Sisyphus repository
Last update: 27 may 2019 | SRPMs: 17693 | Visits: 13605651
en ru br
ALT Linux repos
S:60.7.0-alt1
5.0: 2.0.0.21-alt0.M50.3
4.1: 2.0.0.21-alt0.M41.1
4.0: 2.0.0.21-alt0.M40.1
3.0: 1.0.6-alt2.1
+updates:1.0.8-alt0.M30.1

Group :: Networking/Mail
RPM: thunderbird

 Main   Changelog   Spec   Patches   Sources   Download   Gear   Bugs and FR  Repocop 

20 march 2009 Michael Shigorin <mike at altlinux.org> 2.0.0.21-alt0.M40.1

  • New version (2.0.0.21) built for M40
  • Fixed:
     + MFSA 2009-10 Upgrade PNG library to fix memory safety hazards
     + MFSA 2009-09 XML data theft via RDFXMLDataSource and cross-domain redirect
     + MFSA 2009-07 Crashes with evidence of memory corruption (rv:1.9.0.7)
     + MFSA 2009-01 Crashes with evidence of memory corruption (rv:1.9.0.6)
  • Thunderbird 2.0.0.20 release got skipped
  • Fixed in Thunderbird 2.0.0.19
     + MFSA 2008-68 XSS and JavaScript privilege escalation
     + MFSA 2008-67 Escaped null characters ignored by CSS parser
     + MFSA 2008-66 Errors parsing URLs with leading whitespace and control characters
     + MFSA 2008-65 Cross-domain data theft via script redirect error message
     + MFSA 2008-64 XMLHttpRequest 302 response disclosure
     + MFSA 2008-61 Information stealing via loadBindingDocument
     + MFSA 2008-60 Crashes with evidence of memory corruption (rv:1.9.0.5/1.8.1.19)

21 november 2008 Michael Shigorin <mike at altlinux.org> 2.0.0.18-alt0.M40.1

  • New version (2.0.0.18) built for M40
  • Fixed:
     + MFSA 2008-59 Script access to .documentURI and .textContent in mail
     + MFSA 2008-58 Parsing error in E4X default namespace
     + MFSA 2008-56 nsXMLHttpRequest::NotifyEventListeners() same-origin violation
     + MFSA 2008-55 Crash and remote code execution in nsFrameManager
     + MFSA 2008-52 Crashes with evidence of memory corruption (rv:1.9.0.4/1.8.1.18)
     + MFSA 2008-50 Crash and remote code execution via __proto__ tampering
     + MFSA 2008-48 Image stealing via canvas and HTTP redirect

8 august 2008 Michael Shigorin <mike at altlinux.org> 2.0.0.16-alt0.M40.1

  • New version (2.0.0.16) built for M40
  • Fixed:
     + MFSA 2008-34 Remote code execution by overflowing CSS reference counter
     + MFSA 2008-33 Crash and remote code execution in block reflow
     + MFSA 2008-31 Peer-trusted certs can use alt names to spoof
     + MFSA 2008-29 Faulty .properties file results in uninitialized memory being used
     + MFSA 2008-26 Buffer length checks in MIME processing
     + MFSA 2008-25 Arbitrary code execution in mozIJSSubScriptLoader.loadSubScript()
     + MFSA 2008-24 Chrome script loading from fastload file
     + MFSA 2008-21 Crashes with evidence of memory corruption (rv:1.8.1.15)

7 may 2008 Michael Shigorin <mike at altlinux.org> 2.0.0.14-alt1

  • New version (2.0.0.14)
  • Fixed:
       + MFSA 2008-15 Crashes with evidence of memory corruption (rv:1.8.1.13)
       + MFSA 2008-14 JavaScript privilege escalation and arbitrary code execution
  • disabled patch21 (already applied)

7 may 2008 Michael Shigorin <mike at altlinux.org> 2.0.0.14-alt0.M40.1

  • built for M40

25 march 2008 Michael Shigorin <mike at altlinux.org> 2.0.0.12-alt0.M40.1

  • built for M40

2 march 2008 Alexey Gladkov <legion at altlinux.ru> 2.0.0.12-alt1

  • New version (2.0.0.12)
  • Fixed:
       + MFSA 2008-12 Heap buffer overflow in external MIME bodies
       + MFSA 2008-05 Directory traversal via chrome: URI
       + MFSA 2008-03 Privilege escalation, XSS, Remote Code Execution
       + MFSA 2008-01 Crashes with evidence of memory corruption (rv:1.8.1.12)
       + MFSA 2007-36 URIs with invalid  mishandled by Windows
       + MFSA 2007-29 Crashes with evidence of memory corruption (rv:1.8.1.8)
       + MFSA 2007-27 Unescaped URIs passed to external programs
       + MFSA 2007-26 Privilege escalation through chrome-loaded about:blank windows

2 august 2007 Alexey Gladkov <legion at altlinux.ru> 2.0.0.6-alt1

  • New version (2.0.0.6)
  • Fixed:
       + MFSA 2007-27 Unescaped URIs passed to external programs
       + MFSA 2007-26 Privilege escalation through chrome-loaded about:blank windows

20 july 2007 Alexey Gladkov <legion at altlinux.ru> 2.0.0.5-alt1

  • New version (2.0.0.5)
  • Fixed:
       + MFSA 2007-23 Remote code execution by launching Firefox from Internet Explorer
       + MFSA 2007-18 Crashes with evidence of memory corruption

29 june 2007 Alexey Gladkov <legion at altlinux.ru> 2.0.0.4-alt1

  • New version (2.0.0.4)
  • Fix normal icons.
  • Fixed:
       + MFSA 2007-15 Security Vulnerability in APOP Authentication
       + MFSA 2007-12 Crashes with evidence of memory corruption (rv:1.8.0.12/1.8.1.4)

22 april 2007 Alexey Gladkov <legion at altlinux.ru> 2.0.0.0-alt1

  • New version (2.0.0.0)
  • Many bugfixes (see http://weblogs.mozillazine.org/rumblingedge/archives/2007/03/tb_2.html).
  • Add RSS files (again).

27 february 2007 Alexey Gladkov <legion at altlinux.ru> 2.0-alt1.b2

  • New version (2.0 Beta 2)

23 november 2006 Alexey Gladkov <legion at altlinux.ru> 1.5.0.8-alt1

  • New version (1.5.0.8)
  • Remove version specific paths.
  • Add %pre script.
  • Improvements to product stability.
  • Fixed:
       + MFSA 2006-67 Running Script can be recompiled
       + MFSA 2006-66 RSA signature forgery (variant)
       + MFSA 2006-65 Crashes with evidence of memory corruption (rv:1.8.0.8)
       + MFSA 2006-64 Crashes with evidence of memory corruption (rv:1.8.0.7)
       + MFSA 2006-63 JavaScript execution in mail via XBL
       + MFSA 2006-60 RSA Signature Forgery
       + MFSA 2006-59 Concurrency-related vulnerability
       + MFSA 2006-58 Auto-Update compromise through DNS and SSL spoofing
       + MFSA 2006-57 JavaScript Regular Expression Heap Corruption

17 august 2006 Alexey Gladkov <legion at altlinux.ru> 1.5.0.5-alt1

  • New version (1.5.0.5)
  • Build with MozLDAP support.
  • Improvements to product stability.
  • Fixed:
       + MFSA 2006-55 Crashes with evidence of memory corruption (rv:1.8.0.5)
       + MFSA 2006-54 XSS with XPCNativeWrapper(window).Function(...)
       + MFSA 2006-53 UniversalBrowserRead privilege escalation
       + MFSA 2006-52 PAC privilege escalation using Function.prototype.call
       + MFSA 2006-51 Privilege escalation using named-functions and redefined "new Object()"
       + MFSA 2006-50 JavaScript engine vulnerabilities
       + MFSA 2006-49 Heap buffer overwrite on malformed VCard
       + MFSA 2006-48 JavaScript new Function race condition
       + MFSA 2006-47 Native DOM methods can be hijacked across domains
       + MFSA 2006-46 Memory corruption with simultaneous events
       + MFSA 2006-44 Code execution through deleted frame reference

2 may 2006 Alexey Gladkov <legion at altlinux.ru> 1.5.0.2-alt1

  • New bugfix version.
  • Improvements to product stability.
  • Fixed:
       + MFSA 2006-28 Security check of js_ValueToFunctionObject() can be circumvented;
       + MFSA 2006-27 Table Rebuilding Code Execution Vulnerability;
       + MFSA 2006-26 Mail Multiple Information Disclosure;
       + MFSA 2006-25 Privilege escalation through Print Preview;
       + MFSA 2006-24 Privilege escalation using crypto.generateCRMFRequest;
       + MFSA 2006-22 CSS Letter-Spacing Heap Overflow Vulnerability;
       + MFSA 2006-21 JavaScript execution in mail when forwarding in-line;
       + MFSA 2006-20 Crashes with evidence of memory corruption (rv:1.8.0.2);
       + MFSA 2006-08 "AnyName" entrainment and access control hazard;
       + MFSA 2006-07 Read beyond buffer while parsing XML;
       + MFSA 2006-06 Integer overflows in E4X, SVG and Canvas;
       + MFSA 2006-05 Localstore.rdf XML injection through XULDocument.persist();
       + MFSA 2006-04 Memory corruption via QueryInterface on Location, Navigator objects;
       + MFSA 2006-02 Changing postion:relative to static corrupts memory;
       + MFSA 2006-01 JavaScript garbage-collection hazards.

24 march 2006 Alexey Gladkov <legion at altlinux.ru> 1.5-alt2

  • bugfix build.
  • share extension directory fix.

21 february 2006 Alexey Gladkov <legion at altlinux.ru> 1.5-alt1

  • new version 1.5
  • build with rpm-build-thunderbird (external build macros)
  • Build with system NSS and NSPR.
  • Buildrequires updated for xorg-7.0
  • directory /usr/share/thunderbird-@version@/extensions was added to extensions search path .
     * this location is controled by the option extensions.dir.extensions .
  • Startup script rewritten. Now it is single script.
     * command line shortcut added: altmail:MAILLIST
       (example: "altmail:devel" -> mailto:devel@list.altlinux.org).
  • LDAP support disabled.
  • firsttime script removed
  • NoX patch removed

24 august 2005 Alexey Gladkov <legion at altlinux.ru> 1.0.6-alt2

  • packaging bugfix.
  • rpm mascros bugfix.
  • The script is added for switching language after installation/removal
     of a localization package.
  • Bug: #6204, #6254 fixed.

15 august 2005 Alexey Gladkov <legion at altlinux.ru> 1.0.6-alt1

  • new version.
  • firsttime script added.

11 may 2005 Alexey Gladkov <legion at altlinux.ru> 1.0.2-alt1

  • new version;
  • RSS missing files add;

1 february 2005 Alexey Gladkov <legion at altlinux.ru> 1.0-alt4

  • update patch thunderbird-1.0-20050201-alt-nox.patch
     * uninstall-global-theme command-line option was added;
     * update-register command-line option was added;
  • thunderbird-1.0-alt-rpm-scripts.tar.bz2 bugfix;

27 january 2005 Alexey Gladkov <legion at altlinux.ru> 1.0-alt3

  • fix crush when comiling with gcc3.4 .

19 january 2005 Alexey Gladkov <legion at altlinux.ru> 1.0-alt2

  • Rebuilt with libstdc++.so.6.

6 january 2005 Alexey Gladkov <legion at altlinux.ru> 1.0-alt1

  • new version;
  • new extension load scheme;
  • uninstall-global-extension option fixed;
  • add RPATH=%_libdir/%fullname to the all binares;
  • rpm macros was updated;
  • %post_ldconfig and /sbin/postun_ldconfig was removed.
  • icons updated (thx shrek@);

16 july 2004 Alexey Morozov <morozov at altlinux.org> 0.7.2-alt2

  • new version (0.7.2)
  • rpm macros file is splitted to base and devel parts
  • Russian spec translation
  • A patch to handle external URLs w/ url_handler
  • Requirements cleanup

7 may 2004 Alexey Gladkov <legion at altlinux.ru> 0.6-alt1

  • New version;
  • Splash screen added;
  • Default userContent.css added;
  • Offline extension added by default;
  • Confilct between mozilla-like devel packages was removed.

11 february 2004 Alexey Gladkov <legion at altlinux.ru> 0.5-alt1

  • New version.

13 january 2004 Alexey Gladkov <legion at altlinux.ru> 0.4-alt4

  • Spec changes.

26 december 2003 Alexey Gladkov <legion at altlinux.ru> 0.4-alt3

  • first build for ALT Linux.
  • rpm macro added.
  • new scheme loading extensions added (thx force@)
  • Spec modifications.
 
design & coding: Vladimir Lettiev aka crux © 2004-2005, Andrew Avramenko aka liks © 2007-2008
current maintainer: Michael Shigorin