icedove - several vulnerabilities

Several remote vulnerabilities have been discovered in the Icedove
mail client, an unbranded version of the Thunderbird mail client. The
Common Vulnerabilities and Exposures project identifies the following
problems:

• CVE-2009-0040
  The execution of arbitrary code might be possible via a crafted PNG file
  that triggers a free of an uninitialized pointer in (1) the png_read_png
  function, (2) pCAL chunk handling, or (3) setup of 16-bit gamma tables.
  (MFSA 2009-10)
• CVE-2009-0352
  It is possible to execute arbitrary code via vectors related to the
  layout engine. (MFSA 2009-01)
• CVE-2009-0353
  It is possible to execute arbitrary code via vectors related to the
  JavaScript engine. (MFSA 2009-01)
• CVE-2009-0652
  Bjoern Hoehrmann and Moxie Marlinspike discovered a possible spoofing
  attack via Unicode box drawing characters in internationalized domain
  names. (MFSA 2009-15)
• CVE-2009-0771
  Memory corruption and assertion failures have been discovered in the
  layout engine, leading to the possible execution of arbitrary code.
  (MFSA 2009-07)
• CVE-2009-0772
  The layout engine allows the execution of arbitrary code in vectors
  related to nsCSSStyleSheet::GetOwnerNode, events, and garbage
  collection. (MFSA 2009-07)
• CVE-2009-0773
  The JavaScript engine is prone to the execution of arbitrary code via
  several vectors. (MFSA 2009-07)
• CVE-2009-0774
  The layout engine allows the execution of arbitrary code via vectors
  related to gczeal. (MFSA 2009-07)
• CVE-2009-0776
  Georgi Guninski discovered that it is possible to obtain xml data via
  an issue related to the nsIRDFService. (MFSA 2009-09)
• CVE-2009-1302
  The browser engine is prone to a possible memory corruption via several
  vectors. (MFSA 2009-14)
• CVE-2009-1303
  The browser engine is prone to a possible memory corruption via the
  nsSVGElement::BindToTree function. (MFSA 2009-14)
• CVE-2009-1307
  Gregory Fleischer discovered that it is possible to bypass the Same
  Origin Policy when opening a Flash file via the view-source: scheme.
  (MFSA 2009-17)
• CVE-2009-1832
  The possible arbitrary execution of code was discovered via vectors
  involving “double frame construction.” (MFSA 2009-24)
• CVE-2009-1392
  Several issues were discovered in the browser engine as used by icedove,
  which could lead to the possible execution of arbitrary code.
  (MFSA 2009-24)
• CVE-2009-1836
  Shuo Chen, Ziqing Mao, Yi-Min Wang and Ming Zhang reported a potential
  man-in-the-middle attack, when using a proxy due to insufficient checks
  on a certain proxy response. (MFSA 2009-27)
• CVE-2009-1838
  moz_bug_r_a4 discovered that it is possible to execute arbitrary
  JavaScript with chrome privileges due to an error in the
  garbage collection implementation. (MFSA 2009-29)
• CVE-2009-1841
  moz_bug_r_a4 reported that it is possible for scripts from page content
  to run with elevated privileges and thus potentially executing arbitrary
  code with the object’s chrome privileges. (MFSA 2009-32)
• No CVE id yet

Bernd Jendrissek discovered a potentially exploitable crash when viewing
a multipart/alternative mail message with a text/enhanced part.
(MFSA 2009-33)

For the stable distribution (lenny), these problems have been fixed in
version 2.0.0.22-0lenny1.

As indicated in the Etch release notes, security support for the
Mozilla products in the oldstable distribution needed to be stopped
before the end of the regular Etch security maintenance life cycle.
You are strongly encouraged to upgrade to stable or switch to a still
supported mail client.

For the testing (squeeze) distribution these problems will be fixed soon.

For the unstable distribution (sid), these problems have been fixed in
version 2.0.0.22-1.

We recommend that you upgrade your icedove packages.