In association with heise online

23 June 2009, 09:22

Thunderbird 2.0.0.22 fixes vulnerabilities

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

The Mozilla developers have announced the release of Thunderbird 2.0.0.22, fixing several security vulnerabilities in the open source email client. The security and stability update addresses a total of seven security vulnerabilities, most of which were also patched in the recent Firefox 3.0.11 security update.

The update fixes a vulnerability, classified as "high", that could result in an exploitable crash when viewing a multipart/alternative mail message that includes a text/enhanced section. Six vulnerabilities related to JavaScript, four classed as moderate and two as low, that were recently patched in Firefox 3.0.11 have also been addressed in the 2.0.0.22 update. The developers note that vulnerabilities are listed as moderate, rather than critical, for Thunderbird because JavaScript is not enabled by default, as it is in Firefox. Users are strongly discouraged from running JavaScript in mail.

More details about the release can be found in the release notes. Thunderbird 2.0.0.22 is available to download for Windows, Mac OS X and Linux. The developers strongly recommend that all users update to the latest release.

See also:

(crve)

Print Version | Send by email | Permalink: http://h-online.com/-742149
 


  • July's Community Calendar





The H Open

The H Security

The H Developer

The H Internet Toolkit