Hello community,
here is the log from the commit of package MozillaThunderbird for
openSUSE:Factory checked in at 2018-01-30 15:36:27
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/MozillaThunderbird (Old)
and /work/SRC/openSUSE:Factory/.MozillaThunderbird.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "MozillaThunderbird"
Tue Jan 30 15:36:27 2018 rev:188 rq:569795 version:52.6
Changes:
--------
--- /work/SRC/openSUSE:Factory/MozillaThunderbird/MozillaThunderbird.changes
2018-01-01 22:04:16.880020104 +0100
+++
/work/SRC/openSUSE:Factory/.MozillaThunderbird.new/MozillaThunderbird.changes
2018-01-30 15:36:40.696245347 +0100
@@ -1,0 +2,35 @@
+Wed Jan 24 11:40:38 UTC 2018 - [email protected]
+
+- update to Thunderbird 52.6 (bsc#1077291)
+ * Searching message bodies of messages in local folders, including
+ filter and quick filter operations, not working reliably: Content
+ not found in base64-encode message parts, non-ASCII text not found
+ and false positives found.
+ * Defective messages (without at least one expected header) not shown
+ in IMAP folders but shown on mobile devices
+ * Calendar: Unintended task deletion if numlock is enabled
+ * Mozilla platform security fixes
+ MFSA 2018-04
+ * CVE-2018-5095 (bmo#1418447)
+ Integer overflow in Skia library during edge builder allocation
+ * CVE-2018-5096 (bmo#1418922)
+ Use-after-free while editing form elements
+ * CVE-2018-5097 (bmo#1387427)
+ Use-after-free when source document is manipulated during XSLT
+ * CVE-2018-5098 (bmo#1399400)
+ Use-after-free while manipulating form input elements
+ * CVE-2018-5099 (bmo#1416878)
+ Use-after-free with widget listener
+ * CVE-2018-5102 (bmo#1419363)
+ Use-after-free in HTML media elements
+ * CVE-2018-5103 (bmo#1423159)
+ Use-after-free during mouse event handling
+ * CVE-2018-5104 (bmo#1425000)
+ Use-after-free during font face manipulation
+ * CVE-2018-5117 (bmo#1395508)
+ URL spoofing with right-to-left text aligned left-to-right
+ * CVE-2018-5089
+ Memory safety bugs fixed in Firefox 58 and Firefox ESR 52.6
+- dropped obsolete mozilla-ucontext.patch
+
+-------------------------------------------------------------------
@@ -6,2 +41,6 @@
- vulnerabilities detected by the "Cure53" audit (MFSA 2017-30)
- * CVE-2017-7846 (bmo#1411716, bsc#1074043)
+ vulnerabilities detected by the "Cure53" audit
+ MFSA 2017-30
+ * CVE-2017-7845 (bmo#1402372)
+ Buffer overflow when drawing and validating elements with ANGLE
+ library using Direct 3D 9
+ * CVE-2017-7846 (bmo#1411716)
@@ -9 +48 @@
- * CVE-2017-7847 (bmo#1411708, bsc#1074044)
+ * CVE-2017-7847 (bmo#1411708)
@@ -11 +50 @@
- * CVE-2017-7848 (bmo#1411699, bsc#1074045)
+ * CVE-2017-7848 (bmo#1411699)
@@ -13 +52 @@
- * CVE-2017-7829 (bmo#1423432, bsc#1074046)
+ * CVE-2017-7829 (bmo#1423432)
Old:
----
l10n-52.5.2.tar.xz
mozilla-ucontext.patch
thunderbird-52.5.2-source.tar.xz
New:
----
l10n-52.6.tar.xz
thunderbird-52.6-source.tar.xz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ MozillaThunderbird.spec ++++++
--- /var/tmp/diff_new_pack.lmgEhm/_old 2018-01-30 15:37:20.646380119 +0100
+++ /var/tmp/diff_new_pack.lmgEhm/_new 2018-01-30 15:37:20.646380119 +0100
@@ -1,8 +1,8 @@
#
# spec file for package MozillaThunderbird
#
-# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
-# 2006-2017 Wolfgang Rosenauer <[email protected]>
+# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
+# 2006-2018 Wolfgang Rosenauer <[email protected]>
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -17,9 +17,9 @@
#
-%define mainversion 52.5.2
+%define mainversion 52.6
%define update_channel release
-%define releasedate 201712220000
+%define releasedate 201801240000
%bcond_without mozilla_tb_kde4
%bcond_with mozilla_tb_valgrind
@@ -109,7 +109,6 @@
Patch4: mozilla-develdirs.patch
Patch5: mozilla-no-stdcxx-check.patch
Patch6: mozilla-aarch64-startup-crash.patch
-Patch7: mozilla-ucontext.patch
# Thunderbird/mail
Patch20: tb-ssldap.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
@@ -203,7 +202,6 @@
%patch4 -p1
%patch5 -p1
%patch6 -p1
-%patch7 -p1
popd
# comm-central patches
%patch20 -p1
++++++ compare-locales.tar.xz ++++++
++++++ create-tar.sh ++++++
--- /var/tmp/diff_new_pack.lmgEhm/_old 2018-01-30 15:37:20.746375450 +0100
+++ /var/tmp/diff_new_pack.lmgEhm/_new 2018-01-30 15:37:20.750375263 +0100
@@ -2,8 +2,8 @@
CHANNEL="esr52"
BRANCH="releases/comm-$CHANNEL"
-RELEASE_TAG="THUNDERBIRD_52_5_2_RELEASE"
-VERSION="52.5.2"
+RELEASE_TAG="THUNDERBIRD_52_6_0_RELEASE"
+VERSION="52.6"
echo "cloning $BRANCH..."
hg clone http://hg.mozilla.org/$BRANCH thunderbird
++++++ l10n-52.5.2.tar.xz -> l10n-52.6.tar.xz ++++++
/work/SRC/openSUSE:Factory/MozillaThunderbird/l10n-52.5.2.tar.xz
/work/SRC/openSUSE:Factory/.MozillaThunderbird.new/l10n-52.6.tar.xz differ:
char 26, line 1
++++++ thunderbird-52.5.2-source.tar.xz -> thunderbird-52.6-source.tar.xz ++++++
/work/SRC/openSUSE:Factory/MozillaThunderbird/thunderbird-52.5.2-source.tar.xz
/work/SRC/openSUSE:Factory/.MozillaThunderbird.new/thunderbird-52.6-source.tar.xz
differ: char 26, line 1
