From 86366658fee4d0983dba30bc25527a6b189ab8e3ca1a20d016e3e01ba901dc0f Mon Sep 17 00:00:00 2001
From: Wolfgang Rosenauer <wolfgang@rosenauer.org>
Date: Thu, 28 Sep 2017 08:25:59 +0000
Subject: [PATCH 1/3] Accepting request 529099 from home:dimstar:Factory

- Add alsa-devel BuildRequires: we care for ALSA support to be
  built and thus need to ensure we get the dependencies in place.
  In the past, alsa-devel was pulled in by accident: we
  buildrequire libgnome-devel. This required esound-devel and that
  in turn pulled in alsa-devel for us. libgnome is being fixed to
  no longer require esound-devel.

OBS-URL: https://build.opensuse.org/request/show/529099
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=384
---
 MozillaThunderbird.changes | 10 ++++++++++
 MozillaThunderbird.spec    |  1 +
 2 files changed, 11 insertions(+)

diff --git a/MozillaThunderbird.changes b/MozillaThunderbird.changes
index 288bc3c..650c631 100644
--- a/MozillaThunderbird.changes
+++ b/MozillaThunderbird.changes
@@ -1,3 +1,13 @@
+-------------------------------------------------------------------
+Thu Sep 28 07:56:22 UTC 2017 - dimstar@opensuse.org
+
+- Add alsa-devel BuildRequires: we care for ALSA support to be
+  built and thus need to ensure we get the dependencies in place.
+  In the past, alsa-devel was pulled in by accident: we
+  buildrequire libgnome-devel. This required esound-devel and that
+  in turn pulled in alsa-devel for us. libgnome is being fixed to
+  no longer require esound-devel.
+
 -------------------------------------------------------------------
 Tue Aug 15 12:48:43 UTC 2017 - wr@rosenauer.org
 
diff --git a/MozillaThunderbird.spec b/MozillaThunderbird.spec
index 970248f..ab15e7e 100644
--- a/MozillaThunderbird.spec
+++ b/MozillaThunderbird.spec
@@ -31,6 +31,7 @@
 
 Name:           MozillaThunderbird
 BuildRequires:  Mesa-devel
+BuildRequires:  alsa-devel
 BuildRequires:  autoconf213
 BuildRequires:  dbus-1-glib-devel
 BuildRequires:  fdupes

From 5a7900b24ae2112b3be5cc9e8bdb0410046110c14eb2b48526d49cb7b2e26a09 Mon Sep 17 00:00:00 2001
From: Wolfgang Rosenauer <wolfgang@rosenauer.org>
Date: Wed, 4 Oct 2017 15:11:54 +0000
Subject: [PATCH 2/3] Accepting request 531253 from
 home:AndreasStieger:branches:mozilla:Factory

Mozilla Thunderbird 52.4.0 (bsc#1060445)
MFSA/CVEs still missing...

OBS-URL: https://build.opensuse.org/request/show/531253
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=385
---
 MozillaThunderbird.changes       | 5 +++++
 MozillaThunderbird.spec          | 4 ++--
 compare-locales.tar.xz           | 4 ++--
 create-tar.sh                    | 4 ++--
 l10n-52.3.0.tar.xz               | 3 ---
 l10n-52.4.0.tar.xz               | 3 +++
 thunderbird-52.3.0-source.tar.xz | 3 ---
 thunderbird-52.4.0-source.tar.xz | 3 +++
 8 files changed, 17 insertions(+), 12 deletions(-)
 delete mode 100644 l10n-52.3.0.tar.xz
 create mode 100644 l10n-52.4.0.tar.xz
 delete mode 100644 thunderbird-52.3.0-source.tar.xz
 create mode 100644 thunderbird-52.4.0-source.tar.xz

diff --git a/MozillaThunderbird.changes b/MozillaThunderbird.changes
index 650c631..26bd4ee 100644
--- a/MozillaThunderbird.changes
+++ b/MozillaThunderbird.changes
@@ -1,3 +1,8 @@
+-------------------------------------------------------------------
+Wed Oct  4 09:18:39 UTC 2017 - astieger@suse.com
+
+- Mozilla Thunderbird 52.4.0 (bsc#1060445)
+
 -------------------------------------------------------------------
 Thu Sep 28 07:56:22 UTC 2017 - dimstar@opensuse.org
 
diff --git a/MozillaThunderbird.spec b/MozillaThunderbird.spec
index ab15e7e..fa19720 100644
--- a/MozillaThunderbird.spec
+++ b/MozillaThunderbird.spec
@@ -17,9 +17,9 @@
 #
 
 
-%define mainversion 52.3.0
+%define mainversion 52.4.0
 %define update_channel release
-%define releasedate 201708150000
+%define releasedate 201710030000
 
 %bcond_without mozilla_tb_kde4
 %bcond_with    mozilla_tb_valgrind
diff --git a/compare-locales.tar.xz b/compare-locales.tar.xz
index 1c8c532..a109cbb 100644
--- a/compare-locales.tar.xz
+++ b/compare-locales.tar.xz
@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:002e2f18cfead15ccd76384d74fa11ef5c387cc4d755d0fd71f224757401c6ed
-size 28388
+oid sha256:130eda0cb593149056c648b60c8febe5903577d41ed5913bfb8c76757824ee58
+size 28484
diff --git a/create-tar.sh b/create-tar.sh
index 1bb2858..a46660b 100644
--- a/create-tar.sh
+++ b/create-tar.sh
@@ -2,8 +2,8 @@
 
 CHANNEL="esr52"
 BRANCH="releases/comm-$CHANNEL"
-RELEASE_TAG="THUNDERBIRD_52_3_0_RELEASE"
-VERSION="52.3.0"
+RELEASE_TAG="THUNDERBIRD_52_4_0_RELEASE"
+VERSION="52.4.0"
 
 echo "cloning $BRANCH..."
 hg clone http://hg.mozilla.org/$BRANCH thunderbird
diff --git a/l10n-52.3.0.tar.xz b/l10n-52.3.0.tar.xz
deleted file mode 100644
index 8590c22..0000000
--- a/l10n-52.3.0.tar.xz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:f56155398b572408b653ab0079e32308270ee5aea3a405399e4687ce5caf2f16
-size 26247324
diff --git a/l10n-52.4.0.tar.xz b/l10n-52.4.0.tar.xz
new file mode 100644
index 0000000..93fe0c1
--- /dev/null
+++ b/l10n-52.4.0.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:944cf1027aaee2dcb6f02cf75fe378453598acad289e5d1350ae424ef8434888
+size 26055836
diff --git a/thunderbird-52.3.0-source.tar.xz b/thunderbird-52.3.0-source.tar.xz
deleted file mode 100644
index 0b401ff..0000000
--- a/thunderbird-52.3.0-source.tar.xz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:9e85a68b6d24de1d6dcaa9e5d3b491158c975fc2f895560ef29716c508f99f07
-size 240356760
diff --git a/thunderbird-52.4.0-source.tar.xz b/thunderbird-52.4.0-source.tar.xz
new file mode 100644
index 0000000..e3debb1
--- /dev/null
+++ b/thunderbird-52.4.0-source.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:74b3a5fbc67037718747c84810442550eb78fd4d7e603059616d47562d0e67f7
+size 241677432

From c0196e9638fe2225aa2e978ccef38491a158a544968488164bb0013e0a49652c Mon Sep 17 00:00:00 2001
From: Wolfgang Rosenauer <wolfgang@rosenauer.org>
Date: Fri, 6 Oct 2017 20:50:03 +0000
Subject: [PATCH 3/3] * new behavior was introduced for replies to mailing list
 posts:     "When replying to a mailing list, reply will be sent to address   
  in From header ignoring Reply-to header". A new preference    
 mail.override_list_reply_to allows to restore the previous behavior.   *
 Under certain circumstances (image attachment and non-image     attachment),
 attached images were shown truncated in messages     stored in IMAP folders
 not synchronised for offline use.   * IMAP UIDs > 0x7FFFFFFF now handled
 properly   Security fixes from Gecko 52.4esr   * CVE-2017-7793 (bmo#1371889) 
    Use-after-free with Fetch API   * CVE-2017-7818 (bmo#1363723)    
 Use-after-free during ARIA array manipulation   * CVE-2017-7819 (bmo#1380292)
     Use-after-free while resizing images in design mode   * CVE-2017-7824
 (bmo#1398381)     Buffer overflow when drawing and validating elements with
 ANGLE   * CVE-2017-7805 (bmo#1377618) (fixed via NSS requirement)    
 Use-after-free in TLS 1.2 generating handshake hashes   * CVE-2017-7814
 (bmo#1376036)     Blob and data URLs bypass phishing and malware protection
 warnings   * CVE-2017-7825 (bmo#1393624, bmo#1390980) (OSX-only)     OS X
 fonts render some Tibetan and Arabic unicode characters as spaces   *
 CVE-2017-7823 (bmo#1396320)     CSP sandbox directive did not create a unique
 origin   * CVE-2017-7810     Memory safety bugs fixed in Firefox 56 and
 Firefox ESR 52.4

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=386
---
 MozillaThunderbird.changes       | 27 +++++++++++++++++++++++++++
 MozillaThunderbird.spec          |  4 ++--
 compare-locales.tar.xz           |  4 ++--
 l10n-52.4.0.tar.xz               |  4 ++--
 thunderbird-52.4.0-source.tar.xz |  4 ++--
 5 files changed, 35 insertions(+), 8 deletions(-)

diff --git a/MozillaThunderbird.changes b/MozillaThunderbird.changes
index 26bd4ee..4d1a24a 100644
--- a/MozillaThunderbird.changes
+++ b/MozillaThunderbird.changes
@@ -2,6 +2,33 @@
 Wed Oct  4 09:18:39 UTC 2017 - astieger@suse.com
 
 - Mozilla Thunderbird 52.4.0 (bsc#1060445)
+  * new behavior was introduced for replies to mailing list posts:
+    "When replying to a mailing list, reply will be sent to address
+    in From header ignoring Reply-to header". A new preference
+    mail.override_list_reply_to allows to restore the previous behavior.
+  * Under certain circumstances (image attachment and non-image
+    attachment), attached images were shown truncated in messages
+    stored in IMAP folders not synchronised for offline use.
+  * IMAP UIDs > 0x7FFFFFFF now handled properly
+  Security fixes from Gecko 52.4esr
+  * CVE-2017-7793 (bmo#1371889)
+    Use-after-free with Fetch API
+  * CVE-2017-7818 (bmo#1363723)
+    Use-after-free during ARIA array manipulation
+  * CVE-2017-7819 (bmo#1380292)
+    Use-after-free while resizing images in design mode
+  * CVE-2017-7824 (bmo#1398381)
+    Buffer overflow when drawing and validating elements with ANGLE
+  * CVE-2017-7805 (bmo#1377618) (fixed via NSS requirement)
+    Use-after-free in TLS 1.2 generating handshake hashes
+  * CVE-2017-7814 (bmo#1376036)
+    Blob and data URLs bypass phishing and malware protection warnings
+  * CVE-2017-7825 (bmo#1393624, bmo#1390980) (OSX-only)
+    OS X fonts render some Tibetan and Arabic unicode characters as spaces
+  * CVE-2017-7823 (bmo#1396320)
+    CSP sandbox directive did not create a unique origin
+  * CVE-2017-7810
+    Memory safety bugs fixed in Firefox 56 and Firefox ESR 52.4
 
 -------------------------------------------------------------------
 Thu Sep 28 07:56:22 UTC 2017 - dimstar@opensuse.org
diff --git a/MozillaThunderbird.spec b/MozillaThunderbird.spec
index fa19720..d87c024 100644
--- a/MozillaThunderbird.spec
+++ b/MozillaThunderbird.spec
@@ -19,7 +19,7 @@
 
 %define mainversion 52.4.0
 %define update_channel release
-%define releasedate 201710030000
+%define releasedate 201710040000
 
 %bcond_without mozilla_tb_kde4
 %bcond_with    mozilla_tb_valgrind
@@ -43,7 +43,7 @@ BuildRequires:  libgnomeui-devel
 BuildRequires:  libidl-devel
 BuildRequires:  libnotify-devel
 BuildRequires:  mozilla-nspr-devel >= 4.13.1
-BuildRequires:  mozilla-nss-devel >= 3.28.5
+BuildRequires:  mozilla-nss-devel >= 3.28.6
 BuildRequires:  python
 BuildRequires:  startup-notification-devel
 BuildRequires:  unzip
diff --git a/compare-locales.tar.xz b/compare-locales.tar.xz
index a109cbb..60115dc 100644
--- a/compare-locales.tar.xz
+++ b/compare-locales.tar.xz
@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:130eda0cb593149056c648b60c8febe5903577d41ed5913bfb8c76757824ee58
-size 28484
+oid sha256:ff8e61e8497eedc3c4526d40bac0a1ef00621cebc68ef0bbd652c26edca0071d
+size 28372
diff --git a/l10n-52.4.0.tar.xz b/l10n-52.4.0.tar.xz
index 93fe0c1..9a6b1b2 100644
--- a/l10n-52.4.0.tar.xz
+++ b/l10n-52.4.0.tar.xz
@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:944cf1027aaee2dcb6f02cf75fe378453598acad289e5d1350ae424ef8434888
-size 26055836
+oid sha256:636948bdb506cf2a31cac5a0398166eb26ad119d7a0850b4dc648339ff0abb8b
+size 26197408
diff --git a/thunderbird-52.4.0-source.tar.xz b/thunderbird-52.4.0-source.tar.xz
index e3debb1..7a9a319 100644
--- a/thunderbird-52.4.0-source.tar.xz
+++ b/thunderbird-52.4.0-source.tar.xz
@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:74b3a5fbc67037718747c84810442550eb78fd4d7e603059616d47562d0e67f7
-size 241677432
+oid sha256:e89f460319d4671b86d99815300c27523d7a07a3952374f6ccfdc028cd59dc30
+size 240372488