Thunderbird 102.6.0 is a security and bug fix update

Martin Brinkmann
Dec 14, 2022
Thunderbird
|
2

Thunderbird 102.6.0 is out. The new version of the open source email client fixes security issues and bugs.

The new Thunderbird version is available already. While it is being distributed automatically to most devices with Thunderbird, some users may want to speed up the installation of the update.

All it takes for that is to select Menu > Help > About Thunderbird. The small window that opens displays the current version and whether the email client is up to date. The program checks for updates and any update found may be installed right away.

Thunderbird 102.6.0

Thunderbird 102.6.0 addresses seven different security issues. The overall severity rating of the fixed security issues is high, second only to critical.

Here is the full list of the fixes:

  1. CVE-2022-46878: Memory safety bugs fixed in Thunderbird 102.6
  2. CVE-2022-46881: Memory corruption in WebGL
  3. CVE-2022-46880: Use-after-free in WebGL
  4. CVE-2022-46872: Arbitrary file read from a compromised content process
  5. CVE-2022-46882: Use-after-free in WebGL
  6. CVE-2022-46875: Download Protections were bypassed by .atloc and .ftploc files on Mac OS
  7. CVE-2022-46874: Drag and Dropped Filenames could have been truncated to malicious extensions

The security advisory, published here, provides information about each of the security issues.

The release notes list seven non-security fixes. These address bugs in previous versions of the Thunderbird email client. One fix addresses an issue with the cookie deletion option of "show cookies". Cookies were not actually deleted when the action was selected by the user. Another fixes the pause RSS feed option in the RSS reader of the email client. RSS feed were not actually paused when the option was activated by the user.

There was also an issue with message indexes getting deleted when too many folders were opened, and an import issue that affected secret OpenPGP keys.

The two remaining fixes addresses a vCard formatting issue and a calendar issue that affected recurring events.

Thunderbird users may want to check the full release notes for additional details on the fixes.

Summary
Thunderbird 102.6.0 is a security and bug fix update
Article Name
Thunderbird 102.6.0 is a security and bug fix update
Description
Thunderbird 102.6.0 Stable is a new version of the open source email client. It fixes security issues and bugs in the application.
Author
Publisher
Ghacks Technology News
Logo
Advertisement

Previous Post: «
Next Post: «

Comments

  1. Clairvaux said on December 14, 2022 at 2:50 pm
    Reply

    May I take the opportunity to ask a few questions to Thunderbird users here ? I’m trying to ditch Microsoft Outlook 2003 as an email client, which does not seem to work well with email providers anymore.

    It seems that there very few independent email clients left, let alone good ones.

    – Is Thunderbird expected to keep Windows 7 compatibility for a significant amount of time ?

    – Does it have a task manager ?

    – Is it able to insert an email in a calendar or task item ? This is one of the most useful features of Outlook, and it seems to me no other program has it. Alternatively, are there any other means to associate an email with a calendar or task item ?

    – Any opinions on Thunderbird versus eM Client, which, according to my research, seems to be the only other decent option available (bar the hugely expensive and intrusive Microsoft Outlook) ?

    – Any other email clients you’d recommend ? The Bat is often quoted, but it seems to be full of really bizarre features, and devoid of a calendar and task manager.

    Thanks in advance.

    1. Jody Thornton said on December 14, 2022 at 5:53 pm
      Reply

      @Clairvaux:

      I’ll be following this as well. Now come the release of Firefox ESR 115, Thunderbird is moving to the new “Supernova” UI, but if Mozilla maintains Windows 7 compatibility with Firefox ESR 115, then Thunderbird should get another fifteen months of Windows 7 support.

      I liked EM Client, but I only like the UI of version 5x. After that, every version looks like Windows 10 fused with Office 2007+

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.