Bugzilla

Here are four that were casually dismissed

bug 1678655
bug 1665536
bug 1670806
bug 1667057

The design of this feature (OpenPGP integration) violates numerous important security principles and greatly REDUCES security by storing key passphrases.  Private key passphrases should NEVER be stored in any form, anywhere.  

For anybody that actually understands PGP and cares about security, this makes Thunderbird completely unusable as a mail client.  I have posted a detailed description of the problem to the ACM Risks Forum, expect to receive commentary from security experts.