AlmaLinux has announced two significant security updates for Mozilla Thunderbird, an independent mail and newsgroup client, addressing vulnerabilities that could potentially compromise user security.

Security Updates Overview

1. ALSA-2025:4169 (AlmaLinux 9)
- Release Date: April 25, 2025
- Severity: Important
- Key Security Fixes:
- CVE-2025-3029: URL Bar Spoofing via non-BMP Unicode characters
- CVE-2025-3028: Use-after-free issue caused by XSLTProcessor
- CVE-2025-3030: Memory safety bugs resolved in various versions of Firefox and Thunderbird

For detailed information, users can visit the [full details here](https://errata.almalinux.org/9/ALSA-2025-4169.html).

2. ALSA-2025:4170 (AlmaLinux 8)
- Release Date: April 25, 2025
- Severity: Important
- Key Security Fixes: Same as ALSA-2025:4169

For comprehensive details, refer to the [full details here](https://errata.almalinux.org/8/ALSA-2025-4170.html).

Additional Information

These updates are crucial for maintaining the security integrity of Thunderbird users on AlmaLinux. Users who subscribed to errata notifications will receive these updates automatically. For further inquiries or to alter notification settings, users can engage with the AlmaLinux community via the provided links.

Conclusion

It is essential for users of AlmaLinux to apply these updates promptly to safeguard against potential security threats. Staying informed about security updates is crucial for maintaining a secure computing environment.

For community support, users can join the AlmaLinux chat or manage their mailing list preferences through the provided links

Thunderbird updates for AlmaLinux

AlmaLinux has implemented two important security updates for Thunderbird:

ALSA-2025:4169: thunderbird security update (Important)
ALSA-2025:4170: thunderbird security update (Important)

Thunderbird updates for AlmaLinux @ Linux Compatible