Accepted icedove 1.5.0.13+1.5.0.14b.dfsg1-0lenny1 (source i386 all)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Fri, 19 Oct 2007 21:05:15 +0200
Source: icedove
Binary: icedove-inspector icedove-dev thunderbird-dbg thunderbird-inspector icedove-typeaheadfind mozilla-thunderbird-typeaheadfind icedove-dbg thunderbird-gnome-support thunderbird-typeaheadfind icedove mozilla-thunderbird-inspector icedove-gnome-support thunderbird mozilla-thunderbird-dev thunderbird-dev mozilla-thunderbird
Architecture: source i386 all
Version: 1.5.0.13+1.5.0.14b.dfsg1-0lenny1
Distribution: testing-security
Urgency: low
Maintainer: Alexander Sack <asac@debian.org>
Changed-By: Stefan Fritsch <sf@debian.org>
Description:
icedove - free/unbranded thunderbird mail client
icedove-dbg - debugging symbols for icedove/thunderbird
icedove-dev - development files for icedove/thunderbird
icedove-gnome-support - GNOME support package for icedove/thunderbird
icedove-inspector - DOM inspector extension for icedove/thunderbird
icedove-typeaheadfind - typeaheadfind extension for icedove/thunderbird
mozilla-thunderbird - Transition package for icedove rename
mozilla-thunderbird-dev - Transition package for icedove-dev rename
mozilla-thunderbird-inspector - Transition package for icedove-inspector rename
mozilla-thunderbird-typeaheadfind - Transition package for icedove-typeaheadfind rename
thunderbird - Transition package for icedove rename
thunderbird-dbg - Transition package for icedove-dbg rename
thunderbird-dev - Transition package for icedove-dev rename
thunderbird-gnome-support - Transition package for icedove-gnome-support rename
thunderbird-inspector - Transition package for icedove-inspector rename
thunderbird-typeaheadfind - Transition package for icedove-typeaheadfind rename
Changes:
icedove (1.5.0.13+1.5.0.14b.dfsg1-0lenny1) testing-security; urgency=low
.
[ Alexander Sack ]
* security/stability update 1.5.0.13 + 1.5.0.14 (prepatch):
- tarball used to produce this tarball:
http://people.debian.org/~asac/mozilla-security/patches-ALL-1.8.0.14b.tar.gz
Fixed in 1.5.0.13:
- CVE-2007-3734, CVE-2007-3735 - MFSA 2007-18: Crashes with evidence of
memory corruption (rv:1.8.0.13/1.8.1.5)
- CVE-2007-3670 - MFSA 2007-23: Remote code execution by launching Firefox
from Internet Explorer.
- CVE-2007-3844 - MFSA 2007-26: Privilege escalation through chrome-loaded
about:blank windows.
- CVE-2007-3845 - MFSA 2007-27: Unescaped URIs passed to external
programs.
Fixed in 1.5.0.14b:
- advisories not yet public/final - will be documented on next upload:
CVE-2007-5339 (bulk memory corruption I), CVE-2007-5340 (bulk javascript
memory corruption), CVE-2007-5338 (XPCNativeWrapper code execution).
CVE-2007-5336 (mutation notify on text change), CVE-2007-5337 (sftp
protocol), CVE-2007-2292 (browser digest request splitting), CVE-2007-4841
(windows only).
.
[ Stefan Fritsch ]
* Upload to testing-security
Files:
84448267443e94de8c2bca0cb9331921 1298 mail optional icedove_1.5.0.13+1.5.0.14b.dfsg1-0lenny1.dsc
092b7b811688851549f178e93b335146 640636 mail optional icedove_1.5.0.13+1.5.0.14b.dfsg1-0lenny1.diff.gz
8cefd5a0d45b6a568008f61ce1890575 10781436 mail optional icedove_1.5.0.13+1.5.0.14b.dfsg1-0lenny1_i386.deb
4c64924fb913be3b5e5173c3beaf3abc 190422 mail optional icedove-inspector_1.5.0.13+1.5.0.14b.dfsg1-0lenny1_i386.deb
43c5051d012fea279501cba041ef4a89 46950 mail optional icedove-gnome-support_1.5.0.13+1.5.0.14b.dfsg1-0lenny1_i386.deb
8be379e8f4d08a26204b7d9840f68f59 28742 mail optional thunderbird-gnome-support_1.5.0.13+1.5.0.14b.dfsg1-0lenny1_all.deb
7651a36ecbcff55044c0d15d2f75ce6a 57290 mail optional icedove-typeaheadfind_1.5.0.13+1.5.0.14b.dfsg1-0lenny1_i386.deb
abb5201c49b3723f199a12c2b4e3d594 3921538 mail optional icedove-dev_1.5.0.13+1.5.0.14b.dfsg1-0lenny1_i386.deb
e2c2889eeb6f10fbb5dd89fcd8dd901f 81162980 mail optional icedove-dbg_1.5.0.13+1.5.0.14b.dfsg1-0lenny1_i386.deb
55a253d2d03794be7d870eb8bd0edad7 28720 mail optional thunderbird-dbg_1.5.0.13+1.5.0.14b.dfsg1-0lenny1_all.deb
bb9996821a8ef3a8fe97a517713be23a 28708 mail optional thunderbird_1.5.0.13+1.5.0.14b.dfsg1-0lenny1_all.deb
f7b8594b9b64a6e4f7c226f0e9d8796c 28726 mail optional mozilla-thunderbird_1.5.0.13+1.5.0.14b.dfsg1-0lenny1_all.deb
c103e5be4c22e495d4e0574edd3983b2 28748 mail optional mozilla-thunderbird-inspector_1.5.0.13+1.5.0.14b.dfsg1-0lenny1_all.deb
f93e76f14e88c2335fc6599dd43bc73f 28730 mail optional thunderbird-inspector_1.5.0.13+1.5.0.14b.dfsg1-0lenny1_all.deb
266883c0cc73501e3f9064f4471b7637 28750 mail optional mozilla-thunderbird-typeaheadfind_1.5.0.13+1.5.0.14b.dfsg1-0lenny1_all.deb
2ed302e3ca9e43922689d728b3f24035 28748 mail optional thunderbird-typeaheadfind_1.5.0.13+1.5.0.14b.dfsg1-0lenny1_all.deb
46b9aecafe3304942c03b7ae62ad3109 28726 mail optional thunderbird-dev_1.5.0.13+1.5.0.14b.dfsg1-0lenny1_all.deb
f05de30af14c3c0be2b93e6d0f2be839 28736 mail optional mozilla-thunderbird-dev_1.5.0.13+1.5.0.14b.dfsg1-0lenny1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFHGa6lbxelr8HyTqQRAnGvAJ48wXTNsU1Uts6tPxfyCB6Qpu1IIwCgxHMa
Lq4o+QOTkurG8qiHw6PKsNw=
=jFrX
-----END PGP SIGNATURE-----
Accepted:
icedove-dbg_1.5.0.13+1.5.0.14b.dfsg1-0lenny1_i386.deb
to pool/main/i/icedove/icedove-dbg_1.5.0.13+1.5.0.14b.dfsg1-0lenny1_i386.deb
icedove-dev_1.5.0.13+1.5.0.14b.dfsg1-0lenny1_i386.deb
to pool/main/i/icedove/icedove-dev_1.5.0.13+1.5.0.14b.dfsg1-0lenny1_i386.deb
icedove-gnome-support_1.5.0.13+1.5.0.14b.dfsg1-0lenny1_i386.deb
to pool/main/i/icedove/icedove-gnome-support_1.5.0.13+1.5.0.14b.dfsg1-0lenny1_i386.deb
icedove-inspector_1.5.0.13+1.5.0.14b.dfsg1-0lenny1_i386.deb
to pool/main/i/icedove/icedove-inspector_1.5.0.13+1.5.0.14b.dfsg1-0lenny1_i386.deb
icedove-typeaheadfind_1.5.0.13+1.5.0.14b.dfsg1-0lenny1_i386.deb
to pool/main/i/icedove/icedove-typeaheadfind_1.5.0.13+1.5.0.14b.dfsg1-0lenny1_i386.deb
icedove_1.5.0.13+1.5.0.14b.dfsg1-0lenny1.diff.gz
to pool/main/i/icedove/icedove_1.5.0.13+1.5.0.14b.dfsg1-0lenny1.diff.gz
icedove_1.5.0.13+1.5.0.14b.dfsg1-0lenny1.dsc
to pool/main/i/icedove/icedove_1.5.0.13+1.5.0.14b.dfsg1-0lenny1.dsc
icedove_1.5.0.13+1.5.0.14b.dfsg1-0lenny1_i386.deb
to pool/main/i/icedove/icedove_1.5.0.13+1.5.0.14b.dfsg1-0lenny1_i386.deb
mozilla-thunderbird-dev_1.5.0.13+1.5.0.14b.dfsg1-0lenny1_all.deb
to pool/main/i/icedove/mozilla-thunderbird-dev_1.5.0.13+1.5.0.14b.dfsg1-0lenny1_all.deb
mozilla-thunderbird-inspector_1.5.0.13+1.5.0.14b.dfsg1-0lenny1_all.deb
to pool/main/i/icedove/mozilla-thunderbird-inspector_1.5.0.13+1.5.0.14b.dfsg1-0lenny1_all.deb
mozilla-thunderbird-typeaheadfind_1.5.0.13+1.5.0.14b.dfsg1-0lenny1_all.deb
to pool/main/i/icedove/mozilla-thunderbird-typeaheadfind_1.5.0.13+1.5.0.14b.dfsg1-0lenny1_all.deb
mozilla-thunderbird_1.5.0.13+1.5.0.14b.dfsg1-0lenny1_all.deb
to pool/main/i/icedove/mozilla-thunderbird_1.5.0.13+1.5.0.14b.dfsg1-0lenny1_all.deb
thunderbird-dbg_1.5.0.13+1.5.0.14b.dfsg1-0lenny1_all.deb
to pool/main/i/icedove/thunderbird-dbg_1.5.0.13+1.5.0.14b.dfsg1-0lenny1_all.deb
thunderbird-dev_1.5.0.13+1.5.0.14b.dfsg1-0lenny1_all.deb
to pool/main/i/icedove/thunderbird-dev_1.5.0.13+1.5.0.14b.dfsg1-0lenny1_all.deb
thunderbird-gnome-support_1.5.0.13+1.5.0.14b.dfsg1-0lenny1_all.deb
to pool/main/i/icedove/thunderbird-gnome-support_1.5.0.13+1.5.0.14b.dfsg1-0lenny1_all.deb
thunderbird-inspector_1.5.0.13+1.5.0.14b.dfsg1-0lenny1_all.deb
to pool/main/i/icedove/thunderbird-inspector_1.5.0.13+1.5.0.14b.dfsg1-0lenny1_all.deb
thunderbird-typeaheadfind_1.5.0.13+1.5.0.14b.dfsg1-0lenny1_all.deb
to pool/main/i/icedove/thunderbird-typeaheadfind_1.5.0.13+1.5.0.14b.dfsg1-0lenny1_all.deb
thunderbird_1.5.0.13+1.5.0.14b.dfsg1-0lenny1_all.deb
to pool/main/i/icedove/thunderbird_1.5.0.13+1.5.0.14b.dfsg1-0lenny1_all.deb