#6712: thunderbird-38.1.0
-------------------------+-------------------------
Reporter: fo | Owner: blfs-book@…
Type: enhancement | Status: new
Priority: high | Milestone: 7.8
Component: BOOK | Version: SVN
Severity: normal | Keywords:
-------------------------+-------------------------
[https://ftp.mozilla.org/pub/mozilla.org/thunderbird/releases/38.1.0/source/thunderbird-38.1.0.source.tar.bz2]
[https://ftp.mozilla.org/pub/mozilla.org/thunderbird/releases/38.1.0/MD5SUMS]
dd161196c6bd444643d2de54d1222d31
[https://www.mozilla.org/en-US/thunderbird/38.1.0/releasenotes/]
{{{
Thunderbird 38.1.0 contains underlying code that is based off of Firefox
38.1.0 esr. See also the release notes for the update from Thunderbird
31 to 38
What’s New
Fixed
Copy/Paste into plain text editor deletes newlines from quoted text
(bug 1143570)
Cross-posts won't send because Newsgroups: groups are separated with
comma+space, not just comma (bug 1151448)
Cannot send email through exchange server (NTLM) (bug 1174159)
Doesn't display GB2312 encoded texts correctly for Chinese
Characters (bug 1174580)
OAuth2 authentication for GMail does not work when specified server
is imap.gmail.com or smtp.gmail.com. (bug 1176773)
Known Issues
unresolved
Import from Outlook and Eudora disabled, code currently not working
(bug 1175055)
}}}
[https://www.mozilla.org/en-US/security/known-
vulnerabilities/thunderbird/#thunderbird38.1.0]
'''Security Advisories for Thunderbird'''
{{{
Fixed in Thunderbird 38.1
Critical
2015-66 Vulnerabilities found through code inspection
2015-63 Use-after-free in Content Policy due to microtask execution
error
2015-59 Miscellaneous memory safety hazards (rv:39.0 / rv:31.8 /
rv:38.1)
Moderate
2015-71 NSS incorrectly permits skipping of ServerKeyExchange
2015-70 NSS accepts export-length DHE keys with regular DHE cipher
suites
2015-67 Key pinning is ignored when overridable errors are
encountered
[Also giving the following, which was not ready when the respective
ticket was created]
Fixed in Thunderbird 38.0.1
Critical
2015-58 Mozilla Windows updater can be run outside of application
directory
2015-57 Privilege escalation through IPC channel messages
2015-47 Buffer overflow parsing H.264 video with Linux Gstreamer
High
2015-54 Buffer overflow when parsing compressed XML
2015-51 Use-after-free during text processing with vertical text
enabled
2015-48 Buffer overflow with SVG content and CSS
2015-46 Miscellaneous memory safety hazards (rv:38.0 / rv:31.7)
}}}
--
Ticket URL: <http://wiki.linuxfromscratch.org/blfs/ticket/6712>
BLFS Trac <http://wiki.linuxfromscratch.org/blfs>
Beyond Linux From Scratch
--
http://lists.linuxfromscratch.org/listinfo/blfs-book
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
