thunderbird 1:78.5.0-1 source package in Debian
Changelog
thunderbird (1:78.5.0-1) unstable; urgency=medium * [7842f02] New upstream version 78.5.0 Fixed CVE issues in upstream version 78.5 (MFSA 2020-51): CVE-2020-26951: Parsing mismatches could confuse and bypass security sanitizer for chrome privileged code CVE-2020-16012: Variable time processing of cross-origin images during drawImage calls CVE-2020-26953: Fullscreen could be enabled without displaying the security UI CVE-2020-26956: XSS through paste (manual and clipboard API) CVE-2020-26958: Requests intercepted through ServiceWorkers lacked MIME type restrictions CVE-2020-26959: Use-after-free in WebRequestService CVE-2020-26960: Potential use-after-free in uses of nsTArray CVE-2020-15999: Heap buffer overflow in freetype CVE-2020-26961: DoH did not filter IPv4 mapped IP Addresses CVE-2020-26965: Software keyboards may have remembered typed passwords CVE-2020-26966: Single-word search queries were also broadcast to local network CVE-2020-26968: Memory safety bugs fixed in Thunderbird 78.5 * [e19743e] rebuild patch queue from patch-queue branch removed patch (included upstream): fixes/Bug-1663715-Update-syn-and-proc-macro2-so-that-Firefox-ca.patch -- Carsten Schoenert <email address hidden> Wed, 18 Nov 2020 20:06:09 +0100
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
thunderbird_78.5.0-1.dsc | 8.0 KiB | 26b923b88241f7c79d59644318328b53865b205f3dfc85b5ba9dcae8f37013a2 |
thunderbird_78.5.0.orig-thunderbird-l10n.tar.xz | 11.3 MiB | f761745a85c17d83b0572277e36ea6f6cf57e3338ce799ed069c6e0cff1b3cea |
thunderbird_78.5.0.orig.tar.xz | 355.6 MiB | b34e06fefe6cc8e4b4e48cca3adc6e0fa91c146a34523f67a975f7f476ed56cf |
thunderbird_78.5.0-1.debian.tar.xz | 689.4 KiB | 9944f0dc80aa7ee423d3b88084266fc8e3b38050dc4459a0bc46615e450e2061 |
No changes file available.