Re: Please unblock icedove 2.0.0.17-1
* Michael Casadevall [Sat, 18 Oct 2008 21:15:58 -0400]:
> It clears two RC bugs and a few security bugs.Here's the recent changelog.
> icedove (2.0.0.17-1) unstable; urgency=low
> * New upstream security/stability update (v.2.0.0.17), Closes: #500721
> * MFSA 2008-37 aka CVE-2008-0016 - UTF-8 URL stack buffer overflow
> * MFSA 2008-38 aka CVE-2008-3835 - nsXMLDocument::OnChannelRedirect()
> same-origin violation
> * MFSA 2008-41 aka CVE-2008-4058, CVE-2008-4059, CVE-2008-4060 - Privilege
> escalation via XPCnativeWrapper pollution
> * MFSA 2008-42 aka CVE-2008-4061, CVE-2008-4062, CVE-2008-4063,
> CVE-2008-4064 - Crashes with evidence of memory corruption
> (rv:1.9.0.2/1.8.1.17)
> * MFSA 2008-43 aka CVE-2008-4065, CVE-2008-4066 - BOM characters, low
> surrogates stripped from JavaScript before execution
> * MFSA 2008-44 aka CVE-2008-4067, CVE-2008-4068 - resource: traversal
> vulnerabilities
> * MFSA 2008-46 aka CVE-2008-4070 - Heap overflow when canceling newsgroup
> message
> [ Michael Casadevall <sonicmctails@gmail.com> ]
> * debian/control:
> - Changed maintainer to Ubuntu Mozillateam
> - Added Uploaders to the team
> - Set DM-Upload-Allowed
> - Bumped standards version to 3.8.0
> [ Alexander Sack <asac@debian.org> ]
> * Closes: #497491 - Icedove inappropriately sets file-/MIME-type
> associations in .desktop database; we drop the Mime-Type= entry
> from debian/icedove.desktop
> - update debian/icedove.desktop
> -- Michael Casadevall <sonicmctails@gmail.com> Sat, 18 Oct 2008 09:07:20 -0400
Unblocked by Luk.
--
Adeodato Simó dato at net.com.org.es
Debian Developer adeodato at debian.org
Listening to: The Wallflowers - Bleeders
Reply to: