Commit cb969bf2 authored by Carsten Schoenert's avatar Carsten Schoenert
Browse files

Document changes and release 1:78.6.0-1

parent 16a7ab75
thunderbird (1:78.6.0-1) unstable; urgency=medium
* [1410f1e] d/watch: update to version 4
* [a8303b7] d/rules: use python3 explicitly while calling mach
* [f3f535e] New upstream version 78.6.0
Fixed CVE issues in upstream version 78.6 (MFSA 2020-56):
CVE-2020-16042: Operations on a BigInt could have caused uninitialized
memory to be exposed
CVE-2020-26971: Heap buffer overflow in WebGL
CVE-2020-26973: CSS Sanitizer performed incorrect sanitization
CVE-2020-26974: Incorrect cast of StyleGenericFlexBasis resulted in a heap
CVE-2020-26978: Internal network hosts could have been probed by a
malicious webpage
CVE-2020-35111: The proxy.onRequest API did not catch view-source URLs
CVE-2020-35112: Opening an extension-less download may have inadvertently
launched an executable instead
CVE-2020-35113: Memory safety bugs fixed in Thunderbird 78.6
(Closes: #972072, #973697)
* [16a7ab7] /u/l/thunderbird: Correct escape sequencing for gdb calling
We need to do a better escaping of values of the '-ex' option otherwise
the shell is refusing the concatenated string we want to use as call.
(Closes: #976979)
-- Carsten Schoenert <> Tue, 15 Dec 2020 10:12:34 +0100
thunderbird (1:78.5.1-1) unstable; urgency=medium
* [08556c2] New upstream version 78.5.1
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment