thunderbird 1:60.7.0-1 source package in Debian
Changelog
thunderbird (1:60.7.0-1) unstable; urgency=medium
* [f6dd130] New upstream version 60.7.0
Fixed CVE issues in upstream version 60.7.0 (MFSA 2019-15)
CVE-2019-9816: Type confusion with object groups and UnboxedObjects
CVE-2019-9817: Stealing of cross-domain images using canvas
CVE-2019-9819: Compartment mismatch with fetch API
CVE-2019-9820: Use-after-free of ChromeEventHandler by DocShell
CVE-2019-11691: Use-after-free in XMLHttpRequest
CVE-2019-11692: Use-after-free removing listeners in the event listener
manager
CVE-2019-11693: Buffer overflow in WebGL bufferdata on Linux
CVE-2019-7317: Use-after-free in png_image_free of libpng library
CVE-2019-9797: Cross-origin theft of images with createImageBitmap
CVE-2018-18511: Cross-origin theft of images with
ImageBitmapRenderingContext
CVE-2019-11698: Theft of user history data through drag and drop of
hyperlinks to and from bookmarks
CVE-2019-5798: Out-of-bounds read in Skia
CVE-2019-9800: Memory safety bugs fixed in Firefox 67, Firefox ESR 60.7,
and Thunderbird 60.7
* [4106d54] rebuild patch queue from patch-queue branch
added patch:
fixes/rust-ignore-not-available-documentation.patch
-- Carsten Schoenert <email address hidden> Thu, 23 May 2019 17:03:27 +0200
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| thunderbird_60.7.0-1.dsc | 11.9 KiB | 15cabe391c60c278853307777ac6ba62c834401356e133b5b96caa52f60f3812 |
| thunderbird_60.7.0.orig-lightning-l10n.tar.xz | 933.2 KiB | 13c54df970fe420e36d75bf3ce58f277533815815d5468e0bb1f744bae826e6c |
| thunderbird_60.7.0.orig-thunderbird-l10n.tar.xz | 8.8 MiB | 763c0f5785b1b641bf1ff02d5ee8e88a041c0c8fdb33b98bd82da064cf794fd8 |
| thunderbird_60.7.0.orig.tar.xz | 273.7 MiB | 44e46294668686618cd49f1dbf627ed74394606b3a4be150cc566166f098b855 |
| thunderbird_60.7.0-1.debian.tar.xz | 541.7 KiB | 02233a5ecdaa9ffdee6174b05ebe0f97940f315390d6145f1dfaba56284bed25 |
No changes file available.
