Released on 25 Sep 08, and this changelog was last updated on 26 Sep 08.
Mozilla Thunderbird 220.127.116.11 has been released. Release notes are available. This post lists the improvements in Thunderbird 18.104.22.168 over 22.214.171.124. This list encompasses almost every single known fix that went into this release. Do check out the known issues as well.
The Gecko 1.8.1.x branch (Thunderbird 2.0.0.x series) will not include any groundbreaking features that Gecko 1.9.x will bring, since it is based on Gecko 1.8.
Impact key for security issues listed on the Mozilla Foundation Security Advisories webpage:
- Critical: Vulnerability can be used to run attacker code and install software, requiring no user interaction beyond normal browsing.
- High: Vulnerability can be used to gather sensitive data from sites in other windows or inject data or code into those sites, requiring no more than normal browsing actions.
- Moderate: Vulnerabilities that would otherwise be High or Critical except they only work in uncommon non-default configurations or require the user to perform complicated and/or unlikely steps.
- Low: Minor security vulnerabilities such as Denial of Service attacks, minor data leaks, or spoofs. (Undetectable spoofs of SSL indicia would have "High" impact because those are generally used to steal sensitive data intended for other sites.)
Changes in 126.96.36.199: (12)
Security issues: (7)
- Fixed: MFSA 2008-46 – Heap overflow when canceling newsgroup message (Critical)
- Fixed: MFSA 2008-37 – UTF-8 URL stack buffer overflow (Critical)
- Fixed: MFSA 2008-44 – resource: traversal vulnerabilities (Moderate)
- Fixed: MFSA 2008-42 – Crashes with evidence of memory corruption (rv:188.8.131.52/184.108.40.206) (Moderate)
- Fixed: MFSA 2008-41 – Privilege escalation via XPCnativeWrapper pollution (Moderate)
- Fixed: MFSA 2008-38 – nsXMLDocument::OnChannelRedirect() same-origin violation (Moderate)
Other fixes: (5)
- Fixed: 369918 – Crash Loading a Saved Search Folder [ nsMsgQuickSearchDBView::OnSearchDone]
- Fixed: 392015 – Crash of Tb 220.127.116.11, if "Rebuild Index" is executed during compacting folder is inprogess, and loosing mails [@ morkRowObject::SetRow]
- Fixed: 442549 – Add ids to accountCentral
- Fixed: 443344 – attachment filename corruption imported from Eudora (Japanese version).
- Fixed: 450698 – The second argument of nsParseNewMailState::AppendMsgFromFile should be PRUint32.