-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 22 Feb 2025 10:22:44 +0100
Source: thunderbird
Architecture: source
Version: 1:128.7.0esr-1
Distribution: unstable
Urgency: medium
Maintainer: Carsten Schoenert <c.schoen...@t-online.de>
Changed-By: Christoph Goehre <ch...@sigxcpu.org>
Closes: 1093362
Changes:
thunderbird (1:128.7.0esr-1) unstable; urgency=medium
.
* [6914065] Revert "d/rules: Move/rename third party Python modul temporarly"
(Closes: #1093362)
* [4a9ef4c] New upstream version 128.7.0esr
Fixed CVE issues in upstream version 128.7 (MFSA 2025-10):
CVE-2025-1009: Use-after-free in XSLT
CVE-2025-1010: Use-after-free in Custom Highlight
CVE-2025-1011: A bug in WebAssembly code generation could result in a
crash
CVE-2025-1012: Use-after-free during concurrent delazification
CVE-2024-11704: Potential double-free vulnerability in PKCS#7 decryption
handling
CVE-2025-1013: Potential opening of private browsing tabs in normal
browsing windows
CVE-2025-1014: Certificate length was not properly checked
CVE-2025-1015: Unsanitized address book fields
CVE-2025-0510: Address of e-mail sender can be spoofed by malicious email
CVE-2025-1016: Memory safety bugs fixed in Firefox 135, Thunderbird 135,
Firefox ESR 115.20, Firefox ESR 128.7, Thunderbird 115.20,
and Thunderbird 128.7
CVE-2025-1017: Memory safety bugs fixed in Firefox 135, Thunderbird 135,
Firefox ESR 128.7, and Thunderbird 128.7
Checksums-Sha1:
fd4073b2f2f94d8f0584cb01461e5f93c1233654 8475 thunderbird_128.7.0esr-1.dsc
2d7ba44bcbb5eafe309843460d7dc8f2c5bcfe04 13486748
thunderbird_128.7.0esr.orig-thunderbird-l10n.tar.xz
c87f7336c5f91377a4da7f06394539da9fef1351 696902772
thunderbird_128.7.0esr.orig.tar.xz
4713446d89089f6b91f73c8b803bfe26e2e62411 547520
thunderbird_128.7.0esr-1.debian.tar.xz
0a8ae3312aaa6a114e47ca53205dfcd4c320709c 6464
thunderbird_128.7.0esr-1_source.buildinfo
Checksums-Sha256:
493ac854df65c46c378537492f355a36c4a39854e50996f7550fa6010b2d4817 8475
thunderbird_128.7.0esr-1.dsc
2a720133038a617cfe41eb8d920d93a4cd57d4e0b3bf9a1f40a8b5d203713ded 13486748
thunderbird_128.7.0esr.orig-thunderbird-l10n.tar.xz
00b4a0365beab0532ee946cd97ffe8c484e6ee844fbd6d09e7788ec3e0ba8563 696902772
thunderbird_128.7.0esr.orig.tar.xz
e0407588fc70ad35e13012d08078fa052743190fb46c0f94188a1fde1b1bd533 547520
thunderbird_128.7.0esr-1.debian.tar.xz
7acf1ed1341125906768f6e839186d6e505bc2dc0b515399b9843c2669c77a6f 6464
thunderbird_128.7.0esr-1_source.buildinfo
Files:
885bd40730bca0e1a7870379c9fe7bf1 8475 mail optional
thunderbird_128.7.0esr-1.dsc
ea88d9deb533091622d01e86ea451ac3 13486748 mail optional
thunderbird_128.7.0esr.orig-thunderbird-l10n.tar.xz
a256fba2121576cbbb36cfbcbd988c20 696902772 mail optional
thunderbird_128.7.0esr.orig.tar.xz
29e4f37e44e261775879c4e125ab9324 547520 mail optional
thunderbird_128.7.0esr-1.debian.tar.xz
cbeb5e5ca07f56acc1ee911d40cd1cae 6464 mail optional
thunderbird_128.7.0esr-1_source.buildinfo-----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEi5SBnCVVcKN0tizNJuPIdadEIO8FAme5wiUACgkQJuPIdadE IO9/9g/7BDE/6zuHvHLvf/vKLfsf2T2PXauF2AECFLh09AaziePizbtrnabg+rUd h173rD1HCt/Su6gEYpH7ho9Nre2PYblVl/lmwlbdc4eOtc/90NdtvPdT7ieY3bK6 RY3CQIM3oeWbaCkVr2DC7n24Xf5QprVhw1sJWd9S1Bb/la5sCyGJxGRT30uR/5x0 CrIxmUxB6B6iezIAjcmPTJ/Yqim0aytEuBuU4o5D6T+mpOg9PVLdueyH3Dcji0BJ 4PKGy/3pHjpRX4pm1N65TFkpPv8lZ6D5L3NLq3CQadAyqxjE85ekGoNq+x1thvw8 dCiHZjvCQZ2kGi0n2o6vopRwfcMDC7O8R7JICCXPTsH84ABZCYeMBvPxCw+HDCsT j+CyGRNTk2lUH3CO8Dqo532+pVn9/BsIdvZxLvGxjQEXQgTWUrnCwf3FRivThpn4 GCN40ahIpQkGKpWLhGd5d5vLB6j8JkLG6P+0hqGgyGfddSouVL/iO3Mlqbkr3h5l ddnSeW83gm+2REQLepIgG21F/bcTjBfrQB2pwzZ8CpyBa2MS1CATxs8OCdB8wvRk JCeMmsQnS+ZmmYsNtu88sJwmraqCYBxaQsuTFWdI1V1NBDvxWNI6XhApVXMw7H3A NCYEys+uEPupmQ16FEGPr16JdNuStNkgC7e2QlPLsBTkJF8bKnk= =YUym -----END PGP SIGNATURE-----
pgpLM8Vsd4y78.pgp
Description: PGP signature
