Document changes and release 1:91.4.0-1

debian/changelog

+thunderbird (1:91.4.0-1) unstable; urgency=medium
+
+  * [7752be0] d/source.filter: Small updates to filtering list
+  * [0899850] New upstream version 91.4.0
+    Fixed CVE issues in upstream version 91.4 (MFSA 2021-54):
+    CVE-2021-43536: URL leakage when navigating while executing asynchronous
+                    function
+    CVE-2021-43537: Heap buffer overflow when using structured clone
+    CVE-2021-43538: Missing fullscreen and pointer lock notification when
+                    requesting both
+    CVE-2021-43539: GC rooting failure when calling wasm instance methods
+    CVE-2021-43541: External protocol handler parameters were unescaped
+    CVE-2021-43542: XMLHttpRequest error codes could have leaked the existence
+                    of an external protocol handler
+    CVE-2021-43543: Bypass of CSP sandbox directive when embedding
+    CVE-2021-43545: Denial of Service when using the Location API in a loop
+    CVE-2021-43546: Cursor spoofing could overlay user interface when native
+                    cursor is zoomed
+    CVE-2021-43528: JavaScript unexpectedly enabled for the composition area
+    MOZ-2021-0009: Memory safety bugs fixed in Thunderbird 91.4.0
+  * [afd7750] d/t.lintian-overrides: Update entries due renamed tags
+    Some Lintan tags were renamed, thus requires am adjustment of the existing
+    overrides.
+  * [30a387c] d/s/lintian-overrides: Adjust most of the existing entries
+    Same as before but for the source package.
+
+ -- Carsten Schoenert <c.schoenert@t-online.de>  Tue, 07 Dec 2021 18:26:44 +0100
+
 thunderbird (1:91.3.2-1) unstable; urgency=medium
 
   * [7fd56f0] New upstream version 91.3.2