thunderbird 1:78.6.0-1 source package in Debian
Changelog
thunderbird (1:78.6.0-1) unstable; urgency=medium * [1410f1e] d/watch: update to version 4 * [a8303b7] d/rules: use python3 explicitly while calling mach * [f3f535e] New upstream version 78.6.0 Fixed CVE issues in upstream version 78.6 (MFSA 2020-56): CVE-2020-16042: Operations on a BigInt could have caused uninitialized memory to be exposed CVE-2020-26971: Heap buffer overflow in WebGL CVE-2020-26973: CSS Sanitizer performed incorrect sanitization CVE-2020-26974: Incorrect cast of StyleGenericFlexBasis resulted in a heap use-after-free CVE-2020-26978: Internal network hosts could have been probed by a malicious webpage CVE-2020-35111: The proxy.onRequest API did not catch view-source URLs CVE-2020-35112: Opening an extension-less download may have inadvertently launched an executable instead CVE-2020-35113: Memory safety bugs fixed in Thunderbird 78.6 (Closes: #972072, #973697) * [16a7ab7] /u/l/thunderbird: Correct escape sequencing for gdb calling We need to do a better escaping of values of the '-ex' option otherwise the shell is refusing the concatenated string we want to use as call. (Closes: #976979) -- Carsten Schoenert <email address hidden> Tue, 15 Dec 2020 10:12:34 +0100
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
thunderbird_78.6.0-1.dsc | 8.0 KiB | b72327284ca97ce6444f836fdf2029ae20b91dc636cffeacf89ab52f8c3f485b |
thunderbird_78.6.0.orig-thunderbird-l10n.tar.xz | 11.3 MiB | 0aa90d249580d44ce3e67462731f52c8f45b3eff68395ce82af48f40dae46bb4 |
thunderbird_78.6.0.orig.tar.xz | 355.9 MiB | bcb49158423f4c564da7e3639d206576ca80506d5ce042c235151cb4466b8631 |
thunderbird_78.6.0-1.debian.tar.xz | 689.8 KiB | 89f6428a888848a4f4e47e14358c8e62c207dc895254e94d7863976a6e3b4537 |
No changes file available.