Thunderbird and SeaMonkey updates arrive, close security holes
In version 12 of the Thunderbird news and email client, the Global Search function now includes extracts of messages in its results, and RSS feed subscription and general feed handling have been improved. Changes in the 2.9 update to the SeaMonkey "all-in-one internet application suite" include adding the ability to resize the File and Move Bookmarks dialogs, fixes for HTML5 videos, and Download Manager improvements that allow URLs pasted from the clipboard to be downloaded.
The updates to Thunderbird and SeaMonkey also remedy 13 vulnerabilities in each of the applications. Six of these are considered to be critical and originate in problems related to WebGL, OpenType Sanitizer, font-rendering with Cairo, gfxImageSurface, IBMKeyRange and miscellaneous memory safety hazards. Four of the remaining issues are rated as "High" risk, while the three remaining bugs are "Moderate". Further details of these fixes can be found in the project's security advisories (Thunderbird, SeaMonkey).
In the release announcement for Thunderbird, the developers also remind users that, like Firefox 3.6.x, the legacy 3.1.x branch of the application has reached its end of life and that no further updates, including security updates and critical fixes, will be made available for the series. All users are advised to upgrade. Those who don't want to upgrade to Thunderbird 12 can switch to Mozilla's Extended Support Release (ESR), Thunderbird ESR, which has just been updated to version 10.0.4.
A full list of changes and known issues can be found in the Thunderbird and SeaMonkey release notes. Thunderbird 12 and SeaMonkey 2.9 are available to download from the project's site for Windows, Mac OS X and Linux.