVE-2026-4715

- https://www.cve.org/CVERecord?id=CVE-2026-4716

- https://www.cve.org/CVERecord?id=CVE-2026-4717

- https://www.cve.org/CVERecord?id=CVE-2026-4718

- https://www.cve.org/CVERecord?id=CVE-2026-4719

- https://www.cve.org/CVERecord?id=CVE-2026-4720

- https://www.cve.org/CVERecord?id=CVE-2026-4721

Topics%20covered

Topics Covered

security advisory denial of service buffer overflow thunderbird spoofing issue Mageia

Resolution

SRPMS

- 9/core/thunderbird-140.9.0-1.mga9

- 9/core/thunderbird-l10n-140.9.0-1.mga9

Severity
critical
Lowest
Low
Medium
High
Critical

Publication date: 02 Apr 2026
URL: https://advisories.mageia.org/MGASA-2026-0081.html
Type: security
CVE: CVE-2025-59375, CVE-2026-3889, CVE-2026-4684, CVE-2026-4685, CVE-2026-4686, CVE-2026-4687, CVE-2026-4688, CVE-2026-4689, CVE-2026-4690, CVE-2026-4691, CVE-2026-4692, CVE-2026-4693, CVE-2026-4694, CVE-2026-4695, CVE-2026-4696, CVE-2026-4697, CVE-2026-4698, CVE-2026-4699, CVE-2026-4700, CVE-2026-4701, CVE-2026-4702, CVE-2026-4704, CVE-2026-4705, CVE-2026-4706, CVE-2026-4707, CVE-2026-4708, CVE-2026-4709, CVE-2026-4710, CVE-2026-4711, CVE-2026-4712, CVE-2026-4713, CVE-2026-4714, CVE-2026-4715, CVE-2026-4716, CVE-2026-4717, CVE-2026-4718, CVE-2026-4719, CVE-2026-4720, CVE-2026-4721

Topics%20covered

Topics Covered

security advisory denial of service buffer overflow thunderbird spoofing issue Mageia

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here