Accepting request 1185328 from mozilla:Factory

OBS-URL: https://build.opensuse.org/request/show/1185328 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=338
2024-07-04 14:27:26 +00:00 · 2024-07-04 14:27:26 +00:00 · 9cc5c44788
commit 9cc5c44788
parent 12fa6354eb 8ba563b611
9 changed files with 58 additions and 25 deletions
--- a/MozillaThunderbird.changes
+++ b/MozillaThunderbird.changes
@ -1,3 +1,15 @@
+-------------------------------------------------------------------
+Tue Jul  2 14:47:02 UTC 2024 - Martin Sirringhaus <martin.sirringhaus@suse.com>
+
+- Mozilla Thunderbird 115.12.2
+  * fixed: Annual Thunderbird Beta appeal intended for
+    Thunderbird 115.12.0 did not open as expected (bmo#1898084)
+- Mozilla Thunderbird 115.12.1
+  * 115.12.0 got pulled because of upstream automation process errors
+    and Windows installer signing changes.
+    No code changes, changelog is the same as 115.12.0 (bsc#1226495)
+- Added thunderbird-fix-CVE-2024-34703.patch (bsc#1227239)
+
 -------------------------------------------------------------------
 Mon Jun 17 07:43:27 UTC 2024 - Wolfgang Rosenauer <wr@rosenauer.org>

--- a/MozillaThunderbird.spec
+++ b/MozillaThunderbird.spec
@ -29,8 +29,8 @@
 # major 69
 # mainver %%major.99
 %define major          115
-%define mainver        %major.12.0
-%define orig_version   115.12.0
+%define mainver        %major.12.2
+%define orig_version   115.12.2
 %define orig_suffix    %nil
 %define update_channel release
 %define source_prefix  thunderbird-%{orig_version}
@ -207,6 +207,7 @@ Patch19:        svg-rendering.patch
 Patch20:        mozilla-partial-revert-1768632.patch
 Patch21:        mozilla-bmo1775202.patch
 Patch22:        mozilla-rust-disable-future-incompat.patch
+Patch23:        thunderbird-fix-CVE-2024-34703.patch
 %if 0%{?product_libs_llvm_ver} > 17
 # LLVM18 breaks building Firefox ESR:
 Patch30:        mozilla-fix-issues-with-llvm18.patch
--- a/l10n-115.12.2.tar.xz
+++ b/l10n-115.12.2.tar.xz
--- a/8
+++ b/8
@ -1,10 +1,10 @@
 PRODUCT="thunderbird"
 CHANNEL="esr115"
-VERSION="115.12.0"
+VERSION="115.12.2"
 VERSION_SUFFIX=""
-PREV_VERSION="115.11.1"
+PREV_VERSION="115.12.1"
 PREV_VERSION_SUFFIX=""
 #SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
 RELEASE_REPO="https://hg.mozilla.org/releases/comm-esr115"
-RELEASE_TAG="c8e74fba9d207152648b517f30da7f391a514a1a"
-RELEASE_TIMESTAMP="20240614163201"
+RELEASE_TAG="629a5c6b8861833f98e4a2c12c250cdd11c3e0b2"
+RELEASE_TIMESTAMP="20240621154414"
--- a/thunderbird-115.12.0.source.tar.xz
+++ b/thunderbird-115.12.0.source.tar.xz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:5d0c47eec0e047ac7ad9d39b564487b791528823e18c0012e4bb94233a96d25f
-size 539287212
--- a/thunderbird-115.12.0.source.tar.xz.asc
+++ b/thunderbird-115.12.0.source.tar.xz.asc
@ -1,16 +0,0 @@
-----BEGIN PGP SIGNATURE-----
-
-iQIzBAABCgAdFiEErdcHlHlwDcrf3VM34207E/PZMnQFAmZnbGQACgkQ4207E/PZ
-MnRQ/xAAonYlpW3qI3HDR6fPQjU2EWgtnLQflyWXvEw2KAN/UeKa8mJ9Goa7aHG7
-BjG1zrBJ/9v3FmV3cy5noebBkKTSHIvKKpKFuo0cM8kpODxMhxhTFV1BhlZg+dov
-G/1V7w4n1mBu2jhfFizNhZFKhExpxD26u0a0CvHTruobU8mSxUs5ziap6m8Unodj
-mRaWn6LC28AYiIWsFo+QgSufeFyurXEGlbY8uJfXiX57/AydgdC8UVrqpUja9t3S
-o9jz53B0lFMwgJJGqDkPLsEoC3/OF5b+GcO5NZ2uYLof7awxwtkXI1ZyvVzatqpX
-EfPFYe5OKTC8Ks492rGtLGs3OMzdBfW+eS8Ndq3XIuFaTIwijYg/VFZGpXz6soXH
-QB5mDJOp9FR+aa5un55RMnv5yGGyZKGgPIFyV1A0xkyJ7PBkZSWgmhyj/p5U1xVM
-WtDZnNTOcbb5F3MHStFZidUmbk8A0yZAOdjrzgVHeJpUNY+z+Od9TaKbkeuZTV1F
-b5r3zX9fBppXQxxd39cKSDYvbuB35CT04e6tkYSfvsLGCnr8GF6h+n919gixD1Xw
-Mu3TYObIZAakZQo04IA/2uTeuwqJKtFVUhhwvhllA/zKSdSVEwVP0/eh1GkX+/fC
-OCvF5X8cZN1fkgTkHETvXnbcuc56FtWOZcRTEbcn5Rvo65d+t5o=
-=vxBf
-----END PGP SIGNATURE-----
--- a/thunderbird-115.12.2.source.tar.xz
+++ b/thunderbird-115.12.2.source.tar.xz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:6378a0dbe8d785f58ab9778a507e36c33a5f869ae1a670638e27787b9864e638
+size 529634488
--- a/thunderbird-115.12.2.source.tar.xz.asc
+++ b/thunderbird-115.12.2.source.tar.xz.asc
@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCgAdFiEErdcHlHlwDcrf3VM34207E/PZMnQFAmZ1yxwACgkQ4207E/PZ
+MnRLhw//aDNSC/jQ+xFIFLYMyCfMTCgemIfsSeQ8RAMZhcLlxJrvUNmur+8G1Raz
+RixhJWK0q44yH5rNRpCldhrIMg29V+nPxaBMKGQZNSzrOIaFbIbftGlKzJ2HR6Gc
+CoV7lxgBXLxoR7QN5Zw1iNyjQvZPP2g6DxJtGNdKwmrj967NifmBeyj9JAvMIWbI
+m6NCTCzCKi49xvqnrS4GOKZkAJ/aDX4IGleDDyVSiilUTiXdPNmXE7UpmyOIl0Mj
+C03A1xg/Y/t+PAa0zYCild1Hp+YZpXz/CXEmqYqQ6+fCKxHTHpw/yP+49RFLr3kE
+0yKECyKOyP57nmGKtw0hZJg+6JCJ19Tgb51mntWjpMKAMFOWBU2HmH1xdOantVEu
+5gFbf9/PPsHkpYhHCn3nonY1LGAs+soOrFtLNuUP+nWWFox4kkkZ12Hkj/xTpswF
+/rIEJy34a4rik4wO1Hff/7i0FqyV4HdSI4nsNno1eT6Rmim+x1Y1NDkpD9nl+CFD
+qhodmIhwYRwaWC53MqkQKJDXZdkSLxGh1WtHeMn6jwY9uGM0REQonOA+yRZMXy+f
+j0iaBzaB2nVyoAIOWUhB+1k6uSyAz5C8ZrNIQqxl38z/8aYUMd5qbahTQ9EAGdop
+L6HgjYK4WzEYFUvhiVAuyh3vXIJ3Yo06FMzqgyYO2mL1O+VSjq4=
+=nXlM
+-----END PGP SIGNATURE-----
--- a/thunderbird-fix-CVE-2024-34703.patch
+++ b/thunderbird-fix-CVE-2024-34703.patch
@ -0,0 +1,20 @@
+https://github.com/randombit/botan/commit/94e9154c143aa5264da6254a6a1be5bc66ee2b5a
+
+diff --git a/comm/third_party/botan/src/lib/pubkey/ec_group/ec_group.cpp b/comm/third_party/botan/src/lib/pubkey/ec_group/ec_group.cpp
+index bb60bacf7ba..214751b4eb0 100644
+--- a/comm/third_party/botan/src/lib/pubkey/ec_group/ec_group.cpp
+++ b/comm/third_party/botan/src/lib/pubkey/ec_group/ec_group.cpp
+@@ -334,8 +334,11 @@ std::shared_ptr<EC_Group_Data> EC_Group::BER_decode_EC_group(const uint8_t bits[
+          .end_cons()
+          .verify_end();
+ 
+-      if(p.bits() < 64 || p.is_negative() || !is_bailie_psw_probable_prime(p))
+-         throw Decoding_Error("Invalid ECC p parameter");
+      if(p.bits() < 112 || p.bits() > 1024)
+         throw Decoding_Error("ECC p parameter is invalid size");
+
+      if(p.is_negative() || !is_bailie_psw_probable_prime(p))
+         throw Decoding_Error("ECC p parameter is not a prime");
+ 
+       if(a.is_negative() || a >= p)
+          throw Decoding_Error("Invalid ECC a parameter");