forked from pool/MozillaThunderbird
4460ca6a07
* CVE-2018-12359 (bmo#1459162)
Buffer overflow using computed size of canvas element
* CVE-2018-12360 (bmo#1459693)
Use-after-free when using focus()
* CVE-2018-12372 (bmo#1419417)
S/MIME and PGP decryption oracles can be built with HTML emails
* CVE-2018-12373 (bmo#1464667, bmo#1464056)
S/MIME plaintext can be leaked through HTML reply/forward
* CVE-2018-12362 (bmo#1452375)
Integer overflow in SSSE3 scaler
* CVE-2018-12363 (bmo#1464784)
Use-after-free when appending DOM nodes
* CVE-2018-12364 (bmo#1436241)
CSRF attacks through 307 redirects and NPAPI plugins
* CVE-2018-12365 (bmo#1459206)
Compromised IPC child process can list local filenames
* CVE-2018-12366 (bmo#1464039)
Invalid data handling during QCMS transformations
* CVE-2018-12374 (bmo#1462910)
Using form to exfiltrate encrypted mail part by pressing enter in form field
* CVE-2018-5188 (bmo#1456189,bmo#1456975,bmo#1465898,bmo#1392739,
bmo#1451297,bmo#1464063,bmo#1437842,bmo#1442722,bmo#1452576,
bmo#1450688,bmo#1458264,bmo#1458270,bmo#1465108,bmo#1464829,
bmo#1464079,bmo#1463494,bmo#1458048)
Memory safety bugs fixed in Firefox 60, Firefox ESR 60.1, and Firefox ESR 52.9
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=410
|
||
|---|---|---|
| _constraints | ||
| .gitattributes | ||
| .gitignore | ||
| compare-locales.tar.xz | ||
| create-tar.sh | ||
| kde.js | ||
| l10n-52.9.0.tar.xz | ||
| mozilla-aarch64-startup-crash.patch | ||
| mozilla-develdirs.patch | ||
| mozilla-kde.patch | ||
| mozilla-language.patch | ||
| mozilla-no-stdcxx-check.patch | ||
| mozilla-nongnome-proxies.patch | ||
| mozilla.sh.in | ||
| MozillaThunderbird.changes | ||
| MozillaThunderbird.keyring | ||
| MozillaThunderbird.spec | ||
| SHA512SUMS | ||
| SHA512SUMS.asc | ||
| suse-default-prefs.js | ||
| tb-ssldap.patch | ||
| thunderbird-52.9.0.source.tar.xz | ||
| thunderbird-rpmlintrc | ||
| thunderbird.appdata.xml | ||
| thunderbird.desktop | ||