37 days passed since Thunderbird 91.6.1 packages were prepared and would close CVE-2022-0566.
20 days passed since Thunderbird 91.7.0 packages were prepared and would close CVE-2022-0566 and two more critical issues (CVE-2022-26485, CVE-2022-26486).
oSoMoN built the Thunderbird packages soon after the corresponding versions appeared, so the delay is in the testing and approval process.
So far it has not been answered why testing and approving Firefox packages of similar technology is happening much much faster.
What can we do to resolve this intolerable situation?
Who can we contact to escalate this or to help with tests etc.?
@oSoMoN @alexmurray @sabdfl ?
Ubuntus reputation is at stake, but most of all, most users of Thunderbird are threatened, so what can be done immediately?