From a542d644fe0857d192f73470945dc356426017e4445fd273f8d6a1637f63222e Mon Sep 17 00:00:00 2001
From: Wolfgang Rosenauer <wolfgang@rosenauer.org>
Date: Sat, 23 Dec 2017 20:06:58 +0000
Subject: [PATCH 1/2] - update to Thunderbird 52.5.2   * This releases fixes
 the "Mailsploit" vulnerability and other     vulnerabilities detected by the
 "Cure53" audit   MFSA 2017-30   * CVE-2017-7845 (bmo#1402372)     Buffer
 overflow when drawing and validating elements with ANGLE     library using
 Direct 3D 9   * CVE-2017-7846 (bmo#1411716)     JavaScript Execution via RSS
 in mailbox:// origin   * CVE-2017-7847 (bmo#1411708)     Local path string
 can be leaked from RSS feed   * CVE-2017-7848 (bmo#1411699)     RSS Feed
 vulnerable to new line Injection   * CVE-2017-7829 (bmo#1423432)    
 Mailsploit part 1: From address with encoded null character is     cut off in
 message header display

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=394
---
 MozillaThunderbird.changes       | 20 ++++++++++++++++++++
 MozillaThunderbird.spec          |  4 ++--
 compare-locales.tar.xz           |  4 ++--
 create-tar.sh                    |  4 ++--
 l10n-52.5.0.tar.xz               |  3 ---
 l10n-52.5.2.tar.xz               |  3 +++
 thunderbird-52.5.0-source.tar.xz |  3 ---
 thunderbird-52.5.2-source.tar.xz |  3 +++
 8 files changed, 32 insertions(+), 12 deletions(-)
 delete mode 100644 l10n-52.5.0.tar.xz
 create mode 100644 l10n-52.5.2.tar.xz
 delete mode 100644 thunderbird-52.5.0-source.tar.xz
 create mode 100644 thunderbird-52.5.2-source.tar.xz

diff --git a/MozillaThunderbird.changes b/MozillaThunderbird.changes
index b0cf029..f1ced62 100644
--- a/MozillaThunderbird.changes
+++ b/MozillaThunderbird.changes
@@ -1,3 +1,23 @@
+-------------------------------------------------------------------
+Sat Dec 23 18:36:42 UTC 2017 - wr@rosenauer.org
+
+- update to Thunderbird 52.5.2
+  * This releases fixes the "Mailsploit" vulnerability and other
+    vulnerabilities detected by the "Cure53" audit
+  MFSA 2017-30
+  * CVE-2017-7845 (bmo#1402372)
+    Buffer overflow when drawing and validating elements with ANGLE
+    library using Direct 3D 9
+  * CVE-2017-7846 (bmo#1411716)
+    JavaScript Execution via RSS in mailbox:// origin
+  * CVE-2017-7847 (bmo#1411708)
+    Local path string can be leaked from RSS feed
+  * CVE-2017-7848 (bmo#1411699)
+    RSS Feed vulnerable to new line Injection
+  * CVE-2017-7829 (bmo#1423432)
+    Mailsploit part 1: From address with encoded null character is
+    cut off in message header display
+
 -------------------------------------------------------------------
 Fri Dec  8 15:53:30 UTC 2017 - dimstar@opensuse.org
 
diff --git a/MozillaThunderbird.spec b/MozillaThunderbird.spec
index b4b0aba..fb2dd03 100644
--- a/MozillaThunderbird.spec
+++ b/MozillaThunderbird.spec
@@ -17,9 +17,9 @@
 #
 
 
-%define mainversion 52.5.0
+%define mainversion 52.5.2
 %define update_channel release
-%define releasedate 201711210000
+%define releasedate 201712220000
 
 %bcond_without mozilla_tb_kde4
 %bcond_with    mozilla_tb_valgrind
diff --git a/compare-locales.tar.xz b/compare-locales.tar.xz
index 16a6195..11a1e01 100644
--- a/compare-locales.tar.xz
+++ b/compare-locales.tar.xz
@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:1b49c2014db3bd6fc015c950f5f1b7dba25e99d89ac7646658514f6129976ae6
-size 28388
+oid sha256:a2b34b61f64bf1c9715f218b9dab90fb95eb15c9e29cc3195ac9a2546666ec36
+size 28376
diff --git a/create-tar.sh b/create-tar.sh
index e71401f..e8310ba 100644
--- a/create-tar.sh
+++ b/create-tar.sh
@@ -2,8 +2,8 @@
 
 CHANNEL="esr52"
 BRANCH="releases/comm-$CHANNEL"
-RELEASE_TAG="THUNDERBIRD_52_5_0_RELEASE"
-VERSION="52.5.0"
+RELEASE_TAG="THUNDERBIRD_52_5_2_RELEASE"
+VERSION="52.5.2"
 
 echo "cloning $BRANCH..."
 hg clone http://hg.mozilla.org/$BRANCH thunderbird
diff --git a/l10n-52.5.0.tar.xz b/l10n-52.5.0.tar.xz
deleted file mode 100644
index 81e5055..0000000
--- a/l10n-52.5.0.tar.xz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:7a924cf19c3ecd601d2004ba0166b9b28f331153355ef5478358605aeb3650d0
-size 26215464
diff --git a/l10n-52.5.2.tar.xz b/l10n-52.5.2.tar.xz
new file mode 100644
index 0000000..e872523
--- /dev/null
+++ b/l10n-52.5.2.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:1ce68842f35878969a160d4e4b68ff80eb26dce18d00040279fc9b7e685ea729
+size 26212512
diff --git a/thunderbird-52.5.0-source.tar.xz b/thunderbird-52.5.0-source.tar.xz
deleted file mode 100644
index 6897bf5..0000000
--- a/thunderbird-52.5.0-source.tar.xz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:57246e6a6a3ae40f3ed21a2f43ee6589b2c77383af9f0d238ead262d0612a236
-size 242215136
diff --git a/thunderbird-52.5.2-source.tar.xz b/thunderbird-52.5.2-source.tar.xz
new file mode 100644
index 0000000..1f25783
--- /dev/null
+++ b/thunderbird-52.5.2-source.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:5bd859d3e940df6bfef46dfd5a9300b618d6557406c0d66e7c41af444541a662
+size 242240724

From fa262559793bc83b3aeff57f4cdaa98119aa8f00a0d37efd0ef24ba0f17f6d99 Mon Sep 17 00:00:00 2001
From: Wolfgang Rosenauer <wolfgang@rosenauer.org>
Date: Sat, 23 Dec 2017 21:58:24 +0000
Subject: [PATCH 2/2] Accepting request 559653 from
 home:AndreasStieger:branches:mozilla:Factory

changlog

OBS-URL: https://build.opensuse.org/request/show/559653
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=395
---
 MozillaThunderbird.changes | 14 +++++---------
 1 file changed, 5 insertions(+), 9 deletions(-)

diff --git a/MozillaThunderbird.changes b/MozillaThunderbird.changes
index f1ced62..dc57ae3 100644
--- a/MozillaThunderbird.changes
+++ b/MozillaThunderbird.changes
@@ -3,18 +3,14 @@ Sat Dec 23 18:36:42 UTC 2017 - wr@rosenauer.org
 
 - update to Thunderbird 52.5.2
   * This releases fixes the "Mailsploit" vulnerability and other
-    vulnerabilities detected by the "Cure53" audit
-  MFSA 2017-30
-  * CVE-2017-7845 (bmo#1402372)
-    Buffer overflow when drawing and validating elements with ANGLE
-    library using Direct 3D 9
-  * CVE-2017-7846 (bmo#1411716)
+    vulnerabilities detected by the "Cure53" audit (MFSA 2017-30)
+  * CVE-2017-7846 (bmo#1411716, bsc#1074043)
     JavaScript Execution via RSS in mailbox:// origin
-  * CVE-2017-7847 (bmo#1411708)
+  * CVE-2017-7847 (bmo#1411708, bsc#1074044)
     Local path string can be leaked from RSS feed
-  * CVE-2017-7848 (bmo#1411699)
+  * CVE-2017-7848 (bmo#1411699, bsc#1074045)
     RSS Feed vulnerable to new line Injection
-  * CVE-2017-7829 (bmo#1423432)
+  * CVE-2017-7829 (bmo#1423432, bsc#1074046)
     Mailsploit part 1: From address with encoded null character is
     cut off in message header display