Sisyphus repository
Last update: 2018-09-25 09:07:56 +0400 | SRPMs: 18655 | Sign in or Sign up
en ru uk br
ALT Linux repositories
hide window
Sisyphus: 52.9.1-alt1
p8: 52.9.1-alt0.M80P.1
p7: 45.6.0-alt0.M70P.1
t7: 45.6.0-alt0.M70P.1
Platform6: 17.0.11-alt0.M60P.1
t6: 17.0.11-alt0.M60P.1
Platform5: 10.0.12-alt0.M50P.1
5.1: 3.1.7-alt0.20110123.M50P.1

Group :: Networking/Mail
Source RPM: thunderbird

 Main   Changelog   Spec   Patches   Sources   Download   Gear   Bugs and FR (20/86)   Repocop 

Current version: 52.9.1-alt1
Built: 3 months ago
Size: 225 MB
Repocop status: info

Home page:   https://www.thunderbird.net

License: MPL/GPL
Summary: Thunderbird is Mozilla's e-mail client
Description:

Thunderbird is Mozilla's next generation e-mail client.
Thunderbird makes emailing safer, faster and easier than
ever before and can also scale to meet the most sophisticated
organizational needs.
The package contains Lightning - an integrated calendar for Thunderbird.

Current maintainer: Alexey Gladkov

List of contributors: ACL: List of rpms provided by this srpm:
  • rpm-build-thunderbird
  • thunderbird
  • thunderbird-debuginfo
  • thunderbird-devel
  • thunderbird-devel-debuginfo
  • thunderbird-enigmail
  • thunderbird-google-calendar
Recent changes (last three changelog entries):

2018-07-11 Andrey Cherepanov <cas at altlinux.org> 52.9.1-alt1

    - New version (52.9.1).
    - Complete fix of the EFAIL vulnerability.

2018-07-04 Andrey Cherepanov <cas at altlinux.org> 52.9.0-alt1

    - New version (52.9.0).
    - Enigmail 2.0.7.
    - Fixes:
    + CVE-2018-12359 Buffer overflow using computed size of canvas element
    + CVE-2018-12360 Use-after-free when using focus()
    + CVE-2018-12372 S/MIME and PGP decryption oracles can be built with HTML emails
    + CVE-2018-12373 S/MIME plaintext can be leaked through HTML reply/forward
    + CVE-2018-12362 Integer overflow in SSSE3 scaler
    + CVE-2018-12363 Use-after-free when appending DOM nodes
    + CVE-2018-12364 CSRF attacks through 307 redirects and NPAPI plugins
    + CVE-2018-12365 Compromised IPC child process can list local filenames
    + CVE-2018-12366 Invalid data handling during QCMS transformations
    + CVE-2018-12368 No warning when opening executable SettingContent-ms files
    + CVE-2018-12374 Using form to exfiltrate encrypted mail part by pressing enter in form field
    + CVE-2018-5188 Memory safety bugs fixed in Firefox 60, Firefox ESR 60.1, Firefox ESR 52.9, and Thunderbird 52.9

2018-05-19 Andrey Cherepanov <cas at altlinux.org> 52.8.0-alt1

    - New version (52.8.0).
    - Enigmail 2.0.4.
    - Fixes:
    + CVE-2018-5183 Backport critical security fixes in Skia
    + CVE-2018-5184 Full plaintext recovery in S/MIME via chosen-ciphertext attack
    + CVE-2018-5154 Use-after-free with SVG animations and clip paths
    + CVE-2018-5155 Use-after-free with SVG animations and text paths
    + CVE-2018-5159 Integer overflow and out-of-bounds write in Skia
    + CVE-2018-5161 Hang via malformed headers
    + CVE-2018-5162 Encrypted mail leaks plaintext through src attribute
    + CVE-2018-5170 Filename spoofing for external attachments
    + CVE-2018-5168 Lightweight themes can be installed without user interaction
    + CVE-2018-5178 Buffer overflow during UTF-8 to Unicode string conversion through legacy extension
    + CVE-2018-5185 Leaking plaintext through HTML forms
    + CVE-2018-5150 Memory safety bugs fixed in Firefox 60, Firefox ESR 52.8, and Thunderbird 52.8
    - Build in several threads.

 
© 2009–2018 Igor Zubkov