Пакет thunderbird-enigmail: Информация

Enigmail is an extension to the mail client of Mozilla / Netscape 7.x
which allows users to access the authentication and encryption features
provided by the popular GnuPG software.
- New version (68.6.0).
- Fixed:
  + CVE-2020-6805 Use-after-free when removing data about origins
  + CVE-2020-6806 BodyStream::OnInputStreamReady was missing protections against state confusion
  + CVE-2020-6807 Use-after-free in cubeb during stream destruction
  + CVE-2020-6811 Devtools' 'Copy as cURL' feature did not fully escape website-controlled data, potentially leading to command injection
  + CVE-2019-20503 Out of bounds reads in sctp_load_addresses_from_init
  + CVE-2020-6812 The names of AirPods with personally identifiable information were exposed to websites with camera or microphone permission
  + CVE-2020-6814 Memory safety bugs fixed in Thunderbird 68.6
- New version (68.5.0).
- Fixed:
  + CVE-2020-6793 Out-of-bounds read when processing certain email messages
  + CVE-2020-6794 Setting a master password post-Thunderbird 52 does not delete unencrypted previously stored passwords
  + CVE-2020-6795 Crash processing S/MIME messages with multiple signatures
  + CVE-2020-6797 Extensions granted downloads.open permission could open arbitrary applications on Mac OSX
  + CVE-2020-6798 Incorrect parsing of template tag could result in JavaScript injection
  + CVE-2020-6792 Message ID calculcation was based on uninitialized data
  + CVE-2020-6800 Memory safety bugs fixed in Thunderbird 68.5
- New version.

Пакет thunderbird-enigmail: Информация

Последнее изменение