Changelog
icedove (3.0.11-2) unstable; urgency=high
* backported patches from xulrunner fixes mfsa2011-{01-08,10} - MFSA 2011-01 aka CVE-2011-0053: Miscellaneous memory safety hazards (rv:1.9.2.14/ 1.9.1.17) - MFSA 2011-02 aka CVE-2011-0051: Recursive eval call causes confirm dialogs to evaluate to true - MFSA 2011-03 aka CVE-2011-0055: Use-after-free error in JSON.stringify - MFSA 2011-04 aka CVE-2011-0054: Buffer overflow in JavaScript upvarMap - MFSA 2011-05 aka CVE-2011-0056: Buffer overflow in JavaScript atom map - MFSA 2011-06 aka CVE-2011-0057: Use-after-free error using Web Workers - MFSA 2011-07 aka CVE-2011-0058: Memory corruption during text run construction (Windows) - MFSA 2011-08 aka CVE-2010-1585: ParanoidFragmentSink allows javascript: URLs in chrome documents - MFSA 2011-10 aka CVE-2011-0059: CSRF risk with plugins and 307 redirects * [466ff7f] rebuild patch queue from patch-queue branch added patches: - 0060-save-a-copy-of-a-attached-file-when-sending-from-OOo.patch (Closes: #505875) - 0061-News-article-is-empty-if-selected-during-download-fr.patch (Closes: #487494) - 0062-restore-icedove-on-login-by-session-management.patch (Closes: #403458) -- Christoph Goehre <email address hidden> Thu, 03 Mar 2011 19:48:19 +0100