Changelog
thunderbird (1:115.11.0-1) unstable; urgency=medium
* [47bb447] d/c-u-t.py: Ignore potentially non ESR versions
* [f008566] New upstream version 115.11.0
Fixed CVE issues in upstream version 115.11 (MFSA 2024-23):
CVE-2024-4367: Arbitrary JavaScript execution in PDF.js
CVE-2024-4767: IndexedDB files retained in private browsing mode
CVE-2024-4768: Potential permissions request bypass via clickjacking
CVE-2024-4769: Cross-origin responses could be distinguished between
script and non-script content-types
CVE-2024-4770: Use-after-free could occur when printing to PDF
CVE-2024-4777: Memory safety bugs fixed in Firefox 126, Firefox ESR 115.11,
and Thunderbird 115.11
* [b029857] d/control: Re-add build and binary dep on rnp library
(Closes: #1070871)
-- Carsten Schoenert <email address hidden> Tue, 14 May 2024 21:28:37 +0200