14 DAY TRIAL // Canonical has shared some details about a number of Thunderbird vulnerabilities identified in its Ubuntu 14.04 LTS and Ubuntu 12.04 LTS operating systems, and the devs have pushed a new version into the repositories.
The Thunderbird email client was updated a couple of days ago and the new version has landed pretty quickly in the Ubuntu repos. This means that it should be available when users update their systems.
For example, “Abhishek Arya discovered a use-after-free during DOM interactions with SVG. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking Thunderbird,” reads the announcement.
For a more detailed description of the problems, you can see Canonical's security notification.
The flaws can be fixed if you upgrade your system(s) to the latest Thunderbird package specific to each distribution. To apply the patch, run the Update Manager application.
You can also upgrade your system from the terminal. Just enter these two commands (you will need to be root for this to work):
sudo apt-get update sudo apt-get dist-upgrade
In general, a standard system update will make all the necessary changes. A restart of the application will be necessary in order to implement them.
You can also download Mozilla Thunderbird 31.1.1 right now from Softpedia, but this is just the source package.