Linux News Today: Mozilla Thunderbird 38.5.1 Just Landed in Ubuntu with a Ton of Security Updates
Details about quite a few Thunderbird vulnerabilities in Ubuntu 15.10, Ubuntu 15.04, Ubuntu 14.04 LTS, and Ubuntu 12.04 LTS operating systems were revealed today by Canonical.
The Thunderbird email client has been a default package in Ubuntu for a long time, so it’s easy to see why updates for it land quickly. Also, each release for Thunderbird usually brings security fixes as well, and Linux systems really love their security updates. The latest version of Thunderbird is not a huge release, so don’t expect major changes.
Also, when Canonical publishes security updates for various packages, they also upgrade that particular release. In this case, the latest Thunderbird 38.5.1 was just added to the repositories and users can now upgrade it. In fact, users are usually asked to get the new versions for security reasons.
How to get the latest Mozilla Thunderbird on your Ubuntu system
“Andrei Vaida, Jesse Ruderman, Bob Clary, and Jesse Ruderman discovered multiple memory safety issues in Thunderbird. If a user were tricked into opening a specially crafted message, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Thunderbird,” reads the security notice.
This is just one of the problems that have been corrected with this update. The flaws can be fixed if you upgrade your system(s) to the latest Thunderbird package specific to each distribution. To apply the patch, run the Update Manager application.
You can also upgrade your system from the terminal. Just enter these two commands, in this order:
sudo apt-get update
sudo apt-get dist-upgrade
In general, a standard system update will make all the necessary changes. In order to complete the installation of the new version, you will have to restart the application.
You can also download Mozilla Thunderbird 38.5.1 right now from Softpedia, but this is not an installable version of the application.