Hello community,
here is the log from the commit of package MozillaThunderbird for
openSUSE:Factory checked in at 2015-08-21 07:39:41
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/MozillaThunderbird (Old)
and /work/SRC/openSUSE:Factory/.MozillaThunderbird.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "MozillaThunderbird"
Changes:
--------
--- /work/SRC/openSUSE:Factory/MozillaThunderbird/MozillaThunderbird.changes
2015-07-16 17:16:35.000000000 +0200
+++
/work/SRC/openSUSE:Factory/.MozillaThunderbird.new/MozillaThunderbird.changes
2015-08-21 07:40:05.000000000 +0200
@@ -1,0 +2,30 @@
+Sat Aug 15 11:41:30 UTC 2015 - [email protected]
+
+- update to Thunderbird 38.2.0 (bnc#940806)
+ * MFSA 2015-79/CVE-2015-4473
+ Miscellaneous memory safety hazards
+ * MFSA 2015-80/CVE-2015-4475 (bmo#1175396)
+ Out-of-bounds read with malformed MP3 file
+ * MFSA 2015-82/CVE-2015-4478 (bmo#1105914)
+ Redefinition of non-configurable JavaScript object properties
+ * MFSA 2015-83/CVE-2015-4479/CVE-2015-4480/CVE-2015-4493
+ Overflow issues in libstagefright
+ * MFSA 2015-84/CVE-2015-4481 (bmo1171518)
+ Arbitrary file overwriting through Mozilla Maintenance Service
+ with hard links (only affected Windows)
+ * MFSA 2015-85/CVE-2015-4482 (bmo#1184500)
+ Out-of-bounds write with Updater and malicious MAR file
+ (does not affect openSUSE RPM packages which do not ship the
+ updater)
+ * MFSA 2015-87/CVE-2015-4484 (bmo#1171540)
+ Crash when using shared memory in JavaScript
+ * MFSA 2015-88/CVE-2015-4491 (bmo#1184009)
+ Heap overflow in gdk-pixbuf when scaling bitmap images
+ * MFSA 2015-89/CVE-2015-4485/CVE-2015-4486 (bmo#1177948, bmo#1178148)
+ Buffer overflows on Libvpx when decoding WebM video
+ * MFSA 2015-90/CVE-2015-4487/CVE-2015-4488/CVE-2015-4489
+ Vulnerabilities found through code inspection
+ * MFSA 2015-92/CVE-2015-4492 (bmo#1185820)
+ Use-after-free in XMLHttpRequest with shared workers
+
+-------------------------------------------------------------------
Old:
----
l10n-38.1.0.tar.xz
thunderbird-38.1.0-source.tar.xz
New:
----
l10n-38.2.0.tar.xz
thunderbird-38.2.0-source.tar.xz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ MozillaThunderbird.spec ++++++
--- /var/tmp/diff_new_pack.VNm4N1/_old 2015-08-21 07:40:28.000000000 +0200
+++ /var/tmp/diff_new_pack.VNm4N1/_new 2015-08-21 07:40:28.000000000 +0200
@@ -17,7 +17,7 @@
#
-%define mainversion 38.1.0
+%define mainversion 38.2.0
%define update_channel release
%if %suse_version > 1210
@@ -69,7 +69,7 @@
%endif
Version: %{mainversion}
Release: 0
-%define releasedate 2015070700
+%define releasedate 2015081400
Provides: thunderbird = %{version}
%if %{with_kde}
# this is needed to match this package with the kde4 helper package without
the main package
++++++ compare-locales.tar.xz ++++++
++++++ create-tar.sh ++++++
--- /var/tmp/diff_new_pack.VNm4N1/_old 2015-08-21 07:40:28.000000000 +0200
+++ /var/tmp/diff_new_pack.VNm4N1/_new 2015-08-21 07:40:28.000000000 +0200
@@ -2,8 +2,8 @@
CHANNEL="esr38"
BRANCH="releases/comm-$CHANNEL"
-RELEASE_TAG="THUNDERBIRD_38_1_0_RELEASE"
-VERSION="38.1.0"
+RELEASE_TAG="THUNDERBIRD_38_2_0_RELEASE"
+VERSION="38.2.0"
echo "cloning $BRANCH..."
hg clone http://hg.mozilla.org/$BRANCH thunderbird
++++++ l10n-38.1.0.tar.xz -> l10n-38.2.0.tar.xz ++++++
/work/SRC/openSUSE:Factory/MozillaThunderbird/l10n-38.1.0.tar.xz
/work/SRC/openSUSE:Factory/.MozillaThunderbird.new/l10n-38.2.0.tar.xz differ:
char 26, line 1
++++++ thunderbird-38.1.0-source.tar.xz -> thunderbird-38.2.0-source.tar.xz
++++++
/work/SRC/openSUSE:Factory/MozillaThunderbird/thunderbird-38.1.0-source.tar.xz
/work/SRC/openSUSE:Factory/.MozillaThunderbird.new/thunderbird-38.2.0-source.tar.xz
differ: char 26, line 1
