Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaThunderbird for
openSUSE:Factory checked in at 2022-06-30 13:17:57
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/MozillaThunderbird (Old)
and /work/SRC/openSUSE:Factory/.MozillaThunderbird.new.1548 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "MozillaThunderbird"
Thu Jun 30 13:17:57 2022 rev:282 rq:985736 version:91.11.0
Changes:
--------
--- /work/SRC/openSUSE:Factory/MozillaThunderbird/MozillaThunderbird.changes
2022-06-01 17:34:43.690745492 +0200
+++
/work/SRC/openSUSE:Factory/.MozillaThunderbird.new.1548/MozillaThunderbird.changes
2022-06-30 13:18:00.345517341 +0200
@@ -1,0 +2,32 @@
+Sun Jun 26 08:53:26 UTC 2022 - Wolfgang Rosenauer <w...@rosenauer.org>
+
+- Mozilla Thunderbird 91.11.0
+ * CLIENTID fix for bmo#1759197 in Thunderbird 91.8.1 did not work
+ additional fix applied
+ * "Save-As" attachment dialog did not have filename pre-populated
+ MFSA 2022-26 (bsc#1200793)
+ * CVE-2022-34479 (bmo#1745595)
+ A popup window could be resized in a way to overlay the
+ address bar with web content
+ * CVE-2022-34470 (bmo#1765951)
+ Use-after-free in nsSHistory
+ * CVE-2022-34468 (bmo#1768537)
+ CSP sandbox header without `allow-scripts` can be bypassed
+ via retargeted javascript: URI
+ * CVE-2022-2226 (bmo#1775441)
+ An email with a mismatching OpenPGP signature date was
+ accepted as valid
+ * CVE-2022-34481 (bmo#1497246)
+ Potential integer overflow in ReplaceElementsAt
+ * CVE-2022-31744 (bmo#1757604)
+ CSP bypass enabling stylesheet injection
+ * CVE-2022-34472 (bmo#1770123)
+ Unavailable PAC file resulted in OCSP requests being blocked
+ * CVE-2022-34478 (bmo#1773717)
+ Microsoft protocols can be attacked if a user accepts a prompt
+ * CVE-2022-2200 (bmo#1771381)
+ Undesired attributes could be set as part of prototype pollution
+ * CVE-2022-34484 (bmo#1763634, bmo#1772651)
+ Memory safety bugs fixed in Thunderbird 91.11 and Thunderbird 102
+
+-------------------------------------------------------------------
Old:
----
l10n-91.10.0.tar.xz
thunderbird-91.10.0.source.tar.xz
thunderbird-91.10.0.source.tar.xz.asc
New:
----
l10n-91.11.0.tar.xz
thunderbird-91.11.0.source.tar.xz
thunderbird-91.11.0.source.tar.xz.asc
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ MozillaThunderbird.spec ++++++
--- /var/tmp/diff_new_pack.PvrHMd/_old 2022-06-30 13:18:07.565522754 +0200
+++ /var/tmp/diff_new_pack.PvrHMd/_new 2022-06-30 13:18:07.569522758 +0200
@@ -29,8 +29,8 @@
# major 69
# mainver %major.99
%define major 91
-%define mainver %major.10.0
-%define orig_version 91.10.0
+%define mainver %major.11.0
+%define orig_version 91.11.0
%define orig_suffix %{nil}
%define update_channel release
%define source_prefix thunderbird-%{orig_version}
++++++ l10n-91.10.0.tar.xz -> l10n-91.11.0.tar.xz ++++++
++++++ tar_stamps ++++++
--- /var/tmp/diff_new_pack.PvrHMd/_old 2022-06-30 13:18:07.789522922 +0200
+++ /var/tmp/diff_new_pack.PvrHMd/_new 2022-06-30 13:18:07.793522926 +0200
@@ -1,11 +1,11 @@
PRODUCT="thunderbird"
CHANNEL="esr91"
-VERSION="91.10.0"
+VERSION="91.11.0"
VERSION_SUFFIX=""
-PREV_VERSION="91.9.1"
+PREV_VERSION="91.10.0"
PREV_VERSION_SUFFIX=""
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
RELEASE_REPO="https://hg.mozilla.org/releases/comm-esr91";
-RELEASE_TAG="a52d41376d0374e23a0848e42a21454150c4d6a2"
-RELEASE_TIMESTAMP="20220520005021"
+RELEASE_TAG="da48e7ecf800ec7761a3b6e0ca81e0c90adc30f7"
+RELEASE_TIMESTAMP="20220628000715"
++++++ thunderbird-91.10.0.source.tar.xz -> thunderbird-91.11.0.source.tar.xz
++++++
/work/SRC/openSUSE:Factory/MozillaThunderbird/thunderbird-91.10.0.source.tar.xz
/work/SRC/openSUSE:Factory/.MozillaThunderbird.new.1548/thunderbird-91.11.0.source.tar.xz
differ: char 15, line 1
