Accepting request 452950 from mozilla:Factory

1

OBS-URL: https://build.opensuse.org/request/show/452950
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=174

MozillaThunderbird.changes

@@ -1,3 +1,32 @@
+-------------------------------------------------------------------
+Tue Jan 24 20:43:57 UTC 2017 - wr@rosenauer.org
+
+- update to Thunderbird 45.7.0
+  * Message preview pane non-functional after IMAP folder was renamed
+    or moved
+  * "Move To" button on "Search Messages" panel not working
+  * Message sent to "undisclosed recipients" shows no recipient
+    (non-functional since Thunderbird version 38)
+  * Security updates from MFSA 2017-03 (Gecko 45.7.0) boo#1021991.
+    In general, these flaws cannot be exploited through email in
+    Thunderbird because scripting is disabled when reading mail,
+    but are potentially risks in browser or browser-like contexts:
+    CVE-2017-5375: Excessive JIT code allocation allows bypass of
+                   ASLR and DEP (bmo#1325200, boo#1021814)
+    CVE-2017-5376: Use-after-free in XSL (bmo#1311687, boo#1021817)
+    CVE-2017-5378: Pointer and frame data leakage of Javascript objects
+                   (bmo#1312001, bmo#1330769, boo#1021818)
+    CVE-2017-5380: Potential use-after-free during DOM manipulations
+                   (bmo#1322107, boo#1021819)
+    CVE-2017-5390: Insecure communication methods in Developer Tools
+                   JSON viewer (bmo#1297361, boo#1021820)
+    CVE-2017-5396: Use-after-free with Media Decoder
+                   (bmo#1329403, boo#1021821)
+    CVE-2017-5383: Location bar spoofing with unicode characters
+                   (bmo#1323338, bmo#1324716, boo#1021822)
+    CVE-2017-5373: Memory safety bugs fixed in Thunderbird 45.7
+                   (boo#1021824)
+
 -------------------------------------------------------------------
 Thu Dec 29 08:33:21 UTC 2016 - wr@rosenauer.org
 

MozillaThunderbird.spec

@@ -1,8 +1,8 @@
 #
 # spec file for package MozillaThunderbird
 #
-# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
-#               2006-2016 Wolfgang Rosenauer <wr@rosenauer.org>
+# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
+#               2006-2017 Wolfgang Rosenauer <wr@rosenauer.org>
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -17,9 +17,9 @@
 #
 
 
-%define mainversion 45.6.0
+%define mainversion 45.7.0
 %define update_channel release
-%define releasedate 2016122200
+%define releasedate 2017012400
 
 %if %suse_version > 1310
 %define gstreamer_ver 1.0

compare-locales.tar.xz

@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:b00a893fa3aa495805aeb20ddebd1f51e2c4c352de1eaa42bede6f5ab9119848
-size 28360
+oid sha256:48d77c57afca1ec07ed17dc0b961d446deae414dc467a8cd4b98dc97f9c59a18
+size 28336

create-tar.sh

@@ -2,8 +2,8 @@
 
 CHANNEL="esr45"
 BRANCH="releases/comm-$CHANNEL"
-RELEASE_TAG="THUNDERBIRD_45_6_0_RELEASE"
-VERSION="45.6.0"
+RELEASE_TAG="THUNDERBIRD_45_7_0_RELEASE"
+VERSION="45.7.0"
 
 echo "cloning $BRANCH..."
 hg clone http://hg.mozilla.org/$BRANCH thunderbird

l10n-45.6.0.tar.xz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:de63f7341fc4f6724951358a574ac2fc92833df802e13a4e28544ffba3d63550
-size 24499928

l10n-45.7.0.tar.xz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:17e3bcaa6931dbf15f68cd18c234dcdd37864b944ca3e1456e4ba0f726c84f95
+size 24510672

thunderbird-45.6.0-source.tar.xz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:d535cb2cfc2a3fd2ff82bba209b2e348eeb0331badd55d6520c841ad49e2cb02
-size 211901108

thunderbird-45.7.0-source.tar.xz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:d0980a5cf329a8cc770166afb6dec1ccff51ed0c70ea0239ca0d0dd5399fd7cc
+size 211953556