Accepted thunderbird 1:102.7.1-1 (source) into unstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 24 Jan 2023 16:32:06 +0100
Source: thunderbird
Architecture: source
Version: 1:102.7.1-1
Distribution: unstable
Urgency: medium
Maintainer: Carsten Schoenert <c.schoenert@t-online.de>
Changed-By: Carsten Schoenert <c.schoenert@t-online.de>
Closes: 1028885
Changes:
thunderbird (1:102.7.1-1) unstable; urgency=medium
.
* [dbc3385] New upstream version 102.7.1
Fixed CVE issues in upstream version 102.7 (MFSA 2023-03):
CVE-2022-46871: libusrsctp library out of date
CVE-2023-23598: Arbitrary file read from GTK drag and drop on Linux
CVE-2023-23601: URL being dragged from cross-origin iframe into same
tab triggers navigation
CVE-2023-23602: Content Security Policy wasn't being correctly applied
to WebSockets in WebWorkers
CVE-2022-46877: Fullscreen notification bypass
CVE-2023-23603: Calls to <code>console.log</code> allowed bypasing
Content Security Policy via format directive
CVE-2023-23605: Memory safety bugs fixed in Thunderbird 102.7
Fixed CVE issues in upstream version 102.7.1 (MFSA not yet released):
CVE-2023-0430: Revocation status of S/Mime signature certificates was
not checked
* [af92a36] Rebuild patch queue from patch-queue branch
Added patch:
debian-hacks/Python-3.11-Don-t-use-mode-rU-any-more.patch
(Closes: #1028885)
Checksums-Sha1:
0102a9367440d92b6f8f5a19dad16aa6e3d283b4 8496 thunderbird_102.7.1-1.dsc
469e1de627f32d7fd3b11d5ffc5c96bf9ed47062 12515440 thunderbird_102.7.1.orig-thunderbird-l10n.tar.xz
6e34dc7018441229550a80a2c1a6e6668f364dee 522789916 thunderbird_102.7.1.orig.tar.xz
ed24a75ce5163af132492d38af5384d1fb1340fa 548024 thunderbird_102.7.1-1.debian.tar.xz
5ea5d1ee7ef34bc5cb52014fcd8da0f4aad5a34e 39863 thunderbird_102.7.1-1_amd64.buildinfo
Checksums-Sha256:
4b3fd11d946479ac372dde60020507e08dc04f1fa17b225d19b329a49e1f4802 8496 thunderbird_102.7.1-1.dsc
2affac3bc393e8ca8b5e8d8f78dc3167695bbfcd237fe35ddaf25dbd595ed102 12515440 thunderbird_102.7.1.orig-thunderbird-l10n.tar.xz
51520b56816b7c95d347b843e22b63705e20cffeebbe2ad820df7980839aa261 522789916 thunderbird_102.7.1.orig.tar.xz
76928f78c88b75ad27d4dc709e5df975194569e844157a3d4c8ea9cb7dcf333d 548024 thunderbird_102.7.1-1.debian.tar.xz
43bd929586f8b27134657e1716cf8c925ec845f7db938a15d864d059d9adaaa4 39863 thunderbird_102.7.1-1_amd64.buildinfo
Files:
b80956f4862d967de220689026e51b95 8496 mail optional thunderbird_102.7.1-1.dsc
810c5e040e824659b3b13bec5ca00478 12515440 mail optional thunderbird_102.7.1.orig-thunderbird-l10n.tar.xz
49e05fba1d86bd71e3c6c737f21954cd 522789916 mail optional thunderbird_102.7.1.orig.tar.xz
a56725f711716bcc398fbc855da9f1bd 548024 mail optional thunderbird_102.7.1-1.debian.tar.xz
7d7cb81170d8bc56e4d1b206c9933355 39863 mail optional thunderbird_102.7.1-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtw38bxNP7PwBHmKqgwFgFCUdHbAFAmPQHPAACgkQgwFgFCUd
HbAtaA//SjGHoDdrP5KZ+mtcN0SncKXs0S2saJh4VrLcEiZoOiguTWnfxsvCDkaW
XR8+WGOn4nMCmx/b9p4EdEHMb16Mb5uYzltLM+8WHx0dVeJ6a8//subQ5oPkiAOg
h5EhXdP8HuI2ojCVXEu+OP10a/vL+krU/xfwgjgoPUdDDPQVAJBorD1750+I19A0
U7wTCVBTUFy/KI4mePEOwiwEfw13hJnCfRv9gmxQdHNLdkFcie/jXdea41mx8DCH
d99rER1VToz4pHNYXMrqe87seILr8aa8rwrdI3dsGrdvh+F873ndqavTLO6BO+x9
v4cIBpRA9r0PaRc4F0Jl5kvz+XLra8ivJGsVPK0o8RQZSr4EIqELsKVTID0OGyxH
Ks+H8QUaFCcjwe6P/5MSgB6/iSCLnRu6stHzowCvbqf5N907q4ySSJrHjv43R932
8Cfbrmog0s9+gnxMEW9Fuja4cwE031WZtpHQMJu89YQYyU2irC1YsjjijuIJEp5U
f1PWmiWJtzl6tuOwC68NR/kQGqv8L1xIhrjZ98iYDJbDbe/MeqbzVqqJyE6VCyxA
c/y3UaRBJjxmcFz0X+9JZGOYYx/y7gLQMe9vQ6QpNN86JFNePGLODWtX7aXN8QEq
KbHWHchibP7Dk/JpwXXnWIrb0kODY8H/vFgvAQdWfNcN+uIeszM=
=RPhI
-----END PGP SIGNATURE-----
Reply to: