Context Navigation

← Previous Ticket
Next Ticket →

#6712 closed enhancement (fixed)

thunderbird-38.1.0

Reported by:	Fernando de Oliveira	Owned by:	bdubbs@…
Priority:	high	Milestone:	7.8
Component:	BOOK	Version:	SVN
Severity:	normal	Keywords:
Cc:

Description ¶

https://ftp.mozilla.org/pub/mozilla.org/thunderbird/releases/38.1.0/source/thunderbird-38.1.0.source.tar.bz2

https://ftp.mozilla.org/pub/mozilla.org/thunderbird/releases/38.1.0/MD5SUMS

dd161196c6bd444643d2de54d1222d31

https://www.mozilla.org/en-US/thunderbird/38.1.0/releasenotes/

Thunderbird 38.1.0 contains underlying code that is based off of Firefox
38.1.0 esr. See also the release notes for the update from Thunderbird
31 to 38

What’s New

    Fixed

    Copy/Paste into plain text editor deletes newlines from quoted text
    (bug 1143570)
    Cross-posts won't send because Newsgroups: groups are separated with
    comma+space, not just comma (bug 1151448)
    Cannot send email through exchange server (NTLM) (bug 1174159)
    Doesn't display GB2312 encoded texts correctly for Chinese
    Characters (bug 1174580)
    OAuth2 authentication for GMail does not work when specified server
    is imap.gmail.com or smtp.gmail.com. (bug 1176773)

Known Issues

    unresolved

    Import from Outlook and Eudora disabled, code currently not working
    (bug 1175055)

https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.1.0

Security Advisories for Thunderbird

Fixed in Thunderbird 38.1

Critical

    2015-66 Vulnerabilities found through code inspection
    2015-63 Use-after-free in Content Policy due to microtask execution
    error
    2015-59 Miscellaneous memory safety hazards (rv:39.0 / rv:31.8 /
    rv:38.1)

Moderate
    2015-71 NSS incorrectly permits skipping of ServerKeyExchange
    2015-70 NSS accepts export-length DHE keys with regular DHE cipher
    suites
    2015-67 Key pinning is ignored when overridable errors are
    encountered


[Also giving the following, which was not ready when the respective
ticket was created]

Fixed in Thunderbird 38.0.1

Critical
    2015-58 Mozilla Windows updater can be run outside of application
    directory
    2015-57 Privilege escalation through IPC channel messages
    2015-47 Buffer overflow parsing H.264 video with Linux Gstreamer

High
    2015-54 Buffer overflow when parsing compressed XML
    2015-51 Use-after-free during text processing with vertical text
    enabled
    2015-48 Buffer overflow with SVG content and CSS
    2015-46 Miscellaneous memory safety hazards (rv:38.0 / rv:31.7)

Change History (2)

comment:1 by bdubbs@…, 10 years ago

Owner:	changed from blfs-book@… to bdubbs@…
Status:	new → assigned

comment:2 by bdubbs@…, 10 years ago

Resolution:	→ fixed
Status:	assigned → closed

Fixed at revision 16238.

Note: See TracTickets for help on using tickets.

Download in other formats: