* MFSA 2013-49/CVE-2013-1682

Miscellaneous memory safety hazards
  * MFSA 2013-50/CVE-2013-1684/CVE-2013-1685/CVE-2013-1686
    Memory corruption found using Address Sanitizer
  * MFSA 2013-51/CVE-2013-1687 (bmo#863933, bmo#866823)
    Privileged content access and execution via XBL
  * MFSA 2013-53/CVE-2013-1690 (bmo#857883)
    Execution of unmapped memory through onreadystatechange event
  * MFSA 2013-54/CVE-2013-1692 (bmo#866915)
    Data in the body of XHR HEAD requests leads to CSRF attacks
  * MFSA 2013-55/CVE-2013-1693 (bmo#711043)
    SVG filters can lead to information disclosure
  * MFSA 2013-56/CVE-2013-1694 (bmo#848535)
    PreserveWrapper has inconsistent behavior
  * MFSA 2013-59/CVE-2013-1697 (bmo#858101)
    XrayWrappers can be bypassed to run user defined methods in a
    privileged context

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=218

MozillaThunderbird.changes

@@ -2,6 +2,23 @@
 Mon Jun 24 10:17:22 UTC 2013 - wr@rosenauer.org
 
 - update to Thunderbird 17.0.7 (bnc#825935)
+  * MFSA 2013-49/CVE-2013-1682
+    Miscellaneous memory safety hazards
+  * MFSA 2013-50/CVE-2013-1684/CVE-2013-1685/CVE-2013-1686
+    Memory corruption found using Address Sanitizer
+  * MFSA 2013-51/CVE-2013-1687 (bmo#863933, bmo#866823)
+    Privileged content access and execution via XBL
+  * MFSA 2013-53/CVE-2013-1690 (bmo#857883)
+    Execution of unmapped memory through onreadystatechange event
+  * MFSA 2013-54/CVE-2013-1692 (bmo#866915)
+    Data in the body of XHR HEAD requests leads to CSRF attacks
+  * MFSA 2013-55/CVE-2013-1693 (bmo#711043)
+    SVG filters can lead to information disclosure
+  * MFSA 2013-56/CVE-2013-1694 (bmo#848535)
+    PreserveWrapper has inconsistent behavior
+  * MFSA 2013-59/CVE-2013-1697 (bmo#858101)
+    XrayWrappers can be bypassed to run user defined methods in a
+    privileged context
 
 -------------------------------------------------------------------
 Tue Jun  4 20:41:42 UTC 2013 - dvaleev@suse.com