dgit.raspbian.org Git - thunderbird.git/log

Appdata: Fix up AppStream error by adding missing field

The AppStream data is missing the lauchable element.

Gbp-Pq: Topic fixes
Gbp-Pq: Name Appdata-Fix-up-AppStream-error-by-adding-missing-field.patch

Appdata: Adding some German translations

Gbp-Pq: Topic fixes
Gbp-Pq: Name Appdata-Adding-some-German-translations.patch

Disable optimization on alpha for the url-classifier component

The use of this component leads to crashes when built with optimizations.

Gbp-Pq: Topic porting
Gbp-Pq: Name Disable-optimization-on-alpha-for-the-url-classifier.patch

LDAP: support building on GNU/kFreeBSD and GNU/Hurd

https://bugzilla.mozilla.org/show_bug.cgi?id=356011

Squashed kFreeBSD/Hurd related fixes:
- Fix FTBFS on Hurd-i386
- Build fixes for GNU/kFreeBSD in directory/
- Missing bits for Hurd support

Gbp-Pq: Topic porting-kfreebsd-hurd
Gbp-Pq: Name LDAP-support-building-on-GNU-kFreeBSD-and-GNU-Hurd.patch

Add another preferences directory for applications: preferences/syspref

This can be used to symlink to /etc/thunderbird/pref.

Gbp-Pq: Topic debian-hacks
Gbp-Pq: Name Add-another-preferences-directory-for-applications-p.patch

Strip version number from application before installation

Strip thunderbird's version number from the installation directories so
we have a fixed location for extensions that build against it.

Gbp-Pq: Topic debian-hacks
Gbp-Pq: Name Strip-version-number-from-application-before-installation.patch

sl: change Edit (Uredi) to CTRL+E

Closes: #601331
Gbp-Pq: Topic thunderbird-l10n
Gbp-Pq: Name sl-change-Edit-Uredi-to-CTRL-E.patch

thunderbird (1:102.8.0-1) unstable; urgency=medium

  * [b130936] New upstream version 102.8.0
    Fixed CVE issues in upstream version 102.8.0 (MFSA 2023-07):
    CVE-2023-0616: User Interface lockup with messages combining S/MIME and
                   OpenPGP
    CVE-2023-25728: Content security policy leak in violation reports using
                    iframes
    CVE-2023-25730: Screen hijack via browser fullscreen mode
    CVE-2023-0767: Arbitrary memory write via PKCS 12 in NSS
    CVE-2023-25735: Potential use-after-free from compartment mismatch in
                    SpiderMonkey
    CVE-2023-25737: Invalid downcast in SVGUtils::SetupStrokeGeometry
    CVE-2023-25739: Use-after-free in
                    mozilla::dom::ScriptLoadContext::~ScriptLoadContext
    CVE-2023-25729: Extensions could have opened external schemes without
                    user knowledge
    CVE-2023-25732: Out of bounds memory write from EncodeInputStream
    CVE-2023-25742: Web Crypto ImportKey crashes tab
    CVE-2023-25746: Memory safety bugs fixed in Thunderbird 102.8
  * [66e2335] Rebuild patch queue from patch-queue branch
    Removed patch (included upstream):
    debian-hacks/Python-3.11-Don-t-use-mode-rU-any-more.patch

[dgit import unpatched thunderbird 1:102.8.0-1]

Import thunderbird_102.8.0.orig.tar.xz

[dgit import orig thunderbird_102.8.0.orig.tar.xz]

Import thunderbird_102.8.0.orig-thunderbird-l10n.tar.xz

[dgit import orig thunderbird_102.8.0.orig-thunderbird-l10n.tar.xz]

Import thunderbird_102.8.0-1.debian.tar.xz

[dgit import tarball thunderbird 1:102.8.0-1 thunderbird_102.8.0-1.debian.tar.xz]