Пакет thunderbird: Информация

  • Default inline alert: Собрана новая версия пакета

    № Задания: #282378
    Собран: 11 августа 2021 г. 9:30
    Новая версия: 78.13.0-alt1
Бинарный пакет: thunderbird
Версия: 78.2.1-alt1
Архитектура: armh
Собран:  2 сентября 2020 г. 22:01 в задании #257193
Исходный пакет: thunderbird
Категория: Сети/Почта
Сообщить об ошибке в пакете
Gear: https://git.altlinux.org/gears/t/thunderbird.git?a=tree;hb=464c5…
Загрузка: thunderbird-78.2.1-alt1.armh.rpm
Лог сборки: https://git.altlinux.org/tasks/257193/build/200/armh/log
Домашняя страница: https://www.thunderbird.net
Лицензия: MPL-2.0
О пакете: Thunderbird is Mozilla's e-mail client
Описание: 
Thunderbird is Mozilla's next generation e-mail client.
Thunderbird makes emailing safer, faster and easier than
ever before and can also scale to meet the most sophisticated
organizational needs.
The package contains Lightning - an integrated calendar for Thunderbird.
Сопровождающий: Andrey Cherepanov
Список участников:
Andrey Cherepanov
Aleksei Nikiforov
Gleb Fotengauer-Malinovskiy
Paul Wolneykien
Anton Farygin
Vladimir Didenko
Alexey Gladkov
Alexey Morozov
Права:
Pavel Vasenkov
Andrey Cherepanov
@everybody

Последнее изменение

2 сентября 2020 г. Andrey Cherepanov 78.2.1-alt1
- New version (78.2.1).
- Fixes:
  + CVE-2020-15663 Downgrade attack on the Mozilla Maintenance Service could have resulted in escalation of privilege
  + CVE-2020-15664 Attacker-induced prompt for extension installation
  + CVE-2020-15670 Memory safety bugs fixed in Thunderbird 78.2
- Build without thunderbird-enigmail because this extension is not compatible
  with Thunderbird 78.x.
18 августа 2020 г. Aleksei Nikiforov 78.1.1-alt1
- Updated to upstream version 78.1.1 (thx to cas@ and sbolshakov@).
- Fixes:
  + CVE-2020-15652 Potential leak of redirect targets when loading scripts in a worker
  + CVE-2020-6514 WebRTC data channel leaks internal address to peer
  + CVE-2020-15655 Extension APIs could be used to bypass Same-Origin Policy
  + CVE-2020-15653 Bypassing iframe sandbox when allowing popups
  + CVE-2020-6463 Use-after-free in ANGLE gl::Texture::onUnbindAsSamplerTexture
  + CVE-2020-15656 Type confusion for special arguments in IonMonkey
  + CVE-2020-15658 Overriding file type when saving to disk
  + CVE-2020-15657 DLL hijacking due to incorrect loading path
  + CVE-2020-15654 Custom cursor can overlay user interface
  + CVE-2020-15659 Memory safety bugs fixed in Thunderbird 78.1
21 июля 2020 г. Andrey Cherepanov 78.0-alt1
- New version (78.0).
- Fixes:
  + CVE-2020-12415 AppCache manifest poisoning due to url encoded character processing
  + CVE-2020-12416 Use-after-free in WebRTC VideoBroadcaster
  + CVE-2020-12417 Memory corruption due to missing sign-extension for ValueTags on ARM64
  + CVE-2020-12418 Information disclosure due to manipulated URL object
  + CVE-2020-12419 Use-after-free in nsGlobalWindowInner
  + CVE-2020-12420 Use-After-Free when trying to connect to a STUN server
  + CVE-2020-15648 X-Frame-Options bypass using object or embed tags
  + CVE-2020-12402 RSA Key Generation vulnerable to side-channel attack
  + CVE-2020-12421 Add-On updates did not respect the same certificate trust rules as software updates
  + CVE-2020-12422 Integer overflow in nsJPEGEncoder::emptyOutputBuffer
  + CVE-2020-12423 DLL Hijacking due to searching %PATH% for a library
  + CVE-2020-12424 WebRTC permission prompt could have been bypassed by a compromised content process
  + CVE-2020-12425 Out of bound read in Date.parse()
  + CVE-2020-12426 Memory safety bugs fixed in Thunderbird 78
- Build with bundled languages: kk, ru, uk.
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Версия: v24.5.1
Наверх