lp://staging/ubuntu/hoary-security/mozilla-thunderbird
- Get this branch:
- bzr branch lp://staging/ubuntu/hoary-security/mozilla-thunderbird
Branch merges
Branch information
- Owner:
- Ubuntu branches
- Status:
- Development
Recent revisions
- 6. By Martin Pitt
-
* This release backports several security issue fixed in thunderbird
1.5.0.4. the patches listed below can be found in
debian/patches/ tbird.1. 0.8-1.0. 8a: + CVE-2006-2787 : 0001-mfsa2006-
31-319263- 336601- 336313. patch
+ CVE-2006-2786 1/2 : 0002-mfsa2006-33-Part- 1-2-329746. patch
+ CVE-2006-2786 1/2 : 0003-mfsa2006-33-Part- 2-2-330214. patch
+ CVE-2006-2785 2/2 : 0004-mfsa2006-34-329521- 329468. patch
+ CVE-2006-2775 : 0005-mfsa2006-35-329677. patch
0024- mfsa2006- 35-335142- regression- 1-2-for- 329677. patch
0025- mfsa2006- 35-337841- regression- part-2- 2-for-329677. patch
+ CVE-2006-2784 : 0006-mfsa2006-36-330037. patch
+ CVE-2006-2776 : 0007-mfsa2006-37-330773- with-belt- and-braces. patch
+ CVE-2006-2778 : 0008-mfsa2006-38-330897. patch
+ CVE-2006-1942 : 0009-mfsa2006-39-CVE- 2006-1942- 334341. patch
+ CVE-2006-2781 : 0010-mfsa2006-40-334384- sea.patch
0010- mfsa2006- 40-334384. patch
+ CVE-2006-2782 : 0011-mfsa2006-41-334977. patch
+ CVE-2006-2783 : 0012-mfsa2006-42-335816. patch
+ CVE-2006-2777 : 0013-mfsa2006-43-336830. patch
+ CVE-2006-2779 3/6 : 0014-mfsa2006-32-Part- 3-7-326501. patch
+ CVE-2006-2779 4/6 : 0015-mfsa2006-32-Part- 4a-7-326931. patch
+ CVE-2006-2779 4/6 : 0016-mfsa2006-32-Part- 4b-7-329219. patch
+ CVE-2006-2779 4/6 : 0017-mfsa2006-32-Part- 4c-7-330818- proper- aviary. patch
+ CVE-2006-2779 6/6 : 0018-content-html-document- src-nsHTMLConte ntSink. cpp-332971- mfsa2006- 32-Part- 6-7.patch
+ CVE-2006-2780 : 0019-js-src-jsstr. c-335535- mfsa2006- 32-Part- 7-7.patch
+ CVE-2006-2779 5/6 : 0021-mfsa2006-32-Part- 5-7-327712. patch
* Note: CVE-2006-2779 (mfsa2006-32) is only partially fixed. Missing are
tricky parts 1/6 and 2/6 from advisory:
1/6: Removing nested <option>s from a select (Jesse Ruderman)
https://bugzilla. mozilla. org/show_ bug.cgi? id=324918
2/6: 'Crashes during DOMNodeRemoved mutation event'
https://bugzilla. mozilla. org/show_ bug.cgi? id=325730
https://bugzilla. mozilla. org/show_ bug.cgi? id=329982
* Patches taken from Debian security update. Many thanks to Alexander Sack
<email address hidden> for providing them! - 5. By Martin Pitt
-
* New upstream release which fixes the following vulnerabilities:
- MFSA 2006-27, CVE-2006-0748: Table Rebuilding Code Execution
Vulnerability
- MFSA 2006-26, CVE-2006-1045: Mail Multiple Information Disclosure
- MFSA 2006-25, CVE-2006-1727: Privilege escalation through Print Preview
- MFSA 2006-24, CVE-2006-1728: Privilege escalation using
crypto.generateCRMFReq uest
- MFSA 2006-22, CVE-2006-1730: CSS Letter-Spacing Heap Overflow
Vulnerability
- MFSA 2006-21, CVE-2006-0884: JavaScript execution in mail when
forwarding in-line
- MFSA 2006-19, CVE-2006-1731: Cross-site scripting using .valueOf.call()
- MFSA 2006-18, CVE-2006-0749: Mozilla Firefox Tag Order Vulnerability
- MFSA 2006-17, CVE-2006-1732: cross-site scripting through
window.controllers
- MFSA 2006-16, CVE-2006-1733: Accessing XBL compilation scope via
valueOf.call()
- MFSA 2006-15, CVE-2006-1734: Privilege escalation using a JavaScript
function's cloned parent
- MFSA 2006-14, CVE-2006-1735: Privilege escalation via XBL.method.eval
- MFSA 2006-11, CVE-2006-1737, CVE-2006-1738, CVE-2006-1739,
CVE-2006-1790: Crashes with evidence of memory corruption (rv:1.8)
- MFSA 2006-10, CVE-2006-1742: JavaScript garbage-collection hazard audit
- MFSA 2006-09, CVE-2006-1741: Cross-site JavaScript injection using event
handlers
- MFSA 2006-05, CVE-2006-0296: Localstore.rdf XML injection through
XULDocument.persist( )
- MFSA 2006-01, CVE-2006-0292: JavaScript garbage-collection hazards
* Removed debian/patches/ 20_run- mozilla_ sh_306893_ fix.dpatch: Fixed
upstream. - 4. By Adam Conrad
-
* SECURITY UPDATE: Update to 1.0.7 to resolve multiple issues:
+ CAN-2005-2871, MFSA-2005-57 - IDN heap overrun
+ CAN-2005-2701, MFSA-2005-58 - Heap overrun in XBM image processing
+ CAN-2005-2702, MFSA-2005-58 - Crash on "zero-width non-joiner" sequence
+ CAN-2005-2703, MFSA-2005-58 - XMLHttpRequest header spoofing
+ CAN-2005-2704, MFSA-2005-58 - Object spoofing using XBL <implements>
+ CAN-2005-2705, MFSA-2005-58 - JavaScript integer overflow
+ CAN-2005-2706, MFSA-2005-58 - Privilege escalation using about: scheme
+ CAN-2005-2707, MFSA-2005-58 - Chrome window spoofing
* CAN-2005-2968, MFSA-2005-59 (Command-line shell execution vulnerability)
was addressed in Debian in 1.0.6-4, and we're preferring their patch
over upstream's, as it allows us to update with the minimum amount of
fuss, without re-diffing all our other patches (see Debian bug #329667)
* Drop 81_security-idn-normalizati on.dpatch, now included upstream. - 3. By Tollef Fog Heen <email address hidden>
-
* New upstream release with security and stability fixes:
- MFSA 2005-30 GIF heap overflow parsing Netscape extension 2
- MFSA 2005-25 Image drag and drop executable spoofing
- MFSA 2005-21 Overwrite arbitrary files downloading .lnk twice
- MFSA 2005-18 Memory overwrite in string library
- MFSA 2005-17 Install source spoofing with user:pass@host
- MFSA 2005-15 Heap overflow possible in UTF8 to Unicode conversion
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)