thunderbird 1:102.0.1-1 source package in Debian

Changelog

thunderbird (1:102.0.1-1) unstable; urgency=medium

  * [68c9410] d/gbp.conf: Adjust upstream branch to new ESR cycle
  * [45eca79] New upstream version 102.0.1
    Fixed CVE issues in upstream version 102.0 (MFSA 2022-26):
    CVE-2022-34479: A popup window could be resized in a way to overlay the
                    address bar with web content
    CVE-2022-34470: Use-after-free in nsSHistory
    CVE-2022-34468: CSP sandbox header without `allow-scripts` can be bypassed
                    via retargeted javascript: URI
    CVE-2022-2226: An email with a mismatching OpenPGP signature date was
                   accepted as valid
    CVE-2022-34481: Potential integer overflow in ReplaceElementsAt
    CVE-2022-31744: CSP bypass enabling stylesheet injection
    CVE-2022-34472: Unavailable PAC file resulted in OCSP requests being
                    blocked
    CVE-2022-2200: Undesired attributes could be set as part of prototype
                   pollution
    CVE-2022-34484: Memory safety bugs fixed in Thunderbird 91.11 and
                    Thunderbird 102
  * [1842425] d/watch: Look now for versions starting with 3 digits
  * [0a32bb3] d/control: Add package thunderbird-l10n-es-mx

 -- Carsten Schoenert <email address hidden>  Fri, 08 Jul 2022 17:47:21 +0200