Log Message:
mail/thunderbird: Update to 128.7.0

Changelog:
128.7.0:
What's Fixed

fixed
Images inside links could zoom when clicked instead of opening the link

fixed
Compacting an empty folder failed with write error

fixed
Compacting of IMAP folder with corrupted local storage failed with write error

fixed
After restart, all restored tabs with opened PDFs showed the same attachment

fixed
Exceptions during CalDAV item processing would halt subsequent item handling

fixed
Context menu was unable to move email address to a different field

fixed
Security fixes

Security fixes:
Mozilla Foundation Security Advisory 2025-10
#CVE-2025-1009: Use-after-free in XSLT
#CVE-2025-1010: Use-after-free in Custom Highlight
#CVE-2025-1011: A bug in WebAssembly code generation could result in a crash
#CVE-2025-1012: Use-after-free during concurrent delazification
#CVE-2024-11704: Potential double-free vulnerability in PKCS#7 decryption
 handling
#CVE-2025-1013: Potential opening of private browsing tabs in normal browsing
 windows
#CVE-2025-1014: Certificate length was not properly checked
#CVE-2025-1015: Unsanitized address book fields
#CVE-2025-0510: Address of e-mail sender can be spoofed by malicious email
#CVE-2025-1016: Memory safety bugs fixed in Firefox 135, Thunderbird 135,
 Firefox ESR 115.20, Firefox ESR 128.7, Thunderbird 115.20, and Thunderbird
 128.7
#CVE-2025-1017: Memory safety bugs fixed in Firefox 135, Thunderbird 135,
 Firefox ESR 128.7, and Thunderbird 128.7

128.6.0:
What's Fixed

fixed
New mail notification was not hidden after reading the new message

fixed
New mail notification could show for the wrong folder, causing repeated alerts

fixed
macOS shortcut CMD+1 did not restore the main window when it was minimized

fixed
Clicking the context menu "Reply" button resulted in "Reply-All"

fixed
Switching from "All", "Unread", and "Threads with \ 
unread" did not work

fixed
Downloading message headers from a newsgroup could cause a hang

fixed
Message list performance slow when many updates happened at once

fixed
"mailto:" links did not apply the compose format of the current identity

fixed
Authentication failure of AUTH PLAIN or AUTH LOGIN did not fall back to
USERPASS

fixed
Security fixes

Security fixes:
Mozilla Foundation Security Advisory 2025-05
#CVE-2025-0237: WebChannel APIs susceptible to confused deputy attack
#CVE-2025-0238: Use-after-free when breaking lines in text
#CVE-2025-0239: Alt-Svc ALPN validation failure when redirected
#CVE-2025-0240: Compartment mismatch when parsing JavaScript JSON module
#CVE-2025-0241: Memory corruption when using JavaScript Text Segmentation
#CVE-2025-0242: Memory safety bugs fixed in Firefox 134, Thunderbird 134,
 Firefox ESR 115.19, Firefox ESR 128.6, Thunderbird 115.19, and Thunderbird
 128.6
#CVE-2025-0243: Memory safety bugs fixed in Firefox 134, Thunderbird 134,
 Firefox ESR 128.6, and Thunderbird 128.6