Accepting request 559653 from home:AndreasStieger:branches:mozilla:Factory

changlog OBS-URL: https://build.opensuse.org/request/show/559653 OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=395
2017-12-23 21:58:24 +00:00 · 2017-12-23 21:58:24 +00:00 · fa26255979
commit fa26255979
parent a542d644fe
1 changed files with 5 additions and 9 deletions
--- a/MozillaThunderbird.changes
+++ b/MozillaThunderbird.changes
@ -3,18 +3,14 @@ Sat Dec 23 18:36:42 UTC 2017 - wr@rosenauer.org

 - update to Thunderbird 52.5.2
  * This releases fixes the "Mailsploit" vulnerability and other
-    vulnerabilities detected by the "Cure53" audit
-  MFSA 2017-30
-  * CVE-2017-7845 (bmo#1402372)
-    Buffer overflow when drawing and validating elements with ANGLE
-    library using Direct 3D 9
-  * CVE-2017-7846 (bmo#1411716)
+    vulnerabilities detected by the "Cure53" audit (MFSA 2017-30)
+  * CVE-2017-7846 (bmo#1411716, bsc#1074043)
    JavaScript Execution via RSS in mailbox:// origin
-  * CVE-2017-7847 (bmo#1411708)
+  * CVE-2017-7847 (bmo#1411708, bsc#1074044)
    Local path string can be leaked from RSS feed
-  * CVE-2017-7848 (bmo#1411699)
+  * CVE-2017-7848 (bmo#1411699, bsc#1074045)
    RSS Feed vulnerable to new line Injection
-  * CVE-2017-7829 (bmo#1423432)
+  * CVE-2017-7829 (bmo#1423432, bsc#1074046)
    Mailsploit part 1: From address with encoded null character is
    cut off in message header display