thunderbird-91.6.2

[Douglas R. Reno]

New point version

Considering what's happening in Firefox right now and the fact that the release notes say "Various security fixes" (no Mozilla Security Advisory yet as of the time of filing this ticket), I'm promoting this to the same severity as Firefox.

[Douglas R. Reno]

Now 91.7.0.

[Douglas R. Reno]

Because the tarball is not available yet (even though the release notes are), I will proceed with 91.6.2.

[Douglas R. Reno]

Thunderbird-91.6.2

---

Fixes

fixed Temporary files from opened attachments were saved with world-readable permission

fixed Various security fixes

[Douglas R. Reno]

Mozilla Foundation Security Advisory 2022-09
Security Vulnerabilities fixed in Firefox 97.0.2, Firefox ESR 91.6.1, Firefox for Android 97.3.0, and Focus 97.3.0

Announced
    March 5, 2022
Impact
    high
Products
    Firefox, Firefox ESR, Firefox for Android, Focus, Thunderbird
Fixed in

        Firefox 97.0.2
        Firefox ESR 91.6.1
        Firefox for Android 97.3
        Focus 97.3
        Thunderbird 91.6.2

#CVE-2022-26485: Use-after-free in XSLT parameter processing

Reporter
    Wang Gang, Liu Jialei, Du Sihang, Huang Yi & Yang Kang of 360 ATA
Impact
    critical

Description

Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had reports of attacks in the wild abusing this flaw.
References

    Bug 1758062

#CVE-2022-26486: Use-after-free in WebGPU IPC Framework

Reporter
    Wang Gang, Liu Jialei, Du Sihang, Huang Yi & Yang Kang of 360 ATA
Impact
    critical

Description

An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw.
References

    Bug 1758070

[Douglas R. Reno]

Fixed at 0fc5bfd7a8b0ff06c946111ef43851f3be00119a