Results 1 to 1 of 1
  1. #1
    Lounge VIP bobprimak's Avatar
    Join Date
    Feb 2009
    Hinsdale, IL, USA
    Thanked 157 Times in 131 Posts

    Thunderbird Security Is Still Supported

    The thread in which this sub-topic got started has been locked (for good reasons). But just to clarify, Mozilla Foundation has not stopped issuing for Thunderbird Security and Stability Updates. So Thunderbird continues to be a safe and secure email client.

    What was stopped was new feature development. Details here:

    Last Version Update Release Notes here:
    v.24.0, released: September 17, 2013

    And last Security Update Release Notes here:

    Sorry if any confusion has been caused by me relaying the End of Life announcement from 2012.

    Regarding the Heartbleed Vulnerability, Mozilla Products, including Firefox and Thunderbird, use their own variation on SSL:

    First candidate: Mozilla's Network Security Services (NSS) library family, available under multiple license arrangements and with a fairly regular cycle of releases, the last debuting in mid-March 2014. Predictably, Mozilla's own applications -- Firefox, Mozilla Suite, Thunderbird -- all use it, but so do a slew of well-known third-party applications: AOL Instant Messenger and many third-party clients for the service; 2.0; and numerous Red Hat server products such as Red Hat Directory Server and mod_nss for the Apache httpd Web server.

    Mid-March 2014 was the release date for Thunderbird 24.4.0. Upgrade if you haven't done so already.

    So Thunderbird was actually slightly ahead of the Heartbleed curve, it appears.
    Last edited by bobprimak; 2014-04-13 at 09:42.
    -- Bob Primak --

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts