Accepted thunderbird 1:102.8.0-1 (source) into unstable
- To: debian-devel-changes@lists.debian.org
- Subject: Accepted thunderbird 1:102.8.0-1 (source) into unstable
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Sat, 18 Feb 2023 11:04:36 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: thunderbird_102.8.0-1_source.changes
- Debian-source: thunderbird
- Debian-suite: unstable
- Debian-version: 1:102.8.0-1
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=EoxsGm2Q0/T4ZOtARefy6lB+8q6mFOSqRIHQDsG05Vs=; b=Rw2CLItR1HGb0cWRR8/M5V9i7Q WVI2vG2wJE9dIE8/ZPEF0y57MZjrHlBLQ1b0lrNC9z73wzug0L3r2WMl4TcLu6SY9D+9c2zzj77yI T6n2Imyw802nCuBurONVqTnfyUc8xSY0BJhUR22LPt0CqJMZpweGLqfZ5asqcxyNlYX3fsjA1k17+ TWYqW213y7iUyGfyL65ZXwFQEij1y1nzgnt5WiZX0wcViGP/VHAr/8YkkN6R3y4USqmwYtHiM2UuU WI84O8kFrSQPOPblhYZK4KvsP62z4HwQT93XkRcLJn0MJzqkd3XNRGn+ynZENjPa1AbhlDHJ98YQF /c/JAoGQ==;
- Mail-followup-to: debian-devel@lists.debian.org
- Message-id: <E1pTL1A-007mUj-PP@fasolo.debian.org>
- Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Fri, 17 Feb 2023 20:17:32 +0100
Source: thunderbird
Architecture: source
Version: 1:102.8.0-1
Distribution: unstable
Urgency: medium
Maintainer: Carsten Schoenert <c.schoenert@t-online.de>
Changed-By: Carsten Schoenert <c.schoenert@t-online.de>
Changes:
thunderbird (1:102.8.0-1) unstable; urgency=medium
.
* [b130936] New upstream version 102.8.0
Fixed CVE issues in upstream version 102.8.0 (MFSA 2023-07):
CVE-2023-0616: User Interface lockup with messages combining S/MIME and
OpenPGP
CVE-2023-25728: Content security policy leak in violation reports using
iframes
CVE-2023-25730: Screen hijack via browser fullscreen mode
CVE-2023-0767: Arbitrary memory write via PKCS 12 in NSS
CVE-2023-25735: Potential use-after-free from compartment mismatch in
SpiderMonkey
CVE-2023-25737: Invalid downcast in SVGUtils::SetupStrokeGeometry
CVE-2023-25739: Use-after-free in
mozilla::dom::ScriptLoadContext::~ScriptLoadContext
CVE-2023-25729: Extensions could have opened external schemes without
user knowledge
CVE-2023-25732: Out of bounds memory write from EncodeInputStream
CVE-2023-25742: Web Crypto ImportKey crashes tab
CVE-2023-25746: Memory safety bugs fixed in Thunderbird 102.8
* [66e2335] Rebuild patch queue from patch-queue branch
Removed patch (included upstream):
debian-hacks/Python-3.11-Don-t-use-mode-rU-any-more.patch
Checksums-Sha1:
72218cccf9ef27cd9db9d26048e276c341e31fac 8496 thunderbird_102.8.0-1.dsc
d049128f468e870f2a9ab30b190b87b66c957e70 12645820 thunderbird_102.8.0.orig-thunderbird-l10n.tar.xz
ad9c6f0e83b10cf55586c258e5fb06c068976633 522950212 thunderbird_102.8.0.orig.tar.xz
4f33bc969994be155830e960e2b71005eb7aedb4 546896 thunderbird_102.8.0-1.debian.tar.xz
e8d4e12d24fda5bf6eb0e71c538fb2ba80348978 39745 thunderbird_102.8.0-1_amd64.buildinfo
Checksums-Sha256:
61af76dbb8286263e6451fd294a5808778663a19f80b4e38091dd987af80cc10 8496 thunderbird_102.8.0-1.dsc
ffc6a6f7cb7843f9eeee5cd09a1847f90ad62c6182faeafc1188cebc5dd27b09 12645820 thunderbird_102.8.0.orig-thunderbird-l10n.tar.xz
3bb02feadea3c138acaf9782f065eaaab4a385edc7391bebeede9fb27e1d17f8 522950212 thunderbird_102.8.0.orig.tar.xz
2f46653ae8bea97a3ba48fb00fed4466cd4e89c61e3f363ee1222233e52a9982 546896 thunderbird_102.8.0-1.debian.tar.xz
798c5bbf9e23009b3c8a5c5b5b077623cb55da801812293dc3513a32415f7fcb 39745 thunderbird_102.8.0-1_amd64.buildinfo
Files:
91163816711182c50f3115604101f07a 8496 mail optional thunderbird_102.8.0-1.dsc
85b3c1098803f0afe838de07c57db784 12645820 mail optional thunderbird_102.8.0.orig-thunderbird-l10n.tar.xz
b8d4e8af7e6dbf2d8fb46c4e125b11bb 522950212 mail optional thunderbird_102.8.0.orig.tar.xz
6330e02dc61e6534c2796f24e0c93c30 546896 mail optional thunderbird_102.8.0-1.debian.tar.xz
c1086c6591db61ec4b25367fd93c50db 39745 mail optional thunderbird_102.8.0-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtw38bxNP7PwBHmKqgwFgFCUdHbAFAmPwpHMACgkQgwFgFCUd
HbBcqBAApiWf+XEx0Se6acyV0mqz3UnEAWvan/dSMUiBzhaz8lmGy8eV4FbHd3sS
I6EgV9S8Kx3zYRXF3E+4P3vpFedsdTKFkMtA8Ji1TBXyAJagecY1l5FlhT/PKuFV
+Jcn70NN3PtKe8OgB3s+lkOF6o+LxhtdiRg4rW6bc+aPhjvs9V0rvBv/42poJHtH
TckNFe3n7KTos/2u4XsDclKxiWknlxldckeA1C7nQ9gS4eWPl3oW9kyIHlHHXg29
jB4d1Yk/HspKV6KG3c+iA20OAjgoHaR1s1xPjAQiijio0FKfnAVejl4JShUvh3Iu
V5r1iyXfzlQDdFK/xPKUQOPioStZS4ByKmXj+hp9VDZj1nRZ4VY8nUiA5szRtL/G
wknmEG+XGQwoqqF+1bEUpl0LbpyInMQXM9Tigeh+u43XXyNbUghMG0rd+XLtNUJq
zOljjXcKHazqZH5j2sZ0TZpFUrdDCGVr+Lwhlfz6LGy1sxlUOMAbYnoll8JksVSx
lixtRRPW8pBZtm5gJTwdCO1hMQ6BxoL1YFkJSmD6ciouUD4SypFoEC5yqA5WMBGS
cCkLywxRR5ydrrdzjN9tr93F66MJA2wh201oudvH75G37/uV9C0k9sZZA+5aIMcC
yeq1WvzA5TnNSddgqAWa4VqhatDdLIuFYSeQQ118N2glPYi1il0=
=74dV
-----END PGP SIGNATURE-----