Changelog for previous release (Thunderbird 1.5.0.8) | Changelogs for other Thunderbird releases
Make a donation to the upkeep of The Rumbling Edge.
Released on 19 Dec 06, and this changelog was last updated on 18 Jan 07.
Mozilla Thunderbird 1.5.0.9 has been released. Release notes are available. This post lists the improvements in Thunderbird 1.5.0.9 over 1.5.0.8. This list encompasses almost every single known fix that went into this release. Do check out the known issues as well.
The Gecko 1.8.0.x branch (Thunderbird 1.5.0.x series) will only bring stability and security bug fixes. As such, no new features will be added.
Impact key for security issues listed on the Mozilla Foundation Security Advisories webpage:
- Critical: Vulnerability can be used to run attacker code and install software, requiring no user interaction beyond normal browsing.
- High: Vulnerability can be used to gather sensitive data from sites in other windows or inject data or code into those sites, requiring no more than normal browsing actions.
- Moderate: Vulnerabilities that would otherwise be High or Critical except they only work in uncommon non-default configurations or require the user to perform complicated and/or unlikely steps.
- Low: Minor security vulnerabilities such as Denial of Service attacks, minor data leaks, or spoofs. (Undetectable spoofs of SSL indicia would have “High” impact because those are generally used to steal sensitive data intended for other sites.)
Changes in 1.5.0.9: (14)
Security issues: (7)
- Fixed: (Too many to list) - Crashes with evidence of memory corruption (rv:1.8.0.9/1.8.1.1) (Critical)
- Fixed: 353553, CVE-2006-6500 - CSS cursor image buffer overflow (Windows only) (Critical)
- Fixed: 354978, CVE-2006-6501 - Privilege escalation using watch point (Critical)
- Fixed: 352064, CVE-2006-6502 - LiveConnect crash finalizing JS objects (Critical)
- Fixed: 360021, CVE-2006-6504, ZDI-06-051 - Mozilla SVG Processing Remote Code Execution (Critical)
- Fixed: 351370, CVE-2006-6503 - Mail header processing heap overflows (Critical)
- Fixed: 362213, 362512, CVE-2006-6505 - XSS by setting img.src to javascript: URI (High)
Build configuration: (2)
- Fixed: 338128 - system-headers misses a few files
- Fixed: 358934 - additional cairo headers need to be in config/system-headersl
Functionality: (2)
- Fixed: 360409 - mails with messed up references seem to disappear
- Fixed: 361730 - Seamonkey _deletes_ mail file if the mail file’s size is greater than 2GiB and the .msf file has zero length
Spelling checker: (1)
- Fixed: 349319 - If you have both the en-GB and the en-GB-oed dictionaries installed you can’t distinguish them when trying to select the correct dictionary
Miscellaneous fix: (1)
- Fixed: 358953 - visibility patches for 1.8 branch
Mac-specific: (1)
- Fixed: 359687 - [XULRunner] XULRunner pkg packages should correctly follow filename specs
Jean-Paul Maitrias | 10-Dec-06 at 9:45 pm | Permalink
Hope the problems i have with my passwords disappearing since i upgraded to 1.5.0.8 will be fixed !
dan | 16-Dec-06 at 2:48 am | Permalink
when do you think 1.5.0.9 for Debian will be released?
William | 04-Jan-07 at 2:30 am | Permalink
My e-mail problem.
I can send and receive e-mail. I can receive attachments, but my e-mail hangs up when I attempt to send an attachment.
Error message says “Check Mail & Newsgroups Accounts”
Seems to me to be OK.
Thanks
wrkennedy92@–NOSPAM–yahoo.com
Brandon | 05-Jan-07 at 3:37 am | Permalink
The program hangs when I start type in an e-mail address in the compose window and it searches for previously used e-mail addresses or e-mail address in my address book. :S
jack | 07-Jan-07 at 7:43 pm | Permalink
I like to know why I can not download or open power point presentation from my email Thunderbird
Vic | 11-Jan-07 at 12:27 pm | Permalink
Thunderbird just downloaded upgrades to 1.5.0.9 and all of a sudden, I can no longer receive emails, and keep getting an error message that tells me that I can no longer connect to my POP server and that the connection was refused or failed to connect (my internet connection was up and running). My mail server password window no longer pops up either. When I pulled up the javascript console, I found these error messages after the last entry (update ended):
1. Error: Unknown namespace prefix ‘html’. Ruleset ignored due to bad selector.
Source File: chrome://messenger/skin/messageBody.css
Line: 55
2. Error: Expected end of value for property but found ‘pt’. Error in parsing value for property ‘font-size’. Declaration dropped.
Line: 13…
Can anyone help me out here?
Mads | 12-Jan-07 at 12:00 am | Permalink
Thunderbird worked without any problems for me until the automatic upgrade to 1.5.0.9.
Ever since then, after the program has been running for a few hours, it seems to lose access to the mail folders on my hard disk… symptom is that when attempting to switch between the Inbox and another folder the program hangs and I have to close down and restart. It also loses access to the dictionary – words are marked as misspelt when I type in and if I send the e-mail it complains that the dictionary is locked by another program.
Any suggestions as to what is going wrong?
tdi2005 | 12-Jan-07 at 1:21 am | Permalink
I see the same problem, since 1.5.0.8. Any ideas or a link? I didn’t yet find anything in mozillazine except for this: http://forums.mozillazine.org/viewtopic.php?t=506768
Chris Welsh | 14-Jan-07 at 7:23 pm | Permalink
I have the same “cannot connect to pop server” errors when the 1.5.0.9 upgrade was applied, I deinstalled an reinstalled 1.5.0.8 and it worked ok. Have had to disable updates until you can tell me what has caused this?
black | 16-Jan-07 at 8:17 pm | Permalink
does anyone gets answers to those? i have the same problem. cant log to my mail server and not downloding the mails , which also means access the existing ones. please help!
Kwong Gary | 17-Jan-07 at 11:17 pm | Permalink
Please post to mozillaZine forums, where you can get help (or possibly solutions) for remedies to the problems.
http://forums.mozillazine.org/viewforum.php?f=39