-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Mon, 13 Sep 2010 17:33:45 +0200 Source: icedove Binary: icedove icedove-dev icedove-dbg Architecture: source amd64 Version: 3.0.7-1 Distribution: unstable Urgency: high Maintainer: Alexander Sack <asac@debian.org> Changed-By: Christoph Goehre <chris@sigxcpu.org> Description: icedove - mail/news client with RSS and integrated spam filter support icedove-dbg - Debug Symbols for Icedove icedove-dev - Development files for Icedove Changes: icedove (3.0.7-1) unstable; urgency=high . * New Upstream Version - MFSA 2010-49 aka CVE-2010-3169: Miscellaneous memory safety hazards (rv:1.9.2.9/ 1.9.1.12) - MFSA 2010-50 aka CVE-2010-2765: Frameset integer overflow vulnerability - MFSA 2010-51 aka CVE-2010-2767: Dangling pointer vulnerability using DOM plugin array - MFSA 2010-53 aka CVE-2010-3166: Heap buffer overflow in nsTextFrameUtils::TransformText - MFSA 2010-54 aka CVE-2010-2760: Dangling pointer vulnerability in nsTreeSelection - MFSA 2010-55 aka CVE-2010-3168: XUL tree removal crash and remote code execution - MFSA 2010-56 ala CVE-2010-3167: Dangling pointer vulnerability in nsTreeContentView - MFSA 2010-57 aka CVE-2010-2766: Crash and remote code execution in normalizeDocument - MFSA 2010-60 aka CVE-2010-2763: XSS using SJOW scripted function - MFSA 2010-61 aka CVE-2010-2768: UTF-7 XSS by overriding document charset using <object> type attribute - MFSA 2010-62 aka CVE-2010-2769: Copy-and-paste or drag-and-drop into designMode document allows XSS - MFSA 2010-63 aka CVE-2010-2764: Information leak via XMLHttpRequest statusText * [1bf1dab] rebuild patch queue from patch-queue branch added patches: - 0057-Calculate-negotiate-auth-token-length-after-removing.patch - 0058-Fix-unaligned-reads-in-qcms.patch Checksums-Sha1: 318c9b776ef05d9f36301df1db441e4e4a0afed7 1845 icedove_3.0.7-1.dsc 927acedd8513173e618974d04fe042740e35755d 51858120 icedove_3.0.7.orig.tar.bz2 8bee582b22a995ff13a8c1efbb7626b859dfbe92 365016 icedove_3.0.7-1.debian.tar.gz fd01c8d7b04a62a3710bd9fc499a0ea15f64ce95 12467408 icedove_3.0.7-1_amd64.deb 1a77705b33848ca6ebfb4b27d3b137ee1c75e41a 5750378 icedove-dev_3.0.7-1_amd64.deb 1da918e2e91e3a772fbe1c8ad416299186163e2b 67862098 icedove-dbg_3.0.7-1_amd64.deb Checksums-Sha256: eedaaf77e6a5f7a468f9fddcc14ca1136ef0d16c4fa4c0100bf2ef3489006d51 1845 icedove_3.0.7-1.dsc 3d9b1253d87d696d1f0f964a304d7f83476a53a5718ea876b102bdb83926b7ed 51858120 icedove_3.0.7.orig.tar.bz2 74874e3b97fb8fb1623dcf404f05b519738b065494b0f45328d64545821928fd 365016 icedove_3.0.7-1.debian.tar.gz 272fb9a24f1cf149d9212d80c21339649a95a1a3cc00a4bf45cb1b50b8317a6e 12467408 icedove_3.0.7-1_amd64.deb 11be32d202d5494741fe3273574c05009138ed1d6c32d64d30bdaf0ef4af8aa8 5750378 icedove-dev_3.0.7-1_amd64.deb 0fc937e8a759d7177a32f307d40501c9a8a8069cf673e705c0132b63c450233c 67862098 icedove-dbg_3.0.7-1_amd64.deb Files: b36018553308769ad7220225f96a76b3 1845 web optional icedove_3.0.7-1.dsc 99cadb43bdb06ed1f763852166127149 51858120 web optional icedove_3.0.7.orig.tar.bz2 9d8790c1138eb7791c6e4549239fa13b 365016 web optional icedove_3.0.7-1.debian.tar.gz e644f1422d9f6afc12232ce610867023 12467408 mail optional icedove_3.0.7-1_amd64.deb 83b1115cd2918f857642a19e1196988e 5750378 mail optional icedove-dev_3.0.7-1_amd64.deb 989fabf8df795a91c539a4cf21ff4819 67862098 debug extra icedove-dbg_3.0.7-1_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAkyObNQACgkQaT2DDHtihbdaQwCeK2LnysjgnOIY3UYXLYUs5LFc MIcAn0e8k/fDrMwvGGPbPbqgS7RLdDJg =jlLd -----END PGP SIGNATURE----- Accepted: icedove-dbg_3.0.7-1_amd64.deb to main/i/icedove/icedove-dbg_3.0.7-1_amd64.deb icedove-dev_3.0.7-1_amd64.deb to main/i/icedove/icedove-dev_3.0.7-1_amd64.deb icedove_3.0.7-1.debian.tar.gz to main/i/icedove/icedove_3.0.7-1.debian.tar.gz icedove_3.0.7-1.dsc to main/i/icedove/icedove_3.0.7-1.dsc icedove_3.0.7-1_amd64.deb to main/i/icedove/icedove_3.0.7-1_amd64.deb icedove_3.0.7.orig.tar.bz2 to main/i/icedove/icedove_3.0.7.orig.tar.bz2