update to thunderbird 1.5.0.2

http://www.mozilla.com/thunderbird/releases/1.5.0.2.html details some of the improvements, also there are security implications

I sure hope this makes it into Dapper. I needed a bug fix in this version so I installed Thunderbird 1.5.0.2 from the Mozilla site. It would be nice if I could install it from the Ubuntu repositories.

Is there any known reason for not updating thunderbird to 1.5.0.2?
Thunderbird before this version is known to have multiple security issues:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#thunderbird1.5.0.2
Two of them have critical impact!
I will raise severity and assign to maintainer until further info from him.
Sorry for making such noise, but if there are any reasons for delaying a security update, they should be given here. And having release in two weeks is not a reason against the update, but _for_ it.
Best, Daniel

Thanks Daniel,

I hope 1.5.0.2 makes it into Dapper.

Hopefully then the easy answer to the LONG running thread on installing Thunderbird 1.5.0.2 ( http://www.ubuntuforums.org/showthread.php?t=165655 ) will just be to install Dapper and install updated thunderbird package from Ubuntu repositories.

Please don't reassign bugs willy-nilly if you're not A) a release manager, or B) someone claiming the bug for yourself.

asac does a lot of great work on Thunderbird in Debian, but it's not his responsibility in Ubuntu.

Hi Adam!

I apologize for the false assignment.

If Alexander is the maintainer for debian but not for ubuntu, then the paket mozilla-thunderbird-1.5-0ubuntu6 has a wrong maintainer. But perhaps I don't understand the meaning of the maintainer field fully.

But I'm happy that this bug now has the focus of the correct person which was not the case before my false assignment.

Thank you and please don't be upset,
Daniel

https://lists.ubuntu.com/archives/dapper-changes/2006-May/011171.html

This seems to now be fixed, according to the dapper changes, and apt-cache.

Please reopen if this is not the case.

I can confirm that on my machine. Thank you Adam and Hobbsee!

I hope that security updates to this often used and security sensitive application are processed faster after dapper release.

Best,
Daniel

Daniel, you may want to note that the "Maintainer" field in Ubuntu is pretty much meaningless, since we tend to inherit it from Debian sources we import, but there are a much (MUCH) smaller number of us than there are Debian maintainers and we don't generally "own" many packages, but just "make stuff work" in general.

Ah okay. I didn't really thought of that possibility. Until now I thought that packages with the string "ubuntu" in it were natively from the ubuntu team.
Thank you for sheding light on that issue.

"ubuntu" in the version means that they're modified, compared to the Debian versions. Sometimes, this is a small bugfix or tweak, sometimes it's us shipping a new upstream before Debian, and sometimes it means we're pretty painfully forked (as is currently the case with Thunderbird, but that will be resolved after dapper releases).

If you're curious as to how different a package is from Debian, "zless /usr/share/doc/<package>/changelog.Debian.gz" is a good place to look (search for occurances of the string "ubuntu" to see each ubuntu revision, we splice our change entries in where appropriate)