-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Wed, 02 Mar 2011 18:22:20 +0100 Source: icedove Binary: icedove icedove-dev icedove-dbg Architecture: source i386 Version: 3.0.11-1+squeeze1 Distribution: stable-security Urgency: high Maintainer: Alexander Sack Changed-By: Christoph Goehre Description: icedove - mail/news client with RSS and integrated spam filter support icedove-dbg - Debug Symbols for Icedove icedove-dev - Development files for Icedove Changes: icedove (3.0.11-1+squeeze1) stable-security; urgency=high . * [2bf1366] backported patches from xulrunner fixes mfsa2011-{01-08,10} - MFSA 2011-01 aka CVE-2011-0053: Miscellaneous memory safety hazards (rv:1.9.2.14/ 1.9.1.17) - MFSA 2011-02 aka CVE-2011-0051: Recursive eval call causes confirm dialogs to evaluate to true - MFSA 2011-03 aka CVE-2011-0055: Use-after-free error in JSON.stringify - MFSA 2011-04 aka CVE-2011-0054: Buffer overflow in JavaScript upvarMap - MFSA 2011-05 aka CVE-2011-0056: Buffer overflow in JavaScript atom map - MFSA 2011-06 aka CVE-2011-0057: Use-after-free error using Web Workers - MFSA 2011-07 aka CVE-2011-0058: Memory corruption during text run construction (Windows) - MFSA 2011-08 aka CVE-2010-1585: ParanoidFragmentSink allows javascript: URLs in chrome documents - MFSA 2011-10 aka CVE-2011-0059: CSRF risk with plugins and 307 redirects Checksums-Sha1: 86fcd44516d5ec950eabbaee1d54faa2face6658 1880 icedove_3.0.11-1+squeeze1.dsc f8d8107b0a21b9b87ae3db5b6833a55ba74c121d 51910411 icedove_3.0.11.orig.tar.bz2 4359ab264fddccdcf5a64b988028d11d369e2b8f 408564 icedove_3.0.11-1+squeeze1.debian.tar.gz cb29602f958e4a094ab9fac46944fabcb014231f 11151280 icedove_3.0.11-1+squeeze1_i386.deb a84d0d1e60e72241a9df7829c7ce98425f86062a 5807170 icedove-dev_3.0.11-1+squeeze1_i386.deb 3dc7e4f2519c991d202c0390137f431980f9538c 69178128 icedove-dbg_3.0.11-1+squeeze1_i386.deb Checksums-Sha256: ac7f7f30c4047ca384e3603e1ed270c418db014429ebd44652bea2842269d9b1 1880 icedove_3.0.11-1+squeeze1.dsc 147dc74552d0de56ca63379c0feb46affd19e77ce5cb4ed6f6a21bdfaff628d6 51910411 icedove_3.0.11.orig.tar.bz2 a001962fab60c53f308ea11d7cf6baa42e65129f8d1c793237fffd1392b68a2a 408564 icedove_3.0.11-1+squeeze1.debian.tar.gz c86cce8bc3468e6dc306119b12f7901adc0fadd5c9d92a3de30af000e9a2b7a7 11151280 icedove_3.0.11-1+squeeze1_i386.deb c440e42921fecf4cdfa387b7dd33789ba59b548acbbca1787236b967f6d1ea0a 5807170 icedove-dev_3.0.11-1+squeeze1_i386.deb 9bc1e0554c6a20279854ee61e34aafc6dd6878e02aac20a223d57792e86cdc24 69178128 icedove-dbg_3.0.11-1+squeeze1_i386.deb Files: a962a85d46bb672043185ee408a80849 1880 web optional icedove_3.0.11-1+squeeze1.dsc d8494d5df4203253927b905a9bc21860 51910411 web optional icedove_3.0.11.orig.tar.bz2 659591b4999e27bfceca29e760952f8a 408564 web optional icedove_3.0.11-1+squeeze1.debian.tar.gz 1cf0b0699c8e240d9cb8490a8dbeabf7 11151280 mail optional icedove_3.0.11-1+squeeze1_i386.deb 76b921328401c905bf903890a4760a43 5807170 mail optional icedove-dev_3.0.11-1+squeeze1_i386.deb 6dcfa1082a87638aa716d3b4609a4a20 69178128 debug extra icedove-dbg_3.0.11-1+squeeze1_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iD8DBQFNdKY8n88szT8+ZCYRAoJ0AJ9IoBqPtbh7J297y5mx6riS6/oXvwCaAjUX NL19Wci2CreA3irQF9Aklaw= =rPdR -----END PGP SIGNATURE-----