lp://staging/ubuntu/warty-security/mozilla-thunderbird
- Get this branch:
- bzr branch lp://staging/ubuntu/warty-security/mozilla-thunderbird
Branch merges
Branch information
- Owner:
- Ubuntu branches
- Status:
- Development
Recent revisions
- 3. By Adam Conrad
-
* SECURITY UPDATE: Update to 1.0.7 to resolve multiple issues:
+ CAN-2005-2871, MFSA-2005-57 - IDN heap overrun
+ CAN-2005-2701, MFSA-2005-58 - Heap overrun in XBM image processing
+ CAN-2005-2702, MFSA-2005-58 - Crash on "zero-width non-joiner" sequence
+ CAN-2005-2703, MFSA-2005-58 - XMLHttpRequest header spoofing
+ CAN-2005-2704, MFSA-2005-58 - Object spoofing using XBL <implements>
+ CAN-2005-2705, MFSA-2005-58 - JavaScript integer overflow
+ CAN-2005-2706, MFSA-2005-58 - Privilege escalation using about: scheme
+ CAN-2005-2707, MFSA-2005-58 - Chrome window spoofing
* CAN-2005-2968, MFSA-2005-59 (Command-line shell execution vulnerability)
was addressed in Debian in 1.0.6-4, and we're preferring their patch
over upstream's, as it allows us to update with the minimum amount of
fuss, without re-diffing all our other patches (see Debian bug #329667)
* Drop 81_security-idn-normalizati on.dpatch, now included upstream.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)