-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Thu, 09 Jan 2025 10:54:20 +0100
Source: thunderbird
Architecture: source
Version: 1:128.6.0esr-1
Distribution: unstable
Urgency: medium
Maintainer: Carsten Schoenert <c.schoenert@t-online.de>
Changed-By: Christoph Goehre <chris@sigxcpu.org>
Changes:
thunderbird (1:128.6.0esr-1) unstable; urgency=medium
.
* [996cbfa] New upstream version 128.6.0esr
Fixed CVE issues in upstream version 128.6 (MFSA 2025-05):
CVE-2025-0237: WebChannel APIs susceptible to confused deputy attack
CVE-2025-0238: Use-after-free when breaking lines in text
CVE-2025-0239: Alt-Svc ALPN validation failure when redirected
CVE-2025-0240: Compartment mismatch when parsing JavaScript JSON module
CVE-2025-0241: Memory corruption when using JavaScript Text Segmentation
CVE-2025-0242: Memory safety bugs fixed in Firefox 134, Thunderbird 134,
Firefox ESR 115.19, Firefox ESR 128.6, Thunderbird 115.19
and Thunderbird 128.6
CVE-2025-0243: Memory safety bugs fixed in Firefox 134, Thunderbird 134,
Firefox ESR 128.6 and Thunderbird 128.6
* [1d10b3c] rebuild patch queue from patch-queue branch
obsolete patches (fixed upstream):
fixes/Fix-python-virtual-environment-sysconfig-path-calculation.patch
Checksums-Sha1:
fd71e1c711bc4947e372a304dea6bb2a085b4c7e 8475 thunderbird_128.6.0esr-1.dsc
a9cac35b99af0b53a3107d319e04d8d24b5eb96c 13489360 thunderbird_128.6.0esr.orig-thunderbird-l10n.tar.xz
a4e40f504429b9d22a0e4ff3e31889ae9fb53bce 697901832 thunderbird_128.6.0esr.orig.tar.xz
96d3321b20c2888503d0265bc6a3f767cac83632 547420 thunderbird_128.6.0esr-1.debian.tar.xz
65f33d1d31beec04128dc248765525f80796d8a4 6554 thunderbird_128.6.0esr-1_source.buildinfo
Checksums-Sha256:
cb8ceb068f20d6702a4c5d32870f519d6847bcdb8dd79d69b4ff17dc20bc7375 8475 thunderbird_128.6.0esr-1.dsc
e00eed4a022fad76c862bfeec5f5f03ea02e6c2ace0f4c51a4fc98202b4669e9 13489360 thunderbird_128.6.0esr.orig-thunderbird-l10n.tar.xz
5a0eb837d399eb85f7c2eb6cf3788110f9d0c7e584d1b6c6497700bcb7500a5b 697901832 thunderbird_128.6.0esr.orig.tar.xz
ea99c8867d459751f68dfdf236804e1dba8c3ab5dacbf6053e357ce7618e9958 547420 thunderbird_128.6.0esr-1.debian.tar.xz
6be809438e4cc3d1795ae9cd8bf50d41c0027a56ce97203117df639bc868f57c 6554 thunderbird_128.6.0esr-1_source.buildinfo
Files:
e4ee717b6167ae2eb412a203aa8e7ebe 8475 mail optional thunderbird_128.6.0esr-1.dsc
ccb354a3a11cc31eacd51b4f76d1fb86 13489360 mail optional thunderbird_128.6.0esr.orig-thunderbird-l10n.tar.xz
2b7bd206683dc2e0ac386bf7bd060836 697901832 mail optional thunderbird_128.6.0esr.orig.tar.xz
29bc9562c2178eb814dd731ecef1da59 547420 mail optional thunderbird_128.6.0esr-1.debian.tar.xz
f1bac7d944e7bf209a0bd4428097aacd 6554 mail optional thunderbird_128.6.0esr-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEi5SBnCVVcKN0tizNJuPIdadEIO8FAmd//84ACgkQJuPIdadE
IO+l/BAAhF8A1yzlzn4wICDoNHBc+764zCfPR2l6olrORqFeTcLDzrQrbfrt2E24
m4O2ZA5FGV1y1F/yYLnmWsYrbULv6i6xf8fomauISYpNk1y8bxMVYBJxfrfPWtBu
B+DA/08ikaaX4uGeJu/yv89XPlCtZH0KVyuPzk3U+vGqhzXwyQQGuoNWo63a2EWY
JSpRYZ1UVx4XqrE1a3vjWhHNRF+i5vNRCqGiEZ6eLJZz6Mlw4LshThpEiTR72k13
hezQkNM8YuXgOg3RWeGqIeH+C5/pvw8Gv0PbiWl+CaeUYrnJia1xZyqCMsEYvDwy
FRKnpBk3F91cwa8XXvF7Uu54kfWac8MV93wwD4UJCqhWqycCfihqljZtckOmjt0o
gKKnk+MDyN441kOZqdyjpR2YujLkNcKDQjrr7+wtwarNk8+7MDNP7PpN7DPh3z/c
Z1QrnG2JVxjmSJuHmLD8omRhPHlk4Wni0THKmYGgLBUgA4lBYZT4/0rs7aXx+yQb
uhBKzPSJNB9yvCYYyEAzIQDcrJGPks4pSOIc3dzJz3dXBB27OCrfuQ9bfRli6dQ/
c+50ADO9yu82IoaKp2tR0v/JYb3iODhJ80+FrBh1/WSJvPhzJTCG4JnZb8ALhsnR
wxKOMmnWMrpBnQdggHK/MdgwuODD/0Q34MM1YTUTaLtBXrPwUCk=
=uGQM
-----END PGP SIGNATURE-----
