Репозитории ALT
| S: | 115.2.2-alt1 |
| 5.1: | 3.1.7-alt0.20110123.M50P.1 |
| 4.1: | 2.0.0.21-alt0.M41.1 |
| 4.0: | 2.0.0.21-alt0.M40.1 |
| 3.0: | 1.0.6-alt2.1 |
| +updates: | 1.0.8-alt0.M30.1 |
Группа :: Сети/Почта
Пакет: thunderbird
навигация по пакетам
Главная Изменения Спек Патчи Sources Загрузить Gear Bugs and FR Repocop
25 января 2011 Andrey Cherepanov <cas at altlinux.org> 3.1.7-alt0.20110123.M50P.1
- Backport new version (3.1.7) to p5 branch
- New snapshot (3.1.7 20110123)
- Fix update request (ALT#23867)
- New snapshot (3.1.2 20100810)
- Fixed:
+ MFSA 2010-47 Cross-origin data leakage from script filename in error messages
+ MFSA 2010-46 Cross-domain data theft using CSS
+ MFSA 2010-44 Characters mapped to U+FFFD in 8 bit encodings cause subsequent character to vanish
+ MFSA 2010-43 Same-origin bypass using canvas context
+ MFSA 2010-42 Cross-origin data disclosure via Web Workers and importScripts
+ MFSA 2010-41 Remote code execution using malformed PNG image
+ MFSA 2010-40 nsTreeSelection dangling pointer remote code execution vulnerability
+ MFSA 2010-39 nsCSSValue::Array index integer overflow
+ MFSA 2010-38 Arbitrary code execution using SJOW and fast native function
+ MFSA 2010-34 Miscellaneous memory safety hazards (rv:1.9.2.7/ 1.9.1.11)
- New snapshot
- New snapshot (3.0.4 20100404)
- Add gnome support.
- Fixed:
+ MFSA 2010-24 XMLDocument::load() doesn't check nsIContentPolicy
+ MFSA 2010-22 Update NSS to support TLS renegotiation indication
+ MFSA 2010-18 Dangling pointer vulnerability in nsTreeContentView
+ MFSA 2010-17 Remote code execution with use-after-free in nsTreeSelection
+ MFSA 2010-16 Crashes with evidence of memory corruption (rv:1.9.2.2/ 1.9.1.9/ 1.9.0.19)
- New snapshot (3.0.1 20100128)
- New snapshot (3.0 20091126)
- New snapshot (3.0 20091018)
- New snapshot (3.0 20091010)
- New snapshot (3.0 20090929)
- New snapshot (3.0 20090917)
- New snapshot (3.0 20090817)
- New snapshot (3.0 20090729)
- New snapshot (3.0 20090601)
- New snapshot (3.0 20090424)
- New snapshot (3.0 20090312)
- Use system mozsqlite3 (sqlite3 unsupported)
- New version (2.0.0.18)
- Fixed:
+ MFSA 2008-59 Script access to .documentURI and .textContent in mail
+ MFSA 2008-58 Parsing error in E4X default namespace
+ MFSA 2008-56 nsXMLHttpRequest::NotifyEventListeners() same-origin violation
+ MFSA 2008-55 Crash and remote code execution in nsFrameManager
+ MFSA 2008-52 Crashes with evidence of memory corruption (rv:1.9.0.4/1.8.1.18)
+ MFSA 2008-50 Crash and remote code execution via __proto__ tampering
+ MFSA 2008-48 Image stealing via canvas and HTTP redirect
- New version (2.0.0.17)
- Fixed:
+ MFSA 2008-46 Heap overflow when canceling newsgroup message
+ MFSA 2008-44 resource: traversal vulnerabilities
+ MFSA 2008-43 BOM characters stripped from JavaScript before execution
+ MFSA 2008-42 Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17)
+ MFSA 2008-41 Privilege escalation via XPCnativeWrapper pollution
+ MFSA 2008-38 nsXMLDocument::OnChannelRedirect() same-origin violation
+ MFSA 2008-37 UTF-8 URL stack buffer overflow
+ MFSA 2008-34 Remote code execution by overflowing CSS reference counter
+ MFSA 2008-33 Crash and remote code execution in block reflow
+ MFSA 2008-31 Peer-trusted certs can use alt names to spoof
+ MFSA 2008-29 Faulty .properties file results in uninitialized memory being used
+ MFSA 2008-26 Buffer length checks in MIME processing
+ MFSA 2008-25 Arbitrary code execution in mozIJSSubScriptLoader.loadSubScript()
+ MFSA 2008-24 Chrome script loading from fastload file
+ MFSA 2008-21 Crashes with evidence of memory corruption (rv:1.8.1.15)
- Bugfix build.
- Dont use LD_LIBRARY_PATH in startup scripts.
- New version (2.0.0.14)
- Fixed:
+ MFSA 2008-15 Crashes with evidence of memory corruption (rv:1.8.1.13)
+ MFSA 2008-14 JavaScript privilege escalation and arbitrary code execution
- New version (2.0.0.12)
- Fixed:
+ MFSA 2008-12 Heap buffer overflow in external MIME bodies
+ MFSA 2008-05 Directory traversal via chrome: URI
+ MFSA 2008-03 Privilege escalation, XSS, Remote Code Execution
+ MFSA 2008-01 Crashes with evidence of memory corruption (rv:1.8.1.12)
+ MFSA 2007-36 URIs with invalid mishandled by Windows
+ MFSA 2007-29 Crashes with evidence of memory corruption (rv:1.8.1.8)
+ MFSA 2007-27 Unescaped URIs passed to external programs
+ MFSA 2007-26 Privilege escalation through chrome-loaded about:blank windows
- New version (2.0.0.6)
- Fixed:
+ MFSA 2007-27 Unescaped URIs passed to external programs
+ MFSA 2007-26 Privilege escalation through chrome-loaded about:blank windows
- New version (2.0.0.5)
- Fixed:
+ MFSA 2007-23 Remote code execution by launching Firefox from Internet Explorer
+ MFSA 2007-18 Crashes with evidence of memory corruption
- New version (2.0.0.4)
- Fix normal icons.
- Fixed:
+ MFSA 2007-15 Security Vulnerability in APOP Authentication
+ MFSA 2007-12 Crashes with evidence of memory corruption (rv:1.8.0.12/1.8.1.4)
- New version (2.0.0.0)
- Many bugfixes (see http://weblogs.mozillazine.org/rumblingedge/archives/2007/03/tb_2.html).
- Add RSS files (again).
- New version (2.0 Beta 2)
- New version (1.5.0.8)
- Remove version specific paths.
- Add %pre script.
- Improvements to product stability.
- Fixed:
+ MFSA 2006-67 Running Script can be recompiled
+ MFSA 2006-66 RSA signature forgery (variant)
+ MFSA 2006-65 Crashes with evidence of memory corruption (rv:1.8.0.8)
+ MFSA 2006-64 Crashes with evidence of memory corruption (rv:1.8.0.7)
+ MFSA 2006-63 JavaScript execution in mail via XBL
+ MFSA 2006-60 RSA Signature Forgery
+ MFSA 2006-59 Concurrency-related vulnerability
+ MFSA 2006-58 Auto-Update compromise through DNS and SSL spoofing
+ MFSA 2006-57 JavaScript Regular Expression Heap Corruption
- New version (1.5.0.5)
- Build with MozLDAP support.
- Improvements to product stability.
- Fixed:
+ MFSA 2006-55 Crashes with evidence of memory corruption (rv:1.8.0.5)
+ MFSA 2006-54 XSS with XPCNativeWrapper(window).Function(...)
+ MFSA 2006-53 UniversalBrowserRead privilege escalation
+ MFSA 2006-52 PAC privilege escalation using Function.prototype.call
+ MFSA 2006-51 Privilege escalation using named-functions and redefined "new Object()"
+ MFSA 2006-50 JavaScript engine vulnerabilities
+ MFSA 2006-49 Heap buffer overwrite on malformed VCard
+ MFSA 2006-48 JavaScript new Function race condition
+ MFSA 2006-47 Native DOM methods can be hijacked across domains
+ MFSA 2006-46 Memory corruption with simultaneous events
+ MFSA 2006-44 Code execution through deleted frame reference
- New bugfix version.
- Improvements to product stability.
- Fixed:
+ MFSA 2006-28 Security check of js_ValueToFunctionObject() can be circumvented;
+ MFSA 2006-27 Table Rebuilding Code Execution Vulnerability;
+ MFSA 2006-26 Mail Multiple Information Disclosure;
+ MFSA 2006-25 Privilege escalation through Print Preview;
+ MFSA 2006-24 Privilege escalation using crypto.generateCRMFRequest;
+ MFSA 2006-22 CSS Letter-Spacing Heap Overflow Vulnerability;
+ MFSA 2006-21 JavaScript execution in mail when forwarding in-line;
+ MFSA 2006-20 Crashes with evidence of memory corruption (rv:1.8.0.2);
+ MFSA 2006-08 "AnyName" entrainment and access control hazard;
+ MFSA 2006-07 Read beyond buffer while parsing XML;
+ MFSA 2006-06 Integer overflows in E4X, SVG and Canvas;
+ MFSA 2006-05 Localstore.rdf XML injection through XULDocument.persist();
+ MFSA 2006-04 Memory corruption via QueryInterface on Location, Navigator objects;
+ MFSA 2006-02 Changing postion:relative to static corrupts memory;
+ MFSA 2006-01 JavaScript garbage-collection hazards.
- bugfix build.
- share extension directory fix.
- new version 1.5
- build with rpm-build-thunderbird (external build macros)
- Build with system NSS and NSPR.
- Buildrequires updated for xorg-7.0
- directory /usr/share/thunderbird-@version@/extensions was added to extensions search path .
* this location is controled by the option extensions.dir.extensions . - Startup script rewritten. Now it is single script.
* command line shortcut added: altmail:MAILLIST
(example: "altmail:devel" -> mailto:devel@list.altlinux.org). - LDAP support disabled.
- firsttime script removed
- NoX patch removed
- packaging bugfix.
- rpm mascros bugfix.
- The script is added for switching language after installation/removal
of a localization package. - Bug: #6204, #6254 fixed.
- new version.
- firsttime script added.
- new version;
- RSS missing files add;
- update patch thunderbird-1.0-20050201-alt-nox.patch
* uninstall-global-theme command-line option was added;
* update-register command-line option was added; - thunderbird-1.0-alt-rpm-scripts.tar.bz2 bugfix;
- fix crush when comiling with gcc3.4 .
- Rebuilt with libstdc++.so.6.
- new version;
- new extension load scheme;
- uninstall-global-extension option fixed;
- add RPATH=%_libdir/%fullname to the all binares;
- rpm macros was updated;
- %post_ldconfig and %postun_ldconfig was removed.
- icons updated (thx shrek@);
- new version (0.7.2)
- rpm macros file is splitted to base and devel parts
- Russian spec translation
- A patch to handle external URLs w/ url_handler
- Requirements cleanup
- New version;
- Splash screen added;
- Default userContent.css added;
- Offline extension added by default;
- Confilct between mozilla-like devel packages was removed.
- New version.
- Spec changes.
- first build for ALT Linux.
- rpm macro added.
- new scheme loading extensions added (thx force@)
- Spec modifications.