{"id":16954,"date":"2020-12-02T16:20:06","date_gmt":"2020-12-02T15:20:06","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=16954"},"modified":"2020-12-02T16:20:06","modified_gmt":"2020-12-02T15:20:06","slug":"thunderbird-78-5-1-vorsicht-bug-bei-cardbook-add-on","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2020\/12\/02\/thunderbird-78-5-1-vorsicht-bug-bei-cardbook-add-on\/","title":{"rendered":"Thunderbird 78.5.1 released &#8211; Collides with Cardbook add-on"},"content":{"rendered":"<p><img decoding=\"async\" src=\"https:\/\/www.borncity.com\/blog\/wp-content\/uploads\/2012\/07\/Mozilla.jpg\" align=\"left\">[<a href=\"https:\/\/www.borncity.com\/blog\/2020\/12\/02\/thunderbird-78-5-1-vorsicht-bug-bei-cardbook-add-on\/\" target=\"_blank\" rel=\"noopener noreferrer\">German<\/a>]The developers of the e-mail client Thunderbird released Thunderbird 78.5.1 on December 2, November 2020. It is a maintenance update for the 78 main version of the e-mail client, which fixes bugs and closes security holes. At the same time the new version probably has a bug, as a reader told me the night.<\/p>\n<p><!--more--><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" alt=\"\" src=\"https:\/\/vg05.met.vgwort.de\/na\/e38f04b714d34d6aa32cb636d9900c80\" width=\"1\" height=\"1\">Blog reader Gerold has pointed out this update in <a href=\"https:\/\/www.borncity.com\/blog\/2020\/11\/19\/thunderbird-78-5-0-verfgbar\/#comment-97977\" target=\"_blank\" rel=\"noopener noreferrer\">this comment<\/a> (and other readers have pointed it out by mail, thanks for that). According to the <a href=\"https:\/\/www.thunderbird.net\/en-US\/thunderbird\/78.5.1\/releasenotes\/\" target=\"_blank\" rel=\"noopener noreferrer\">release notes<\/a> there is only one new feature:&nbsp; <\/p>\n<blockquote>\n<p>OpenPGP: Added option to disable email subject encryption<\/p>\n<\/blockquote>\n<p>and subsequent changes:  <\/p>\n<ul>\n<li>OpenPGP: Added option to disable attaching the public key to a signed message\n<li>MailExtensions: Added context \"compose_attachments\" to the menu API\n<li>MailExtensions: API menus now available on displayed messages<\/li>\n<\/ul>\n<p>What has changed: MailExtensions: browser.tabs.create is now waiting for the event \"mail delayed start finished\". The update contains the following fixes:  <\/p>\n<ul>\n<li>OpenPGP import of public keys now supports multiple file selection and mass acceptance of imported keys\n<li>MailExtensions: getComposeDetails&nbsp; is waiting for \"compose-editor-ready\" event<\/li>\n<\/ul>\n<p>In addition, several bugs have been fixed, which are listed below.  <\/p>\n<ul>\n<li>New e-mail icon was not removed from the system tray during shutdown <\/li>\n<li>\"Place replies in the folder of the message being replied to\" did not work when \"Replies to list\" was used. <\/li>\n<li>Thunderbird did not consider the option \"Run search on server\" when searching for messages <\/li>\n<li>Highlighting color for folders with unread messages was not visible in the dark topic <\/li>\n<li>OpenPGP: Keys were missing from the Key Manager <\/li>\n<li>OpenPGP: Option to import keys from the clipboard always disabled <\/li>\n<li>The \"Link\" button in the info bar for large attachments could not open the \"Filelink\" section in the options if the user had not yet configured Filelink. <\/li>\n<li>Address Book: Printing members of a mailing list resulted in incorrect output <\/li>\n<li>Connection to LDAP servers configured with a self-signed SSL certificate is not possible <\/li>\n<li>Autoconfiguration via LDAP did not work as expected <\/li>\n<li>Calendar: Pressing Ctrl-Enter in the new Events dialog creates duplicate events.<\/li>\n<\/ul>\n<p>In addition, a vulnerability rated as high is closed, which is documented <a href=\"https:\/\/www.mozilla.org\/en-US\/security\/advisories\/mfsa2020-53\/\" target=\"_blank\" rel=\"noopener noreferrer\">here<\/a>. <\/p>\n<blockquote>\n<p>CVE-2020-26970: Stack overflow due to incorrect parsing of SMTP server response codes<\/p>\n<p>When reading SMTP server status codes, Thunderbird writes an integer value to a position on the stack that is intended to contain just one byte. Depending on processor architecture and stack layout, this leads to stack corruption that may be exploitable.<\/p>\n<\/blockquote>\n<h2>Conflict with Cardbook-Add-on<\/h2>\n<p>Blog-reader Adrian sent me this night an e-mail (thanks for that), claiming, that the update from Thunderbird to version 78.5.1 has an annoying bug in connection with the add-on Cardbook Version 54.4. The problem occurred on four different Windows machines. All of them run Windows 10 (2x with 1909 and 2x 20h2), Thunderbird each as 64-bit version. Adrian wrote in a 2nd mail, that this also occurred to some of my customers who read his warning too late.<\/p>\n<blockquote>\n<p>Error: When rewriting an email, resp. entering the recipient address, no suggestions from the address books\/autocomplete are loaded.<\/p>\n<p>If you deactivate the Cardbook-add-on, the suggestions from the TB standard addressbook are loaded, but of course none from Cardbook.<\/p>\n<\/blockquote>\n<p>Since the Cardbook version is dated November 27th, Adrian assumes that the problem is probably with Thunderbird version 78.5.1. It is also possible that Thunderbird has internal changes\/fixes that affect the add-on and cause the problem. Adrian has come up with a simple workaround: He had Thunderbird version 78.5.0 reinstalled. <\/p>\n<h2>System requirements<\/h2>\n<p>The system requirements for the different operating system versions (see <a href=\"https:\/\/www.thunderbird.net\/en-US\/thunderbird\/78.0\/system-requirements\/\" target=\"_blank\" rel=\"noopener noreferrer\">also<\/a> where further details can be found):&nbsp; <\/p>\n<ul>\n<li>Windows: Windows 7, Windows Server 2008 R2 or higher <\/li>\n<li>Mac: Mac OS X 10.9 or higher <\/li>\n<li>Linux: GTK+ 3.4 or higher<\/li>\n<\/ul>\n<p>The download is available <a href=\"https:\/\/www.thunderbird.net\/\" target=\"_blank\" rel=\"noopener noreferrer\">here<\/a>. The Thunderbird is free of charge.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>[German]The developers of the e-mail client Thunderbird released Thunderbird 78.5.1 on December 2, November 2020. It is a maintenance update for the 78 main version of the e-mail client, which fixes bugs and closes security holes. At the same time &hellip; <a href=\"https:\/\/borncity.com\/win\/2020\/12\/02\/thunderbird-78-5-1-vorsicht-bug-bei-cardbook-add-on\/\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1547,22],"tags":[188,1239,195],"class_list":["post-16954","post","type-post","status-publish","format-standard","hentry","category-software","category-update","tag-bug","tag-thunderbird","tag-update"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/16954","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=16954"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/16954\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=16954"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=16954"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=16954"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}