2007-01-14 20:23:58 |
Matti Lindell |
mozilla-thunderbird: statusexplanation |
What's new in Thunderbird 1.5.0.9:
Improvements to product stability
Several security fixes -> http://www.mozilla.org/projects/security/known-vulnerabilities.html#thunderbird1.5.0.9
|
mozilla-thunderbird (1.5.0.9-0ubuntu1) feisty; urgency=low
.
* New upstream security update:
- CVE-2006-6505, MFSA 2006-74: Mail header processing heap overflows.
- CVE-2006-6503, MFSA 2006-72: XSS by setting img.src to javascript: URI.
- CVE-2006-6502, MFSA 2006-71: LiveConnect crash finalizing JS objects.
- CVE-2006-6501, MFSA 2006-70: Privilege escallation using watch point.
- CVE-2006-6497, CVE-2006-6498, CVE-2006-6499, MFSA 2006-68: Crashes
with evidence of memory corruption.
* Upstream security updates from 1.5.0.8:
- CVE-2006-5463, MFSA 2006-67: Running Script can be recompiled.
- CVE-2006-5462, MFSA 2006-66: RSA signature forgery (variant).
- CVE-2006-5464, CVE-2006-5747, CVE-2006-5748, MFSA 2006-65: Crashes with
evidence of memory corruption. |
|