Upgrade Thunderbird to 78.10.2: users that did the Thunderbird 78 OpenPGP migration in 4.18 are affected by CVE-2021-29956
Luckily, in the last stable Tails release, 4.18, we shipped the unaffected Thunderbird 78.8.0. Only Tails users that did the Thunderbird 78 OpenPGP migration in 4.19 beta1 are affected. We didn't provide automatic upgrades to 4.19beta1, so actually only users that did a manual upgrade from Tails <= 4.12 to 4.19~beta1 and did the migration are affected. I wouldn't be surprised if zero users are affected.
In the last stable Tails release, 4.18, we shipped the affected Thunderbird 78.9.0, so users that upgraded from Tails <= 4.12 to 4.18 and did the OpenPGP migration are affected.
Hopefully we'll have a Thunderbird with the fix (which also will repair the problem) before Tails 4.19 final. Since 4.19
beta1 came with "no warranty" I think we at most have to mention this in the release notes for 4.19rc1. But I'll keep this issue to track what happens in 4.19 final.