thunderbird (1:102.7.1-1) unstable; urgency=medium
* [dbc3385] New upstream version 102.7.1
Fixed CVE issues in upstream version 102.7 (MFSA 2023-03):
CVE-2022-46871: libusrsctp library out of date
CVE-2023-23598: Arbitrary file read from GTK drag and drop on Linux
CVE-2023-23601: URL being dragged from cross-origin iframe into same
tab triggers navigation
CVE-2023-23602: Content Security Policy wasn't being correctly applied
to WebSockets in WebWorkers
CVE-2022-46877: Fullscreen notification bypass
CVE-2023-23603: Calls to console.log allowed bypasing
Content Security Policy via format directive
CVE-2023-23605: Memory safety bugs fixed in Thunderbird 102.7
Fixed CVE issues in upstream version 102.7.1 (MFSA not yet released):
CVE-2023-0430: Revocation status of S/Mime signature certificates was
not checked
* [af92a36] Rebuild patch queue from patch-queue branch
Added patch:
debian-hacks/Python-3.11-Don-t-use-mode-rU-any-more.patch
(Closes: #1028885)
-- Carsten Schoenert Tue, 24 Jan 2023 16:32:06 +0100
thunderbird (1:102.6.0-1) unstable; urgency=medium
[ Paul Gevers ]
* [6bbbd94] tests: thunderbird no longer builds on armel and armhf, so
let's not fail while trying to test there
* [d9e09a0] tests: help.sh is really a very superficial test, so let's
mark it as such
[ Carsten Schoenert ]
* [43b90d6] New upstream version 102.6.0
Fixed CVE issues in upstream version 102.6 (MFSA 2022-53):
CVE-2022-46880: Use-after-free in WebGL
CVE-2022-46872: Arbitrary file read from a compromised content process
CVE-2022-46881: Memory corruption in WebGL
CVE-2022-46874: Drag and Dropped Filenames could have been truncated to
malicious extensions
CVE-2022-46882: Use-after-free in WebGL
CVE-2022-46878: Memory safety bugs fixed in Thunderbird 102.6
* [745c1a3] Rebuild patch queue from patch-queue branch
Removed patches (included upstream):
fixes/Bug-1773070-Rename-remove-some-eventState-s-variables.-r-.patch
fixes/Bug-1782988-Avoid-build-bustage-when-building-against-gli.patch
fixes/Bug-1782988-Fix-use-of-arc4random_buf-use-in-ping.cpp.-r-.patch
* [1e74214] d/control: Increase buid dep on libnss3-dev to 3.79.2
-- Carsten Schoenert Tue, 13 Dec 2022 19:40:57 +0100
thunderbird (1:102.5.1-1) unstable; urgency=medium
* [ae4d1ff] New upstream version 102.5.1
Fixed CVE issues in upstream version 102.5.1 (MFSA 2022-50):
CVE-2022-45414: Quoting from an HTML email with certain tags will trigger
network requests and load remote content, regardless of
a configuration to block remote content
-- Carsten Schoenert Wed, 30 Nov 2022 12:27:38 +0100
thunderbird (1:102.5.0-1) unstable; urgency=medium
* [2f04265] New upstream version 102.5.0
Fixed CVE issues in upstream version 102.5 (MFSA 2022-49):
CVE-2022-45403: Service Workers might have learned size of cross-origin
media files
CVE-2022-45404: Fullscreen notification bypass
CVE-2022-45405: Use-after-free in InputStream implementation
CVE-2022-45406: Use-after-free of a JavaScript Realm
CVE-2022-45408: Fullscreen notification bypass via windowName
CVE-2022-45409: Use-after-free in Garbage Collection
CVE-2022-45410: ServiceWorker-intercepted requests bypassed SameSite
cookie policy
CVE-2022-45411: Cross-Site Tracing was possible via non-standard
override headers
CVE-2022-45412: Symlinks may resolve to partially uninitialized buffers
CVE-2022-45416: Keystroke Side-Channel Leakage
CVE-2022-45418: Custom mouse cursor could have been drawn over
browser UI
CVE-2022-45420: Iframe contents could be rendered outside the iframe
CVE-2022-45421: Memory safety bugs fixed in Thunderbird 102.5
* [57e94ac] Rebuild patch queue from patch-queue branch
Added patches:
fixes/Bug-1782988-Avoid-build-bustage-when-building-against-gli.patch
fixes/Bug-1782988-Fix-use-of-arc4random_buf-use-in-ping.cpp.-r-.patch
(Closes: #1023789)
-- Carsten Schoenert Sat, 15 Nov 2022 19:34:55 +0100
thunderbird (1:102.4.1-1) unstable; urgency=medium
[ intrigeri ]
* [37c5b01] AppArmor: update profile from upstream at commit
09fa2669dc95cb336d133a6b96cac227e3aa73dc
This allows running Thunderbird as a native Wayland application.
[ Carsten Schoenert ]
* [031c4a2] New upstream version 102.4.1
-- Carsten Schoenert Mon, 31 Oct 2022 18:50:44 +0100
thunderbird (1:102.4.0-1) unstable; urgency=medium
* [6bfe8cd] New upstream version 102.4.0
Fixed CVE issues in upstream version 102.4 (MFSA 2022-46):
CVE-2022-42927: Same-origin policy violation could have leaked
cross-origin URLs
CVE-2022-42928: Memory Corruption in JS Engine
CVE-2022-42929: Denial of Service via window.print
CVE-2022-42932: Memory safety bugs fixed in Thunderbird 102.4
-- Carsten Schoenert Mon, 24 Oct 2022 22:33:05 +0200
thunderbird (1:102.3.3-1) unstable; urgency=medium
* [6729f5d] New upstream version 102.3.3
-- Carsten Schoenert Thu, 13 Oct 2022 16:09:50 +0200
thunderbird (1:102.3.2-1) unstable; urgency=medium
* [db7a24f] New upstream version 102.3.2
-- Carsten Schoenert Thu, 06 Oct 2022 20:34:42 +0200
thunderbird (1:102.3.1-1) unstable; urgency=medium
* [f845126] New upstream version 102.3.1
Fixed CVE issues in upstream version 102.3.1 (MFSA 2022-43):
CVE-2022-39249: Matrix SDK bundled with Thunderbird vulnerable to an
impersonation attack by malicious server administrators
CVE-2022-39250: Matrix SDK bundled with Thunderbird vulnerable to a device
verification attack
CVE-2022-39251: Matrix SDK bundled with Thunderbird vulnerable to an
impersonation attack
CVE-2022-39236: Matrix SDK bundled with Thunderbird vulnerable to a data
corruption issue
* [4555808] Rebuild patch queu from patch-queue branch
debian-hacks/Use-remoting-name-for-call-to-gdk_set_program_class.patch
fixes/Properly-launch-applications-set-in-HOME-.mailcap.patch
* [344dbfa] d/copyright: Add info about code from Matrix
-- Carsten Schoenert Thu, 29 Sep 2022 19:09:02 +0200
thunderbird (1:102.3.0-1) unstable; urgency=medium
* [0e841a7] New upstream version 102.3.0
Fixed CVE issues in upstream version 102.3 (MFSA 2022-42):
CVE-2022-40959: Bypassing FeaturePolicy restrictions on transient pages
CVE-2022-40960: Data-race when parsing non-UTF-8 URLs in threads
CVE-2022-40958: Bypassing Secure Context restriction for cookies with
__Host and __Secure prefix
CVE-2022-40956: Content-Security-Policy base-uri bypass
CVE-2022-40957: Incoherent instruction cache when building WASM on ARM64
CVE-2022-40962: Memory safety bugs fixed in Thunderbird 102.3
-- Carsten Schoenert Fri, 16 Sep 2022 16:56:20 +0200
thunderbird (1:102.2.2-1) unstable; urgency=medium
* [f1dc81f] New upstream version 102.2.2
-- Carsten Schoenert Thu, 08 Sep 2022 17:25:57 +0200
thunderbird (1:102.2.1-1) unstable; urgency=medium
* [e1d0f74] New upstream version 102.2.1
Fixed CVE issues in upstream version 102.2.1 (MFSA 2022-38):
CVE-2022-3033: Leaking of sensitive information when composing a response
to an HTML email with a META refresh tag
CVE-2022-3032: Remote content specified in an HTML document that was
nested inside an iframe's srcdoc attribute was not blocked
CVE-2022-3034: An iframe element in an HTML email could trigger a
network request
CVE-2022-36059: Matrix SDK bundled with Thunderbird vulnerable to
denial-of-service attack
-- Carsten Schoenert Thu, 01 Sep 2022 07:52:16 +0200
thunderbird (1:102.2.0-1) unstable; urgency=medium
[ Amr Ibrahim ]
* [02a3990] thunderbird.desktop: Update StartupWMClass
(Closes: #1017420, #1014748)
[ Carsten Schoenert ]
* [f7b62a8] d-create-upstream-tarballs.py: Use correct variable
* [7194457] New upstream version 102.2.0
Fixed CVE issues in upstream version 102.2 (MFSA 2022-36):
CVE-2022-38472: Address bar spoofing via XSLT error handling
CVE-2022-38473: Cross-origin XSLT Documents would have inherited the
parent's permissions
CVE-2022-38476: Data race and potential use-after-free in PK11_ChangePW
CVE-2022-38477: Memory safety bugs fixed in Thunderbird 102.2
CVE-2022-38478: Memory safety bugs fixed in Thunderbird 102.2, and
Thunderbird 91.13
-- Carsten Schoenert Sun, 28 Aug 2022 17:23:50 +0200
thunderbird (1:102.1.2-1) unstable; urgency=medium
* [78f2899] d/copyright: Update content due upstream changes
* [55dba1d] d/source.filter: Update content to filter out
* [3e19497] Lintian: Adjust overrides for thunderbird package
* [567e0c4] Lintian: Adjust overrides for source package
* [c201484] New upstream version 102.1.2
(Closes: #1016944)
-- Carsten Schoenert Thu, 11 Aug 2022 16:37:07 +0200
thunderbird (1:102.1.1-1) unstable; urgency=medium
* [2c1b12f] d/create-upstream-tarballs.py: Adding new helper script
* [a9633b9] d/README.source: Update information on importing data
* [1d2cdc0] d/source.filter: Relax filter rule for old-configure
* [f1afe9b] d/repack.py: Don't exit(1) if unused filter items exist
* [165593a] d/create-thunderbird-l10n-tarball.sh: Drop old helper
* [b4d73ee] d/gbp.conf: Drop 'import-orig' section
* [d186832] d/source.filter: Add files named *.orig and *.rej
* [933b099] New upstream version 102.1.1
(Closes: #1014675:)
-- Carsten Schoenert Sat, 06 Aug 2022 11:26:44 +0200
thunderbird (1:102.1.0-1) unstable; urgency=medium
* [3b7bb0d] New upstream version 102.1.0
Fixed CVE issues in upstream version 102.1 (MFSA 2022-32):
CVE-2022-36319: Mouse Position spoofing with CSS transforms
CVE-2022-36318: Directory indexes for bundled resources reflected URL
parameters
CVE-2022-2505: Memory safety bugs fixed in Thunderbird 102.1
(Closes: #1016083, #1014745, #1014675, #1014638)
-- Carsten Schoenert Fri, 29 Jul 2022 17:00:53 +0200
thunderbird (1:102.0.2-1) unstable; urgency=medium
* [079e135] d/repack.py: Small rework and adjustments
* [fc2518e] d/control: Readjust Vcs links to unstable
* [a7b09b3] d/gbp.conf: Sign tags automatically
* [faf115d] New upstream version 102.0.2
-- Carsten Schoenert Tue, 12 Jul 2022 18:41:04 +0200
thunderbird (1:102.0.1-1) unstable; urgency=medium
* [68c9410] d/gbp.conf: Adjust upstream branch to new ESR cycle
* [45eca79] New upstream version 102.0.1
Fixed CVE issues in upstream version 102.0 (MFSA 2022-26):
CVE-2022-34479: A popup window could be resized in a way to overlay the
address bar with web content
CVE-2022-34470: Use-after-free in nsSHistory
CVE-2022-34468: CSP sandbox header without `allow-scripts` can be bypassed
via retargeted javascript: URI
CVE-2022-2226: An email with a mismatching OpenPGP signature date was
accepted as valid
CVE-2022-34481: Potential integer overflow in ReplaceElementsAt
CVE-2022-31744: CSP bypass enabling stylesheet injection
CVE-2022-34472: Unavailable PAC file resulted in OCSP requests being
blocked
CVE-2022-2200: Undesired attributes could be set as part of prototype
pollution
CVE-2022-34484: Memory safety bugs fixed in Thunderbird 91.11 and
Thunderbird 102
* [1842425] d/watch: Look now for versions starting with 3 digits
* [0a32bb3] d/control: Add package thunderbird-l10n-es-mx
-- Carsten Schoenert Fri, 08 Jul 2022 17:47:21 +0200
thunderbird (1:102.0~b7-1) experimental; urgency=medium
* [edf32aa] New upstream version 102.0~b7
* [c9dd3e0] d/control: Remove not required B-D
* [ac2ec70] d/mozconfig.default: Remove commented out options
-- Carsten Schoenert Tue, 21 Jun 2022 19:06:58 +0200
thunderbird (1:102.0~b4-1) experimental; urgency=medium
* [8f34a01] d/source.filter: Small updates to filtering list
* [e1d4c7c] New upstream version 102.0~b4
* [c97416b] Rebuild patch-queue from patch queue branch
Removed patch (needs update):
fixes/Bug-1494436-Unset-MOZ_APP_LAUNCHER-for-external-MIME-hand.patch
Removed patch (fixed upstream):
porting-armhf/Don-t-use-LLVM-internal-assembler-on-armhf.patch
* [68712eb] d/mozconfig.default: Disable wasm sandboxing
* [a1df764] d/mozconfig.default: Remove openpgp option
Supporting OpenPGP functionality is now set on by default.
* [607c321] d/mozconfig.default: Add/Update some configure options
* [efc728e] d/rules: Add new needed variable MOZBUILD_STATE_PATH
* [7b0d743] d/rules: Ensure python is used from the environment
* [26053f1] Build against system librnp library
Unfortunately using librnp-dev requires the usage of the internal
versions of botan, bz2 and jsonc.
(Closes: #998848)
* [5e904d8] d/control: Bump various build dependencies
* [94ee0da] d/thunderbird.docs: Update content to install
* [477f949] d/control: Increase Standards-Version to 4.6.1
No further changes needed.
-- Carsten Schoenert Wed, 15 Jun 2022 16:47:29 +0200
thunderbird (1:91.11.0-1) unstable; urgency=medium
* [05a947d] New upstream version 91.11.0
Fixed CVE issues in upstream version 91.11 (MFSA 2022-26):
CVE-2022-34479: A popup window could be resized in a way to overlay the
address bar with web content
CVE-2022-34470: Use-after-free in nsSHistory
CVE-2022-34468: CSP sandbox header without `allow-scripts` can be bypassed
via retargeted javascript: URI
CVE-2022-2226: An email with a mismatching OpenPGP signature date was
accepted as valid
CVE-2022-34481: Potential integer overflow in ReplaceElementsAt
CVE-2022-31744: CSP bypass enabling stylesheet injection
CVE-2022-34472: Unavailable PAC file resulted in OCSP requests being
blocked
CVE-2022-2200: Undesired attributes could be set as part of prototype
pollution
CVE-2022-34484: Memory safety bugs fixed in Thunderbird 91.11 and
Thunderbird 102
(Closes: #1014004)
* [4c4944d] Rebuild patch queue from patch-queue branch
Added patch:
fixes/Bug-1773070-Rename-remove-some-eventState-s-variables.-r-.patch
-- Carsten Schoenert Fri, 01 Jul 2022 20:12:40 +0200
thunderbird (1:91.10.0-1) unstable; urgency=medium
* [969960a] New upstream version 91.10.0
Fixed CVE issues in upstream version 91.9.1 (MFSA 2022-19):
CVE-2022-1802: Prototype pollution in Top-Level Await implementation
CVE-2022-1529: Untrusted input used in JavaScript object indexing, leading
to prototype pollution
Fixed CVE issues in upstream version 91.10 (MFSA 2022-22):
CVE-2022-31736: Cross-Origin resource's length leaked
CVE-2022-31737: Heap buffer overflow in WebGL
CVE-2022-31738: Browser window spoof using fullscreen mode
CVE-2022-31739: Attacker-influenced path traversal when saving downloaded
files
CVE-2022-31740: Register allocation problem in WASM on arm64
CVE-2022-31741: Uninitialized variable leads to invalid memory read
CVE-2022-1834: Braille space character caused incorrect sender email to be
shown for a digitally signed email
CVE-2022-31742: Querying a WebAuthn token with a large number of
allowCredential entries may have leaked cross-origin
information
CVE-2022-31747: Memory safety bugs fixed in Thunderbird 91.10
* [4b55e16] d/control: Increase Standards-Version to 4.6.0
No further changes needed.
-- Carsten Schoenert Mon, 30 May 2022 19:36:06 +0200
thunderbird (1:91.9.0-1) unstable; urgency=medium
* [88b99d1] New upstream version 91.9.0
Fixed CVE issues in upstream version 91.9 (MFSA 2022-18):
CVE-2022-1520: Incorrect security status shown after viewing an attached
email
CVE-2022-29914: Fullscreen notification bypass using popups
CVE-2022-29909: Bypassing permission prompt in nested browsing contexts
CVE-2022-29916: Leaking browser history with CSS variables
CVE-2022-29911: iframe sandbox bypass
CVE-2022-29912: Reader mode bypassed SameSite cookies
CVE-2022-29913: Speech Synthesis feature not properly disabled
CVE-2022-29917: Memory safety bugs fixed in Thunderbird 91.9
-- Carsten Schoenert Mon, 16 May 2022 13:51:59 +0200
thunderbird (1:91.8.1-1) unstable; urgency=medium
* [b57406c] New upstream version 91.8.1
(Closes: #1009321)
-- Carsten Schoenert Tue, 19 Apr 2022 20:27:13 +0200
thunderbird (1:91.8.0-1) unstable; urgency=medium
* [06619c5] New upstream version 91.8.0
Fixed CVE issues in upstream version 91.8 (MFSA 2022-15):
CVE-2022-1097: Use-after-free in NSSToken objects
CVE-2022-28281: Out of bounds write due to unexpected WebAuthN Extensions
CVE-2022-1197: OpenPGP revocation information was ignored
CVE-2022-1196: Use-after-free after VR Process destruction
CVE-2022-28282: Use-after-free in DocumentL10n::TranslateDocument
CVE-2022-28285: Incorrect AliasSet used in JIT Codegen
CVE-2022-28286: iframe contents could be rendered outside the border
CVE-2022-24713: Denial of Service via complex regular expressions
CVE-2022-28289: Memory safety bugs fixed in Thunderbird 91.8
-- Carsten Schoenert Wed, 06 Apr 2022 20:08:25 +0200
thunderbird (1:91.7.0-2) unstable; urgency=medium
* [c348b62] Rebuild patch-queue from patch queue branch
Added patch:
fixes/Bug-1494436-Unset-MOZ_APP_LAUNCHER-for-external-MIME-hand.patch
(Closes: #948691)
Thanks go out to Simon McVittie for preparing this patch!
-- Carsten Schoenert Wed, 16 Mar 2022 06:55:46 +0100
thunderbird (1:91.7.0-1) unstable; urgency=medium
* [952f6d0] New upstream version 91.7.0
Fixed CVE issues in upstream version 91.7 (MFSA 2022-12):
CVE-2022-26383: Browser window spoof using fullscreen mode
CVE-2022-26384: iframe allow-scripts sandbox bypass
CVE-2022-26387: Time-of-check time-of-use bug when verifying add-on
signatures
CVE-2022-26381: Use-after-free in text reflows
CVE-2022-26386: Temporary files downloaded to /tmp and accessible by other
local users
-- Carsten Schoenert Tue, 15 Mar 2022 17:54:46 +0100
thunderbird (1:91.6.2-1) unstable; urgency=medium
* [2f95b97] New upstream version 91.6.2
Fixed CVE issues in upstream version 91.6.2 (MFSA 2022-09):
CVE-2022-26485: Use-after-free in XSLT parameter processing
CVE-2022-26486: Use-after-free in WebGPU IPC Framework
-- Carsten Schoenert Tue, 08 Mar 2022 08:40:12 +0100
thunderbird (1:91.6.1-1) unstable; urgency=medium
* [3edb855] New upstream version 91.6.1
Fixed CVE issues in upstream version 91.6.1 (MFSA 2022-07):
CVE-2022-0566: Crafted email could trigger an out-of-bounds write
-- Carsten Schoenert Sat, 19 Feb 2022 11:01:46 +0100
thunderbird (1:91.6.0-1) unstable; urgency=medium
* [884ccb6] New upstream version 91.6.0
Fixed CVE issues in upstream version 91.6 (MFSA 2022-06):
CVE-2022-22754: Extensions could have bypassed permission confirmation
during update
CVE-2022-22756: Drag and dropping an image could have resulted in the
dropped object being an executable
CVE-2022-22759: Sandboxed iframes could have executed script if the parent
appended elements
CVE-2022-22760: Cross-Origin responses could be distinguished between
script and non-script content-types
CVE-2022-22761: frame-ancestors Content Security Policy directive was not
enforced for framed extension pages
CVE-2022-22763: Script Execution during invalid object state
CVE-2022-22764: Memory safety bugs fixed in Thunderbird 91.6
(Closes: #1004951)
-- Carsten Schoenert Fri, 11 Feb 2022 18:50:23 +0100
thunderbird (1:91.5.1-1) unstable; urgency=medium
* [130bab2] New upstream version 91.5.1
-- Carsten Schoenert Sun, 23 Jan 2022 18:41:12 +0100
thunderbird (1:91.5.0-2) unstable; urgency=medium
* [fd07163] autopkgtest: Run check-global-config-path.py only on Intel
-- Carsten Schoenert Wed, 12 Jan 2022 20:46:54 +0100
thunderbird (1:91.5.0-1) unstable; urgency=medium
[ Carsten Schoenert ]
* [8d4e5f8] New upstream version 91.5.0
Fixed CVE issues in upstream version 91.5 (MFSA 2022-03):
CVE-2022-22743: Browser window spoof using fullscreen mode
CVE-2022-22742: Out-of-bounds memory access when inserting text in edit
mode
CVE-2022-22741: Browser window spoof using fullscreen mode
CVE-2022-22740: Use-after-free of ChannelEventQueue::mOwner
CVE-2022-22738: Heap-buffer-overflow in blendGaussianBlur
CVE-2022-22737: Race condition when playing audio files
CVE-2021-4140: Iframe sandbox bypass with XSLT
CVE-2022-22748: Spoofed origin on external protocol launch dialog
CVE-2022-22745: Leaking cross-origin URLs through securitypolicyviolation
event
CVE-2022-22744: The 'Copy as curl' feature in DevTools did not fully
escape website-controlled data, potentially leading to
command injection
CVE-2022-22747: Crash when handling empty pkcs7 sequence
CVE-2022-22739: Missing throttling on external protocol launch dialog
CVE-2022-22751: Memory safety bugs fixed in Thunderbird 91.5
* [a86c0b4] Rebuild patch queue from patch-queue branch
Modified patch:
debian-hacks/Add-another-preferences-directory-for-applications-p.patch
Reworking the patch so LoadDirIntoArray is working again that is adding
an additional syspref folder for global settings to use.
(Closes: #997841, #1003280)
* [442988b] autopkgtest: Adding check for accessing syspref folder
[ Jochen Sprickerhof ]
* [5b5d508] d/thunderbird-wrapper.sh: Use 'command -v'
(Closes:#1002570 )
-- Carsten Schoenert Tue, 11 Jan 2022 19:12:50 +0100
thunderbird (1:91.4.1-1) unstable; urgency=medium
* [c5b36d3] New upstream version 91.4.1
Fixed CVE issues in upstream version 91.4.1 (MFSA 2021-55):
CVE-2021-4126: OpenPGP signature status doesn't consider additional
message content
CVE-2021-44538: Matrix chat library libolm bundled with Thunderbird
vulnerable to a buffer overflow
* [b66bebb] d/changelog: Update some MOZ-* entries with assigned CVEs
-- Carsten Schoenert Mon, 20 Dec 2021 16:05:02 +0100
thunderbird (1:91.4.0-1) unstable; urgency=medium
* [7752be0] d/source.filter: Small updates to filtering list
* [0899850] New upstream version 91.4.0
Fixed CVE issues in upstream version 91.4 (MFSA 2021-54):
CVE-2021-43536: URL leakage when navigating while executing asynchronous
function
CVE-2021-43537: Heap buffer overflow when using structured clone
CVE-2021-43538: Missing fullscreen and pointer lock notification when
requesting both
CVE-2021-43539: GC rooting failure when calling wasm instance methods
CVE-2021-43541: External protocol handler parameters were unescaped
CVE-2021-43542: XMLHttpRequest error codes could have leaked the existence
of an external protocol handler
CVE-2021-43543: Bypass of CSP sandbox directive when embedding
CVE-2021-43545: Denial of Service when using the Location API in a loop
CVE-2021-43546: Cursor spoofing could overlay user interface when native
cursor is zoomed
CVE-2021-43528: JavaScript unexpectedly enabled for the composition area
CVE-2021-4129: Memory safety bugs fixed in Thunderbird 91.4.0
* [afd7750] d/t.lintian-overrides: Update entries due renamed tags
Some Lintan tags were renamed, thus requires am adjustment of the existing
overrides.
* [30a387c] d/s/lintian-overrides: Adjust most of the existing entries
Same as before but for the source package.
-- Carsten Schoenert Tue, 07 Dec 2021 18:26:44 +0100
thunderbird (1:91.3.2-1) unstable; urgency=medium
* [7fd56f0] New upstream version 91.3.2
* [4fccecb] Rebuild patch queue from patch-queue branch
Added patch:
debian-hacks/Fix-Floating-Point-Normalization-breakage-on-32bit-Linux.patch
-- Carsten Schoenert Sun, 21 Nov 2021 18:29:42 +0100
thunderbird (1:91.3.0-1) unstable; urgency=medium
* [1d3e0b1] Revert "Rebuild patch queue from patch-queue branch"
The patch for fixing the broken build on i386 breaks other architectures,
so reverting for now.
* [66755b4] New upstream version 91.3.0
Fixed CVE issues in upstream version 91.3 (MFSA 2021-50):
CVE-2021-38503: iframe sandbox rules did not apply to XSLT stylesheets
CVE-2021-38504: Use-after-free in file picker dialog
CVE-2021-38506: Thunderbird could be coaxed into going into fullscreen
mode without notification or warning
CVE-2021-38507: Opportunistic Encryption in HTTP2 could be used to bypass
the Same-Origin-Policy on services hosted on other ports
CVE-2021-43535: Use-after-free in HTTP2 Session object
CVE-2021-38508: Permission Prompt could be overlaid, resulting in user
confusion and potential spoofing
CVE-2021-38509: Javascript alert box could have been spoofed onto an
arbitrary domain
CVE-2021-43534: Memory safety bugs fixed in Thunderbird ESR 91.3
-- Carsten Schoenert Wed, 03 Nov 2021 18:14:09 +0100
thunderbird (1:91.2.1-1) unstable; urgency=medium
[ Carsten Schoenert ]
* [bcb5677] d/gbp.conf: Adjust to upstream-91.x
* [12a433a] New upstream version 91.2.1
* [f935b52] Rebuild patch queue from patch-queue branch
Added patch:
debian-hacks/Fix-Floating-Point-Normalization-breakage-on-32bit-Linux.patch
* [3faba71] Disable usage of system icu package
The system packages of libicu-dev are to old for Thunderbird, we need to
use the internel pre-shipped ICU sources.
-- Carsten Schoenert Sat, 23 Oct 2021 08:59:32 +0200
thunderbird (1:91.2.0-1) experimental; urgency=medium
* [3c88844] New upstream version 91.2.0
Fixed CVE issues in upstream version 91.2 (MFSA 2021-47):
CVE-2021-38502: Downgrade attack on SMTP STARTTLS connections
CVE-2021-38496: Use-after-free in MessageTask
CVE-2021-38497: Validation message could have been overlaid on another
origin
CVE-2021-38498: Use-after-free of nsLanguageAtomService object
CVE-2021-32810: Data race in crossbeam-deque
CVE-2021-38500: Memory safety bugs fixed in Thunderbird 91.2
CVE-2021-38501: Memory safety bugs fixed in Thunderbird 91.2
(Closes: #973042)
-- Carsten Schoenert Sat, 16 Oct 2021 08:27:55 +0200
thunderbird (1:91.1.1-1) experimental; urgency=medium
* [73e3b75] New upstream version 91.1.1
* [3413d35] Rebuild patch queue from patch-queue branch
Removed patch:
fixes/Bug-1727113-Never-require-that-addons-are-signed-for-Thun.patch
-- Carsten Schoenert Mon, 20 Sep 2021 20:43:25 +0200
thunderbird (1:91.1.0-1) experimental; urgency=medium
* [0b1d9f9] New upstream version 91.1.0
Fixed CVE issues in upstream version 91.1 (MFSA 2021-41):
CVE-2021-38495: Memory safety bugs fixed in Thunderbird 91.1
* [4313e64] Rebuild patch queue from patch-queue branch
Added patch:
fixes/Bug-1727113-Never-require-that-addons-are-signed-for-Thun.patch
(Closes: #993594)
Modified patch:
porting-armhf/Bug-1526653-Include-struct-definitions-for-user_vfp-and-u.patch
* [234c566] d/rules: Don't run dh_autoreconf
(Closes: #993494)
* [bce15d7] thunderbird: Set package x11-utils as fallback
Install x11-utils only if kdialog or zenity aren't present on the system.
-- Carsten Schoenert Sun, 05 Sep 2021 07:36:10 +0200
thunderbird (1:91.0.2-1) experimental; urgency=medium
* [a5efefd] New upstream version 91.0.2
Fixed CVE issues in upstream version 91.0.1 (MFSA 2021-37):
CVE-2021-29991: Header Splitting possible with HTTP/3 Responses
* [b21a07b] d/control: increase Standards-Version to 4.6.0
No further changes needed.
-- Carsten Schoenert Mon, 23 Aug 2021 20:05:01 +0200
thunderbird (1:91.0-1) experimental; urgency=medium
* [3be73b6] d/source.filter: some updates to filtering list
* [5c87a00] New upstream version 91.0
Fixed CVE issues in upstream version 91.0 (MFSA 2021-36):
CVE-2021-29986: Race condition when resolving DNS names could have led to
memory corruption
CVE-2021-29981: Live range splitting could have led to conflicting
assignments in the JIT
CVE-2021-29988: Memory corruption as a result of incorrect style treatment
CVE-2021-29984: Incorrect instruction reordering during JIT optimization
CVE-2021-29980: Uninitialized memory in a canvas object could have led to
memory corruption
CVE-2021-29987: Users could have been tricked into accepting unwanted
permissions on Linux
CVE-2021-29985: Use-after-free media channels
CVE-2021-29982: Single bit data leak due to incorrect JIT optimization and
type confusion
CVE-2021-29989: Memory safety bugs fixed in Thunderbird 91
(Closes: #640927, #944208, #958433, #952853, #971722, #982670)
* [0157fe4] d/control: Add new package thunderbird-l10n-af
Upstream ships localizations for Africaans.
* [f23e9e0] d/control: Add new package thunderbird-l10n-en-ca
Upstream ships localizations for English (Canada).
* [8b3cee9] d/control: Add new package thunderbird-l10n-lv
Upstream ships localizations for Latvian.
* [cad58ea] d/control: Add new package thunderbird-l10n-pa-in
Upstream ships localizations for Punjabi (Gurmukhi).
* [aecc2da] d/control: Add new package thunderbird-l10n-th
Upstream ships localizations for Thai.
* [9707e8a] Moving over to debhelper-compat
Switch over to recent debhelper-compat 13.
* [2934049] d/rules: Customize dh_missing call
Due debhelper-compat dh_missing needs some aditional tweaking as we need
to ignore some files which are built and installed into the tempory
install folder but not installed into the package(s).
* [7df72c6] d/rules: Don't use dwz
Running and using dwz is bringing no gain and produces issues to, can be
ignored for now.
* [1709f28] d/control: Remove non existing packages from Breaks
xul-ext-firetray and xul-ext-quotecolors are gone from the supported
releases.
* [f160918] d/control: Adding Rules-Requires-Root: no
No specific root access required so far while package build.
-- Carsten Schoenert Sat, 14 Aug 2021 18:27:21 +0200
thunderbird (1:91.0~b5-1) experimental; urgency=medium
* [119a49f] d/control: Adjust VCS links to branch debian/experimental
* [7ae6acc] d/source.filter: some updates to filtering list
* [e28b2f9] New upstream version 91.0~b5
-- Carsten Schoenert Sun, 01 Aug 2021 09:21:27 +0200
thunderbird (1:91.0~b3-1) experimental; urgency=medium
* [90a153b] New upstream version 91.0~b3
* [ada2cf0] d/control: Remove transitional package lightning
* [3e5087f] d/control: Remove obsolete lightning-l10-* packages
* [6eac520] d/control: Remove Suggests on libgtk2.0-0 fur thunderbird
(Closes: #967771)
-- Carsten Schoenert Sat, 24 Jul 2021 10:37:52 +0200
thunderbird (1:91.0~b1-1) experimental; urgency=medium
* [78f0ddb] d/source.filter: some updates to filtering list
* [3d29fcf] New upstream version 91.0~b1
(Closes: #990631)
* [daa7fab] d/control: Increase some Build-Depends
* [f4bfd22] d/control: Remove libgtk2.0-dev from Build-Depends
* [ad4e281] d/s/lintian-overrides: Adding one more file to ignore
-- Carsten Schoenert Mon, 19 Jul 2021 22:04:15 +0200
thunderbird (1:90.0~b2-1) experimental; urgency=medium
[ Carsten Schoenert ]
* [3cc0d66] d/source.filter: some updates to filtering list
* [3c76a94] New upstream version 90.0~b2
* [46718fe] rebuild patch queue from patch-queue branch
removed patches:
fixes/reduce-the-rust-debuginfo-level-on-selected-architectures.patch
debian-hacks/Work-around-Debian-bug-844357.patch
* [156d3c9] d/thunderbird.1: Correct debugger option
* [ca7daca] /u/l/thunderbird: Correct escape sequencing for gdb calling
(Closes: #976979)
* [f310330] d/thunderbird-wrapper.sh: Use '${}' syntax for variables
* [0ef3788] d/thunderbird.install: Remove gtk2 cruft
* [17b0510] d/copyright: Update due removed content
* [feca305] d/s/lintian-override: Remove two no longer existing entries
[ Kevin Locke ]
* [dbe3c3e] d/thunderbird-wrapper.sh: Make gdb call more fail safe
(Closes:#942799)
-- Carsten Schoenert Sun, 20 Jun 2021 14:51:49 +0200
thunderbird (1:89.0~b2-1) experimental; urgency=medium
* [74911c7] New upstream version 89.0~b2
* [b4fef2a] rebuild patch queue from patch-queue branch
modified patches:
debian-hacks/Don-t-register-plugins-if-the-MOZILLA_DISABLE_PLUGIN.patch
porting-armhf/Don-t-use-LLVM-internal-assembler-on-armhf.patch
porting-kfreebsd-hurd/FTBFS-hurd-fixing-unsupported-platform-Hurd.patch
removed patches:
debian-hacks/Don-t-register-plugins-if-the-MOZILLA_DISABLE_PLUGIN.patch
* [ea6a29e] d/control: Increase B-D for cbindgen and libnss3-dev
-- Carsten Schoenert Thu, 03 Jun 2021 19:40:08 +0200
thunderbird (1:88.0~b2-1) experimental; urgency=medium
[ Carsten Schoenert ]
* [7af1a0b] New upstream version 88.0~b2
* [30d1d48] rebuild patch queue from patch-queue branch
modified patch:
debian-hacks/Add-another-preferences-directory-for-applications-p.patch
porting-armhf/Don-t-use-LLVM-internal-assembler-on-armhf.patch
removed patches (included upstream):
porting-arm/Reduce-memory-usage-while-linking-on-arm-el-hf-platforms.patch
porting-s390x/Explicitly-instantiate-TIntermTraverser-traverse-TIntermN.patch
renamed patch:
fixes/Load-dependent-libraries-with-their-real-path-to-avo.patch ->
fixes/Load-dependent-libraries-with-their-real-path.patch
* [f45da92] d/control: Increase B-D for libnss3-dev
[ Colomban Wendling ]
* [bbf78cb] d/thunderbird.desktop: Switch StartupWMClass (Closes: #985366)
[ Carsten Schoenert ]
* [a2cc9e0] d/control: Adding nasm to Build-Depends
* [41fad62] d/copyright: update due removed content
-- Carsten Schoenert Sun, 11 Apr 2021 13:50:27 +0200
thunderbird (1:86.0~b3-1) experimental; urgency=medium
[ Carsten Schoenert ]
* [002f597,fe0515b] d/source.filter: updating the filtering list
* [dfafc89,35d050f] d/copyright: updates due upstream changes
Add Apache2 notice for third_party/python/coverage
* [24c009c] lintian: adding override for false positive in SVG file
* [d316a1c] New upstream version 86.0~b3
* [20dc687] rebuild patch queue from patch-queue branch
modified patch:
debian/patches/porting-kfreebsd-hurd/adding-missed-HURD-adoptions.patch
* [21b86f0] d/copyright: update due removed content
* [7fc9755] d/s/lintian-override: path for TeXZilla.js has changed
* [33c5d5a] d/s/lintian-override: remove JS file
* [825a440] d/control: Increase B-D for cbindgen
[ Pino Toscano ]
* [35c3c3b] thunderbird: Stop shipping /u/s/p/thunderbird.png symlink
-- Carsten Schoenert Sat, 13 Feb 2021 13:41:36 +0100
thunderbird (1:85.0~b3-1) experimental; urgency=medium
* [b142ac6] New upstream version 85.0~b3
* [0d2221a] d/control: Increase various B-D versions
* [e4eb52e] rebuild patch queue from patch-queue branch
added patch:
debian-hacks/Decrease-Cargo-minimal-version-to-1.46.0.patch
updated patches:
debian-hacks/Use-remoting-name-for-call-to-gdk_set_program_class.patch
fixes/reduce-the-rust-debuginfo-level-on-selected-architectures.patch
-- Carsten Schoenert Thu, 31 Dec 2020 20:39:53 +0100
thunderbird (1:84.0~b3-1) experimental; urgency=medium
* [fad5103] calendar-google-provider*: removing left over cruft
* [b095d8e] thunderbird.NEWS: Add hint about integration of OpenPGP support
* [0f6bdf3] Revert "d/tb.lintian-overrides: ignore warning about none
versioned breaks"
* [f10f80c] d/copyright: update content
* [9c3fb20] d/source.filter: some updates to filtering list
* [c9b8274] New upstream version 84.0~b3
* [adf3835] rebuild patch queue from patch-queue branch
removed patches:
fixes/Add-missing-bindings-for-mips-in-the-authenticator-crate.patch
fixes/fix-function-nsMsgComposeAndSend-to-respect-Replo.patch
porting-armel/Bug-1463035-Remove-MOZ_SIGNAL_TRAMPOLINE.-r-darchons.patch
porting-mips/Bug-1642265-MIPS64-Add-branchTestSymbol-and-fallibleUnbox.patch
porting-s390x/Use-more-recent-embedded-version-of-sqlite3.patch
porting-m68k/Add-m68k-support-to-Thunderbird.patch
porting-sh4/Add-sh4-support-to-Thunderbird.patch
* [3ff9c9d] thunderbird-l10n-all: add thunderbird-l10n-cy
(Closes: #974127)
* [393490c] d/control: remove l10n package for Sinhala
* [1f4e966] d/control: increase Standards-Version to 4.5.1
No further changes needed.
* [288afdd] d/rules: use python3 explicitly while calling mach
Using the Python 3 interpreter is needed otherwise the Mozilla magic tries
to use a non existing virtualenv environment.
* [a509bdf] d/watch: update to version 4
No further changes needed.
* [fc6b358] d/copyright: update some more content
Updating the copyright information due upstream modifications.
* [3bd5713] d/s/lintian-overrides: Adding more file to ignore
-- Carsten Schoenert Mon, 14 Dec 2020 15:24:59 +0100
thunderbird (1:78.14.0-1) unstable; urgency=medium
* [6dc6817] d/changelog: Correct TB version for referenced MFSA
* [38f01f4] d/rules: Don't run dh_autoreconf
(Closes: #993494)
* [09c4cde] New upstream version 78.14.0
Fixed CVE issues in upstream version 78.14.0 (MFSA 2021-42):
CVE-2021-38493: Memory safety bugs fixed in Thunderbird 78.14 and
Thunderbird 91.1
-- Carsten Schoenert Wed, 08 Sep 2021 19:57:22 +0200
thunderbird (1:78.13.0-1) unstable; urgency=medium
* [b4498b0] New upstream version 78.13.0
Fixed CVE issues in upstream version 78.13.0 (MFSA 2021-35):
CVE-2021-29986: Race condition when resolving DNS names could have led to
memory corruption
CVE-2021-29988: Memory corruption as a result of incorrect style treatment
CVE-2021-29984: Incorrect instruction reordering during JIT optimization
CVE-2021-29980: Uninitialized memory in a canvas object could have led to
memory corruption
CVE-2021-29985: Use-after-free media channels
CVE-2021-29989: Memory safety bugs fixed in Thunderbird 78.13
-- Carsten Schoenert Thu, 12 Aug 2021 16:13:25 +0200
thunderbird (1:78.12.0-1) unstable; urgency=medium
* [74d3cdb] New upstream version 78.12.0
Fixed CVE issues in upstream version 78.12 (MFSA 2021-30):
CVE-2021-29969: IMAP server responses sent by a MITM prior to STARTTLS
could be processed
CVE-2021-29970: Use-after-free in accessibility features of a document
CVE-2021-30547: Out of bounds write in ANGLE
CVE-2021-29976: Memory safety bugs fixed in Thunderbird 78.12
-- Carsten Schoenert Sat, 17 Jul 2021 09:33:28 +0200
thunderbird (1:78.11.0-2) unstable; urgency=medium
[ Carsten Schoenert ]
* [241e539] d/thunderbird.1: Correct debugger option
Remove parts that are no longer valid, especially there is no dedicated
shell script any more the user has to start, calling 'thunderbird -g' is
enough to start a GDB call.
* [66deb37] thunderbird: Use internal NSS source while package built
(Closes: #989839, #989843, #989979, #989983, #989922, #990012)
* [07fb6ef] d/thunderbird-wrapper.sh: Use '${}' syntax for variables
[ Kevin Locke ]
* [d003e26] d/thunderbird-wrapper.sh: Make gdb call more fail safe
(Closes: #942799)
-- Carsten Schoenert Sun, 20 Jun 2021 07:20:41 +0200
thunderbird (1:78.11.0-1) unstable; urgency=medium
* [42c4a87] New upstream version 78.11.0
Fixed CVE issues in upstream version 78.11 (MFSA 2021-26):
CVE-2021-29967: Memory safety bugs fixed in Thunderbird 78.11
-- Carsten Schoenert Thu, 03 Jun 2021 17:22:34 +0200
thunderbird (1:78.10.2-1) unstable; urgency=medium
* [69552d8] New upstream version 78.10.2
Fixed CVE issues in upstream version 78.10.2 (MFSA 2021-22):
CVE-2021-29957: Partial protection of inline OpenPGP message not indicated
CVE-2021-29956: Thunderbird stored OpenPGP secret keys without master
password protection
-- Carsten Schoenert Wed, 19 May 2021 21:57:11 +0200
thunderbird (1:78.10.0-1) unstable; urgency=medium
* [f38d78f] New upstream version 78.10.0
Fixed CVE issues in upstream version 78.10 (MFSA 2021-15):
CVE-2021-23994: Out of bound write due to lazy initialization
CVE-2021-23995: Use-after-free in Responsive Design Mode
CVE-2021-23998: Secure Lock icon could have been spoofed
CVE-2021-23961: More internal network hosts could have been probed by a
malicious webpage
CVE-2021-23999: Blob URLs may have been granted additional privileges
CVE-2021-24002: Arbitrary FTP command execution on FTP servers using an
encoded URL
CVE-2021-29945: Incorrect size computation in WebAssembly JIT could lead
to null-reads (This issue only affected x86-32 platforms.)
CVE-2021-29946: Port blocking could be bypassed
CVE-2021-29948: Race condition when reading from disk while verifying
signatures
-- Carsten Schoenert Mon, 19 Apr 2021 20:00:32 +0200
thunderbird (1:78.9.0-1) unstable; urgency=medium
[ Colomban Wendling ]
* [7d454de] d/thunderbird.desktop: Switch StartupWMClass
(Closes: #985366)
[ Carsten Schoenert ]
* [23fe9ce] d/source.filter: small update to filtering list
* [828b9d7] New upstream version 78.9.0
Fixed CVE issues in upstream version 78.9 (MFSA 2021-12):
CVE-2021-23981: Texture upload into an unbound backing buffer resulted in
an out-of-bound read
CVE-2021-23982: Internal network hosts could have been probed by a
malicious webpage
CVE-2021-23984: Malicious extensions could have spoofed popup information
CVE-2021-23987: Memory safety bugs fixed in Thunderbird 78.9
* [cf4fbde] rebuild patch queue from patch-queue branch
Removed patch (included upstream):
porting-s390x/Explicitly-instantiate-TIntermTraverser-traverse-TIntermN.patch
-- Carsten Schoenert Tue, 23 Mar 2021 15:55:43 +0100
thunderbird (1:78.8.0-1) unstable; urgency=medium
[ Pino Toscano ]
* [f2f1f3f] thunderbird: Stop shipping /u/s/p/thunderbird.png symlink
[ Carsten Schoenert ]
* [f5707a7] New upstream version 78.8.0
Fixed CVE issues in upstream version 78.8 (MFSA 2021-09):
CVE-2021-23969: Content Security Policy violation report could have
contained the destination of a redirect
CVE-2021-23968: Content Security Policy violation report could have
contained the destination of a redirect
CVE-2021-23973: MediaError message property could have leaked information
about cross-origin resources
CVE-2021-23978: Memory safety bugs fixed in Thunderbird 78.8
-- Carsten Schoenert Sun, 21 Feb 2021 14:58:05 +0100
thunderbird (1:78.7.1-1) unstable; urgency=medium
* [406f9d7] New upstream version 78.7.1
-- Carsten Schoenert Fri, 05 Feb 2021 20:12:59 +0100
thunderbird (1:78.7.0-1) unstable; urgency=medium
* [8751354] New upstream version 78.7.0
Fixed CVE issues in upstream version 78.7 (MFSA 2021-05):
CVE-2021-23953: Cross-origin information leakage via redirected PDF
requests
CVE-2021-23954: Type confusion when using logical assignment operators in
JavaScript switch statements
CVE-2020-15685: IMAP Response Injection when using STARTTLS
CVE-2020-26976: HTTPS pages could have been intercepted by a registered
service worker when they should not have been
CVE-2021-23960: Use-after-poison for incorrectly redeclared JavaScript
variables during GC
CVE-2021-23964: Memory safety bugs fixed in Thunderbird 78.7
* [4b0c0a7] rebuild patch queue from patch-queue branch
removed patch (included upstream):
porting-mips/Bug-1642265-MIPS64-Add-branchTestSymbol-and-fallibleUnbox.patch
-- Carsten Schoenert Fri, 29 Jan 2021 20:45:49 +0100
thunderbird (1:78.6.1-1) unstable; urgency=medium
[ Carsten Schoenert ]
* [67f6117] Add Apache2 notice for third_party/python/coverage
* [38b9ff7] lintian: adding override for false positive in SVG file
[ Carles Pina i Estany ]
* [529d53a] d/thunderbird-wrapper.sh: Unset DEBUG/DEBUGGER variables
(Closes: #960230)
* [6d48708] d/thunderbird-wrapper-helper.sh: Adjust help text
[ Carsten Schoenert ]
* [5309e91] d/thunderbird-wrapper*.sh: Prefixing some local variables
* [07b4733] New upstream version 78.6.1
Fixed CVE issues in upstream version 78.6.1 (MFSA 2021-02):
CVE-2020-16044: Use-after-free write when handling a malicious
COOKIE-ECHO SCTP chunk
-- Carsten Schoenert Sat, 16 Jan 2021 14:59:02 +0100
thunderbird (1:78.6.0-1) unstable; urgency=medium
* [1410f1e] d/watch: update to version 4
* [a8303b7] d/rules: use python3 explicitly while calling mach
* [f3f535e] New upstream version 78.6.0
Fixed CVE issues in upstream version 78.6 (MFSA 2020-56):
CVE-2020-16042: Operations on a BigInt could have caused uninitialized
memory to be exposed
CVE-2020-26971: Heap buffer overflow in WebGL
CVE-2020-26973: CSS Sanitizer performed incorrect sanitization
CVE-2020-26974: Incorrect cast of StyleGenericFlexBasis resulted in a heap
use-after-free
CVE-2020-26978: Internal network hosts could have been probed by a
malicious webpage
CVE-2020-35111: The proxy.onRequest API did not catch view-source URLs
CVE-2020-35112: Opening an extension-less download may have inadvertently
launched an executable instead
CVE-2020-35113: Memory safety bugs fixed in Thunderbird 78.6
(Closes: #972072, #973697)
* [16a7ab7] /u/l/thunderbird: Correct escape sequencing for gdb calling
We need to do a better escaping of values of the '-ex' option otherwise
the shell is refusing the concatenated string we want to use as call.
(Closes: #976979)
-- Carsten Schoenert Tue, 15 Dec 2020 10:12:34 +0100
thunderbird (1:78.5.1-1) unstable; urgency=medium
* [08556c2] New upstream version 78.5.1
Fixed CVE issues in upstream version 78.5.1 (MFSA 2020-53):
CVE-2020-26970: Stack overflow due to incorrect parsing of SMTP server
response codes
* [7047340] rebuild patch queue from patch-queue branch
removed patch (included upstream):
fixes/fix-function-nsMsgComposeAndSend-to-respect-Replo.patch
* [40663bb] debian/control: increase Standards-Version to 4.5.1
No further changes needed.
-- Carsten Schoenert Thu, 03 Dec 2020 05:35:04 +0100
thunderbird (1:78.5.0-1) unstable; urgency=medium
* [7842f02] New upstream version 78.5.0
Fixed CVE issues in upstream version 78.5 (MFSA 2020-51):
CVE-2020-26951: Parsing mismatches could confuse and bypass security
sanitizer for chrome privileged code
CVE-2020-16012: Variable time processing of cross-origin images during
drawImage calls
CVE-2020-26953: Fullscreen could be enabled without displaying the
security UI
CVE-2020-26956: XSS through paste (manual and clipboard API)
CVE-2020-26958: Requests intercepted through ServiceWorkers lacked MIME
type restrictions
CVE-2020-26959: Use-after-free in WebRequestService
CVE-2020-26960: Potential use-after-free in uses of nsTArray
CVE-2020-15999: Heap buffer overflow in freetype
CVE-2020-26961: DoH did not filter IPv4 mapped IP Addresses
CVE-2020-26965: Software keyboards may have remembered typed passwords
CVE-2020-26966: Single-word search queries were also broadcast to local
network
CVE-2020-26968: Memory safety bugs fixed in Thunderbird 78.5
* [e19743e] rebuild patch queue from patch-queue branch
removed patch (included upstream):
fixes/Bug-1663715-Update-syn-and-proc-macro2-so-that-Firefox-ca.patch
-- Carsten Schoenert Wed, 18 Nov 2020 20:06:09 +0100
thunderbird (1:78.4.2-1) unstable; urgency=medium
* [c7f4ed2] New upstream version 78.4.2
Fixed CVE issues in upstream version 78.4 (MFSA 2020-49):
CVE-2020-26950: Write side effects in MCallGetProperty opcode not
accounted for
* [c3a617d] rebuild patch queue from patch-queue branch
added patch:
fixes/Bug-1663715-Update-syn-and-proc-macro2-so-that-Firefox-ca.patch
* [8e4e7ad] thunderbird-l10n-all: add thunderbird-l10n-cy
(Closes: #974127)
-- Carsten Schoenert Tue, 10 Nov 2020 21:19:15 +0100
thunderbird (1:78.4.1-1) unstable; urgency=medium
* [cf8bf1e] New upstream version 78.4.1
* [529000c] rebuild patch queue from patch-queue branch
added patches:
fixes/Bug-1650299-Unify-the-inclusion-of-the-ICU-data-file.-r-f.patch
fixes/Don-t-build-ICU-in-parallel.patch
Patches are picked from Firefox and fixing FTBFS on s390x within buster.
-- Carsten Schoenert Fri, 06 Nov 2020 21:53:24 +0100
thunderbird (1:78.4.0-1) unstable; urgency=medium
[ Emilio Pozuelo Monfort ]
* [652f8de] install the apparmor profile in thunderbird.install
[ Carsten Schoenert ]
* [5240d53] Revert "thunderbird.install: adjust.desktop renamed file name"
(Closes: #972601)
* [861b21a] Revert "Rename .desktop file for AppStream compliance"
(Closes: #972578)
* [ffc5818] New upstream version 78.4.0
Fixed CVE issues in upstream version 78.4 (MFSA 2020-47):
CVE-2020-15969: Use-after-free in usersctp
CVE-2020-15683: Memory safety bugs fixed in Thunderbird 78.4
* [81396e3] rebuild patch queue from patch-queue branch
removed patches (fixed upstream):
porting-mips/Bug-1649655-MIPS-Add-CodeGenerator-visitWasmRegisterResul.patch
porting/Bug-1666646-Bump-CodeAlignment-to-8-in-MacroAssembler-non.patch
modified patches:
fixes/Appdata-Adding-some-German-translations.patch
fixes/Appdata-Fix-up-AppStream-error-by-adding-missing-field.patch
Minor fine tuning to the AppStream specific parts but also revert some
translation entries as they are not intend to be translatable.
These modification also in correlation with the mentioned bug reports above
which are closed by the other adjustments.
-- Carsten Schoenert Thu, 22 Oct 2020 18:48:25 +0200
thunderbird (1:78.3.3-1) unstable; urgency=medium
[ Emilio Pozuelo Monfort ]
* [6f18974] Remove duplicated --disable-debug-symbols flag
* [1119d50] Print a verbose build log by not calling the mach wrapper
* [fcf7c11] Exclude -g from CXXFLAGS as well
[ Carsten Schoenert ]
* [9eb159f] New upstream version 78.3.3
* [47171dc] rebuild patch queue from patch-queue branch
added patches:
fixes/Appdata-Adding-some-German-translations.patch
fixes/Appdata-Fix-up-AppStream-error-by-adding-missing-field.patch
* [1474d91] Rename .desktop file for AppStream compliance
* [10e49a9] thunderbird.install: adjust.desktop renamed file name
* [018bbc1] thunderbird.pc: remove left over cruft
-- Carsten Schoenert Sun, 18 Oct 2020 08:49:20 +0200
thunderbird (1:78.3.2-1) unstable; urgency=medium
* [0b2f19f] d/rules: remove hand crafted icu build
Cherry-picked from debian/buster branch.
The possible required build of the ICU if the usage of an external ICU
library is now handled by the upstream build system.
* [1583517] d/rules: rewrite dpkg_buildflags to remove option '-g'
Cherry-picked from debian/buster branch.
We need to remove the option '-g' from the dpkg_buildflags variable for
real if we want a build without debugging information (e.g. on 32bit
architectures).
* [fb4c9c4] New upstream version 78.3.2
* [9d5e2b9] d/rules: install the language Add-ons into /u/l/t/e
Do not install the thunderbird-l10n packages into /usr/share/thunderbird
any more, install them directly into /usr/libt/thunderbird/extensions.
This simplifies the package structures as there is no real need to install
the packages into /usr/share/thunderbird and linking them back.
-- Carsten Schoenert Fri, 09 Oct 2020 19:49:45 +0200
thunderbird (1:78.3.1-2) unstable; urgency=medium
* [649f664] rebuild patch queue from patch-queue branch
added patches:
fixes/reduce-the-rust-debuginfo-level-on-selected-architectures.patch
porting-s390x/Explicitly-instantiate-TIntermTraverser-traverse-TIntermN.patch
-- Carsten Schoenert Wed, 30 Sep 2020 19:10:27 +0200
thunderbird (1:78.3.1-1) unstable; urgency=medium
[ Carsten Schoenert ]
* [6bd965f] New upstream version 78.3.1
Fixed CVE issues in upstream version 78.3.1 (MFSA 2020-44):
CVE-2020-15677: Download origin spoofing via redirect
CVE-2020-15676: XSS when pasting attacker-controlled data into a
contenteditable element
CVE-2020-15678: When recursing through layers while scrolling, an iterator
may have become invalid, resulting in a potential
use-after-free scenario
CVE-2020-15673: Memory safety bugs fixed in Thunderbird 78.3
* [8ba13c5] rebuild patch queue from patch-queue branch
added patches(picked from firefox packaging):
fixes/Add-missing-bindings-for-mips-in-the-authenticator-crate.patch
porting-mips/Bug-1642265-MIPS64-Add-branchTestSymbol-and-fallibleUnbox.patch
porting-mips/Bug-1649655-MIPS-Add-CodeGenerator-visitWasmRegisterResul.patch
porting/Bug-1666646-Bump-CodeAlignment-to-8-in-MacroAssembler-non.patch
removed patch(fixed upstream):
fixes/Bug-1664607-Don-t-try-to-load-what-s-new-page-when-built-.patch
* [c6d282d] calendar-google-provider*: removing left over cruft
There are two left over sequencer files from the calendar-google-package,
not need any more since 1:68.2.2-1
* [cf37615] d/README.Debian: Update and adding new information
Some updated information regarding the now included OpenPGP support, also
updating some grammar for 'Add-on'.
* [faf225b] thunderbird.NEWS: Add hint about integration of OpenPGP support
Giving the user a information about the OpenPGP status within Thunderbird
since the version 78.0.
* [d6f4f0e] Revert "d/tb.lintian-overrides: ignore warning about none
versioned breaks"
* [9e6cbec] d/copyright: update content
-- Carsten Schoenert Sun, 27 Sep 2020 09:08:29 +0200
thunderbird (1:78.2.2-1) experimental; urgency=medium
* [c6592e8] New upstream version 78.2.2
* [28f5fce] rebuild patch queue from patch-queue branch
added patches:
fixes/Bug-1664607-Don-t-try-to-load-what-s-new-page-when-built-.patch
porting-s390x/Use-more-recent-embedded-version-of-sqlite3.patch
* [4866c06] d/mozconfig.default: add extra config options for ppc64el
-- Carsten Schoenert Sun, 13 Sep 2020 08:58:44 +0200
thunderbird (1:78.2.1-1) experimental; urgency=medium
* [1f3f76b] d/rules: drop C{,XX}FLAGS originally intended for GCC6
* [4490e37] d/mozconfig.default: add options for mips64el
* [17b4e5c] d/rules: Don't build debug symbols on 32Bit arch
* [6dff7e0] d/rules: adding -Wl,--as-needed to linker flags
* [a213a7f] New upstream version 78.2.1
-- Carsten Schoenert Sun, 30 Aug 2020 14:38:17 +0200
thunderbird (1:78.2.0-1) experimental; urgency=medium
[ intrigeri ]
* [f6fcafd] d/control: drop hard dependency on libgtk2.0-0
(Closes: #908654)
* [85b7a2e] autopkgtests: fix typo in comment
* [4bd70ae] d/mozconfig.default: fix typos in comments
* [d986a6d] d/control: allow Enigmail 2.2.0 and newer
(Closes: #968707)
[ Carsten Schoenert ]
* [52b4006] d/control: increase B-D for libnss3
(Closes: #966805)
* [7794563] New upstream version 78.2.0
Fixed CVE issues in upstream version 78.2.0 (MFSA 2020-41):
CVE-2020-15663: Downgrade attack on the Mozilla Maintenance Service could
have resulted in escalation of privilege
CVE-2020-15664: Attacker-induced prompt for extension installation
CVE-2020-15670: Memory safety bugs fixed in Thunderbird 78.2
* [623f853] rebuild patch queue from patch-queue branch
No modifications made, just updating the index.
-- Carsten Schoenert Wed, 26 Aug 2020 20:41:28 +0200
thunderbird (1:78.1.1-1) experimental; urgency=medium
* [5fb842b] d/mozconfig.default: adding new option regarding Add-Ons
Adding additional options --allow-addon-sideload and
--with-unsigned-addon-scopes=app,system. These option are adopted and
taken from the firefox package.
* [8de0b35] New upstream version 78.1.1
* [4abe5ed] d/copyright: update content
Some small updates to the copyright information.
* [3caa541] d/control: adding new B-D for botan and json-c
The upstream source now offers the possibility to use the system
libraries for botan and json-c, for this we need to have both libraries
installed for building Thunderbird.
* [251d524] d/mozconfig.default: use botan and json-c system libraries
Turn on the configuration flags for botan and also for json-c that let
the build use the installed provided system libraries instead of using
internal versions.
* [a32a163] rebuild patch queue from patch-queue branch
removed patch:
debian-hacks/stop-configure-if-with-system-bz2-was-passed-but-no-.patch
Upstream has now (again) a configure option for using a installed system
bzip2 library that makes our added patch for this not needed anymore.
* [16c91c0] lintian: remove override for embedded bzip2 in librnp.so
-- Carsten Schoenert Sat, 08 Aug 2020 19:16:08 +0200
thunderbird (1:78.1.0-1) experimental; urgency=medium
* [c4099cd] New upstream version 78.1.0
Fixed CVE issues in upstream version 78.1.0 (MFSA 2020-33):
CVE-2020-15652: Potential leak of redirect targets when loading scripts in
a worker
CVE-2020-6514: WebRTC data channel leaks internal address to peer
CVE-2020-15655: Extension APIs could be used to bypass Same-Origin Policy
CVE-2020-15653: Bypassing iframe sandbox when allowing popups
CVE-2020-6463: Use-after-free in ANGLE gl::Texture::onUnbindAsSamplerTexture
CVE-2020-15656: Type confusion for special arguments in IonMonkey
CVE-2020-15658: Overriding file type when saving to disk
CVE-2020-15657: DLL hijacking due to incorrect loading path
CVE-2020-15654: Custom cursor can overlay user interface
CVE-2020-15659: Memory safety bugs fixed in Thunderbird 78.1
-- Carsten Schoenert Fri, 31 Jul 2020 19:35:57 +0200
thunderbird (1:78.0.1-1) experimental; urgency=medium
* [5450d8d] d/control: increase B-D for libnss3
* [9749d1d] d/control: drop B-D on python2 and move over to python3
* [b31360b] d/xpi-pack.sh: adding xpi-pack shell script
* [89ede80] Drop mozilla-devscripts as B-D
* [f3b2ced] New upstream version 78.0.1
* [1847202] d/tb.lintian-overrides: ignore warning about none versioned
breaks
* [d56c922] d/lightning.links: removing left over sequencer file
-- Carsten Schoenert Wed, 22 Jul 2020 20:11:25 +0200
thunderbird (1:78.0-1) experimental; urgency=medium
* [1016cc5] New upstream version 78.0
Fixed CVE issues in upstream version 78.0 (MFSA 2020-29):
CVE-2020-12415: AppCache manifest poisoning due to url encoded character
processing
CVE-2020-12416: Use-after-free in WebRTC VideoBroadcaster
CVE-2020-12417: Memory corruption due to missing sign-extension for
ValueTags on ARM64
CVE-2020-12418: Information disclosure due to manipulated URL object
CVE-2020-12419: Use-after-free in nsGlobalWindowInner
CVE-2020-12420: Use-After-Free when trying to connect to a STUN server
CVE-2020-15648: X-Frame-Options bypass using object or embed tags
CVE-2020-12402: RSA Key Generation vulnerable to side-channel attack
CVE-2020-12421: Add-On updates did not respect the same certificate trust
rules as software updates
CVE-2020-12422: Integer overflow in nsJPEGEncoder::emptyOutputBuffer
CVE-2020-12424: WebRTC permission prompt could have been bypassed by a
compromised content process
CVE-2020-12425: Out of bound read in Date.parse()
CVE-2020-12426: Memory safety bugs fixed in Thunderbird 78
* [ad66b04] rebuild patch queue from patch-queue branch
reworked patch:
porting-kfreebsd-hurd/LDAP-support-building-on-GNU-kFreeBSD-and-GNU-Hurd.patch
* [4a2039c] d/mozconfig.default: enable OpenPGP feature build
-- Carsten Schoenert Thu, 16 Jul 2020 19:15:25 +0200
thunderbird (1:78.0~b2-1) experimental; urgency=medium
* [c8da927] d/source.filter: fix obviously happen typo
* [c513a96] New upstream version 78.0~b2
* [6e9104e] d/control: tb, adding binary version to lightning provides
Make the Provides for Lightning a versioned provide.
* [8adec8f] enigmail: let any version of Enigmail break
We now can break on any Enigmail version, the Enigmail functions are now
included in Thunderbird and don't want to have an Enigmail package get
installed in parallel.
* [696b1fc] xul-ext-*/webext-*: adding more extensions to break
Quite all of the current packaged Thunderbird extensions will not work
for now with Thunderbird 78.*, adding/renaming the current know packages
with recent versions to Breaks for thunderbird.
* [e488d0c] thunderbird: remove some non-existing packages from Breaks
The listed packages
xul-ext-foxyproxy-standard
xul-ext-gnome-keyring
xul-ext-nostalgy
aren't in any supported release so we don't need them any more within a
Breaks for thunderbird.
* [039ee90] thunderbird: remove outdated myspell packages from Breaks
All previously listed myspell packages in Breaks for thunderbird aren't
reachable with the given version any more. We can remove them safely.
* [08ea0ba] thunderbird: remove outdated hunspell packages from Breaks
The same is true for the hunspell packages that were listed in the Breaks
field for thunderbird.
-- Carsten Schoenert Sat, 20 Jun 2020 18:04:59 +0200
thunderbird (1:78.0~b1-1) experimental; urgency=medium
[ Carsten Schoenert ]
* [625efa9] d/source.filter: some updates to filtering list
Recent modification of the shipped files in the upstream tarball do
require small updates of the filter list we use to repack the tarball.
* [967ee19] New upstream version 78.0~b1
* [240991e] rebuild patch queue from patch-queue branch
removed patch:
debian-hacks/use-icudt-b-l-.dat-depending-on-architecture.patch
This will require some additional adjustment later for the stable-security
uploads as this patch was required to get a recent ICU version build
before the build of the thunderbird sources did start.
reworked patch:
debian-hacks/stop-configure-if-with-system-bz2-was-passed-but-no-.patch
* [07cab53] d/mozconfig.default: remove no longer existing options
By this release a lot of old configure options are kicked out, some of
them we have used until now. We need to remove these from the config.
* [df2e99b] d/copyright: update content
As usual some required update of the copyright file, more files are not
shipped anymore.
[ intrigeri ]
* [82a4b03] AppArmor: update profile from upstream at commit 860d2d9
(cherry-picked from unstable)
-- Carsten Schoenert Sat, 13 Jun 2020 20:01:39 +0200
thunderbird (1:77.0~b3-1) experimental; urgency=medium
* [82de2f6] New upstream version 77.0~b3
* [8beaf6f] rebuild patch queue from patch-queue branch
removed patch (included upstream):
fixes/Bug-1634994-fix-disable-av1-r-tnikkel.patch
* [ab2d7a2] d/copyright: Add license for appstream xml file
* [1533187] d/source.filter: Remove some *.wasm files as well
* [7cdfe03] d/thunderbird.lintian-overrides: Some more needed overrides
We need currently the included bzip library. Also add a false positive
about the misread postinst script.
* [9385fd4b] d/control: Remove doubled listed package libglib2.0-dev
Drop a doubled listed package libglib2.0-dev within B-D.
-- Carsten Schoenert Wed, 20 May 2020 20:58:09 +0200
thunderbird (1:77.0~b2-1) experimental; urgency=medium
* [185d4f7] New upstream version 77.0~b2
* [e918036] rebuild patch queue from patch-queue branch
removed patch:
fixes/Bug-1635671-Upgrade-typename-to-1.12.0.-r-emilio.patch
* [c1979ce] d/mozconfig.default: Remove obsolete options
Drop the options '--with-distribution-id' and '--with-user-appdir'.
The former is basically only supporting the given default 'org.mozilla'
and the latter was set to the default '.mozilla' anyway.
-- Carsten Schoenert Sat, 16 May 2020 14:04:02 +0200
thunderbird (1:77.0~b1-1) experimental; urgency=medium
* [ee06e6e] New upstream version 77.0~b1
* [a21b649] rebuild patch queue from patch-queue branch
removed patches (not needed any more):
lower-down-required-version-on-NSS3.patch
added patches:
fixes/Bug-1634994-fix-disable-av1-r-tnikkel.patch
fixes/Bug-1635671-Upgrade-typename-to-1.12.0.-r-emilio.patch
* [295cc4d] d/control: increase B-D for libnss3
The build requires now libnss3-dev >= 2:3.52.
* [f998baf] lintian-overrides: remove overrides for kinto-http-client.js
No override needed for this file, it's not included any more.
-- Carsten Schoenert Fri, 08 May 2020 15:18:44 +0200
thunderbird (1:76.0~b2-1) experimental; urgency=medium
* [87988db] d/control: increase B-D for cargo to 0.42
* [b9b0dfd] rebuild patch queue from patch-queue branch
removed patch:
debian-hacks/Ignore-version-check-for-cargo.patch
* [8386db0] d/control: Remove B-D on libjson-dev and libsqlite3-dev
The built uses internal copies for libjson and libsqlite as there are
made modifications to them. For now we can decrease the list of build
dependencies by removing this two packages.
* [6324222] New upstream version 76.0~b2
* [629b3bb] d/rules: Remove default compiler flag
No needed for '-Wl,--as-needed' any more, it's default now.
-- Carsten Schoenert Mon, 27 Apr 2020 09:55:43 +0200
thunderbird (1:76.0~b1-1) experimental; urgency=medium
* [b52cd52] d/c-thunderbird-l10n-tarball.sh: change upstream resource
Upstream has changed the folder were we can find the language providing
XPI packages. They simply moved over from linux-i686 to linux-x86_64.
* [22e697a] d/rules: drop set up of LIGHTNING_VERSION variable
We don't need this variable any more for building the packages (like all
the lightning-foo named stuff), there is no dedicated Lighting named stuff
around.
* [4ad871b] d/gbp.conf: Remove additional tarball for lightning-l10n
git-buildpackage won't find this additional tarball as it's not needed
starting by the import of the next upstream version (this is 76.0b1).
* [25d8d42] d/c-l-l10n-t.sh: Remove helper script
We also don't need to build the l10n specific additional tarball for
Lighting related parts any more. Dropping this helper script.
* [9d33d06] d/README.source: Remove part of lightning-l10n
* [b063d7f] New upstream version 76.0~b1
* [e7a23ec] rebuild patch queue from patch-queue branch
removed patches (not needed or included upstream):
debian-hacks/Build-against-system-libjsoncpp.patch
debian-hacks/Downgrade-SQlite-version-to-3.27.2.patch
fixes/Bug-1531309-Don-t-use-__PRETTY_FUNCTION__-or-__FUNCTION__.patch
fixes/Bug-1560340-Only-add-confvars.sh-as-a-dependency-to-confi.patch
added patches:
debian-hacks/Ignore-version-check-for-cargo.patch
lower-down-required-version-on-NSS3.patch
* [94d8593] d/control: adding new packages thunderbird-l10n-{cak,kab,uz}
After the final release of Thunderbird 68.0 new l10n support for the
languages Kacqhikel, Georgian and Uzbek was added. Reflect this by adding
new binary packages for those languages.
* [5397182] d/mozconfig.default: remove option for system-sqlite
Upstream is using their own version of an modified SQLite now and has
dropping the additional configure option about this.
* [abb0ded] d/control: increase various versions in B-D
The current source requires some more recent versions of the helping tools
for building the sources as usual.
* [abfc8b2] d/rules: remove any action related to old lightning stuff
As the sources doesn't have any Lightning specific parts any more we need
to adjust the build process within debian/rules a bit. Thus dropping all
the rules around Lighting things.
* [f95b3ad] d/control: Turn lightning into transitional package
For now switch the behaviour of the lightning package into a transitional
one. We might can drop the whole package rather soon.
* [c3062cb] d/thunderbird.install: Remove blocklist.xml
Don't install the file blocklist.xml any more, it's now not shipped by
upstream any more.
* [856e99e] d/mozconfig.thunderbird: Remove --enable-calendar
Previously the build of the Lightning extension was needed to get enabled
to built this as an extension. Now it's fully integrated into the core
this configure option isn't needed any longer.
* [5551a8a] d/copyright: update content
As usual there is some moving within the source code between the major
versions, reflect this by adjusting the content of the copyright file.
* [21e9b7f] lintian-overrides: adjust overrides for needed files
Also the override file for the source is needing some adjustments.
* [f25ddc4] d/source.filter: update the filter sequences
The control for filtering non needed stuff from the upstream tarball must
also get adjusted due changed versions, moved folders etc.
* [e4a81ba] d/thunderbird.install: Install also appdata.xml
Upstream is providing an AppStream data file which we want install mow
also.
* [80385c9] d/source.filter: Sorting entries alphabetically
No functional modifications, just sorting entries to find stuff more easily.
* [585cf0a] d/thunderbird.lintian-overrides: update after config changes
We also need to modify the content for Lintian overrides for the
thunderbird package a bit. Thunderbird comes now (again) with own versions
of the libraries libtheora and libjsoncpp. Mostly because Mozilla has made
some own modifications within these libraries.
-- Carsten Schoenert Sat, 18 Apr 2020 08:28:25 +0200
thunderbird (1:68.12.0-1) unstable; urgency=medium
* [103cab7] New upstream version 68.12.0
Fixed CVE issues in upstream version 68.11.0 (MFSA 2020-35):
CVE-2020-15663: Downgrade attack on the Mozilla Maintenance Service could
have resulted in escalation of privilege
CVE-2020-15664: Attacker-induced prompt for extension installation
CVE-2020-15669: Use-After-Free when aborting an operation
-- Carsten Schoenert Thu, 27 Aug 2020 21:23:55 +0200
thunderbird (1:68.11.0-3) unstable; urgency=medium
* [28707fd] d/xpi-pack.sh: adding xpi-pack shell script
As we can't depend on mozilla-devscripts anymore we pick up the shell
script from that package as this builds XPI files we need.
* [037212e] Drop mozilla-devscripts as B-D
mozilla-devscripts isn't ported to Python3 yet and depends on Python2 so.
We don't need that package as B-D as we picked the main shell script from
that and we can drop that package from the build dependencies.
* [31eda41] Drop python-{minimal,ply} from B-D
These packages are removed from teh archive and we don't need them for
building Thunderbird as long we have python2 as package available.
(Closes: #967223)
-- Carsten Schoenert Tue, 04 Aug 2020 19:06:20 +0200
thunderbird (1:68.11.0-2) unstable; urgency=medium
* [110a375] d/control: increase B-D for libnss3
* [73fa23e] d/control: tb manually set dep on libnss3 to 2:3.55
(Closes: #966806)
-- Carsten Schoenert Sun, 02 Aug 2020 20:12:49 +0200
thunderbird (1:68.11.0-1) unstable; urgency=medium
* [093b080] New upstream version 68.11.0
Fixed CVE issues in upstream version 68.11.0 (MFSA 2020-35):
CVE-2020-15652: Potential leak of redirect targets when loading scripts
in a worker
CVE-2020-6514: WebRTC data channel leaks internal address to peer
CVE-2020-6463: Use-after-free in ANGLE gl::Texture::onUnbindAsSamplerTexture
CVE-2020-15659: Memory safety bugs fixed in Thunderbird 68.11
-- Carsten Schoenert Wed, 29 Jul 2020 22:26:14 +0200
thunderbird (1:68.10.0-1) unstable; urgency=medium
* [7537684] New upstream version 68.10.0
Fixed CVE issues in upstream version 68.10.0 (MFSA 2020-26):
CVE-2020-12417: Memory corruption due to missing sign-extension for
ValueTags on ARM64
CVE-2020-12418: Information disclosure due to manipulated URL object
CVE-2020-12419: Use-after-free in nsGlobalWindowInner
CVE-2020-12420: Use-After-Free when trying to connect to a STUN server
MFSA-2020-0001: Automatic account setup leaks Microsoft Exchange login
credentials
CVE-2020-12421: Add-On updates did not respect the same certificate trust
rules as software updates
-- Carsten Schoenert Sat, 04 Jul 2020 10:55:31 +0200
thunderbird (1:68.9.0-1) unstable; urgency=medium
[ intrigeri ]
* [fd13825] AppArmor: update profile from upstream at commit 860d2d9
(Closes: #960465)
[ Carsten Schoenert ]
* [c310c40] New upstream version 68.9.0
Fixed CVE issues in upstream version 68.9.0 (MFSA 2020-22):
CVE-2020-12399: Timing attack on DSA signatures in NSS library
CVE-2020-12405: Use-after-free in SharedWorkerService
CVE-2020-12406: JavaScript Type confusion with NativeTypes
CVE-2020-12410: Memory safety bugs fixed in Thunderbird 68.9.0
CVE-2020-12398: Security downgrade with IMAP STARTTLS leads to
information leakage
-- Carsten Schoenert Fri, 05 Jun 2020 20:29:35 +0200
thunderbird (1:68.8.1-1) unstable; urgency=medium
* [7495e7a] New upstream version 68.8.1
-- Carsten Schoenert Fri, 22 May 2020 19:04:20 +0200
thunderbird (1:68.8.0-1) unstable; urgency=medium
* [9b5ae46] New upstream version 68.8.0
Fixed CVE issues in upstream version 68.8.0 (MFSA 2020-18):
CVE-2020-12397: Sender Email Address Spoofing using encoded Unicode
characters
CVE-2020-12387: Use-after-free during worker shutdown
CVE-2020-6831: Buffer overflow in SCTP chunk input validation
CVE-2020-12392: Arbitrary local file access with 'Copy as cURL'
CVE-2020-12393: Devtools' 'Copy as cURL' feature did not fully escape
website-controlled data, potentially leading to command
injection
CVE-2020-12395: Memory safety bugs fixed in Thunderbird 68.8.0
-- Carsten Schoenert Tue, 05 May 2020 20:47:29 +0200
thunderbird (1:68.7.0-1) unstable; urgency=medium
* [c0052af] New upstream version 68.7.0
Fixed CVE issues in upstream version 68.7.0 (MFSA 2020-14):
CVE-2020-6819: Use-after-free while running the nsDocShell destructor
CVE-2020-6820: Use-after-free when handling a ReadableStream
CVE-2020-6821: Uninitialized memory could be read when using the WebGL
copyTexSubImage method
CVE-2020-6822: Out of bounds write in GMPDecodeData when processing large
images
CVE-2020-6825: Memory safety bugs fixed in Thunderbird 68.7
-- Carsten Schoenert Sun, 12 Apr 2020 07:40:41 +0200
thunderbird (1:68.6.0-1) unstable; urgency=medium
* [5709774] New upstream version 68.6.0
Fixed CVE issues in upstream version 68.6.0 (MFSA 2020-10):
CVE-2019-20503: Out of bounds reads in sctp_load_addresses_from_init
CVE-2020-6805: Use-after-free when removing data about origins
CVE-2020-6806: BodyStream::OnInputStreamReady was missing protections
against state confusion
CVE-2020-6807: Use-after-free in cubeb during stream destruction
CVE-2020-6811: Devtools' 'Copy as cURL' feature did not fully escape
website-controlled data, potentially leading to
command injection
CVE-2020-6812: The names of AirPods with personally identifiable
information were exposed to websites with camera or
microphone permission
CVE-2020-6814: Memory safety bugs fixed in Thunderbird 68.6
-- Carsten Schoenert Mon, 16 Mar 2020 20:01:29 +0100
thunderbird (1:68.5.0-1) unstable; urgency=medium
* [d79bf82] New upstream version 68.5.0
Fixed CVE issues in upstream version 68.5.0 (MFSA 2020-07):
CVE-2020-6793: Out-of-bounds read when processing certain email messages
CVE-2020-6794: Setting a master password post-Thunderbird 52 does not
delete unencrypted previously stored passwords
CVE-2020-6795: Crash processing S/MIME messages with multiple signatures
CVE-2020-6798: Incorrect parsing of template tag could result in
JavaScript injection
CVE-2020-6792: Message ID calculcation was based on uninitialized data
CVE-2020-6800: Memory safety bugs fixed in Thunderbird 68.5
(Closes: #891848)
* [0884df6] d/control: increase Standards-Version to 4.5.0
No further changes needed.
-- Carsten Schoenert Thu, 13 Feb 2020 17:58:44 +0100
thunderbird (1:68.4.2-1) unstable; urgency=medium
* [7ab7786] d/gbp.conf: add some more files we need to filter out
* [9c02c34] New upstream version 68.4.2
-- Carsten Schoenert Sun, 26 Jan 2020 13:13:49 +0100
thunderbird (1:68.4.1-1) unstable; urgency=medium
* [a00f3e9] New upstream version 68.4.1
Fixed CVE issues in upstream version 68.4.1 (MFSA 2020-04):
CVE-2019-17026: IonMonkey type confusion with StoreElementHole and
FallibleStoreElement
CVE-2019-17015: Memory corruption in parent process during new content
process initialization on Windows
CVE-2019-17016: Bypass of @namespace CSS sanitization during pasting
CVE-2019-17017: Type Confusion in XPCVariant.cpp
CVE-2019-17022: CSS sanitization does not escape HTML tags
CVE-2019-17024: Memory safety bugs fixed in Thunderbird 68.4.1
* [6b1fd82] rebuild patch queue from patch-queue branch
removed patch (included upstream)
fixes/Update-bindgen-in-ESR68.-r-glandium-a-RyanVM.patch
-- Carsten Schoenert Fri, 10 Jan 2020 18:33:43 +0100
thunderbird (1:68.3.1-1) unstable; urgency=medium
[ Emilio Pozuelo Monfort ]
* [6f59313] Fix MOZ_BUILD_DATE to have the expected format
[ Carsten Schoenert ]
* [5d0f4b1] d/rules: don't use SOURCE_DATE_EPOCH for MOZ_BUILD_DATE
(Closes: #946588)
* [1467af5] New upstream version 68.3.1
-- Carsten Schoenert Wed, 18 Dec 2019 15:54:44 +0100
thunderbird (1:68.3.0-2) unstable; urgency=medium
* [0625d30] rebuild patch queue from patch-queue branch
added patches:
fixes/Bug-1531309-Don-t-use-__PRETTY_FUNCTION__-or-__FUNCTION__.patch
fixes/Update-bindgen-in-ESR68.-r-glandium-a-RyanVM.patch
* [ea8d98c] Breaks: add versioned birdtray package
-- Carsten Schoenert Mon, 09 Dec 2019 18:22:15 +0100
thunderbird (1:68.3.0-1) unstable; urgency=medium
* [fe289ec] /u/b/thunderbird: export variable DICPATH before start
(Closes: #944295)
* [a9a48c6] New upstream version 68.3.0
Fixed CVE issues in upstream version 68.3 (MFSA 2019-38):
CVE-2019-17008: Use-after-free in worker destruction
CVE-2019-13722: Stack corruption due to incorrect number of arguments in
WebRTC code
CVE-2019-11745: Out of bounds write in NSS when encrypting with a block
cipher
CVE-2019-17009: Updater temporary files accessible to unprivileged
processes
CVE-2019-17010: Use-after-free when performing device orientation checks
CVE-2019-17005: Buffer overflow in plain text serializer
CVE-2019-17011: Use-after-free when retrieving a document in
antitracking
CVE-2019-17012: Memory safety bugs fixed in Firefox 71, Firefox ESR
68.3, and Thunderbird 68.3
* [fb23473] d/control: increase B-D version on NSS to 3.44.3
* [6f59938] Breaks: adding more non compatible packaged AddOns
-- Carsten Schoenert Thu, 05 Dec 2019 10:03:22 +0100
thunderbird (1:68.2.2-1) unstable; urgency=medium
* [198d539] xul-ext-compactheader: allow also version << 3.0.0
* [0e93753] d/control: add incompatibility with jsunit << 0.2.2
* [87c84cb] New upstream version 68.2.2
This upstream version has removed the source for calendar-google-provider,
thus we can't provide the related binary package any more.
* [a3cea2a] rebuild patch queue from patch-queue branch
rebuild patch queue from patch-queue branch
removed patches (included upstream):
debian/patches/fixes/Bug-1470701-Use-run-time-page-size-when-changing-map.patch
debian/patches/fixes/Bug-1505608-Try-to-ensure-the-bss-section-of-the-elf.patch
debian/patches/fixes/Bug-1526744-find-dupes.py-Calculate-md5-by-chunk.patch
debian/patches/fixes/Build-also-gdata-provider-as-xpi-file.patch
debian/patches/fixes/rust-ignore-not-available-documentation.patch
debian/patches/porting-kfreebsd-hurd/Fix-GNU-non-Linux-failure-to-build-because-of-ipc-ch.patch
debian/patches/porting-mips/Bug-1444303-MIPS-Fix-build-failures-after-Bug-1425580-par.patch
debian/patches/porting-mips/Bug-1444834-MIPS-Stubout-MacroAssembler-speculationBarrie.patch
debian/patches/porting-powerpc/powerpc-Don-t-use-static-page-sizes-on-powerpc.patch
debian/patches/porting-sparc64/Bug-1434726-Early-startup-crash-on-Linux-sparc64-in-HashI.patch
* [1730f5f] d/control: remove references to calendar-google-provider
Don't build calendar-google-provider any more and remove any references
from other binary packages.
* [1b0bbb8] d/rules: remove any calendar-google-provider stuff
* [92f681c] thunderbird.NEWS: Adding hint about removal of gdata
Give out an announcement about the removal of a possible previously
installed package calendar-google-provider.
-- Carsten Schoenert Sun, 10 Nov 2019 12:09:17 +0100
thunderbird (1:68.2.1-1) unstable; urgency=medium
[ intrigeri ]
* [c48e2cb] AppArmor: update profile from upstream at commit a27a1a5
(Closes: #941290)
[ Carsten Schoenert ]
* [98497ae] New upstream version 68.2.0
Fixed CVE issues in upstream version 68.2 (MFSA 2019-35):
CVE-2019-15903: Heap overflow in expat library in XML_GetCurrentLineNumber
CVE-2019-11757: Use-after-free when creating index updates in IndexedDB
CVE-2019-11758: Potentially exploitable crash due to 360 Total Security
CVE-2019-11759: Stack buffer overflow in HKDF output
CVE-2019-11760: Stack buffer overflow in WebRTC networking
CVE-2019-11761: Unintended access to a privileged JSONView object
CVE-2019-11762: document.domain-based origin isolation has
same-origin-property violation
CVE-2019-11763: Incorrect HTML parsing results in XSS bypass technique
CVE-2019-11764: Memory safety bugs fixed in Thunderbird 68.2
(Closes: #925841)
* [a104c51] d/control: increase Standards-Version to 4.4.1
* [6c9d012] xul-ext-dispmua: set current min usable version
* [b3bf16f] New upstream version 68.2.1
* [8f89b90] d/control: decrease build architecture list
Decreasing the current list of build architectures. Not meant to keep this
forever, removed RC architectures needing support and volunteering to get
them back.
(Closes: #921258)
-- Carsten Schoenert Fri, 01 Nov 2019 20:36:59 +0100
thunderbird (1:68.1.2-1~exp1) experimental; urgency=medium
* [81f4144] xul-ext-compactheader: increase minimal usable version
* [a815589] Update the global information about TB in Debian
* [bb5f5f7] rebuild patch queue from patch-queue branch
* [6fe7d3f] xul-ext-sogo-connector: increase minimal usable version
* [2e29af5] New upstream version 68.1.2
-- Carsten Schoenert Sat, 26 Oct 2019 08:41:50 +0200
thunderbird (1:68.1.1-1~exp1) experimental; urgency=medium
[ intrigeri ]
* [3f49653] AppArmor: update profile from upstream at commit ed52e4a
[ Carsten Schoenert ]
* [348f476] New upstream version 68.0~b5
* [2a2f101] New upstream version 68.1.1
Fixed CVE issues in upstream version 68.1 (MFSA 2019-20):
CVE-2019-11711: Script injection within domain through inner window reuse
CVE-2019-11712: Cross-origin POST requests can be made with NPAPI plugins
by following 308 redirects
CVE-2019-11713: Use-after-free with HTTP/2 cached stream
CVE-2019-11714: NeckoChild can trigger crash when accessed off of main
thread
CVE-2019-11729: Empty or malformed p256-ECDH public keys may trigger a
segmentation fault
CVE-2019-11715: HTML parsing error can contribute to content XSS
CVE-2019-11716: globalThis not enumerable until accessed
CVE-2019-11717: Caret character improperly escaped in origins
CVE-2019-11719: Out-of-bounds read when importing curve25519 private key
CVE-2019-11720: Character encoding XSS vulnerability
CVE-2019-11721: Domain spoofing through unicode latin 'kra' character
CVE-2019-11730: Same-origin policy treats all files in a directory as
having the same-origin
CVE-2019-11723: Cookie leakage during add-on fetching across private
browsing boundaries
CVE-2019-11724: Retired site input.mozilla.org has remote troubleshooting
permissions
CVE-2019-11725: Websocket resources bypass safebrowsing protections
CVE-2019-11727: PKCS#1 v1.5 signatures can be used for TLS 1.3
CVE-2019-11728: Port scanning through Alt-Svc header
CVE-2019-11710: Memory safety bugs fixed in Firefox 68 and Thunderbird 68
CVE-2019-11709: Memory safety bugs fixed in Firefox 68, Firefox ESR 60.8,
and Thunderbird 68
Fixed CVE issues in upstream version 68.1 (MFSA 2019-20):
CVE-2019-11739: Covert Content Attack on S/MIME encryption using a crafted
multipart/alternative message
CVE-2019-11746: Use-after-free while manipulating video
CVE-2019-11744: XSS by breaking out of title and textarea elements using
innerHTML
CVE-2019-11742: Same-origin policy violation with SVG filters and canvas
to steal cross-origin images
CVE-2019-11752: Use-after-free while extracting a key value in IndexedDB
CVE-2019-11743: Cross-origin access to unload event attributes
CVE-2019-11740: Memory safety bugs fixed in Firefox 69, Firefox ESR 68.1,
Firefox ESR 60.9, Thunderbird 68.1, and Thunderbird 60.9
Fixed CVE issues in upstream version 68.1.1 (MFSA 2019-32):
CVE-2019-11755: Spoofing a message author via a crafted S/MIME message
* [9342624] rebuild patch queue from patch-queue branch
added patches:
debian-hacks/Set-program-name-from-the-remoting-name.patch
debian-hacks/Use-remoting-name-for-call-to-gdk_set_program_class.patch
debian-hacks/Work-around-Debian-bug-844357.patch
fixes/Allow-.js-preference-files-to-set-locked-prefs-with-lockP.patch
fixes/Bug-1556197-amend-Bug-1544631-for-fixing-mips32.patch
fixes/Bug-1560340-Only-add-confvars.sh-as-a-dependency-to-confi.patch
porting-armhf/Bug-1526653-Include-struct-definitions-for-user_vfp-and-u.patch
removed patch (fixed upstream):
porting-mips/Fix-CPU_ARCH-test-for-libjpeg-on-mips.patch
porting/Work-around-GCC-ICE-on-mips-i386-and-s390x.patch
* [25cb500] d/control: increase various versions in B-D
* [ee5b713] d/control: remove B-D on librust-cbindgen-dev
Use librust-toml-dev instead, we only need some files from this package,
librust-cbindgen-dev is a metapackage which is broken while packaging.
* [442a6b1] d/rules: work around cargo needs a HOME dir
* [4894a4c] d/control: increase Standards-Version to 4.4.0
No further changes needed.
* [bb47b68] d/control: update upstream homepage for Thunderbird
Since some time Mozilla Thunderbird has a new homepage placed on URI
https://www.thunderbird.net/
* [a3b680e] d/source.filter: update the filter sequences
New Thunderbird upstream versions bringing some new unwanted files within
the source.
* [7290ff4] d/control: remove transitional lightning l10n packages
The Lightning l10n packages moved into transitional packages before Buster
was released, now after the Buster release removing these transitional
packages. All required l10n files are available in the packages
thunderbird-$(locale) even for Lightning.
* [3d1d27d] enigmail: increase minimal usable version
Thunderbird 68.x needs at least Enigmal in version 2.1, but increase the
version on Enigmail to the most recent version which is released while
packaging.
* [66069d9] calendar-exchange-provider: removed from Breaks
This package isn't alive in unstable and testing.
* [3b9f936] d/control: remove Xb-Xul-AppId field
Thunderbird don't has any Xul based AddOns since version 68.0
* [7d8cd7d] lintian-overrides: remove not needed overrides
-- Carsten Schoenert Sat, 28 Sep 2019 15:38:28 +0200
thunderbird (1:68.0~b1-1) experimental; urgency=medium
* [0eabe70] New upstream version 68.0~b1
* [2febf67] rebuild patch queue from patch-queue branch
added patch:
debian-hacks/Downgrade-SQlite-version-to-3.27.2.patch
* [cfa5973] d/s/lintian-overrides: adjust overrides for needed files
* [46077e2] d/copyright: update after upstream changes
-- Carsten Schoenert Sun, 16 Jun 2019 10:28:52 +0200
thunderbird (1:67.0~b3-1) experimental; urgency=medium
[ intrigeri ]
* [9ad75ad] d/rules: drop useless usage of dpkg-parsechangelog
[ Carsten Schoenert ]
* [d6f6747] New upstream version 67.0~b3
* [90f73be] rebuild patch queue from patch-queue branch
removed patch:
fixes/Bug-1515641-Turn-enable-av1-around.-r-nalexander.patch
* [7dd5c54] d/control: increase various B-D versions
Increasing the version for the build depending packages of cargo, cbindgen,
libnspr4-dev, libnss3-dev, libsqlite3-dev and rustc.
-- Carsten Schoenert Tue, 11 Jun 2019 19:36:00 +0200
thunderbird (1:66.0~b1-1) experimental; urgency=medium
[ Carsten Schoenert ]
* [afe31d9] New upstream version 66.0~b1
* [4ec53cc] apparmor: update profile from upstream (commit 7ace41b1)
(cherry-picked from debian/sid)
* [b3657a0] d/rules: make dh_clean more robust
Remove some regenerated files in dh_clean to the build will not fail in
case the build needs to be started twice within the same build environment.
(cherry-picked from debian/sid)
* [dceb027] d/rules: move disable debug option into configure step
Adding the option '--disable-debug-symbols' to the file mozconfig.default
in case the build is running on a 32bit architecture instead of expanding
the variable 'CONFIGURE_FLAGS'. The configuration approach for this option
taken from firefox-esr was not working for the thunderbird package.
(cherry-picked from debian/sid)
* [f7f02a9] d/rules: reorder LDFLAGS for better readability
Make the used additional options for LDFLAGS better readable by reordering
the various used options. Also adding the option '-Wl, --as-needed' to the
list of used options here.
(cherry-picked from debian/sid)
* [79801fb] d/rules: use 'compress-debug-sections' only on 64bit
Do not set 'LDFLAGS += -Wl,--compress-debug-sections=zlib' globally, lets
use this option only if we are on a 64bit architecture as otherwise the
build is failing on 32bit architectures again. We don't want to build any
debug information on 32bit anyway so we don't need this option on these
platforms.
(cherry-picked from debian/sid)
* [11f9e14] d/mozconfig.default: adding option for mipsel
We don't have set up any options for the mipsel platform before, but the
build needs some additional options too on this platform to succeed.
(cherry-picked from debian/sid)
* [e46e178] d/mozconfig.default: disable ion on mips and mipsel
The build will fail on mips{,el} if we have enabled ION, the JavaScript
JIT compiler on these platforms will loose some performance by this.
(cherry-picked from debian/sid)
[ Alexander Nitsch ]
* [31b87e9] Make the logo SVG square
The original SVG source isn't completely square, modifying the SVG file
so all generated other files from the input are also exactly square.
* [c0f19a3] Add script for generating PNGs from logo SVG
* [c153c5f] Update icon PNGs to be properly scaled
[ Carsten Schoenert ]
* [c372e1f] d/source.filter: add some configure scripts
Filter out some files that are named 'configure', they are rebuild later
anyway. The filtering of these files is moved from gbp.conf to
source.filter.
(cherry-picked from debian/sid)
* [a40c5df] d/c-lightning-l10n-t.sh: drop version checking
Remove an old check for a version string within the file install.rdf.
It's not created any more by upstream since > 60.0.
* [05b325e] d/source.filter: don't ignore files in root folder
Try to not ignore files which are in the top root folder of the upstream
source tarball.
* [d2ca267] rebuild patch queue from patch-queue branch
added patch:
fixes/Bug-1515641-Turn-enable-av1-around.-r-nalexander.patch
modified (refreshed) patches:
porting-armel/Avoid-using-vmrs-vmsr-on-armel.patch
porting-armel/Bug-1463035-Remove-MOZ_SIGNAL_TRAMPOLINE.-r-darchons.patch
porting-kfreebsd-hurd/Allow-ipc-code-to-build-on-GNU-hurd.patch
porting-kfreebsd-hurd/Allow-ipc-code-to-build-on-GNU-kfreebsd.patch
porting-kfreebsd-hurd/FTBFS-hurd-fixing-unsupported-platform-Hurd.patch
porting-kfreebsd-hurd/Fix-GNU-non-Linux-failure-to-build-because-of-ipc-ch.patch
porting-kfreebsd-hurd/adding-missed-HURD-adoptions.patch
porting-kfreebsd-hurd/ipc-chromium-fix-if-define-for-kFreeBSD-and-Hurd.patch
porting-m68k/Add-m68k-support-to-Thunderbird.patch
removed patches (applied upstream):
fixes/Fix-big-endian-build-for-SKIA.patch
porting-kfreebsd-hurd/Fix-GNU-non-Linux-failure-to-build-because-of-ipc-ch.patch
porting-s390x/FTBFS-s390x-Use-jit-none-AtomicOperations-sparc.h-on-s390.patch
* [cb1dde9] d/control: increase version in B-D for libsqlite3-dev
* [54e8890] d/mozconfig.default: add new configure option
We need to disable the usage of libav1 for an successful build. The used
configure option was added by the new added patch to the patch queue.
* [ecd3ade] d/copyright: update after upstream changes
* [af58ed8] d/source.filter: add extra content to ignore
-- Carsten Schoenert Sun, 17 Feb 2019 10:58:46 +0100
thunderbird (1:65.0~b1-1) experimental; urgency=medium
* [e5956ef] Merge tag 'debian/1%60.4.0-1' into debian/experimental
* [389748b] d/source.filter: adjust files to filter while repack
Rework of the file filter list due new upstream version but also to no
filter out files we obviously need later, e.g. for the omni.jar archive.
* [4b86a78] New upstream version 65.0~b1
* [3db29ed] rebuild patch queue from patch-queue branch
removed patches (fixed upstream):
debian-hacks/icu-use-locale.h-instead-of-xlocale.h.patch
debian-hacks/shellutil.py-ignore-tilde-as-special-character.patch
fixes/Build-also-gdata-provider-as-xpi-file.patch
fixes/Use-msse-2-fpmath-C-CXXFLAGS-only-on-x86_64-platforms.patch
porting-mips/Bug-1444303-MIPS-Fix-build-failures-after-Bug-1425580-par.patch
porting-mips/Bug-1444834-MIPS-Stubout-MacroAssembler-speculationBarrie.patch
porting-sparc64/Bug-1434726-Early-startup-crash-on-Linux-sparc64-in-HashI.patch
removed patches (dropped for Debian specific build):
debian-hacks/Don-t-build-testing-suites-and-stuff.patch
debian-hacks/Don-t-build-testing-suites-and-stuff-part-2.patch
adjusted patches:
debian-hacks/Add-another-preferences-directory-for-applications-p.patch
debian-hacks/stop-configure-if-with-system-bz2-was-passed-but-no-.patch
patches/fixes/Fix-big-endian-build-for-SKIA.patch (but currently disabled)
porting-kfreebsd-hurd/FTBFS-hurd-fixing-unsupported-platform-Hurd.patch
porting-kfreebsd-hurd/adding-missed-HURD-adoptions.patch
porting-kfreebsd-hurd/ipc-chromium-fix-if-define-for-kFreeBSD-and-Hurd.patch
porting-s390x/FTBFS-s390x-Use-jit-none-AtomicOperations-sparc.h-on-s390.patch
* [e918c6c] d/control: increase versions in B-D
New Thunderbirds version typically need other packages available with
higher versions like NSS, NSPR, rust ...
Also adding cbindgen and nodejs()!!).
* [b6c63bf] d/mozconfig.default: remove dead options
More old configure option are now not available anymore and we need to
drop them.
* [0f959ad] remove GCC specific options
LLVM's clang is now widely used, and clang isn't knowing the GCC options
'-fno-schedule-insns2' and '-fno-lifetime-dse', removing these options
from CFLAGS and CXXFLAGS.
* [d0b1f4b] d/rules: work around about strong quotings in .mk files
After the configuration of the source some Makefiles in the build folder
'obj-thunderbird' have a strong qouting on some entries. This will
later provoke a build failure if we don't remove the single quotes
before in the Makefiles.
* [093053e] copyright: update after upstream changes
* [95eaacf] d/s/lintian-overrides: adjust overrides for needed files
-- Carsten Schoenert Sun, 20 Jan 2019 15:48:06 +0100
thunderbird (1:60.4.0-1) unstable; urgency=medium
* [2e5a9d0] d/control: don't hard code LLVM packages in B-D
(Closes: #912797)
* [3aaa4a6] New upstream version 60.4.0
No MFSA published yet by Mozilla Security while packaging this version.
(Closes: #913645)
* [12d3be3] debian/control: increase Standards-Version to 4.3.0
No further changes needed.
-- Carsten Schoenert Mon, 24 Dec 2018 17:04:10 +0100
thunderbird (1:60.3.1-1) unstable; urgency=medium
* [e1b489a] New upstream version 60.3.1
* [f376b38] lightning: use ${source:Version} in Breaks and Recommends
(Closes: #914175)
* [7e560b3] Revert "lintian: adding a semi automated lintian-override"
The override about a misspelled word Synopsys isn't needed any more.
* [893c0e6] rebuild patch queue from patch-queue branch
modified patches:
debian-hacks/Don-t-build-testing-suites-and-stuff.patch
debian-hacks/Don-t-build-testing-suites-and-stuff-part-2.patch
* [20d8827] d/source.filter: update the filter sequences
-- Carsten Schoenert Sun, 25 Nov 2018 10:02:50 +0100
thunderbird (1:60.3.0-1) unstable; urgency=medium
[ intrigeri ]
* [7949b31] AppArmor: update profile from upstream at commit f3d9a8b
(Closes: #903898)
* [e31dc14] AppArmor: update profile from upstream at commit 81c9457
(Closes: #908206)
[ Carsten Schoenert ]
* [0dcbe22] d/control: add xul-ext-gnome-keyring to Breaks for thunderbird
(Closes: #907979)
* [65db00d] armel: adding extra LDFLAGS so rust compiler isn't confused
The settings that are builtin within rust are conflicting with the GCC.
* [9c65884] New upstream version 60.3.0
Fixed CVE issues in upstream version 60.3.0 (MFSA 2018-28)
CVE-2018-12392: Crash with nested event loops
CVE-2018-12393: Integer overflow during Unicode conversion while loading
JavaScript
CVE-2018-12389: Memory safety bugs fixed in Firefox ESR 60.3 and
Thunderbird 60.3
CVE-2018-12390: Memory safety bugs fixed in Firefox 63, Firefox ESR 60.3,
and Thunderbird 60.3
* [8726bb1] rebuild patch queue from patch-queue branch
removed patches (included upstream)
fixes/Bug-1479540-Accept-triplet-strings-with-only-two-parts-in.patch
fixes/Bug-1492064-Disable-baseline-JIT-when-SSE2-is-not-support.patch
fixes/Bug-1492065-Use-Swizzle-fallback-when-SSE2-is-not-support.patch
porting-mips/Add-struct-ucred-for-Linux-on-MIPS.patch
-- Carsten Schoenert Thu, 01 Nov 2018 12:19:34 +0100
thunderbird (1:60.2.1-1) unstable; urgency=medium
* [ba75ca3] logo: move old TB graphics into dedicated folder
* [ba47234] logo: adding new TB icon *.png graphics
Like Firefox Thunderbird has also got a reworked logo. As we use some own
icon created from a SVG graphic this commit adds the new icons in the
various sizes. The source of the SVG graphic is taken from
https://demo.identihub.co/thunderbird#/view/icon/element/612
(Closes: #909108)
* [0b16a87] d/source.filter: don't remove react files from source
(Closes: #909046)
* [d01dfd6] rebuild patch queue from patch-queue branch
added patches:
fixes/Bug-1479540-Accept-triplet-strings-with-only-two-parts-in.patch
fixes/Bug-1482248-don-t-crash-on-empty-file-name-in-nsMsgLocalS.patch
fixes/Bug-1492064-Disable-baseline-JIT-when-SSE2-is-not-support.patch
fixes/Bug-1492065-Use-Swizzle-fallback-when-SSE2-is-not-support.patch
(Closes: #909628, #909039, #906816)
* [bf64065] New upstream version 60.2.1
Fixed CVE issues in upstream version 60.2.1 (MFSA 2018-25)
CVE-2018-12377: Use-after-free in refresh driver timers
CVE-2018-12378: Use-after-free in IndexedDB
CVE-2018-12379: Out-of-bounds write with malicious MAR file
CVE-2018-12376: Memory safety bugs fixed in Firefox 62 and Firefox ESR 60.2
CVE-2018-12385: Crash in TransportSecurityInfo due to cached data
CVE-2018-12383: Setting a master password post-Firefox 58 does not delete
unencrypted previously stored passwords
* [b4712af] rebuild patch queue from patch-queue branch
removed patches (fixed upstream):
fixes/Bug-1482248-don-t-crash-on-empty-file-name-in-nsMsgLocalS.patch
* [79057f6] d/control: make lightning-l10n packages transitional
The l10n content for Lightning and a specific language is now much more
related to the Thunderbird l10n content. By this the existing lightning
l10n packages are not really useful any more as we move the Lightning
l10n content into the respective Thunderbird l10n package a we need to
turn the existing Lightning l10n packages into transitional packages.
* [a0ac3b7] d/control: adding Replaces, Breaks, Provides to thunderbird-l10n-*
Related to the previous commit the Thunderbird l10n packages need some
more fields in the control file so the transition from lightning-l10n into
thunderbird-l10n can work.
* [c82ee7c] d/rules: install lightning l10n into thunderbird-l10n-* packages
The content for the lightning l10n stuff needs now to be installed into
thunderbird-l10n packages.
* [72cd535] d/control: add thunderbird-l10n-cy
Oops, seems like we never have introduced this language for Thunderbird
before. Now required to provide the l10n content for Lightning.
* [510bea6] d/thunderbird-wrapper.sh: improve GDB switch
Since TB 60 upstream isn't installing the old wrapper script
run-mozilla.sh any more. By this we need to adjust our starting wrapper
so the call to start Thunderbird within the GDB debugger is working.
-- Carsten Schoenert Fri, 05 Oct 2018 17:43:49 +0200
thunderbird (1:60.0-3) unstable; urgency=medium
* [daa0dd7] locale: use 'intl.locale.requested' correctly
Thanks to hint from Sven Joachim we can use the preference setting
'intl.locale.requested' in way that users don't need to use this setting
within their prefs.js to control the language of the Thunderbird UI.
'intl.locale.requested' is somehow the successor of 'intl.locale.matchOS'.
(Closes: #908034)
* [f8ac1b2] debian/control: increase Standards-Version to 4.2.1
No further changes needed.
* [a001579] d/control: remove empty 'Replaces' in thunderbird-l10n-da
We can remove that line of Replaces without any key.
-- Carsten Schoenert Thu, 06 Sep 2018 18:46:31 +0200
thunderbird (1:60.0-2) unstable; urgency=medium
[ Carsten Schoenert ]
* [71ac5e7] rebuild patch queue from patch-queue branch
added patches:
porting-mips/Add-struct-ucred-for-Linux-on-MIPS.patch
porting-mips/Bug-1444303-MIPS-Fix-build-failures-after-Bug-1425580-par.patch
porting-mips/Bug-1444834-MIPS-Stubout-MacroAssembler-speculationBarrie.patch
* [d94e5dc] d/control: B-D on {lib}clang-6.0* and llvm-6.0-dev
(Closes: #906707)
-- Carsten Schoenert Mon, 20 Aug 2018 17:57:07 +0200
thunderbird (1:60.0-1) unstable; urgency=medium
[ Cyril Brulebois ]
* [4f1fcd4] Bump B-D libsqlite3-dev version
Upstream requires a more recent version that is already available in
unstable but not in Stretch later e.g.
* [5a790c2] Add libicu-dev to Build-Depends (required for icu-i18n.pc)
This package was pulled from some other package already but we need this
explicit now again as we don't use the internal ICU version any more.
* [8c86207] Bump libhunspell-dev version
The same as for libsqlite3-dev, adding the correct B-D version.
(Closes: #905465)
[ Carsten Schoenert ]
* [901f257] New upstream version 60.0
Fixed CVE issues in upstream version 60.0 (MFSA 2018-19)
CVE-2018-12359: Buffer overflow using computed size of canvas element
CVE-2018-12360: Use-after-free when using focus()
CVE-2018-12361: Integer overflow in SwizzleData
CVE-2018-12362: Integer overflow in SSSE3 scaler
CVE-2018-5156: Media recorder segmentation fault when track type is
changed during capture
CVE-2018-12363: Use-after-free when appending DOM nodes
CVE-2018-12364: CSRF attacks through 307 redirects and NPAPI plugins
CVE-2018-12365: Compromised IPC child process can list local filenames
CVE-2018-12371: Integer overflow in Skia library during edge builder
allocation
CVE-2018-12366: Invalid data handling during QCMS transformations
CVE-2018-12367: Timing attack mitigation of PerformanceNavigationTiming
CVE-2018-5187: Memory safety bugs fixed in Firefox 61, Firefox ESR 60.1,
and Thunderbird 60
CVE-2018-5188: Memory safety bugs fixed in Firefox 61, Firefox ESR 60.1,
Firefox ESR 52.9, and Thunderbird 60
* [44ab834] rebuild patch queue from patch-queue branch
removed patches (applied upstream):
porting-arm64/Bug-1453892-Only-use-SkJumper-s-arm64-half-float-optimiza.patch
porting-arm64/Bug-1463036-Use-HAVE_ARM_NEON-instead-of-BUILD_ARM_NEON-f.patch
porting-armel/Bug-1463036-Add-mfloat-abi-softfp-to-NEON_FLAGS-when-it-m.patch
* [3168b29] debian/control: increase Standards-Version to 4.2.0
No further changes needed.
* [f2f206e] d/rules: use MOZ_LANGPACK_ID instead of hard coding
* [996352a] d/rules: ensure l10n MOZ_LANGPACK_ID matches variable from
makefile
Previous beta versions for the thunderbird-l10n data have used
'@firefox.mozilla.org' within their application.id setting. Thunderbird
now expects '@thunderbird.mozilla.org' instead. Make the build more
flexible so we can detect mismatches here.
(Closes: #906176)
-- Carsten Schoenert Sun, 19 Aug 2018 11:32:11 +0200
thunderbird (1:60.0~b10-1) experimental; urgency=medium
[ intrigeri ]
* [596869d] AppArmor: update profile from upstream (at commit edc9487)
(Closes: #901471)
[ Carsten Schoenert ]
* [57195ff] New upstream version 60.0~b10
* [770c9a6] rebuild patch queue from patch-queue branch
added patches:
porting-arm64/Bug-1463036-Use-HAVE_ARM_NEON-instead-of-BUILD_ARM_NEON-f.patch
porting-armel/Avoid-using-vmrs-vmsr-on-armel.patch
porting-armel/Bug-1463035-Remove-MOZ_SIGNAL_TRAMPOLINE.-r-darchons.patch
porting-armel/Bug-1463036-Add-mfloat-abi-softfp-to-NEON_FLAGS-when-it-m.patch
* [7fa6ebd] debian/control: increase Standards-Version to 4.1.5
No further changes needed.
* [22e701c] c-l-l10n-t.sh: adjust the path to the python helper
Adjust the shell script helper to use the changed path to makeversion.py.
* [90a1d9e] sticky prefs: use the new syntax in vendor.js
The syntax for locked preferences has been changed a while ago, it's
time to adjust the entry within vendor.js to disable automatic updates
for AddOns.
-- Carsten Schoenert Thu, 12 Jul 2018 17:52:27 +0200
thunderbird (1:60.0~b9-2) experimental; urgency=medium
[ intrigeri ]
* [eb7cb44] Revert "apparmor: allow access to @{HOME}/.gnupg/tofu.db"
* [4cd8baf] AppArmor: update profile from upstream
(Closes: #900840)
* [807eb99] AppArmor: update profile from upstream (at commit 104da32)
[ Carsten Schoenert ]
* [c980546] rebuild patch queue from patch-queue branch
added patch:
porting-arm64/Bug-1453892-Only-use-SkJumper-s-arm64-half-float-optimiza.patch
-- Carsten Schoenert Sun, 01 Jul 2018 19:15:00 +0200
thunderbird (1:60.0~b9-1) experimental; urgency=medium
* [be64a3e] d/source.filter: update due upstream changes
Writing the import filter file source.filter mostly complete new from
scratch. Needed because upstream has changed the structure of the source
completely.
* [c4b9113] New upstream version 60.0~b9
* [3dc900a] rebuild patch queue from patch-queue branch
Related to the changed source structure the patches for the patch queue
needs to be adjusted to the new folders and their structure. Thanks to
git this wasn't that painful as git did all of the job. Two new patches
are needed to add.
added patches:
fixes/Build-also-gdata-provider-as-xpi-file.patch
debian-hacks/Don-t-build-testing-suites-and-stuff-part-2.patch
* [e50ae04] d/rules: remove references to folder 'mozilla'
To get the source built some targets in debian/rules are needed to be
modified. All references to the old used folder 'mozilla/' are removed
now.
* [a650500] ICU: don't build the Paragraph Layout library
Disable the build of the Paragraph Layout library, we don't need them if
we need to built the ICU stuff. Cherry-picked from current ESR 52
packaging.
* [977b7fe] d/mozconfig.default: use the ICU package from system
The Debian packages of icu are recent enough so we don't need to build
own dedicated ICU binaries.
* [0c7ed7e] adjust the configuration of the built
Because of the modified source structure some more adjustments are needed
while going through the built targets like different paths, and built
calls of the Thunderbird source.
* [1c09011] adjust the install temporary folder
Upstream is now wrapping all internal make calls through a Python wrapper
called 'mach'. This also involves a changed behavior for installing the
Thunderbird files into the temporary folder we later use by the debhelper
sequencer.
* [bfbc9ca] d/s/lintian-overrides: update content due changed source.filter
The modified file debian/source.filter make some adjustments needed in
the lintian-overrides file for the source files related part.
* [44a4c5a] d/thunderbird.lintian-overrides: update after config changes
Like before some adjustments are needed for the lintian override rules
for the source files.
* [dd48091] d/copyright: adjust the content due folder changes
And one more file that needs to be adjusted due the changed source files.
-- Carsten Schoenert Sun, 01 Jul 2018 16:12:33 +0200
thunderbird (1:60.0~b6-1) experimental; urgency=medium
[ Carsten Schoenert ]
* [3d91710] create-lightning-l10n: adjust folder structure
To build more easy lightning-l10n packages let's modify the helper script
for building the additional tarball. Change the content structure so we
can simple copy the needed l10n stuff into the l10n packages.
* [f1d6031] New upstream version 60.0~b6
* [6643c31] Revert the linking into /u/l/tb/d/extensions
Thunderbird in Debian won't detecting extension which are placed in
/usr/lib/thunderbird/distribution/extensions, going back to the old
folder /usr/lib/thunderbird/extensions to link extensions into
Thunderbird.
* [26549a3] lightning: turning package into Architecture all
Change the architecture for the lightning package from 'any' to 'all'.
Lightning is only build by Javascript, CSS, JSM and other text based
files and we don't need to build and install it as a architecture
dependent package.
* [86cd48f] mozconfig.default: disable webrtc build and inclusion
Let's drop the build of support for WebRTC, Thunderbird isn't able to use
this as there is no component which is depending on this. The chat
component would be a potential use case but right now it lacks any
functionality by webrtc features.
-- Carsten Schoenert Sat, 05 May 2018 13:56:36 +0200
thunderbird (1:60.0~b5-1) experimental; urgency=medium
[ Carsten Schoenert ]
* [b8625ea] New upstream version 60.0~b5
-- Carsten Schoenert Sat, 28 Apr 2018 19:15:07 +0200
thunderbird (1:60.0~b4-1) experimental; urgency=medium
[ Carsten Schoenert ]
* [62ae939] New upstream version 60.0~b4
-- Carsten Schoenert Mon, 23 Apr 2018 18:19:11 +0200
thunderbird (1:60.0~b3-1) experimental; urgency=medium
[ Carsten Schoenert ]
* [94f8505] debian/control: increase Standards-Version to 4.1.4
No further changes needed.f2f206eb34a619f7a684d1216fcd918454135d41
* [3ba10c6] rebuild patch queue from patch-queue branch
added patches:
porting-sparc64/Bug-1434726-Early-startup-crash-on-Linux-sparc64-in-HashI.patch
fixes/Use-msse-2-fpmath-C-CXXFLAGS-only-on-x86_64-platforms.patch
fixes/Fix-big-endian-build-for-SKIA.patch (re-added)
Thanks Andreas Glaubitz for providing these patches!
* [dabf294] New upstream version 60.0~b3
* [24f8a38] re-enable usage of lib{nspr4,nss3}-dev while built
The available versions of these libraries now recent enough so we can
drop the usage of the embedded code copies.
-- Carsten Schoenert Sun, 15 Apr 2018 12:47:43 +0200
thunderbird (1:60.0~b2-1) experimental; urgency=medium
[ Agustin Henze ]
* [3639717] apparmor: allow access to @{HOME}/.gnupg/tofu.db
(Closes: #894907)
[ intrigeri ]
* [3895bba] AppArmor: fix empty black windows in Thunderbird 58+
(Closes: #887973)
* [353ca25] AppArmor: update profile from upstream
(Closes: #882048, #882122)
[ Carsten Schoenert ]
* [37e0bbe] New upstream version 59.0~b1
* [d75c4be] rebuild patch queue from patch-queue branch
added patches:
fixes/Fix-build-against-libcairo2-dev-1.15.10.patch
patches/fixes/Fix-big-endian-build-for-SKIA.patch
removed patches:
debian-hacks/Allow-usage-of-libnspr4-dev-4.16.patch
fixes/Bug-1418598-Make-cargo-linker-properly-handle-quoted-stri.patch
thunderbird/Thunderbird-fix-installdir-for-icons.patch
* [9615d6a] New upstream version 60.0~b1
* [431006c] d/source.filter: update due upstream changes
Update the list of files we filter out, Upstream added various new files
mostly used for auto-testing we don't use.
* [2cb4635] d/s/lintian-overrides: remove entries about brace expansion
We can remove the override about brace expansion in dh sequencer files.
* [4c9f185] debian/rules: using 'rm -f' because probably non existing files
The file app.ini isn't existing in some l10n folders for lightning,
simply use '-f' for convenience.
* [ed00442] debian/rules: fix typo to grep app ID of calendar-g-p
* [4a993c5] adding additional packages to Breaks with thunderbird
The packages calendar-exchange-provider and enigmail
xul-ext-sogo-connector aren't compatible to the webextension interface
and we need to add a versioned Breaks.
* [9bd8286] adjust Breaks for enigmail
Also enigmail needs an adjusted version for Breaks.
* [24382c2] Revert "Use gcc-6 and g++-6 due broken GUI with GCC-7"
(Closes: #892404)
* [f0ac8a5] rebuild patch queue from patch-queue branch
removed patches:
debian-hacks/Allow-to-override-ICU_DATA_FILE-from-the-environment.patch
debian-hacks/remove-non-free-W3C-icon-valid.png.patch
fixes/Allow-.js-preference-files-to-set-locked-prefs-with-lockP.patch
fixes/Fix-build-against-libcairo2-dev-1.15.10.patch
modified patches:
debian-hacks/Build-against-system-libjsoncpp.patch
debian-hacks/Don-t-build-testing-suites-and-stuff.patch
porting-kfreebsd-hurd/FTBFS-hurd-fixing-unsupported-platform-Hurd.patch
porting-kfreebsd-hurd/adding-missed-HURD-adoptions.patch
* [6ab35ad] d/mozconfig.default: don't use nspr and nss from system
We need to switch back to the embedded source for NSS and NSPR, the
versions in unstable aren't usable.
* [055ed65] d/mozconfig.default: remove no longer alive option
The option '--enable-system-cairo' is gone with TB 60.
* [663d6f1] lightning-l10n-bn-bd: remove Bengali (Bangladesh) l10n package
* [02b21cb] lightning-l10n-pa-in: remove Punjabi (India) l10ng package
* [0cc0b5d] lightning-l10n-ta-lk: remove Tamil (Sri Lanka) l10n package
* [62f23a5] thunderbird-l10n-bn-bd: remove (Bangladesh) l10n package
* [61bfdf4] thunderbird-l10n-pa-in: remove Punjabi (India) l10n package
* [a361750] thunderbird-l10n-ta-lk: remove Tamil (Sri Lanka) l10n package
* [8ba5b0d] debian/control: add new packages for *-kk language
* [e4280ac] debian/control: add new packages for *-ms language
* [aaef9fe] adjust Vcs fields to salsa.debian.org
* [144c492, 009b145] debian/copyright: update after upstream changes
Upstream removed some files/folders, which reflects in needed adjustments
for the copyright file.
* [3623f84] d/thunderbird.lintian-overrides: add libnspr4.so and libnss3.so
We now need to ship (again) embedded libraries for NSPR and NSS.
* [0d3de65] lightning: move linking into /u/l/tb/distribution/extensions
Following upstream with the folder for the Lightning to not differ.
* [4d6cefe] New upstream version 60.0~b2
* [e1c40a7] rebuild patch queue from patch-queue branch
removed patches:
fixes/Fix-big-endian-build-for-SKIA.patch
* [4834a1d] add entries to README and NEWS for thunderbird
Adding notes about the current situation foe the l10n packages and their
integration into the UI of Thunderbird and Lightning.
-- Carsten Schoenert Sat, 07 Apr 2018 11:12:37 +0200
thunderbird (1:58.0~b3-1) experimental; urgency=medium
[ Carsten Schoenert ]
* [d114338] d/source.filter: update due upstream changes
Update the filtering list for excluding some unwanted source files as
usual while preparing new major upstream versions.
* [91d23a9] New upstream version 58.0~b3
* [f34e555] rebuild patch queue from patch-queue branch
added patches:
debian-hacks/Allow-usage-of-libnspr4-dev-4.16.patch
debian-hacks/icu-use-locale.h-instead-of-xlocale.h.patch
debian-hacks/shellutil.py-ignore-tilde-as-special-character.patch
fixes/Bug-1418598-Make-cargo-linker-properly-handle-quoted-stri.patch
modified patches:
debian-hacks/Build-against-system-libjsoncpp.patch
debian-hacks/Don-t-build-testing-suites-and-stuff.patch
porting-kfreebsd-hurd/FTBFS-hurd-fixing-unsupported-platform-Hurd.patch
porting-kfreebsd-hurd/adding-missed-HURD-adoptions.patch
porting-m68k/Add-m68k-support-to-Thunderbird.patch
porting-sh4/Add-sh4-support-to-Thunderbird.patch
porting/Disable-optimization-on-alpha-for-the-url-classifier.patch
prefs/Don-t-auto-disable-extensions-in-system-directories.patch
prefs/Set-javascript.options.showInConsole.patch
obsolete patches (included somehow or fixed upstream):
debian-hacks/Force-use-the-i686-rust-target.patch
porting-alpha/FTBFS-alpha-adjust-some-source-to-prevent-build-issues.patch
patches/porting-alpha/fix-FTBFS-on-alpha.patch
patches/porting-arm64/Bug-1257055-Use-jit-arm64-Architecture-arm64.h-on-non-JIT.patch
patches/porting-hppa/FTBFS-hppa-xpcshell-segfaulting-during-make-install.patch
porting-kfreebsd-hurd/FTBFS-hurd-adding-GNU-Hurd-to-the-list-of-OS-systems.patch
porting-mips/FTBFS-mips-add-missing-char-variable.patch
porting/ppc-fix-divide-page-size-in-jemalloc.patch
thunderbird-l10n/thunderbird-l10n-disable-external-extension-update.patch
* [bd45d47] debian/control: adding new Build-Depends
Since this is the first version > 52 we need now cargo, clang, rustc and
llvm development files.
* [c63a03f] d/mozconfig.default: remove no longer alive options
Some old options like --disable-gnomeui, --enable-gio, and
--with-default-mozilla-five-home are history now.
* [609dbbe] l10n lightning: modify script to work with recent version
We still need to use the shellscript create-lightning-l10n-tarball.sh
(and also *-thunderbird-l10n-*) to create the additional tarballs.
* [2f276b7] thunderbird-l10n: change tb-l10n package installation
Due the changed structure from upstream for the thunderbird l10n files
the packaging needs also to be adopted.
* [ee476f8] d/thunderbird.install: update install sequencer file
Also small adjustments are needed for the installation of the thunderbird
binary files. The old script run-mozilla.sh (which we didn't have used
within the Debian packaging) isn't shipped now, and there is now a new
folder gtk2 which includes the libmozgtk library linked against GTK2.
* [ced9d18] thunderbird-dev: remove the package and adjustments on this
The complete content that was packaged previously in thunderbird-dev
isn't created and installed now. Thus makes the old package
thunderbird-dev obsolete.
* [484a142] autopkgtests: disable tests around thunderbird-dev
Disable all autopkgtests which have used thunderbird-dev.
* [0aa2546] switch to system libraries back
We can now use the system libararies libnspr4, libnss3 and libsqlite3
again, the version of libicu is still to old for usage within the
package build.
* [858ae82] d/control: thunderbird, remove variable ${gnome:Depends}
* [7c3a258] d/control: lightning, remove variable ${shlibs:Depends}
* [aabf0d4] debian/source/lintian-overrides: update entries
* [94b00db] debian/control: increase Standards-Version to 4.1.3
No further changes needed.
* [245e8c2] debian/copyright: update after upstream changes
Also almost needed with new major upstream versions reflect the
changes from upstream in the copyright file.
* [72507b2] d/control: enigmail < 1.9.9 isn't working with TB > 55
Due the new plugin interface some old plugins doesn't work with this
thunderbird version anymore, or behaving unexpected. Enigmal is one of
the this (known) plugins which needs to be at least in version 2.0a2pre
installed to work with Thunderbird.
* [6cf0133] lightning-l1on: change l10n installation
Related to [4abc7f2] the various thunderbird-l10n packages need to be
installed differently to old package installations.
* [6af7054] calendar-google-provider: tweak installation a bit
More a hack but the Mozilla plugin installation by mozilla-devscripts
isn't prepared for the new webextension logic by Mozilla. Symlinking the
c-g-p plugin for now directly from the thunderbird extension folder.
-- Carsten Schoenert Sun, 21 Jan 2018 14:03:39 +0100
thunderbird (1:52.9.1-1) unstable; urgency=high
[ intrigeri ]
* [1259eaa] AppArmor: update profile from upstream (at commit edc9487)
(Closes: #901471)
[ Carsten Schoenert ]
* [d706f5b] debian/control: increase Standards-Version to 4.1.5
No further changes needed.
* [f5a3eb2] New upstream version 52.9.1
(Closes: #903160)
-- Carsten Schoenert Tue, 10 Jul 2018 19:40:41 +0200
thunderbird (1:52.9.0-1) unstable; urgency=high
[ intrigeri ]
* [c33dba2] Revert "apparmor: allow access to @{HOME}/.gnupg/tofu.db"
* [cb64397] AppArmor: update profile from upstream (Closes: #900840)
* [b5d6545] AppArmor: update profile from upstream (at commit 104da32)
[ Carsten Schoenert ]
* [099b525] d/source.filter: add some more files to filter
There are some more files we want to filter out.
* [376e5f3] New upstream version 52.9.0
Fixed CVE issues in upstream version 52.9 (MFSA 2018-18)
CVE-2018-12359: Buffer overflow using computed size of canvas element
CVE-2018-12360: Use-after-free when using focus()
CVE-2018-12372: S/MIME and PGP decryption oracles can be built with HTML
emails
CVE-2018-12373: S/MIME plaintext can be leaked through HTML reply/forward
CVE-2018-12362: Integer overflow in SSSE3 scaler
CVE-2018-12363: Use-after-free when appending DOM nodes
CVE-2018-12364: CSRF attacks through 307 redirects and NPAPI plugins
CVE-2018-12365: Compromised IPC child process can list local filenames
CVE-2018-12366: Invalid data handling during QCMS transformations
CVE-2018-12374: Using form to exfiltrate encrypted mail part by pressing
enter in form field
CVE-2018-5188: Memory safety bugs fixed in Firefox 60, Firefox ESR 60.1,
Firefox ESR 52.9, and Thunderbird 52.9
* [83a9c9b] rebuild patch queue from patch-queue branch
As we have filtered more files out from the source we need to modify the
list of tests we won't to built while built the source too so a small
adjustment on that.
Also fixing some spelling issues which Lintian has found.
modified patches:
debian-hacks/Don-t-build-testing-suites-and-stuff.patch
porting-alpha/fix-FTBFS-on-alpha.patch
porting-kfreebsd-hurd/FTBFS-hurd-fixing-unsupported-platform-Hurd.patch
porting-kfreebsd-hurd/ipc-chromium-fix-if-define-for-kFreeBSD-and-Hurd.patch
renamed patches:
Allow-to-override-ICU_DATA_FILE-from-the-environment.patch ->
Allow-one-to-override-ICU_DATA_FILE-from-the-environment.patch
fix-function-nsMsgComposeAndSend-to-to-respect-Replo.patch ->
fix-function-nsMsgComposeAndSend-to-respect-ReploToSend.patch
* [d5254e2] Removed unneded lintian override about brace expansion
-- Carsten Schoenert Wed, 04 Jul 2018 21:44:26 +0200
thunderbird (1:52.8.0-1) unstable; urgency=high
[ intrigeri ]
* [4656ebf] AppArmor: update profile from upstream
(Closes: #882048, #882122)
[ Agustin Henze ]
* [840cbc8] apparmor: allow access to @{HOME}/.gnupg/tofu.db
(Closes: #894907)
[ Carsten Schoenert ]
* [514e9e8] New upstream version 52.8.0
Fixed CVE issues in upstream version 52.8 (MFSA 2018-13)
CVE-2018-5183: Backport critical security fixes in Skia
CVE-2018-5184: Full plaintext recovery in S/MIME via chosen-ciphertext
attack (aka Efail)
CVE-2018-5154: Use-after-free with SVG animations and clip paths
CVE-2018-5155: Use-after-free with SVG animations and text paths
CVE-2018-5159: Integer overflow and out-of-bounds write in Skia
CVE-2018-5161: Hang via malformed headers
CVE-2018-5162: Encrypted mail leaks plaintext through src attribute
(aka Efail)
CVE-2018-5170: Filename spoofing for external attachments
CVE-2018-5168: Lightweight themes can be installed without user
interaction
CVE-2018-5178: Buffer overflow during UTF-8 to Unicode string conversion
through legacy extension
CVE-2018-5185: Leaking plaintext through HTML forms (aka Efail)
CVE-2018-5150: Memory safety bugs fixed in Firefox 60, Firefox ESR 52.8,
and Thunderbird 52.8
(Closes: #898631)
* [7845229] ICU: don't build the Paragraph Layout library
Disable the build of the layout library in the internal ICU build as we
don't need this and can cause build issues.
* [e0a79fc] debian/control: increase Standards-Version to 4.1.4
No further changes needed.
-- Carsten Schoenert Thu, 17 May 2018 21:04:15 +0200
thunderbird (1:52.7.0-1) unstable; urgency=medium
* [9eb2692] New upstream version 52.7.0
Fixed CVE issues in upstream version 52.7 (MFSA 2018-09)
CVE-2018-5127: Buffer overflow manipulating SVG animatedPathSegList
CVE-2018-5129: Out-of-bounds write with malformed IPC messages
CVE-2018-5144: Integer overflow during Unicode conversion
CVE-2018-5146: Out of bounds memory write in libvorbis
CVE-2018-5125: Memory safety bugs fixed in Firefox 59, Firefox ESR 52.7,
and Thunderbird 52.7
CVE-2018-5145: Memory safety bugs fixed in Firefox ESR 52.7 and
Thunderbird 52.7
* [a01cf4b] Revert "Use gcc-6 and g++-6 due broken GUI with GCC-7"
Switching now back to GCC7 as we don't have any longer issues with
broken visuals in the GUI.
(Closes: #892404)
-- Carsten Schoenert Mon, 26 Mar 2018 17:21:40 +0200
thunderbird (1:52.6.0-1) unstable; urgency=high
* [97e1cd7] New upstream version 52.6.0
Fixed CVE issues in upstream version 52.6 (MFSA 2018-04)
CVE-2018-5095: Integer overflow in Skia library during edge builder
allocation
CVE-2018-5096: Use-after-free while editing form elements
CVE-2018-5097: Use-after-free when source document is manipulated
during XSLT
CVE-2018-5098: Use-after-free while manipulating form input elements
CVE-2018-5099: Use-after-free with widget listener
CVE-2018-5102: Use-after-free in HTML media elements
CVE-2018-5103: Use-after-free during mouse event handling
CVE-2018-5104: Use-after-free during font face manipulation
CVE-2018-5117: URL spoofing with right-to-left text aligned left-to-right
CVE-2018-5089: Memory safety bugs fixed in Firefox 58, Firefox ESR 52.6,
and Thunderbird 52.6
* [0300242] rebuild patch queue from patch-queue branch
Added patch debian-hacks/icu-use-locale.h-instead-of-xlocale.h.patch
that fixes the build of the included ICU source against glibc 2.26.
(Closes: #887766)
* [4bf22e0] debian/control: increase Standards-Version to 4.1.3
No further changes needed.
* [3616443] adjust Vcs fields to salsa.debian.org
The Vcs for Thunderbird packaging live now on Salsa as Alioth will be
shutdown in the future.
* [c2f3e14] lintian: ignore non multiarch install folder for thunderbird.pc
Ignore a lintian warning about unavailable pkg-config file thunderbird.pc
as the ESR versions 52.x are the last series which will have a
thunderbird-dev. The next ESR version will be 60.x which uses
webextension and makes thunderbird-dev obsolete.
-- Carsten Schoenert Thu, 25 Jan 2018 20:21:10 +0100
thunderbird (1:52.5.2-2) unstable; urgency=medium
[ Carsten Schoenert ]
* [f597157] Revert "d/thunderbird.postinst: reload AA profile on updates"
The trigger automatics for appamor already is handling the
needed reload on profile updates for the applications.
(Closes: #885158)
* [8ebdb96] debian/control: increase Standards-Version to 4.1.2
No further changes needed.
* [81a8c00] use inverse logic on version for AA profile status check
By this change we don't enforce the disabled profile from the
previous version in some cases and can also handle possible
version strings from -security and -backports.
(Closes: #885157)
-- Carsten Schoenert Tue, 26 Dec 2017 14:56:40 +0100
thunderbird (1:52.5.2-1) unstable; urgency=high
[ intrigeri ]
* [b791221] AppArmor: support new thunderbird executable path
(Closes: #883561, #884217)
[ Carsten Schoenert ]
* [1f46308] New upstream version 52.5.2
Fixed CVE issues in upstream version 52.5 (MFSA 2017-30)
CVE-2017-7829: Mailsploit part 1: From address with encoded null character
is cut off in message header display
CVE-2017-7846: JavaScript Execution via RSS in mailbox:// origin
CVE-2017-7847: Local path string can be leaked from RSS feed
CVE-2017-7848: RSS Feed vulnerable to new line Injection
* [0dd21b9] d/thunderbird.postinst: reload AA profile on updates
* [8c57218] don't disable AA profile on package updates
As people want to re-enable the AA profile a update of
thunderbird doesn't have to disable this again.
(Closes: #884191)
-- Carsten Schoenert Sun, 24 Dec 2017 11:30:09 +0100
thunderbird (1:52.5.0-1) unstable; urgency=high
[ intrigeri ]
* [48e6b65] AppArmor: fix the Crash Reporter and avoid noisy denial logs
(Closes: #880953)
* [ad8b3b5] AppArmor: fix compatibility with NVIDIA hardware
(Closes: #880532)
* [d8ff6b6] Disable the AppArmor profile by default
Due the various side effects by the enabled AppArmor profile in
Thunderbird it's currently better for a user experience we
disabling the AppArmor profile for to not get people get mad with
to many broken things.
Users can always enable the profile by themselves again.
(Closes: #882672)
* [e50eac5] README.Debian: document how to opt-in for AppArmor confinement
* [860d325] README.Debian: document how one can debug the AppArmor profile
[ Guido Günther ]
* [50a8f60] Drop myself from maintainers
Thank you Guido for always helping out if we had some questions!
[ Carsten Schoenert ]
* [b64509b] New upstream version 52.5.0
Fixed CVE issues in upstream version 52.5 (MFSA 2017-26)
CVE-2017-7828: Use-after-free of PressShell while restyling layout
CVE-2017-7830: Cross-origin URL information leak through Resource Timing API
CVE-2017-7826: Memory safety bugs fixed in Firefox 57, Firefox ESR 52.5,
and Thunderbird 52.5
* [3166018] thunderbird.links: let thunderbird pointing to thunderbird-bin
(Closes: #856492)
* [6fff70c] [buster] tb-wrapper: searching the correct dbgsym package
* [4763ca6] adding a NEWS file for thunderbird package
Giving a note about the now disabled AppArmor profile.
* [0b9d656] disabling crashreporter for now
Also don't build and ship the Crashreporter any more, it's useless
until we can collect all symbols correctly.
* [a285647] move AppArmor specific things into own README file
Put all AppArmor related information into one dedicated file.
* [5d56439] d/thunderbird.js: prepare a line for extra X-Debbugs-Cc
A really old bug report ... building a compromise and put the
requested extra header config into the configuration file but keep
it deactivated as default.
(Closes: #379304)
-- Carsten Schoenert Sun, 03 Dec 2017 19:58:57 +0100
thunderbird (1:52.4.0-2~exp1) experimental; urgency=medium
[ Carsten Schoenert ]
* [a3e73e9] disable usage of libgnomeui parts
The libgnomeui stuff (only relevant for GTK+2) is deprecated
for a long time and will be removed in buster, and we don't need
this at all.
See https://lists.debian.org/debian-devel/2017/10/msg00299.html
* [9efc5c9] debian/watch: switch to https
* [bd5a635] rebuild patch queue from patch-queue branch
Fixup for [da3c5cc], add ppc64 to the list of BE architectures.
Thanks Adrian Glaubitz for pointing the issue. (Closes: #879270)
* [42f5ab5] apparmor: update profile from upstream (Closes: #876333, #855346)
[ intrigeri ]
* [d7febc8, b026d28] AppArmor: update profile from upstream
(Closes: #880425, #877324)
* [377e7b5] README.Debian: fixing small typo
* [3b0a63a] AppArmor: fix importing public OpenPGP keys from file
(Closes: #880715)
[ Carsten Schoenert ]
* [241690e] d/control: s/Icedove/Thunderbird in desc's for lightning-l10n-*
The lightning-l10n package were still using the name 'Icdeove'
instead of 'Thunderbird'.
* [f17f735] debian/control: moving transitional packages at bottom
* [91f9897] autopkg: adjust icedove to thunderbird depends
Now move over to depend in favor of thunderbird for some of
the autopkg tests.
* [8ae2ad7] autopkg: adjust icedove-dev to thunderbird-dev depends
Doing the same as before for thunderbird-dev as the native
replacement for icedove-dev.
* [fa0134c] bump debhelper >= 10.2.5
* [8752789] debian/rules: try to build extensions reproducible
The two extensions (lightning and calendar-google-provider)
don't build reproducible right now. Trying to fix this by using
the timestamp from the changelog entry for the files. May not
work correctly and we need to tune more.
* [1496368] d/thunderbird.install: also install the fonts folder
Recent versions of Thunderbird needing the font EmojiOne which
isn't provided by any other package.
(Closes: #881299)
The following changes are take effect in removing all transitional packages
related to the old icedove packaging only for buster. We still need all the
transitional packages in wheezy, jessie and stretch!
* [54c8a9b] [buster] remove transitional iceowl-l10n-* packages
* [c338630] [buster] remove Replace, Breaks and Provides for iceowl-l10n-*
* [4311683] [buster] remove transitional icedove-l10n-* packages
* [f6e3a01] [buster] remove Replace, Breaks and Provides for icedove-l10n-*
* [a9117e4] [buster] remove transitional iceowl-extension package
* [5aed012] [buster] remove Replace, Breaks and Provides for iceowl-extension
* [27fc04b] [buster] remove transitional icedove-dbg package
* [53b4825] [buster] remove transitional icedove-dev package
* [e2d808f] [buster] remove Replace, Breaks and Provides for icedove-dev
* [97edfbe] [buster] remove transitional icedove package
* [3748054] [buster] remove Replace and Breaks for icedove
* [611a704] [buster] move thunderbird-dbg into *-dbgsym package
-- Carsten Schoenert Sun, 12 Nov 2017 16:01:07 +0100
thunderbird (1:52.4.0-1) unstable; urgency=medium
[ Guido Günther ]
* [da3c5cc] Simplify endianness selection for ICU
Since we need to build ICU on the various Debian releases we
need to ensure the architecture detection isn't to strict.
Thanks Guido for helping out here!
[ Carsten Schoenert ]
* [47748ca] debian/control: be more relaxed on Breaks for enigmail
* [6a54666] thunderbird-wrapper: fix small typo in help output
A small typo was happen in the example call with the JS console.
* [6d5266e] README.Debian: update info around tls fallback-limit
The default behavior on the TLS fallback has changed some
versions ago, document this accordingly.
* [24ad883] debian/control: change maintainer
Thanks Christoph for the work over the past years!
* [c78200e] debian/control: move src pkg name to thunderbird
By this version we move the source package name also back to
thunderbird. This follows the changes that are already made to
the binary package names and we can call the source package now
also again thunderbird.
(Closes: #857075)
* [c26133d] debian/gbp.conf: rename components to real used names
Due the changes of the source package the names for the
sub-folders within the additional tarballs can also be changed
to be closer on the real upstream used names.
* [a5ce4f7] New upstream version 52.4.0
(Closes: #878845, #878870)
Fixed CVE issues in upstream version 52.4 (MFSA 2017-23)
CVE-2017-7793: Use-after-free with Fetch API
CVE-2017-7818: Use-after-free during ARIA array manipulation
CVE-2017-7819: Use-after-free while resizing images in design mode
CVE-2017-7824: Buffer overflow when drawing and validating elements with
ANGLE
CVE-2017-7805: Use-after-free in TLS 1.2 generating handshake hashes
CVE-2017-7814: Blob and data URLs bypass phishing and malware protection
warnings
CVE-2017-7825: OS X fonts render some Tibetan and Arabic unicode characters
as spaces
CVE-2017-7823: CSP sandbox directive did not create a unique origin
CVE-2017-7810: Memory safety bugs fixed in Firefox 56 and Firefox ESR 52.4,
and Thunderbird 52.4
* [104b4e5] rebuild patch queue from patch-queue branch
* [d63662a] lintian: move oldlibs/extra -> oldlibs/optional
By moving all transitional package to oldlibs/optional we can
help deborphan to detect better not needed packages.
* [fb56001] d/rules: reflect changes from renamed component tarballs
The additional tarballs are stored in folders which reflect
the upstream names of those components. This also needs to be
respected for the build instructions of the package.
* [61288fb] debian/control: change Vcs* fields due the src name change
Addressing the changed source package name in the Git Vcs urls.
* [ef95ab5] debian/control: increase Standards-Version to 4.1.1
No further changes needed.
* [45e8fe2] apparmor: update profile from upstream
Thanks to Simon Deziel and intrigeri we can simply use the
apparmor profile changes done for the Ubuntu releases.
* [6b1649c] lintian: adding a override for thunderbird-l10n-all
* [ceab93f] debian/README.source: reflect src package name change
-- Carsten Schoenert Tue, 17 Oct 2017 18:20:29 +0200
icedove (1:52.3.0-4) unstable; urgency=medium
[ Carsten Schoenert ]
* [3ddf57b] rebuild patch queue from patch-queue branch
* [3bd845d] debian/control: increase Standards-Version to 4.1.0
-- Carsten Schoenert Tue, 29 Aug 2017 16:17:24 +0200
icedove (1:52.3.0-3) unstable; urgency=medium
[ Carsten Schoenert ]
* [c08f005] rebuild patch queue from patch-queue branch
* [f658cab] debian/rules: enable verbose build for ICU
-- Carsten Schoenert Mon, 28 Aug 2017 19:44:07 +0200
icedove (1:52.3.0-2) unstable; urgency=medium
[ Carsten Schoenert ]
* [d544a01] debian/rules: correct icu build sequence
-- Carsten Schoenert Tue, 22 Aug 2017 18:57:36 +0200
icedove (1:52.3.0-1) unstable; urgency=medium
[ Carsten Schoenert ]
* [8e852be] New upstream version 52.3.0
Fixed CVE issues in upstream version 52.3 (MFSA 2017-20)
CVE-2017-7800: Use-after-free in WebSockets during disconnection
CVE-2017-7801: Use-after-free with marquee during window resizing
CVE-2017-7809: Use-after-free while deleting attached editor DOM node
CVE-2017-7784: Use-after-free with image observers
CVE-2017-7802: Use-after-free resizing image elements
CVE-2017-7785: Buffer overflow manipulating ARIA attributes in DOM
CVE-2017-7786: Buffer overflow while painting non-displayable SVG
CVE-2017-7753: Out-of-bounds read with cached style data and
pseudo-elements
CVE-2017-7787: Same-origin policy bypass with iframes through page reloads
CVE-2017-7807: Domain hijacking through AppCache fallback
CVE-2017-7792: Buffer overflow viewing certificates with an extremely
long OID
CVE-2017-7804: Memory protection bypass through WindowsDllDetourPatcher
CVE-2017-7791: Spoofing following page navigation with data: protocol and
modal alerts
CVE-2017-7782: WindowsDllDetourPatcher allocates memory without DEP
protections
CVE-2017-7803: CSP containing 'sandbox' improperly applied
CVE-2017-7779: Memory safety bugs fixed in Firefox 55, Firefox ESR 52.3,
and Thunderbird 52.3
* [0b7243b] debian/rules: build icudt5*.dat on our own if needed
If we need to use the internal sources of ICU (triggered by
using --with-system-icu) we need to build the platform depended file
icudt*[b,l].dat before we can call the configure run.
This is needed as Mozilla only ships a precompiled little endian version
of the file icudt*.dat and all platforms with big endianness are failing
later due issues related to the wrong endianness.
* [1964469] debian/mozconfig.default: enable i18n on big endian
* [6b58ac5] debian/control: increase Standards-Version to 4.0.1
* [e59cf81] rebuild patch queue from patch-queue branch
removed patche(s) (applied upstream):
- fixes/Bug-1308908-Compare-the-whole-accessible-name-when-checki.patch
updated/refreshed patches (no changes):
- porting-kfreebsd-hurd/adding-missed-HURD-adoptions.patch
[ Simon Deziel ]
* [a574010] apparmor/usr.bin.thunderbird: small update to avoid noise
-- Carsten Schoenert Sat, 19 Aug 2017 18:27:19 +0200
icedove (1:52.2.1-5) unstable; urgency=high
[ Carsten Schoenert ]
* [133a574] Use gcc-6 and g++-6 due broken GUI with GCC-7
The usage of the GCC-7 suite introduces a broken GUI currently that make
using thunderbird mostly impossible.
(Closes: #871629)
* [3ebacd1] d/rules: use DEB_* variables for entries from changelog
By using variables that are prepared by dpkg we don't need to manually
search for dates and versions. etc.
* [52c2b83] d/copyright: MPL-1.1 and MPL-2.0 now provided by common-licenses
Since policy 4.0.0 the two Mozilla related licenses are included and don't
need to be added extra.
* [3f37967] adjust X-Debian-Homepage to existing Thunderbird page
* [41b5c03] debian/control: increase Standards-Version to 4.0.0
* [e3c3994] mozconfig.default: use proper disabled options
* [2d4b846] debian/control: increase Breaks for enigmail version
(Closes: #869789)
[ John Paul Adrian Glaubitz ]
* [4879401] sh4: disable option --disable-pie (Closes: #867553)
[ Carsten Schoenert ]
* [2646f3f] autpkgtests: disable the idlTest.sh test case
-- Carsten Schoenert Fri, 11 Aug 2017 22:02:47 -0400
icedove (1:52.2.1-4) unstable; urgency=medium
[ Guido Günther ]
* [04de899] Don't use different profile folder for jessie and wheezy
[ Carsten Schoenert ]
* [692d3ce] rebuild patch queue from patch-queue branch (Closes: #867013)
added patch (provided by Adrian):
- porting-alpha/FTBFS-alpha-adjust-some-source-to-prevent-build-issues.patch
removed patch:
- porting-hurd/FTBFS-hurd-adding-GNU-to-the-configure-platform-detection.patch
(wrong approach, the Python wrapper around configure isn't yet smart enough)
[ John Paul Adrian Glaubitz ]
* [5153ce2] mips: final fixups to prevent FTBFS
-- Carsten Schoenert Thu, 06 Jul 2017 16:53:30 +0200
icedove (1:52.2.1-3) unstable; urgency=medium
[ John Paul Adrian Glaubitz ]
* [99b323a] d/mozconfig.default: fixups for --without-intl-api
-- Carsten Schoenert Sat, 01 Jul 2017 10:18:05 +0200
icedove (1:52.2.1-2) unstable; urgency=medium
[ Carsten Schoenert ]
* [e8ce299] disabling ICU support on some big endian systems
This hack should enable at least successful building of all RC platforms
and needs to be solved in a not such agressive way without loosing ICU
support on the problematic platforms.
Thanks John Paul Adrian Glaubitz for catching the root of the issue.
* [a66e812] rebuild patch queue from patch-queue branch
Adding a small needed fix for getting mips* out od FTBFS. Also GNU/Hurd
should pass the configure script now.
-- Carsten Schoenert Fri, 30 Jun 2017 19:38:28 +0200
icedove (1:52.2.1-1) unstable; urgency=medium
[ Guido Günther ]
* [4e87d6b] d/rules: Make sure DIST is not passed on to configure
[ Carsten Schoenert ]
* [35b84ef] rebuild patch queue from patch-queue branch
added patches:
- porting-mips/Fix-CPU_ARCH-test-for-libjpeg-on-mips.patch
- porting-s390x/FTBFS-s390x-Use-jit-none-AtomicOperations-sparc.h-on-s390.patch
(Closes: #864974)
* [c818874] New upstream version 52.2.1
(Closes: #861840)
* [8c776c9] Icedove2Thunderbird: add opt out for dialogue pop-up
(Closes: #860381)
-- Carsten Schoenert Wed, 28 Jun 2017 20:01:44 +0200
icedove (1:52.2.0-1) unstable; urgency=medium
[ Christoph Goehre ]
* [9ebc11d] mozconfig.default: remove configure option
'--disable-methodjit' on armel
This options isn't alive any more and was forgotten to removed on the
previous upload.
[ Simon Deziel ]
* [d8e5d42] usr.bin.thunderbird: merge gpg(1) and gpg2 subprofiles
(Closes: #859179)
* [f18884e] usr.bin.thunderbird: allow accessing gpgconf in gpg subprofile
* [e73afbb] usr.bin.thunderbird: allow accessing any gpg2keys providers
[ Carsten Schoenert ]
* [066ddb9] mozconfig.default: switch back to internal libjpeg
Going back and using the libjpeg library that's shipped by Mozilla, the
system library probably provoking broken builds on various platforms.
As we prepare the uploads for (old-)stable-security we need to use the
internal libjpeg library at all.
* [ff92bfa] rebuild patch queue from patch-queue branch
modified patches:
- porting-m68k/Add-m68k-support-to-Thunderbird.patch
- porting-sh4/Add-sh4-support-to-Thunderbird.patch
(Closes: #859271, #859508)
* [0a89f76] New upstream version 52.2.0
Fixed CVE issues in upstream version 52.2 (MFSA 2017-17)
CVE-2017-5472: Use-after-free using destroyed node when regenerating trees
CVE-2017-7749: Use-after-free during docshell reloading
CVE-2017-7750: Use-after-free with track elements
CVE-2017-7751: Use-after-free with content viewer listeners
CVE-2017-7752: Use-after-free with IME input
CVE-2017-7754: Out-of-bounds read in WebGL with ImageInfo object
CVE-2017-7756: Use-after-free and use-after-scope logging XHR header
errors
CVE-2017-7757: Use-after-free in IndexedDB
CVE-2017-7778: Vulnerabilities in the Graphite 2 library
CVE-2017-7758: Out-of-bounds read in Opus encoder
CVE-2017-7764: Domain spoofing with combination of Canadian Syllabics and
other unicode blocks
CVE-2017-5470: Memory safety bugs fixed in Firefox 54 and Firefox ESR 52.2,
and Thunderbird 52
* [e03380e] rebuild patch queue from patch-queue branch
modified patch:
- porting-kfreebsd-hurd/FTBFS-hurd-fixing-unsupported-platform-Hurd.patch
-- Carsten Schoenert Fri, 16 Jun 2017 20:37:06 +0200
icedove (1:52.1.1-1) experimental; urgency=medium
[ Guido Günther ]
* [db8d0db] Tighten meta package dependencies
Be more strict on depends and add a version to all related
Thunderbird specific packages.
* [defb689] Copy-edit thunderbird-wrapper-helper.sh
* [54b35d4] Allow one to override the location of the wrapper-helper
Make $TB_HELPER more flexible and give the variable a default value, so a
user can override it with it's own.
* [a187364] dh-exec: avoid multiple spaces around filenames
* [a85bc7a] thunderbird-wrapper: robustness when sourcing helper
* [eee56ab] Drop replaces on packages no longer in any release
[ Carsten Schoenert ]
* [1d85980] rebuild patch queue from patch-queue branch
added patches:
- porting-mk68/Add-m68k-support-to-Thunderbird.patch
- porting-sparc64/Add-sparc64-support-to-Thunderbird.patch
(Closes: #859151, #859271)
* [2717849] tb-wrapper: call thunderbird starting with exec
(Closes: #858100)
* [8afa31b] d/gbp.conf: adjust upstream branch to new ESR version
* [43d2e70] New upstream version 52.1.1
Fixed CVE issues in upstream version 52.1 (MFSA 2017-09)
CVE-2017-5413: Segmentation fault during bidirectional operations
CVE-2017-5414: File picker can choose incorrect default directory
CVE-2017-5416: Null dereference crash in HttpChannel
CVE-2017-5426: Gecko Media Plugin sandbox is not started if seccomp-bpf
filter is running
CVE-2017-5418: Out of bounds read when parsing HTTP digest authorization
responses
CVE-2017-5419: Repeated authentication prompts lead to DOS attack
CVE-2017-5405: FTP response codes can cause use of uninitialized values
for ports
CVE-2017-5421: Print preview spoofing
CVE-2017-5422: DOS attack by using view-source: protocol repeatedly in one
hyperlink
CVE-2017-5399: Memory safety bugs fixed in Thunderbird 52
Fixed CVE issues in upstream version 52.1 (MFSA 2017-13)
CVE-2017-5433: Use-after-free in SMIL animation functions
CVE-2017-5435: Use-after-free during transaction processing in the editor
CVE-2017-5436: Out-of-bounds write with malicious font in Graphite 2
CVE-2017-5461: Out-of-bounds write in Base64 encoding in NSS
CVE-2017-5459: Buffer overflow in WebGL
CVE-2017-5466: Origin confusion when reloading isolated data:text/html URLs
CVE-2017-5434: Use-after-free during focus handling
CVE-2017-5432: Use-after-free in text input selection
CVE-2017-5460: Use-after-free in frame selection
CVE-2017-5438: Use-after-free in nsAutoPtr during XSLT processing
CVE-2017-5439: Use-after-free in nsTArray Length() during XSLT processing
CVE-2017-5440: Use-after-free in txExecutionState destructor during XSLT
processing
CVE-2017-5441: Use-after-free with selection during scroll events
CVE-2017-5442: Use-after-free during style changes
CVE-2017-5464: Memory corruption with accessibility and DOM manipulation
CVE-2017-5443: Out-of-bounds write during BinHex decoding
CVE-2017-5444: Buffer overflow while parsing application/http-index-format
contents
CVE-2017-5446: Out-of-bounds read when HTTP/2 DATA frames are sent with
incorrect data
CVE-2017-5447: Out-of-bounds read during glyph processing
CVE-2017-5465: Out-of-bounds read in ConvolvePixel
CVE-2016-10196: Vulnerabilities in Libevent library
CVE-2017-5454: Sandbox escape allowing file system read access through
file picker
CVE-2017-5469: Potential Buffer overflow in flex-generated code
CVE-2017-5445: Uninitialized values used while parsing
application/http-index-format content
CVE-2017-5449: Crash during bidirectional unicode manipulation with
animation
CVE-2017-5451: Addressbar spoofing with onblur event
CVE-2017-5462: DRBG flaw in NSS
CVE-2017-5467: Memory corruption when drawing Skia content
CVE-2017-5430: Memory safety bugs fixed in Firefox 53, Firefox ESR 52.1,
Thunderbird 52.1
CVE-2017-5429: Memory safety bugs fixed in Firefox 53, Firefox ESR 45.9,
Firefox ESR 52.1, and Thunderbird 52.1
(Closes: #855344, #495372, #861480, #682208, #698244, #859909, #857593,
#837771)
* [de561ef] rebuild patch queue from patch-queue branch
added patches:
- debian-hacks/Allow-to-override-ICU_DATA_FILE-from-the-environment.patch
- debian-hacks/Build-against-system-libjsoncpp.patch
- debian-hacks/Don-t-build-testing-suites-and-stuff.patch
- debian-hacks/Force-use-the-i686-rust-target.patch
- fixes/Bug-1308908-Compare-the-whole-accessible-name-when-checki.patch
(Closes: #826325)
- porting-sh4/Add-sh4-support-to-Thunderbird.patch
(Closes: #859508)
removed patches (obsoleted by upstream changes):
- debian-hacks/Don-t-build-example-component.patch
- debian-hacks/fix-identification-of-ObjdirMismatchException.patch
- fixes/Bug-1245076-Don-t-include-mozalloc.h-from-the-cstdlib-wra.patch
- fixes/Bug-1273020-Add-missing-null-checks-in-ApplicationAccessi.patch
- fixes/Bug-1277295-Remove-obsolete-reference-to-storage-service-.patch
- fixes/Bug-1340724-fix-SMTP-server-name-output-in-SMTP-logging.-.patch
- fixes/Bug-497488-Implement-verify-mode-in-the-subscribe-dialog-.patch
- fixes/Bug-497488-RSS-feeds-with-an-invalid-certificate-fail-wit-1.patch
- fixes/Bug-497488-RSS-feeds-with-an-invalid-certificate-fail-wit.patch
- porting-arm64/Bug-1091515-Don-t-set-64KB-page-size-on-aarch64.-r-glandi.patch
- porting-kfreebsd-hurd/CrossProcessMutex.h-fix-build-on-kfreebsd-and-GNU-hurd.patch
- porting-kfreebsd-hurd/FTBFS-hurd-adding-the-HURD-platform-to-the-configure.patch
- porting-kfreebsd-hurd/correcting-file-inclusion-for-kfreebsd-and-hurd.patch
- porting-mips/Fix-build-error-in-MIPS-SIMD-when-compiling-with-mfp.patch
- porting-mips/libyuv_disable-mips-assembly-for-MIPS64.patch
- porting-powerpcspe/FTBFS-powerpcspe-disable-AltiVec-instructions.patch
- porting-sparc64/Add-sparc64-support-to-Thunderbird.patch
(unclear state, will be added later again)
- porting/Add-xptcall-support-for-SH4-processors.patch
(Closes: #859362)
- debian-hacks/Move-profile.patch
modified or adjusted patches:
- debian-hacks/changing-the-default-search-engine.patch
- debian-hacks/stop-configure-if-with-system-bz2-was-passed-but-no-.patch
- icedove-l10n/disable-extension-update-extension-is-managed-by-apt.patch
--> icedove-l10n/thunderbird-l10n-disable-external-extension-update.patch
(renamed to and modified due new languages)
- icedove/fix-installdir.patch
--> debian-hacks/Thunderbird-fix-installdir-for-icons.patch
* [684ad58] d/source.filter: update due upstream changes
* [d005649] debian/control: modify various B-D
* [7a8a98d] debian/rules: add some extra C*FLAGS
Adding '-fno-lifetime-dse' to not enable dead store elimination of
objects within their lifetime, some parts of the source is relying
on the persistent values of such objects.
Some other distributions as Ubuntu, Fedora and Arch e.g. use this flag too
(at least with ESR52) to prevent possible segfaults.
* [56f8f4b] debian/rules: adding hack to preserve correct config.status
* [fb500a6] mozconfig.default: remove no longer existing options
* [c9a3e60] mozconfig.default: some minor adjustments to configure options
* [f584857] mozconfig.default: enable GTK3 theme explicit
(Closes: #857593)
* [3cbe1fb] debian/control: add packages for *-dsb language
* [8317735] debian/control: add packages for *-hsb language
* [39d90c1] debian/control: add packages for *-kab language
* [82b4f50] debian/control: add missing packages for *-ast language
* [0edde96] debian/rules: include also l10n folder with 3 characters
* [47f17a4] lintian-overrides: modify the list for the js files to ignore
* [8872d34] debian/copyright: update after upstream changes
* [6755547] mozconfig.default: use some internal libraries
Use libicu-dev, libnspr4-dev, libnss3-dev, libsqlite3-dev from
shipped source as Stretch versions not recent enough.
* [5b04b32] thunderbird.install: pick up icu*.dat if around
* [edf24d7] debian/control: mark thunderbird-dbg as Multi-Arch: same
* [5d5392b] apparmor/usr.bin.thunderbird: update for version 52
(cherry-picked from upstream)
(Closes: #859179)
* [f49ad79] apparmor/usr.bin.thunderbird: grant access to commonly used
locations (cherry-picked from upstream)
* [510fd6f] debian/rules: install lightning-l10n files into correct place
* [d70ade4] lightning-l10n: adjust min/max version for ESR 52 cycle
With the new ESR version tweaking the extension version of l10n packages
for lightning > 52.0 and < 52.*.
* [c0dd18f] debian/rules: install icudt5*.dat file more flexible
* [b5136f7] autopkg: improve the output of idlTest.sh
* [7ac04f6] autopkg: add extra test icudatfileTest.sh
[ Christoph Goehre ]
* [13f5178] lintian-overrides: we build against internal nspr and nss
* [56bbf23] rebuild patch queue from patch-queue branch
added patches:
- porting-sparc64/Add-sparc64-support-to-Thunderbird.patch
(Closes: #859151)
modified patches:
- porting-mk68/Add-m68k-support-to-Thunderbird.patch
-> porting-m68k/Add-m68k-support-to-Thunderbird.patch (renamed)
* [6a7ef60] tests/idlTest.sh: remove duplicated 'done' output
* [42bf8e1] debian/rules: remove duplicate .so files in thunderbird-dev
* [5dc08bc] tests/soSymlinkTest.sh: check for symlinked .so files
-- Carsten Schoenert Sat, 03 Jun 2017 19:54:43 +0200
icedove (1:45.8.0-3) unstable; urgency=medium
[ Carsten Schoenert ]
* [d923505] AppArmor: be more flexible on profile folders
(Closes: #858735, #858737)
* [1e04099] tb-wrapper: use readlink also on ${ID_PROFILE_FOLDER}
(Closes: #858771)
* [9f6b771] tb-wrapper: correct check for -dbg package (Closes: #858804)
* [8b5271a] rebuild patch queue from patch-queue branch
added patches:
- fixes/Bug-1273020-Add-missing-null-checks-in-ApplicationAccessi.patch
-- Christoph Goehre Wed, 29 Mar 2017 19:28:32 -0400
icedove (1:45.8.0-2) unstable; urgency=medium
[ Carsten Schoenert ]
* [c2a1d77] tb-helper: pass arguments correctly through tb call
(Closes: #855334)
* [5c49348] rebuild patch queue from patch-queue branch
added patches:
- fixes/Bug-1340724-fix-SMTP-server-name-output-in-SMTP-logging.patch
(Closes: #855470)
* [9d420c0] Revert "register MIME type application/octet-stream for
Thunderbird" (Closes: #857755)
* [c9960e5] tb-helper: pass arguments by using a array to TB call
-- Christoph Goehre Tue, 14 Mar 2017 20:37:48 -0400
icedove (1:45.8.0-1) unstable; urgency=medium
[ Carsten Schoenert ]
* [3388899] New upstream version 45.8.0
* [24d25e9] tb-helper*: fix up that silly comments behind the if statement
(Closes: #857029, #857032, #857098, #857112)
* [788b7fa] bash-completion: adding a completion script for /u/b/thunderbird
* [9ac9d07] rebuild patch queue from patch-queue branch
added patches:
- p-arm64/Bug-1091515-Don-t-set-64KB-page-size-on-aarch64.-r-glandi.patch
- p-arm64/Bug-1257055-Use-jit-arm64-Architecture-arm64.h-on-non-JIT.patch
* [ad0860b] copyright: small updates reflecting upstream changes
[ Christoph Goehre ]
* [69577cf] lintian: replace hardlink in thunderbird-dev with symbolic link
-- Christoph Goehre Thu, 09 Mar 2017 20:24:49 -0500
icedove (1:45.7.1-2) unstable; urgency=medium
[ Christoph Goehre ]
* [5e2c618] crashreporter: build only on amd64, armel, armhf and i386
* [36a922f] Apparmor: replace '·' with spaces (Closes: #855343)
* [bbbc917] rebuild patch queue from patch-queue branch
added patches:
- p-hppa/FTBFS-hppa-xpcshell-segfaulting-during-make-install.patch
* [8b5d601] icedove|thunderbird.desktop: update danish (da) translation
[ Carsten Schoenert ]
* [f8debbd] debian/control: separate transitional mark by extra line
(Closes: #855806)
* [583c798] {tb,id}.maintscript: modify start-version (Closes: #854587)
* [94e557c] thunderbird: adding x11-utils to Depends (Closes: #854488)
* [dc878e7] thunderbird-wrapper.sh: fix command line transfer to TB
(Closes: #855334)
* [9734349] thunderbird helper: split helper function into extra file
(Closes: #855286)
* [3089a97] tb-helper*: wrapping X11 dialog calls
* [e0331e1] tb-helper*: rework option parsing for wrapper script
(Closes: #855872)
* [31d9899] thunderbird.postinst: try to remove empty profile folder
(Closes: #855228)
* [c9e5b70] tb-wrapper*: complete rework and moving over for symlinking
(Closes: #855265, #855391, #855501, #856490)
* [9ef920f] README.Debian: adopt content to current wrapper script behavior
* [4cf88e5] icedove|thunderbird.desktop: adopt binary call
* [101e0ad] tb-helper*: call subfunctions not within the case loop
* [c061107] register MIME type application/octet-stream for Thunderbird
-- Christoph Goehre Mon, 06 Mar 2017 20:39:23 -0500
icedove (1:45.7.1-1) unstable; urgency=medium
* Bye-bye Icedove (Closes: #749965, #776359, #816679, #363811)
[ Carsten Schoenert ]
* [90c0d6f] New upstream version 45.7.1
* [a6d21de] rebuild patch queue from patch-queue branch
added patches:
- fixes/Bug-497488-Implement-verify-mode-in-the-subscribe-dialog-.patch
- fixes/Bug-497488-RSS-feeds-with-an-invalid-certificate-fail-wit-1.patch
- fixes/Bug-497488-RSS-feeds-with-an-invalid-certificate-fail-wit.patch
(Closes: #837177)
removed patches (fixed upstream):
- debian-hacks/icu.m4-adding-extra-bracket-to-not-confuse-grep.patch
* [8572e34] lintian: adding a semi automated lintian-override
* [aa2bda2] crashreporter: enable the reporter for thunderbird
* [b96ae57] move icedove.desktop into package icedove
(Closes: #850865, #851829)
* [304921f] debian/rules: set SHELL explicit to /bin/bash (Closes: #852867)
* [072b899] thunderbird: adding extra check while migration
* [284912d] debian/README.Debian: update after recent changes
* [6dc7e32] icedove-l10n-bn-bd: fix typo in Depends field (Closes: #854135)
* [c5d4bf5] {tb,id}.maintscript: modify start-version (Closes: #854587)
* [f3d64ae] thunderbird-wrapper.sh: adding extra information window
(Closes: #854488)
* [6b432c7] README.Debian: hint about issue in global configuration
[ Douglas Bagnall ]
* [e2c8a23] Apparmor: allowing exo-open-ixr launcher (Closes: #853929)
[ Christoph Goehre ]
* [ef36e0b] thunderbird-wrapper.sh: fix typos
* [f98d5d1] thunderbird-wrapper.sh: add small changes from Guido and Carsten
* [7dd6841] README.Debian: fix/correct spelling
* [e038694] debian/control: remove depends-on-essential-package 'sed'
[ Jens Reyer ]
* [ea58e17] thunderbird-wrapper.sh: add extra function for migration
(Closes: #849592)
-- Christoph Goehre Tue, 14 Feb 2017 18:46:23 -0500
icedove (1:45.6.0-3) experimental; urgency=medium
[ Carsten Schoenert ]
* [78b3296] rebuild patch queue from patch-queue branch
added patch:
- debian-hacks/icu.m4-adding-extra-bracket-to-not-confuse-grep.patch
* [a272f85] thunderbird-wrapper.sh: also migrate mimeapps.list
(Closes: #850864)
* [3d4e303] icedove.desktop: don't use categories and mimetypes
(Closes: #850866)
* [db15d43] icedove: link icedove to thunderbird
* [59a9e05] debian/control: change Replaces and Breaks versions
[ Christoph Goehre ]
* [55cce4a] thunderbird-wrapper.sh: remove 'set -e'
-- Christoph Goehre Tue, 17 Jan 2017 18:26:06 -0500
icedove (1:45.6.0-1) experimental; urgency=medium
[ Carsten Schoenert ]
* [26f8f2d] New upstream version 45.6.0
* [15b7797] iceowl-l10n-*: rearrange Recommends field for various packages
(Closes: #824727, #824750, #824763, #824764, #824768, #824780)
* [3f75b56] debian/vendor.js: adjust to new version related wiki site
* [6bd7f89] d/c-id-l10n: adjusting download URL for stable versions
* [f15d1a2] icedove-l10n-all: change Section into metapackages
(Closes: #824785)
* [25c3ba1] debian/README.source: info about import of multitarballs
* [3ebcf59] debian/control: adding Recommends to icedove-l10n-uk
(Closes: #825806)
* [3e57d5e] debian/control: Icedove, adding dependency on libatk-adaptor
* [e19c59d] debian/control: rework Recommends for icedove-l10n-*
* [4741d80] debian/control: small fixup Recommends on iceowl-l10n-*
* [f9f5193] debian/control: sort iceowl-l10n-* alphabetical
* [5220187] de-branding: move iceowl* back to lightning*
* [6e28ce5] de-branding: remove Icedove naming from icedove-l10n*
* [3dc3b4b] de-branding: remove Icedove branding in the main binary
* [8b715cf] de-branding: remove hard name branding in addon managger
* [9f609fa] de-branding: adopting dh files for icedove package
* [caba322] de-branding: adopting dh files for icedove-dev package
* [6538f66] de-branding: change debian/rules to reflect appname change
* [871588d] de-branding: adopting dh files for iceowl-extension package
* [a0b20e7] debian/tests/*: adopt change of the binary icedove
* [29025cc] de-branding: adjust icedove-l10n installation folder
* [2b8dd99] de-branding: adjust iceowl-l10n installation folder
* [1f3043c] de-branding: remove the Debian visual branding
* [272e420] de-branding: removing icedove branding files and folder
* [093bc58] de-branding: revitalize *.desktop file with Thunderbird
* [4a35d9d] de-branding: move iceowl-l10n-* into lightning-l10n-*
* [68d8d79] de-branding: adding transitional iceowl-l10n packages
* [4b2febd] de-branding: adding 'Breaks', 'Replaces', 'Provides' to
lightning-l10n-*
* [9cdb427] de-branding: rework d/r to reflect changes for lightning-l10n
* [ec3b427] de-branding: move icedove-l10n-* into thunderbird-l10n-*
* [387bfa2] de-branding: adding transitional icedove-l10n packages
* [f3cfecb] de-branding: adding 'Breaks', 'Replaces', 'Provides' to
thunderbird-l10n-*
* [03b222e] de-branding: rework d/r to reflect changes for thunderbird-l10n
* [0c9a6ab] de-branding: (re)adding a wrapper script for TB starting
* [f9c8aef] de-branding: move icedove-dev to thunderbird-dev
* [a4313e6] de-branding: adding transitional icedove-dev package
* [0508866] de-branding: rework d/r to reflect changes for thunderbird-dev
* [048b29f] de-branding: move icedove-dbg to thunderbird-dbg
* [da01077] de-branding: adding transitional icedove-dbg package
* [a371079] de-branding: rework d/r to reflect changes for thunderbird-dbg
* [b34b8f8] de-branding: move iceowl-extension to lightning
* [fa8f9b3] de-branding: adding transitional iceowl-extension package
* [848f178] de-branding: rework d/r to reflect changes for lightning
* [a708c35] de-branding: move icedove to thunderbird
* [cccef90] de-branding: moving icedove dh files into thunderbird
* [8c2b27d] de-branding: rework icedove.1 into thunderbird.1
* [19406fe] de-branding: transition of mozconfig.*
* [88ed684] de-branding: rework d/r to reflect changes for thunderbird
* [c8011d3] de-branding: adding transitional icedove package
* [5e399aa] de-branding: adjusting package calendar-google-provider
* [a03329c] debian/tests/help.sh: use absolute path for binary call
* [10adb34] move old icedove graphic stuff into own folder
* [abc6c8c] create various thunderbird png graphics from SVG file
* [a2067ae] debian/copyright: update copyright information
* [a9c6f9f] de-branding: add own created thunderbird icons to install
* [1d8b524] mozconfig.default: enable the official brandind
* [9f3a673] debian/control: adding dh-exec to the Build-Depends
* [cddbc63] move Thunderbird install files into thunderbird.install
* [5037bb5] de-branding: transition of apparmor profile for TB
* [14f094d] de-branding: remove extra URL for What's New inside
* [c2a06db] manpage thunderbird; adjust and correct manpage entries
* [8fa3365] debian/control: adding package dpkg to Build-Depends
* [ba84ede] thunderbird: switching dpkg-maintscript-helper to *.maintscript
* [d0e675b] debian/thunderbird.postinst: adding some moving mechanism
* [cbae415] de-branding: let helper scripts reflect thunderbird change
* [da402a4] thunderbird-wrapper.sh: adding fixing inside mimeTypes.rdf
(Closes: #837516)
* [030d49e] de-branding: adding some hints about the debranding
* [662f7af] debian/README.source: adjusting hints due name changes
* [8fbedc1] debian/thunderbird.install: install additional icedove.desktop
* [9089d9f] debian/*lintian-overrides: adopt name changes
* [b9b7665] debian/rules: use the old profile folder for wheezy and jessie
* [f9c137e] fix *.desktop files for proper GNOME app mechanism
(Closes: #817973, #832302)
* [1c85ff7] debian/rules: chmod certain *.py tb-devel files
* [356694a] thunderbird.links: linking the default TB icon to u/s/p
[ Guido Günther ]
* [24bbee9] Wrap and sort control information (Closes: #825806)
* [fcfe4ac] Add minimalistic autopkgtest
* [f7a32e8] Add autopkgtest to test header and typelib generation
* [189d835] Add autopkgtest to smoke test xpcshell
[ Christoph Goehre ]
* [354f836] turn the reduce of memory usage of the linker on again
* [5e48e17] don't build dbgsym packages on unreleased builds
* [09679eb] rebuild patch queue from patch-queue branch (Closes: #808183)
* [ec3a50b] debian/NEWS: change urgency to medium
-- Christoph Goehre Sat, 31 Dec 2016 10:26:36 +0100
icedove (1:45.5.1-1) unstable; urgency=medium
[ Carsten Schoenert ]
* [efe836f] New upstream version 45.5.1
* [48999ac] rebuild patch queue from patch-queue branch
-- Carsten Schoenert Wed, 30 Nov 2016 18:27:57 +0100
icedove (1:45.4.0-1) unstable; urgency=medium
[ Guido Günther ]
* [a159bc9] autopkgtests: let xfvb-run pick the port to avoid clashes with
already running servers
* [5384838] Snapshot 1:45.3.0-1~1.gbpa159bc
* [8d3ac18] autopkgtest: Dont print on stderr
* [8afc7be] Put test deps on a simgle line
[ Carsten Schoenert ]
* [99e9c40] New upstream version 45.4.0
(Closes: #835866, #836798, #837107)
* [6195d7b] debian/README.source: update instructions for importing
* [5150624] debian/icedove.js: disabling baselinejit functionality
(Closes: #837930)
-- Carsten Schoenert Mon, 03 Oct 2016 12:18:09 +0200
icedove (1:45.3.0-1) unstable; urgency=medium
[ Carsten Schoenert ]
* [3cc29ee] Imported Upstream version 45.3.0
* [ed8cf89] Imported icedove-l10n Upstream version 45.3.0
* [bc20676] Imported iceowl-l10n Upstream version 45.3.0
* [54bd9c4] debian/README.source: fix up some hints
* [756ec86] mozconfig.default: enable build of PIE binaries
* [1cef6f8] rebuild patch queue from patch-queue branch
added patch:
- porting-mips/libyuv_disable-mips-assembly-for-MIPS64.patch
(Closes: #836400)
* [7a1ec74] AppArmor: grant access to local mailboxes and enigmail(2)
(Closes: #837656)
-- Carsten Schoenert Wed, 28 Sep 2016 22:52:03 +0200
icedove (1:45.2.0-4) unstable; urgency=medium
[ Carsten Schoenert ]
* [cc8cd76] mozconfig.default: relaxe optimization on arm{64,el,hf} to -O1
-- Christoph Goehre Thu, 18 Aug 2016 10:45:17 -0400
icedove (1:45.2.0-3) unstable; urgency=medium
[ Guido Günther ]
* [9a8f4e1] tests: Fix typo
[ Carsten Schoenert ]
* [53aab10] AppArmor: allow self execution for -ProfileManager
(Closes: #833742)
* [a459d6a] debian/rules: adding one more CFLAGS/CXXFLAGS compiler flag
(Closes: #833864, #833532, #833591, #833635, #833698)
* [e32c460] AppArmor: grant access to local mailboxes and enigmail
(Closes: #833184)
* [f34e41e] debian/rules: fix typo CXLAGS -> CFLAGS
-- Christoph Goehre Fri, 12 Aug 2016 12:00:44 -0400
icedove (1:45.2.0-2) unstable; urgency=medium
[ Christoph Goehre ]
* [8b4f306] rebuild patch queue from patch-queue branch
added patches:
- p-kfree-hurd/CrossProcessMutex.h-fix-build-on-kfreebsd-and-GNU-hur.patch
(Closes: #808183)
[ Carsten Schoenert ]
* [08e20a0] rebuild patch queue from patch-queue branch
added patches:
- fixes/Bug-1277295-Remove-obsolete-reference-to-storage-service-.patch
(Closes: #827592)
- fixes/Bug-1245076-Don-t-include-mozalloc.h-from-the-cstdlib-wra.patch
(Closes: #831192)
* [1ea97f1] debian/icedove.js: disable Icedove startup check
(Closes: #817973)
* [83bdcdf] debian/rules: adding additional CFLAGS and CXXFLAGS
* [7dc0588] debian/control: addjust breaks for xul-ext-foxyproxy-standard
(Closes: #825749)
* [50a0f1e] autopkg: fixup small type within test call
[ Ulrike Uhlig ]
* [b24bbaa] Add rebranded apparmor profile from upstream (Closes: #829731)
* [0a28f91] apparmor/usr.bin.icedove: refresh Icedove AppArmor profile
[ Guido Günther ]
* [6fe4897] Fix apparmor profile installation
-- Christoph Goehre Tue, 26 Jul 2016 13:25:21 -0400
icedove (1:45.2.0-1) unstable; urgency=medium
[ Guido Günther ]
* [f777843] Wrap and sort control information
via 'wrap-and-sort -ast' to simplify backporting (Closes: #825806)
* [457dffe] Register components with gbp
* [8e73822] Rediff patches
[ Carsten Schoenert ]
* [789ed6f] Imported Upstream version 45.1.1
* [8b8bd3c] Imported icedove-l10n Upstream version 45.1.1
* [23b2984] Imported iceowl-l10n Upstream version 45.1.1
* [411b27d] Imported Upstream version 45.2.0
* [975287a] Imported icedove-l10n Upstream version 45.2.0
* [09b6652] Imported iceowl-l10n Upstream version 45.2.0
* [2b99997] icedove-l10n-all: change Section into metapackages.
As Jonas Smedegaard pointed out, the icedove-l10n-all package is a
metapackage and localization.
(Closes: #824785)
* [a7eec24] debian/README.source: info about import of multitarballs.
As the VCS is using git-buildpackage for package maintenace adding some
hints on how to handle the impoert of the used mutitarballs since
version 45.0.
* [73e8b1a] debian/control: adding Recommends to icedove-l10n-uk
(Closes: #825806)
* [f118470] debian/control: Icedove, adding dependency on libatk-adaptor.
After the adding of some first small autopkg test it turns out that we
miss a dependency on libatk-adaptor.
* [e6e95c9] debian/control: rework Recommends for icedove-l10n-*
As addition to 711468b933f280fe9d6ed78bb1d7d763dede9ea7 also rework the
various Recommends for the icedove-l10n packages.
* [1275b3d] debian/control: small fixup Recommends on iceowl-l10n-*
Fix small typos for iceowl-l10n-{pt-pt,sl}
* [c4c9a02] debian/control: sort iceowl-l10n-* alphabetical
-- Guido Günther Fri, 08 Jul 2016 15:55:46 +0200
icedove (1:45.2~b1-1) experimental; urgency=medium
[ Carsten Schoenert ]
* [68883af] rebuild patch queue from patch-queue branch
added patches:
- porting-kfreebsd-hurd/adding-missed-HURD-adoptions.patch
* [ee509d2] debian/mozconfig.default: switching back to gtk2 as default
(Closes: #821744)
* [f72fe06] adding helper script create-iceowl-l10n-tarball.sh
* [28fba93] debian/README.source: adding additional info for iceowl-l10n
* [826af5b] adding iceowl-l10n related patches to the patch queue
* [1aa6f37] debian/iceowl-*.in: adding needed base files
* [a5946b4] debian/rules: adding iceowl-l10n related rules
* [b1da616] debian/control: adding the current iceowl-l10n-* packages
* [b359c95] debian/source.filter: some adjustments to the filter
* [e45ab44] debian/README.source: use recent version and reformating
* [50b3830] debian/control: increase Standards-Version to 3.9.8
* [3a767b8] debian/rules: remove no longer needed LDFLAGS
* [29a7739] Imported Upstream version 45.2~b1
* [15b7797] iceowl-l10n-*: rearrange Recommends field for various packages
(Closes: #824727, #824750, #824763, #824764, #824768, #824780)
* [3f75b56] debian/vendor.js: adjust to new version related wiki site
* [6bd7f89] d/c-id-l10n: adjusting download URL for stable versions
* [f15d1a2] icedove-l10n-all: change Section into metapackages
(Closes: #824785)
* [25c3ba1] debian/README.source: info about import of multitarballs
* [3ebcf59] debian/control: adding Recommends to icedove-l10n-uk
(Closes: #825806)
* [3e57d5e] debian/control: Icedove, adding dependency on libatk-adaptor
* [e19c59d] debian/control: rework Recommends for icedove-l10n-*
* [4741d80] debian/control: small fixup Recommends on iceowl-l10n-*
* [f9f5193] debian/control: sort iceowl-l10n-* alphabetical
[ Christoph Goehre ]
* [ce58560] debian/rules: add option to dh_auto_clean
* [8cfbeca] debian/rules: export necessary DEB_ vars into environment
(Closes: #819020)
* [7512da8] debian/rules: ignore build folder and run 'build' target instead
(Closes: #819020)
* [354f836] turn the reduce of memory usage of the linker on again
* [5e48e17] don't build dbgsym packages on unreleased builds
* [09679eb] rebuild patch queue from patch-queue branch
added patches:
- p-kfree-hurd/CrossProcessMutex.h-fix-build-on-kfreebsd-and-GNU-hu.patch
(Closes: #808183)
[ Guido Günther ]
* [24bbee9] Wrap and sort control information (Closes: #825806)
* [fcfe4ac] Add minimalistic autopkgtest
* [f7a32e8] Add autopkgtest to test header and typelib generation
* [189d835] Add autopkgtest to smoke test xpcshell
-- Christoph Goehre Wed, 01 Jun 2016 17:56:29 -0400
icedove (1:45.0~b4-2) experimental; urgency=medium
* [fa7bc47] debian/control: fix FTBFS by moving Build-Depends-Indep to
Build-Depends
-- Christoph Goehre Sun, 10 Apr 2016 15:24:39 -0400
icedove (1:45.0~b4-1) experimental; urgency=medium
[ Carsten Schoenert ]
* [3bf50c7] Imported Upstream version 45.0~b4
* [11744a7] debian/source.filter: fixup for previous change
* [0bd3753] debian/gbp.conf: adding default filter out pattern
* [a9f6cfa] rebuild patch queue from patch-queue branch
removed patches (fixed upstream):
- fixes/Bug-1178266-Link-against-libatomic-when-necessary.patch
- p-arm64/FTBFS-arm64-Adding-configure-option-for-aarch64-platform.patch
- p-mips/FTBFS-mips-adoptions-to-get-build-on-mips-el-working-1-4.patch
- p-mips/FTBFS-mips-adoptions-to-get-build-on-mips-el-working-2-4.patch
- p-mips/FTBFS-mips-adoptions-to-get-build-on-mips-el-working-3-4.patch
- p-mips/FTBFS-mips-adoptions-to-get-build-on-mips-el-working-4-4.patch
modified patches:
- p-kfreebsd-hurd/ipc-chromium-fix-if-define-for-kFreeBSD-and-Hurd.patch
* [9dcb46e] debian/control: increase B-D on libnspr-dev
* [b31fba5] debian/control: increase Standards-Version to 3.9.7
* [623250d] Icedove Branding: adopt usptream changes to branding
* [2fa9b24] debian/copyright: update copyright information
* [c5dd11d] debian/copyright: include the license text for MPL-1.0
* [3a90ecd] debian/copyright: include the license text for MPL-1.1
* [7291650] debian/copyright: include the license text for MPL-2.0
* [0ebdd3f] debian/copyright: include the license text for libpng
* [9ee79fa] d/icedove.install: remove no longer existing parts
* [880c9e9] debian/rules: remove obsolet dpkg-shlibdeps call
* [e4fb8a2] adding helper script create-icedove-l10n-tarball.sh
* [8826951] debian/README.source: adding hint for creating l10n tarball
* [08f9071] debian/control: adding the current icedove-l10n-* packages
(Closes: #680488)
* [d839f37] debian/rules: adding icedove.l10n install to targets
* [5b0df21] debian/gbp.conf: use a Tuple for selecting multiple files
* [e32519f] debian/control: increase B-D on libnss-dev
* [2200691] debian/control: increase B-D on libnspr4-dev
* [0f5660e] debian/control: increase increase B-D on libnss3-dev
* [5fd8af8] mozconfig.default: adding new configure option
* [e288c6e] debian/control: adding a B-D on libpng-dev
[ Christoph Goehre ]
* [f8c7ca5] debian/control: make depends between icedove-l10n and icedove
dynamic
* [ac760d7] debian/control: add section localization to all l10n packages
* [72ef6c7] debian/NEWS: rename to icedove.NEWS to ship only in icedove core
package
* add epoch in version number to update l10n packages smoothly
-- Christoph Goehre Sat, 09 Apr 2016 18:56:59 -0400
icedove (44.0~b1-1) experimental; urgency=medium
[ Carsten Schoenert ]
* [a24f78b] Imported Upstream version 44.0~b1
* [7f52453] rebuild patch queue from patch-queue branch
removed patches:
- d-hacks/Add-unminified-jquery-and-jquery-ui-files.patch
- d-hacks/Allow-unsigned-addons-in-usr-lib-share-mozilla-extensions.patch
- d-hacks/creating-a-dummy-.deps-directory-to-get-make-happy.patch
added patches:
- p-arm64/FTBFS-arm64-Adding-configure-option-for-aarch64-platform.patch
- p-mips/FTBFS-mips-adoptions-to-get-build-on-mips-el-working-1-4.patch
- p-mips/FTBFS-mips-adoptions-to-get-build-on-mips-el-working-2-4.patch
- p-mips/FTBFS-mips-adoptions-to-get-build-on-mips-el-working-3-4.patch
- p-mips/FTBFS-mips-adoptions-to-get-build-on-mips-el-working-4-4.patch
modified patches:
- porting-kfreebsd-hurd/FTBFS-hurd-fixing-unsupported-platform-Hurd.patch
* [ecf1110] debian/watch: adjust to new CDN structure
* [dd5efe8] debian/control: increase Build-Depends on libsqlite3-dev
* [57165b5] debian/control: switch URI for the Vcs fields to https
* [c9ded96] debian/source.filter: adding more filters on testings js files
* [31ce42f] debian/copyright: update due upstream/import changes
-- Christoph Goehre Sat, 13 Feb 2016 19:08:55 -0500
icedove (43.0~b1-1) experimental; urgency=medium
[ Christoph Goehre ]
* [ef5b1ef] debian/rules: split override_dh_install into arch and indep
section (Closes: #806047)
* [02d5d7c] debian/source.filter: remove filter for searchplugins
[ Guido Günther ]
* [2008a71] Clarify relation between icedove and the calendar extensions
(Closes: #809017)
[ Carsten Schoenert ]
* [11ffac0] debian/source.filter: modifying file list to ignore
* [926912b] Imported Upstream version 43.0~b1
* [32cd8c0] rebuild patch queue from patch-queue branch
added patches:
- d-hacks/Allow-unsigned-addons-in-usr-lib-share-mozilla-extensions.patch
removed patches (fixed upstream):
- reproducible/Generate-sorted-libical-header-list.patch
* [a1637e4] debian/control: increase B-D on libnspr-dev and libnss3-dev
* [f9937c1] debian/source.filter: sort entries alphabetical
* [326f74d] debian/source.filter: adding new files to filter out
* [9b9d9b9] debian/copyright: update due upstream changes
* [69664c7] d/icedove.install: searchplugins isn't alive anymore
-- Christoph Goehre Tue, 19 Jan 2016 11:41:50 -0500
icedove (42.0~b2-1) experimental; urgency=medium
[ Carsten Schoenert ]
* [8842d85] Imported Upstream version 42.0~b2
* [6d14aca] rebuild patch queue from patch-queue branch
added patches:
- fixes/Bug-1178266-Link-against-libatomic-when-necessary.patch
* [320c43d] add myself to the uploaders
* [797a290] lintian: remove icedove.menu file due CTTE#741573
[ Guido Günther ]
* [caca7c2] Add unminified jquery and jquery-ui files (Closes: #802281)
-- Christoph Goehre Sun, 08 Nov 2015 15:30:56 -0500
icedove (42.0~b1-1) experimental; urgency=medium
[ Carsten Schoenert ]
* [c599b6b] Imported Upstream version 42.0~b1
* [41285cb] debian/copyright: fixup's and update
* [6b270be] debian/control: increase various build depends
* [be75969] adopting needed changes for GTK3 into the Debian branding
* [245161e] fixup branding about.png file
-- Christoph Goehre Sat, 10 Oct 2015 21:26:24 -0400
icedove (41.0~b2-1) experimental; urgency=medium
[ Carsten Schoenert ]
* [b1d982c] Imported Upstream version 41.0~b2
* [8389b9b] rebuild patch queue from patch-queue branch
added patches:
- porting-mips/Fix-build-error-in-MIPS-SIMD-when-compiling-with-mfp.patch
modified patches:
- icedove/fix-branding-in-migration-wizard-and-the-addon-manag.patch
- porting-kfreebsd-hurd/FTBFS-hurd-fixing-unsupported-platform-Hurd.patch
dropped patches (fixed upstream):
- fixes/Bug-1168231-Fixup-to-keep-file-type.patch
- fixes/Bug-1168231-Normalize-file-mode-in-jars.patch
- reproducible/Bug-1166243-Remove-build-function-from-js-and-xpc-sh.patch
- reproducible/Bug-1168316-Remove-build-machine-name-from-about-bui.patch
* [9ebf7b9] debian/source.filter: modifying file list to ignore
* [b25d990] debian/copyright: fixup's and update
[ Christoph Goehre ]
* [8ebffb0] relax optimize to -O1 on s390x (Closes: #797551)
* [dea1627] debian/rules: Disable jit on mips (Closes: #797548)
-- Christoph Goehre Fri, 25 Sep 2015 18:43:44 -0400
icedove (40.0~b1-1) experimental; urgency=medium
[ Carsten Schoenert ]
* [9d358dc] debian/source.filter: adjust new files
* [328cdc7] Imported Upstream version 40.0~b1
* [8813d89] debian/rules: setting MOZ_BUILD_DATE explicitly.
This patch is based on work from Mike Hommey within the Iceweasel
package to enable reproducible builds. It defines the MOZ_BUILD_DATE
with a pre defined timezone.
* [8dd5b9f] debian/rules: add switch to skip icedove-dbg build to
speed up the build.
* [a6beec7] debian/control: Let icedove recommendiceowl-extension
* [691dfe9] add release related information
* [bdfdfd8] debian/vendor.js: adjusting WhatNew link to more dedicated URL
* [5ba6ec7] rebuild patch queue from patch-queue branch
added patches:
debian-hacks/changing-the-default-search-engine.patch
fixes/Bug-1168231-Fixup-to-keep-file-type.patch
fixes/Bug-1168231-Normalize-file-mode-in-jars.patch
reproducible/Bug-1166243-Remove-build-function-from-js-and-xpc-sh.patch
reproducible/Bug-1168316-Remove-build-machine-name-from-about-bui.patc
reproducible/Generate-sorted-libical-header-list
modified patches:
fixes/Allow-.js-preference-files-to-set-locked-prefs-with-.patch
porting-kfreebsd-hurd/FTBFS-hurd-adding-the-HURD-platform-to-the-configure.patch
porting-kfreebsd-hurd/LDAP-support-building-on-GNU-kFreeBSD-and-GNU-Hurd.patch
porting/Disable-optimization-on-alpha-for-the-url-classifier.patch
deleted patches:
debian-hacks/pass-OS_LDFLAGS-to-all-ldap-libraries.patch
debian-hacks/remove-timestamps-from-c_cpp-macros-for-reproducibil.patch
debian/patches/fixes/Link-libldap-against-libpthread.patch
debian/patches/icedove/no-dynamic-nss-softokn.patch
debian/patches/porting/Remove-duplicate-SkDiscardableMemory_none.cpp-from-g.patch
* [59046ae,12d4f4b] debian/copyright: update due upstream changes
* [7c1f002] debian/iceowl-extension.lintian-overrides: remove file, no longer needed
* [23eed8c] debian/source.lintian-overrides: adding new entries.
Lintian is detecting the braces within the folder names incorrectly as
brace expansion.
* [2f95cd3] add changes due ldap restructure.
[ Christoph Goehre ]
* [ff66528] lintian: fix spelling error in debian/README.Debian
-- Guido Guenther Wed, 19 Aug 2015 09:39:23 +0200
icedove (38.7.2-1) unstable; urgency=medium
* [397cd7a] Imported Upstream version 38.7.2
-- Christoph Goehre Wed, 13 Apr 2016 12:05:05 -0400
icedove (38.7.0-1) unstable; urgency=medium
[ Christoph Goehre ]
* [cb9c003] Imported Upstream version 38.7.0
* [7273cb9] bump up standards version to 3.9.7 (no changes needed)
[ Carsten Schoenert ]
* [0341a8c] debian/control: switch URI for the Vcs fields to https
-- Christoph Goehre Wed, 16 Mar 2016 13:22:57 +0100
icedove (38.6.0-1) unstable; urgency=medium
[ Guido Günther ]
* [195730d] Clarify relation between icedove and the calendar extensions
(Closes: #809017)
[ Christoph Goehre ]
* [988ce5b] Imported Upstream version 38.6.0
* [6763f6f] debian/source.filter: remove evil-licensed jshint.js
(Closes: #813053)
-- Christoph Goehre Sun, 14 Feb 2016 16:08:13 -0500
icedove (38.5.0-1) unstable; urgency=medium
[ Christoph Goehre ]
* [6d45b0b] Imported Upstream version 38.5.0
* [316798f] debian/rules: split override_dh_install into arch and indep
section (Closes: #806047)
[ Carsten Schoenert ]
* [5b3cb7a] add myself to the uploaders
-- Christoph Goehre Thu, 24 Dec 2015 22:36:37 -0500
icedove (38.4.0-1) unstable; urgency=medium
[ Christoph Goehre ]
* [754392e] Imported Upstream version 38.4.0
* [ef4b733] debian/watch: adjust download url
[ Carsten Schoenert ]
* [f3f5455] lintian: remove icedove.menu file due CTTE#741573
-- Christoph Goehre Fri, 27 Nov 2015 12:54:27 -0500
icedove (38.3.0-2) unstable; urgency=medium
* [c988747] Add unminified jquery and jquery-ui files with the exact
version as used by upstream thunderbird.
We don't want to use the minified versions mozilla ships and can't use
what is currently packaged in Jessie or Stretch since these are too
recent.
(Closes: #802281)
-- Guido Günther Sun, 01 Nov 2015 18:06:33 +0100
icedove (38.3.0-1) unstable; urgency=medium
[ Carsten Schoenert ]
* [0f8b6a4] Imported Upstream version 38.3.0
* [566273a] debian/copyright: fixup's and update
-- Christoph Goehre Sat, 10 Oct 2015 13:21:05 -0400
icedove (38.2.0-2) unstable; urgency=medium
* [8bcb08b] relax optimize to -O1 on s390x (Closes: #797551)
* [6aa0915] debian/rules: Disable jit on mips (Closes: #797548)
-- Christoph Goehre Thu, 24 Sep 2015 19:09:54 -0400
icedove (38.2.0-1) unstable; urgency=medium
* [d46d5f6] rebuild patch queue from patch-queue branch
added patches:
- porting-mips/Fix-build-error-in-MIPS-SIMD-when-compiling-with-mfp.patch
-- Christoph Goehre Mon, 21 Sep 2015 19:42:03 -0400
icedove (38.2.0-1~stretch) stretch; urgency=medium
[ Carsten Schoenert ]
* [05b245f] Imported Upstream version 38.2.0 (Closes: #796323)
- MFSA 2015-59 aka CVE-2015-2724, CVE-2015-2725, CVE-2015-2726
- MFSA 2015-63 aka CVE-2015-2731
- MFSA 2015-66 aka CVE-2015-2734, CVE-2015-2735, CVE-2015-2736,
CVE-2015-2737, CVE-2015-2738, CVE-2015-2739, CVE-2015-2740
- MFSA 2015-70 aka CVE-2015-4000
- MFSA 2015-71 aka CVE-2015-2721
- MFSA 2015-65 aka CVE-2015-2741
- MFSA 2015-79 aka CVE-2015-4474
* [43c8195] rebuild patch queue from patch-queue branch
* [c75bdad] debian/control: increase B-D on libnss3-dev
* [942bcbe] debian/iceowl-extension.lintian-overrides: remove file
* [7131e4d] debian/source.lintian-overrides: adding new entries
* [8882360] mozconfig.default: don't use icu from system
-- Carsten Schoenert Fri, 21 Aug 2015 12:29:42 +0200
icedove (38.1.0-1) unstable; urgency=medium
[ Carsten Schoenert ]
* [3d27760] Imported Upstream version 38.1.0 (Closes: #790651)
* [2cb6cd7] rebuild patch queue from patch-queue branch
added patches:
- fixes/Bug-1165654-Cleanup-how-libjpeg-turbo-assembly-build.patch
- reproducible/Generate-sorted-libical-header-list (Closes: #794456)
-- Christoph Goehre Tue, 04 Aug 2015 20:20:53 -0400
icedove (38.0.1-1) unstable; urgency=medium
[ Carsten Schoenert ]
* [5acef6a] debian/gbp.conf: adopt new upstream branch
* [6f88792] Imported Upstream version 38.0.1 (Closes: #358680, #472601,
#634316, #691176, #751786, #777908)
* [18bba9d] debian/gbp.conf: respect new git-buildpackage behaviour
* [26bbdac] rebuild patch queue from patch-queue branch
added patches:
- debian-hacks/changing-the-default-search-engine.patch (Closes: #780595)
- fixes/Bug-1168231-Fixup-to-keep-file-type.patch
- fixes/Bug-1168231-Normalize-file-mode-in-jars.patch
- reproducible/Bug-1166243-Remove-build-function-from-js-and-xpc-sh.patch
- reproducible/Bug-1168316-Remove-build-machine-name-from-about-bui.patc
deleted patches:
- debian-hacks/remove-timestamps-from-c_cpp-macros-for-reproducibil.patch
* [71938b9] debian/rules: setting MOZ_BUILD_DATE explicitly
* [e50d708] debian/copyright: more minor updates to the copyright file
* [b232895] debian/rules: adding switch for no icedove-dbg build
* [bcc15aa] debian/control: icedove is now recommending iceowl-extension
* [564a19e] adding release related information
* [2ec0053] debian/vendor.js: adjusting WhatNew link to more dedicated URL
[ Christoph Goehre ]
* [a9c25b6] lintian: fix spelling error in debian/README.Debian
* [2cc2c07] debian/rules: fix icedove-dbg build switch
-- Christoph Goehre Mon, 27 Jul 2015 17:46:40 -0400
icedove (38.0~b5-1) experimental; urgency=medium
[ Carsten Schoenert ]
* [7e3cab4] Imported Upstream version 38.0~b5
* [3edbafc] Revert "debian/control: remove build-dep on libnotify-dev"
* [5e69bab] debian/control: increase b-d versions
* [6e6ae36] rebuild patch queue from patch-queue branch
added patches:
- debian-hacks/remove-timestamps-from-c_cpp-macros-for-reproducibil.patch
obsolete patches (fixed in Debian):
- adopting-SQLITE3-version.patch
* [ac7b760] mozconfig.default: adding some explicit configure options
* [81fd6e6] complete rewrite of copyright information
* [327dd45] switching to libgstreamer1.0*
[ Christoph Goehre ]
* [9877ea3] lintian: add override for libpng
-- Christoph Goehre Fri, 22 May 2015 20:42:19 -0400
icedove (38.0~b2-1) experimental; urgency=medium
[ Carsten Schoenert ]
* [b08d966] debian/source.filter: modifying file list to ignore
* [88fd018] Imported Upstream version 38.0~b2
* [e9da8f8] icedove branding: adopt upstream changes
* [3610daa] debian/control: increase b-d versions
* [950fae7] rebuild patch queue from patch-queue branch
modified patches:
- system-libs/Allow-to-build-against-system-libffi.patch
- porting-kfreebsd-hurd/FTBFS-hurd-fixing-unsupported-platform-Hurd.patch
obsolete patches (fixed upstream):
- porting/Reintroduce-pixman-code-path-removed-in-bug-1097776-.patch
* [1820d7c] debian/control: adding xul-ext-compactheader to Breaks field
[ Dominik George ]
* [4181126] debian/control: Upgrade Breaks relation to enigmail
(Closes: #782686)
-- Christoph Goehre Tue, 28 Apr 2015 18:19:00 -0400
icedove (36.0~b1-2) experimental; urgency=medium
* [26c0027] rebuild patch queue from patch-queue branch
added patches:
- porting/Reintroduce-pixman-code-path-removed-in-bug-1097776-.patch
- porting/Remove-duplicate-SkDiscardableMemory_none.cpp-from-g.patch
- porting/ppc-fix-divide-page-size-in-jemalloc.patch (Closes: #780404)
-- Christoph Goehre Sat, 28 Mar 2015 15:35:58 -0400
icedove (36.0~b1-1) experimental; urgency=medium
[ Carsten Schoenert ]
* [68112a3] Imported Upstream version 36.0~b1
* [3120361] rebuild patch queue from patch-queue branch
obsolete patches (fixed upstream):
- debian-hacks/fixing-various-FTBFS-due-different-datatype-char-beh.patch
- porting-arm/FTBFS-armhf-fixing-ARM-CPU-detection.patch
modified patches:
- debian-hacks/Strip-version-number.patch
- p-kfree-hurd/FTBFS-hurd-fixing-unsupported-platform-Hurd.patch
- p-kfree-hurd/correcting-file-inclusion-for-kfreebsd.patch
- p-kfree-hurd/ipc-chromium-fix-if-define-for-kFreeBSD-and-Hurd.patch
* [ee185a2] d/icedove.install: mozilla-xremote-client was removed
* [64adc44] debian/source.filter: modifying file list to ignore
* [dbdd152] debian/control: increase package versions
* [fb3307c] lintian: adding one more source override
* [2a07495] lintian: adding new override for the icedove package
* [38c21ad] debian/README.Debian: adding note around HTTPS Everythere
(Closes: #774790)
[ Christoph Goehre ]
* [3dce89c] debian/icedove.desktop: correct StartupWMClass to 'Icedove'
(Closes: #773876)
* [deb3f58] debian/icedove.desktop: add MimeType text/calendar
(Closes: #762190)
* [4dd96fe] rebuild patch queue from patch-queue branch
added patches:
- p-kfree-hurd/FTBFS-hurd-adding-the-HURD-platform-to-the-configure.patch
- p-powerpcspe/FTBFS-powerpcspe-disable-AltiVec-instructions.patch
(Closes: #772933)
modified patches:
- p-kfree-hurd/FTBFS-hurd-adding-GNU-Hurd-to-the-list-of-OS-systems.patch
- p-kfree-hurd/FTBFS-hurd-fixing-unsupported-platform-Hurd.patch
- p-kfree-hurd/LDAP-support-building-on-GNU-kFreeBSD-and-GNU-Hurd.patch
- p-kfree-hurd/ipc-chromium-fix-if-define-for-kFreeBSD-and-Hurd.patch
* [373ed05] add missing epoch in libnss3-dev build depends
-- Christoph Goehre Wed, 11 Mar 2015 19:19:28 -0400
icedove (34.0~b1-2) experimental; urgency=low
[ Carsten Schoenert ]
* [7a4edc4] rebuild patch queue from patch-queue branch
added patches:
- debian-hacks/fixing-various-FTBFS-due-different-datatype-char-beh.patch
- porting-arm/FTBFS-armhf-fixing-ARM-CPU-detection.patch
-- Christoph Goehre Mon, 24 Nov 2014 18:56:21 -0500
icedove (34.0~b1-1) experimental; urgency=low
[ Carsten Schoenert ]
* [1be8ab1] debian/source.filter: more files to ignore
* [66e6488] debian/README.source: adjust description for beta versions
* [e63d375] Imported Upstream version 34.0~b1 (Closes: #770180)
* [1cb54d2] rebuild patch queue from patch-queue branch
obsolete patches (fixed upstream):
- porting-armel/disable-some-libopus-feature-for-ARCH-ARMv6.patch
* [ad29bb1] debian/rules: be more flexible on *.xpi files
* [b055e78] debian/NEWS: fixing default SSL/TLS behavior description
* [d64a847] debian/NEWS: adding notes around new security changes
-- Christoph Goehre Wed, 19 Nov 2014 19:15:46 -0500
icedove (33.0~b1-1) experimental; urgency=low
[ Carsten Schoenert ]
* [5029c8b] debian/source.filter: more files to ignore
* [d4b03d9] README.source: let's use xz while creating the orig.tar.xz
* [ebd442f] debian/gbp.conf: some instructions for git-dch
* [cc594ea] Imported Upstream version 33.0~b1
* [23b57cf] rebuild patch queue from patch-queue branch
added patches:
- debian-hacks/fix-identification-of-ObjdirMismatchException.patch
- debian-hacks/pass-OS_LDFLAGS-to-all-ldap-libraries.patch
modified patches:
- debian-hacks/Strip-version-number.patch
- icedove/fix-branding-in-migration-wizard-and-the-addon-manag.patch
- porting-kfreebsd-hurd/FTBFS-hurd-fixing-unsupported-platform-Hurd.patch
- obsolete patches (fixed upstream):
- fixes/Include-cstdlib-in-gfx-angle-src-compiler-Types.h-fo.patch
- porting-alpha/fix-FTBFS-on-alpha.patch
* [a5a2a1b] adding additional config options for hppa and ppc64
Both platforms failing on running xpcshell.
[ Christoph Goehre ]
* [5a0ba43] linitan: bump up standards version to 3.9.6
* [aaca6a7] debian/NEWS: adding note around increased default TLS version 1.2
(Closes: #761245)
-- Christoph Goehre Sat, 25 Oct 2014 12:47:37 -0400
icedove (32.0~b1-1) experimental; urgency=low
[ Christoph Goehre ]
* [65ad797] icedove.postinst: remove obsolete symlink handling
[ Carsten Schoenert ]
* [baef95a] debian/gbp.conf: adopting experimental branch
* [8384eee] Imported Upstream version 32.0~b1
* [75145f3] rebuild patch queue from patch-queue branch
modified patches:
- icedove/fix-branding-in-migration-wizard-and-the-addon-manag.patch
- debian-hacks/remove-non-free-W3C-icon-valid.png.patch
obsolete patches (fixed upstream):
- porting-armel/fix-skia-for-ARMv4.patch
[ Christoph Goehre ]
* [51c3cee] cleanup branding patch
-- Christoph Goehre Thu, 28 Aug 2014 15:52:51 -0700
icedove (31.0-2) unstable; urgency=low
[ Carsten Schoenert ]
* [d2bc0ef] armel: correcting #if statement for skia fix
* [959b801] adding GNU/Hurd to gyp.mozbuild
* [215bc7d] kfreebsd*: adding CrossProcessMutex_posix.cpp to list
* [892c39c] d/icedove.links: remove unneeded link to /u/s/i/e
(Closes: #638489)
* [928158c] debian/source.filter: more files to ignore
* [b81c238] fixing lintian warning 'unused-override'
* [7bc2568] fixing lintian warning 'jar-not-in-usr-share'
* [cd0d289] fixing lintian warning 'image-file-in-usr-lib'
* [045a960] fixing lintian error 'source-is-missing'
* [1fe016a] correcting FTBFS patch for alpha
[ Christoph Goehre ]
* [c827d81] iceowl-extension: replace skin and icon dir with symlink
-- Christoph Goehre Sat, 23 Aug 2014 18:42:23 -0700
icedove (31.0-1) unstable; urgency=low
[ Carsten Schoenert ]
* [b7cdeb4] Imported Upstream version 31.0 (Closes: #756769)
* [1f2ff0b] debian/rules: fixing file permissions in iceowl-extension
* [c8d2036] adding fix for skia on armel
* [77093e2] fixing FTBFS on armel (Closes: #754633)
* [a458959] debian/control: increase b-d on libsqlite-dev
* [a98ebca] fix runtime error on alpha while jemalloc run
* [6f6b576] disable optimization on alpha while linking
-- Christoph Goehre Mon, 04 Aug 2014 10:23:09 -0400
icedove (31.0~b2-1) unstable; urgency=low
[ Carsten Schoenert ]
* [76059a9] debian/source.filter: more files to ignore
* [5067b0e] Imported Upstream version 31.0~b2 (Closes: #754464)
* [e31ac79] debian/control: remove build-dep on libnotify-dev
* [35324a5] debian/control: increase build-depends on libnss3-dev to 3.16.2~
-- Christoph Goehre Fri, 18 Jul 2014 21:47:06 +0200
icedove (31.0~b1-2) unstable; urgency=low
* [7ba4d01] lintian: add override for embedded srtp library
-- Christoph Goehre Sun, 22 Jun 2014 18:18:04 -0400
icedove (31.0~b1-1) unstable; urgency=low
* [02dc94c] remove example file, which cause git-archive to change the
source tree
* [ba233b1] Imported Upstream version 31.0~b1
* [4c2380f] rebuild patch queue from patch-queue branch
modified patches:
- porting-kfreebsd-hurd/FTBFS-hurd-fixing-unsupported-platform-Hurd.patch
- porting-kfreebsd-hurd/ipc-chromium-fix-if-define-for-kFreeBSD-and-.patch
obsolete patches (fixed upstream):
- fixes/unbreak-with-system-pixman-in-mailnews.patch
- porting-hppa/FTBFS-hppa-correcting-code-inside-JS_STACK_GROWTH_DI.patch
-- Christoph Goehre Sun, 22 Jun 2014 11:50:07 -0400
icedove (30.0~b1-1) unstable; urgency=low
[ Carsten Schoenert ]
* [b3eadf1] debian/source.filter: more files to ignore
* [fb71012] debian/control: bumping build-depends for debhelper
* [dc4ad0c] debian/control: add libpulse-dev build dependency
* [b8d3ee7] debian/control: bumping some version of build dependencies
* [3443df9] debian/icedove-dev.install: adopt upstream changes
* [d0f9d0e] icedove.lintian-overrides: adding libtheora
* [982c8a6] debian/rules: adding removing for temporary files
[ Christoph Goehre ]
* [f6292d5] Imported Upstream version 30.0~b1 (Closes: #743421)
* [dacd658] rebuild patch queue from patch-queue branch
modified patches:
- porting-hppa/FTBFS-hppa-correcting-code-inside-JS_STACK_GROWTH_DI.patch
- porting-kfreebsd-hurd/Allow-ipc-code-to-build-on-GNU-hurd.patch
- porting-kfreebsd-hurd/Allow-ipc-code-to-build-on-GNU-kfreebsd.patch
- porting-kfreebsd-hurd/FTBFS-hurd-fixing-unsupported-platform-Hurd.patch
- porting-kfreebsd-hurd/ipc-chromium-fix-if-define-for-kFreeBSD-and-.patch
- prefs/Set-javascript.options.showInConsole.patch
- debian-hacks/Icedove-branding.patch
- fixes/unbreak-with-system-pixman-in-mailnews.patch
obsolete patches (fixed upstream):
- debian-hacks/Do-build-time-detection-of-2-bytes-wchar_t-and-char1.patch
- debian-hacks/Fix-build-failure-for-header.py-and-typelib.py.patch
- fixes/Make-system-cairo-work-again.patch
- porting-powerpcspe/FTBFS-Altivec-is-not-available-on-powerpcspe.patch
* [df93d26] branding: add jar.mn to moz.build
* [648853d] only copy debian/mozconfig.default into mozilla subdir
* [4f9dc9e] MOZ_OBJDIR need a absolute path, $(pwd) didn't work
* [33794c3] icedove.pc: remove non-existent library mozjs (Closes: #748746)
* [dcbce5c] iceowl-extension: use breaks instead of conflicts against
calendar-timezones (Closes: #747532)
* [545415a] add breaks to enigmail (<< 2:1.6-4~deb7u1) which won't work with
us (Closes: #747546)
-- Christoph Goehre Fri, 30 May 2014 12:11:53 -0400
icedove (24.5.0-2) unstable; urgency=low
* [e4a43ed] debian/rules: remove duplicate LDFLAGS += -Wl,--stats
* [f9dba4b] debian/rules: export all compiler flags into build environment
* [8dc0712] debian/rules: run autoconf for all configue files
* [95d4b48] debian/rules: export MOZCONFIG onces
* [577bd03] debian/rules: update config.sub and config.guess before autoconf
run
* [7f958c7] parse DEB_BUILD_OPTIONS for how many parallel buildjobs to start
(Closes: #746984)
* [0f8b062] debian/rules: export MOZILLA_OFFICIAL
* [1c3d277] run configure with --build and --host
* [f190e19] don't build a shared js library (Closes: #724688, #729073,
#745593)
-- Christoph Goehre Thu, 08 May 2014 20:07:06 -0400
icedove (24.5.0-1) unstable; urgency=low
[ Carsten Schoenert ]
* [7c13dbf] calender-timezones: remove no longer needed helper files
* [2d4328c] debian/control: sort various fields alphabetically
* [436c212] debian/control: remove build-depens on cdbs
* [dae8b3e] icedove branding: adopt current Makefile.in style to upstream
* [045be10] debian/rules: switch to debhelper
* [b852c8c] debian/mozconfig*: adding mozconfig files
* [7bac68c] debian/icedove.configopts: Remove no longer needed file
* [6c597b9] Switch the old thunderbird*.in files to icedove.*
* [9781e61] debian/icedove.links: adding /u/b/i link
* [f325194] debian/icedove.dirs: add helper file for needed directories
* [fe0376a] debian/icedove.install: sort entrys alphabetical
* [0111ccc] debian/icedove.js: fix small typo and reformat
* [a7e5b05] debian/rules: add override for dh_fixperms
* [8e44df2] debian/rules: add override for dh_install
* [24fa03a] debian/rules: add override for dh_shlibdeps
* [2f22ed0] debian/rules: add override for dh_strip
* [259a6f4] debian/control: remove ${shlibs:Depends} from c-g-p depends
* [cdc9272] debian/rules: add additional LDFLAGS
* [9d620d5] debian/rules: correct Icedove version inside icedove.pc during
install
[ Christoph Goehre ]
* [460818b] Imported Upstream version 24.5.0
* [4c65ecc] rebuild patch queue from patch-queue branch
added patches:
- porting-kfreebsd-hurd/FTBFS-hurd-fixing-unsupported-platform-Hurd.patch
obsolete patches:
- porting-kfreebsd-hurd/Another-fix-to-build-ipc-code-on-GNU-hurd-an.patch
-- Christoph Goehre Tue, 29 Apr 2014 17:56:40 -0400
icedove (24.4.0-1) unstable; urgency=low
* [a2b13c0] Imported Upstream version 24.4.0
* [fd90463] rebuild patch queue from patch-queue branch
added patches:
- porting-hppa/FTBFS-hppa-correcting-code-inside-JS_STACK_GROWTH_DI.patch
(Closes: #741245)
-- Christoph Goehre Sat, 22 Mar 2014 11:10:18 -0400
icedove (24.3.0-2) unstable; urgency=low
[ Christoph Goehre ]
* [122ffe9] remove ldif60 from pkgconfig file (Closes: #732652)
* [b64ccac] rebuild patch queue from patch-queue branch
added patches:
- porting-powerpcspe/FTBFS-Altivec-is-not-available-on-powerpcspe.patch
(Closes: #734859)
[ Carsten Schoenert ]
* [aa4f5b1] thunderbird.install.in: shipping all files in /u/l/i/components
(Closes: #737811)
* [3bf4738] debian/rules: fix *.js file-permissions for iceowl-extension
* [50ab7a5] debian/rules: remove -Wl,--as-needed linker option
(Closes: #732652, #730450, #724688)
-- Christoph Goehre Sun, 09 Mar 2014 15:33:05 -0400
icedove (24.3.0-1) unstable; urgency=low
* [a656560] lintian: remove non-free w3c valid.png icon (Closes: #735119)
* [f4e6c08] lintian: remove prebuild javascript objects from upstream
tarball (Closes: #735234)
* [adf9c96] Imported Upstream version 24.3.0
* [8419e65] rebuild patch queue from patch-queue branch
added patches:
- debian-hacks/remove-non-free-W3C-icon-valid.png.patch
- debian-hacks/use-system-jquery-jquery-ui.patch
* [948af3e] a newer icedove will break iceowl-extension (Closes: #732742)
-- Christoph Goehre Mon, 10 Feb 2014 19:44:36 -0500
icedove (24.2.0-1) unstable; urgency=low
[ Christoph Goehre ]
* [963a61e] Imported Upstream version 24.2.0
* [852abe3] rebuild patch queue from patch-queue branch
obsolete patches (fixed upstream):
- fixes/Wrap-non-prefixed-freetype-headers-from-newer-freety.patch
- porting/Don-t-hardcode-page-size-on-ia64-sparc-or-mipsel.patch
(Closes: #734074)
* [a9d6680] lintian: remove prebuild-binaries from upstream tarball
* [fc25943] linitan: remove prebuilt-windows-binary from upstream tarball
* [faa24eb] lintian: fix comma separated files copyright
* [835790d] lintian: declare public-domain license at the beginning
[ Carsten Schoenert ]
* [c583a2f] debian/copyright: fix indentation for 'public domain' license
* [78ddee2] linitan: bump up standards version to 3.9.5
-- Christoph Goehre Sat, 11 Jan 2014 20:17:24 -0500
icedove (24.1.1-1) experimental; urgency=low
[ Carsten Schoenert ]
* [e8cbac4] debian/copyright: correcting wrong comma usage.
* [d24a6be] debian/copyright: adjusting copyright infos
* [51a32a1] debian/copyright: correcting various lintian warning.
* [50874e0] debian/control: expanding icedove-dev dependency on python
* [2996a33] debian/control: adding a more specific description for
iceowl-extension and google-cal-prov.
* [85b4400] debian/control: adjust proper version dependencies.
(Closes: #729712)
* [4d6b204] debian/control: adding metadata for mozilla-devscripts.
(Closes: #562984)
[ Christoph Goehre ]
* [aa7782b] Imported Upstream version 24.1.1 (Closes: #720931, #723630)
* [e4ca9cd] rebuild patch queue from patch-queue branch
added patches:
- fixes/Wrap-non-prefixed-freetype-headers-from-newer-freety.patch
- porting-kfreebsd-hurd/ipc-chromium-fix-if-define-for-kFreeBSD-and.patch
* [849988b] make python scripts in /usr/lib/icedove-devel/sdk/bin executable
* [9890b1c] ship python config scripts to make building of extensions easier
(Closes: #729431)
* [8b08106] remove libxpcom.so from pkgconfig file (Closes: #729168)
* [4759bde] add libldif60 to pkgconfig file
* [db575b4] lintian: remove unsafe symlink from upstream tarball
-- Christoph Goehre Sun, 08 Dec 2013 10:08:19 -0500
icedove (24.0-1) experimental; urgency=low
[ Guido Günther ]
* [6f9d98e] New upstream version 24.0
* [ef58a98] Refresh patches
* [435516d] Switch to xz compressed upstream tarball
* [f529a99] repack.py: port to python3
* [50423d9] repack.py: allow to specify compression
[ Christoph Goehre ]
* [b45b2b9] remove superfluous gstreamer build depends
* [96ac1d0] Reduce memory usage of the linker. Thanks to Mike Hommey
* [af55374] ia64 don't like LDFLAG --no-keep-memory
* [c3cb093] remove export-subst in mozilla/addon-sdk/source/.gitattributes.
[ Carsten Schoenert ]
* [ac4caea] debian/copyright: correcting out-of-date-copyright-format-uri.
* [585bf84] debian/copyright: remove obsolete field 'Name:'
-- Christoph Goehre Tue, 15 Oct 2013 18:51:16 -0400
icedove (24.0~b3-2) experimental; urgency=low
* [47fe004] Add lintian override for our use of the embedded libjpeg
* [3c103e6] Make sure xpcshell is executable so dh_shlibdeps picks it up to
calculate lib dependencies
-- Guido Günther Tue, 24 Sep 2013 20:03:33 +0200
icedove (24.0~b3-1) experimental; urgency=low
[ Guido Günther ]
* Upload to experimental
* [eae533c] Adjust watch file once again
* [5280050] Invoke repack.py directly
* [0f4e8de] New upstream version 24.0~b3
(Closes: #706859, #720931, #723630)
* [3b6374b] Don't use system jpeg
since it doesn't have the needed features
* [f6aeba2] Don't try to remove nonexistent libxpcom.so
[ Carsten Schoenert ]
* [04844ae] icedove-branding: adopt new build schema to Debian branding
by using moz.build.
* [11c4677] icedove-branding: change the target directory for preview.png.
* [55f6762] debian/control: remove package calendar-timezones.
The calendar-timezones related files are now inside the lightning
package.
* [6f4948d] debian/rules: catch any gdata-provider*.xpi file.
The gdata-provider XPI file now has a version appended.
* [d5a63c9] debian/rules: catch any lightning*.xpi file.
The lightning XPI file now has a version appended.
* [e77e911] debian/thunderbird.install.in:
remove mozilla/components/binary.manifest since it no longer exists.
* [ef3f3b1] debian/control: Build-Depend on gstreamer an yasm now used by
icedove.
* [9f5fe3e] Drop patches fixed upstream.
Bug-720682-Don-t-crash-an-app-using-libxul-because-o.patch
Bug-723497-Saving-message-to-disk-fails-silently-fai.patch
Bug-746112-Don-t-decommit-if-page-size-is-too-large.patch
Bug-814693-Allow-webrtc-to-build-on-more-architectur.patch
Bug-840242-Use-the-runtime-page-size-to-control-aren.patch
virtualenv-changing-the-path-to-virtualenv.py.patch
* [4503610] Adjust to build system changes:
debian-hacks/Don-t-build-example-component.patch
* [290f1e0] Partially applied upstream:
Support-building-on-GNU-kFreeBSD-and-GNU-Hurd.patch
* [2eaf6ae] Rediff remaining patches
* [4217c0e] Create missing .deps dir.
Workaround to make build complete
* [f95db9c] Drop autoconf.mk mangling since it confuses the build system
-- Guido Günther Thu, 19 Sep 2013 20:10:24 +0200
icedove (17.0.8-1) unstable; urgency=low
[ Carsten Schoenert ]
* [af98dad] The vendorShortName is of course "Mozilla" and not "Icedove" The
packages in icedove-l10n already use the correct substition.
(Closes: #707207, #715326)
* [8ceae38] Sawfish: fix wrong size of resized window.
Backported from the TB20 release.
https://bugzilla.mozilla.org/show_bug.cgi?id=813997 (Closes: #715464)
* [b69cb68] Fix error while saving a message to disk or network.
If the user tries to save a message to disk or network share without
enough user rights to write the message Icedove fails silently. This
backport from TB 21 fixes this.
* [fd8f588] Desktop file: shorten the icon name to 'Icedove' (Closes: #507962)
* [24b1b45] fix JS compiler segfault errors for various platforms
(Closes: #708331)
[ Christoph Goehre ]
* [01f6b7a] add README.Debian to describe upstream status of Thunderbird
(Closes: #710888)
* [7fa36d6] rebuild patch queue from patch-queue branch added patches:
- porting/Fix-ipc-chromium-on-kFreeBSD-and-Hurd.patch
[ Guido Günther ]
* [455bfe7] New upstream version 17.0.8
-- Guido Günther Tue, 20 Aug 2013 16:12:17 +0200
icedove (17.0.7-1) unstable; urgency=low
* [b8fd345] Imported Upstream version 17.0.7
* [3133999] rebuild patch queue from patch-queue branch
modified patches:
- porting/Don-t-hardcode-page-size-on-ia64-sparc-or-mipsel.patch
* [3332f92] lintian: change url to version control system
* [534e2d1] linitan: bump up standards version to 3.9.4
* [2b511d2] lintian: remove obsolete thunderbird dependency in
iceowl-extension
* [2081e7e] lintian: add Keywords to icedove desktop file
* [7f8333c] lintian: mask minus signs in manpage with a backslash
-- Christoph Goehre Sun, 30 Jun 2013 18:46:16 -0400
icedove (17.0.5-2) unstable; urgency=low
[ Guido Günther ]
* [4c7a88a] Install calendar-google-provider to /u/s/xul-ext
(Closes: #638480)
* [4c97096] Move calendar-timezones to /u/s/xul-ext (Closes: #638481)
* [e9d0085] Move arch indep parts to common-install-indep
[ Carsten Schoenert ]
* [40d68d5] Fix build error on IA64 and Sparc
* [59939c3] manpage: add example section and convert to UTF-8
* [10647cf] fixing build failure depended on python-2.7 changes
[ Christoph Goehre ]
* [0a7bb8b] create links for extension in
/usr/share/mozilla/extensions/APPID
* [5047e6b] remove
icedove/save-a-copy-of-a-attached-file-when-sending-from-OOo.patch
(Closes: #695323)
-- Christoph Goehre Sat, 18 May 2013 17:53:21 -0400
icedove (17.0.5-1) experimental; urgency=low
[ Guido Günther ]
* [894ea6d] Include all needed libs to link against icedove's libxpcom
(Closes: #477747)
[ Carsten Schoenert ]
* [6e00625] Point "Help->What's new" to the Debian Wiki (Closes: #570577)
[ Christoph Goehre ]
* [4766bc9] replace icon in searchplugin (bing, twitter) with download url
* [e3dc726] Imported Upstream version 17.0.5
-- Christoph Goehre Sat, 13 Apr 2013 12:19:06 -0400
icedove (17.0.4-1) experimental; urgency=low
[ Guido Günther ]
* [9ed54cb] Add Homepage
* [bd41337] Add X-Debian-Homepage
[ Carsten Schoenert ]
* [1fba87f] New patch
fix-function-nsMsgComposeAndSend-to-to-respect-Replo.patch fix function
nsMsgComposeAndSend to respect ReploToSend
Thanks to Emilio Pozuelo Monfort for the patch (Closes: #565903)
[ Christoph Goehre ]
* [7a1071b] update debug section in icedove manpage (Closes: #698163)
* [017f5b5] Imported Upstream version 17.0.4 (Closes: #702927)
* [7c35529] compress debian packages with xz
-- Christoph Goehre Wed, 13 Mar 2013 19:00:07 -0400
icedove (17.0.2-1) experimental; urgency=low
* [8911b88] Finally set Christoph as Maintainer.
Thanks for your work Alexander.
* [d456018] parallel build: Use number or available cores by default
* [daeee47] Don't refer to paths containing thunderbird (Closes: #486617)
* [52a202a] New upstream version 17.0.2
* [fa07537] Allow webrtc to build on more architectures.
Thanks to Mike Hommey and Christoph Göhre
-- Guido Günther Fri, 11 Jan 2013 17:37:46 +0100
icedove (17.0.2-1~1) experimental; urgency=low
* [8911b88] Finally set Christoph as Maintainer. Thanks for your work
Alexander.
* [d456018] parallel build: Use number or available cores by default
* [daeee47] Don't refer to paths containing thunderbird (Closes: #486617)
* [52a202a] New upstream version 17.0.2
* [fa07537] Allow webrtc to build on more architectures.
Thanks to Mike Hommey and Christoph Göhre
-- Guido Günther Fri, 11 Jan 2013 17:35:22 +0100
icedove (17.0-1) experimental; urgency=low
[ Christoph Goehre ]
* [0b8ac79] replace transitional depens ttf-lyx with fonts-lyx
(Closes: #676505)
* [4473d67] fix typo in calendar-google-provider description
* [b3a57c0] rebuild patch queue from patch-queue branch
added patches:
porting/Another-fix-to-build-ipc-code-on-GNU-hurd-and-kfreeb.patch
[ Jens Reyer ]
* [c0e30b6] clarify the relation between iceowl, lightning and sunbird
(Closes: #686206)
[ Guido Günther ]
* [394b6a1] New upstream version 17.0
* [a17c23f] Update patches.
The thunderbird-3-profile.patch got split into three since it
addresses different issues:
* Strip-version-number.patch
* Icedove-branding.patch
* Move-profile.patch
* [01eef04] Don't overwrite DEB_BUILD_OPTIONS
and drop dependency on essential package
[ Ritesh Raj Sarraf ]
* [1ab9095] Add parallel build support
-- Guido Günther Sat, 24 Nov 2012 19:26:19 +0100
icedove (16.0.2-1) experimental; urgency=low
[ Christoph Goehre ]
* [e94445f] cleanup source.filer file
* [33b9f4c] Imported Upstream version 12.0.1
[ Guido Günther ]
* [88a39e3] watch: only look for two digit versions since 3.1.20 lacks the
source/ dir
* [eb4f5c3] New upstream version 14.0
* [b451442] Update patches for 14.0
obsolete patches:
Avoid-libxpcom-being-excluded-from-linked-libraries-.patch
Bug-515232-Try-getting-general.useragent.locale-as-a.patch
Bug-696636-Block-OpenGL-1-drivers-explicitly-to-stee.patch
Bug-710972-Define-G_VARIANT_TYPE_STRING_ARRAY-when-b.patch
Bug-722127-Bump-required-libvpx-version-to-1.0.0.-r-.patch
Bug-728136-Port-bug-528687-to-comm-central.patch
Bug-728229-Allow-to-build-with-system-python-ply-lib.patch
Bug-729817-Allow-the-Nouveau-driver-with-Mesa-8.0.1-.patch
Bug-729817-Block-the-Nouveau-3D-driver-as-it-s-insta.patch
Bug-734335-Only-build-SPS-on-supported-platforms.patch
Revert-investigation-patch-for-bug-621446.patch
Bug-698923-Don-t-require-16-bytes-alignment-for-VMFr.patch
Bug-711353-Add-support-for-GNU-kFreeBSD-and-GNU-Hurd.patch
modified patches:
Add-another-preferences-directory-for-applications-p.patch
Do-build-time-detection-of-2-bytes-wchar_t-and-char1.patch
Don-t-build-example-component.patch
Don-t-error-out-when-run-time-libsqlite-is-older-tha.patch
Don-t-register-plugins-if-the-MOZILLA_DISABLE_PLUGIN.patch
Gross-workaround-to-avoid-installing-test-idl-and-in.patch
Ignore-system-libjpeg-libpng-and-zlib-version-checki.patch
stop-configure-if-with-system-bz2-was-passed-but-no-.patch
Allow-.js-preference-files-to-set-locked-prefs-with-.patch
Bug-691898-Use-YARR-interpreter-instead-of-PCRE-on-p.patch
Bug-720682-Don-t-crash-an-app-using-libxul-because-o.patch
Include-cstdlib-in-gfx-angle-src-compiler-Types.h-fo.patch
Link-libldap-against-libpthread.patch
Load-dependent-libraries-with-their-real-path-to-avo.patch
Properly-launch-applications-set-in-HOME-.mailcap.patch
Remove-the-js-shell-from-the-build-directory-during-.patch
fix-branding-in-migration-wizard-and-the-addon-manag.patch
fix-installdir.patch
save-a-copy-of-a-attached-file-when-sending-from-OOo.patch
thunderbird-3-profile.patch
Change-extension-s-name-to-Iceowl.patch
Add-xptcall-support-for-SH4-processors.patch
Allow-ipc-code-to-build-on-GNU-hurd.patch
Allow-ipc-code-to-build-on-GNU-kfreebsd.patch
Bug-703833-Avoid-invalid-conversion-from-const-size_.patch
Disable-optimization-on-alpha-for-the-url-classifier.patch
Fix-GNU-non-Linux-failure-to-build-because-of-ipc-ch.patch
Support-building-on-GNU-kFreeBSD-and-GNU-Hurd.patch
Don-t-auto-disable-extensions-in-system-directories.patch
Set-javascript.options.showInConsole.patch
Allow-to-build-against-system-libffi.patch
* [907be61] Make sure we only match the generated files. Patch taken from
iceowl 1.5 package
* [772b9a0] Make system cairo work again. Patch taken from iceweasel.
* [0b6a8b3] Update
Add-another-preferences-directory-for-applications-p.patch to new method
name.
* [3395f21] Don't use APP_UA_NAME in application.ini since the replacement
fails and isn't needed.
* [6dea9fb] New upstream version 16.0.1
* [664153d] Add README.source describing howto import new upstream versions
* [a653bd0] Adjust to upstream changes:
* stop-configure-if-with-system-bz2-was-passed-but-no-.patch
* [f088193] Add a proper patch header
* to Fix-build-failure-for-header.py-and-typelib.py.patch
so we don't lose the patch description.
* [268cca5] New upstream version 16.0.2
* [a453a92] Rediff patches - no content changes
* [263bbeb] BUILD_OFFICIAL is now MOZILLA_OFFICIAL
* [a798e6b] Install dependentlibs.list to fix dlopen() of XPCOM
[ Ritesh Raj Sarraf ]
* [f871ba9] Refresh patches.
Droped patches:
* fixes/Remove-the-js-shell-from-the-build-directory-during-.patch
* porting/Bug-703833-Avoid-invalid-conversion-from-const-size_.patch
* fixes/Bug-691898-Use-YARR-interpreter-instead-of-PCRE-on-p.patch
* debian-hacks/Make-sure-we-only-match-the-generated-files.patch
* [9b02e4c] Refreshed patches for TB16
* [dc83dd7] Fix build failure for header.py and typelib.py.
Earlier builds were passing the --cachedir option
Sometime during TB15, Mozilla changed that to variables.
This change was not passing the --cachedir option, hence the build
failure. This patch just hacks the build by passing the cachedir option
manually
-- Guido Günther Tue, 30 Oct 2012 22:05:49 +0100
icedove (11.0-1) experimental; urgency=low
* [ffb767a] Imported Upstream version 11.0 (Closes: #663897)
* [2b75f48] relax optimize to -O1 on sparc to fix FTBFS
* [fa9a610] update build dependencies (Thanks to Mike) (Closes: #666722)
* [5b552f2] rebuild patch queue from patch-queue branch
added patches:
- fixes/Bug-710972-Define-G_VARIANT_TYPE_STRING_ARRAY-when-b.patch
- fixes/Bug-734335-Only-build-SPS-on-supported-platforms.patch
- fixes/Revert-investigation-patch-for-bug-621446.patch
modified patches:
- fixes/Bug-691898-Use-YARR-interpreter-instead-of-PCRE-on-p.patch
- icedove/fix-branding-in-migration-wizard-and-the-addon-manag.patch
- icedove/save-a-copy-of-a-attached-file-when-sending-from-OOo.patch
obsolete patches (fixed upstream):
- debian-hacks/Fix-tracejit-to-build-against-nanojit-headers-in-dis.patch
- debian-hacks/Install-missing-nanojit-and-.tbl-headers-from-js-src.patch
- fixes/Bug-710268-Sign-NSS-libraries-only-when-they-exist-r.patch
- fixes/Fixup-bz-730195-for-Linux-ARM-use-_URC_FOREIGN_EXCEP.patch
- fixes/mozilla-config.h-was-renamed-js-confdefs.h-in-js-src.patch
- fixes/Remove-generated-files-from-js-src-during-make-distc.patch
- porting/Bug-703531-Fix-ARMAssembler-getOp2RegScale-on-ARMv5.patch
- porting/Bug-703534-Fix-build-failure-on-platforms-without-YA.patch
- porting/Bug-703842-Avoid-R_SPARC_WDISP22-relocation-in-Tramp.patch
-- Christoph Goehre Wed, 18 Apr 2012 18:36:31 +0200
icedove (10.0.3-2) unstable; urgency=low
[ Christoph Goehre ]
* [1223204] bump up standards version to 3.9.3
[ Guido Günther ]
* [7d7b5f5] Don't put symlinks into iceowl/extensions
[ Christoph Goehre ]
* [94c07e5] update copyright file
* [88098a8] GNOME 3 integration: Use GIO instead of deprecated GnomeVFS.
Thanks to Michael Biebl (Closes: #658688)
* [9543fd1] add build depends python
* [ec62dcb] build a debug package, if DEB_BUILD_OPTIONS contains 'debug'
-- Christoph Goehre Tue, 27 Mar 2012 18:21:52 +0200
icedove (10.0.3-1) unstable; urgency=low
[ Christoph Goehre ]
* [ee4b49c] adjust source.filter list
* [b5f3064] New Upstream version 10.0.3 (Closes: #661115, #663897)
* [fd35da8] build against system python-ply
* [4964bb2] build against system libreadline
* [5412685] rebuild patch queue from patch-queue branch
added patches:
- debian-hacks/Don-t-build-example-component.patch
- fixes/Bug-515232-Try-getting-general.useragent.locale-as-a.patch
- fixes/Bug-628252-os2.cc-fails-to-compile-against-GCC-4.6-m.patch
- fixes/Bug-691898-Use-YARR-interpreter-instead-of-PCRE-on-p.patch
- fixes/Bug-696636-Block-OpenGL-1-drivers-explicitly-to-stee.patch
- fixes/Bug-710268-Sign-NSS-libraries-only-when-they-exist-r.patch
- fixes/Bug-720682-Don-t-crash-an-app-using-libxul-because-o.patch
- fixes/Bug-722127-Bump-required-libvpx-version-to-1.0.0.-r-.patch
- fixes/Bug-728136-Port-bug-528687-to-comm-central.patch
- fixes/Bug-728229-Allow-to-build-with-system-python-ply-lib.patch
- fixes/Bug-729817-Allow-the-Nouveau-driver-with-Mesa-8.0.1-.patch
- fixes/Bug-729817-Block-the-Nouveau-3D-driver-as-it-s-insta.patch
- fixes/Fixup-bz-730195-for-Linux-ARM-use-_URC_FOREIGN_EXCEP.patch
- fixes/Include-cstdlib-in-gfx-angle-src-compiler-Types.h-fo.patch
- fixes/Link-libldap-against-libpthread.patch
- fixes/Load-dependent-libraries-with-their-real-path-to-avo.patch
- porting/Bug-703534-Fix-build-failure-on-platforms-without-YA.patch
- prefs/Don-t-auto-disable-extensions-in-system-directories.patch
(Closes: #648712)
modified patches:
- debian-hacks/Install-missing-nanojit-and-.tbl-headers-from-js-src.patch
- fixes/Allow-.js-preference-files-to-set-locked-prefs-with-.patch
- fixes/Properly-launch-applications-set-in-HOME-.mailcap.patch
- icedove/fix-branding-in-migration-wizard-and-the-addon-manag.patch
- porting/Allow-ipc-code-to-build-on-GNU-hurd.patch
- porting/Bug-703833-Avoid-invalid-conversion-from-const-size_.patch
- prefs/Set-javascript.options.showInConsole.patch
obsolete patches (fixed upstream):
- debian-hacks/get-ride-of-default-debian-hardering-options.patch
- iceowl/Install-calendar-timezones-mode-0644-not-0755.patch
- porting/Add-mips-hppa-ia64-s390-and-sparc-defines-in-ipc-chr.patch
- porting/Bug-680917-Use-a-pool-size-of-16kB-on-ia64-for-bump-.patch
- porting/Bug-694533-LDRH-STRH-LDRSB-STRSB-are-supported-on-AR.patch
- porting/Bug-696393-Reimplement-NS_InvokeByIndex-in-C-on-S390.patch
- porting/Revert-bz-164580.patch
[ Michael Biebl ]
* [c0a3ee2] Install chrome.manifest file to ensure the various components
(like GNOME support module) are correctly loaded. (Closes: #658479)
[ Christoph Goehre ]
* [02687fc] adjust install/link files for new upstream
* [b551d6a] omni.jar was renamed to omni.ja
-- Christoph Goehre Sat, 24 Mar 2012 23:10:47 +0100
icedove (9.0.1-1) experimental; urgency=low
* [e2002b8] New Upstream version 9.0.1 (Closes: #653266, #653556)
* [9c14e8b] replace dfsg cleanup script with Mike's repack.py
* [2a34bd8] rebuild patch queue from patch-queue branch
added patches:
- porting/Bug-698923-Don-t-require-16-bytes-alignment-for-VMFr.patch
- porting/Bug-703531-Fix-ARMAssembler-getOp2RegScale-on-ARMv5.patch
- porting/Bug-703833-Avoid-invalid-conversion-from-const-size_.patch
- porting/Bug-703842-Avoid-R_SPARC_WDISP22-relocation-in-Tramp.patch
- porting/Bug-711353-Add-support-for-GNU-kFreeBSD-and-GNU-Hurd.patch
- porting/Fix-GNU-non-Linux-failure-to-build-because-of-ipc-ch.patch
* [03ed85d] remove Build-Depends python-ply, it's shipped and searched in
mozilla/other-licenses
-- Christoph Goehre Tue, 24 Jan 2012 19:13:30 +0100
icedove (8.0-2) unstable; urgency=low
* Upload to unstable
* [b02c21d] fix crash in xpcshell on sparc linux
-- Christoph Goehre Wed, 04 Jan 2012 18:09:14 +0100
icedove (8.0-1) experimental; urgency=low
[ Guido Günther ]
* [17a7a80] Add x-scheme-handler/mailto to. Thanks to Michael Biebl for the
patch (Closes: #645556)
[ Christoph Goehre ]
* [4066038] New Upstream version 8.0
* [aa9105e] update autoconfig for e-mail accounts from riseup.net
(Closes: #648907)
* [decc1ac] fix wrong description text in iceowl-extension (Closes: #649073)
* [c97dda6] rebuild patch queue from patch-queue branch
added patches:
- debian-hacks/Statically-link-jemalloc-to-all-programs.patch
- fixes/Bug-670719-Only-add-DENABLE_JIT-1-to-CXXFLAGS-if-any.patch
- fixes/Bug-680642-Don-t-enable-YARR-JIT-on-MIPS-as-the-impl.patch
- porting/Bug-589735-Allocate-memory-with-an-address-with-high.patch
- porting/Bug-589735-Allow-static-JS-strings-to-be-turned-off-.patch
- porting/Bug-680917-Use-a-pool-size-of-16kB-on-ia64-for-bump-.patch
- porting/Bug-694533-LDRH-STRH-LDRSB-STRSB-are-supported-on-AR.patch
- porting/Bug-696393-Reimplement-NS_InvokeByIndex-in-C-on-S390.patch
- porting/Revert-bz-164580.patch
-- Christoph Goehre Sun, 20 Nov 2011 19:58:37 +0100
icedove (8.0~b4-2) experimental; urgency=low
[ Guido Günther ]
* [5d043ec] Install calendar extension
* [07feb49] Change extension's name to Iceowl
* [c597212] iceowl-extension: don't ignore errors in postinst
* [30ec51d] Disable patch numbers
* [73f80ed] Don't install timezones file mode 0755
[ Christoph Goehre ]
* [0fa13be] remove duplicate build depends unzip
-- Christoph Goehre Tue, 08 Nov 2011 22:29:19 +0100
icedove (8.0~b4-1) experimental; urgency=low
* [4e90977] New Upstream Version 8.0b4 (Closes: #591771, #638161)
* [955423a] replace duplicate .so files in icedove and icedove-dev with
symlinks
* [6ffb325] remove obsolete cdbs rule to extract tarball
* [f98837b] build against libnotify4 (libnotify-dev >= 0.7)(Closes: #637194)
* [66f72bc] Build-depend on libjpeg-dev instead of libjpeg62-dev
* [8af21a2] rebuild patch queue from patch-queue branch
added patches:
- debian-hacks/get-ride-of-default-debian-hardering-options.patch
- fixes/packager-fails-when-MOZILLA_DIR-is-a-relative-path.patch
modified patches:
- icedove/save-a-copy-of-a-attached-file-when-sending-from-OOo.patch
obsolete patches (fixed upstream):
- debian-hacks/bzXXX-ftbfs-static-with-system-hunspell.patch
- fixes/Bug-626035-Modify-the-way-arm-compiler-flags-are-set.patch
- fixes/Bug-639554-Install-sdk-bin-with-make-install.-r-bsme.patch
- fixes/Bug-640494-part-1-Get-rid-of-STL-algorithm-use-in-js.patch
- fixes/Bug-640494-part-2-Use-bitwise-operations-in-JSDOUBLE.patch
- fixes/Bug-652139-Use-an-integer-type-in-DocumentViewerImpl.patch
- fixes/Bug-662224-Define-NS_ATTR_MALLOC-and-NS_WARN_UNUSED_.patch
- fixes/Bug-668906-Do-not-call-openUnsharedDatabase-with-a-n.patch
- fixes/Bug-671564-Initialize-NS_XPCOM_LIBRARY_FILE-from-NS_.patch
- fixes/Disable-building-embedded-libjpeg-turbo-when-buildin.patch
- porting/Allow-to-build-yuv_convert_arm.cpp-on-armv4t.patch
- porting/Bug-638056-Avoid-The-cacheFlush-support-is-missing-o.patch
- porting/Fix-FTBFS-in-IPC-on-Linux-PPC.patch
- porting/Fix-FTBFS-in-xpcom-base-on-armv4t.patch
- system-libs/libxul-linking-error-with-enable-system-ffi-and-stat.patch
* [5f6e50f] add Japanese translation for desktop menu entry. Thanks to
Hideki Yamane (Closes: #640679)
* [591f76c] add build depends unzip
* [0af372f] remove upstream integrated CFLAGS and CXXFLAGS '-g -std=gnu++0x'
* [a4c8b2f] adjust install and links file to new upstream
* [332b7a8] Revert "override libtheora embedded-library error" no longer
needed
-- Christoph Goehre Sat, 05 Nov 2011 20:31:29 +0100
icedove (5.0-2) experimental; urgency=low
* [7f92927] fix FTBFS on ia64: use gcc with -O2 instead of -Os
* [b6b8dea] Disable methodjit on armel
* [5b45336] remove obsolete conffiles with dpkg-maintscript-helper
(Closes: #636819)
* [868cfa3] rebuild patch queue from patch-queue branch
added patches:
- porting/Allow-ipc-code-to-build-on-GNU-hurd.patch - fix building on
GNU/hurd - Thanks to Pino Toscano
-- Christoph Goehre Sun, 07 Aug 2011 15:35:09 +0200
icedove (5.0-1) experimental; urgency=low
* New Upstream Version (Closes: #632037)
* [98c5a8f] build against libffi and libvpx
* [52dff12] build javascript lib as shared library
* [6f1c24d] build against mozilla png library
* [9e16beb] c-sdk moved from directory/sdks/c-sdk to ldap/sdks/c-sdk
* [57763a0] override libtheora embedded-library error
* [fc71b62] adjust install/links files for new upstream version
* [6e83a58] Revert "lintian: override ancient-libtool warning" override no
longer needed
* [d65b463] change hardcoded list of non-Linux build depends into linux-any
(Closes: #634301)
* [ff3a8f3] remove file compare in build run
* [a21efa9] add branding for icedove 5.0
* [7023939] update porting/Fix-FTBFS-in-xpcom-base-on-armv4t.patch - fix
building on armhf
-- Christoph Goehre Wed, 03 Aug 2011 18:25:17 +0200
icedove (3.1.11-1) unstable; urgency=high
* New Upstream Version
- MFSA 2011-19 aka CVE-2011-2364, CVE-2011-2365, CVE-2011-2374,
CVE-2011-2376:
Miscellaneous memory safety hazards (rv:3.0/1.9.2.18)
- MFSA 2011-20 aka CVE-2011-2373: Use-after-free vulnerability when
viewing XUL document with script disabled
- MFSA 2011-21 aka CVE-2011-2377: Memory corruption due to
multipart/x-mixed-replace images
- MFSA 2011-22 aka CVE-2011-2371: Integer overflow and arbitrary code
execution in Array.reduceRight()
- MFSA 2011-23 aka CVE-2011-0083, CVE-2011-0085, CVE-2011-2363:
Multiple dangling pointer vulnerabilities
- MFSA 2011-24 aka CVE-2011-2362: Cookie isolation error
* [2a82ce8] DM-Upload-Allowed is superfluous since I'm DD
-- Christoph Goehre Sun, 26 Jun 2011 10:35:31 +0200
icedove (3.1.10-2) unstable; urgency=low
* [de81b7f] remove obsolete build depends libxp-dev (Closes: #623668)
* [633782d] change DEB_HOST_MULTIARCH back to DEB_HOST_GNU_TYPE and
downgrade sqlite version (Closes: #627598)
-- Christoph Goehre Mon, 06 Jun 2011 20:53:54 +0200
icedove (3.1.10-1) unstable; urgency=high
* New Upstream Version (Closes: #625207)
- MFSA 2011-12 aka CVE-2011-0069, CVE-2011-0070, CVE-2011-0072,
CVE-2011-0074, CVE-2011-0075, CVE-2011-0077,
CVE-2011-0078, CVE-2011-0080, CVE-2011-0081:
Miscellaneous memory safety hazards (rv:2.0.1/ 1.9.2.17/ 1.9.1.19)
- MFSA 2011-16 aka CVE-2011-0071: Directory traversal in resource: protocol
* [78e0217] build against system libbz2
* [e6af761] build against system libpng
* [4b57c30] build against system libhunspell
* [937f0bd] double check to build against most system libraries
* [d6de723] rebuild patch queue from patch-queue branch
added patches (Closes: #624969):
- 0072-fix-building-with-gcc-4.6-Add-constructor-to-placate.patch
- 0073-fix-building-with-gcc-4.6-os2.cc-missing-include-cst.patch
- 0074-Add-constructor-for-nsCaseInsensitiveStringComparato.patch
- 0075-Add-constructor-for-nsXULAppInfo-which-inherits-from.patch
- 0076-Add-constructor-for-GTKEmbedDirectoryProvider.patch
modified patches:
- 0056-Disable-APNG-support-when-system-libpng-doesn-t-supp.patch
obsolete patches (fixed upstream):
- 0051-Do-exec-instead-of-uselessly-forking-in-xulrunner-la.patch
- 0072-Add-support-for-libnotify-0.7.patch
* [e190ef1] bump up standards version to 3.9.2 (change DEB_HOST_GNU_TYPE to
DEB_HOST_MULTIARCH)
-- Christoph Goehre Tue, 10 May 2011 20:03:04 +0200
icedove (3.1.9-2) unstable; urgency=low
* Upload to unstable
* [ace3b6f] rebuild patch queue from patch-queue branch
added patches:
- 0072-Add-support-for-libnotify-0.7.patch
* [910f213] use DEP5 for copyright file
* [3ae4c8b] set global section to 'mail'
* [42c9c89] icedove.1: icedove is derived from Thunderbird instead of
Mozilla suite
-- Christoph Goehre Sat, 02 Apr 2011 09:43:04 +0200
icedove (3.1.9-1) experimental; urgency=low
* New Upstream Version
- MFSA 2011-01 aka CVE-2011-0053, CVE-2011-0062: Miscellaneous memory
safety hazards (rv:1.9.2.14/ 1.9.1.17)
- MFSA 2011-08 aka CVE-2010-1585: ParanoidFragmentSink allows javascript:
URLs in chrome documents
- MFSA 2011-09 aka CVE-2011-0061: Crash caused by corrupted JPEG image
* [699536a] rebuild patch queue from patch-queue branch
added patches:
- 0069-save-a-copy-of-a-attached-file-when-sending-from-OOo.patch
(Closes: #505875)
- 0070-News-article-is-empty-if-selected-during-download-fr.patch
(Closes: #487494)
- 0071-restore-icedove-on-login-by-session-management.patch
(Closes: #403458)
modified patches:
- 0003-no_dynamic_nss_softokn.patch
- 0010-Support-building-on-GNU-kFreeBSD-and-GNU-Hurd.patch
- 0030-Don-t-error-out-when-run-time-libsqlite-is-older-tha.patch
* [98d8ac0] c-sdk move to sdks/c-sdk - adjust
debian/{copyright,remove.nonfree,rules}
-- Christoph Goehre Wed, 09 Mar 2011 20:21:59 +0100
icedove (3.1.7-1) experimental; urgency=low
* New Upstream Version (Closes: #606977)
- MFSA 2010-74 aka CVE-2010-3776, CVE-2010-3777: Miscellaneous memory
safety hazards (rv:1.9.2.13/ 1.9.1.16)
- MFSA 2010-75 aka CVE-2010-3769: Buffer overflow while line breaking
after document.write with long string
- MFSA 2010-78 aka CVE-2010-3768: Add support for OTS font sanitizer
* [46e3e8a] rebuild patch queue from patch-queue branch
added patches:
- 0068-fix-forwarding-of-Simple-HTML-email.patch
obsolete patches (fixed upstream):
- 0017-Implement-sync_instruction_memory-for-sparc-linux.patch
- 0059-Fix-startup-problem-with-symlinked-components-e.g.-e.patch
* [9fcce0c] add license info for gfx/ots
-- Christoph Goehre Mon, 13 Dec 2010 17:59:50 +0100
icedove (3.1.6-1) experimental; urgency=low
* New Upstream Version (Closes: #601334)
- MFSA 2010-64 aka CVE-2010-3175, CVE-2010-3176: Miscellaneous memory
safety hazards (rv:1.9.2.11/ 1.9.1.14)
- MFSA 2010-65 aka CVE-2010-3179: Buffer overflow and memory corruption
using document.write
- MFSA 2010-66 aka CVE-2010-3180: Use-after-free error in nsBarProp
- MFSA 2010-67 aka CVE-2010-3183: Dangling pointer vulnerability in
LookupGetterOrSetter
- MFSA 2010-69 aka CVE-2010-3178: Cross-site information disclosure via
modal calls
- MFSA 2010-71 aka CVE-2010-3182: Unsafe library loading vulnerabilities
- MFSA 2010-73 aka CVE-2010-3765: Heap buffer overflow mixing
document.write and DOM insertion
* [270fd51] rebuild patch queue from patch-queue branch
added patches:
- 0069-Use-errno.ENOENT-instead-of-2-in-JarMaker.py.patch
modified patches:
- 0009-fix-branding-in-migration-wizard-and-the-addon-manag.patch
* [24421f4] bump build depends for libnspr4-dev, libnss3-dev and
libsqlite3-dev
-- Christoph Goehre Wed, 10 Nov 2010 07:11:17 +0100
icedove (3.1.4-1) experimental; urgency=low
* New Upstream Version
-- Christoph Goehre Sat, 18 Sep 2010 18:25:37 +0200
icedove (3.1.3-1) experimental; urgency=low
* New Upstream Version
- MFSA 2010-49 aka CVE-2010-3169: Miscellaneous memory safety hazards
(rv:1.9.2.9/ 1.9.1.12)
- MFSA 2010-50 aka CVE-2010-2765: Frameset integer overflow vulnerability
- MFSA 2010-51 aka CVE-2010-2767: Dangling pointer vulnerability using DOM
plugin array
- MFSA 2010-53 aka CVE-2010-3166: Heap buffer overflow in
nsTextFrameUtils::TransformText
- MFSA 2010-54 aka CVE-2010-2760: Dangling pointer vulnerability in
nsTreeSelection
- MFSA 2010-55 aka CVE-2010-3168: XUL tree removal crash and remote code
execution
- MFSA 2010-56 aka CVE-2010-3167: Dangling pointer vulnerability in
nsTreeContentView
- MFSA 2010-57 aka CVE-2010-2766: Crash and remote code execution in
normalizeDocument
- MFSA 2010-59 aka CVE-2010-2762: SJOW creates scope chains ending in
outer object
- MFSA 2010-61 aka CVE-2010-2768: UTF-7 XSS by overriding document charset
using