[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Accepted icedove 3.1.10-2~bpo60+1 (source i386)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Thu, 16 Jun 2011 20:52:59 +0200
Source: icedove
Binary: icedove icedove-dev icedove-dbg
Architecture: source i386
Version: 3.1.10-2~bpo60+1
Distribution: squeeze-backports
Urgency: high
Maintainer: Alexander Sack <asac@debian.org>
Changed-By: Christoph Goehre <chris@sigxcpu.org>
Description: 
 icedove    - mail/news client with RSS and integrated spam filter support
 icedove-dbg - Debug Symbols for Icedove
 icedove-dev - Development files for Icedove
Closes: 403458 487494 505875 589476 589666 591899 592531 595665 601334 606977 623668 624969 625207 627598
Changes: 
 icedove (3.1.10-2~bpo60+1) squeeze-backports; urgency=low
 .
   * Rebuild for squeeze-backports.
 .
 icedove (3.1.10-2) unstable; urgency=low
 .
   * [de81b7f] remove obsolete build depends libxp-dev (Closes: #623668)
   * [633782d] change DEB_HOST_MULTIARCH back to DEB_HOST_GNU_TYPE and
     downgrade sqlite version (Closes: #627598)
 .
 icedove (3.1.10-1) unstable; urgency=high
 .
   * New Upstream Version (Closes: #625207)
     - MFSA 2011-12 aka CVE-2011-0069, CVE-2011-0070, CVE-2011-0072,
                        CVE-2011-0074, CVE-2011-0075, CVE-2011-0077,
                        CVE-2011-0078, CVE-2011-0080, CVE-2011-0081:
       Miscellaneous memory safety hazards (rv:2.0.1/ 1.9.2.17/ 1.9.1.19)
     - MFSA 2011-16 aka CVE-2011-0071: Directory traversal in resource: protocol
   * [78e0217] build against system libbz2
   * [e6af761] build against system libpng
   * [4b57c30] build against system libhunspell
   * [937f0bd] double check to build against most system libraries
   * [d6de723] rebuild patch queue from patch-queue branch
     added patches (Closes: #624969):
     - 0072-fix-building-with-gcc-4.6-Add-constructor-to-placate.patch
     - 0073-fix-building-with-gcc-4.6-os2.cc-missing-include-cst.patch
     - 0074-Add-constructor-for-nsCaseInsensitiveStringComparato.patch
     - 0075-Add-constructor-for-nsXULAppInfo-which-inherits-from.patch
     - 0076-Add-constructor-for-GTKEmbedDirectoryProvider.patch
     modified patches:
     - 0056-Disable-APNG-support-when-system-libpng-doesn-t-supp.patch
     obsolete patches (fixed upstream):
     - 0051-Do-exec-instead-of-uselessly-forking-in-xulrunner-la.patch
     - 0072-Add-support-for-libnotify-0.7.patch
   * [e190ef1] bump up standards version to 3.9.2 (change DEB_HOST_GNU_TYPE to
     DEB_HOST_MULTIARCH)
 .
 icedove (3.1.9-2) unstable; urgency=low
 .
   * Upload to unstable
   * [ace3b6f] rebuild patch queue from patch-queue branch
     added patches:
     - 0072-Add-support-for-libnotify-0.7.patch
   * [910f213] use DEP5 for copyright file
   * [3ae4c8b] set global section to 'mail'
   * [42c9c89] icedove.1: icedove is derived from Thunderbird instead of
     Mozilla suite
 .
 icedove (3.1.9-1) experimental; urgency=low
 .
   * New Upstream Version
     - MFSA 2011-01 aka CVE-2011-0053, CVE-2011-0062: Miscellaneous memory
       safety hazards (rv:1.9.2.14/ 1.9.1.17)
     - MFSA 2011-08 aka CVE-2010-1585: ParanoidFragmentSink allows javascript:
       URLs in chrome documents
     - MFSA 2011-09 aka CVE-2011-0061: Crash caused by corrupted JPEG image
   * [699536a] rebuild patch queue from patch-queue branch
     added patches:
     - 0069-save-a-copy-of-a-attached-file-when-sending-from-OOo.patch
       (Closes: #505875)
     - 0070-News-article-is-empty-if-selected-during-download-fr.patch
       (Closes: #487494)
     - 0071-restore-icedove-on-login-by-session-management.patch
       (Closes: #403458)
     modified patches:
     - 0003-no_dynamic_nss_softokn.patch
     - 0010-Support-building-on-GNU-kFreeBSD-and-GNU-Hurd.patch
     - 0030-Don-t-error-out-when-run-time-libsqlite-is-older-tha.patch
   * [98d8ac0] c-sdk move to sdks/c-sdk - adjust
     debian/{copyright,remove.nonfree,rules}
 .
 icedove (3.1.7-1) experimental; urgency=low
 .
   * New Upstream Version (Closes: #606977)
     - MFSA 2010-74 aka CVE-2010-3776, CVE-2010-3777: Miscellaneous memory
       safety hazards (rv:1.9.2.13/ 1.9.1.16)
     - MFSA 2010-75 aka CVE-2010-3769: Buffer overflow while line breaking
       after document.write with long string
     - MFSA 2010-78 aka CVE-2010-3768: Add support for OTS font sanitizer
   * [46e3e8a] rebuild patch queue from patch-queue branch
     added patches:
     - 0068-fix-forwarding-of-Simple-HTML-email.patch
     obsolete patches (fixed upstream):
     - 0017-Implement-sync_instruction_memory-for-sparc-linux.patch
     - 0059-Fix-startup-problem-with-symlinked-components-e.g.-e.patch
   * [9fcce0c] add license info for gfx/ots
 .
 icedove (3.1.6-1) experimental; urgency=low
 .
   * New Upstream Version (Closes: #601334)
     - MFSA 2010-64 aka CVE-2010-3175, CVE-2010-3176: Miscellaneous memory
       safety hazards (rv:1.9.2.11/ 1.9.1.14)
     - MFSA 2010-65 aka CVE-2010-3179: Buffer overflow and memory corruption
       using document.write
     - MFSA 2010-66 aka CVE-2010-3180: Use-after-free error in nsBarProp
     - MFSA 2010-67 aka CVE-2010-3183: Dangling pointer vulnerability in
       LookupGetterOrSetter
     - MFSA 2010-69 aka CVE-2010-3178: Cross-site information disclosure via
       modal calls
     - MFSA 2010-71 aka CVE-2010-3182: Unsafe library loading vulnerabilities
     - MFSA 2010-73 aka CVE-2010-3765: Heap buffer overflow mixing
       document.write and DOM insertion
   * [270fd51] rebuild patch queue from patch-queue branch
     added patches:
     - 0069-Use-errno.ENOENT-instead-of-2-in-JarMaker.py.patch
     modified patches:
     - 0009-fix-branding-in-migration-wizard-and-the-addon-manag.patch
   * [24421f4] bump build depends for libnspr4-dev, libnss3-dev and
     libsqlite3-dev
 .
 icedove (3.1.4-1) experimental; urgency=low
 .
   * New Upstream Version
 .
 icedove (3.1.3-1) experimental; urgency=low
 .
   * New Upstream Version
     - MFSA 2010-49 aka CVE-2010-3169: Miscellaneous memory safety hazards
       (rv:1.9.2.9/ 1.9.1.12)
     - MFSA 2010-50 aka CVE-2010-2765: Frameset integer overflow vulnerability
     - MFSA 2010-51 aka CVE-2010-2767: Dangling pointer vulnerability using DOM
       plugin array
     - MFSA 2010-53 aka CVE-2010-3166: Heap buffer overflow in
       nsTextFrameUtils::TransformText
     - MFSA 2010-54 aka CVE-2010-2760: Dangling pointer vulnerability in
       nsTreeSelection
     - MFSA 2010-55 aka CVE-2010-3168: XUL tree removal crash and remote code
       execution
     - MFSA 2010-56 aka CVE-2010-3167: Dangling pointer vulnerability in
       nsTreeContentView
     - MFSA 2010-57 aka CVE-2010-2766: Crash and remote code execution in
       normalizeDocument
     - MFSA 2010-59 aka CVE-2010-2762: SJOW creates scope chains ending in
       outer object
     - MFSA 2010-61 aka CVE-2010-2768: UTF-7 XSS by overriding document charset
       using <object> type attribute
     - MFSA 2010-62 aka CVE-2010-2769: Copy-and-paste or drag-and-drop into
       designMode document allows XSS
     - MFSA 2010-63 aka CVE-2010-2764: Information leak via XMLHttpRequest
       statusText
   * [9a03eb1] rebuild patch queue from patch-queue branch
     added patches:
     - 0060-fix-FTBFS-on-hurd.patch (Closes: #595665)
     - 0061-Enable-x64-JIT-backend-by-default.patch
     - 0062-Fix-unaligned-reads-in-qcms.patch
     - 0063-Import-js-src-nanojit-njcpudetect.h.patch
     - 0064-Use-clz-on-android-even-for-armv5-target.patch
     - 0065-Fix-ARM-verbose-assembly-output-for-BLX.patch
     - 0066-Get-rid-of-blx_lr_bug.patch
     - 0067-Avoid-some-ARM-CPU-arch-related-runtime-tests-depend.patch
     - 0068-ARMv4T-support-for-nanojit.patch
 .
 icedove (3.1.2-2) experimental; urgency=low
 .
   * [e1435dc] rebuild patch queue from patch-queue branch
     added patches:
     - 0060-Fix-startup-problem-with-symlinked-components-e.g.-e.patch
       (Closes: #592531)
     modified patches:
     - 0048-Add-nanojit-support-for-ARMv4T.patch - Fix FTBFS on armel
 .
 icedove (3.1.2-1) experimental; urgency=low
 .
   * New Upstream Version (Closes: #589666, #591899)
    - MFSA 2010-34 aka CVE-2010-1211, CVE-2010-1212: Miscellaneous memory
      safety hazards (rv:1.9.2.7/ 1.9.1.11)
    - MFSA 2010-38 aka CVE-2010-1215: Arbitrary code execution using SJOW and
      fast native function
    - MFSA 2010-39 aka CVE-2010-2752: nsCSSValue::Array index integer overflow
    - MFSA 2010-40 aka CVE-2010-2753: nsTreeSelection dangling pointer remote
      code execution vulnerability
    - MFSA 2010-41 aka CVE-2010-1205: Remote code execution using malformed PNG
      image
    - MFSA 2010-42 aka CVE-2010-1213: Cross-origin data disclosure via Web
      Workers and importScripts
    - MFSA 2010-43 aka CVE-2010-1207: Same-origin bypass using canvas context
    - MFSA 2010-44 aka CVE-2010-1210: Characters mapped to U+FFFD in 8 bit
      encodings cause subsequent character to vanish
    - MFSA 2010-46 aka CVE-2010-0654: Cross-domain data theft using CSS
    - MFSA 2010-47 aka CVE-2010-2754: Cross-origin data leakage from script
      filename in error messages
   * [6b9976e] rebuild patch queue from patch-queue branch
     modified patches:
     - 0010-Support-building-on-GNU-kFreeBSD-and-GNU-Hurd.patch
     - 0015-Don-t-register-plugins-if-the-MOZILLA_DISABLE_PLUGIN.patch
     - 0018-Work-around-FTBFS-on-mips-by-disabling-TLS-support.patch
     - 0034-Fix-compiler-errors-with-g-4.4-with-std-gnu-0x.patch
     - 0045-Expose-fullpath-from-nsIPluginTag.patch
     - 0047-Use-syscall-for-mmap-and-munmap-and-disable-ncpus-in.patch
     - 0050-Set-javascript.options.showInConsole.patch
     - 0057-Allow-to-build-against-system-libffi.patch
     - 0058-Ignore-system-libjpeg-libpng-and-zlib-version-checki.patch
     - 0059-Disable-APNG-support-when-system-libpng-doesn-t-supp.patch
   * [16b0e7e] fix FTBFS on kfreebsd-* and hurd-i386 by passing
     --disable-necko-wifi to configure (Closes: #589476)
   * [15a02c7] bump up standards version to 3.9.1
 .
 icedove (3.1-1) experimental; urgency=low
 .
   * New Upstream Version
   * [124a316] add additional build depends libnotify-dev
   * [5ed6a72] adjust branding for Icedove 3.1
   * [bed8969] install further js files shipped with Icedove 3.1
   * [02456e6] replace blue icedove icons with green version
   * [036921f] regenerate patch queue for 3.1 Icedove release
   * [a7fa393] build with system ffi
   * [d8650f7] ship icedove svg file for low resolution icons too
   * [7718c55] bump Standards Version to 3.9.0 and downgrade Conflicts to
     Breaks
   * [9621fc6] lintian: override ancient-libtool warning
Checksums-Sha1: 
 c9f954612c1b9c126d819ff326b67ebf5423b061 2560 icedove_3.1.10-2~bpo60+1.dsc
 e049901dc6eadc0bd83c2ea434862b650c49148f 61041565 icedove_3.1.10.orig.tar.bz2
 e5d0226cf662d1f5014445ded66a1d0a1bf60cbe 472662 icedove_3.1.10-2~bpo60+1.debian.tar.gz
 d3da7a8fb36a6de85308f498746c566857e0d94d 11790006 icedove_3.1.10-2~bpo60+1_i386.deb
 9175f0f4532dcff8d4b22d2858381b6984a76789 5206298 icedove-dev_3.1.10-2~bpo60+1_i386.deb
 14a3b696746ef95a46c5c610833993a04a35a737 68286406 icedove-dbg_3.1.10-2~bpo60+1_i386.deb
Checksums-Sha256: 
 95a67d79e48435bbb0eed25658006157a0a9f617e9a9898647443af51cb309ef 2560 icedove_3.1.10-2~bpo60+1.dsc
 c3615f41ff690bb52330c808a3eeeeac70b09f99b3de29bb507a4506f5bdb6c4 61041565 icedove_3.1.10.orig.tar.bz2
 d66832cc9214ee2e01549e72f0fe5eb1ffc9b5cfd34bd9f17185eb57f4e7d065 472662 icedove_3.1.10-2~bpo60+1.debian.tar.gz
 98439916cec3617c591479037c7c895dc173f6cbad8d052bf4eb130eea7dddc5 11790006 icedove_3.1.10-2~bpo60+1_i386.deb
 868699395681a62b2ce1b0be30b205153ac4c7abcd9655611a9c094236fa7a1c 5206298 icedove-dev_3.1.10-2~bpo60+1_i386.deb
 432d6bab548cfdd21fcb33373be4cf80950d6a1464a0e8d5dbf9c7324055b315 68286406 icedove-dbg_3.1.10-2~bpo60+1_i386.deb
Files: 
 1af194ce2ea9627cc6c097d9b3edfc9e 2560 mail optional icedove_3.1.10-2~bpo60+1.dsc
 570cde316a784c75c3040f4d8035ec6a 61041565 mail optional icedove_3.1.10.orig.tar.bz2
 25ce8dd5c352c656a41b75c1165fd861 472662 mail optional icedove_3.1.10-2~bpo60+1.debian.tar.gz
 58109fb6e45f3b7f27069ae451194db3 11790006 mail optional icedove_3.1.10-2~bpo60+1_i386.deb
 278635ae6010f32c1daf2d768b893f0d 5206298 mail optional icedove-dev_3.1.10-2~bpo60+1_i386.deb
 78ba67e3585a913b14a45eb2fe9debef 68286406 debug extra icedove-dbg_3.1.10-2~bpo60+1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQIcBAEBCAAGBQJN/Ng4AAoJECbjyHWnRCDvTrkP/jKFXDOSpVVFZMsljVjwNVhY
zcGcNz9RWrMyU/UDh3MBvLqF6M8Y9+SCOgnENtIo7DgBjoWj9N8Y90GlYBU9hmFM
OGrrwYtdAGM7kFU23aJ2IQblywmyNyuZJZ/PiZ/+lWuzKmr9C2YZAuas06LCoVxX
B4bXjgHon4jW+vlWqv5PiZ3Mjgo7WjVTWpuMBltGjB1M72hIMth1DscodeiJplHo
ZbVfkan8zooZFh17T+x++MPvTmnia8NRwG5NQbkcKoW8zfv3/ycA2NCreg/nhqls
5z8eID2QIeu1hSGDSsdIs4nKf8WcfZ0tJdd8HkCi+oJFaQw4sr4tmQY4pVXLe5Nw
rcMsVJPR/iD+LawLF9z9q6BVtzB/B+Ns7UXK+PjrzRUMpQe2+YXdxU1Y6dnocLCn
EkH6ZISw4aAAo/gx+2jWD90O4HRAqVsowyEEQVYfRXvaNQXcnqLgajBq/9fYOf6D
HUfSA0E4g6CTEyDrExWTWqIeXuRlBpM0USmmahJqm3AhCcsCVHPRmG5h3wj9flSU
jBCnnANEE7Wfso59EJNy7nDKPK2PqjdV+se7O+pb7j6bmA3286ZAamIAxMc+ZTB0
BFcR7swH1fTi2vNNutWzfvmjVjzA0GjHL+hNxe0WQm5d9rcEDlA874kmlmw2eJyQ
/Z6d3BNfmrRCcfkawp4q
=L9nr
-----END PGP SIGNATURE-----


Accepted:
icedove-dbg_3.1.10-2~bpo60+1_i386.deb
  to main/i/icedove/icedove-dbg_3.1.10-2~bpo60+1_i386.deb
icedove-dev_3.1.10-2~bpo60+1_i386.deb
  to main/i/icedove/icedove-dev_3.1.10-2~bpo60+1_i386.deb
icedove_3.1.10-2~bpo60+1.debian.tar.gz
  to main/i/icedove/icedove_3.1.10-2~bpo60+1.debian.tar.gz
icedove_3.1.10-2~bpo60+1.dsc
  to main/i/icedove/icedove_3.1.10-2~bpo60+1.dsc
icedove_3.1.10-2~bpo60+1_i386.deb
  to main/i/icedove/icedove_3.1.10-2~bpo60+1_i386.deb
icedove_3.1.10.orig.tar.bz2
  to main/i/icedove/icedove_3.1.10.orig.tar.bz2
Reply to: