Comment 1 Sune Kloppenborg Jeppesen (RETIRED) 2005-07-14 01:41:15 UTC

1.0.5 released, mozilla please bump.  
 
Note there is still no entry the security page: 
http://www.mozilla.org/projects/security/known-vulnerabilities.html 

Comment 2 Thierry Carrez (RETIRED) 2005-07-14 03:52:51 UTC

Fixed in TB 1.0.5 :

MFSA 2005-56 Code execution through shared function objects
MFSA 2005-55 XHTML node spoofing
MFSA 2005-52 Same origin violation: frame calling top.focus()
MFSA 2005-50 Possibly exploitable crash in InstallVersion.compareTo()
MFSA 2005-46 XBL scripts ran even when Javascript disabled
MFSA 2005-44 Privilege escalation via non-DOM property overrides
MFSA 2005-41 Privilege escalation via DOM property overrides
MFSA 2005-40 Missing Install object instance checks
MFSA 2005-33 Javascript "lambda" replace exposes memory contents

mail-client/thunderbird{-bin}: 1.0.5 are in the tree.

Comment 4 Thierry Carrez (RETIRED) 2005-07-14 10:17:33 UTC

Thx Anarchy, arches please test and mark stable :

mozilla-thunderbird target KEYWORDS="alpha amd64 ia64 ppc sparc x86"
mozilla-thunderbird-bin target KEYWORDS="~amd64 x86"

Hold the stable please it is still masked until Aron looks at it and makes a
call on enigmail support. Sorry I should have announced it when I put it up that
they were in the tree.

Comment 6 Thierry Carrez (RETIRED) 2005-07-14 10:44:34 UTC

Waiting for a more definitive ebuild for TB.
x86 can still test TB-bin though.

Comment 7 Simon Stelling (RETIRED) 2005-07-14 10:51:00 UTC

i guess amd64 too, right? :)

Aight we have made our finall changes to thunderbird-1.0.5 we can go ahead with
marking stable.

Comment 9 Thierry Carrez (RETIRED) 2005-07-14 11:30:29 UTC

Calling back arches...
Anarchy will test for ppc.

blubb: TB-bin is ~amd64 so you don't really need to mark it stable... But you
need to mark TB-not-bin amd64 :)

Comment 10 Carsten Lohrke (RETIRED) 2005-07-14 11:58:25 UTC

*** Bug 99031 has been marked as a duplicate of this bug. ***

PPC is stable you will need to stabilize mozilla-launcher 0.34 before you can
stablize thunderbird this is fine. Aron and Myself has already discussed this
and do not see any problems.

Comment 12 Gustavo Felisberto (RETIRED) 2005-07-14 12:43:55 UTC

I was actually thinking of marking the -bin stable on amd64 as it works very
well. I've already tested the 1.0.5 ond amd64 but i needed that a non ~amd64
user would test and report.

Comment 13 Gustavo Zacarias (RETIRED) 2005-07-14 12:46:54 UTC

I can do the amd64 -bin stable test in about 4 hours when i'm home.

Comment 14 Gustavo Zacarias (RETIRED) 2005-07-14 17:57:50 UTC

sparc stable.
amd64 thunderbird-bin works fine here too (not keywording though since i'm not
on amd64@/authorized/whatever).

Comment 15 Gustavo Felisberto (RETIRED) 2005-07-14 18:38:39 UTC

-bin stable on amd64

Comment 16 Bryan Østergaard (RETIRED) 2005-07-16 16:49:29 UTC

Stable on alpha and ia64.

Comment 17 Thierry Carrez (RETIRED) 2005-07-17 10:36:46 UTC

x86, amd64: please test and mark thunderbird and thunderbird-bin stable
(thunderbird-bin is already done for amd64)

Comment 18 Thierry Carrez (RETIRED) 2005-07-17 10:43:23 UTC

Hmm. Apparently 1.0.5 is quite broken, 1.0.6 should appear early next week.
http://www.mozillazine.org/talkback.html?article=6950

So I would say, stop the stable marking... and waiting for upstream

Comment 19 Richard Freeman 2005-07-17 11:03:34 UTC

I've been running thunderbird (non-bin, 64-bit-compiled) on amd64 for about 24
hours now without issue.

Oddly enough enigmail seems to be working fine - even though it seems like there
are complaints that it shouldn't.  Enigmail is installed as a user-profile
extension (ie not system-wide).

mad64 please mark stable as soon as possible I will handle x86 if noone marks it
by tonight. Enigmail is  NOT suppose to work with thunderbird 1.0.5 but it does
so I do not see this as an issue.

Comment 21 Danny van Dyk (RETIRED) 2005-07-17 11:35:31 UTC

Stable on amd64.

both stable

Comment 23 Thierry Carrez (RETIRED) 2005-07-18 00:58:31 UTC

GLSA 200507-17