| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: nsinstall | Distribution: Mageia |
| Version: 10.0.10 | Vendor: Mageia.Org |
| Release: 1.mga1 | Build date: Sun Oct 28 01:30:43 2012 |
| Group: Development/Other | Build host: ecosse.mageia.org |
| Size: 13856 | Source RPM: mozilla-thunderbird-10.0.10-1.mga1.src.rpm |
| Packager: fwang <fwang> | |
| Url: http://www.mozilla.org/en-US/thunderbird/organizations/all-esr.html | |
| Summary: Netscape portable install command | |
Netscape portable install command.
MPL
* Sun Oct 28 2012 fwang <fwang> 0:10.0.10-1.mga1
+ Revision: 310927
- add patch to recognize recent nspr and nss
- new version 10.0.10esr
- new version 10.0.8esr
- new version 10.0.6
- new version 10.0.5esr
- new version 10.0.3 ESR (Extended Support Release)
o fixes http://www.mozilla.org/security/announce/2012/mfsa2012-13.html
(XSS with Drag and Drop and Javascript: URL [CVE-2012-0455])
o fixes http://www.mozilla.org/security/announce/2012/mfsa2012-14.html
(SVG issues found with Address Sanitizer [CVE-2012-0456, CVE-2012-0457])
o fixes http://www.mozilla.org/security/announce/2012/mfsa2012-15.html
(XSS with multiple Content Security Policy headers [CVE-2012-0451])
o fixes http://www.mozilla.org/security/announce/2012/mfsa2012-16.html
(Escalation of privilege with Javascript: URL as home page [CVE-2012-0458])
o fixes http://www.mozilla.org/security/announce/2012/mfsa2012-17.html
(Crash when accessing keyframe cssText after dynamic modification
[CVE-2012-0459])
o fixes http://www.mozilla.org/security/announce/2012/mfsa2012-18.html
(window.fullScreen writeable by untrusted content [CVE-2012-0460])
o fixes http://www.mozilla.org/security/announce/2012/mfsa2012-19.html
(Miscellaneous memory safety hazards (rv:11.0/ rv:10.0.3 / rv:1.9.2.28)
[CVE-2012-0461, CVE-2012-0462, CVE-2012-0464, CVE-2012-0463 ])
- new version 3.1.12
+ luigiwalser <luigiwalser>
- new version 10.0.9esr
+ doktor5000 <doktor5000>
- new version 10.0.7
- new version 10.0.4 ESR (Extended Support Release)
o fixes http://www.mozilla.org/security/announce/2012/mfsa2012-20.html
(Miscellaneous memory safety hazards [CVE-2012-0468, CVE-2012-0467])
o fixes http://www.mozilla.org/security/announce/2012/mfsa2012-22.html
(use-after-free in IDBKeyRange[CVE-2012-0469])
o fixes http://www.mozilla.org/security/announce/2012/mfsa2012-23.html
(Invalid frees causes heap corruption in gfxImageSurface [CVE-2012-0470])
o fixes http://www.mozilla.org/security/announce/2012/mfsa2012-24.html
(Potential XSS via multibyte content processing errors [CVE-2012-0471])
o fixes http://www.mozilla.org/security/announce/2012/mfsa2012-25.html
(Potential memory corruption during font rendering using cairo-dwrite
[CVE-2012-0472])
o fixes http://www.mozilla.org/security/announce/2012/mfsa2012-26.html
(WebGL.drawElements may read illegal video memory due to
FindMaxUshortElement error [CVE-2012-0473])
o fixes http://www.mozilla.org/security/announce/2012/mfsa2012-27.html
(Page load short-circuit can lead to XSS [CVE-2012-0474])
o fixes http://www.mozilla.org/security/announce/2012/mfsa2012-28.html
(Ambiguous IPv6 in Origin headers may bypass webserver access restrictions
[CVE-2012-0475])
o fixes http://www.mozilla.org/security/announce/2012/mfsa2012-29.html
(Potential XSS through ISO-2022-KR/ISO-2022-CN decoding issues
[CVE-2012-0477])
o fixes http://www.mozilla.org/security/announce/2012/mfsa2012-30.html
(Crash with WebGL content using textImage2D [CVE-2012-0478])
o fixes http://www.mozilla.org/security/announce/2012/mfsa2012-31.html
(Off-by-one error in OpenType Sanitizer [CVE-2011-3062])
o fixes http://www.mozilla.org/security/announce/2012/mfsa2012-33.html
(Potential site identity spoofing when loading RSS and Atom feeds
[CVE-2012-0479])
- switch to Enigmail 1.4, officially supported version for ESR releases
o fixes a problem with inline PGP decrpytion
- use system nss shlibsign instead of missing bundled one
- remove unused Sources
- change Requires on libcanberra to Suggests
- new version 10.0.2 ESR (Extended Support Release)
o fixes http://www.mozilla.org/security/announce/2012/mfsa2012-11.html
(libpng integer overflow [CVE-2011-3026])
- drop all unused patches
- remove useless commented-out stuff
- new version 10.0.1, switch to ESR (Extended Support Release)
o fixes http://www.mozilla.org/security/announce/2012/mfsa2012-01.html
(miscellaneous memory safety hazards [CVE-2012-0442] [CVE-2012-0443]
fixed in 10.0 )
o fixes http://www.mozilla.org/security/announce/2012/mfsa2012-03.html
(<iframe> element exposed across domains via name attribute [CVE-2012-0445]
fixed in 10.0)
o fixes http://www.mozilla.org/security/announce/2012/mfsa2012-04.html
(child nodes from nsDOMAttribute still accessible after removal of nodes
[CVE-2011-3659] fixed in 10.0)
o fixes http://www.mozilla.org/security/announce/2012/mfsa2012-05.html
(frame scripts calling into untrusted objects bypass security checks
[CVE-2012-0446] fixed in 10.0)
o fixes http://www.mozilla.org/security/announce/2012/mfsa2012-06.html
(uninitialized memory appended when encoding icon images may cause
information disclosure [CVE-2012-0447] fixed in 10.0
o fixes http://www.mozilla.org/security/announce/2012/mfsa2012-07.html
(potential Memory Corruption When Decoding Ogg Vorbis files
[CVE-2012-0444] fixed in 10.0)
o fixes http://www.mozilla.org/security/announce/2012/mfsa2012-08.html
(crash with malformed embedded XSLT stylesheets [CVE-2012-0449]
o fixes http://www.mozilla.org/security/announce/2012/mfsa2012-10.html
(use after free in nsXBLDocumentInfo::ReadPrototypeBindings [CVE-2012-0452])
- update enigmail to 1.3.5, needed for thunderbird 10.0
- updated mageia-default-prefs.js, reenabled locale matching to system locale
- change new default preference (extensions.autoDisableScopes) to not
automatically disable systemwide installed addons, like language packs
- added BuildRequires on yasm, mesagl-devel, startup-notification-devel, dbus,
libevent-devel and libvpx-devel
- added Requires on libcanberra for playing sounds
- add Patch100 to use libcanberra for playing sounds (rediffed from upstream,
mozilla-thunderbird-mga-use-libcanberra.patch)
- rediffed Patch201, disabling default application dialog on Thunderbird start
- use bundled libpng, system one is too old and updating it is a no-go for mga1
- do not build against system libxul, add requires_exception for libxul
- disable updater and bundled lightning, disable compilation of lightning
- enable gio, vpx and libevent and optimization
- use org.mageia as distribution id
- removed thunderbird.cfg
- add -fPIC to CFLAGS
- new version 3.1.18
o fixes http://www.mozilla.org/security/announce/2011/mfsa2011-59.html
(.jar files not being treated as executables on MacOS [CVE-2011-3666]
fixed in 3.1.17)
o fixes http://www.mozilla.org/security/announce/2012/mfsa2012-01.html
(Miscellaneous memory safety hazards [(rv:10.0/ 1.9.2.26) [CVE-2012-0443,
CVE-2012-0442])
o fixes http://www.mozilla.org/security/announce/2012/mfsa2012-02.html
(Overly permissive IPv6 literal syntax [CVE-2011-3670])
o fixes http://www.mozilla.org/security/announce/2012/mfsa2012-04.html
(Child nodes from nsDOMAttribute still accessible after removal of nodes,
[CVE-2011-3659])
o fixes http://www.mozilla.org/security/announce/2012/mfsa2012-07.html
(Potential Memory Corruption When Decoding Ogg Vorbis files [CVE-2012-0444])
o fixes http://www.mozilla.org/security/announce/2012/mfsa2012-08.html
(Crash with malformed embedded XSLT stylesheets [CVE-2012-0449])
- new version 3.1.16
o fixes http://www.mozilla.org/security/announce/2011/mfsa2011-46.html
(loadSubScript unwraps XPCNativeWrapper scope parameter, a malicious page
could potentially exploit a Thunderbird user who had installed an add-on
that used loadSubscript in vulnerable ways)
o fixes http://www.mozilla.org/security/announce/2011/mfsa2011-47.html
(Potential cross-site-scripting against sites using Shift-JIS encoding,
CVE-2011-3648)
o fixes http://www.mozilla.org/security/announce/2011/mfsa2011-49.html
(memory corruption while profiling using Firebug, CVE-2011-3650)
- fixed CVE-2011-3640, untrusted search path vulnerability which might allow
local users to gain privileges via a Trojan horse pkcs11.txt file in a
top-level directory (fix-CVE-2011-3640.patch, from upstream)
- new version 3.1.15
o fixes http://www.mozilla.org/security/announce/2011/mfsa2011-34.html
(Protection against fraudulent DigiNotar certificates,
fixed in thunderbird 3.1.13)
o fixes http://www.mozilla.org/security/announce/2011/mfsa2011-35.html
(Additional protection against fraudulent DigiNotar certificates,
fixed in thunderbird 3.1.14)
* Fri Apr 29 2011 ahmad <ahmad> 0:3.1.10-1.mga1
+ Revision: 93463
- Update to 3.1.10
- Rediff run-mozilla patch
- Drop an old patch from SOURCES dir
* Fri Mar 25 2011 ahmad <ahmad> 0:3.1.9-11.mga1
+ Revision: 77483
- revert previous commit, gio support doesn't work as it should resulting in http/
https links handler having to be configured manually for all new and old tb profiles.
gnomevfs support at least reads the value from gconf settings (which uses www-
browser by default)
* Mon Mar 21 2011 ahmad <ahmad> 0:3.1.9-10.mga1
+ Revision: 75310
- disable gnomvfs support
- enable gio support
- disable updater as we don't support updating the application this way
* Wed Mar 16 2011 ahmad <ahmad> 0:3.1.9-8.mga1
+ Revision: 72283
- conflict with mozilla-thunderbird-lightning <= 1.3.9
* Fri Mar 11 2011 ahmad <ahmad> 0:3.1.9-7.mga1
+ Revision: 68321
- drop old/uneeded scriptlets that update the destkop-database and hicolor
icon-cache; they were replaced by rpm filetriggers ages ago
* Fri Mar 11 2011 ahmad <ahmad> 0:3.1.9-6.mga1
+ Revision: 68246
- don't obsolete -lightning here and in the mozilla-thunderbird-lightning src.rpm
urpmi can't smoothly handle a package obsoleted by two packages
* Fri Mar 11 2011 ahmad <ahmad> 0:3.1.9-5.mga1
+ Revision: 68165
- obsolete the -lightning sub-package that was built from thunderbird src.rpm
* Fri Mar 11 2011 ahmad <ahmad> 0:3.1.9-4.mga1
+ Revision: 68147
- define build_bundled_lightning, and disable it:
o the thunderbird tarball doesn't have the langpacks for lightning
o lightning has a separate release schedule (Fedora)
* Wed Mar 09 2011 colin <colin> 0:3.1.9-2.mga1
+ Revision: 66827
- Extract the correct plugin id from lightning extension
* Sat Mar 05 2011 ahmad <ahmad> 0:3.1.9-1.mga1
+ Revision: 64596
- update to 3.1.9
+ dmorgan <dmorgan>
- obsoletes old package
* Tue Mar 01 2011 ahmad <ahmad> 0:3.1.8-1.mga1
+ Revision: 62332
- update to 3.1.8
* Mon Feb 28 2011 dmorgan <dmorgan> 0:3.1.7-3.mga1
+ Revision: 61407
- Remove remaining mdv macro
- Remove remaining mdv macro
- Fix %els
- Fix %else
- Adapt for mageia
- Remove mdv macros
Adapt for mageia
+ ennael <ennael>
- imported package mozilla-thunderbird
/usr/bin/nsinstall
Generated by rpm2html 1.8.1
Fabrice Bellet, Mon Jun 10 08:29:46 2013