When Firefox 2..0.0.12 came out on Feb. 7, it brought with it fixes for three critical security holes and seven others that were not quite so serious. According to the security advisories, many of these problems were also fixed in the Thunderbird 126.96.36.199 e-mail client. Unfortunately, there is no Thunderbird 2..0.0.12.
The Mozilla Foundation‘s press release focused on the Firefox 188.8.131.52 security fixes. The Foundation also reported, though, in its MFSA (Mozilla Foundation Security Advisory), that these same bugs had been fixed in the fictitious Thunderbird 184.108.40.206.
Specifically, the following critical security advisories were reported to be fixed in both Firefox and Thunderbird: MFSA 2008-01 (crashes with evidence of memory corruption) and MFSA 2008-03 (privilege escalation, XSS, remote code execution). In addition, the serious security bug MFSA 2008-05 (directory traversal via chrome: URI) and moderate security bug MFSA 2008-08 (file action dialog tampering) are reported to have been fixed in the nonexistent Thunderbird 220.127.116.11.