./mail/thunderbird, Organize, secure and customize your mail

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 52.8.0, Package name: thunderbird-52.8.0, Maintainer: pkgsrc-users

Mozilla Thunderbird is a redesign of the Mozilla mail component. The
goal is to produce a cross platform stand alone mail application using
the XUL user interface language. This version uses the gtk2 toolkit.


Required to run:
[sysutils/desktop-file-utils] [textproc/icu] [graphics/MesaLib] [graphics/cairo] [graphics/jpeg] [net/libIDL] [devel/nspr] [devel/libffi] [devel/nss] [x11/gtk2] [textproc/hunspell] [x11/pixman] [audio/pulseaudio] [multimedia/libvpx] [x11/gtk3] [multimedia/ffmpeg3]

Required to build:
[pkgtools/x11-links] [devel/yasm] [x11/xcb-proto] [x11/fixesproto4] [pkgtools/cwrappers] [x11/xorgproto]

Package options: gtk3, mozilla-lightning, pulseaudio

Master sites: (Expand)

SHA1: b8aabca309c15ac239a8334df63b330cd6a35c39
RMD160: 91120b683059ccd26092add8450480a41f3efdb3
Filesize: 224981.23 KB

Version history: (Expand)


CVS history: (Expand)


   2018-06-01 21:49:40 by Ryo ONODERA | Files touched by this commit (2) | Package updated
Log message:
Update to 52.8.0

Changelog:
#CVE-2018-5183: Backport critical security fixes in Skia
#CVE-2018-5184: Full plaintext recovery in S/MIME via chosen-ciphertext attack
#CVE-2018-5154: Use-after-free with SVG animations and clip paths
#CVE-2018-5155: Use-after-free with SVG animations and text paths
#CVE-2018-5159: Integer overflow and out-of-bounds write in Skia
#CVE-2018-5161: Hang via malformed headers
#CVE-2018-5162: Encrypted mail leaks plaintext through src attribute
#CVE-2018-5170: Filename spoofing for external attachments
#CVE-2018-5168: Lightweight themes can be installed without user interaction
#CVE-2018-5174: Windows Defender SmartScreen UI runs with less secure behavior
 for downloaded files in Windows 10 April 2018 Update
#CVE-2018-5178: Buffer overflow during UTF-8 to Unicode string conversion
 through legacy extension
#CVE-2018-5185: Leaking plaintext through HTML forms
#CVE-2018-5150: Memory safety bugs fixed in Firefox 60, Firefox ESR 52.8,
 and Thunderbird 52.8
   2018-04-16 16:35:28 by Thomas Klausner | Files touched by this commit (1284)
Log message:
Recursive bump for new fribidi dependency in pango.
   2018-03-29 12:19:31 by Thomas Klausner | Files touched by this commit (3)
Log message:
thunderbird: fix SUBST* and patch so it actually does something.
   2018-03-28 22:13:55 by Thomas Klausner | Files touched by this commit (1)
Log message:
thunderbird: fix path to file in SUBST*
   2018-03-28 15:34:19 by Ryo ONODERA | Files touched by this commit (2) | Package updated
Log message:
Update to 52.7.0

Changelog:
    Fixed Searching message bodies of messages in local folders,
          including filter and quick filter operations, did not find
          content in message attachments
    Fixed Better error handling for Yahoo accounts
    Fixed Various security fixes

#CVE-2018-5127: Buffer overflow manipulating SVG animatedPathSegList
#CVE-2018-5129: Out-of-bounds write with malformed IPC messages
#CVE-2018-5144: Integer overflow during Unicode conversion
#CVE-2018-5146: Out of bounds memory write in libvorbis
#CVE-2018-5125: Memory safety bugs fixed in Firefox 59, Firefox ESR 52.7,
                and Thunderbird 52.7
#CVE-2018-5145: Memory safety bugs fixed in Firefox ESR 52.7 and
                Thunderbird 52.7
   2018-03-23 06:29:11 by Rin Okuyama | Files touched by this commit (4) | Package updated
Log message:
Fix from upstream for Bug 1444371:
mail.label_ascii_only_mail_as_us_ascii does not work with ISO-2022-JP

Bump PKGREVISION.
   2018-03-12 12:18:01 by Thomas Klausner | Files touched by this commit (2155)
Log message:
Recursive bumps for fontconfig and libzip dependency changes.
   2018-03-03 23:20:40 by Ryo ONODERA | Files touched by this commit (2) | Package updated
Log message:
Update to 52.6.0

Changelog:
    Fixed Searching message bodies of messages in local folders, including
            filter and quick filter operations, not working reliably:
            Content not found in base64-encode message parts, non-ASCII text
            not found and false positives found.
    Fixed Defective messages (without at least one expected header) not shown
            in IMAP folders but shown on mobile devices
    Fixed Calendar: Unintended task deletion if numlock is enabled
    Fixed Various security fixes

Security fixes:
#CVE-2018-5095: Integer overflow in Skia library during edge builder allocation
#CVE-2018-5096: Use-after-free while editing form elements
#CVE-2018-5097: Use-after-free when source document is manipulated during XSLT
#CVE-2018-5098: Use-after-free while manipulating form input elements
#CVE-2018-5099: Use-after-free with widget listener
#CVE-2018-5102: Use-after-free in HTML media elements
#CVE-2018-5103: Use-after-free during mouse event handling
#CVE-2018-5104: Use-after-free during font face manipulation
#CVE-2018-5117: URL spoofing with right-to-left text aligned left-to-right
#CVE-2018-5089: Memory safety bugs fixed in Firefox 58, Firefox ESR 52.6,
                  and Thunderbird 52.6