Synopsis: Critical: thunderbird security update Advisory ID: SLSA-2022:4730-1 Issue Date: 2022-05-25 CVE Numbers: CVE-2022-1802 CVE-2022-1529 -- This update upgrades Thunderbird to version 91.9.1. Security Fix(es): * Mozilla: Untrusted input used in JavaScript object indexing, leading to prototype pollution (CVE-2022-1529) * Mozilla: Prototype pollution in Top-Level Await implementation (CVE-2022-1802) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE -- SL7 x86_64 thunderbird-91.9.1-1.el7_9.x86_64.rpm thunderbird-debuginfo-91.9.1-1.el7_9.x86_64.rpm - Scientific Linux Development Team