-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Tue, 26 Nov 2024 17:19:50 +0100
Source: thunderbird
Architecture: source
Version: 1:128.5.0esr-1
Distribution: unstable
Urgency: medium
Maintainer: Carsten Schoenert <c.schoenert@t-online.de>
Changed-By: Christoph Goehre <chris@sigxcpu.org>
Changes:
thunderbird (1:128.5.0esr-1) unstable; urgency=medium
.
* [d21034a] New upstream version 128.5.0esr
Fixed CVE issues in upstream version 128.5 (MFSA 2024-68):
CVE-2024-11691: Memory corruption in Apple GPU drivers
CVE-2024-11692: Select list elements could be shown over another site
CVE-2024-11693: Download Protections were bypassed by .library-ms files on
Windows
CVE-2024-11694: CSP Bypass and XSS Exposure via Web Compatibility Shims
CVE-2024-11695: URL Bar Spoofing via Manipulated Punycode and Whitespace
Characters
CVE-2024-11696: Unhandled Exception in Add-on Signature Verification
CVE-2024-11697: Improper Keypress Handling in Executable File Confirmation
Dialog
CVE-2024-11698: Fullscreen Lock-Up When Modal Dialog Interrupts Transition
on macOS
CVE-2024-11699: Memory safety bugs fixed in Firefox 133, Thunderbird 133,
Firefox ESR 128.5, and Thunderbird 128.5
Checksums-Sha1:
54cef79d28342379ce15f6e400b9a80243362179 8475 thunderbird_128.5.0esr-1.dsc
8ff2a09e9b28d9587db862b33af7992301829a73 13492684 thunderbird_128.5.0esr.orig-thunderbird-l10n.tar.xz
4cb220dbefd78516fe610a1f52db4ab564036961 698147924 thunderbird_128.5.0esr.orig.tar.xz
f256d4df00c79de20480c51dcfdd59618c718021 547076 thunderbird_128.5.0esr-1.debian.tar.xz
0dda611d3996b3205944a219ca9a78afb42c6100 6997 thunderbird_128.5.0esr-1_source.buildinfo
Checksums-Sha256:
84b3ebb6fbd47a499adfdf11ccb863f59b2e161859d4f3d632442b43657616c4 8475 thunderbird_128.5.0esr-1.dsc
5ce5955146cd20c8d82bd0a02d2e42462e3af3e9f8d64ba3f66b28d0382e5958 13492684 thunderbird_128.5.0esr.orig-thunderbird-l10n.tar.xz
09b4cfbbd38cd9ee0144e249946e98d469b1134ee967b69ee6774b6ed228853b 698147924 thunderbird_128.5.0esr.orig.tar.xz
ed99f2845453e3d084cc8ab08927596246023a89bdb22d0456b96206fe5c9447 547076 thunderbird_128.5.0esr-1.debian.tar.xz
9693e23b151fa9fa0c63c8e4e14fa34c168826c6107a6be52cc23fa5c59e5026 6997 thunderbird_128.5.0esr-1_source.buildinfo
Files:
feb8b55f19b5bb984234b1d2a182f4fb 8475 mail optional thunderbird_128.5.0esr-1.dsc
61ede91f6cf79170ee46d2a1c5c24132 13492684 mail optional thunderbird_128.5.0esr.orig-thunderbird-l10n.tar.xz
bb1917c76dfe6c042221ee70f7d8c93b 698147924 mail optional thunderbird_128.5.0esr.orig.tar.xz
07b554dc4a6fde7acc0db94daecab96d 547076 mail optional thunderbird_128.5.0esr-1.debian.tar.xz
6361580ed0966ea9793c1da6b57444e4 6997 mail optional thunderbird_128.5.0esr-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEi5SBnCVVcKN0tizNJuPIdadEIO8FAmdGLb0ACgkQJuPIdadE
IO8qHA/+NWnRx9OES4HgPs1GA0Dbc6NB56+RDnLgaxd8OsFtgQFMXmUsGalW5r6b
LyP+rrKFQbpWBLoND664wEm54zyWgceh3pLLg2TmIiU6hgDfyPh3C6vGyRCmMZA0
kJn9bcOXfJiNLFToniRyz88D7f5B8/Fk5KxP9JAaHf+47pOTVPGFJkeEOYKo7+3X
p8B3j58ZDghbzh30qFH2yAyQZQapPHVFXw20IwT1OWVyNf2JADy2P7nSz2QEEl8k
o5B9ISmzqGMnl7LfMMPheWnOrzCqsLcQUr9MRwRziX9mDGept2Tx1LheSn+LW1Ls
TiwOIzRfAh8C0OozgsVIWUhXvfVf/lB4t0ZEgKkxXR2e1ayCwzeputoAXjjEi3Bv
BfQF6EivF3zJeczcqzSrTBHURwKAYba0aYoyHjcV3zKAtt34XIL3HUYuPxVbwLeQ
Zgc3ybwEpiMaWDYdQjTOBGp2gduXbmV3iIaPEsP3oZ4eSwBxTgnUVv56q+MLOAjY
bFpjvRCnvVAA8QSkOKHTUlLzzTKmdG/duFWt3+ftlr4qnK/BFKg/qlSl+Cz7JpbR
0kVYbfhrQQzscVoQLChdWpufv4RA3h0WR4J6AG51DBgDDsxWSOWaswTfzctlGs4Z
GHIl0RZD52vAACZF0cXUu+u9a1sz487IpewC+EFN/G/eIrzn6C4=
=dA5Q
-----END PGP SIGNATURE-----
