Changelog
icedove (2.0.0.17-1) unstable; urgency=low
* New upstream security/stability update (v.2.0.0.17), Closes: #500721
* MFSA 2008-37 aka CVE-2008-0016 - UTF-8 URL stack buffer overflow
* MFSA 2008-38 aka CVE-2008-3835 - nsXMLDocument::OnChannelRedirect()
same-origin violation
* MFSA 2008-41 aka CVE-2008-4058, CVE-2008-4059, CVE-2008-4060 - Privilege
escalation via XPCnativeWrapper pollution
* MFSA 2008-42 aka CVE-2008-4061, CVE-2008-4062, CVE-2008-4063,
CVE-2008-4064 - Crashes with evidence of memory corruption
(rv:1.9.0.2/1.8.1.17)
* MFSA 2008-43 aka CVE-2008-4065, CVE-2008-4066 - BOM characters, low
surrogates stripped from JavaScript before execution
* MFSA 2008-44 aka CVE-2008-4067, CVE-2008-4068 - resource: traversal
vulnerabilities
* MFSA 2008-46 aka CVE-2008-4070 - Heap overflow when canceling newsgroup
message
[ Michael Casadevall <email address hidden> ]
* debian/control:
- Changed maintainer to Ubuntu Mozillateam
- Added Uploaders to the team
- Set DM-Upload-Allowed
- Bumped standards version to 3.8.0
[ Alexander Sack <email address hidden> ]
* Closes: #497491 - Icedove inappropriately sets file-/MIME-type
associations in .desktop database; we drop the Mime-Type= entry
from debian/icedove.desktop
- update debian/icedove.desktop
-- Michael Casadevall <email address hidden> Sat, 18 Oct 2008 09:07:20 -0400
