mozilla-thunderbird - several

The latest security updates of Mozilla Thunderbird introduced a
regression that led to a dysfunctional attachment panel which warrants
a correction to fix this issue. For reference please find below the
original advisory text:

>
> Several security related problems have been discovered in Mozilla and
> derived products such as Mozilla Thunderbird. The Common
> Vulnerabilities and Exposures project identifies the following
> vulnerabilities:
>
>
> * CVE-2006-2779
> Mozilla team members discovered several crashes during testing of
> the browser engine showing evidence of memory corruption which may
> also lead to the execution of arbitrary code. The last bit of
> this problem will be corrected with the next update. You can
> prevent any trouble by disabling Javascript. [MFSA-2006-32]
> * CVE-2006-3805
> The Javascript engine might allow remote attackers to execute
> arbitrary code. [MFSA-2006-50]
> * CVE-2006-3806
> Multiple integer overflows in the Javascript engine might allow
> remote attackers to execute arbitrary code. [MFSA-2006-50]
> * CVE-2006-3807
> Specially crafted Javascript allows remote attackers to execute
> arbitrary code. [MFSA-2006-51]
> * CVE-2006-3808
> Remote Proxy AutoConfig (PAC) servers could execute code with elevated
> privileges via a specially crafted PAC script. [MFSA-2006-52]
> * CVE-2006-3809
> Scripts with the UniversalBrowserRead privilege could gain
> UniversalXPConnect privileges and possibly execute code or obtain
> sensitive data. [MFSA-2006-53]
> * CVE-2006-3810
> A cross-site scripting vulnerability allows remote attackers to
> inject arbitrary web script or HTML. [MFSA-2006-54]
>
>
>

For the stable distribution (sarge) these problems have been fixed in
version 1.0.2-2.sarge1.0.8b.2.

For the unstable distribution (sid) these problems have been fixed in
version 1.5.0.5-1.

We recommend that you upgrade your mozilla-thunderbird package.