Revisions of MozillaThunderbird
Stephan Kulow (coolo)
accepted
request 105495
from
Wolfgang Rosenauer (wrosenauer)
(revision 95)
- update to Thunderbird 10.0.2 (bnc#747328)
* CVE-2011-3026 (bmo#727401)
libpng: integer overflow leading to heap-buffer overflow
Stephan Kulow (coolo)
accepted
request 104185
from
Wolfgang Rosenauer (wrosenauer)
(revision 94)
- update to version 10.0.1 (bnc#746616)
* MFSA 2012-10/CVE-2012-0452 (bmo#724284)
use after free in nsXBLDocumentInfo::ReadPrototypeBindings
- Use YARR interpreter instead of PCRE on platforms where YARR JIT
is not supported, since PCRE doesnt build (bmo#691898)
- fix ppc64 build (bmo#703534)
Stephan Kulow (coolo)
accepted
request 102414
from
Wolfgang Rosenauer (wrosenauer)
(revision 93)
- update to version 10.0 (bnc#744275)
* MFSA 2012-01/CVE-2012-0442/CVE-2012-0443
Miscellaneous memory safety hazards
* MFSA 2012-03/CVE-2012-0445 (bmo#701071)
<iframe> element exposed across domains via name attribute
* MFSA 2012-04/CVE-2011-3659 (bmo#708198)
Child nodes from nsDOMAttribute still accessible after removal
of nodes
* MFSA 2012-05/CVE-2012-0446 (bmo#705651)
Frame scripts calling into untrusted objects bypass security
checks
* MFSA 2012-06/CVE-2012-0447 (bmo#710079)
Uninitialized memory appended when encoding icon images may
cause information disclosure
* MFSA 2012-07/CVE-2012-0444 (bmo#719612)
Potential Memory Corruption When Decoding Ogg Vorbis files
* MFSA 2012-08/CVE-2012-0449 (bmo#701806, bmo#702466)
Crash with malformed embedded XSLT stylesheets
- update enigmail to 1.3.5
- added mozilla-disable-neon-option.patch to be able to disable
neon on ARM
- removed obsolete PPC64 patch
Stephan Kulow (coolo)
accepted
request 97352
from
Wolfgang Rosenauer (wrosenauer)
(revision 92)
- update to version 9.0 (bnc#737533)
* MFSA 2011-53/CVE-2011-3660
Miscellaneous memory safety hazards (rv:9.0)
* MFSA 2011-54/CVE-2011-3661 (bmo#691299)
Potentially exploitable crash in the YARR regular expression
library
* MFSA 2011-55/CVE-2011-3658 (bmo#708186)
nsSVGValue out-of-bounds access
* MFSA 2011-56/CVE-2011-3663 (bmo#704482)
Key detection without JavaScript via SVG animation
* MFSA 2011-58/VE-2011-3665 (bmo#701259)
Crash scaling <video> to extreme sizes
- fixed accessibility under GNOME 3 (bnc#732898)
(mozilla-a11y.patch)
- do not show update channel in about box
(tb-no-update-channel.patch)
- update enigmail to 1.3.4 (bnc#733002)
* fixes several regressions from previous release
Stephan Kulow (coolo)
accepted
request 90814
from
Wolfgang Rosenauer (wrosenauer)
(revision 89)
- update to version 8.0 (bnc#728520)
* MFSA 2011-47/CVE-2011-3648 (bmo#690225)
Potential XSS against sites using Shift-JIS
* MFSA 2011-48/CVE-2011-3651/CVE-2011-3652/CVE-2011-3654
Miscellaneous memory safety hazards
* MFSA 2011-49/CVE-2011-3650 (bmo#674776)
Memory corruption while profiling using Firebug
* MFSA 2011-52/CVE-2011-3655 (bmo#672182)
Code execution via NoWaiverWrapper
- rebased patches
- update enigmail to 1.3.3
- update icon cache after install/removal (bnc#726758)
Adrian Schröter (adrianSuSE)
committed
(revision 88)
Sascha Peilicke (saschpe)
accepted
request 85282
from
Wolfgang Rosenauer (wrosenauer)
(revision 86)
- update to version 7.0 (bnc#720264) - removed obsolete mozilla-cairo-lcd.patch - rebased patches
Sascha Peilicke (saschpe)
accepted
request 81759
from
Wolfgang Rosenauer (wrosenauer)
(revision 82)
- make enigmail a subversion of Thunderbird to fix %release number tracking issues with the Open Build Service (taken from dmueller's 3.1.x changes)
Sascha Peilicke (saschpe)
accepted
request 81397
from
Petr Cerny (pcerny)
(revision 80)
security update to Thunderbird 6.0.2 - bnc#714931
Displaying revisions 241 - 260 of 335
