This CVE doesn't appear to be fixed in the 68 series, but I'm not sure whether it is exploitable there either (the upstream bug report is, logically, private).
-- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/1903826 Title: Critical security vulnerability in latest available thunderbird on all supported LTS releases Status in thunderbird package in Ubuntu: Fix Released Bug description: ALL Thunderbird releases appear to be vulnerable up to Thunderbird 78.4.2, which was released on Monday 9th November. https://www.mozilla.org/en-US/security/advisories/mfsa2020-49/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/thunderbird/+bug/1903826/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : [email protected] Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
