Created by Michael Casadevall and last modified
Get this branch:
bzr branch lp:~mcasadevall/thunderbird/icedove-
Only Michael Casadevall can upload to this branch. If you are Michael Casadevall please log in for upload directions.

Branch merges

Related bugs

Related blueprints

Branch information

Michael Casadevall
Mozilla Thunderbird

Recent revisions

101. By Michael Casadevall

* New upstream security/stability update (v2.0.0.21/v2.0.0.22)
* Merge of patches from Ubuntu karmic
* resolve crash in JS due to usage of wrong FPU number formats on ARM EABI
  - Thanks to Loic Minier for creating the cherry-picked patch
  - add debian/patches/bz322806_arm-vfp-2538:3f78d5e894bc
  - update debian/patches/series
* resolve a stack corruption issue on ARM EABI by cherrypicking patches from
  1.9 mozilla branch
   - add debian/patches/bz322806_arm-vfp-2538:3f78d5e894bc
   - update debian/patches/series
* updated my Uploaders email address in debian/control

100. By Alexander Sack

take back Maintainer: field in debian/control

99. By Alexander Sack

RELEASE to debian/unstable
* New upstream security/stability update (v2.0.0.21/v2.0.0.22) (Closes: 535124)
  * MFSA 2009-33: Crash viewing multipart/alternative message with text/enhanced part
  * MFSA 2009-32 aka CVE-2009-1841: JavaScript chrome privilege escalation
  * MFSA 2009-29 aka CVE-2009-1838: Arbitrary code execution using event listeners
    attached to an element whose owner document is null
  * MFSA 2009-27 aka CVE-2009-1836: SSL tampering via non-200 responses to proxy
    CONNECT requests
  * MFSA 2009-24 aka CVE-2009-1832+CVE-2009-1831: Crashes with evidence of memory
    corruption (rv:
  * MFSA 2009-17 aka CVE-2009-1307: Same-origin violations when Adobe Flash loaded
    via view-source: scheme
  * MFSA 2009-14 aka CVE-2009-1303+CVE-2009-1302: Crashes with evidence of memory
    corruption (rv:
  * MFSA 2009-15 aka CVE-2009-0652: URL spoofing with box drawing character
  * MFSA 2009-10 aka CVE-2009-0040: Upgrade PNG library to fix memory safety hazards
  * MFSA 2009-09 aka CVE-2009-0776: XML data theft via RDFXMLDataSource and cross-domain
  * MFSA 2009-07 aka CVE-2009-0771,-0772,-0773,-0774: Crashes with evidence of memory
    corruption (rv:
  * MFSA 2009-01 aka CVE-2009-0352,CVE-2009-0353 Crashes with evidence of memory
    corruption (rv:

98. By Alexander Sack

* New upstream security/stability update (v2.0.0.21/v2.0.0.22)
* adjust patches to changed codebase
  - update debian/patches/ubuntu-mail-app-xre-name

97. By Alexander Sack

* RELEASE to debian/unstable

96. By Alexander Sack

* fix typo s/Maintainers/Maintainer/
  - update debian/control

95. By Alexander Sack

* close debian security vulnerability bug in changelog (#505563)

94. By Alexander Sack

(add advisory info for and to debian/changelog)
* New upstream security/stability update (v.
  * MFSA 2008-48 aka CVE-2008-5012 - Image stealing via canvas and HTTP
  * MFSA 2008-50 aka CVE-2008-5014 - Crash and remote code execution via
    __proto__ tampering
  * MFSA 2008-52 aka CVE-2008-5017 - Crashes with evidence of memory
    corruption (rv:; Browser engine crash in "Firefox 2
    and 3"
  * MFSA 2008-52 aka CVE-2008-5018 - Crashes with evidence of memory
    corruption (rv:; JavaScript engine crash - "Firefox 2
    and 3"
  * MFSA 2008-55 aka CVE-2008-5021 - Crash and remote code execution in
  * MFSA 2008-56 aka CVE-2008-5022 - nsXMLHttpRequest::NotifyEventListeners()
    same-origin violation
  * MFSA 2008-58 aka CVE-2008-5024 - Parsing error in E4X default namespace
  * MFSA 2008-59 aka CVE-2008-4582 - Script access to .documentURI and
    .textContent in mail
  * MFSA 2008-60 aka CVE-2008-5500 - Crashes with evidence of memory
    corruption (rv:; Layout engine crashes - Firefox 2 and 3
  * MFSA 2008-61 aka CVE-2008-5503 - Information stealing via
  * MFSA 2008-64 aka CVE-2008-5506 - XMLHttpRequest 302 response disclosure
  * MFSA 2008-65 aka CVE-2008-5507 - Cross-domain data theft via script
    redirect error message
  * MFSA 2008-66 aka CVE-2008-5508 - Errors parsing URLs with leading
    whitespace and control characters
  * MFSA 2008-67 aka CVE-2008-5510 - Escaped null characters ignored by CSS

93. By Alexander Sack

* adjust/refresh patches to changed upstream code
  - update debian/patches/moz-app-name-as-mail-binary-name
  - update debian/patches/autoconf2.13-rerun

92. By Alexander Sack

* New upstream security/stability update (v.
* apply Maintainers, Uploaders changes done in upload to
  - update debian/control

Branch metadata

Branch format:
Branch format 6
Repository format:
Bazaar pack repository format 1 (needs bzr 0.92)
This branch contains Public information 
Everyone can see this information.