Arch Linux

Please read this before reporting a bug:

Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.

REPEAT: Do NOT report bugs for outdated packages!

FS#68991 - [thunderbird] [Security] multiple issues (including CVE-2020-16042)

Attached to Project: Arch Linux
Opened by Jonathon (jonathon) - Tuesday, 15 December 2020, 20:27 GMT
Last edited by Levente Polyak (anthraxx) - Friday, 08 January 2021, 23:11 GMT
Task Type Bug Report
Category Security
Status Closed
Assigned To No-one
Architecture All
Severity High
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 1
Private No



The package thunderbird is vulnerable to multiple issues including arbitrary code execution, content spoofing and information disclosure via CVE-2020-35113, CVE-2020-35111, CVE-2020-26978, CVE-2020-26974, CVE-2020-26973, CVE-2020-26971 and CVE-2020-16042.

CVE-2020-16042 is listed as Critical.


Will build and run fine with existing PKGBUILD and patches; just needs a bump and build.

This task depends upon

Closed by  Levente Polyak (anthraxx)
Friday, 08 January 2021, 23:11 GMT
Reason for closing:  Fixed
Additional comments about closing:  78.6.0-1