Accepted icedove 1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1 (source i386 all)

To: debian-changes@lists.debian.org
Subject: Accepted icedove 1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1 (source i386 all)
From: Steffen Joeris <white@debian.org>
Date: Mon, 09 Feb 2009 21:35:36 +0000
Message-id: <[🔎] E1LWdmy-0003C7-Lb@ries.debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Mon,  5 Jan 2009 18:02:43 +0000
Source: icedove
Binary: icedove-inspector icedove-dev thunderbird-dbg thunderbird-inspector icedove-typeaheadfind mozilla-thunderbird-typeaheadfind icedove-dbg thunderbird-gnome-support thunderbird-typeaheadfind icedove mozilla-thunderbird-inspector icedove-gnome-support thunderbird mozilla-thunderbird-dev thunderbird-dev mozilla-thunderbird
Architecture: source i386 all
Version: 1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1
Distribution: stable-security
Urgency: high
Maintainer: Alexander Sack <asac@debian.org>
Changed-By: Steffen Joeris <white@debian.org>
Description: 
 icedove    - free/unbranded thunderbird mail client
 icedove-dbg - debugging symbols for icedove/thunderbird
 icedove-dev - development files for icedove/thunderbird
 icedove-gnome-support - GNOME support package for icedove/thunderbird
 icedove-inspector - DOM inspector extension for icedove/thunderbird
 icedove-typeaheadfind - typeaheadfind extension for icedove/thunderbird
 mozilla-thunderbird - Transition package for icedove rename
 mozilla-thunderbird-dev - Transition package for icedove-dev rename
 mozilla-thunderbird-inspector - Transition package for icedove-inspector rename
 mozilla-thunderbird-typeaheadfind - Transition package for icedove-typeaheadfind rename
 thunderbird - Transition package for icedove rename
 thunderbird-dbg - Transition package for icedove-dbg rename
 thunderbird-dev - Transition package for icedove-dev rename
 thunderbird-gnome-support - Transition package for icedove-gnome-support rename
 thunderbird-inspector - Transition package for icedove-inspector rename
 thunderbird-typeaheadfind - Transition package for icedove-typeaheadfind rename
Changes: 
 icedove (1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1) stable-security; urgency=high
 .
   * Non-maintainer upload by the security team
   * backports for thunderbird 2.0.0.17 stability/security update
    * MFSA 2008-37 aka CVE-2008-0016 -  UTF-8 URL stack buffer overflow
    * MFSA 2008-38 aka CVE-2008-3835 - nsXMLDocument::OnChannelRedirect()
      same-origin violation
    * MFSA 2008-41 aka CVE-2008-4058 (XPCnativeWrapper pollution bugs),
      CVE-2008-4059 (XPCnativeWrapper pollution (Firefox 2)), CVE-2008-4060
      (Documents without script handling objects) - Privilege escalation via
      XPCnativeWrapper pollution
    * MFSA 2008-42 aka CVE-2008-4061 (1.8 layout), CVE-2008-4062 (1.8
      javascript) -  Crashes with evidence of memory corruption
      (rv:1.9.0.2/1.8.1.17)
    * MFSA 2008-43 aka CVE-2008-4065 - BOM characters, low surrogates
      stripped from JavaScript before execution
    * MFSA 2008-44 aka CVE-2008-4067, CVE-2008-4068 - resource: traversal
      vulnerabilities
    * MFSA 2008-46 aka CVE-2008-4070 - Heap overflow when canceling newsgroup
      message
   * backports for thunderbird 2.0.0.18 stability/security update
    * MFSA 2008-48 aka CVE-2008-5012 - Image stealing via canvas and HTTP
      redirect
    * MFSA 2008-50 aka CVE-2008-5014 - Crash and remote code execution via
      __proto__ tampering
    * MFSA 2008-52 aka CVE-2008-5017(1.8 layout), CVE-2008-5018(1.8 javascript)
     - Crashes with evidence of memory corruption (rv:1.9.0.4/1.8.1.18)
    * MFSA 2008-55 aka CVE-2008-5021 - Crash and remote code execution in
      nsFrameManager
    * MFSA 2008-56 aka CVE-2008-5022 - nsXMLHttpRequest::NotifyEventListeners()
      same-origin violation
    * MFSA 2008-58 aka CVE-2008-5024 - Parsing error in E4X default namespace
    * MFSA 2008-59 aka CVE-2008-4582 - Script access to .documentURI and .textContent in mail
   * backports for thunderbird 2.0.0.19 stability/security update
    * MFSA 2008-60 aka CVE-2008-5500 (layout) - Crashes with evidence of memory
      corruption (rv:1.9.0.5/1.8.1.19)
    * MFSA 2008-61 aka CVE-2008-5503 -  Information stealing via
      loadBindingDocument
    * MFSA 2008-64 aka CVE-2008-5506 - XMLHttpRequest 302 response disclosure
    * MFSA 2008-65 aka CVE-2008-5507 - Cross-domain data theft via script
      redirect error message
    * MFSA 2008-66 aka CVE-2008-5508 -  Errors parsing URLs with leading
      whitespace and control characters
    * MFSA 2008-68 aka CVE-2008-5511(XSS via XBL bindings to unloaded document),
      CVE-2008-5512(JavaScript privilege escalation) - XSS and JavaScript
      privilege escalation
 .
   tarball:
   http://people.ubuntu.com/~asac/mozilla-security/1.8.1.19/icedove-1.5.0.13+1.5.0.15b+prepatch080614i.tar.bz2
 .
   patchset:
   http://people.ubuntu.com/~asac/mozilla-security/1.8.1.19/moz_1.8.0.15prepatches080614i.tar.gz
 .
   Thanks to Alexander Sack for his cooperation and all the work behind the curtain
Files: 
 50f9d989748dcdc3b4fbe3dfe5c511e0 1352 mail optional icedove_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1.dsc
 bc7d4a8ac66249e890cc6b8053e1c403 35464904 mail optional icedove_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i.orig.tar.gz
 934c1af8ef52f687bd76100e038f031e 632912 mail optional icedove_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1.diff.gz
 c972632df916e3304ae1657a2b301fdc 10950918 mail optional icedove_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_i386.deb
 1fcb52f25725a7c106e12f29ef73bbe8 192848 mail optional icedove-inspector_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_i386.deb
 1d2b378e81e1753d0428e220a24e16cc 49112 mail optional icedove-gnome-support_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_i386.deb
 85cca8031c7e802bbe8da34c57f4f49e 30344 mail optional thunderbird-gnome-support_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_all.deb
 3d90785a8070f5a1e5711a0981abf800 59682 mail optional icedove-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_i386.deb
 8bfd66cc1708346cac4cb92b099925ec 3950506 mail optional icedove-dev_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_i386.deb
 dbdbc7041b916f6e59dcac3ece619244 50850480 mail optional icedove-dbg_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_i386.deb
 6a39034c09e4126bb21cdc23c2487939 30324 mail optional thunderbird-dbg_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_all.deb
 cbe2956ce57f0d8c4c8ff97ab3e2b73e 30312 mail optional thunderbird_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_all.deb
 1d7b977f1f636a6119fecbaa5209b123 30332 mail optional mozilla-thunderbird_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_all.deb
 ac038bd3bfa58b2bd8de442a71e6e244 30352 mail optional mozilla-thunderbird-inspector_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_all.deb
 242b59c55d9dee9589bb59fbd6658dc6 30338 mail optional thunderbird-inspector_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_all.deb
 bda7c5e419dc5d8a9bce681f985b7b54 30358 mail optional mozilla-thunderbird-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_all.deb
 43ad195fe32dc2fb2e94513fbf91a77c 30352 mail optional thunderbird-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_all.deb
 a16f184ecc39515f32fa6083b617641b 30330 mail optional thunderbird-dev_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_all.deb
 440f59303f23a8b51555ec44536bc610 30344 mail optional mozilla-thunderbird-dev_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkljNzkACgkQ62zWxYk/rQeB/QCeLi1vOWWWf8/sRj/8x4+CzE46
4/UAoMvg36BR1S0j7AhGUCsbJuKFyCs2
=4NI9
-----END PGP SIGNATURE-----


Accepted:
icedove-dbg_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_i386.deb
  to pool/main/i/icedove/icedove-dbg_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_i386.deb
icedove-dev_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_i386.deb
  to pool/main/i/icedove/icedove-dev_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_i386.deb
icedove-gnome-support_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_i386.deb
  to pool/main/i/icedove/icedove-gnome-support_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_i386.deb
icedove-inspector_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_i386.deb
  to pool/main/i/icedove/icedove-inspector_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_i386.deb
icedove-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_i386.deb
  to pool/main/i/icedove/icedove-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_i386.deb
icedove_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1.diff.gz
  to pool/main/i/icedove/icedove_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1.diff.gz
icedove_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1.dsc
  to pool/main/i/icedove/icedove_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1.dsc
icedove_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_i386.deb
  to pool/main/i/icedove/icedove_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_i386.deb
icedove_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i.orig.tar.gz
  to pool/main/i/icedove/icedove_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i.orig.tar.gz
mozilla-thunderbird-dev_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_all.deb
  to pool/main/i/icedove/mozilla-thunderbird-dev_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_all.deb
mozilla-thunderbird-inspector_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_all.deb
  to pool/main/i/icedove/mozilla-thunderbird-inspector_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_all.deb
mozilla-thunderbird-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_all.deb
  to pool/main/i/icedove/mozilla-thunderbird-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_all.deb
mozilla-thunderbird_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_all.deb
  to pool/main/i/icedove/mozilla-thunderbird_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_all.deb
thunderbird-dbg_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_all.deb
  to pool/main/i/icedove/thunderbird-dbg_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_all.deb
thunderbird-dev_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_all.deb
  to pool/main/i/icedove/thunderbird-dev_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_all.deb
thunderbird-gnome-support_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_all.deb
  to pool/main/i/icedove/thunderbird-gnome-support_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_all.deb
thunderbird-inspector_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_all.deb
  to pool/main/i/icedove/thunderbird-inspector_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_all.deb
thunderbird-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_all.deb
  to pool/main/i/icedove/thunderbird-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_all.deb
thunderbird_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_all.deb
  to pool/main/i/icedove/thunderbird_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_all.deb
Reply to:
Prev by Date: Accepted avahi 0.6.16-3etch2 (source all amd64)
Next by Date: Accepted muttprint 0.72d-8etch1 (source all)
Previous by thread: Accepted avahi 0.6.16-3etch2 (source all amd64)
Next by thread: Accepted muttprint 0.72d-8etch1 (source all)
Index(es):
- Date
- Thread