Synopsis:          Important: thunderbird security update
Advisory ID:       SLSA-2021:0996-1
Issue Date:        2021-03-25
CVE Numbers:       CVE-2021-23981
                   CVE-2021-23982
                   CVE-2021-23984
                   CVE-2021-23987
--

This update upgrades Thunderbird to version 78.9.0.

Security Fix(es):

* Mozilla: Texture upload into an unbound backing buffer resulted in an
out-of-bound read (CVE-2021-23981)

* Mozilla: Memory safety bugs fixed in Firefox 87 and Firefox ESR 78.9
(CVE-2021-23987)

* Mozilla: Internal network hosts could have been probed by a malicious
webpage (CVE-2021-23982)

* Mozilla: Malicious extensions could have spoofed popup information
(CVE-2021-23984)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
--

- Scientific Linux Development Team