Changelog
icedove (2.0.0.16-1) unstable; urgency=low
* New upstream security/stability update (v2.0.0.16) fixes:
* MFSA 2008-21 aka CVE-2008-2798 - Crashes with evidence of memory
corruption
* MFSA 2008-21 aka CVE-2008-2799 - Crashes with evidence of memory
corruption
* MFSA 2008-24 aka CVE-2008-2802 - Chrome script loading from fastload file
* MFSA 2008-25 aka CVE-2008-2803 - Arbitrary code execution in
mozIJSSubScriptLoader.loadSubScript()
* MFSA 2008-26 aka CVE-2008-0304 - (followup) Buffer length checks in MIME
processing
* MFSA 2008-29 aka CVE-2008-2807 - Faulty .properties file results in
uninitialized memory being used
* MFSA 2008-31 aka CVE-2008-2809 - Peer-trusted certs can use alt names to
spoof
* MFSA 2008-33 aka CVE-2008-2811 - Crash and remote code execution in block
reflow
* MFSA 2008-34 aka CVE-2008-2785 - Remote code execution by overflowing CSS
reference counter
* Closes: #483938 - add .desktop file translations (contributed by Timo
Jyrinki <email address hidden>)
- update debian/icedove.desktop
(cherry pick rev77 from lp:~mozillateam/thunderbird/thunderbird.dev branch)
* drop patches applied upstream
- drop debian/patches/bz419350_attachment_306066.patch
- update debian/patches/series
(cherry pick rev78 from lp:~mozillateam/thunderbird/thunderbird.dev branch)
* adjust patches diverged upstream
- update debian/patches/ubuntu-look-and-feel-report-a-bug-menuitem
(cherry pick rev80 from lp:~mozillateam/thunderbird/thunderbird.dev branch)
* Closes: #489093 - add explicit -lfontconfig to linker flags used for gfx/ps
module to fix ftbfs in intrepid
- add debian/patches/bzXXX_ftbfs_fontconfig.patch
- update debian/patches/series
-- Alexander Sack <email address hidden> Thu, 24 Jul 2008 17:38:51 +0200