Email client Thunderbird 78.5.1 released
A new version of the open source email client Thunderbird is available. Thunderbird 78.5.1 is a bug fix and security release. The security issue that is addressed has been rated as high, the second highest severity rating after critical.
The new version of the email client is already available. Thunderbird users should get it offered to them automatically; those who don't want to wait can select Help > About Thunderbird in the email client to run a manual check for updates. The "About" window displays the currently installed version of Thunderbird making it easy to compare the installed version to the latest.
The development team lists one security issue that has been fixed in Thunderbird 78.5.1. It is not an issue that is actively exploited at this time.
CVE-2020-26970: Stack overflow due to incorrect parsing of SMTP server response codes
When reading SMTP server status codes, Thunderbird writes an integer value to a position on the stack that is intended to contain just one byte. Depending on processor architecture and stack layout, this leads to stack corruption that may be exploitable.
The official release notes list one new feature, two changes, and a good dozen fixes.
The new feature enables Thunderbird users to disable the encryption of the email subject when using the built-in OpenPGP functionality. The changes introduce support for multi-file selection and bulk importing of OpenPGP keys in the email client, and a change in the getComposeDetails function that extensions may use. The function will wait for "compose-editor-ready" events in the new version.
The following issues are corrected in Thunderbird 78.5.1:
- The new mail icon is removed from the System Tray when Thunderbird is closed; it remained visible in previous versions.
- Thunderbird did not honor the "run search on server" option when running searches.
- Two OpenPGP fixes: 1) key were missing from key manager, and 2) option to import keys from clipboard always disabled.
- Dark theme fix that addresses highlight colors for folders with unread messages being not visible when the dark theme was enabled.
- The option "place replies in the folder of the message being replied to" did not work when "reply to list" was used.
- Link button did nothing when Filelink was not set up.
- Incorrect output when printing mailing list members.
- Addressed a connection isse to LDAP servers that use self-signed certificates.
- Autoconfig via LDAP did not work as expected.
- Using Ctrl-Enter in Calendar created duplicate events.
Now You: have you installed the latest Thunderbird version?Advertisement