MZLA Technologies Corporation, an entirely owned subsidiary of Mozilla Foundation, has launched Thunderbird 68.eight.zero. The new model of the open supply cross-platform electronic mail shopper is obtainable for all supported working techniques.
Existing customers of Thunderbird could choose Help > About Thunderbird to run a examine for updates from inside the shopper. The new model ought to be detected, downloaded and put in. New customers and those that desire to obtain and set up updates manually discover the latest model on the official Thunderbird project website.
Note: Thunderbird 60.* installations will solely be provided the improve to Thunderbird 68.* if the calendar extension Lightning is put in. A handbook set up of Thunderbird 68 works in any case although. Some extensions will not be appropriate with the brand new model.
Thunderbird, which is primarily based on Firefox code to a big diploma, follows the discharge schedule of the Extended Support Release model of Firefox referred to as Firefox ESR.
Thunderbird 68.eight.zero is a bug repair and security launch. The security advisory web site lists six vulnerabilities in complete which were mounted within the new model. Two of the vulnerabilities have obtained the best severity score of crucial. The different scores are 1 excessive, 2 average, and 1 low.
- CVE-2020-12387: Use-after-free throughout employee shutdown (crucial)
- CVE-2020-12395: Memory security bugs mounted in Thunderbird 68.eight.zero (crucial)
- CVE-2020-6831: Buffer overflow in SCTP chunk enter validation (excessive)
- CVE-2020-12392: Arbitrary native file entry with ‘Copy as cURL’ (average)
- CVE-2020-12393: Devtools’ ‘Copy as cURL’ characteristic didn’t totally escape website-controlled information, probably resulting in command injection (average)
- CVE-2020-12397: Sender Email Address Spoofing utilizing encoded Unicode characters (low)
The staff lists six mounted bugs and points in Thunderbird 68.eight.zero that aren’t security-related on the launch notes web page.
- Two account supervisor fixes: the primary corrects a textual content fields difficulty that displayed them too small in some circumstances. The second that the authentication technique didn’t replace when SMTP servers have been chosen.
- Links with embedded credentials wouldn’t open on Windows gadgets (e.g. https://username:[email protected]/)
- Thunderbird would generally despatched messages with “badly fashioned addresses” when addresses have been added from the addressbook.
- Screen readers have been reporting too many actions from the standing bar.
- Setting IMAP messages as learn with “borwser.messages.up to date” in extensions did not persist.
Now You: Have you up to date Thunderbird already or are you continue to utilizing an older model / completely different shopper?