{"id":10104,"date":"2019-06-15T00:04:00","date_gmt":"2019-06-14T22:04:00","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=10104"},"modified":"2022-06-26T12:56:13","modified_gmt":"2022-06-26T10:56:13","slug":"thunderbird-60-7-1-released","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2019\/06\/15\/thunderbird-60-7-1-released\/","title":{"rendered":"Thunderbird 60.7.1 released"},"content":{"rendered":"<p><img decoding=\"async\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline;\" src=\"http:\/\/www.borncity.com\/blog\/wp-content\/uploads\/2012\/07\/Mozilla.jpg\" align=\"left\" \/>[<a href=\"https:\/\/www.borncity.com\/blog\/2019\/06\/15\/thunderbird-60-7-1-released\/\" target=\"_blank\" rel=\"noopener noreferrer\">German<\/a>]Mozilla's developers released an update of the email client Thunderbird to version 60.7.1 on June 13, 2019. This is a maintenance update which closes critical security gaps. Here is some information about it.<\/p>\n<p><!--more--><\/p>\n<p>German blog reader Ralf mentioned within this comment (thanks). I checked it on my system. The update was detected during an update search on the Thunderbird Portable and installed without complaint.<\/p>\n<p>The changes can be found in the <a href=\"https:\/\/www.thunderbird.net\/en-US\/thunderbird\/60.7.1\/releasenotes\/\" target=\"_blank\" rel=\"noopener noreferrer\">release notes<\/a>. Things that are fixed now, are: No prompt for smartcard PIN when S\/MIME signing is used. In addition, the <a href=\"https:\/\/www.mozilla.org\/en-US\/security\/known-vulnerabilities\/thunderbird\/#thunderbird60.7.1\" target=\"_blank\" rel=\"noopener noreferrer\">following vulnerabilities<\/a>, which are rated 'high', has been fixed:<\/p>\n<ul>\n<li><a href=\"https:\/\/www.mozilla.org\/en-US\/security\/advisories\/mfsa2019-17\/#CVE-2019-11703\" target=\"_blank\" rel=\"noopener noreferrer\">CVE-2019-11703: Heap buffer overflow in icalparser.c<\/a>: high; A flaw in Thunderbird's implementation of iCal causes a heap buffer overflow in <code>parser_get_next_char<\/code> when processing certain email messages, resulting in a potentially exploitable crash.<\/li>\n<li><a href=\"https:\/\/www.mozilla.org\/en-US\/security\/advisories\/mfsa2019-17\/#CVE-2019-11704\">CVE-2019-11704: Heap buffer overflow in icalvalue.c<\/a>: high; A flaw in Thunderbird's implementation of iCal causes a heap buffer overflow in <code>icalmemory_strdup_and_dequote<\/code> when processing certain email messages, resulting in a potentially exploitable crash.<\/li>\n<li><a href=\"https:\/\/www.mozilla.org\/en-US\/security\/advisories\/mfsa2019-17\/#CVE-2019-11705\" target=\"_blank\" rel=\"noopener noreferrer\">CVE-2019-11705: Stack buffer overflow in icalrecur.c<\/a>: high; A flaw in Thunderbird's implementation of iCal causes a stack buffer overflow in <code>icalrecur_add_bydayrules<\/code> when processing certain email messages, resulting in a potentially exploitable crash.<\/li>\n<li><a href=\"https:\/\/www.mozilla.org\/en-US\/security\/advisories\/mfsa2019-17\/#CVE-2019-11706\" target=\"_blank\" rel=\"noopener noreferrer\">CVE-2019-11706: Type confusion in icalproperty.c<\/a>: low; A flaw in Thunderbird's implementation of iCal causes a type confusion in <code>icaltimezone_get_vtimezone_properties<\/code> when processing certain email messages, resulting in a crash.<\/li>\n<\/ul>\n<p>Known Issues are: Due to changes in the Mozilla platform profiles stored on Windows network shares addressed via drive letters are now addressed via UNC \u2013 and Chat: Twitter not working due to API changes at Twitter.com.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>[German]Mozilla's developers released an update of the email client Thunderbird to version 60.7.1 on June 13, 2019. This is a maintenance update which closes critical security gaps. Here is some information about it.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1547,22],"tags":[1239,195],"class_list":["post-10104","post","type-post","status-publish","format-standard","hentry","category-software","category-update","tag-thunderbird","tag-update"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/10104","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=10104"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/10104\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=10104"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=10104"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=10104"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}