Bug#989787: marked as done (unblock: thunderbird/1:78.11.0-1)

To: Sebastian Ramacher <sramacher@respighi.debian.org>
Subject: Bug#989787: marked as done (unblock: thunderbird/1:78.11.0-1)
From: "Debian Bug Tracking System" <owner@bugs.debian.org>
Date: Sun, 13 Jun 2021 21:24:03 +0000
Message-id: <[🔎] handler.989787.D989787.162361931912644.ackdone@bugs.debian.org>
Reply-to: 989787@bugs.debian.org
References: <E1lsXYK-0003GF-Jl@respighi.debian.org> <[🔎] 162356669076.2162358.16378101062741853740.reportbug@x260.cruise.homelinux.net>

Your message dated Sun, 13 Jun 2021 21:21:56 +0000
with message-id <E1lsXYK-0003GF-Jl@respighi.debian.org>
and subject line unblock thunderbird
has caused the Debian Bug report #989787,
regarding unblock: thunderbird/1:78.11.0-1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
989787: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989787
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: unblock: thunderbird/1:78.11.0-1
From: Carsten Schoenert <c.schoenert@t-online.de>
Date: Sun, 13 Jun 2021 08:44:50 +0200
Message-id: <[🔎] 162356669076.2162358.16378101062741853740.reportbug@x260.cruise.homelinux.net>

Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

Please unblock package thunderbird

I hereby requesting the unblock of thunderbird.
The current version in unstable is the usual update of the ESR version
that happen about every 6 weeks whith fixes for some CVE issues since
the release of the previous version 78.10.0.

[ Reason ]
These CVEs got fixed by upstream release of 78.10.2 and 78.11.0.
CVE-2021-29957: Partial protection of inline OpenPGP message not indicated
CVE-2021-29956: Thunderbird stored OpenPGP secret keys without master
                password protection
CVE-2021-29967: Memory safety bugs fixed in Thunderbird 78.11

[ Impact ]
Users of testing will get excluded from using the newer version with the
fixed CVE related issues.

[ Tests ]
The local usage tests didn't hve shown any anomalies, the autopkgtests
did run also successful.

[ Risks ]
No update is risk free, but this ESR circle is rather near it end. So
it's quite unlikely that user experience breaking things will happen.
The upload to unstable happen about 10 days ago and no new bug report
was opened up since then.
Users of stable and old-stable already did get the updated newer version.

[ Checklist ]
  [x] all changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [ ] attach debdiff against the package in testing

[ Other info ]
I'm not attaching a debdiff as even a smaller set of upstream
modifications did happen it would be rather big and time consuming to
read.

unblock thunderbird/1:78.11.0-1

--- End Message ---

--- Begin Message ---

To: 989787-done@bugs.debian.org

Subject: unblock thunderbird

From: Sebastian Ramacher <sramacher@respighi.debian.org>

Date: Sun, 13 Jun 2021 21:21:56 +0000

Message-id: <E1lsXYK-0003GF-Jl@respighi.debian.org>
Unblocked.
--- End Message ---

Reply to:

References:
- Bug#989787: unblock: thunderbird/1:78.11.0-1
  - From: Carsten Schoenert <c.schoenert@t-online.de>

Prev by Date: NEW changes in stable-new
Next by Date: Bug#989597: release.debian.org: upgrade issue: non-coinstallability of libgdal20 and libgdal28
Previous by thread: Bug#989787: unblock: thunderbird/1:78.11.0-1
Next by thread: Bug#989789: RM: sogo-connector/68.0.1-2
Index(es):
- Date
- Thread