Opened 5 months ago

Closed 5 months ago

#20719 closed enhancement (fixed)

thunderbird-128.5.0esr

Reported by: Douglas R. Reno Owned by: Douglas R. Reno
Priority: elevated Milestone: 12.3
Component: BOOK Version: git
Severity: normal Keywords:
Cc:

Description

New minor version

Release notes are not available yet, but it very likely has the same security fixes as Firefox

Change History (4)

comment:1 by Douglas R. Reno, 5 months ago

Owner: changed from blfs-book to Douglas R. Reno
Status: newassigned

comment:2 by Douglas R. Reno, 5 months ago

Priority: normalelevated

Security Fixes:

  • CVE-2024-11692: Select list elements could be shown over another site (Moderate)
  • CVE-2024-11694: CSP Bypass and XSS Exposure via Web Compatibility Shims (Moderate)
  • CVE-2024-11695: URL Bar Spoofing via Manipulated Punycode and Whitespace Characters (Moderate)
  • CVE-2024-11696: Unhandled Exception in Add-on Signature Verification (Moderate)
  • CVE-2024-11697: Improper Keypress Handling in Executable File Confirmation Dialog (Low)
  • CVE-2024-11699: Memory safety bugs fixed in Firefox 133, Firefox ESR 128.5, and Thunderbird 128.5 (High)

comment:3 by Douglas R. Reno, 5 months ago

What's Fixed:

  • IMAP could crash when reading cached messages
  • Enabling "Show Folder Size" on Maildir profile could render Thunderbird unusable
  • Messages corrupted by folder compaction were only fixed by user intervention
  • Reading a message from past the end of an mbox file did not cause an error
  • View -> Folders had duplicate F access keys
  • Add-ons adding columns to the message list could fail and cause display issue
  • "Empty trash on exit" and "Expunge inbox on exit" did not always work
  • Selecting a display option in View -> Tasks did not apply in the Task interface
  • Security fixes

comment:4 by Douglas R. Reno, 5 months ago

Resolution: fixed
Status: assignedclosed

Fixed at 30392b78ebb593a4e14afe1cbf1bddce765805fe

SA-12.2-050 issued

Note: See TracTickets for help on using tickets.