Thunderbird 1.0.5 is out!

Changelogs for other releases

Last updated 17 Jul 05.

Mozilla Thunderbird 1.0.5 has been released with a number of security bugfixes and stability improvements. Note that no new features are added to the stable 1.0 branch.

For those wondering, there was no 1.0.3 or 1.0.4 because it is preferred that Firefox and Thunderbird should have the same synchronised versioning scheme, i.e. to keep the Thunderbird numbering in line with sister application Firefox. mozillaZine added that “The 1.0.3 and 1.0.4 releases of Firefox fixed issues that did not affect Thunderbird in its default configuration, so no equivalent Thunderbird releases were made.”

More information can be found on the Mozilla Foundation Security Advisories webpage.

Edit: There have been reports of Thunderbird 1.0.5 breaking Enigmail version 0.92.0.

Second edit: It appears likely that 1.0.6 versions of the two applications could be coming as early as next week. It is understood that API changes in 1.0.5 unintentionally broke some extensions, including Enigmail. In this case, my changelog post regarding 1.0.6 may come a bit later as next week I may not have a chance to go online.

Changes in 1.0.5:

  • 289074, 289083, 289961: Privilege escalation via DOM property overrides (Critical)
  • 290908: Privilege escalation via non-DOM property overrides (Critical)
  • 294795, 294799, 295011, 296397: Code execution through shared function objects (Critical)
  • 298892: XHTML node spoofing (High)
  • 288688: Javascript “lambda” replace exposes memory contents (Moderate)
  • 290162: Missing Install object instance checks (Moderate)
  • 295854: Possibly exploitable crash in InstallVersion.compareTo (Moderate)
  • 296830: Same origin violation: frame calling top.focus() (Moderate)
  • 292589, 292591: XBL scripts ran even when Javascript disabled (Low)
  • 290075, 297932, 299473, 299478: Stability & other miscellaneous improvements

Windows builds: Official Windows installer (discussion)

Linux builds: Official Linux

Mac builds: Official Mac