Subject: CVS commit: pkgsrc/mail/thunderbird
From: Ryo ONODERA
Date: 2019-10-30 13:21:49
Message id: 20191030122149.C4670FA8E@cvs.NetBSD.org
Log Message:
Update to 68.2.0

Changelog:
    new
    Message Display WebExtension API

    new
    Message Search WebExtension API

    fixed
    Better visual feedback for unread messages when using the dark theme

    fixed
    Various issues when editing mailing lists

    fixed
    Integration with macOS addressbook and notifications not working after \ 
introduction of notarization

    fixed
    Application windows not maintaining their size after restart

    fixed
    Issues when upgrading from a 32bit version of Thunderbird to a 64bit
    version. Note: If your profile is still not recognised, selected it
    by visiting about:profiles in the Troubleshooting Information.

    fixed
    Various security fixes

Security fixes:
#CVE-2019-15903: Heap overflow in expat library in XML_GetCurrentLineNumber
#CVE-2019-11757: Use-after-free when creating index updates in IndexedDB
#CVE-2019-11758: Potentially exploitable crash due to 360 Total Security
#CVE-2019-11759: Stack buffer overflow in HKDF output
#CVE-2019-11760: Stack buffer overflow in WebRTC networking
#CVE-2019-11761: Unintended access to a privileged JSONView object
#CVE-2019-11762: document.domain-based origin isolation has same-origin-property \ 
violation
#CVE-2019-11763: Incorrect HTML parsing results in XSS bypass technique
#CVE-2019-11764: Memory safety bugs fixed in Thunderbird 68.2
Files:
RevisionActionfile
1.232modifypkgsrc/mail/thunderbird/Makefile
1.216modifypkgsrc/mail/thunderbird/distinfo