|
|
Log in / Subscribe / Register

SUSE alert openSUSE-SU-2026:10447-1 (thunderbird)



From:
              null@suse.de


To:
              security-announce@lists.opensuse.org


Subject:
              openSUSE-SU-2026:10447-1: moderate: MozillaThunderbird-140.9.0-1.1 on GA media


Date:
              Tue, 31 Mar 2026 17:37:04 +0200


Message-ID:
              <20260331153704.C53D2FD1A@maintenance.suse.de>


Archive-link:
              Article


# MozillaThunderbird-140.9.0-1.1 on GA media

Announcement ID: openSUSE-SU-2026:10447-1
Rating: moderate

Cross-References:

  * CVE-2025-59375
  * CVE-2026-3889
  * CVE-2026-4371
  * CVE-2026-4684
  * CVE-2026-4685
  * CVE-2026-4686
  * CVE-2026-4687
  * CVE-2026-4688
  * CVE-2026-4689
  * CVE-2026-4690
  * CVE-2026-4691
  * CVE-2026-4692
  * CVE-2026-4693
  * CVE-2026-4694
  * CVE-2026-4695
  * CVE-2026-4696
  * CVE-2026-4697
  * CVE-2026-4698
  * CVE-2026-4699
  * CVE-2026-4700
  * CVE-2026-4701
  * CVE-2026-4702
  * CVE-2026-4704
  * CVE-2026-4705
  * CVE-2026-4706
  * CVE-2026-4707
  * CVE-2026-4708
  * CVE-2026-4709
  * CVE-2026-4710
  * CVE-2026-4711
  * CVE-2026-4712
  * CVE-2026-4713
  * CVE-2026-4714
  * CVE-2026-4715
  * CVE-2026-4716
  * CVE-2026-4717
  * CVE-2026-4718
  * CVE-2026-4719
  * CVE-2026-4720
  * CVE-2026-4721



CVSS scores:

  * CVE-2025-59375 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-59375 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2026-3889 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
  * CVE-2026-4371 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  * CVE-2026-4684 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2026-4685 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2026-4686 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2026-4687 ( SUSE ): 8.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
  * CVE-2026-4688 ( SUSE ): 8.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
  * CVE-2026-4689 ( SUSE ): 8.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
  * CVE-2026-4690 ( SUSE ): 8.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
  * CVE-2026-4691 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2026-4692 ( SUSE ): 8.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
  * CVE-2026-4693 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2026-4694 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2026-4695 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2026-4696 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2026-4697 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2026-4698 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2026-4699 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2026-4700 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
  * CVE-2026-4701 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
  * CVE-2026-4702 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
  * CVE-2026-4704 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
  * CVE-2026-4705 ( SUSE ): 5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
  * CVE-2026-4706 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
  * CVE-2026-4707 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
  * CVE-2026-4708 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
  * CVE-2026-4709 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
  * CVE-2026-4710 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
  * CVE-2026-4711 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
  * CVE-2026-4712 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
  * CVE-2026-4713 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
  * CVE-2026-4714 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
  * CVE-2026-4715 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
  * CVE-2026-4716 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
  * CVE-2026-4717 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
  * CVE-2026-4718 ( SUSE ): 5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
  * CVE-2026-4719 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
  * CVE-2026-4720 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2026-4721 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Products:

  * openSUSE Tumbleweed


An update that solves 40 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the MozillaThunderbird-140.9.0-1.1 package on the GA media
of openSUSE Tumbleweed.

## Package List:

  * openSUSE Tumbleweed:
    * MozillaThunderbird 140.9.0-1.1
    * MozillaThunderbird-openpgp-librnp 140.9.0-1.1
    * MozillaThunderbird-translations-common 140.9.0-1.1
    * MozillaThunderbird-translations-other 140.9.0-1.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-59375.html
  * https://www.suse.com/security/cve/CVE-2026-3889.html
  * https://www.suse.com/security/cve/CVE-2026-4371.html
  * https://www.suse.com/security/cve/CVE-2026-4684.html
  * https://www.suse.com/security/cve/CVE-2026-4685.html
  * https://www.suse.com/security/cve/CVE-2026-4686.html
  * https://www.suse.com/security/cve/CVE-2026-4687.html
  * https://www.suse.com/security/cve/CVE-2026-4688.html
  * https://www.suse.com/security/cve/CVE-2026-4689.html
  * https://www.suse.com/security/cve/CVE-2026-4690.html
  * https://www.suse.com/security/cve/CVE-2026-4691.html
  * https://www.suse.com/security/cve/CVE-2026-4692.html
  * https://www.suse.com/security/cve/CVE-2026-4693.html
  * https://www.suse.com/security/cve/CVE-2026-4694.html
  * https://www.suse.com/security/cve/CVE-2026-4695.html
  * https://www.suse.com/security/cve/CVE-2026-4696.html
  * https://www.suse.com/security/cve/CVE-2026-4697.html
  * https://www.suse.com/security/cve/CVE-2026-4698.html
  * https://www.suse.com/security/cve/CVE-2026-4699.html
  * https://www.suse.com/security/cve/CVE-2026-4700.html
  * https://www.suse.com/security/cve/CVE-2026-4701.html
  * https://www.suse.com/security/cve/CVE-2026-4702.html
  * https://www.suse.com/security/cve/CVE-2026-4704.html
  * https://www.suse.com/security/cve/CVE-2026-4705.html
  * https://www.suse.com/security/cve/CVE-2026-4706.html
  * https://www.suse.com/security/cve/CVE-2026-4707.html
  * https://www.suse.com/security/cve/CVE-2026-4708.html
  * https://www.suse.com/security/cve/CVE-2026-4709.html
  * https://www.suse.com/security/cve/CVE-2026-4710.html
  * https://www.suse.com/security/cve/CVE-2026-4711.html
  * https://www.suse.com/security/cve/CVE-2026-4712.html
  * https://www.suse.com/security/cve/CVE-2026-4713.html
  * https://www.suse.com/security/cve/CVE-2026-4714.html
  * https://www.suse.com/security/cve/CVE-2026-4715.html
  * https://www.suse.com/security/cve/CVE-2026-4716.html
  * https://www.suse.com/security/cve/CVE-2026-4717.html
  * https://www.suse.com/security/cve/CVE-2026-4718.html
  * https://www.suse.com/security/cve/CVE-2026-4719.html
  * https://www.suse.com/security/cve/CVE-2026-4720.html
  * https://www.suse.com/security/cve/CVE-2026-4721.html
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds