Synopsis: Moderate: thunderbird security update Advisory ID: SLSA-2021:1192-1 Issue Date: 2021-04-14 CVE Numbers: CVE-2021-23991 CVE-2021-23992 CVE-2021-23993 -- This update upgrades Thunderbird to version 78.9.1. Security Fix(es): * Mozilla: An attacker may use Thunderbird's OpenPGP key refresh mechanism to poison an existing key (CVE-2021-23991) * Mozilla: A crafted OpenPGP key with an invalid user ID could be used to confuse the user (CVE-2021-23992) * Mozilla: Inability to send encrypted OpenPGP email after importing a crafted OpenPGP key (CVE-2021-23993) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE -- - Scientific Linux Development Team