-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Fri, 08 Feb 2008 10:52:28 +0100 Source: icedove Binary: icedove-inspector icedove-dev thunderbird-dbg thunderbird-inspector icedove-typeaheadfind mozilla-thunderbird-typeaheadfind icedove-dbg thunderbird-gnome-support thunderbird-typeaheadfind icedove mozilla-thunderbird-inspector icedove-gnome-support thunderbird mozilla-thunderbird-dev thunderbird-dev mozilla-thunderbird Architecture: source amd64 all Version: 1.5.0.13+1.5.0.15b.dfsg1-0etch1 Distribution: stable-security Urgency: low Maintainer: Alexander Sack <asac@debian.org> Changed-By: Alexander Sack <asac@debian.org> Description: icedove - free/unbranded thunderbird mail client icedove-dbg - debugging symbols for icedove/thunderbird icedove-dev - development files for icedove/thunderbird icedove-gnome-support - GNOME support package for icedove/thunderbird icedove-inspector - DOM inspector extension for icedove/thunderbird icedove-typeaheadfind - typeaheadfind extension for icedove/thunderbird mozilla-thunderbird - Transition package for icedove rename mozilla-thunderbird-dev - Transition package for icedove-dev rename mozilla-thunderbird-inspector - Transition package for icedove-inspector rename mozilla-thunderbird-typeaheadfind - Transition package for icedove-typeaheadfind rename thunderbird - Transition package for icedove rename thunderbird-dbg - Transition package for icedove-dbg rename thunderbird-dev - Transition package for icedove-dev rename thunderbird-gnome-support - Transition package for icedove-gnome-support rename thunderbird-inspector - Transition package for icedove-inspector rename thunderbird-typeaheadfind - Transition package for icedove-typeaheadfind rename Changes: icedove (1.5.0.13+1.5.0.15b.dfsg1-0etch1) stable-security; urgency=low . [ Alexander Sack ] * security/stability update 1.5.0.13 + 1.5.0.15 (prepatch backports for v2.0.0.12) * MFSA 2008-01 aka CVE-2008-0412: Crashes with evidence of memory corruption v1.8.1.12 (Browser crashes) * MFSA 2008-01 aka CVE-2008-0413: Crashes with evidence of memory corruption v1.8.1.12 (javascript crashes) * MFSA 2008-02 aka CVE-2008-0414: Multiple file input focus stealing vulnerabilities: 1. Focus shifting bugs and 2. Selective keystroke blocking bugs * MFSA 2008-03 aka CVE-2008-0415: Privilege escalation, XSS, Remote Code Execution (JavaScript privilege escalation bugs) * MFSA 2008-04 aka CVE-2008-0417: Stored password corruption * MFSA 2008-05 aka CVE-2008-0418: Directory traversal via chrome: URI * MFSA 2008-06 aka CVE-2008-0419: Web browsing history and forward navigation stealing * MFSA 2008-08 aka CVE-2008-0591: File action dialog tampering * MFSA 2008-09 aka CVE-2008-0592: Mishandling of locally-saved plain text files * MFSA 2008-10 aka CVE-2008-0593: URL token stealing via stylesheet redirect * MFSA 2008-11 aka CVE-2008-0594: Web forgery overwrite with div overlay Files: 47d17cda0ae1ec315855f996e37a0ee2 1934 mail optional icedove_1.5.0.13+1.5.0.15b.dfsg1-0etch1.dsc b1a02873d5e320b1a208dbffc256baee 35174191 mail optional icedove_1.5.0.13+1.5.0.15b.dfsg1.orig.tar.gz c8a2dd2880fd468314e00a3dcdc9713a 640166 mail optional icedove_1.5.0.13+1.5.0.15b.dfsg1-0etch1.diff.gz 2ccb02753ddc07f672554b7cb0fcfc86 12176086 mail optional icedove_1.5.0.13+1.5.0.15b.dfsg1-0etch1_amd64.deb ff2443c7df9dff331f9f54050c191a88 196082 mail optional icedove-inspector_1.5.0.13+1.5.0.15b.dfsg1-0etch1_amd64.deb 63a6d9b1e0d24dd0c19ba12472a353df 52482 mail optional icedove-gnome-support_1.5.0.13+1.5.0.15b.dfsg1-0etch1_amd64.deb 70d41408a7964be8d214b83c52f873d8 29066 mail optional thunderbird-gnome-support_1.5.0.13+1.5.0.15b.dfsg1-0etch1_all.deb 7a29b7ebb0148d1dc10cf3184791de68 61508 mail optional icedove-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1-0etch1_amd64.deb 7f2501ff09f24d2a4fa384d531969897 3678346 mail optional icedove-dev_1.5.0.13+1.5.0.15b.dfsg1-0etch1_amd64.deb f56252c61054eae347480d45fb3e845f 51479136 mail optional icedove-dbg_1.5.0.13+1.5.0.15b.dfsg1-0etch1_amd64.deb 620536610d06e9062eb8760cde3d990c 29042 mail optional thunderbird-dbg_1.5.0.13+1.5.0.15b.dfsg1-0etch1_all.deb 32015cf440db3318d6459f6c60a17792 29032 mail optional thunderbird_1.5.0.13+1.5.0.15b.dfsg1-0etch1_all.deb ce479eb792bfef00ae3161fd0d157a61 29050 mail optional mozilla-thunderbird_1.5.0.13+1.5.0.15b.dfsg1-0etch1_all.deb 3d934b7f3583e3a04a0bd193e45a3fa6 29070 mail optional mozilla-thunderbird-inspector_1.5.0.13+1.5.0.15b.dfsg1-0etch1_all.deb 75b83c322479e095016108453ff7e862 29054 mail optional thunderbird-inspector_1.5.0.13+1.5.0.15b.dfsg1-0etch1_all.deb b98a074d7074c155a6ba1df263419376 29074 mail optional mozilla-thunderbird-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1-0etch1_all.deb cbae212a095f4aac3b30443328b5ad85 29072 mail optional thunderbird-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1-0etch1_all.deb 6665f3ce45a1c320dd55891bceb16f14 29048 mail optional thunderbird-dev_1.5.0.13+1.5.0.15b.dfsg1-0etch1_all.deb 156f796fe78bbebda0b7e25fcf5dbe54 29060 mail optional mozilla-thunderbird-dev_1.5.0.13+1.5.0.15b.dfsg1-0etch1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iQIVAwUBR6xLPaBE/gcUDGZkAQIBhQ//aZzsa1i0nJOe7g19xNYBS3BVLJgFtgM0 yqVDaSaGOX6SqZg5zt5wl0jjolK8e3SOu5fGBTPOoUPwSMbuYgY73S8ObWogtOuz fxFjYSKEN6COhJRY5tAJBIK6pfo44j71g11LFjIfbrqi+1rXtQEN9fb63XvOg54G yifGq6NAlAghkpKwtRTJJ5N7HeZirvRw57Yu+70VTGIXlBqqcxZ/gPjDQF9nwan2 SHgAZF4GAI2rehvufeXhi4uW7oT1W2wuBsoQkWSIDmDws3QPRsgSD4rJ4058Zchr tJoMjYbC1+EjjfLHh10nloJH1PdywG4s4o6kF2k+zWiSLyv+5ymaHAYfeB+CBuwt U6cwWXQhOq9ranokKwmz6ZZG6aysiIcdpCGxrPvW+FP+dD++A9T/KmT/30+2Mx7n 3AaFEYYZzsxYWH76QJLZdKANLljFqgUoQfoLVDPJVgmImsOu61A5bLCp8Vs0bgZT iW5zj3ZCMZ+cM2l0y+3Ib8ghWbpreqmIv10auRvbtnNKGeZM7J047OvH6dI2n8cm f+dMJUgqxhpfFWjC1YY8ZzaCkJZbvKxu4gN+JYGDdTTZvndECijHjU5ntjs0z+Kt P1hWa/vye3aN/ujhLLpWrrmaBAkx8vA6V77fTe88q6LRLvQNBTX1BIuv7f0Pmebw gwuU5xGuVEg= =3U7y -----END PGP SIGNATURE----- Accepted: icedove-dbg_1.5.0.13+1.5.0.15b.dfsg1-0etch1_amd64.deb to pool/main/i/icedove/icedove-dbg_1.5.0.13+1.5.0.15b.dfsg1-0etch1_amd64.deb icedove-dev_1.5.0.13+1.5.0.15b.dfsg1-0etch1_amd64.deb to pool/main/i/icedove/icedove-dev_1.5.0.13+1.5.0.15b.dfsg1-0etch1_amd64.deb icedove-gnome-support_1.5.0.13+1.5.0.15b.dfsg1-0etch1_amd64.deb to pool/main/i/icedove/icedove-gnome-support_1.5.0.13+1.5.0.15b.dfsg1-0etch1_amd64.deb icedove-inspector_1.5.0.13+1.5.0.15b.dfsg1-0etch1_amd64.deb to pool/main/i/icedove/icedove-inspector_1.5.0.13+1.5.0.15b.dfsg1-0etch1_amd64.deb icedove-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1-0etch1_amd64.deb to pool/main/i/icedove/icedove-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1-0etch1_amd64.deb icedove_1.5.0.13+1.5.0.15b.dfsg1-0etch1.diff.gz to pool/main/i/icedove/icedove_1.5.0.13+1.5.0.15b.dfsg1-0etch1.diff.gz icedove_1.5.0.13+1.5.0.15b.dfsg1-0etch1.dsc to pool/main/i/icedove/icedove_1.5.0.13+1.5.0.15b.dfsg1-0etch1.dsc icedove_1.5.0.13+1.5.0.15b.dfsg1-0etch1_amd64.deb to pool/main/i/icedove/icedove_1.5.0.13+1.5.0.15b.dfsg1-0etch1_amd64.deb icedove_1.5.0.13+1.5.0.15b.dfsg1.orig.tar.gz to pool/main/i/icedove/icedove_1.5.0.13+1.5.0.15b.dfsg1.orig.tar.gz mozilla-thunderbird-dev_1.5.0.13+1.5.0.15b.dfsg1-0etch1_all.deb to pool/main/i/icedove/mozilla-thunderbird-dev_1.5.0.13+1.5.0.15b.dfsg1-0etch1_all.deb mozilla-thunderbird-inspector_1.5.0.13+1.5.0.15b.dfsg1-0etch1_all.deb to pool/main/i/icedove/mozilla-thunderbird-inspector_1.5.0.13+1.5.0.15b.dfsg1-0etch1_all.deb mozilla-thunderbird-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1-0etch1_all.deb to pool/main/i/icedove/mozilla-thunderbird-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1-0etch1_all.deb mozilla-thunderbird_1.5.0.13+1.5.0.15b.dfsg1-0etch1_all.deb to pool/main/i/icedove/mozilla-thunderbird_1.5.0.13+1.5.0.15b.dfsg1-0etch1_all.deb thunderbird-dbg_1.5.0.13+1.5.0.15b.dfsg1-0etch1_all.deb to pool/main/i/icedove/thunderbird-dbg_1.5.0.13+1.5.0.15b.dfsg1-0etch1_all.deb thunderbird-dev_1.5.0.13+1.5.0.15b.dfsg1-0etch1_all.deb to pool/main/i/icedove/thunderbird-dev_1.5.0.13+1.5.0.15b.dfsg1-0etch1_all.deb thunderbird-gnome-support_1.5.0.13+1.5.0.15b.dfsg1-0etch1_all.deb to pool/main/i/icedove/thunderbird-gnome-support_1.5.0.13+1.5.0.15b.dfsg1-0etch1_all.deb thunderbird-inspector_1.5.0.13+1.5.0.15b.dfsg1-0etch1_all.deb to pool/main/i/icedove/thunderbird-inspector_1.5.0.13+1.5.0.15b.dfsg1-0etch1_all.deb thunderbird-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1-0etch1_all.deb to pool/main/i/icedove/thunderbird-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1-0etch1_all.deb thunderbird_1.5.0.13+1.5.0.15b.dfsg1-0etch1_all.deb to pool/main/i/icedove/thunderbird_1.5.0.13+1.5.0.15b.dfsg1-0etch1_all.deb