---
- branch: MAIN
  date: Fri Jun  1 19:49:40 UTC 2018
  files:
  - new: '1.210'
    old: '1.209'
    path: pkgsrc/mail/thunderbird/Makefile
    pathrev: pkgsrc/mail/thunderbird/Makefile@1.210
    type: modified
  - new: '1.200'
    old: '1.199'
    path: pkgsrc/mail/thunderbird/distinfo
    pathrev: pkgsrc/mail/thunderbird/distinfo@1.200
    type: modified
  id: 20180601T194940Z.54c02d7b35d444b54f8be16d03ce9f5fc926d42a
  log: |
    Update to 52.8.0

    Changelog:
    #CVE-2018-5183: Backport critical security fixes in Skia
    #CVE-2018-5184: Full plaintext recovery in S/MIME via chosen-ciphertext attack
    #CVE-2018-5154: Use-after-free with SVG animations and clip paths
    #CVE-2018-5155: Use-after-free with SVG animations and text paths
    #CVE-2018-5159: Integer overflow and out-of-bounds write in Skia
    #CVE-2018-5161: Hang via malformed headers
    #CVE-2018-5162: Encrypted mail leaks plaintext through src attribute
    #CVE-2018-5170: Filename spoofing for external attachments
    #CVE-2018-5168: Lightweight themes can be installed without user interaction
    #CVE-2018-5174: Windows Defender SmartScreen UI runs with less secure behavior
     for downloaded files in Windows 10 April 2018 Update
    #CVE-2018-5178: Buffer overflow during UTF-8 to Unicode string conversion
     through legacy extension
    #CVE-2018-5185: Leaking plaintext through HTML forms
    #CVE-2018-5150: Memory safety bugs fixed in Firefox 60, Firefox ESR 52.8,
     and Thunderbird 52.8
  module: pkgsrc
  subject: 'CVS commit: pkgsrc/mail/thunderbird'
  unixtime: '1527882580'
  user: ryoon