From 55bb2ec82a2f660b3236138343a58553aa4fbe7c209c91f5c7ef17f46871c90e Mon Sep 17 00:00:00 2001
From: Wolfgang Rosenauer <wolfgang@rosenauer.org>
Date: Thu, 23 Nov 2023 08:14:02 +0000
Subject: [PATCH 1/2] - Mozilla Thunderbird 115.5.0  
 https://www.thunderbird.net/en-US/thunderbird/115.5.0/releasenotes   MFSA
 2023-52 (bsc#)   * CVE-2023-6204 (bmo#1841050)     Out-of-bound memory access
 in WebGL2 blitFramebuffer   * CVE-2023-6205 (bmo#1854076)     Use-after-free
 in MessagePort::Entangled   * CVE-2023-6206 (bmo#1857430)     Clickjacking
 permission prompts using the fullscreen transition   * CVE-2023-6207
 (bmo#1861344)     Use-after-free in ReadableByteStreamQueueEntry::Buffer   *
 CVE-2023-6208 (bmo#1855345)     Using Selection API would copy contents into
 X11 primary     selection.   * CVE-2023-6209 (bmo#1858570)     Incorrect
 parsing of relative URLs starting with "///"   * CVE-2023-6212 (bmo#1658432,
 bmo#1820983, bmo#1829252, bmo#1856072,     bmo#1856091, bmo#1859030,
 bmo#1860943, bmo#1862782)     Memory safety bugs fixed in Firefox 120,
 Firefox ESR 115.5,     and Thunderbird 115.5

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=734
---
 MozillaThunderbird.changes            | 24 ++++++++++++++++++++++++
 MozillaThunderbird.spec               |  4 ++--
 l10n-115.4.3.tar.xz                   |  3 ---
 l10n-115.5.0.tar.xz                   |  3 +++
 tar_stamps                            |  8 ++++----
 thunderbird-115.4.3.source.tar.xz     |  3 ---
 thunderbird-115.4.3.source.tar.xz.asc | 16 ----------------
 thunderbird-115.5.0.source.tar.xz     |  3 +++
 thunderbird-115.5.0.source.tar.xz.asc | 16 ++++++++++++++++
 9 files changed, 52 insertions(+), 28 deletions(-)
 delete mode 100644 l10n-115.4.3.tar.xz
 create mode 100644 l10n-115.5.0.tar.xz
 delete mode 100644 thunderbird-115.4.3.source.tar.xz
 delete mode 100644 thunderbird-115.4.3.source.tar.xz.asc
 create mode 100644 thunderbird-115.5.0.source.tar.xz
 create mode 100644 thunderbird-115.5.0.source.tar.xz.asc

diff --git a/MozillaThunderbird.changes b/MozillaThunderbird.changes
index f86e405..369aaa6 100644
--- a/MozillaThunderbird.changes
+++ b/MozillaThunderbird.changes
@@ -1,3 +1,27 @@
+-------------------------------------------------------------------
+Wed Nov 22 06:28:54 UTC 2023 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 115.5.0
+  https://www.thunderbird.net/en-US/thunderbird/115.5.0/releasenotes
+  MFSA 2023-52 (bsc#)
+  * CVE-2023-6204 (bmo#1841050)
+    Out-of-bound memory access in WebGL2 blitFramebuffer
+  * CVE-2023-6205 (bmo#1854076)
+    Use-after-free in MessagePort::Entangled
+  * CVE-2023-6206 (bmo#1857430)
+    Clickjacking permission prompts using the fullscreen transition
+  * CVE-2023-6207 (bmo#1861344)
+    Use-after-free in ReadableByteStreamQueueEntry::Buffer
+  * CVE-2023-6208 (bmo#1855345)
+    Using Selection API would copy contents into X11 primary
+    selection.
+  * CVE-2023-6209 (bmo#1858570)
+    Incorrect parsing of relative URLs starting with "///"
+  * CVE-2023-6212 (bmo#1658432, bmo#1820983, bmo#1829252, bmo#1856072,
+    bmo#1856091, bmo#1859030, bmo#1860943, bmo#1862782)
+    Memory safety bugs fixed in Firefox 120, Firefox ESR 115.5,
+    and Thunderbird 115.5
+
 -------------------------------------------------------------------
 Wed Nov 15 13:28:03 UTC 2023 - Wolfgang Rosenauer <wr@rosenauer.org>
 
diff --git a/MozillaThunderbird.spec b/MozillaThunderbird.spec
index 323800b..1e2c9f5 100644
--- a/MozillaThunderbird.spec
+++ b/MozillaThunderbird.spec
@@ -29,8 +29,8 @@
 # major 69
 # mainver %%major.99
 %define major          115
-%define mainver        %major.4.3
-%define orig_version   115.4.3
+%define mainver        %major.5.0
+%define orig_version   115.5.0
 %define orig_suffix    %nil
 %define update_channel release
 %define source_prefix  thunderbird-%{orig_version}
diff --git a/l10n-115.4.3.tar.xz b/l10n-115.4.3.tar.xz
deleted file mode 100644
index bb3b741..0000000
--- a/l10n-115.4.3.tar.xz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:38f257c35a08d2d39369e19204c44fec874d3e4ae657cf76f9266df14ea9d8da
-size 27887636
diff --git a/l10n-115.5.0.tar.xz b/l10n-115.5.0.tar.xz
new file mode 100644
index 0000000..9b9d4ba
--- /dev/null
+++ b/l10n-115.5.0.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:49db30a8801647c893cca54dad1fed0eef49b10dee67572138cd384a2f68f83a
+size 27918176
diff --git a/tar_stamps b/tar_stamps
index 0fbd4bd..633f783 100644
--- a/tar_stamps
+++ b/tar_stamps
@@ -1,10 +1,10 @@
 PRODUCT="thunderbird"
 CHANNEL="esr115"
-VERSION="115.4.3"
+VERSION="115.5.0"
 VERSION_SUFFIX=""
-PREV_VERSION="115.4.2"
+PREV_VERSION="115.4.3"
 PREV_VERSION_SUFFIX=""
 #SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
 RELEASE_REPO="https://hg.mozilla.org/releases/comm-esr115"
-RELEASE_TAG="39b85d51fd523e0ff287ea6a635019907fd943de"
-RELEASE_TIMESTAMP="20231113191723"
+RELEASE_TAG="e199b83e0bd27d612d3dc2673e7b2285e93c783c"
+RELEASE_TIMESTAMP="20231120220011"
diff --git a/thunderbird-115.4.3.source.tar.xz b/thunderbird-115.4.3.source.tar.xz
deleted file mode 100644
index 07a58bc..0000000
--- a/thunderbird-115.4.3.source.tar.xz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:bf21b245b4451f402e48fc95ff72e72b91689cdbe98ec1d0fa3fac34e9abfc09
-size 533328212
diff --git a/thunderbird-115.4.3.source.tar.xz.asc b/thunderbird-115.4.3.source.tar.xz.asc
deleted file mode 100644
index 9d887d5..0000000
--- a/thunderbird-115.4.3.source.tar.xz.asc
+++ /dev/null
@@ -1,16 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iQIzBAABCgAdFiEErdcHlHlwDcrf3VM34207E/PZMnQFAmVSqMIACgkQ4207E/PZ
-MnSlzBAApDngPYWo35oJ7XtUyMkPtKkhiV2icgBmY6XYYs9Ppg3DF5/+twkZnJEv
-m4T6LehIPLoXtWmLd7aP8CLM/Z7V+ZLq43bKbb8rldOjcUVmTH8kABg/Y+azXE21
-XHD4KAaIuwaBPGs89k4b2jlsvcblbED0zT1oWjbVCI1ylZ4nfe2jehI5bemfIe3m
-Qa/QCBv60Sal3BWuzJoSZBxsu2vvCSwgp6Ul4tcoaY+fgsA0UBldZdM5g8Rsqdc9
-8NSyMaWBPGujziVhzFSM1hAaifUnWFSpEGBMzUwyL+5tnOckgKBuKsd2LzZe2e4p
-txOEa6ezfSIB24eaPh7o1Cg4Tyr9ECpd69qoXR7l2CKEoKuPa4DxtLQiXbxWaNMw
-GzV4Q22g7J6FKLV6k3QAYGIuaUM8WzZ5WHSCFbViubSRTnmiFh+mi3mYyGKP/FMo
-r4eKk69s9LgFLeY56IldzaEoYNHuWzNKxYylLaC6eio2SBpAjl9opEkv0UuOGvTd
-J19JqP4KxTNYnnzt0iLEClimWTpwQoIiwQ+hbcB9n8h6DOQ8R3SOdztAuhcaioCz
-dKjCfQhb17qUMlocMnv7t97EQfPhhLTmHDTScnbVPUslL19jADdny/2/moS2qvMN
-fQGuz/KczMCOm5wiLzZ2F5traHbfud+vnHSs+mXCuEndCk0BAaY=
-=akNY
------END PGP SIGNATURE-----
diff --git a/thunderbird-115.5.0.source.tar.xz b/thunderbird-115.5.0.source.tar.xz
new file mode 100644
index 0000000..7eecbf2
--- /dev/null
+++ b/thunderbird-115.5.0.source.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:dc24886b2d2223d23141dbfb29855c0254de2603bd829d4cbc7dc4ea2ac711fa
+size 535406304
diff --git a/thunderbird-115.5.0.source.tar.xz.asc b/thunderbird-115.5.0.source.tar.xz.asc
new file mode 100644
index 0000000..81b192f
--- /dev/null
+++ b/thunderbird-115.5.0.source.tar.xz.asc
@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCgAdFiEErdcHlHlwDcrf3VM34207E/PZMnQFAmVb/5wACgkQ4207E/PZ
+MnTUvw//ZWCoLQAdW7dD5H6tKQuLzf3Y75Uktuvbp9SMdbZak7A1kL/WzJ5vHc+d
+vrZmOU2r2XJFRq+MFWCWSx4idxfNZrRX+Vxyhx+SBbDDmwewaCmTwQrauE/ENU2S
+d8EJinkTYKxPMn3i/E+erN5n/5eKGXhV6vNTOtQHXwttIRqyYBqhRoyiD18Fx0Xh
+zwFGgc2+R5ohlyKOvbeaM6M6FLBtDtwsgoOF8rDHc+pMavA4lrgmeVp6bgZrs22D
+rOjSdZjVx80zc4qmqpiQwXtBL4Pf1VXchLs/AoS9PK6A1OOWehD/js5vYEQv9PwX
+IGqlf1C73pgdmqww52Wa48VM/mNw4rrBDYdS7PhmMqHZG6SyqtdfXG8A9pf0C8l6
+iYulJTq2ffK4wJQfO6Yobbsk3z5WeMZYWPQ/vAiumQJNlCHI79iTKOjsMm7mk/TB
+VWYAWVuYjGzg6BbvUO+a3Yp6Z7fkswijZRllLc3qshhcqoA2/z+qkPHGBOL2GXvC
+KOItJVs14PlZi1JZwmsnqnTM1VLh+fhpjsW2icDelxOe0o3mBrCoxgAQf+wlnNdL
+s/PYAFL86mlX9pGSMsEjF8labZ84TsHSq/VODhB5XqFQO3bzU/cz+Lm18FBIFvdb
+lfRSIWhcK13+zShmw0exUYi0ad7pPTGOm+H6yVq48hQ1y1y+4k4=
+=oyj5
+-----END PGP SIGNATURE-----

From 480e0302f01f7b2f836bc6e7429f4eb120fcac88d01ec8b98a887f36f8b1d4dd Mon Sep 17 00:00:00 2001
From: Wolfgang Rosenauer <wolfgang@rosenauer.org>
Date: Thu, 23 Nov 2023 08:16:17 +0000
Subject: [PATCH 2/2] MFSA 2023-52 (bsc#1217230)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=735
---
 MozillaThunderbird.changes | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/MozillaThunderbird.changes b/MozillaThunderbird.changes
index 369aaa6..99dabaa 100644
--- a/MozillaThunderbird.changes
+++ b/MozillaThunderbird.changes
@@ -3,7 +3,7 @@ Wed Nov 22 06:28:54 UTC 2023 - Wolfgang Rosenauer <wr@rosenauer.org>
 
 - Mozilla Thunderbird 115.5.0
   https://www.thunderbird.net/en-US/thunderbird/115.5.0/releasenotes
-  MFSA 2023-52 (bsc#)
+  MFSA 2023-52 (bsc#1217230)
   * CVE-2023-6204 (bmo#1841050)
     Out-of-bound memory access in WebGL2 blitFramebuffer
   * CVE-2023-6205 (bmo#1854076)