[German]The developers of the e-mail client Thunderbird released Thunderbird 78.4.2 on November 9, 2020. This is a security update for the 78 main version of the e-mail client, which fixes a vulnerability.
Advertising
German blog reader has pointed out this update in this comment. The update was also offered and installed to my system. According to the release notes there is a security fix:
CVE-2020-26950: Write side effects in MCallGetProperty opcode not accounted for; the vulnerability was discovered at the Tianfu Cup 2020 International Cybersecurity Contest.
Under certain circumstances the MCallGetProperty opcode can be output with unfulfilled assumptions, resulting in an exploitable "Use after Free" state.
System requirements
The system requirements for the different operating system versions (see also where further details can be found):
- Windows: Windows 7, Windows Server 2008 R2 r higher
- Mac: Mac OS X 10.9 r higher
- Linux: GTK+ 3.4 r higher
The download is available here. Thunderbird is free of charge.
