Changelog:
NEW
A Menu Button is now shown to new users by default
NEW
Tabs are now drawn in the title bar on Windows
FIXED
An issue causing spell-checking only parts of words in Thunderbird 16 is now fixed (790475)
FIXED
An issue causing Thunderbird 16 to repeatedly download emails is now fixed (806760)
FIXED
RSS feeds can now be viewed in the Wide View Layout (531397)
FIXED
Various fixes and performance improvements
FIXED
Various security fixes
CHANGED
Mac OS X 10.5 is no longer supported
Security fixes:
Fixed in Thunderbird 17
MFSA 2012-106 Use-after-free, buffer overflow, and memory corruption issues found using Address Sanitizer
MFSA 2012-105 Use-after-free and buffer overflow issues found using Address Sanitizer
MFSA 2012-103 Frames can shadow top.location
MFSA 2012-101 Improper character decoding in HZ-GB-2312 charset
MFSA 2012-100 Improper security filtering for cross-origin wrappers
MFSA 2012-99 XrayWrappers exposes chrome-only properties when not in chrome compartment
MFSA 2012-97 XMLHttpRequest inherits incorrect principal within sandbox
MFSA 2012-96 Memory corruption in str_unescape
MFSA 2012-94 Crash when combining SVG text on path with CSS
MFSA 2012-93 evalInSanbox location context incorrectly applied
MFSA 2012-92 Buffer overflow while rendering GIF images
MFSA 2012-91 Miscellaneous memory safety hazards (rv:17.0/ rv:10.0.11)
* Update Mozilla Lightning to 1.7
* Update Enigmail to 1.4.4 (functionality is not tested yet; should
be updated)
* Regen patches
Changelog:
NEW Multi-Channel Chat: You now can enjoy real time conversation with your contacts, right from your favorite messaging application.
NEW Do Not Track: This option has been implemented as an addition to Search the Web.
NEW Ubuntu One is now supported in Filelink - the option to upload large attachments to online storage services.
NEW New User Interface: Thunderbird is replicating the new look and feel of Mozilla Firefox in an effort to provide a similar user experience across all Mozilla software desktop or mobile and all platforms.
FIXED Various fixes and performance improvements
FIXED Various security fixes
MFSA 2012-72 Web console eval capable of executing chrome-privileged code
MFSA 2012-70 Location object security checks bypassed by chrome code
MFSA 2012-68 DOMParser loads linked resources in extensions when parsing text/html
MFSA 2012-67 Installer will launch incorrect executable following new installation
MFSA 2012-65 Out-of-bounds read in format-number in XSLT
MFSA 2012-64 Graphite 2 memory corruption
MFSA 2012-63 SVG buffer overflow and use-after-free issues
MFSA 2012-62 WebGL use-after-free and memory corruption
MFSA 2012-61 Memory corruption with bitmap format images with negative height
MFSA 2012-59 Location object can be shadowed using Object.defineProperty
MFSA 2012-58 Use-after-free issues found using Address Sanitizer
MFSA 2012-57 Miscellaneous memory safety hazards (rv:15.0/ rv:10.0.7)
* Update enigmail to 1.4.2
* Update Lightning to 1.5
Changelog:
* Filelink: Upload your files to an online storage service and send links
to your friends, avoiding bounce back due to large attachments. We have
partnered with YouSendIt to bring this feature, but additional partners
will be added in the near future.
* In partnership with Gandi and Hover, you can now sign up for a
personalized email address from within Thunderbird. Along with your new
email address, Thunderbird will be automatically set up and ready to
send and receive messages. We are working with additional suppliers to
cover more areas of the world and to provide more options in the future.
* Various security fixes
MFSA 2012-40 Buffer overflow and use-after-free issues found using Address Sanitizer
MFSA 2012-39 NSS parsing errors with zero length items
MFSA 2012-38 Use-after-free while replacing/inserting a node in a document
MFSA 2012-37 Information disclosure though Windows file shares and shortcut files
MFSA 2012-36 Content Security Policy inline-script bypass
MFSA 2012-35 Privilege escalation through Mozilla Updater and Windows Updater Service
MFSA 2012-34 Miscellaneous memory safety hazards
* The minimum system requirements for Windows are now Windows XP Service
Pack 2 or later.
* Remove unused option.
* Update enigmail to 1.4.1
Changelog:
* Global Search results now include message extracts in the results
* Various security fixes
* Various improvements to RSS feed subscription and general feed handling
* Thunderbird now supports add-ons that provide different types of
local mail storage
Release notes for 6.0:
Thunderbird is based on the new Mozilla Gecko 6 engine
Several theme improvements for Windows 7
Support for Windows 7 Jump lists
Several fixes when importing email from Microsoft Outlook
Default mail client check now works with newer Linux distributions
Various other user interface fixes and improvements
Numerous platform fixes that improve speed, performance, stability and security
Release notes for 5.0:
More responsive and faster to start up and use
Thunderbird is based on the new Mozilla Gecko 5 engine
New Add-ons Manager
Revised account creation wizard to improve email setup
New Troubleshooting Information page
Tabs can now be reordered and dragged to different windows
Attachment sizes now displayed along with attachments
Plugins can now be loaded in RSS feeds by default
There are several theme fixes for Windows Vista and Windows 7
Support for Mac 32/64 bit Universal builds (Thunderbird no longer supports PowerPC on Mac)
Over 390 platform fixes that improve speed, performance, stability and security
* Several fixes to improve stability.
* Several fixes to the user interface.
* Several security fixes:
MFSA 2010-63 Information leak via XMLHttpRequest statusText
MFSA 2010-62 Copy-and-paste or drag-and-drop into designMode document allows XSS
MFSA 2010-61 UTF-7 XSS by overriding document charset using <object> type
attribute
MFSA 2010-59 SJOW creates scope chains ending in outer object
MFSA 2010-58 Crash on Mac using fuzzed font in data: URL
MFSA 2010-57 Crash and remote code execution in normalizeDocument
MFSA 2010-56 Dangling pointer vulnerability in nsTreeContentView
MFSA 2010-55 XUL tree removal crash and remote code execution
MFSA 2010-54 Dangling pointer vulnerability in nsTreeSelection
MFSA 2010-53 Heap buffer overflow in nsTextFrameUtils::TransformText
MFSA 2010-52 Windows XP DLL loading vulnerability
MFSA 2010-51 Dangling pointer vulnerability using DOM plugin array
MFSA 2010-50 Frameset integer overflow vulnerability
MFSA 2010-49 Miscellaneous memory safety hazards (rv:1.9.2.9/ 1.9.1.12)
- Update bundled enigmail to 1.1.2
- Update mozilla branch patches to 1.9.2 (from devel/xulrunner)
- While here fix PR pkg/43598 PLIST problem w/ enigmail
---8<---
Thunderbird 3.1 is based on the Gecko 1.9.2 platform to provide improved
performance, stability, web compatibility, and code simplification and
sustainability.
New features include:
Faster Search Results and Quick Filter Toolbar
* Faster Search Results
* Quick Filter Toolbar
User Experience Improvements
* New Migration Assistant
* Saved Files Manager
* Mail Account Setup Wizard
Performance Improvements
* Improvements to Stability, Memory, and Password Handling
