lp:~mcasadevall/thunderbird/icedove-2.0.0.22-2

Created by Michael Casadevall and last modified
Get this branch:
bzr branch lp:~mcasadevall/thunderbird/icedove-2.0.0.22-2
Only Michael Casadevall can upload to this branch. If you are Michael Casadevall please log in for upload directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Michael Casadevall
Project:
Mozilla Thunderbird
Status:
Development

Recent revisions

101. By Michael Casadevall

* New upstream security/stability update (v2.0.0.21/v2.0.0.22)
* Merge of patches from Ubuntu karmic
* resolve crash in JS due to usage of wrong FPU number formats on ARM EABI
  - Thanks to Loic Minier for creating the cherry-picked patch
  - add debian/patches/bz322806_arm-vfp-2538:3f78d5e894bc
  - update debian/patches/series
* resolve a stack corruption issue on ARM EABI by cherrypicking patches from
  1.9 mozilla branch
   - add debian/patches/bz322806_arm-vfp-2538:3f78d5e894bc
   - update debian/patches/series
* updated my Uploaders email address in debian/control

100. By Alexander Sack

take back Maintainer: field in debian/control

99. By Alexander Sack

RELEASE 2.0.0.22-1 to debian/unstable
* New upstream security/stability update (v2.0.0.21/v2.0.0.22) (Closes: 535124)
  * MFSA 2009-33: Crash viewing multipart/alternative message with text/enhanced part
  * MFSA 2009-32 aka CVE-2009-1841: JavaScript chrome privilege escalation
  * MFSA 2009-29 aka CVE-2009-1838: Arbitrary code execution using event listeners
    attached to an element whose owner document is null
  * MFSA 2009-27 aka CVE-2009-1836: SSL tampering via non-200 responses to proxy
    CONNECT requests
  * MFSA 2009-24 aka CVE-2009-1832+CVE-2009-1831: Crashes with evidence of memory
    corruption (rv:1.9.0.11)
  * MFSA 2009-17 aka CVE-2009-1307: Same-origin violations when Adobe Flash loaded
    via view-source: scheme
  * MFSA 2009-14 aka CVE-2009-1303+CVE-2009-1302: Crashes with evidence of memory
    corruption (rv:1.9.0.9)
  * MFSA 2009-15 aka CVE-2009-0652: URL spoofing with box drawing character
  * MFSA 2009-10 aka CVE-2009-0040: Upgrade PNG library to fix memory safety hazards
  * MFSA 2009-09 aka CVE-2009-0776: XML data theft via RDFXMLDataSource and cross-domain
    redirect
  * MFSA 2009-07 aka CVE-2009-0771,-0772,-0773,-0774: Crashes with evidence of memory
    corruption (rv:1.9.0.7)
  * MFSA 2009-01 aka CVE-2009-0352,CVE-2009-0353 Crashes with evidence of memory
    corruption (rv:1.9.0.6)

98. By Alexander Sack

* New upstream security/stability update (v2.0.0.21/v2.0.0.22)
* adjust patches to changed codebase
  - update debian/patches/ubuntu-mail-app-xre-name

97. By Alexander Sack

* RELEASE 2.0.0.19-1 to debian/unstable

96. By Alexander Sack

* fix typo s/Maintainers/Maintainer/
  - update debian/control

95. By Alexander Sack

* close debian security vulnerability bug in changelog (#505563)

94. By Alexander Sack

(add advisory info for 2.0.0.18 and 2.0.0.19 to debian/changelog)
* New upstream security/stability update (v.2.0.0.18/2.0.0.19)
  2.0.0.18:
  * MFSA 2008-48 aka CVE-2008-5012 - Image stealing via canvas and HTTP
    redirect
  * MFSA 2008-50 aka CVE-2008-5014 - Crash and remote code execution via
    __proto__ tampering
  * MFSA 2008-52 aka CVE-2008-5017 - Crashes with evidence of memory
    corruption (rv:1.9.0.4/1.8.1.18); Browser engine crash in "Firefox 2
    and 3"
  * MFSA 2008-52 aka CVE-2008-5018 - Crashes with evidence of memory
    corruption (rv:1.9.0.4/1.8.1.18); JavaScript engine crash - "Firefox 2
    and 3"
  * MFSA 2008-55 aka CVE-2008-5021 - Crash and remote code execution in
    nsFrameManager
  * MFSA 2008-56 aka CVE-2008-5022 - nsXMLHttpRequest::NotifyEventListeners()
    same-origin violation
  * MFSA 2008-58 aka CVE-2008-5024 - Parsing error in E4X default namespace
  * MFSA 2008-59 aka CVE-2008-4582 - Script access to .documentURI and
    .textContent in mail
  2.0.0.19:
  * MFSA 2008-60 aka CVE-2008-5500 - Crashes with evidence of memory
    corruption (rv:1.9.0.5/1.8.1.19); Layout engine crashes - Firefox 2 and 3
  * MFSA 2008-61 aka CVE-2008-5503 - Information stealing via
    loadBindingDocument
  * MFSA 2008-64 aka CVE-2008-5506 - XMLHttpRequest 302 response disclosure
  * MFSA 2008-65 aka CVE-2008-5507 - Cross-domain data theft via script
    redirect error message
  * MFSA 2008-66 aka CVE-2008-5508 - Errors parsing URLs with leading
    whitespace and control characters
  * MFSA 2008-67 aka CVE-2008-5510 - Escaped null characters ignored by CSS
    parser

93. By Alexander Sack

* adjust/refresh patches to changed upstream code
  - update debian/patches/moz-app-name-as-mail-binary-name
  - update debian/patches/autoconf2.13-rerun

92. By Alexander Sack

* New upstream security/stability update (v.2.0.0.18)
* apply Maintainers, Uploaders changes done in 2.0.0.17 upload to
  debian/control
  - update debian/control

Branch metadata

Branch format:
Branch format 6
Repository format:
Bazaar pack repository format 1 (needs bzr 0.92)
This branch contains Public information 
Everyone can see this information.