- update to Thunderbird 52.5.2

* This releases fixes the "Mailsploit" vulnerability and other
    vulnerabilities detected by the "Cure53" audit
  MFSA 2017-30
  * CVE-2017-7845 (bmo#1402372)
    Buffer overflow when drawing and validating elements with ANGLE
    library using Direct 3D 9
  * CVE-2017-7846 (bmo#1411716)
    JavaScript Execution via RSS in mailbox:// origin
  * CVE-2017-7847 (bmo#1411708)
    Local path string can be leaked from RSS feed
  * CVE-2017-7848 (bmo#1411699)
    RSS Feed vulnerable to new line Injection
  * CVE-2017-7829 (bmo#1423432)
    Mailsploit part 1: From address with encoded null character is
    cut off in message header display

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=394

MozillaThunderbird.changes

@@ -1,3 +1,23 @@
+-------------------------------------------------------------------
+Sat Dec 23 18:36:42 UTC 2017 - wr@rosenauer.org
+
+- update to Thunderbird 52.5.2
+  * This releases fixes the "Mailsploit" vulnerability and other
+    vulnerabilities detected by the "Cure53" audit
+  MFSA 2017-30
+  * CVE-2017-7845 (bmo#1402372)
+    Buffer overflow when drawing and validating elements with ANGLE
+    library using Direct 3D 9
+  * CVE-2017-7846 (bmo#1411716)
+    JavaScript Execution via RSS in mailbox:// origin
+  * CVE-2017-7847 (bmo#1411708)
+    Local path string can be leaked from RSS feed
+  * CVE-2017-7848 (bmo#1411699)
+    RSS Feed vulnerable to new line Injection
+  * CVE-2017-7829 (bmo#1423432)
+    Mailsploit part 1: From address with encoded null character is
+    cut off in message header display
+
 -------------------------------------------------------------------
 Fri Dec  8 15:53:30 UTC 2017 - dimstar@opensuse.org
 

MozillaThunderbird.spec

@@ -17,9 +17,9 @@
 #
 
 
-%define mainversion 52.5.0
+%define mainversion 52.5.2
 %define update_channel release
-%define releasedate 201711210000
+%define releasedate 201712220000
 
 %bcond_without mozilla_tb_kde4
 %bcond_with    mozilla_tb_valgrind

compare-locales.tar.xz

@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:1b49c2014db3bd6fc015c950f5f1b7dba25e99d89ac7646658514f6129976ae6
-size 28388
+oid sha256:a2b34b61f64bf1c9715f218b9dab90fb95eb15c9e29cc3195ac9a2546666ec36
+size 28376

create-tar.sh

@@ -2,8 +2,8 @@
 
 CHANNEL="esr52"
 BRANCH="releases/comm-$CHANNEL"
-RELEASE_TAG="THUNDERBIRD_52_5_0_RELEASE"
-VERSION="52.5.0"
+RELEASE_TAG="THUNDERBIRD_52_5_2_RELEASE"
+VERSION="52.5.2"
 
 echo "cloning $BRANCH..."
 hg clone http://hg.mozilla.org/$BRANCH thunderbird

l10n-52.5.0.tar.xz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:7a924cf19c3ecd601d2004ba0166b9b28f331153355ef5478358605aeb3650d0
-size 26215464

l10n-52.5.2.tar.xz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:1ce68842f35878969a160d4e4b68ff80eb26dce18d00040279fc9b7e685ea729
+size 26212512

thunderbird-52.5.0-source.tar.xz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:57246e6a6a3ae40f3ed21a2f43ee6589b2c77383af9f0d238ead262d0612a236
-size 242215136

thunderbird-52.5.2-source.tar.xz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:5bd859d3e940df6bfef46dfd5a9300b618d6557406c0d66e7c41af444541a662
+size 242240724