thunderbird 1:78.5.0-1 source package in Debian

Changelog

thunderbird (1:78.5.0-1) unstable; urgency=medium

  * [7842f02] New upstream version 78.5.0
    Fixed CVE issues in upstream version 78.5 (MFSA 2020-51):
    CVE-2020-26951: Parsing mismatches could confuse and bypass security
                    sanitizer for chrome privileged code
    CVE-2020-16012: Variable time processing of cross-origin images during
                    drawImage calls
    CVE-2020-26953: Fullscreen could be enabled without displaying the
                    security UI
    CVE-2020-26956: XSS through paste (manual and clipboard API)
    CVE-2020-26958: Requests intercepted through ServiceWorkers lacked MIME
                    type restrictions
    CVE-2020-26959: Use-after-free in WebRequestService
    CVE-2020-26960: Potential use-after-free in uses of nsTArray
    CVE-2020-15999: Heap buffer overflow in freetype
    CVE-2020-26961: DoH did not filter IPv4 mapped IP Addresses
    CVE-2020-26965: Software keyboards may have remembered typed passwords
    CVE-2020-26966: Single-word search queries were also broadcast to local
                    network
    CVE-2020-26968: Memory safety bugs fixed in Thunderbird 78.5
  * [e19743e] rebuild patch queue from patch-queue branch
    removed patch (included upstream):
    fixes/Bug-1663715-Update-syn-and-proc-macro2-so-that-Firefox-ca.patch

 -- Carsten Schoenert <email address hidden>  Wed, 18 Nov 2020 20:06:09 +0100