Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package MozillaThunderbird for openSUSE:Factory checked in at 2022-12-15 19:23:40 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/MozillaThunderbird (Old) and /work/SRC/openSUSE:Factory/.MozillaThunderbird.new.1835 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "MozillaThunderbird" Thu Dec 15 19:23:40 2022 rev:300 rq:1042791 version:102.6.0 Changes: -------- --- /work/SRC/openSUSE:Factory/MozillaThunderbird/MozillaThunderbird.changes 2022-12-02 13:12:53.677771816 +0100 +++ /work/SRC/openSUSE:Factory/.MozillaThunderbird.new.1835/MozillaThunderbird.changes 2022-12-15 19:23:42.063542832 +0100 @@ -1,0 +2,27 @@ +Tue Dec 13 13:49:09 UTC 2022 - Wolfgang Rosenauer <w...@rosenauer.org> + +- Mozilla Thunderbird 102.6.0 + https://www.thunderbird.net/en-US/thunderbird/102.6.0/releasenotes/ + MFSA 2022-53 (bsc#1206242) + * CVE-2022-46880 (bmo#1749292) + Use-after-free in WebGL + * CVE-2022-46872 (bmo#1799156) + Arbitrary file read from a compromised content process + * CVE-2022-46881 (bmo#1770930) + Memory corruption in WebGL + * CVE-2022-46874 (bmo#1746139) + Drag and Dropped Filenames could have been truncated to + malicious extensions + * CVE-2022-46875 (bmo#1786188) + Download Protections were bypassed by .atloc and .ftploc + files on Mac OS + * CVE-2022-46882 (bmo#1789371) + Use-after-free in WebGL + * CVE-2022-46878 (bmo#1782219, bmo#1797370, bmo#1797685, + bmo#1801102, bmo#1801315, bmo#1802395) + Memory safety bugs fixed in Thunderbird 102.6 +- removed obsolete patches + mozilla-newer-cbindgen.patch + mozilla-glibc236.patch + +------------------------------------------------------------------- Old: ---- l10n-102.5.1.tar.xz mozilla-glibc236.patch mozilla-newer-cbindgen.patch thunderbird-102.5.1.source.tar.xz thunderbird-102.5.1.source.tar.xz.asc New: ---- l10n-102.6.0.tar.xz thunderbird-102.6.0.source.tar.xz thunderbird-102.6.0.source.tar.xz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ MozillaThunderbird.spec ++++++ --- /var/tmp/diff_new_pack.bHmvIP/_old 2022-12-15 19:23:52.075599797 +0100 +++ /var/tmp/diff_new_pack.bHmvIP/_new 2022-12-15 19:23:52.083599842 +0100 @@ -29,8 +29,8 @@ # major 69 # mainver %major.99 %define major 102 -%define mainver %major.5.1 -%define orig_version 102.5.1 +%define mainver %major.6.0 +%define orig_version 102.6.0 %define orig_suffix %{nil} %define update_channel release %define source_prefix thunderbird-%{orig_version} @@ -206,8 +206,6 @@ Patch20: mozilla-bmo531915.patch Patch21: one_swizzle_to_rule_them_all.patch Patch22: svg-rendering.patch -Patch23: mozilla-newer-cbindgen.patch -Patch24: mozilla-glibc236.patch %endif BuildRoot: %{_tmppath}/%{name}-%{version}-build PreReq: /bin/sh @@ -296,8 +294,6 @@ %patch20 -p1 %patch21 -p1 %patch22 -p1 -%patch23 -p1 -%patch24 -p1 %endif %build ++++++ l10n-102.5.1.tar.xz -> l10n-102.6.0.tar.xz ++++++ ++++++ tar_stamps ++++++ --- /var/tmp/diff_new_pack.bHmvIP/_old 2022-12-15 19:23:52.403601663 +0100 +++ /var/tmp/diff_new_pack.bHmvIP/_new 2022-12-15 19:23:52.407601686 +0100 @@ -1,11 +1,11 @@ PRODUCT="thunderbird" CHANNEL="esr102" -VERSION="102.5.1" +VERSION="102.6.0" VERSION_SUFFIX="" -PREV_VERSION="102.5.0" +PREV_VERSION="102.5.1" PREV_VERSION_SUFFIX="" #SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation RELEASE_REPO="https://hg.mozilla.org/releases/comm-esr102"; -RELEASE_TAG="bbf216e50e6a8cb4362b2b77feeb8ca4a1d78914" -RELEASE_TIMESTAMP="20221129154640" +RELEASE_TAG="563cc2baf242975fda41000da903db513713dc65" +RELEASE_TIMESTAMP="20221208182320" ++++++ thunderbird-102.5.1.source.tar.xz -> thunderbird-102.6.0.source.tar.xz ++++++ /work/SRC/openSUSE:Factory/MozillaThunderbird/thunderbird-102.5.1.source.tar.xz /work/SRC/openSUSE:Factory/.MozillaThunderbird.new.1835/thunderbird-102.6.0.source.tar.xz differ: char 15, line 1
