Репозитории ALT
S: | 115.2.2-alt1 |
5.1: | 3.1.7-alt0.20110123.M50P.1 |
4.1: | 2.0.0.21-alt0.M41.1 |
4.0: | 2.0.0.21-alt0.M40.1 |
3.0: | 1.0.6-alt2.1 |
+updates: | 1.0.8-alt0.M30.1 |
Группа :: Сети/Почта
Пакет: thunderbird
Главная Изменения Спек Патчи Sources Загрузить Gear Bugs and FR Repocop
20 марта 2009 Michael Shigorin <mike at altlinux.org> 2.0.0.21-alt0.M40.1
- New version (2.0.0.21) built for M40
- Fixed:
+ MFSA 2009-10 Upgrade PNG library to fix memory safety hazards
+ MFSA 2009-09 XML data theft via RDFXMLDataSource and cross-domain redirect
+ MFSA 2009-07 Crashes with evidence of memory corruption (rv:1.9.0.7)
+ MFSA 2009-01 Crashes with evidence of memory corruption (rv:1.9.0.6) - Thunderbird 2.0.0.20 release got skipped
- Fixed in Thunderbird 2.0.0.19
+ MFSA 2008-68 XSS and JavaScript privilege escalation
+ MFSA 2008-67 Escaped null characters ignored by CSS parser
+ MFSA 2008-66 Errors parsing URLs with leading whitespace and control characters
+ MFSA 2008-65 Cross-domain data theft via script redirect error message
+ MFSA 2008-64 XMLHttpRequest 302 response disclosure
+ MFSA 2008-61 Information stealing via loadBindingDocument
+ MFSA 2008-60 Crashes with evidence of memory corruption (rv:1.9.0.5/1.8.1.19)
- New version (2.0.0.18) built for M40
- Fixed:
+ MFSA 2008-59 Script access to .documentURI and .textContent in mail
+ MFSA 2008-58 Parsing error in E4X default namespace
+ MFSA 2008-56 nsXMLHttpRequest::NotifyEventListeners() same-origin violation
+ MFSA 2008-55 Crash and remote code execution in nsFrameManager
+ MFSA 2008-52 Crashes with evidence of memory corruption (rv:1.9.0.4/1.8.1.18)
+ MFSA 2008-50 Crash and remote code execution via __proto__ tampering
+ MFSA 2008-48 Image stealing via canvas and HTTP redirect
- New version (2.0.0.16) built for M40
- Fixed:
+ MFSA 2008-34 Remote code execution by overflowing CSS reference counter
+ MFSA 2008-33 Crash and remote code execution in block reflow
+ MFSA 2008-31 Peer-trusted certs can use alt names to spoof
+ MFSA 2008-29 Faulty .properties file results in uninitialized memory being used
+ MFSA 2008-26 Buffer length checks in MIME processing
+ MFSA 2008-25 Arbitrary code execution in mozIJSSubScriptLoader.loadSubScript()
+ MFSA 2008-24 Chrome script loading from fastload file
+ MFSA 2008-21 Crashes with evidence of memory corruption (rv:1.8.1.15)
- New version (2.0.0.14)
- Fixed:
+ MFSA 2008-15 Crashes with evidence of memory corruption (rv:1.8.1.13)
+ MFSA 2008-14 JavaScript privilege escalation and arbitrary code execution - disabled patch21 (already applied)
- built for M40
- built for M40
- New version (2.0.0.12)
- Fixed:
+ MFSA 2008-12 Heap buffer overflow in external MIME bodies
+ MFSA 2008-05 Directory traversal via chrome: URI
+ MFSA 2008-03 Privilege escalation, XSS, Remote Code Execution
+ MFSA 2008-01 Crashes with evidence of memory corruption (rv:1.8.1.12)
+ MFSA 2007-36 URIs with invalid mishandled by Windows
+ MFSA 2007-29 Crashes with evidence of memory corruption (rv:1.8.1.8)
+ MFSA 2007-27 Unescaped URIs passed to external programs
+ MFSA 2007-26 Privilege escalation through chrome-loaded about:blank windows
- New version (2.0.0.6)
- Fixed:
+ MFSA 2007-27 Unescaped URIs passed to external programs
+ MFSA 2007-26 Privilege escalation through chrome-loaded about:blank windows
- New version (2.0.0.5)
- Fixed:
+ MFSA 2007-23 Remote code execution by launching Firefox from Internet Explorer
+ MFSA 2007-18 Crashes with evidence of memory corruption
- New version (2.0.0.4)
- Fix normal icons.
- Fixed:
+ MFSA 2007-15 Security Vulnerability in APOP Authentication
+ MFSA 2007-12 Crashes with evidence of memory corruption (rv:1.8.0.12/1.8.1.4)
- New version (2.0.0.0)
- Many bugfixes (see http://weblogs.mozillazine.org/rumblingedge/archives/2007/03/tb_2.html).
- Add RSS files (again).
- New version (2.0 Beta 2)
- New version (1.5.0.8)
- Remove version specific paths.
- Add %pre script.
- Improvements to product stability.
- Fixed:
+ MFSA 2006-67 Running Script can be recompiled
+ MFSA 2006-66 RSA signature forgery (variant)
+ MFSA 2006-65 Crashes with evidence of memory corruption (rv:1.8.0.8)
+ MFSA 2006-64 Crashes with evidence of memory corruption (rv:1.8.0.7)
+ MFSA 2006-63 JavaScript execution in mail via XBL
+ MFSA 2006-60 RSA Signature Forgery
+ MFSA 2006-59 Concurrency-related vulnerability
+ MFSA 2006-58 Auto-Update compromise through DNS and SSL spoofing
+ MFSA 2006-57 JavaScript Regular Expression Heap Corruption
- New version (1.5.0.5)
- Build with MozLDAP support.
- Improvements to product stability.
- Fixed:
+ MFSA 2006-55 Crashes with evidence of memory corruption (rv:1.8.0.5)
+ MFSA 2006-54 XSS with XPCNativeWrapper(window).Function(...)
+ MFSA 2006-53 UniversalBrowserRead privilege escalation
+ MFSA 2006-52 PAC privilege escalation using Function.prototype.call
+ MFSA 2006-51 Privilege escalation using named-functions and redefined "new Object()"
+ MFSA 2006-50 JavaScript engine vulnerabilities
+ MFSA 2006-49 Heap buffer overwrite on malformed VCard
+ MFSA 2006-48 JavaScript new Function race condition
+ MFSA 2006-47 Native DOM methods can be hijacked across domains
+ MFSA 2006-46 Memory corruption with simultaneous events
+ MFSA 2006-44 Code execution through deleted frame reference
- New bugfix version.
- Improvements to product stability.
- Fixed:
+ MFSA 2006-28 Security check of js_ValueToFunctionObject() can be circumvented;
+ MFSA 2006-27 Table Rebuilding Code Execution Vulnerability;
+ MFSA 2006-26 Mail Multiple Information Disclosure;
+ MFSA 2006-25 Privilege escalation through Print Preview;
+ MFSA 2006-24 Privilege escalation using crypto.generateCRMFRequest;
+ MFSA 2006-22 CSS Letter-Spacing Heap Overflow Vulnerability;
+ MFSA 2006-21 JavaScript execution in mail when forwarding in-line;
+ MFSA 2006-20 Crashes with evidence of memory corruption (rv:1.8.0.2);
+ MFSA 2006-08 "AnyName" entrainment and access control hazard;
+ MFSA 2006-07 Read beyond buffer while parsing XML;
+ MFSA 2006-06 Integer overflows in E4X, SVG and Canvas;
+ MFSA 2006-05 Localstore.rdf XML injection through XULDocument.persist();
+ MFSA 2006-04 Memory corruption via QueryInterface on Location, Navigator objects;
+ MFSA 2006-02 Changing postion:relative to static corrupts memory;
+ MFSA 2006-01 JavaScript garbage-collection hazards.
- bugfix build.
- share extension directory fix.
- new version 1.5
- build with rpm-build-thunderbird (external build macros)
- Build with system NSS and NSPR.
- Buildrequires updated for xorg-7.0
- directory /usr/share/thunderbird-@version@/extensions was added to extensions search path .
* this location is controled by the option extensions.dir.extensions . - Startup script rewritten. Now it is single script.
* command line shortcut added: altmail:MAILLIST
(example: "altmail:devel" -> mailto:devel@list.altlinux.org). - LDAP support disabled.
- firsttime script removed
- NoX patch removed
- packaging bugfix.
- rpm mascros bugfix.
- The script is added for switching language after installation/removal
of a localization package. - Bug: #6204, #6254 fixed.
- new version.
- firsttime script added.
- new version;
- RSS missing files add;
- update patch thunderbird-1.0-20050201-alt-nox.patch
* uninstall-global-theme command-line option was added;
* update-register command-line option was added; - thunderbird-1.0-alt-rpm-scripts.tar.bz2 bugfix;
- fix crush when comiling with gcc3.4 .
- Rebuilt with libstdc++.so.6.
- new version;
- new extension load scheme;
- uninstall-global-extension option fixed;
- add RPATH=%_libdir/%fullname to the all binares;
- rpm macros was updated;
- %post_ldconfig and /sbin/postun_ldconfig was removed.
- icons updated (thx shrek@);
- new version (0.7.2)
- rpm macros file is splitted to base and devel parts
- Russian spec translation
- A patch to handle external URLs w/ url_handler
- Requirements cleanup
- New version;
- Splash screen added;
- Default userContent.css added;
- Offline extension added by default;
- Confilct between mozilla-like devel packages was removed.
- New version.
- Spec changes.
- first build for ALT Linux.
- rpm macro added.
- new scheme loading extensions added (thx force@)
- Spec modifications.