Path to this page:
Subject: CVS commit: [pkgsrc-2013Q2] pkgsrc/mail/thunderbird
From: Matthias Scheler
Date: 2013-08-11 20:24:31
Message id: 20130811182431.2666A96@cvs.netbsd.org
Log Message:
Pullup ticket #4206 - requested by ryoon
mail/thunderbird: security update
Revisions pulled up:
- mail/thunderbird/Makefile 1.118-1.119
- mail/thunderbird/distinfo \
1.123-1.124,1.126-1.127
---
Module Name: pkgsrc
Committed By: ryoon
Date: Tue Jul 9 10:57:20 UTC 2013
Modified Files:
pkgsrc/mail/thunderbird: Makefile distinfo
Log Message:
Update to 17.0.7
Changelog:
FIXED
Security fixes can be found here
Fixed in Thunderbird 17.0.7
MFSA 2013-59 XrayWrappers can be bypassed to run user defined methods in a \
privileged context
MFSA 2013-56 PreserveWrapper has inconsistent behavior
MFSA 2013-55 SVG filters can lead to information disclosure
MFSA 2013-54 Data in the body of XHR HEAD requests leads to CSRF attacks
MFSA 2013-53 Execution of unmapped memory through onreadystatechange event
MFSA 2013-51 Privileged content access and execution via XBL
MFSA 2013-50 Memory corruption found using Address Sanitizer
MFSA 2013-49 Miscellaneous memory safety hazards (rv:22.0 / rv:17.0.7)
---
Module Name: pkgsrc
Committed By: wiz
Date: Tue Jul 9 21:25:24 UTC 2013
Modified Files:
pkgsrc/mail/thunderbird: distinfo
Log Message:
restore enigmail checksums, again.
---
Module Name: pkgsrc
Committed By: ryoon
Date: Sat Aug 10 00:31:20 UTC 2013
Modified Files:
pkgsrc/mail/thunderbird: Makefile distinfo
Log Message:
Update to 17.0.8
Changelog:
Security bugfixes.
MFSA 2013-75 Local Java applets may read contents of local file system
MFSA 2013-73 Same-origin bypass with web workers and XMLHttpRequest
MFSA 2013-72 Wrong principal used for validating URI for some Javascript \
components
MFSA 2013-71 Further Privilege escalation through Mozilla Updater
MFSA 2013-69 CRMF requests allow for code execution and XSS attacks
MFSA 2013-68 Document URI misrepresentation and masquerading
MFSA 2013-66 Buffer overflow in Mozilla Maintenance Service and Mozilla Updater
MFSA 2013-63 Miscellaneous memory safety hazards (rv:23.0 / rv:17.0.8)
---
Module Name: pkgsrc
Committed By: khorben
Date: Sat Aug 10 23:26:31 UTC 2013
Modified Files:
pkgsrc/mail/thunderbird: distinfo
Log Message:
Fixed building thunderbird with the "mozilla-enigmail" option enabled.
Files: