Security Vulnerabilities fixed in Thunderbird 78.8.1
- March 8, 2021
- Fixed in
- Thunderbird 78.8.1
Note: This advisory was issued April 20, 2021 to include CVE-2021-29950.
Thunderbird unprotects a secret OpenPGP key prior to using it for a decryption, signing or key import task. If the task runs into a failure, the secret key may remain in memory in its unprotected state.