Summary: | <mail-client/thunderbird{,-bin}-52.5.0: multiple vulnerabilities | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Frank Krömmelbein <kroemmelbein> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | ap, mozilla |
Priority: | Normal | Flags: | stable-bot:
sanity-check-
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B2 [glsa+ cve blocked] | ||
Package list: |
=mail-client/thunderbird-52.5.0
|
Runtime testing required: | --- |
Bug Depends on: | 641764, 645820 | ||
Bug Blocks: | 627376 |
Description
Frank Krömmelbein
2017-11-28 09:55:38 UTC
(In reply to Frank Krömmelbein from comment #0) > https://www.mozilla.org/en-US/security/advisories/mfsa2017-26/ Thank you for the report Frank, @Maintainers please call for stabilization when ready. Thanks The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=96b0f1c18b9d36f28addda1a8895988f6350d5e1 commit 96b0f1c18b9d36f28addda1a8895988f6350d5e1 Author: Ian Stakenvicius <axs@gentoo.org> AuthorDate: 2017-11-29 17:43:22 +0000 Commit: Ian Stakenvicius <axs@gentoo.org> CommitDate: 2017-11-29 17:44:33 +0000 mail-client/thunderbird-bin: bump to 52.5.0 Bumped directly to stable by maintainers for security Bug: http://bugs.gentoo.org/639048 Package-Manager: Portage-2.3.13, Repoman-2.3.3 mail-client/thunderbird-bin/Manifest | 118 ++++++++++----------- ...52.4.0.ebuild => thunderbird-bin-52.5.0.ebuild} | 7 +- 2 files changed, 62 insertions(+), 63 deletions(-)} Ebuilds are in the tree now. mail-client/thunderbird-bin-52.5.0 has been committed directly to stable. mail-client/thunderbird-52.5.0 requires x11-plugins/enigmail-1.9.8.3-r1 to also be stabilized to adopt improved way the enigmail extension is being installed and loaded by thunderbird. Maybe add arches? @ Arches, please test and mark stable: =mail-client/thunderbird-52.5.0 =x11-plugins/enigmail-1.9.8.3-r1 x86 stable amd64 stable @ Remaining arches: Please pick up newer >=x11-plugins/enigmail-1.9.9 via bug 641764. ppc / ppc64 , would you like to drop stable keywords on this package? The last one that was stabilized was 45.8.0 which has long been unsupported security-wise. (In reply to Ian Stakenvicius from comment #9) > ppc / ppc64 , would you like to drop stable keywords on this package? The > last one that was stabilized was 45.8.0 which has long been unsupported > security-wise. +1 @ppc/ppc64, how would you like to proceed? ppc stable An automated check of this bug failed - the following atom is unknown: mail-client/thunderbird-52.5.0 Please verify the atom list. This issue was resolved and addressed in GLSA 201803-14 at https://security.gentoo.org/glsa/201803-14 by GLSA coordinator Aaron Bauman (b-man). |