- Mozilla Thunderbird 115.5.0

https://www.thunderbird.net/en-US/thunderbird/115.5.0/releasenotes MFSA 2023-52 (bsc#) * CVE-2023-6204 (bmo#1841050) Out-of-bound memory access in WebGL2 blitFramebuffer * CVE-2023-6205 (bmo#1854076) Use-after-free in MessagePort::Entangled * CVE-2023-6206 (bmo#1857430) Clickjacking permission prompts using the fullscreen transition * CVE-2023-6207 (bmo#1861344) Use-after-free in ReadableByteStreamQueueEntry::Buffer * CVE-2023-6208 (bmo#1855345) Using Selection API would copy contents into X11 primary selection. * CVE-2023-6209 (bmo#1858570) Incorrect parsing of relative URLs starting with "///" * CVE-2023-6212 (bmo#1658432, bmo#1820983, bmo#1829252, bmo#1856072, bmo#1856091, bmo#1859030, bmo#1860943, bmo#1862782) Memory safety bugs fixed in Firefox 120, Firefox ESR 115.5, and Thunderbird 115.5 OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=734
2023-11-23 08:14:02 +00:00 · 2023-11-23 08:14:02 +00:00 · 55bb2ec82a
commit 55bb2ec82a
parent 328f51e3db
9 changed files with 52 additions and 28 deletions
--- a/MozillaThunderbird.changes
+++ b/MozillaThunderbird.changes
@ -1,3 +1,27 @@
+-------------------------------------------------------------------
+Wed Nov 22 06:28:54 UTC 2023 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 115.5.0
+  https://www.thunderbird.net/en-US/thunderbird/115.5.0/releasenotes
+  MFSA 2023-52 (bsc#)
+  * CVE-2023-6204 (bmo#1841050)
+    Out-of-bound memory access in WebGL2 blitFramebuffer
+  * CVE-2023-6205 (bmo#1854076)
+    Use-after-free in MessagePort::Entangled
+  * CVE-2023-6206 (bmo#1857430)
+    Clickjacking permission prompts using the fullscreen transition
+  * CVE-2023-6207 (bmo#1861344)
+    Use-after-free in ReadableByteStreamQueueEntry::Buffer
+  * CVE-2023-6208 (bmo#1855345)
+    Using Selection API would copy contents into X11 primary
+    selection.
+  * CVE-2023-6209 (bmo#1858570)
+    Incorrect parsing of relative URLs starting with "///"
+  * CVE-2023-6212 (bmo#1658432, bmo#1820983, bmo#1829252, bmo#1856072,
+    bmo#1856091, bmo#1859030, bmo#1860943, bmo#1862782)
+    Memory safety bugs fixed in Firefox 120, Firefox ESR 115.5,
+    and Thunderbird 115.5
+
 -------------------------------------------------------------------
 Wed Nov 15 13:28:03 UTC 2023 - Wolfgang Rosenauer <wr@rosenauer.org>

--- a/MozillaThunderbird.spec
+++ b/MozillaThunderbird.spec
@ -29,8 +29,8 @@
 # major 69
 # mainver %%major.99
 %define major          115
-%define mainver        %major.4.3
-%define orig_version   115.4.3
+%define mainver        %major.5.0
+%define orig_version   115.5.0
 %define orig_suffix    %nil
 %define update_channel release
 %define source_prefix  thunderbird-%{orig_version}
--- a/l10n-115.4.3.tar.xz
+++ b/l10n-115.4.3.tar.xz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:38f257c35a08d2d39369e19204c44fec874d3e4ae657cf76f9266df14ea9d8da
-size 27887636
--- a/l10n-115.5.0.tar.xz
+++ b/l10n-115.5.0.tar.xz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:49db30a8801647c893cca54dad1fed0eef49b10dee67572138cd384a2f68f83a
+size 27918176
--- a/8
+++ b/8
@ -1,10 +1,10 @@
 PRODUCT="thunderbird"
 CHANNEL="esr115"
-VERSION="115.4.3"
+VERSION="115.5.0"
 VERSION_SUFFIX=""
-PREV_VERSION="115.4.2"
+PREV_VERSION="115.4.3"
 PREV_VERSION_SUFFIX=""
 #SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
 RELEASE_REPO="https://hg.mozilla.org/releases/comm-esr115"
-RELEASE_TAG="39b85d51fd523e0ff287ea6a635019907fd943de"
-RELEASE_TIMESTAMP="20231113191723"
+RELEASE_TAG="e199b83e0bd27d612d3dc2673e7b2285e93c783c"
+RELEASE_TIMESTAMP="20231120220011"
--- a/thunderbird-115.4.3.source.tar.xz
+++ b/thunderbird-115.4.3.source.tar.xz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:bf21b245b4451f402e48fc95ff72e72b91689cdbe98ec1d0fa3fac34e9abfc09
-size 533328212
--- a/thunderbird-115.4.3.source.tar.xz.asc
+++ b/thunderbird-115.4.3.source.tar.xz.asc
@ -1,16 +0,0 @@
-----BEGIN PGP SIGNATURE-----
-
-iQIzBAABCgAdFiEErdcHlHlwDcrf3VM34207E/PZMnQFAmVSqMIACgkQ4207E/PZ
-MnSlzBAApDngPYWo35oJ7XtUyMkPtKkhiV2icgBmY6XYYs9Ppg3DF5/+twkZnJEv
-m4T6LehIPLoXtWmLd7aP8CLM/Z7V+ZLq43bKbb8rldOjcUVmTH8kABg/Y+azXE21
-XHD4KAaIuwaBPGs89k4b2jlsvcblbED0zT1oWjbVCI1ylZ4nfe2jehI5bemfIe3m
-Qa/QCBv60Sal3BWuzJoSZBxsu2vvCSwgp6Ul4tcoaY+fgsA0UBldZdM5g8Rsqdc9
-8NSyMaWBPGujziVhzFSM1hAaifUnWFSpEGBMzUwyL+5tnOckgKBuKsd2LzZe2e4p
-txOEa6ezfSIB24eaPh7o1Cg4Tyr9ECpd69qoXR7l2CKEoKuPa4DxtLQiXbxWaNMw
-GzV4Q22g7J6FKLV6k3QAYGIuaUM8WzZ5WHSCFbViubSRTnmiFh+mi3mYyGKP/FMo
-r4eKk69s9LgFLeY56IldzaEoYNHuWzNKxYylLaC6eio2SBpAjl9opEkv0UuOGvTd
-J19JqP4KxTNYnnzt0iLEClimWTpwQoIiwQ+hbcB9n8h6DOQ8R3SOdztAuhcaioCz
-dKjCfQhb17qUMlocMnv7t97EQfPhhLTmHDTScnbVPUslL19jADdny/2/moS2qvMN
-fQGuz/KczMCOm5wiLzZ2F5traHbfud+vnHSs+mXCuEndCk0BAaY=
-=akNY
-----END PGP SIGNATURE-----
--- a/thunderbird-115.5.0.source.tar.xz
+++ b/thunderbird-115.5.0.source.tar.xz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:dc24886b2d2223d23141dbfb29855c0254de2603bd829d4cbc7dc4ea2ac711fa
+size 535406304
--- a/thunderbird-115.5.0.source.tar.xz.asc
+++ b/thunderbird-115.5.0.source.tar.xz.asc
@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCgAdFiEErdcHlHlwDcrf3VM34207E/PZMnQFAmVb/5wACgkQ4207E/PZ
+MnTUvw//ZWCoLQAdW7dD5H6tKQuLzf3Y75Uktuvbp9SMdbZak7A1kL/WzJ5vHc+d
+vrZmOU2r2XJFRq+MFWCWSx4idxfNZrRX+Vxyhx+SBbDDmwewaCmTwQrauE/ENU2S
+d8EJinkTYKxPMn3i/E+erN5n/5eKGXhV6vNTOtQHXwttIRqyYBqhRoyiD18Fx0Xh
+zwFGgc2+R5ohlyKOvbeaM6M6FLBtDtwsgoOF8rDHc+pMavA4lrgmeVp6bgZrs22D
+rOjSdZjVx80zc4qmqpiQwXtBL4Pf1VXchLs/AoS9PK6A1OOWehD/js5vYEQv9PwX
+IGqlf1C73pgdmqww52Wa48VM/mNw4rrBDYdS7PhmMqHZG6SyqtdfXG8A9pf0C8l6
+iYulJTq2ffK4wJQfO6Yobbsk3z5WeMZYWPQ/vAiumQJNlCHI79iTKOjsMm7mk/TB
+VWYAWVuYjGzg6BbvUO+a3Yp6Z7fkswijZRllLc3qshhcqoA2/z+qkPHGBOL2GXvC
+KOItJVs14PlZi1JZwmsnqnTM1VLh+fhpjsW2icDelxOe0o3mBrCoxgAQf+wlnNdL
+s/PYAFL86mlX9pGSMsEjF8labZ84TsHSq/VODhB5XqFQO3bzU/cz+Lm18FBIFvdb
+lfRSIWhcK13+zShmw0exUYi0ad7pPTGOm+H6yVq48hQ1y1y+4k4=
+=oyj5
+-----END PGP SIGNATURE-----