From ec481f916a6a339da78647dfc7a1284cca4b5efa9ede422f2dd0142b7a92227b Mon Sep 17 00:00:00 2001
From: Wolfgang Rosenauer <wolfgang@rosenauer.org>
Date: Tue, 25 Jun 2013 18:28:06 +0000
Subject: [PATCH] * MFSA 2013-49/CVE-2013-1682     Miscellaneous memory safety
 hazards   * MFSA 2013-50/CVE-2013-1684/CVE-2013-1685/CVE-2013-1686     Memory
 corruption found using Address Sanitizer   * MFSA 2013-51/CVE-2013-1687
 (bmo#863933, bmo#866823)     Privileged content access and execution via XBL 
  * MFSA 2013-53/CVE-2013-1690 (bmo#857883)     Execution of unmapped memory
 through onreadystatechange event   * MFSA 2013-54/CVE-2013-1692 (bmo#866915) 
    Data in the body of XHR HEAD requests leads to CSRF attacks   * MFSA
 2013-55/CVE-2013-1693 (bmo#711043)     SVG filters can lead to information
 disclosure   * MFSA 2013-56/CVE-2013-1694 (bmo#848535)     PreserveWrapper
 has inconsistent behavior   * MFSA 2013-59/CVE-2013-1697 (bmo#858101)    
 XrayWrappers can be bypassed to run user defined methods in a     privileged
 context

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=218
---
 MozillaThunderbird.changes | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/MozillaThunderbird.changes b/MozillaThunderbird.changes
index bbc9415..d835f2f 100644
--- a/MozillaThunderbird.changes
+++ b/MozillaThunderbird.changes
@@ -2,6 +2,23 @@
 Mon Jun 24 10:17:22 UTC 2013 - wr@rosenauer.org
 
 - update to Thunderbird 17.0.7 (bnc#825935)
+  * MFSA 2013-49/CVE-2013-1682
+    Miscellaneous memory safety hazards
+  * MFSA 2013-50/CVE-2013-1684/CVE-2013-1685/CVE-2013-1686
+    Memory corruption found using Address Sanitizer
+  * MFSA 2013-51/CVE-2013-1687 (bmo#863933, bmo#866823)
+    Privileged content access and execution via XBL
+  * MFSA 2013-53/CVE-2013-1690 (bmo#857883)
+    Execution of unmapped memory through onreadystatechange event
+  * MFSA 2013-54/CVE-2013-1692 (bmo#866915)
+    Data in the body of XHR HEAD requests leads to CSRF attacks
+  * MFSA 2013-55/CVE-2013-1693 (bmo#711043)
+    SVG filters can lead to information disclosure
+  * MFSA 2013-56/CVE-2013-1694 (bmo#848535)
+    PreserveWrapper has inconsistent behavior
+  * MFSA 2013-59/CVE-2013-1697 (bmo#858101)
+    XrayWrappers can be bypassed to run user defined methods in a
+    privileged context
 
 -------------------------------------------------------------------
 Tue Jun  4 20:41:42 UTC 2013 - dvaleev@suse.com