Support for TB2
Timo Pietilä
What happened:
I just had to uninstall TB3 because it didn't read one of the messages I
got from my linux-server. That's usual plain text message, nothing weird
in it. I had similar problems before for some other messages, but
usually they resolved by jumping back and forth several times from
message it didn't read to message it did. Today, no such luck.
So I uninstalled TB3 and re-installed TB2. Startup-times got smaller,
reading messages got fixed, no stupid "smart folders", offline settings
are correct ones etc.
Rant begins.
However apparently there is no support or development made for TB2 which
works just fine, but has at least one security hole (which is BTW fixed
in 2.0.0.24pre, and has been fixed for nearly, or is it over, a month now).
Abandoning TB2 in situation like this is like stopping making spare
parts for a car that is "old model", because there is new model that is
more shiny, but doesn't work, and forcing people to use this crappy
useless new product when their brakes need replacing.
I'm not going to upgrade to TB3 any day soon, so if there is another
security hole in TB2 then I will drop support for TB completely, and
tell reason for that to everyone in my organization. You *WILL* lose
around 100k potential users, probably more, if that ever happens.
Rant ends.
Timo Pietil�
Jesper Kristensen
I usually run into something like this 10 or 20 times a day after
updating to TB3, but restarting Thunderbird seems to clear the cache or
something and let the message load properly.
Wayne Mery
> Hello.
>
> What happened:
> I just had to uninstall TB3 because it didn't read one of the messages I
> got from my linux-server. That's usual plain text message, nothing weird
> in it. I had similar problems before for some other messages, but
> usually they resolved by jumping back and forth several times from
> message it didn't read to message it did. Today, no such luck.
>
> So I uninstalled TB3 and re-installed TB2. Startup-times got smaller,
> reading messages got fixed, no stupid "smart folders", offline settings
> are correct ones etc.
>
> Rant begins.
> However apparently there is no support or development made for TB2 which
> works just fine, but has at least one security hole (which is BTW fixed
> in 2.0.0.24pre, and has been fixed for nearly, or is it over, a month now).
This is at least the second time in a month I've seen reference to
security issue where the poster didn't provide a precise citation. I can
appreciate you are excited, but it would help to know the exact issue
without having to ask for more information.
> Abandoning TB2 in situation like this is like stopping making spare
> parts for a car that is "old model", because there is new model that is
> more shiny, but doesn't work, and forcing people to use this crappy
> useless new product when their brakes need replacing.
>
> I'm not going to upgrade to TB3 any day soon, so if there is another
> security hole in TB2 then I will drop support for TB completely, and
> tell reason for that to everyone in my organization. You *WILL* lose
> around 100k potential users, probably more, if that ever happens.
> Rant ends.
>
> Timo Pietil�
There has been no change in the level of support for v2. So it seems to
me commenting in the bug may be a far better way to address your concerns.
--
http://wiki.mozilla.org/Thunderbird:Testing
http://www.spreadthunderbird.com/aff/165/
Timo Pietilä
> On 1/18/2010 3:54 AM, Timo Pietil� wrote:
>> Hello.
>>
>> What happened:
>> I just had to uninstall TB3 because it didn't read one of the messages I
>> got from my linux-server. That's usual plain text message, nothing weird
>> in it. I had similar problems before for some other messages, but
>> usually they resolved by jumping back and forth several times from
>> message it didn't read to message it did. Today, no such luck.
>>
>> So I uninstalled TB3 and re-installed TB2. Startup-times got smaller,
>> reading messages got fixed, no stupid "smart folders", offline settings
>> are correct ones etc.
>>
>> Rant begins.
>> However apparently there is no support or development made for TB2 which
>> works just fine, but has at least one security hole (which is BTW fixed
>> in 2.0.0.24pre, and has been fixed for nearly, or is it over, a month
>> now).
>
> This is at least the second time in a month I've seen reference to
> security issue where the poster didn't provide a precise citation. I can
> appreciate you are excited, but it would help to know the exact issue
> without having to ask for more information.
http://securityreason.com/achievement_securityalert/78
https://bugzilla.mozilla.org/show_bug.cgi?id=516862
https://bugzilla.mozilla.org/show_bug.cgi?id=516396
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0689
Hope those help.
Timo Pietil�
Mark Banner
> Den 18-01-2010 09:54, Timo Pietil� skrev:
>> What happened:
>> I just had to uninstall TB3 because it didn't read one of the messages I
>> got from my linux-server. That's usual plain text message, nothing weird
>> in it. I had similar problems before for some other messages, but
>> usually they resolved by jumping back and forth several times from
>> message it didn't read to message it did. Today, no such luck.
>
> updating to TB3, but restarting Thunderbird seems to clear the cache or
> something and let the message load properly.
Have either of you two filed a bug and attached a testcase email to it?
Please reference it so we can look at it in-depth, as it sounds like
something we need to look at fixing in TB 3.
Standard8
Timo Pietilä
That's very hard to reproduce, because it seems to be utterly and
totally random mail that behaves this way. There are simply no reason in
the mail itself that can cause this. For my system usual cause was
automatic alerts I got from one of my servers, but I get those a lot,
and it has happened to other messages too. And it can resolve itself
after some time by jumping between some other account/message and
problem-message.
So no "testcase email" can be provided. Only description what happens.
Please do what you have to do to 2.0.0.24pre and release it. 2.0.0.X
works better than 3. Is faster and is more reliable and less "look, I'm
shiny, I have lots of useless features" -bloatware. Also all extensions
and add-ons work in 2.0.0.X, which is not (yet) case with 3.X.
If you don't you start to lose users and reputation. It is *YOUR*
problem, not our problem.
Timo Pietil�
Mark Banner
Ok, but could you at least try and get a clear description as to what is
happening on a bug? "didn't read" needs clarifying a bit - did it not
display the message, did it not list it, did it fail getting it from the
server?
> Please do what you have to do to 2.0.0.24pre and release it. 2.0.0.X
> works better than 3. Is faster and is more reliable and less "look, I'm
> shiny, I have lots of useless features" -bloatware.
We are currently looking into scheduling a .24 release.
We are also working on fixing reliability issues and the 3.0.1 release
will be out in a couple of days which includes a lot of fixes. We also
have a team monitoring our support channels who are feeding back
information into future development (of all branches).
> Also all extensions
> and add-ons work in 2.0.0.X, which is not (yet) case with 3.X.
That is expected and is pretty much normal practice as we can't force
add-on authors to update before the release. It is one of the main
reasons we don't push out an automatic, prompted, major update straight
after release (though users who wish to do so can use the check for
updates option to upgrade).
Standard8
Timo Pietilä
Did that. It might be related to this:
https://bugzilla.mozilla.org/show_bug.cgi?id=522766
>> Please do what you have to do to 2.0.0.24pre and release it. 2.0.0.X
>> works better than 3. Is faster and is more reliable and less "look, I'm
>> shiny, I have lots of useless features" -bloatware.
>
> We are currently looking into scheduling a .24 release.
Great! As I have said in almost all of my messages dropping support from
working old product before new one is ready is just stupid.
> > Also all extensions
>> and add-ons work in 2.0.0.X, which is not (yet) case with 3.X.
>
> That is expected and is pretty much normal practice as we can't force
> add-on authors to update before the release. It is one of the main
> reasons we don't push out an automatic, prompted, major update straight
> after release (though users who wish to do so can use the check for
> updates option to upgrade).
In corporate environment newest is almost always to worst, and also TB3
tuning for corporate environment for migration purposes is ... interesting.
Corporates will stay on TB2 until TB3 is solid and relatively bug-free
and at least some "critical" add-ons work right (For example Finnish
dictionary which is based on Voikko-add on, doesn't work correctly in
TB3). Or they stop using TB completely. Either way is the right way.
Timo Pietil�
Dan Mosedale
>>> Please do what you have to do to 2.0.0.24pre and release it. 2.0.0.X
>>> works better than 3. Is faster and is more reliable and less "look, I'm
>>> shiny, I have lots of useless features" -bloatware.
>>
>> We are currently looking into scheduling a .24 release.
>
> Great! As I have said in almost all of my messages dropping support
> from working old product before new one is ready is just stupid.
>
hasn't been, and we've always planned to not do so until we think 3.x is
good enough.
>> That is expected and is pretty much normal practice as we can't force
>> add-on authors to update before the release. It is one of the main
>> reasons we don't push out an automatic, prompted, major update
>> straight after release (though users who wish to do so can use the
>> check for updates option to upgrade).
>
> In corporate environment newest is almost always to worst, and also
> TB3 tuning for corporate environment for migration purposes is ...
> interesting.
deployments better is something that Mozilla Messaging hopes to devote
some energy to in the upcoming months. We're still working to figure
out how we would structure that.
Dan
Timo Pietilä
> On 1/19/10 5:13 AM, Timo Pietil� wrote:
>>>> Please do what you have to do to 2.0.0.24pre and release it. 2.0.0.X
>>>> works better than 3. Is faster and is more reliable and less "look, I'm
>>>> shiny, I have lots of useless features" -bloatware.
>>>
>>> We are currently looking into scheduling a .24 release.
>>
>> Great! As I have said in almost all of my messages dropping support
>> from working old product before new one is ready is just stupid.
>>
> I'm not sure why you seem to believe 2.0.0.24 has been dropped. It
> hasn't been, and we've always planned to not do so until we think 3.x is
> good enough.
It felt that way, because it had been in ...pre -state for so long, and
there was security issue in ...23, which needed fixing. If you do
continue support for 2.x -series, that's great. I just suggest you put a
bit more effort in it, especially when there is security issues to be
fixed. That is, if it is possible.
Timo Pietil�
Dan Mosedale
Right now, for the first time ever we as a project have four development
streams live at once (2.0.0.x, 3.0.x, 3.1, 3.2). We're mostly ignoring
3.2 at the moment, but that's still significantly more coordination work
than we've had to deal with in the past, so we're having to adap. But
the adaption is likely to be somewhat bumpy, and four branches is still
too many. Our goal is to get 3.0.x good enough soon so that we can, in
good conscience, ask all of our users to upgrade. We're a little ways
from that yet, however.
Dan
Timo Pietilä
> On 1/19/10 11:50 AM, Timo Pietil� wrote:
>> Dan Mosedale wrote:
>>> On 1/19/10 5:13 AM, Timo Pietil� wrote:
>>>>>> Please do what you have to do to 2.0.0.24pre and release it. 2.0.0.X
>>>>>> works better than 3. Is faster and is more reliable and less
>>>>>> "look, I'm
>>>>>> shiny, I have lots of useless features" -bloatware.
>>>>>
>>>>> We are currently looking into scheduling a .24 release.
>>>>
>>>> Great! As I have said in almost all of my messages dropping support
>>>> from working old product before new one is ready is just stupid.
>>>>
>>> I'm not sure why you seem to believe 2.0.0.24 has been dropped. It
>>> hasn't been, and we've always planned to not do so until we think 3.x
>>> is good enough.
>>
>> It felt that way, because it had been in ...pre -state for so long,
>> and there was security issue in ...23, which needed fixing. If you do
>> continue support for 2.x -series, that's great. I just suggest you put
>> a bit more effort in it, especially when there is security issues to
>> be fixed. That is, if it is possible.
> I hear you; we'll support it as long as we think we reasonably can.
Any news on this front? 3.0.1 was released recently and it again fixed
few security holes, so pressure to either abandon TB or get upgraded TB2
is increasing here.
Timo Pietil�
Dan Mosedale
>>>> I'm not sure why you seem to believe 2.0.0.24 has been dropped. It
>>>> hasn't been, and we've always planned to not do so until we think
>>>> 3.x is good enough.
>>>
>>> It felt that way, because it had been in ...pre -state for so long,
>>> and there was security issue in ...23, which needed fixing. If you
>>> do continue support for 2.x -series, that's great. I just suggest
>>> you put a bit more effort in it, especially when there is security
>>> issues to be fixed. That is, if it is possible.
>> I hear you; we'll support it as long as we think we reasonably can.
>
> Any news on this front? 3.0.1 was released recently and it again fixed
> few security holes, so pressure to either abandon TB or get upgraded
> TB2 is increasing here.
3.0.2 or a 3.0.x subsequent release will have enough of the user
experience bumps ironed out that we can offer a prompted major update to
everyone. It's not yet clear whether that's actually going to be the
case. If not, we may need to wait for 3.1 for the prompted major
update, which is currently planned for April.
Dan
Mark Banner
> Any news on this front? 3.0.1 was released recently and it again fixed
> few security holes, so pressure to either abandon TB or get upgraded TB2
> is increasing here.
If you're on about 24, then its still being done. We are currently
landing the last few patches and looking at getting it scheduled into
the build cycle.
Standard8
Timo Pietilä
Thanks. Any estimate how soon? Are we talking about weeks or months?
Timo Pietil�
Wayne Mery
if you follow the changes at https://wiki.mozilla.org/Releases you will
be informed when dates are updated.
Timo Pietilä
> On 1/28/2010 12:10 AM, Timo Pietil� wrote:
>> Mark Banner wrote:
>>> On 26/01/2010 23:20, Timo Pietil� wrote:
>>>> Any news on this front? 3.0.1 was released recently and it again fixed
>>>> few security holes, so pressure to either abandon TB or get upgraded
>>>> TB2
>>>> is increasing here.
>>>
>>> If you're on about 24, then its still being done. We are currently
>>> landing the last few patches and looking at getting it scheduled into
>>> the build cycle.
>>
>> Thanks. Any estimate how soon? Are we talking about weeks or months?
>>
> be informed when dates are updated.
It says "TBD". I parse that as "to be determined". That's basically same
as no info. So: weeks or months? Hours would be preferable.
Let me say this in other way: Do we abandon TB (months) or do we wait
for upgrade (weeks)?
Timo Pietil�
Dan Mosedale
Dan