[CLSA-2026:1783517292] thunderbird: Fix of 3 CVEs
Type:
security
Severity:
Critical
Release date:
2026-07-08 13:28:31 UTC
Description:
- CVE-2026-2770: keep construction depth for custom elements in sync; wrap AutoConstructionDepth in mozilla::Maybe so early throws in HTMLConstructor still tear it down deterministically (Bug 2014585) - CVE-2026-2763: use-after-free in SuppressDeletedProperty during property iteration; replace GetPrototype + GetPropertyDescriptor (both CanGC/re-entrant) with staticPrototype() + LookupPropertyPure() + GetPropertyAttributes() in js/src/vm/Iteration.cpp (Bug 2012018) - CVE-2026-2764: JIT baseline CacheIR call-scripted stub could observe a not-yet-created `this` if it OOM'd between reservation and construction; create `this` after pushing arguments and thread the argument through pushArguments/CreateThis paths (Bug 2012608)
Updated packages:
  • thunderbird-115.4.1-1.el9_2.alma.tuxcare.els18.x86_64.rpm
    sha:41bc0784aae2e948458db57700e2149366359ecc2bb8be605d331735e15b1fb4
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.