Description of problem: TLS is broken on the latest thunderbird release Version-Release number of selected component (if applicable): thunderbird-102.14.0-1.el7_9.x86_64 How reproducible: Always Steps to Reproduce: 1. Configure thunderbird to use TLS for pop3 or smtp connections 2. Update thunderbird to 102.14.0-1.el7_9.x86_64 3. Launch thunderbird and attempt tls connection Actual results: TLS connection fails with the following entry in maillog: Aug 7 19:06:15 mail_server dovecot: pop3-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=192.168.0.1, lip=192.168.0.1, TLS handshaking: SSL_accept() failed: error:14094412:SSL routines:ssl3_read_bytes:sslv3 alert bad certificate: SSL alert number 42, session=<ddk1GlkCBqjAqAAB> Expected results: tls connections work as expected Additional info: Downgrading to thunderbird-102.13.0-2.el7_9.x86_64 fixes the issue Disabling SSL/TLS security and sending authentication in plain text (highly undesirable) also works TLS cert is self signed and imported into thunderbird, with expiry date 2028
Same issue for latest thunderbird release on RHEL9: https://bugzilla.redhat.com/show_bug.cgi?id=2229906
Severity -> high as workaround is to disable encryption and send credentials in plain text, or downgrade to vulnerable version
The same issue exists with thunderbird-102.14.0-1.el8_8.x86_64 under RHEL8, also.
I can log in and download emails from my email.cz mailbox via IMAP using thunderbird-102.14.0-3.el7_9. This was not possible with 102.14.0-1.el7_9. Considering this verified.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (thunderbird bug fix update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2023:4599