Thunderbird 2.0.0.12 Released

Changelog for previous release (Thunderbird 2.0.0.9) | Changelogs for other Thunderbird releases

Released on 26 Feb 08, and this changelog was last updated on 27 Feb 08.

Mozilla Thunderbird 2.0.0.12 has been released. Release notes are available. This post lists the improvements in Thunderbird 2.0.0.12 over 2.0.0.9. This list encompasses almost every single known fix that went into this release. Do check out the known issues as well.

The Gecko 1.8.1.x branch (Thunderbird 2.0.0.x series) will not include any groundbreaking features that Gecko 1.9 will bring, since it is based on Gecko 1.8. Additionally, in order to synchronize the version numbering with Firefox, 2.0.0.10 & 2.0.0.11 were dropped in favour of 2.0.0.12.

Impact key for security issues listed on the Mozilla Foundation Security Advisories webpage:

  • Critical: Vulnerability can be used to run attacker code and install software, requiring no user interaction beyond normal browsing.
  • High: Vulnerability can be used to gather sensitive data from sites in other windows or inject data or code into those sites, requiring no more than normal browsing actions.
  • Moderate: Vulnerabilities that would otherwise be High or Critical except they only work in uncommon non-default configurations or require the user to perform complicated and/or unlikely steps.
  • Low: Minor security vulnerabilities such as Denial of Service attacks, minor data leaks, or spoofs. (Undetectable spoofs of SSL indicia would have "High" impact because those are generally used to steal sensitive data intended for other sites.)

Changes in 2.0.0.12: (30)

Security issues: (5)

  • Fixed: MFSA 2008-12 – Heap buffer overflow in external MIME bodies (Critical)
  • Fixed: MFSA 2008-01 – Crashes with evidence of memory corruption (rv:1.8.1.12) (Moderate)
  • Fixed: MFSA 2008-03 – Privilege escalation, XSS, Remote Code Execution (Moderate)
  • Fixed: MFSA 2008-05 – Directory traversal via chrome: URI (Moderate)
  • Fixed: MFSA 2008-07 – Possible information disclosure in BMP decoder (Low)

Topcrashes: (2)

  • Fixed: 355333 – [IMAP] Crash when moving or deleting messages [@ nsImapProtocol::HandleMessageDownLoadLine]
  • Fixed: 403244 – crash [@ Tokenizer::tokenizeHeaders]

Crashes: (2)

  • Fixed: 410320 – Crash when deleting mail, if two windows for the mail are opened [@ nsMsgMailSession::OnItemEvent]
  • Fixed: 412701 – Crash in nsCSSFrameConstructor::RestyleEvent::HandleEvent when closing

Address book: (1)

  • Fixed: 404264 – Junk Mail Controls to stop abnormally when processing email with null "from" (sender)

Build configuration: (7)

  • Fixed: 331708 – When importing folders from Eudora, Thunderbird ignores folders whose names begin with a space
  • Fixed: 408755 – Update MOZILLA_1_8_BRANCH to NSPR_4_6_8_RTM for Leopard build compatibility
  • Fixed: 408935 – Can’t –disable-xpcom-obsolete in a 1.8 branch static build
  • Fixed: 409027 – transformiix builds with conflicting visibility on 1.8 branch due to header name collision
  • Fixed: 409515 – Please enable Afrikaans (af) for Thunderbird 2 (MOZILLA_1_8_BRANCH)
  • Fixed: 410658 – add Ukrainian to the builds
  • Fixed: 416183 – add afrikaans to shipped-locales

Filter-related: (1)

  • Fixed: 283493 – flushing of training data during session practically never happens due to too high "# of changes" threshold
  • Fixed: 375292 – Stray tmprules.dat files created when getting new messages

Functionality: (1)

  • Fixed: 405440 – IMAP cache broken if the message download is not finished due to user interaction

Spelling checker: (1)

  • Fixed: 342511 – correcting another word (with spell checker) doesn’t cause current word to be spell-checked

UI improvements: (3)

  • Fixed: 301291 – Forward-inline ignores outgoing-charset preference
  • Fixed: 395374 – Send Unsent Messages fails silently in offline mode
  • Fixed: 405303 – Add ID to View -> Layout menupopup to make overlaying easier for extensions (e.g. Lightning)

Miscellaneous fixes: (3)

  • Fixed: 378340 – SpamAssasin typo in mailnews.js – causes "trust spamassassin" not to work
  • Fixed: 407646 – Update mail/ copyright dates to 2008
  • Fixed: 413299 – I object to application/object-stream

Mac-specific: (3)

  • Fixed: 333821 – Capital (uppercase) J cannot be typed when entering text in some fields in Thunderbird
  • Fixed: 403250 – [10.5] 1.8 build configured with –enable-strip fails: strip: symbols referenced by relocation entries that can’t be stripped in: …/xpinstall/src/libxpinstall.dylib
  • Fixed: 403258 – [10.5] When using an SDK, many configure checks fail

OS/2-specific: (1)

  • Fixed: 355067 – Package OS/2 cairo support library (mzfntcfg.dll) with SVG builds

Windows builds Official Windows installer

Linux builds Official Linux (i686)

Mac builds Official Mac (Universal binary)