Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 84075 - mail-client/mozilla-thunderbird* : 1.0.2 release includes security fixes
Summary: mail-client/mozilla-thunderbird* : 1.0.2 release includes security fixes
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All All
: High major (vote)
Assignee: Gentoo Security
URL: http://www.mozilla.org/projects/secur...
Whiteboard: A2 [glsa]
Keywords:
: 86235 (view as bug list)
Depends on:
Blocks:
 
Reported: 2005-03-04 04:43 UTC by Thierry Carrez (RETIRED)
Modified: 2005-03-25 05:38 UTC (History)
5 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Thierry Carrez (RETIRED) gentoo-dev 2005-03-04 04:43:18 UTC
Will be fixed in upcoming 1.0.1 release :

MFSA 2005-18 Memory overwrite in string library
MFSA 2005-17 Install source spoofing with user:pass@host
Comment 1 Chris Kloosterman 2005-03-21 19:28:24 UTC
Thunderbird 1.0.2 is now out.
Comment 2 Thierry Carrez (RETIRED) gentoo-dev 2005-03-22 00:36:35 UTC
Fixed in 1.0.2 :
MFSA 2005-25 Image drag and drop executable spoofing
MFSA 2005-18 Memory overwrite in string library
MFSA 2005-17 Install source spoofing with user:pass@host
MFSA 2005-15 Heap overflow possible in UTF8 to Unicode conversion

Mozilla team, please bump
Comment 3 Thierry Carrez (RETIRED) gentoo-dev 2005-03-23 09:09:24 UTC
Mozilla-Thunderbird 1.0.2 is in...
Arches, please test and mark mozilla-thunderbird-1.0.2 stable
Comment 4 Olivier Crete (RETIRED) gentoo-dev 2005-03-23 11:39:56 UTC
I can't fetch enigmail from the SRC_URI ... the enigmail download page points to http://www.mozilla-enigmail.org/downloads/src/enigmail-0.90.2.tar.gz
Comment 5 Aron Griffis (RETIRED) gentoo-dev 2005-03-23 13:46:15 UTC
Tester, that url works for me and appears to be correct in the ebuild.
Comment 6 Seemant Kulleen (RETIRED) gentoo-dev 2005-03-23 13:54:10 UTC
x86 is stable -- I committed on brad's behalf earlier.
Comment 7 Brad Laue (RETIRED) gentoo-dev 2005-03-23 22:39:38 UTC
*** Bug 86235 has been marked as a duplicate of this bug. ***
Comment 8 Michael Hanselmann (hansmi) (RETIRED) gentoo-dev 2005-03-24 00:59:42 UTC
Stable on ppc.
Comment 9 Thierry Carrez (RETIRED) gentoo-dev 2005-03-24 01:40:09 UTC
Arches, please test and mark stable:

mozilla-thunderbird-1.0.2: alpha amd64 ia64 sparc
Comment 10 Marcus D. Hanwell (RETIRED) gentoo-dev 2005-03-24 04:24:05 UTC
Stable on amd64, thanks to config for committing as repoman was playing up :)
Comment 11 Jason Wever (RETIRED) gentoo-dev 2005-03-24 19:19:10 UTC
Stable on SPARC.
Comment 12 Thierry Carrez (RETIRED) gentoo-dev 2005-03-25 00:38:00 UTC
alpha and ia64 are already done
Comment 13 Thierry Carrez (RETIRED) gentoo-dev 2005-03-25 05:38:18 UTC
GLSA 200503-32