diff --git a/MozillaThunderbird.changes b/MozillaThunderbird.changes
index 9edccc6..992082a 100644
--- a/MozillaThunderbird.changes
+++ b/MozillaThunderbird.changes
@@ -1,3 +1,18 @@
+-------------------------------------------------------------------
+Wed Mar 17 20:07:51 CET 2010 - wr@rosenauer.org
+
+- security update to 3.0.4 (bnc#586567)
+  * MFSA 2010-16/CVE-2010-0173/CVE-2010-0174
+    Crashes with evidence of memory corruption
+  * MFSA 2010-17/CVE-2010-0175 (bmo#540100,375928)
+    Remote code execution with use-after-free in nsTreeSelection
+  * MFSA 2010-18/CVE-2010-0176 (bmo#538308)
+    Dangling pointer vulnerability in nsTreeContentView
+  * MFSA 2010-22/CVE-2009-3555 (bmo#545755)
+    Update NSS to support TLS renegotiation indication
+  * MFSA 2010-24/CVE-2010-0182 (bmo#490790)
+    XMLDocument::load() doesn't check nsIContentPolicy
+
 -------------------------------------------------------------------
 Sun Feb 28 19:56:44 CET 2010 - wr@rosenauer.org
 
diff --git a/MozillaThunderbird.spec b/MozillaThunderbird.spec
index 19fdb22..d2e181b 100644
--- a/MozillaThunderbird.spec
+++ b/MozillaThunderbird.spec
@@ -1,5 +1,5 @@
 #
-# spec file for package MozillaThunderbird (Version 3.0.3)
+# spec file for package MozillaThunderbird (Version 3.0.4)
 #
 # Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #               2006-2010 Wolfgang Rosenauer <wr@rosenauer.org>
@@ -20,7 +20,8 @@
 
 
 Name:           MozillaThunderbird
-BuildRequires:  autoconf213 fdupes gcc-c++ libgnomeui-devel libidl-devel mozilla-nss-devel python startup-notification-devel unzip update-desktop-files zip
+BuildRequires:  autoconf213 fdupes gcc-c++ libgnomeui-devel libidl-devel python startup-notification-devel unzip update-desktop-files zip
+BuildRequires:  mozilla-nss-devel >= 3.12.6
 %if %suse_version > 1030
 BuildRequires:  hunspell-devel
 %endif
@@ -28,10 +29,10 @@ BuildRequires:  hunspell-devel
 BuildRequires:  nss-shared-helper-devel
 %endif
 License:        GPLv2+ ; LGPLv2.1+ ; MPLv1.1+
-%define mainversion 3.0.3
+%define mainversion 3.0.4
 Version:        %{mainversion}
 Release:        1
-%define releasedate 2010022800
+%define releasedate 2010031700
 Summary:        The Stand-Alone Mozilla Mail Component
 Url:            http://www.mozilla.org/products/thunderbird/
 Group:          Productivity/Networking/Email/Clients
@@ -46,7 +47,6 @@ Source7:        find-external-requires.sh
 Source8:        MozillaThunderbird-rpmlintrc
 Source9:        enigmail-1.0.1.tar.bz2
 Source10:       create-tar.sh
-Patch1:         mozilla-clipboard.patch
 Patch2:         thunderbird-appname.patch
 Patch3:         mozilla-startup-notification.patch
 Patch4:         mozilla-gtkfilepicker-buttonorder.patch
@@ -126,7 +126,7 @@ Software Development Kit to build plugins/extensions against Thunderbird.
 
 %package -n enigmail
 Version:        1.0.1
-Release:        1
+Release:        2
 License:        GPLv2+ ; MPLv1.1+
 Summary:        OpenPGP addon for Thunderbird and SeaMonkey
 Group:          Productivity/Networking/Email/Clients
@@ -152,7 +152,6 @@ popd
 %endif
 # xulrunner patches
 pushd mozilla
-%patch1 -p1
 %patch3 -p1
 %patch4 -p1
 %patch8 -p1
diff --git a/create-tar.sh b/create-tar.sh
index b82a3b4..b28b6f9 100644
--- a/create-tar.sh
+++ b/create-tar.sh
@@ -2,8 +2,8 @@
 
 
 BRANCH="releases/comm-1.9.1" # comm-central
-RELEASE_TAG="THUNDERBIRD_3_0_3_RELEASE"
-VERSION="3.0.3"
+RELEASE_TAG="THUNDERBIRD_3_0_4_RELEASE"
+VERSION="3.0.4"
 
 echo "cloning $BRANCH..."
 hg clone http://hg.mozilla.org/$BRANCH thunderbird
diff --git a/l10n-3.0.3.tar.bz2 b/l10n-3.0.3.tar.bz2
deleted file mode 100644
index f7f2105..0000000
--- a/l10n-3.0.3.tar.bz2
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:09c00d7d622da9fff0622e7ddccf4beef7f869aff31ed2067515ebb3ce03acb9
-size 19937740
diff --git a/l10n-3.0.4.tar.bz2 b/l10n-3.0.4.tar.bz2
new file mode 100644
index 0000000..eca641d
--- /dev/null
+++ b/l10n-3.0.4.tar.bz2
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:bd0f8808186324aa9edb59d47946acc1f70b763db48a5a3e0e3875607e1db279
+size 20083958
diff --git a/mozilla-clipboard.patch b/mozilla-clipboard.patch
deleted file mode 100644
index c0d662d..0000000
--- a/mozilla-clipboard.patch
+++ /dev/null
@@ -1,110 +0,0 @@
-From: Martin Stránský
-Subject: Fix crash in clipboard handling
-References:
-https://bugzilla.mozilla.org/show_bug.cgi?id=495392
-
-
-diff --git a/widget/src/gtk2/nsClipboard.cpp b/widget/src/gtk2/nsClipboard.cpp
---- a/widget/src/gtk2/nsClipboard.cpp
-+++ b/widget/src/gtk2/nsClipboard.cpp
-@@ -440,21 +440,21 @@ nsClipboard::HasDataMatchingFlavors(cons
-         if (!strcmp(aFlavorList[i], kUnicodeMime) && 
-             gtk_selection_data_targets_include_text(selection_data)) {
-             *_retval = PR_TRUE;
-             break;
-         }
- 
-         for (PRInt32 j = 0; j < n_targets; j++) {
-             gchar *atom_name = gdk_atom_name(targets[j]);
--            if (!strcmp(atom_name, aFlavorList[i]))
-+            if (!g_strcmp0(atom_name, aFlavorList[i]))
-                 *_retval = PR_TRUE;
- 
-             // X clipboard wants image/jpeg, not image/jpg
--            if (!strcmp(aFlavorList[i], kJPEGImageMime) && !strcmp(atom_name, "image/jpeg"))
-+            if (!g_strcmp0(aFlavorList[i], kJPEGImageMime) && !g_strcmp0(atom_name, "image/jpeg"))
-                 *_retval = PR_TRUE;
- 
-             g_free(atom_name);
- 
-             if (*_retval)
-                 break;
-         }
-     }
-diff --git a/widget/src/gtk2/nsDragService.cpp b/widget/src/gtk2/nsDragService.cpp
---- a/widget/src/gtk2/nsDragService.cpp
-+++ b/widget/src/gtk2/nsDragService.cpp
-@@ -796,46 +796,43 @@ nsDragService::IsDataFlavorSupported(con
-     GList *tmp;
-     for (tmp = mTargetDragContext->targets; tmp; tmp = tmp->next) {
-         /* Bug 331198 */
-         GdkAtom atom = GDK_POINTER_TO_ATOM(tmp->data);
-         gchar *name = NULL;
-         name = gdk_atom_name(atom);
-         PR_LOG(sDragLm, PR_LOG_DEBUG,
-                ("checking %s against %s\n", name, aDataFlavor));
--        if (name && (strcmp(name, aDataFlavor) == 0)) {
-+        if (g_strcmp0(name, aDataFlavor) == 0) {
-             PR_LOG(sDragLm, PR_LOG_DEBUG, ("good!\n"));
-             *_retval = PR_TRUE;
-         }
-         // check for automatic text/uri-list -> text/x-moz-url mapping
-         if (*_retval == PR_FALSE && 
--            name &&
--            (strcmp(name, gTextUriListType) == 0) &&
--            (strcmp(aDataFlavor, kURLMime) == 0)) {
-+            (g_strcmp0(name, gTextUriListType) == 0) &&
-+            (g_strcmp0(aDataFlavor, kURLMime) == 0)) {
-             PR_LOG(sDragLm, PR_LOG_DEBUG,
-                    ("good! ( it's text/uri-list and \
-                    we're checking against text/x-moz-url )\n"));
-             *_retval = PR_TRUE;
-         }
-         // check for automatic _NETSCAPE_URL -> text/x-moz-url mapping
-         if (*_retval == PR_FALSE && 
--            name &&
--            (strcmp(name, gMozUrlType) == 0) &&
--            (strcmp(aDataFlavor, kURLMime) == 0)) {
-+            (g_strcmp0(name, gMozUrlType) == 0) &&
-+            (g_strcmp0(aDataFlavor, kURLMime) == 0)) {
-             PR_LOG(sDragLm, PR_LOG_DEBUG,
-                    ("good! ( it's _NETSCAPE_URL and \
-                    we're checking against text/x-moz-url )\n"));
-             *_retval = PR_TRUE;
-         }
-         // check for auto text/plain -> text/unicode mapping
-         if (*_retval == PR_FALSE && 
--            name &&
--            (strcmp(name, kTextMime) == 0) &&
--            ((strcmp(aDataFlavor, kUnicodeMime) == 0) ||
--             (strcmp(aDataFlavor, kFileMime) == 0))) {
-+            (g_strcmp0(name, kTextMime) == 0) &&
-+            ((g_strcmp0(aDataFlavor, kUnicodeMime) == 0) ||
-+             (g_strcmp0(aDataFlavor, kFileMime) == 0))) {
-             PR_LOG(sDragLm, PR_LOG_DEBUG,
-                    ("good! ( it's text plain and we're checking \
-                    against text/unicode or application/x-moz-file)\n"));
-             *_retval = PR_TRUE;
-         }
-         g_free(name);
-     }
-     return NS_OK;
-@@ -946,17 +943,17 @@ nsDragService::IsTargetContextList(void)
- 
-     // walk the list of context targets and see if one of them is a list
-     // of items.
-     for (tmp = mTargetDragContext->targets; tmp; tmp = tmp->next) {
-         /* Bug 331198 */
-         GdkAtom atom = GDK_POINTER_TO_ATOM(tmp->data);
-         gchar *name = NULL;
-         name = gdk_atom_name(atom);
--        if (strcmp(name, gMimeListType) == 0)
-+        if (g_strcmp0(name, gMimeListType) == 0)
-             retval = PR_TRUE;
-         g_free(name);
-         if (retval)
-             break;
-     }
-     return retval;
- }
- 
diff --git a/thunderbird-3.0.3-source.tar.bz2 b/thunderbird-3.0.3-source.tar.bz2
deleted file mode 100644
index 5f257c1..0000000
--- a/thunderbird-3.0.3-source.tar.bz2
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:21a6b5c538248878f10ecfd4fc879b7bce6ab29e03132f4aaff8e914b7c69a04
-size 60084846
diff --git a/thunderbird-3.0.4-source.tar.bz2 b/thunderbird-3.0.4-source.tar.bz2
new file mode 100644
index 0000000..5bab324
--- /dev/null
+++ b/thunderbird-3.0.4-source.tar.bz2
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:ab9871fbc13cc28fdbb6f66b4fe8d7917ac915e4ac45e929352cc710410e62f2
+size 60553648