Document changes and release 1:78.7.0-1

4d7aa109 · Carsten Schoenert · 4b0c0a71 · 4d7aa109
Commit 4d7aa109 authored Jan 29, 2021 by Carsten Schoenert
Hide whitespace changes
Inline Side-by-side

Showing with 20 additions and 0 deletions

debian/changelog debian/changelog +20 -0

No files found.
--- a/debian/changelog
+++ b/debian/changelog
+thunderbird (1:78.7.0-1) unstable; urgency=medium
+
+  * [8751354] New upstream version 78.7.0
+    Fixed CVE issues in upstream version 78.7 (MFSA 2021-05):
+    CVE-2021-23953: Cross-origin information leakage via redirected PDF
+                    requests
+    CVE-2021-23954: Type confusion when using logical assignment operators in
+                    JavaScript switch statements
+    CVE-2020-15685: IMAP Response Injection when using STARTTLS
+    CVE-2020-26976: HTTPS pages could have been intercepted by a registered
+                    service worker when they should not have been
+    CVE-2021-23960: Use-after-poison for incorrectly redeclared JavaScript
+                    variables during GC
+    CVE-2021-23964: Memory safety bugs fixed in Thunderbird 78.7
+  * [4b0c0a7] rebuild patch queue from patch-queue branch
+    removed patch (included upstream):
+    porting-mips/Bug-1642265-MIPS64-Add-branchTestSymbol-and-fallibleUnbox.patch
+
+ -- Carsten Schoenert <c.schoenert@t-online.de>  Fri, 29 Jan 2021 20:45:49 +0100
+
 thunderbird (1:78.6.1-1) unstable; urgency=medium

  [ Carsten Schoenert ]