Jan. 11, 2020 Andrey Cherepanov 68.4.1-alt1
- New version (68.4.1).
- Fixed:
+ CVE-2019-17026 IonMonkey type confusion with StoreElementHole and FallibleStoreElement
+ CVE-2019-17015 Memory corruption in parent process during new content process initialization on Windows
+ CVE-2019-17016 Bypass of @namespace CSS sanitization during pasting
+ CVE-2019-17017 Type Confusion in XPCVariant.cpp
+ CVE-2019-17021 Heap address disclosure in parent process during content process initialization on Windows
+ CVE-2019-17022 CSS sanitization does not escape HTML tags
+ CVE-2019-17024 Memory safety bugs fixed in Thunderbird 68.4.1
- Enigmail 2.1.5.