Accepting request 849310 from mozilla:Factory
- Mozilla Thunderbird 78.5.0
MFSA 2020-52 (bsc#1178894)
* CVE-2020-26951 (bmo#1667113)
Parsing mismatches could confuse and bypass security
sanitizer for chrome privileged code
* CVE-2020-16012 (bmo#1642028)
Variable time processing of cross-origin images during
drawImage calls
* CVE-2020-26953 (bmo#1656741)
Fullscreen could be enabled without displaying the security
UI
* CVE-2020-26956 (bmo#1666300)
XSS through paste (manual and clipboard API)
* CVE-2020-26958 (bmo#1669355)
Requests intercepted through ServiceWorkers lacked MIME type
restrictions
* CVE-2020-26959 (bmo#1669466)
Use-after-free in WebRequestService
* CVE-2020-26960 (bmo#1670358)
Potential use-after-free in uses of nsTArray
* CVE-2020-15999 (bmo#1672223)
Heap buffer overflow in freetype
* CVE-2020-26961 (bmo#1672528)
DoH did not filter IPv4 mapped IP Addresses
* CVE-2020-26965 (bmo#1661617)
Software keyboards may have remembered typed passwords
* CVE-2020-26966 (bmo#1663571)
Single-word search queries were also broadcast to local
network
* CVE-2020-26968 (bmo#1551615, bmo#1607762, bmo#1656697,
OBS-URL: https://build.opensuse.org/request/show/849310
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=243
This commit is contained in:
Dominique Leuenberger
Git OBS Bridge
commit
6cfd650c6b
@ -1,3 +1,41 @@
|
||||
-------------------------------------------------------------------
|
||||
Mon Nov 16 20:13:34 UTC 2020 - Wolfgang Rosenauer <wr@rosenauer.org>
|
||||
|
||||
- Mozilla Thunderbird 78.5.0
|
||||
MFSA 2020-52 (bsc#1178894)
|
||||
* CVE-2020-26951 (bmo#1667113)
|
||||
Parsing mismatches could confuse and bypass security
|
||||
sanitizer for chrome privileged code
|
||||
* CVE-2020-16012 (bmo#1642028)
|
||||
Variable time processing of cross-origin images during
|
||||
drawImage calls
|
||||
* CVE-2020-26953 (bmo#1656741)
|
||||
Fullscreen could be enabled without displaying the security
|
||||
UI
|
||||
* CVE-2020-26956 (bmo#1666300)
|
||||
XSS through paste (manual and clipboard API)
|
||||
* CVE-2020-26958 (bmo#1669355)
|
||||
Requests intercepted through ServiceWorkers lacked MIME type
|
||||
restrictions
|
||||
* CVE-2020-26959 (bmo#1669466)
|
||||
Use-after-free in WebRequestService
|
||||
* CVE-2020-26960 (bmo#1670358)
|
||||
Potential use-after-free in uses of nsTArray
|
||||
* CVE-2020-15999 (bmo#1672223)
|
||||
Heap buffer overflow in freetype
|
||||
* CVE-2020-26961 (bmo#1672528)
|
||||
DoH did not filter IPv4 mapped IP Addresses
|
||||
* CVE-2020-26965 (bmo#1661617)
|
||||
Software keyboards may have remembered typed passwords
|
||||
* CVE-2020-26966 (bmo#1663571)
|
||||
Single-word search queries were also broadcast to local
|
||||
network
|
||||
* CVE-2020-26968 (bmo#1551615, bmo#1607762, bmo#1656697,
|
||||
bmo#1657739, bmo#1660236, bmo#1667912, bmo#1671479,
|
||||
bmo#1671923)
|
||||
Memory safety bugs fixed in Thunderbird 78.5
|
||||
- removed obsolete mozilla-rust-1.47.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Nov 11 09:04:51 UTC 2020 - Wolfgang Rosenauer <wr@rosenauer.org>
|
||||
|
||||
|
||||
@ -26,8 +26,8 @@
|
||||
# major 69
|
||||
# mainver %major.99
|
||||
%define major 78
|
||||
%define mainver %major.4.3
|
||||
%define orig_version 78.4.3
|
||||
%define mainver %major.5.0
|
||||
%define orig_version 78.5.0
|
||||
%define orig_suffix %{nil}
|
||||
%define update_channel release
|
||||
%define source_prefix thunderbird-%{orig_version}
|
||||
@ -202,7 +202,6 @@ Patch24: mozilla-bmo1602730.patch
|
||||
Patch25: mozilla-bmo998749.patch
|
||||
Patch26: mozilla-bmo1626236.patch
|
||||
Patch27: mozilla-s390x-skia-gradient.patch
|
||||
Patch28: mozilla-rust-1.47.patch
|
||||
%endif
|
||||
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
||||
PreReq: coreutils fileutils textutils /bin/sh
|
||||
@ -303,7 +302,6 @@ fi
|
||||
%patch25 -p1
|
||||
%patch26 -p1
|
||||
%patch27 -p1
|
||||
%patch28 -p1
|
||||
%endif
|
||||
|
||||
%build
|
||||
|
||||
@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:e93a10108de1d02ddbf85fc75917cb92e1e7901d7db66992d5813ddf102011b5
|
||||
size 29092680
|
||||
3
l10n-78.5.0.tar.xz
Normal file
3
l10n-78.5.0.tar.xz
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:ef3558575e0029648e28a23b8b57baccf7e53df1aec39bd316d21fe39317eee9
|
||||
size 29083668
|
||||
35276
mozilla-rust-1.47.patch
35276
mozilla-rust-1.47.patch
File diff suppressed because one or more lines are too long
@ -1,10 +1,10 @@
|
||||
PRODUCT="thunderbird"
|
||||
CHANNEL="esr78"
|
||||
VERSION="78.4.3"
|
||||
VERSION="78.5.0"
|
||||
VERSION_SUFFIX=""
|
||||
PREV_VERSION="78.4.2"
|
||||
PREV_VERSION="78.4.3"
|
||||
PREV_VERSION_SUFFIX=""
|
||||
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
|
||||
RELEASE_REPO="https://hg.mozilla.org/releases/comm-esr78"
|
||||
RELEASE_TAG="6ee1d79f9e77c90f0f165b9315b5b437a220b665"
|
||||
RELEASE_TIMESTAMP="20201110184431"
|
||||
RELEASE_TAG="92abc26b9c80383e974fb0234f22e06fea793be2"
|
||||
RELEASE_TIMESTAMP="20201116161136"
|
||||
|
||||
@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:f1da5a8229c9f869028d93551068a1db9a02d1934d152c36c2e86fd8640882d4
|
||||
size 351142752
|
||||
@ -1,16 +0,0 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQIzBAABCgAdFiEECXsxMHeuYqAvhNpN8aZmj7t9Vy4FAl+rAFYACgkQ8aZmj7t9
|
||||
Vy7yCQ/+LbNGpfPsNBE/zDLA5e4q9NnJ6KPjw2Bgycwk/6uY5vnha7Kd1qO2SmRh
|
||||
MlSBK+hCnxBYZ6nS7/i/esGW/u1mPuUFwCj1ZaGBWnAQMFZrPXY/D0uAgehlD6OJ
|
||||
oy5EHOTI2EPVXUKyJXboDXYVfvp/QxouQvvdt2fCIVx07AIuWKB50gblb6xkHpB2
|
||||
9N3KxLyNRh2/0oNK76vsMaZp2SkP7+5xLjfwYUqBr1uQxNz4NkwfR0jQDACfmita
|
||||
uynNIE5DjSDRC7Oa0GNubPpbeEtT3O/G8Cnv4UKPScv5IDC1LMcdRwjOapKhHHC+
|
||||
6S3e7ENDuDssVfhOLYoMr+0OuDqq/6Ex4y/123YQMuuYr4upaZzVfx7Wm3anmqS0
|
||||
5UUsHWElWJ0NxfoNbPtRistg7BzQpgCxHtzUY7tDjaCMrKQyGOdt4zURCW84bFOh
|
||||
ShOW8x7xPzTkC+hg9m+nFITUdRnodGgxFC49ZQ5tZczvQuRXTk7b/4XkfwPSAp3A
|
||||
mASMbpCDLEUXq9U6hRRcT1qN9pEAzrNyBdgKK8D4/G4tETzuEi78cXYgKDzBI5eY
|
||||
lM2TZjNIBqJXPgDD0fyS1hHF72a7FW4jczuT4WQRmuvjQqmKLkLPW6e17L5YJcrP
|
||||
uDdtq889fSAlIhydEOTXLbZpdH22y8hS/90PPCa1RDtcxlOv318=
|
||||
=iByl
|
||||
-----END PGP SIGNATURE-----
|
||||
3
thunderbird-78.5.0.source.tar.xz
Normal file
3
thunderbird-78.5.0.source.tar.xz
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:5f8a89c20e3ede73510da3eef866a1d07f31251c7912f6c52759db78f2307b77
|
||||
size 355944116
|
||||
16
thunderbird-78.5.0.source.tar.xz.asc
Normal file
16
thunderbird-78.5.0.source.tar.xz.asc
Normal file
@ -0,0 +1,16 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQIzBAABCgAdFiEECXsxMHeuYqAvhNpN8aZmj7t9Vy4FAl+yzM4ACgkQ8aZmj7t9
|
||||
Vy5lAw/7BmBH8vl967t9vYrosr3kknc2Sp+H+MEsCyrlCwy+D52Lt2La6KaZT/w4
|
||||
UtvgYr6PgYcnbAAD4lUS83Z1RMS9QrUS+LVnETdWILtrlxq3O0slUjcrej4zHvM+
|
||||
SpHS/NM9QnxCUuYqAAy3etqGmBWzrwfcUYcuKoCBKzTvG9JMcFhqjYsLaydRUlxo
|
||||
P+T+wh892o2wXm5dQrQSWVze7bDcOpBtNGsbYhFkcvhg9srBzH1PBkVb7l2OLBnI
|
||||
M/7+u96iuOPRqD3enHhF9swORc9Zx009dfWaM9dUHRJ4t5vygR5TKFs1BGYf6ZgH
|
||||
QyYo6yo8Xo86xhLZV4ABQYU9e7YRW0NorFb7Q92KiaaRUfA+jF3F9seuMFcBBF4s
|
||||
cN7q0nlynCVP2FwvTw2+Kx1+l1zsoKOKuI79XnMIThtNYlLP3EiXDwuxZSvSTYUH
|
||||
BzpC8TpGb4jPa/+XG5bMEjzsivChtrjhTrDDq7mrbf03wRyaOAoVZNVTD2fqYkh6
|
||||
LsXku0/wi6xjW+a3Gawe/njzP2suFnAc1POi5ddQN/7lFnm4IhvHai2vcbyjgqRh
|
||||
eY3zWVCZl+nxFQULWPc+g60V3LpuOCJDojoUwVQ5OZMm8hXNnzlJh14yp0YlWqhI
|
||||
XSrvYp3y/N8NR0oGaVtDHHCvo28l1ItRLz+YtfZtewrKzzxt0mA=
|
||||
=TuFJ
|
||||
-----END PGP SIGNATURE-----
|
||||
Loading…
Reference in New Issue
Block a user