Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 488
Alerts This Week
Warning Icon 1 488

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 50 articles for you...
100

SUSE MozillaThunderbird Important Sandbox Escape DoS 2026-2852-1

An update that solves 29 vulnerabilities can now be installed.. # Security update for MozillaThunderbird Announcement ID: SUSE-SU-2026:2852-1 Release Date: 2026-07-10T17:49:29Z Rating: important References: * bsc#1268071 Cross-References: * CVE-2026-12289 * CVE-2026-12290 * CVE-2026-12291 * CVE-2026-12292 * CVE-2026-12294 * CVE-2026-12295 * CVE-2026-12296 * CVE-2026-12297 * CVE-2026-12298 * CVE-2026-12299 * CVE-2026-12302 * CVE-2026-12304 * CVE-2026-12305 * CVE-2026-12306 * CVE-2026-12307 * CVE-2026-12308 * CVE-2026-12309 * CVE-2026-12310 * CVE-2026-12311 * CVE-2026-12312 * CVE-2026-12313 * CVE-2026-12314 * CVE-2026-12315 * CVE-2026-12324 * CVE-2026-12325 * CVE-2026-12327 * CVE-2026-12328 * CVE-2026-12329 * CVE-2026-12330 CVSS scores: * CVE-2026-12289 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-12289 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-12290 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N * CVE-2026-12290 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N * CVE-2026-12290 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-12291 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-12291 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-12291 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-12292 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2026-12292 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-12292 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N * CVE-2026-12294 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-12294 ( NVD ): 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H * CVE-2026-12294 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-12295 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-12295 ( NVD ): 7.5CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-12295 ( NVD ): 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H * CVE-2026-12296 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-12296 ( NVD ): 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H * CVE-2026-12296 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-12297 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-12297 ( NVD ): 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H * CVE-2026-12297 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-12298 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2026-12298 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-12298 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2026-12299 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2026-12299 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2026-12299 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-12302 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-12302 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-12304 ( SUSE ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-12304 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-12305 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-12305 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-12306 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-12306 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-12307 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-12307 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-12308 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-12308 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-12309 ( SUSE ): 6.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2026-12309 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2026-12310 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-12310 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-12311 ( SUSE ): 4.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N * CVE-2026-12311 ( NVD ): 4.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N * CVE-2026-12312 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-12312 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-12313 ( SUSE ): 4.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N * CVE-2026-12313 ( NVD ): 4.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N * CVE-2026-12314 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-12314 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-12315 ( SUSE ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-12315 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-12324 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2026-12324 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2026-12325 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-12325 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-12327 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-12327 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-12328 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-12328 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-12328 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-12329 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-12329 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-12329 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-12330 ( SUSE ): 5.4CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2026-12330 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N Affected Products: * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Linux Enterprise Workstation Extension 15 SP7 * SUSE Package Hub 15 15-SP7 An update that solves 29 vulnerabilities can now be installed. ## Description: This update for MozillaThunderbird fixes the following issues Update to Firefox 140.12.0 ESR (MFSA 2026-58, bsc#1268071): * CVE-2026-12289: Privilege escalation in the Graphics: WebRender component. * CVE-2026-12290: Memory safety bug fixed in Firefox ESR 140.12. * CVE-2026-12291: Use-after-free in the Networking: HTTP component. * CVE-2026-12292: Incorrect boundary conditions in the Web Audio component. * CVE-2026-12294: Sandbox escape in the DOM: Workers component. * CVE-2026-12295: Sandbox escape in the DOM: Navigation component. * CVE-2026-12296: Sandbox escape in the Security: Process Sandboxing component. * CVE-2026-12297: Sandbox escape due to incorrect boundary conditions in the Networking component. * CVE-2026-12298: Memory safety bug fixed in Firefox ESR 140.12. * CVE-2026-12299: JIT miscompilation in the DOM: Core & HTML component. * CVE-2026-12302: Mitigation bypass in the DOM: Security component. * CVE-2026-12304: Same-origin policy bypass in the Networking: Cookies component. * CVE-2026-12305: Memory safety bug fixed in Firefox ESR 140.12. * CVE-2026-12306: Memory safety bug fixed in Firefox ESR 140.12. * CVE-2026-12307: Memory safety bug fixed in Firefox ESR 140.12. * CVE-2026-12308: Memory safety bug fixed in Firefox ESR 140.12. * CVE-2026-12309: Memory safety bug fixed in Firefox ESR 140.12. * CVE-2026-12310: Memory safety bug fixed in Firefox ESR 140.12. * CVE-2026-12311: Information disclosure, sandbox escape in the Security: ProcessSandboxing component. * CVE-2026-12312: Memory safety bug fixed in Firefox ESR 140.12. * CVE-2026-12313: Information disclosure, sandbox escape in the Security: Process Sandboxing component. * CVE-2026-12314: Memory safety bug fixed in Firefox ESR 140.12. * CVE-2026-12315: Mitigation bypass in the DOM: Security component. * CVE-2026-12324: Incorrect boundary conditions in the Graphics: CanvasWebGL component. * CVE-2026-12325: Denial-of-service in the Graphics: ImageLib component. * CVE-2026-12327: Memory safety bugs fixed in Firefox ESR 140.12, Thunderbird ESR 140.12, Firefox 152 and Thunderbird 152. * CVE-2026-12328: Memory safety bugs fixed in Firefox ESR 115.37, Firefox ESR 140.12, Thunderbird ESR 140.12, Firefox 152 and Thunderbird 152. * CVE-2026-12329: Memory safety bug fixed in Firefox ESR 140.12. * CVE-2026-12330: Incorrect boundary conditions in the Internationalization component. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-2852=1 * SUSE Linux Enterprise Workstation Extension 15 SP7 zypper in -t patch SUSE-SLE-Product-WE-15-SP7-2026-2852=1 ## Package List: * SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x) * MozillaThunderbird-translations-common-140.12.0-150200.8.277.1 * MozillaThunderbird-140.12.0-150200.8.277.1 * MozillaThunderbird-translations-other-140.12.0-150200.8.277.1 * MozillaThunderbird-debuginfo-140.12.0-150200.8.277.1 * MozillaThunderbird-debugsource-140.12.0-150200.8.277.1 * SUSE Linux Enterprise Workstation Extension 15 SP7 (x86_64) * MozillaThunderbird-translations-common-140.12.0-150200.8.277.1 * MozillaThunderbird-140.12.0-150200.8.277.1 * MozillaThunderbird-translations-other-140.12.0-150200.8.277.1 *MozillaThunderbird-debuginfo-140.12.0-150200.8.277.1 * MozillaThunderbird-debugsource-140.12.0-150200.8.277.1 ## References: * https://www.suse.com/security/cve/CVE-2026-12289.html * https://www.suse.com/security/cve/CVE-2026-12290.html * https://www.suse.com/security/cve/CVE-2026-12291.html * https://www.suse.com/security/cve/CVE-2026-12292.html * https://www.suse.com/security/cve/CVE-2026-12294.html * https://www.suse.com/security/cve/CVE-2026-12295.html * https://www.suse.com/security/cve/CVE-2026-12296.html * https://www.suse.com/security/cve/CVE-2026-12297.html * https://www.suse.com/security/cve/CVE-2026-12298.html * https://www.suse.com/security/cve/CVE-2026-12299.html * https://www.suse.com/security/cve/CVE-2026-12302.html * https://www.suse.com/security/cve/CVE-2026-12304.html * https://www.suse.com/security/cve/CVE-2026-12305.html * https://www.suse.com/security/cve/CVE-2026-12306.html * https://www.suse.com/security/cve/CVE-2026-12307.html * https://www.suse.com/security/cve/CVE-2026-12308.html * https://www.suse.com/security/cve/CVE-2026-12309.html * https://www.suse.com/security/cve/CVE-2026-12310.html * https://www.suse.com/security/cve/CVE-2026-12311.html * https://www.suse.com/security/cve/CVE-2026-12312.html * https://www.suse.com/security/cve/CVE-2026-12313.html * https://www.suse.com/security/cve/CVE-2026-12314.html * https://www.suse.com/security/cve/CVE-2026-12315.html * https://www.suse.com/security/cve/CVE-2026-12324.html * https://www.suse.com/security/cve/CVE-2026-12325.html * https://www.suse.com/security/cve/CVE-2026-12327.html * https://www.suse.com/security/cve/CVE-2026-12328.html * https://www.suse.com/security/cve/CVE-2026-12329.html * https://www.suse.com/security/cve/CVE-2026-12330.html * https://bugzilla.suse.com/show_bug.cgi?id=1268071 . A critical security update for MozillaThunderbird addresses 29 issues, including sandbox escapes and DoS attacks.. SUSE security update, MozillaThunderbird patch, importantvulnerabilities. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 13, 2026 Important SuSE
202

openSUSE Tumbleweed Mozilla Thunderbird Moderate Risk Advisory 2026-11164-1

An update that solves 2 vulnerabilities can now be installed.. # MozillaThunderbird-140.12.1-1.1 on GA media Announcement ID: openSUSE-SU-2026:11164-1 Rating: moderate Cross-References: * CVE-2026-57962 * CVE-2026-57963 CVSS scores: * CVE-2026-57962 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-57963 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N Affected Products: * openSUSE Tumbleweed An update that solves 2 vulnerabilities can now be installed. ## Description: These are all security issues fixed in the MozillaThunderbird-140.12.1-1.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * MozillaThunderbird 140.12.1-1.1 * MozillaThunderbird-openpgp-librnp 140.12.1-1.1 * MozillaThunderbird-translations-common 140.12.1-1.1 * MozillaThunderbird-translations-other 140.12.1-1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-57962.html * https://www.suse.com/security/cve/CVE-2026-57963.html . Update for MozillaThunderbird resolves two moderate vulnerabilities in openSUSE Tumbleweed, enhancing system security.. openSUSE update, MozillaThunderbird vulnerabilities, moderate security issue, software update. . Severity: moderate. LinuxSecurity.com Team

Calendar%202 Jul 02, 2026 moderate OpenSUSE
99

Slackware Mozilla Thunderbird Important Security Fix 2026-168-04

New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix security issues.. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] mozilla-thunderbird (SSA:2026-168-04) New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: +--------------------------+ patches/packages/mozilla-thunderbird-140.12.0esr-i686-1_slack15.0.txz: Upgraded. This release contains security fixes and improvements. For more information, see: https://www.mozilla.org/en-US/thunderbird/140.12.0esr/releasenotes/ https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/ https://www.cve.org/CVERecord?id=CVE-2026-12289 https://www.cve.org/CVERecord?id=CVE-2026-12290 https://www.cve.org/CVERecord?id=CVE-2026-12291 https://www.cve.org/CVERecord?id=CVE-2026-12292 https://www.cve.org/CVERecord?id=CVE-2026-12294 https://www.cve.org/CVERecord?id=CVE-2026-12295 https://www.cve.org/CVERecord?id=CVE-2026-12298 https://www.cve.org/CVERecord?id=CVE-2026-12296 https://www.cve.org/CVERecord?id=CVE-2026-12297 https://www.cve.org/CVERecord?id=CVE-2026-12299 https://www.cve.org/CVERecord?id=CVE-2026-12329 https://www.cve.org/CVERecord?id=CVE-2026-12302 https://www.cve.org/CVERecord?id=CVE-2026-12304 https://www.cve.org/CVERecord?id=CVE-2026-12305 https://www.cve.org/CVERecord?id=CVE-2026-12306 https://www.cve.org/CVERecord?id=CVE-2026-12307 https://www.cve.org/CVERecord?id=CVE-2026-12308 https://www.cve.org/CVERecord?id=CVE-2026-12309 https://www.cve.org/CVERecord?id=CVE-2026-12310 https://www.cve.org/CVERecord?id=CVE-2026-12311 https://www.cve.org/CVERecord?id=CVE-2026-12312 https://www.cve.org/CVERecord?id=CVE-2026-12313 https://www.cve.org/CVERecord?id=CVE-2026-12314 https://www.cve.org/CVERecord?id=CVE-2026-12315 https://www.cve.org/CVERecord?id=CVE-2026-12330 https://www.cve.org/CVERecord?id=CVE-2026-12324 https://www.cve.org/CVERecord?id=CVE-2026-12325 https://www.cve.org/CVERecord?id=CVE-2026-12327 https://www.cve.org/CVERecord?id=CVE-2026-12328 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated package for Slackware 15.0: ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/mozilla-thunderbird-140.12.0esr-i686-1_slack15.0.txz Updated package for Slackware x86_64 15.0: ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/mozilla-thunderbird-140.12.0esr-x86_64-1_slack15.0.txz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/mozilla-thunderbird-140.12.0esr-i686-1.txz Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/xap/mozilla-thunderbird-140.12.0esr-x86_64-1.txz MD5 signatures: +-------------+ Slackware 15.0 package: 51bc5915be253647cb39276630a60a12 mozilla-thunderbird-140.12.0esr-i686-1_slack15.0.txz Slackware x86_64 15.0 package: 639beeba12f6b6eb1517e088e36949e1 mozilla-thunderbird-140.12.0esr-x86_64-1_slack15.0.txz Slackware -current package: d6725be0ff75f5bba020d56074ca403d xap/mozilla-thunderbird-140.12.0esr-i686-1.txz Slackware x86_64 -current package: f09ea6bec45ad46b5c0497f56b26393b xap/mozilla-thunderbird-140.12.0esr-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg mozilla-thunderbird-140.12.0esr-i686-1_slack15.0.txz +-----+ . Security update for mozilla-thunderbird in Slackware 15.0 to address critical issues. Upgrade recommended to maintain system integrity.. mozilla-thunderbird, Slackwaresecurity, software patch, critical update. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jun 17, 2026 Critical Slackware
100

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

An update that solves 23 vulnerabilities can now be installed.. # Security update for MozillaThunderbird Announcement ID: SUSE-SU-2026:2271-1 Release Date: 2026-06-05T06:37:08Z Rating: important References: * bsc#1265212 Cross-References: * CVE-2026-8090 * CVE-2026-8092 * CVE-2026-8094 * CVE-2026-8388 * CVE-2026-8391 * CVE-2026-8401 * CVE-2026-8946 * CVE-2026-8947 * CVE-2026-8949 * CVE-2026-8950 * CVE-2026-8953 * CVE-2026-8954 * CVE-2026-8955 * CVE-2026-8956 * CVE-2026-8957 * CVE-2026-8958 * CVE-2026-8959 * CVE-2026-8961 * CVE-2026-8962 * CVE-2026-8968 * CVE-2026-8970 * CVE-2026-8974 * CVE-2026-8975 CVSS scores: * CVE-2026-8090 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-8090 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2026-8092 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-8092 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-8094 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-8094 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-8388 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-8391 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-8401 ( SUSE ): 8.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H * CVE-2026-8401 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-8946 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-8946 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-8947 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-8947 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2026-8949 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2026-8949 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-8950 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2026-8950 ( NVD ): 9.3CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N * CVE-2026-8953 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L * CVE-2026-8953 ( NVD ): 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H * CVE-2026-8954 ( SUSE ): 7.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L * CVE-2026-8954 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-8955 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2026-8955 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-8956 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2026-8956 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-8957 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2026-8957 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-8958 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N * CVE-2026-8958 ( NVD ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N * CVE-2026-8959 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L * CVE-2026-8959 ( NVD ): 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H * CVE-2026-8961 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2026-8961 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2026-8962 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2026-8962 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N * CVE-2026-8968 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2026-8968 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-8970 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2026-8970 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-8974 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-8974 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-8975 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-8975 ( NVD ): 8.8CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Linux Enterprise Workstation Extension 15 SP7 * SUSE Package Hub 15 15-SP7 An update that solves 23 vulnerabilities can now be installed. ## Description: This update for MozillaThunderbird fixes the following issues * Updated to Mozilla Thunderbird 140.11 (bsc#1265212) MFSA 2026-44: * CVE-2026-8090: Use-after-free in the DOM: Networking component. * CVE-2026-8092: Memory safety bugs fixed in Thunderbird ESR 140.10.2 and Thunderbird 150.0.2. * CVE-2026-8094: Other issue in the WebRTC component. MFSA 2026-51: * CVE-2026-8388: Incorrect boundary conditions in the JavaScript Engine: JIT component. * CVE-2026-8391: Other issue in the JavaScript Engine component. * CVE-2026-8401: Sandbox escape in the Profile Backup component. * CVE-2026-8946: Incorrect boundary conditions in the Audio/Video: Web Codecs component. * CVE-2026-8947: Use-after-free in the DOM: Bindings (WebIDL) component. * CVE-2026-8949: Integer overflow in the Widget: Win32 component. * CVE-2026-8950: Same-origin policy bypass in the Networking: HTTP component. * CVE-2026-8953: Sandbox escape due to use-after-free in the Disability Access APIs component. * CVE-2026-8954: Incorrect boundary conditions, integer overflow in the Audio/Video component. * CVE-2026-8955: Privilege escalation in the DOM: Workers component. * CVE-2026-8956: Integer overflow in the Networking: JAR component. * CVE-2026-8957: Privilege escalation in the Enterprise Policies component. * CVE-2026-8958: Information disclosure, sandbox escape in the Security: Process Sandboxing component. * CVE-2026-8959: Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component. * CVE-2026-8961: Spoofing issue in the Form Autofillcomponent. * CVE-2026-8962: Mitigation bypass in the DOM: Security component. * CVE-2026-8968: Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component. * CVE-2026-8970: Privilege escalation in the Security component. * CVE-2026-8974: Memory safety bugs fixed in Thunderbird 140.11 and Thunderbird 151. * CVE-2026-8975: Memory safety bugs fixed in Thunderbird 140.11 and Thunderbird 151. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-2271=1 * SUSE Linux Enterprise Workstation Extension 15 SP7 zypper in -t patch SUSE-SLE-Product-WE-15-SP7-2026-2271=1 ## Package List: * SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x) * MozillaThunderbird-debugsource-140.11.0-150200.8.274.1 * MozillaThunderbird-140.11.0-150200.8.274.1 * MozillaThunderbird-debuginfo-140.11.0-150200.8.274.1 * MozillaThunderbird-translations-common-140.11.0-150200.8.274.1 * MozillaThunderbird-translations-other-140.11.0-150200.8.274.1 * SUSE Linux Enterprise Workstation Extension 15 SP7 (x86_64) * MozillaThunderbird-debugsource-140.11.0-150200.8.274.1 * MozillaThunderbird-140.11.0-150200.8.274.1 * MozillaThunderbird-debuginfo-140.11.0-150200.8.274.1 * MozillaThunderbird-translations-common-140.11.0-150200.8.274.1 * MozillaThunderbird-translations-other-140.11.0-150200.8.274.1 ## References: * https://www.suse.com/security/cve/CVE-2026-8090.html * https://www.suse.com/security/cve/CVE-2026-8092.html * https://www.suse.com/security/cve/CVE-2026-8094.html * https://www.suse.com/security/cve/CVE-2026-8388.html * https://www.suse.com/security/cve/CVE-2026-8391.html * https://www.suse.com/security/cve/CVE-2026-8401.html * https://www.suse.com/security/cve/CVE-2026-8946.html *https://www.suse.com/security/cve/CVE-2026-8947.html * https://www.suse.com/security/cve/CVE-2026-8949.html * https://www.suse.com/security/cve/CVE-2026-8950.html * https://www.suse.com/security/cve/CVE-2026-8953.html * https://www.suse.com/security/cve/CVE-2026-8954.html * https://www.suse.com/security/cve/CVE-2026-8955.html * https://www.suse.com/security/cve/CVE-2026-8956.html * https://www.suse.com/security/cve/CVE-2026-8957.html * https://www.suse.com/security/cve/CVE-2026-8958.html * https://www.suse.com/security/cve/CVE-2026-8959.html * https://www.suse.com/security/cve/CVE-2026-8961.html * https://www.suse.com/security/cve/CVE-2026-8962.html * https://www.suse.com/security/cve/CVE-2026-8968.html * https://www.suse.com/security/cve/CVE-2026-8970.html * https://www.suse.com/security/cve/CVE-2026-8974.html * https://www.suse.com/security/cve/CVE-2026-8975.html * https://bugzilla.suse.com/show_bug.cgi?id=1265212 . Update for Mozilla Thunderbird addresses critical memory safety and use-after-free issues with important severity.. Mozilla Thunderbird security update, SUSE important advisory, memory safety fixes, use-after-free vulnerability. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 05, 2026 Important SuSE
99

Slackware 15.0 Mozilla-Thunderbird Important Security Fix 2026-146-01

New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix security issues.. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] mozilla-thunderbird (SSA:2026-146-01) New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: +--------------------------+ patches/packages/mozilla-thunderbird-140.11.1esr-i686-1_slack15.0.txz: Upgraded. This release contains security fixes and improvements. For more information, see: https://www.mozilla.org/en-US/thunderbird/140.11.1esr/releasenotes/ (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated package for Slackware 15.0: ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/mozilla-thunderbird-140.11.1esr-i686-1_slack15.0.txz Updated package for Slackware x86_64 15.0: ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/mozilla-thunderbird-140.11.1esr-x86_64-1_slack15.0.txz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/mozilla-thunderbird-140.11.1esr-i686-1.txz Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/xap/mozilla-thunderbird-140.11.1esr-x86_64-1.txz MD5 signatures: +-------------+ Slackware 15.0 package: 5916cf9d584b4dda2872777acdfde2b6 mozilla-thunderbird-140.11.1esr-i686-1_slack15.0.txz Slackware x86_64 15.0 package: 6223c2b249668d395e95e7892868534c mozilla-thunderbird-140.11.1esr-x86_64-1_slack15.0.txz Slackware -current package: c6c8a43ebac3d4f5c7afcd2d6be46974 xap/mozilla-thunderbird-140.11.1esr-i686-1.txz Slackware x86_64-current package: d262b9829fd020a4aacf27c5d9842590 xap/mozilla-thunderbird-140.11.1esr-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg mozilla-thunderbird-140.11.1esr-i686-1_slack15.0.txz +-----+ . Security updates for mozilla-thunderbird enhance protection on Slackware 15.0 addressing vital issues promptly.. Slackware, mozilla-thunderbird, package updates, security patches. . Severity: Important. LinuxSecurity.com Team

Calendar%202 May 26, 2026 Important Slackware
99

Slackware 15.0 Mozilla-Thunderbird Vital Buffer Overflow Patch 2026-128-02

New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix security issues.. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] mozilla-thunderbird (SSA:2026-128-02) New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: +--------------------------+ patches/packages/mozilla-thunderbird-140.10.2esr-i686-1_slack15.0.txz: Upgraded. This release contains security fixes and improvements. For more information, see: https://www.mozilla.org/en-US/thunderbird/140.10.2esr/releasenotes/ https://www.mozilla.org/en-US/security/advisories/mfsa2026-44/ https://www.cve.org/CVERecord?id=CVE-2026-8090 https://www.cve.org/CVERecord?id=CVE-2026-8094 https://www.cve.org/CVERecord?id=CVE-2026-8092 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated package for Slackware 15.0: ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/mozilla-thunderbird-140.10.2esr-i686-1_slack15.0.txz Updated package for Slackware x86_64 15.0: ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/mozilla-thunderbird-140.10.2esr-x86_64-1_slack15.0.txz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/mozilla-thunderbird-140.10.2esr-i686-1.txz Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/xap/mozilla-thunderbird-140.10.2esr-x86_64-1.txz MD5 signatures: +-------------+ Slackware 15.0 package: 8c3a75da1b19800588a6a851bc20a7fb mozilla-thunderbird-140.10.2esr-i686-1_slack15.0.txz Slackware x86_64 15.0package: 5462bacd76bb814442d824adb1738a93 mozilla-thunderbird-140.10.2esr-x86_64-1_slack15.0.txz Slackware -current package: 4a491da68b3527ac13090e44fe29395c xap/mozilla-thunderbird-140.10.2esr-i686-1.txz Slackware x86_64 -current package: bbec605fae25a81f1503fa64ca5a7a91 xap/mozilla-thunderbird-140.10.2esr-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg mozilla-thunderbird-140.10.2esr-i686-1_slack15.0.txz +-----+ . New mozilla-thunderbird packages for Slackware fix important security issues and enhance user protection.. Mozilla Thunderbird security fix, Slackware 15.0 update, package upgrade instructions. . Severity: Important. LinuxSecurity.com Team

Calendar%202 May 08, 2026 Important Slackware
100

SUSE 15 SP7 MozillaThunderbird Important Update 2026-1741-1

An update that solves 29 vulnerabilities can now be installed.. # Security update for MozillaThunderbird Announcement ID: SUSE-SU-2026:1741-1 Release Date: 2026-05-07T07:01:07Z Rating: important References: * bsc#1262230 * bsc#1263110 Cross-References: * CVE-2026-6746 * CVE-2026-6747 * CVE-2026-6748 * CVE-2026-6749 * CVE-2026-6750 * CVE-2026-6751 * CVE-2026-6752 * CVE-2026-6753 * CVE-2026-6754 * CVE-2026-6757 * CVE-2026-6759 * CVE-2026-6761 * CVE-2026-6762 * CVE-2026-6763 * CVE-2026-6764 * CVE-2026-6765 * CVE-2026-6766 * CVE-2026-6767 * CVE-2026-6769 * CVE-2026-6770 * CVE-2026-6771 * CVE-2026-6772 * CVE-2026-6776 * CVE-2026-6785 * CVE-2026-6786 * CVE-2026-7320 * CVE-2026-7321 * CVE-2026-7322 * CVE-2026-7323 CVSS scores: * CVE-2026-6746 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-6747 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-6748 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6749 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-6750 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-6751 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2026-6752 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2026-6753 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2026-6754 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-6757 ( NVD ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2026-6759 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-6761 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-6762 ( NVD ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2026-6763 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-6764 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2026-6765 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-6766 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-6767 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-6769 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-6770 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2026-6771 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6772 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-6776 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-6785 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6786 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-7320 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-7321 ( NVD ): 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H * CVE-2026-7322 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2026-7323 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Affected Products: * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Linux Enterprise Workstation Extension 15 SP7 * SUSE Package Hub 15 15-SP7 An update that solves 29 vulnerabilities can now be installed. ## Description: This update for MozillaThunderbird fixes the following issues Updated to Mozilla Thunderbird 140.10.1: MFSA 2026-34 (bsc#1262230): * CVE-2026-6746: Use-after-free in the DOM: Core & HTML component. * CVE-2026-6747: Use-after-free in the WebRTC component. * CVE-2026-6748: Uninitialized memory in the Audio/Video: Web Codecs component. * CVE-2026-6749: Information disclosure due to uninitialized memory in the Graphics: Canvas2D component. * CVE-2026-6750: Privilege escalation in the Graphics: WebRender component. * CVE-2026-6751: Uninitialized memory in the Audio/Video: Web Codecs component. * CVE-2026-6752: Incorrect boundaryconditions in the WebRTC component. * CVE-2026-6753: Incorrect boundary conditions in the WebRTC component. * CVE-2026-6754: Use-after-free in the JavaScript Engine component. * CVE-2026-6757: Invalid pointer in the JavaScript: WebAssembly component. * CVE-2026-6759: Use-after-free in the Widget: Cocoa component. * CVE-2026-6761: Privilege escalation in the Networking component. * CVE-2026-6762: Spoofing issue in the DOM: Core & HTML component. * CVE-2026-6763: Mitigation bypass in the File Handling component. * CVE-2026-6764: Incorrect boundary conditions in the DOM: Device Interfaces component. * CVE-2026-6765: Information disclosure in the Form Autofill component. * CVE-2026-6766: Incorrect boundary conditions in the Libraries component in NSS. * CVE-2026-6767: Other issue in the Libraries component in NSS. * CVE-2026-6769: Privilege escalation in the Debugger component. * CVE-2026-6770: Other issue in the Storage: IndexedDB component. * CVE-2026-6771: Mitigation bypass in the DOM: Security component. * CVE-2026-6772: Incorrect boundary conditions in the Libraries component in NSS. * CVE-2026-6776: Incorrect boundary conditions in the WebRTC: Networking component. * CVE-2026-6785: Memory safety bugs fixed in Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird ESR 140.10, Firefox 150 and Thunderbird 150. * CVE-2026-6786: Memory safety bugs fixed in Firefox ESR 140.10, Thunderbird ESR 140.10, Firefox 150 and Thunderbird 150. MFSA 2026-39 (bsc#1263110): * CVE-2026-7320: Information disclosure due to incorrect boundary conditions in the Audio/Video component. * CVE-2026-7321: Sandbox escape due to incorrect boundary conditions in the WebRTC: Networking component. * CVE-2026-7322: Memory safety bugs fixed in Thunderbird ESR 140.10.1 and Thunderbird 150.0.1. * CVE-2026-7323: Memory safety bugs fixed in Thunderbird ESR 140.10.1 and Thunderbird 150.0.1. Other updates and bugfixes: * Fixed: Newly translated strings were notavailable in Thunderbird. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-1741=1 * SUSE Linux Enterprise Workstation Extension 15 SP7 zypper in -t patch SUSE-SLE-Product-WE-15-SP7-2026-1741=1 ## Package List: * SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x) * MozillaThunderbird-debuginfo-140.10.1-150200.8.271.1 * MozillaThunderbird-debugsource-140.10.1-150200.8.271.1 * MozillaThunderbird-translations-other-140.10.1-150200.8.271.1 * MozillaThunderbird-140.10.1-150200.8.271.1 * MozillaThunderbird-translations-common-140.10.1-150200.8.271.1 * SUSE Linux Enterprise Workstation Extension 15 SP7 (x86_64) * MozillaThunderbird-debuginfo-140.10.1-150200.8.271.1 * MozillaThunderbird-debugsource-140.10.1-150200.8.271.1 * MozillaThunderbird-translations-other-140.10.1-150200.8.271.1 * MozillaThunderbird-140.10.1-150200.8.271.1 * MozillaThunderbird-translations-common-140.10.1-150200.8.271.1 ## References: * https://www.suse.com/security/cve/CVE-2026-6746.html * https://www.suse.com/security/cve/CVE-2026-6747.html * https://www.suse.com/security/cve/CVE-2026-6748.html * https://www.suse.com/security/cve/CVE-2026-6749.html * https://www.suse.com/security/cve/CVE-2026-6750.html * https://www.suse.com/security/cve/CVE-2026-6751.html * https://www.suse.com/security/cve/CVE-2026-6752.html * https://www.suse.com/security/cve/CVE-2026-6753.html * https://www.suse.com/security/cve/CVE-2026-6754.html * https://www.suse.com/security/cve/CVE-2026-6757.html * https://www.suse.com/security/cve/CVE-2026-6759.html * https://www.suse.com/security/cve/CVE-2026-6761.html * https://www.suse.com/security/cve/CVE-2026-6762.html * https://www.suse.com/security/cve/CVE-2026-6763.html *https://www.suse.com/security/cve/CVE-2026-6764.html * https://www.suse.com/security/cve/CVE-2026-6765.html * https://www.suse.com/security/cve/CVE-2026-6766.html * https://www.suse.com/security/cve/CVE-2026-6767.html * https://www.suse.com/security/cve/CVE-2026-6769.html * https://www.suse.com/security/cve/CVE-2026-6770.html * https://www.suse.com/security/cve/CVE-2026-6771.html * https://www.suse.com/security/cve/CVE-2026-6772.html * https://www.suse.com/security/cve/CVE-2026-6776.html * https://www.suse.com/security/cve/CVE-2026-6785.html * https://www.suse.com/security/cve/CVE-2026-6786.html * https://www.suse.com/security/cve/CVE-2026-7320.html * https://www.suse.com/security/cve/CVE-2026-7321.html * https://www.suse.com/security/cve/CVE-2026-7322.html * https://www.suse.com/security/cve/CVE-2026-7323.html * https://bugzilla.suse.com/show_bug.cgi?id=1262230 * https://bugzilla.suse.com/show_bug.cgi?id=1263110 . This important advisory addresses multiple vulnerabilities in MozillaThunderbird for SUSE, providing critical security updates.. MozillaThunderbird SUSE security important vulnerabilities. . Severity: Important. LinuxSecurity.com Team

Calendar%202 May 07, 2026 Important SuSE
99

Ubuntu 20.04 Chrome Key Security Update PSA-2026-456-07

New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix security issues.. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] mozilla-thunderbird (SSA:2026-122-03) New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: +--------------------------+ patches/packages/mozilla-thunderbird-140.10.1esr-i686-1_slack15.0.txz: Upgraded. This release contains security fixes and improvements. For more information, see: https://www.mozilla.org/en-US/thunderbird/140.10.1esr/releasenotes/ https://www.mozilla.org/en-US/security/advisories/mfsa2026-39/ https://www.cve.org/CVERecord?id=CVE-2026-7320 https://www.cve.org/CVERecord?id=CVE-2026-7321 https://www.cve.org/CVERecord?id=CVE-2026-7322 https://www.cve.org/CVERecord?id=CVE-2026-7323 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated package for Slackware 15.0: ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/mozilla-thunderbird-140.10.1esr-i686-1_slack15.0.txz Updated package for Slackware x86_64 15.0: ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/mozilla-thunderbird-140.10.1esr-x86_64-1_slack15.0.txz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/mozilla-thunderbird-140.10.1esr-i686-1.txz Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/xap/mozilla-thunderbird-140.10.1esr-x86_64-1.txz MD5 signatures: +-------------+ Slackware 15.0 package: e7911c42929757dd389e0323d02cc89e mozilla-thunderbird-140.10.1esr-i686-1_slack15.0.txz Slackware x86_64 15.0 package: 18b2ca5aa602dec393a81b9e9d885f02 mozilla-thunderbird-140.10.1esr-x86_64-1_slack15.0.txz Slackware -current package: 4b679e4cfbe4ee866ea663bcbae2ac6b xap/mozilla-thunderbird-140.10.1esr-i686-1.txz Slackware x86_64 -current package: 5d39d54e33ccbcab9662b8819c878baa xap/mozilla-thunderbird-140.10.1esr-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg mozilla-thunderbird-140.10.1esr-i686-1_slack15.0.txz +-----+ . Learn about the latest mozilla-thunderbird packages released for Slackware 15.0 that address critical security issues and updates.. Slackware, Mozilla Thunderbird, security issues, remote access, Linux packages. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 May 02, 2026 Critical Slackware
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200