Thunderbird 78.3.0 and 78.3.1 have been released
MZLA Technologies Corporation has released two new versions of the Thunderbird desktop email client this week. Thunderbird 78.30 was released on September 24, 2020, and Thunderbird 78.3.1 just two days later on September 26, 2020.
Thunderbird installations that have not received either update yet are updated to version 78.3.1 automatically. Users of the email client can select Help > About Thunderbird to check the installed version and run a manual check for updates. The new release is also available as a manual download from the project's website.
Why two versions? A second version is pushed when the previous version has at least one critical issue, be it security or non-security, that has the potential to affect a large number of users. In this case, Thunderbird 78.3.1 fixes a crash that users experienced after Thunderbird was updated to version 78.3.0.
All changes of Thunderbird 78.3.0 are part of the minor update as well. It is a minor release that fixes non-security and security issues for the most part, and includes some improvements next to that.
The official release notes highlight OpenPGP improvements in this release. The decryption performance of large messages has been improvement when OpenPGP is used, and the external key UI is not shown when disabled in the preferences.
Other changes include that the installation of legacy extension has been disabled in that release, that the account setup wizard displays a popup when a server uses a self-signed SSL/TLS certificate, and that the reply-to header now appears under the From header. Lastly, this release includes unspecified improvements to the calendar's sidebar user interface.
As far as fixes are concerned, there are plenty:
- Selecting "Cancel" on the Master Password prompt at startup incorrectly reported corrupted OpenPGP data
- OpenPGP: Creating a new key pair did not automatically select it for use
- Dragging & Dropping recipient pills resulted in lost pills when an error was present
- Spellcheck suggestions were unreadable in dark theme
- Calendar: Multiple password prompts opened
- Linux Distributions: UI was not rendered completely when built without updater
- MailExtensions: browser.folders.delete failed on IMAP folders
Thunderbird 78.3 resolves several security issues, one of which is rated high, the second highest rating after critical. A total of four security issues are fixed in the release, the remaining three have received a rating of moderate each.
The developers list a single known issue: the mailing list is not focused on startup.
Now You: do you use Thunderbird? What is your take on the 78.x version of the email client?
Old news? Or incorrect headline? :)
Wrong title since mentioned MZLA Technologies Corporation and OpenPGP.
Whoopsies on the headline
There is also new Thunderbird Beta 82.0b1 which finally allows extensions to run scripts in the email window (message window)
https://www.thunderbird.net/en-US/thunderbird/82.0beta/releasenotes/
So now my ScrollAnywhere will work also in Thunderbird!
https://addons.thunderbird.net/addon/scroll_anywhere/
@Martin Brinkmann
I don’t know when/if this would be possible, but it would be great to have a Ghacks guide for dummies (like myself) on how to migrate with less disruption as possible from using Enigmail in Thunderbird to using OpenPGP in Thunderbird and/or have links to similar guides if they already exist.
Still staying put at v68.
As long as Provider is not updated to support v78, I won’t update.
If you’re referring to Provider for Google Calendar, it works just fine.
T-bird 78,3.x breaks most, if not all, extensions, I use to customize version 68.x.x
Just went to use “Forward as attachment” and that option is now gone in 37.3.0 and 37.3.1. May have gone earlier, but just used it a couple of weeks ago. All I can do is forward.
Won’t be budging from version 68 any time soon. Too many mission critical extensions that are broken in the newer versions.
Now that the Enigma add-in is gone, in Thunderbird 78.3.1 (64 bit), when I right click an email account | select Settings | End-To-End Encryption | Add Key… | Import an existing OpenPGP Key | Continue. it asks, “Import an existing personal OpenPGP Key”.
Q1: It says “key’, but is this really asking for a Public key, private key, or both?
Q2: If I supply my private key how do I know that it will be it kept secure?
> Q1: It says “key’, but is this really asking for a Public key, private key, or both?
> Q2: If I supply my private key how do I know that it will be it kept secure?
@howard a good place to ask encryption questions is https://thunderbird.topicbox.com/groups/e2ee
Hello,
After automatically installing the version 78.3.0 (so I suppose) Thunderbird does not run anylonger.
Instead, the following message appears on the screen:
XULRunner
Error: Platform version ‘78.3.0’ is not compatible with
minVersion >= 78.2.0
manVersion >= 78.2.0
Can you please suggest how I can fix it maintaining all the emails stored?
Sorry,
I meant:
…
minVersion >= 78.2.0
maxVersion >= 78.2.0
In TB 78.3.1 I can’t import my secret key, and TB is unhelpful in saying anything at all about why not, except for, “Error! Failed to import file.”
Why is it that error messages have devolved into just pass/fail with no report of what caused an error? In my opinion this is just lame, careless programming.
Furthermore, for decades we have used certain terms related to keys: Private and Public. Now TB is going it alone to instead muddy the water with the new word ‘Secret’ instead of Private. Why? It just makes all of the documentation and internet help that much harder to update and follow!
Please go thru this immature version of a PGP front end, and make it work better, with more standard terminology. I would have no trouble if when one hovered over the world “Private” that you explained that a private key needs to be kept secret. But changing a standard term that has been with us for so very long, when cryptology is hard enough to understand in the first place, is really very crazy.
Furthermore, when you use the word ‘Key’ you need to say what you mean: Do you mean Public Key, Private Key, or both Public and Private keys? For example when asking to import a secret key (which as far as I can tell doesn’t yet work) you then drill down and are ask for simply a ‘Key’. This should be more consistent and ask for a ‘Private key’, and it should also say at that point more about exactly what an accessible file holding that key might look like, in terms of armored ASCII or binary, ownership and permissions of that file, and any pass phrase and how that will be handled, or whatever.
It looks like I’m going to roll back to TB v68 for the 2nd time in 2 days, till TB gets this working better.
Seven weeks later and the problem is still not fixed. I still cannot import my new private key for a secure email account for which I have to change the password and PGP keys every few months. So annoying when I had no problem using enigmail for the last 15 years or so.