Opened 7 weeks ago
Closed 5 weeks ago
#20153 closed enhancement (fixed)
thunderbird-128.1.0esr
| Reported by: | Joe Locash | Owned by: | Douglas R. Reno |
|---|---|---|---|
| Priority: | high | Milestone: | 12.2 |
| Component: | BOOK | Version: | git |
| Severity: | normal | Keywords: | |
| Cc: |
Description
New patch release.
Fixed - Opening profile import tab then restarting Thunderbird caused import tab to malfunction Fixed - "Total" column did not display message count when using "Grouped by" sorting Fixed - Could not add events to CalDAV calendar when UID contained special characters Fixed - Visual and UX improvements
firefox-128.1esr is scheduled for Aug 6 (one week) and thunderbird-128.1esr should follow shortly after that, so this might be one for the back burner.
Change History (10)
comment:1 by , 7 weeks ago
comment:2 by , 6 weeks ago
Hmm. It looks like thunderbird-128.0.1esr is available now. The date stamp is July 19.
comment:3 by , 6 weeks ago
It's going to get replaced on Tuesday by a new Thunderbird and Firefox release with security patches - Thunderbird (and Firefox) 128.1.0esr
comment:4 by , 6 weeks ago
| Summary: | thunderbird-128.0.1esr → thunderbird-128.0.1esr (wait for 128.1.0esr) |
|---|
comment:5 by , 6 weeks ago
| Owner: | changed from to |
|---|---|
| Status: | new → assigned |
comment:7 by , 6 weeks ago
| Summary: | thunderbird-128.0.1esr (wait for 128.1.0esr) → thunderbird-128.1.0esr |
|---|
comment:8 by , 6 weeks ago
| Priority: | normal → high |
|---|
comment:9 by , 5 weeks ago
Release Notes
- Could not add override for a certificate with the wrong hostname
- Auto-detection of CalDAV calendars and CardDAV address books failed in certain scenarios
- Potential memory leak in local folder repair
- Selecting messages and then switching to a new folder with no selected messages did not clear selected messages count
- When using an external installation of GnuPG, Thunderbird occassionally sent/received corrupted messages
- Users of external GnuPG were unable to decrypt incorrectly encoded messages
- UTF-8 encoded messages became garbled when encrypted using inline OpenPGP
- Could not access the contents of an S/MIME encrypted message wrapped in a digital signature
- Occasional crash occurred shortly after startup
- Flatpak created a duplicate unpinned icon in Linux dock after launching Thunderbird
- Flatpak release notes URL was incorrect
- Spell checker dictionary was not available for Flatpak install
- Digital signatures on signed-only OpenPGP messages were broken with some providers
- Visual and UX improvements
Security Fixes
- CVE-2024-7518: Fullscreen notification dialog can be obscured by document content (High)
- CVE-2024-7519: Out of bounds memory access in graphics shared memory handling (High)
- CVE-2024-7520: Type confusion in WebAssembly (High)
- CVE-2024-7521: Incomplete WebAssembly exception handing (High)
- CVE-2024-7522: Out of bounds read in editor component (High)
- CVE-2024-7525: Missing permission check when creating a StreamFilter (High)
- CVE-2024-7526: Uninitialized memory used by WebGL (High)
- CVE-2024-7527: Use-after-free in JavaScript garbage collection (High)
- CVE-2024-7528: Use-after-free in IndexedDB (High)
- CVE-2024-7529: Document content could partially obscure security prompts (Moderate)
comment:10 by , 5 weeks ago
| Resolution: | → fixed |
|---|---|
| Status: | assigned → closed |
Fixed at 45df72bdfffe70271cd12472a3174e80624b206d
SA-12.1-087 issued
Note:
See TracTickets
for help on using tickets.
Nothing depends on FF or TB so they can be updated right until LFS/BLFS 12.2 are released.
I agree that we should hold off until thunderbird-128.1esr is released.