./mail/thunderbird, Organize, secure and customize your mail

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 52.9.1nb2, Package name: thunderbird-52.9.1nb2, Maintainer: pkgsrc-users

Mozilla Thunderbird is a redesign of the Mozilla mail component. The
goal is to produce a cross platform stand alone mail application using
the XUL user interface language. This version uses the gtk2 toolkit.


Required to run:
[sysutils/desktop-file-utils] [textproc/icu] [graphics/MesaLib] [graphics/cairo] [graphics/jpeg] [net/libIDL] [devel/nspr] [devel/libffi] [devel/nss] [x11/gtk2] [textproc/hunspell] [x11/pixman] [audio/pulseaudio] [multimedia/libvpx] [x11/gtk3] [multimedia/ffmpeg3]

Required to build:
[pkgtools/x11-links] [devel/yasm] [x11/xcb-proto] [x11/fixesproto4] [pkgtools/cwrappers] [x11/xorgproto]

Package options: gtk3, mozilla-lightning, pulseaudio

Master sites:

SHA1: 9970d78084fe979f568ea00bf06b8e81a738e630
RMD160: b3169a0154fa85648a98ba0d74f264abd224b323
Filesize: 225073.5 KB

Version history: (Expand)


CVS history: (Expand)


   2018-11-14 23:22:54 by Klaus Klein | Files touched by this commit (1332) | Package updated
Log message:
Revbump after cairo 1.16.0 update.
   2018-11-12 04:53:16 by Ryo ONODERA | Files touched by this commit (1532)
Log message:
Recursive revbump from hardbuzz-2.1.1
   2018-08-08 00:48:17 by Matthias Scheler | Files touched by this commit (1) | Package updated
Log message:
Update home page URL
   2018-07-30 21:51:48 by Ryo ONODERA | Files touched by this commit (2) | Package updated
Log message:
Update to 52.9.1

Changelog:
    changed
    Thunderbird will now prompt to compact IMAP folders even if the account is \ 
online. Note: Under certain circumstances an incorrect estimate of the expected \ 
gain is shown.

    fixed
    Complete fix of the EFAIL vulnerability: 1) Removing some HTML crafted to \ 
carry out an attack. 2) Optionally: Not decrypting subordinate message parts \ 
that otherwise might reveal decrypted content to the attacker. Preference \ 
mailnews.p7m_subparts_external needs to be set to true for added security.

    fixed
    Various problems when forwarding messages inline when using \ 
"simple" HTML view

    fixed
    Deleting or detaching attachments corrupted messages under certain \ 
circumstances (not working only in Thunderbird version 52.9.0)

    fixed
    Various security fixes

Security fixes:
#CVE-2018-12359: Buffer overflow using computed size of canvas element
#CVE-2018-12360: Use-after-free when using focus()
#CVE-2018-12372: S/MIME and PGP decryption oracles can be built with HTML emails
#CVE-2018-12373: S/MIME plaintext can be leaked through HTML reply/forward
#CVE-2018-12362: Integer overflow in SSSE3 scaler
#CVE-2018-12363: Use-after-free when appending DOM nodes
#CVE-2018-12364: CSRF attacks through 307 redirects and NPAPI plugins
#CVE-2018-12365: Compromised IPC child process can list local filenames
#CVE-2018-12366: Invalid data handling during QCMS transformations
#CVE-2018-12368: No warning when opening executable SettingContent-ms files
#CVE-2018-12374: Using form to exfiltrate encrypted mail part by pressing enter \ 
in form field
#CVE-2018-5188: Memory safety bugs fixed in Firefox 60, Firefox ESR 60.1, \ 
Firefox ESR 52.9, and Thunderbird 52.9
   2018-07-06 17:06:52 by Ryo ONODERA | Files touched by this commit (136)
Log message:
Recursive revbump from audio/pulseaudio
   2018-06-01 21:49:40 by Ryo ONODERA | Files touched by this commit (2) | Package updated
Log message:
Update to 52.8.0

Changelog:
#CVE-2018-5183: Backport critical security fixes in Skia
#CVE-2018-5184: Full plaintext recovery in S/MIME via chosen-ciphertext attack
#CVE-2018-5154: Use-after-free with SVG animations and clip paths
#CVE-2018-5155: Use-after-free with SVG animations and text paths
#CVE-2018-5159: Integer overflow and out-of-bounds write in Skia
#CVE-2018-5161: Hang via malformed headers
#CVE-2018-5162: Encrypted mail leaks plaintext through src attribute
#CVE-2018-5170: Filename spoofing for external attachments
#CVE-2018-5168: Lightweight themes can be installed without user interaction
#CVE-2018-5174: Windows Defender SmartScreen UI runs with less secure behavior
 for downloaded files in Windows 10 April 2018 Update
#CVE-2018-5178: Buffer overflow during UTF-8 to Unicode string conversion
 through legacy extension
#CVE-2018-5185: Leaking plaintext through HTML forms
#CVE-2018-5150: Memory safety bugs fixed in Firefox 60, Firefox ESR 52.8,
 and Thunderbird 52.8
   2018-04-16 16:35:28 by Thomas Klausner | Files touched by this commit (1284)
Log message:
Recursive bump for new fribidi dependency in pango.
   2018-03-29 12:19:31 by Thomas Klausner | Files touched by this commit (3)
Log message:
thunderbird: fix SUBST* and patch so it actually does something.