2230038 – TLS broken for POP3 and SMTP connections [9.2.z]

Bug 2230038 - TLS broken for POP3 and SMTP connections [9.2.z]

Summary: TLS broken for POP3 and SMTP connections [9.2.z]

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 9
Classification:	Red Hat
Component:	thunderbird
Sub Component:
Version:	9.2
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	rc
Target Release:	---
Assignee:	Jan Horak
QA Contact:	Vladimir Benes
Docs Contact:
URL:
Whiteboard:
Duplicates (1):	2229906 (view as bug list)
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2023-08-08 14:17 UTC by Jan Horak
Modified:	2023-08-16 13:52 UTC (History)
CC List:	7 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2023-08-09 19:01:14 UTC
Type:	Bug
Target Upstream Version:
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Links
System	ID	Priority	Status	Summary	Last Updated
Red Hat Issue Tracker	RHELPLAN-164843	None	None	None	2023-08-08 14:17:43 UTC
Red Hat Knowledge Base (Solution)	7028011	None	None	None	2023-08-09 13:38:11 UTC
Red Hat Product Errata	RHBA-2023:4596	None	None	None	2023-08-09 19:01:15 UTC

Description Jan Horak 2023-08-08 14:17:21 UTC

This bug was initially created as a copy of Bug #2229981

I am copying this bug because: 



Description of problem:
TLS is broken on the latest thunderbird release

Version-Release number of selected component (if applicable):
thunderbird-102.14.0-1.el7_9.x86_64

How reproducible:
Always

Steps to Reproduce:
1. Configure thunderbird to use TLS for pop3 or smtp connections
2. Update thunderbird to 102.14.0-1.el7_9.x86_64
3. Launch thunderbird and attempt tls connection

Actual results:
TLS connection fails with the following entry in maillog:

Aug  7 19:06:15 mail_server dovecot: pop3-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=192.168.0.1, lip=192.168.0.1, TLS handshaking: SSL_accept() failed: error:14094412:SSL routines:ssl3_read_bytes:sslv3 alert bad certificate: SSL alert number 42, session=<ddk1GlkCBqjAqAAB>

Expected results:
tls connections work as expected

Additional info:
Downgrading to thunderbird-102.13.0-2.el7_9.x86_64 fixes the issue
Disabling SSL/TLS security and sending authentication in plain text (highly undesirable) also works
TLS cert is self signed and imported into thunderbird, with expiry date 2028

Comment 3 Vladimir Benes 2023-08-09 13:32:42 UTC

The thunderbird-102.14.0-2.el9_2.x86_64.rpm package again happily downloads messages from my email.cz imap account, it didn't work with the -1 release. Good job!

Comment 9 errata-xmlrpc 2023-08-09 19:01:14 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (thunderbird bug fix update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2023:4596

Comment 10 Tomas Popela 2023-08-16 13:52:00 UTC

*** Bug 2229906 has been marked as a duplicate of this bug. ***

Note You need to log in before you can comment on or make changes to this bug.