[CLSA-2026:1781619768] thunderbird: Fix of CVE-2026-7321
Type:
security
Severity:
Moderate
Release date:
2026-06-16 14:23:03 UTC
Description:
- CVE-2026-7321: remove the custom memory allocator from the WebRTC nICEr/nrappkit transport (r_strdup/RMALLOC/RFREE) that had incorrect size boundary conditions and replace all uses with standard strdup/malloc/free to prevent a buffer overflow
CVEs fixed:
Updated packages:
  • thunderbird-115.4.1-1.el9_2.alma.tuxcare.els11.x86_64.rpm
    sha:43d4bbefca8e47c52795fb01f53e1c28629f0c9e7967441518e37bf3d2f907ce
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.