Version) wurden unter anderem Sicherheitslücken geschlossen. Version 78.10.2 will restore the protection mechanism for newly imported keys, and will automatically protect keys that had been imported using affected Thunderbird versions. 5 hours ago &0183 &32 Für Thunderbird und auch Betterbird steht ein neues Update bereit. The master password protection was inactive for those keys. Thunderbird Release Notes Version 91.1.0, first offered to channel users on SeptemChanges Bug Fixes All Releases Check out the notes below for this version of Thunderbird. OpenPGP secret keys that were imported using Thunderbird version 78.8.1 up to version 78.10.1 were stored unencrypted on the user's local disk. The About Thunderbird window will open and Thunderbird will begin checking for updates and downloading. #CVE-2021-29956: Thunderbird stored OpenPGP secret keys without master password protection Reporter Participants on the Thunderbird E2EE Mailing List Impact low Description Go over to the Help menu and select About Thunderbird. If a MIME encoded email contains an OpenPGP inline signed or encrypted message part, but also contains an additional unprotected part, Thunderbird did not indicate that only parts of the message are protected. Announced MaImpact high Products Thunderbird Fixed in Thunderbird 78.9 In general, these flaws cannot be exploited through email in the Thunderbird product because scripting is disabled when reading mail, but are potentially risks in browser or browser-like contexts. #CVE-2021-29957: Partial protection of inline OpenPGP message not indicated Reporter Cure53 Impact low Description I do not recommend your approach, and I call it out for its high risk.Mozilla Foundation Security Advisory 2021-22 Security Vulnerabilities fixed in Thunderbird 78.10.2 Announced Impact low Products Thunderbird Fixed in Getting into a froth over your "security flaws" claims carries very high risk since one is stuck with whatever security flaws are in 78.9.x and must remind oneself to manually check for updates and manually install them, which goes right up against what we already know about users not updating regularly, and what we know about human nature viz getting distracted by day to day rigmarole and forgetting to check for updates.
The point is, the path of least risk is to subscribe to the security ppa and wait. So, one has to either get into a dither over your "security flaws" claims and get no updates, ever, thereby being stuck with whatever security flaws are in 78.9.x unless one updates manually and regularly, or one goes an alternate route by subscribing to the security ppa, which is not a snap store, and waiting for an update. It is a free and open-source cross platform email-client, personal information.
there is no update procedure for this version. (b) : Mozilla Thunderbird is an example of email that is not a webmail.
Please explain, why it is not necessary to download it directly, now ?
0 kommentar(er)
