Project

General

Profile

Feature #16771

Upgrade to Thunderbird 68

Added by intrigeri 6 months ago. Updated 6 days ago.

Status:
In Progress
Priority:
Elevated
Assignee:
Category:
-
Target version:
Start date:
Due date:
% Done:

0%

Feature Branch:
feature/16771-thunderbird-68+force-all-tests
Type of work:
Code
Blueprint:
Starter:
Affected tool:
Email Client

Description

At some point, the only way for us to get Thunderbird security updates will be to upgrade to 68.


Related issues

Related to Tails - Feature #6156: Upstream secure Thunderbird autoconfig wizard In Progress 05/19/2016
Related to Tails - Feature #17149: Figure out what to do with Torbirdy vs. Thunderbird 78 ESR Confirmed
Blocks Tails - Feature #16209: Core work: Foundations Team Confirmed
Blocked by Tails - Feature #17219: Replace TorBirdy In Progress

Associated revisions

Revision 8134f512 (diff)
Added by segfault about 2 months ago

Install Thunderbird 68 (refs: #16771)

Revision 843ab366 (diff)
Added by segfault about 2 months ago

Drop obsolete Thunderbird patches (refs: #16771)

These patches were merged upstream:

https://bugzilla.mozilla.org/show_bug.cgi?id=971347

Revision 16a6b3c8 (diff)
Added by segfault about 2 months ago

Refresh Thunderbird patch (refs: #16771)

Dropped the first hunk because "resource://gre/modules/Services.jsm" is
already imported in line 20.

Revision 360244e7 (diff)
Added by segfault about 2 months ago

Refresh Thunderbird patch for Thunderbird 68 (refs: #16771)

This updates Prefer-fetched-configurations-using-SSL-over-plainte.patch
to apply cleanly on Thunderbird 68.

Revision e4a9dfa3 (diff)
Added by segfault about 2 months ago

Refresh Thunderbird patch for Thunderbird 68 (refs: #16771)

This updates Add-pref-for-whether-to-accept-plaintext-protocols-d.patch
to apply cleanly on Thunderbird 68.

Drop the first hunk, which was merged into upstream, but with
"ssl_only_mail_servers" renamed to "sslOnly".

Rename "ssl_only_mail_servers" to "sslOnly" in the other hunks.

Revision 77ef46f9 (diff)
Added by segfault about 2 months ago

Refresh Thunderbird patch for Thunderbird 68 (refs: #16771)

This updates Make-use-of-non-SSL-Exchange-AutoDiscover-methods-op.patch
to apply cleanly on Thunderbird 68.

It seems like the "ssl_only_config_servers" pref is now named "sslOnly"
(see e4a9dfa3cb84d7f1afc43ab617c4a289ccd06d7c) so this commit renames that
pref in the patch.

Also, drop the hunk that patches the pref's comment. The comment in upstream is
different and I don't think it's worth our time to maintain the patch of the
comment (except if we plan to upstream it - do we?).

Revision 52ee153d (diff)
Added by segfault about 2 months ago

Adjust Thunderbird AppArmor profile for Thunderbird 68 (refs: #16771)

Thunderbird 68 also accesses /dev/shm/org.mozilla.ipc.* for IPC.

Revision 4f648115 (diff)
Added by segfault about 2 months ago

Install Thunderbird 68 from experimental (refs: #16771)

For testing Thunderbird 68 in Tails. This commit should be reverted once
Thunderbird 68 is available in Buster or Sid.

Revision 024e682b (diff)
Added by segfault about 2 months ago

Drop obsolete Thunderbird patches (refs: #16771)

These patches were merged upstream:

https://bugzilla.mozilla.org/show_bug.cgi?id=971347

Revision e803004a (diff)
Added by segfault about 2 months ago

Refresh Thunderbird patch (refs: #16771)

Dropped the first hunk because "resource://gre/modules/Services.jsm" is
already imported in line 20.

Revision fd23d85d (diff)
Added by segfault about 2 months ago

Refresh Thunderbird patch for Thunderbird 68 (refs: #16771)

This updates Prefer-fetched-configurations-using-SSL-over-plainte.patch
to apply cleanly on Thunderbird 68.

Revision fd7df8a6 (diff)
Added by segfault about 2 months ago

Refresh Thunderbird patch for Thunderbird 68 (refs: #16771)

This updates Add-pref-for-whether-to-accept-plaintext-protocols-d.patch
to apply cleanly on Thunderbird 68.

Drop the first hunk, which was merged into upstream, but with
"ssl_only_mail_servers" renamed to "sslOnly".

Rename "ssl_only_mail_servers" to "sslOnly" in the other hunks.

Revision 94334b74 (diff)
Added by segfault about 2 months ago

Refresh Thunderbird patch for Thunderbird 68 (refs: #16771)

This updates Make-use-of-non-SSL-Exchange-AutoDiscover-methods-op.patch
to apply cleanly on Thunderbird 68.

It seems like the "ssl_only_config_servers" pref is now named "sslOnly"
(see fd7df8a66cc10cc546bf7543c4905784125e34d4) so this commit renames that
pref in the patch.

Also, drop the hunk that patches the pref's comment. The comment in upstream is
different and I don't think it's worth our time to maintain the patch of the
comment (except if we plan to upstream it - do we?).

Revision 967081fc (diff)
Added by segfault about 2 months ago

Adjust Thunderbird AppArmor profile for Thunderbird 68 (refs: #16771)

Thunderbird 68 also accesses /dev/shm/org.mozilla.ipc.* for IPC.

Revision 66c3fd99 (diff)
Added by segfault 1 day ago

Adjust Thunderbird AppArmor profile for Thunderbird 68 (refs: #16771)

Thunderbird 68 also accesses /dev/shm/org.mozilla.ipc.* for IPC.

History

#1 Updated by intrigeri 6 months ago

#2 Updated by intrigeri 6 months ago

Exact timing is unclear at the moment but upstream is working on getting v68 ready. I'll set target version once I understand the expected timeline better.

#3 Updated by intrigeri 6 months ago

  • Related to Feature #6156: Upstream secure Thunderbird autoconfig wizard added

#4 Updated by intrigeri 6 months ago

When we do this upgrade, we should probably:

  • ship Thunderbird straight from Debian (i.e. stop building+uploading our own package)
  • apply our remaining account wizard patch (OAuth2) to the relevant files in omni.ja via a config/chroot_local-hooks/
  • update our doc under contribute/ accordingly

This would address most of what's left of the problem (having to build+upload our own Thunderbird packages regularly) that made us put #6156 on the roadmap this year. I'm saying "most" because until #6156 is done and that OAuth2-related patch is upstreamed, maintaining this delta may have a non-negligible cost.

#5 Updated by intrigeri 6 months ago

The beta is scheduled for early June. Draft release notes: https://www-stage.thunderbird.net/en-US/thunderbird/68.0beta/releasenotes/.

#6 Updated by intrigeri 3 months ago

  • Target version set to Tails_3.17

68.0 was released upstream. There will be one last release in the 60.x series (60.9) next week, which we'll miss for Tails 3.16. I expect 68.x will be our only option for Tails 3.17 / 4.0.

#7 Updated by intrigeri 3 months ago

intrigeri wrote:

When we do this upgrade, we should probably:

FTR, I've done this already and this change made it into Tails 3.15.

#8 Updated by intrigeri 2 months ago

  • Target version changed from Tails_3.17 to Tails_4.0

#9 Updated by segfault about 2 months ago

  • Assignee set to segfault
  • Feature Branch set to feature/16771-thunderbird-68

I started refreshing the patches but are not finished yet and didn't push that work yet.

#10 Updated by segfault about 2 months ago

  • Status changed from Confirmed to In Progress

#11 Updated by segfault about 2 months ago

  • Feature Branch changed from feature/16771-thunderbird-68 to git push --set-upstream origin feature/16771-thunderbird-68+force-all-tests

#12 Updated by intrigeri about 2 months ago

  • Feature Branch changed from git push --set-upstream origin feature/16771-thunderbird-68+force-all-tests to feature/16771-thunderbird-68+force-all-tests

#13 Updated by segfault about 2 months ago

There is currently no Torbirdy version compatible with Thunderbird 68. I couldn't find any information about a plan to support Thunderbird 68.

There is an Enigmail version compatible with Thunderbird 68, but it's currently not in Debian.

#14 Updated by segfault about 2 months ago

Copying extensions to /usr/lib/thunderbird/extensions/ doesn't seem to be enough to enable them in Thunderbird 68. I tried copying the {847b3a00-7ab1-11d4-8f02-006008948af5}.xpi installed to ~/.thunderbird/profile.default/extensions/ when installing the add-on via Thunderbird, then deleting the profile.default and starting Thunderbird again. The extension is not installed and not present in ~/.thunderbird/profile.default/extensions/.

#15 Updated by segfault about 2 months ago

segfault wrote:

Copying extensions to /usr/lib/thunderbird/extensions/ doesn't seem to be enough to enable them in Thunderbird 68. I tried copying the {847b3a00-7ab1-11d4-8f02-006008948af5}.xpi installed to ~/.thunderbird/profile.default/extensions/ when installing the add-on via Thunderbird, then deleting the profile.default and starting Thunderbird again. The extension is not installed and not present in ~/.thunderbird/profile.default/extensions/.

Nevermind, I got it to work now.

#16 Updated by segfault about 2 months ago

It seems like the latest torbirdy version is indeed incompatible with Thunderbird 68. At least I wasn't able to install it even when I changed the maxVersion in install.rdf from "60.*" to "68.*".

I don't know what else there is to do here, except to wait for Debian packages for enigmail and torbirdy which are compatible with Thunderbird 68.

#17 Updated by intrigeri about 2 months ago

It seems like the latest torbirdy version is indeed incompatible with Thunderbird 68. At least I wasn't able to install it even when I changed the maxVersion in install.rdf from "60.*" to "68.*".

Yeah, we saw this coming and we're in the exact situation I was hoping to avoid :/

Back in March, @u started a private conversation about this with Torbirdy upstream (thread: "Fwd: Torbirdy's future"). I've not heard about it since April and AFAICT, upstream did not even create a ticket to track this upcoming issue. u, maybe you have some updates to share? (/me crosses fingers :)

This got reported twice upstream by users in the last two months:

No reply from the upstream maintainer so far.

This has not been reported to Debian yet but I expect users will start noticing as soon as Thunderbird 68 is uploaded to sid.

I don't know what else there is to do here, except to wait for Debian packages for […] torbirdy which are compatible with Thunderbird 68.

Given the historical info I provided above, I don't think it's realistic for us to keep shipping Thunderbird 60 until Torbirdy is ported. Thunderbird 68 was released 1 month ago, and upstream seems MIA, so it's unclear to me whether it will ever be ported. For Tails 4.0 we can probably just ship 60.9.0, but that won't fly forever.

Now, IIRC Torbirdy does mostly one thing: setting a bunch of prefs. It would be sad to lose this central place for sharing privacy/Tor/anonymity related prefs, but as far as Tails users are concerned, we could "just" (sic!) set those prefs ourselves in tails.git. That's certainly better than shipping an outdated Thunderbird with known security issues for months or years.

If, for some reason, this does not work for some critical prefs, we could try porting Torbirdy ourselves, trimming it down from its UI and whatever is not strictly necessary for us: hopefully what's left will be compatible with Thunderbird 68. But first, we would need to understand what exactly it is, that Torbirdy is using, and that's deprecated in Thunderbird 68. If the work to do is porting to WebExt or something like this, it may be a huge task, and we'll need to consider how critical the missing bits are.

There is an Enigmail version compatible with Thunderbird 68, but it's currently not in Debian.

Yep, and the Thunderbird maintainer reached out to the Enigmail one about it: https://alioth-lists.debian.net/pipermail/pkg-apparmor-team/2019-September/003143.html.
I hope dkg has time to import & upload the new Enigmail upstream release in the next few weeks.
Worst case, we may have to do it ourselves.

BTW, Carsten's email has some more info that's relevant for us.

Cheers!

#18 Updated by u about 2 months ago

I've pinged upstream again, but to no avail. So no, I have no magic news about the issue :/ I've recently forwarded the email to segfault with more details.

#19 Updated by intrigeri about 2 months ago

I've pinged upstream again, but to no avail. So no, I have no magic news about the issue :/ I've recently forwarded the email to segfault with more details.

Thanks for the quick reply!

#20 Updated by segfault about 1 month ago

  • Target version changed from Tails_4.0 to Tails_4.1

We decided to postpone this to 4.1 and ship Thunderbird 60.9 in 4.0.

#21 Updated by u about 1 month ago

FTR, the upstream author promised to send us an assessment of the situation and the work to do by the end of this week.

#22 Updated by intrigeri about 1 month ago

  • Related to Feature #17149: Figure out what to do with Torbirdy vs. Thunderbird 78 ESR added

#23 Updated by intrigeri about 1 month ago

u wrote:

FTR, the upstream author promised to send us an assessment of the situation and the work to do by the end of this week.

@u, amazing, thanks!

I've optimistically filed #17149 to track the next iteration of this problem, which will probably be even harder wrt. Thunderbird 78, even if we find a way to make Torbirdy work on Thunderbird 68. My goal here is to ensure this is on our radar early enough, to avoid any bad surprise next summer/fall.

#24 Updated by u about 1 month ago

@intrigeri: sounds good. The upstream author has made an assessment of the work to be done. I proposed to help him with testing, and asked what else needs we could help with.

#25 Updated by u 27 days ago

We should probably meet with the upstream author to talk about our needs and outline a plan to save the world of email over Tor. See email sent to @hefee, @intrigeri @segfault some minutes ago.

#27 Updated by segfault 6 days ago

#28 Updated by intrigeri 6 days ago

  • Priority changed from Normal to Elevated

Rationale: Thunderbird 60.x is EOL and won't get further security updates.

But as I just wrote on #17219: if we lack the resources to complete this in time for 4.1 without burning people out, IMO so be it.

Also available in: Atom PDF