lp://qastaging/~mozillateam/thunderbird/icedove-2.0.0.x
icedove 2.0 packaging branch (for sid)
- Get this branch:
- bzr branch lp://qastaging/~mozillateam/thunderbird/icedove-2.0.0.x
Branch merges
Branch information
Recent revisions
- 102. By Alexander Sack
-
* add copyright info for packaging and icedove artwork (Closes: #406849)
- update debian/copyright - 101. By Alexander Sack
-
* New upstream security/stability update (v2.0.0.23)
* drop patches applied upstream
- remove debian/patches/ 18_kbsd_ nspr.dpatch
- update debian/patches/ series
* adjust patches to new upstream codebase
- update debian/patches/ autoconf2. 13-rerun - 99. By Alexander Sack
-
RELEASE 2.0.0.22-1 to debian/unstable
* New upstream security/stability update (v2.0.0.21/v2.0. 0.22) (Closes: 535124)
* MFSA 2009-33: Crash viewing multipart/alternative message with text/enhanced part
* MFSA 2009-32 aka CVE-2009-1841: JavaScript chrome privilege escalation
* MFSA 2009-29 aka CVE-2009-1838: Arbitrary code execution using event listeners
attached to an element whose owner document is null
* MFSA 2009-27 aka CVE-2009-1836: SSL tampering via non-200 responses to proxy
CONNECT requests
* MFSA 2009-24 aka CVE-2009-1832+CVE- 2009-1831: Crashes with evidence of memory
corruption (rv:1.9.0.11)
* MFSA 2009-17 aka CVE-2009-1307: Same-origin violations when Adobe Flash loaded
via view-source: scheme
* MFSA 2009-14 aka CVE-2009-1303+CVE- 2009-1302: Crashes with evidence of memory
corruption (rv:1.9.0.9)
* MFSA 2009-15 aka CVE-2009-0652: URL spoofing with box drawing character
* MFSA 2009-10 aka CVE-2009-0040: Upgrade PNG library to fix memory safety hazards
* MFSA 2009-09 aka CVE-2009-0776: XML data theft via RDFXMLDataSource and cross-domain
redirect
* MFSA 2009-07 aka CVE-2009-0771,-0772, -0773,- 0774: Crashes with evidence of memory
corruption (rv:1.9.0.7)
* MFSA 2009-01 aka CVE-2009-0352,CVE- 2009-0353 Crashes with evidence of memory
corruption (rv:1.9.0.6) - 98. By Alexander Sack
-
* New upstream security/stability update (v2.0.0.
21/v2.0. 0.22)
* adjust patches to changed codebase
- update debian/patches/ ubuntu- mail-app- xre-name - 94. By Alexander Sack
-
(add advisory info for 2.0.0.18 and 2.0.0.19 to debian/changelog)
* New upstream security/stability update (v.2.0.0.18/2. 0.0.19)
2.0.0.18:
* MFSA 2008-48 aka CVE-2008-5012 - Image stealing via canvas and HTTP
redirect
* MFSA 2008-50 aka CVE-2008-5014 - Crash and remote code execution via
__proto__ tampering
* MFSA 2008-52 aka CVE-2008-5017 - Crashes with evidence of memory
corruption (rv:1.9.0.4/1.8. 1.18); Browser engine crash in "Firefox 2
and 3"
* MFSA 2008-52 aka CVE-2008-5018 - Crashes with evidence of memory
corruption (rv:1.9.0.4/1.8. 1.18); JavaScript engine crash - "Firefox 2
and 3"
* MFSA 2008-55 aka CVE-2008-5021 - Crash and remote code execution in
nsFrameManager
* MFSA 2008-56 aka CVE-2008-5022 - nsXMLHttpRequest::NotifyEventL isteners( )
same-origin violation
* MFSA 2008-58 aka CVE-2008-5024 - Parsing error in E4X default namespace
* MFSA 2008-59 aka CVE-2008-4582 - Script access to .documentURI and
.textContent in mail
2.0.0.19:
* MFSA 2008-60 aka CVE-2008-5500 - Crashes with evidence of memory
corruption (rv:1.9.0.5/1.8. 1.19); Layout engine crashes - Firefox 2 and 3
* MFSA 2008-61 aka CVE-2008-5503 - Information stealing via
loadBindingDocument
* MFSA 2008-64 aka CVE-2008-5506 - XMLHttpRequest 302 response disclosure
* MFSA 2008-65 aka CVE-2008-5507 - Cross-domain data theft via script
redirect error message
* MFSA 2008-66 aka CVE-2008-5508 - Errors parsing URLs with leading
whitespace and control characters
* MFSA 2008-67 aka CVE-2008-5510 - Escaped null characters ignored by CSS
parser - 93. By Alexander Sack
-
* adjust/refresh patches to changed upstream code
- update debian/patches/ moz-app- name-as- mail-binary- name
- update debian/patches/ autoconf2. 13-rerun
Branch metadata
- Branch format:
- Branch format 6
- Repository format:
- Bazaar pack repository format 1 (needs bzr 0.92)