dgit.raspbian.org Git - thunderbird.git/log

Properly launch applications set in $HOME/.mailcap

https://bugzilla.mozilla.org/show_bug.cgi?id=444440

Gbp-Pq: Topic fixes
Gbp-Pq: Name Properly-launch-applications-set-in-HOME-.mailcap.patch

Disable optimization on alpha for the url-classifier component

The use of this component leads to crashes when built with optimizations.

Gbp-Pq: Topic porting
Gbp-Pq: Name Disable-optimization-on-alpha-for-the-url-classifier.patch

LDAP: support building on GNU/kFreeBSD and GNU/Hurd

https://bugzilla.mozilla.org/show_bug.cgi?id=356011

Squashed kFreeBSD/Hurd related fixes:
- Fix FTBFS on Hurd-i386
- Build fixes for GNU/kFreeBSD in directory/
- Missing bits for Hurd support

Gbp-Pq: Topic porting-kfreebsd-hurd
Gbp-Pq: Name LDAP-support-building-on-GNU-kFreeBSD-and-GNU-Hurd.patch

Add another preferences directory for applications: preferences/syspref

This can be used to symlink to /etc/thunderbird/pref.

Gbp-Pq: Topic debian-hacks
Gbp-Pq: Name Add-another-preferences-directory-for-applications-p.patch

Strip version number from application before installation

Strip thunderbird's version number from the installation directories so
we have a fixed location for extensions that build against it.

Gbp-Pq: Topic debian-hacks
Gbp-Pq: Name Strip-version-number-from-application-before-installation.patch

sl: change Edit (Uredi) to CTRL+E

Closes: #601331
Gbp-Pq: Topic thunderbird-l10n
Gbp-Pq: Name sl-change-Edit-Uredi-to-CTRL-E.patch

thunderbird (1:78.5.0-1) unstable; urgency=medium

  * [7842f02] New upstream version 78.5.0
    Fixed CVE issues in upstream version 78.5 (MFSA 2020-51):
    CVE-2020-26951: Parsing mismatches could confuse and bypass security
                    sanitizer for chrome privileged code
    CVE-2020-16012: Variable time processing of cross-origin images during
                    drawImage calls
    CVE-2020-26953: Fullscreen could be enabled without displaying the
                    security UI
    CVE-2020-26956: XSS through paste (manual and clipboard API)
    CVE-2020-26958: Requests intercepted through ServiceWorkers lacked MIME
                    type restrictions
    CVE-2020-26959: Use-after-free in WebRequestService
    CVE-2020-26960: Potential use-after-free in uses of nsTArray
    CVE-2020-15999: Heap buffer overflow in freetype
    CVE-2020-26961: DoH did not filter IPv4 mapped IP Addresses
    CVE-2020-26965: Software keyboards may have remembered typed passwords
    CVE-2020-26966: Single-word search queries were also broadcast to local
                    network
    CVE-2020-26968: Memory safety bugs fixed in Thunderbird 78.5
  * [e19743e] rebuild patch queue from patch-queue branch
    removed patch (included upstream):
    fixes/Bug-1663715-Update-syn-and-proc-macro2-so-that-Firefox-ca.patch

[dgit import unpatched thunderbird 1:78.5.0-1]

Import thunderbird_78.5.0.orig.tar.xz

[dgit import orig thunderbird_78.5.0.orig.tar.xz]

Import thunderbird_78.5.0.orig-thunderbird-l10n.tar.xz

[dgit import orig thunderbird_78.5.0.orig-thunderbird-l10n.tar.xz]

Import thunderbird_78.5.0-1.debian.tar.xz

[dgit import tarball thunderbird 1:78.5.0-1 thunderbird_78.5.0-1.debian.tar.xz]