security problems:
- MFSA 2007-36 URIs with invalid %-encoding mishandled by Windows
- MFSA 2007-29 Crashes with evidence of memory corruption (rv:1.8.1.8)
What's New in Thunderbird 2
* Message Tags: Create your own tags for organizing email. Messages can be
assigned any number of tags. Tags can be combined with saved searches and
mail views to make it easier to organize email.
* Visual Theme: Thunderbird 2's theme and user interface have been updated to
improve usability and maximize screen real estate.
* Session History Navigation: Back and Forward buttons allow navigation through
message history.
* Advanced Folder Views: Customize the folder pane to show favorite, unread or
recent folders.
* Easy Access to Popular Web Mail Services: Gmail and .Mac users can access
their accounts in Thunderbird by simply providing their user names and
passwords.
* Improved Support For Extensions: Extensions can now add custom columns to the
message list pane in addition to storing custom message data in the mail
database.
* Improved New Mail Notification Alerts: New mail alerts include information
such as the subject, sender and message preview text.
* Folder Summary Popups: Mouse over a folder with new messages to see a summary
of the new messages in that folder.
* Saved Search Folder Performance: Search results for saved search folders are
now cached, improving folder loading performance.
* Find As You Type: Finds and highlights message text as you type.
* Improved Filing Tools: Recent folder menu items for moving and copying
messages to recently used folders. Move / Copy again functionality.
* Updates to the Extension System: The extension system has been updated to
provide enhanced security and to allow for easier localization of extensions.
The Rumbling Edge has a more detailed list of notable bug fixes:
http://weblogs.mozillazine.org/rumblingedge/archives/2007/03/tb_2.html
the exact names of the freebl libraries depends on the platform and they
have a habit of changing even on minor releases. This causes these mozilla
packages to be broken quite a lot on platforms other than NetBSD/i386.
Hopefully this fix will last longer than previous ones. pkgrevision bumps
all around.
two issues. The PLIST was incorrect and since the PLIST is used by
the "moz-install" script, anything missing from the PLIST is never
installed even when building from source. When libfreebl* were not
installed it caused the clients to fail to load the security component
and fail with "The browser failed to load its security component".
The second issue is that many installations of solaris-2.9 include
various glib/gtk/gnome libraries in /usr/lib. This causes failures
because the pkgsrc ones were used at link time and the /usr/lib ones
at run time. Work around this by setting a LD_LIBRARY_PATH that includes
the pkgsrc lib directory first.
pkgrevision bumps all around.
talking to ipv4 addresses using ipv6 addresses isn't allowed, which is
the default on NetBSD. Patch to use a v4 socket when talking to an ipv4
ldap server. Fixes my PR 33511.
seamonkey/firefox/sunbird have the same code so make the same patch.
OKed ghen. Bump PKGREVISION.
Firefox).
Thunderbird 1.5.0.2 offers improved stability, and several security fixes:
MFSA 2006-28 Security check of js_ValueToFunctionObject() can be circumvented
MFSA 2006-27 Table Rebuilding Code Execution Vulnerability
MFSA 2006-26 Mail Multiple Information Disclosure
MFSA 2006-25 Privilege escalation through Print Preview
MFSA 2006-24 Privilege escalation using crypto.generateCRMFRequest
MFSA 2006-22 CSS Letter-Spacing Heap Overflow Vulnerability
MFSA 2006-21 JavaScript execution in mail when forwarding in-line
MFSA 2006-20 Crashes with evidence of memory corruption (rv:1.8.0.2)
MFSA 2006-08 "AnyName" entrainment and access control hazard
MFSA 2006-07 Read beyond buffer while parsing XML
MFSA 2006-06 Integer overflows in E4X, SVG and Canvas
MFSA 2006-05 Localstore.rdf XML injection through XULDocument.persist()
MFSA 2006-04 Memory corruption via QueryInterface on Location, Navigator objects
MFSA 2006-02 Changing postion:relative to static corrupts memory
MFSA 2006-01 JavaScript garbage-collection hazards
For a detailed ChangeLog, see:
http://weblogs.mozillazine.org/rumblingedge/archives/2006/02/1-5-0-2.html
What's new:
* Automated update to streamline product upgrades. Notification of an
update is more prominent, and updates to Thunderbird may now be half a
megabyte or smaller. Updating extensions has also improved.
* Sort address autocomplete results by how often you send e-mail to each recipient.
* Spell check as you type.
* Saved Search Folders can now search across multiple accounts.
* Built in phishing detector to help protect users against email scams.
* Podcasting and other RSS Improvements.
* Deleting attachments from messages.
* Integration with server side spam filtering.
* Reply and forward actions for message filters.
* Kerberos Authentication.
* Auto save as draft for mail composition.
* Message aging.
* Filters for Global Inbox.
* Improvements to product usability including redesigned options interface,
and SMTP server management.
* Many security enhancements.
For a more detailed list of changes, see http://weblogs.mozillazine.org/rumblingedge/archives/2006/01/1-5.html
Ok with wiz.
What's New in Thunderbird 1.0.7 (from Release Notes)
Thunderbird 1.0.7 is a security and stability update that is
part of our ongoing program to provide a safe Internet experience
for our customers. We recommend that all users upgrade to this
latest version.
NetBSD the thread safe resolver is only available on __NetBSD_Version__
>= 299000900. Fixes runtime usage on NetBSD 2.1. New Versions:
- firefox-1.0.6nb2
- firefox-gtk1-1.0.6nb2
- mozilla-1.7.11nb1
- mozilla-gtk2-1.7.11nb1
- thunderbird-1.0.6nb1
- thunderbird-gtk1-1.0.6nb1
From the article from mozillazine.org:
mozilla.org today released upgrades to both Firefox 0.9 (0.9.1) and
Thunderbird 0.7 (0.7.1) to fix some minor bugs present in both
releases. Both releases correct some flaws in the extension system
that some users may have been experiencing, as well as a new icon set
for the navigation toolbar on Windows and Linux in Firefox 0.9.1. All
users of both products should get this upgrade.
Here are the highlights for this release of Thunderbird:
* Smaller and Faster
The Windows Installer is now only a 5.9MB download. Significant
performance improvements on Windows, Linux and Mac OS X!
* New Themes and Extension Manager
Provides a convenient and secure way to manage and update the many
add-ons that set Thunderbird apart from other e-mail clients.
* Crash Analysis Tools (Talkback)
Help us help you! Integration with Mozilla Talkback allows users to
submit crash reports which makes it easier for us to find Thunderbird
top crashes.
* Other New Features...
New user interface for viewing vCards.
New Profile Manager which also supports running from a USB device.
Color quoting for quoted message parts.
Thunderbird now supports a user interface for creating multiple
identities per e-mail account. This makes it easy to have several
e-mail addresses which end up going into the same account.
* Recently Fixed Bugs
Fix for an occassional hang when reading IMAP mail over SSL.
Our LDAP support works against older version 2 LDAP servers again in
addition to version 3.
Thunderbird can handle mailto urls that contain raw spaces in the
subject.
Other bug fixes too numerous to mention!
What's new from release notes:
* Improved Junk Mail Controls
The algorithm for the adaptive junk mail controls has been heavily
redesigned to learn faster and catch more spam.
* New Brand Identity
To be consistent with the Mozilla Foundation's goal of brand identity,
Thunderbird has a new logo and supporting artwork thanks to the fine
work of the Mozilla Visual Identity team.
* Other New Features...
- IMAP users can now benefit from support for the IMAP IDLE command
which allows the mail server to push notifications such as new mail
arriving as soon as it arrives.
- Thunderbird supports server-wide news filters that apply to all
newsgroups on a server.
- Thunderbird includes Secure Password Authentication using a new
cross-platform NTLM authentication mechanism for IMAP, POP3 and SMTP.
- Mail filters can now mark messages as junk.
- Tools > Options > Compose > HTML Options allows you to set up
default HTML compose options such as font, size and color.
- Attachments can be opened directly from the compose window to verify
their contents before sending.
- Thunderbird now supports the notion of multiple identities per mail
account. This makes it easy to have several e-mail addresses which end
up going into the same account. Read More about how to set this up.
* Recently Fixed Bugs
- In the case of a failure when copying a message to an online Sent
folder, Thunderbird will now ask if you would like it to try again.
- Pasting data from an OpenOffice.org spreadsheet no longer pastes
random HTML garbage before the actual spreadsheet data into HTML
compose.
- Fixed several situations where LDAP connections were left open when
using LDAP auto complete or performing searches on LDAP directories.
- Improved view source behavior.
- Mail notification for POP3 messages that are marked deleted or
marked read by mail filters no longer occurs.
- The "Mark All Read" keyboard shortcut now works for Linux GTK2.
Mozilla Thunderbird is a redesign of the Mozilla mail component. The
goal is to produce a cross platform stand alone mail application using
the XUL user interface language.
