Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package MozillaThunderbird for openSUSE:Factory checked in at 2023-02-02 18:07:12 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/MozillaThunderbird (Old) and /work/SRC/openSUSE:Factory/.MozillaThunderbird.new.32243 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "MozillaThunderbird" Thu Feb 2 18:07:12 2023 rev:302 rq:1062396 version:102.7.1 Changes: -------- --- /work/SRC/openSUSE:Factory/MozillaThunderbird/MozillaThunderbird.changes 2022-12-23 10:21:00.511311268 +0100 +++ /work/SRC/openSUSE:Factory/.MozillaThunderbird.new.32243/MozillaThunderbird.changes 2023-02-02 18:21:43.981027218 +0100 @@ -1,0 +2,38 @@ +Tue Jan 31 21:48:13 UTC 2023 - Wolfgang Rosenauer <[email protected]> + +- Mozilla Thunderbird 102.7.1 + * Microsoft Office 365 accounts were unable to authenticate + * https://www.thunderbird.net/en-US/thunderbird/102.7.1/releasenotes/ + MFSA 2023-04 + * CVE-2023-0430 (bmo#1769000) + Revocation status of S/Mime signature certificates was not checked +- update create-tar.sh + +------------------------------------------------------------------- +Tue Jan 17 13:27:01 UTC 2023 - Wolfgang Rosenauer <[email protected]> + +- Mozilla Thunderbird 102.7.0 + https://www.thunderbird.net/en-US/thunderbird/102.7.0/releasenotes/ + MFSA 2023-03 (bsc#1207119) + * CVE-2022-46871 (bmo#1795697) + libusrsctp library out of date + * CVE-2023-23598 (bmo#1800425) + Arbitrary file read from GTK drag and drop on Linux + * CVE-2023-23599 (bmo#1777800) + Malicious command could be hidden in devtools output on + Windows + * CVE-2023-23601 (bmo#1794268) + URL being dragged from cross-origin iframe into same tab + triggers navigation + * CVE-2023-23602 (bmo#1800890) + Content Security Policy wasn't being correctly applied to + WebSockets in WebWorkers + * CVE-2022-46877 (bmo#1795139) + Fullscreen notification bypass + * CVE-2023-23603 (bmo#1800832) + Calls to <code>console.log</code> allowed bypasing Content + Security Policy via format directive + * CVE-2023-23605 (bmo#1764921, bmo#1802690, bmo#1806974) + Memory safety bugs fixed in Thunderbird 102.7 + +------------------------------------------------------------------- Old: ---- l10n-102.6.1.tar.xz thunderbird-102.6.1.source.tar.xz thunderbird-102.6.1.source.tar.xz.asc New: ---- l10n-102.7.1.tar.xz thunderbird-102.7.1.source.tar.xz thunderbird-102.7.1.source.tar.xz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ MozillaThunderbird.spec ++++++ --- /var/tmp/diff_new_pack.nyCHDl/_old 2023-02-02 18:21:54.373090985 +0100 +++ /var/tmp/diff_new_pack.nyCHDl/_new 2023-02-02 18:21:54.417091255 +0100 @@ -1,8 +1,8 @@ # # spec file # -# Copyright (c) 2022 SUSE LLC -# 2006-2022 Wolfgang Rosenauer <[email protected]> +# Copyright (c) 2023 SUSE LLC +# 2006-2023 Wolfgang Rosenauer <[email protected]> # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -29,8 +29,8 @@ # major 69 # mainver %major.99 %define major 102 -%define mainver %major.6.1 -%define orig_version 102.6.1 +%define mainver %major.7.1 +%define orig_version 102.7.1 %define orig_suffix %{nil} %define update_channel release %define source_prefix thunderbird-%{orig_version} @@ -180,7 +180,7 @@ Source7: l10n-%{orig_version}%{orig_suffix}.tar.xz Source9: thunderbird.appdata.xml Source13: spellcheck.js -Source14: https://github.com/openSUSE/firefox-scripts/raw/4503820/create-tar.sh +Source14: https://github.com/openSUSE/firefox-scripts/raw/f4363ab1d76e173666e56408d44fe00af16ddbd8/create-tar.sh Source20: https://ftp.mozilla.org/pub/%{srcname}/releases/%{version}%{orig_suffix}/source/%{srcname}-%{orig_version}%{orig_suffix}.source.tar.xz.asc Source21: https://ftp.mozilla.org/pub/%{srcname}/releases/%{version}%{orig_suffix}/KEY#/mozilla.keyring # Gecko/Toolkit ++++++ create-tar.sh ++++++ ++++ 635 lines (skipped) ++++ between /work/SRC/openSUSE:Factory/MozillaThunderbird/create-tar.sh ++++ and /work/SRC/openSUSE:Factory/.MozillaThunderbird.new.32243/create-tar.sh ++++++ l10n-102.6.1.tar.xz -> l10n-102.7.1.tar.xz ++++++ /work/SRC/openSUSE:Factory/MozillaThunderbird/l10n-102.6.1.tar.xz /work/SRC/openSUSE:Factory/.MozillaThunderbird.new.32243/l10n-102.7.1.tar.xz differ: char 26, line 1 ++++++ tar_stamps ++++++ --- /var/tmp/diff_new_pack.nyCHDl/_old 2023-02-02 18:21:55.169095869 +0100 +++ /var/tmp/diff_new_pack.nyCHDl/_new 2023-02-02 18:21:55.173095894 +0100 @@ -1,11 +1,11 @@ PRODUCT="thunderbird" CHANNEL="esr102" -VERSION="102.6.1" +VERSION="102.7.1" VERSION_SUFFIX="" -PREV_VERSION="102.6.0" +PREV_VERSION="102.7.0" PREV_VERSION_SUFFIX="" #SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation RELEASE_REPO="https://hg.mozilla.org/releases/comm-esr102"; -RELEASE_TAG="563cc2baf242975fda41000da903db513713dc65" -RELEASE_TIMESTAMP="20221208182320" +RELEASE_TAG="88d80acadbab4acb4d81cb2934caa807cd59e85a" +RELEASE_TIMESTAMP="20230123204438" ++++++ thunderbird-102.6.1.source.tar.xz -> thunderbird-102.7.1.source.tar.xz ++++++ /work/SRC/openSUSE:Factory/MozillaThunderbird/thunderbird-102.6.1.source.tar.xz /work/SRC/openSUSE:Factory/.MozillaThunderbird.new.32243/thunderbird-102.7.1.source.tar.xz differ: char 15, line 1
