Table of Contents
5 Most Important security issues in Mozilla Thunderbird 68.9.0 :-
The Thunderbird development team has released the stable version 68.9.0 of Thunderbird to the general public. If you already have Thunderbird installed, you should be prompted for an update, but you can also download it from the official site.
Mozilla Thunderbird 68.9.0 new Feature :
Actually, no new feature is coming with the New Thunderbird . However, the release note indicates three bug fixes and some security fixes. For starters, a bug fix fixed an issue that prevents users from removing custom headers used to search for filtering emails. Another solved problem is that now, the calendar has been updated from the Today pane after all the data has been loaded. The third release note indicates to fix unspecified stability issues.
System Requirements:
-
Operating Systems
- WINDOWS 7,8,10
- Mac OS X 10.13 , Mac OS X 10.14, Mac OS X 10.15
- GNU/Linux GTK+ 3.4 , GLib 2.22 , Pango 1.22 , libstdc++ 4.7 or higher
-
Recommended Hardware
- 1GB RAM
- 500 MB hard drive space
- Pentium 4 , Intel x86 processor , GNOME 2.16 or higher
Thunderbird 68.9.0 Security Issues fixed :
The most important part of the update was actually various security issues. On the detail page, 5 high-impact security issues were fixed in the Mozilla Foundation’s 2020-2022 Security Advisory List 5 new Thunderbird 68.9.0 version.
- The NSS has shown a time difference when signing the DSA, which was exploitative and could eventually leak the private key.
- When browsing malicious pages, a race condition can occur in our Shared Worker Service and potentially cause an exploitative crash.
- Mozilla developer Iain Ireland discovered a missing type of investigation during the removal of the unboxed object, resulting in an accident. We believe that with enough effort that it can be exploited to run arbitrary code.
- Mozilla developers Tom Tung and Carl Tomlinson reported memory safety bugs present in Firefox 68.8. Some of these bugs showed evidence of memory corruption and we believe that with enough effort some of these can be exploited to run arbitrary code.
- If Thunderbird is configured to use STARTTLS for an IMAP server, and the server sends a PREAUTH response, Thunderbird will continue with an unencrypted connection, allowing email data to be sent without security.