rpm/MozillaThunderbird
SHA256
1
0
Fork 0
forked from pool/MozillaThunderbird
Code Pull Requests Activity

Accepting request 620593 from home:AndreasStieger:branches:mozilla:Factory

Browse Source 
add some bugzilla references

OBS-URL: https://build.opensuse.org/request/show/620593
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=411
This commit is contained in:
Wolfgang Rosenauer 2018-07-04 08:58:13 +00:00 committed by Git OBS Bridge
parent 4460ca6a07
commit 5e3677350a
1 changed files with 12 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
MozillaThunderbird.changes
View File

@ -1,15 +1,15 @@
-------------------------------------------------------------------
Mon Jul 2 12:36:32 UTC 2018 - wr@rosenauer.org
- update to Thunderbird 52.9 (bsc#1098998)
- update to Thunderbird 52.9.0:
MFSA 2018-16 (bsc#1098998)
* CVE-2018-12359 (bmo#1459162)
Buffer overflow using computed size of canvas element
* CVE-2018-12360 (bmo#1459693)
Use-after-free when using focus()
* CVE-2018-12372 (bmo#1419417)
* CVE-2018-12372 (bmo#1419417, bsc#1100082)
S/MIME and PGP decryption oracles can be built with HTML emails
* CVE-2018-12373 (bmo#1464667, bmo#1464056)
* CVE-2018-12373 (bmo#1464667, bmo#1464056, bsc#1100079)
S/MIME plaintext can be leaked through HTML reply/forward
* CVE-2018-12362 (bmo#1452375)
Integer overflow in SSSE3 scaler
@ -21,13 +21,21 @@ Mon Jul 2 12:36:32 UTC 2018 - wr@rosenauer.org
Compromised IPC child process can list local filenames
* CVE-2018-12366 (bmo#1464039)
Invalid data handling during QCMS transformations
* CVE-2018-12374 (bmo#1462910)
* CVE-2018-12374 (bmo#1462910, bsc#1100081)
Using form to exfiltrate encrypted mail part by pressing enter in form field
* CVE-2018-5188 (bmo#1456189,bmo#1456975,bmo#1465898,bmo#1392739,
bmo#1451297,bmo#1464063,bmo#1437842,bmo#1442722,bmo#1452576,
bmo#1450688,bmo#1458264,bmo#1458270,bmo#1465108,bmo#1464829,
bmo#1464079,bmo#1463494,bmo#1458048)
Memory safety bugs fixed in Firefox 60, Firefox ESR 60.1, and Firefox ESR 52.9
* Thunderbird will now prompt to compact IMAP folders even if the
account is online
* Option for not decrypting subordinate message parts that
otherwise might reveal decryted content to the attacker.
Preference mailnews.p7m_subparts_external needs to be set to
true for added security.
* Fix various problems when forwarding messages inline when using
"simple" HTML view
- correct requires and provides handling (boo#1076907)
- reduce memory footprint with %ix86 at linking time via additional
compiler flags (boo#1091376)