Opened 3 years ago

Closed 3 years ago

#11608 closed enhancement (fixed)

thunderbird-60.5.0

Reported by: Douglas R. Reno Owned by: Douglas R. Reno
Priority: high Milestone: 8.4
Component: BOOK Version: SVN
Severity: normal Keywords:
Cc:

Description

New minor version

Security release

Change History (7)

comment:1 by Douglas R. Reno, 3 years ago

Owner: changed from blfs-book to Douglas R. Reno
Status: newassigned

comment:2 by Douglas R. Reno, 3 years ago

Priority: normalhigh

These seem to be similar vulnerabilities to Firefox, including remotely exploitable:

#CVE-2018-18500: Use-after-free parsing HTML5 stream

Reporter
    Yaniv Frank with SophosLabs
Impact
    critical

Description

A use-after-free vulnerability can occur while parsing an HTML5 stream in concert with custom HTML elements. This results in the stream parser object being freed while still in use, leading to a potentially exploitable crash.
References

    Bug 1510114

#CVE-2018-18505: Privilege escalation through IPC channel messages

Reporter
    Jed Davis
Impact
    high

Description

An earlier fix for an Inter-process Communication (IPC) vulnerability, CVE-2011-3079, added authentication to communication between IPC endpoints and server parents during IPC process creation. This authentication is insufficient for channels created after the IPC process is started, leading to the authentication not being correctly applied to later channels. This could allow for a sandbox escape through IPC channels due to lack of message validation in the listener process.
References

    Bug 1497749
    CVE-2011-3079

#CVE-2016-5824: DoS (use-after-free) via a crafted ics file

Reporter
    Brandon Perry
Impact
    low

Description

A vulnerability in the Libical libary used by Thunderbird can allow remote attackers to cause a denial of service (use-after-free) via a crafted ICS calendar file.
References

    Bug 1275400

#CVE-2018-18501: Memory safety bugs fixed in Firefox 65, Firefox ESR 60.5, and Thunderbird 60.5

Reporter
    Mozilla developers and community
Impact
    critical

Description

Mozilla developers and community members Alex Gaynor, Christoph Diehl, Steven Crane, Jason Kratzer, Gary Kwong, and Christian Holler reported memory safety bugs present in Firefox 64, Firefox ESR 60.4, and Thunderbird 60.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code.
References

    Memory safety bugs fixed in Firefox 65, Firefox ESR 60.5, and Thunderbird 60.5


I'm calling this a critical update, and will work on it and Node.JS overnight. They'll be in by the end of tomorrow at the latest.

comment:3 by Douglas R. Reno, 3 years ago

Thunderbird 60.5.0 changes:

Thunderbird Release Notes
Version 60.5.0, first offered to channel users on January 29, 2019

Check out "What’s New" and "Known Issues" for this version of Thunderbird below. As always, you’re encouraged to tell us what you think, or file a bug in Bugzilla. If interested, please see the complete list of changes in this release.

If you have installed Lightning, Thunderbird's Calendar add-on, it will automatically be updated to match the new version of Thunderbird. Refer to this Calendar troubleshooting article in case of problems.

System Requirements: • Window: Windows 7, Windows Server 2008 R2 or later • Mac: Mac OS X 10.9 or later • Linux: GTK+ 3.4 or higher. Details here.

Please refer to Release Notes for version 60.0 to see the list of improvements and fixed issues.

What’s New

    new

    FileLink provider WeTransfer to upload large attachments
    new

    Thunderbird now allows the addition of OpenSearch search engines from a local XML file using a minimal user inferface: [+] button to select a file an add, [-] to remove.
    new

    More search engines: Google and DuckDuckGo available by default in some locales
    new

    During account creation, Thunderbird will now detect servers using the Microsoft Exchange protocol. It will offer the installation of a 3rd party add-on (Owl) which supports that protocol.
    fixed

    Thunderbird now compatible with other WebExtension-based FileLink add-ons like the Dropbox add-on
    fixed

    Crash when using custom sound for new email notification
    fixed

    WebExtension-based dictionaries from addons.mozilla.org not working in Thunderbird
    fixed

    Calendar: Printing of calendars not working
    fixed

    Various security fixes

Known Issues

    unresolved

    Due to changes in the Mozilla platform profiles stored on Windows network shares addressed via drive letters are now addressed via UNC
    unresolved

    CalDav access to some servers not working. Workaround: Set preference network.cookie.same-site.enabled to false.
    unresolved

    Chat: Twitter not working due to API changes at Twitter.com


comment:4 by Douglas R. Reno, 3 years ago

Heads up guys, I'm having some issues with the build process on this one, after say about 27 minutes of compiling at -j4. I get either an ICE or I run out of memory. I need an extra day or two more to figure this out, and then it'll be in.

comment:5 by Douglas R. Reno, 3 years ago

253:42.61     INPUT("../../media/mtransport/third_party/nICEr/nicer_nicer/stun_proc.o")
253:42.61     INPUT("../../media/mtransport/third_party/nICEr/nicer_nicer/stun_server_ctx.o")
253:42.61     INPUT("../../media/mtransport/third_party/nICEr/nicer_nicer/stun_util.o")
253:42.61     INPUT("../../media/mtransport/third_party/nICEr/nicer_nicer/turn_client_ctx.o")
253:42.61     INPUT("../../media/mtransport/third_party/nICEr/nicer_nicer/cb_args.o")
253:42.61     INPUT("../../media/mtransport/third_party/nICEr/nicer_nicer/ice_util.o")
253:42.61     INPUT("../../media/mtransport/third_party/nICEr/nicer_nicer/Unified_c_third_party_nICEr0.o")
253:42.61     INPUT("../../media/mtransport/third_party/nrappkit/nrappkit_nrappkit/r_log.o")
253:42.61     INPUT("../../media/mtransport/third_party/nrappkit/nrappkit_nrappkit/byteorder.o")
253:42.61     INPUT("../../media/mtransport/third_party/nrappkit/nrappkit_nrappkit/hex.o")
253:42.61     INPUT("../../media/mtransport/third_party/nrappkit/nrappkit_nrappkit/debug.o")
253:42.61     INPUT("../../media/mtransport/third_party/nrappkit/nrappkit_nrappkit/r_assoc.o")
253:42.61     INPUT("../../media/mtransport/third_party/nrappkit/nrappkit_nrappkit/r_crc32.o")
253:42.61     INPUT("../../media/mtransport/third_party/nrappkit/nrappkit_nrappkit/r_data.o")
253:42.61     INPUT("../../media/mtransport/third_party/nrappkit/nrappkit_nrappkit/r_errors.o")
253:42.61     INPUT("../../media/mtransport/third_party/nrappkit/nrappkit_nrappkit/r_list.o")
253:42.61     INPUT("../../media/mtransport/third_party/nrappkit/nrappkit_nrappkit/r_memory.o")
253:42.61     INPUT("../../media/mtransport/third_party/nrappkit/nrappkit_nrappkit/r_replace.o")
253:42.61     INPUT("../../media/mtransport/third_party/nrappkit/nrappkit_nrappkit/r_time.o")
253:42.61     INPUT("../../media/mtransport/third_party/nrappkit/nrappkit_nrappkit/p_buf.o")
253:42.61     INPUT("../../media/mtransport/third_party/nrappkit/nrappkit_nrappkit/util.o")
253:42.61     INPUT("../../media/mtransport/third_party/nrappkit/nrappkit_nrappkit/Unified_c_nrappkit0.o")
253:42.61     INPUT("../../media/psshparser/Unified_cpp_media_psshparser0.o")
253:42.61     INPUT("StaticXULComponentsEnd/StaticXULComponentsEnd.o")
253:42.61 
253:42.61 collect2: fatal error: ld terminated with signal 9 [Killed]
253:42.61 compilation terminated.
253:42.61 /usr/bin/ld: error: libxul.so(.debug_info) is too large (0x3fae7656 bytes)
253:42.61 make[4]: *** [/sources/thunderbird-60.5.0/thunderbird-60.5.0/config/rules.mk:709: libxul.so] Error 1
253:42.61 make[4]: *** Deleting file 'libxul.so'
253:42.61 make[4]: Leaving directory '/sources/thunderbird-60.5.0/thunderbird-60.5.0/obj-x86_64-pc-linux-gnu/toolkit/library'
253:42.61 make[3]: *** [/sources/thunderbird-60.5.0/thunderbird-60.5.0/config/recurse.mk:73: toolkit/library/target] Error 2
253:42.61 make[3]: Leaving directory '/sources/thunderbird-60.5.0/thunderbird-60.5.0/obj-x86_64-pc-linux-gnu'
253:42.61 make[2]: *** [/sources/thunderbird-60.5.0/thunderbird-60.5.0/config/recurse.mk:33: compile] Error 2
253:42.61 make[2]: Leaving directory '/sources/thunderbird-60.5.0/thunderbird-60.5.0/obj-x86_64-pc-linux-gnu'
253:42.61 make[1]: *** [/sources/thunderbird-60.5.0/thunderbird-60.5.0/config/rules.mk:442: default] Error 2
253:42.61 make[1]: Leaving directory '/sources/thunderbird-60.5.0/thunderbird-60.5.0/obj-x86_64-pc-linux-gnu'
253:42.61 make: *** [client.mk:169: build] Error 2
253:42.66 549 compiler warnings present.
253:43.49 /usr/bin/notify-send --app-name=Mozilla Build System Mozilla Build System Build failed

Going to give it another whirl. The whole reason why it's running this slow is that my system lost its lunch when I tried to build it for myself. At -j4, it's 31 SBU.

Going to continue to investigate, but I figured I'd show what I'm talking about.

comment:6 by Douglas R. Reno, 3 years ago

Alright, I'm committing this now.

I managed to figure out my problem.

comment:7 by Douglas R. Reno, 3 years ago

Resolution: fixed
Status: assignedclosed

Fixed at r21087

Note: See TracTickets for help on using tickets.