pool/MozillaThunderbird
SHA256
4
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Accepting request 856497 from mozilla:Factory

Browse Source 
- Mozilla Thunderbird 78.6.0
  * changes and additions in MailExtensions
  * several bugfixes
  * https://www.thunderbird.net/en-US/thunderbird/78.6.0/releasenotes/
  MFSA 2020-56 (bsc#1180039))
  * CVE-2020-16042 (bmo#1679003)
    Operations on a BigInt could have caused uninitialized memory
    to be exposed
  * CVE-2020-26971 (bmo#1663466)
    Heap buffer overflow in WebGL
  * CVE-2020-26973 (bmo#1680084)
    CSS Sanitizer performed incorrect sanitization
  * CVE-2020-26974 (bmo#1681022)
    Incorrect cast of StyleGenericFlexBasis resulted in a heap
    use-after-free
  * CVE-2020-26978 (bmo#1677047)
    Internal network hosts could have been probed by a malicious
    webpage
  * CVE-2020-35111 (bmo#1657916)
    The proxy.onRequest API did not catch view-source URLs
  * CVE-2020-35112 (bmo#1661365)
    Opening an extension-less download may have inadvertently
    launched an executable instead
  * CVE-2020-35113 (bmo#1664831, bmo#1673589)
    Memory safety bugs fixed in Thunderbird 78.6

OBS-URL: https://build.opensuse.org/request/show/856497
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=245
This commit is contained in:
Dominique Leuenberger 2020-12-24 18:40:01 +00:00 committed by Git OBS Bridge
commit 926af1b2b2
9 changed files with 63 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
MozillaThunderbird.changes
View File

@ -1,3 +1,32 @@
-------------------------------------------------------------------
Sat Dec 12 10:25:08 UTC 2020 - Wolfgang Rosenauer <wr@rosenauer.org>
- Mozilla Thunderbird 78.6.0
* changes and additions in MailExtensions
* several bugfixes
* https://www.thunderbird.net/en-US/thunderbird/78.6.0/releasenotes/
MFSA 2020-56 (bsc#1180039))
* CVE-2020-16042 (bmo#1679003)
Operations on a BigInt could have caused uninitialized memory
to be exposed
* CVE-2020-26971 (bmo#1663466)
Heap buffer overflow in WebGL
* CVE-2020-26973 (bmo#1680084)
CSS Sanitizer performed incorrect sanitization
* CVE-2020-26974 (bmo#1681022)
Incorrect cast of StyleGenericFlexBasis resulted in a heap
use-after-free
* CVE-2020-26978 (bmo#1677047)
Internal network hosts could have been probed by a malicious
webpage
* CVE-2020-35111 (bmo#1657916)
The proxy.onRequest API did not catch view-source URLs
* CVE-2020-35112 (bmo#1661365)
Opening an extension-less download may have inadvertently
launched an executable instead
* CVE-2020-35113 (bmo#1664831, bmo#1673589)
Memory safety bugs fixed in Thunderbird 78.6
------------------------------------------------------------------- -------------------------------------------------------------------
Tue Dec 1 21:34:15 UTC 2020 - Wolfgang Rosenauer <wr@rosenauer.org> Tue Dec 1 21:34:15 UTC 2020 - Wolfgang Rosenauer <wr@rosenauer.org>

16
MozillaThunderbird.spec
View File

@ -26,8 +26,8 @@
# major 69 # major 69
# mainver %major.99 # mainver %major.99
%define major 78 %define major 78
%define mainver %major.5.1 %define mainver %major.6.0
%define orig_version 78.5.1 %define orig_version 78.6.0
%define orig_suffix %{nil} %define orig_suffix %{nil}
%define update_channel release %define update_channel release
%define source_prefix thunderbird-%{orig_version} %define source_prefix thunderbird-%{orig_version}
@ -477,7 +477,6 @@ xvfb-run --server-args="-screen 0 1920x1080x24" \
# build additional locales # build additional locales
%if %localize %if %localize
mkdir -p %{buildroot}%{progdir}/extensions/
truncate -s 0 %{_tmppath}/translations.{common,other} truncate -s 0 %{_tmppath}/translations.{common,other}
# langpack-build can not be done in parallel easily (see https://bugzilla.mozilla.org/show_bug.cgi?id=1660943) # langpack-build can not be done in parallel easily (see https://bugzilla.mozilla.org/show_bug.cgi?id=1660943)
# Therefore, we have to have a separate obj-dir for each language # Therefore, we have to have a separate obj-dir for each language
@ -495,7 +494,7 @@ ac_add_options --with-l10n-base=$RPM_BUILD_DIR/l10n
ac_add_options --disable-updater ac_add_options --disable-updater
ac_add_options --enable-official-branding ac_add_options --enable-official-branding
EOF EOF
mkdir -p $RPM_BUILD_DIR/langpacks_artifacts/
sed -r '/^(ja-JP-mac|en-US|$)/d;s/ .*$//' $RPM_BUILD_DIR/%{source_prefix}/comm/mail/locales/shipped-locales \ sed -r '/^(ja-JP-mac|en-US|$)/d;s/ .*$//' $RPM_BUILD_DIR/%{source_prefix}/comm/mail/locales/shipped-locales \
| xargs -n 1 %{?jobs:-P %jobs} -I {} /bin/sh -c ' | xargs -n 1 %{?jobs:-P %jobs} -I {} /bin/sh -c '
locale=$1 locale=$1
@ -505,10 +504,9 @@ sed -r '/^(ja-JP-mac|en-US|$)/d;s/ .*$//' $RPM_BUILD_DIR/%{source_prefix}/comm/m
# nsinstall is needed for langpack-build. It is already built by `./mach build`, but building it again is very fast # nsinstall is needed for langpack-build. It is already built by `./mach build`, but building it again is very fast
./mach build config/nsinstall langpack-$locale ./mach build config/nsinstall langpack-$locale
cp -rL ../obj_$locale/dist/xpi-stage/locale-$locale \ cp -rL ../obj_$locale/dist/xpi-stage/locale-$locale \
%{buildroot}%{progdir}/extensions/langpack-$locale@thunderbird.mozilla.org $RPM_BUILD_DIR/langpacks_artifacts/langpack-$locale@thunderbird.mozilla.org
# remove prefs, profile defaults, and hyphenation from langpack rm -rf $RPM_BUILD_DIR/langpacks_artifacts/langpack-$locale@thunderbird.mozilla.org/defaults
rm -rf %{buildroot}%{progdir}/extensions/langpack-$locale@thunderbird.mozilla.org/defaults rm -rf $RPM_BUILD_DIR/langpacks_artifacts/langpack-$locale@thunderbird.mozilla.org/hyphenation
rm -rf %{buildroot}%{progdir}/extensions/langpack-$locale@thunderbird.mozilla.org/hyphenation
# Build systems like to run out of disc-space, so we delete the build-dir here (we copied already all relevant files) # Build systems like to run out of disc-space, so we delete the build-dir here (we copied already all relevant files)
rm -rf ../obj_$locale/ rm -rf ../obj_$locale/
# check against the fixed common list and sort into the right filelist # check against the fixed common list and sort into the right filelist
@ -534,6 +532,8 @@ make -C comm/mail/installer STRIP=/bin/true MOZ_PKG_FATAL_WARNINGS=0
# copy tree into RPM_BUILD_ROOT # copy tree into RPM_BUILD_ROOT
mkdir -p %{buildroot}%{progdir} mkdir -p %{buildroot}%{progdir}
cp -rf $RPM_BUILD_DIR/obj/dist/%{progname}/* %{buildroot}%{progdir} cp -rf $RPM_BUILD_DIR/obj/dist/%{progname}/* %{buildroot}%{progdir}
mkdir -p %{buildroot}%{progdir}/extensions
cp -rf $RPM_BUILD_DIR/langpacks_artifacts/* %{buildroot}%{progdir}/extensions/
# remove some executable permissions # remove some executable permissions
find %{buildroot}%{progdir} \ find %{buildroot}%{progdir} \

3
l10n-78.5.1.tar.xz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:70a191f497133377e1a2d890f6d9742046f44ae36475686fd7d1e1e867c73016
size 29083288

3
l10n-78.6.0.tar.xz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:ea0feb7edc1f635e30748e84ad794eef90343c70a24b5743bd8d27f17d809564
size 29071884

8
tar_stamps
View File

@ -1,10 +1,10 @@
PRODUCT="thunderbird" PRODUCT="thunderbird"
CHANNEL="esr78" CHANNEL="esr78"
VERSION="78.5.1" VERSION="78.6.0"
VERSION_SUFFIX="" VERSION_SUFFIX=""
PREV_VERSION="78.5.0" PREV_VERSION="78.5.1"
PREV_VERSION_SUFFIX="" PREV_VERSION_SUFFIX=""
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation #SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
RELEASE_REPO="https://hg.mozilla.org/releases/comm-esr78" RELEASE_REPO="https://hg.mozilla.org/releases/comm-esr78"
RELEASE_TAG="7bfb6e5797a4120c798eaa67a9cddd2846badcee" RELEASE_TAG="18be92a3f0388fe1b69941a50cdbadbf2c95b885"
RELEASE_TIMESTAMP="20201130232704" RELEASE_TIMESTAMP="20201211152611"

3
thunderbird-78.5.1.source.tar.xz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:17ec895e3dd435da49bfa30482e2397e644319b7f82890d2a947c95a5cb183c2
size 352743032

16
thunderbird-78.5.1.source.tar.xz.asc
View File

@ -1,16 +0,0 @@
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEECXsxMHeuYqAvhNpN8aZmj7t9Vy4FAl/GEagACgkQ8aZmj7t9
Vy7vSQ//XMiC4558UcDh6rvpOeEqKqBipe/9ZAFMyoz3mXslYaQ9GM3OCA/hQ/Cu
cysidXQOreC1GGt9hDyZajrmHxmUJK9Yxxr3ZdJZ6YPU/PLP5QKAzcnGdQrKzkY7
Glw4j9fkJH+OLbXCvJ0vw3YWdWHnr5JM854Ovu9dCTntXAsvD1nIZs5pCkG1TUHM
0Js3YQl/5Zekp24SrvLkQT4VbYNwA9D/SfF2QwXkTQ79ENNYRmKS7rpL1JDYAYVj
i6gPniNXbvYHEitmHNMtrMDc4vVRYR5STyOTIZcMlTEoS/eZxP5udVFWN25H8bTU
WljLJmu1X1IoypmxMO5JKuI11snaW5OX4a3g8gUMGedvh3ua0YaPIgqSujfmfMxH
xuMYYCIQZASOmsH1niYpPyGTZHY4UlWGLROFUk8Dal24if57wjeoepWDWf3F0jcH
CITPrNSUUOvn+e2kZWsZ7HGzCe8p+xi9qVcZHx0OTV4fcMBqqczch6+D8DqauDx/
+/DCkW6H3KKW/ot8Onnz0pSqyfd/BYFkVom//lgdudxjaUoZw3maZ37xy/kUedXQ
KQ7m6YLERH8N2ch4674x8hO6YEGHxHjxJGo/osfKCeyyL66RMr0AgoTqAyN4RhKt
FXPa1Yv7U005HPM3F0D/12tMDnavll5t8Q6vNzZJNVV+ZzZoH3k=
=yBKB
-----END PGP SIGNATURE-----

3
thunderbird-78.6.0.source.tar.xz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:1dd6f9a4d88b4c3d0ec47bba60a891243ef95e105a9045b2d32e2b126779844b
size 353496712

16
thunderbird-78.6.0.source.tar.xz.asc Normal file
View File

@ -0,0 +1,16 @@
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEECXsxMHeuYqAvhNpN8aZmj7t9Vy4FAl/UFaYACgkQ8aZmj7t9
Vy7Zxw//SSXD2GtgG0ko3xNQwQ2ujCOI80OYig92+GkFr1xIOuz3xvE5cLbWnYIP
Vzc6qBgaBZr4MJKL4B0URTOLivwKDNQb7c84zbUWJKaf3XHBQW+jroltl0J3lfgn
CpMoY3ekyzZeWZ+o0N0zexGRb1dUEAyUG4GgWUdozLeLG4DO7w70x/iI2wDP4QQN
VxQo0cYtdfizdvjky1v96OEFic6JFrDnj9VDQSI97NX5EAr+sI+ihvPr2mDzn+IA
kSmXfDGvTOvkoz13heNE2BHX5XM1GMuWpkrNQzW5G4mp5on52z1uHHIYZqc49uip
2KDAGX9NJbIGCn2utcwtsEhq3jtstjnHS5HzaeYEK4mjifdtxygXiWJZoaPSVTx0
25ZjXI6LBJcuBKVZkvbEdR35nuA8Y83i/Jf7JtFoWlM/nyu+ElkW9gdvnmqYCPNp
0+0aEus0M0n5By+OxO9vF7Mm63z4Bj1YKnvU6+4s1d6G2HyICrNPZJ8IaDK3zj21
oERuECpbWwrYU8cramlxxnpJfqI4EjQ6ZaPz1q9j3U7eT1Vr5cw2KGct2E6aHE36
rUEgzO1TcZpGSWQUr1arDWePkCqHofUYsE15pjAFbBVF4Q9Ut3FKYUG6Jo0hbZJr
WKoQLzyxi0EGey5oiHiBnc+XOCr4ub1eujBf2uCciZHiZ7htr/E=
=RpOn
-----END PGP SIGNATURE-----