-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 01 Nov 2019 20:36:59 +0100 Source: thunderbird Architecture: source Version: 1:68.2.1-1 Distribution: unstable Urgency: medium Maintainer: Carsten Schoenert <c.schoenert@t-online.de> Changed-By: Carsten Schoenert <c.schoenert@t-online.de> Closes: 921258 925841 941290 Changes: thunderbird (1:68.2.1-1) unstable; urgency=medium . [ intrigeri ] * [c48e2cb] AppArmor: update profile from upstream at commit a27a1a5 (Closes: #941290) . [ Carsten Schoenert ] * [98497ae] New upstream version 68.2.0 Fixed CVE issues in upstream version 68.2 (MFSA 2019-35): CVE-2019-15903: Heap overflow in expat library in XML_GetCurrentLineNumber CVE-2019-11757: Use-after-free when creating index updates in IndexedDB CVE-2019-11758: Potentially exploitable crash due to 360 Total Security CVE-2019-11759: Stack buffer overflow in HKDF output CVE-2019-11760: Stack buffer overflow in WebRTC networking CVE-2019-11761: Unintended access to a privileged JSONView object CVE-2019-11762: document.domain-based origin isolation has same-origin-property violation CVE-2019-11763: Incorrect HTML parsing results in XSS bypass technique CVE-2019-11764: Memory safety bugs fixed in Thunderbird 68.2 (Closes: #925841) * [a104c51] d/control: increase Standards-Version to 4.4.1 * [6c9d012] xul-ext-dispmua: set current min usable version * [b3bf16f] New upstream version 68.2.1 * [8f89b90] d/control: decrease build architecture list Decreasing the current list of build architectures. Not meant to keep this forever, removed RC architectures needing support and volunteering to get them back. (Closes: #921258) Checksums-Sha1: 90c44d7ad3344abfdcff315eb7ec63e75e3d0b4d 8389 thunderbird_68.2.1-1.dsc 757cc811d7f8a8abc5719d272fbc7c67938f28b2 1008608 thunderbird_68.2.1.orig-lightning-l10n.tar.xz 430be41f77d58aa1d88f4effda326d4e62aee8cb 10012636 thunderbird_68.2.1.orig-thunderbird-l10n.tar.xz 259eaf2092e769fa03aa0cc2526bbcc5460061dc 354953676 thunderbird_68.2.1.orig.tar.xz 18fa4f66d0d764b770280fcea937717341e547bf 554984 thunderbird_68.2.1-1.debian.tar.xz f22e41b3103332ad7e22465ca8a03872c3143d66 35845 thunderbird_68.2.1-1_amd64.buildinfo Checksums-Sha256: c453dd1eece9ea40700afb31cdadb0cec78ecd89f5732a4f4b2bb847357b2648 8389 thunderbird_68.2.1-1.dsc 44173319ae01f4a94cdf13b80fa452603423157f647a150cfce8ae0e162120a2 1008608 thunderbird_68.2.1.orig-lightning-l10n.tar.xz 8a5c2d5d51a5dcc437dfb635d7bf95720ae570d2ea2cdc64adcdb7169bbcd326 10012636 thunderbird_68.2.1.orig-thunderbird-l10n.tar.xz a75d1f58e816f094d5a861bc466d306feff50b9cdda7466096910e1e2f48494f 354953676 thunderbird_68.2.1.orig.tar.xz aa9e7a4e9f8523d8d7765dd980d2ed0892a0b8ceae4f02af617eaf67a48cb7cd 554984 thunderbird_68.2.1-1.debian.tar.xz 7c24d2b3efd3c4dc67c21d1afc1fb6b8145af8fe032114815711cba2bb0bd3a7 35845 thunderbird_68.2.1-1_amd64.buildinfo Files: 2901a98dfcb7be877f40e39877b49ba8 8389 mail optional thunderbird_68.2.1-1.dsc 34c6a492d1011864c88e303b11d01591 1008608 mail optional thunderbird_68.2.1.orig-lightning-l10n.tar.xz 0f9c01b54ef547fbdc1e2f6a37f6fa10 10012636 mail optional thunderbird_68.2.1.orig-thunderbird-l10n.tar.xz bbc27f815280e53a8ab80c9791dda736 354953676 mail optional thunderbird_68.2.1.orig.tar.xz eff99816d8437af9fbe55949c7d49faa 554984 mail optional thunderbird_68.2.1-1.debian.tar.xz 60302fc83d9430dfab4c07c8d6263eaa 35845 mail optional thunderbird_68.2.1-1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQJMBAEBCgA2FiEEtw38bxNP7PwBHmKqgwFgFCUdHbAFAl29XdQYHGMuc2Nob2Vu ZXJ0QHQtb25saW5lLmRlAAoJEIMBYBQlHR2w6q8P/RBG5EyGk/xpBit7VtbH2gcK hJg72pLfySzGXuV2nWEiMTI/d3YaA5PQM7nRiuYHbEKkaobBE9WKlEQe+BCb3xfU vFFr3rSjl7UPQW6jDHZxi+Hd94h5n/phmpF5ddfUm3UwYZJD5jtZ1l7dOFSX1YEW gj2JnSvSZ7q77hIYZKOhRpDdTHVqPPJdOs9cqUkUk14nkGHZ2Chtnw14hjt+28/1 sbkxXhPnxUq4Bnp6jnjcrSkewYohPmqABVxMybPVziLC03CWzZu9N4o4gEFkyZC4 VmNIf/LL1CVZIu6+9TIZKJ3jHePlG6cQqTH6y8nZfpP4djeCwpZliJqhfZc0slZa W/kQVhuMnPsFcDteF8GGQxakD2D4TMsv9yanLtweePnOHxrH7vaL5fxTIzzUbx6O NvPHIoQ1z3Zwnjygs/FNTE931Np4YuQDFnMDgmfFXJH7Dk9C0sYEpv4375ulnAJC oJmcnjTiuvJCBYfwyu/ckDYXQri2h2nnMdpzftLtxmoxqem5qMUa665rRF95wcjE asw22ittmajahgE0tOiBnxtH+M2AuthWo9c/EQJIn8Y6F20l0HCBJmnVOb/BVSBu 99RAfzHo/P2YOCLHTRM2WXhHdV+4kRFfF2ubHyQjsFRBoyhvcPsrS4uP420Ki2Kd gze3SYqjvuQnIWSCsfxR =ydFq -----END PGP SIGNATURE-----
