The developers of the open source email client Thunderbird have released Thunderbird 91.4.0 for all supported operating systems.
The new version of Thunderbird is a bug fix and security update. Thunderbird installations should receive the update automatically through the built-in automatic updating system. Users who don’t want to wait for that to happen can run a manual update by selecting Help > About Thunderbird from the main menu. If the main menu is not displayed, tap on the Alt-key on the keyboard to display it.
Thunderbird queries the organization’s servers to find out if a new update is available. If found, the update will be downloaded and installed.
Thunderbird 91.4.0 improves the performance of the email client in several scenarios. Installations with “a multitude of folders” will see improved startup performance after the installation of the new version.
Thunderbird installations with multiple language packs will also see improvements, as the engineers fixed an issue that caused high RAM and CPU usage resulting in a “sluggish performance”.
Here is the remaining list of changes in the new version of Thunderbird:
- Thunderbird failed to send messages when an IP address was configured as an IPv6 SMTP server (and not a hostname).
- Fixed an issue that caused the forwarding of messages with attachments to fail sometimes.
- Multiple messages printing works now.
- Added support for non-UTF8 news groups.
- Fixed an issue that caused Thunderbird to stall after sending messages with NNTP and SMTP recipients.
- Activating mailto links caused the composer to start with the default sending identity instead of a “configured alternative”.
- Fixed a plain text message drag & drop issue.
- Outlook did not display FileLink messages correctly.
- After selecting an extension provided protocol, it was no longer possible to create an IMAP/POP account.
- Thunderbird’s calendar did not clear multiday selections when changing the viewed week.
- The view of a new event did not autoscroll after reaching the bottom when creating a new event by “clicking and dragging the mouse to create a box”.
- The Calendar invitation panel did not scroll when multiple invitations were pending.
- The Calendar print dialog lacked a cancel button.
Thunderbird 91.4.0 addresses several security issues. The highest severity rating is high, the second-highest after critical.
Here is the list of fixed issues:
- CVE-2021-43536: URL leakage when navigating while executing asynchronous function
- CVE-2021-43537: Heap buffer overflow when using structured clone
- CVE-2021-43538: Missing fullscreen and pointer lock notification when requesting both
- CVE-2021-43539: GC rooting failure when calling wasm instance methods
- CVE-2021-43541: External protocol handler parameters were unescaped
- CVE-2021-43542: XMLHttpRequest error codes could have leaked the existence of an external protocol handler
- CVE-2021-43543: Bypass of CSP sandbox directive when embedding
- CVE-2021-43545: Denial of Service when using the Location API in a loop
- CVE-2021-43546: Cursor spoofing could overlay user interface when native cursor is zoomed
- MOZ-2021-0009: Memory safety bugs fixed in Thunderbird 91.4.0
Now You: which email client do you use?