Change log for icedove package in Debian
151 → 170 of 170 results | First • Previous • Next • Last |
Superseded in experimental-release |
icedove (3.1.2-1) experimental; urgency=low * New Upstream Version (Closes: #589666, #591899) - MFSA 2010-34 aka CVE-2010-1211, CVE-2010-1212: Miscellaneous memory safety hazards (rv:1.9.2.7/ 1.9.1.11) - MFSA 2010-38 aka CVE-2010-1215: Arbitrary code execution using SJOW and fast native function - MFSA 2010-39 aka CVE-2010-2752: nsCSSValue::Array index integer overflow - MFSA 2010-40 aka CVE-2010-2753: nsTreeSelection dangling pointer remote code execution vulnerability - MFSA 2010-41 aka CVE-2010-1205: Remote code execution using malformed PNG image - MFSA 2010-42 aka CVE-2010-1213: Cross-origin data disclosure via Web Workers and importScripts - MFSA 2010-43 aka CVE-2010-1207: Same-origin bypass using canvas context - MFSA 2010-44 aka CVE-2010-1210: Characters mapped to U+FFFD in 8 bit encodings cause subsequent character to vanish - MFSA 2010-46 aka CVE-2010-0654: Cross-domain data theft using CSS - MFSA 2010-47 aka CVE-2010-2754: Cross-origin data leakage from script filename in error messages * [6b9976e] rebuild patch queue from patch-queue branch modified patches: - 0010-Support-building-on-GNU-kFreeBSD-and-GNU-Hurd.patch - 0015-Don-t-register-plugins-if-the-MOZILLA_DISABLE_PLUGIN.patch - 0018-Work-around-FTBFS-on-mips-by-disabling-TLS-support.patch - 0034-Fix-compiler-errors-with-g-4.4-with-std-gnu-0x.patch - 0045-Expose-fullpath-from-nsIPluginTag.patch - 0047-Use-syscall-for-mmap-and-munmap-and-disable-ncpus-in.patch - 0050-Set-javascript.options.showInConsole.patch - 0057-Allow-to-build-against-system-libffi.patch - 0058-Ignore-system-libjpeg-libpng-and-zlib-version-checki.patch - 0059-Disable-APNG-support-when-system-libpng-doesn-t-supp.patch * [16b0e7e] fix FTBFS on kfreebsd-* and hurd-i386 by passing --disable-necko-wifi to configure (Closes: #589476) * [15a02c7] bump up standards version to 3.9.1 -- Christoph Goehre <email address hidden> Fri, 13 Aug 2010 12:18:21 +0200
icedove (3.0.6-1) unstable; urgency=low * New Upstream Version - MFSA 2010-34 aka CVE-2010-1211, CVE-2010-1212: Miscellaneous memory safety hazards (rv:1.9.2.7/ 1.9.1.11) - MFSA 2010-39 aka CVE-2010-2752: nsCSSValue::Array index integer overflow - MFSA 2010-40 aka CVE-2010-2753: nsTreeSelection dangling pointer remote code execution vulnerability - MFSA 2010-41 aka CVE-2010-1205: Remote code execution using malformed PNG image - MFSA 2010-42 aka CVE-2010-1213: Cross-origin data disclosure via Web Workers and importScripts - MFSA 2010-46 aka CVE-2010-0654: Cross-domain data theft using CSS - MFSA 2010-47 aka CVE-2010-2754: Cross-origin data leakage from script filename in error messages * [7efdfaf] rebuild patch queue from patch-queue branch added patches: - 0054-Use-syscall-for-mmap-and-munmap-and-disable-ncpus-in.patch (Closes: #580297) - 0055-Ignore-system-libjpeg-libpng-and-zlib-version-checki.patch - 0056-Disable-APNG-support-when-system-libpng-doesn-t-supp.patch modified patches: - 0012-Support-building-on-GNU-kFreeBSD-and-GNU-Hurd.patch * [ceb5c15] bump up standards version to 3.9.1 * [fd8dd2f] lintian: downgrade Conflicts to Breaks * [4046823] build against system libpng -- Christoph Goehre <email address hidden> Thu, 05 Aug 2010 13:55:35 -0400
Superseded in experimental-release |
icedove (3.1-1) experimental; urgency=low * New Upstream Version * [124a316] add additional build depends libnotify-dev * [5ed6a72] adjust branding for Icedove 3.1 * [bed8969] install further js files shipped with Icedove 3.1 * [02456e6] replace blue icedove icons with green version * [036921f] regenerate patch queue for 3.1 Icedove release * [a7fa393] build with system ffi * [d8650f7] ship icedove svg file for low resolution icons too * [7718c55] bump Standards Version to 3.9.0 and downgrade Conflicts to Breaks * [9621fc6] lintian: override ancient-libtool warning -- Christoph Goehre <email address hidden> Sat, 17 Jul 2010 17:19:58 +0200
Published in lenny-release |
icedove (2.0.0.24-0lenny1) stable-security; urgency=low * New upstream security/stability update (v2.0.0.23/v2.0.0.24) * MFSA 2009-42 aka CVE-2009-2408: Compromise of SSL-protected communication * MFSA 2009-43 aka CVE-2009-2404: Heap overflow in certificate regexp parsing * MFSA 2009-49 aka CVE-2009-3077: TreeColumns dangling pointer vulnerability * MFSA 2009-59 aka CVE-2009-0689: Heap buffer overflow in string to number conversion * MFSA 2009-62 aka CVE-2009-3376: Download filename spoofing with RTL override * MFSA 2009-68 aka CVE-2009-3983: NTLM reflection vulnerability * MFSA 2010-07 aka - CVE-2009-2463: Integer overflow in a base64 decoding function - CVE-2009-3072: Crash in the BinHex decoder - CVE-2009-3075: Crash in the JavaScript engine - CVE-2010-0163: Crash indexing some messages with attachments * adjust patches for new upstream - update debian/patches/18_kbsd_nspr.dpatch - update debian/patches/autoconf2.13-rerun - update debian/patches/ubuntu-mail-app-xre-name -- Christoph Goehre <email address hidden> Sat, 27 Mar 2010 12:06:44 +0100
icedove (3.0.5-1) unstable; urgency=low * New Upstream Version * [9774410] rebuild patch queue from patch-queue branch added patches: - 0045-Fix-misalignments-in-help-command-line.patch - 0046-Fix-misalignments-in-help-command-line.patch - 0047-KDE-Gnome-startup-notification-not-disappearing-when.patch - 0048-KDE-Gnome-startup-notification-not-disappearing-for-.patch - 0049-Use-char16_t-when-available-and-when-it-is-don-t-tes.patch - 0050-Fix-compiler-errors-with-g-4.4-with-std-gnu-0x.patch - 0051-Add-xptcall-support-for-SH4-processors.patch modified patches: - 0028-Avoid-crashing-when-trying-to-kill-a-nsProcess-that-.patch obsolete patches (fixed upstream): - 0021-Avoid-creating-the-updates-directory-when-update-ser.patch - 0035-Fix-stack-alignment-on-function-calls-in-JIT-on-ARM.patch * [3b98c84] avoid unneeded package depends by building with '-Wl,--as-needed' * [0067020] Build with -std=gnu++0x * [72d4300] add pkg-config file for icedove (Closes: #577740) * [e6af35d] enlarge package description with specification from icedove 2.0 (Closes: #565887) * [ef0bc10] add support for new Debian arch: powerpcspe (Closes: #586100) - thanks to Sebastian Andrzej Siewior * [5ae6099] use high bandwidth server in watch file to get new upstream release * [5e6d641] remove obsolete build depends libkrb5-dev * [8ed7848] remove unused DEBIAN_VERSION vars in rules file * [9959bd5] DEB_HOST_GNU_TYPE, DEB_BUILD_GNU_TYPE and DEB_BUILD_ARCH are defined by cdbs too * [9f6c088] Fix misalignments in --help command line -- Christoph Goehre <email address hidden> Sat, 19 Jun 2010 23:26:55 +0200
icedove (3.0.4-3) unstable; urgency=low * [4026b50] icedove-dev need depend on libnspr4-dev and libnss3-dev (Closes: #455725) * [1fee936] don't run configure with --enable-optimize and --disable- optimize if DEB_BUILD_OPTIONS contains noopt * [02c0ea3] ship account autoconfig file for Riseup Networks (riseup.net) (Closes: #577616) * [e710d08] suggest libgssapi-krb5-2 for Kerberos login possibility * [7609291] build a shared icedove binary. This avoid crashes because of mixed functions from system and icedove itself (e.g. str2charray from libldap_r-2.4.so.2 and libldap60.so). (Closes: #578916) * [68f4b49] downgrade gnome stuff from Recommends to Suggests (Closes: #579714) * [bcff10b] install mailViews.dat into usr/share/icedove/defaults/messenger -- Christoph Goehre <email address hidden> Fri, 14 May 2010 22:21:32 +0200
icedove (3.0.4-2) unstable; urgency=low * [57f0a8b] remove icedove-3.0 transitional package (Closes: #576741) * [8008231] remove wrong mime types in desktop file * [a12edde] set StartupWMClass in desktop file to Icedove-bin * [7512224] extend package description of icedove, icedove-dev and icedove-dbg * [7e725b9] fix FTBFS on alpha by passing '-Wl,--no-relax' to gcc * [92d3515] Switch to dpkg-source 3.0 (quilt) format * [14d5894] rebuild patch queue from patch-queue branch added patches: - 0046-add-missing-headers-for-icedove-dev-package.patch (Closes: #577021) modified patches: - 0012-Support-building-on-GNU-kFreeBSD-and-GNU-Hurd.patch - 0020-Work-around-FTBFS-on-mips-by-disabling-TLS-support.patch * [2cdd850] remove obsolete thunderbird 3.0a1pre postinst stuff * [443f44b] process directory/c-sdk/configure with autoconf too * [66c2f65] remove obsolete build depends librsvg2-bin and patchutils -- Christoph Goehre <email address hidden> Sun, 11 Apr 2010 12:44:26 +0200
icedove (3.0.4-1) unstable; urgency=low [ Guido Günther ] * [01983a4] Add missing message/rfc822 mime type for eml files (Closes: #574528) [ Christoph Goehre ] * New Upstream Version fixes: - MFSA 2010-16 aka CVE-2010-0173, CVE-2010-0174: Crashes with evidence of memory corruption (rv:1.9.2.2/ 1.9.1.9/ 1.9.0.19) - MFSA 2010-17 aka CVE-2010-0175: Remote code execution with use-after-free in nsTreeSelection - MFSA 2010-18 aka CVE-2010-0176: Dangling pointer vulnerability in nsTreeContentView - MFSA 2010-22 aka CVE-2009-3555: Update NSS to support TLS renegotiation indication - MFSA 2010-24 aka CVE-2010-0182: XMLDocument::load() doesn't check nsIContentPolicy * upload icedove 3 to unstable (Closes: #401848, #422886, #425497, #430644, #483550, #495522, #501113, #552617, #574188) * rebuild patch queue from patch-queue branch: added patches: - 0044-don-t-remove-xpt-tools.patch - 0045-Don-t-error-out-when-run-time-libsqlite-is-older-tha.patch modified patches: - 0011-fix-branding-in-migration-wizard-and-the-addon-manag.patch - 0012-Support-building-on-GNU-kFreeBSD-and-GNU-Hurd.patch - 0030-Force-better-nsAutoT-Ptr-Array-buffer-alignment.patch - 0035-Fix-stack-alignment-on-function-calls-in-JIT-on-ARM.patch obsolete patches (fixed upstream): - 0021-Fix-crash-with-SwitchProxy-installed.patch - 0023-Don-t-remove-build-automationutils.py-on-make-clean.patch - 0039-Don-t-show-the-SVG-output-option-in-the-print-dialog.patch * [a7f3529] Revert "disable prefetch service". This bug was already fixed in 3.0.2 (CVE-2009-4629) and 'network.prefetch-next' has no effect in icedove. * [fecc0b4] install versioned build depends instead of checking on build time * [4806890] enable building of icedove-dev package * [412b8ac] be more explicit on installing file into icedove package * [23b1d4b] depends on newer version of libnspr4-dev and libnss3-dev * [809c723] lintian: idl files didn't need to be executable * [ecd284e] lintian: add ${shlibs:Depends} to icedove-dev package * [da75ee2] replace/remove non-free searchplugin icons and doubtful origin file in mozilla folder (Closes: #567917) * [eaf405e] update /usr/lib/icedove/dictionaries symlink to point to /usr/share/hunspell * [fe362ba] describe profile renaming on update to icedove 3.0 (Closes: #566329) -- Christoph Goehre <email address hidden> Mon, 05 Apr 2010 21:11:42 +0200
Superseded in experimental-release |
icedove (3.0.3-1) experimental; urgency=low * New Upstream Version fixes: - missing folders or empty folder pane after updating to version 3.0.2 * [a69cdfd] rebuild patches from patch-queue: - additional fix for FTBFS on kfreeBSD * [e4bffd4] disable prefetch service (Closes: #572789) * [3838bbe] branding files shouldn't be executable * [3dc6688] add missing newline in logo license file -- Christoph Goehre <email address hidden> Sat, 06 Mar 2010 21:48:50 +0100
Superseded in experimental-release |
icedove (3.0.2-1) experimental; urgency=low * New Upstream Version fixes: - MFSA 2010-01 aka CVE-2010-0159: Crashes with evidence of memory corruption (rv:1.9.1.8/ 1.9.0.18) - MFSA 2010-03 aka CVE-2009-1571: Use-after-free crash in HTML parser * [1fd705f] install menu file (Closes: #569166) * [8df3f99] generate desktop files at build process * [5b0bb84] add icedove branding logos * [1ef1c10] copyright explanation of icedove artwork (Closes: #406849) * [6cdc0b0] remove forgotten firefox branding icons (Closes: #567917) * [cec6a38] swedish translation for desktop file (Closes: #420050) * [0256328] readd translation for desktop file * [20311f4] rebuild patches (most patches from Mike Hommey) - fix FTBFS on kFreeBSD, hppa, mips - stability patched for mips, alpha, sparc, ppc and arm - really cleanup build directory on 'make clean/distclean' - allow intl.locale.matchOS to be modified in user profile * [0098f90] write manpage for icedove (Closes: #425490, #487493) * [fbccfaa] no longer suggest libthai0 (Closes: #524436) * [26d3e39] change suggests from transitional package latex-xft-fonts to ttf-lyx (Closes: #539535) * [e24801a] improve desktop file (remove deprecated items and warnings/errors) * [68885c4] bump up standards version to 3.8.4 * [df39ede] use xpm icon in menu file to calm lintian * [8303887] adjust sqlite version to new upstream dependency -- Christoph Goehre <email address hidden> Sun, 28 Feb 2010 18:19:13 +0100
Superseded in experimental-release |
icedove (3.0.1-2) experimental; urgency=low [ Guido Günther ] * [7ea7367] Explicitly pass build and host type to configure (Closes: #546011) - thanks to Sven Joachim <email address hidden> for the patch * [7fca9e1] Add back icedove changelog of earlier versions [ Christoph Goehre ] * [72b78cc] Support both - and _ separators in dictionary names - patch from Reed Loden * [9a96759] fix branding in migration wizard and the addon manager (Closes: #565559)- patch from Edward J. Shornock -- Christoph Goehre <email address hidden> Tue, 02 Feb 2010 20:32:24 +0100
Superseded in experimental-release |
icedove (3.0.1-1) experimental; urgency=low * New Upstream Version * [8a2f5dc] define default options for git-import-orig * [ac65b1b] refresh debian patches * [851c5dc] rename binary packages to icedove (without version number) * [6e12d1b] adjust cairo version to 1.8.8 * [cd7cd6f] moving the old profile dir instead of copy * [c342380] replace theme directory always by link to /usr/share if we update to version 3 * [c88eaa7] expansion of lib{dbusservice,mozgnome,nkgnomevfs}.so didn't work with dpkg-shlibdeps - lets use the '-e' switch -- Christoph Goehre <email address hidden> Thu, 21 Jan 2010 20:53:57 +0100
Superseded in experimental-release |
icedove (3.0-2) experimental; urgency=low * [f07e702] Add Replaces for icedove-gnome-support * [72e66e7] Fix typo -- Guido Günther <email address hidden> Fri, 08 Jan 2010 16:05:10 +0100
Superseded in experimental-release |
icedove (3.0~rc2-2) experimental; urgency=low [ Christoph Goehre ] * [5b7992b] rename source package to unversioned name * [cde3507] change Maintainer back to asac, add Uploaders Guido and me * [978c58d] disable icedove-3.0-dev package build for now until it is fixed upstream * Upstream is identical to 3.0 final -- Guido Günther <email address hidden> Thu, 17 Dec 2009 18:36:58 +0100
Superseded in sid-release |
icedove (2.0.0.22-1.1) unstable; urgency=low * Non-maintainer upload. * update /usr/lib/icedove/dictionaries symlink to point to /usr/share/hunspell (closes: #549876) * add $[shlibs:Depends} to iceape-dev -- Rene Engelhard <email address hidden> Mon, 09 Nov 2009 17:11:50 +0100
icedove (2.0.0.22-0lenny1) stable-security; urgency=low * New upstream security/stability update (v2.0.0.21/v2.0.0.22) (Closes: 535124) * MFSA 2009-33: Crash viewing multipart/alternative message with text/enhanced part * MFSA 2009-32 aka CVE-2009-1841: JavaScript chrome privilege escalation * MFSA 2009-29 aka CVE-2009-1838: Arbitrary code execution using event listeners attached to an element whose owner document is null * MFSA 2009-27 aka CVE-2009-1836: SSL tampering via non-200 responses to proxy CONNECT requests * MFSA 2009-24 aka CVE-2009-1832+CVE-2009-1831: Crashes with evidence of memory corruption (rv:1.9.0.11) * MFSA 2009-17 aka CVE-2009-1307: Same-origin violations when Adobe Flash loaded via view-source: scheme * MFSA 2009-14 aka CVE-2009-1303+CVE-2009-1302: Crashes with evidence of memory corruption (rv:1.9.0.9) * MFSA 2009-15 aka CVE-2009-0652: URL spoofing with box drawing character * MFSA 2009-10 aka CVE-2009-0040: Upgrade PNG library to fix memory safety hazards * MFSA 2009-09 aka CVE-2009-0776: XML data theft via RDFXMLDataSource and cross-domain redirect * MFSA 2009-07 aka CVE-2009-0771,-0772,-0773,-0774: Crashes with evidence of memory corruption (rv:1.9.0.7) * MFSA 2009-01 aka CVE-2009-0352,CVE-2009-0353 Crashes with evidence of memory corruption (rv:1.9.0.6) * adjust patches to changed codebase - update debian/patches/ubuntu-mail-app-xre-name * take back Maintainer: field in debian/control -- Alexander Sack <email address hidden> Sun, 05 Jul 2009 13:49:04 +0200
Superseded in sid-release |
icedove (2.0.0.22-1) unstable; urgency=low * New upstream security/stability update (v2.0.0.21/v2.0.0.22) (Closes: 535124) * MFSA 2009-33: Crash viewing multipart/alternative message with text/enhanced part * MFSA 2009-32 aka CVE-2009-1841: JavaScript chrome privilege escalation * MFSA 2009-29 aka CVE-2009-1838: Arbitrary code execution using event listeners attached to an element whose owner document is null * MFSA 2009-27 aka CVE-2009-1836: SSL tampering via non-200 responses to proxy CONNECT requests * MFSA 2009-24 aka CVE-2009-1832+CVE-2009-1831: Crashes with evidence of memory corruption (rv:1.9.0.11) * MFSA 2009-17 aka CVE-2009-1307: Same-origin violations when Adobe Flash loaded via view-source: scheme * MFSA 2009-14 aka CVE-2009-1303+CVE-2009-1302: Crashes with evidence of memory corruption (rv:1.9.0.9) * MFSA 2009-15 aka CVE-2009-0652: URL spoofing with box drawing character * MFSA 2009-10 aka CVE-2009-0040: Upgrade PNG library to fix memory safety hazards * MFSA 2009-09 aka CVE-2009-0776: XML data theft via RDFXMLDataSource and cross-domain redirect * MFSA 2009-07 aka CVE-2009-0771,-0772,-0773,-0774: Crashes with evidence of memory corruption (rv:1.9.0.7) * MFSA 2009-01 aka CVE-2009-0352,CVE-2009-0353 Crashes with evidence of memory corruption (rv:1.9.0.6) * adjust patches to changed codebase - update debian/patches/ubuntu-mail-app-xre-name -- Alexander Sack <email address hidden> Wed, 01 Jul 2009 12:18:03 +0200
icedove (2.0.0.19-1) unstable; urgency=medium * New upstream security/stability update (v.2.0.0.18/2.0.0.19) Closes: 505563 2.0.0.18: * MFSA 2008-48 aka CVE-2008-5012 - Image stealing via canvas and HTTP redirect * MFSA 2008-50 aka CVE-2008-5014 - Crash and remote code execution via __proto__ tampering * MFSA 2008-52 aka CVE-2008-5017 - Crashes with evidence of memory corruption (rv:1.9.0.4/1.8.1.18); Browser engine crash in "Firefox 2 and 3" * MFSA 2008-52 aka CVE-2008-5018 - Crashes with evidence of memory corruption (rv:1.9.0.4/1.8.1.18); JavaScript engine crash - "Firefox 2 and 3" * MFSA 2008-55 aka CVE-2008-5021 - Crash and remote code execution in nsFrameManager * MFSA 2008-56 aka CVE-2008-5022 - nsXMLHttpRequest::NotifyEventListeners() same-origin violation * MFSA 2008-58 aka CVE-2008-5024 - Parsing error in E4X default namespace * MFSA 2008-59 aka CVE-2008-4582 - Script access to .documentURI and .textContent in mail 2.0.0.19: * MFSA 2008-60 aka CVE-2008-5500 - Crashes with evidence of memory corruption (rv:1.9.0.5/1.8.1.19); Layout engine crashes - Firefox 2 and 3 * MFSA 2008-61 aka CVE-2008-5503 - Information stealing via loadBindingDocument * MFSA 2008-64 aka CVE-2008-5506 - XMLHttpRequest 302 response disclosure * MFSA 2008-65 aka CVE-2008-5507 - Cross-domain data theft via script redirect error message * MFSA 2008-66 aka CVE-2008-5508 - Errors parsing URLs with leading whitespace and control characters * MFSA 2008-67 aka CVE-2008-5510 - Escaped null characters ignored by CSS parser * apply Maintainers, Uploaders changes done in 2.0.0.17 upload to debian/control - update debian/control * adjust/refresh patches to changed upstream code - update debian/patches/moz-app-name-as-mail-binary-name - update debian/patches/autoconf2.13-rerun -- Alexander Sack <email address hidden> Sat, 03 Jan 2009 16:27:42 +0100
icedove (2.0.0.17-1) unstable; urgency=low * New upstream security/stability update (v.2.0.0.17), Closes: #500721 * MFSA 2008-37 aka CVE-2008-0016 - UTF-8 URL stack buffer overflow * MFSA 2008-38 aka CVE-2008-3835 - nsXMLDocument::OnChannelRedirect() same-origin violation * MFSA 2008-41 aka CVE-2008-4058, CVE-2008-4059, CVE-2008-4060 - Privilege escalation via XPCnativeWrapper pollution * MFSA 2008-42 aka CVE-2008-4061, CVE-2008-4062, CVE-2008-4063, CVE-2008-4064 - Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17) * MFSA 2008-43 aka CVE-2008-4065, CVE-2008-4066 - BOM characters, low surrogates stripped from JavaScript before execution * MFSA 2008-44 aka CVE-2008-4067, CVE-2008-4068 - resource: traversal vulnerabilities * MFSA 2008-46 aka CVE-2008-4070 - Heap overflow when canceling newsgroup message [ Michael Casadevall <email address hidden> ] * debian/control: - Changed maintainer to Ubuntu Mozillateam - Added Uploaders to the team - Set DM-Upload-Allowed - Bumped standards version to 3.8.0 [ Alexander Sack <email address hidden> ] * Closes: #497491 - Icedove inappropriately sets file-/MIME-type associations in .desktop database; we drop the Mime-Type= entry from debian/icedove.desktop - update debian/icedove.desktop -- Michael Casadevall <email address hidden> Sat, 18 Oct 2008 09:07:20 -0400
Superseded in lenny-release |
icedove (2.0.0.16-1) unstable; urgency=low * New upstream security/stability update (v2.0.0.16) fixes: * MFSA 2008-21 aka CVE-2008-2798 - Crashes with evidence of memory corruption * MFSA 2008-21 aka CVE-2008-2799 - Crashes with evidence of memory corruption * MFSA 2008-24 aka CVE-2008-2802 - Chrome script loading from fastload file * MFSA 2008-25 aka CVE-2008-2803 - Arbitrary code execution in mozIJSSubScriptLoader.loadSubScript() * MFSA 2008-26 aka CVE-2008-0304 - (followup) Buffer length checks in MIME processing * MFSA 2008-29 aka CVE-2008-2807 - Faulty .properties file results in uninitialized memory being used * MFSA 2008-31 aka CVE-2008-2809 - Peer-trusted certs can use alt names to spoof * MFSA 2008-33 aka CVE-2008-2811 - Crash and remote code execution in block reflow * MFSA 2008-34 aka CVE-2008-2785 - Remote code execution by overflowing CSS reference counter * Closes: #483938 - add .desktop file translations (contributed by Timo Jyrinki <email address hidden>) - update debian/icedove.desktop (cherry pick rev77 from lp:~mozillateam/thunderbird/thunderbird.dev branch) * drop patches applied upstream - drop debian/patches/bz419350_attachment_306066.patch - update debian/patches/series (cherry pick rev78 from lp:~mozillateam/thunderbird/thunderbird.dev branch) * adjust patches diverged upstream - update debian/patches/ubuntu-look-and-feel-report-a-bug-menuitem (cherry pick rev80 from lp:~mozillateam/thunderbird/thunderbird.dev branch) * Closes: #489093 - add explicit -lfontconfig to linker flags used for gfx/ps module to fix ftbfs in intrepid - add debian/patches/bzXXX_ftbfs_fontconfig.patch - update debian/patches/series -- Alexander Sack <email address hidden> Thu, 24 Jul 2008 17:38:51 +0200
151 → 170 of 170 results | First • Previous • Next • Last |