thunderbird 1:60.0-1 source package in Debian
Changelog
thunderbird (1:60.0-1) unstable; urgency=medium [ Cyril Brulebois ] * [4f1fcd4] Bump B-D libsqlite3-dev version Upstream requires a more recent version that is already available in unstable but not in Stretch later e.g. * [5a790c2] Add libicu-dev to Build-Depends (required for icu-i18n.pc) This package was pulled from some other package already but we need this explicit now again as we don't use the internal ICU version any more. * [8c86207] Bump libhunspell-dev version The same as for libsqlite3-dev, adding the correct B-D version. (Closes: #905465) [ Carsten Schoenert ] * [901f257] New upstream version 60.0 Fixed CVE issues in upstream version 60.0 (MFSA 2018-19) CVE-2018-12359: Buffer overflow using computed size of canvas element CVE-2018-12360: Use-after-free when using focus() CVE-2018-12361: Integer overflow in SwizzleData CVE-2018-12362: Integer overflow in SSSE3 scaler CVE-2018-5156: Media recorder segmentation fault when track type is changed during capture CVE-2018-12363: Use-after-free when appending DOM nodes CVE-2018-12364: CSRF attacks through 307 redirects and NPAPI plugins CVE-2018-12365: Compromised IPC child process can list local filenames CVE-2018-12371: Integer overflow in Skia library during edge builder allocation CVE-2018-12366: Invalid data handling during QCMS transformations CVE-2018-12367: Timing attack mitigation of PerformanceNavigationTiming CVE-2018-5187: Memory safety bugs fixed in Firefox 61, Firefox ESR 60.1, and Thunderbird 60 CVE-2018-5188: Memory safety bugs fixed in Firefox 61, Firefox ESR 60.1, Firefox ESR 52.9, and Thunderbird 60 * [44ab834] rebuild patch queue from patch-queue branch removed patches (applied upstream): porting-arm64/Bug-1453892-Only-use-SkJumper-s-arm64-half-float-optimiza.patch porting-arm64/Bug-1463036-Use-HAVE_ARM_NEON-instead-of-BUILD_ARM_NEON-f.patch porting-armel/Bug-1463036-Add-mfloat-abi-softfp-to-NEON_FLAGS-when-it-m.patch * [3168b29] debian/control: increase Standards-Version to 4.2.0 No further changes needed. * [f2f206e] d/rules: use MOZ_LANGPACK_ID instead of hard coding * [996352a] d/rules: ensure l10n MOZ_LANGPACK_ID matches variable from makefile Previous beta versions for the thunderbird-l10n data have used '@firefox.mozilla.org' within their application.id setting. Thunderbird now expects '@thunderbird.mozilla.org' instead. Make the build more flexible so we can detect mismatches here. (Closes: #906176) -- Carsten Schoenert <email address hidden> Sun, 19 Aug 2018 11:32:11 +0200
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
thunderbird_60.0-1.dsc | 12.1 KiB | 69a8f778ef68f6063e61afcb381d56153ad77c03a9899a898256d334029bdbd1 |
thunderbird_60.0.orig-lightning-l10n.tar.xz | 932.8 KiB | d081749dced3b654e9573d570a1296bd1d533bef670909dda95989953e55bfff |
thunderbird_60.0.orig-thunderbird-l10n.tar.xz | 8.8 MiB | 1f20ff3709bf44e7c3b9e22f75695f971c3ad2f5189459f83bd9befa52d44398 |
thunderbird_60.0.orig.tar.xz | 273.9 MiB | 055e11a84728c0cf6dff7831ccb9f2deb0c781bb3bbcef663a824e26bc7ae44a |
thunderbird_60.0-1.debian.tar.xz | 397.7 KiB | 7e37f8e27a9e7b366a705417800da16ff28490171c69d5e2c698f3fbc366537f |
No changes file available.