Summary: | mail-client/mozilla-thunderbird* : 1.0.2 release includes security fixes | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Thierry Carrez (RETIRED) <koon> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | major | CC: | bugz07, mozilla, omschaub, rusxakep, smithj |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | All | ||
URL: | http://www.mozilla.org/projects/security/known-vulnerabilities.html | ||
Whiteboard: | A2 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Thierry Carrez (RETIRED)
2005-03-04 04:43:18 UTC
Thunderbird 1.0.2 is now out. Fixed in 1.0.2 : MFSA 2005-25 Image drag and drop executable spoofing MFSA 2005-18 Memory overwrite in string library MFSA 2005-17 Install source spoofing with user:pass@host MFSA 2005-15 Heap overflow possible in UTF8 to Unicode conversion Mozilla team, please bump Mozilla-Thunderbird 1.0.2 is in... Arches, please test and mark mozilla-thunderbird-1.0.2 stable I can't fetch enigmail from the SRC_URI ... the enigmail download page points to http://www.mozilla-enigmail.org/downloads/src/enigmail-0.90.2.tar.gz Tester, that url works for me and appears to be correct in the ebuild. x86 is stable -- I committed on brad's behalf earlier. *** Bug 86235 has been marked as a duplicate of this bug. *** Stable on ppc. Arches, please test and mark stable: mozilla-thunderbird-1.0.2: alpha amd64 ia64 sparc Stable on amd64, thanks to config for committing as repoman was playing up :) Stable on SPARC. alpha and ia64 are already done GLSA 200503-32 |