Whats New on Icedove?

What's changed inside the buildsystem or on the debian specific part? Take a look into the Changelog!

Icedove 24.6.0

http://www.mozilla.org/en-US/thunderbird/24.6.0/releasenotes/

New Features, Changes, Fixes

No new features there added.

Securityfixes

MFSA 2014-52

Use-after-free with SMIL Animation Controller

MFSA 2014-49

Use-after-free and out of bounds issues found using Address Sanitizer

MFSA 2014-48

Miscellaneous memory safety hazards (rv:30.0 / rv:24.6)


Icedove 24.5.0

http://www.mozilla.org/en-US/thunderbird/24.5.0/releasenotes/

New Features, Changes, Fixes

No new features there added.

Securityfixes

MFSA 2014-46

Use-after-free in nsHostResolve

MFSA 2014-44

Use-after-free in imgLoader while resizing images

MFSA 2014-43

Cross-site scripting (XSS) using history navigations

MFSA 2014-42

Privilege escalation through Web Notification API

MFSA 2014-38

Buffer overflow when using non-XBL object as XBL

MFSA 2013-37

Out of bounds read while decoding JPG images

MFSA 2013-35

Privilege escalation through Mozilla Maintenance Service Installer

MFSA 2013-34

Miscellaneous memory safety hazards (rv:29.0 / rv:24.5)


Icedove 24.4.0

http://www.mozilla.org/en-US/thunderbird/24.4.0/releasenotes/

New Features, Changes, Fixes

No new features there added.

Securityfixes

MFSA 2014-32

Out-of-bounds write through TypedArrayObject after neutering

MFSA 2014-31

Out-of-bounds read/write through neutering ArrayBuffer objects

MFSA 2014-30

Use-after-free in TypeObject

MFSA 2014-29

Privilege escalation using WebIDL-implemented APIs

MFSA 2014-28

SVG filters information disclosure through feDisplacementMap

MFSA 2013-27

Memory corruption in Cairo during PDF font rendering

MFSA 2013-26

Information disclosure through polygon rendering in MathML

MFSA 2013-17

Out of bounds read during WAV file decoding

MFSA 2013-16

Files extracted during updates are not always read only

MFSA 2014-15

Miscellaneous memory safety hazards (rv:28.0 / rv:24.4)


Icedove 24.3.0

http://www.mozilla.org/en-US/thunderbird/24.3.0/releasenotes/

New Features, Changes, Fixes

No new features there added.

Securityfixes

MFSA 2014-13

Inconsistent JavaScript handling of access to Window objects

MFSA 2014-12

NSS ticket handling issues

MFSA 2014-9

Cross-origin information leak through web workers

MFSA 2014-8

Use-after-free with imgRequestProxy and image proccessing

MFSA 2013-4

Incorrect use of discarded images by RasterImage

MFSA 2013-2

Clone protected content with XBL scopes

MFSA 2014-1

Miscellaneous memory safety hazards (rv:27.0 / rv:24.3)


Icedove 24.2.0

http://www.mozilla.org/en-US/thunderbird/24.2.0/releasenotes/

New Features, Changes, Fixes

No new features there added.

Securityfixes

MFSA 2013-117

Mis-issued ANSSI/DCSSI certificate

MFSA 2013-116

JPEG information leak

MFSA 2013-115

GetElementIC typed array stubs can be generated outside observed typesets

MFSA 2013-114

Use-after-free in synthetic mouse movement

MFSA 2013-113

Trust settings for built-in roots ignored during EV certificate validation

MFSA 2013-111

Segmentation violation when replacing ordered list elements

MFSA 2013-109

Use-after-free during Table Editing

MFSA 2013-108

Use-after-free in event listeners

MFSA 2013-104

Miscellaneous memory safety hazards (rv:26.0 / rv:24.2)


Icedove 24.1.1

http://www.mozilla.org/en-US/thunderbird/24.1.1/releasenotes/

New Features, Changes, Fixes

No new features there added.

Securityfixes

MFSA 2013-103

Miscellaneous Network Security Services (NSS) vulnerabilities


Icedove 24.1

http://www.mozilla.org/en-US/thunderbird/24.1/releasenotes/

New Features, Changes, Fixes

No new features there added.

Securityfixes

MFSA 2013-102

Use-after-free in HTML document templates

MFSA 2013-101

Memory corruption in workers

MFSA 2013-100

Miscellaneous use-after-free issues found through ASAN fuzzing

MFSA 2013-98

Use-after-free when updating offline cache

MFSA 2013-97

Writing to cycle collected object during image decoding

MFSA 2013-96

Improperly initialized memory and overflows in some JavaScript functions

MFSA 2013-95

Access violation with XSLT and uninitialized data

MFSA 2013-94

Spoofing addressbar though SELECT element

MFSA 2013-93

Miscellaneous memory safety hazards (rv:25.0 / rv:24.1 / rv:17.0.10)


Icedove 24.0

http://www.mozilla.org/en-US/thunderbird/24.0/releasenotes/

New Features, Changes, Fixes

Securityfixes

MFSA 2013-92

GC hazard with default compartments and frame chain restoration

MFSA 2013-91

User-defined properties on DOM proxies get the wrong "this" object

MFSA 2013-90

Memory corruption involving scrolling

MFSA 2013-89

Buffer overflow with multi-column, lists, and floats

MFSA 2013-88

compartment mismatch re-attaching XBL-backed nodes

MFSA 2013-85

Uninitialized data in IonMonkey

MFSA 2013-83

Mozilla Updater does not lock MAR file after signature verification

MFSA 2013-82

Calling scope for new Javascript objects can lead to memory corruption

MFSA 2013-81

Use-after-free with select element

MFSA 2013-80

NativeKey continues handling key messages after widget is destroyed

MFSA 2013-79

Use-after-free in Animation Manager during stylesheet cloning

MFSA 2013-77

Improper state in HTML5 Tree Builder with templates

MFSA 2013-76

Miscellaneous memory safety hazards (rv:24.0 / rv:17.0.9)


Icedove 17.0.8

http://www.mozilla.org/en-US/thunderbird/17.0.8/releasenotes/

New Features, Changes, Fixes

No new features there added.

Securityfixes

MFSA 2013-75

Local Java applets may read contents of local file system

MFSA 2013-73

Same-origin bypass with web workers and XMLHttpRequest

MFSA 2013-72

Wrong principal used for validating URI for some Javascript components

MFSA 2013-71

Further Privilege escalation through Mozilla Updater

MFSA 2013-69

CRMF requests allow for code execution and XSS attacks

MFSA 2013-68

Document URI misrepresentation and masquerading

MFSA 2013-66

Buffer overflow in Mozilla Maintenance Service and Mozilla Updater

MFSA 2013-63

Miscellaneous memory safety hazards (rv:23.0 / rv:17.0.8)


Icedove 17.0.7

http://www.mozilla.org/en-US/thunderbird/17.0.7/releasenotes/

New Features, Changes, Fixes

No new features there added.

Securityfixes

MFSA 2013-59

XrayWrappers can be bypassed to run user defined methods in a privileged context

MFSA 2013-56

PreserveWrapper has inconsistent behavior

MFSA 2013-55

SVG filters can lead to information disclosure

MFSA 2013-54

Data in the body of XHR HEAD requests leads to CSRF attacks

MFSA 2013-53

Execution of unmapped memory through onreadystatechange event

MFSA 2013-51

Privileged content access and execution via XBL

MFSA 2013-50

Memory corruption found using Address Sanitizer

MFSA 2013-49

Miscellaneous memory safety hazards (rv:22.0 / rv:17.0.7)


Icedove 17.0.6

http://www.mozilla.org/en-US/thunderbird/17.0.6/releasenotes/

New Features, Changes, Fixes

No new features there added.

Securityfixes

MFSA 2013-48

Memory corruption found using Address Sanitizer

MFSA 2013-47

Uninitialized functions in DOMSVGZoomEvent

MFSA 2013-46

Use-after-free with video and onresize event

MFSA 2013-44

Local privilege escalation through Mozilla Maintenance Service

MFSA 2013-42

Privileged access for content level constructor

MFSA 2013-41

Miscellaneous memory safety hazards (rv:21.0 / rv:17.0.6)


Icedove 17.0.5

http://www.mozilla.org/en-US/thunderbird/17.0.5/releasenotes/

New Features, Changes, Fixes

No new features there added.

Securityfixes

MFSA 2013-40

Out-of-bounds array read in CERT_DecodeCertPackage

MFSA 2013-38

Cross-site scripting (XSS) using timed history navigations

MFSA 2013-36

Bypass of SOW protections allows cloning of protected nodes

MFSA 2013-35

WebGL crash with Mesa graphics driver on Linux

MFSA 2013-34

Privilege escalation through Mozilla Updater

MFSA 2013-32

Privilege escalation through Mozilla Maintenance Service

MFSA 2013-31

Out-of-bounds write in Cairo library

MFSA 2013-30

Miscellaneous memory safety hazards (rv:20.0 / rv:17.0.5)


Icedove 17.0.4

http://www.mozilla.org/en-US/thunderbird/17.0.4/releasenotes/

New Features, Changes, Fixes

No new features there added.

Securityfixes

MFSA 2013-29

Use-after-free in HTML Editor



CategoryIcedove