From 0ab598f59e6fb123eba6812b0e20856a4e755fe3cf1257e969c1c8b81d96bfa0 Mon Sep 17 00:00:00 2001 From: Wolfgang Rosenauer Date: Tue, 19 Feb 2013 19:47:44 +0000 Subject: [PATCH] - update to Thunderbird 17.0.3 (bnc#804248) * MFSA 2013-21/CVE-2013-0783 Miscellaneous memory safety hazards * MFSA 2013-24/CVE-2013-0773 (bmo#809652) Web content bypass of COW and SOW security wrappers * MFSA 2013-25/CVE-2013-0774 (bmo#827193) Privacy leak in JavaScript Workers * MFSA 2013-26/CVE-2013-0775 (bmo#831095) Use-after-free in nsImageLoadingContent * MFSA 2013-27/CVE-2013-0776 (bmo#796475) Phishing on HTTPS connection through malicious proxy * MFSA 2013-28/CVE-2013-0780/CVE-2013-0782 Use-after-free, out of bounds read, and buffer overflow issues found using Address Sanitizer OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=207 --- MozillaThunderbird.changes | 18 ++++++++++++ MozillaThunderbird.spec | 12 ++++++-- _constraints | 11 +++++++ compare-locales.tar.bz2 | 4 +-- create-tar.sh | 8 +++--- enigmail-1.5.0.tar.gz | 3 -- enigmail-old-gcc.patch | 48 +++++++++++++++++++++++++++++++ l10n-17.0.2.tar.bz2 | 3 -- l10n-17.0.3.tar.bz2 | 3 ++ thunderbird-17.0.2-source.tar.bz2 | 3 -- thunderbird-17.0.3-source.tar.bz2 | 3 ++ 11 files changed, 98 insertions(+), 18 deletions(-) create mode 100644 _constraints delete mode 100644 enigmail-1.5.0.tar.gz create mode 100644 enigmail-old-gcc.patch delete mode 100644 l10n-17.0.2.tar.bz2 create mode 100644 l10n-17.0.3.tar.bz2 delete mode 100644 thunderbird-17.0.2-source.tar.bz2 create mode 100644 thunderbird-17.0.3-source.tar.bz2 diff --git a/MozillaThunderbird.changes b/MozillaThunderbird.changes index b9f79fd..49283f2 100644 --- a/MozillaThunderbird.changes +++ b/MozillaThunderbird.changes @@ -1,3 +1,21 @@ +------------------------------------------------------------------- +Sun Feb 17 12:09:06 UTC 2013 - wr@rosenauer.org + +- update to Thunderbird 17.0.3 (bnc#804248) + * MFSA 2013-21/CVE-2013-0783 + Miscellaneous memory safety hazards + * MFSA 2013-24/CVE-2013-0773 (bmo#809652) + Web content bypass of COW and SOW security wrappers + * MFSA 2013-25/CVE-2013-0774 (bmo#827193) + Privacy leak in JavaScript Workers + * MFSA 2013-26/CVE-2013-0775 (bmo#831095) + Use-after-free in nsImageLoadingContent + * MFSA 2013-27/CVE-2013-0776 (bmo#796475) + Phishing on HTTPS connection through malicious proxy + * MFSA 2013-28/CVE-2013-0780/CVE-2013-0782 + Use-after-free, out of bounds read, and buffer overflow issues + found using Address Sanitizer + ------------------------------------------------------------------- Mon Feb 11 08:25:24 UTC 2013 - wr@rosenauer.org diff --git a/MozillaThunderbird.spec b/MozillaThunderbird.spec index 2ac83b0..c252b3e 100644 --- a/MozillaThunderbird.spec +++ b/MozillaThunderbird.spec @@ -2,7 +2,7 @@ # spec file for package MozillaThunderbird # # Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany. -# 2006-2012 Wolfgang Rosenauer +# 2006-2013 Wolfgang Rosenauer # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -40,11 +40,11 @@ BuildRequires: update-desktop-files BuildRequires: xorg-x11-libXt-devel BuildRequires: yasm BuildRequires: zip -%define mainversion 17.0.2 +%define mainversion 17.0.3 %define update_channel release Version: %{mainversion} Release: 0 -%define releasedate 2013010500 +%define releasedate 2013021500 Provides: thunderbird = %{version} %if %{with_kde} # this is needed to match this package with the kde4 helper package without the main package @@ -84,6 +84,7 @@ Patch12: mozilla-gcc43-templates_instantiation.patch Patch20: tb-ssldap.patch Patch21: tb-develdirs.patch Patch22: thunderbird-shared-nss-db.patch +Patch30: enigmail-old-gcc.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build PreReq: coreutils fileutils textutils /bin/sh Recommends: libcanberra0 @@ -218,6 +219,11 @@ popd %patch20 -p1 %patch21 -p1 %patch22 -p1 +%if %suse_version < 1120 +pushd ../enigmail +%patch30 -p1 +popd +%endif %build # no need to add build time to binaries diff --git a/_constraints b/_constraints new file mode 100644 index 0000000..0e8044f --- /dev/null +++ b/_constraints @@ -0,0 +1,11 @@ + + + + + 9 + + + 2500 + + + diff --git a/compare-locales.tar.bz2 b/compare-locales.tar.bz2 index 469af9a..fef1a72 100644 --- a/compare-locales.tar.bz2 +++ b/compare-locales.tar.bz2 @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:9117dd364a0736e7c254c5d7c2b11f2fc0ad0c427f93963fce77679cd684ffbf -size 29303 +oid sha256:30e61c9b509cd8073c2d99bb2e69697aa33686da9fc373ae55bc4b16cb8f8911 +size 29935 diff --git a/create-tar.sh b/create-tar.sh index 2bf31b5..a7c3ece 100644 --- a/create-tar.sh +++ b/create-tar.sh @@ -1,9 +1,9 @@ #!/bin/bash -CHANNEL="release" +CHANNEL="esr17" BRANCH="releases/comm-$CHANNEL" -RELEASE_TAG="THUNDERBIRD_17_0_2_RELEASE" -VERSION="17.0.2" +RELEASE_TAG="THUNDERBIRD_17_0_3_RELEASE" +VERSION="17.0.3" echo "cloning $BRANCH..." hg clone http://hg.mozilla.org/$BRANCH thunderbird @@ -33,7 +33,7 @@ for locale in $(awk '{ print $1; }' $SHIPPED_LOCALES); do ;; *) echo "fetching $locale ..." - hg clone http://hg.mozilla.org/releases/l10n/mozilla-$CHANNEL/$locale l10n/$locale + hg clone http://hg.mozilla.org/releases/l10n/mozilla-release/$locale l10n/$locale hg -R l10n/$locale up -C -r $RELEASE_TAG ;; esac diff --git a/enigmail-1.5.0.tar.gz b/enigmail-1.5.0.tar.gz deleted file mode 100644 index cd665b6..0000000 --- a/enigmail-1.5.0.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:51f55573448586718c8d7e664329d519b02c4b28af4910bcb550961ace9a9e71 -size 1216071 diff --git a/enigmail-old-gcc.patch b/enigmail-old-gcc.patch new file mode 100644 index 0000000..fff31a4 --- /dev/null +++ b/enigmail-old-gcc.patch @@ -0,0 +1,48 @@ +# HG changeset patch +# Parent 354e161f21ba8fa67aa9f140c2bcdf3b1213abda +# User Wolfgang Rosenauer + +diff --git a/ipc/src/Makefile.enig b/ipc/src/Makefile.enig +--- a/ipc/src/Makefile.enig ++++ b/ipc/src/Makefile.enig +@@ -57,17 +57,17 @@ objfiles = subprocess.$(OBJ_SUFF) + libname = $(DLL_PREFIX)subprocess$(DLL_SUFFIX) + + all: libs + + libs: source + $(CC) $(LDFLAGS) -o $(libname) $(objfiles) + + source: $(source) +- $(CC) $(CFLAGS) -Wno-return-type-c-linkage -c -o $(objfiles) $^ ++ $(CC) $(CFLAGS) -c -o $(objfiles) $^ + + + clean: + rm -f $(objfiles) $(libname) + + tools: + + export: +diff --git a/ipc/src/Makefile.in b/ipc/src/Makefile.in +--- a/ipc/src/Makefile.in ++++ b/ipc/src/Makefile.in +@@ -57,17 +57,17 @@ objfiles = subprocess.$(OBJ_SUFF) + libname = $(DLL_PREFIX)subprocess$(DLL_SUFFIX) + + all: libs + + libs: source + $(CC) $(LDFLAGS) -o $(libname) $(objfiles) + + source: $(source) +- $(CC) $(CFLAGS) -Wno-return-type-c-linkage -c -o $(objfiles) $^ ++ $(CC) $(CFLAGS) -c -o $(objfiles) $^ + + + clean: + rm -f $(objfiles) $(libname) + + tools: + + export: diff --git a/l10n-17.0.2.tar.bz2 b/l10n-17.0.2.tar.bz2 deleted file mode 100644 index ea391e7..0000000 --- a/l10n-17.0.2.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:506802753d0222b6b8cd6452d030e8f27437cdd6f5e36ba7bf35fc5022db6839 -size 26332350 diff --git a/l10n-17.0.3.tar.bz2 b/l10n-17.0.3.tar.bz2 new file mode 100644 index 0000000..44a65cf --- /dev/null +++ b/l10n-17.0.3.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:4a93543f1276fb17aad7a10ddf527d4b985e26ad33cf72f9c961821bfaa9cbd7 +size 26829721 diff --git a/thunderbird-17.0.2-source.tar.bz2 b/thunderbird-17.0.2-source.tar.bz2 deleted file mode 100644 index 7af58ee..0000000 --- a/thunderbird-17.0.2-source.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:bceafae8cf69d1e1b939e213d67f0c3d7d09434dad44313775e4c6b34724927e -size 113592298 diff --git a/thunderbird-17.0.3-source.tar.bz2 b/thunderbird-17.0.3-source.tar.bz2 new file mode 100644 index 0000000..c71f50f --- /dev/null +++ b/thunderbird-17.0.3-source.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:4648bf8acdfc329c9f05f4cd1bc6b51d8371a4bbfc735141e3ca747492551c75 +size 115014459