id summary reporter owner description type status priority milestone component version severity resolution keywords cc 7457 thunderbird-38.6.0 Fernando de Oliveira Fernando de Oliveira " == Various security fixes == [https://ftp.mozilla.org/pub/thunderbird/releases/38.6.0/source/thunderbird-38.6.0.source.tar.bz2] [https://ftp.mozilla.org/pub/thunderbird/releases/38.6.0/SHA512SUMS] 9f6cb6b7c9b4935603333366a21cbb3e142fbdbded61adea44c39d45327207e1478d268fb721ee914ae1b0e762507f3665e40e1c315bd454fe1d019bd7972a08 source/thunderbird-38.6.0.source.tar.bz2 [https://ftp.mozilla.org/pub/thunderbird/releases/38.6.0/SHA512SUMS.asc] [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.6.0] '''Security Advisories for Thunderbird''' {{{ Last was for 38.5.0 }}} But on Firefox ESR 38.6: [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr38.6] {{{ Fixed in Firefox ESR 38.6 Critical • 2016-03 Buffer overflow in WebGL after out of memory allocation • 2016-01 Miscellaneous memory safety hazards (rv:44.0 / rv:38.6) Moderate • 2015-150 MD5 signatures accepted within TLS 1.2 ServerKeyExchange in server signature }}} [https://www.mozilla.org/en-US/thunderbird/38.6.0/releasenotes/] {{{ Thunderbird Notes Version 38.6.0, first offered to Release channel users on February 16, 2016 Check out ""What’s New"" and ""Known Issues"" for this version of Thunderbird below. As always, you’re encouraged to tell us what you think, or file a bug in Bugzilla. If interested, please see the complete list of changes in this release. What’s New • Various security fixes. • Filters ran on a different folder than selected • For Windows systems on roaming profiles, could not display messages after Thunderbird update (related to Lightning updates) }}}" enhancement closed high 7.9 BOOK SVN normal fixed