1
0

Accepting request 590831 from home:AndreasStieger:branches:mozilla:Factory

Adjust changelog based on MFSA 2018-09

OBS-URL: https://build.opensuse.org/request/show/590831
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=402
This commit is contained in:
Wolfgang Rosenauer 2018-03-26 11:03:30 +00:00 committed by Git OBS Bridge
parent 120baf56d9
commit 2fe1d46e22

View File

@ -1,16 +1,32 @@
-------------------------------------------------------------------
Fri Mar 23 09:39:40 UTC 2018 - wr@rosenauer.org
- update to Thunderbird 52.7 (bsc#1085130)
- update to Thunderbird 52.7
* Searching message bodies of messages in local folders, including
filter and quick filter operations, did not find content in
message attachments
* Better error handling for Yahoo accounts
MFSA 2018-08
- The following security fixes are included as part of the mozilla
platform. In general, these flaws cannot be exploited through
email in the Thunderbird product because scripting is disabled
when reading mail, but are potentially risks in browser or
browser-like contexts (MFSA 2018-09, bsc#1085130, bsc#1085671):
* CVE-2018-5127 (bmo#1430557)
Buffer overflow manipulating SVG animatedPathSegList
* CVE-2018-5129 (bmo#1428947)
Out-of-bounds write with malformed IPC messages
* CVE-2018-5144 (bmo#1440926)
Integer overflow during Unicode conversion
* CVE-2018-5146 (bmo#1446062)
Out of bounds memory write in libvorbis
* CVE-2018-5147 (bmo#1446365)
Out of bounds memory write in libtremor
* CVE-2018-5125 (bmo1416529,bmo#1434580,bmo#1434384,bmo#1437450,
bmo#1437507,bmo#1426988,bmo#1438425,bmo#1324042,bmo#1437087,
bmo#1443865,bmo#1425520)
Memory safety bugs fixed in Firefox 59, Firefox ESR 52.7, and
Thunderbird 52.7
* CVE-2018-5145 (bmo#1261175,bmo#1348955)
Memory safety bugs fixed in Firefox ESR 52.7 and Thunderbird
52.7
-------------------------------------------------------------------
Wed Jan 24 11:40:38 UTC 2018 - wr@rosenauer.org