thunderbird 1:102.7.1-1 source package in Debian
Changelog
thunderbird (1:102.7.1-1) unstable; urgency=medium * [dbc3385] New upstream version 102.7.1 Fixed CVE issues in upstream version 102.7 (MFSA 2023-03): CVE-2022-46871: libusrsctp library out of date CVE-2023-23598: Arbitrary file read from GTK drag and drop on Linux CVE-2023-23601: URL being dragged from cross-origin iframe into same tab triggers navigation CVE-2023-23602: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers CVE-2022-46877: Fullscreen notification bypass CVE-2023-23603: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive CVE-2023-23605: Memory safety bugs fixed in Thunderbird 102.7 Fixed CVE issues in upstream version 102.7.1 (MFSA not yet released): CVE-2023-0430: Revocation status of S/Mime signature certificates was not checked * [af92a36] Rebuild patch queue from patch-queue branch Added patch: debian-hacks/Python-3.11-Don-t-use-mode-rU-any-more.patch (Closes: #1028885) -- Carsten Schoenert <email address hidden> Tue, 24 Jan 2023 16:32:06 +0100
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
thunderbird_102.7.1-1.dsc | 8.3 KiB | 4b3fd11d946479ac372dde60020507e08dc04f1fa17b225d19b329a49e1f4802 |
thunderbird_102.7.1.orig-thunderbird-l10n.tar.xz | 11.9 MiB | 2affac3bc393e8ca8b5e8d8f78dc3167695bbfcd237fe35ddaf25dbd595ed102 |
thunderbird_102.7.1.orig.tar.xz | 498.6 MiB | 51520b56816b7c95d347b843e22b63705e20cffeebbe2ad820df7980839aa261 |
thunderbird_102.7.1-1.debian.tar.xz | 535.2 KiB | 76928f78c88b75ad27d4dc709e5df975194569e844157a3d4c8ea9cb7dcf333d |
No changes file available.