commit MozillaThunderbird for openSUSE:Factory

h_root Sun, 20 Mar 2016 03:49:15 -0700

Hello community,

here is the log from the commit of package MozillaThunderbird for 
openSUSE:Factory checked in at 2016-03-20 11:48:33
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/MozillaThunderbird (Old)
 and      /work/SRC/openSUSE:Factory/.MozillaThunderbird.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "MozillaThunderbird"

Changes:
--------
--- /work/SRC/openSUSE:Factory/MozillaThunderbird/MozillaThunderbird.changes    
2016-03-02 14:20:54.000000000 +0100
+++ 
/work/SRC/openSUSE:Factory/.MozillaThunderbird.new/MozillaThunderbird.changes   
    2016-03-20 11:48:35.000000000 +0100
@@ -1,0 +2,40 @@
+Fri Mar 11 12:57:25 UTC 2016 - w...@rosenauer.org
+
+- update to Thunderbird 38.7.0 (boo#969894)
+  * MFSA 2015-81/CVE-2015-4477 (bmo#1179484)
+    Use-after-free in MediaStream playback
+  * MFSA 2015-136/CVE-2015-7207 (bmo#1185256)
+    Same-origin policy violation using performance.getEntries and
+    history navigation
+  * MFSA 2016-16/CVE-2016-1952
+    Miscellaneous memory safety hazards
+  * MFSA 2016-17/CVE-2016-1954 (bmo#1243178)
+    Local file overwriting and potential privilege escalation through
+    CSP reports
+  * MFSA 2016-20/CVE-2016-1957 (bmo#1227052)
+    Memory leak in libstagefright when deleting an array during MP4
+    processing
+  * MFSA 2016-21/CVE-2016-1958 (bmo#1228754)
+    Displayed page address can be overridden
+  * MFSA 2016-23/CVE-2016-1960/ZDI-CAN-3545 (bmo#1246014)
+    Use-after-free in HTML5 string parser
+  * MFSA 2016-24/CVE-2016-1961/ZDI-CAN-3574 (bmo#1249377)
+    Use-after-free in SetBody
+  * MFSA 2016-25/CVE-2016-1962 (bmo#1240760)
+    Use-after-free when using multiple WebRTC data channels
+  * MFSA 2016-27/CVE-2016-1964 (bmo#1243335)
+    Use-after-free during XML transformations
+  * MFSA 2016-28/CVE-2016-1965 (bmo#1245264)
+    Addressbar spoofing though history navigation and Location protocol
+    property
+  * MFSA 2016-31/CVE-2016-1966 (bmo#1246054)
+    Memory corruption with malicious NPAPI plugin
+  * MFSA 2016-34/CVE-2016-1974 (bmo#1228103)
+    Out-of-bounds read in HTML parser following a failed allocation
+  * MFSA 2016-37/CVE-2016-1977/CVE-2016-2790/CVE-2016-2791/
+    CVE-2016-2792/CVE-2016-2793/CVE-2016-2794/CVE-2016-2795/
+    CVE-2016-2796/CVE-2016-2797/CVE-2016-2798/CVE-2016-2799/
+    CVE-2016-2800/CVE-2016-2801/CVE-2016-2802
+    Font vulnerabilities in the Graphite 2 library
+
+-------------------------------------------------------------------

Old:
----
  l10n-38.6.0.tar.xz
  thunderbird-38.6.0-source.tar.xz

New:
----
  l10n-38.7.0.tar.xz
  thunderbird-38.7.0-source.tar.xz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ MozillaThunderbird.spec ++++++
--- /var/tmp/diff_new_pack.b4pABH/_old  2016-03-20 11:48:46.000000000 +0100
+++ /var/tmp/diff_new_pack.b4pABH/_new  2016-03-20 11:48:46.000000000 +0100
@@ -2,7 +2,7 @@
 # spec file for package MozillaThunderbird
 #
 # Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
-#               2006-2015 Wolfgang Rosenauer <w...@rosenauer.org>
+#               2006-2016 Wolfgang Rosenauer <w...@rosenauer.org>
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -17,7 +17,7 @@
 #
 
 
-%define mainversion 38.6.0
+%define mainversion 38.7.0
 %define update_channel release
 
 %if %suse_version > 1210
@@ -75,7 +75,7 @@
 %endif
 Version:        %{mainversion}
 Release:        0
-%define releasedate 2016021200
+%define releasedate 2016031000
 Provides:       thunderbird = %{version}
 Provides:       appdata()
 Provides:       appdata(thunderbird.appdata.xml)


++++++ compare-locales.tar.xz ++++++

++++++ create-tar.sh ++++++
--- /var/tmp/diff_new_pack.b4pABH/_old  2016-03-20 11:48:46.000000000 +0100
+++ /var/tmp/diff_new_pack.b4pABH/_new  2016-03-20 11:48:46.000000000 +0100
@@ -2,8 +2,8 @@
 
 CHANNEL="esr38"
 BRANCH="releases/comm-$CHANNEL"
-RELEASE_TAG="THUNDERBIRD_38_6_0_RELEASE"
-VERSION="38.6.0"
+RELEASE_TAG="THUNDERBIRD_38_7_0_RELEASE"
+VERSION="38.7.0"
 
 echo "cloning $BRANCH..."
 hg clone http://hg.mozilla.org/$BRANCH thunderbird

++++++ l10n-38.6.0.tar.xz -> l10n-38.7.0.tar.xz ++++++
/work/SRC/openSUSE:Factory/MozillaThunderbird/l10n-38.6.0.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaThunderbird.new/l10n-38.7.0.tar.xz differ: 
char 26, line 1

++++++ thunderbird-38.6.0-source.tar.xz -> thunderbird-38.7.0-source.tar.xz 
++++++
/work/SRC/openSUSE:Factory/MozillaThunderbird/thunderbird-38.6.0-source.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaThunderbird.new/thunderbird-38.7.0-source.tar.xz
 differ: char 26, line 1

commit MozillaThunderbird for openSUSE:Factory

Reply via email to