April 2006

2006-04-27 Thunderbird 1.5.0.4 builds

Major bugfixes:

  • Fixed: 301308 – Crash [@ nsMsgGroupView::~nsMsgGroupView]
  • Fixed: 332119 – IMAP folders: if sum of characters in foldernames to long TB crashes or loops when you access the last folder in chain.

Security issue:

  • Fixed: 334341 – Using image tags with a non image file, and selected view image, file will still load up, allowing access to system resources

Build configuration:

  • Fixed: 324240 – Update OS/2 ReadMe files (newsgroup change, new libc)

IMAP:

  • Fixed: 312009 – IMAP capability flags remembered across capability responses

Command-line options:

  • Fixed: 322808 – Can not launch my own extension using the “-chrome” option.

Functionality:

  • Fixed: 179056 – “Check for new message every” stops after hibernate
  • Fixed: 268746 – unable to reply, fwd, move or copy .eml opened from disk
  • Fixed: 334944 – Firefox printing content of <noscript> tag

Mac-specific:

  • Fixed: 331676 – Crash on search in threaded mode

Outstanding bugs:

  • Since 23 Mar 06: 331511 – [Mac-only] Running PPC profile on the Intel Mac UB causes issues

The filenames still consist of 1.5.0.2 numbering as they have not been changed yet.

Windows builds Official Windows, Official Windows installer (discussion)

Linux builds Official Linux (i686)

Mac builds Official Mac (~11mb), Nightly universal build (~18mb)

zz - Thunderbird 1.5 (Gecko 1.8.0.x)

Comments Off on 2006-04-27 Thunderbird 1.5.0.4 builds

Permalink

2006-04-27 Thunderbird 2.0 builds

Major bugfix:

  • Fixed: 335175 – missing per-account options on sidebar

Other fixes:

  • Fixed: 296422 – Difficulty reverting to Classic 3 pane view
  • Fixed: 314009 – Draft messages not deleted when Send Later used

Outstanding bugs:

  • Since 16 Dec 03: 228675 – Limit growth of junk token store
  • Since 12 May 04: 243430 – Improving the chi-square spam detection method
  • Since 19 Aug 05: 305185 – gtk 2.8 builds are broken due to missing xft dependencies
  • Since 29 Oct 05: 314297 – deleting one attachment from a locally stored message deletes multiple attachments
  • Since 02 Jan 06: 322172 – bump copyright year to 2006
  • Since 23 Jan 06: 324474 – Revoked S/MIME certificate difficult to detect in received messages
  • Since 24 Jan 06: 324606 – Thunderbird hangs on Return Receipt Notification on some SPAM-Mails on IMAP-Accounts
  • Since 14 Mar 06: 330507 – Crash when clearing a quick search during a LDAP search.

Windows builds Official Windows, Official Windows installer (discussion)

Linux builds Official Linux (i686)

Mac builds Official Mac

zz - Thunderbird 2.0 (Gecko 1.8.1.x)

Comments Off on 2006-04-27 Thunderbird 2.0 builds

Permalink

2006-04-22 Thunderbird 1.5.0.3 builds

Major bugfix:

  • Fixed: 320927 – crash when checking pop3 mail
  • Fixed: 329595 – Crash on marking mail as Junk (Local Folders)

Localization:

  • Fixed: 314637 – Search Messages can’t find some words in ISO-2022-JP messages

XPToolkit:

  • Fixed: 325471 – Broken search for path to binary on linux in xulrunner-stub
  • Fixed: 326007 – Xulrunner fails to build using VS.NET 2003 (VC7.1)
  • Fixed: 332091 – Possibility to add “special” part to package names
  • Fixed: 332262 – “smime3.dll not found” error dialog w/ XULRunner embedded in Eclipse

Outstanding bugs (refreshed):

  • Since 19 Jul 05: 301308 – Crash [@ nsMsgGroupView::~nsMsgGroupView]
  • Since 23 Mar 06: 331511 – [Mac-only] Running PPC profile on the Intel Mac UB causes issues

The filenames still consist of 1.5.0.2 numbering as they have not been changed yet.

Windows builds Official Windows, Official Windows installer (discussion)

Linux builds Official Linux (i686)

Mac builds Official Mac

zz - Thunderbird 1.5 (Gecko 1.8.0.x)

Comments (2)

Permalink

2006-04-22 Thunderbird 2.0 builds

Major bugfix:

  • Fixed: 332119 – IMAP folders: if sum of characters in foldernames to long TB crashes or loops when you access the last folder in chain.

Toolkit:

  • Fixed: 334186 – AsyncOpenExclusive returns freed value
  • Fixed: 295178 – Misleading l10n note in customizeCharset.dtd
  • Fixed: 320901 – Remove reloading code, key and context menu item from help viewer
  • Fixed: 334034 – Unlabeled Close button with browser.preferences.instantApply
  • Fixed: 334044 – build as standalone extension

Mac-specific:

  • Fixed: 331676 – Crash on search in threaded mode
  • Fixed: 201071 – signature file containing accented characters has become corrupted
  • Fixed: 334663 – gray box around mail message header info is gone

Other fixes:

  • Fixed: 300338 – debug build too chatty with ldap disabled (JS errors in MsgComposeCommands.js)
  • Fixed: 310534 – Dragging text into search box does not overwrite prefilled text
  • Fixed: 314086 – Able to see old subject headers in the compose window
  • Fixed: 322808 – Can not launch my own extension using the “-chrome” option.
  • Fixed: 332700 – Frequent Crashes on the trunk and branch

Outstanding bugs:

  • Since 16 Dec 03: 228675 – Limit growth of junk token store
  • Since 12 May 04: 243430 – Improving the chi-square spam detection method
  • Since 19 Aug 05: 305185 – gtk 2.8 builds are broken due to missing xft dependencies
  • Since 29 Oct 05: 314297 – deleting one attachment from a locally stored message deletes multiple attachments
  • Since 02 Jan 06: 322172 – bump copyright year to 2006
  • Since 23 Jan 06: 324474 – Revoked S/MIME certificate difficult to detect in received messages
  • Since 24 Jan 06: 324606 – Thunderbird hangs on Return Receipt Notification on some SPAM-Mails on IMAP-Accounts
  • Since 14 Mar 06: 330507 – Crash when clearing a quick search during a LDAP search.

Windows builds Official Windows, Official Windows installer (discussion)

Linux builds Official Linux (i686)

Mac builds Official Mac

zz - Thunderbird 2.0 (Gecko 1.8.1.x)

Comments Off on 2006-04-22 Thunderbird 2.0 builds

Permalink

Potential site improvements

  1. I implemented a Thunderbird counter some time ago, as you can see on the left sidebar. I was thinking whether it would be possible to have some of parsing done on the odometer numbers. The idea is to automatically track the download numbers and the dates and export them to some sort of .csv format where it would be possible to plot them on a graph. This would help track download numbers especially regarding future Thunderbird 2.0 releases, similar to one that Asa Dotzler created for Firefox.
  2. Another idea would be to have a java applet which, on a separate page, would allow users to verify their downloads with known MD5 / SHA-1 hashes. However, I have been unsuccessful in this field so far, mostly due to lack of time. This is not as important though.
  3. Finally, would an FAQ be useful for this site? I certainly think so, as there is much technical stuff here that the average computer joe wouldn’t know about. What top 10 questions would fit this site?

Any other comments / suggestions / improvements? Not all would be implemented though, but it would be a good chance to voice out your opinions to improve this site.

Edit: Keep those emails coming! I hope to work on these in the future. Feel free to email me to suggest more stuff.

zz - Others (pre-2008)

Comments (2)

Permalink

Thunderbird 1.0.8 Released

Changelog for previous release (Thunderbird 1.0.7) | Changelogs for other releases

Make a donation to the upkeep of The Rumbling Edge.

Released on 21 Apr 06, and this changelog was last updated on 23 Apr 06.

Mozilla Thunderbird 1.0.8 has been released. Release notes are available. This post lists the improvements in Thunderbird 1.0.8 over the previous release 1.0.7. This list encompasses almost every single known fix that went into this release.

The Aviary 1.0.x branch (Thunderbird 1.0.x series) will most probably be the last release from the Aviary branch, dropped in favour of the 1.5.0.x series. There will not be a universal binary for Thunderbird Aviary branch releases.

Impact key for security issues listed on the Mozilla Foundation Security Advisories webpage:

  • Critical: Vulnerability can be used to run attacker code and install software, requiring no user interaction beyond normal browsing.
  • High: Vulnerability can be used to gather sensitive data from sites in other windows or inject data or code into those sites, requiring no more than normal browsing actions.
  • Moderate: Vulnerabilities that would otherwise be High or Critical except they only work in uncommon non-default configurations or require the user to perform complicated and/or unlikely steps.
  • Low: Minor security vulnerabilities such as Denial of Service attacks, minor data leaks, or spoofs. (Undetectable spoofs of SSL indicia would have “High” impact because those are generally used to steal sensitive data intended for other sites.)

Changes in 1.0.8: (26)

Security issues: (18)

  • Fixed: 319858 – JavaScript execution in mail when forwarding in-line (Critical)
  • Fixed: 325991, 328469 – Privilege escalation through Print Preview (Critical)
  • Fixed: 265736, 280769, 311710, 313173, 315304 – Crashes with evidence of memory corruption (rv:1.8) (Moderate)
  • Fixed: 269095, 320182, ZDI-06-009 – Mozilla Firefox Tag Order Vulnerability (Moderate)
  • Fixed: 282105, 320459 – Crashes with evidence of memory corruption (rv:1.8.0.2) (Moderate)
  • Fixed: 290488, 327194 – Cross-site scripting using .valueOf.call() (Moderate)
  • Fixed: 296514, 316589 – Cross-site JavaScript injection using event handlers (Moderate)
  • Fixed: 311025, 311403, 311455 – Privilege escalation via XBL.method.eval (Moderate)
  • Fixed: 311497, 311792, 312278, 313276, 313479, 313630, 313726, 313763, 313938, 325269 – JavaScript garbage-collection hazard audit (Moderate)
  • Fixed: 312871, 313236, 313375 – Accessing XBL compilation scope via valueOf.call() (Moderate)
  • Fixed: 313370, 313684 – Privilege escalation using a JavaScript function’s cloned parent (Moderate)
  • Fixed: 313373 – cross-site scripting through window.controllers (Moderate)
  • Fixed: 316885, 322045 – JavaScript garbage-collection hazards (Moderate)
  • Fixed: 319847 – Localstore.rdf XML injection through XULDocument.persist() (Moderate)
  • Fixed: 325403, ZDI-06-010 – CSS Letter-Spacing Heap Overflow Vulnerability (Moderate)
  • Fixed: 327126 – Privilege escalation using crypto.generateCRMFRequest (Moderate)
  • Fixed: 328937, ZDI-06-011 – Table Rebuilding Code Execution Vulnerability (Moderate)
  • Fixed: 328917 – Mail Multiple Information Disclosure (Low)

Major bugfixes: (6)

  • Fixed: 305557 – Inline images are being blocked on Forward or composition from drafts
  • Fixed: 315625 – When forwarding a message inline, Thunderbird strips inline-images
  • Fixed: 326279 – 1.0.8 builds fail to launch with pegged cpu usage
  • Fixed: 333035 – Context menu broken on form elements
  • Fixed: 333131 – Image Context menu opens as Normal Context Menu

Mac-specific: (2)

  • Fixed: 301069 – Bug 298934 (Dialog Origin Spoofing) not fixed on Mac
  • Fixed: 304842 – Talkback data are nearly useless for OS X Firefox: most crashes appear as firefox-bin + offset

Windows builds Official Windows installer

Linux builds Official Linux (i686)

Mac builds Official Mac

Thunderbird Releases

Comments Off on Thunderbird 1.0.8 Released

Permalink

2006-04-08 Thunderbird 2.0 builds

Toolkit:

  • Fixed: 330340 – [BeOS] Build broken in sqlite
  • Fixed: 187772 – mouse wheel scrolling does not dismiss form auto complete history, results in floating autocomplete dropdown
  • Fixed: 326007 – Xulrunner fails to build using VS.NET 2003 (VC7.1), chokes at linking xul.dll
  • Fixed: 328790 – main thread never joins with async-io thread
  • Fixed: 332091 – Possibility to add “special” part to package names
  • Fixed: 332262 – “smime3.dll not found” error dialog w/ XULRunner embedded in Eclipse

Other fixes:

  • Fixed: 223730 – “Opening folder…” remains in status bar after folder has been fully opened
  • Fixed: 251681 – Can’t copy field from LDAP Address Book
  • Fixed: 308499 – “Spell as you type” wording needs to be changed
  • Fixed: 332632 – String assertion in libmime when reading mail from mail.app

Outstanding bugs:

  • Since 16 Dec 03: 228675 – Limit growth of junk token store
  • Since 12 May 04: 243430 – Improving the chi-square spam detection method
  • Since 19 Aug 05: 305185 – gtk 2.8 builds are broken due to missing xft dependencies
  • Since 29 Oct 05: 314297 – deleting one attachment from a locally stored message deletes multiple attachments
  • Since 02 Jan 06: 322172 – bump copyright year to 2006
  • Since 23 Jan 06: 324474 – Revoked S/MIME certificate difficult to detect in received messages
  • Since 24 Jan 06: 324606 – Thunderbird hangs on Return Receipt Notification on some SPAM-Mails on IMAP-Accounts
  • Since 14 Mar 06: 330507 – Crash when clearing a quick search during a LDAP search.

Windows builds Official Windows, Official Windows installer (discussion)

Linux builds Official Linux (i686)

Mac builds Official Mac

zz - Thunderbird 2.0 (Gecko 1.8.1.x)

Comments Off on 2006-04-08 Thunderbird 2.0 builds

Permalink

2006-04-01 Thunderbird 1.5.0.2 builds

No fixes have been, nor will be checked in unless they are newly found blockers. During this period of time, most bugs fixed in the up-coming 1.5.0.2 release are undergoing verification.

No outstanding bugs block 1.5.0.2 so far. It is scheduled to be released in mid-April, subject to slips due to potential blocker discoveries.

P.S.: And oh, was it April Fool’s Day which just passed? I’ll skip it this once, but the following ones I won’t be too sure… 🙂

Windows builds Official Windows, Official Windows installer (2006-03-31 build) (discussion)

Linux builds Official Linux (i686)

Mac builds Official Mac

zz - Thunderbird 1.5 (Gecko 1.8.0.x)

Comments Off on 2006-04-01 Thunderbird 1.5.0.2 builds

Permalink