Accepting request 610619 from mozilla:Factory

- update to Thunderbird 52.8 (bsc#1092548)
  MFSA 2018-13
  * CVE-2018-5183 (bmo#1454692)
    Backport critical security fixes in Skia
  * CVE-2018-5184 (bmo#1411592, bsc#1093152)
    Full plaintext recovery in S/MIME via chosen-ciphertext attack
  * CVE-2018-5154 (bmo#1443092)
    Use-after-free with SVG animations and clip paths
  * CVE-2018-5155 (bmo#1448774)
    Use-after-free with SVG animations and text paths
  * CVE-2018-5159 (bmo#1441941)
    Integer overflow and out-of-bounds write in Skia
  * CVE-2018-5161 (bmo#1411720)
    Hang via malformed headers
  * CVE-2018-5162 (bmo#1457721, bsc#1093152)
    Encrypted mail leaks plaintext through src attribute
  * CVE-2018-5170 (bmo#1411732)
    Filename spoofing for external attachments
  * CVE-2018-5168 (bmo#1449548)
    Lightweight themes can be installed without user interaction
  * CVE-2018-5174 (bmo#1447080) (Windows only)
    Windows Defender SmartScreen UI runs with less secure behavior
    for downloaded files in Windows 10 April 2018 Update
  * CVE-2018-5178 (bmo#1443891)
    Buffer overflow during UTF-8 to Unicode string conversion
    through legacy extension
  * CVE-2018-5185 (bmo#1450345)
    Leaking plaintext through HTML forms
  * CVE-2018-5150 (bmo#1388020,bmo#1433609,bmo#1409440,bmo#1448705,
    bmo#1451376,bmo#1452202,bmo#1444668,bmo#1393367,bmo#1411415,

OBS-URL: https://build.opensuse.org/request/show/610619
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=192

MozillaThunderbird.changes

@@ -1,3 +1,40 @@
+-------------------------------------------------------------------
+Sat May 19 06:16:58 UTC 2018 - wr@rosenauer.org
+
+- update to Thunderbird 52.8 (bsc#1092548)
+  MFSA 2018-13
+  * CVE-2018-5183 (bmo#1454692)
+    Backport critical security fixes in Skia
+  * CVE-2018-5184 (bmo#1411592, bsc#1093152)
+    Full plaintext recovery in S/MIME via chosen-ciphertext attack
+  * CVE-2018-5154 (bmo#1443092)
+    Use-after-free with SVG animations and clip paths
+  * CVE-2018-5155 (bmo#1448774)
+    Use-after-free with SVG animations and text paths
+  * CVE-2018-5159 (bmo#1441941)
+    Integer overflow and out-of-bounds write in Skia
+  * CVE-2018-5161 (bmo#1411720)
+    Hang via malformed headers
+  * CVE-2018-5162 (bmo#1457721, bsc#1093152)
+    Encrypted mail leaks plaintext through src attribute
+  * CVE-2018-5170 (bmo#1411732)
+    Filename spoofing for external attachments
+  * CVE-2018-5168 (bmo#1449548)
+    Lightweight themes can be installed without user interaction
+  * CVE-2018-5174 (bmo#1447080) (Windows only)
+    Windows Defender SmartScreen UI runs with less secure behavior
+    for downloaded files in Windows 10 April 2018 Update
+  * CVE-2018-5178 (bmo#1443891)
+    Buffer overflow during UTF-8 to Unicode string conversion
+    through legacy extension
+  * CVE-2018-5185 (bmo#1450345)
+    Leaking plaintext through HTML forms
+  * CVE-2018-5150 (bmo#1388020,bmo#1433609,bmo#1409440,bmo#1448705,
+    bmo#1451376,bmo#1452202,bmo#1444668,bmo#1393367,bmo#1411415,
+    bmo#1426129)
+    Memory safety bugs fixed in Firefox 60, Firefox ESR 52.8 and
+    Thunderbird 52.8
+
 -------------------------------------------------------------------
 Wed Mar 28 01:31:17 CEST 2018 - ro@suse.de
 

MozillaThunderbird.spec

@@ -17,9 +17,9 @@
 #
 
 
-%define mainversion 52.7
+%define mainversion 52.8
 %define update_channel release
-%define releasedate 201803230000
+%define releasedate 201805170000
 
 %bcond_without mozilla_tb_kde4
 %bcond_with    mozilla_tb_valgrind

compare-locales.tar.xz

@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:5619c69ab0ddc415df1634783c3ee50c80dc6690d2bf2ce0c1d1103311c9ef87
-size 28372
+oid sha256:691c3b54bb73f087ac1a393c94cd4d92fe88c2e910212e8ef629122463879cf6
+size 28380

create-tar.sh

@@ -2,8 +2,8 @@
 
 CHANNEL="esr52"
 BRANCH="releases/comm-$CHANNEL"
-RELEASE_TAG="THUNDERBIRD_52_7_0_RELEASE"
-VERSION="52.7"
+RELEASE_TAG="THUNDERBIRD_52_8_0_RELEASE"
+VERSION="52.8"
 
 echo "cloning $BRANCH..."
 hg clone http://hg.mozilla.org/$BRANCH thunderbird

l10n-52.7.tar.xz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:e5489e085b0432ceed78f5542b2e09380e0586d9d8cb209433c45db150783d5a
-size 26230056

l10n-52.8.tar.xz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:eec5c42b4fa59543986bc86e4dfe624aa5d900ea838e8cef419cc25c8b09369e
+size 26214028

thunderbird-52.7-source.tar.xz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:30e34c7c4facfe1601db7a9983a2dc1375b417ed7af35758256d38b6dcae9ad1
-size 242326388

thunderbird-52.8-source.tar.xz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:aad1950fcf929bf557f977cbc88e5577215f20e0b080fe4c1dee64fba20433a8
+size 242321452