Opened 6 months ago

Closed 6 months ago

#18774 closed enhancement (fixed)

thunderbird-115.4.1

Reported by: Bruce Dubbs Owned by: Douglas R. Reno
Priority: elevated Milestone: 12.1
Component: BOOK Version: git
Severity: normal Keywords:
Cc:

Description

New minor version.

Change History (5)

comment:1 by Joe Locash, 6 months ago

Now at 115.4.1 and should be elevated.

https://www.mozilla.org/en-US/security/advisories/mfsa2023-47/

comment:2 by Douglas R. Reno, 6 months ago

Owner: changed from blfs-book to Douglas R. Reno
Status: newassigned

comment:3 by Douglas R. Reno, 6 months ago

Priority: normalelevated
Summary: thunderbird-115.4.0thunderbird-115.4.1

comment:4 by Douglas R. Reno, 6 months ago

What's New:

  • "Manage Newsgroups Subscription" now displayed on Account Central when using newsgroups

Bug Fixes:

  • Manually configured authentication methods on accounts did not always persist
  • "Send Autocrypt key in header" preference was available on accounts with no encryption key
  • SHA-1 certificates were not accepted in Thunderbird 115; acceptance of SHA-1 messages can now be enabled via optional preference
  • Various Flatpak enhancements
  • Opening folder in new tab by clicking scroll wheel/middle mouse button did not work in Folder Pane
  • Message list did not automatically scroll to new messages when switching folders
  • "Move/Copy to again" was sometimes displayed in the folder context menu when it should not have been
  • Multiple message drafts or message templates could not be opened simultaneously for editing
  • Tools > Filters dialog did not open in Unified Folder view if no messages were selected
  • Printing dialog could be opened, even with no messages selected
  • "From" address was editable when creating a new message from a template if the account identity contained Unicode characters
  • Opening a saved .eml file in compose window did not preserve message subject from file
  • Replying to some plaintext messages with desired quote selected in original message did not preserve formatting of quote
  • "Edit as New", "Reply", and "Redirect" could not be used on multiple messages simultaneously
  • "Reply to List" option was always enabled, even with no list to reply to
  • "Archive" button in message pane was enabled on messages that could not be archived
  • "Followup-To" label was incorrectly labeled as "Newsgroups"
  • "Save image as" option did not work for RSS feed items displayed as a webpage
  • OTR verification dialog was blank, preventing verification of OTR chat sessions
  • Calendar event import failed for some ICS files
  • Permission description strings were missing from Add-Ons Manager
  • Various visual fixes
  • Security fixes

Security Fixes:

  • CVE-2023-5721: Queued up rendering could have allowed websites to clickjack (High)
  • CVE-2023-5732: Address bar spoofing via bidirectional characters (Moderate)
  • CVE-2023-5724: Large WebGL draw could have led to a crash (Moderate)
  • CVE-2023-5725: WebExtensions could open arbitrary URLs (Moderate)
  • CVE-2023-5728: Improper object tracking during GC in the JavaScript engine could have led to a crash. (Moderate)
  • CVE-2023-5730: Memory safety bugs fixed in Firefox 119, Firefox ESR 115.4, and Thunderbird 115.4.1 (High)

comment:5 by Douglas R. Reno, 6 months ago

Resolution: fixed
Status: assignedclosed

Fixed at fae2bc2e928f8667aa1be84d148d8bc8b6759250

SA-12.0-037 issued

Note: See TracTickets for help on using tickets.