RedHat has issued an advisory on October 26: https://rhn.redhat.com/errata/RHSA-2012-1407.html Updated packages uploaded for Mageia 1 and Mageia 2. Advisory: ======================== Updated mozilla-thunderbird packages fix security vulnerabilities: Multiple flaws were found in the location object implementation in Firefox. Malicious content could be used to perform cross-site scripting attacks, bypass the same-origin policy, or cause Firefox to execute arbitrary code (CVE-2012-4194, CVE-2012-4195, CVE-2012-4196). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4194 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4196 http://www.mozilla.org/security/announce/2012/mfsa2012-90.html https://rhn.redhat.com/errata/RHSA-2012-1407.html ======================== Updated packages in core/updates_testing: ======================== mozilla-thunderbird-10.0.10-1.mga1 mozilla-thunderbird-enigmail-10.0.10-1.mga1 nsinstall-10.0.10-1.mga1 mozilla-thunderbird-enigmail-ar-10.0.10-1.mga1 mozilla-thunderbird-enigmail-ca-10.0.10-1.mga1 mozilla-thunderbird-enigmail-cs-10.0.10-1.mga1 mozilla-thunderbird-enigmail-de-10.0.10-1.mga1 mozilla-thunderbird-enigmail-el-10.0.10-1.mga1 mozilla-thunderbird-enigmail-es-10.0.10-1.mga1 mozilla-thunderbird-enigmail-fi-10.0.10-1.mga1 mozilla-thunderbird-enigmail-fr-10.0.10-1.mga1 mozilla-thunderbird-enigmail-it-10.0.10-1.mga1 mozilla-thunderbird-enigmail-ja-10.0.10-1.mga1 mozilla-thunderbird-enigmail-ko-10.0.10-1.mga1 mozilla-thunderbird-enigmail-nb-10.0.10-1.mga1 mozilla-thunderbird-enigmail-nl-10.0.10-1.mga1 mozilla-thunderbird-enigmail-pl-10.0.10-1.mga1 mozilla-thunderbird-enigmail-pt-10.0.10-1.mga1 mozilla-thunderbird-enigmail-pt_BR-10.0.10-1.mga1 mozilla-thunderbird-enigmail-ru-10.0.10-1.mga1 mozilla-thunderbird-enigmail-sl-10.0.10-1.mga1 mozilla-thunderbird-enigmail-sv-10.0.10-1.mga1 mozilla-thunderbird-enigmail-tr-10.0.10-1.mga1 mozilla-thunderbird-enigmail-vi-10.0.10-1.mga1 mozilla-thunderbird-enigmail-zh_CN-10.0.10-1.mga1 mozilla-thunderbird-enigmail-zh_TW-10.0.10-1.mga1 mozilla-thunderbird-ar-10.0.10-1.mga1 mozilla-thunderbird-be-10.0.10-1.mga1 mozilla-thunderbird-bg-10.0.10-1.mga1 mozilla-thunderbird-bn_BD-10.0.10-1.mga1 mozilla-thunderbird-br-10.0.10-1.mga1 mozilla-thunderbird-ca-10.0.10-1.mga1 mozilla-thunderbird-cs-10.0.10-1.mga1 mozilla-thunderbird-da-10.0.10-1.mga1 mozilla-thunderbird-de-10.0.10-1.mga1 mozilla-thunderbird-el-10.0.10-1.mga1 mozilla-thunderbird-en_GB-10.0.10-1.mga1 mozilla-thunderbird-es_AR-10.0.10-1.mga1 mozilla-thunderbird-es_ES-10.0.10-1.mga1 mozilla-thunderbird-et-10.0.10-1.mga1 mozilla-thunderbird-eu-10.0.10-1.mga1 mozilla-thunderbird-fi-10.0.10-1.mga1 mozilla-thunderbird-fr-10.0.10-1.mga1 mozilla-thunderbird-fy-10.0.10-1.mga1 mozilla-thunderbird-ga-10.0.10-1.mga1 mozilla-thunderbird-gd-10.0.10-1.mga1 mozilla-thunderbird-gl-10.0.10-1.mga1 mozilla-thunderbird-he-10.0.10-1.mga1 mozilla-thunderbird-hu-10.0.10-1.mga1 mozilla-thunderbird-id-10.0.10-1.mga1 mozilla-thunderbird-is-10.0.10-1.mga1 mozilla-thunderbird-it-10.0.10-1.mga1 mozilla-thunderbird-ja-10.0.10-1.mga1 mozilla-thunderbird-ko-10.0.10-1.mga1 mozilla-thunderbird-lt-10.0.10-1.mga1 mozilla-thunderbird-nb_NO-10.0.10-1.mga1 mozilla-thunderbird-nl-10.0.10-1.mga1 mozilla-thunderbird-nn_NO-10.0.10-1.mga1 mozilla-thunderbird-pl-10.0.10-1.mga1 mozilla-thunderbird-pt_BR-10.0.10-1.mga1 mozilla-thunderbird-pt_PT-10.0.10-1.mga1 mozilla-thunderbird-ro-10.0.10-1.mga1 mozilla-thunderbird-ru-10.0.10-1.mga1 mozilla-thunderbird-si-10.0.10-1.mga1 mozilla-thunderbird-sk-10.0.10-1.mga1 mozilla-thunderbird-sl-10.0.10-1.mga1 mozilla-thunderbird-sq-10.0.10-1.mga1 mozilla-thunderbird-sv_SE-10.0.10-1.mga1 mozilla-thunderbird-ta_LK-10.0.10-1.mga1 mozilla-thunderbird-tr-10.0.10-1.mga1 mozilla-thunderbird-uk-10.0.10-1.mga1 mozilla-thunderbird-vi-10.0.10-1.mga1 mozilla-thunderbird-zh_CN-10.0.10-1.mga1 mozilla-thunderbird-zh_TW-10.0.10-1.mga1 thunderbird-10.0.10-1.mga2 thunderbird-enigmail-10.0.10-1.mga2 nsinstall-10.0.10-1.mga2 thunderbird-ar-10.0.10-1.mga2 thunderbird-ast-10.0.10-1.mga2 thunderbird-be-10.0.10-1.mga2 thunderbird-bg-10.0.10-1.mga2 thunderbird-bn_BD-10.0.10-1.mga2 thunderbird-br-10.0.10-1.mga2 thunderbird-ca-10.0.10-1.mga2 thunderbird-cs-10.0.10-1.mga2 thunderbird-da-10.0.10-1.mga2 thunderbird-de-10.0.10-1.mga2 thunderbird-el-10.0.10-1.mga2 thunderbird-en_GB-10.0.10-1.mga2 thunderbird-es_AR-10.0.10-1.mga2 thunderbird-es_ES-10.0.10-1.mga2 thunderbird-et-10.0.10-1.mga2 thunderbird-eu-10.0.10-1.mga2 thunderbird-fi-10.0.10-1.mga2 thunderbird-fr-10.0.10-1.mga2 thunderbird-fy-10.0.10-1.mga2 thunderbird-ga-10.0.10-1.mga2 thunderbird-gd-10.0.10-1.mga2 thunderbird-gl-10.0.10-1.mga2 thunderbird-he-10.0.10-1.mga2 thunderbird-hu-10.0.10-1.mga2 thunderbird-id-10.0.10-1.mga2 thunderbird-is-10.0.10-1.mga2 thunderbird-it-10.0.10-1.mga2 thunderbird-ja-10.0.10-1.mga2 thunderbird-ko-10.0.10-1.mga2 thunderbird-lt-10.0.10-1.mga2 thunderbird-nb_NO-10.0.10-1.mga2 thunderbird-nl-10.0.10-1.mga2 thunderbird-nn_NO-10.0.10-1.mga2 thunderbird-pl-10.0.10-1.mga2 thunderbird-pa_IN-10.0.10-1.mga2 thunderbird-pt_BR-10.0.10-1.mga2 thunderbird-pt_PT-10.0.10-1.mga2 thunderbird-ro-10.0.10-1.mga2 thunderbird-ru-10.0.10-1.mga2 thunderbird-si-10.0.10-1.mga2 thunderbird-sk-10.0.10-1.mga2 thunderbird-sl-10.0.10-1.mga2 thunderbird-sq-10.0.10-1.mga2 thunderbird-sv_SE-10.0.10-1.mga2 thunderbird-ta_LK-10.0.10-1.mga2 thunderbird-tr-10.0.10-1.mga2 thunderbird-uk-10.0.10-1.mga2 thunderbird-vi-10.0.10-1.mga2 thunderbird-zh_CN-10.0.10-1.mga2 thunderbird-zh_TW-10.0.10-1.mga2 from SRPMS: mozilla-thunderbird-10.0.10-1.mga1.src.rpm mozilla-thunderbird-l10n-10.0.10-1.mga1.src.rpm thunderbird-10.0.10-1.mga2.src.rpm thunderbird-l10n-10.0.10-1.mga2.src.rpm
Whiteboard: (none) => MGA1TOO
Adding Funda in CC as he uploaded these packages.
CC: (none) => fundawang
works fine on mga1 x86_64
Hardware: i586 => All
works fine here also, and calendar and enigmail work too. no regressions in my extensions. MGA2, x86_64 Simon/Lemonzest
CC: (none) => lemonzest
Tested completed for mga2, 32-bits and it works.
CC: (none) => tolhildan_123
Whiteboard: MGA1TOO => MGA1TOO MGA2-32-OK MGA2-64-OK MGA1-64-OK
Testing complete on Mageia 1 i586. Testing used pop3, nntp, enigmail, and lightning. Could someone from the sysadmin team push the srpms thunderbird-10.0.10-1.mga2.src.rpm thunderbird-l10n-10.0.10-1.mga2.src.rpm from Mageia 2 Core Updates Testing to Core Updates nd the srpms mozilla-thunderbird-10.0.10-1.mga1.src.rpm mozilla-thunderbird-l10n-10.0.10-1.mga1.src.rpm from Mageia 1 Core Updates Testing to Core Updates. Advisory: Updated mozilla-thunderbird packages fix security vulnerabilities: Multiple flaws were found in the location object implementation in Firefox. Malicious content could be used to perform cross-site scripting attacks, bypass the same-origin policy, or cause Firefox to execute arbitrary code (CVE-2012-4194, CVE-2012-4195, CVE-2012-4196). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4194 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4196 http://www.mozilla.org/security/announce/2012/mfsa2012-90.html https://rhn.redhat.com/errata/RHSA-2012-1407.html https://bugs.mageia.org/show_bug.cgi?id=7915
Keywords: (none) => validated_updateCC: (none) => davidwhodgins, sysadmin-bugsWhiteboard: MGA1TOO MGA2-32-OK MGA2-64-OK MGA1-64-OK => MGA1TOO MGA2-32-OK MGA2-64-OK MGA1-64-OK MGA1-32-OK
Update pushed: https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0312
Status: NEW => RESOLVEDCC: (none) => tmbResolution: (none) => FIXED