OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=30

2009-04-15 15:06:45 +00:00 · 2009-04-15 15:06:45 +00:00 · b6733ba4ba
commit b6733ba4ba
parent ac76e41f47
6 changed files with 37 additions and 16 deletions
--- a/MozillaThunderbird.changes
+++ b/MozillaThunderbird.changes
@ -1,3 +1,15 @@
+-------------------------------------------------------------------
+Wed Mar 18 14:52:14 CET 2009 - wr@rosenauer.org
+
+- security update to version 2.0.0.21 (bnc#484321)
+  * MFSA 2009-07/CVE-2009-0771, CVE-2009-0772, CVE-2009-0773
+    CVE-2009-0774:
+    Crashes with evidence of memory corruption (rv:1.9.0.7)
+  * MFSA 2009-09/CVE-2009-0776:
+    XML data theft via RDFXMLDataSource and cross-domain redirect
+  * MFSA 2009-10/CVE-2009-0040:
+    Upgrade PNG library to fix memory safety hazards
+
 -------------------------------------------------------------------
 Fri Jan  2 13:51:19 EST 2009 - hfiguiere@suse.de

--- a/MozillaThunderbird.spec
+++ b/MozillaThunderbird.spec
@ -1,5 +1,5 @@
 #
-# spec file for package MozillaThunderbird (Version 2.0.0.19)
+# spec file for package MozillaThunderbird (Version 2.0.0.21)
 #
 # Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
@ -37,7 +37,7 @@ BuildRequires:  freetype2-devel popt-devel
 BuildRequires:  gnome-vfs2 libgnome libgnomeui pkgconfig
 %endif
 License:        GPL v2 or later; LGPL v2.1 or later; MOZILLA PUBLIC LICENSE (MPL/NPL)
-Version:        2.0.0.19
+Version:        2.0.0.21
 Release:        1
 Summary:        The Stand-Alone Mozilla Mail Component
 Url:            http://www.mozilla.org/products/thunderbird/
@ -100,7 +100,7 @@ Requires:       mozilla-nspr >= %(rpm -q --queryformat '%{VERSION}' mozilla-nspr
 BuildRequires:  mozilla-nss-devel
 %endif
 %define _unpackaged_files_terminate_build 0
-%define releasedate 2008122700
+%define releasedate 2009031000
 %define progname thunderbird
 %define progdir %{_prefix}/%_lib/thunderbird
 %define my_provides /tmp/my-provides
@ -695,6 +695,15 @@ exit 0
 %{_bindir}/thunderbird-config

 %changelog
+* Wed Mar 18 2009 wr@rosenauer.org
+- security update to version 2.0.0.21 (bnc#484321)
+  * MFSA 2009-07/CVE-2009-0771, CVE-2009-0772, CVE-2009-0773
+  CVE-2009-0774:
+  Crashes with evidence of memory corruption (rv:1.9.0.7)
+  * MFSA 2009-09/CVE-2009-0776:
+  XML data theft via RDFXMLDataSource and cross-domain redirect
+  * MFSA 2009-10/CVE-2009-0040:
+  Upgrade PNG library to fix memory safety hazards
 * Fri Jan 02 2009 hfiguiere@suse.de
 - Review and approve changes.
 * Wed Dec 31 2008 wr@rosenauer.org
@ -719,7 +728,7 @@ exit 0
  sharing with other applications using NSS
  (same functionality as in xulrunner/firefox)
  (can be disabled completely exporting MOZ_TB_NO_NSSHELPER=1)
-* Thu Nov 20 2008 maw@suse.de
+* Fri Nov 21 2008 maw@suse.de
 - Review and approve changes.
 * Thu Nov 13 2008 wr@rosenauer.org
 - security update to version 2.0.0.18 (bnc#439841)
@ -857,7 +866,7 @@ exit 0
 - Update to enigmail 0.95.2.
 * Thu Jun 21 2007 adrian@suse.de
 - fix changelog entry order
-* Fri Jun 15 2007 maw@suse.de
+* Sat Jun 16 2007 maw@suse.de
 - Merge update to 2.0.0.4 from the build service (thanks, Wolfgang)
 - Remove some commented out stuff.
 * Wed Jun 13 2007 wr@rosenauer.org
@ -904,9 +913,9 @@ exit 0
 - fixed check in add-plugins.sh (#242237)
 * Tue Jan 30 2007 maw@suse.de
 - Add thunderbird-1.5.0.8-uninitalized-vars-232305.patch (#232305).
-* Thu Jan 18 2007 maw@suse.de
+* Fri Jan 19 2007 maw@suse.de
 - Add undefined-ops.patch, silencing some warnings.
-* Wed Nov 08 2006 jhargadon@suse.de
+* Thu Nov 09 2006 jhargadon@suse.de
 - security update to version 1.5.0.8
 * Tue Sep 12 2006 stark@suse.de
 - security update to version 1.5.0.7
@ -918,7 +927,7 @@ exit 0
  ReplyToListThunderbirdExtension (#199125, bmo #45715)
 - added mailnews.clobber_list_reply pref which switches
  "Reply All" to "Reply List" functionality if set
-* Wed Jul 26 2006 stark@suse.de
+* Thu Jul 27 2006 stark@suse.de
 - security update to version 1.5.0.5 (#195043)
 - fixed overwrite confirmation for GTK filesaver (#179531)
 * Wed Jun 07 2006 stark@suse.de
@ -987,7 +996,7 @@ exit 0
 - added patch for GTK2 handling (#134831)
 * Fri Nov 25 2005 stark@suse.de
 - update to 1.5 (20051124)
-* Thu Oct 27 2005 stark@suse.de
+* Fri Oct 28 2005 stark@suse.de
 - update to latest 1.5 snapshot (20051027)
 - added patch to be able to reply to and forward rfc822 messages
  (bmo #204350)
@ -1034,7 +1043,7 @@ exit 0
 - fixed width calculation in Postscript module (bmo #290292)
 * Thu Jul 14 2005 stark@suse.de
 - fixed filelist to include icon-file and startscript again
-* Mon Jul 11 2005 stark@suse.de
+* Tue Jul 12 2005 stark@suse.de
 - fixed remote usage behaviour in start script (bnc #41903)
 - update to 1.0.5 security release
 - fixed quoting patch
--- a/l10n-2.0.0.19.tar.bz2
+++ b/l10n-2.0.0.19.tar.bz2
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:b0fd1a14c4668cb84d20b7dab60860cd92c0681421d62c6eef5f695e751ec4f7
-size 11055182
--- a/l10n-2.0.0.21.tar.bz2
+++ b/l10n-2.0.0.21.tar.bz2
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:f1f70948b2f30e2ab6f6811ae3884489cd7cb15ee1846c341144c559604a0d3e
+size 11051307
--- a/thunderbird-2.0.0.19-source.tar.bz2
+++ b/thunderbird-2.0.0.19-source.tar.bz2
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:434245683d19025f1c3dc18e324ed937f8cd108d39b312ed79e91a4d15879dc7
-size 43313878
--- a/thunderbird-2.0.0.21-source.tar.bz2
+++ b/thunderbird-2.0.0.21-source.tar.bz2
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:15bb785c5b44115b78fa72884b3d6194e15c98fc6e0e5e56ce73ace92e2eb865
+size 43339888