From: Raspbian automatic forward porter <root@raspbian.org>
Date: Tue, 9 Apr 2019 08:00:56 +0000 (+0100)
Subject: Merge version 1:60.5.1-1+rpi1 and 1:60.6.1-1 to produce 1:60.6.1-1+rpi1
X-Git-Tag: archive/raspbian/1%60.6.1-1+rpi1~1
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=6725ca9e0bb6cded0556231e8e17e4d29c2faa20;p=thunderbird.git

Merge version 1:60.5.1-1+rpi1 and 1:60.6.1-1 to produce 1:60.6.1-1+rpi1
---

6725ca9e0bb6cded0556231e8e17e4d29c2faa20
diff --cc debian/changelog
index 2ca7b65ecf,d02a87fb4f..1441c275e4
--- a/debian/changelog
+++ b/debian/changelog
@@@ -1,18 -1,31 +1,47 @@@
- thunderbird (1:60.5.1-1+rpi1) buster-staging; urgency=medium
++thunderbird (1:60.6.1-1+rpi1) buster-staging; urgency=medium
 +
 +  [changes brought over from firefox-esr 60.3.0esr-1+rpi1 by Peter Michael Green <plugwash@raspbian.org> at Wed, 05 Dec 2018 06:56:52 +0000]
 +  * Hack broken rust target selection so it produces the right target
 +    on raspbian.
 +  * Fix clean target.
 +
 +  [changes introduced in 60.4.0-1+rpi1 by Peter Michael Green]
 +  * Further fixes to clean target (still not completely fixed :( ).
 +  * Add build-depends on clang-6.0 (to match libclang-6.0-dev)
 +
 +  [changes introduced in 1:60.5.1-1+rpi1 by Peter Michael Green]
 +  * further clean target tweaks.
 +
-  -- Peter Michael Green <plugwash@raspbian.org>  Tue, 26 Feb 2019 02:20:34 +0000
++ -- Raspbian forward porter <root@raspbian.org>  Tue, 09 Apr 2019 08:00:52 +0000
++
+ thunderbird (1:60.6.1-1) unstable; urgency=medium
+ 
+   [ intrigeri ]
+   * [2013645] d/rules: drop useless usage of dpkg-parsechangelog
+ 
+   [ Carsten Schoenert ]
+   * [daf1252] New upstream version 60.6.1
+     Fixed CVE issues in upstream version 60.6.0 (MFSA 2019-11)
+     CVE-2019-9790: Use-after-free when removing in-use DOM elements
+     CVE-2019-9791: Type inference is incorrect for constructors entered 
+                    through on-stack replacement with IonMonkey
+     CVE-2019-9792: IonMonkey leaks JS_OPTIMIZED_OUT magic value to script
+     CVE-2019-9793: Improper bounds checks when Spectre mitigations are disabled
+     CVE-2019-9794: Command line arguments not discarded during execution
+     CVE-2019-9795: Type-confusion in IonMonkey JIT compiler
+     CVE-2019-9796: Use-after-free with SMIL animation controller
+     CVE-2018-18506: Proxy Auto-Configuration file can define localhost access
+                     to be proxied
+     CVE-2019-9788: Memory safety bugs fixed in Firefox 66, Firefox ESR 60.6,
+                    and Thunderbird 60.6
+     Fixed CVE issues in upstream version 60.6.1 (MFSA 2019-12)
+     CVE-2019-9810: IonMonkey MArraySlice has incorrect alias information
+     CVE-2019-9813: Ionmonkey type confusion with __proto__ mutations
+   * [f88a505] rebuild patch queue from patch-queue branch
+     added patch:
+     fixes/Bug-1526744-find-dupes.py-Calculate-md5-by-chunk.patch
+ 
+  -- Carsten Schoenert <c.schoenert@t-online.de>  Wed, 27 Mar 2019 18:22:51 +0100
  
  thunderbird (1:60.5.1-1) unstable; urgency=medium
  
diff --cc debian/patches/series
index bc83dcd5a5,044ef04ea9..7c130277fa
--- a/debian/patches/series
+++ b/debian/patches/series
@@@ -37,4 -37,4 +37,5 @@@ fixes/Build-also-gdata-provider-as-xpi-
  porting-armel/Bug-1463035-Remove-MOZ_SIGNAL_TRAMPOLINE.-r-darchons.patch
  porting-armel/Avoid-using-vmrs-vmsr-on-armel.patch
  porting-powerpc/powerpc-Don-t-use-static-page-sizes-on-powerpc.patch
+ fixes/Bug-1526744-find-dupes.py-Calculate-md5-by-chunk.patch
 +raspbian-rust-triplet-hack.patch