Released on 01 Mar 11, and this changelog was last updated on 02 Mar 11.
Thunderbird 3.1.8 has been released. Release notes are available. This post lists the improvements in Thunderbird 3.1.8 over Thunderbird 3.1.7. This list encompasses almost every single known fix that went into this release, but excludes platform-wide fixes. Do check out the known issues as well.
Impact key for security issues (fixed in this version) that are listed on the Mozilla Foundation Security Advisories webpage:
- Critical: Vulnerability can be used to run attacker code and install software, requiring no user interaction beyond normal browsing.
- High: Vulnerability can be used to gather sensitive data from sites in other windows or inject data or code into those sites, requiring no more than normal browsing actions.
- Moderate: Vulnerabilities that would otherwise be High or Critical except they only work in uncommon non-default configurations or require the user to perform complicated and/or unlikely steps.
- Low: Minor security vulnerabilities such as Denial of Service attacks, minor data leaks, or spoofs. (Undetectable spoofs of SSL indicia would have “High” impact because those are generally used to steal sensitive data intended for other sites.)
Other changes in Thunderbird 3.1.8: (16)
- Fixed: 257735 - Drafts wrongly saved to sent folder after failing and retrying (common issue of Drafts/Templates/Outbox==Unsent Messages)
- Fixed: 542705 - New account autoconfiguration wizard does not obey signon.rememberSignons
- Fixed: 574351 - “Move to … again” permanently disabled
- Fixed: 609941 - Tags with the names of Object-provided attributes break the faceted search UI.
- Fixed: 619718 - -setDefaultMail does not set Thunderbird as default mail client
- Fixed: 623504 - AIX compilation errors in storage-backport
MailNews Core: (10)
- Fixed: 392729 - Links for nntp and news Protocols Ignored or crash [@ nsNntpService::MessageURIToMsgHdr(char const*, nsIMsgDBHdr**) ]
- Fixed: 506601 - Transition LDAP SDKs to Mercurial (from cvs)
- Fixed: 511484 - crash: textbox with type=”autocomplete” and searchSession=”ldap” [@ nsLDAPAutoCompleteSession::FinishAutoCompleteLookup(int, unsigned int, nsLDAPAutoCompleteSession::SessionState)], should assert
- Fixed: 556351 - crash [@ mime_encode_qp_buffer(MimeEncoderData*, char const*, int)]
- Fixed: 565852 - Login to IMAP server is invoked upon every view of multipart/mixed mail, because downloading of multipart/mixed mail doesn’t complete and LOGOUT is issued when other mail is clicked(Gmal IMAP,offline-use=off,mail.server.default.mime_parts_on_demand=true)
- Fixed: 612291 - crash [@ nsMsgSaveAsListener::OnDataAvailable(nsIRequest*, nsISupports*, nsIInputStream*, unsigned int, unsigned int)]
- Fixed: 619358 - compact crash [@ nsFolderCompactState::OnStopRunningUrl(nsIURI*, unsigned int)]
- Fixed: 619909 - Gloda fromJSON de-persistence needs to filter out undefined returned values; deleted tags on removed messages end up as undefined, break faceting logic.
- Fixed: 623498 - Back port LDAP ASLR onto the current Thunderbird/SeaMonkey releases
- Fixed: 623520 - AIX5.x port Testing minimum compiler version