thunderbird 1:102.8.0-1 source package in Debian
Changelog
thunderbird (1:102.8.0-1) unstable; urgency=medium * [b130936] New upstream version 102.8.0 Fixed CVE issues in upstream version 102.8.0 (MFSA 2023-07): CVE-2023-0616: User Interface lockup with messages combining S/MIME and OpenPGP CVE-2023-25728: Content security policy leak in violation reports using iframes CVE-2023-25730: Screen hijack via browser fullscreen mode CVE-2023-0767: Arbitrary memory write via PKCS 12 in NSS CVE-2023-25735: Potential use-after-free from compartment mismatch in SpiderMonkey CVE-2023-25737: Invalid downcast in SVGUtils::SetupStrokeGeometry CVE-2023-25739: Use-after-free in mozilla::dom::ScriptLoadContext::~ScriptLoadContext CVE-2023-25729: Extensions could have opened external schemes without user knowledge CVE-2023-25732: Out of bounds memory write from EncodeInputStream CVE-2023-25742: Web Crypto ImportKey crashes tab CVE-2023-25746: Memory safety bugs fixed in Thunderbird 102.8 * [66e2335] Rebuild patch queue from patch-queue branch Removed patch (included upstream): debian-hacks/Python-3.11-Don-t-use-mode-rU-any-more.patch -- Carsten Schoenert <email address hidden> Fri, 17 Feb 2023 20:17:32 +0100
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
thunderbird_102.8.0-1.dsc | 8.3 KiB | 61af76dbb8286263e6451fd294a5808778663a19f80b4e38091dd987af80cc10 |
thunderbird_102.8.0.orig-thunderbird-l10n.tar.xz | 12.1 MiB | ffc6a6f7cb7843f9eeee5cd09a1847f90ad62c6182faeafc1188cebc5dd27b09 |
thunderbird_102.8.0.orig.tar.xz | 498.7 MiB | 3bb02feadea3c138acaf9782f065eaaab4a385edc7391bebeede9fb27e1d17f8 |
thunderbird_102.8.0-1.debian.tar.xz | 534.1 KiB | 2f46653ae8bea97a3ba48fb00fed4466cd4e89c61e3f363ee1222233e52a9982 |
No changes file available.