Hello community,
here is the log from the commit of package MozillaThunderbird for
openSUSE:Factory checked in at 2018-01-01 22:04:06
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/MozillaThunderbird (Old)
and /work/SRC/openSUSE:Factory/.MozillaThunderbird.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "MozillaThunderbird"
Mon Jan 1 22:04:06 2018 rev:187 rq:559658 version:52.5.2
Changes:
--------
--- /work/SRC/openSUSE:Factory/MozillaThunderbird/MozillaThunderbird.changes
2017-12-12 21:20:47.560732854 +0100
+++
/work/SRC/openSUSE:Factory/.MozillaThunderbird.new/MozillaThunderbird.changes
2018-01-01 22:04:16.880020104 +0100
@@ -1,0 +2,16 @@
+Sat Dec 23 18:36:42 UTC 2017 - [email protected]
+
+- update to Thunderbird 52.5.2
+ * This releases fixes the "Mailsploit" vulnerability and other
+ vulnerabilities detected by the "Cure53" audit (MFSA 2017-30)
+ * CVE-2017-7846 (bmo#1411716, bsc#1074043)
+ JavaScript Execution via RSS in mailbox:// origin
+ * CVE-2017-7847 (bmo#1411708, bsc#1074044)
+ Local path string can be leaked from RSS feed
+ * CVE-2017-7848 (bmo#1411699, bsc#1074045)
+ RSS Feed vulnerable to new line Injection
+ * CVE-2017-7829 (bmo#1423432, bsc#1074046)
+ Mailsploit part 1: From address with encoded null character is
+ cut off in message header display
+
+-------------------------------------------------------------------
Old:
----
l10n-52.5.0.tar.xz
thunderbird-52.5.0-source.tar.xz
New:
----
l10n-52.5.2.tar.xz
thunderbird-52.5.2-source.tar.xz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ MozillaThunderbird.spec ++++++
--- /var/tmp/diff_new_pack.erMCJZ/_old 2018-01-01 22:04:34.838018904 +0100
+++ /var/tmp/diff_new_pack.erMCJZ/_new 2018-01-01 22:04:34.842017567 +0100
@@ -17,9 +17,9 @@
#
-%define mainversion 52.5.0
+%define mainversion 52.5.2
%define update_channel release
-%define releasedate 201711210000
+%define releasedate 201712220000
%bcond_without mozilla_tb_kde4
%bcond_with mozilla_tb_valgrind
++++++ compare-locales.tar.xz ++++++
++++++ create-tar.sh ++++++
--- /var/tmp/diff_new_pack.erMCJZ/_old 2018-01-01 22:04:35.005962781 +0100
+++ /var/tmp/diff_new_pack.erMCJZ/_new 2018-01-01 22:04:35.005962781 +0100
@@ -2,8 +2,8 @@
CHANNEL="esr52"
BRANCH="releases/comm-$CHANNEL"
-RELEASE_TAG="THUNDERBIRD_52_5_0_RELEASE"
-VERSION="52.5.0"
+RELEASE_TAG="THUNDERBIRD_52_5_2_RELEASE"
+VERSION="52.5.2"
echo "cloning $BRANCH..."
hg clone http://hg.mozilla.org/$BRANCH thunderbird
++++++ l10n-52.5.0.tar.xz -> l10n-52.5.2.tar.xz ++++++
/work/SRC/openSUSE:Factory/MozillaThunderbird/l10n-52.5.0.tar.xz
/work/SRC/openSUSE:Factory/.MozillaThunderbird.new/l10n-52.5.2.tar.xz differ:
char 26, line 1
++++++ thunderbird-52.5.0-source.tar.xz -> thunderbird-52.5.2-source.tar.xz
++++++
/work/SRC/openSUSE:Factory/MozillaThunderbird/thunderbird-52.5.0-source.tar.xz
/work/SRC/openSUSE:Factory/.MozillaThunderbird.new/thunderbird-52.5.2-source.tar.xz
differ: char 26, line 1
