** Description changed: - The fixes in 38.7, which was released on the 14th of March 2016 [0], six - of which are deemed critical [1]. + Despite Thunderbird being updated on 38.x branch (original bug was + probably filed before recent updates to the package), there is at least + one significant security related feature introduced in 45.x branch, + OAuth2.0. + + It would be nice if maintainers (“Mozilla Team”) could provide an update + to Thunderbird via Security or Backports channels. + + + Original description: + --- + The fixes in 38.7, which was released on the 14th of March 2016 [0], six of which are deemed critical [1]. In addition to 38.7, 45.0 has six further fixes also deemed critical. In addition to these twelve critical vulnerabilities there are a further 10 (6 high, 2 moderate, 2 low) that have been patched since 38.6, which is the latest version available in ubuntu. Both these releases have yet to be officially released by ubuntu. [0] https://www.mozilla.org/en-US/thunderbird/38.7.0/releasenotes/ [1] https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/
-- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/1575731 Title: Thunderbird package is out of date Status in thunderbird package in Ubuntu: Confirmed Bug description: Despite Thunderbird being updated on 38.x branch (original bug was probably filed before recent updates to the package), there is at least one significant security related feature introduced in 45.x branch, OAuth2.0. It would be nice if maintainers (“Mozilla Team”) could provide an update to Thunderbird via Security or Backports channels. Original description: --- The fixes in 38.7, which was released on the 14th of March 2016 [0], six of which are deemed critical [1]. In addition to 38.7, 45.0 has six further fixes also deemed critical. In addition to these twelve critical vulnerabilities there are a further 10 (6 high, 2 moderate, 2 low) that have been patched since 38.6, which is the latest version available in ubuntu. Both these releases have yet to be officially released by ubuntu. [0] https://www.mozilla.org/en-US/thunderbird/38.7.0/releasenotes/ [1] https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/thunderbird/+bug/1575731/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp