[German]The developers of the e-mail client Thunderbird released Thunderbird 78.5.1 on December 2, November 2020. It is a maintenance update for the 78 main version of the e-mail client, which fixes bugs and closes security holes. At the same time the new version probably has a bug, as a reader told me the night.
OpenPGP: Added option to disable email subject encryption
and subsequent changes:
- OpenPGP: Added option to disable attaching the public key to a signed message
- MailExtensions: Added context “compose_attachments” to the menu API
- MailExtensions: API menus now available on displayed messages
What has changed: MailExtensions: browser.tabs.create is now waiting for the event “mail delayed start finished”. The update contains the following fixes:
- OpenPGP import of public keys now supports multiple file selection and mass acceptance of imported keys
- MailExtensions: getComposeDetails is waiting for “compose-editor-ready” event
In addition, several bugs have been fixed, which are listed below.
- New e-mail icon was not removed from the system tray during shutdown
- “Place replies in the folder of the message being replied to” did not work when “Replies to list” was used.
- Thunderbird did not consider the option “Run search on server” when searching for messages
- Highlighting color for folders with unread messages was not visible in the dark topic
- OpenPGP: Keys were missing from the Key Manager
- OpenPGP: Option to import keys from the clipboard always disabled
- The “Link” button in the info bar for large attachments could not open the “Filelink” section in the options if the user had not yet configured Filelink.
- Address Book: Printing members of a mailing list resulted in incorrect output
- Connection to LDAP servers configured with a self-signed SSL certificate is not possible
- Autoconfiguration via LDAP did not work as expected
- Calendar: Pressing Ctrl-Enter in the new Events dialog creates duplicate events.
In addition, a vulnerability rated as high is closed, which is documented here.
CVE-2020-26970: Stack overflow due to incorrect parsing of SMTP server response codes
When reading SMTP server status codes, Thunderbird writes an integer value to a position on the stack that is intended to contain just one byte. Depending on processor architecture and stack layout, this leads to stack corruption that may be exploitable.
Conflict with Cardbook-Add-on
Blog-reader Adrian sent me this night an e-mail (thanks for that), claiming, that the update from Thunderbird to version 78.5.1 has an annoying bug in connection with the add-on Cardbook Version 54.4. The problem occurred on four different Windows machines. All of them run Windows 10 (2x with 1909 and 2x 20h2), Thunderbird each as 64-bit version. Adrian wrote in a 2nd mail, that this also occurred to some of my customers who read his warning too late.
Error: When rewriting an email, resp. entering the recipient address, no suggestions from the address books/autocomplete are loaded.
If you deactivate the Cardbook-add-on, the suggestions from the TB standard addressbook are loaded, but of course none from Cardbook.
Since the Cardbook version is dated November 27th, Adrian assumes that the problem is probably with Thunderbird version 78.5.1. It is also possible that Thunderbird has internal changes/fixes that affect the add-on and cause the problem. Adrian has come up with a simple workaround: He had Thunderbird version 78.5.0 reinstalled.
The system requirements for the different operating system versions (see also where further details can be found):
- Windows: Windows 7, Windows Server 2008 R2 or higher
- Mac: Mac OS X 10.9 or higher
- Linux: GTK+ 3.4 or higher
The download is available here. The Thunderbird is free of charge.
Cookies helps to fund this blog: Cookie settings