When deriving an identifier for an email message, uninitialized memory was used in addition to the message contents. This vulnerability affects Thunderbird < 68.5.

References

• https://nvd.nist.gov/vuln/detail/CVE-2020-6792
• https://bugzilla.mozilla.org/show_bug.cgi?id=1609607
• https://security.gentoo.org/glsa/202003-10
• https://usn.ubuntu.com/4328-1/
• https://usn.ubuntu.com/4335-1/
• https://www.mozilla.org/security/advisories/mfsa2020-07/