SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for MozillaThunderbird-debugsource-8.0-33.3.test.7.x86_64.rpm :

* Mon Nov 07 2011 wrAATTrosenauer.org- update to version 8.0 (bnc#728520)
* MFSA 2011-47/CVE-2011-3648 (bmo#690225) Potential XSS against sites using Shift-JIS
* MFSA 2011-48/CVE-2011-3651/CVE-2011-3652/CVE-2011-3654 Miscellaneous memory safety hazards
* MFSA 2011-49/CVE-2011-3650 (bmo#674776) Memory corruption while profiling using Firebug
* MFSA 2011-52/CVE-2011-3655 (bmo#672182) Code execution via NoWaiverWrapper- rebased patches- update enigmail to 1.3.3- update icon cache after install/removal (bnc#726758)
* Fri Sep 30 2011 wrAATTrosenauer.org- update to minor version 7.0.1
* fixed staged addon updates
* Disabled the what\'s new tab for updaters from 7.0 (bmo#690290)
* Insert Characters & Symbols fix (bmo#690267)
* Mon Sep 26 2011 wrAATTrosenauer.org- update to version 7.0 (bnc#720264)
* MFSA 2011-36 Miscellaneous memory safety hazards
* MFSA 2011-39/CVE-2011-3000 (bmo#655389) Defense against multiple Location headers due to CRLF Injection
* MFSA 2011-40/CVE-2011-2372/CVE-2011-3001 Code installation through holding down Enter
* MFSA 2011-42/CVE-2011-3232 Potentially exploitable crash in the YARR regular expression library
* MFSA 2011-44/CVE-2011-3005 (bmo#675747) Use after free reading OGG headers- removed obsolete mozilla-cairo-lcd.patch
* Tue Sep 13 2011 wrAATTrosenauer.org- update enigmail to 1.3.2 (no changelog available)- add dbus-1-glib-devel to BuildRequires (not pulled automatically anymore with 12.1)
* Fri Sep 09 2011 wrAATTrosenauer.org- make enigmail a subversion of Thunderbird to fix %release number tracking issues with the Open Build Service (taken from dmueller\'s 3.1.x changes)
* Wed Sep 07 2011 pcernyAATTsuse.com- security update to 6.0.2 (bnc#714931)
* Complete blocking of certificates issued by DigiNotar (bmo#683449)
* Fri Sep 02 2011 pcernyAATTsuse.com- security update to 6.0.1 (bnc#714931)
* MFSA 2011-34 Protection against fraudulent DigiNotar certificates (bmo#682927)
* Wed Aug 17 2011 jslabyAATTsuse.de- update enigmail to 1.3 final
* Fri Aug 12 2011 wrAATTrosenauer.org- update to version 6.0 (bnc#712224) including security fixes MFSA 2011-31
* CVE-2011-2989/CVE-2011-2991/CVE-2011-2992/CVE-2011-2985 Miscellaneous memory safety hazards
* CVE-2011-2988 (bmo#665936) String crash using WebGL shaders
* CVE-2011-2987 (bmo#665934) Heap overflow in ANGLE library
* CVE-2011-0084 (bmo#648094) Crash in SVGTextElement.getCharNumAtPosition()
* CVE-2011-2986 (bmo#655836) Cross-origin data theft using canvas and Windows D2D- add mozilla-curl.patch to remove dependencies to obsolete curl header
* Sat Jul 30 2011 jslabyAATTsuse.de- update enigmail to 1.2.99 (1.3a1pre)
* Fri Jul 29 2011 wrAATTrosenauer.org- update to version 6.0b2
* removed obsolete patches - mozilla-gio.patch - thunderbird-gio.patch- fix symbol dumper for linux3 platform
* Sat Jul 09 2011 wrAATTrosenauer.org- update to version 5.0- update enigmail to version 1.2- improved logic for the launcher command- enable gio usage (instead of gnomevfs) for 11.4 and newer- build dump_syms dynamic to build on 12.1 and above
* Mon Jun 20 2011 wrAATTrosenauer.org- security update to version 3.1.11 (bnc#701296)
* MFSA 2011-19/CVE-2011-2374 CVE-2011-2376 CVE-2011-2364 CVE-2011-2365 Miscellaneous memory safety hazards
* MFSA 2011-20/CVE-2011-2373 (bmo#617247) Use-after-free vulnerability when viewing XUL document with script disabled
* MFSA 2011-21/CVE-2011-2377 (bmo#638018, bmo#639303) Memory corruption due to multipart/x-mixed-replace images
* MFSA 2011-22/CVE-2011-2371 (bmo#664009) Integer overflow and arbitrary code execution in Array.reduceRight()
* MFSA 2011-23/CVE-2011-0083 CVE-2011-0085 CVE-2011-2363 Multiple dangling pointer vulnerabilities
* MFSA 2011-24/CVE-2011-2362 (bmo#616264) Cookie isolation error- speed up find-external-requires.sh- do not build dump_syms static as it is not needed for us - > fixes build for 12.1 and above
* Fri Apr 15 2011 wrAATTrosenauer.org- security update to version 3.1.10 (bnc#689281)
* MFSA 2011-12/ CVE-2011-0069 CVE-2011-0070 CVE-2011-0072 CVE-2011-0074 CVE-2011-0075 CVE-2011-0077 CVE-2011-0078 CVE-2011-0080 CVE-2011-0081 Miscellaneous memory safety hazards
* Fri Mar 25 2011 idoenmezAATTnovell.com- Add mozilla-gcc46.patch: fix compilation with gcc 4.6 See the following bug reports: https://bugzilla.mozilla.org/show_bug.cgi?id=623116 https://bugzilla.mozilla.org/show_bug.cgi?id=623123 https://bugzilla.mozilla.org/show_bug.cgi?id=623126 https://bugzilla.mozilla.org/show_bug.cgi?id=628371
* Tue Feb 22 2011 wrAATTrosenauer.org- security update to version 3.1.8 (build3) (bnc#667155)
* MFSA 2011-01/CVE-2011-0053/CVE-2011-0062 Miscellaneous memory safety hazards (rv:1.9.2.14/ 1.9.1.17)
* MFSA 2011-08/CVE-2010-1585 (bmo#562547) ParanoidFragmentSink allows javascript: URLs in chrome documents
* MFSA 2011-09/CVE-2011-0061 (bmo#610601) Crash caused by corrupted JPEG image
* Thu Jan 13 2011 wrAATTrosenauer.org- rename desktop file for 11.4 and above (bnc#664211)
* Mon Jan 10 2011 wrAATTrosenauer.org- add x-scheme-handler/mailto as mimetype to the desktop file as needed by newer Gnome environment
* Mon Nov 29 2010 wrAATTrosenauer.org- security update to version 3.1.7 (bnc#657016)
* MFSA 2010-74/CVE-2010-3776/CVE-2010-3777/CVE-2010-3778 Miscellaneous memory safety hazards (rv:1.9.2.13/ 1.9.1.16)
* MFSA 2010-75/CVE-2010-3769 (bmo#608336) Buffer overflow while line breaking after document.write with long string
* MFSA 2010-78/CVE-2010-3768 (bmo#527276) Add support for OTS font sanitizer- provide versioned \"thunderbird\" symbol
* Wed Oct 27 2010 wrAATTrosenauer.org- security update to version 3.1.6 (bnc#649492)
* MFSA 2010-73/CVE-2010-3765 (bmo#607222) Heap buffer overflow mixing document.write and DOM insertion
* Wed Oct 06 2010 wrAATTrosenauer.org- security update to version 3.1.5 (bnc#645315)
* MFSA 2010-64/CVE-2010-3174/CVE-2010-3175/CVE-2010-3176 Miscellaneous memory safety hazards
* MFSA 2010-65/CVE-2010-3179 (bmo#583077) Buffer overflow and memory corruption using document.write
* MFSA 2010-66/CVE-2010-3180 (bmo#588929) Use-after-free error in nsBarProp
* MFSA 2010-67/CVE-2010-3183 (bmo#598669) Dangling pointer vulnerability in LookupGetterOrSetter
* MFSA 2010-69/CVE-2010-3178 (bmo#576616) Cross-site information disclosure via modal calls
* MFSA 2010-70/CVE-2010-3170 (bmo#578697) SSL wildcard certificate matching IP addresses
* MFSA 2010-71/CVE-2010-3182 (bmo#590753, bnc#642502) Unsafe library loading vulnerabilities
* MFSA 2010-72/CVE-2010-3173 Insecure Diffie-Hellman key exchange
* new extra locales
* removed upstreamed mozilla-helper-app.patch- require mozilla-nss >= 3.12.8
* Wed Sep 15 2010 wrAATTrosenauer.org- update to version 3.1.4
* fixing startup topcrash
* Mon Aug 30 2010 wrAATTrosenauer.org- security update to version 3.1.3 (bnc#637303)
* MFSA 2010-49/CVE-2010-3169 Miscellaneous memory safety hazards
* MFSA 2010-50/CVE-2010-2765 (bmo#576447) Frameset integer overflow vulnerability
* MFSA 2010-51/CVE-2010-2767 (bmo#584512) Dangling pointer vulnerability using DOM plugin array
* MFSA 2010-53/CVE-2010-3166 (bmo#579655) Heap buffer overflow in nsTextFrameUtils::TransformText
* MFSA 2010-54/CVE-2010-2760 (bmo#585815) Dangling pointer vulnerability in nsTreeSelection
* MFSA 2010-55/CVE-2010-3168 (bmo#576075) XUL tree removal crash and remote code execution
* MFSA 2010-56/CVE-2010-3167 (bmo#576070) Dangling pointer vulnerability in nsTreeContentView
* MFSA 2010-57/CVE-2010-2766 (bmo#580445) Crash and remote code execution in normalizeDocument
* MFSA 2010-59/CVE-2010-2762 (bmo#584180) SJOW creates scope chains ending in outer object
* MFSA 2010-61/CVE-2010-2768 (bmo#579744) UTF-7 XSS by overriding document charset using type attribute
* MFSA 2010-62/CVE-2010-2769 (bmo#520189) Copy-and-paste or drag-and-drop into designMode document allows XSS
* MFSA 2010-63/CVE-2010-2764 (bmo#552090) Information leak via XMLHttpRequest statusText- ESD notification sound fix included upstream
* Mon Aug 30 2010 wrAATTrosenauer.org- fixed build with latest Gnome (mozilla-gdk-pixbuf.patch)
* Sat Jul 24 2010 wrAATTrosenauer.org- update to version 3.1.1
* based on the Gecko 1.9.2 platform
* Faster Search Results
* Quick Filter Toolbar
* New Migration Assistant
* Saved Files Manager- update to enigmail 1.1.2- enable crashreporter and package buildsymbols- fixed esd sound output (notifications) (bmo#576365)
* Fri Jul 16 2010 wrAATTrosenauer.org- security update to 3.0.6 (bnc#622506)
* MFSA 2010-34/CVE-2010-1211/CVE-2010-1212 Miscellaneous memory safety hazards
* MFSA 2010-39/CVE-2010-2752 (bmo#574059) nsCSSValue::Array index integer overflow
* MFSA 2010-40/CVE-2010-2753 (bmo#571106) nsTreeSelection dangling pointer remote code execution vulnerability
* MFSA 2010-41/CVE-2010-1205 (bmo#570451) Remote code execution using malformed PNG image
* MFSA 2010-42/CVE-2010-1213 (bmo#568148) Cross-origin data disclosure via Web Workers and importScripts
* MFSA 2010-46/CVE-2010-0654 (bmo#524223) Cross-domain data theft using CSS
* MFSA 2010-47/CVE-2010-2754 (bmo#568564) Cross-origin data leakage from script filename in error messages
* Fri May 21 2010 wrAATTrosenauer.org- security update to 3.0.5 (bnc#603356)
* MFSA 2010-25/CVE-2010-1121 (bmo#555109) Re-use of freed object due to scope confusion
* MFSA 2010-26/CVE-2010-1200/CVE-2010-1201/CVE-2010-1202/ CVE-2010-1203 Crashes with evidence of memory corruption (rv:1.9.1.10)
* MFSA 2010-29/CVE-2010-1196 (bmo#534666) Heap buffer overflow in nsGenericDOMDataNode::SetTextInternal
* MFSA 2010-30/CVE-2010-1199 (bmo#554255) Integer Overflow in XSLT Node Sorting
* Mon Apr 12 2010 wrAATTrosenauer.org- do not encode the RPM release number into the useragent to avoid non useful republishing (bnc#593807)
* Wed Mar 17 2010 wrAATTrosenauer.org- security update to 3.0.4 (bnc#586567)
* MFSA 2010-16/CVE-2010-0173/CVE-2010-0174 Crashes with evidence of memory corruption
* MFSA 2010-17/CVE-2010-0175 (bmo#540100,375928) Remote code execution with use-after-free in nsTreeSelection
* MFSA 2010-18/CVE-2010-0176 (bmo#538308) Dangling pointer vulnerability in nsTreeContentView
* MFSA 2010-22/CVE-2009-3555 (bmo#545755) Update NSS to support TLS renegotiation indication
* MFSA 2010-24/CVE-2010-0182 (bmo#490790) XMLDocument::load() doesn\'t check nsIContentPolicy
* Sun Feb 28 2010 wrAATTrosenauer.org- update to 3.0.3
* Fix for missing folders or empty folder pane after updating to Thunderbird 3.0.2
* Fri Feb 26 2010 wrAATTrosenauer.org- security update to 3.0.2 (bnc#576969)
* MFSA 2010-01/CVE-2010-0159 Crashes with evidence of memory corruption
* MFSA 2010-03/CVE-2009-1571 Use-after-free crash in HTML parser
* various stability improvements- update enigmail to 1.0.1
* Czech, Dutch, Polish and Portuguese (Brazilian) languages were added to the release.
* there are several fixes related using OpenPGP Smartcards- use system hunspell again (bnc#582276)
* Mon Jan 11 2010 wrAATTrosenauer.org- update to 3.0.1
* fixed UI issues related to some combinations of installed addons (bmo#398702)- fixed session restore (bnc#528406, bmo#508986)- removed obsolete lightning stuff from spec file- removed obsolete orbit-devel build requirement
* Mon Dec 07 2009 wrAATTrosenauer.org- update to 3.0 (bnc#559819)- update enigmail to final version 1.0.0- use --disable-updater and removed obsolete UI patch and pref changes- use internal cairo up to 11.1 (Gecko now requires at least 1.8.8)- added mozilla-clipboard.patch fixing a common crash (bmo#495392)- removed upstreamed patch thunderbird-cs-smtpauth.patch
* Wed Oct 07 2009 wrAATTrosenauer.org- fixed startup-notification (bnc#518603) (mozilla-startup-notification.patch)
* Tue Sep 29 2009 wrAATTrosenauer.org- fixed CS locale to allow SMTP AUTH sending of mails (bnc#542809)
* Tue Sep 15 2009 wrAATTrosenauer.org- update to 3.0b4
* removed upstreamed patches
* based on Gecko 1.9.1.3 (inheriting security fixes)
* new global search
* Tue Aug 25 2009 wrAATTrosenauer.org- reversioned enigmail to 0.96.99 (as it\'s actually 0.97a and 0.96 has been released already)- fixed RPM group for the translation subpackages
* Fri Aug 21 2009 wrAATTrosenauer.org- remove obsolete code for protocol handlers (bmo#389732) (mozilla-protocol_handler.patch)- new enigmail snapshot (20090813)- require pinentry-gui for 11.2 and up (bnc#441084)
* Sun Aug 09 2009 wrAATTrosenauer.org- Gtk filechooser allows alternative button order (as used in KDE) (bnc#527418)- translations{,-common} package doesn\'t provide en-US- split translations into -common and -other packages (bnc#529180)
* Tue Jul 28 2009 wrAATTrosenauer.org- fixed wrong %exclude by removing unwanted files at %install stage
* Fri Jul 17 2009 wrAATTrosenauer.org- major update to 3.0b3- update enigmail to 0.96pre- created enigmail subpackage and install to system wide location for Thunderbird and SeaMonkey- define MOZ_APP_LAUNCHER for session management (bmo#453689) (mozilla-app-launcher.patch and mozilla.sh.in)- move opensuse.js prefs to all-opensuse.js prefs to be able to override prefs in all-thunderbird.js- move intl.locale.matchOS to all-opensuse.js- added mozilla-jemalloc_deepbind.patch to fix various possible crashes (bnc#503151, bmo#493541)
* Fri Jun 19 2009 cooloAATTnovell.com- disable as-needed for this package as it fails to build with it
* Tue Jun 02 2009 wrAATTrosenauer.org- Fixed build issue for gcc 4.4 (mozilla-gcc44.patch)
* Wed Mar 18 2009 wrAATTrosenauer.org- security update to version 2.0.0.21 (bnc#484321)
* MFSA 2009-07/CVE-2009-0771, CVE-2009-0772, CVE-2009-0773 CVE-2009-0774: Crashes with evidence of memory corruption (rv:1.9.0.7)
* MFSA 2009-09/CVE-2009-0776: XML data theft via RDFXMLDataSource and cross-domain redirect
* MFSA 2009-10/CVE-2009-0040: Upgrade PNG library to fix memory safety hazards
  
ICM