Linux & Open Source - eWeek


Is the Smart Grid a Dumb Idea?
Surgical Adhesive Offers Smarter Way to Mend Bones
Get Smarter Technology on Your Mobile!
  Linux & Open Source


Mozilla Zaps Thunderbird Security Bugs



 By: Ryan Naraine
2005-09-30
Article Rating:starstarstarstarstar / 0


There are 0 user comments on this Linux & Open Source story.


Rate This Article:
Poor Best
Updates to the open-source mail client correct a serious URL parsing vulnerability affecting Linux users.

The Mozilla Foundation on Friday shipped a new version of its Thunderbird mail client to plug a potentially serious URL parsing security hole affecting Linux users.

The open-source group described Thunderbird 1.0.7 as a "security and stability update" that provides a comprehensive fix for the URL parsing bug that was also flagged in the Firefox browser.

That flaw, which affects Thunderbird users on Linux, has already been fixed in Firefox 1.0.7 and the Mozilla Suite 1.7.12. It could allow a malicious URL to execute shell commands with the privileges of the logged-on user.

The Foundation has earlier suggested that users avoid clicking on links in spam or other e-mails.

Read details here about Mozillas overhaul of Thunderbirds calendar.

Security alerts aggregator Secunia Inc. rates the flaw as "highly critical."

Resource Library:
"We recommend that all users upgrade to this latest version," the Foundation said.

Thunderbird is a full-featured e-mail, RSS and newsgroup client and is being marketed as the volunteer Foundations answer to Microsoft Corp.s Outlook.

Click here to read about Plaxos contact manager for Thunderbird e-mail.

Mozilla is also beta testing Thunderbird 1.5, but the security fixes have not yet been added to that update.

Thunderbird 1.5 Beta 1 promises an automated mechanism to streamline product upgrades; a built-in phishing detector to thwart e-mail scammers; Podcasting and RSS improvements; integration with server-side spam filtering, Kerberos authentication and several stability improvements.

Check out eWEEK.coms for the latest open-source news, reviews and analysis.



  Reader Comments: Mozilla Zaps Thunderbird Security Bugs
>>> Be the FIRST to comment on this article!
 

 
 
>>> More Linux & Open Source Articles          >>> More By Ryan Naraine
 


x}kw6DىCoٖۚؖRG"!1ErHʏΟ_?q-NlKX@ B;;~$rLȹkmJvg9 [DZ;;}!GP|gYPO2r}͂R  tӌ5q:! ->>;|9|@vDZ%SjMaSk}fFsWf2ʼn5m1 f E1;'I- 6 #%֥ɏͻ'k[tUN(T|0tgL'þ=ay5ExLԤ#|xB'gxd #BE=x?:Q/M+lal׸ڮUX'[vx)B,#bF]߂CCI%۝߼IؓthluD`YRi 3 LGmfC1kkTR>l[Gݑ[cXsIVHaSӤ_TBRp` FG?j%y'@>x uȭB ¿{k߀#ݸ1ܷM[b6Z ۄ@ظz00!%DhOe_uhs 2n eþ9JT+WJq,^+Y-\hof_gJU4Ei/~pd v4򺮕 y Es3^_D_j0QEVKY/ ZH9~^wE;G>w:Qڟ+̪k*Cp='^=v?lrK,.iTWZeLCxY$Y.tp~F X-t[;RH }yp%#,_0f k$LJFo$3NE - uPo4C+D_x0Nu}n6 G@kiFkPYTak6R\ 9jb)6B̄H )'wR?z@U@ZZ~nV$9USEI7#DL vxr!DKI 88g^R]E1\aU<<uwެ-Ujմީ/~iYwΤui>]uIwN؁)WIC EhYf7-vIqM}sQU+YE*EX@8ʍ85m!SGñA S&s;,w< 0 D>O;3jZYs;Ni$|NI}ѦMޡ:BݘZH/0i|V8;t#uӹ=W45,h 0#GE 6]LR}t 9q HhR0|s70Z[3aP#[ѽk:Fz?a#0.Zm{Ae^~}¢!1y@Xȁf`so뷺e#97(u%2J}c>] cRRR$S !hI#r Bг!,`@o%``[X ar T<ʦBIg}vn2V{TKh!+K@fsfd(4{~4 cbB|#'fXr`Y \d+|i)lb ը6؛rij>д73[KҺ<-$mXcL#F0pq<39`'{<7,kRχ +L+f9N)A\_XHL[n<͙qjS;_Aa"tLeB#`9N{S~`=϶Y$uuK\u`漃d:Nk'hm7?>{@O,\nb4դ4<3_O#kۖs'M ߄T 9u# \ă r}͚X 4ؐ9|&B77cnS^ʚtUU.FiJ ~tj~#JwCݼ~hé;h{q#%MAw=e河xO:[[I%7˺I8T*{Ұ.Z)퉟eYlc-׾0^Ԣ,Q|u$"!lsiŰ,B /0|M̆Т觑uC|pöV/UK4LLYsX)Z-2{5k憭l0!.(2n( 进,9ق Yr>::\9{~gu3$8`ӹϟQ,C* S*}a5)403yb|Fȸ>qm?XĞ?x8[0,Y\Ζ']5!@0mE"~`iNR} ز^z`׽iAʫe&-JjE)jB4'i/#Y /m0ܱk]>aD6#BQڞ>-B-g \ipbZDZLhKgAqA0*L\y.rV~ 2­qŝa&1 DR)Ö13wdi'GםT'/咢TSҐah"pHEAxZkhpL@U.)L-9Hz  [ hg [Qzn3Cz+o `RI?I BL!2Bsݧ}=1g匬`"G dRPZUU+Zp~W`s<(yO?b5xx /Oq883lÿN(!f8m0SM \}O>yN¢ -{h'^+0ZN * RIS,d;W.P9ufjYE` dEN]rCx!+pDZ\P]\C#+Z&hɺITNȑ1[DG`; nuESUG݀ލnF+ F vgS(0f{L PwA-~¿rZkBZ'@ uù(D Q4133b_@7U֨TҞw"X?9KCbQTh^;p 1J;pLjg %Jk欩x+sJbOW2EXEhkC鳨 |dsHNpDL+ 30RsIl x@̬k!@:f۴s:i&2106Y-0P>O\մJ ,09>|6Œu8Y[_`gs7*u08. LB7!lܓf*r1=_?J} [Lߴ@V1`{7=;#(4OQX9)6Ib ϻg_ ?Nٿnb00N 0+?H LЇ_qor@`ǫާc{ga\dzLR(ɢ]1~ܮG銿ðuNQ嵀҈F޹s޾ؽ_>QrֽH^'Kփ w"Y>KrBVë\bz$VB 0F_Th)4zuSxv9]9Sj7 EW%'k' u{-:}mF1џ`n e܃*WVz[k'w?!9g>48ryQ$ rF1xc|.A-6ܹN'S4sJd":Q%;)~ڰOCT䵴f[YUHO~D!6OY=!tQ^}rZTrq]ȩh$}ݛ9V8:FHS p'#9ʼSsa, GW .[ CvcNأ&k{?ȄKԍ)A/]s>ͥ=`L̴M\gwhNPD(Vp9c㻞Xi*/q)yonP;=4zAsIU~(TR-.aO"J骇\v%(#]MU,^RRMJ>]%k՛@" bY_BIKwvzYN Ħw=13YcŸ6A!{zc]]A U hCl {8g #@*yx\]w71%pRx656y( h4RV`7lf4W ~@k§!qZOIIjwl[#Ɠt-c򽱢zp:i kMο1 |cM5%&p$qI'̼V&%ofȗqi+B}.KզnZ' t 6rx%M*غ!I^}LT#EX.)j2GUȑkRs_qi*tp$f)sA@L R(!K[ߞڦT~qF:{/}SүH t=ABX*Xgc#7Ųam$iEWX>A#(b113$᪘C$Ĉ|&tY4q&ConxUfmW-I vS *`m{hOf>BZ\ibd= Tw߁^<9C!9{YXMřn.^ jT608;~9=eO) x-D= LS| ϞO,'TYH鎸:-AҘX?_Kf?ُ ^tE'y@d>bɿG)3[  F(oCu&z[yG돩T#? KY*; -kt'<~'%&Ȣ#>y|C [D1pS\x?*n'@ ɭokW'FQUrc[~|^TSe~ cK[EKp=AYWSEPX8!%9tElX4Fu5F?PM};KDn|KQk"pSPVôƮ"JfadwB}$ƽ⒦lE߽cLh긾Xd[a(3VGdBA8AXJo,"%xa/quQ%뾠ee3-FKGY6qΌ"F$dr+".]sI.@jJC]-O?P/ ]ZX,:Ȓ~WeL<^^A֋wS+ iM"rRIA$zTG,JRM`oO~Ÿ?YM13цX50yfB׵GavD7e|W@O[fk0Yq4YթJ[lݹY嚏ݸ!5sS\i W;&|z`ONB .kXl; #W*ZTf0@ڦRa )0os(qZ:<}Q-mEJ)!7P}Gla>9(-^a̷UKphY\-c"K)q\ ;g}XC@W&Dm#i!'[,?l6w@,rLg+vb"mkmnAj׳T["}FskW'b^o972 l0V Z`3+nsl+ZKɶ8+YlwAQgg)q8 @ȩ莥epa8TJ  J,9`Vm$M6ZÈUaWQɮX=|Ɉֲs%#\&׈1 @>+pSKC7R<6$Aeȇ5T?0L' )Uﵺ 5 .1UPD8AYX@xUN'&`Cq~rt'w%eZS{ٓI8G_ 6a^fGZq)MG)}o cb2zޘqr5= roEVIv# ,@ҧ0EꊍBLSKa" p:C{F.:`й꣇U # #LGXT/ޟa@S 죇Bw^΂S1}& 'lI=R+ wa-=peL]< ƪC~M l  \Zp4pBofPJIݽa?ÈGs{XZ"dZ1ш@Q>nrtN8%"oJ!9pbZ0Nx 19SӶ{0m ^1^G>LQXj*!b3wاX, ~q DRGՠ4 U 7T,G,(Ϗpk짦H0^Conp"(3[]ă08]w7qw6隸+פLn 1YGw`C[5EY|obL<`A~bBj@̐0(ˏIJ uXZFB(s 6JkS: 7úޛZF #}AaP8Z  +z+uT'I]WP)9CȮ KTUJ|.Oa@rhyݬd/\iJdR. ?h$@쌆=xɾx t0 c3brLufcվMo )ns9EЊLjV}Q}xS S+S~Wˏrʑˏǝ#(?Z_~9ɡGǜ֗v q=)usEN9_//Pe}?ˁ]99s?7ߠo?}P9g]Cu^9u^C9_]_zy9r־ą۩aNy:JE5rXB]7#(R^>Ȧc˼=>w懴Ixմ] &J27[O'ikz(#s<2g!h{U26#{"c7"X5½q>eIbAZ-cCLS3;N={nC]}ȻJ_nX-ahO[oe73W."';ZʈPkvdm/߆zH':+;P[ЙqeޢDFEk@)VqFdë^=& :Y>CT,lK%LBhDcH-L{HNzQ?ǰsW3PDt5h{@$ߙ?#MR#ZִZjVU &WHd6##"(t>eDdU:.UF\,)g /(@#غ̷7xQ#xC7":aRq p+["<tbю9U|y3 I"oTS;)@9$L,(nY\AdbkO\B/#Vyx ;VicU 4dɮ51l瑭uĿO6г,Hȝ' ?n 3IDy M\_)ĠG8oў#w B~ 22VHg'Շo\\ .LE+zq՞@8,U`Y\sXC-&lyjmbӿ+ H6yHN, ސB+s{̪{ydaٷ./] w3ILa\Dm8׊8p0^Ksh^jIcSojc5)"QC ϙIq$P }vmĴ@64>t ޺Ccjd1=k +CP<ՍPg̶.GՋp`wBybh[:Z-5,l$==ASh<ϛW5EX!%9v=L籽$(\d~\g; v 7RǙ,`+/];gH2G$!|c9*3>S2m-(EGr};{,}dv/+0bŽϥOvHyU_wD.M?!t#R.ڋOFې)0XP74 <qI0 n9ST:9Am'{';*lٹs˜1J1Д8ٶ2#OA+r e[ O"Cڰ24a (fzcq*>% ,-i8M >2~ l|_Oexƪ~Qxh='з57b8Q| xÿˍtf_d%\"d3@ƷC0!6Ys.KE&(Xp\'AΙَz!w>G}d ȡ( l}i.͜GK@g0mҕh_ynq7V0] c/1+$~Il=duG-Wrcd+xf:PNEX"MfFH7k,^zeXݿdw?.(ZF#,Wc ҭ<P8_CAc.vjmnFQXƺa#¶u4mѩoߩ {**l+k[؅nTLxI;s__@>{zw1Ǹ[0rcfzwY='8KiJ epCdkZK (Dq] XNâȖWITR6!;կD?8-xu* fE [Rj 19,f@xI1%h3l䓈mAb ?åk[),#{`)O|g~C{%9:n/ɅW52Y{ ;߂ ixv4%h2b59ʧ3~q <Ǹ(+.9 ҝX;EkP.I{eT7uG<;N$ov{Rh\*I;ݏGUlݸ᥇_>^>]KQEe遢%!;Y B*;w>>^|LW{zv C&ȕ/-F#oUAYfSժZ-Nj|ۊ#iQg8&rYOJ^>۝z"f/ROa6%s|N1VKi+^ϦO*LΗ +q>lgLp -ϱ=RZ`'l/Zv?J*