---
- branch: MAIN
  date: Sat Mar  3 22:20:40 UTC 2018
  files:
  - new: '1.203'
    old: '1.202'
    path: pkgsrc/mail/thunderbird/Makefile
    pathrev: pkgsrc/mail/thunderbird/Makefile@1.203
    type: modified
  - new: '1.196'
    old: '1.195'
    path: pkgsrc/mail/thunderbird/distinfo
    pathrev: pkgsrc/mail/thunderbird/distinfo@1.196
    type: modified
  id: 20180303T222040Z.2cbeac035f1c080af7451fcd9360e46a51c1a9f3
  log: |
    Update to 52.6.0

    Changelog:
        Fixed Searching message bodies of messages in local folders, including
                filter and quick filter operations, not working reliably:
                Content not found in base64-encode message parts, non-ASCII text
                not found and false positives found.
        Fixed Defective messages (without at least one expected header) not shown
                in IMAP folders but shown on mobile devices
        Fixed Calendar: Unintended task deletion if numlock is enabled
        Fixed Various security fixes

    Security fixes:
    #CVE-2018-5095: Integer overflow in Skia library during edge builder allocation
    #CVE-2018-5096: Use-after-free while editing form elements
    #CVE-2018-5097: Use-after-free when source document is manipulated during XSLT
    #CVE-2018-5098: Use-after-free while manipulating form input elements
    #CVE-2018-5099: Use-after-free with widget listener
    #CVE-2018-5102: Use-after-free in HTML media elements
    #CVE-2018-5103: Use-after-free during mouse event handling
    #CVE-2018-5104: Use-after-free during font face manipulation
    #CVE-2018-5117: URL spoofing with right-to-left text aligned left-to-right
    #CVE-2018-5089: Memory safety bugs fixed in Firefox 58, Firefox ESR 52.6,
                      and Thunderbird 52.6
  module: pkgsrc
  subject: 'CVS commit: pkgsrc/mail/thunderbird'
  unixtime: '1520115640'
  user: ryoon