Subject: CVS commit: [pkgsrc-2018Q1] pkgsrc/mail/thunderbird
From: S.P.Zeidler
Date: 2018-06-17 22:57:20
Message id: 20180617205720.E98F8FBEC@cvs.NetBSD.org
Log Message:
Pullup ticket #5768 - requested by bsiegert
mail/thunderbird: security update

Revisions pulled up:
- mail/thunderbird/Makefile                                     1.210
- mail/thunderbird/distinfo                                     1.200

-------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   ryoon
   Date:           Fri Jun  1 19:49:40 UTC 2018

   Modified Files:
           pkgsrc/mail/thunderbird: Makefile distinfo

   Log Message:
   Update to 52.8.0

   Changelog:
   #CVE-2018-5183: Backport critical security fixes in Skia
   #CVE-2018-5184: Full plaintext recovery in S/MIME via chosen-ciphertext attack
   #CVE-2018-5154: Use-after-free with SVG animations and clip paths
   #CVE-2018-5155: Use-after-free with SVG animations and text paths
   #CVE-2018-5159: Integer overflow and out-of-bounds write in Skia
   #CVE-2018-5161: Hang via malformed headers
   #CVE-2018-5162: Encrypted mail leaks plaintext through src attribute
   #CVE-2018-5170: Filename spoofing for external attachments
   #CVE-2018-5168: Lightweight themes can be installed without user interaction
   #CVE-2018-5174: Windows Defender SmartScreen UI runs with less secure behavior
    for downloaded files in Windows 10 April 2018 Update
   #CVE-2018-5178: Buffer overflow during UTF-8 to Unicode string conversion
    through legacy extension
   #CVE-2018-5185: Leaking plaintext through HTML forms
   #CVE-2018-5150: Memory safety bugs fixed in Firefox 60, Firefox ESR 52.8,
    and Thunderbird 52.8

   To generate a diff of this commit:
   cvs rdiff -u -r1.209 -r1.210 pkgsrc/mail/thunderbird/Makefile
   cvs rdiff -u -r1.199 -r1.200 pkgsrc/mail/thunderbird/distinfo
Files:
RevisionActionfile
1.208.2.1modifypkgsrc/mail/thunderbird/Makefile
1.199.2.1modifypkgsrc/mail/thunderbird/distinfo