Change log for icedove package in Debian
| 151 → 170 of 170 results | First • Previous • Next • Last |
| Superseded in experimental-release |
icedove (3.1.2-1) experimental; urgency=low
* New Upstream Version (Closes: #589666, #591899)
- MFSA 2010-34 aka CVE-2010-1211, CVE-2010-1212: Miscellaneous memory
safety hazards (rv:1.9.2.7/ 1.9.1.11)
- MFSA 2010-38 aka CVE-2010-1215: Arbitrary code execution using SJOW and
fast native function
- MFSA 2010-39 aka CVE-2010-2752: nsCSSValue::Array index integer overflow
- MFSA 2010-40 aka CVE-2010-2753: nsTreeSelection dangling pointer remote
code execution vulnerability
- MFSA 2010-41 aka CVE-2010-1205: Remote code execution using malformed PNG
image
- MFSA 2010-42 aka CVE-2010-1213: Cross-origin data disclosure via Web
Workers and importScripts
- MFSA 2010-43 aka CVE-2010-1207: Same-origin bypass using canvas context
- MFSA 2010-44 aka CVE-2010-1210: Characters mapped to U+FFFD in 8 bit
encodings cause subsequent character to vanish
- MFSA 2010-46 aka CVE-2010-0654: Cross-domain data theft using CSS
- MFSA 2010-47 aka CVE-2010-2754: Cross-origin data leakage from script
filename in error messages
* [6b9976e] rebuild patch queue from patch-queue branch
modified patches:
- 0010-Support-building-on-GNU-kFreeBSD-and-GNU-Hurd.patch
- 0015-Don-t-register-plugins-if-the-MOZILLA_DISABLE_PLUGIN.patch
- 0018-Work-around-FTBFS-on-mips-by-disabling-TLS-support.patch
- 0034-Fix-compiler-errors-with-g-4.4-with-std-gnu-0x.patch
- 0045-Expose-fullpath-from-nsIPluginTag.patch
- 0047-Use-syscall-for-mmap-and-munmap-and-disable-ncpus-in.patch
- 0050-Set-javascript.options.showInConsole.patch
- 0057-Allow-to-build-against-system-libffi.patch
- 0058-Ignore-system-libjpeg-libpng-and-zlib-version-checki.patch
- 0059-Disable-APNG-support-when-system-libpng-doesn-t-supp.patch
* [16b0e7e] fix FTBFS on kfreebsd-* and hurd-i386 by passing
--disable-necko-wifi to configure (Closes: #589476)
* [15a02c7] bump up standards version to 3.9.1
-- Christoph Goehre <email address hidden> Fri, 13 Aug 2010 12:18:21 +0200
icedove (3.0.6-1) unstable; urgency=low
* New Upstream Version
- MFSA 2010-34 aka CVE-2010-1211, CVE-2010-1212: Miscellaneous memory
safety hazards (rv:1.9.2.7/ 1.9.1.11)
- MFSA 2010-39 aka CVE-2010-2752: nsCSSValue::Array index integer overflow
- MFSA 2010-40 aka CVE-2010-2753: nsTreeSelection dangling pointer remote
code execution vulnerability
- MFSA 2010-41 aka CVE-2010-1205: Remote code execution using malformed
PNG image
- MFSA 2010-42 aka CVE-2010-1213: Cross-origin data disclosure via Web
Workers and importScripts
- MFSA 2010-46 aka CVE-2010-0654: Cross-domain data theft using CSS
- MFSA 2010-47 aka CVE-2010-2754: Cross-origin data leakage from script
filename in error messages
* [7efdfaf] rebuild patch queue from patch-queue branch
added patches:
- 0054-Use-syscall-for-mmap-and-munmap-and-disable-ncpus-in.patch
(Closes: #580297)
- 0055-Ignore-system-libjpeg-libpng-and-zlib-version-checki.patch
- 0056-Disable-APNG-support-when-system-libpng-doesn-t-supp.patch
modified patches:
- 0012-Support-building-on-GNU-kFreeBSD-and-GNU-Hurd.patch
* [ceb5c15] bump up standards version to 3.9.1
* [fd8dd2f] lintian: downgrade Conflicts to Breaks
* [4046823] build against system libpng
-- Christoph Goehre <email address hidden> Thu, 05 Aug 2010 13:55:35 -0400
| Superseded in experimental-release |
icedove (3.1-1) experimental; urgency=low
* New Upstream Version
* [124a316] add additional build depends libnotify-dev
* [5ed6a72] adjust branding for Icedove 3.1
* [bed8969] install further js files shipped with Icedove 3.1
* [02456e6] replace blue icedove icons with green version
* [036921f] regenerate patch queue for 3.1 Icedove release
* [a7fa393] build with system ffi
* [d8650f7] ship icedove svg file for low resolution icons too
* [7718c55] bump Standards Version to 3.9.0 and downgrade Conflicts to
Breaks
* [9621fc6] lintian: override ancient-libtool warning
-- Christoph Goehre <email address hidden> Sat, 17 Jul 2010 17:19:58 +0200
| Published in lenny-release |
icedove (2.0.0.24-0lenny1) stable-security; urgency=low
* New upstream security/stability update (v2.0.0.23/v2.0.0.24)
* MFSA 2009-42 aka CVE-2009-2408: Compromise of SSL-protected communication
* MFSA 2009-43 aka CVE-2009-2404: Heap overflow in certificate regexp parsing
* MFSA 2009-49 aka CVE-2009-3077: TreeColumns dangling pointer vulnerability
* MFSA 2009-59 aka CVE-2009-0689: Heap buffer overflow in string to number conversion
* MFSA 2009-62 aka CVE-2009-3376: Download filename spoofing with RTL override
* MFSA 2009-68 aka CVE-2009-3983: NTLM reflection vulnerability
* MFSA 2010-07 aka
- CVE-2009-2463: Integer overflow in a base64 decoding function
- CVE-2009-3072: Crash in the BinHex decoder
- CVE-2009-3075: Crash in the JavaScript engine
- CVE-2010-0163: Crash indexing some messages with attachments
* adjust patches for new upstream
- update debian/patches/18_kbsd_nspr.dpatch
- update debian/patches/autoconf2.13-rerun
- update debian/patches/ubuntu-mail-app-xre-name
-- Christoph Goehre <email address hidden> Sat, 27 Mar 2010 12:06:44 +0100
icedove (3.0.5-1) unstable; urgency=low
* New Upstream Version
* [9774410] rebuild patch queue from patch-queue branch
added patches:
- 0045-Fix-misalignments-in-help-command-line.patch
- 0046-Fix-misalignments-in-help-command-line.patch
- 0047-KDE-Gnome-startup-notification-not-disappearing-when.patch
- 0048-KDE-Gnome-startup-notification-not-disappearing-for-.patch
- 0049-Use-char16_t-when-available-and-when-it-is-don-t-tes.patch
- 0050-Fix-compiler-errors-with-g-4.4-with-std-gnu-0x.patch
- 0051-Add-xptcall-support-for-SH4-processors.patch
modified patches:
- 0028-Avoid-crashing-when-trying-to-kill-a-nsProcess-that-.patch
obsolete patches (fixed upstream):
- 0021-Avoid-creating-the-updates-directory-when-update-ser.patch
- 0035-Fix-stack-alignment-on-function-calls-in-JIT-on-ARM.patch
* [3b98c84] avoid unneeded package depends by building with
'-Wl,--as-needed'
* [0067020] Build with -std=gnu++0x
* [72d4300] add pkg-config file for icedove (Closes: #577740)
* [e6af35d] enlarge package description with specification from icedove 2.0
(Closes: #565887)
* [ef0bc10] add support for new Debian arch: powerpcspe (Closes: #586100) -
thanks to Sebastian Andrzej Siewior
* [5ae6099] use high bandwidth server in watch file to get new upstream
release
* [5e6d641] remove obsolete build depends libkrb5-dev
* [8ed7848] remove unused DEBIAN_VERSION vars in rules file
* [9959bd5] DEB_HOST_GNU_TYPE, DEB_BUILD_GNU_TYPE and DEB_BUILD_ARCH are
defined by cdbs too
* [9f6c088] Fix misalignments in --help command line
-- Christoph Goehre <email address hidden> Sat, 19 Jun 2010 23:26:55 +0200
icedove (3.0.4-3) unstable; urgency=low
* [4026b50] icedove-dev need depend on libnspr4-dev and libnss3-dev
(Closes: #455725)
* [1fee936] don't run configure with --enable-optimize and --disable-
optimize if DEB_BUILD_OPTIONS contains noopt
* [02c0ea3] ship account autoconfig file for Riseup Networks (riseup.net)
(Closes: #577616)
* [e710d08] suggest libgssapi-krb5-2 for Kerberos login possibility
* [7609291] build a shared icedove binary. This avoid crashes because of
mixed functions from system and icedove itself (e.g. str2charray from
libldap_r-2.4.so.2 and libldap60.so). (Closes: #578916)
* [68f4b49] downgrade gnome stuff from Recommends to Suggests
(Closes: #579714)
* [bcff10b] install mailViews.dat into usr/share/icedove/defaults/messenger
-- Christoph Goehre <email address hidden> Fri, 14 May 2010 22:21:32 +0200
icedove (3.0.4-2) unstable; urgency=low
* [57f0a8b] remove icedove-3.0 transitional package (Closes: #576741)
* [8008231] remove wrong mime types in desktop file
* [a12edde] set StartupWMClass in desktop file to Icedove-bin
* [7512224] extend package description of icedove, icedove-dev and
icedove-dbg
* [7e725b9] fix FTBFS on alpha by passing '-Wl,--no-relax' to gcc
* [92d3515] Switch to dpkg-source 3.0 (quilt) format
* [14d5894] rebuild patch queue from patch-queue branch
added patches:
- 0046-add-missing-headers-for-icedove-dev-package.patch (Closes: #577021)
modified patches:
- 0012-Support-building-on-GNU-kFreeBSD-and-GNU-Hurd.patch
- 0020-Work-around-FTBFS-on-mips-by-disabling-TLS-support.patch
* [2cdd850] remove obsolete thunderbird 3.0a1pre postinst stuff
* [443f44b] process directory/c-sdk/configure with autoconf too
* [66c2f65] remove obsolete build depends librsvg2-bin and patchutils
-- Christoph Goehre <email address hidden> Sun, 11 Apr 2010 12:44:26 +0200
icedove (3.0.4-1) unstable; urgency=low
[ Guido Günther ]
* [01983a4] Add missing message/rfc822 mime type for eml files
(Closes: #574528)
[ Christoph Goehre ]
* New Upstream Version fixes:
- MFSA 2010-16 aka CVE-2010-0173, CVE-2010-0174: Crashes with evidence of
memory corruption (rv:1.9.2.2/ 1.9.1.9/ 1.9.0.19)
- MFSA 2010-17 aka CVE-2010-0175: Remote code execution with
use-after-free in nsTreeSelection
- MFSA 2010-18 aka CVE-2010-0176: Dangling pointer vulnerability in
nsTreeContentView
- MFSA 2010-22 aka CVE-2009-3555: Update NSS to support TLS renegotiation
indication
- MFSA 2010-24 aka CVE-2010-0182: XMLDocument::load() doesn't check
nsIContentPolicy
* upload icedove 3 to unstable (Closes: #401848, #422886, #425497, #430644,
#483550, #495522, #501113, #552617, #574188)
* rebuild patch queue from patch-queue branch:
added patches:
- 0044-don-t-remove-xpt-tools.patch
- 0045-Don-t-error-out-when-run-time-libsqlite-is-older-tha.patch
modified patches:
- 0011-fix-branding-in-migration-wizard-and-the-addon-manag.patch
- 0012-Support-building-on-GNU-kFreeBSD-and-GNU-Hurd.patch
- 0030-Force-better-nsAutoT-Ptr-Array-buffer-alignment.patch
- 0035-Fix-stack-alignment-on-function-calls-in-JIT-on-ARM.patch
obsolete patches (fixed upstream):
- 0021-Fix-crash-with-SwitchProxy-installed.patch
- 0023-Don-t-remove-build-automationutils.py-on-make-clean.patch
- 0039-Don-t-show-the-SVG-output-option-in-the-print-dialog.patch
* [a7f3529] Revert "disable prefetch service". This bug was already fixed in
3.0.2 (CVE-2009-4629) and 'network.prefetch-next' has no effect in
icedove.
* [fecc0b4] install versioned build depends instead of checking on build
time
* [4806890] enable building of icedove-dev package
* [412b8ac] be more explicit on installing file into icedove package
* [23b1d4b] depends on newer version of libnspr4-dev and libnss3-dev
* [809c723] lintian: idl files didn't need to be executable
* [ecd284e] lintian: add ${shlibs:Depends} to icedove-dev package
* [da75ee2] replace/remove non-free searchplugin icons and doubtful
origin file in mozilla folder (Closes: #567917)
* [eaf405e] update /usr/lib/icedove/dictionaries symlink to point to
/usr/share/hunspell
* [fe362ba] describe profile renaming on update to icedove 3.0
(Closes: #566329)
-- Christoph Goehre <email address hidden> Mon, 05 Apr 2010 21:11:42 +0200
| Superseded in experimental-release |
icedove (3.0.3-1) experimental; urgency=low
* New Upstream Version fixes:
- missing folders or empty folder pane after updating to version 3.0.2
* [a69cdfd] rebuild patches from patch-queue:
- additional fix for FTBFS on kfreeBSD
* [e4bffd4] disable prefetch service (Closes: #572789)
* [3838bbe] branding files shouldn't be executable
* [3dc6688] add missing newline in logo license file
-- Christoph Goehre <email address hidden> Sat, 06 Mar 2010 21:48:50 +0100
| Superseded in experimental-release |
icedove (3.0.2-1) experimental; urgency=low
* New Upstream Version fixes:
- MFSA 2010-01 aka CVE-2010-0159: Crashes with evidence of memory
corruption (rv:1.9.1.8/ 1.9.0.18)
- MFSA 2010-03 aka CVE-2009-1571: Use-after-free crash in HTML parser
* [1fd705f] install menu file (Closes: #569166)
* [8df3f99] generate desktop files at build process
* [5b0bb84] add icedove branding logos
* [1ef1c10] copyright explanation of icedove artwork (Closes: #406849)
* [6cdc0b0] remove forgotten firefox branding icons (Closes: #567917)
* [cec6a38] swedish translation for desktop file (Closes: #420050)
* [0256328] readd translation for desktop file
* [20311f4] rebuild patches (most patches from Mike Hommey)
- fix FTBFS on kFreeBSD, hppa, mips
- stability patched for mips, alpha, sparc, ppc and arm
- really cleanup build directory on 'make clean/distclean'
- allow intl.locale.matchOS to be modified in user profile
* [0098f90] write manpage for icedove (Closes: #425490, #487493)
* [fbccfaa] no longer suggest libthai0 (Closes: #524436)
* [26d3e39] change suggests from transitional package latex-xft-fonts
to ttf-lyx (Closes: #539535)
* [e24801a] improve desktop file (remove deprecated items and
warnings/errors)
* [68885c4] bump up standards version to 3.8.4
* [df39ede] use xpm icon in menu file to calm lintian
* [8303887] adjust sqlite version to new upstream dependency
-- Christoph Goehre <email address hidden> Sun, 28 Feb 2010 18:19:13 +0100
| Superseded in experimental-release |
icedove (3.0.1-2) experimental; urgency=low
[ Guido Günther ]
* [7ea7367] Explicitly pass build and host type to configure (Closes:
#546011) - thanks to Sven Joachim <email address hidden> for the patch
* [7fca9e1] Add back icedove changelog of earlier versions
[ Christoph Goehre ]
* [72b78cc] Support both - and _ separators in dictionary names - patch from
Reed Loden
* [9a96759] fix branding in migration wizard and the addon manager (Closes:
#565559)- patch from Edward J. Shornock
-- Christoph Goehre <email address hidden> Tue, 02 Feb 2010 20:32:24 +0100
| Superseded in experimental-release |
icedove (3.0.1-1) experimental; urgency=low
* New Upstream Version
* [8a2f5dc] define default options for git-import-orig
* [ac65b1b] refresh debian patches
* [851c5dc] rename binary packages to icedove (without version number)
* [6e12d1b] adjust cairo version to 1.8.8
* [cd7cd6f] moving the old profile dir instead of copy
* [c342380] replace theme directory always by link to /usr/share if we
update to version 3
* [c88eaa7] expansion of lib{dbusservice,mozgnome,nkgnomevfs}.so didn't work
with dpkg-shlibdeps - lets use the '-e' switch
-- Christoph Goehre <email address hidden> Thu, 21 Jan 2010 20:53:57 +0100
| Superseded in experimental-release |
icedove (3.0-2) experimental; urgency=low * [f07e702] Add Replaces for icedove-gnome-support * [72e66e7] Fix typo -- Guido Günther <email address hidden> Fri, 08 Jan 2010 16:05:10 +0100
| Superseded in experimental-release |
icedove (3.0~rc2-2) experimental; urgency=low
[ Christoph Goehre ]
* [5b7992b] rename source package to unversioned name
* [cde3507] change Maintainer back to asac, add Uploaders Guido and me
* [978c58d] disable icedove-3.0-dev package build for now until it is fixed
upstream
* Upstream is identical to 3.0 final
-- Guido Günther <email address hidden> Thu, 17 Dec 2009 18:36:58 +0100
| Superseded in sid-release |
icedove (2.0.0.22-1.1) unstable; urgency=low
* Non-maintainer upload.
* update /usr/lib/icedove/dictionaries symlink to point to
/usr/share/hunspell (closes: #549876)
* add $[shlibs:Depends} to iceape-dev
-- Rene Engelhard <email address hidden> Mon, 09 Nov 2009 17:11:50 +0100
icedove (2.0.0.22-0lenny1) stable-security; urgency=low
* New upstream security/stability update (v2.0.0.21/v2.0.0.22) (Closes: 535124)
* MFSA 2009-33: Crash viewing multipart/alternative message with text/enhanced part
* MFSA 2009-32 aka CVE-2009-1841: JavaScript chrome privilege escalation
* MFSA 2009-29 aka CVE-2009-1838: Arbitrary code execution using event listeners
attached to an element whose owner document is null
* MFSA 2009-27 aka CVE-2009-1836: SSL tampering via non-200 responses to proxy
CONNECT requests
* MFSA 2009-24 aka CVE-2009-1832+CVE-2009-1831: Crashes with evidence of memory
corruption (rv:1.9.0.11)
* MFSA 2009-17 aka CVE-2009-1307: Same-origin violations when Adobe Flash loaded
via view-source: scheme
* MFSA 2009-14 aka CVE-2009-1303+CVE-2009-1302: Crashes with evidence of memory
corruption (rv:1.9.0.9)
* MFSA 2009-15 aka CVE-2009-0652: URL spoofing with box drawing character
* MFSA 2009-10 aka CVE-2009-0040: Upgrade PNG library to fix memory safety hazards
* MFSA 2009-09 aka CVE-2009-0776: XML data theft via RDFXMLDataSource and cross-domain
redirect
* MFSA 2009-07 aka CVE-2009-0771,-0772,-0773,-0774: Crashes with evidence of memory
corruption (rv:1.9.0.7)
* MFSA 2009-01 aka CVE-2009-0352,CVE-2009-0353 Crashes with evidence of memory
corruption (rv:1.9.0.6)
* adjust patches to changed codebase
- update debian/patches/ubuntu-mail-app-xre-name
* take back Maintainer: field in debian/control
-- Alexander Sack <email address hidden> Sun, 05 Jul 2009 13:49:04 +0200
| Superseded in sid-release |
icedove (2.0.0.22-1) unstable; urgency=low
* New upstream security/stability update (v2.0.0.21/v2.0.0.22) (Closes: 535124)
* MFSA 2009-33: Crash viewing multipart/alternative message with text/enhanced part
* MFSA 2009-32 aka CVE-2009-1841: JavaScript chrome privilege escalation
* MFSA 2009-29 aka CVE-2009-1838: Arbitrary code execution using event listeners
attached to an element whose owner document is null
* MFSA 2009-27 aka CVE-2009-1836: SSL tampering via non-200 responses to proxy
CONNECT requests
* MFSA 2009-24 aka CVE-2009-1832+CVE-2009-1831: Crashes with evidence of memory
corruption (rv:1.9.0.11)
* MFSA 2009-17 aka CVE-2009-1307: Same-origin violations when Adobe Flash loaded
via view-source: scheme
* MFSA 2009-14 aka CVE-2009-1303+CVE-2009-1302: Crashes with evidence of memory
corruption (rv:1.9.0.9)
* MFSA 2009-15 aka CVE-2009-0652: URL spoofing with box drawing character
* MFSA 2009-10 aka CVE-2009-0040: Upgrade PNG library to fix memory safety hazards
* MFSA 2009-09 aka CVE-2009-0776: XML data theft via RDFXMLDataSource and cross-domain
redirect
* MFSA 2009-07 aka CVE-2009-0771,-0772,-0773,-0774: Crashes with evidence of memory
corruption (rv:1.9.0.7)
* MFSA 2009-01 aka CVE-2009-0352,CVE-2009-0353 Crashes with evidence of memory
corruption (rv:1.9.0.6)
* adjust patches to changed codebase
- update debian/patches/ubuntu-mail-app-xre-name
-- Alexander Sack <email address hidden> Wed, 01 Jul 2009 12:18:03 +0200
icedove (2.0.0.19-1) unstable; urgency=medium
* New upstream security/stability update (v.2.0.0.18/2.0.0.19) Closes: 505563
2.0.0.18:
* MFSA 2008-48 aka CVE-2008-5012 - Image stealing via canvas and HTTP
redirect
* MFSA 2008-50 aka CVE-2008-5014 - Crash and remote code execution via
__proto__ tampering
* MFSA 2008-52 aka CVE-2008-5017 - Crashes with evidence of memory
corruption (rv:1.9.0.4/1.8.1.18); Browser engine crash in "Firefox 2
and 3"
* MFSA 2008-52 aka CVE-2008-5018 - Crashes with evidence of memory
corruption (rv:1.9.0.4/1.8.1.18); JavaScript engine crash - "Firefox 2
and 3"
* MFSA 2008-55 aka CVE-2008-5021 - Crash and remote code execution in
nsFrameManager
* MFSA 2008-56 aka CVE-2008-5022 - nsXMLHttpRequest::NotifyEventListeners()
same-origin violation
* MFSA 2008-58 aka CVE-2008-5024 - Parsing error in E4X default namespace
* MFSA 2008-59 aka CVE-2008-4582 - Script access to .documentURI and
.textContent in mail
2.0.0.19:
* MFSA 2008-60 aka CVE-2008-5500 - Crashes with evidence of memory
corruption (rv:1.9.0.5/1.8.1.19); Layout engine crashes - Firefox 2 and 3
* MFSA 2008-61 aka CVE-2008-5503 - Information stealing via
loadBindingDocument
* MFSA 2008-64 aka CVE-2008-5506 - XMLHttpRequest 302 response disclosure
* MFSA 2008-65 aka CVE-2008-5507 - Cross-domain data theft via script
redirect error message
* MFSA 2008-66 aka CVE-2008-5508 - Errors parsing URLs with leading
whitespace and control characters
* MFSA 2008-67 aka CVE-2008-5510 - Escaped null characters ignored by CSS
parser
* apply Maintainers, Uploaders changes done in 2.0.0.17 upload to
debian/control
- update debian/control
* adjust/refresh patches to changed upstream code
- update debian/patches/moz-app-name-as-mail-binary-name
- update debian/patches/autoconf2.13-rerun
-- Alexander Sack <email address hidden> Sat, 03 Jan 2009 16:27:42 +0100
icedove (2.0.0.17-1) unstable; urgency=low
* New upstream security/stability update (v.2.0.0.17), Closes: #500721
* MFSA 2008-37 aka CVE-2008-0016 - UTF-8 URL stack buffer overflow
* MFSA 2008-38 aka CVE-2008-3835 - nsXMLDocument::OnChannelRedirect()
same-origin violation
* MFSA 2008-41 aka CVE-2008-4058, CVE-2008-4059, CVE-2008-4060 - Privilege
escalation via XPCnativeWrapper pollution
* MFSA 2008-42 aka CVE-2008-4061, CVE-2008-4062, CVE-2008-4063,
CVE-2008-4064 - Crashes with evidence of memory corruption
(rv:1.9.0.2/1.8.1.17)
* MFSA 2008-43 aka CVE-2008-4065, CVE-2008-4066 - BOM characters, low
surrogates stripped from JavaScript before execution
* MFSA 2008-44 aka CVE-2008-4067, CVE-2008-4068 - resource: traversal
vulnerabilities
* MFSA 2008-46 aka CVE-2008-4070 - Heap overflow when canceling newsgroup
message
[ Michael Casadevall <email address hidden> ]
* debian/control:
- Changed maintainer to Ubuntu Mozillateam
- Added Uploaders to the team
- Set DM-Upload-Allowed
- Bumped standards version to 3.8.0
[ Alexander Sack <email address hidden> ]
* Closes: #497491 - Icedove inappropriately sets file-/MIME-type
associations in .desktop database; we drop the Mime-Type= entry
from debian/icedove.desktop
- update debian/icedove.desktop
-- Michael Casadevall <email address hidden> Sat, 18 Oct 2008 09:07:20 -0400
| Superseded in lenny-release |
icedove (2.0.0.16-1) unstable; urgency=low
* New upstream security/stability update (v2.0.0.16) fixes:
* MFSA 2008-21 aka CVE-2008-2798 - Crashes with evidence of memory
corruption
* MFSA 2008-21 aka CVE-2008-2799 - Crashes with evidence of memory
corruption
* MFSA 2008-24 aka CVE-2008-2802 - Chrome script loading from fastload file
* MFSA 2008-25 aka CVE-2008-2803 - Arbitrary code execution in
mozIJSSubScriptLoader.loadSubScript()
* MFSA 2008-26 aka CVE-2008-0304 - (followup) Buffer length checks in MIME
processing
* MFSA 2008-29 aka CVE-2008-2807 - Faulty .properties file results in
uninitialized memory being used
* MFSA 2008-31 aka CVE-2008-2809 - Peer-trusted certs can use alt names to
spoof
* MFSA 2008-33 aka CVE-2008-2811 - Crash and remote code execution in block
reflow
* MFSA 2008-34 aka CVE-2008-2785 - Remote code execution by overflowing CSS
reference counter
* Closes: #483938 - add .desktop file translations (contributed by Timo
Jyrinki <email address hidden>)
- update debian/icedove.desktop
(cherry pick rev77 from lp:~mozillateam/thunderbird/thunderbird.dev branch)
* drop patches applied upstream
- drop debian/patches/bz419350_attachment_306066.patch
- update debian/patches/series
(cherry pick rev78 from lp:~mozillateam/thunderbird/thunderbird.dev branch)
* adjust patches diverged upstream
- update debian/patches/ubuntu-look-and-feel-report-a-bug-menuitem
(cherry pick rev80 from lp:~mozillateam/thunderbird/thunderbird.dev branch)
* Closes: #489093 - add explicit -lfontconfig to linker flags used for gfx/ps
module to fix ftbfs in intrepid
- add debian/patches/bzXXX_ftbfs_fontconfig.patch
- update debian/patches/series
-- Alexander Sack <email address hidden> Thu, 24 Jul 2008 17:38:51 +0200
| 151 → 170 of 170 results | First • Previous • Next • Last |
