{
  "schema_version": "1.7.0",
  "id": "MGASA-2026-0243",
  "published": "2026-07-13T21:24:46Z",
  "modified": "2026-07-13T19:57:34Z",
  "summary": "Updated thunderbird thunderbird-l10n packages fix security vulnerabilities",
  "details": "The updated packages fix security vulnerabilities:\nPrivilege escalation in the Graphics: WebRender component.\n(CVE-2026-12289)\nMemory safety bug fixed in Thunderbird ESR 140.12. (CVE-2026-12290)\nUse-after-free in the Networking: HTTP component. (CVE-2026-12291)\nIncorrect boundary conditions in the Web Audio component.\n(CVE-2026-12292)\nSandbox escape in the DOM: Workers component. (CVE-2026-12294)\nSandbox escape in the DOM: Navigation component. (CVE-2026-12295)\nMemory safety bug fixed in Thunderbird ESR 140.12. (CVE-2026-12298)\nSandbox escape in the Security: Process Sandboxing component.\n(CVE-2026-12296)\nSandbox escape due to incorrect boundary conditions in the Networking\ncomponent. (CVE-2026-12297)\nJIT miscompilation in the DOM: Core & HTML component. (CVE-2026-12299)\nMemory safety bug fixed in Thunderbird ESR 140.12. (CVE-2026-12329)\nMitigation bypass in the DOM: Security component. (CVE-2026-12302)\nSame-origin policy bypass in the Networking: Cookies component.\n(CVE-2026-12304)\nMemory safety bug fixed in Thunderbird ESR 140.12. (CVE-2026-12305)\nMemory safety bug fixed in Thunderbird ESR 140.12. (CVE-2026-12306)\nMemory safety bug fixed in Thunderbird ESR 140.12. (CVE-2026-12307)\nMemory safety bug fixed in Thunderbird ESR 140.12. (CVE-2026-12308)\nMemory safety bug fixed in Thunderbird ESR 140.12. (CVE-2026-12309)\nMemory safety bug fixed in Thunderbird ESR 140.12. (CVE-2026-12310)\nInformation disclosure, sandbox escape in the Security: Process\nSandboxing component. (CVE-2026-12311)\nMemory safety bug fixed in Thunderbird ESR 140.12. (CVE-2026-12312)\nInformation disclosure, sandbox escape in the Security: Process\nSandboxing component. (CVE-2026-12313)\nMemory safety bug fixed in Thunderbird ESR 140.12. (CVE-2026-12314)\nMitigation bypass in the DOM: Security component. (CVE-2026-12315)\nIncorrect boundary conditions in the Internationalization component.\n(CVE-2026-12330)\nIncorrect boundary conditions in the Graphics: CanvasWebGL component.\n(CVE-2026-12324)\nDenial-of-service in the Graphics: ImageLib component. (CVE-2026-12325)\nMemory safety bugs fixed in Firefox ESR 140.12, Thunderbird ESR 140.12,\nFirefox 152 and Thunderbird 152. (CVE-2026-12327)\nMemory safety bugs fixed in Firefox ESR 115.37, Firefox ESR 140.12,\nThunderbird ESR 140.12, Firefox 152 and Thunderbird 152.\n(CVE-2026-12328)\nDenial-of-service via malicious LDAP address-book server.\n(CVE-2026-57962)\nChat UI manipulation by injection. (CVE-2026-57963)\n",
  "upstream": [
    "CVE-2026-12289",
    "CVE-2026-12290",
    "CVE-2026-12291",
    "CVE-2026-12292",
    "CVE-2026-12294",
    "CVE-2026-12295",
    "CVE-2026-12296",
    "CVE-2026-12297",
    "CVE-2026-12298",
    "CVE-2026-12299",
    "CVE-2026-12302",
    "CVE-2026-12304",
    "CVE-2026-12305",
    "CVE-2026-12306",
    "CVE-2026-12307",
    "CVE-2026-12308",
    "CVE-2026-12309",
    "CVE-2026-12310",
    "CVE-2026-12311",
    "CVE-2026-12312",
    "CVE-2026-12313",
    "CVE-2026-12314",
    "CVE-2026-12315",
    "CVE-2026-12330",
    "CVE-2026-12324",
    "CVE-2026-12325",
    "CVE-2026-12327",
    "CVE-2026-12328",
    "CVE-2026-12329",
    "CVE-2026-57962",
    "CVE-2026-57963"
  ],
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://advisories.mageia.org/MGASA-2026-0243.html"
    },
    {
      "type": "REPORT",
      "url": "https://bugs.mageia.org/show_bug.cgi?id=35716"
    },
    {
      "type": "WEB",
      "url": "https://www.thunderbird.net/en-US/thunderbird/140.12.0esr/releasenotes/"
    },
    {
      "type": "ADVISORY",
      "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/"
    },
    {
      "type": "WEB",
      "url": "https://www.thunderbird.net/en-US/thunderbird/140.12.1esr/releasenotes/"
    },
    {
      "type": "ADVISORY",
      "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-64/"
    }
  ],
  "affected": [
    {
      "package": {
        "ecosystem": "Mageia:10",
        "name": "thunderbird",
        "purl": "pkg:rpm/mageia/thunderbird?arch=source&distro=mageia-10"
      },
      "ranges": [
        {
          "type": "ECOSYSTEM",
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "140.12.1-1.mga10"
            }
          ]
        }
      ],
      "ecosystem_specific": {
        "section": "core"
      }
    },
    {
      "package": {
        "ecosystem": "Mageia:10",
        "name": "thunderbird-l10n",
        "purl": "pkg:rpm/mageia/thunderbird-l10n?arch=source&distro=mageia-10"
      },
      "ranges": [
        {
          "type": "ECOSYSTEM",
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "140.12.1-1.mga10"
            }
          ]
        }
      ],
      "ecosystem_specific": {
        "section": "core"
      }
    },
    {
      "package": {
        "ecosystem": "Mageia:9",
        "name": "thunderbird",
        "purl": "pkg:rpm/mageia/thunderbird?arch=source&distro=mageia-9"
      },
      "ranges": [
        {
          "type": "ECOSYSTEM",
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "140.12.1-1.mga9"
            }
          ]
        }
      ],
      "ecosystem_specific": {
        "section": "core"
      }
    },
    {
      "package": {
        "ecosystem": "Mageia:9",
        "name": "thunderbird-l10n",
        "purl": "pkg:rpm/mageia/thunderbird-l10n?arch=source&distro=mageia-9"
      },
      "ranges": [
        {
          "type": "ECOSYSTEM",
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "140.12.1-1.mga9"
            }
          ]
        }
      ],
      "ecosystem_specific": {
        "section": "core"
      }
    }
  ],
  "credits": [
    {
      "name": "Mageia",
      "type": "COORDINATOR",
      "contact": [
        "https://wiki.mageia.org/en/Packages_Security_Team"
      ]
    }
  ]
}
