Accepted mozilla-thunderbird 1.0.7-0ubuntu1 (source)

Adam Conrad adconrad at ubuntu.com
Mon Oct 10 11:45:12 CDT 2005 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Mon, 10 Oct 2005 18:39:53 +1000
Source: mozilla-thunderbird
Binary: mozilla-thunderbird-dev mozilla-thunderbird-inspector mozilla-thunderbird mozilla-thunderbird-typeaheadfind mozilla-thunderbird-offline
Architecture: source
Version: 1.0.7-0ubuntu1
Distribution: breezy
Urgency: low
Maintainer: Alexander Sack <asac at debian.org>
Changed-By: Adam Conrad <adconrad at ubuntu.com>
Description: 
 mozilla-thunderbird - Mozilla Thunderbird standalone mail client
 mozilla-thunderbird-dev - mozilla thunderbird development files
 mozilla-thunderbird-inspector - mozilla thunderbird dom inspector extension
 mozilla-thunderbird-offline - mozilla thunderbird offline extension
 mozilla-thunderbird-typeaheadfind - mozilla thunderbird typeaheadfind extension
Changes: 
 mozilla-thunderbird (1.0.7-0ubuntu1) breezy; urgency=low
 .
   * SECURITY UPDATE: Update to 1.0.7 to resolve multiple issues:
     + CAN-2005-2871, MFSA-2005-57 - IDN heap overrun
     + CAN-2005-2701, MFSA-2005-58 - Heap overrun in XBM image processing
     + CAN-2005-2702, MFSA-2005-58 - Crash on "zero-width non-joiner" sequence
     + CAN-2005-2703, MFSA-2005-58 - XMLHttpRequest header spoofing
     + CAN-2005-2704, MFSA-2005-58 - Object spoofing using XBL <implements>
     + CAN-2005-2705, MFSA-2005-58 - JavaScript integer overflow
     + CAN-2005-2706, MFSA-2005-58 - Privilege escalation using about: scheme
     + CAN-2005-2707, MFSA-2005-58 - Chrome window spoofing
   * CAN-2005-2968, MFSA-2005-59 (Command-line shell execution vulnerability)
     was addressed in Debian in 1.0.6-4, and we're preferring their patch
     over upstream's, as it allows us to update with the minimum amount of
     fuss, without re-diffing all our other patches (see Debian bug #329667)
   * Drop 81_security-idn-normalization.dpatch, now included upstream.
   * Compile with -fno-strict-aliasing (as discussed in Ubuntu bug #17276)
Files: 
 6efadeca86e5e64a73a35964046eef09 906 mail optional mozilla-thunderbird_1.0.7-0ubuntu1.dsc
 6db01051ce21d9faadd119a1b88383b7 32910701 mail optional mozilla-thunderbird_1.0.7.orig.tar.gz
 3600bc9a4cee9306aa958f7a566db36f 81328 mail optional mozilla-thunderbird_1.0.7-0ubuntu1.diff.gz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFDSpQsvjztR8bOoMkRAh0bAKCQxxPRh2yxhvmtcW5bCOr0Egv41ACfTq0E
iWMfLY4H3Fg4A1Ulcq4Uxo8=
=onNM
-----END PGP SIGNATURE-----


Accepted:
mozilla-thunderbird_1.0.7-0ubuntu1.diff.gz
  to pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.7-0ubuntu1.diff.gz
mozilla-thunderbird_1.0.7-0ubuntu1.dsc
  to pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.7-0ubuntu1.dsc
mozilla-thunderbird_1.0.7.orig.tar.gz
  to pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.7.orig.tar.gz

More information about the breezy-changes mailing list