Hi Kevin, On Fri, Aug 25, 2006 at 09:59:53AM -0700, Kevin B. McCarty <[EMAIL PROTECTED]> wrote:
> Martin Zobel-Helas wrote: > > > > mozilla-thunderbird-dev stable 1.0.2-2.sarge1.0.7 alpha arm > > hppa i386 ia64 m68k mips mipsel powerpc s390 sparc > > mozilla-thunderbird-dev updates 1.0.2-2.sarge1.0.8a alpha arm > > hppa i386 ia64 m68k mips mipsel powerpc s390 sparc > > mozilla-thunderbird-inspector stable 1.0.2-2.sarge1.0.7 alpha arm > > hppa i386 ia64 m68k mips mipsel powerpc s390 sparc > > mozilla-thunderbird-inspector updates 1.0.2-2.sarge1.0.8a alpha arm > > hppa i386 ia64 m68k mips mipsel powerpc s390 sparc > > mozilla-thunderbird-offline stable 1.0.2-2.sarge1.0.7 alpha arm > > hppa i386 ia64 m68k mips mipsel powerpc s390 sparc > > mozilla-thunderbird-offline updates 1.0.2-2.sarge1.0.8a alpha arm > > hppa i386 ia64 m68k mips mipsel powerpc s390 sparc > > mozilla-thunderbird-typeaheadfind stable 1.0.2-2.sarge1.0.7 alpha arm > > hppa i386 ia64 m68k mips mipsel powerpc s390 sparc > > mozilla-thunderbird-typeaheadfind updates 1.0.2-2.sarge1.0.8a alpha arm > > hppa i386 ia64 m68k mips mipsel powerpc s390 sparc > > mozilla-thunderbird stable 1.0.2-2.sarge1.0.7 alpha arm > > hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source > > mozilla-thunderbird updates 1.0.2-2.sarge1.0.8a alpha arm > > hppa i386 ia64 m68k mips mipsel powerpc s390 sparc source > > > > DSA 1051 mozilla-thunderbird - several vulnerabilities > > First of all, the above should also mention DSA 1134. Yeah that is fixed. There where several DSAs missing, i found that while digging for DSA 1134. My fault. > Second, is it planned to include the next round of security updates to > the Mozilla family by Alexander Sack? (cf. [0] [1]) For some reason > these don't seem to have gone into security.d.o yet and it would be very > nice to ship mozilla* packages that are up-to-date with security fixes. Not for r3 anymore. I know that these packages are in preparation, but i would like to publish r3 rather soon, and we usually let DSA packages wait about one week in p-u-new before adding them to proposed-updates. This way, we can catch up with debian-security or the BTS if a DSA is seriously broken (like mozilla-thunderbird on i386 or libfreetype6). Okay, that did not work this time, but mainly also my fault... > Third, please note that even if those updates don't get into Sarge r3, > the existing mozilla-thunderbird security update needs a bin-NMU on i386 > [2]. I have prepared a binNMU on i386 for mozilla-thunderbird, availible on http://people.debian.org/~zobel/packages/3.1r3/ Could you please check, if these packages work for you? The debdiff for the package is the following: [EMAIL PROTECTED]:~$ debdiff mozilla-thunderbird_1.0.2-2.sarge1.0.8a_i386.deb /org/solar.home.ftbfs.de/chroots/sarge/tmp/mozilla-thunderbird_1.0.2-2.sarge1.0.8a.1_i386.deb [The following lists of changes regard files as different if they have different names, permissions or owners.] Files in first .deb but not in second ------------------------------------- -rw-r--r-- root/root /usr/lib/mozilla-thunderbird/components/libmozgnome.so Control files: lines which differ (wdiff format) ------------------------------------------------ Version: [-1.0.2-2.sarge1.0.8a-] {+1.0.2-2.sarge1.0.8a.1+} Depends: bash, libatk1.0-0 (>= 1.7.2), [-libbonobo2-0 (>= 2.8.0),-] libc6 (>= 2.3.2.ds1-21), libfontconfig1 (>= 2.3.0), libfreetype6 (>= 2.1.5-1), libgcc1 (>= 1:3.4.1-3), [-libgconf2-4 (>= 2.8.1),-] libglib2.0-0 (>= 2.6.0), [-libgnome2-0 (>= 2.8.0), libgnomevfs2-0 (>= 2.8.3-7),-] libgtk2.0-0 (>= 2.6.0), libjpeg62, [-liborbit2 (>= 1:2.10.0),-] libpango1.0-0 (>= 1.8.1), libpng12-0 (>= 1.2.8rel), [-libpopt0 (>= 1.7),-] libstdc++5 (>= 1:3.3.4-1), libx11-6 | xlibs (>> 4.1.0), libxext6 | xlibs (>> 4.1.0), libxft2 (>> 2.1.1), libxp6 | xlibs (>> 4.1.0), libxrender1, libxt6 | xlibs (>> 4.1.0), zlib1g (>= 1:1.2.1) Installed-Size: [-33011-] {+33016+} Greetings Martin -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
