Hello community,
here is the log from the commit of package MozillaThunderbird for
openSUSE:Factory checked in at 2016-03-20 11:48:33
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/MozillaThunderbird (Old)
and /work/SRC/openSUSE:Factory/.MozillaThunderbird.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "MozillaThunderbird"
Changes:
--------
--- /work/SRC/openSUSE:Factory/MozillaThunderbird/MozillaThunderbird.changes
2016-03-02 14:20:54.000000000 +0100
+++
/work/SRC/openSUSE:Factory/.MozillaThunderbird.new/MozillaThunderbird.changes
2016-03-20 11:48:35.000000000 +0100
@@ -1,0 +2,40 @@
+Fri Mar 11 12:57:25 UTC 2016 - [email protected]
+
+- update to Thunderbird 38.7.0 (boo#969894)
+ * MFSA 2015-81/CVE-2015-4477 (bmo#1179484)
+ Use-after-free in MediaStream playback
+ * MFSA 2015-136/CVE-2015-7207 (bmo#1185256)
+ Same-origin policy violation using performance.getEntries and
+ history navigation
+ * MFSA 2016-16/CVE-2016-1952
+ Miscellaneous memory safety hazards
+ * MFSA 2016-17/CVE-2016-1954 (bmo#1243178)
+ Local file overwriting and potential privilege escalation through
+ CSP reports
+ * MFSA 2016-20/CVE-2016-1957 (bmo#1227052)
+ Memory leak in libstagefright when deleting an array during MP4
+ processing
+ * MFSA 2016-21/CVE-2016-1958 (bmo#1228754)
+ Displayed page address can be overridden
+ * MFSA 2016-23/CVE-2016-1960/ZDI-CAN-3545 (bmo#1246014)
+ Use-after-free in HTML5 string parser
+ * MFSA 2016-24/CVE-2016-1961/ZDI-CAN-3574 (bmo#1249377)
+ Use-after-free in SetBody
+ * MFSA 2016-25/CVE-2016-1962 (bmo#1240760)
+ Use-after-free when using multiple WebRTC data channels
+ * MFSA 2016-27/CVE-2016-1964 (bmo#1243335)
+ Use-after-free during XML transformations
+ * MFSA 2016-28/CVE-2016-1965 (bmo#1245264)
+ Addressbar spoofing though history navigation and Location protocol
+ property
+ * MFSA 2016-31/CVE-2016-1966 (bmo#1246054)
+ Memory corruption with malicious NPAPI plugin
+ * MFSA 2016-34/CVE-2016-1974 (bmo#1228103)
+ Out-of-bounds read in HTML parser following a failed allocation
+ * MFSA 2016-37/CVE-2016-1977/CVE-2016-2790/CVE-2016-2791/
+ CVE-2016-2792/CVE-2016-2793/CVE-2016-2794/CVE-2016-2795/
+ CVE-2016-2796/CVE-2016-2797/CVE-2016-2798/CVE-2016-2799/
+ CVE-2016-2800/CVE-2016-2801/CVE-2016-2802
+ Font vulnerabilities in the Graphite 2 library
+
+-------------------------------------------------------------------
Old:
----
l10n-38.6.0.tar.xz
thunderbird-38.6.0-source.tar.xz
New:
----
l10n-38.7.0.tar.xz
thunderbird-38.7.0-source.tar.xz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ MozillaThunderbird.spec ++++++
--- /var/tmp/diff_new_pack.b4pABH/_old 2016-03-20 11:48:46.000000000 +0100
+++ /var/tmp/diff_new_pack.b4pABH/_new 2016-03-20 11:48:46.000000000 +0100
@@ -2,7 +2,7 @@
# spec file for package MozillaThunderbird
#
# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
-# 2006-2015 Wolfgang Rosenauer <[email protected]>
+# 2006-2016 Wolfgang Rosenauer <[email protected]>
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -17,7 +17,7 @@
#
-%define mainversion 38.6.0
+%define mainversion 38.7.0
%define update_channel release
%if %suse_version > 1210
@@ -75,7 +75,7 @@
%endif
Version: %{mainversion}
Release: 0
-%define releasedate 2016021200
+%define releasedate 2016031000
Provides: thunderbird = %{version}
Provides: appdata()
Provides: appdata(thunderbird.appdata.xml)
++++++ compare-locales.tar.xz ++++++
++++++ create-tar.sh ++++++
--- /var/tmp/diff_new_pack.b4pABH/_old 2016-03-20 11:48:46.000000000 +0100
+++ /var/tmp/diff_new_pack.b4pABH/_new 2016-03-20 11:48:46.000000000 +0100
@@ -2,8 +2,8 @@
CHANNEL="esr38"
BRANCH="releases/comm-$CHANNEL"
-RELEASE_TAG="THUNDERBIRD_38_6_0_RELEASE"
-VERSION="38.6.0"
+RELEASE_TAG="THUNDERBIRD_38_7_0_RELEASE"
+VERSION="38.7.0"
echo "cloning $BRANCH..."
hg clone http://hg.mozilla.org/$BRANCH thunderbird
++++++ l10n-38.6.0.tar.xz -> l10n-38.7.0.tar.xz ++++++
/work/SRC/openSUSE:Factory/MozillaThunderbird/l10n-38.6.0.tar.xz
/work/SRC/openSUSE:Factory/.MozillaThunderbird.new/l10n-38.7.0.tar.xz differ:
char 26, line 1
++++++ thunderbird-38.6.0-source.tar.xz -> thunderbird-38.7.0-source.tar.xz
++++++
/work/SRC/openSUSE:Factory/MozillaThunderbird/thunderbird-38.6.0-source.tar.xz
/work/SRC/openSUSE:Factory/.MozillaThunderbird.new/thunderbird-38.7.0-source.tar.xz
differ: char 26, line 1
