- Mozilla Thunderbird 115.12.0

https://www.thunderbird.net/en-US/thunderbird/115.12.0/releasenotes MFSA 2024-28 (bsc#1226027) * CVE-2024-5702 (bmo#1193389) Use-after-free in networking * CVE-2024-5688 (bmo#1895086) Use-after-free in JavaScript object transplant * CVE-2024-5690 (bmo#1883693) External protocol handlers leaked by timing attack * CVE-2024-5691 (bmo#1888695) Sandboxed iframes were able to bypass sandbox restrictions to open a new window * CVE-2024-5692 (bmo#1891234) Bypass of file name restrictions during saving * CVE-2024-5693 (bmo#1891319) Cross-Origin Image leak via Offscreen Canvas * CVE-2024-5696 (bmo#1896555) Memory Corruption in Text Fragments * CVE-2024-5700 (bmo#1862809, bmo#1889355, bmo#1893388, bmo#1895123) Memory safety bugs fixed in Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12 OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=761
2024-06-17 08:14:14 +00:00 · 2024-06-17 08:14:14 +00:00 · 8e5843b066
commit 8e5843b066
parent 642c037730
9 changed files with 53 additions and 28 deletions
--- a/MozillaThunderbird.changes
+++ b/MozillaThunderbird.changes
@ -1,3 +1,28 @@
 -------------------------------------------------------------------
 Mon Jun 17 07:43:27 UTC 2024 - Wolfgang Rosenauer <wr@rosenauer.org>
 - Mozilla Thunderbird 115.12.0
  https://www.thunderbird.net/en-US/thunderbird/115.12.0/releasenotes
  MFSA 2024-28 (bsc#1226027)
  * CVE-2024-5702 (bmo#1193389)
    Use-after-free in networking
  * CVE-2024-5688 (bmo#1895086)
    Use-after-free in JavaScript object transplant
  * CVE-2024-5690 (bmo#1883693)
    External protocol handlers leaked by timing attack
  * CVE-2024-5691 (bmo#1888695)
    Sandboxed iframes were able to bypass sandbox restrictions to
    open a new window
  * CVE-2024-5692 (bmo#1891234)
    Bypass of file name restrictions during saving
  * CVE-2024-5693 (bmo#1891319)
    Cross-Origin Image leak via Offscreen Canvas
  * CVE-2024-5696 (bmo#1896555)
    Memory Corruption in Text Fragments
  * CVE-2024-5700 (bmo#1862809, bmo#1889355, bmo#1893388, bmo#1895123)
    Memory safety bugs fixed in Firefox 127, Firefox ESR 115.12,
    and Thunderbird 115.12
 -------------------------------------------------------------------
 Wed May 29 06:30:51 UTC 2024 - Wolfgang Rosenauer <wr@rosenauer.org>
--- a/MozillaThunderbird.spec
+++ b/MozillaThunderbird.spec
@ -29,8 +29,8 @@
 # major 69
 # mainver %%major.99
 %define major          115
-%define mainver        %major.11.1
+%define mainver        %major.12.0
-%define orig_version   115.11.1
+%define orig_version   115.12.0
 %define orig_suffix    %nil
 %define update_channel release
 %define source_prefix  thunderbird-%{orig_version}
--- a/l10n-115.11.1.tar.xz
+++ b/l10n-115.11.1.tar.xz
@ -1,3 +0,0 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:f07fff0a5cc0b84df0c924982f95e50dfc45d39135fcd59b0c05658103dfe659
 size 28748540
--- a/l10n-115.12.0.tar.xz
+++ b/l10n-115.12.0.tar.xz
@ -0,0 +1,3 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:073f87ae4e39b168edd3f3b2b261b429c4b430d6247bd5d4742630b5fbb60fa6
 size 29995960
--- a/8
+++ b/8
@ -1,10 +1,10 @@
 PRODUCT="thunderbird"
 CHANNEL="esr115"
-VERSION="115.11.1"
+VERSION="115.12.0"
 VERSION_SUFFIX=""
-PREV_VERSION="115.11.0"
+PREV_VERSION="115.11.1"
 PREV_VERSION_SUFFIX=""
 #SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
 RELEASE_REPO="https://hg.mozilla.org/releases/comm-esr115"
-RELEASE_TAG="5f881bf54595030bb701e1f83fd05a83d23ebb83"
+RELEASE_TAG="c8e74fba9d207152648b517f30da7f391a514a1a"
-RELEASE_TIMESTAMP="20240528060252"
+RELEASE_TIMESTAMP="20240614163201"
--- a/thunderbird-115.11.1.source.tar.xz
+++ b/thunderbird-115.11.1.source.tar.xz
@ -1,3 +0,0 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:e0ceb1b9d3e19d5d1fd743eb9e473751bf0c671c00e234f95736f624309b26a5
 size 533242964
--- a/thunderbird-115.11.1.source.tar.xz.asc
+++ b/thunderbird-115.11.1.source.tar.xz.asc
@ -1,16 +0,0 @@
 -----BEGIN PGP SIGNATURE-----
 iQIzBAABCgAdFiEErdcHlHlwDcrf3VM34207E/PZMnQFAmZWMF8ACgkQ4207E/PZ
 MnR0vw/9HaVHqXrj+OdPJXK2SKvojBlkdkSgSN0RT/wiKiYpM8c6CRskD6opPY0H
 MZ65BWaxB3cGhPjJWAuaf5IDjz7JXllBaCzVVzE2ULBc0QGWca73PKBJAklGKISN
 XhdlHBDW1oE7wsnPOt6/YnluzbQw6AuH9fsaRyZxo81RdaRRAjUlxyevqMaGabMH
 1pwmxl7UQdZtv60uC4xAvSKwlpRnWYvDEF2sb+G7iDACDpu0ZSMCkf6XUAeb9Ulb
 f/vhqLvqXruKb7ts+61pHVrOxfCZu6mBIHsDZHcUzdEY+SXak+Q6UcdMwc1umG2M
 EPl23sujizEE/j0HthMsfoQVOaL1TbhChmNCI0MRs3NaxjtBkgLz7BOupyWxZHOs
 gz82p6lG6iZGdzIPpIBjd8o7sptqqsueAPzevtpW6HMV5M2v8Nel8Ux5ZYYG/Mqb
 MhgIMlXmc0LYTyMsiht36pbkjb2BgcYtzdEVWP/NulrNuAjJoj3iSlJUxF4/wwju
 3OgjXNkLHKZsqkFw0X2x7hDAzzT2zIjMJb9LvHMkNjO6Glqho/8efWH+LtJaiVvi
 m5XKVZU1tfBRwiIjgoIDLLK1dT+GCrx8hqvajsHXXWYDitioW8/e5UB8EPmAupE1
 1/BlwtnOEEvifKm5XPTuyaGHAKAiqNWEm/KH2Vix/Mkwc9/3qJ4=
 =j4e+
 -----END PGP SIGNATURE-----
--- a/thunderbird-115.12.0.source.tar.xz
+++ b/thunderbird-115.12.0.source.tar.xz
@ -0,0 +1,3 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:5d0c47eec0e047ac7ad9d39b564487b791528823e18c0012e4bb94233a96d25f
 size 539287212
--- a/thunderbird-115.12.0.source.tar.xz.asc
+++ b/thunderbird-115.12.0.source.tar.xz.asc
@ -0,0 +1,16 @@
 -----BEGIN PGP SIGNATURE-----
 iQIzBAABCgAdFiEErdcHlHlwDcrf3VM34207E/PZMnQFAmZnbGQACgkQ4207E/PZ
 MnRQ/xAAonYlpW3qI3HDR6fPQjU2EWgtnLQflyWXvEw2KAN/UeKa8mJ9Goa7aHG7
 BjG1zrBJ/9v3FmV3cy5noebBkKTSHIvKKpKFuo0cM8kpODxMhxhTFV1BhlZg+dov
 G/1V7w4n1mBu2jhfFizNhZFKhExpxD26u0a0CvHTruobU8mSxUs5ziap6m8Unodj
 mRaWn6LC28AYiIWsFo+QgSufeFyurXEGlbY8uJfXiX57/AydgdC8UVrqpUja9t3S
 o9jz53B0lFMwgJJGqDkPLsEoC3/OF5b+GcO5NZ2uYLof7awxwtkXI1ZyvVzatqpX
 EfPFYe5OKTC8Ks492rGtLGs3OMzdBfW+eS8Ndq3XIuFaTIwijYg/VFZGpXz6soXH
 QB5mDJOp9FR+aa5un55RMnv5yGGyZKGgPIFyV1A0xkyJ7PBkZSWgmhyj/p5U1xVM
 WtDZnNTOcbb5F3MHStFZidUmbk8A0yZAOdjrzgVHeJpUNY+z+Od9TaKbkeuZTV1F
 b5r3zX9fBppXQxxd39cKSDYvbuB35CT04e6tkYSfvsLGCnr8GF6h+n919gixD1Xw
 Mu3TYObIZAakZQo04IA/2uTeuwqJKtFVUhhwvhllA/zKSdSVEwVP0/eh1GkX+/fC
 OCvF5X8cZN1fkgTkHETvXnbcuc56FtWOZcRTEbcn5Rvo65d+t5o=
 =vxBf
 -----END PGP SIGNATURE-----