[opensuse-commit] commit MozillaThunderbird for openSUSE:Factory

User for buildservice source handling Mon, 23 Nov 2020 01:21:14 -0800

Hello community,

here is the log from the commit of package MozillaThunderbird for 
openSUSE:Factory checked in at 2020-11-21 12:40:29
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/MozillaThunderbird (Old)
 and      /work/SRC/openSUSE:Factory/.MozillaThunderbird.new.5913 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "MozillaThunderbird"

Sat Nov 21 12:40:29 2020 rev:243 rq:849310 version:78.5.0

Changes:
--------
--- /work/SRC/openSUSE:Factory/MozillaThunderbird/MozillaThunderbird.changes    
2020-11-15 15:21:49.267158054 +0100
+++ 
/work/SRC/openSUSE:Factory/.MozillaThunderbird.new.5913/MozillaThunderbird.changes
  2020-11-23 10:20:51.096709699 +0100
@@ -1,0 +2,38 @@
+Mon Nov 16 20:13:34 UTC 2020 - Wolfgang Rosenauer <[email protected]>
+
+- Mozilla Thunderbird 78.5.0
+  MFSA 2020-52 (bsc#1178894)
+  * CVE-2020-26951 (bmo#1667113)
+    Parsing mismatches could confuse and bypass security
+    sanitizer for chrome privileged code
+  * CVE-2020-16012 (bmo#1642028)
+    Variable time processing of cross-origin images during
+    drawImage calls
+  * CVE-2020-26953 (bmo#1656741)
+    Fullscreen could be enabled without displaying the security
+    UI
+  * CVE-2020-26956 (bmo#1666300)
+    XSS through paste (manual and clipboard API)
+  * CVE-2020-26958 (bmo#1669355)
+    Requests intercepted through ServiceWorkers lacked MIME type
+    restrictions
+  * CVE-2020-26959 (bmo#1669466)
+    Use-after-free in WebRequestService
+  * CVE-2020-26960 (bmo#1670358)
+    Potential use-after-free in uses of nsTArray
+  * CVE-2020-15999 (bmo#1672223)
+    Heap buffer overflow in freetype
+  * CVE-2020-26961 (bmo#1672528)
+    DoH did not filter IPv4 mapped IP Addresses
+  * CVE-2020-26965 (bmo#1661617)
+    Software keyboards may have remembered typed passwords
+  * CVE-2020-26966 (bmo#1663571)
+    Single-word search queries were also broadcast to local
+    network
+  * CVE-2020-26968 (bmo#1551615, bmo#1607762, bmo#1656697,
+    bmo#1657739, bmo#1660236, bmo#1667912, bmo#1671479,
+    bmo#1671923)
+    Memory safety bugs fixed in Thunderbird 78.5
+- removed obsolete mozilla-rust-1.47.patch
+
+-------------------------------------------------------------------

Old:
----
  l10n-78.4.3.tar.xz
  mozilla-rust-1.47.patch
  thunderbird-78.4.3.source.tar.xz
  thunderbird-78.4.3.source.tar.xz.asc

New:
----
  l10n-78.5.0.tar.xz
  thunderbird-78.5.0.source.tar.xz
  thunderbird-78.5.0.source.tar.xz.asc

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ MozillaThunderbird.spec ++++++
--- /var/tmp/diff_new_pack.dWWeFe/_old  2020-11-23 10:21:02.028722090 +0100
+++ /var/tmp/diff_new_pack.dWWeFe/_new  2020-11-23 10:21:02.032722095 +0100
@@ -26,8 +26,8 @@
 # major 69
 # mainver %major.99
 %define major          78
-%define mainver        %major.4.3
-%define orig_version   78.4.3
+%define mainver        %major.5.0
+%define orig_version   78.5.0
 %define orig_suffix    %{nil}
 %define update_channel release
 %define source_prefix  thunderbird-%{orig_version}
@@ -202,7 +202,6 @@
 Patch25:        mozilla-bmo998749.patch
 Patch26:        mozilla-bmo1626236.patch
 Patch27:        mozilla-s390x-skia-gradient.patch
-Patch28:        mozilla-rust-1.47.patch
 %endif
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 PreReq:         coreutils fileutils textutils /bin/sh
@@ -303,7 +302,6 @@
 %patch25 -p1
 %patch26 -p1
 %patch27 -p1
-%patch28 -p1
 %endif
 
 %build

++++++ l10n-78.4.3.tar.xz -> l10n-78.5.0.tar.xz ++++++
/work/SRC/openSUSE:Factory/MozillaThunderbird/l10n-78.4.3.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaThunderbird.new.5913/l10n-78.5.0.tar.xz 
differ: char 26, line 1

++++++ tar_stamps ++++++
--- /var/tmp/diff_new_pack.dWWeFe/_old  2020-11-23 10:21:02.236722325 +0100
+++ /var/tmp/diff_new_pack.dWWeFe/_new  2020-11-23 10:21:02.236722325 +0100
@@ -1,10 +1,10 @@
 PRODUCT="thunderbird"
 CHANNEL="esr78"
-VERSION="78.4.3"
+VERSION="78.5.0"
 VERSION_SUFFIX=""
-PREV_VERSION="78.4.2"
+PREV_VERSION="78.4.3"
 PREV_VERSION_SUFFIX=""
 #SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
 RELEASE_REPO="https://hg.mozilla.org/releases/comm-esr78";
-RELEASE_TAG="6ee1d79f9e77c90f0f165b9315b5b437a220b665"
-RELEASE_TIMESTAMP="20201110184431"
+RELEASE_TAG="92abc26b9c80383e974fb0234f22e06fea793be2"
+RELEASE_TIMESTAMP="20201116161136"

++++++ thunderbird-78.4.3.source.tar.xz -> thunderbird-78.5.0.source.tar.xz 
++++++
/work/SRC/openSUSE:Factory/MozillaThunderbird/thunderbird-78.4.3.source.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaThunderbird.new.5913/thunderbird-78.5.0.source.tar.xz
 differ: char 15, line 1
_______________________________________________
openSUSE Commits mailing list -- [email protected]
To unsubscribe, email [email protected]
List Netiquette: https://en.opensuse.org/openSUSE:Mailing_list_netiquette
List Archives: 
https://lists.opensuse.org/archives/list/[email protected]

[opensuse-commit] commit MozillaThunderbird for openSUSE:Factory

Reply via email to