forked from pool/MozillaThunderbird
cd0e3ea9a0
MFSA 2018-13
* CVE-2018-5183 (bmo#1454692)
Backport critical security fixes in Skia
* CVE-2018-5184 (bmo#1411592, bsc#1093152)
Full plaintext recovery in S/MIME via chosen-ciphertext attack
* CVE-2018-5154 (bmo#1443092)
Use-after-free with SVG animations and clip paths
* CVE-2018-5155 (bmo#1448774)
Use-after-free with SVG animations and text paths
* CVE-2018-5159 (bmo#1441941)
Integer overflow and out-of-bounds write in Skia
* CVE-2018-5161 (bmo#1411720)
Hang via malformed headers
* CVE-2018-5162 (bmo#1457721, bsc#1093152)
Encrypted mail leaks plaintext through src attribute
* CVE-2018-5170 (bmo#1411732)
Filename spoofing for external attachments
* CVE-2018-5168 (bmo#1449548)
Lightweight themes can be installed without user interaction
* CVE-2018-5174 (bmo#1447080) (Windows only)
Windows Defender SmartScreen UI runs with less secure behavior
for downloaded files in Windows 10 April 2018 Update
* CVE-2018-5178 (bmo#1443891)
Buffer overflow during UTF-8 to Unicode string conversion
through legacy extension
* CVE-2018-5185 (bmo#1450345)
Leaking plaintext through HTML forms
* CVE-2018-5150 (bmo#1388020,bmo#1433609,bmo#1409440,bmo#1448705,
bmo#1451376,bmo#1452202,bmo#1444668,bmo#1393367,bmo#1411415,
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=406
|
||
|---|---|---|
| _constraints | ||
| .gitattributes | ||
| .gitignore | ||
| compare-locales.tar.xz | ||
| create-tar.sh | ||
| find-external-requires.sh | ||
| kde.js | ||
| l10n-52.8.tar.xz | ||
| mozilla-aarch64-startup-crash.patch | ||
| mozilla-develdirs.patch | ||
| mozilla-kde.patch | ||
| mozilla-language.patch | ||
| mozilla-no-stdcxx-check.patch | ||
| mozilla-nongnome-proxies.patch | ||
| mozilla.sh.in | ||
| MozillaThunderbird.changes | ||
| MozillaThunderbird.spec | ||
| suse-default-prefs.js | ||
| tb-ssldap.patch | ||
| thunderbird-52.8-source.tar.xz | ||
| thunderbird-rpmlintrc | ||
| thunderbird.appdata.xml | ||
| thunderbird.desktop | ||