MozillaThunderbird/tar_stamps at 56310e4a94bb0d81c32bbba2c52e3675d8c2f4cc60ec6a838d2254fc5b8cc887 - MozillaThunderbird - openSUSE Gitea

rpm/MozillaThunderbird

SHA256

forked from pool/MozillaThunderbird

Wolfgang Rosenauer 56310e4a94 - Mozilla Thunderbird 68.6.0

MFSA 2020-10 (bsc#1166238)
  * CVE-2020-6805 (bmo#1610880)
    Use-after-free when removing data about origins
  * CVE-2020-6806 (bmo#1612308)
    BodyStream::OnInputStreamReady was missing protections against
    state confusion
  * CVE-2020-6807 (bmo#1614971)
    Use-after-free in cubeb during stream destruction
  * CVE-2020-6811 (bmo#1607742)
    Devtools' 'Copy as cURL' feature did not fully escape
    website-controlled data, potentially leading to command injection
  * CVE-2019-20503 (bmo#1613765)
    Out of bounds reads in sctp_load_addresses_from_init
  * CVE-2020-6812 (bmo#1616661)
    The names of AirPods with personally identifiable information
    were exposed to websites with camera or microphone permission
  * CVE-2020-6814 (bmo#1592078, bmo#1604847, bmo#1608256, bmo#1612636,
    bmo#1614339)
    Memory safety bugs fixed in Thunderbird 68.6
- requires NSS >= 3.44.3

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=522

2020-03-14 13:26:42 +00:00

11 lines

339 B

Plaintext

Raw Blame History

 PRODUCT="thunderbird"
 CHANNEL="esr68"
 VERSION="68.6.0"
 VERSION_SUFFIX=""
 PREV_VERSION="68.5.0"
 PREV_VERSION_SUFFIX=""
 #SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
 RELEASE_REPO="https://hg.mozilla.org/releases/comm-esr68"
 RELEASE_TAG="5b1af38dba8628ef5ff2c395dc62fb10d52aa012"
 RELEASE_TIMESTAMP="20200310192757"