MozillaThunderbird

rpm/MozillaThunderbird

SHA256

Fork 0

forked from pool/MozillaThunderbird

Commit Graph

Author	SHA256	Message	Date
Wolfgang Rosenauer	a542d644fe	- update to Thunderbird 52.5.2 * This releases fixes the "Mailsploit" vulnerability and other vulnerabilities detected by the "Cure53" audit MFSA 2017-30 * CVE-2017-7845 (bmo#1402372) Buffer overflow when drawing and validating elements with ANGLE library using Direct 3D 9 * CVE-2017-7846 (bmo#1411716) JavaScript Execution via RSS in mailbox:// origin * CVE-2017-7847 (bmo#1411708) Local path string can be leaked from RSS feed * CVE-2017-7848 (bmo#1411699) RSS Feed vulnerable to new line Injection * CVE-2017-7829 (bmo#1423432) Mailsploit part 1: From address with encoded null character is cut off in message header display OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=394	2017-12-23 20:06:58 +00:00

Author

SHA256

Message

Date

Wolfgang Rosenauer

a542d644fe

- update to Thunderbird 52.5.2

* This releases fixes the "Mailsploit" vulnerability and other
    vulnerabilities detected by the "Cure53" audit
  MFSA 2017-30
  * CVE-2017-7845 (bmo#1402372)
    Buffer overflow when drawing and validating elements with ANGLE
    library using Direct 3D 9
  * CVE-2017-7846 (bmo#1411716)
    JavaScript Execution via RSS in mailbox:// origin
  * CVE-2017-7847 (bmo#1411708)
    Local path string can be leaked from RSS feed
  * CVE-2017-7848 (bmo#1411699)
    RSS Feed vulnerable to new line Injection
  * CVE-2017-7829 (bmo#1423432)
    Mailsploit part 1: From address with encoded null character is
    cut off in message header display

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=394

2017-12-23 20:06:58 +00:00

1 Commits