-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2010-5526 2010-04-01 00:19:08 --------------------------------------------------------------------------------
Name : thunderbird Product : Fedora 11 Version : 3.0.4 Release : 1.fc11 URL : http://www.mozilla.org/projects/thunderbird/ Summary : Mozilla Thunderbird mail/newsgroup client Description : Mozilla Thunderbird is a standalone mail and newsgroup client. -------------------------------------------------------------------------------- Update Information: Update to new upstream Thunderbird version 3.0.4, fixing multiple security issues detailed in the upstream advisories: http://www.mozilla.org/security /known-vulnerabilities/thunderbird30.html#thunderbird3.0.4 Update also includes sunbird package rebuilt against new version of Thunderbird. CVE-2010-0173 CVE-2010-0174 CVE-2010-0175 CVE-2010-0176 -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 30 2010 Jan Horak <[email protected]> - 3.0.4-1 - Update to 3.0.4 * Sat Mar 6 2010 Kalev Lember <[email protected]> - 3.0.3-2 - Own extension directories (#532132) * Mon Mar 1 2010 Jan Horak <[email protected]> - 3.0.3-1 - Update to 3.0.3 * Thu Feb 25 2010 Jan Horak <[email protected]> - 3.0.2-1 - Update to 3.0.2 * Wed Jan 20 2010 Martin Stransky <[email protected]> - 3.0.1-1 - Update to 3.0.1 * Wed Dec 9 2009 Jan Horak <[email protected]> - 3.0-3 - Update to 3.0 * Thu Dec 3 2009 Jan Horak <[email protected]> - 3.0.2.10.rc2 - Update to 3.0 RC2 * Thu Nov 19 2009 Jan Horak <[email protected]> - 3.0.2.9.rc1 - Update to 3.0 RC1 * Wed Oct 14 2009 Jan Horak <[email protected]> - 3.0.2.8 - Global indexing disabled by default - Migration to Smart Folders disabled by default * Thu Sep 17 2009 Jan Horak <[email protected]> - 3.0-2.7 - Update to 3.0 beta4 * Thu Jul 16 2009 Jan Horak <[email protected]> - 3.0-2.6 - Rebuild for update * Thu Jul 16 2009 Jan Horak <[email protected]> - 3.0-2.5 - Update to 3.0 beta3 -------------------------------------------------------------------------------- References: [ 1 ] Bug #578147 - CVE-2010-0174 Mozilla crashes with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=578147 [ 2 ] Bug #578149 - CVE-2010-0175 Mozilla remote code execution with use-after-free in nsTreeSelection https://bugzilla.redhat.com/show_bug.cgi?id=578149 [ 3 ] Bug #578150 - CVE-2010-0176 Mozilla Dangling pointer vulnerability in nsTreeContentView https://bugzilla.redhat.com/show_bug.cgi?id=578150 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update thunderbird' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/package-announce
