commit d53c49e08153cd01295f62ecafb77d377783a6a77f55f1d214356d59cfe0767f
Author: Wolfgang Rosenauer <wolfgang@rosenauer.org>
Date: Sat Dec 14 14:13:35 2024 +0000
- Mozilla Thunderbird 128.5.2
* Large virtual folders could be very slow
* Message could disappear after moving from IMAP folder followed
by Undo and Redo
* XMPP chat did not display messages sent inside a CDATA element
* Selected calendar day did not move forward at midnight
* Today pane agenda sometimes scrolled for no apparent reason
* CalDAV calendars without offline support could degrade start-up
performance
* Visual and UX improvements
MFSA 2024-69
* CVE-2024-50336 (bmo#1929264)
matrix-js-sdk has insufficient MXC URI validation which could
allow client-side path traversal
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=792
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..9b03811
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,23 @@
+## Default LFS
+*.7z filter=lfs diff=lfs merge=lfs -text
+*.bsp filter=lfs diff=lfs merge=lfs -text
+*.bz2 filter=lfs diff=lfs merge=lfs -text
+*.gem filter=lfs diff=lfs merge=lfs -text
+*.gz filter=lfs diff=lfs merge=lfs -text
+*.jar filter=lfs diff=lfs merge=lfs -text
+*.lz filter=lfs diff=lfs merge=lfs -text
+*.lzma filter=lfs diff=lfs merge=lfs -text
+*.obscpio filter=lfs diff=lfs merge=lfs -text
+*.oxt filter=lfs diff=lfs merge=lfs -text
+*.pdf filter=lfs diff=lfs merge=lfs -text
+*.png filter=lfs diff=lfs merge=lfs -text
+*.rpm filter=lfs diff=lfs merge=lfs -text
+*.tbz filter=lfs diff=lfs merge=lfs -text
+*.tbz2 filter=lfs diff=lfs merge=lfs -text
+*.tgz filter=lfs diff=lfs merge=lfs -text
+*.ttf filter=lfs diff=lfs merge=lfs -text
+*.txz filter=lfs diff=lfs merge=lfs -text
+*.whl filter=lfs diff=lfs merge=lfs -text
+*.xz filter=lfs diff=lfs merge=lfs -text
+*.zip filter=lfs diff=lfs merge=lfs -text
+*.zst filter=lfs diff=lfs merge=lfs -text
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..57affb6
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+.osc
diff --git a/MozillaThunderbird.changes b/MozillaThunderbird.changes
new file mode 100644
index 0000000..38db769
--- /dev/null
+++ b/MozillaThunderbird.changes
@@ -0,0 +1,6888 @@
+-------------------------------------------------------------------
+Wed Dec 11 15:48:02 UTC 2024 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 128.5.2
+ * Large virtual folders could be very slow
+ * Message could disappear after moving from IMAP folder followed
+ by Undo and Redo
+ * XMPP chat did not display messages sent inside a CDATA element
+ * Selected calendar day did not move forward at midnight
+ * Today pane agenda sometimes scrolled for no apparent reason
+ * CalDAV calendars without offline support could degrade start-up
+ performance
+ * Visual and UX improvements
+ MFSA 2024-69
+ * CVE-2024-50336 (bmo#1929264)
+ matrix-js-sdk has insufficient MXC URI validation which could
+ allow client-side path traversal
+
+-------------------------------------------------------------------
+Tue Dec 3 07:41:29 UTC 2024 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 128.5.1
+ * Add end of year donation appeal
+ * Total message count for favorite folders did not work consistently
+
+-------------------------------------------------------------------
+Thu Nov 28 09:07:50 UTC 2024 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- make spec compatible with rpm < 4.17 again
+- correct appdata for different desktop filename
+
+-------------------------------------------------------------------
+Tue Nov 26 10:15:25 UTC 2024 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 128.5.0
+ * IMAP could crash when reading cached messages
+ * Enabling "Show Folder Size" on Maildir profile could render
+ Thunderbird unusable
+ * Messages corrupted by folder compaction were only fixed by user
+ intervention
+ * Reading a message from past the end of an mbox file did not
+ cause an error
+ * View -> Folders had duplicate F access keys
+ * Add-ons adding columns to the message list could fail and cause
+ display issue
+ * "Empty trash on exit" and "Expunge inbox on exit" did not
+ always work
+ * Selecting a display option in View -> Tasks did not apply in
+ the Task interface
+ MFSA 2024-68 (bsc#1233695)
+ * CVE-2024-11691 (bmo#1914707, bmo#1924184)
+ Memory corruption in Apple GPU drivers
+ * CVE-2024-11692 (bmo#1909535)
+ Select list elements could be shown over another site
+ * CVE-2024-11693 (bmo#1921458)
+ Download Protections were bypassed by .library-ms files on Windows
+ * CVE-2024-11694 (bmo#1924167)
+ CSP Bypass and XSS Exposure via Web Compatibility Shims
+ * CVE-2024-11695 (bmo#1925496)
+ URL Bar Spoofing via Manipulated Punycode and Whitespace Characters
+ * CVE-2024-11696 (bmo#1929600)
+ Unhandled Exception in Add-on Signature Verification
+ * CVE-2024-11697 (bmo#1842187)
+ Improper Keypress Handling in Executable File Confirmation Dialog
+ * CVE-2024-11698 (bmo#1916152)
+ Fullscreen Lock-Up When Modal Dialog Interrupts Transition on macOS
+ * CVE-2024-11699 (bmo#1880582, bmo#1929911)
+ Memory safety bugs fixed in Firefox 133, Thunderbird 133,
+ Firefox ESR 128.5, and Thunderbird 128.5
+- appid is thunderbird-esr currently; use the matching desktop
+ file name (boo#1233650)
+
+-------------------------------------------------------------------
+Wed Nov 20 07:36:02 UTC 2024 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 128.4.4
+ * QR codes were not scannable by Android app when using most
+ high-contrast themes
+ * Primary password prompt cancellation during mobile export was
+ confusing
+- revert using xdg-desktop-portal as some desktops have limited
+ support
+
+-------------------------------------------------------------------
+Sat Nov 9 16:26:41 UTC 2024 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 128.4.3
+ Fixes:
+ * Folder corruption could cause Thunderbird to freeze and become unusable
+ * Message corruption could be propagated when reading mbox
+ * Folder compaction was not abandoned on shutdown
+ * Folder compaction did not clean up on failure
+ * Collapsed NNTP thread incorrectly indicated there were unread messages
+ * Navigating to next unread message did not wait for all messages
+ to be loaded
+ * Applying column view to folder and children could break if folder
+ error occurred
+ * Remote content notifications were broken with encrypted messages
+ * Updating criteria of a saved search resulted in poor search performance
+ * Drop-downs may not work in some places
+ MFSA 2024-61
+ * CVE-2024-11159 (bmo#1925929)
+ Potential disclosure of plaintext in OpenPGP encrypted message
+- remove kmozillahelper support (boo#1226112)
+ * removed mozilla-kde.patch
+ * requires xdg-desktop-portal instead
+
+-------------------------------------------------------------------
+Wed Nov 6 19:54:16 UTC 2024 - Andreas Stieger <andreas.stieger@gmx.de>
+
+- Mozilla Thunderbird 128.4.2
+ * Increased the auto-compaction threshold to reduce the frequency
+ of compaction (bmo#1927656)
+ * fixed: New profile creation caused console errors (bmo#1912675)
+ * fixed: Repair folder could result in older messages showing
+ wrong date and time (bmo#1911916)
+ * fixed: Recently deleted messages could become undeleted if
+ message compaction failed (bmo#1924927)
+ * fixed: Visual and UX improvements
+ (bmo#1857413,bmo#1922934,bmo#1924437)
+ * fixed: Clicking on an HTML button could cause Thunderbird to
+ freeze (bmo#1879355)
+ * fixed: Messages could not be selected for dragging
+ (bmo#1887518)
+ * fixed: Could not open attached file in a MIME encrypted
+ message (bmo#1924637)
+ * fixed: Account creation "Setup Documentation" link was broken
+ (bmo#1925493)
+ * fixed: Unable to generate QR codes when exporting to mobile
+ in some cases (bmo#1928114)
+ * fixed: Operating system reauthentication was missing when
+ exporting QR codes for mobile (bmo#1928232)
+ * fixed: Could not drag all-day events from one day to another
+ in week view (bmo#1922944)
+
+-------------------------------------------------------------------
+Sat Nov 2 09:01:15 UTC 2024 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 128.4.1
+ * Add the 20 year donation appeal (bmo#192538)
+
+-------------------------------------------------------------------
+Wed Oct 30 13:51:30 UTC 2024 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 128.4.0
+ * Export Thunderbird account settings to Thunderbird Mobile via QRCode
+ Bugfixes:
+ * Unable to send an unencrypted response to an OpenPGP encrypted message
+ MFSA 2024-58 (bsc#1231879)
+ * CVE-2024-10458 (bmo#1921733)
+ Permission leak via embed or object elements
+ * CVE-2024-10459 (bmo#1919087)
+ Use-after-free in layout with accessibility
+ * CVE-2024-10460 (bmo#1912537)
+ Confusing display of origin for external protocol handler prompt
+ * CVE-2024-10461 (bmo#1914521)
+ XSS due to Content-Disposition being ignored in
+ multipart/x-mixed-replace response
+ * CVE-2024-10462 (bmo#1920423)
+ Origin of permission prompt could be spoofed by long URL
+ * CVE-2024-10463 (bmo#1920800)
+ Cross origin video frame leak
+ * CVE-2024-10464 (bmo#1913000)
+ History interface could have been used to cause a Denial of
+ Service condition in the browser
+ * CVE-2024-10465 (bmo#1918853)
+ Clipboard "paste" button persisted across tabs
+ * CVE-2024-10466 (bmo#1924154)
+ DOM push subscription message could hang Firefox
+ * CVE-2024-10467 (bmo#1829029, bmo#1888538, bmo#1900394, bmo#1904059,
+ bmo#1917742, bmo#1919809, bmo#1923706)
+ Memory safety bugs fixed in Firefox 132, Thunderbird 132,
+ Firefox ESR 128.4, and Thunderbird 128.4
+
+-------------------------------------------------------------------
+Wed Oct 23 06:45:00 UTC 2024 - Andreas Stieger <andreas.stieger@gmx.de>
+
+- Mozilla Thunderbird 128.3.3
+ * Files left over from failed folder compactions could use up
+ disk space (bmo#1878541)
+ * Message list returned to selected message after action on
+ another message (bmo#1917485)
+ * Some faulty messages were downloaded and never stored
+ (bmo#1923765)
+ * Messages could become corrupted during folder compaction
+ (bmo#1923747,bmo#1923541,bmo#1720047)
+ * Searching events by Location, Description, or URL failed
+ (bmo#1912710)
+ * "Remove All Shown" saved passwords deleted all logins if
+ filtered without results (bmo#601447)
+ * Calendar event updates were not always sent to attendees
+ (bmo#1877640)
+
+-------------------------------------------------------------------
+Wed Oct 16 14:52:43 UTC 2024 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 128.3.2
+ bugfix release:
+ https://www.thunderbird.net/en-US/thunderbird/128.3.2esr/releasenotes
+- bring back mozilla-bmo531915.patch to fix x86
+
+-------------------------------------------------------------------
+Thu Oct 10 17:11:15 UTC 2024 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 128.3.1
+ https://www.thunderbird.net/en-US/thunderbird/128.0esr/releasenotes/
+ and following release notes for minor version updates
+ MFSA 2024-52 (bsc#1231413)
+ * CVE-2024-9680 (bmo#1923344)
+ Use-after-free in Animation timeline
+ Mozilla Thunderbird 128.3.0
+ MFSA 2024-32 (128.0)
+ MFSA 2024-37 (128.1)
+ MFSA 2024-43 (128.2)
+ MFSA 2024-49 (128.3) (bsc#1230979)
+ * CVE-2024-9392 (bmo#1899154, bmo#1905843)
+ Compromised content process can bypass site isolation
+ * CVE-2024-9393 (bmo#1918301)
+ Cross-origin access to PDF contents through multipart responses
+ * CVE-2024-9394 (bmo#1918874)
+ Cross-origin access to JSON contents through multipart responses
+ * CVE-2024-8900 (bmo#1872841)
+ Clipboard write permission bypass
+ * CVE-2024-9396 (bmo#1912471)
+ Potential memory corruption may occur when cloning certain objects
+ * CVE-2024-9397 (bmo#1916659)
+ Potential directory upload bypass via clickjacking
+ * CVE-2024-9398 (bmo#1881037)
+ External protocol handlers could be enumerated via popups
+ * CVE-2024-9399 (bmo#1907726)
+ Specially crafted WebTransport requests could lead to denial
+ of service
+ * CVE-2024-9400 (bmo#1915249)
+ Potential memory corruption during JIT compilation
+ * CVE-2024-9401 (bmo#1872744, bmo#1897792, bmo#1911317, bmo#1916476)
+ Memory safety bugs fixed in Firefox 131, Firefox ESR 115.16,
+ Firefox ESR 128.3, Thunderbird 131, and Thunderbird 128.3
+ * CVE-2024-9402 (bmo#1872744, bmo#1897792, bmo#1911317, bmo#1913445,
+ bmo#1914106, bmo#1914475, bmo#1914963, bmo#1915008, bmo#1916476)
+ Memory safety bugs fixed in Firefox 131, Firefox ESR 128.3,
+ Thunderbird 131, and Thunderbird 128.3
+- removed obsolete patches
+ mozilla-bmo1504834-part3.patch
+ mozilla-bmo1512162.patch
+ mozilla-bmo1775202.patch
+ mozilla-bmo531915.patch
+ mozilla-fix-aarch64-libopus.patch
+ mozilla-fix-issues-with-llvm18.patch
+ mozilla-fix-top-level-asm.patch
+ mozilla-partial-revert-1768632.patch
+ mozilla-rust-disable-future-incompat.patch
+ thunderbird-fix-CVE-2024-34703.patch
+- new patch thunderbird-silence-no-return.patch
+- rebased
+ mozilla-bmo1504834-part1.patch
+ mozilla-kde.patch
+ mozilla-libavcodec58_91.patch
+ mozilla-silence-no-return-type.patch
+
+-------------------------------------------------------------------
+Fri Sep 6 08:55:26 UTC 2024 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 115.15.0
+ MFSA 2024-44 (bsc#1229821)
+ * CVE-2024-8381 (bmo#1912715)
+ Type confusion when looking up a property name in a "with"
+ block
+ * CVE-2024-8382 (bmo#1906744)
+ Internal event interfaces were exposed to web content when
+ browser EventHandler listener callbacks ran
+ * CVE-2024-8384 (bmo#1911288)
+ Garbage collection could mis-color cross-compartment objects
+ in OOM conditions
+
+-------------------------------------------------------------------
+Thu Aug 29 06:26:14 UTC 2024 - Manfred Hollstein <manfred.h@gmx.net>
+
+- Use gcc13 on Tumbleweed and where it is available.
+- Don't use gcc14 as sources don't compile.
+
+-------------------------------------------------------------------
+Fri Aug 2 07:08:03 UTC 2024 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 115.14.0
+ * When using an external installation of GnuPG, Thunderbird
+ occassionally sent/received corrupted messages (bmo#1898832)
+ * Users of external GnuPG were unable to decrypt incorrectly
+ encoded messages (bmo#1906903)
+ MFSA 2024-38 (bsc#1228648)
+ * CVE-2024-7519 (bmo#1902307)
+ Out of bounds memory access in graphics shared memory handling
+ * CVE-2024-7521 (bmo#1904644)
+ Incomplete WebAssembly exception handing
+ * CVE-2024-7522 (bmo#1906727)
+ Out of bounds read in editor component
+ * CVE-2024-7525 (bmo#1909298)
+ Missing permission check when creating a StreamFilter
+ * CVE-2024-7526 (bmo#1910306)
+ Uninitialized memory used by WebGL
+ * CVE-2024-7527 (bmo#1871303)
+ Use-after-free in JavaScript garbage collection
+ * CVE-2024-7529 (bmo#1903187)
+ Document content could partially obscure security prompts
+
+-------------------------------------------------------------------
+Wed Jul 10 05:23:45 UTC 2024 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 115.13.0
+ * After starting Thunderbird, the message list position was
+ sometimes set to an incorrect position
+ MFSA 2024-30 (bsc#1226316)
+ * CVE-2024-6600 (bmo#1888340)
+ Memory corruption in WebGL API
+ * CVE-2024-6601 (bmo#1890748)
+ Race condition in permission assignment
+ * CVE-2024-6602 (bmo#1895032)
+ Memory corruption in NSS
+ * CVE-2024-6603 (bmo#1895081)
+ Memory corruption in thread creation
+ * CVE-2024-6604 (bmo#1748105, bmo#1837550, bmo#1884266)
+ Memory safety bugs fixed in Firefox 128, Firefox ESR 115.13,
+ and Thunderbird 115.13
+
+-------------------------------------------------------------------
+Tue Jul 2 14:47:02 UTC 2024 - Martin Sirringhaus <martin.sirringhaus@suse.com>
+
+- Mozilla Thunderbird 115.12.2
+ * fixed: Annual Thunderbird Beta appeal intended for
+ Thunderbird 115.12.0 did not open as expected (bmo#1898084)
+- Mozilla Thunderbird 115.12.1
+ * 115.12.0 got pulled because of upstream automation process errors
+ and Windows installer signing changes.
+ No code changes, changelog is the same as 115.12.0 (bsc#1226495)
+- Added thunderbird-fix-CVE-2024-34703.patch (bsc#1227239)
+
+-------------------------------------------------------------------
+Mon Jun 17 07:43:27 UTC 2024 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 115.12.0
+ https://www.thunderbird.net/en-US/thunderbird/115.12.0/releasenotes
+ MFSA 2024-28 (bsc#1226027)
+ * CVE-2024-5702 (bmo#1193389)
+ Use-after-free in networking
+ * CVE-2024-5688 (bmo#1895086)
+ Use-after-free in JavaScript object transplant
+ * CVE-2024-5690 (bmo#1883693)
+ External protocol handlers leaked by timing attack
+ * CVE-2024-5691 (bmo#1888695)
+ Sandboxed iframes were able to bypass sandbox restrictions to
+ open a new window
+ * CVE-2024-5692 (bmo#1891234)
+ Bypass of file name restrictions during saving
+ * CVE-2024-5693 (bmo#1891319)
+ Cross-Origin Image leak via Offscreen Canvas
+ * CVE-2024-5696 (bmo#1896555)
+ Memory Corruption in Text Fragments
+ * CVE-2024-5700 (bmo#1862809, bmo#1889355, bmo#1893388, bmo#1895123)
+ Memory safety bugs fixed in Firefox 127, Firefox ESR 115.12,
+ and Thunderbird 115.12
+
+-------------------------------------------------------------------
+Wed May 29 06:30:51 UTC 2024 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 115.11.1
+ * Added a short anonymous survey that a small number of users will
+ be randomly asked to complete
+
+-------------------------------------------------------------------
+Tue May 14 21:57:55 UTC 2024 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 115.11.0
+ MFSA 2024-23 (bsc#1224056)
+ * CVE-2024-4367 (bmo#1893645)
+ Arbitrary JavaScript execution in PDF.js
+ * CVE-2024-4767 (bmo#1878577)
+ IndexedDB files retained in private browsing mode
+ * CVE-2024-4768 (bmo#1886082)
+ Potential permissions request bypass via clickjacking
+ * CVE-2024-4769 (bmo#1886108)
+ Cross-origin responses could be distinguished between script
+ and non-script content-types
+ * CVE-2024-4770 (bmo#1893270)
+ Use-after-free could occur when printing to PDF
+ * CVE-2024-4777 (bmo#1878199, bmo#1893340)
+ Memory safety bugs fixed in Firefox 126, Firefox ESR 115.11,
+ and Thunderbird 115.11
+
+-------------------------------------------------------------------
+Sat May 4 20:06:54 UTC 2024 - Andreas Stieger <andreas.stieger@gmx.de>
+
+- Mozilla Thunderbird 115.10.2:
+ https://www.thunderbird.net/en-US/thunderbird/115.10.2/releasenotes/
+ This release is identical to 115.10.1, other than changing the
+ Update channel for self-updating builds to ESR. (bmo#1893271)
+
+-------------------------------------------------------------------
+Fri Apr 19 06:34:22 UTC 2024 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 115.10.1
+ https://www.thunderbird.net/en-US/thunderbird/115.10.1/releasenotes/
+ * fixed hangup introduced with 115.10.0 (bmo#1891889)
+
+-------------------------------------------------------------------
+Sun Apr 14 11:09:32 UTC 2024 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 115.10.0
+ https://www.thunderbird.net/en-US/thunderbird/115.10.0/releasenotes/
+ MFSA 2024-20 (bsc#1222535)
+ * CVE-2024-3852 (bmo#1883542)
+ GetBoundName in the JIT returned the wrong object
+ * CVE-2024-3854 (bmo#1884552)
+ Out-of-bounds-read after mis-optimized switch statement
+ * CVE-2024-3857 (bmo#1886683)
+ Incorrect JITting of arguments led to use-after-free during
+ garbage collection
+ * CVE-2024-2609 (bmo#1866100)
+ Permission prompt input delay could expire when not in focus
+ * CVE-2024-3859 (bmo#1874489)
+ Integer-overflow led to out-of-bounds-read in the OpenType sanitizer
+ * CVE-2024-3861 (bmo#1883158)
+ Potential use-after-free due to AlignedBuffer self-move
+ * CVE-2024-3863 (bmo#1885855)
+ Download Protections were bypassed by .xrm-ms files on Windows
+ * CVE-2024-3302 (bmo#1881183)
+ Denial of Service using HTTP/2 CONTINUATION frames
+ * CVE-2024-3864 (bmo#1888333)
+ Memory safety bug fixed in Firefox 125, Firefox ESR 115.10,
+ and Thunderbird 115.10
+
+-------------------------------------------------------------------
+Wed Mar 20 13:55:26 UTC 2024 - Manfred Hollstein <manfred.h@gmx.net>
+
+- LLVM18 breaks building Thunderbird on Tumbleweed; add
+ * mozilla-fix-issues-with-llvm18.patch
+
+-------------------------------------------------------------------
+Sat Mar 16 11:41:27 UTC 2024 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 115.9.0
+ https://www.thunderbird.net/en-US/thunderbird/115.9.0/releasenotes/
+ MFSA 2024-14 (bsc#1221327)
+ * CVE-2024-0743 (bmo#1867408)
+ Crash in NSS TLS method
+ * CVE-2024-2605 (bmo#1872920)
+ Windows Error Reporter could be used as a Sandbox escape vector
+ * CVE-2024-2607 (bmo#1879939)
+ JIT code failed to save return registers on Armv7-A
+ * CVE-2024-2608 (bmo#1880692)
+ Integer overflow could have led to out of bounds write
+ * CVE-2024-2616 (bmo#1846197)
+ Improve handling of out-of-memory conditions in ICU
+ * CVE-2023-5388 (bmo#1780432)
+ NSS susceptible to timing attack against RSA decryption
+ * CVE-2024-2610 (bmo#1871112)
+ Improper handling of html and body tags enabled CSP nonce leakage
+ * CVE-2024-2611 (bmo#1876675)
+ Clickjacking vulnerability could have led to a user accidentally
+ granting permissions
+ * CVE-2024-2612 (bmo#1879444)
+ Self referencing object could have potentially led to a use-
+ after-free
+ * CVE-2024-2614 (bmo#1685358, bmo#1861016, bmo#1880405, bmo#1881093)
+ Memory safety bugs fixed in Firefox 124, Firefox ESR 115.9,
+ and Thunderbird 115.9
+
+-------------------------------------------------------------------
+Tue Mar 5 08:13:43 UTC 2024 - Adam Mizerski <adam@mizerski.pl>
+
+- Create subpackage MozillaThunderbird-openpgp-librnp
+
+-------------------------------------------------------------------
+Tue Mar 5 09:09:34 CET 2024 - Wolfgang Rosenauer <wr@@rosenauer.org>
+
+- Mozilla Thunderbird 115.8.1
+ https://www.thunderbird.net/en-US/thunderbird/115.8.1/releasenotes/
+ MFSA 2024-11
+ * CVE-2024-1936 (bmo#1860977)
+ Leaking of encrypted email subjects to other conversations
+
+-------------------------------------------------------------------
+Mon Feb 19 22:01:04 UTC 2024 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 115.8.0
+ MFSA 2024-07 (bsc#1220048)
+ * CVE-2024-1546 (bmo#1843752)
+ Out-of-bounds memory read in networking channels
+ * CVE-2024-1547 (bmo#1877879)
+ Alert dialog could have been spoofed on another site
+ * CVE-2024-1548 (bmo#1832627)
+ Fullscreen Notification could have been hidden by select
+ element
+ * CVE-2024-1549 (bmo#1833814)
+ Custom cursor could obscure the permission dialog
+ * CVE-2024-1550 (bmo#1860065)
+ Mouse cursor re-positioned unexpectedly could have led to
+ unintended permission grants
+ * CVE-2024-1551 (bmo#1864385)
+ Multipart HTTP Responses would accept the Set-Cookie header
+ in response parts
+ * CVE-2024-1552 (bmo#1874502)
+ Incorrect code generation on 32-bit ARM devices
+ * CVE-2024-1553 (bmo#1855686, bmo#1867982, bmo#1871498,
+ bmo#1872296, bmo#1873521, bmo#1873577, bmo#1873597,
+ bmo#1873866, bmo#1874080, bmo#1874740, bmo#1875795,
+ bmo#1875906, bmo#1876425, bmo#1878211, bmo#1878286)
+ Memory safety bugs fixed in Firefox 123, Firefox ESR 115.8,
+ and Thunderbird 115.8
+ * new: Added option to show packet dump when OpenPGP fails to
+ decrypt (bmo#1874504)
+ * fixed: Thunderbird slowed down significantly when opening
+ email files (.eml) (bmo#1863957)
+ * fixed: Inbox view intermittently reverted to default view
+ after moving or deleting messages (bmo#1725127)
+ * fixed: Size of collapsed folders in folder pane did not
+ include size of subfolders (bmo#1870641)
+ * fixed: Hovering over folder does not always expand subfolders
+ (bmo#1873101)
+ * fixed: Switching to thread pane of a folder using keyboard
+ navigation did not focus top message (bmo#1869557)
+ * fixed: Clicking "Sent unsent messages" in Outbox context menu
+ while in offline mode did not prompt user to go online
+ (bmo#1873487)
+ * fixed: Mail tab-specific Unified Toolbar buttons received
+ focus incorrectly (bmo#1872239)
+ * fixed: Quick Filter settings did not persist when Quick
+ Filter bar was turned off (bmo#1850266)
+ * fixed: Quick Filters were unusually slow (bmo#1849650)
+ * fixed: OpenPGP Key Manager filtering did not work
+ (bmo#1873655)
+ * fixed: OpenPGP sometimes attempted to decrypt message with
+ incorrect key (bmo#1865620)
+ * fixed: Autoconfig failed on servers that did not support
+ OAuth2 (bmo#1869122)
+ * fixed: Opening different attachments with the same name in
+ different messages could cause attachment files to become
+ conflated (bmo#1873023)
+ * fixed: Overflowed attachment list could not be scrolled
+ (bmo#1871343)
+ * fixed: Passwords disappeared from password manager list after
+ applying and clearing filters (bmo#1874646)
+ * fixed: Cookies in cookie manager list disappeared after
+ applying and then clearing filters (bmo#1876733)
+
+-------------------------------------------------------------------
+Sun Jan 21 09:10:11 UTC 2024 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 115.7.0
+ https://www.thunderbird.net/en-US/thunderbird/115.7.0/releasenotes/
+ MFSA 2024-04 (bsc#1218955)
+ * CVE-2024-0741 (bmo#1864587)
+ Out of bounds write in ANGLE
+ * CVE-2024-0742 (bmo#1867152)
+ Failure to update user input timestamp
+ * CVE-2024-0746 (bmo#1660223)
+ Crash when listing printers on Linux
+ * CVE-2024-0747 (bmo#1764343)
+ Bypass of Content Security Policy when directive unsafe-inline was set
+ * CVE-2024-0749 (bmo#1813463)
+ Phishing site popup could show local origin in address bar
+ * CVE-2024-0750 (bmo#1863083)
+ Potential permissions request bypass via clickjacking
+ * CVE-2024-0751 (bmo#1865689)
+ Privilege escalation through devtools
+ * CVE-2024-0753 (bmo#1870262)
+ HSTS policy on subdomain could bypass policy of upper domain
+ * CVE-2024-0755 (bmo#1868456, bmo#1871445, bmo#1873701)
+ Memory safety bugs fixed in Firefox 122, Firefox ESR 115.7,
+ and Thunderbird 115.7
+
+-------------------------------------------------------------------
+Wed Jan 10 09:18:01 UTC 2024 - Martin Sirringhaus <martin.sirringhaus@suse.com>
+
+- Mozilla Thunderbird 115.6.1
+ https://www.thunderbird.net/en-US/thunderbird/115.6.1/releasenotes/
+ * new: OAuth2 now supported for comcast.net (bmo#1844810)
+ * fixed: High CPU usage sometimes occurred with IMAP CONDSTORE
+ (conditional STORE) enabled (bmo#1839256)
+ * fixed: Replying to a collapsed thread via keyboard shortcut
+ (Ctrl+R/Cmd+R) opened a reply for every message in the thread
+ (bmo#1866819)
+ * fixed: Enabling Grouped By view after reversing sort order of
+ column header caused messages to be grouped incorrectly
+ (bmo#1868794)
+ * fixed: Opening thread pane context menu via keyboard did not
+ always scroll view to selection (bmo#1867532)
+ * fixed: New mail indicator for POP3 accounts did not indicate
+ new messages ready to be downloaded (bmo#1870619)
+ * fixed: Messages could not be moved to folders using Message >
+ Move To if text or a link in the message had been clicked on
+ first (bmo#1868474)
+ * fixed: MIME part boundaries were not properly terminated
+ (bmo#1805558)
+
+-------------------------------------------------------------------
+Sun Dec 17 12:33:37 UTC 2023 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 115.6.0
+ https://www.thunderbird.net/en-US/thunderbird/115.6.0/releasenotes/
+ * Message selection misbehaved after selecting a sub-message in an
+ expanded thread, collapsing the thread, then pressing up/down to
+ move selection
+ * Thunderbird now attempts to reconnect on a new connection after
+ SMTP 4xx errors
+ * HTML FileLink attachments used the wrong encoding
+ MFSA 2023-55 (bsc#1217230)
+ * CVE-2023-50762 (bmo#1862625)
+ Truncated signed text was shown with a valid OpenPGP
+ signature
+ * CVE-2023-50761 (bmo#1865647)
+ S/MIME signature accepted despite mismatching message date
+ * CVE-2023-6856 (bmo#1843782)
+ Heap-buffer-overflow affecting WebGL DrawElementsInstanced
+ method with Mesa VM driver
+ * CVE-2023-6857 (bmo#1796023)
+ Symlinks may resolve to smaller than expected buffers
+ * CVE-2023-6858 (bmo#1826791)
+ Heap buffer overflow in nsTextFragment
+ * CVE-2023-6859 (bmo#1840144)
+ Use-after-free in PR_GetIdentitiesLayer
+ * CVE-2023-6860 (bmo#1854669)
+ Potential sandbox escape due to VideoBridge lack of texture
+ validation
+ * CVE-2023-6861 (bmo#1864118)
+ Heap buffer overflow affected nsWindow::PickerOpen(void) in
+ headless mode
+ * CVE-2023-6862 (bmo#1868042)
+ Use-after-free in nsDNSService
+ * CVE-2023-6863 (bmo#1868901)
+ Undefined behavior in ShutdownObserver()
+ * CVE-2023-6864 (bmo#1736385, bmo#1810805, bmo#1846328,
+ bmo#1856090, bmo#1858033, bmo#1858509, bmo#1862089,
+ bmo#1862777, bmo#1864015)
+ Memory safety bugs fixed in Firefox 121, Firefox ESR 115.6,
+ and Thunderbird 115.6
+
+-------------------------------------------------------------------
+Tue Dec 12 07:21:01 UTC 2023 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 115.5.2
+ Bugfix release
+ https://www.thunderbird.net/en-US/thunderbird/115.5.2/releasenotes/
+
+-------------------------------------------------------------------
+Tue Nov 28 22:07:44 UTC 2023 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 115.5.1
+ Bugfix release
+ https://www.thunderbird.net/en-US/thunderbird/115.5.1/releasenotes
+ * Advanced GnuPG keys may be protected with an unexpected passphrase
+ * OpenPGP signatures rejected due to mismatched signature timestamp
+ now display signature timestamp and clarifying message
+ * Advanced address book search did not return results if display name
+ was left blank
+ * Clicking on attendee when inviting attendees added the attendee twice
+
+-------------------------------------------------------------------
+Wed Nov 22 06:28:54 UTC 2023 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 115.5.0
+ https://www.thunderbird.net/en-US/thunderbird/115.5.0/releasenotes
+ MFSA 2023-52 (bsc#1217230)
+ * CVE-2023-6204 (bmo#1841050)
+ Out-of-bound memory access in WebGL2 blitFramebuffer
+ * CVE-2023-6205 (bmo#1854076)
+ Use-after-free in MessagePort::Entangled
+ * CVE-2023-6206 (bmo#1857430)
+ Clickjacking permission prompts using the fullscreen transition
+ * CVE-2023-6207 (bmo#1861344)
+ Use-after-free in ReadableByteStreamQueueEntry::Buffer
+ * CVE-2023-6208 (bmo#1855345)
+ Using Selection API would copy contents into X11 primary
+ selection.
+ * CVE-2023-6209 (bmo#1858570)
+ Incorrect parsing of relative URLs starting with "///"
+ * CVE-2023-6212 (bmo#1658432, bmo#1820983, bmo#1829252, bmo#1856072,
+ bmo#1856091, bmo#1859030, bmo#1860943, bmo#1862782)
+ Memory safety bugs fixed in Firefox 120, Firefox ESR 115.5,
+ and Thunderbird 115.5
+
+-------------------------------------------------------------------
+Wed Nov 15 13:28:03 UTC 2023 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 115.4.3
+ Bugfix release
+ https://www.thunderbird.net/en-US/thunderbird/115.4.3/releasenotes
+
+-------------------------------------------------------------------
+Sat Nov 4 15:34:08 UTC 2023 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 115.4.2
+ https://www.thunderbird.net/en-US/thunderbird/115.4.2/releasenotes
+- build using rust/cargo 1.72 (1.69 about to be dropped from Factory)
+
+-------------------------------------------------------------------
+Tue Oct 24 20:52:32 UTC 2023 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 115.4.1
+ https://www.thunderbird.net/en-US/thunderbird/115.4.1/releasenotes
+ https://www.thunderbird.net/en-US/thunderbird/115.4.0/releasenotes
+ MFSA 2023-47 (bsc#1216338)
+ * CVE-2023-5721 (bmo#1830820)
+ Queued up rendering could have allowed websites to clickjack
+ * CVE-2023-5732 (bmo#1690979, bmo#1836962)
+ Address bar spoofing via bidirectional characters
+ * CVE-2023-5724 (bmo#1836705)
+ Large WebGL draw could have led to a crash
+ * CVE-2023-5725 (bmo#1845739)
+ WebExtensions could open arbitrary URLs
+ * CVE-2023-5726 (bmo#1846205)
+ Full screen notification obscured by file open dialog on macOS
+ * CVE-2023-5727 (bmo#1847180)
+ Download Protections were bypassed by .msix, .msixbundle,
+ .appx, and .appxbundle files on Windows
+ * CVE-2023-5728 (bmo#1852729)
+ Improper object tracking during GC in the JavaScript engine
+ could have led to a crash.
+ * CVE-2023-5730 (bmo#1836607, bmo#1840918, bmo#1848694, bmo#1848833,
+ bmo#1850191, bmo#1850259, bmo#1852596, bmo#1853201, bmo#1854002,
+ bmo#1855306, bmo#1855640, bmo#1856695)
+ Memory safety bugs fixed in Firefox 119, Firefox ESR 115.4,
+ and Thunderbird 115.4.1
+- removed obsolete mozilla-bmo1846703.patch
+
+-------------------------------------------------------------------
+Tue Oct 24 16:58:42 UTC 2023 - Andreas Stieger <andreas.stieger@gmx.de>
+
+- Mozilla Thunderbird 115.3.3
+ * fixed: "Folder Location" toolbar button did not work for
+ local folders (bmo#1843979)
+ * fixed: "Copy to <folder name> again" option disappeared from
+ context menu after copying to Gmail folder with non-ASCII
+ name (bmo#1856712)
+ * fixed: Default reply identity did not use "Delivered-To"
+ address when catch-all was active (bmo#1815559)
+ * fixed: "View Headers All" did not work when selected in
+ standalone message window (bmo#1855316)
+ * fixed: Viewing the mail filter log displayed an error if no
+ log file was present (bmo#1789244)
+
+-------------------------------------------------------------------
+Tue Oct 10 07:23:52 UTC 2023 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 115.3.2
+ Bugfix release
+ https://www.thunderbird.net/en-US/thunderbird/115.3.2/releasenotes
+
+-------------------------------------------------------------------
+Fri Sep 29 06:44:26 UTC 2023 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 115.3.1
+ MFSA 2023-45 (bsc#1215814)
+ * CVE-2023-5217 (bmo#1855550)
+ Heap buffer overflow in libvpx
+- Add mozilla-bmo1846703.patch
+
+-------------------------------------------------------------------
+Tue Sep 26 07:15:31 UTC 2023 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 115.3.0
+ https://www.thunderbird.net/en-US/thunderbird/115.3.0/releasenotes
+ MFSA 2023-43 (bsc#1215575)
+ * CVE-2023-5168 (bmo#1846683)
+ Out-of-bounds write in FilterNodeD2D1
+ * CVE-2023-5169 (bmo#1846685)
+ Out-of-bounds write in PathOps
+ * CVE-2023-5171 (bmo#1851599)
+ Use-after-free in Ion Compiler
+ * CVE-2023-5174 (bmo#1848454)
+ Double-free in process spawning on Windows
+ * CVE-2023-5176 (bmo#1836353, bmo#1842674, bmo#1843824,
+ bmo#1843962, bmo#1848890, bmo#1850180, bmo#1850983,
+ bmo#1851195)
+ Memory safety bugs fixed in Firefox 118, Firefox ESR 115.3,
+ and Thunderbird 115.3
+
+-------------------------------------------------------------------
+Wed Sep 20 06:27:29 UTC 2023 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 115.2.3
+ Bugfix release:
+ https://www.thunderbird.net/en-US/thunderbird/115.2.3/releasenotes
+
+-------------------------------------------------------------------
+Tue Sep 12 21:08:50 UTC 2023 - Andreas Stieger <andreas.stieger@gmx.de>
+
+- Mozilla Thunderbird 115.2.2
+ https://www.thunderbird.net/en-US/thunderbird/115.2.2/releasenotes
+ MFSA 2023-40 (bsc#1215231)
+ * CVE-2023-4863 (bmo# bmo#1852649)
+ Heap buffer overflow in libwebp
+
+-------------------------------------------------------------------
+Tue Sep 12 21:00:52 UTC 2023 - Andreas Stieger <andreas.stieger@gmx.de>
+
+- Mozilla Thunderbird 115.2.1
+ https://www.thunderbird.net/en-US/thunderbird/115.2.1/releasenotes
+ * new: Column separators are now shown between all columns in
+ tree view (bmo#1847441)
+ * fixed: New mail notification always opened message in message
+ pane, even if pane was disabled (bmo#1840092)
+ * fixed: After moving an IMAP message to another folder, the
+ incorrect message was selected in the message list
+ (bmo#1845376)
+ * fixed: Adding a tag to an IMAP message opened in a tab failed
+ (bmo#1844452)
+ * fixed: Junk/Spam folders were not always shown in Unified
+ Folders mode (bmo#1838672)
+ * fixed: Middle-clicking a folder or message did not open it in
+ a background tab, as in previous versions (bmo#1842482)
+ * fixed: Settings tab visual improvements: Advanced Fonts
+ dialog, Section headers hidden behind search box
+ (bmo#1717382,bmo#1846751)
+ * fixed: Various visual and style fixes
+ (bmo#1843707,bmo#1849823)
+
+-------------------------------------------------------------------
+Sun Aug 27 08:17:34 UTC 2023 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 115.2.0
+ https://www.thunderbird.net/en-US/thunderbird/115.2.0/releasenotes
+ MFSA 2023-38 (bsc#1214606)
+ * CVE-2023-4573 (bmo#1846687)
+ Memory corruption in IPC CanvasTranslator
+ * CVE-2023-4574 (bmo#1846688)
+ Memory corruption in IPC ColorPickerShownCallback
+ * CVE-2023-4575 (bmo#1846689)
+ Memory corruption in IPC FilePickerShownCallback
+ * CVE-2023-4576 (bmo#1846694)
+ Integer Overflow in RecordedSourceSurfaceCreation
+ * CVE-2023-4577 (bmo#1847397)
+ Memory corruption in JIT UpdateRegExpStatics
+ * CVE-2023-4051 (bmo#1821884)
+ Full screen notification obscured by file open dialog
+ * CVE-2023-4578 (bmo#1839007)
+ Error reporting methods in SpiderMonkey could have triggered
+ an Out of Memory Exception
+ * CVE-2023-4053 (bmo#1839079)
+ Full screen notification obscured by external program
+ * CVE-2023-4580 (bmo#1843046)
+ Push notifications saved to disk unencrypted
+ * CVE-2023-4581 (bmo#1843758)
+ XLL file extensions were downloadable without warnings
+ * CVE-2023-4582 (bmo#1773874)
+ Buffer Overflow in WebGL glGetProgramiv
+ * CVE-2023-4583 (bmo#1842030)
+ Browsing Context potentially not cleared when closing Private
+ Window
+ * CVE-2023-4584 (bmo#1843968, bmo#1845205, bmo#1846080,
+ bmo#1846526, bmo#1847529)
+ Memory safety bugs fixed in Firefox 117, Firefox ESR 102.15,
+ Firefox ESR 115.2, Thunderbird 102.15, and Thunderbird 115.2
+ * CVE-2023-4585 (bmo#1751583, bmo#1833504, bmo#1841082,
+ bmo#1847904, bmo#1848999)
+ Memory safety bugs fixed in Firefox 117, Firefox ESR 115.2,
+ and Thunderbird 115.2
+
+-------------------------------------------------------------------
+Tue Aug 15 07:53:02 UTC 2023 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 115.1.1
+ bugfixes as documented here
+ https://www.thunderbird.net/en-US/thunderbird/115.1.1/releasenotes
+
+-------------------------------------------------------------------
+Tue Aug 1 07:51:37 UTC 2023 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 115.1.0
+ New major release with Supernova UI
+ Releasenotes for 115.0:
+ https://www.thunderbird.net/en-US/thunderbird/115.0/releasenotes
+ MFSA 2023-33 (bsc#1213746)
+ * CVE-2023-4045 (bmo#1833876)
+ Offscreen Canvas could have bypassed cross-origin restrictions
+ * CVE-2023-4046 (bmo#1837686)
+ Incorrect value used during WASM compilation
+ * CVE-2023-4047 (bmo#1839073)
+ Potential permissions request bypass via clickjacking
+ * CVE-2023-4048 (bmo#1841368)
+ Crash in DOMParser due to out-of-memory conditions
+ * CVE-2023-4049 (bmo#1842658)
+ Fix potential race conditions when releasing platform objects
+ * CVE-2023-4050 (bmo#1843038)
+ Stack buffer overflow in StorageManager
+ * CVE-2023-4052 (bmo#1824420)
+ File deletion and privilege escalation through Firefox uninstaller
+ * CVE-2023-4054 (bmo#1840777)
+ Lack of warning when opening appref-ms files
+ * CVE-2023-4055 (bmo#1782561)
+ Cookie jar overflow caused unexpected cookie jar state
+ * CVE-2023-4056 (bmo#1820587, bmo#1824634, bmo#1839235, bmo#1842325,
+ bmo#1843847)
+ Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1,
+ Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14
+ * CVE-2023-4057 (bmo#1841682)
+ Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1,
+ and Thunderbird 115.1
+- requires NSS 3.90
+- add patches:
+ mozilla-rust-disable-future-incompat.patch
+ mozilla-partial-revert-1768632.patch
+ mozilla-bmo1775202.patch
+- removed obsolete patches:
+ gcc13-fix.patch
+ mozilla-bmo1568145.patch
+ mozilla-bmo1005535.patch
+ mozilla-s390x-skia-gradient.patch
+- update create-tar.sh
+
+-------------------------------------------------------------------
+Tue Jul 25 06:56:46 UTC 2023 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 102.13.1
+ MFSA 2023-28
+ * CVE-2023-3417 (bmo#1835582, boo#1213658)
+ File Extension Spoofing using the Text Direction Override Character
+
+-------------------------------------------------------------------
+Fri Jul 7 12:47:11 UTC 2023 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 102.13.0
+ * Upstream RNP version numbers now recognized as official in about:support
+ MFSA 2023-24 (bsc#1212438)
+ * CVE-2023-37201 (bmo#1826002)
+ Use-after-free in WebRTC certificate generation
+ * CVE-2023-37202 (bmo#1834711)
+ Potential use-after-free from compartment mismatch in
+ SpiderMonkey
+ * CVE-2023-37207 (bmo#1816287)
+ Fullscreen notification obscured
+ * CVE-2023-37208 (bmo#1837675)
+ Lack of warning when opening Diagcab files
+ * CVE-2023-37211 (bmo#1832306, bmo#1834862, bmo#1835886,
+ bmo#1836550, bmo#1837450)
+ Memory safety bugs fixed in Firefox 115, Firefox ESR 102.13,
+ and Thunderbird 102.13
+- mozilla-llvm16.patch has been applied upstream, remove it here
+
+-------------------------------------------------------------------
+Sun Jun 4 08:22:58 UTC 2023 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 102.12.0:
+ MFSA 2023-21 (bsc#1211922)
+ * CVE-2023-34414 (bmo#1695986)
+ Click-jacking certificate exceptions through rendering lag
+ * CVE-2023-34416 (bmo#1752703, bmo#1818394, bmo#1826875,
+ bmo#1827340, bmo#1827655, bmo#1828065, bmo#1830190,
+ bmo#1830206, bmo#1830795, bmo#1833339)
+ Memory safety bugs fixed in Thunderbird 102.12
+ * fixed: "Searching the directory for recipients certificates"
+ popup could block compose window when "S/MIME reminder" was
+ enabled and using an LDAP address book (bmo#1833651)
+ * fixed: Some elements still used animations with "prefers-
+ reduced-motion" set (bmo#1833353)
+ * fixed: Visual and theme improvements
+ (bmo#1832943,bmo#1832990)
+
+-------------------------------------------------------------------
+Sat May 27 07:46:10 UTC 2023 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 102.11.2
+ * fixed: Thunderbird 102.11.1 contained POP3 client regressions
+ with offline mode and TLS certificate overrides
+ (bmo#1801286,bmo#1816596,bmo#1798785)
+- Includes changes from Thunderbird 102.11.1
+ * fixed: POP message retrieval stopped after a network error
+ occurred and connectivity was restored (bmo#1798785)
+ * fixed: Reused SMTP connections sometimes silently
+ disconnected, causing timeouts (bmo#1766382)
+ * fixed: Thunderbird could freeze if saving a sent message to
+ IMAP failed (bmo#1745130)
+ * fixed: Creating OpenPGP keys with no expiration was not
+ possible (bmo#1830094)
+ * fixed: News reader did not always issue GROUP command after
+ authentication with remote server, preventing Thundebird from
+ displaying or refreshing news from the server (bmo#1824377)
+- updated mozilla.keyring
+
+-------------------------------------------------------------------
+Thu May 11 06:45:57 UTC 2023 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 102.11.0
+ * https://www.thunderbird.net/en-US/thunderbird/102.11.0/releasenotes
+ MFSA 2023-18 (bsc#1211175)
+ * CVE-2023-32205 (bmo#1753339, bmo#1753341)
+ Browser prompts could have been obscured by popups
+ * CVE-2023-32206 (bmo#1824892)
+ Crash in RLBox Expat driver
+ * CVE-2023-32207 (bmo#1826116)
+ Potential permissions request bypass via clickjacking
+ * CVE-2023-32211 (bmo#1823379)
+ Content process crash due to invalid wasm code
+ * CVE-2023-32212 (bmo#1826622)
+ Potential spoof due to obscured address bar
+ * CVE-2023-32213 (bmo#1826666)
+ Potential memory corruption in FileReader::DoReadData()
+ * CVE-2023-32214 (bmo#1828716)
+ Potential DoS via exposed protocol handlers
+ * CVE-2023-32215 (bmo#1540883, bmo#1751943, bmo#1814856,
+ bmo#1820210, bmo#1821480, bmo#1827019, bmo#1827024, bmo#1827144,
+ bmo#1827359, bmo#1830186)
+ Memory safety bugs fixed in Firefox 113 and Firefox ESR 102.11
+
+-------------------------------------------------------------------
+Sun Apr 23 07:54:15 UTC 2023 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 102.10.1
+ * https://www.thunderbird.net/en-US/thunderbird/102.10.1/releasenotes
+
+-------------------------------------------------------------------
+Wed Apr 5 21:10:11 UTC 2023 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 102.10.0
+ * New messages will automatically select S/MIME if configured and
+ OpenPGP is not
+ * Calendar events with timezone America/Mexico_City incorrectly
+ applied Daylight Savings Time
+ MFSA 2023-15 (bsc#1210212)
+ * CVE-2023-29531 (bmo#1794292)
+ Out-of-bound memory access in WebGL on macOS
+ * CVE-2023-29532 (bmo#1806394)
+ Mozilla Maintenance Service Write-lock bypass
+ * CVE-2023-29533 (bmo#1798219, bmo#1814597)
+ Fullscreen notification obscured
+ * MFSA-TMP-2023-0001 (bmo#1819244)
+ Double-free in libwebp
+ * CVE-2023-29535 (bmo#1820543)
+ Potential Memory Corruption following Garbage Collector compaction
+ * CVE-2023-29536 (bmo#1821959)
+ Invalid free from JavaScript code
+ * CVE-2023-0547 (bmo#1811298)
+ Revocation status of S/Mime recipient certificates was not checked
+ * CVE-2023-29479 (bmo#1824978)
+ Hang when processing certain OpenPGP messages
+ * CVE-2023-29539 (bmo#1784348)
+ Content-Disposition filename truncation leads to Reflected
+ File Download
+ * CVE-2023-29541 (bmo#1810191)
+ Files with malicious extensions could have been downloaded
+ unsafely on Linux
+ * CVE-2023-29542 (bmo#1810793, bmo#1815062)
+ Bypass of file download extension restrictions
+ * CVE-2023-29545 (bmo#1823077)
+ Windows Save As dialog resolved environment variables
+ * CVE-2023-1945 (bmo#1777588)
+ Memory Corruption in Safe Browsing Code
+ * CVE-2023-29548 (bmo#1822754)
+ Incorrect optimization result on ARM64
+ * CVE-2023-29550 (bmo#1720594, bmo#1751945, bmo#1812498, bmo#1814217,
+ bmo#1818357, bmo#1818762, bmo#1819493, bmo#1820389, bmo#1820602,
+ bmo#1821448, bmo#1822413, bmo#1824828)
+ Memory safety bugs fixed in Thunderbird 102.10
+- add mozilla-llvm16.patch to fix build with LLVM16
+
+-------------------------------------------------------------------
+Wed Mar 29 10:50:35 UTC 2023 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 102.9.1
+ MFSA 2023-12
+ * CVE-2023-28427 (bmo#1822595)
+ Matrix SDK bundled with Thunderbird vulnerable to
+ denial-of-service attack
+
+-------------------------------------------------------------------
+Sun Mar 26 10:57:52 UTC 2023 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- add gcc13-fix.patch to support current Tumbleweed
+
+-------------------------------------------------------------------
+Sun Mar 12 09:52:40 UTC 2023 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 102.9.0
+ * https://www.thunderbird.net/en-US/thunderbird/102.9.0/releasenotes
+ MFSA 2023-11 (bsc#1209173))
+ * CVE-2023-25751 (bmo#1814899)
+ Incorrect code generation during JIT compilation
+ * CVE-2023-28164 (bmo#1809122)
+ URL being dragged from a removed cross-origin iframe into the
+ same tab triggered navigation
+ * CVE-2023-28162 (bmo#1811327)
+ Invalid downcast in Worklets
+ * CVE-2023-25752 (bmo#1811627)
+ Potential out-of-bounds when accessing throttled streams
+ * CVE-2023-28163 (bmo#1817768)
+ Windows Save As dialog resolved environment variables
+ * CVE-2023-28176 (bmo#1808352, bmo#1811637, bmo#1815904,
+ bmo#1817442, bmo#1818674)
+ Memory safety bugs fixed in Thunderbird 102.9
+- update create-tar.sh
+- build using rust 1.67
+
+-------------------------------------------------------------------
+Tue Mar 7 18:30:09 UTC 2023 - Manfred Hollstein <manfred.h@gmx.net>
+
+- Ensure gcc11-c++ gets used on Leap 15.5, too.
+
+-------------------------------------------------------------------
+Wed Feb 15 07:46:58 UTC 2023 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 102.8.0
+ * https://www.thunderbird.net/en-US/thunderbird/102.8.0/releasenotes
+ MFSA 2023-07 (bsc#1208144)
+ * CVE-2023-0616 (bmo#1806507)
+ User Interface lockup with messages combining S/MIME and OpenPGP
+ * CVE-2023-25728 (bmo#1790345)
+ Content security policy leak in violation reports using iframes
+ * CVE-2023-25730 (bmo#1794622)
+ Screen hijack via browser fullscreen mode
+ * CVE-2023-0767 (bmo#1804640)
+ Arbitrary memory write via PKCS 12 in NSS
+ * CVE-2023-25735 (bmo#1810711)
+ Potential use-after-free from compartment mismatch in SpiderMonkey
+ * CVE-2023-25737 (bmo#1811464)
+ Invalid downcast in SVGUtils::SetupStrokeGeometry
+ * CVE-2023-25738 (bmo#1811852)
+ Printing on Windows could potentially crash Thunderbird with
+ some device drivers
+ * CVE-2023-25739 (bmo#1811939)
+ Use-after-free in mozilla::dom::ScriptLoadContext::~ScriptLoadContext
+ * CVE-2023-25729 (bmo#1792138)
+ Extensions could have opened external schemes without user knowledge
+ * CVE-2023-25732 (bmo#1804564)
+ Out of bounds memory write from EncodeInputStream
+ * CVE-2023-25734 (bmo#1784451, bmo#1809923, bmo#1810143, bmo#1812338)
+ Opening local .url files could cause unexpected network loads
+ * CVE-2023-25742 (bmo#1813424)
+ Web Crypto ImportKey crashes tab
+ * CVE-2023-25746 (bmo#1544127, bmo#1762368, bmo#1789449, bmo#1803628,
+ bmo#1810536)
+ Memory safety bugs fixed in Thunderbird 102.8
+- requires
+ NSPR >= 4.34.1
+ NSS >= 3.79.4
+
+-------------------------------------------------------------------
+Wed Feb 8 07:59:46 UTC 2023 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 102.7.2
+ * Various crash fixes
+
+-------------------------------------------------------------------
+Tue Jan 31 21:48:13 UTC 2023 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 102.7.1
+ * Microsoft Office 365 accounts were unable to authenticate
+ * https://www.thunderbird.net/en-US/thunderbird/102.7.1/releasenotes/
+ MFSA 2023-04
+ * CVE-2023-0430 (bmo#1769000)
+ Revocation status of S/Mime signature certificates was not checked
+- update create-tar.sh
+
+-------------------------------------------------------------------
+Tue Jan 17 13:27:01 UTC 2023 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 102.7.0
+ https://www.thunderbird.net/en-US/thunderbird/102.7.0/releasenotes/
+ MFSA 2023-03 (bsc#1207119)
+ * CVE-2022-46871 (bmo#1795697)
+ libusrsctp library out of date
+ * CVE-2023-23598 (bmo#1800425)
+ Arbitrary file read from GTK drag and drop on Linux
+ * CVE-2023-23599 (bmo#1777800)
+ Malicious command could be hidden in devtools output on
+ Windows
+ * CVE-2023-23601 (bmo#1794268)
+ URL being dragged from cross-origin iframe into same tab
+ triggers navigation
+ * CVE-2023-23602 (bmo#1800890)
+ Content Security Policy wasn't being correctly applied to
+ WebSockets in WebWorkers
+ * CVE-2022-46877 (bmo#1795139)
+ Fullscreen notification bypass
+ * CVE-2023-23603 (bmo#1800832)
+ Calls to <code>console.log</code> allowed bypasing Content
+ Security Policy via format directive
+ * CVE-2023-23605 (bmo#1764921, bmo#1802690, bmo#1806974)
+ Memory safety bugs fixed in Thunderbird 102.7
+
+-------------------------------------------------------------------
+Tue Dec 20 08:06:29 UTC 2022 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 102.6.1
+ * Remote content did not load in user-defined signatures
+ * Addons that added new action buttons were not shown for addon
+ upgrades, requiring removal and reinstall
+ * Various stability improvements
+ MFSA 2022-54
+ * CVE-2022-46874 (bmo#1746139)
+ Drag and Dropped Filenames could have been truncated to
+ malicious extensions
+
+-------------------------------------------------------------------
+Tue Dec 13 13:49:09 UTC 2022 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 102.6.0
+ https://www.thunderbird.net/en-US/thunderbird/102.6.0/releasenotes/
+ MFSA 2022-53 (bsc#1206242)
+ * CVE-2022-46880 (bmo#1749292)
+ Use-after-free in WebGL
+ * CVE-2022-46872 (bmo#1799156)
+ Arbitrary file read from a compromised content process
+ * CVE-2022-46881 (bmo#1770930)
+ Memory corruption in WebGL
+ * CVE-2022-46874 (bmo#1746139)
+ Drag and Dropped Filenames could have been truncated to
+ malicious extensions
+ * CVE-2022-46875 (bmo#1786188)
+ Download Protections were bypassed by .atloc and .ftploc
+ files on Mac OS
+ * CVE-2022-46882 (bmo#1789371)
+ Use-after-free in WebGL
+ * CVE-2022-46878 (bmo#1782219, bmo#1797370, bmo#1797685,
+ bmo#1801102, bmo#1801315, bmo#1802395)
+ Memory safety bugs fixed in Thunderbird 102.6
+- removed obsolete patches
+ mozilla-newer-cbindgen.patch
+ mozilla-glibc236.patch
+
+-------------------------------------------------------------------
+Wed Nov 30 20:49:28 UTC 2022 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 102.5.1
+ MFSA 2022-50
+ * CVE-2022-45414 (bmo#1788096)
+ Quoting from an HTML email with certain tags will trigger network
+ requests and load remote content, regardless of a configuration
+ to block remote content
+
+-------------------------------------------------------------------
+Sat Nov 12 22:48:04 UTC 2022 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 102.5.0
+ * changes and fixes as described here
+ https://www.thunderbird.net/en-US/thunderbird/102.5.0/releasenotes
+ MFSA 2022-49 (bsc#1205270)
+ * CVE-2022-45403 (bmo#1762078)
+ Service Workers might have learned size of cross-origin media files
+ * CVE-2022-45404 (bmo#1790815)
+ Fullscreen notification bypass
+ * CVE-2022-45405 (bmo#1791314)
+ Use-after-free in InputStream implementation
+ * CVE-2022-45406 (bmo#1791975)
+ Use-after-free of a JavaScript Realm
+ * CVE-2022-45408 (bmo#1793829)
+ Fullscreen notification bypass via windowName
+ * CVE-2022-45409 (bmo#1796901)
+ Use-after-free in Garbage Collection
+ * CVE-2022-45410 (bmo#1658869)
+ ServiceWorker-intercepted requests bypassed SameSite cookie policy
+ * CVE-2022-45411 (bmo#1790311)
+ Cross-Site Tracing was possible via non-standard override headers
+ * CVE-2022-45412 (bmo#1791029)
+ Symlinks may resolve to partially uninitialized buffers
+ * CVE-2022-45416 (bmo#1793676)
+ Keystroke Side-Channel Leakage
+ * CVE-2022-45418 (bmo#1795815)
+ Custom mouse cursor could have been drawn over browser UI
+ * CVE-2022-45420 (bmo#1792643)
+ Iframe contents could be rendered outside the iframe
+ * CVE-2022-45421 (bmo#1767920, bmo#1789808, bmo#1794061)
+ Memory safety bugs fixed in Thunderbird 102.5
+
+-------------------------------------------------------------------
+Sat Nov 5 16:19:55 UTC 2022 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 102.4.2
+ * "Address Book" button in Account Central will now create a
+ CardDAV address book instead of a local address book
+ * Bugfixes as described here
+ https://www.thunderbird.net/en-US/thunderbird/102.4.2/releasenotes
+
+-------------------------------------------------------------------
+Tue Oct 25 20:42:11 UTC 2022 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 102.4.1
+ * Thunderbird will now catch and report errors parsing vCards
+ that contain incorrectly formatted dates
+ * Dynamic language switching did not update interface when switched
+ to right-to-left languages
+ * Custom header data was discarded after messages were saved as
+ draft and reopened
+ * -remote command line argument did not work, affecting integration
+ with various applications such as LibreOffice
+ * Messages received via some SMS-to-email services could not
+ display images
+ * VCards with nickname field set could not be edited
+ * Some recurring events were missing from Agenda on first load
+ * Download requests for remote ICS calendars incorrectly set
+ "Accept" header to text/xml
+ * Monthly events created on the 31st of a month with <30 days placed
+ first occurrence 1-2 days after the beginning of the following month
+ * Various visual and UX improvements
+
+-------------------------------------------------------------------
+Fri Oct 14 19:54:03 UTC 2022 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 102.4.0
+ https://www.thunderbird.net/en-US/thunderbird/102.4.0/releasenotes
+ MFSA 2022-46 (bsc#1203477)
+ * CVE-2022-42927 (bmo#1789128)
+ Same-origin policy violation could have leaked cross-origin URLs
+ * CVE-2022-42928 (bmo#1791520)
+ Memory Corruption in JS Engine
+ * CVE-2022-42929 (bmo#1789439)
+ Denial of Service via window.print
+ * CVE-2022-42932 (bmo#1789729, bmo#1791363, bmo#1792041)
+ Memory safety bugs fixed in Firefox 106, Firefox ESR 102.4 and
+ Thunderbird 102.4.0
+
+-------------------------------------------------------------------
+Tue Oct 11 20:40:12 UTC 2022 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 102.3.3
+ * Option added to show containing address book for a contact when
+ using All Address Books in vertical mode
+ * Thunderbird will try to use POP NTLM authentication even if
+ not advertised by server
+ * Task List and Today Pane sidebars will no longer load when not visible
+ * bugfixes as documented here
+ https://www.thunderbird.net/en-US/thunderbird/102.3.3/releasenotes
+
+-------------------------------------------------------------------
+Thu Oct 6 07:28:32 UTC 2022 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 102.3.2
+ * Thunderbird will try to use POP CRAM-MD5 authentication even if
+ not advertised by server
+ * more bugfixes as in
+ https://www.thunderbird.net/en-US/thunderbird/102.3.2/releasenotes
+
+-------------------------------------------------------------------
+Mon Oct 3 10:08:03 UTC 2022 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- build using rust 1.63
+
+-------------------------------------------------------------------
+Wed Sep 28 08:13:07 UTC 2022 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 102.3.1
+ * Compose window encryption options now only appear for encryption
+ technologies that have already been configured
+ * Number of contacts in currently selected address book now
+ displayed at bottom of Address Book list column
+ Fixes
+ * Password prompt did not include server hostname for POP servers
+ * Edit Contact was missing from Contacts sidebar context menus
+ * Address Book contact lists cut off display of some characters,
+ the result being unreadable
+ MFSA 2022-43
+ * CVE-2022-39249 (bmo#1791765)
+ Matrix SDK bundled with Thunderbird vulnerable to an
+ impersonation attack by malicious server administrators
+ * CVE-2022-39250 (bmo#1791765)
+ Matrix SDK bundled with Thunderbird vulnerable to a device
+ verification attack
+ * CVE-2022-39251 (bmo#1791765)
+ Matrix SDK bundled with Thunderbird vulnerable to an
+ impersonation attack
+ * CVE-2022-39236 (bmo#1791765)
+ Matrix SDK bundled with Thunderbird vulnerable to a data
+ corruption issue
+
+-------------------------------------------------------------------
+Fri Sep 16 08:17:49 UTC 2022 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 102.3.0
+ https://www.thunderbird.net/en-US/thunderbird/102.3.0/releasenotes/
+ * Thunderbird will no longer attempt to import account passwords
+ when importing from another Thunderbird profile in order to
+ prevent profile corruption and permanent data loss. (bmo#1790605)
+ * Devtools performance profile will use Thunderbird presets
+ instead of Web Developer presets (bmo#1785954)
+ * Thunderbird startup performance improvements (bmo#1785967)
+ * Saving email source and images failed (bmo#1777323, bmo#1778804)
+ * Error message was shown repeatedly when temporary disk
+ space was full (bmo#1788580)
+ * Attaching OpenPGP keys without a set size to non-encrypted
+ messages briefly displayed a size of zero bytes (bmo#1788952)
+ * Global Search entry box initially contained "undefined" (bmo#1780963)
+ * Delete from POP Server mail filter rule intermittently
+ failed to trigger (bmo#1789418)
+ * Connections to POP3 servers without UIDL support failed (bmo#1789314)
+ * Pop accounts with "Fetch headers only" set downloaded complete
+ messages if server did not advertise TOP capability (bmo#1789356)
+ * "File -> New -> Address Book Contact" from Compose window did
+ not work (bmo#1782418)
+ * Attach "My vCard" option in compose window was not available
+ (bmo#1787614)
+ * Improved performance of matching a contact to an email address
+ (bmo#1782725)
+ * Address book only recognized a contact's first two email
+ addresses (bmo#1777156)
+ * Address book search and autocomplete failed if a contact vCard
+ could not be parsed (bmo#1789793)
+ * Downloading NNTP messages for offline use failed (bmo#1785773)
+ * NNTP client became stuck when connecting to Public-Inbox servers
+ (bmo#1786203, boo#1203554)
+ * Various visual and UX improvements (bmo#1782235, bmo#1787448,
+ bmo#1788725, bmo#1790324)
+ * unresolved: No dedicated "Department" field in address book
+ (bmo#1777780)
+ MFSA 2022-42 (bsc#1203477)
+ * CVE-2022-40959 (bmo#1782211)
+ Bypassing FeaturePolicy restrictions on transient pages
+ * CVE-2022-40960 (bmo#1787633)
+ Data-race when parsing non-UTF-8 URLs in threads
+ * CVE-2022-40958 (bmo#1779993)
+ Bypassing Secure Context restriction for cookies with __Host
+ and __Secure prefix
+ * CVE-2022-40956 (bmo#1770094)
+ Content-Security-Policy base-uri bypass
+ * CVE-2022-40957 (bmo#1777604)
+ Incoherent instruction cache when building WASM on ARM64
+ * CVE-2022-3155 (bmo#1789061)
+ Attachment files saved to disk on macOS could be executed
+ without warning
+ * CVE-2022-40962 (bmo#1767360, bmo#1776655, bmo#1777574, bmo#1784835,
+ bmo#1785109, bmo#1786502, bmo#1789440)
+ Memory safety bugs fixed in Thunderbird 102.3
+
+-------------------------------------------------------------------
+Thu Sep 8 06:31:58 UTC 2022 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 102.2.2
+ https://www.thunderbird.net/en-US/thunderbird/102.2.2/releasenotes/
+ * Setting added to change Calendar event double-click action to
+ open Edit Event dialog rather than view only;
+ Set calendar.events.defaultActionEdit to true
+ * Running Compact Folders on maildir folders caused a redownload
+ of all messages in the folder
+ * Accessing mail folders in profiles with many folders was slow
+ * SMTP servers were not always properly initialized, and were not
+ listed in Account Settings
+ * APOP authentication unsupported when connecting to POP3 server
+ * OpenPGP key discovery failed
+ * POP accounts hosted by AOL were not able to authenticate using OAuth2
+ * Unable to open context menu in newsgroups header for groups
+ that are not subscribed
+
+-------------------------------------------------------------------
+Thu Sep 8 06:31:58 UTC 2022 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 102.2.2
+ https://www.thunderbird.net/en-US/thunderbird/102.2.2/releasenotes/
+ * Setting added to change Calendar event double-click action to
+ open Edit Event dialog rather than view only;
+ Set calendar.events.defaultActionEdit to true
+ * Running Compact Folders on maildir folders caused a redownload
+ of all messages in the folder
+ * Accessing mail folders in profiles with many folders was slow
+ * SMTP servers were not always properly initialized, and were not
+ listed in Account Settings
+ * APOP authentication unsupported when connecting to POP3 server
+ * OpenPGP key discovery failed
+ * POP accounts hosted by AOL were not able to authenticate using OAuth2
+ * Unable to open context menu in newsgroups header for groups
+ that are not subscribed
+
+-------------------------------------------------------------------
+Thu Sep 1 06:48:28 UTC 2022 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 102.2.1
+ MFSA 2022-38 (bsc#1203007)
+ * CVE-2022-3033 (bmo#1784838)
+ Leaking of sensitive information when composing a response to
+ an HTML email with a META refresh tag
+ * CVE-2022-3032 (bmo#1783831)
+ Remote content specified in an HTML document that was nested
+ inside an iframe's srcdoc attribute was not blocked
+ * CVE-2022-3034 (bmo#1745751)
+ An iframe element in an HTML email could trigger a network
+ request
+ * CVE-2022-36059 (bmo#1787741)
+ Matrix SDK bundled with Thunderbird vulnerable to denial-of-
+ service attack
+
+-------------------------------------------------------------------
+Fri Aug 19 18:24:06 UTC 2022 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 102.2.0
+ * https://www.thunderbird.net/en-US/thunderbird/102.2.0/releasenotes/
+ MFSA 2022-36 (bsc#1202645)
+ * CVE-2022-38472 (bmo#1769155)
+ Address bar spoofing via XSLT error handling
+ * CVE-2022-38473 (bmo#1771685)
+ Cross-origin XSLT Documents would have inherited the parent's
+ permissions
+ * CVE-2022-38476 (bmo#1760998)
+ Data race and potential use-after-free in PK11_ChangePW
+ * CVE-2022-38477 (bmo#1760611, bmo#1770219, bmo#1771159, bmo#1773363)
+ Memory safety bugs fixed in Thunderbird 102.2
+ * CVE-2022-38478 (bmo#1770630, bmo#1776658)
+ Memory safety bugs fixed in Thunderbird 102.2, and
+ Thunderbird 91.13
+- disabled automatic usage of wayland because of known issues
+ using MOZ_ENABLE_WAYLAND=1 in environment would still enable it
+ (boo#1202606)
+
+-------------------------------------------------------------------
+Sun Aug 14 08:03:00 UTC 2022 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- added mozilla-glibc236.patch (bmo#1782988, boo#1202323)
+
+-------------------------------------------------------------------
+Tue Aug 9 06:24:56 UTC 2022 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 102.1.2
+ * fix for bmo#1777765 (no POP download progress bar) was backed
+ out from this release to address broken POP message download
+ with Fetch headers only selected in Account Settings (bmo#1783552)
+
+-------------------------------------------------------------------
+Mon Aug 8 06:46:01 UTC 2022 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 102.1.1
+ Bugfixes:
+ * https://www.thunderbird.net/en-US/thunderbird/102.1.1/releasenotes/
+
+-------------------------------------------------------------------
+Tue Jul 26 09:03:40 UTC 2022 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 102.1.0
+ * https://www.thunderbird.net/en-US/thunderbird/102.1.0/releasenotes
+ MFSA 2022-32 (bsc#1201758)
+ * CVE-2022-36319 (bmo#1737722)
+ Mouse Position spoofing with CSS transforms
+ * CVE-2022-36318 (bmo#1771774)
+ Directory indexes for bundled resources reflected URL parameters
+ * CVE-2022-36314 (bmo#1773894)
+ Opening local <code>.lnk</code> files could cause unexpected
+ network loads
+ * CVE-2022-2505 (bmo#1769739, bmo#1772824)
+ Memory safety bugs fixed in Thunderbird 102.1
+- added mozilla-newer-cbindgen.patch to fix build with
+ rust-cbindgen >= 0.24 (and also require that for build)
+- added mozilla-pgo.patch to fix LTO builds with gcc
+
+-------------------------------------------------------------------
+Tue Jul 19 07:31:52 UTC 2022 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 102.0.3
+ Bugfixes as in
+ * https://www.thunderbird.net/en-US/thunderbird/102.0.3/releasenotes/
+
+-------------------------------------------------------------------
+Sat Jul 9 21:53:27 UTC 2022 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 102.0.2
+ * https://www.thunderbird.net/en-US/thunderbird/102.0/releasenotes/
+- removed obsolete patches
+ mozilla-bmo1504834-part2.patch
+ mozilla-bmo1504834-part4.patch
+ mozilla-bmo1602730.patch
+ mozilla-bmo1626236.patch
+ mozilla-bmo1724679.patch
+ mozilla-disable-wasm-emulate-arm-unaligned-fp-access.patch
+ mozilla-sandbox-fips.patch
+- added patches inherited from FF 102
+ one_swizzle_to_rule_them_all.patch
+ svg-rendering.patch
+- fix KDE detection (boo#1200987) in mozilla-kde.patch
+- requires
+ rust = 1.60
+ NSPR >= 4.34
+ NSS >= 3.79
+ rust-cbindgen >= 0.23.0
+- remove special breakpad debug symbol creation
+
+-------------------------------------------------------------------
+Sun Jun 26 08:53:26 UTC 2022 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 91.11.0
+ * CLIENTID fix for bmo#1759197 in Thunderbird 91.8.1 did not work
+ additional fix applied
+ * "Save-As" attachment dialog did not have filename pre-populated
+ MFSA 2022-26 (bsc#1200793)
+ * CVE-2022-34479 (bmo#1745595)
+ A popup window could be resized in a way to overlay the
+ address bar with web content
+ * CVE-2022-34470 (bmo#1765951)
+ Use-after-free in nsSHistory
+ * CVE-2022-34468 (bmo#1768537)
+ CSP sandbox header without `allow-scripts` can be bypassed
+ via retargeted javascript: URI
+ * CVE-2022-2226 (bmo#1775441)
+ An email with a mismatching OpenPGP signature date was
+ accepted as valid
+ * CVE-2022-34481 (bmo#1497246)
+ Potential integer overflow in ReplaceElementsAt
+ * CVE-2022-31744 (bmo#1757604)
+ CSP bypass enabling stylesheet injection
+ * CVE-2022-34472 (bmo#1770123)
+ Unavailable PAC file resulted in OCSP requests being blocked
+ * CVE-2022-34478 (bmo#1773717)
+ Microsoft protocols can be attacked if a user accepts a prompt
+ * CVE-2022-2200 (bmo#1771381)
+ Undesired attributes could be set as part of prototype pollution
+ * CVE-2022-34484 (bmo#1763634, bmo#1772651)
+ Memory safety bugs fixed in Thunderbird 91.11 and Thunderbird 102
+
+-------------------------------------------------------------------
+Thu May 26 07:56:09 UTC 2022 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 91.10.0
+ * Various UX and theme improvements
+ MFSA 2022-22 (bsc#1200027)
+ * CVE-2022-31736 (bmo#1735923)
+ Cross-Origin resource's length leaked
+ * CVE-2022-31737 (bmo#1743767)
+ Heap buffer overflow in WebGL
+ * CVE-2022-31738 (bmo#1756388)
+ Browser window spoof using fullscreen mode
+ * CVE-2022-31739 (bmo#1765049)
+ Attacker-influenced path traversal when saving downloaded
+ files
+ * CVE-2022-31740 (bmo#1766806)
+ Register allocation problem in WASM on arm64
+ * CVE-2022-31741 (bmo#1767590)
+ Uninitialized variable leads to invalid memory read
+ * CVE-2022-1834 (bmo#1767816)
+ Braille space character caused incorrect sender email to be
+ shown for a digitally signed email
+ * CVE-2022-31742 (bmo#1730434)
+ Querying a WebAuthn token with a large number of
+ allowCredential entries may have leaked cross-origin
+ information
+ * CVE-2022-31747 (bmo#1760765, bmo#1765610, bmo#1766283,
+ bmo#1767365, bmo#1768559, bmo#1768734)
+ Memory safety bugs fixed in Thunderbird 91.10
+
+-------------------------------------------------------------------
+Sat May 21 06:36:17 UTC 2022 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 91.9.1
+ MFSA 2022-19 (bsc#1199768)
+ * CVE-2022-1802 (bmo#1770137)
+ Prototype pollution in Top-Level Await implementation
+ * CVE-2022-1529 (bmo#1770048)
+ Untrusted input used in JavaScript object indexing, leading
+ to prototype pollution
+
+-------------------------------------------------------------------
+Mon May 2 06:34:51 UTC 2022 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 91.9.0
+ * A warning is now displayed if an OpenPGP key has unsafe
+ attributes that are ignored
+ * OpenPGP integration in Thunderbird 91.8.0 and 91.8.1 did not
+ allow SHA-1 key signatures
+ * CalDAV calendars were marked read-only on startup
+ MFSA 2022-18 (bsc#1198970)
+ * CVE-2022-1520 (bmo#1745019)
+ Incorrect security status shown after viewing an attached
+ email
+ * CVE-2022-29914 (bmo#1746448)
+ Fullscreen notification bypass using popups
+ * CVE-2022-29909 (bmo#1755081)
+ Bypassing permission prompt in nested browsing contexts
+ * CVE-2022-29916 (bmo#1760674)
+ Leaking browser history with CSS variables
+ * CVE-2022-29911 (bmo#1761981)
+ iframe sandbox bypass
+ * CVE-2022-29912 (bmo#1692655)
+ Reader mode bypassed SameSite cookies
+ * CVE-2022-29913 (bmo#1764778)
+ Speech Synthesis feature not properly disabled
+ * CVE-2022-29917 (bmo#1684739, bmo#1706441, bmo#1753298,
+ bmo#1762614, bmo#1762620)
+ Memory safety bugs fixed in Thunderbird 91.9
+
+-------------------------------------------------------------------
+Sat Apr 16 11:36:34 UTC 2022 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 91.8.1
+ * CLIENTID extension to SMTP was not supported by smtp-js#
+ * Additional SMTP errors now propagated to user
+ * OpenPGP was not able to use some previously supported key types
+ * OpenPGP Key Manager did not always display correct information
+ after importing additional IDs
+ * Duplicate new mail notifications could be displayed when
+ server-side filters were in use
+ * Cancelling an SMTP password entry resulted in multiple failure
+ dialogs being displayed
+
+-------------------------------------------------------------------
+Tue Apr 12 07:30:18 UTC 2022 - Martin Liška <mliska@suse.cz>
+
+- Set memory limits for DWZ to 4x.
+
+-------------------------------------------------------------------
+Sat Apr 2 17:39:15 UTC 2022 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 91.8.0
+ * Google accounts using password authentication will be migrated
+ to OAuth2.
+ * bugfixes
+ https://www.thunderbird.net/en-US/thunderbird/91.8.0/releasenotes
+ MFSA 2022- (bsc#1197903)
+- update create-tar.sh
+
+-------------------------------------------------------------------
+Thu Mar 17 14:39:51 UTC 2022 - Dirk Müller <dmueller@suse.com>
+
+- skip slow workers, this is a tough build job
+
+-------------------------------------------------------------------
+Sun Mar 6 13:02:02 UTC 2022 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 91.7.0
+ * Thunderbird will use the first occurrence of headers that should
+ only appear once
+ * Auto-complete incorrectly changed a pasted email address to the
+ primary address of a contact
+ * Attachments with filename extensions that were not registered in
+ MIME types could not be opened
+ * Copy/Cut/Paste actions not working in Thunderbird Preferences
+ * Improved screen reader support of displayed message headers
+ MFSA 2022-12 (bsc#1196900)
+ * CVE-2022-26383 (bmo#1742421)
+ Browser window spoof using fullscreen mode
+ * CVE-2022-26384 (bmo#1744352)
+ iframe allow-scripts sandbox bypass
+ * CVE-2022-26387 (bmo#1752979)
+ Time-of-check time-of-use bug when verifying add-on signatures
+ * CVE-2022-26381 (bmo#1736243)
+ Use-after-free in text reflows
+ * CVE-2022-26386 (bmo#1752396)
+ Temporary files downloaded to /tmp and accessible by other
+ local users
+
+-------------------------------------------------------------------
+Sun Mar 6 12:49:36 UTC 2022 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 91.6.2
+ MFSA 2022-09
+ * CVE-2022-26485 (bmo#1758062)
+ Use-after-free in XSLT parameter processing
+ * CVE-2022-26486 (bmo#1758070)
+ Use-after-free in WebGPU IPC Framework
+
+-------------------------------------------------------------------
+Tue Feb 15 09:13:06 UTC 2022 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 91.6.1
+ * generated views of meeting invitations are now expanded by default
+ * Emails were not downloading at startup under some conditions
+ * Port numbers were not shown in "Confirm Security Exception"
+ dialog for CalDAV connections
+ MFSA 2022-07 (bsc#1196072)
+ * CVE-2022-0566 (bmo#1753094)
+ Crafted email could trigger an out-of-bounds write
+
+-------------------------------------------------------------------
+Sat Feb 5 14:11:31 UTC 2022 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 91.6.0
+ * TB will now offer to send large forwarded attachments via FileLink
+ * Partially signed unencrypted messages displayed an incorrect
+ "parrtially encrypted" notification
+ * Attachments filenames were not sanitized before saving to disk
+ * In the attachment bar, the "Import OpenPGP Key" item displayed
+ for public keys displayed an error and did not import the key
+ * "Open with" attachment dialog did not have a selected radio
+ button option
+ MFSA 2022-06 (bsc#1195682)
+ * CVE-2022-22753 (bmo#1732435)
+ Privilege Escalation to SYSTEM on Windows via Maintenance
+ Service
+ * CVE-2022-22754 (bmo#1750565)
+ Extensions could have bypassed permission confirmation during
+ update
+ * CVE-2022-22756 (bmo#1317873)
+ Drag and dropping an image could have resulted in the dropped
+ object being an executable
+ * CVE-2022-22759 (bmo#1739957)
+ Sandboxed iframes could have executed script if the parent
+ appended elements
+ * CVE-2022-22760 (bmo#1740985, bmo#1748503)
+ Cross-Origin responses could be distinguished between script
+ and non-script content-types
+ * CVE-2022-22761 (bmo#1745566)
+ frame-ancestors Content Security Policy directive was not
+ enforced for framed extension pages
+ * CVE-2022-22763 (bmo#1740534)
+ Script Execution during invalid object state
+ * CVE-2022-22764 (bmo#1742682, bmo#1744165, bmo#1746545,
+ bmo#1748210, bmo#1748279)
+ Memory safety bugs fixed in Thunderbird 91.6
+- do not use ccache by default
+- removed obsolete mozilla-bmo1745560.patch
+
+-------------------------------------------------------------------
+Sat Jan 22 09:57:59 UTC 2022 - Manfred Hollstein <manfred.h@gmx.net>
+
+- Mozilla Thunderbird 91.5.1
+ * JS LDAP implementation did not support self-signed SSL certificates
+ * After saving a draft and subsequently sending a FileLink email,
+ the original file was removed from disk
+ * Chat OTR encryption did not work
+ * OTR verification bar was not removed after completing verification
+ * Various theme improvements
+
+-------------------------------------------------------------------
+Thu Jan 20 13:10:00 UTC 2022 - Martin Liška <mliska@suse.cz>
+
+- Enable -fimplicit-constexpr for GCC 12+.
+
+-------------------------------------------------------------------
+Fri Jan 7 16:13:57 UTC 2022 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 91.5.0
+ https://www.thunderbird.net/en-US/thunderbird/91.5.0/releasenotes
+ MFSA 2022-03 (bsc#1194547)
+ * CVE-2022-22746 (bmo#1735071)
+ Calling into reportValidity could have lead to fullscreen
+ window spoof
+ * CVE-2022-22743 (bmo#1739220)
+ Browser window spoof using fullscreen mode
+ * CVE-2022-22742 (bmo#1739923)
+ Out-of-bounds memory access when inserting text in edit mode
+ * CVE-2022-22741 (bmo#1740389)
+ Browser window spoof using fullscreen mode
+ * CVE-2022-22740 (bmo#1742334)
+ Use-after-free of ChannelEventQueue::mOwner
+ * CVE-2022-22738 (bmo#1742382)
+ Heap-buffer-overflow in blendGaussianBlur
+ * CVE-2022-22737 (bmo#1745874)
+ Race condition when playing audio files
+ * CVE-2021-4140 (bmo#1746720)
+ Iframe sandbox bypass with XSLT
+ * CVE-2022-22748 (bmo#1705211)
+ Spoofed origin on external protocol launch dialog
+ * CVE-2022-22745 (bmo#1735856)
+ Leaking cross-origin URLs through securitypolicyviolation event
+ * CVE-2022-22744 (bmo#1737252)
+ The 'Copy as curl' feature in DevTools did not fully escape
+ website-controlled data, potentially leading to command injection
+ * CVE-2022-22747 (bmo#1735028)
+ Crash when handling empty pkcs7 sequence
+ * CVE-2022-22739 (bmo#1744158)
+ Missing throttling on external protocol launch dialog
+ * CVE-2022-22751 (bmo#1664149, bmo#1737816, bmo#1739366,
+ bmo#1740274, bmo#1740797, bmo#1741201, bmo#1741869, bmo#1743221,
+ bmo#1743515, bmo#1745373, bmo#1746011)
+ Memory safety bugs fixed in Thunderbird 91.5
+
+-------------------------------------------------------------------
+Tue Dec 28 20:20:30 UTC 2021 - Bjørn Lie <bjorn.lie@gmail.com>
+
+- Add mozilla-bmo1745560.patch: Fix build against wayland 1.20.
+
+-------------------------------------------------------------------
+Fri Dec 17 14:19:48 UTC 2021 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 91.4.1
+ * several fixes as outlined here
+ https://www.thunderbird.net/en-US/thunderbird/91.4.1/releasenotes/
+ MFSA 2021-55 (bsc#1193845)
+ * CVE-2021-4126 (bmo#1732310)
+ OpenPGP signature status doesn't consider additional message
+ content
+ * CVE-2021-44538 (bmo#1744056)
+ Matrix chat library libolm bundled with Thunderbird
+ vulnerable to a buffer overflow
+- updated _constraints
+
+-------------------------------------------------------------------
+Thu Dec 2 08:55:33 UTC 2021 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 91.4.0
+ * several fixes as outlined here
+ https://www.thunderbird.net/en-US/thunderbird/91.4.0/releasenotes
+ MFSA 2021-54 (bsc#1193485)
+ * CVE-2021-43536 (bmo#1730120)
+ URL leakage when navigating while executing asynchronous
+ function
+ * CVE-2021-43537 (bmo#1738237)
+ Heap buffer overflow when using structured clone
+ * CVE-2021-43538 (bmo#1739091)
+ Missing fullscreen and pointer lock notification when
+ requesting both
+ * CVE-2021-43539 (bmo#1739683)
+ GC rooting failure when calling wasm instance methods
+ * CVE-2021-43541 (bmo#1696685)
+ External protocol handler parameters were unescaped
+ * CVE-2021-43542 (bmo#1723281)
+ XMLHttpRequest error codes could have leaked the existence of
+ an external protocol handler
+ * CVE-2021-43543 (bmo#1738418)
+ Bypass of CSP sandbox directive when embedding
+ * CVE-2021-43545 (bmo#1720926)
+ Denial of Service when using the Location API in a loop
+ * CVE-2021-43546 (bmo#1737751)
+ Cursor spoofing could overlay user interface when native
+ cursor is zoomed
+ * CVE-2021-43528 (bmo#1742579)
+ JavaScript unexpectedly enabled for the composition area
+ * MOZ-2021-0009 (bmo#1393362, bmo#1736046, bmo#1736751,
+ bmo#1737009, bmo#1739372, bmo#1739421)
+ Memory safety bugs fixed in Thunderbird 91.4.0
+
+-------------------------------------------------------------------
+Thu Nov 25 20:25:29 UTC 2021 - Bjørn Lie <bjorn.lie@gmail.com>
+
+- Drop unused libidl-devel BuildRequires.
+
+-------------------------------------------------------------------
+Sat Nov 20 18:57:39 UTC 2021 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 91.3.2
+ * Date selection in Calendar print settings widget changed to use
+ mini calendar widget
+ * OpenPGP: Botan updated to 2.18.2; addresses CVE-2021-40529
+ boo#1189244
+ * Bugfixes as outlined in release notes
+ https://www.thunderbird.net/en-US/thunderbird/91.3.2/releasenotes/
+
+-------------------------------------------------------------------
+Sat Nov 13 11:52:30 UTC 2021 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 91.3.1
+ * OpenPGP public keys will no longer count as an attachment in
+ the message list
+ * Adding a search engine via URL now supported
+ * FileLink messages' template updated; Thunderbird advertisement
+ removed
+ * After an update, Thunderbird will now check installed addons
+ for updates
+ * Bugfixes as outlined in release notes
+ https://www.thunderbird.net/en-US/thunderbird/91.3.1/releasenotes/
+
+-------------------------------------------------------------------
+Sun Oct 31 17:49:23 UTC 2021 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 91.3.0
+ * several fixes as outlined here
+ https://www.thunderbird.net/en-US/thunderbird/91.3.0/releasenotes/
+ MFSA 2021-50 (bsc#1192250)
+ * CVE-2021-38503 (bmo#1729517)
+ iframe sandbox rules did not apply to XSLT stylesheets
+ * CVE-2021-38504 (bmo#1730156)
+ Use-after-free in file picker dialog
+ * CVE-2021-38505 (bmo#1730194)
+ Windows 10 Cloud Clipboard may have recorded sensitive user data
+ * CVE-2021-38506 (bmo#1730750)
+ Thunderbird could be coaxed into going into fullscreen mode
+ without notification or warning
+ * CVE-2021-38507 (bmo#1730935)
+ Opportunistic Encryption in HTTP2 could be used to bypass the
+ Same-Origin-Policy on services hosted on other ports
+ * MOZ-2021-0008 (bmo#1667102)
+ Use-after-free in HTTP2 Session object
+ * CVE-2021-38508 (bmo#1366818)
+ Permission Prompt could be overlaid, resulting in user
+ confusion and potential spoofing
+ * CVE-2021-38509 (bmo#1718571)
+ Javascript alert box could have been spoofed onto an
+ arbitrary domain
+ * CVE-2021-38510 (bmo#1731779)
+ Download Protections were bypassed by .inetloc files on Mac OS
+ * MOZ-2021-0007 (bmo#1606864, bmo#1712671, bmo#1730048,
+ bmo#1735152)
+ Memory safety bugs fixed in Thunderbird ESR 91.3
+- Drop unused pkgconfig(gdk-x11-2.0) BuildRequires
+
+-------------------------------------------------------------------
+Fri Oct 22 21:27:02 UTC 2021 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 91.2.1
+ * Preference added to disable automatic pausing RSS feed updates
+ after a fetch failure
+ * several bugfixes as outlined in release notes
+ https://www.thunderbird.net/en-US/thunderbird/91.2.1/releasenotes/
+
+-------------------------------------------------------------------
+Fri Oct 22 09:16:01 UTC 2021 - Guillaume GARDET <guillaume.gardet@opensuse.org>
+
+- Increase memory required per threads for aarch64 to avoid OOM
+
+-------------------------------------------------------------------
+Thu Oct 21 13:23:29 UTC 2021 - Martin Liška <mliska@suse.cz>
+
+- Enable LTO on Tumbleweed.
+
+-------------------------------------------------------------------
+Fri Oct 15 20:29:41 UTC 2021 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- add mozilla-bmo1724679.patch (bmo#1724679, boo#1182863)
+ fix some env variables which are enabled for any value
+
+-------------------------------------------------------------------
+Mon Oct 4 19:55:48 UTC 2021 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 91.2.0
+ * Saving a single message as .eml now uses a unique filename
+ * New mail notifications did not properly take subfolders into account
+ * Decrypting binary attachments when using an external GnuPG
+ configuration failed
+ * Account name fields in the account manager were not big enough
+ for long names
+ * LDAP searches using an extensibleMatch filter returned no results
+ * Read-only CalDAV calendars and CardDAV address books were not detected
+ * Multipart messages containing a calendar invite did not display
+ any of the human-readable alternatives
+ * Some calendar days were displayed incorrectly or duplicated
+ (eg. two "29th" days of a particular month)
+ * Phantom event was shown at the end of each day in Calendar week view
+ MFSA 2021-46 (bsc#1191332)
+ * CVE-2021-38496 (bmo#1725335)
+ Use-after-free in MessageTask
+ * CVE-2021-38497 (bmo#1726621)
+ Validation message could have been overlaid on another origin
+ * CVE-2021-38498 (bmo#1729642)
+ Use-after-free of nsLanguageAtomService object
+ * CVE-2021-32810 (bmo#1729813,
+ https://github.com/crossbeam-
+ rs/crossbeam/security/advisories/GHSA-pqqp-xmhj-wgcw)
+ Data race in crossbeam-deque
+ * CVE-2021-38500 (bmo#1725854, bmo#1728321)
+ Memory safety bugs fixed in Firefox 93, Firefox ESR 78.15,
+ and Firefox ESR 91.2
+ * CVE-2021-38501 (bmo#1685354, bmo#1715755, bmo#1723176)
+ Memory safety bugs fixed in Firefox 93 and Firefox ESR 91.2
+
+-------------------------------------------------------------------
+Sun Sep 26 16:01:35 UTC 2021 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 91.1.2
+ * Thunderbird will now warn if an S/MIME encrypted message includes
+ BCC recipients
+ * several bugfixes listed on
+ https://www.thunderbird.net/en-US/thunderbird/91.1.2/releasenotes/
+
+-------------------------------------------------------------------
+Wed Sep 15 15:37:55 UTC 2021 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 91.1.1
+ * Menu item for disabling subject encryption for a single message added
+ * Printing messages that are not currently displayed is no longer
+ supported, including printing multiple messages at once
+ * for bugfixes see
+ https://www.thunderbird.net/en-US/thunderbird/91.1.1/releasenotes
+- MOZ_ENABLE_WAYLAND env variable now overrides automatic detection
+ if already set before startup
+
+-------------------------------------------------------------------
+Thu Sep 2 07:03:59 UTC 2021 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 91.1.0
+ * Thunderbird registered Accessibility Handlers using same GUIDs
+ as Firefox, causing performance issues for NVDA users
+ * Focus lost when reordering accounts by keyboard in the Account Manager
+ * Account setup did not use provider display name for setting up
+ calendars
+ * Various theme and UX fixes
+ MFSA 2021-41 (bsc#1190269)
+ * CVE-2021-38492 (bmo#1721107)
+ Navigating to `mk:` URL scheme could load Internet Explorer
+ * CVE-2021-38495 (bmo#1723391, bmo#1723920, bmo#1724101,
+ bmo#1724107)
+ Memory safety bugs fixed in Thunderbird 91.1
+- (re-)added mozilla-silence-no-return-type.patch
+- add mozilla-bmo531915.patch to fix build for i586
+
+-------------------------------------------------------------------
+Fri Aug 27 21:01:34 UTC 2021 - Andreas Stieger <andreas.stieger@gmx.de>
+
+- Mozilla Thunderbird 91.0.3:
+ * fixed: Folder icons could be overridden by linked favicons in
+ HTML messages
+ * fixed: Unified folders showed no messages when underlying
+ folders were removed
+ * fixed: Folder pane toolbar did not always persist after
+ restarting Thunderbird
+ * fixed: Compose window attachment pane did not close when
+ disabling signing of an OpenPGP message
+ * fixed: Using "Reply to List" with some list emails
+ incorrectly opened a "no-reply" warning
+ * fixed: Account setup UX issues with Exchange autodiscover
+ * fixed: Account settings did not display non-UTF-8 server
+ descriptions correctly
+ * fixed: Thunderbird sometimes sent an unnecessary "SMTPUTF8",
+ causing some servers to reject mail
+ * fixed: No mouseover pop was displayed with event details for
+ non-all-day events in the Today Pane
+ * fixed: Filtering tasks in the Today Pane did not work
+ * fixed: Email based event scheduling displayed the date and
+ time in a format unreadable by humans
+
+-------------------------------------------------------------------
+Fri Aug 27 20:07:49 UTC 2021 - Andreas Stieger <andreas.stieger@gmx.de>
+
+- Mozilla Thunderbird 91.0.2:
+ * new: Tags are now colored in mail filter editor
+ * changed: Context menu items related to OpenPGP and
+ attachments are now hidden when not applicable
+ * fixed: Creating a new account with manual setup failed
+ * fixed: Recipient autocomplete always preferred the primary
+ email address for a contact
+ * fixed: LDAP performance improvements
+ * fixed: Extensions listed on the Recommended Addons did not
+ have a clear way to view details in a browser
+ * fixed: Status checkmark on View > Calendar > Calendar Pane >
+ Show Calendar Pane was reversed
+ * fixed: mid: URLs in calendar invites did not open the linked
+ mail message
+ * fixed: Various theme and UX fixes
+
+-------------------------------------------------------------------
+Tue Aug 17 07:19:15 UTC 2021 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 91.0.1
+ MFSA 2021-37 (bsc#1189547)
+ * CVE-2021-29991 (bmo#1724896)
+ Header Splitting possible with HTTP/3 Responses
+- appdate screenshot URL updated (by mailaender@opensuse.org)
+
+-------------------------------------------------------------------
+Sun Aug 15 17:21:46 UTC 2021 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 91.0
+ * based on Mozilla's 91 ESR codebase
+ * many new and changed features
+ https://www.thunderbird.net/en-US/thunderbird/91.0/releasenotes/#whatsnew
+ * Renamed "Add-ons" to "Add-ons and Themes" and "Options" to "Preferences"
+ * Thunderbird now operates in multi-process (e10s) mode by default
+ * New user interface for adding attachments
+ * Enable redirect of messages
+ * CardDAV address book support
+- Removed obsolete patches:
+ * mozilla-bmo1463035.patch
+ * mozilla-ppc-altivec_static_inline.patch
+ * mozilla-pipewire-0-3.patch
+ * mozilla-bmo1554971.patch
+- add mozilla-libavcodec58_91.patch
+- removed obsolete BigEndian ICU build workaround
+- updated build requirements
+- build using clang
+
+-------------------------------------------------------------------
+Thu Aug 5 15:47:34 UTC 2021 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 78.13.0
+ * removed WeTransfer integration package (not supported by vendor
+ any longer)
+ MFSA 2021-35 (bsc#1188891)
+ * CVE-2021-29986 (bmo#1696138)
+ Race condition when resolving DNS names could have led to
+ memory corruption
+ * CVE-2021-29988 (bmo#1717922)
+ Memory corruption as a result of incorrect style treatment
+ * CVE-2021-29984 (bmo#1720031)
+ Incorrect instruction reordering during JIT optimization
+ * CVE-2021-29980 (bmo#1722204)
+ Uninitialized memory in a canvas object could have led to
+ memory corruption
+ * CVE-2021-29985 (bmo#1722083)
+ Use-after-free media channels
+ * CVE-2021-29989 (bmo#1662676, bmo#1666184, bmo#1719178,
+ bmo#1719998, bmo#1720568)
+ Memory safety bugs fixed in Thunderbird 78.13
+
+-------------------------------------------------------------------
+Wed Jul 14 06:34:13 UTC 2021 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 78.12.0
+ MFSA 2021-30 (bsc#1188275)
+ * CVE-2021-29969 (bmo#1682370)
+ IMAP server responses sent by a MITM prior to STARTTLS could be
+ processed
+ * CVE-2021-29970 (bmo#1709976)
+ Use-after-free in accessibility features of a document
+ * CVE-2021-30547 (bmo#1715766)
+ Out of bounds write in ANGLE
+ * CVE-2021-29976 (bmo#1700895, bmo#1703334, bmo#1706910,
+ bmo#1711576, bmo#1714391)
+ Memory safety bugs fixed in Firefox 90 and Firefox ESR 78.12
+
+-------------------------------------------------------------------
+Sat May 29 08:14:38 UTC 2021 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 78.11.0
+ * OpenPGP could not be disabled for an account if a key was
+ previously configured
+ * Recipients were unable to decrypt some messages when the sender
+ had changed the message encryption from OpenPGP to S/MIME
+ * Contacts moved between CardDAV address books were not synced to
+ the new server
+ * CardDAV compatibility fixes for Google Contacts
+ MFSA 2021-26 (bsc#1186696)
+ * CVE-2021-29964 (bmo#1706501)
+ Out of bounds-read when parsing a `WM_COPYDATA` message
+ * CVE-2021-29967 (bmo#1602862, bmo#1703191, bmo#1703760,
+ bmo#1704722, bmo#1706041)
+ Memory safety bugs fixed in Thunderbird 78.11
+- renewed expired mozilla.keyring
+
+-------------------------------------------------------------------
+Fri May 14 08:58:19 UTC 2021 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 78.10.2
+ * Added support for importing OpenPGP keys without a primary
+ secret key
+ * Add-ons manager displays a preferences icon for mail extensions
+ that include an options page
+ Fixed
+ * OpenPGP messages with a high compression ratio (over 10x) could
+ not be decrypted
+ * Selected OpenPGP key was lost after opening the Key Properties
+ dialog in Account Settings
+ * Parsing some OpenPGP user IDs failed
+ * Various improvements to OpenPGP partial encryption reminders
+ * Mail toolbar buttons were too big when displaying both icons
+ and text
+ MFSA 2021-22
+ * CVE-2021-29956 (boo#1186199, bmo#1710290)
+ Thunderbird stored OpenPGP secret keys without master password
+ protection
+ * CVE-2021-29957 (boo#1186198, bmo#1673241)
+ Partial protection of inline OpenPGP message not indicated
+- do not rely on nodejs10 explicitely
+
+-------------------------------------------------------------------
+Tue May 4 15:39:28 UTC 2021 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 78.10.1
+ * Remove the fix for bmo#1689804 introduced in 78.9.0,
+ restoring the previous behavior
+ * MFSA 2021-19 (bsc#1185633) does not affect this platform
+
+-------------------------------------------------------------------
+Sun Apr 18 07:21:01 UTC 2021 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 78.10.0
+ MFSA 2021-14 (bsc#1184960)
+ * CVE-2021-23994 (bmo#1699077)
+ Out of bound write due to lazy initialization
+ * CVE-2021-23995 (bmo#1699835)
+ Use-after-free in Responsive Design Mode
+ * CVE-2021-23998 (bmo#1667456)
+ Secure Lock icon could have been spoofed
+ * CVE-2021-23961 (bmo#1677940)
+ More internal network hosts could have been probed by a
+ malicious webpage
+ * CVE-2021-23999 (bmo#1691153)
+ Blob URLs may have been granted additional privileges
+ * CVE-2021-24002 (bmo#1702374)
+ Arbitrary FTP command execution on FTP servers using an
+ encoded URL
+ * CVE-2021-29945 (bmo#1700690)
+ Incorrect size computation in WebAssembly JIT could lead to
+ null-reads
+ * CVE-2021-29946 (bmo#1698503)
+ Port blocking could be bypassed
+ * CVE-2021-29948 (bmo#1692899)
+ Race condition when reading from disk while verifying
+ signatures
+- recommend libotr5
+
+-------------------------------------------------------------------
+Sat Apr 10 11:39:37 UTC 2021 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 78.9.1
+ * Support recipient aliases for OpenPGP encryption
+ * The key and signature parts of the message security popup on a
+ received message could not be selected for copy/paste
+ * Various UX and theme improvements
+ MFSA 2021-13
+ * CVE-2021-23991 (bmo#1673240)
+ An attacker may use Thunderbird's OpenPGP key refresh mechanism
+ to poison an existing key
+ * MOZ-2021-23992 (bmo#1666236)
+ A crafted OpenPGP key with an invalid user ID could be used to
+ confuse the user
+ * CVE-2021-23993 (bmo#1666360)
+ Inability to send encrypted OpenPGP email after importing a
+ crafted OpenPGP key
+
+-------------------------------------------------------------------
+Sat Mar 20 09:20:00 UTC 2021 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 78.9.0
+ * bugfixes:
+ https://www.thunderbird.net/en-US/thunderbird/78.9.0/releasenotes
+ MFSA 2021-12 (boo#1183942)
+ * CVE-2021-23981 (bmo#1692832)
+ Texture upload into an unbound backing buffer resulted in an
+ out-of-bound read
+ * MOZ-2021-0002 (bmo#1691547)
+ Angle graphics library out of date
+ * CVE-2021-23982 (bmo#1677046)
+ Internal network hosts could have been probed by a malicious
+ webpage
+ * CVE-2021-23984 (bmo#1693664)
+ Malicious extensions could have spoofed popup information
+ * CVE-2021-23987 (bmo#1513519, bmo#1683439, bmo#1690169, bmo#1690718)
+ Memory safety bugs fixed in Firefox 87 and Firefox ESR 78.9
+- cleaned up and fixed mozilla.sh.in for wayland (boo#1177542)
+
+-------------------------------------------------------------------
+Sun Mar 7 09:27:49 UTC 2021 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 78.8.1
+ * several bugfixes and improvements
+ * https://www.thunderbird.net/en-US/thunderbird/78.8.1/releasenotes/
+- updated create-tar.sh (bsc#1182357)
+
+-------------------------------------------------------------------
+Fri Feb 19 21:39:32 UTC 2021 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 78.8.0
+ * various bugfixes
+ MFSA 2021-09 (bsc#1182614)
+ * CVE-2021-23969 (bmo#1542194)
+ Content Security Policy violation report could have contained
+ the destination of a redirect
+ * CVE-2021-23968 (bmo#1687342)
+ Content Security Policy violation report could have contained
+ the destination of a redirect
+ * CVE-2021-23973 (bmo#1690976)
+ MediaError message property could have leaked information
+ about cross-origin resources
+ * CVE-2021-23978 (bmo#786797, bmo#1682928, bmo#1687391,
+ bmo#1687597)
+ Memory safety bugs fixed in Firefox 86 and Firefox ESR 78.8
+
+-------------------------------------------------------------------
+Fri Feb 5 22:23:03 UTC 2021 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 78.7.1
+ * CardDAV address books now support OAuth2 and Google Contacts
+ * Thunderbird will no longer allow installation of addons that
+ use legacy APIs
+
+-------------------------------------------------------------------
+Tue Jan 26 07:47:13 UTC 2021 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 78.7.0
+ MFSA 2021-05 (bsc#1181414)
+ * CVE-2021-23953 (bmo#1683940)
+ Cross-origin information leakage via redirected PDF requests
+ * CVE-2021-23954 (bmo#1684020)
+ Type confusion when using logical assignment operators in
+ JavaScript switch statements
+ * CVE-2020-15685 (bmo#1622640)
+ IMAP Response Injection when using STARTTLS
+ * CVE-2020-26976 (bmo#1674343)
+ HTTPS pages could have been intercepted by a registered
+ service worker when they should not have been
+ * CVE-2021-23960 (bmo#1675755)
+ Use-after-poison for incorrectly redeclared JavaScript
+ variables during GC
+ * CVE-2021-23964 (bmo#1662507, bmo#1666285, bmo#1673526,
+ bmo#1674278, bmo#1674835, bmo#1675097, bmo#1675844,
+ bmo#1675868, bmo#1677590, bmo#1677888, bmo#1680410,
+ bmo#1681268, bmo#1682068, bmo#1682938, bmo#1683736,
+ bmo#1685260, bmo#1685925)
+ Memory safety bugs fixed in Thunderbird 78.7
+
+-------------------------------------------------------------------
+Sun Jan 24 09:33:04 UTC 2021 - Manfred Hollstein <manfred.h@gmx.net>
+
+- MozillaThunderbird.spec: Don't abuse BUILDROOT during %build as newer
+ rpm versions in TW remove everything there as the first action
+ of %install
+
+-------------------------------------------------------------------
+Mon Jan 11 16:35:00 UTC 2021 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 78.6.1
+ MFSA 2021-02 (bsc#1180623)
+ * CVE-2020-16044 (bmo#1683964)
+ Use-after-free write when handling a malicious COOKIE-ECHO SCTP
+ chunk
+
+-------------------------------------------------------------------
+Sat Dec 12 10:25:08 UTC 2020 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 78.6.0
+ * changes and additions in MailExtensions
+ * several bugfixes
+ * https://www.thunderbird.net/en-US/thunderbird/78.6.0/releasenotes/
+ MFSA 2020-56 (bsc#1180039))
+ * CVE-2020-16042 (bmo#1679003)
+ Operations on a BigInt could have caused uninitialized memory
+ to be exposed
+ * CVE-2020-26971 (bmo#1663466)
+ Heap buffer overflow in WebGL
+ * CVE-2020-26973 (bmo#1680084)
+ CSS Sanitizer performed incorrect sanitization
+ * CVE-2020-26974 (bmo#1681022)
+ Incorrect cast of StyleGenericFlexBasis resulted in a heap
+ use-after-free
+ * CVE-2020-26978 (bmo#1677047)
+ Internal network hosts could have been probed by a malicious
+ webpage
+ * CVE-2020-35111 (bmo#1657916)
+ The proxy.onRequest API did not catch view-source URLs
+ * CVE-2020-35112 (bmo#1661365)
+ Opening an extension-less download may have inadvertently
+ launched an executable instead
+ * CVE-2020-35113 (bmo#1664831, bmo#1673589)
+ Memory safety bugs fixed in Thunderbird 78.6
+
+-------------------------------------------------------------------
+Tue Dec 1 21:34:15 UTC 2020 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 78.5.1
+ MFSA 2020-53 (bsc#1179530)
+ * CVE-2020-26970 (bmo#1677338)
+ Stack overflow due to incorrect parsing of SMTP server response codes
+
+-------------------------------------------------------------------
+Mon Nov 16 20:13:34 UTC 2020 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 78.5.0
+ MFSA 2020-52 (bsc#1178894)
+ * CVE-2020-26951 (bmo#1667113)
+ Parsing mismatches could confuse and bypass security
+ sanitizer for chrome privileged code
+ * CVE-2020-16012 (bmo#1642028)
+ Variable time processing of cross-origin images during
+ drawImage calls
+ * CVE-2020-26953 (bmo#1656741)
+ Fullscreen could be enabled without displaying the security
+ UI
+ * CVE-2020-26956 (bmo#1666300)
+ XSS through paste (manual and clipboard API)
+ * CVE-2020-26958 (bmo#1669355)
+ Requests intercepted through ServiceWorkers lacked MIME type
+ restrictions
+ * CVE-2020-26959 (bmo#1669466)
+ Use-after-free in WebRequestService
+ * CVE-2020-26960 (bmo#1670358)
+ Potential use-after-free in uses of nsTArray
+ * CVE-2020-15999 (bmo#1672223)
+ Heap buffer overflow in freetype
+ * CVE-2020-26961 (bmo#1672528)
+ DoH did not filter IPv4 mapped IP Addresses
+ * CVE-2020-26965 (bmo#1661617)
+ Software keyboards may have remembered typed passwords
+ * CVE-2020-26966 (bmo#1663571)
+ Single-word search queries were also broadcast to local
+ network
+ * CVE-2020-26968 (bmo#1551615, bmo#1607762, bmo#1656697,
+ bmo#1657739, bmo#1660236, bmo#1667912, bmo#1671479,
+ bmo#1671923)
+ Memory safety bugs fixed in Thunderbird 78.5
+- removed obsolete mozilla-rust-1.47.patch
+
+-------------------------------------------------------------------
+Wed Nov 11 09:04:51 UTC 2020 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 78.4.3
+ https://www.thunderbird.net/en-US/thunderbird/78.4.3/releasenotes/
+- added mozilla-rust-1.47.patch to fix build with rust 1.47
+
+-------------------------------------------------------------------
+Mon Nov 9 21:43:37 UTC 2020 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 78.4.2
+ MFSA 2020-49
+ * CVE-2020-26950 (bmo#1675905)
+ Write side effects in MCallGetProperty opcode not accounted for
+
+-------------------------------------------------------------------
+Thu Nov 5 08:52:51 UTC 2020 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 78.4.1
+ * Bugfixes and minor features
+ https://www.thunderbird.net/en-US/thunderbird/78.4.1/releasenotes/
+
+-------------------------------------------------------------------
+Tue Oct 20 11:54:05 UTC 2020 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 78.4.0
+ * MailExtensions: browser.tabs.sendMessage API added
+ * MailExtensions: messageDisplayScripts API added
+ * Yahoo and AOL mail users using password authentication will be
+ migrated to OAuth2
+ * MailExtensions: messageDisplay APIs extended to support multiple
+ selected messages
+ * MailExtensions: compose.begin functions now support creating a
+ message with attachments
+ * multiple bugfixes
+ MFSA 2020-47 (bsc#1177872)
+ * CVE-2020-15969 (bmo#1666570)
+ Use-after-free in usersctp
+ * CVE-2020-15683 (bmo#1576843, bmo#1656987, bmo#1660954, bmo#1662760,
+ bmo#1663439, bmo#1666140)
+ Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4
+
+-------------------------------------------------------------------
+Thu Oct 15 14:31:39 UTC 2020 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 78.3.3
+ * OpenPGP: Improved support for encrypting with subkeys
+ * OpenPGP message status icons were not visible in message header pane
+ * OpenPGP Key Manager was missing from Tools menu on macOS
+ * Creating a new calendar event did not require an event title
+- remove python2 dependencies for TW
+- support wayland mode/autodetection in startup wrapper
+- replace some Requires to use requires_ge macro where appropriate
+- improve langpack build (as already used for Firefox)
+- add ccache statistics output to build
+
+-------------------------------------------------------------------
+Wed Oct 7 07:02:03 UTC 2020 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 78.3.2
+ * OpenPGP: Improved support for encrypting with subkeys
+ * OpenPGP: Encrypted messages with international characters were
+ sometimes displayed incorrectly
+ * Single-click deletion of recipient pills with middle mouse
+ button restored
+ * Searching an address book list did not display results
+ * Dark mode, high contrast, and Windows theming fixes
+
+-------------------------------------------------------------------
+Fri Sep 25 06:25:54 UTC 2020 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 78.3.1
+ * fix crash in nsImapProtocol::CreateNewLineFromSocket (bmo#1667120)
+
+-------------------------------------------------------------------
+Wed Sep 23 21:04:45 UTC 2020 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 78.3.0
+ MFSA 2020-44 (bsc#1176756)
+ * CVE-2020-15677 (bmo#1641487)
+ Download origin spoofing via redirect
+ * CVE-2020-15676 (bmo#1646140)
+ XSS when pasting attacker-controlled data into a
+ contenteditable element
+ * CVE-2020-15678 (bmo#1660211)
+ When recursing through layers while scrolling, an iterator
+ may have become invalid, resulting in a potential use-after-
+ free scenario
+ * CVE-2020-15673 (bmo#1648493, bmo#1660800)
+ Memory safety bugs fixed in Thunderbird 78.3
+- requires NSPR >= 4.25.1
+- removed obsolete thunderbird-bmo1664607.patch
+
+-------------------------------------------------------------------
+Sun Sep 13 20:10:39 UTC 2020 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 78.2.2
+ https://www.thunderbird.net/en-US/thunderbird/78.2.2/releasenotes
+- added thunderbird-bmo1664607.patch required for builds w/o updater
+ (boo#1176384)
+
+-------------------------------------------------------------------
+Mon Aug 31 12:08:25 UTC 2020 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 78.2.1
+ * based on Mozilla's 78 ESR codebase
+ * many new and changed features
+ https://www.thunderbird.net/en-US/thunderbird/78.0/releasenotes/#whatsnew
+ * built-in OpenPGP support (enigmail neither required nor supported)
+- added platform patches:
+ * mozilla-s390x-skia-gradient.patch
+ * mozilla-pipewire-0-3.patch
+ * mozilla-bmo1512162.patch
+ * mozilla-bmo1626236.patch
+ * mozilla-bmo998749.patch
+ * mozilla-sandbox-fips.patch
+- removed obsolete platform patches
+ * mozilla-s390-bigendian.patch
+ * mozilla-nestegg-big-endian.patch
+ * mozilla-openaes-decl.patch
+ * mozilla-cubeb-noreturn.patch
+
+-------------------------------------------------------------------
+Sun Aug 30 11:05:01 UTC 2020 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 68.12.0
+ MFSA 2020-40 (bsc#1175686)
+ * CVE-2020-15663 (bmo#1643199)
+ Downgrade attack on the Mozilla Maintenance Service could have
+ resulted in escalation of privilege
+ * CVE-2020-15664 (bmo#1658214)
+ Attacker-induced prompt for extension installation
+ * CVE-2020-15669 (bmo#1656957)
+ Use-After-Free when aborting an operation
+
+-------------------------------------------------------------------
+Fri Aug 28 09:04:11 UTC 2020 - Michel Normand <normand@linux.vnet.ibm.com>
+
+- Put back %limit_build macro usage to avoid build error PowerPC
+ (remove memoryperjob constraint)
+
+-------------------------------------------------------------------
+Thu Aug 20 08:57:15 UTC 2020 - Martin Liška <mliska@suse.cz>
+
+- Use memoryperjob constraint instead of %limit_build macro.
+
+-------------------------------------------------------------------
+Sat Aug 1 09:54:53 UTC 2020 - Andreas Stieger <andreas.stieger@gmx.de>
+
+- Mozilla Thunderbird 68.11.0
+ * fixed: FileLink attachments included as a link and file when
+ added from a network drive via drag & drop (bmo#793118)
+ MFSA 2020-35 (bsc#1174538)
+ * CVE-2020-15652 (bmo#1634872)
+ Potential leak of redirect targets when loading scripts in a
+ worker
+ * CVE-2020-6514 (bmo#1642792)
+ WebRTC data channel leaks internal address to peer
+ * CVE-2020-6463 (bmo#1635293)
+ Use-after-free in ANGLE gl::Texture::onUnbindAsSamplerTexture
+ * CVE-2020-15659 (bmo#1550133, bmo#1633880, bmo#1646787,
+ bmo#1650811)
+ Memory safety bugs fixed in Thunderbird 68.11
+
+-------------------------------------------------------------------
+Wed Jul 1 21:00:23 UTC 2020 - Andreas Stieger <andreas.stieger@gmx.de>
+
+- Mozilla Thunderbird 68.10.0
+ * fixed: Chat: Topics displayed some characters improperly
+ (bmo#1644024)
+ * fixed: Calendar: Filtering tasks did not work when
+ "Incomplete Tasks" was selected (bmo#1593711)
+ MFSA 2020-26 (bsc#1173576)
+ * CVE-2020-12417 (bmo#1640737)
+ Memory corruption due to missing sign-extension for ValueTags
+ on ARM64
+ * CVE-2020-12418 (bmo#1641303)
+ Information disclosure due to manipulated URL object
+ * CVE-2020-12419 (bmo#1643874)
+ Use-after-free in nsGlobalWindowInner
+ * CVE-2020-12420 (bmo#1643437)
+ Use-After-Free when trying to connect to a STUN server
+ * MFSA-2020-0001 (bmo#1606610)
+ Automatic account setup leaks Microsoft Exchange login
+ credentials
+ * CVE-2020-12421 (bmo#1308251)
+ Add-On updates did not respect the same certificate trust
+ rules as software updates
+
+-------------------------------------------------------------------
+Thu Jun 11 14:52:51 UTC 2020 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- build with nodejs10 to be able to drop nodejs8 from TW
+- updated create-tar.sh
+
+-------------------------------------------------------------------
+Sat Jun 6 21:05:07 UTC 2020 - Andreas Stieger <andreas.stieger@gmx.de>
+
+- Mozilla Thunderbird 68.9.0
+ * fixed: Custom headers added for searching or filtering could
+ not be removed (bmo#1631577)
+ * fixed: Calendar: Today Pane updated prior to loading all data
+ (bmo#1635613)
+ * fixed: Stability improvements (bmo#1625677)
+ MFSA 2020-22 (bsc#1172402)
+ * CVE-2020-12405 (bmo#1631618)
+ Use-after-free in SharedWorkerService
+ * CVE-2020-12406 (bmo#1639590)
+ JavaScript Type confusion with NativeTypes
+ * CVE-2020-12410 (bmo#1619305, bmo#1632717)
+ Memory safety bugs fixed in Thunderbird 68.9.0
+ * CVE-2020-12398 (bmo#1613623)
+ Security downgrade with IMAP STARTTLS leads to information
+ leakage
+
+-------------------------------------------------------------------
+Sun May 24 20:46:21 UTC 2020 - Andreas Stieger <andreas.stieger@gmx.de>
+
+- Mozilla Thunderbird 68.8.1
+ * fixed: IMAP stability improvements (bmo#1586494)
+ * fixed: HTML tags in IRC topic changes were rendered
+ incorrectly (bmo#1607097)
+ * fixed: MailExtensions: Websockets could not be used
+ (bmo#1627649)
+
+-------------------------------------------------------------------
+Tue May 5 07:49:33 UTC 2020 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 68.8.0
+ * Account Manager fixes and improvements
+ * https://www.thunderbird.net/en-US/thunderbird/68.8.0/releasenotes
+ MFSA 2020-18 (bsc#1171186)
+ * CVE-2020-12397 (bmo#1617370)
+ Sender Email Address Spoofing using encoded Unicode characters
+ * CVE-2020-12387 (bmo#1545345)
+ Use-after-free during worker shutdown
+ * CVE-2020-6831 (bmo#1632241)
+ Buffer overflow in SCTP chunk input validation
+ * CVE-2020-12392 (bmo#1614468)
+ Arbitrary local file access with 'Copy as cURL'
+ * CVE-2020-12393 (bmo#1615471)
+ Devtools' 'Copy as cURL' feature did not fully escape
+ website-controlled data, potentially leading to command injection
+ * CVE-2020-12395 (bmo#1595886, bmo#1611482, bmo#1614704, bmo#1624098,
+ bmo#1625749, bmo#1626382, bmo#1628076, bmo#1631508)
+ Memory safety bugs fixed in Thunderbird 68.8.0
+- removed obsolete patch mozilla-bmo1580963.patch
+
+-------------------------------------------------------------------
+Tue May 5 07:00:36 UTC 2020 - Ismail Dönmez <idonmez@suse.com>
+
+- Add mozilla-bmo1580963.patch to fix build with rust 1.43
+ (bmo#1580963)
+
+-------------------------------------------------------------------
+Thu Apr 9 17:27:50 UTC 2020 - Andreas Stieger <andreas.stieger@gmx.de>
+
+- Mozilla Thunderbird 68.7.0
+ * Updates to MailExtensions API
+ * Various improvements to account setup when connecting to an
+ Exchange server
+ * Thread collapsed when opening news message in a new window
+ * Fix Addons not automatically updated to compatible version after
+ upgrade from Thunderbird 60
+ * Updating addons did not prompt when requesting new permissions
+ * Extra recipients panel not keyboard-accessible
+ * Accessibility: Status bar was not detected by screenreaders
+ * Calendar: Invitations with embedded null bytes did not always decode correctly
+ * Calendar: Cancelled events didn't show with a line-through
+ * Various security fixes
+ MFSA 2020-14
+ In general, these flaws cannot be exploited through email in
+ Thunderbird because scripting is disabled when reading mail, but
+ are potentially risks in browser or browser-like contexts.
+ * CVE-2020-6819 (bmo#1620818, bsc#1168630)
+ Use-after-free while running the nsDocShell destructor
+ * CVE-2020-6820 (bmo#1626728, bsc#1168630)
+ Use-after-free when handling a ReadableStream
+ * CVE-2020-6821 (bmo#1625404, bsc#1168874)
+ Uninitialized memory could be read when using the WebGL
+ copyTexSubImage method
+ * CVE-2020-6822 (bmo#1544181, bsc#1168874)
+ Out of bounds write in GMPDecodeData when processing large images
+ * CVE-2020-6825 (bmo#1572541,bmo#1620193,bmo#1620203,bsc#1168874)
+ Memory safety bugs fixed in Thunderbird 68.7.0
+
+-------------------------------------------------------------------
+Sat Mar 14 13:16:23 UTC 2020 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 68.6.0
+ MFSA 2020-10 (bsc#1166238)
+ * CVE-2020-6805 (bmo#1610880)
+ Use-after-free when removing data about origins
+ * CVE-2020-6806 (bmo#1612308)
+ BodyStream::OnInputStreamReady was missing protections against
+ state confusion
+ * CVE-2020-6807 (bmo#1614971)
+ Use-after-free in cubeb during stream destruction
+ * CVE-2020-6811 (bmo#1607742)
+ Devtools' 'Copy as cURL' feature did not fully escape
+ website-controlled data, potentially leading to command injection
+ * CVE-2019-20503 (bmo#1613765)
+ Out of bounds reads in sctp_load_addresses_from_init
+ * CVE-2020-6812 (bmo#1616661)
+ The names of AirPods with personally identifiable information
+ were exposed to websites with camera or microphone permission
+ * CVE-2020-6814 (bmo#1592078, bmo#1604847, bmo#1608256, bmo#1612636,
+ bmo#1614339)
+ Memory safety bugs fixed in Thunderbird 68.6
+- requires NSS >= 3.44.3
+
+-------------------------------------------------------------------
+Mon Feb 10 21:55:19 UTC 2020 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 68.5.0
+ New
+ * Support for Client Identity IMAP/SMTP Service Extension
+ * Support for OAuth 2.0 authentication for POP3 accounts
+ Fixes
+ * Status area goes blank during account setup
+ * Calendar: Could not remove color for default categories
+ * Calendar: Prevent calendar component loading multiple times
+ * Calendar: Today pane did not retain width between sessions
+ MFSA 2020-07 (bsc#1163368)
+ * CVE-2020-6793 (bmo#1608539)
+ Out-of-bounds read when processing certain email messages
+ * CVE-2020-6794 (bmo#1606619)
+ Setting a master password post-Thunderbird 52 does not delete
+ unencrypted previously stored passwords
+ * CVE-2020-6795 (bmo#1611105)
+ Crash processing S/MIME messages with multiple signatures
+ * CVE-2020-6797 (bmo#1596668) (Mac OSX only)
+ Extensions granted downloads.open permission could open arbitrary
+ applications on Mac OSX
+ * CVE-2020-6798 (bmo#1602944)
+ Incorrect parsing of template tag could result in JavaScript injection
+ * CVE-2020-6792 (bmo#1609607)
+ Message ID calculcation was based on uninitialized data
+ * CVE-2020-6800 (bmo#1595786,bmo#1596706,bmo#1598543,bmo#1604851,
+ bmo#1608580,bmo#1608785,bmo#1605777)
+ Memory safety bugs fixed in Thunderbird 68.5
+
+-------------------------------------------------------------------
+Tue Jan 28 08:26:02 UTC 2020 - Stasiek Michalski <stasiek@michalski.cc>
+
+- Use a symbolic icon from branding internals
+
+-------------------------------------------------------------------
+Fri Jan 24 19:47:53 UTC 2020 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 68.4.2
+ * Calendar: Task and Event tree colours adjusted for the dark theme
+ * Retrieval of S/MIME certificates from LDAP failed
+ * Address-parsing crash on some IMAP servers when
+ mail.imap.use_envelope_cmd is set
+ * Incorrect forwarding of HTML messages caused SMTP servers to
+ respond with a timeout
+ * Calendar: Various parts of the calendar UI stopped working when
+ a second Thunderbird window opened
+
+-------------------------------------------------------------------
+Fri Jan 10 13:08:55 UTC 2020 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 68.4.1
+ * Various improvements when setting up an account for a Microsoft
+ Exchange server: Now offers IMAP/SMTP if available, better
+ detection for Office 365 accounts; re-run configuration after
+ password change
+ Fixes:
+ * After changing view layout, the message display pane showed
+ garbled content under some circumstances
+ * Various theme changes to achieve "pixel perfection": Unread icon,
+ "no results" icon, paragraph format and font selector, background
+ of folder summary tooltip
+ * Tags were lost on messages in shared IMAP folders under some
+ circumstances
+ * Calendar: Event attendee dialog was not displayed correctly
+ MFSA 2020-04 (bsc#1160498, bsc#1160305)
+ * CVE-2019-17026 (bmo#1607443)
+ IonMonkey type confusion with StoreElementHole and FallibleStoreElement
+ * CVE-2019-17015 (bmo#1599005)
+ Memory corruption in parent process during new content process
+ initialization on Windows
+ * CVE-2019-17016 (bmo#1599181)
+ Bypass of @namespace CSS sanitization during pasting
+ * CVE-2019-17017 (bmo#1603055)
+ Type Confusion in XPCVariant.cpp
+ * CVE-2019-17021 (bmo#1599008)
+ Heap address disclosure in parent process during content process
+ initialization on Windows
+ * CVE-2019-17022 (bmo#1602843)
+ CSS sanitization does not escape HTML tags
+ * CVE-2019-17024 (bmo#1507180, bmo#1595470, bmo#1598605, bmo#1601826)
+ Memory safety bugs fixed in Firefox 72 and Firefox ESR 68.4
+- removed obsolete patch mozilla-bmo1511604.patch
+- added mozilla-bmo1602730.patch to fix LE<->BE issues in the
+ platform (bmo#1602730)
+
+-------------------------------------------------------------------
+Fri Dec 27 17:23:35 UTC 2019 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- add mozilla-bmo1583471.patch to allow building with rust 1.39
+
+-------------------------------------------------------------------
+Fri Dec 20 16:02:55 UTC 2019 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 68.3.1
+ * In dark theme unread messages no longer shown in blue to
+ distinguish from tagged messages
+ * Account setup is now using client side DNS MX lookup instead of
+ relying on a server
+ Bugfixes
+ * Searching LDAP address book crashed in some circumstances
+ * Message navigation with backward and forward buttons did not work
+ in some circumstances
+ * WebExtension toolbar icons were displayed too small
+ * Calendar: Tasks due today were not listed in bold
+ * Calendar: Last day of long-running events was not shown
+
+-------------------------------------------------------------------
+Thu Dec 5 10:29:18 UTC 2019 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 68.3.0:
+ * Message display toolbar action WebExtension API
+ * Navigation buttons are now available in content tabs, for example
+ those opened via an add-on search
+ * other bugfixes
+ MFSA 2019-38
+ * CVE-2019-17008 (bmo#1546331)
+ Use-after-free in worker destruction
+ * CVE-2019-13722 (bmo#1580156)
+ Stack corruption due to incorrect number of arguments in WebRTC code
+ * CVE-2019-17010 (bmo#1581084)
+ Use-after-free when performing device orientation checks
+ * CVE-2019-17005 (bmo#1584170)
+ Buffer overflow in plain text serializer
+ * CVE-2019-17011 (bmo#1591334)
+ Use-after-free when retrieving a document in antitracking
+ * CVE-2019-17012 (bmo#1449736, bmo#1533957, bmo#1560667, bmo#1567209,
+ bmo#1580288, bmo#1585760, bmo#1592502)
+ Memory safety bugs fixed in Firefox 71 and Firefox ESR 68.3
+ * Various updates to improve performance and stability
+- updated create-tar.sh to cover buildid and origin repo information
+- changed locale building procedure
+ * removed obsolete compare-locales.tar.xz and
+ thunderbird-broken-locales-build.patch
+- add mozilla-bmo849632.patch to fix color issues on big endian
+
+-------------------------------------------------------------------
+Sat Nov 9 20:13:17 UTC 2019 - Andreas Stieger <andreas.stieger@gmx.de>
+
+- Mozilla Thunderbird 68.2.2:
+ * fix age calculation in address book (bmo#1592536)
+ * fix column menu behavior in address book (bmo#1592393)
+
+-------------------------------------------------------------------
+Fri Nov 1 11:16:39 UTC 2019 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 68.2.1
+ * A language for the user interface can now be chosen in the
+ advanced settings (multilingual UI)
+ * Fixed problem with Google authentication (OAuth2)
+ * Selected or unread messages were not shown in the correct color
+ in the thread pane (message list) under some circumstances
+ * When using a language pack, names of standard folders weren't
+ localized (boo#1149126)
+ * Address book default startup directory in preferences panel was
+ not persisted
+ * Chat: Extended context menu on Instant messaging status dialog
+ (Show Accounts)
+- added mozilla-bmo1504834-part4.patch to fix some visual issues on
+ big endian platforms
+
+-------------------------------------------------------------------
+Tue Oct 22 06:43:32 UTC 2019 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 68.2.0
+ * Message Display WebExtension API
+ * Message Search WebExtension API
+ * Better visual feedback for unread messages when using the dark theme
+ * Fixed various issues when editing mailing list
+ * Fixed application windows not maintaining their size after restart
+ MFSA 2019-33 (bsc#1154738)
+ * CVE-2019-15903 (bmo#1584907)
+ Heap overflow in expat library in XML_GetCurrentLineNumber
+ * CVE-2019-11757 (bmo#1577107)
+ Use-after-free when creating index updates in IndexedDB
+ * CVE-2019-11758 (bmo#1536227)
+ Potentially exploitable crash due to 360 Total Security
+ * CVE-2019-11759 (bmo#1577953)
+ Stack buffer overflow in HKDF output
+ * CVE-2019-11760 (bmo#1577719)
+ Stack buffer overflow in WebRTC networking
+ * CVE-2019-11761 (bmo#1561502)
+ Unintended access to a privileged JSONView object
+ * CVE-2019-11762 (bmo#1582857)
+ document.domain-based origin isolation has same-origin-property violation
+ * CVE-2019-11763 (bmo#1584216)
+ Incorrect HTML parsing results in XSS bypass technique
+ * CVE-2019-11764 (bmo#1558522, bmo#1577061, bmo#1548044, bmo#1571223,
+ bmo#1573048, bmo#1578933, bmo#1575217, bmo#1583684, bmo#1586845,
+ bmo#1581950, bmo#1583463, bmo#1586599)
+ Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2
+- removed obsolete patches
+ mozilla-bmo1573381.patch
+ mozilla-bmo1512162.patch
+ mozilla-bmo1585099.patch
+
+-------------------------------------------------------------------
+Thu Oct 10 14:30:09 UTC 2019 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 68.1.2
+ Bugfixes
+ * Some attachments couldn't be opened in messages originating from
+ MS Outlook 2016
+ * Address book import from CSV
+ * Performance problem in message body search
+ * Ctrl+Enter to send a message would open an attachment if the
+ attachment pane had focus
+ * Calendar: Issues with "Today Pane" start-up
+ * Calendar: Glitches with custom repeat and reminder number input
+ * Calendar: Problems with WCAP provider
+- add mozilla-bmo1585099.patch to fix build with rust >= 1.38
+
+-------------------------------------------------------------------
+Wed Sep 25 11:46:51 UTC 2019 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 68.1.1
+ Bugfixes
+ * Issues with attachments in IMAP messages
+ * Gmail accounts ignored a non-standard trash folder selection
+ * Entering/pasting lists of recipients into the addressing widget or
+ mailing list not working reliably, especially when lists contained
+ multiple commas or semicolons
+ * Edit mailing list not working
+ * Various theme fixes, especially dark theme improvements for Calendar
+ * Contrast between tag label and background not optimal
+ * Account Central pane always loaded at start-up
+ * "Config Editor" button not removed if blocked by policy
+ * Calendar: Free/busy information in attendees dialog not scrolled
+ correctly. Note: Scroll arrows still not behaving correctly
+ MFSA 2019-32
+ * CVE-2019-11755 (bmo#1240290, boo#1152375)
+ Spoofing a message author via a crafted S/MIME message
+- require nodejs8 instead of generic nodejs for better cross-distribution
+ support
+- call desktop database update on install
+- updated translations-other locale list
+- build correct ICU for Big Endian
+- remove kde.js since disabling instantApply breaks extensions and
+ is obsolete with the move to HTML views for preferences (boo#1151186)
+- update create-tar.sh to latest revision and adjust tar_stamps
+- added platform patches from Firefox 68esr
+ mozilla-bmo1005535.patch
+ mozilla-bmo1463035.patch
+ mozilla-bmo1504834-part1.patch
+ mozilla-bmo1504834-part2.patch
+ mozilla-bmo1504834-part3.patch
+ mozilla-bmo1511604.patch
+ mozilla-bmo1554971.patch
+ mozilla-bmo1573381.patch
+ mozilla-cubeb-noreturn.patch
+ mozilla-disable-wasm-emulate-arm-unaligned-fp-access.patch
+ mozilla-fix-aarch64-libopus.patch
+ mozilla-fix-top-level-asm.patch
+ mozilla-nestegg-big-endian.patch
+ mozilla-ntlm-full-path.patch
+ mozilla-openaes-decl.patch
+ mozilla-ppc-altivec_static_inline.patch
+ mozilla-reduce-rust-debuginfo.patch
+ mozilla-s390-bigendian.patch
+ mozilla-s390-context.patch
+ mozilla-bmo1512162.patch
+ thunderbird-broken-locales-build.patch
+- removed renamed patches
+ fix-missing-return-warning.patch
+ fix-top-level-asm-issue.patch
+ thunderbird-locale-build.patch
+
+-------------------------------------------------------------------
+Fri Sep 20 15:59:25 UTC 2019 - munix9@googlemail.com
+
+- repack the lightning xpi with all available locales (boo#939153) (lp#545778)
+
+-------------------------------------------------------------------
+Fri Sep 20 09:49:41 UTC 2019 - Martin Liška <mliska@suse.cz>
+
+- Add fix-top-level-asm-issue.patch in order to fix LTO build.
+- Enable LTO on TW on x86_64.
+- Use GCC.
+
+-------------------------------------------------------------------
+Fri Sep 20 08:24:23 UTC 2019 - Bernhard Wiedemann <bwiedemann@suse.com>
+
+- added mozilla-bmo1568145.patch to make builds reproducible (boo#1047218)
+
+-------------------------------------------------------------------
+Tue Sep 10 07:33:52 UTC 2019 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 68.1.0
+ * Offer to configure Exchange accounts for Office365. A third-party
+ add-on is required for this account type. IMAP still exists as
+ alternative.
+ * several bugfixes
+ MFSA 2019-30
+ * CVE-2019-11739 (bmo#1571481, boo#1150939)
+ Covert Content Attack on S/MIME encryption using a crafted
+ multipart/alternative message
+ * CVE-2019-11746 (bmo#1564449, boo#1149297)
+ Use-after-free while manipulating video
+ * CVE-2019-11744 (bmo#1562033, boo#1149304)
+ XSS by breaking out of title and textarea elements using innerHTML
+ * CVE-2019-11742 (bmo#1559715, boo#1149303)
+ Same-origin policy violation with SVG filters and canvas to steal
+ cross-origin images
+ * CVE-2019-11752 (bmo#1501152, boo#1149296)
+ Use-after-free while extracting a key value in IndexedDB
+ * CVE-2019-11743 (bmo#1560495, boo#1149298)
+ Cross-origin access to unload event attributes
+ * CVE-2019-11740 (bmo#1563133,bmo#1573160, boo#1149299)
+ Memory safety bugs fixed in Firefox 69, Firefox ESR 68.1, and Firefox
+ ESR 60.9, Thunderbird 68.1, and Thunderbird 60.9
+- removed upstreamed fix-build-after-y2038-changes-in-glibc.patch
+- added thunderbird-locale-build.patch to fix locale build
+
+-------------------------------------------------------------------
+Fri Aug 30 07:25:15 UTC 2019 - Manfred Hollstein <manfred.h@gmx.net>
+
+- Add -L flag to the stat call for checking file size of %{SOURCE4}.
+- Add fix-missing-return-warning.patch to silence a compiler warning.
+
+-------------------------------------------------------------------
+Wed Aug 28 12:27:34 UTC 2019 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 68.0
+ * based on Firefox ESR 68
+ * File link attachments can now be linked to again instead of
+ uploading them again
+ * Mark all folders of an account as read
+ * Run filters periodically. Improved filter logging
+ * OAuth2 authentication for Yandex
+ * Language packs can now be selected in the Advanced Options.
+ Preference intl.multilingual.enabled needs to be set (and possily
+ also extensions.langpacks.signatures.required needs to be set to false)
+ * Added a policy engine that allows customized Thunderbird deployments
+ in enterprise environments, using Windows Group Policy or a
+ cross-platform JSON file
+ * TCP keepalive for IMAP protocol
+ * Full Unicode support for MAPI interfaces: New support for MAPISendMailW
+ * Calendar: Time zone data can now include past and future changes.
+ All known time zone changes from 2018 to 2022 are included.
+ * Chat: In each conversation an individual spellcheck language can
+ be selected now
+- removed obsolete patches
+ * mozilla-bmo1463035.patch
+ * mozilla-i586-domPrefs.patch
+ * mozilla-bmo1464766.patch
+ * mozilla-bmo1519629.patch
+ * mozilla-i586-DecoderDoctorLogger.patch
+ * mozilla-bmo1375074.patch
+- added fix-build-after-y2038-changes-in-glibc.patch to fix build
+ in Tumbleweed (patch already upstream for next release)
+
+-------------------------------------------------------------------
+Thu Aug 1 11:12:05 UTC 2019 - Tristan Miller <psychonaut@nothingisreal.com>
+
+- Update package summary, description, and AppData using more informative
+ and up-to-date text from the official Thunderbird FAQ, replacing obsolete
+ references to the Mozilla Application Suite and Thunderbird's relation to
+ the Mozilla organization
+
+-------------------------------------------------------------------
+Wed Jul 10 13:47:41 UTC 2019 - Bernhard Wiedemann <bwiedemann@suse.com>
+
+- Generate langpacks sequentially to avoid file corruption
+ from racy file writes (boo#1137970)
+
+-------------------------------------------------------------------
+Mon Jul 8 10:25:24 UTC 2019 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 60.8.0
+ * Calendar: Problems when editing event times, some related to
+ AM/PM setting in non-English locales
+ MFSA 2019-23 (boo#1140868)
+ * CVE-2019-9811 (bmo#1538007, bmo#1539598, bmo#1563327)
+ Sandbox escape via installation of malicious languagepack
+ * CVE-2019-11711 (bmo#1552541)
+ Script injection within domain through inner window reuse
+ * CVE-2019-11712 (bmo#1543804)
+ Cross-origin POST requests can be made with NPAPI plugins by
+ following 308 redirects
+ * CVE-2019-11713 (bmo#1528481)
+ Use-after-free with HTTP/2 cached stream
+ * CVE-2019-11729 (bmo#1515342)
+ Empty or malformed p256-ECDH public keys may trigger a segmentation fault
+ * CVE-2019-11715 (bmo#1555523)
+ HTML parsing error can contribute to content XSS
+ * CVE-2019-11717 (bmo#1548306)
+ Caret character improperly escaped in origins
+ * CVE-2019-11719 (bmo#1540541)
+ Out-of-bounds read when importing curve25519 private key
+ * CVE-2019-11730 (bmo#1558299)
+ Same-origin policy treats all files in a directory as having the
+ same-origin
+ * CVE-2019-11709 (bmo#1547266, bmo#1540759, bmo#1548822, bmo#1550498
+ bmo#1515052, bmo#1539219, bmo#1547757, bmo#1550498, bmo#1533522)
+ Memory safety bugs fixed in Firefox 68 and Firefox ESR 60.8 and
+ Thunderbird 60.8
+
+-------------------------------------------------------------------
+Thu Jun 20 22:15:46 UTC 2019 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 60.7.2
+ MFSA 2019-20 (boo#1138872)
+ * CVE-2019-11707 (bmo#1544386)
+ Type confusion in Array.pop
+ * CVE-2019-11708 (bmo#1559858)
+ sandbox escape using Prompt:Open
+
+-------------------------------------------------------------------
+Wed Jun 12 06:23:28 UTC 2019 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 60.7.1
+ * fixed: No prompt for smartcard PIN when S/MIME signing is used
+ MFSA 2019-17 (boo#1137595)
+ * CVE-2019-11703 (bmo#1553820)
+ Heap buffer overflow in icalparser.c
+ * CVE-2019-11704 (bmo#1553814)
+ Heap buffer overflow in icalvalue.c
+ * CVE-2019-11705 (bmo#1553808)
+ Stack buffer overflow in icalrecur.c
+ * CVE-2019-11706 (bmo#1555646)
+ Type confusion in icalproperty.c
+
+-------------------------------------------------------------------
+Sat Jun 8 16:35:04 UTC 2019 - Aaron Puchert <aaronpuchert@alice-dsl.net>
+
+- Increase disk space requirements in _constraints.
+
+-------------------------------------------------------------------
+Fri May 24 08:53:57 UTC 2019 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 60.7.0
+ * Attachment pane of Write window no longer focussed when attaching
+ files using a keyboard shortcut
+ MFSA 2019-15 (boo#1135824)
+ * CVE-2019-9815 (bmo#1546544)
+ Disable hyperthreading on content JavaScript threads on macOS
+ * CVE-2019-9816 (bmo#1536768)
+ Type confusion with object groups and UnboxedObjects
+ * CVE-2019-9817 (bmo#1540221)
+ Stealing of cross-domain images using canvas
+ * CVE-2019-9818 (bmo#1542581) (Windows only)
+ Use-after-free in crash generation server
+ * CVE-2019-9819 (bmo#1532553)
+ Compartment mismatch with fetch API
+ * CVE-2019-9820 (bmo#1536405)
+ Use-after-free of ChromeEventHandler by DocShell
+ * CVE-2019-11691 (bmo#1542465)
+ Use-after-free in XMLHttpRequest
+ * CVE-2019-11692 (bmo#1544670)
+ Use-after-free removing listeners in the event listener manager
+ * CVE-2019-11693 (bmo#1532525)
+ Buffer overflow in WebGL bufferdata on Linux
+ * CVE-2019-7317 (bmo#1542829)
+ Use-after-free in png_image_free of libpng library
+ * CVE-2019-9797 (bmo#1528909)
+ Cross-origin theft of images with createImageBitmap
+ * CVE-2018-18511 (bmo#1526218)
+ Cross-origin theft of images with ImageBitmapRenderingContext
+ * CVE-2019-11694 (bmo#1534196) (Windows only)
+ Uninitialized memory memory leakage in Windows sandbox
+ * CVE-2019-11698 (bmo#1543191)
+ Theft of user history data through drag and drop of hyperlinks
+ to and from bookmarks
+ * CVE-2019-5798 (bmo#1535518)
+ Out-of-bounds read in Skia
+ * CVE-2019-9800 (bmo#1540166, bmo#1534593, bmo#1546327, bmo#1540136,
+ bmo#1538736, bmo#1538042, bmo#1535612, bmo#1499719, bmo#1499108,
+ bmo#1538619, bmo#1535194, bmo#1516325, bmo#1542324, bmo#1542097,
+ bmo#1532465, bmo#1533554, bmo#1541580)
+ Memory safety bugs fixed in Firefox 67 and Firefox ESR 60.7
+
+-------------------------------------------------------------------
+Wed Apr 24 17:26:44 UTC 2019 - Martin Liška <mliska@suse.cz>
+
+- Disable LTO (boo#1133267).
+
+-------------------------------------------------------------------
+Sat Mar 30 11:36:41 UTC 2019 - Manfred Hollstein <manfred.h@gmx.net>
+
+- Add patch to fix build using rust-1.33: (boo#1130694)
+ * mozilla-bmo1519629.patch (bmo#1519629)
+
+-------------------------------------------------------------------
+Mon Mar 25 12:08:23 UTC 2019 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 60.6.1
+ MFSA 2019-12 (bsc#1130262)
+ * CVE-2019-9810 (bmo#1537924)
+ IonMonkey MArraySlice has incorrect alias information
+ * CVE-2019-9813 (bmo#1538006)
+ Ionmonkey type confusion with __proto__ mutations
+
+-------------------------------------------------------------------
+Wed Mar 20 15:33:14 UTC 2019 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 60.6.0
+ * Calendar: Can't create repeating event with end date when using
+ certain time zones, for example Europe/Minsk
+ * some minor bugfixes
+ * using 60.6.0esr Mozilla platform (bsc#1129821)
+
+-------------------------------------------------------------------
+Thu Mar 7 08:28:56 UTC 2019 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 60.5.3
+ * fixed a regression on the Windows platform:
+ Problem when using "Send to > Mail recipient" on Windows
+
+-------------------------------------------------------------------
+Sun Feb 24 19:15:06 UTC 2019 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 60.5.2
+ * UTF-8 support for MAPISendMail
+ * Problem with S/MIME certificate verification when receiving email
+ from Outlook (issue introduced in version 60.5.1)
+
+-------------------------------------------------------------------
+Thu Feb 14 21:46:45 UTC 2019 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 60.5.1
+ * CalDav access to some servers not working
+ MFSA 2019-06 (bsc#1125330)
+ * CVE-2018-18356 bmo#1525817
+ Use-after-free in Skia
+ * CVE-2019-5785 bmo#1525433
+ Integer overflow in Skia
+ * CVE-2018-18335 bmo#1525815
+ Buffer overflow in Skia with accelerated Canvas 2D
+ * CVE-2018-18509 bmo#1507218
+ S/MIME signature spoofing
+
+-------------------------------------------------------------------
+Fri Jan 25 14:40:21 UTC 2019 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 60.5.0:
+ * FileLink provider WeTransfer to upload large attachments
+ * Thunderbird now allows the addition of OpenSearch search engines
+ from a local XML file using a minimal user inferface: [+] button
+ to select a file an add, [-] to remove.
+ * More search engines: Google and DuckDuckGo available by default
+ in some locales
+ * During account creation, Thunderbird will now detect servers
+ using the Microsoft Exchange protocol. It will offer the
+ installation of a 3rd party add-on (Owl) which supports that
+ protocol.
+ * Thunderbird now compatible with other WebExtension-based
+ FileLink add-ons like the Dropbox add-on
+ MFSA 2019-03 (bsc#1122983)
+ * CVE-2018-18500 bmo#1510114
+ Use-after-free parsing HTML5 stream
+ * CVE-2018-18505 bmo#1497749
+ Privilege escalation through IPC channel messages
+ * CVE-2016-5824 bmo#1275400
+ DoS (use-after-free) via a crafted ics file
+ * CVE-2018-18501 bmo#1512450 bmo#1517542 bmo#1513201 bmo#1460619
+ bmo#1502871 bmo#1516738 bmo#1516514
+ Memory safety bugs fixed in Firefox 65 and Firefox ESR 60.5
+- requires NSS 3.36.7
+- removed obsolete patch
+ mozilla-no-stdcxx-check.patch
+- rebased patches
+
+-------------------------------------------------------------------
+Fri Dec 21 19:50:56 UTC 2018 - astieger@suse.com
+
+- Mozilla Thunderbird 60.4.0:
+ * New WebExtensions FileLink API to facilitate add-ons
+ * Fix decoding problems for messages with less common charsets
+ (cp932, cp936)
+ * New messages in the drafts folder (and other special or virtual
+ folders) will no longer be included in the new messages
+ notification
+ MFSA 2018-31
+ * CVE-2018-17466 bmo#1488295
+ Buffer overflow and out-of-bounds read in ANGLE library with
+ TextureStorage11
+ * CVE-2018-18492 bmo#1499861
+ Use-after-free with select element
+ * CVE-2018-18493 bmo#1504452
+ Buffer overflow in accelerated 2D canvas with Skia
+ * CVE-2018-18494 bmo#1487964
+ Same-origin policy violation using location attribute and
+ performance.getEntries to steal cross-origin URLs
+ * CVE-2018-18498 bmo#1500011
+ Integer overflow when calculating buffer sizes for images
+ * CVE-2018-12405 bmo#1494752 bmo#1503326 bmo#1505181 bmo#1500759
+ bmo#1504365 bmo#1506640 bmo#1503082 bmo#1502013 bmo#1510471
+ Memory safety bugs fixed in Firefox 64, 60.4, and Thunderbird 60.4
+- requires NSS 3.36.6
+
+
+-------------------------------------------------------------------
+Tue Dec 4 21:04:50 UTC 2018 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 60.3.3
+ * Thunderbird 60 will migrate security databases (key3.db, cert8.db
+ to key4.db, cert9.db). Thunderbird 60.3.2 and earlier contained a
+ fault that potentially deleted saved passwords and private certificate
+ keys for users using a master password. Version 60.3.3 will prevent
+ the loss of data; affected users who have already upgraded to version
+ 60.3.2 or earlier can restore the deleted key3.db file from backup
+ to complete the migration.
+ * Address book search and auto-complete slowness introduced in
+ Thunderbird 60.3.2
+ * Plain text markup with * for bold, / for italics, _ for underline
+ and | for code did not work when the enclosed text contained
+ non-ASCII characters
+ * While composing a message, a link not removed when link location
+ was removed in the link properties panel
+
+-------------------------------------------------------------------
+Mon Dec 3 12:57:01 UTC 2018 - astieger@suse.com
+
+- Fix build on openSUSE Leap 15.x w.r.t. rust-std requirement
+
+-------------------------------------------------------------------
+Thu Nov 29 08:47:10 UTC 2018 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 60.3.2
+ * Encoding problems when exporting address books or messages using
+ the system charset. Messages are now always exported using the
+ UTF-8 encoding
+ * If the "Date" header of a message was invalid, Jan 1970 or Dec 1969
+ was displayed. Now using date from "Received" header instead.
+ * Body search/filtering didn't reliably ignore content of tags
+ * Inappropriate warning "Thunderbird prevented the site
+ (addons.thunderbird.net) from asking you to install software on
+ your computer" when installing add-ons
+ * Incorrect display of correspondents column since own email
+ address was not always detected
+ * Spurious 
 (encoded newline) inserted into drafts and sent email
+
+-------------------------------------------------------------------
+Thu Nov 15 16:33:49 UTC 2018 - astieger@suse.com
+
+- Mozilla Thunderbird 60.3.1:
+ * Double-clicking on a word in the Write window sometimes
+ launched the Advanced Property Editor or Link Properties dialog
+ * Fixe Cookie removal
+ * "Download rest of message" was not working if global inbox was
+ used
+ * Fix Encoding problems for users (especially in Poland) when a
+ file was sent via a folder using "Sent to > Mail recipient"
+ due to a problem in the Thunderbird MAPI interface
+ * According to RFC 4616 and RFC 5721, passwords containing
+ non-ASCII characters are encoded using UTF-8 which can lead to
+ problems with non-compliant providers, for example
+ office365.com. The SMTP LOGIN and POP3 USER/PASS
+ authentication methods are now using a Latin-1 encoding again
+ to work around this issue
+ * Fix shutdown crash/hang after entering an empty IMAP password
+
+-------------------------------------------------------------------
+Tue Oct 30 08:18:23 UTC 2018 - wr@rosenauer.org
+
+- update to Thunderbird 60.3.0
+ * various theme fixes
+ * Shift+PageUp/PageDown in Write window
+ * Gloda attachment filtering
+ * Mailing list address auto-complete enter/return handling
+ * Thunderbird hung if HTML signature references non-existent image
+ * Filters not working for headers that appear more than once
+- Security fixes for the Mozilla platform picked up from 60.3
+ (Firefox ESR release). In general, these flaws cannot be exploited
+ through email in Thunderbird because scripting is disabled when
+ reading mail, but are potentially risks in browser or browser-like
+ contexts (MFSA 2018-28) (bsc#1112852)
+ * CVE-2018-12391 (bmo#1478843) (Android only)
+ HTTP Live Stream audio data is accessible cross-origin
+ * CVE-2018-12392 (bmo#1492823)
+ Crash with nested event loops
+ * CVE-2018-12393 (bmo#1495011)
+ Integer overflow during Unicode conversion while loading JavaScript
+ * CVE-2018-12389 (bmo#1498460, bmo#1499198)
+ Memory safety bugs fixed in Firefox ESR 60.3
+ * CVE-2018-12390 (bmo#1487098, bmo#1487660, bmo#1490234, bmo#1496159,
+ bmo#1443748, bmo#1496340, bmo#1483905, bmo#1493347, bmo#1488803,
+ bmo#1498701, bmo#1498482, bmo#1442010, bmo#1495245, bmo#1483699,
+ bmo#1469486, bmo#1484905, bmo#1490561, bmo#1492524, bmo#1481844)
+ Memory safety bugs fixed in Firefox 63 and Firefox ESR 60.3
+
+-------------------------------------------------------------------
+Thu Oct 25 14:40:14 UTC 2018 - guillaume.gardet@opensuse.org
+
+- Update _constraints for armv6/7
+
+-------------------------------------------------------------------
+Thu Oct 25 08:26:12 UTC 2018 - guillaume.gardet@opensuse.org
+
+- Add patch to fix build on armv7:
+ * mozilla-bmo1463035.patch
+
+-------------------------------------------------------------------
+Thu Oct 25 08:25:52 UTC 2018 - guillaume.gardet@opensuse.org
+
+- Add memory-constraints to avoid OOM errors
+
+-------------------------------------------------------------------
+Fri Oct 12 14:26:17 UTC 2018 - meissner@suse.com
+
+- provide / obsolete MozillaThunderbird-devel as this is no longer
+ shipped to allow migration scenarios
+
+-------------------------------------------------------------------
+Tue Oct 2 10:08:00 UTC 2018 - wr@rosenauer.org
+
+- update to Thunderbird 60.2.1:
+ * Calendar: Default values for the first day of the week and
+ working days are now derived from the selected datetime
+ formatting locale
+ * Calendar: Switch to a Photon-style icon set for all platforms
+ * Fix multiple requests for master password when Google Mail or
+ Calendar OAuth2 is enabled
+ * Fix scrollbar of the address entry auto-complete popup
+ * Fix security info dialog in compose window not showing
+ certificate status
+ * Fix links in the Add-on Manager's search results and theme
+ browsing tabs that opened in external browser
+ * Fix localization not showing the localized name for the
+ "Drafts" and "Sent" folders for certain IMAP providers
+ * Fix replying to a message with an empty subject which
+ inserted Re: twice
+ * Fix spellcheck marks disappeaing erroneously for words with
+ an apostrophe
+ * Calendar: First day of the week can now be set
+ * Calendar: Several fixes related to cutting/deleting of events
+ and email schedulin
+ * Fix date display issues (bsc#1109379)
+ * Fix start-up crash due to folder name with special characters
+ (bsc#1107772)
+- Security fixes for the Mozilla platform picked up from 60.1 and
+ 60.2 (Firefox ESR releases). In general, these flaws
+ cannot be exploited through email in Thunderbird because
+ scripting is disabled when reading mail, but are potentially
+ risks in browser or browser-like contexts (MFSA 2018-25):
+ * CVE-2018-12377 (bsc#1107343, bmo#1470260)
+ Use-after-free in refresh driver timers
+ * CVE-2018-12378 (bsc#1107343, bmo#1459383)
+ Use-after-free in IndexedDB
+ * CVE-2017-16541 (bsc#1066489, bmo#1412081)
+ Proxy bypass using automount and autofs
+ * CVE-2018-12376 (bmo#69309,bmo#69914,bmo#50989,bmo#80092,
+ bmo#80517,bmo#81093,bmo#78575,bmo#71953,bmo#73161,bmo#66991,
+ bmo#68738,bmo#83120,bmo#67363,bmo#72925,bmo#66577,bmo#67889,
+ bmo#80521,bsc#1107343)
+ Memory safety bugs fixed in Firefox 62 and Firefox ESR 60.2
+ * CVE-2018-12385 (bsc#1109363, bmo#1490585)
+ Crash in TransportSecurityInfo due to cached data
+ * CVE-2018-12383 (bsc#1107343, bmo#1475775)
+ Setting a master password did not delete unencrypted
+ previously stored passwords
+
+-------------------------------------------------------------------
+Tue Sep 11 09:59:08 UTC 2018 - Guillaume GARDET <guillaume.gardet@opensuse.org>
+
+- Update file list since minidump-analyzer is only available when
+ crashreporter is enabled
+
+-------------------------------------------------------------------
+Sat Aug 25 18:59:41 UTC 2018 - astieger@suse.com
+
+- remove non-free untar licenced code from distributed tarball
+
+-------------------------------------------------------------------
+Wed Aug 15 09:09:03 UTC 2018 - bjorn.lie@gmail.com
+
+- Add conditional for pkgconfig(gconf-2.0) BuildRequires, and pass
+ conditional --disable-gconf to configure: no longer pull in
+ obsolete gconf2 for Tumbleweed.
+
+-------------------------------------------------------------------
+Fri Aug 3 06:02:53 UTC 2018 - wr@rosenauer.org
+
+- update to Thunderbird 60.0:
+ https://www.thunderbird.net/en-US/thunderbird/60.0/releasenotes/
+ * Improved message handling and composing
+ * Improved handling of message templates
+ * Support for OAuth2 and FIDO U2F
+ * Various Calendar improvements
+ * Various fixes and changes to e-mail workflow
+ * Various IMAP fixes
+ * Native desktop notifications
+- Security fixes which can not, in general, be exploited through
+ email, but are potential risks in browser or browser-like contexts:
+ MFSA 2018-19 (bsc#1098998)
+ * CVE-2018-12359 (bmo#1459162)
+ Buffer overflow using computed size of canvas element
+ * CVE-2018-12360 (bmo#1459693)
+ Use-after-free when using focus()
+ * CVE-2018-12361 (bmo#1463244)
+ Integer overflow in SwizzleData
+ * CVE-2018-12362 (bmo#1452375)
+ Integer overflow in SSSE3 scaler
+ * CVE-2018-5156 (bmo#1453127)
+ Media recorder segmentation fault when track type is changed
+ during capture
+ * CVE-2018-12363 (bmo#1464784)
+ Use-after-free when appending DOM nodes
+ * CVE-2018-12364 (bmo#1436241)
+ CSRF attacks through 307 redirects and NPAPI plugins
+ * CVE-2018-12365 (bmo#1459206)
+ Compromised IPC child process can list local filenames
+ * CVE-2018-12371 (bmo#1465686)
+ Integer overflow in Skia library during edge builder allocation
+ * CVE-2018-12366 (bmo#1464039)
+ Invalid data handling during QCMS transformations
+ * CVE-2018-12367 (bmo#1462891)
+ Timing attack mitigation of PerformanceNavigationTiming
+ * CVE-2018-5187 (bmo#1461324,bmo#1414829,bmo#1395246,bmo#1467938,
+ bmo#1461619,bmo#1425930,bmo#1438556,bmo#1454285,bmo#1459568,
+ bmo#1463884)
+ Memory safety bugs fixed in Firefox 61, Firefox ESR 60.1, and
+ Thunderbird 60
+ * CVE-2018-5188 (bmo#1456189,bmo#1456975,bmo#1465898,bmo#1392739,
+ bmo#1451297,bmo#1464063,bmo#1437842,bmo#1442722,bmo#1452576,
+ bmo#1450688,bmo#1458264,bmo#1458270,bmo#1465108,bmo#1464829,
+ bmo#1464079,bmo#1463494,bmo#1458048)
+ Memory safety bugs fixed in Firefox 61, Firefox ESR 60.1, Firefox
+ ESR 52.9, and Thunderbird 60
+- requires NSPR 4.19 and NSS 3.36.4
+- source archives are now signed directly
+ (removed checksum signature check)
+- imported patches from Firefox 60
+ * mozilla-bmo1375074.patch
+ * mozilla-bmo1464766.patch
+ * mozilla-i586-DecoderDoctorLogger.patch
+ * mozilla-i586-domPrefs.patch
+- removed obsolete patches
+ * mozilla-language.patch
+ * tb-ssldap.patch
+ * mozilla-develdirs.patch
+- removed -devel subpackage as old-style extensions are mainly gone
+- storing of remote content settings fixed (boo#1084603)
+
+-------------------------------------------------------------------
+Tue Jul 10 06:29:59 UTC 2018 - wr@rosenauer.org
+
+- update to Thunderbird 52.9.1
+ * Deleting or detaching attachments corrupted messages under certain
+ circumstances (bmo#1473893, bsc#1100780)
+
+-------------------------------------------------------------------
+Mon Jul 2 12:36:32 UTC 2018 - wr@rosenauer.org
+
+- update to Thunderbird 52.9.0:
+ MFSA 2018-16 (bsc#1098998)
+ * CVE-2018-12359 (bmo#1459162)
+ Buffer overflow using computed size of canvas element
+ * CVE-2018-12360 (bmo#1459693)
+ Use-after-free when using focus()
+ * CVE-2018-12372 (bmo#1419417, bsc#1100082)
+ S/MIME and PGP decryption oracles can be built with HTML emails
+ * CVE-2018-12373 (bmo#1464667, bmo#1464056, bsc#1100079)
+ S/MIME plaintext can be leaked through HTML reply/forward
+ * CVE-2018-12362 (bmo#1452375)
+ Integer overflow in SSSE3 scaler
+ * CVE-2018-12363 (bmo#1464784)
+ Use-after-free when appending DOM nodes
+ * CVE-2018-12364 (bmo#1436241)
+ CSRF attacks through 307 redirects and NPAPI plugins
+ * CVE-2018-12365 (bmo#1459206)
+ Compromised IPC child process can list local filenames
+ * CVE-2018-12366 (bmo#1464039)
+ Invalid data handling during QCMS transformations
+ * CVE-2018-12374 (bmo#1462910, bsc#1100081)
+ Using form to exfiltrate encrypted mail part by pressing enter in form field
+ * CVE-2018-5188 (bmo#1456189,bmo#1456975,bmo#1465898,bmo#1392739,
+ bmo#1451297,bmo#1464063,bmo#1437842,bmo#1442722,bmo#1452576,
+ bmo#1450688,bmo#1458264,bmo#1458270,bmo#1465108,bmo#1464829,
+ bmo#1464079,bmo#1463494,bmo#1458048)
+ Memory safety bugs fixed in Firefox 60, Firefox ESR 60.1, and Firefox ESR 52.9
+ * Thunderbird will now prompt to compact IMAP folders even if the
+ account is online
+ * Option for not decrypting subordinate message parts that
+ otherwise might reveal decryted content to the attacker.
+ Preference mailnews.p7m_subparts_external needs to be set to
+ true for added security.
+ * Fix various problems when forwarding messages inline when using
+ "simple" HTML view
+- correct requires and provides handling (boo#1076907)
+- reduce memory footprint with %ix86 at linking time via additional
+ compiler flags (boo#1091376)
+
+-------------------------------------------------------------------
+Sun Jul 1 12:23:45 UTC 2018 - astieger@suse.com
+
+- Build from upstream source archive and verify source signature
+ (boo#1085780)
+
+-------------------------------------------------------------------
+Sat May 19 06:16:58 UTC 2018 - wr@rosenauer.org
+
+- update to Thunderbird 52.8 (bsc#1092548)
+ MFSA 2018-13
+ * CVE-2018-5183 (bmo#1454692)
+ Backport critical security fixes in Skia
+ * CVE-2018-5184 (bmo#1411592, bsc#1093152)
+ Full plaintext recovery in S/MIME via chosen-ciphertext attack
+ * CVE-2018-5154 (bmo#1443092)
+ Use-after-free with SVG animations and clip paths
+ * CVE-2018-5155 (bmo#1448774)
+ Use-after-free with SVG animations and text paths
+ * CVE-2018-5159 (bmo#1441941)
+ Integer overflow and out-of-bounds write in Skia
+ * CVE-2018-5161 (bmo#1411720)
+ Hang via malformed headers
+ * CVE-2018-5162 (bmo#1457721, bsc#1093152)
+ Encrypted mail leaks plaintext through src attribute
+ * CVE-2018-5170 (bmo#1411732)
+ Filename spoofing for external attachments
+ * CVE-2018-5168 (bmo#1449548)
+ Lightweight themes can be installed without user interaction
+ * CVE-2018-5174 (bmo#1447080) (Windows only)
+ Windows Defender SmartScreen UI runs with less secure behavior
+ for downloaded files in Windows 10 April 2018 Update
+ * CVE-2018-5178 (bmo#1443891)
+ Buffer overflow during UTF-8 to Unicode string conversion
+ through legacy extension
+ * CVE-2018-5185 (bmo#1450345)
+ Leaking plaintext through HTML forms
+ * CVE-2018-5150 (bmo#1388020,bmo#1433609,bmo#1409440,bmo#1448705,
+ bmo#1451376,bmo#1452202,bmo#1444668,bmo#1393367,bmo#1411415,
+ bmo#1426129)
+ Memory safety bugs fixed in Firefox 60, Firefox ESR 52.8 and
+ Thunderbird 52.8
+
+-------------------------------------------------------------------
+Wed Mar 28 01:31:17 CEST 2018 - ro@suse.de
+
+- Exclude bigendian archs for now, have not built
+ since version 45.8.0
+ ExcludeArch: ppc ppc64 s390 s390x
+
+-------------------------------------------------------------------
+Fri Mar 23 09:39:40 UTC 2018 - wr@rosenauer.org
+
+- update to Thunderbird 52.7
+ * Searching message bodies of messages in local folders, including
+ filter and quick filter operations, did not find content in
+ message attachments
+ * Better error handling for Yahoo accounts
+- The following security fixes are included as part of the mozilla
+ platform. In general, these flaws cannot be exploited through
+ email in the Thunderbird product because scripting is disabled
+ when reading mail, but are potentially risks in browser or
+ browser-like contexts (MFSA 2018-09, bsc#1085130, bsc#1085671):
+ * CVE-2018-5127 (bmo#1430557)
+ Buffer overflow manipulating SVG animatedPathSegList
+ * CVE-2018-5129 (bmo#1428947)
+ Out-of-bounds write with malformed IPC messages
+ * CVE-2018-5144 (bmo#1440926)
+ Integer overflow during Unicode conversion
+ * CVE-2018-5146 (bmo#1446062)
+ Out of bounds memory write in libvorbis
+ * CVE-2018-5125 (bmo1416529,bmo#1434580,bmo#1434384,bmo#1437450,
+ bmo#1437507,bmo#1426988,bmo#1438425,bmo#1324042,bmo#1437087,
+ bmo#1443865,bmo#1425520)
+ Memory safety bugs fixed in Firefox 59, Firefox ESR 52.7, and
+ Thunderbird 52.7
+ * CVE-2018-5145 (bmo#1261175,bmo#1348955)
+ Memory safety bugs fixed in Firefox ESR 52.7 and Thunderbird
+ 52.7
+
+-------------------------------------------------------------------
+Wed Jan 24 11:40:38 UTC 2018 - wr@rosenauer.org
+
+- update to Thunderbird 52.6 (bsc#1077291)
+ * Searching message bodies of messages in local folders, including
+ filter and quick filter operations, not working reliably: Content
+ not found in base64-encode message parts, non-ASCII text not found
+ and false positives found.
+ * Defective messages (without at least one expected header) not shown
+ in IMAP folders but shown on mobile devices
+ * Calendar: Unintended task deletion if numlock is enabled
+ * Mozilla platform security fixes
+ MFSA 2018-04
+ * CVE-2018-5095 (bmo#1418447)
+ Integer overflow in Skia library during edge builder allocation
+ * CVE-2018-5096 (bmo#1418922)
+ Use-after-free while editing form elements
+ * CVE-2018-5097 (bmo#1387427)
+ Use-after-free when source document is manipulated during XSLT
+ * CVE-2018-5098 (bmo#1399400)
+ Use-after-free while manipulating form input elements
+ * CVE-2018-5099 (bmo#1416878)
+ Use-after-free with widget listener
+ * CVE-2018-5102 (bmo#1419363)
+ Use-after-free in HTML media elements
+ * CVE-2018-5103 (bmo#1423159)
+ Use-after-free during mouse event handling
+ * CVE-2018-5104 (bmo#1425000)
+ Use-after-free during font face manipulation
+ * CVE-2018-5117 (bmo#1395508)
+ URL spoofing with right-to-left text aligned left-to-right
+ * CVE-2018-5089
+ Memory safety bugs fixed in Firefox 58 and Firefox ESR 52.6
+- dropped obsolete mozilla-ucontext.patch
+
+-------------------------------------------------------------------
+Sat Dec 23 18:36:42 UTC 2017 - wr@rosenauer.org
+
+- update to Thunderbird 52.5.2
+ * This releases fixes the "Mailsploit" vulnerability and other
+ vulnerabilities detected by the "Cure53" audit
+ MFSA 2017-30
+ * CVE-2017-7845 (bmo#1402372)
+ Buffer overflow when drawing and validating elements with ANGLE
+ library using Direct 3D 9
+ * CVE-2017-7846 (bmo#1411716, bsc#1074043)
+ JavaScript Execution via RSS in mailbox:// origin
+ * CVE-2017-7847 (bmo#1411708, bsc#1074044)
+ Local path string can be leaked from RSS feed
+ * CVE-2017-7848 (bmo#1411699, bsc#1074045)
+ RSS Feed vulnerable to new line Injection
+ * CVE-2017-7829 (bmo#1423432, bsc#1074046)
+ Mailsploit part 1: From address with encoded null character is
+ cut off in message header display
+
+-------------------------------------------------------------------
+Fri Dec 8 15:53:30 UTC 2017 - dimstar@opensuse.org
+
+- Explicitly buildrequires python2-xml: The build system relies on
+ it. We wrongly relied on other packages pulling it in for us.
+
+-------------------------------------------------------------------
+Thu Dec 7 11:13:41 UTC 2017 - dimstar@opensuse.org
+
+- Escape the usage of %{VERSION} when calling out to rpm.
+ RPM 4.14 has %{VERSION} defined as 'the main packages version'.
+
+-------------------------------------------------------------------
+Wed Nov 22 10:02:35 UTC 2017 - wr@rosenauer.org
+
+- update to Thunderbird 52.5.0 (bsc#1068101)
+ * Better support for Charter/Spectrum IMAP: Thunderbird will now
+ detect Charter's IMAP service and send an additional IMAP select
+ command to the server. Check the various preferences ending in
+ "force_select" to see whether auto-detection has discovered this case.
+ * In search folders spanning multiple base folders clicking on a
+ message sometimes marked another message as read
+ * IMAP alerts have been corrected and now show the correct server
+ name in case of connection problems
+ * POP alerts have been corrected and now indicate connection problems
+ in case the configured POP server cannot be found
+ MFSA 2017-26
+ * CVE-2017-7828 (bmo#1406750. bmo#1412252)
+ Use-after-free of PressShell while restyling layout
+ * CVE-2017-7830 (bmo#1408990)
+ Cross-origin URL information leak through Resource Timing API
+ * CVE-2017-7826
+ Memory safety bugs fixed in Firefox 57 and Firefox ESR 52.5
+
+-------------------------------------------------------------------
+Fri Nov 10 22:12:18 UTC 2017 - zaitor@opensuse.org
+
+- Drop obsolete libgnomeui-devel BuildRequires: No longer needed.
+- Add explicit pkgconfig(gconf-2.0), pkgconfig(gobject-2.0),
+ pkgconfig(gtk+-2.0), pkgconfig(gtk+-unix-print-2.0),
+ pkgconfig(glib-2.0), pkgconfig(gobject-2.0) and
+ pkgconfig(gdk-x11-2.0) BuildRequires: Previously pulled in by
+ libgnomeui-devel, and is what configure really checks for.
+
+-------------------------------------------------------------------
+Wed Oct 4 09:18:39 UTC 2017 - astieger@suse.com
+
+- Mozilla Thunderbird 52.4.0 (bsc#1060445)
+ * new behavior was introduced for replies to mailing list posts:
+ "When replying to a mailing list, reply will be sent to address
+ in From header ignoring Reply-to header". A new preference
+ mail.override_list_reply_to allows to restore the previous behavior.
+ * Under certain circumstances (image attachment and non-image
+ attachment), attached images were shown truncated in messages
+ stored in IMAP folders not synchronised for offline use.
+ * IMAP UIDs > 0x7FFFFFFF now handled properly
+ Security fixes from Gecko 52.4esr
+ * CVE-2017-7793 (bmo#1371889)
+ Use-after-free with Fetch API
+ * CVE-2017-7818 (bmo#1363723)
+ Use-after-free during ARIA array manipulation
+ * CVE-2017-7819 (bmo#1380292)
+ Use-after-free while resizing images in design mode
+ * CVE-2017-7824 (bmo#1398381)
+ Buffer overflow when drawing and validating elements with ANGLE
+ * CVE-2017-7805 (bmo#1377618) (fixed via NSS requirement)
+ Use-after-free in TLS 1.2 generating handshake hashes
+ * CVE-2017-7814 (bmo#1376036)
+ Blob and data URLs bypass phishing and malware protection warnings
+ * CVE-2017-7825 (bmo#1393624, bmo#1390980) (OSX-only)
+ OS X fonts render some Tibetan and Arabic unicode characters as spaces
+ * CVE-2017-7823 (bmo#1396320)
+ CSP sandbox directive did not create a unique origin
+ * CVE-2017-7810
+ Memory safety bugs fixed in Firefox 56 and Firefox ESR 52.4
+
+-------------------------------------------------------------------
+Thu Sep 28 07:56:22 UTC 2017 - dimstar@opensuse.org
+
+- Add alsa-devel BuildRequires: we care for ALSA support to be
+ built and thus need to ensure we get the dependencies in place.
+ In the past, alsa-devel was pulled in by accident: we
+ buildrequire libgnome-devel. This required esound-devel and that
+ in turn pulled in alsa-devel for us. libgnome is being fixed to
+ no longer require esound-devel.
+
+-------------------------------------------------------------------
+Tue Aug 15 12:48:43 UTC 2017 - wr@rosenauer.org
+
+- update to Thunderbird 52.3 (boo#1052829)
+ Fixed issues:
+ * Unwanted inline images shown in rogue SPAM messages
+ * Deleting message from the POP3 server not working when maildir
+ storage was used
+ * Message disposition flag (replied / forwarded) lost when reply or
+ forwarded message was stored as draft and draft was sent later
+ * Inline images not scaled to fit when printing
+ * Selected text from another message sometimes included in a reply
+ * No authorisation prompt displayed when inserting image into email
+ body although image URL requires authentication
+ * Large attachments taking a long time to open under some circumstances
+ security
+ Security fixes from Gecko 52.3esr
+ * CVE-2017-7798 (bmo#1371586, bmo#1372112)
+ XUL injection in the style editor in devtools
+ * CVE-2017-7800 (bmo#1374047)
+ Use-after-free in WebSockets during disconnection
+ * CVE-2017-7801 (bmo#1371259)
+ Use-after-free with marquee during window resizing
+ * CVE-2017-7784 (bmo#1376087)
+ Use-after-free with image observers
+ * CVE-2017-7802 (bmo#1378147)
+ Use-after-free resizing image elements
+ * CVE-2017-7785 (bmo#1356985)
+ Buffer overflow manipulating ARIA attributes in DOM
+ * CVE-2017-7786 (bmo#1365189)
+ Buffer overflow while painting non-displayable SVG
+ * CVE-2017-7753 (bmo#1353312)
+ Out-of-bounds read with cached style data and pseudo-elements#
+ * CVE-2017-7787 (bmo#1322896)
+ Same-origin policy bypass with iframes through page reloads
+ * CVE-2017-7807 (bmo#1376459)
+ Domain hijacking through AppCache fallback
+ * CVE-2017-7792 (bmo#1368652)
+ Buffer overflow viewing certificates with an extremely long OID
+ * CVE-2017-7804 (bmo#1372849)
+ Memory protection bypass through WindowsDllDetourPatcher
+ * CVE-2017-7791 (bmo#1365875)
+ Spoofing following page navigation with data: protocol and modal alerts
+ * CVE-2017-7782 (bmo#1344034)
+ WindowsDllDetourPatcher allocates memory without DEP protections
+ * CVE-2017-7803 (bmo#1377426)
+ CSP containing 'sandbox' improperly applied
+ * CVE-2017-7779
+ Memory safety bugs fixed in Firefox 55 and Firefox ESR 52.3
+
+-------------------------------------------------------------------
+Wed Aug 9 09:47:39 UTC 2017 - schwab@suse.de
+
+- mozilla-ucontext.patch: use ucontext_t instead of struct ucontext
+
+-------------------------------------------------------------------
+Wed Jun 28 13:57:13 UTC 2017 - guillaume@opensuse.org
+
+- mozilla-disable-neon-option.patch has been dropped silently, so
+ remove the --disable-neon option as it is not available anymore.
+
+-------------------------------------------------------------------
+Sun Jun 25 06:55:13 UTC 2017 - wr@rosenauer.org
+
+- update to Thunderbird 52.2.1
+ * Problems with Gmail fixed (folders not showing, repeated email
+ download, etc.) introduced in version 52.2.0. (boo#1045895)
+
+-------------------------------------------------------------------
+Wed Jun 14 11:34:58 UTC 2017 - wr@rosenauer.org
+
+- update to Thunderbird 52.2 (boo#1043960)
+ * Embedded images not shown in email received from Hotmail/Outlook
+ webmailer
+ * Detection of non-ASCII font names in font selector
+ * Attachment not forwarded correctly under certain circumstances
+ * Multiple requests for master password when GMail OAuth2 is enabled
+ * Large number of blank pages being printed under certain
+ circumstances when invalid preferences were present
+ * Messages sent via the Simple MAPI interface are forced to HTML
+ * Calendar: Invitations can't be printed
+ * Mailing list (group) not accessible from macOS or Outlook address book
+ * Clicking on links with references/anchors where target doesn't
+ exist in the message not opening in external browser
+ MFSA 2017-17
+ * CVE-2017-5472 (bmo#1365602)
+ Use-after-free using destroyed node when regenerating trees
+ * CVE-2017-7749 (bmo#1355039)
+ Use-after-free during docshell reloading
+ * CVE-2017-7750 (bmo#1356558)
+ Use-after-free with track elements
+ * CVE-2017-7751 (bmo#1363396)
+ Use-after-free with content viewer listeners
+ * CVE-2017-7752 (bmo#1359547)
+ Use-after-free with IME input
+ * CVE-2017-7754 (bmo#1357090)
+ Out-of-bounds read in WebGL with ImageInfo object
+ * CVE-2017-7756 (bmo#1366595)
+ Use-after-free and use-after-scope logging XHR header errors
+ * CVE-2017-7757 (bmo#1356824)
+ Use-after-free in IndexedDB
+ * CVE-2017-7778, CVE-2017-7778, CVE-2017-7771, CVE-2017-7772,
+ CVE-2017-7773, CVE-2017-7774, CVE-2017-7775, CVE-2017-7776,
+ CVE-2017-7777
+ Vulnerabilities in the Graphite 2 library
+ * CVE-2017-7758 (bmo#1368490)
+ Out-of-bounds read in Opus encoder
+ * CVE-2017-7763 (bmo#1360309)
+ Mac fonts render some unicode characters as spaces (MacOS only)
+ * CVE-2017-7764 (bmo#1364283)
+ Domain spoofing with combination of Canadian Syllabics and other
+ unicode blocks
+ * CVE-2017-7765 (bmo#1273265)
+ Mark of the Web bypass when saving executable files (Windows only)
+ * CVE-2017-5470
+ Memory safety bugs fixed in Firefox 54 and Firefox ESR 52.2
+- requires NSS 3.28.5
+
+-------------------------------------------------------------------
+Sun Jun 4 07:31:01 UTC 2017 - wr@rosenauer.org
+
+- remove legacy -Os optimization breaking gcc7/i586 (boo#1042090)
+
+-------------------------------------------------------------------
+Thu Jun 1 06:09:23 UTC 2017 - wr@rosenauer.org
+
+- explicitely optimize with -O2 for openSUSE > 13.2/Leap 42 to work
+ with gcc7 (boo#1040105, boo#1042090)
+
+-------------------------------------------------------------------
+Thu May 11 21:16:41 UTC 2017 - wr@rosenauer.org
+
+- update to Thunderbird 52.1.1
+ * fixed crash when compacting IMAP folder (boo#1038753)
+ * Some attachments could not be opened or saved if the message
+ body is empty
+ * Unable to load full message via POP if message was downloaded
+ partially (or only headers) before
+ * Large attachments may not be shown or saved correctly if the
+ message is stored in an IMAP folder which is not synchronized
+ for offline use
+
+-------------------------------------------------------------------
+Mon May 1 08:52:52 UTC 2017 - wr@rosenauer.org
+
+- update to Thunderbird 52.1.0
+ * Background images not working and other issues related to
+ embedded images when composing email have been fixed
+ * Google Oauth setup can sometimes not progress to the next step
+ * requires NSS >= 3.28.4
+- security fixes (boo#1035082), MFSA 2017-13
+ * CVE-2017-5443 (bmo#1342661)
+ Out-of-bounds write during BinHex decoding
+ * CVE-2017-5429 (bmo#1341096, bmo#1342823, bmo#1343261, bmo#1348894,
+ bmo#1348941, bmo#1349340, bmo#1350844, bmo#1352926, bmo#1353088)
+ Memory safety bugs fixed in Firefox 53, Firefox ESR 45.9, and
+ Firefox ESR 52.1
+ * CVE-2017-5464 (bmo#1347075)
+ Memory corruption with accessibility and DOM manipulation
+ * CVE-2017-5465 (bmo#1347617)
+ Out-of-bounds read in ConvolvePixel
+ * CVE-2017-5466 (bmo#1353975)
+ Origin confusion when reloading isolated data:text/html URL
+ * CVE-2017-5467 (bmo#1347262)
+ Memory corruption when drawing Skia content
+ * CVE-2017-5460 (bmo#1343642)
+ Use-after-free in frame selection
+ * CVE-2017-5461 (bmo#1344380)
+ Out-of-bounds write in Base64 encoding in NSS
+ * CVE-2017-5449 (bmo#1340127)
+ Crash during bidirectional unicode manipulation with animation
+ * CVE-2017-5446 (bmo#1343505)
+ Out-of-bounds read when HTTP/2 DATA frames are sent with incorrect data
+ * CVE-2017-5447 (bmo#1343552)
+ Out-of-bounds read during glyph processing
+ * CVE-2017-5444 (bmo#1344461)
+ Buffer overflow while parsing application/http-index-format content
+ * CVE-2017-5445 (bmo#1344467)
+ Uninitialized values used while parsing application/http-index-format
+ content
+ * CVE-2017-5442 (bmo#1347979)
+ Use-after-free during style changes
+ * CVE-2017-5469 (bmo#1292534)
+ Potential Buffer overflow in flex-generated code
+ * CVE-2017-5440 (bmo#1336832)
+ Use-after-free in txExecutionState destructor during XSLT processing
+ * CVE-2017-5441 (bmo#1343795)
+ Use-after-free with selection during scroll events
+ * CVE-2017-5439 (bmo#1336830)
+ Use-after-free in nsTArray Length() during XSLT processing
+ * CVE-2017-5438 (bmo#1336828)
+ Use-after-free in nsAutoPtr during XSLT processing
+ * CVE-2017-5437 (bmo#1343453)
+ Vulnerabilities in Libevent library
+ * CVE-2017-5436 (bmo#1345461)
+ Out-of-bounds write with malicious font in Graphite 2
+ * CVE-2017-5435 (bmo#1350683)
+ Use-after-free during transaction processing in the editor
+ * CVE-2017-5434 (bmo#1349946)
+ Use-after-free during focus handling
+ * CVE-2017-5433 (bmo#1347168)
+ Use-after-free in SMIL animation functions
+ * CVE-2017-5432 (bmo#1346654)
+ Use-after-free in text input selection
+ * CVE-2017-5430 (bmo#1329796, bmo#1337418, bmo#1339722, bmo#1340482,
+ bmo#1342101, bmo#1344081, bmo#1344305, bmo#1344686, bmo#1346140,
+ bmo#1346419, bmo#1348143, bmo#1349621, bmo#1349719, bmo#1353476)
+ Memory safety bugs fixed in Firefox 53 and Firefox ESR 52.1
+ * CVE-2017-5459 (bmo#1333858)
+ Buffer overflow in WebGL
+ * CVE-2017-5462 (bmo#1345089)
+ DRBG flaw in NSS
+ * CVE-2017-5454 (bmo#1349276)
+ Sandbox escape allowing file system read access through file
+ picker
+ * CVE-2017-5451 (bmo#1273537)
+ Addressbar spoofing with onblur event
+
+-------------------------------------------------------------------
+Mon Apr 17 12:43:48 UTC 2017 - wr@rosenauer.org
+
+- update to Thunderbird 52.0.1
+ * Clicking on a link in an email may not open this link in the
+ external browser
+ * addon blocklist updates
+- enable ALSA for systems w/o PA
+- require libffi explicitely to fix PPC64LE build where a system
+ library is required
+
+-------------------------------------------------------------------
+Sat Mar 18 21:06:01 UTC 2017 - wr@rosenauer.org
+
+- update to Thunderbird 52.0
+ * Optionally remove corresponding data files when removing an account
+ * Possibility to copy message filter
+ * Calendar: Event can now be created and edited in a tab
+ * Calendar: Processing of received invitation counter proposals
+ * Chat: Support Twitter Direct Messages
+ * Chat: Liking and favoriting in Twitter
+ * Chat: Removed Yahoo! Messenger support
+ * serveral bugfixes
+- security fixes (bsc#1028391, MFSA 2017-09):
+ In general, these flaws cannot be exploited through email because
+ scripting is disabled when reading mail, but are potentially
+ risks in browser or browser-like contexts.
+ * CVE-2017-5400: asm.js JIT-spray bypass of ASLR and DEP (bmo#1334933)
+ * CVE-2017-5401: Memory Corruption when handling ErrorResult (bmo#1328861)
+ * CVE-2017-5402: Use-after-free working with events in FontFace objects (bmo#1334876)
+ * CVE-2017-5403: Use-after-free using addRange to add range to an incorrect root object (bmo#1340186)
+ * CVE-2017-5404: Use-after-free working with ranges in selections (bmo#1340138)
+ * CVE-2017-5406: Segmentation fault in Skia with canvas operations (bmo#1306890)
+ * CVE-2017-5407: Pixel and history stealing via floating-point timing side channel with SVG filters (bmo#1336622)
+ * CVE-2017-5410: Memory corruption during JavaScript garbage collection incremental sweeping (bmo#1330687)
+ * CVE-2017-5408: Cross-origin reading of video captions in violation of CORS (bmo#1313711)
+ * CVE-2017-5412: Buffer overflow read in SVG filters (bmo#1328323)
+ * CVE-2017-5413: Segmentation fault during bidirectional operations (bmo#1337504)
+ * CVE-2017-5414: File picker can choose incorrect default directory (bmo#1319370)
+ * CVE-2017-5416: Null dereference crash in HttpChannel (bmo#1328121)
+ * CVE-2017-5426: Gecko Media Plugin sandbox is not started if seccomp-bpf filter is running (bmo#1257361)
+ * CVE-2017-5418: Out of bounds read when parsing HTTP digest authorization responses (bmo#1338876)
+ * CVE-2017-5419: Repeated authentication prompts lead to DOS attack (bmo#1312243)
+ * CVE-2017-5405: FTP response codes can cause use of uninitialized values for ports (bmo#1336699)
+ * CVE-2017-5421: Print preview spoofing (bmo#1301876)
+ * CVE-2017-5422: DOS attack by using view-source: protocol repeatedly in one hyperlink (bmo#1295002)
+ * CVE-2017-5399: Memory safety bugs fixed in Thunderbird 52
+ * CVE-2017-5398: Memory safety bugs fixed in Thunderbird 52 and Thunderbird 45.8
+- removed obsolete patches
+ * mozilla-aarch64-48bit-va.patch
+ * mozilla-binutils-visibility.patch
+ * mozilla-flex_buffer_overrun.patch
+ * mozilla-gcc6.patch
+- added generic mozilla patches
+ * mozilla-aarch64-startup-crash.patch
+- require newer versions of NSPR and NSS
+- use Gtk3 for Tumbleweed
+
+-------------------------------------------------------------------
+Tue Mar 7 15:08:23 UTC 2017 - wr@rosenauer.org
+
+- update to Thunderbird 45.8.0 (boo#1028391)
+ * MFSA 2017-07
+ CVE-2017-5400: asm.js JIT-spray bypass of ASLR and DEP
+ (bmo#1334933)
+ CVE-2017-5401: Memory Corruption when handling ErrorResult
+ (bmo#1328861)
+ CVE-2017-5402: Use-after-free working with events in FontFace
+ objects (bmo#1334876)
+ CVE-2017-5404: Use-after-free working with ranges in selections
+ (bmo#1340138)
+ CVE-2017-5407: Pixel and history stealing via floating-point
+ timing side channel with SVG filters (bmo#1336622)
+ CVE-2017-5410: Memory corruption during JavaScript garbage
+ collection incremental sweeping (bmo#1330687)
+ CVE-2017-5408: Cross-origin reading of video captions in violation
+ of CORS (bmo#1313711)
+ CVE-2017-5405: FTP response codes can cause use of
+ uninitialized values for ports (bmo#1336699)
+ CVE-2017-5398: Memory safety bugs fixed in Firefox 52 and
+ Firefox ESR 45.8
+
+-------------------------------------------------------------------
+Thu Feb 9 07:49:54 UTC 2017 - wr@rosenauer.org
+
+- update to Thunderbird 45.7.1
+ * fixed Crash when viewing certain IMAP messages (introduced in 45.7.0)
+
+-------------------------------------------------------------------
+Tue Jan 24 20:43:57 UTC 2017 - wr@rosenauer.org
+
+- update to Thunderbird 45.7.0
+ * Message preview pane non-functional after IMAP folder was renamed
+ or moved
+ * "Move To" button on "Search Messages" panel not working
+ * Message sent to "undisclosed recipients" shows no recipient
+ (non-functional since Thunderbird version 38)
+ * Security updates from MFSA 2017-03 (Gecko 45.7.0) boo#1021991.
+ In general, these flaws cannot be exploited through email in
+ Thunderbird because scripting is disabled when reading mail,
+ but are potentially risks in browser or browser-like contexts:
+ CVE-2017-5375: Excessive JIT code allocation allows bypass of
+ ASLR and DEP (bmo#1325200, boo#1021814)
+ CVE-2017-5376: Use-after-free in XSL (bmo#1311687, boo#1021817)
+ CVE-2017-5378: Pointer and frame data leakage of Javascript objects
+ (bmo#1312001, bmo#1330769, boo#1021818)
+ CVE-2017-5380: Potential use-after-free during DOM manipulations
+ (bmo#1322107, boo#1021819)
+ CVE-2017-5390: Insecure communication methods in Developer Tools
+ JSON viewer (bmo#1297361, boo#1021820)
+ CVE-2017-5396: Use-after-free with Media Decoder
+ (bmo#1329403, boo#1021821)
+ CVE-2017-5383: Location bar spoofing with unicode characters
+ (bmo#1323338, bmo#1324716, boo#1021822)
+ CVE-2017-5373: Memory safety bugs fixed in Thunderbird 45.7
+ (boo#1021824)
+
+-------------------------------------------------------------------
+Thu Dec 29 08:33:21 UTC 2016 - wr@rosenauer.org
+
+- update to Thunderbird 45.6.0 (boo#1015422)
+ * The system integration dialog was shown every time when starting
+ Thunderbird
+ * MFSA 2016-96
+ CVE-2016-9899: Use-after-free while manipulating DOM events and
+ audio elements (bmo#1317409)
+ CVE-2016-9895: CSP bypass using marquee tag (bmo#1312272)
+ CVE-2016-9897: Memory corruption in libGLES (bmo#1301381)
+ CVE-2016-9898: Use-after-free in Editor while manipulating DOM
+ subtrees (bmo#1314442)
+ CVE-2016-9900: Restricted external resources can be loaded by
+ SVG images through data URLs (bmo#1319122)
+ CVE-2016-9904: Cross-origin information leak in shared atoms
+ (bmo#1317936)
+ CVE-2016-9905: Crash in EnumerateSubDocuments (bmo#1293985)
+ CVE-2016-9893: Memory safety bugs fixed in Thunderbird 45.6
+
+-------------------------------------------------------------------
+Thu Dec 1 09:58:57 UTC 2016 - astieger@suse.com
+
+- Mozilla Thunderbird 45.5.1:
+ * CVE-2016-9079: SVG Animation Remote Code Execution
+ (MFSA 2016-92, bsc#1012964, bmo#1321066)
+
+-------------------------------------------------------------------
+Sat Nov 19 14:20:05 UTC 2016 - astieger@suse.com
+
+- Mozilla Thunderbird 45.5.0 (boo#1009026)
+ * Fixes for security flaws that cannot be exploited through email
+ because scripting is disabled when reading mail, but are
+ potentially risks in browser or browser-like contexts:
+ CVE-2016-5296: Heap-buffer-overflow WRITE in rasterize_edges_1
+ (bsc#1010411)
+ CVE-2016-5297: Incorrect argument length checking in Javascript
+ (bsc#1010401)
+ CVE-2016-9066: Integer overflow leading to a buffer overflow in
+ nsScriptLoadHandler (bsc#1010404)
+ CVE-2016-5291: Same-origin policy violation using local HTML file
+ and saved shortcut file (bsc#1010410)
+ CVE-2016-5290: Memory safety bugs fixed in Thunderbird ESR 45.5
+ (bsc#1010427)
+- Changed behavior:
+ * Changed recipient address entry: Arrow-keys now copy the pop-up
+ value to the input field. Mouse-hovered pop-up value can no
+ longer be confirmed with tab or enter key. This restores the
+ behavior of Thunderbird 24.
+ * Support changes to character limit in Twitter
+- Bugs fixed:
+ * Reply with selected text containing quote resulted in wrong
+ quoting level indication
+ * Email invitation might not be displayed when description
+ contains non-ASCII characters
+ * Attempting to sort messages on the Date field whilst a quick
+ filter is applied got stuck on sort descending
+ * Mail address display at header pane displayed incorrectly if
+ the address contains UTF-8 according to RFC 6532
+
+-------------------------------------------------------------------
+Sat Oct 1 07:12:08 UTC 2016 - wr@rosenauer.org
+
+- update to Thunderbird 45.4.0 (boo#999701)
+ * Display name was truncated if no separating space before email
+ address.
+ * Recipient addresses were shown in wrong color in some circumstances.
+ * Additional spaces were inserted when drafts were edited.
+ * Mail saved as template copied In-Reply-To and References from
+ original email.
+ * Threading broken when editing message draft, due to loss of Message-ID
+ * "Apply columns to..." did not honor special folders
+
+-------------------------------------------------------------------
+Tue Aug 30 06:55:14 UTC 2016 - wr@rosenauer.org
+
+- update to Thunderbird 45.3.0 (boo#991809)
+ * Disposition-Notification-To could not be used in
+ mail.compose.other.header
+ * "edit as new message" on a received message pre-filled the sender
+ as the composing identity.
+ * Certain messages caused corruption of the drafts summary database.
+ security fixes:
+ * MFSA 2016-62/CVE-2016-2836
+ Miscellaneous memory safety hazards
+ * MFSA 2016-63/CVE-2016-2830 (bmo#1255270)
+ Favicon network connection can persist when page is closed
+ * MFSA 2016-64/CVE-2016-2838 (bmo#1279814)
+ Buffer overflow rendering SVG with bidirectional content
+ * MFSA 2016-65/CVE-2016-2839 (bmo#1275339)
+ Cairo rendering crash due to memory allocation issue with FFmpeg 0.10
+ * MFSA 2016-67/CVE-2016-5252 (bmo#1268854)
+ Stack underflow during 2D graphics rendering
+ * MFSA 2016-70/CVE-2016-5254 (bmo#1266963)
+ Use-after-free when using alt key and toplevel menus
+ * MFSA 2016-72/CVE-2016-5258 (bmo#1279146)
+ Use-after-free in DTLS during WebRTC session shutdown
+ * MFSA 2016-73/CVE-2016-5259 (bmo#1282992)
+ Use-after-free in service workers with nested sync events
+ * MFSA 2016-76/CVE-2016-5262 (bmo#1277475)
+ Scripts on marquee tag can execute in sandboxed iframes
+ * MFSA 2016-77/CVE-2016-2837 (bmo#1274637)
+ Buffer overflow in ClearKey Content Decryption Module (CDM)
+ during video playback
+ * MFSA 2016-78/CVE-2016-5263 (bmo#1276897)
+ Type confusion in display transformation
+ * MFSA 2016-79/CVE-2016-5264 (bmo#1286183)
+ Use-after-free when applying SVG effects
+ * MFSA 2016-80/CVE-2016-5265 (bmo#1278013)
+ Same-origin policy violation using local HTML file and saved shortcut file
+
+-------------------------------------------------------------------
+Fri Aug 5 13:47:12 UTC 2016 - pcerny@suse.com
+
+- Fix for possible buffer overrun (bsc#990856)
+ CVE-2016-6354 (bmo#1292534)
+ [mozilla-flex_buffer_overrun.patch]
+
+-------------------------------------------------------------------
+Thu Jul 21 11:50:27 UTC 2016 - mailaender@opensuse.org
+
+- add a screenshot to appdata.xml
+
+-------------------------------------------------------------------
+Thu Jun 30 09:18:14 UTC 2016 - wr@rosenauer.org
+
+- update to Thunderbird 45.2 (boo#983549)
+ Security fixes:
+ * CVE-2016-2818, CVE-2016-2815: Memory safety bugs (MFSA2016-49)
+- drop mozilla-flexible-array-member-in-union.patch, upstream
+
+-------------------------------------------------------------------
+Fri Jun 24 14:10:58 UTC 2016 - wr@rosenauer.org
+
+- mozilla-binutils-visibility.patch to fix build issues with
+ gcc/binutils combination used in Leap 42.2 (boo#984637)
+
+-------------------------------------------------------------------
+Thu Jun 23 10:15:51 UTC 2016 - wr@rosenauer.org
+
+- build with -fno-delete-null-pointer-checks for Tumbleweed/gcc6
+ as long as underlying issues have been addressed upstream
+ (boo#986162)
+
+-------------------------------------------------------------------
+Mon Jun 13 20:28:01 UTC 2016 - agraf@suse.com
+
+- Fix running on 48bit va aarch64 (bsc#984126)
+ - Add patch mozilla-aarch64-48bit-va.patch
+
+-------------------------------------------------------------------
+Fri May 27 12:51:23 UTC 2016 - wr@rosenauer.org
+
+- update to Thunderbird 45.1.1
+ * When entering members into a mailing list, the enter key
+ dismissed the panel instead of just moving onto the next line
+ * Email without HTML elements was sent as HTML, despite
+ "Delivery Format: Auto-detect" option
+ * Options applied to a template were lost when the template was used
+ * Contacts could not be deleted when they were found through a search
+ * Views from global searches did not respect
+ "mail.threadpane.use_correspondents"
+
+-------------------------------------------------------------------
+Wed May 25 18:20:24 UTC 2016 - badshah400@gmail.com
+
+- The conditional testing for gcc was failing for different
+ openSUSE versions, drop it and apply patches unconditionally.
+
+-------------------------------------------------------------------
+Tue May 24 18:28:31 UTC 2016 - badshah400@gmail.com
+
+- Add patches to fix building with gcc >= 6:
+ + mozilla-gcc6.patch: patch taken from fedora's git and is
+ essentially identical to upstream firefox patch:
+ https://hg.mozilla.org/mozilla-central/rev/55212130f19d.
+ + mozilla-flexible-array-member-in-union.patch: patch taken
+ from upstream bmo#1272649.
+
+-------------------------------------------------------------------
+Thu May 12 15:21:45 UTC 2016 - dimstar@opensuse.org
+
+- Copy the icons to /usr/share/icons instead of symlinking them:
+ in preparation for containerized apps (e.g. xdg-app) as well as
+ AppStream metadata extraction, there are a couple locations that
+ need to be real files for system integration (.desktop files,
+ icons, mime-type info).
+
+-------------------------------------------------------------------
+Sat May 7 22:19:09 UTC 2016 - wr@rosenauer.org
+
+- update to Thunderbird 45.1.0 (boo#977333)
+ * MFSA 2016-39/CVE-2016-2806/CVE-2016-2807 (boo#977375, boo#977376)
+ Miscellaneous memory safety hazards
+
+-------------------------------------------------------------------
+Wed Apr 27 04:26:56 UTC 2016 - badshah400@gmail.com
+
+- For openSUSE > 13.2, the build fails for i586 as it goes out of
+ memory. Prevent this from happening by disabing parallel build
+ in this particular case (i.e. do not pass
+ mk_add_options MOZ_MAKE_FLAGS%{?jobs:-j%jobs}).
+
+-------------------------------------------------------------------
+Sat Apr 16 08:11:14 UTC 2016 - wr@rosenauer.org
+
+- update to Thunderbird 45.0 (boo#969894)
+ * Add a Correspondents column combining Sender and Recipient
+ * Much better support for XMPP chatrooms and commands
+ * Remote content exceptions: Improved options to add exceptions
+ * Implement option to always use HTML formatting to prevent
+ unexpected format loss when converting messages to plain text
+ * Use OpenStreetmap for maps (even allow the user to choose from
+ list of map services)
+ * Allow spell checking and dictionary selection in the subject line
+ * Allow editing of From when composing a message
+ * Add dropdown in compose to allow specific setting of font size
+ * Return/Enter in composer will now insert a new paragraph by
+ default (shift-Enter will insert a line break)
+ * Allow copying of name and email address from the message header
+ of an email
+ * Mail.ru supports OAuth authentication
+ * MFSA 2016-16/CVE-2016-1952/CVE-2016-1953
+ Miscellaneous memory safety hazards
+ * MFSA 2016-17/CVE-2016-1954 (bmo#1243178)
+ Local file overwriting and potential privilege escalation through
+ CSP reports
+ * MFSA 2016-18/CVE-2016-1955 (bmo#1208946)
+ CSP reports fail to strip location information for embedded iframe pages
+ * MFSA 2016-19/CVE-2016-1956 (bmo#1199923)
+ Linux video memory DOS with Intel drivers
+ * MFSA 2016-20/CVE-2016-1957 (bmo#1227052)
+ Memory leak in libstagefright when deleting an array during MP4
+ processing
+ * MFSA 2016-23/CVE-2016-1960/ZDI-CAN-3545 (bmo#1246014)
+ Use-after-free in HTML5 string parser
+ * MFSA 2016-24/CVE-2016-1961/ZDI-CAN-3574 (bmo#1249377)
+ Use-after-free in SetBody
+ * MFSA 2016-27/CVE-2016-1964 (bmo#1243335)
+ Use-after-free during XML transformations
+ * MFSA 2016-34/CVE-2016-1974 (bmo#1228103)
+ Out-of-bounds read in HTML parser following a failed allocation
+ * MFSA 2016-35/CVE-2016-1950 (bmo#1245528)
+ Buffer overflow during ASN.1 decoding in NSS
+ (fixed by requiring 3.21.1)
+ * MFSA 2016-36/CVE-2016-1979 (bmo#1185033)
+ Use-after-free during processing of DER encoded keys in NSS
+ (fixed by requiring 3.21.1)
+ * MFSA 2016-37/CVE-2016-1977/CVE-2016-2790/CVE-2016-2791/
+ CVE-2016-2792/CVE-2016-2793/CVE-2016-2794/CVE-2016-2795/
+ CVE-2016-2796/CVE-2016-2797/CVE-2016-2798/CVE-2016-2799/
+ CVE-2016-2800/CVE-2016-2801/CVE-2016-2802
+ Font vulnerabilities in the Graphite 2 library
+- remove obsolete patches:
+ * mozilla-arm-disable-edsp.patch
+ * mozilla-icu-strncat.patch
+ * mozilla-arm64-libjpeg-turbo.patch
+- added required mozilla platform patches:
+ * mozilla-no-stdcxx-check.patch
+
+-------------------------------------------------------------------
+Wed Apr 6 21:54:09 UTC 2016 - astieger@suse.com
+
+- update to Thunderbird 38.7.2
+ * disable Graphite font shaping library (same upstream changelog
+ as 38.7.1)
+
+-------------------------------------------------------------------
+Fri Mar 25 09:40:09 UTC 2016 - wr@rosenauer.org
+
+- update to Thunderbird 38.7.1
+ * disabled Graphite font shaping library
+
+-------------------------------------------------------------------
+Fri Mar 11 12:57:25 UTC 2016 - wr@rosenauer.org
+
+- update to Thunderbird 38.7.0 (boo#969894)
+ * MFSA 2015-81/CVE-2015-4477 (bmo#1179484)
+ Use-after-free in MediaStream playback
+ * MFSA 2015-136/CVE-2015-7207 (bmo#1185256)
+ Same-origin policy violation using performance.getEntries and
+ history navigation
+ * MFSA 2016-16/CVE-2016-1952
+ Miscellaneous memory safety hazards
+ * MFSA 2016-17/CVE-2016-1954 (bmo#1243178)
+ Local file overwriting and potential privilege escalation through
+ CSP reports
+ * MFSA 2016-20/CVE-2016-1957 (bmo#1227052)
+ Memory leak in libstagefright when deleting an array during MP4
+ processing
+ * MFSA 2016-21/CVE-2016-1958 (bmo#1228754)
+ Displayed page address can be overridden
+ * MFSA 2016-23/CVE-2016-1960/ZDI-CAN-3545 (bmo#1246014)
+ Use-after-free in HTML5 string parser
+ * MFSA 2016-24/CVE-2016-1961/ZDI-CAN-3574 (bmo#1249377)
+ Use-after-free in SetBody
+ * MFSA 2016-25/CVE-2016-1962 (bmo#1240760)
+ Use-after-free when using multiple WebRTC data channels
+ * MFSA 2016-27/CVE-2016-1964 (bmo#1243335)
+ Use-after-free during XML transformations
+ * MFSA 2016-28/CVE-2016-1965 (bmo#1245264)
+ Addressbar spoofing though history navigation and Location protocol
+ property
+ * MFSA 2016-31/CVE-2016-1966 (bmo#1246054)
+ Memory corruption with malicious NPAPI plugin
+ * MFSA 2016-34/CVE-2016-1974 (bmo#1228103)
+ Out-of-bounds read in HTML parser following a failed allocation
+ * MFSA 2016-37/CVE-2016-1977/CVE-2016-2790/CVE-2016-2791/
+ CVE-2016-2792/CVE-2016-2793/CVE-2016-2794/CVE-2016-2795/
+ CVE-2016-2796/CVE-2016-2797/CVE-2016-2798/CVE-2016-2799/
+ CVE-2016-2800/CVE-2016-2801/CVE-2016-2802
+ Font vulnerabilities in the Graphite 2 library
+
+-------------------------------------------------------------------
+Fri Feb 26 15:45:19 UTC 2016 - astieger@suse.com
+
+- adjust _constraints to current peak build memory and disk usage
+
+-------------------------------------------------------------------
+Sat Feb 13 08:32:09 UTC 2016 - wr@rosenauer.org
+
+- update to Thunderbird 38.6.0 (boo#963520)
+ * Filters ran on a different folder than selected
+ * MFSA 2016-01/CVE-2016-1930
+ Miscellaneous memory safety hazards
+ * MFSA 2016-03/CVE-2016-1935 (bmo#1220450)
+ Buffer overflow in WebGL after out of memory allocation
+
+-------------------------------------------------------------------
+Mon Jan 25 10:39:23 UTC 2016 - olaf@aepfle.de
+
+- Using -g for CFLAGS is controlled via project settings, it should
+ not be enforced by the mozilla buildsystem.
+
+-------------------------------------------------------------------
+Mon Jan 18 07:32:51 UTC 2016 - olaf@aepfle.de
+
+- Add build conditionals for valgrind and -Os
+- Convert existing conditions for kde to bcond
+
+-------------------------------------------------------------------
+Tue Dec 29 20:30:59 UTC 2015 - wr@rosenauer.org
+
+- update to Thunderbird 38.5.1
+ * requires NSS 3.20.2 to fix
+ MFSA 2015-150/CVE-2015-7575 (bmo#1158489)
+ MD5 signatures accepted within TLS 1.2 ServerKeyExchange in
+ server signature
+- explicitely require libXcomposite-devel
+
+-------------------------------------------------------------------
+Wed Dec 23 10:13:38 UTC 2015 - wr@rosenauer.org
+
+- update to Thunderbird 38.5.0 (bnc#959277)
+ * MFSA 2015-134/CVE-2015-7201
+ Miscellaneous memory safety hazards
+ * MFSA 2015-138/CVE-2015-7210 (bmo#1218326)
+ Use-after-free in WebRTC when datachannel is used after being
+ destroyed
+ * MFSA 2015-139/CVE-2015-7212 (bmo#1222809)
+ Integer overflow allocating extremely large textures
+ * MFSA 2015-145/CVE-2015-7205 (bmo#1220493)
+ Underflow through code inspection
+ * MFSA 2015-146/CVE-2015-7213 (bmo#1206211)
+ Integer overflow in MP4 playback in 64-bit versions
+ * MFSA 2015-147/CVE-2015-7222 (bmo#1216748)
+ Integer underflow and buffer overflow processing MP4 metadata in
+ libstagefright
+ * MFSA 2015-149/CVE-2015-7214 (bmo#1228950)
+ Cross-site reading attack through data and view-source URIs
+
+-------------------------------------------------------------------
+Tue Nov 17 07:58:43 UTC 2015 - wr@rosenauer.org
+
+- update to Thunderbird 38.4.0 (bnc#952810)
+ * MFSA 2015-116/CVE-2015-4513/CVE-2015-4514
+ Miscellaneous memory safety hazards
+ * MFSA 2015-122/CVE-2015-7188 (bmo#1199430)
+ Trailing whitespace in IP address hostnames can bypass same-origin policy
+ * MFSA 2015-123/CVE-2015-7189 (bmo#1205900)
+ Buffer overflow during image interactions in canvas
+ * MFSA 2015-127/CVE-2015-7193 (bmo#1210302)
+ CORS preflight is bypassed when non-standard Content-Type headers
+ are received
+ * MFSA 2015-128/CVE-2015-7194 (bmo#1211262)
+ Memory corruption in libjar through zip files
+ * MFSA 2015-130/CVE-2015-7196 (bmo#1140616)
+ JavaScript garbage collection crash with Java applet
+ * MFSA 2015-131/CVE-2015-7198/CVE-2015-7199/CVE-2015-7200
+ (bmo#1188010, bmo#1204061, bmo#1204155)
+ Vulnerabilities found through code inspection
+ * MFSA 2015-132/CVE-2015-7197 (bmo#1204269)
+ Mixed content WebSocket policy bypass through workers
+ * MFSA 2015-133/CVE-2015-7181/CVE-2015-7182/CVE-2015-7183
+ (bmo#1202868, bmo#1205157)
+ NSS and NSPR memory corruption issues
+ (fixed in mozilla-nspr and mozilla-nss packages)
+- requires NSPR 4.10.10 and NSS 3.19.2.1
+- added explicit appdata provides (bnc#952325)
+
+-------------------------------------------------------------------
+Mon Oct 5 12:44:39 UTC 2015 - dmueller@suse.com
+
+- fix build on aarch64 by reusing the crashreporter conditional
+ from MozillaFirefox
+
+-------------------------------------------------------------------
+Mon Sep 28 18:00:50 UTC 2015 - wr@rosenauer.org
+
+- update to Thunderbird 38.3.0 (bnc#947003)
+ * MFSA 2015-96/CVE-2015-4500
+ Miscellaneous memory safety hazards
+ * MFSA 2015-100/CVE-2015-4505 (bmo#1177861) (Windows only)
+ Arbitrary file manipulation by local user through Mozilla updater
+ * MFSA 2015-101/CVE-2015-4506 (bmo#1192226)
+ Buffer overflow in libvpx while parsing vp9 format video
+ * MFSA 2015-105/CVE-2015-4511 (bmo#1200148)
+ Buffer overflow while decoding WebM video
+ * MFSA 2015-106/CVE-2015-4509 (bmo#1198435)
+ Use-after-free while manipulating HTML media content
+ * MFSA 2015-110/CVE-2015-4519 (bmo#1189814)
+ Dragging and dropping images exposes final URL after redirects
+ * MFSA 2015-111/CVE-2015-4520 (bmo#1200856, bmo#1200869)
+ Errors in the handling of CORS preflight request headers
+ * MFSA 2015-112/CVE-2015-4517/CVE-2015-4521/CVE-2015-4522/
+ CVE-2015-7174/CVE-2015-7175/CVE-2015-7176/CVE-2015-7177/
+ CVE-2015-7180
+ Vulnerabilities found through code inspection
+ * MFSA 2015-113/CVE-2015-7178/CVE-2015-7179 (bmo#1189860,
+ bmo#1190526) (Windows only)
+ Memory safety errors in libGLES in the ANGLE graphics library
+- rebased patches
+
+-------------------------------------------------------------------
+Sat Aug 15 11:41:30 UTC 2015 - wr@rosenauer.org
+
+- update to Thunderbird 38.2.0 (bnc#940806)
+ * MFSA 2015-79/CVE-2015-4473
+ Miscellaneous memory safety hazards
+ * MFSA 2015-80/CVE-2015-4475 (bmo#1175396)
+ Out-of-bounds read with malformed MP3 file
+ * MFSA 2015-82/CVE-2015-4478 (bmo#1105914)
+ Redefinition of non-configurable JavaScript object properties
+ * MFSA 2015-83/CVE-2015-4479/CVE-2015-4480/CVE-2015-4493
+ Overflow issues in libstagefright
+ * MFSA 2015-84/CVE-2015-4481 (bmo1171518)
+ Arbitrary file overwriting through Mozilla Maintenance Service
+ with hard links (only affected Windows)
+ * MFSA 2015-85/CVE-2015-4482 (bmo#1184500)
+ Out-of-bounds write with Updater and malicious MAR file
+ (does not affect openSUSE RPM packages which do not ship the
+ updater)
+ * MFSA 2015-87/CVE-2015-4484 (bmo#1171540)
+ Crash when using shared memory in JavaScript
+ * MFSA 2015-88/CVE-2015-4491 (bmo#1184009)
+ Heap overflow in gdk-pixbuf when scaling bitmap images
+ * MFSA 2015-89/CVE-2015-4485/CVE-2015-4486 (bmo#1177948, bmo#1178148)
+ Buffer overflows on Libvpx when decoding WebM video
+ * MFSA 2015-90/CVE-2015-4487/CVE-2015-4488/CVE-2015-4489
+ Vulnerabilities found through code inspection
+ * MFSA 2015-92/CVE-2015-4492 (bmo#1185820)
+ Use-after-free in XMLHttpRequest with shared workers
+
+-------------------------------------------------------------------
+Wed Jul 8 07:10:59 UTC 2015 - wr@rosenauer.org
+
+- update to Thunderbird 38.1.0 (bnc#935979)
+ * MFSA 2015-59/CVE-2015-2724/CVE-2015-2725
+ Miscellaneous memory safety hazards
+ * MFSA 2015-60/CVE-2015-2727 (bmo#1163422)
+ Local files or privileged URLs in pages can be opened into new tabs
+ * MFSA 2015-61/CVE-2015-2728 (bmo#1142210)
+ Type confusion in Indexed Database Manager
+ * MFSA 2015-62/CVE-2015-2729 (bmo#1122218)
+ Out-of-bound read while computing an oscillator rendering range in Web Audio
+ * MFSA 2015-63/CVE-2015-2731 (bmo#1149891)
+ Use-after-free in Content Policy due to microtask execution error
+ * MFSA 2015-64/CVE-2015-2730 (bmo#1125025)
+ ECDSA signature validation fails to handle some signatures correctly
+ (this fix is shipped by NSS 3.19.1 externally)
+ * MFSA 2015-65/CVE-2015-2722/CVE-2015-2733 (bmo#1166924, bmo#1169867)
+ Use-after-free in workers while using XMLHttpRequest
+ * MFSA 2015-66/CVE-2015-2734/CVE-2015-2735/CVE-2015-2736/CVE-2015-2737
+ CVE-2015-2738/CVE-2015-2739/CVE-2015-2740
+ Vulnerabilities found through code inspection
+ * MFSA 2015-67/CVE-2015-2741 (bmo#1147497)
+ Key pinning is ignored when overridable errors are encountered
+ * MFSA 2015-69/CVE-2015-2743 (bmo#1163109)
+ Privilege escalation in PDF.js
+ * MFSA 2015-70/CVE-2015-4000 (bmo#1138554)
+ NSS accepts export-length DHE keys with regular DHE cipher suites
+ (this fix is shipped by NSS 3.19.1 externally)
+ * MFSA 2015-71/CVE-2015-2721 (bmo#1086145)
+ NSS incorrectly permits skipping of ServerKeyExchange
+ (this fix is shipped by NSS 3.19.1 externally)
+- requires NSS 3.19.2
+
+-------------------------------------------------------------------
+Fri Jun 19 17:00:11 UTC 2015 - wr@rosenauer.org
+
+- update to Thunderbird 38.0.1
+ * includes Lightning as default extension
+- rebased patches
+- removed obsolete patches:
+ * mozilla-ppc.patch
+ * mozilla-nullptr-gcc45.patch
+ * mozilla-bug1024492.patch
+- dropped openSUSE specific patches
+ * thunderbird-shared-nss-db.patch
+ * mozilla-shared-nss-db.patch
+ the provided feature seems not to be used and its maintenance
+ is not worth the ongoing efforts
+- tb-develdirs.patch is now mozilla-develdirs.patch as it is a
+ platform configuration now
+
+--------------------------------------------------------------------
+Thu Jun 18 10:30:18 UTC 2015 - schwab@suse.de
+
+- mozilla-arm64-libjpeg-turbo.patch: fix libjpeg-turbo configuration
+
+-------------------------------------------------------------------
+Thu May 28 10:28:13 UTC 2015 - dmueller@suse.com
+
+- add mozilla-bug1024492.patch:
+ * Fixes build against GCC 5.x
+
+-------------------------------------------------------------------
+Sat May 9 07:22:49 UTC 2015 - wr@rosenauer.org
+
+- update to Thunderbird 31.7.0 (bnc#930622)
+ * MFSA 2015-46/CVE-2015-2708
+ Miscellaneous memory safety hazards
+ * MFSA 2015-47/VE-2015-0797 (bmo#1080995)
+ Buffer overflow parsing H.264 video with Linux Gstreamer
+ * MFSA 2015-48/CVE-2015-2710 (bmo#1149542)
+ Buffer overflow with SVG content and CSS
+ * MFSA 2015-51/CVE-2015-2713 (bmo#1153478)
+ Use-after-free during text processing with vertical text enabled
+ * MFSA 2015-54/CVE-2015-2716 (bmo#1140537)
+ Buffer overflow when parsing compressed XML
+ * MFSA 2015-57/CVE-2011-3079 (bmo#1087565)
+ Privilege escalation through IPC channel messages
+
+-------------------------------------------------------------------
+Tue Mar 31 05:02:16 UTC 2015 - wr@rosenauer.org
+
+- update to Thunderbird 31.6.0 (bnc#925368)
+ * MFSA 2015-30/CVE-2015-0815
+ Miscellaneous memory safety hazards
+ * MFSA 2015-31/CVE-2015-0813 (bmo#1106596))
+ Use-after-free when using the Fluendo MP3 GStreamer plugin
+ * MFSA 2015-33/CVE-2015-0816 (bmo#1144991)
+ resource:// documents can load privileged pages
+ * MFSA-2015-37/CVE-2015-0807 (bmo#1111834)
+ CORS requests should not follow 30x redirections after preflight
+ * MFSA-2015-40/CVE-2015-0801 (bmo#1146339)
+ Same-origin bypass through anchor navigation
+
+-------------------------------------------------------------------
+Mon Feb 23 12:42:57 UTC 2015 - wr@rosenauer.org
+
+- update to Thunderbird 31.5.0 (bnc#917597)
+ * MFSA 2015-11/CVE-2015-0836
+ Miscellaneous memory safety hazards
+ * MFSA 2015-12/CVE-2015-0833 (bmo#945192)
+ Invoking Mozilla updater will load locally stored DLL files
+ (Windows only)
+ * MFSA 2015-16/CVE-2015-0831 (bmo#1130514)
+ Use-after-free in IndexedDB
+ * MFSA 2015-19/CVE-2015-0827 (bmo#1117304)
+ Out-of-bounds read and write while rendering SVG content
+ * MFSA 2015-24/CVE-2015-0822 (bmo#1110557)
+ Reading of local files through manipulation of form autocomplete
+
+-------------------------------------------------------------------
+Sat Jan 10 18:33:52 UTC 2015 - wr@rosenauer.org
+
+- update to Thunderbird 31.4.0 (bnc#910669)
+ * MFSA 2015-01/CVE-2014-8634/CVE-2014-8635
+ Miscellaneous memory safety hazards
+ * MFSA 2015-03/CVE-2014-8638 (bmo#1080987)
+ sendBeacon requests lack an Origin header
+ * MFSA 2015-04/CVE-2014-8639 (bmo#1095859)
+ Cookie injection through Proxy Authenticate responses
+- added mozilla-icu-strncat.patch to fix post build checks
+
+-------------------------------------------------------------------
+Sun Nov 30 08:37:33 UTC 2014 - wr@rosenauer.org
+
+- update to Thunderbird 31.3.0 (bnc#908009)
+ * MFSA 2014-83/CVE-2014-1587
+ Miscellaneous memory safety hazards
+ * MFSA 2014-85/CVE-2014-1590 (bmo#1087633)
+ XMLHttpRequest crashes with some input streams
+ * MFSA 2014-87/CVE-2014-1592 (bmo#1088635)
+ Use-after-free during HTML5 parsing
+ * MFSA 2014-88/CVE-2014-1593 (bmo#1085175)
+ Buffer overflow while parsing media content
+ * MFSA 2014-89/CVE-2014-1594 (bmo#1074280)
+ Bad casting from the BasicThebesLayer to BasicContainerLayer
+
+-------------------------------------------------------------------
+Sun Nov 16 21:22:00 UTC 2014 - Led <ledest@gmail.com>
+
+- fix bashism in mozilla.sh script
+
+-------------------------------------------------------------------
+Tue Nov 4 08:16:43 UTC 2014 - guillaume@opensuse.org
+
+- Limit RAM usage during link for ARM
+
+-------------------------------------------------------------------
+Sat Oct 25 18:41:27 UTC 2014 - wr@rosenauer.org
+
+- remove add-plugins.sh and use /usr/share/myspell directly
+ (bnc#900639)
+
+-------------------------------------------------------------------
+Sun Oct 12 22:47:42 UTC 2014 - wr@rosenauer.org
+
+- update to Thunderbird 31.2.0 (bnc#900941)
+ * MFSA 2014-74/CVE-2014-1574
+ Miscellaneous memory safety hazards
+ * MFSA 2014-75/CVE-2014-1576 (bmo#1041512)
+ Buffer overflow during CSS manipulation
+ * MFSA 2014-76/CVE-2014-1577 (bmo#1012609)
+ Web Audio memory corruption issues with custom waveforms
+ * MFSA 2014-77/CVE-2014-1578 (bmo#1063327)
+ Out-of-bounds write with WebM video
+ * MFSA 2014-79/CVE-2014-1581 (bmo#1068218)
+ Use-after-free interacting with text directionality
+ * MFSA 2014-81/CVE-2014-1585/CVE-2014-1586 (bmo#1062876, bmo#1062981)
+ Inconsistent video sharing within iframe
+- added basic appdata definition
+
+-------------------------------------------------------------------
+Wed Sep 24 09:15:02 UTC 2014 - wr@rosenauer.org
+
+- update to Thunderbird 31.1.2
+
+-------------------------------------------------------------------
+Tue Sep 9 12:53:41 UTC 2014 - wolfgang@rosenauer.org
+
+- update to Thunderbird 31.1.1
+ * Fixed an issue where mailing lists with spaces in their names
+ couldn't be autocompleted (bmo#1060901)
+ * Fixed an occasional startup crash (bmo#1005336)
+
+-------------------------------------------------------------------
+Fri Aug 29 13:02:19 UTC 2014 - wr@rosenauer.org
+
+- update to Thunderbird 31.1.0 (bnc#894370)
+ * MFSA 2014-67/CVE-2014-1553/CVE-2014-1562
+ Miscellaneous memory safety hazards
+ * MFSA 2014-68/CVE-2014-1563 (bmo#1018524)
+ Use-after-free during DOM interactions with SVG
+ * MFSA 2014-69/CVE-2014-1564 (bmo#1045977)
+ Uninitialized memory use during GIF rendering
+ * MFSA 2014-70/CVE-2014-1565 (bmo#1047831)
+ Out-of-bounds read in Web Audio audio timeline
+ * MFSA 2014-72/CVE-2014-1567 (bmo#1037641)
+ Use-after-free setting text directionality
+- added mozilla-nullptr-gcc45.patch to build on gcc 4.5 dists
+ (e.g. openSUSE 11.4)
+
+-------------------------------------------------------------------
+Sun Jul 27 20:25:46 UTC 2014 - wr@rosenauer.org
+
+- update to Thunderbird 31.0
+ * based on Gecko 31
+ * Autocompleting email addresses now matches against any part of
+ the name or email
+ * Composing a mail to a newsgroup will now autocomplete newsgroup
+ names
+ * Insecure NTLM (pre-NTLMv2) authentication disabled
+- rebased patches
+- removed enigmail entirely from source package
+- removed obsolete patches
+ * libffi-ppc64le.patch
+ * ppc64le-support.patch
+ * xpcom-ppc64le.patch
+- use GStreamer 1.0 after 13.1
+- switched source archives to use xz instead of bz2
+
+-------------------------------------------------------------------
+Sun Jul 20 15:59:49 UTC 2014 - wr@rosenauer.org
+
+- update to Thunderbird 24.7.0 (bnc#887746)
+ * MFSA 2014-56/CVE-2014-1547/CVE-2014-1548
+ Miscellaneous memory safety hazards
+ * MFSA 2014-61/CVE-2014-1555 (bmo#1023121)
+ Use-after-free with FireOnStateChange event
+ * MFSA 2014-62/CVE-2014-1556 (bmo#1028891)
+ Exploitable WebGL crash with Cesium JavaScript library
+ * MFSA 2014-63/CVE-2014-1544 (bmo#963150)
+ Use-after-free while when manipulating certificates in the trusted cache
+ (solved with NSS 3.16.2 requirement)
+ * MFSA 2014-64/CVE-2014-1557 (bmo#913805)
+ Crash in Skia library when scaling high quality images
+- disabled enigmail build as with version 1.7 it's a standalone
+ source package
+
+-------------------------------------------------------------------
+Sat Jun 7 09:07:06 UTC 2014 - wr@rosenauer.org
+
+- update to Thunderbird 24.6.0 (bnc#881874)
+ * MFSA 2014-48/CVE-2014-1533/CVE-2014-1534
+ (bmo#921622, bmo#967354, bmo#969517, bmo#969549, bmo#973874,
+ bmo#978652, bmo#978811, bmo#988719, bmo#990868, bmo#991981,
+ bmo#992274, bmo#994907, bmo#995679, bmo#995816, bmo#995817,
+ bmo#996536, bmo#996715, bmo#999651, bmo#1000598,
+ bmo#1000960, bmo#1002340, bmo#1005578, bmo#1007223,
+ bmo#1009952, bmo#1011007)
+ Miscellaneous memory safety hazards (rv:30.0 / rv:24.6)
+ * MFSA 2014-49/CVE-2014-1536/CVE-2014-1537/CVE-2014-1538
+ (bmo#989994, bmo#999274, bmo#1005584)
+ Use-after-free and out of bounds issues found using Address Sanitizer
+ * MFSA 2014-52/CVE-2014-1541 (bmo#1000185)
+ Use-after-free with SMIL Animation Controller
+ * MFSA 2014-55/CVE-2014-1545 (bmo#1018783)
+ Out of bounds write in NSPR
+- require NSPR 4.10.6 because of MFSA 2014-55/CVE-2014-1545
+
+-------------------------------------------------------------------
+Fri Apr 25 09:41:14 UTC 2014 - wr@rosenauer.org
+
+- update to Thunderbird 24.5.0 (bnc#875378)
+ * MFSA 2014-34/CVE-2014-1518
+ Miscellaneous memory safety hazards
+ * MFSA 2014-37/CVE-2014-1523 (bmo#969226)
+ Out of bounds read while decoding JPG images
+ * MFSA 2014-38/CVE-2014-1524 (bmo#989183)
+ Buffer overflow when using non-XBL object as XBL
+ * MFSA 2014-42/CVE-2014-1529 (bmo#987003)
+ Privilege escalation through Web Notification API
+ * MFSA 2014-43/CVE-2014-1530 (bmo#895557)
+ Cross-site scripting (XSS) using history navigations
+ * MFSA 2014-44/CVE-2014-1531 (bmo#987140)
+ Use-after-free in imgLoader while resizing images
+ * MFSA 2014-46/CVE-2014-1532 (bmo#966006)
+ Use-after-free in nsHostResolver
+- use shipped-locales as the authoritative source for supported
+ locales (some unsupported locales disappear from -other package)
+
+-------------------------------------------------------------------
+Tue Mar 18 21:45:43 UTC 2014 - wr@rosenauer.org
+
+- update to Thunderbird 24.4.0 (bnc#868603)
+ * MFSA 2014-15/CVE-2014-1493/CVE-2014-1494
+ Miscellaneous memory safety hazards
+ * MFSA 2014-17/CVE-2014-1497 (bmo#966311)
+ Out of bounds read during WAV file decoding
+ * MFSA 2014-26/CVE-2014-1508 (bmo#963198)
+ Information disclosure through polygon rendering in MathML
+ * MFSA 2014-27/CVE-2014-1509 (bmo#966021)
+ Memory corruption in Cairo during PDF font rendering
+ * MFSA 2014-28/CVE-2014-1505 (bmo#941887)
+ SVG filters information disclosure through feDisplacementMap
+ * MFSA 2014-29/CVE-2014-1510/CVE-2014-1511 (bmo#982906, bmo#982909)
+ Privilege escalation using WebIDL-implemented APIs
+ * MFSA 2014-30/CVE-2014-1512 (bmo#982957)
+ Use-after-free in TypeObject
+ * MFSA 2014-31/CVE-2014-1513 (bmo#982974)
+ Out-of-bounds read/write through neutering ArrayBuffer objects
+ * MFSA 2014-32/CVE-2014-1514 (bmo#983344)
+ Out-of-bounds write through TypedArrayObject after neutering
+
+-------------------------------------------------------------------
+Mon Feb 3 16:07:28 UTC 2014 - wr@rosenauer.org
+
+- update to Thunderbird 24.3.0 (bnc#861847)
+ * MFSA 2014-01/CVE-2014-1477/CVE-2014-1478
+ Miscellaneous memory safety hazards (rv:27.0 / rv:24.3)
+ * MFSA 2014-02/CVE-2014-1479 (bmo#911864)
+ Clone protected content with XBL scopes
+ * MFSA 2014-04/CVE-2014-1482 (bmo#943803)
+ Incorrect use of discarded images by RasterImage
+ * MFSA 2014-08/CVE-2014-1486 (bmo#942164)
+ Use-after-free with imgRequestProxy and image proccessing
+ * MFSA 2014-09/CVE-2014-1487 (bmo#947592)
+ Cross-origin information leak through web workers
+ * MFSA 2014-12/CVE-2014-1490/CVE-2014-1491
+ (bmo#934545, bmo#930874, bmo#930857)
+ NSS ticket handling issues
+ * MFSA 2014-13/CVE-2014-1481(bmo#936056)
+ Inconsistent JavaScript handling of access to Window objects
+- requires NSS 3.15.4
+- renamed ppc64le patches to streamline with Firefox package
+
+-------------------------------------------------------------------
+Fri Dec 13 21:29:16 UTC 2013 - uweigand@de.ibm.com
+
+- Add support for powerpc64le-linux.
+ * ppc64le-support.patch: general support
+ * libffi-ppc64le.patch: libffi backport
+ * xpcom-ppc64le.patch: port xpcom
+
+-------------------------------------------------------------------
+Sun Dec 8 10:18:03 UTC 2013 - wr@rosenauer.org
+
+- update to Thunderbird 24.2.0 (bnc#854370)
+ * requires NSS 3.15.3.1 or higher
+ * MFSA 2013-104/CVE-2013-5609/CVE-2013-5610
+ Miscellaneous memory safety hazards
+ * MFSA 2013-108/CVE-2013-5616 (bmo#938341)
+ Use-after-free in event listeners
+ * MFSA 2013-109/CVE-2013-5618 (bmo#926361)
+ Use-after-free during Table Editing
+ * MFSA 2013-111/CVE-2013-6671 (bmo#930281)
+ Segmentation violation when replacing ordered list elements
+ * MFSA 2013-113/CVE-2013-6673 (bmo#970380)
+ Trust settings for built-in roots ignored during EV certificate
+ validation
+ * MFSA 2013-114/CVE-2013-5613 (bmo#930381, bmo#932449)
+ Use-after-free in synthetic mouse movement
+ * MFSA 2013-115/CVE-2013-5615 (bmo#929261)
+ GetElementIC typed array stubs can be generated outside observed
+ typesets
+ * MFSA 2013-116/CVE-2013-6629/CVE-2013-6630 (bmo#891693)
+ JPEG information leak
+ * MFSA 2013-117 (bmo#946351)
+ Mis-issued ANSSI/DCSSI certificate
+ (fixed via NSS 3.15.3.1)
+
+-------------------------------------------------------------------
+Tue Nov 19 08:08:00 UTC 2013 - wr@rosenauer.org
+
+- update to Thunderbird 24.1.1
+ * requires NSPR 4.10.2 and NSS 3.15.3 for security reasons
+ * fix binary compatibility issues for patch level updates
+ (bmo#927073)
+
+-------------------------------------------------------------------
+Thu Oct 24 17:18:23 UTC 2013 - wr@rosenauer.org
+
+- update to Thunderbird 24.1.0 (bnc#847708)
+ * requires NSS 3.15.2 or above
+ * MFSA 2013-93/CVE-2013-5590/CVE-2013-5591/CVE-2013-5592
+ Miscellaneous memory safety hazards
+ * MFSA 2013-94/CVE-2013-5593 (bmo#868327)
+ Spoofing addressbar through SELECT element
+ * MFSA 2013-95/CVE-2013-5604 (bmo#914017)
+ Access violation with XSLT and uninitialized data
+ * MFSA 2013-96/CVE-2013-5595 (bmo#916580)
+ Improperly initialized memory and overflows in some JavaScript
+ functions
+ * MFSA 2013-97/CVE-2013-5596 (bmo#910881)
+ Writing to cycle collected object during image decoding
+ * MFSA 2013-98/CVE-2013-5597 (bmo#918864)
+ Use-after-free when updating offline cache
+ * MFSA 2013-100/CVE-2013-5599/CVE-2013-5600/CVE-2013-5601
+ (bmo#915210, bmo#915576, bmo#916685)
+ Miscellaneous use-after-free issues found through ASAN fuzzing
+ * MFSA 2013-101/CVE-2013-5602 (bmo#897678)
+ Memory corruption in workers
+ * MFSA 2013-102/CVE-2013-5603 (bmo#916404)
+ Use-after-free in HTML document templates
+
+-------------------------------------------------------------------
+Thu Oct 10 14:43:22 UTC 2013 - wr@rosenauer.org
+
+- update to Thunderbird 24.0.1
+ * fqdn for smtp server name was not accepted (bmo#913785)
+ * fixed crash in PL_strncasecmp (bmo#917955)
+- update Enigmail to 1.6
+ * The passphrase timeout configuration in Enigmail is now read and
+ written from/to gpg-agent.
+ * New dialog to change the expiry date of keys
+ * New function to search for the OpenPGP keys of all Address Book
+ entries on a keyserver
+ * removed obsolete enigmail-build.patch
+
+-------------------------------------------------------------------
+Sat Sep 14 20:32:28 UTC 2013 - wr@rosenauer.org
+
+- update to Thunderbird 24.0 (bnc#840485)
+ * MFSA 2013-76/CVE-2013-1718/CVE-2013-1719
+ Miscellaneous memory safety hazards
+ * MFSA 2013-77/CVE-2013-1720 (bmo#888820)
+ Improper state in HTML5 Tree Builder with templates
+ * MFSA 2013-79/CVE-2013-1722 (bmo#893308)
+ Use-after-free in Animation Manager during stylesheet cloning
+ * MFSA 2013-80/CVE-2013-1723 (bmo#891292)
+ NativeKey continues handling key messages after widget is destroyed
+ * MFSA 2013-81/CVE-2013-1724 (bmo#894137)
+ Use-after-free with select element
+ * MFSA 2013-82/CVE-2013-1725 (bmo#876762)
+ Calling scope for new Javascript objects can lead to memory corruption
+ * MFSA 2013-85/CVE-2013-1728 (bmo#883686)
+ Uninitialized data in IonMonkey
+ * MFSA 2013-88/CVE-2013-1730 (bmo#851353)
+ Compartment mismatch re-attaching XBL-backed nodes
+ * MFSA 2013-89/CVE-2013-1732 (bmo#883514)
+ Buffer overflow with multi-column, lists, and floats
+ * MFSA 2013-90/CVE-2013-1735/CVE-2013-1736 (bmo#898871, bmo#906301)
+ Memory corruption involving scrolling
+ * MFSA 2013-91/CVE-2013-1737 (bmo#907727)
+ User-defined properties on DOM proxies get the wrong "this" object
+ * MFSA 2013-92/CVE-2013-1738 (bmo#887334, bmo#882897)
+ GC hazard with default compartments and frame chain restoration
+- moved greek to common translation package
+- require NSPR 4.10 and NSS 3.15.1
+- add GStreamer build requirements for Gecko
+- added enigmail-build.patch to fix TB packaging (bmo#886095)
+- removed obsolete patches:
+ * enigmail-old-gcc.patch
+ * mozilla-gcc43-enums.patch
+ * mozilla-gcc43-template_hacks.patch
+ * mozilla-gcc43-templates_instantiation.patch
+ * ppc-xpcshell.patch
+
+-------------------------------------------------------------------
+Fri Aug 2 06:01:03 UTC 2013 - wr@rosenauer.org
+
+- update to Thunderbird 17.0.8 (bnc#833389)
+ * MFSA 2013-63/CVE-2013-1701
+ Miscellaneous memory safety hazards
+ * MFSA 2013-68/CVE-2013-1709 (bmo#838253)
+ Document URI misrepresentation and masquerading
+ * MFSA 2013-69/CVE-2013-1710 (bmo#871368)
+ CRMF requests allow for code execution and XSS attacks
+ * MFSA 2013-72/CVE-2013-1713 (bmo#887098)
+ Wrong principal used for validating URI for some Javascript
+ components
+ * MFSA 2013-73/CVE-2013-1714 (bmo#879787)
+ Same-origin bypass with web workers and XMLHttpRequest
+ * MFSA 2013-75/CVE-2013-1717 (bmo#406541, bmo#738397)
+ Local Java applets may read contents of local file system
+
+-------------------------------------------------------------------
+Wed Jul 17 17:28:39 UTC 2013 - wr@rosenauer.org
+
+- update Enigmail to 1.5.2
+ * bugfix release
+
+-------------------------------------------------------------------
+Mon Jun 24 10:17:22 UTC 2013 - wr@rosenauer.org
+
+- update to Thunderbird 17.0.7 (bnc#825935)
+ * MFSA 2013-49/CVE-2013-1682
+ Miscellaneous memory safety hazards
+ * MFSA 2013-50/CVE-2013-1684/CVE-2013-1685/CVE-2013-1686
+ Memory corruption found using Address Sanitizer
+ * MFSA 2013-51/CVE-2013-1687 (bmo#863933, bmo#866823)
+ Privileged content access and execution via XBL
+ * MFSA 2013-53/CVE-2013-1690 (bmo#857883)
+ Execution of unmapped memory through onreadystatechange event
+ * MFSA 2013-54/CVE-2013-1692 (bmo#866915)
+ Data in the body of XHR HEAD requests leads to CSRF attacks
+ * MFSA 2013-55/CVE-2013-1693 (bmo#711043)
+ SVG filters can lead to information disclosure
+ * MFSA 2013-56/CVE-2013-1694 (bmo#848535)
+ PreserveWrapper has inconsistent behavior
+ * MFSA 2013-59/CVE-2013-1697 (bmo#858101)
+ XrayWrappers can be bypassed to run user defined methods in a
+ privileged context
+
+-------------------------------------------------------------------
+Tue Jun 4 20:41:42 UTC 2013 - dvaleev@suse.com
+
+- prevent xpc-shell crashing on powerpc
+ ppc-xpcshell.patch
+
+-------------------------------------------------------------------
+Sat May 11 08:46:37 UTC 2013 - wr@rosenauer.org
+
+- update to Thunderbird 17.0.6 (bnc#819204)
+ * MFSA 2013-41/CVE-2013-0801/CVE-2013-1669
+ Miscellaneous memory safety hazards
+ * MFSA 2013-42/CVE-2013-1670 (bmo#853709)
+ Privileged access for content level constructor
+ * MFSA 2013-46/CVE-2013-1674 (bmo#860971)
+ Use-after-free with video and onresize event
+ * MFSA 2013-47/CVE-2013-1675 (bmo#866825)
+ Uninitialized functions in DOMSVGZoomEvent
+ * MFSA 2013-48/CVE-2013-1676/CVE-2013-1677/CVE-2013-1678/
+ CVE-2013-1679/CVE-2013-1680/CVE-2013-1681
+ Memory corruption found using Address Sanitizer
+
+-------------------------------------------------------------------
+Fri Mar 29 18:25:38 UTC 2013 - wr@rosenauer.org
+
+- update to Thunderbird 17.0.5 (bnc#813026)
+ * requires NSPR 4.9.5 and NSS 3.14.3
+ * MFSA 2013-30/CVE-2013-0788/CVE-2013-0789
+ Miscellaneous memory safety hazards
+ * MFSA 2013-31/CVE-2013-0800 (bmo#825721)
+ Out-of-bounds write in Cairo library
+ * MFSA 2013-35/CVE-2013-0796 (bmo#827106)
+ WebGL crash with Mesa graphics driver on Linux
+ * MFSA 2013-36/CVE-2013-0795 (bmo#825697)
+ Bypass of SOW protections allows cloning of protected nodes
+ * MFSA 2013-38/CVE-2013-0793 (bmo#803870)
+ Cross-site scripting (XSS) using timed history navigations
+
+-------------------------------------------------------------------
+Fri Mar 8 10:35:29 UTC 2013 - wr@rosenauer.org
+
+- update to Thunderbird 17.0.4 (bnc#808243)
+ * MFSA 2013-29/CVE-2013-0787 (bmo#848644)
+ Use-after-free in HTML Editor
+
+-------------------------------------------------------------------
+Sun Feb 17 12:09:06 UTC 2013 - wr@rosenauer.org
+
+- update to Thunderbird 17.0.3 (bnc#804248)
+ * MFSA 2013-21/CVE-2013-0783
+ Miscellaneous memory safety hazards
+ * MFSA 2013-24/CVE-2013-0773 (bmo#809652)
+ Web content bypass of COW and SOW security wrappers
+ * MFSA 2013-25/CVE-2013-0774 (bmo#827193)
+ Privacy leak in JavaScript Workers
+ * MFSA 2013-26/CVE-2013-0775 (bmo#831095)
+ Use-after-free in nsImageLoadingContent
+ * MFSA 2013-27/CVE-2013-0776 (bmo#796475)
+ Phishing on HTTPS connection through malicious proxy
+ * MFSA 2013-28/CVE-2013-0780/CVE-2013-0782
+ Use-after-free, out of bounds read, and buffer overflow issues
+ found using Address Sanitizer
+
+-------------------------------------------------------------------
+Mon Feb 11 08:25:24 UTC 2013 - wr@rosenauer.org
+
+- update Enigmail to 1.5.1
+ * The release fixes the regressions found in the past few
+ weeks
+
+-------------------------------------------------------------------
+Sat Jan 5 12:40:00 UTC 2013 - wr@rosenauer.org
+
+- update to Thunderbird 17.0.2 (bnc#796895)
+ * MFSA 2013-01/CVE-2013-0749/CVE-2013-0769/CVE-2013-0770
+ Miscellaneous memory safety hazards
+ * MFSA 2013-02/CVE-2013-0760/CVE-2013-0762/CVE-2013-0766/CVE-2013-0767
+ CVE-2013-0761/CVE-2013-0763/CVE-2013-0771/CVE-2012-5829
+ Use-after-free and buffer overflow issues found using Address Sanitizer
+ * MFSA 2013-03/CVE-2013-0768 (bmo#815795)
+ Buffer Overflow in Canvas
+ * MFSA 2013-04/CVE-2012-0759 (bmo#802026)
+ URL spoofing in addressbar during page loads
+ * MFSA 2013-05/CVE-2013-0744 (bmo#814713)
+ Use-after-free when displaying table with many columns and column groups
+ * MFSA 2013-07/CVE-2013-0764 (bmo#804237)
+ Crash due to handling of SSL on threads
+ * MFSA 2013-08/CVE-2013-0745 (bmo#794158)
+ AutoWrapperChanger fails to keep objects alive during garbage collection
+ * MFSA 2013-09/CVE-2013-0746 (bmo#816842)
+ Compartment mismatch with quickstubs returned values
+ * MFSA 2013-10/CVE-2013-0747 (bmo#733305)
+ Event manipulation in plugin handler to bypass same-origin policy
+ * MFSA 2013-11/CVE-2013-0748 (bmo#806031)
+ Address space layout leaked in XBL objects
+ * MFSA 2013-12/CVE-2013-0750 (bmo#805121)
+ Buffer overflow in Javascript string concatenation
+ * MFSA 2013-13/CVE-2013-0752 (bmo#805024)
+ Memory corruption in XBL with XML bindings containing SVG
+ * MFSA 2013-14/CVE-2013-0757 (bmo#813901)
+ Chrome Object Wrapper (COW) bypass through changing prototype
+ * MFSA 2013-15/CVE-2013-0758 (bmo#813906)
+ Privilege escalation through plugin objects
+ * MFSA 2013-16/CVE-2013-0753 (bmo#814001)
+ Use-after-free in serializeToStream
+ * MFSA 2013-17/CVE-2013-0754 (bmo#814026)
+ Use-after-free in ListenerManager
+ * MFSA 2013-18/CVE-2013-0755 (bmo#814027)
+ Use-after-free in Vibrate
+ * MFSA 2013-19/CVE-2013-0756 (bmo#814029)
+ Use-after-free in Javascript Proxy objects
+- requires NSS 3.14.1 (MFSA 2013-20, CVE-2013-0743)
+- update Enigmail to 1.5.0
+
+-------------------------------------------------------------------
+Mon Nov 26 11:10:11 UTC 2012 - wr@rosenauer.org
+
+- fix KDE integration for file dialogs
+- fix some rpmlint warnings (mkdir.done files)
+- build on SLE11
+ * mozilla-gcc43-enums.patch
+ * mozilla-gcc43-template_hacks.patch
+ * mozilla-gcc43-templates_instantiation.patch
+
+-------------------------------------------------------------------
+Tue Nov 20 20:42:04 UTC 2012 - wr@rosenauer.org
+
+- update to Thunderbird 17.0 (bnc#790140)
+ * MFSA 2012-91/CVE-2012-5842/CVE-2012-5843
+ Miscellaneous memory safety hazards
+ * MFSA 2012-92/CVE-2012-4202 (bmo#758200)
+ Buffer overflow while rendering GIF images
+ * MFSA 2012-93/CVE-2012-4201 (bmo#747607)
+ evalInSanbox location context incorrectly applied
+ * MFSA 2012-94/CVE-2012-5836 (bmo#792857)
+ Crash when combining SVG text on path with CSS
+ * MFSA 2012-96/CVE-2012-4204 (bmo#778603)
+ Memory corruption in str_unescape
+ * MFSA 2012-97/CVE-2012-4205 (bmo#779821)
+ XMLHttpRequest inherits incorrect principal within sandbox
+ * MFSA 2012-99/CVE-2012-4208 (bmo#798264)
+ XrayWrappers exposes chrome-only properties when not in chrome
+ compartment
+ * MFSA 2012-100/CVE-2012-5841 (bmo#805807)
+ Improper security filtering for cross-origin wrappers
+ * MFSA 2012-101/CVE-2012-4207 (bmo#801681)
+ Improper character decoding in HZ-GB-2312 charset
+ * MFSA 2012-102/CVE-2012-5837 (bmo#800363)
+ Script entered into Developer Toolbar runs with chrome privileges
+ * MFSA 2012-103/CVE-2012-4209 (bmo#792405)
+ Frames can shadow top.location
+ * MFSA 2012-105/CVE-2012-4214/CVE-2012-4215/CVE-2012-4216/
+ CVE-2012-5829/CVE-2012-5839/CVE-2012-5840/CVE-2012-4212/
+ CVE-2012-4213/CVE-2012-4217/CVE-2012-4218
+ Use-after-free and buffer overflow issues found using Address
+ Sanitizer
+ * MFSA 2012-106/CVE-2012-5830/CVE-2012-5833/CVE-2012-5835/CVE-2012-5838
+ Use-after-free, buffer overflow, and memory corruption issues
+ found using Address Sanitizer
+- rebased patches
+- disabled WebRTC since build is broken (bmo#776877)
+- update Enigmail to 1.4.6
+
+-------------------------------------------------------------------
+Sat Oct 27 08:58:22 UTC 2012 - wr@rosenauer.org
+
+- update to Thunderbird 16.0.2 (bnc#786522)
+ * MFSA 2012-90/CVE-2012-4194/CVE-2012-4195/CVE-2012-4196
+ (bmo#800666, bmo#793121, bmo#802557)
+ Fixes for Location object issues
+
+-------------------------------------------------------------------
+Thu Oct 11 03:16:52 UTC 2012 - wr@rosenauer.org
+
+- update to Thunderbird 16.0.1 (bnc#783533)
+ * MFSA 2012-88/CVE-2012-4191 (bmo#798045)
+ Miscellaneous memory safety hazards
+ * MFSA 2012-89/CVE-2012-4192/CVE-2012-4193 (bmo#799952, bmo#720619)
+ defaultValue security checks not applied
+
+-------------------------------------------------------------------
+Mon Oct 8 13:27:10 UTC 2012 - wr@rosenauer.org
+
+- update to Thunderbird 16.0 (bnc#783533)
+ * MFSA 2012-74/CVE-2012-3982/CVE-2012-3983
+ Miscellaneous memory safety hazards
+ * MFSA 2012-75/CVE-2012-3984 (bmo#575294)
+ select element persistance allows for attacks
+ * MFSA 2012-76/CVE-2012-3985 (bmo#655649)
+ Continued access to initial origin after setting document.domain
+ * MFSA 2012-77/CVE-2012-3986 (bmo#775868)
+ Some DOMWindowUtils methods bypass security checks
+ * MFSA 2012-79/CVE-2012-3988 (bmo#725770)
+ DOS and crash with full screen and history navigation
+ * MFSA 2012-80/CVE-2012-3989 (bmo#783867)
+ Crash with invalid cast when using instanceof operator
+ * MFSA 2012-81/CVE-2012-3991 (bmo#783260)
+ GetProperty function can bypass security checks
+ * MFSA 2012-82/CVE-2012-3994 (bmo#765527)
+ top object and location property accessible by plugins
+ * MFSA 2012-83/CVE-2012-3993/CVE-2012-4184 (bmo#768101, bmo#780370)
+ Chrome Object Wrapper (COW) does not disallow acces to privileged
+ functions or properties
+ * MFSA 2012-84/CVE-2012-3992 (bmo#775009)
+ Spoofing and script injection through location.hash
+ * MFSA 2012-85/CVE-2012-3995/CVE-2012-4179/CVE-2012-4180/
+ CVE-2012-4181/CVE-2012-4182/CVE-2012-4183
+ Use-after-free, buffer overflow, and out of bounds read issues
+ found using Address Sanitizer
+ * MFSA 2012-86/CVE-2012-4185/CVE-2012-4186/CVE-2012-4187/
+ CVE-2012-4188
+ Heap memory corruption issues found using Address Sanitizer
+ * MFSA 2012-87/CVE-2012-3990 (bmo#787704)
+ Use-after-free in the IME State Manager
+- update Enigmail to version 1.4.5
+
+-------------------------------------------------------------------
+Sun Aug 26 14:59:20 UTC 2012 - wr@rosenauer.org
+
+- update to Thunderbird 15.0 (bnc#777588)
+ * MFSA 2012-57/CVE-2012-1970
+ Miscellaneous memory safety hazards
+ * MFSA 2012-58/CVE-2012-1972/CVE-2012-1973/CVE-2012-1974/CVE-2012-1975
+ CVE-2012-1976/CVE-2012-3956/CVE-2012-3957/CVE-2012-3958/CVE-2012-3959
+ CVE-2012-3960/CVE-2012-3961/CVE-2012-3962/CVE-2012-3963/CVE-2012-3964
+ Use-after-free issues found using Address Sanitizer
+ * MFSA 2012-59/CVE-2012-1956 (bmo#756719)
+ Location object can be shadowed using Object.defineProperty
+ * MFSA 2012-61/CVE-2012-3966 (bmo#775794, bmo#775793)
+ Memory corruption with bitmap format images with negative height
+ * MFSA 2012-62/CVE-2012-3967/CVE-2012-3968
+ WebGL use-after-free and memory corruption
+ * MFSA 2012-63/CVE-2012-3969/CVE-2012-3970
+ SVG buffer overflow and use-after-free issues
+ * MFSA 2012-64/CVE-2012-3971
+ Graphite 2 memory corruption
+ * MFSA 2012-65/CVE-2012-3972 (bmo#746855)
+ Out-of-bounds read in format-number in XSLT
+ * MFSA 2012-68/CVE-2012-3975 (bmo#770684)
+ DOMParser loads linked resources in extensions when parsing
+ text/html
+ * MFSA 2012-70/CVE-2012-3978 (bmo#770429)
+ Location object security checks bypassed by chrome code
+ * MFSA 2012-72/CVE-2012-3980 (bmo#771859)
+ Web console eval capable of executing chrome-privileged code
+- update Enigmail to 1.4.4
+
+-------------------------------------------------------------------
+Sun Jul 29 07:22:19 UTC 2012 - aj@suse.de
+
+- Fix mozilla-kde.patch to include sys/resource.h for getrlimit etc (glibc 2.16)
+
+-------------------------------------------------------------------
+Sun Jul 15 08:06:50 UTC 2012 - wr@rosenauer.org
+
+- update to Thunderbird 14.0 (bnc#771583)
+ * MFSA 2012-42/CVE-2012-1949/CVE-2012-1948
+ Miscellaneous memory safety hazards
+ * MFSA 2012-44/CVE-2012-1951/CVE-2012-1954/CVE-2012-1953/CVE-2012-1952
+ Gecko memory corruption
+ * MFSA 2012-45/CVE-2012-1955 (bmo#757376)
+ Spoofing issue with location
+ * MFSA 2012-47/CVE-2012-1957 (bmo#750096)
+ Improper filtering of javascript in HTML feed-view
+ * MFSA 2012-48/CVE-2012-1958 (bmo#750820)
+ use-after-free in nsGlobalWindow::PageHidden
+ * MFSA 2012-49/CVE-2012-1959 (bmo#754044, bmo#737559)
+ Same-compartment Security Wrappers can be bypassed
+ * MFSA 2012-50/CVE-2012-1960 (bmo#761014)
+ Out of bounds read in QCMS
+ * MFSA 2012-51/CVE-2012-1961 (bmo#761655)
+ X-Frame-Options header ignored when duplicated
+ * MFSA 2012-52/CVE-2012-1962 (bmo#764296)
+ JSDependentString::undepend string conversion results in memory
+ corruption
+ * MFSA 2012-53/CVE-2012-1963 (bmo#767778)
+ Content Security Policy 1.0 implementation errors cause data
+ leakage
+ * MFSA 2012-56/CVE-2012-1967 (bmo#758344)
+ Code execution through javascript: URLs
+ * relicensed to MPL-2.0
+- update Enigmail to 1.4.3
+
+-------------------------------------------------------------------
+Thu Jul 5 09:58:15 UTC 2012 - adrian@suse.de
+
+- no crashreport on %arm, fixing build
+
+-------------------------------------------------------------------
+Fri Jun 15 07:00:43 UTC 2012 - wr@rosenauer.org
+
+- update to Thunderbird 13.0.1
+ * bugfix release
+
+-------------------------------------------------------------------
+Sat Jun 2 12:41:08 UTC 2012 - wr@rosenauer.org
+
+- update to Thunderbird 13.0 (bnc#765204)
+ * MFSA 2012-34/CVE-2012-1938/CVE-2012-1937/CVE-2011-3101
+ Miscellaneous memory safety hazards
+ * MFSA 2012-36/CVE-2012-1944 (bmo#751422)
+ Content Security Policy inline-script bypass
+ * MFSA 2012-37/CVE-2012-1945 (bmo#670514)
+ Information disclosure though Windows file shares and shortcut
+ files
+ * MFSA 2012-38/CVE-2012-1946 (bmo#750109)
+ Use-after-free while replacing/inserting a node in a document
+ * MFSA 2012-40/CVE-2012-1947/CVE-2012-1940/CVE-2012-1941
+ Buffer overflow and use-after-free issues found using Address
+ Sanitizer
+- require NSS 3.13.4
+ * MFSA 2012-39/CVE-2012-0441 (bmo#715073)
+- fix build with system NSPR (mozilla-system-nspr.patch)
+- add dependentlibs.list for improved XRE startup
+- update enigmail to 1.4.2
+
+-------------------------------------------------------------------
+Wed May 16 05:38:46 UTC 2012 - wr@rosenauer.org
+
+- reenabled crashreporter for Factory/12.2
+ (fix in mozilla-gcc47.patch)
+
+-------------------------------------------------------------------
+Mon Apr 30 06:43:26 UTC 2012 - wr@rosenauer.org
+
+- update to Thunderbird 12.0.1
+ * fix regressions
+ - POP3 filters (bmo#748090)
+ - Message Body not loaded when using "Fetch Headers Only"
+ (bmo#748865)
+ - Received messages contain parts of other messages with
+ movemail account (bmo#748726)
+ - New mail notification issue (bmo#748997)
+ - crash in nsMsgDatabase::MatchDbName (bmo#748432)
+
+-------------------------------------------------------------------
+Fri Apr 27 10:22:49 UTC 2012 - wr@rosenauer.org
+
+- fixed build with gcc 4.7
+
+-------------------------------------------------------------------
+Sat Apr 21 07:39:28 UTC 2012 - wr@rosenauer.org
+
+- update to Thunderbird 12.0 (bnc#758408)
+ * MFSA 2012-20/CVE-2012-0467/CVE-2012-0468
+ Miscellaneous memory safety hazards
+ * MFSA 2012-22/CVE-2012-0469 (bmo#738985)
+ use-after-free in IDBKeyRange
+ * MFSA 2012-23/CVE-2012-0470 (bmo#734288)
+ Invalid frees causes heap corruption in gfxImageSurface
+ * MFSA 2012-24/CVE-2012-0471 (bmo#715319)
+ Potential XSS via multibyte content processing errors
+ * MFSA 2012-25/CVE-2012-0472 (bmo#744480)
+ Potential memory corruption during font rendering using cairo-dwrite
+ * MFSA 2012-26/CVE-2012-0473 (bmo#743475)
+ WebGL.drawElements may read illegal video memory due to
+ FindMaxUshortElement error
+ * MFSA 2012-27/CVE-2012-0474 (bmo#687745, bmo#737307)
+ Page load short-circuit can lead to XSS
+ * MFSA 2012-28/CVE-2012-0475 (bmo#694576)
+ Ambiguous IPv6 in Origin headers may bypass webserver access
+ restrictions
+ * MFSA 2012-29/CVE-2012-0477 (bmo#718573)
+ Potential XSS through ISO-2022-KR/ISO-2022-CN decoding issues
+ * MFSA 2012-30/CVE-2012-0478 (bmo#727547)
+ Crash with WebGL content using textImage2D
+ * MFSA 2012-31/CVE-2011-3062 (bmo#739925)
+ Off-by-one error in OpenType Sanitizer
+ * MFSA 2012-32/CVE-2011-1187 (bmo#624621)
+ HTTP Redirections and remote content can be read by javascript errors
+ * MFSA 2012-33/CVE-2012-0479 (bmo#714631)
+ Potential site identity spoofing when loading RSS and Atom feeds
+- update Enigmail to 1.4.1
+- added mozilla-revert_621446.patch
+- added mozilla-libnotify.patch (bmo#737646)
+- added mailnew-showalert.patch (bmo#739146)
+- added mozilla-gcc47.patch and mailnews-literals.patch to fix
+ compilation issues with recent gcc 4.7
+- disabled crashreporter temporarily for Factory (gcc 4.7 issue)
+
+-------------------------------------------------------------------
+Tue Mar 27 22:17:05 UTC 2012 - wr@rosenauer.org
+
+- update to Thunderbird 11.0.1 (bnc#755060)
+ * Fixing an issue where filters can get messed up (bmo#735940)
+ * Fixes a hang when switching IMAP folders, or doing other
+ imap functions (bmo#733731)
+
+-------------------------------------------------------------------
+Fri Mar 9 20:42:21 UTC 2012 - wr@rosenauer.org
+
+- update to Thunderbird 11.0 (bnc#750044)
+ * MFSA 2012-13/CVE-2012-0455 (bmo#704354)
+ XSS with Drag and Drop and Javascript: URL
+ * MFSA 2012-14/CVE-2012-0456/CVE-2012-0457 (bmo#711653, #720103)
+ SVG issues found with Address Sanitizer
+ * MFSA 2012-15/CVE-2012-0451 (bmo#717511)
+ XSS with multiple Content Security Policy headers
+ * MFSA 2012-16/CVE-2012-0458
+ Escalation of privilege with Javascript: URL as home page
+ * MFSA 2012-17/CVE-2012-0459 (bmo#723446)
+ Crash when accessing keyframe cssText after dynamic modification
+ * MFSA 2012-18/CVE-2012-0460 (bmo#727303)
+ window.fullScreen writeable by untrusted content
+ * MFSA 2012-19/CVE-2012-0461/CVE-2012-0462/CVE-2012-0464/
+ CVE-2012-0463
+ Miscellaneous memory safety hazards
+- update enigmail to 1.4
+- added KDE integration patches (bnc#749440)
+
+-------------------------------------------------------------------
+Mon Feb 27 17:15:05 CET 2012 - jslaby@suse.de
+
+- update enigmail to 1.3.99 (1.4a1pre)
+
+-------------------------------------------------------------------
+Thu Feb 16 10:54:42 UTC 2012 - wr@rosenauer.org
+
+- update to Thunderbird 10.0.2 (bnc#747328)
+ * CVE-2011-3026 (bmo#727401)
+ libpng: integer overflow leading to heap-buffer overflow
+
+-------------------------------------------------------------------
+Thu Feb 9 08:10:32 UTC 2012 - wr@rosenauer.org
+
+- update to version 10.0.1 (bnc#746616)
+ * MFSA 2012-10/CVE-2012-0452 (bmo#724284)
+ use after free in nsXBLDocumentInfo::ReadPrototypeBindings
+- Use YARR interpreter instead of PCRE on platforms where YARR JIT
+ is not supported, since PCRE doesnt build (bmo#691898)
+- fix ppc64 build (bmo#703534)
+
+-------------------------------------------------------------------
+Sun Jan 29 17:31:32 UTC 2012 - wr@rosenauer.org
+
+- update to version 10.0 (bnc#744275)
+ * MFSA 2012-01/CVE-2012-0442/CVE-2012-0443
+ Miscellaneous memory safety hazards
+ * MFSA 2012-03/CVE-2012-0445 (bmo#701071)
+ <iframe> element exposed across domains via name attribute
+ * MFSA 2012-04/CVE-2011-3659 (bmo#708198)
+ Child nodes from nsDOMAttribute still accessible after removal
+ of nodes
+ * MFSA 2012-05/CVE-2012-0446 (bmo#705651)
+ Frame scripts calling into untrusted objects bypass security
+ checks
+ * MFSA 2012-06/CVE-2012-0447 (bmo#710079)
+ Uninitialized memory appended when encoding icon images may
+ cause information disclosure
+ * MFSA 2012-07/CVE-2012-0444 (bmo#719612)
+ Potential Memory Corruption When Decoding Ogg Vorbis files
+ * MFSA 2012-08/CVE-2012-0449 (bmo#701806, bmo#702466)
+ Crash with malformed embedded XSLT stylesheets
+- update enigmail to 1.3.5
+- added mozilla-disable-neon-option.patch to be able to disable
+ neon on ARM
+- removed obsolete PPC64 patch
+
+-------------------------------------------------------------------
+Sun Dec 18 09:28:51 UTC 2011 - wr@rosenauer.org
+
+- update to version 9.0 (bnc#737533)
+ * MFSA 2011-53/CVE-2011-3660
+ Miscellaneous memory safety hazards (rv:9.0)
+ * MFSA 2011-54/CVE-2011-3661 (bmo#691299)
+ Potentially exploitable crash in the YARR regular expression
+ library
+ * MFSA 2011-55/CVE-2011-3658 (bmo#708186)
+ nsSVGValue out-of-bounds access
+ * MFSA 2011-56/CVE-2011-3663 (bmo#704482)
+ Key detection without JavaScript via SVG animation
+ * MFSA 2011-58/VE-2011-3665 (bmo#701259)
+ Crash scaling <video> to extreme sizes
+- fixed accessibility under GNOME 3 (bnc#732898)
+ (mozilla-a11y.patch)
+- do not show update channel in about box
+ (tb-no-update-channel.patch)
+
+-------------------------------------------------------------------
+Sun Dec 4 08:20:17 UTC 2011 - wr@rosenauer.org
+
+- update enigmail to 1.3.4 (bnc#733002)
+ * fixes several regressions from previous release
+
+-------------------------------------------------------------------
+Mon Nov 21 21:54:27 UTC 2011 - wr@rosenauer.org
+
+- do not disable system addons
+- fixed enigmail localizations
+
+-------------------------------------------------------------------
+Mon Nov 21 11:35:56 UTC 2011 - dvaleev@suse.com
+
+- fix powerpc build
+- disable crashreporter on ppc and ppc64
+
+-------------------------------------------------------------------
+Mon Nov 7 20:23:30 UTC 2011 - wr@rosenauer.org
+
+- update to version 8.0 (bnc#728520)
+ * MFSA 2011-47/CVE-2011-3648 (bmo#690225)
+ Potential XSS against sites using Shift-JIS
+ * MFSA 2011-48/CVE-2011-3651/CVE-2011-3652/CVE-2011-3654
+ Miscellaneous memory safety hazards
+ * MFSA 2011-49/CVE-2011-3650 (bmo#674776)
+ Memory corruption while profiling using Firebug
+ * MFSA 2011-52/CVE-2011-3655 (bmo#672182)
+ Code execution via NoWaiverWrapper
+- rebased patches
+- update enigmail to 1.3.3
+- update icon cache after install/removal (bnc#726758)
+
+-------------------------------------------------------------------
+Fri Sep 30 09:59:15 UTC 2011 - wr@rosenauer.org
+
+- update to minor version 7.0.1
+ * fixed staged addon updates
+ * Disabled the what's new tab for updaters from 7.0 (bmo#690290)
+ * Insert Characters & Symbols fix (bmo#690267)
+
+-------------------------------------------------------------------
+Mon Sep 26 09:18:56 UTC 2011 - wr@rosenauer.org
+
+- update to version 7.0 (bnc#720264)
+ * MFSA 2011-36
+ Miscellaneous memory safety hazards
+ * MFSA 2011-39/CVE-2011-3000 (bmo#655389)
+ Defense against multiple Location headers due to CRLF Injection
+ * MFSA 2011-40/CVE-2011-2372/CVE-2011-3001
+ Code installation through holding down Enter
+ * MFSA 2011-42/CVE-2011-3232
+ Potentially exploitable crash in the YARR regular expression
+ library
+ * MFSA 2011-44/CVE-2011-3005 (bmo#675747)
+ Use after free reading OGG headers
+- removed obsolete mozilla-cairo-lcd.patch
+
+-------------------------------------------------------------------
+Tue Sep 13 07:36:50 UTC 2011 - wr@rosenauer.org
+
+- update enigmail to 1.3.2 (no changelog available)
+- add dbus-1-glib-devel to BuildRequires (not pulled automatically
+ anymore with 12.1)
+
+-------------------------------------------------------------------
+Fri Sep 9 20:42:23 UTC 2011 - wr@rosenauer.org
+
+- make enigmail a subversion of Thunderbird to fix %release
+ number tracking issues with the Open Build Service
+ (taken from dmueller's 3.1.x changes)
+
+-------------------------------------------------------------------
+Wed Sep 7 14:30:34 UTC 2011 - pcerny@suse.com
+
+- security update to 6.0.2 (bnc#714931)
+ * Complete blocking of certificates issued by DigiNotar
+ (bmo#683449)
+
+-------------------------------------------------------------------
+Fri Sep 2 14:40:07 UTC 2011 - pcerny@suse.com
+
+- security update to 6.0.1 (bnc#714931)
+ * MFSA 2011-34
+ Protection against fraudulent DigiNotar certificates
+ (bmo#682927)
+
+-------------------------------------------------------------------
+Wed Aug 17 08:50:39 CEST 2011 - jslaby@suse.de
+
+- update enigmail to 1.3 final
+
+-------------------------------------------------------------------
+Fri Aug 12 20:40:07 UTC 2011 - wr@rosenauer.org
+
+- update to version 6.0 (bnc#712224)
+ including security fixes MFSA 2011-31
+ * CVE-2011-2989/CVE-2011-2991/CVE-2011-2992/CVE-2011-2985
+ Miscellaneous memory safety hazards
+ * CVE-2011-2988 (bmo#665936)
+ String crash using WebGL shaders
+ * CVE-2011-2987 (bmo#665934)
+ Heap overflow in ANGLE library
+ * CVE-2011-0084 (bmo#648094)
+ Crash in SVGTextElement.getCharNumAtPosition()
+ * CVE-2011-2986 (bmo#655836)
+ Cross-origin data theft using canvas and Windows D2D
+- add mozilla-curl.patch to remove dependencies to obsolete curl
+ header
+
+-------------------------------------------------------------------
+Fri Jul 30 08:30:11 CEST 2011 - jslaby@suse.de
+
+- update enigmail to 1.2.99 (1.3a1pre)
+
+-------------------------------------------------------------------
+Fri Jul 29 21:13:54 UTC 2011 - wr@rosenauer.org
+
+- update to version 6.0b2
+ * removed obsolete patches
+ - mozilla-gio.patch
+ - thunderbird-gio.patch
+- fix symbol dumper for linux3 platform
+
+-------------------------------------------------------------------
+Sat Jul 9 11:16:51 UTC 2011 - wr@rosenauer.org
+
+- update to version 5.0
+- update enigmail to version 1.2
+- improved logic for the launcher command
+- enable gio usage (instead of gnomevfs) for 11.4 and newer
+- build dump_syms dynamic to build on 12.1 and above
+
+-------------------------------------------------------------------
+Mon Jun 20 09:36:22 UTC 2011 - wr@rosenauer.org
+
+- security update to version 3.1.11 (bnc#701296)
+ * MFSA 2011-19/CVE-2011-2374 CVE-2011-2376 CVE-2011-2364
+ CVE-2011-2365
+ Miscellaneous memory safety hazards
+ * MFSA 2011-20/CVE-2011-2373 (bmo#617247)
+ Use-after-free vulnerability when viewing XUL document with
+ script disabled
+ * MFSA 2011-21/CVE-2011-2377 (bmo#638018, bmo#639303)
+ Memory corruption due to multipart/x-mixed-replace images
+ * MFSA 2011-22/CVE-2011-2371 (bmo#664009)
+ Integer overflow and arbitrary code execution in
+ Array.reduceRight()
+ * MFSA 2011-23/CVE-2011-0083 CVE-2011-0085 CVE-2011-2363
+ Multiple dangling pointer vulnerabilities
+ * MFSA 2011-24/CVE-2011-2362 (bmo#616264)
+ Cookie isolation error
+- speed up find-external-requires.sh
+- do not build dump_syms static as it is not needed for us
+ -> fixes build for 12.1 and above
+
+-------------------------------------------------------------------
+Fri Apr 15 06:24:16 UTC 2011 - wr@rosenauer.org
+
+- security update to version 3.1.10 (bnc#689281)
+ * MFSA 2011-12/ CVE-2011-0069 CVE-2011-0070 CVE-2011-0072
+ CVE-2011-0074 CVE-2011-0075 CVE-2011-0077 CVE-2011-0078
+ CVE-2011-0080 CVE-2011-0081
+ Miscellaneous memory safety hazards
+
+-------------------------------------------------------------------
+Fri Mar 25 08:50:30 UTC 2011 - idoenmez@novell.com
+
+- Add mozilla-gcc46.patch: fix compilation with gcc 4.6
+ See the following bug reports:
+ https://bugzilla.mozilla.org/show_bug.cgi?id=623116
+ https://bugzilla.mozilla.org/show_bug.cgi?id=623123
+ https://bugzilla.mozilla.org/show_bug.cgi?id=623126
+ https://bugzilla.mozilla.org/show_bug.cgi?id=628371
+
+-------------------------------------------------------------------
+Tue Feb 22 08:51:12 UTC 2011 - wr@rosenauer.org
+
+- security update to version 3.1.8 (build3) (bnc#667155)
+ * MFSA 2011-01/CVE-2011-0053/CVE-2011-0062
+ Miscellaneous memory safety hazards (rv:1.9.2.14/ 1.9.1.17)
+ * MFSA 2011-08/CVE-2010-1585 (bmo#562547)
+ ParanoidFragmentSink allows javascript: URLs in chrome documents
+ * MFSA 2011-09/CVE-2011-0061 (bmo#610601)
+ Crash caused by corrupted JPEG image
+
+-------------------------------------------------------------------
+Thu Jan 13 13:08:39 UTC 2011 - wr@rosenauer.org
+
+- rename desktop file for 11.4 and above (bnc#664211)
+
+-------------------------------------------------------------------
+Mon Jan 10 09:30:21 UTC 2011 - wr@rosenauer.org
+
+- add x-scheme-handler/mailto as mimetype to the desktop file
+ as needed by newer Gnome environment
+
+-------------------------------------------------------------------
+Mon Nov 29 13:47:52 UTC 2010 - wr@rosenauer.org
+
+- security update to version 3.1.7 (bnc#657016)
+ * MFSA 2010-74/CVE-2010-3776/CVE-2010-3777/CVE-2010-3778
+ Miscellaneous memory safety hazards (rv:1.9.2.13/ 1.9.1.16)
+ * MFSA 2010-75/CVE-2010-3769 (bmo#608336)
+ Buffer overflow while line breaking after document.write with
+ long string
+ * MFSA 2010-78/CVE-2010-3768 (bmo#527276)
+ Add support for OTS font sanitizer
+- provide versioned "thunderbird" symbol
+
+-------------------------------------------------------------------
+Wed Oct 27 10:55:39 CEST 2010 - wr@rosenauer.org
+
+- security update to version 3.1.6 (bnc#649492)
+ * MFSA 2010-73/CVE-2010-3765 (bmo#607222)
+ Heap buffer overflow mixing document.write and DOM insertion
+
+-------------------------------------------------------------------
+Wed Oct 6 23:19:15 CEST 2010 - wr@rosenauer.org
+
+- security update to version 3.1.5 (bnc#645315)
+ * MFSA 2010-64/CVE-2010-3174/CVE-2010-3175/CVE-2010-3176
+ Miscellaneous memory safety hazards
+ * MFSA 2010-65/CVE-2010-3179 (bmo#583077)
+ Buffer overflow and memory corruption using document.write
+ * MFSA 2010-66/CVE-2010-3180 (bmo#588929)
+ Use-after-free error in nsBarProp
+ * MFSA 2010-67/CVE-2010-3183 (bmo#598669)
+ Dangling pointer vulnerability in LookupGetterOrSetter
+ * MFSA 2010-69/CVE-2010-3178 (bmo#576616)
+ Cross-site information disclosure via modal calls
+ * MFSA 2010-70/CVE-2010-3170 (bmo#578697)
+ SSL wildcard certificate matching IP addresses
+ * MFSA 2010-71/CVE-2010-3182 (bmo#590753, bnc#642502)
+ Unsafe library loading vulnerabilities
+ * MFSA 2010-72/CVE-2010-3173
+ Insecure Diffie-Hellman key exchange
+ * new extra locales
+ * removed upstreamed mozilla-helper-app.patch
+- require mozilla-nss >= 3.12.8
+
+-------------------------------------------------------------------
+Wed Sep 15 08:19:49 CEST 2010 - wr@rosenauer.org
+
+- update to version 3.1.4
+ * fixing startup topcrash
+
+-------------------------------------------------------------------
+Mon Aug 30 17:40:28 CEST 2010 - wr@rosenauer.org
+
+- security update to version 3.1.3 (bnc#637303)
+ * MFSA 2010-49/CVE-2010-3169
+ Miscellaneous memory safety hazards
+ * MFSA 2010-50/CVE-2010-2765 (bmo#576447)
+ Frameset integer overflow vulnerability
+ * MFSA 2010-51/CVE-2010-2767 (bmo#584512)
+ Dangling pointer vulnerability using DOM plugin array
+ * MFSA 2010-53/CVE-2010-3166 (bmo#579655)
+ Heap buffer overflow in nsTextFrameUtils::TransformText
+ * MFSA 2010-54/CVE-2010-2760 (bmo#585815)
+ Dangling pointer vulnerability in nsTreeSelection
+ * MFSA 2010-55/CVE-2010-3168 (bmo#576075)
+ XUL tree removal crash and remote code execution
+ * MFSA 2010-56/CVE-2010-3167 (bmo#576070)
+ Dangling pointer vulnerability in nsTreeContentView
+ * MFSA 2010-57/CVE-2010-2766 (bmo#580445)
+ Crash and remote code execution in normalizeDocument
+ * MFSA 2010-59/CVE-2010-2762 (bmo#584180)
+ SJOW creates scope chains ending in outer object
+ * MFSA 2010-61/CVE-2010-2768 (bmo#579744)
+ UTF-7 XSS by overriding document charset using <object> type
+ attribute
+ * MFSA 2010-62/CVE-2010-2769 (bmo#520189)
+ Copy-and-paste or drag-and-drop into designMode document allows
+ XSS
+ * MFSA 2010-63/CVE-2010-2764 (bmo#552090)
+ Information leak via XMLHttpRequest statusText
+- ESD notification sound fix included upstream
+
+-------------------------------------------------------------------
+Mon Aug 30 17:37:58 CEST 2010 - wr@rosenauer.org
+
+- fixed build with latest Gnome
+ (mozilla-gdk-pixbuf.patch)
+
+-------------------------------------------------------------------
+Sat Jul 24 17:22:58 CEST 2010 - wr@rosenauer.org
+
+- update to version 3.1.1
+ * based on the Gecko 1.9.2 platform
+ * Faster Search Results
+ * Quick Filter Toolbar
+ * New Migration Assistant
+ * Saved Files Manager
+- update to enigmail 1.1.2
+- enable crashreporter and package buildsymbols
+- fixed esd sound output (notifications) (bmo#576365)
+
+-------------------------------------------------------------------
+Fri Jul 16 07:19:40 CEST 2010 - wr@rosenauer.org
+
+- security update to 3.0.6 (bnc#622506)
+ * MFSA 2010-34/CVE-2010-1211/CVE-2010-1212
+ Miscellaneous memory safety hazards
+ * MFSA 2010-39/CVE-2010-2752 (bmo#574059)
+ nsCSSValue::Array index integer overflow
+ * MFSA 2010-40/CVE-2010-2753 (bmo#571106)
+ nsTreeSelection dangling pointer remote code execution
+ vulnerability
+ * MFSA 2010-41/CVE-2010-1205 (bmo#570451)
+ Remote code execution using malformed PNG image
+ * MFSA 2010-42/CVE-2010-1213 (bmo#568148)
+ Cross-origin data disclosure via Web Workers and importScripts
+ * MFSA 2010-46/CVE-2010-0654 (bmo#524223)
+ Cross-domain data theft using CSS
+ * MFSA 2010-47/CVE-2010-2754 (bmo#568564)
+ Cross-origin data leakage from script filename in error messages
+
+-------------------------------------------------------------------
+Fri May 21 07:31:34 CEST 2010 - wr@rosenauer.org
+
+- security update to 3.0.5 (bnc#603356)
+ * MFSA 2010-25/CVE-2010-1121 (bmo#555109)
+ Re-use of freed object due to scope confusion
+ * MFSA 2010-26/CVE-2010-1200/CVE-2010-1201/CVE-2010-1202/
+ CVE-2010-1203
+ Crashes with evidence of memory corruption (rv:1.9.1.10)
+ * MFSA 2010-29/CVE-2010-1196 (bmo#534666)
+ Heap buffer overflow in nsGenericDOMDataNode::SetTextInternal
+ * MFSA 2010-30/CVE-2010-1199 (bmo#554255)
+ Integer Overflow in XSLT Node Sorting
+
+-------------------------------------------------------------------
+Mon Apr 12 06:50:16 CEST 2010 - wr@rosenauer.org
+
+- do not encode the RPM release number into the useragent
+ to avoid non useful republishing (bnc#593807)
+
+-------------------------------------------------------------------
+Wed Mar 17 20:07:51 CET 2010 - wr@rosenauer.org
+
+- security update to 3.0.4 (bnc#586567)
+ * MFSA 2010-16/CVE-2010-0173/CVE-2010-0174
+ Crashes with evidence of memory corruption
+ * MFSA 2010-17/CVE-2010-0175 (bmo#540100,375928)
+ Remote code execution with use-after-free in nsTreeSelection
+ * MFSA 2010-18/CVE-2010-0176 (bmo#538308)
+ Dangling pointer vulnerability in nsTreeContentView
+ * MFSA 2010-22/CVE-2009-3555 (bmo#545755)
+ Update NSS to support TLS renegotiation indication
+ * MFSA 2010-24/CVE-2010-0182 (bmo#490790)
+ XMLDocument::load() doesn't check nsIContentPolicy
+
+-------------------------------------------------------------------
+Sun Feb 28 19:56:44 CET 2010 - wr@rosenauer.org
+
+- update to 3.0.3
+ * Fix for missing folders or empty folder pane after updating
+ to Thunderbird 3.0.2
+
+-------------------------------------------------------------------
+Fri Feb 26 17:04:00 CET 2010 - wr@rosenauer.org
+
+- security update to 3.0.2 (bnc#576969)
+ * MFSA 2010-01/CVE-2010-0159
+ Crashes with evidence of memory corruption
+ * MFSA 2010-03/CVE-2009-1571
+ Use-after-free crash in HTML parser
+ * various stability improvements
+- update enigmail to 1.0.1
+ * Czech, Dutch, Polish and Portuguese (Brazilian) languages
+ were added to the release.
+ * there are several fixes related using OpenPGP Smartcards
+- use system hunspell again (bnc#582276)
+
+-------------------------------------------------------------------
+Tue Jan 12 00:23:23 CET 2010 - wr@rosenauer.org
+
+- update to 3.0.1
+ * fixed UI issues related to some combinations of installed addons
+ (bmo#398702)
+- fixed session restore (bnc#528406, bmo#508986)
+- removed obsolete lightning stuff from spec file
+- removed obsolete orbit-devel build requirement
+
+-------------------------------------------------------------------
+Mon Dec 7 10:04:05 CET 2009 - wr@rosenauer.org
+
+- update to 3.0 (bnc#559819)
+- update enigmail to final version 1.0.0
+- use --disable-updater and removed obsolete UI patch and
+ pref changes
+- use internal cairo up to 11.1 (Gecko now requires at least 1.8.8)
+- added mozilla-clipboard.patch fixing a common crash (bmo#495392)
+- removed upstreamed patch thunderbird-cs-smtpauth.patch
+
+-------------------------------------------------------------------
+Wed Oct 7 21:41:15 CEST 2009 - wr@rosenauer.org
+
+- fixed startup-notification (bnc#518603)
+ (mozilla-startup-notification.patch)
+
+-------------------------------------------------------------------
+Tue Sep 29 14:03:51 CEST 2009 - wr@rosenauer.org
+
+- fixed CS locale to allow SMTP AUTH sending of mails (bnc#542809)
+
+-------------------------------------------------------------------
+Tue Sep 15 17:58:56 CEST 2009 - wr@rosenauer.org
+
+- update to 3.0b4
+ * removed upstreamed patches
+ * based on Gecko 1.9.1.3 (inheriting security fixes)
+ * new global search
+
+-------------------------------------------------------------------
+Tue Aug 25 17:56:36 CEST 2009 - wr@rosenauer.org
+
+- reversioned enigmail to 0.96.99 (as it's actually 0.97a and 0.96
+ has been released already)
+- fixed RPM group for the translation subpackages
+
+-------------------------------------------------------------------
+Fri Aug 21 13:58:54 CEST 2009 - wr@rosenauer.org
+
+- remove obsolete code for protocol handlers (bmo#389732)
+ (mozilla-protocol_handler.patch)
+- new enigmail snapshot (20090813)
+- require pinentry-gui for 11.2 and up (bnc#441084)
+
+-------------------------------------------------------------------
+Sun Aug 9 09:02:25 CEST 2009 - wr@rosenauer.org
+
+- Gtk filechooser allows alternative button order (as used in KDE)
+ (bnc#527418)
+- translations{,-common} package doesn't provide en-US
+- split translations into -common and -other packages (bnc#529180)
+
+-------------------------------------------------------------------
+Tue Jul 28 12:59:23 CEST 2009 - wr@rosenauer.org
+
+- fixed wrong %exclude by removing unwanted files at %install stage
+
+-------------------------------------------------------------------
+Fri Jul 17 13:48:02 CEST 2009 - wr@rosenauer.org
+
+- major update to 3.0b3
+- update enigmail to 0.96pre
+- created enigmail subpackage and install to system wide location
+ for Thunderbird and SeaMonkey
+- define MOZ_APP_LAUNCHER for session management (bmo#453689)
+ (mozilla-app-launcher.patch and mozilla.sh.in)
+- move opensuse.js prefs to all-opensuse.js prefs to be able
+ to override prefs in all-thunderbird.js
+- move intl.locale.matchOS to all-opensuse.js
+- added mozilla-jemalloc_deepbind.patch to fix various possible
+ crashes (bnc#503151, bmo#493541)
+
+-------------------------------------------------------------------
+Fri Jun 19 10:35:46 CEST 2009 - coolo@novell.com
+
+- disable as-needed for this package as it fails to build with it
+
+-------------------------------------------------------------------
+Tue Jun 2 11:40:59 CEST 2009 - wr@rosenauer.org
+
+- Fixed build issue for gcc 4.4 (mozilla-gcc44.patch)
+
+-------------------------------------------------------------------
+Wed Mar 18 14:52:14 CET 2009 - wr@rosenauer.org
+
+- security update to version 2.0.0.21 (bnc#484321)
+ * MFSA 2009-07/CVE-2009-0771, CVE-2009-0772, CVE-2009-0773
+ CVE-2009-0774:
+ Crashes with evidence of memory corruption (rv:1.9.0.7)
+ * MFSA 2009-09/CVE-2009-0776:
+ XML data theft via RDFXMLDataSource and cross-domain redirect
+ * MFSA 2009-10/CVE-2009-0040:
+ Upgrade PNG library to fix memory safety hazards
+
+-------------------------------------------------------------------
+Fri Jan 2 13:51:19 EST 2009 - hfiguiere@suse.de
+
+- Review and approve changes.
+
+-------------------------------------------------------------------
+Wed Dec 31 13:33:22 CET 2008 - wr@rosenauer.org
+
+- security update to version 2.0.0.19 (bnc#455804)
+ + MFSA 2008-68/CVE-2008-5511 and CVE-2008-5512: XSS and JavaScript
+ privilege escalation
+ + MFSA 2008-67/CVE-2008-5510: Escaped null characters ignored by
+ CSS parser
+ + MFSA 2008-66/CVE-2008-5508: Errors parsing URLs with leading
+ whitespace and control characters
+ + MFSA 2008-65/CVE-2008-5507: Cross-domain data theft via script
+ redirect error message
+ + MFSA 2008-64/CVE-2008-5506: XMLHttpRequest 302 response disclosure
+ + MFSA 2008-61/CVE-2008-5503: Information stealing via loadBindingDocument
+ + MFSA 2008-60/CVE-2008-5500, CVE-2008-5501 and CVE-2008-5502:
+ Crashes with evidence of memory corruption (rv:1.9.0.5/1.8.1.19)
+- improved mozilla-shared-nss-db.patch and
+ mozilla-system-hunspell.patch to be able to apply them
+ unconditionally
+
+-------------------------------------------------------------------
+Fri Nov 21 11:26:06 CET 2008 - wr@rosenauer.org
+
+- Add mozilla-shared-nss-db.patch which allows migrating to and
+ sharing with other applications using NSS
+ (same functionality as in xulrunner/firefox)
+ (can be disabled completely exporting MOZ_TB_NO_NSSHELPER=1)
+
+-------------------------------------------------------------------
+Thu Nov 20 18:53:35 CST 2008 - maw@suse.de
+
+- Review and approve changes.
+
+-------------------------------------------------------------------
+Thu Nov 13 11:02:01 CET 2008 - wr@rosenauer.org
+
+- security update to version 2.0.0.18 (bnc#439841)
+ * MFSA 2008-48 / CVE-2008-5012
+ Image stealing via canvas and HTTP redirect
+ * MFSA 2008-50 / CVE-2008-5014 (bmo#436741)
+ Crash and remote code execution via __proto__ tampering
+ * MFSA 2008-52 / CVE-2008-5016 / CVE-2008-5017 / CVE-2008-5018
+ Crashes with evidence of memory corruption (rv:1.9.0.4/1.8.1.18)
+ * MFSA 2008-55 / CVE-2008-5021 (bmo#456896)
+ Crash and remote code execution in nsFrameManager
+ * MFSA 2008-56 / CVE-2008-5022 (bmo#460002)
+ nsXMLHttpRequest::NotifyEventListeners() same-origin violation
+ * MFSA 2008-58 / CVE-2008-5024 (bmo#453915)
+ Parsing error in E4X default namespace
+
+-------------------------------------------------------------------
+Wed Oct 15 10:32:09 CDT 2008 - maw@suse.de
+
+- Review and approve changes.
+
+-------------------------------------------------------------------
+Wed Oct 8 09:51:06 CEST 2008 - wr@rosenauer.org
+
+- use system hunspell from 11.0 on (bnc#385739)
+- remove more executable bits from non-executable files
+
+-------------------------------------------------------------------
+Tue Sep 23 09:42:12 CEST 2008 - wr@rosenauer.org
+
+- security update to version 2.0.0.17 (bnc#429179)
+ * MFSA 2008-37 / CVE-2008-0016
+ UTF-8 URL stack buffer overflow
+ * MFSA 2008-38 / CVE-2008-3835
+ nsXMLDocument::OnChannelRedirect() same-origin violation
+ * MFSA 2008-41 / CVE-2008-4058 / CVE-2008-4059 / CVE-2008-4060
+ Privilege escalation via XPCnativeWrapper pollution
+ * MFSA 2008-42 / CVE-2008-4061 / CVE-2008-4062 / CVE-2008-4063
+ CVE-2008-4064
+ Crashes with evidence of memory corruption
+ * MFSA 2008-43 / CVE-2008-4065 / CVE-2008-4066
+ BOM characters, low surrogates stripped from JavaScript before
+ execution
+ * MFSA 2008-44 / CVE-2008-4067 / CVE-2008-4068
+ resource: traversal vulnerabilities
+ * MFSA 2008-46 / CVE-2008-4070
+ Heap overflow when canceling newsgroup message
+
+-------------------------------------------------------------------
+Mon Sep 15 13:06:11 CEST 2008 - wr@rosenauer.org
+
+- fixed undefined operation in nsMailboxService.cpp (abuild.patch)
+- cleanup spec a bit while merging from OBS/mozilla
+ * forwarding old fixes to cups-paper.patch, mozilla.sh.in and
+ add-plugins.sh (were fixed long ago in the OBS repo)
+
+-------------------------------------------------------------------
+Thu Sep 11 21:34:40 CEST 2008 - mauro@suse.de
+
+- Update to 2.0.0.16 (fixed bnc#417869), fixes:
+ + MFSA 2008-34 Remote code execution by overflowing CSS
+ reference counter
+ + MFSA 2008-33 Crash and remote code execution in block reflow
+ + MFSA 2008-31 Peer-trusted certs can use alt names to spoof
+ + MFSA 2008-29 Faulty .properties file results in uninitialized
+ memory being used
+ + MFSA 2008-26 Buffer length checks in MIME processing
+ + MFSA 2008-25 Arbitrary code execution in
+ mozIJSSubScriptLoader.loadSubScript()
+ + MFSA 2008-24 Chrome script loading from fastload file
+ + MFSA 2008-21 Crashes with evidence of memory corruption (rv:1.8.1.15)
+
+-------------------------------------------------------------------
+Wed Jul 23 18:01:05 CEST 2008 - schwab@suse.de
+
+- Remove unused includes.
+
+-------------------------------------------------------------------
+Tue Jun 24 18:43:51 CEST 2008 - maw@suse.de
+
+- Security update to version 2.0.0.14 (bnc#390992):
+ + MFSA 2008-15 / CVE-2008-1236 and CVE-2008-1237: Crashes with
+ evidence of memory corruption (rv:1.8.1.13)
+ + MFSA 2008-14 / CVE-2008-1233, CVE-2008-1234, and CVE-2008-1235:
+ JavaScript privilege escalation and arbitrary code execution
+- Drop the following patches: thunderbird-2.0.0.14-backports.patch,
+ mozilla-missing-decl.patch, and unused-includes.patch
+- Respin mozilla-gcc4.3-fixes.patch.
+
+-------------------------------------------------------------------
+Fri May 30 17:27:50 CEST 2008 - maw@suse.de
+
+- Add thunderbird-2.0.0.14-backports.patch (bnc390992).
+
+-------------------------------------------------------------------
+Fri May 16 16:59:40 CEST 2008 - schwab@suse.de
+
+- Remove unused includes.
+
+-------------------------------------------------------------------
+Mon Mar 24 20:17:09 CET 2008 - maw@suse.de
+
+- Add mozilla-missing-decl.patch, which is necessary when building
+ against new versions of mozilla-nss (bmo#399589).
+
+-------------------------------------------------------------------
+Fri Mar 7 18:34:42 CET 2008 - maw@suse.de
+
+- Security update to version 2.0.0.12 (bnc#354469)
+ * MFSA 2008-12 Buffer overflow in external MIME bodies
+- Replace mozilla-maxpathlen.patch with mozilla-path_len.patch, for
+ consistency's sake.
+
+-------------------------------------------------------------------
+Thu Jan 17 17:56:04 CET 2008 - maw@suse.de
+
+- Add mozilla-maxpathlen.patch (#354150 and bmo #412610).
+
+-------------------------------------------------------------------
+Tue Jan 15 20:36:54 CET 2008 - maw@suse.de
+
+- Merge changes from the build service (thanks, Wolfgang)
+- Update to version 2.0.9.9 (MFSA 2007-29)
+- Update enigmail to version 0.95.6
+- Add a -devel subpackage
+- Various fixes to enable building with gcc 4.3.
+
+-------------------------------------------------------------------
+Tue Nov 13 17:50:35 CET 2007 - maw@suse.de
+
+- Add thunderbird-gcc4.3-fixes.patch
+- Add visibility.patch.
+
+-------------------------------------------------------------------
+Thu Sep 13 17:00:36 CEST 2007 - cthiel@suse.de
+
+- recommend gpg instead of requireing a fixed path
+
+-------------------------------------------------------------------
+Wed Sep 12 18:25:34 CEST 2007 - maw@suse.de
+
+- Added gpg/pinentry requirements (#309160).
+
+-------------------------------------------------------------------
+Tue Sep 4 00:57:26 CEST 2007 - maw@suse.de
+
+- Don't run %fdupes on directories where multiple partitions
+ are liable to be mounted.
+
+-------------------------------------------------------------------
+Mon Sep 3 17:50:50 CEST 2007 - maw@suse.de
+
+- Merge some changes from the build service (thanks, Wolfgang):
+ + Provide locale info (#302288)
+ + Update releasedate
+- Uncomment %clean.
+
+-------------------------------------------------------------------
+Tue Aug 21 18:45:00 CEST 2007 - maw@suse.de
+
+- Use %fdupes.
+
+-------------------------------------------------------------------
+Tue Aug 21 18:12:36 CEST 2007 - maw@suse.de
+
+- Merge updates from the build service:
+- Update to security release 2.0.0.6:
+ * MFSA 2007-26 Privilege escalation through chrome-loaded
+ about:blank windows
+ * MFSA 2007-27 Unescaped URIs passed to external programs
+- Update enigmail to version 0.95.3.
+
+-------------------------------------------------------------------
+Wed Aug 15 15:04:09 CEST 2007 - maw@suse.de
+
+- On x86_64, s390, and s390x, deactivate the hidden visibility
+ support, thereby fixing the build.
+
+-------------------------------------------------------------------
+Wed Jul 25 21:52:23 CEST 2007 - maw@suse.de
+
+- Security update to version 2.0.0.5 (#288115)
+- This new release has fixes for:
+MFSA 2007-18
+ CVE-2007-3734 - Browser flaws
+ CVE-2007-3735 - Javascript flaws
+
+MFSA 2007-19
+ CVE-2007-3736
+
+MFSA 2007-20
+ CVE-2007-3089
+
+MFSA 2007-21
+ CVE-2007-3737
+
+MFSA 2007-22
+ CVE-2007-3285
+
+MFSA 2007-23
+ CVE-2007-3670
+
+MFSA 2007-24
+ CVE-2007-3656
+
+MFSA 2007-25
+ CVE-2007-3738
+- Update to enigmail 0.95.2.
+
+-------------------------------------------------------------------
+Thu Jun 21 17:23:18 CEST 2007 - adrian@suse.de
+
+- fix changelog entry order
+
+-------------------------------------------------------------------
+Fri Jun 15 18:09:28 CDT 2007 - maw@suse.de
+
+- Merge update to 2.0.0.4 from the build service (thanks, Wolfgang)
+- Remove some commented out stuff.
+
+-------------------------------------------------------------------
+Wed Jun 13 23:00:38 CEST 2007 - wr@rosenauer.org
+
+- update to maintenance release 2.0.0.4
+- update enigmail to 0.95.1
+- adopted patches:
+ * fixed cups-paper.patch (copied from FF)
+ * removed obsolete visibility.patch
+
+-------------------------------------------------------------------
+Tue Jun 12 11:53:55 CDT 2007 - maw@suse.de
+
+- Merge chagnges from the build service (thanks, Wolfgang)
+- Now use l10n-%{version}.tar.bz2 instead of l10n.tar.bz2 as
+ before.
+
+-------------------------------------------------------------------
+Tue Jun 5 18:20:13 CEST 2007 - maw@suse.de
+
+- Security update to version 1.5.0.12 (#271197).
+
+-------------------------------------------------------------------
+Tue Jun 5 15:55:08 CEST 2007 - sbrabec@suse.cz
+
+- Removed invalid desktop category "Application" (#254654).
+
+-------------------------------------------------------------------
+Thu Apr 19 07:15:36 CEST 2007 - wr@rosenauer.org
+
+- update to final version 2.0.0.0
+ (http://www.mozilla.com/en-US/thunderbird/2.0.0.0/releasenotes/)
+- update enigmail to 0.95.0
+
+-------------------------------------------------------------------
+Wed Apr 18 14:16:44 CEST 2007 - mfabian@suse.de
+
+- add Japanese to the languages which get PANGO enabled in the
+ start script to support the Japanese combining characters
+ U+3099 U+309A (see bugzilla #262718 comment #29).
+
+-------------------------------------------------------------------
+Thu Apr 12 16:35:43 CEST 2007 - wr@rosenauer.org
+
+- update to 2.0.0.0rc1
+- enabled translations package
+
+-------------------------------------------------------------------
+Fri Mar 30 11:35:01 CEST 2007 - wr@rosenauer.org
+
+- update to snapshot 2.0.0.0pre-20070329
+- security update enigmail 0.94.3
+ (Bugtraq #22758)
+
+-------------------------------------------------------------------
+Fri Mar 30 10:35:03 CEST 2007 - meissner@suse.de
+
+- require unzip
+
+-------------------------------------------------------------------
+Tue Mar 13 08:36:31 CET 2007 - wr@rosenauer.org
+
+- update to snapshot 2.0pre-20060312
+- removed implicit NSS version dependency
+
+-------------------------------------------------------------------
+Thu Mar 8 15:56:56 CET 2007 - meissner@suse.de
+
+- Upgraded to 1.5.0.10 security release.
+- Upgraded to enigmail 0.94.2.
+
+-------------------------------------------------------------------
+Thu Feb 15 19:47:56 CET 2007 - wr@rosenauer.org
+
+- update to snapshot 2.0beta2-20060214
+- fixed build on SLES9
+
+-------------------------------------------------------------------
+Mon Feb 5 18:56:14 CET 2007 - wr@rosenauer.org
+
+- fixed check in add-plugins.sh (#242237)
+
+-------------------------------------------------------------------
+Tue Jan 30 10:50:51 CST 2007 - maw@suse.de
+
+- Add thunderbird-1.5.0.8-uninitalized-vars-232305.patch (#232305).
+
+-------------------------------------------------------------------
+Thu Jan 18 17:59:26 CST 2007 - maw@suse.de
+
+- Add undefined-ops.patch, silencing some warnings.
+
+-------------------------------------------------------------------
+Thu Nov 9 01:41:19 CET 2006 - jhargadon@suse.de
+
+- security update to version 1.5.0.8
+
+-------------------------------------------------------------------
+Tue Sep 12 20:51:58 CEST 2006 - stark@suse.de
+
+- security update to version 1.5.0.7
+
+-------------------------------------------------------------------
+Mon Aug 14 11:37:46 CEST 2006 - stark@suse.de
+
+- update enigmail to 0.94.1
+ * Added support for signing attachments with inline-PGP
+- update mailredirect to 0.7.4
+- added backend patch to allow replies to list with
+ ReplyToListThunderbirdExtension (#199125, bmo #45715)
+- added mailnews.clobber_list_reply pref which switches
+ "Reply All" to "Reply List" functionality if set
+
+-------------------------------------------------------------------
+Thu Jul 27 06:50:44 CEST 2006 - stark@suse.de
+
+- security update to version 1.5.0.5 (#195043)
+- fixed overwrite confirmation for GTK filesaver (#179531)
+
+-------------------------------------------------------------------
+Wed Jun 7 19:52:37 CEST 2006 - stark@suse.de
+
+- fixed up BuildRequires
+
+-------------------------------------------------------------------
+Fri Jun 2 12:18:49 CEST 2006 - mls@suse.de
+
+- converted neededforbuild to BuildRequires
+
+-------------------------------------------------------------------
+Fri Jun 2 12:13:48 CEST 2006 - stark@suse.de
+
+- update to security/stability release 1.5.0.4 (#179011)
+ (http://www.mozilla.org/projects/security/known-vulnerabilities.html#Thunderbird)
+
+-------------------------------------------------------------------
+Mon May 15 07:16:13 CEST 2006 - stark@suse.de
+
+- update to version 1.5.0.2
+- update mailredirect to 0.7.3
+- save printer settings properly (#174082, bmo #324072)
+- improved postscript output (bmo #334485)
+- changed defaults for printer properties (#6534)
+- get available paper sizes from CUPS (#65482)
+
+-------------------------------------------------------------------
+Sat Mar 18 22:23:49 CET 2006 - stark@suse.de
+
+- translations package is suggested now by main package
+- yet another set of upstream fixes (#148876)
+
+-------------------------------------------------------------------
+Sun Mar 12 19:52:08 CET 2006 - stark@suse.de
+
+- added Khmer (km-*) to pango locales (#157397)
+- yet another set of upstream fixes (#148876)
+
+-------------------------------------------------------------------
+Sat Mar 4 21:27:42 CET 2006 - stark@suse.de
+
+- latest security fixes from upstream (#148876)
+- show multiple Reply-To addresses (bmo #106189)
+
+-------------------------------------------------------------------
+Fri Feb 24 09:00:40 CET 2006 - stark@suse.de
+
+- added GTK category to desktop-file
+- dumpstack.patch is in upstream patches now
+- get some more patches (#148876)
+
+-------------------------------------------------------------------
+Tue Feb 14 07:28:48 CET 2006 - stark@suse.de
+
+- applied set of security patches (#148876)
+
+-------------------------------------------------------------------
+Tue Feb 7 20:09:32 CET 2006 - stark@suse.de
+
+- fixed disabling of Pango (#148788)
+
+-------------------------------------------------------------------
+Thu Feb 2 21:50:18 CET 2006 - stark@suse.de
+
+- defined gssapi lib explicitely (#147670)
+
+-------------------------------------------------------------------
+Wed Feb 1 17:34:34 CET 2006 - stark@suse.de
+
+- removed additional CA certs from builtin NSS
+- make it possible to choose $HOME as download directory
+ (#144894, bmo #300856)
+- cleaned up BuildRequires
+
+-------------------------------------------------------------------
+Wed Jan 25 21:33:47 CET 2006 - mls@suse.de
+
+- converted neededforbuild to BuildRequires
+
+-------------------------------------------------------------------
+Mon Jan 23 08:39:32 CET 2006 - stark@suse.de
+
+- disable Pango if MOZ_ENABLE_PANGO is not set
+ and no typical language which needs Pango is used (#143428)
+- preload libaoss for plugin sound (#117079)
+- fix to ignore X composite extension (#135373)
+
+-------------------------------------------------------------------
+Wed Jan 18 09:38:18 CET 2006 - stark@suse.de
+
+- added default (font) settings
+- tweak useragent
+- fixed DumpStackToFile() for glibc 2.4
+
+-------------------------------------------------------------------
+Thu Jan 12 10:35:03 CET 2006 - stark@suse.de
+
+- update to 1.5 (20060111)
+- added sytem extensions patch
+- added XUL filechooser patch (MOZ_XUL_PICKER)
+- update enigmail to 0.94.0
+- use -fstack-protector where available
+- use system NSS since CODE10
+
+-------------------------------------------------------------------
+Wed Dec 28 08:35:38 CET 2005 - stark@suse.de
+
+- update to 1.5rc2 (20051227)
+
+-------------------------------------------------------------------
+Sun Dec 11 08:16:01 CET 2005 - stark@suse.de
+
+- update to 1.5 (20051211)
+- update enigmail to 0.93.2
+
+-------------------------------------------------------------------
+Tue Nov 29 09:53:05 CET 2005 - stark@suse.de
+
+- update enigmail to 0.93.1
+- added patch for GTK2 handling (#134831)
+
+-------------------------------------------------------------------
+Fri Nov 25 10:29:26 CET 2005 - stark@suse.de
+
+- update to 1.5 (20051124)
+
+-------------------------------------------------------------------
+Fri Oct 28 06:47:11 CEST 2005 - stark@suse.de
+
+- update to latest 1.5 snapshot (20051027)
+- added patch to be able to reply to and forward rfc822 messages
+ (bmo #204350)
+- again don't provide and require NSS stuff
+- removed disable-gconf patch (no registration needed in build
+ process anymore)
+- added mailredirect extension
+- removed update functionality
+
+-------------------------------------------------------------------
+Mon Oct 10 21:50:36 CEST 2005 - stark@suse.de
+
+- update to 1.5b2 (20051008)
+- preinstall Enigmail (version 0.93.0) as global extension
+- add all supported locales and use if installed
+
+-------------------------------------------------------------------
+Tue Oct 4 09:32:11 CEST 2005 - stark@suse.de
+
+- update to 1.5b2 (20051003) (RPM version 1.4.1)
+- prerequire NSPR
+- prepared translations subpackage
+- fixed filelist
+- fixed build with new gcc
+
+-------------------------------------------------------------------
+Wed Sep 21 14:32:28 CEST 2005 - stark@suse.de
+
+- update to 1.5b1 (20050920)
+- added spellchecker integration with myspell (add-plugins.sh)
+- removed aviary-install-global patch (not needed anymore, with
+ new EM)
+- enabled pango font rendering (through cairo hopefully)
+- fixed GNOME gconf registration (#117851)
+
+-------------------------------------------------------------------
+Sat Aug 20 20:33:10 CEST 2005 - stark@suse.de
+
+- workaround for linking with pangoxft and pangox
+ (broken by gtk 2.8 update) (#105764)
+
+-------------------------------------------------------------------
+Thu Aug 18 08:48:17 CEST 2005 - stark@suse.de
+
+- fixed Gdk-WARNING at startup (gtk.patch)
+- fixed regression in profile locking change (bmo #303633)
+- fixed crash with gtk 2.7 (bmo #300226, bnc #104586)
+
+-------------------------------------------------------------------
+Wed Aug 3 07:23:50 CEST 2005 - stark@suse.de
+
+- fixed profile locking (bmo #151188)
+
+-------------------------------------------------------------------
+Fri Jul 29 07:06:57 CEST 2005 - stark@suse.de
+
+- don't require and provide NSS libs (#98002)
+
+-------------------------------------------------------------------
+Fri Jul 22 11:00:05 CEST 2005 - stark@suse.de
+
+- fixed printing patch
+
+-------------------------------------------------------------------
+Tue Jul 19 10:45:22 CEST 2005 - stark@suse.de
+
+- added NSPR to PreReq
+- disable stripping in specfile
+
+-------------------------------------------------------------------
+Fri Jul 15 07:01:45 CEST 2005 - stark@suse.de
+
+- update to 1.0.6 which restores API compatibility
+- fixed width calculation in Postscript module (bmo #290292)
+
+-------------------------------------------------------------------
+Thu Jul 14 12:29:41 CEST 2005 - stark@suse.de
+
+- fixed filelist to include icon-file and startscript again
+
+-------------------------------------------------------------------
+Tue Jul 12 06:28:21 CEST 2005 - stark@suse.de
+
+- fixed remote usage behaviour in start script (bnc #41903)
+- update to 1.0.5 security release
+- fixed quoting patch
+- moved desktop file to a Gnome independent location
+- don't strip explicitely
+- use RPM_OPT_FLAGS for NSS component
+- fixed implicit declarations and uninitialized used variables
+
+-------------------------------------------------------------------
+Thu Apr 28 10:45:51 CEST 2005 - stark@suse.de
+
+- updated to current 1.0 branch version
+- use static NSPR from other location
+
+-------------------------------------------------------------------
+Sat Apr 23 23:13:52 CEST 2005 - stark@suse.de
+
+- activate usage of system NSPR for distributions after 9.3
+- add patch to be able to use systen NSPR at all
+- extended desktop file
+
+-------------------------------------------------------------------
+Fri Apr 22 12:48:13 CEST 2005 - ro@suse.de
+
+- apply mozilla-gcc4.patch
+
+-------------------------------------------------------------------
+Wed Mar 23 08:28:57 CET 2005 - stark@suse.de
+
+- update to 1.0.2
+- use system NSPR on SUSE releases after 9.3
+- made startscript PIS aware
+- set g-application-name correctly (bmo #281979)
+
+-------------------------------------------------------------------
+Mon Mar 7 21:27:33 CET 2005 - stark@suse.de
+
+- don't use gconfd in registration phase (#66381)
+
+-------------------------------------------------------------------
+Fri Feb 25 18:03:31 CET 2005 - stark@suse.de
+
+- update to version 1.0.1
+
+-------------------------------------------------------------------
+Tue Feb 22 21:59:53 CET 2005 - stark@suse.de
+
+- added patch to create Postscript level 2 (instead of 3)
+ (special thanks to Jungshik Shin)
+- disabled freetype explicitly to be able to use the above patch
+ (freetype wasn't used anymore since some time anyway)
+
+-------------------------------------------------------------------
+Wed Feb 2 14:02:34 CET 2005 - stark@suse.de
+
+- added a JS crasher fix (bmc #268535)
+
+-------------------------------------------------------------------
+Sat Jan 22 13:17:37 CET 2005 - stark@suse.de
+
+- added some backported bugfixes
+
+-------------------------------------------------------------------
+Tue Dec 7 10:26:15 CET 2004 - stark@suse.de
+
+- update to 1.0
+- fixed extra lines in replies (bmo #144998)
+- fixed build on s390/s390x
+
+-------------------------------------------------------------------
+Wed Nov 24 07:16:17 CET 2004 - stark@suse.de
+
+- update to 20041123 snapshot
+- inherit downloadFolder patch from Firefox
+
+-------------------------------------------------------------------
+Fri Nov 12 10:58:46 CET 2004 - stark@suse.de
+
+- fixed chrome filelist
+
+-------------------------------------------------------------------
+Thu Nov 4 08:12:51 CET 2004 - stark@suse.de
+
+- update to 0.9
+- sync patch-set with firefox base
+- fixed neededforbuild to get GNOME functionalities
+
+-------------------------------------------------------------------
+Fri Sep 17 10:30:36 CEST 2004 - stark@suse.de
+
+- added some missing fixes for official release
+- synced add-plugins.sh
+
+-------------------------------------------------------------------
+Sat Sep 11 13:47:50 CEST 2004 - stark@suse.de
+
+- update to official 0.8 version (20040911)
+- fixed enigmail config
+
+-------------------------------------------------------------------
+Mon Sep 6 08:58:08 CEST 2004 - stark@suse.de
+
+- fixed profile directory
+
+-------------------------------------------------------------------
+Fri Sep 3 21:50:19 CEST 2004 - stark@suse.de
+
+- update to thunderbird 0.8 (20040903)
+- update enigmail to 0.86.0 and ipc to 1.0.8 (deactivated)
+
+-------------------------------------------------------------------
+Tue Aug 24 08:09:42 CEST 2004 - stark@suse.de
+
+- update to thunderbird 0.7.3
+- update enigmail to 0.85.0 and ipc to 1.0.7
+
+-------------------------------------------------------------------
+Tue Jun 29 11:31:39 CEST 2004 - stark@suse.de
+
+- update to thunderbird 0.7.1
+- update enigmail to 0.84.1
+
+-------------------------------------------------------------------
+Wed May 12 18:16:28 CEST 2004 - ro@suse.de
+
+- add some missing return values
+
+-------------------------------------------------------------------
+Mon May 3 13:16:26 CEST 2004 - stark@suse.de
+
+- update to Thunderbird 0.6 (based on 1.7rc1)
+- use official branding for release builds
+- added desktop-icon (#39139)
+
+-------------------------------------------------------------------
+Fri Apr 2 10:32:00 CEST 2004 - stark@suse.de
+
+- removing relocation of TEMP directory (#34391)
+
+-------------------------------------------------------------------
+Fri Mar 26 18:09:27 CET 2004 - uli@suse.de
+
+- fixed hang during build on s390* (bug #35440)
+
+-------------------------------------------------------------------
+Sun Mar 7 23:19:54 CET 2004 - ro@suse.de
+
+- match function declaration in enigmail mimedummy.cpp
+
+-------------------------------------------------------------------
+Fri Mar 5 07:00:23 CET 2004 - stark@suse.de
+
+- more fixes for #35179
+- added firefox as default handler for its protocols
+- update enigmail to 0.83.4
+
+-------------------------------------------------------------------
+Wed Mar 3 06:52:35 CET 2004 - stark@suse.de
+
+- removed unused patches for GTK2 build
+
+-------------------------------------------------------------------
+Sun Feb 29 14:35:02 CET 2004 - stark@suse.de
+
+- improved start-script to interact with firefox and mozilla
+ (#35179)
+
+-------------------------------------------------------------------
+Fri Feb 27 06:50:16 CET 2004 - stark@suse.de
+
+- update to 0.5
+- spec-file cleanup
+
+-------------------------------------------------------------------
+Wed Oct 15 17:08:01 CEST 2003 - stark@suse.de
+
+- update to 0.3 (sync with mozilla 1.5)
+
+-------------------------------------------------------------------
+Tue Jul 15 09:18:45 CEST 2003 - stark@suse.de
+
+- initial package (snapshot 20030714)
+
diff --git a/MozillaThunderbird.spec b/MozillaThunderbird.spec
new file mode 100644
index 0000000..a012743
--- /dev/null
+++ b/MozillaThunderbird.spec
@@ -0,0 +1,645 @@
+#
+# spec file for package MozillaThunderbird
+#
+# Copyright (c) 2024 SUSE LLC
+# Copyright (c) 2006-2024 Wolfgang Rosenauer <wr@rosenauer.org>
+#
+# All modifications and additions to the file contributed by third parties
+# remain the property of their copyright owners, unless otherwise agreed
+# upon. The license for this file, and modifications and additions to the
+# file, is the same license as for the pristine package itself (unless the
+# license for the pristine package is not an Open Source License, in which
+# case the license is the MIT License). An "Open Source License" is a
+# license that conforms to the Open Source Definition (Version 1.9)
+# published by the Open Source Initiative.
+
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
+#
+
+
+%define _dwz_low_mem_die_limit 40000000
+%define _dwz_max_die_limit 200000000
+
+# changed with every update
+# orig_version vs. mainver: To have beta-builds
+# FF70beta3 would be released as FF69.99
+# orig_version would be the upstream tar ball
+# orig_version 70.0
+# orig_suffix b3 (or esr)
+# major 69
+# mainver %%major.99
+%define major 128
+%define mainver %major.5.2
+%define orig_version 128.5.2
+%define orig_suffix esr
+%define update_channel esr
+%define source_prefix thunderbird-%{orig_version}
+
+# PGO builds do not work in TW currently (bmo#1680306)
+%define do_profiling 0
+
+# upstream default is clang (to use gcc for large parts set to 0)
+%define clang_build 0
+
+%bcond_with only_print_mozconfig
+
+%bcond_with mozilla_tb_valgrind
+%bcond_without mozilla_tb_optimize_for_size
+
+# define if ccache should be used or not
+%define useccache 1
+
+# No i586 on SLE-12, as the rpmlints are broken and can't handle the big rpms resulting from this build.
+%if 0%{?sle_version} >= 120000 && 0%{?sle_version} < 150000
+ExclusiveArch: aarch64 ppc64le x86_64 s390x
+%else
+# Firefox only supports i686
+%ifarch %ix86
+ExclusiveArch: i586 i686
+BuildArch: i686
+%{expand:%%global optflags %(echo "%optflags"|sed -e s/i586/i686/) -march=i686 -mtune=generic -msse2}
+%endif
+%endif
+%{expand:%%global optflags %(echo "%optflags"|sed -e s/-flto=auto//) }
+
+# general build definitions
+%define progname thunderbird
+%define pkgname MozillaThunderbird
+%define srcname thunderbird
+%define appname Thunderbird
+%define progdir %{_prefix}/%_lib/%{progname}
+%define gnome_dir %{_prefix}
+%{!?orig_suffix:%global orig_suffix ""}
+%define desktop_file_name %(echo "%{orig_suffix}" | grep -q esr && echo "%{progname}-esr" || echo "%{progname}")
+%define __provides_exclude ^lib.*\\.so.*$
+%define __requires_exclude ^(libmoz.*|liblgpllibs.*|libxul.*|libgk.*|libldap.*|libldif.*|libprldap.*|librnp.*)$
+%define localize 1
+%ifarch %ix86 x86_64
+%define crashreporter 1
+%else
+%define crashreporter 0
+%endif
+%define with_pipewire0_3 1
+%define wayland_supported 1
+%if 0%{?sle_version} > 0 && 0%{?sle_version} < 150200
+# pipewire is too old on Leap <=15.1
+%define with_pipewire0_3 0
+# Wayland is too old on Leap <=15.1 as well
+%define wayland_supported 0
+%endif
+
+Name: %{pkgname}
+BuildRequires: Mesa-devel
+BuildRequires: alsa-devel
+BuildRequires: autoconf213
+BuildRequires: dbus-1-glib-devel
+BuildRequires: dejavu-fonts
+BuildRequires: fdupes
+BuildRequires: memory-constraints
+%if 0%{?suse_version} < 1550 && 0%{?sle_version} <= 150600
+BuildRequires: gcc13
+BuildRequires: gcc13-c++
+%else
+BuildRequires: gcc-c++
+%endif
+BuildRequires: cargo1.78
+BuildRequires: rust1.78
+%if 0%{useccache} != 0
+BuildRequires: ccache
+%endif
+BuildRequires: libXcomposite-devel
+BuildRequires: libcurl-devel
+BuildRequires: mozilla-nspr-devel >= 4.35
+BuildRequires: mozilla-nss-devel >= 3.101.1
+BuildRequires: nasm >= 2.14
+%if 0%{?sle_version} >= 120000 && 0%{?sle_version} <= 150000
+BuildRequires: libXtst-devel
+BuildRequires: nodejs12 >= 12.22.12
+#BuildRequires: python-libxml2
+BuildRequires: python39
+BuildRequires: python39-curses
+BuildRequires: python39-devel
+%else
+%if 0%{?sle_version} > 150000 && 0%{?sle_version} <= 150600
+BuildRequires: nodejs12 >= 12.22.12
+BuildRequires: python39
+BuildRequires: python39-curses
+BuildRequires: python39-devel
+%else
+# ALP
+BuildRequires: nodejs >= 12.22.12
+BuildRequires: python3 >= 3.7
+BuildRequires: python3-curses
+BuildRequires: python3-devel
+%endif
+%endif
+BuildRequires: rust-cbindgen >= 0.26
+BuildRequires: unzip
+BuildRequires: update-desktop-files
+BuildRequires: xorg-x11-libXt-devel
+%if 0%{?do_profiling}
+BuildRequires: xvfb-run
+%endif
+BuildRequires: yasm
+BuildRequires: zip
+%if 0%{?suse_version} < 1550
+BuildRequires: pkgconfig(gconf-2.0) >= 1.2.1
+%endif
+%if 0%{?suse_version} < 1599
+BuildRequires: clang15-devel
+%else
+BuildRequires: clang18-devel
+%endif
+BuildRequires: pkgconfig(glib-2.0) >= 2.22
+BuildRequires: pkgconfig(gobject-2.0)
+BuildRequires: pkgconfig(gtk+-3.0) >= 3.14.0
+BuildRequires: pkgconfig(gtk+-unix-print-3.0)
+BuildRequires: pkgconfig(libffi)
+BuildRequires: pkgconfig(libpulse)
+%if %{with_pipewire0_3}
+BuildRequires: pkgconfig(libpipewire-0.3)
+%endif
+%if %{with mozilla_tb_valgrind}
+BuildRequires: pkgconfig(valgrind)
+%endif
+# libavcodec is required for H.264 support but the
+# openSUSE version is currently not able to play H.264
+# therefore the Packman version is required
+# minimum version of libavcodec is 53
+Recommends: libavcodec-full >= 0.10.16
+Version: %{mainver}
+Release: 0
+Provides: MozillaThunderbird-devel = %{version}
+Provides: thunderbird = %{version}
+Obsoletes: MozillaThunderbird-devel < %{version}
+Provides: appdata()
+Provides: appdata(thunderbird.appdata.xml)
+Summary: An integrated email, news feeds, chat, and newsgroups client
+License: MPL-2.0
+Group: Productivity/Networking/Email/Clients
+URL: https://www.thunderbird.net/
+%if !%{with only_print_mozconfig}
+Source: http://ftp.mozilla.org/pub/%{srcname}/releases/%{version}%{orig_suffix}/source/%{srcname}-%{orig_version}%{orig_suffix}.source.tar.xz
+Source1: thunderbird.desktop
+Source2: thunderbird-rpmlintrc
+Source3: mozilla.sh.in
+Source4: tar_stamps
+Source6: suse-default-prefs.js
+%if %{localize}
+Source7: l10n-%{orig_version}%{orig_suffix}.tar.xz
+%endif
+Source9: thunderbird.appdata.xml
+Source13: spellcheck.js
+Source14: https://github.com/openSUSE/firefox-scripts/raw/913fab1a196e2a0623b5c554598bfde3b4b49e29/create-tar.sh
+Source20: https://ftp.mozilla.org/pub/%{srcname}/releases/%{version}%{orig_suffix}/source/%{srcname}-%{orig_version}%{orig_suffix}.source.tar.xz.asc
+Source21: https://ftp.mozilla.org/pub/%{srcname}/releases/%{version}%{orig_suffix}/KEY#/mozilla.keyring
+# Gecko/Toolkit
+Patch1: mozilla-nongnome-proxies.patch
+Patch3: mozilla-ntlm-full-path.patch
+Patch4: mozilla-aarch64-startup-crash.patch
+Patch5: mozilla-bmo531915.patch
+Patch6: mozilla-s390-context.patch
+Patch7: mozilla-pgo.patch
+Patch8: mozilla-reduce-rust-debuginfo.patch
+Patch10: mozilla-bmo1504834-part1.patch
+Patch14: mozilla-bmo849632.patch
+Patch15: mozilla-bmo998749.patch
+Patch17: mozilla-libavcodec58_91.patch
+Patch18: mozilla-silence-no-return-type.patch
+Patch20: one_swizzle_to_rule_them_all.patch
+Patch21: svg-rendering.patch
+Patch22: thunderbird-silence-no-return.patch
+%endif
+BuildRoot: %{_tmppath}/%{name}-%{version}-build
+PreReq: /bin/sh
+PreReq: coreutils
+PreReq: fileutils
+PreReq: textutils
+### build options end
+%requires_ge mozilla-nspr
+%requires_ge mozilla-nss
+%requires_ge libfreetype6
+Recommends: libcanberra0
+Recommends: libotr5
+Recommends: libpulse0
+# To make security-keys (e.g. Yubikey) work with TB, it needs the udev-rules installed.
+# A clean package with the most common rules exists only in SP3 onwards. `u2f-hosts` could be used on older
+# code streams, but it contains more than just the rules, so we're not recommending it here.
+%if 0%{?suse_version} >= 1600 || 0%{?sle_version} >= 150300
+Recommends: libfido2-udev
+%endif
+Requires: %{name}-openpgp
+Suggests: %{name}-openpgp-librnp
+Requires(post): desktop-file-utils
+Requires(postun): desktop-file-utils
+%define libgssapi libgssapi_krb5.so.2
+ExcludeArch: armv6l armv6hl
+
+%description
+Thunderbird is a free, open-source, cross-platform application for
+managing email, news feeds, chat, and news groups. It is a local
+(rather than browser- or web-based) email application that is powerful
+yet easy to use.
+
+%package openpgp-librnp
+Summary: Thunderbird's upstream OpenPGP implementation
+Group: Productivity/Networking/Email/Clients
+Requires: %{name} = %{version}
+Provides: %{name}-openpgp
+Conflicts: %{name}-openpgp
+
+%description openpgp-librnp
+Thunderbird's upstream OpenPGP implementation.
+
+%if %localize
+%package translations-common
+Summary: Common translations for %{appname}
+Group: System/Localization
+Provides: locale(%{name}:ar;ca;cs;da;de;el;en_GB;es_AR;es_CL;es_ES;fi;fr;hu;it;ja;ko;nb_NO;nl;pl;pt_BR;pt_PT;ru;sv_SE;zh_CN;zh_TW)
+Requires: %{name} = %{version}
+Obsoletes: %{name}-translations < %{version}-%{release}
+
+%description translations-common
+This package contains several common languages for the user interface
+of %{appname}.
+
+%package translations-other
+Summary: Extra translations for %{appname}
+Group: System/Localization
+Provides: locale(%{name}:ach;af;an;ast;az;be;bg;bn;br;bs;cak;cy;dsb;en_CA;eo;es_MX;et;eu;fa;ff;fy_NL;ga_IE;gd;gl;gn;gu_IN;he;hi_IN;hr;hsb;hy_AM;ia;id;is;ka;kab;kk;km;kn;lij;lt;lv;mk;mr;ms;my;ne_NP;nn_NO;oc;pa_IN;rm;ro;si;sk;sl;son;sq;sr;ta;te;th;tr;uk;ur;uz;vi;xh)
+Requires: %{name} = %{version}
+Obsoletes: %{name}-translations < %{version}-%{release}
+
+%description translations-other
+This package contains rarely used languages for the user interface
+of %{appname}.
+%endif
+
+%if !%{with only_print_mozconfig}
+%prep
+%if %localize
+
+# If generated incorrectly, the tarball will be ~270B in
+# size, so 1MB seems like good enough limit to check.
+MINSIZE=1048576
+if (( $(stat -Lc%s "%{SOURCE7}") < MINSIZE)); then
+ echo "Translations tarball %{SOURCE7} not generated properly."
+ exit 1
+fi
+
+%setup -q -n %{srcname}-%{orig_version} -b 7
+%else
+%setup -q -n %{srcname}-%{orig_version}
+%endif
+cd $RPM_BUILD_DIR/%{srcname}-%{orig_version}
+%autopatch -p1
+%endif
+
+%build
+%if !%{with only_print_mozconfig}
+# no need to add build time to binaries
+modified="$(sed -n '/^----/n;s/ - .*$//;p;q' "%{_sourcedir}/%{pkgname}.changes")"
+DATE="\"$(date -d "${modified}" "+%%b %%e %%Y")\""
+TIME="\"$(date -d "${modified}" "+%%R")\""
+find . -regex ".*\.c\|.*\.cpp\|.*\.h" -exec sed -i "s/__DATE__/${DATE}/g;s/__TIME__/${TIME}/g" {} +
+
+# When doing only_print_mozconfig, this file isn't necessarily available, so skip it
+cp %{SOURCE4} .obsenv.sh
+%else
+# We need to make sure its empty
+echo "" > .obsenv.sh
+%endif
+
+cat >> .obsenv.sh <<EOF
+export CARGO_HOME=${RPM_BUILD_DIR}/%{srcname}-%{orig_version}/.cargo
+export MOZ_SOURCE_CHANGESET=\$RELEASE_TAG
+export SOURCE_REPO=\$RELEASE_REPO
+export source_repo=\$RELEASE_REPO
+export MOZ_SOURCE_REPO=\$RELEASE_REPO
+export MOZ_BUILD_DATE=\$RELEASE_TIMESTAMP
+export MOZILLA_OFFICIAL=1
+export BUILD_OFFICIAL=1
+export MOZ_TELEMETRY_REPORTING=1
+export MACH_BUILD_PYTHON_NATIVE_PACKAGE_SOURCE=system
+export CFLAGS="%{optflags}"
+%if 0%{?suse_version} < 1550 && 0%{?sle_version} <= 150600
+export CC=gcc-13
+export CXX=g++-13
+%else
+%if 0%{?clang_build} == 0
+export CC=gcc
+export CXX=g++
+%endif
+%endif
+%ifarch %arm %ix86
+### NOTE: these sections are not required anymore. Alson --no-keep-memory + -Wl,-z,pack-relative-relocs causes
+### ld to go OOM (https://sourceware.org/bugzilla/show_bug.cgi?id=30756)
+# Limit RAM usage during link
+# export LDFLAGS="\$LDFLAGS -Wl,--no-keep-memory -Wl,--reduce-memory-overheads -Wl,--no-map-whole-files -Wl,--hash-size=31"
+#
+# A lie to prevent -Wl,--gc-sections being set which requires more memory than 32bit can offer
+#export GC_SECTIONS_BREAKS_DEBUG_RANGES=yes
+%endif
+export LDFLAGS="\$LDFLAGS -fPIC -Wl,-z,relro,-z,now"
+%ifarch %ix86
+# Not enough memory on 32-bit systems, reduce debug info.
+export CFLAGS="\$CFLAGS -g1"
+%endif
+export CXXFLAGS="\$CFLAGS"
+export MOZCONFIG=$RPM_BUILD_DIR/mozconfig
+EOF
+# Done with env-variables.
+source ./.obsenv.sh
+
+%ifarch aarch64 %arm ppc64 ppc64le riscv64
+%limit_build -m 2500
+%endif
+
+# Generating mozconfig
+cat << EOF > $MOZCONFIG
+mk_add_options MOZILLA_OFFICIAL=1
+mk_add_options BUILD_OFFICIAL=1
+mk_add_options MOZ_MAKE_FLAGS=%{?jobs:-j%jobs}
+mk_add_options MOZ_OBJDIR=@TOPSRCDIR@/../obj
+ac_add_options --disable-bootstrap
+ac_add_options --prefix=%{_prefix}
+ac_add_options --libdir=%{_libdir}
+ac_add_options --includedir=%{_includedir}
+ac_add_options --enable-application=comm/mail
+ac_add_options --enable-release
+%if 0%{wayland_supported}
+ac_add_options --enable-default-toolkit=cairo-gtk3-wayland
+%else
+ac_add_options --enable-default-toolkit=cairo-gtk3
+%endif
+# bmo#1441155 - Disable the generation of Rust debug symbols on Linux32
+%ifarch %ix86 %arm
+ac_add_options --disable-debug-symbols
+%else
+ac_add_options --enable-debug-symbols=-g1
+%endif
+ac_add_options --disable-install-strip
+ac_add_options --with-system-nspr
+ac_add_options --with-system-nss
+%if 0%{useccache} != 0
+ac_add_options --with-ccache
+%endif
+%if %{localize}
+ac_add_options --with-l10n-base=$RPM_BUILD_DIR/l10n-central
+%endif
+ac_add_options --with-system-zlib
+ac_add_options --disable-updater
+ac_add_options --disable-tests
+ac_add_options --enable-alsa
+ac_add_options --disable-debug
+#ac_add_options --disable-necko-wifi
+ac_add_options --enable-update-channel=%{update_channel}
+ac_add_options --with-unsigned-addon-scopes=app
+ac_add_options --allow-addon-sideload
+# at least temporary until the "wasi-sysroot" issue is solved
+ac_add_options --without-wasm-sandboxed-libraries
+%ifarch x86_64 aarch64
+ac_add_options --enable-rust-simd
+%endif
+ac_add_options --enable-official-branding
+%if ! %crashreporter
+ac_add_options --disable-crashreporter
+%endif
+%ifarch %arm
+ac_add_options --with-fpu=vfpv3-d16
+ac_add_options --with-float-abi=hard
+%ifarch armv6l armv6hl
+ac_add_options --with-arch=armv6
+%else
+ac_add_options --with-arch=armv7-a
+%endif
+%endif
+# mitigation/workaround for bmo#1512162
+%ifarch s390x
+ac_add_options --enable-optimize="-O1"
+%endif
+%ifarch x86_64
+# LTO needs newer toolchain stack only (at least GCC 8.2.1 (r268506)
+%if 0%{?suse_version} > 1500
+ac_add_options --enable-lto
+%if 0%{?do_profiling}
+ac_add_options MOZ_PGO=1
+%endif
+%endif
+%if %{with mozilla_tb_valgrind}
+ac_add_options --disable-jemalloc
+ac_add_options --enable-valgrind
+%endif
+%endif
+EOF
+
+%if %{with only_print_mozconfig}
+cat ./.obsenv.sh
+cat $MOZCONFIG
+%else
+
+%if 0%{useccache} != 0
+ccache -s
+%endif
+%if 0%{?do_profiling}
+xvfb-run --server-args="-screen 0 1920x1080x24" \
+%endif
+./mach build -v
+
+# build additional locales
+%if %localize
+# Work around the following Exception: Cannot use MACH_BUILD_PYTHON_NATIVE_PACKAGE_SOURCE="system" for any sites other than ('mach', 'build', 'common'). The current attempted site is "tb_common".
+# by unsetting MACH_BUILD_PYTHON_NATIVE_PACKAGE_SOURCE, which we don't need for l10n-packages
+unset MACH_BUILD_PYTHON_NATIVE_PACKAGE_SOURCE
+truncate -s 0 %{_tmppath}/translations.{common,other}
+# langpack-build can not be done in parallel easily (see https://bugzilla.mozilla.org/show_bug.cgi?id=1660943)
+# Therefore, we have to have a separate obj-dir for each language
+# We do this, by creating a mozconfig-template with the necessary switches
+# and a placeholder obj-dir, which gets copied and modified for each language
+
+# Create mozconfig-template for langbuild
+cat << EOF > ${MOZCONFIG}_LANG
+mk_add_options MOZILLA_OFFICIAL=1
+mk_add_options BUILD_OFFICIAL=1
+mk_add_options MOZ_OBJDIR=@TOPSRCDIR@/../obj_LANG
+ac_add_options --enable-application=comm/mail
+ac_add_options --prefix=%{_prefix}
+ac_add_options --with-l10n-base=$RPM_BUILD_DIR/l10n-central
+ac_add_options --disable-updater
+ac_add_options --without-wasm-sandboxed-libraries
+ac_add_options --enable-official-branding
+EOF
+
+#%%define njobs 0%{?jobs:%jobs}
+# Weird race condition when building langpacks which comes and goes in OBS/IBS is hitting heavy with TB 128
+# so we have to build it sequentially, sadly.
+%define njobs 1
+mkdir -p $RPM_BUILD_DIR/langpacks_artifacts/
+
+sed -r '/^(ja-JP-mac|ga-IE|en-US|)$/d;s/ .*$//' $RPM_BUILD_DIR/%{source_prefix}/comm/mail/locales/shipped-locales \
+ | xargs -n 1 %{?njobs:-P %njobs} -I {} /bin/sh -c '
+ locale=$1
+ cp ${MOZCONFIG}_LANG ${MOZCONFIG}_$locale
+ sed -i "s|obj_LANG|obj_$locale|" ${MOZCONFIG}_$locale
+ export MOZCONFIG=${MOZCONFIG}_$locale
+ # nsinstall is needed for langpack-build. It is already built by `./mach build`, but building it again is very fast
+ ./mach build config/nsinstall langpack-$locale
+ cp -L ../obj_$locale/dist/linux-*/xpi/thunderbird-%{orig_version}.$locale.langpack.xpi \
+ $RPM_BUILD_DIR/langpacks_artifacts/langpack-$locale@thunderbird.mozilla.org.xpi
+ # check against the fixed common list and sort into the right filelist
+ _matched=0
+ for _match in ar ca cs da de el en-GB es-AR es-CL es-ES fi fr hu it ja ko nb-NO nl pl pt-BR pt-PT ru sv-SE zh-CN zh-TW; do
+ [ "$_match" = "$locale" ] && _matched=1
+ done
+ [ $_matched -eq 1 ] && _l10ntarget=common || _l10ntarget=other
+ echo %{progdir}/extensions/langpack-$locale@thunderbird.mozilla.org.xpi \
+ >> %{_tmppath}/translations.$_l10ntarget
+' -- {}
+%endif
+
+%if 0%{useccache} != 0
+ccache -s
+%endif
+%endif
+
+%install
+cd $RPM_BUILD_DIR/obj
+source %{SOURCE4}
+export MOZ_SOURCE_STAMP=$RELEASE_TAG
+export MOZ_SOURCE_REPO=$RELEASE_REPO
+make -C comm/mail/installer STRIP=/bin/true MOZ_PKG_FATAL_WARNINGS=0
+# copy tree into RPM_BUILD_ROOT
+mkdir -p %{buildroot}%{progdir}
+cp -rf $RPM_BUILD_DIR/obj/dist/%{srcname}/* %{buildroot}%{progdir}
+mkdir -p %{buildroot}%{progdir}/extensions
+cp -rf $RPM_BUILD_DIR/langpacks_artifacts/* %{buildroot}%{progdir}/extensions/
+
+# remove some executable permissions
+find %{buildroot}%{progdir} \
+ -name "*.js" -o \
+ -name "*.jsm" -o \
+ -name "*.rdf" -o \
+ -name "*.properties" -o \
+ -name "*.dtd" -o \
+ -name "*.txt" -o \
+ -name "*.xml" -o \
+ -name "*.css" \
+ -exec chmod a-x {} +
+# remove mkdir.done files from installed base
+find %{buildroot}%{progdir} -type f -name ".mkdir.done" -delete
+# overwrite the mozilla start-script and link it to /usr/bin
+mkdir --parents %{buildroot}%{_bindir}/
+sed "s:%%PREFIX:%{_prefix}:g
+s:%%PROGDIR:%{progdir}:g
+s:%%APPNAME:%{progname}:g
+s:%%WAYLAND_SUPPORTED:%{wayland_supported}:g
+s:%%PROFILE:.thunderbird:g" \
+ %{SOURCE3} > %{buildroot}%{progdir}/%{progname}.sh
+chmod 755 %{buildroot}%{progdir}/%{progname}.sh
+ln -sf ../..%{progdir}/%{progname}.sh %{buildroot}%{_bindir}/%{progname}
+# desktop file
+mkdir -p %{buildroot}%{_datadir}/applications
+install -m 644 %{SOURCE1} \
+ %{buildroot}%{_datadir}/applications/%{desktop_file_name}.desktop
+%suse_update_desktop_file %{desktop_file_name} Network Email GTK
+# additional mime-types
+#mkdir -p %{buildroot}%{_datadir}/mime/packages
+# cp %{SOURCE8} %{buildroot}%{_datadir}/mime/packages/%{progname}.xml
+# appdata
+mkdir -p %{buildroot}%{_datadir}/appdata
+sed -e 's,thunderbird.desktop,%{desktop_file_name}.desktop,g' \
+ %{SOURCE9} > %{buildroot}%{_datadir}/appdata/%{desktop_file_name}.appdata.xml
+# apply SUSE defaults
+sed -e 's,RPM_VERSION,%{mainversion},g
+s,GSSAPI,%{libgssapi},g' \
+ %{SOURCE6} > suse-default-prefs
+cp suse-default-prefs %{buildroot}%{progdir}/defaults/pref/all-opensuse.js
+rm suse-default-prefs
+# use correct locale for useragent
+cat > %{buildroot}%{progdir}/defaults/pref/all-l10n.js << EOF
+pref("general.useragent.locale", "chrome://global/locale/intl.properties");
+EOF
+#
+# Install symbolic icon for GNOME
+mkdir -p %{buildroot}%{gnome_dir}/share/icons/hicolor/symbolic/apps/
+cp %{_builddir}/%{source_prefix}/comm/mail/branding/thunderbird/TB-symbolic.svg \
+ %{buildroot}%{gnome_dir}/share/icons/hicolor/symbolic/apps/%{progname}-symbolic.svg
+for size in 16 22 24 32 48 64 128 256; do
+ mkdir -p %{buildroot}%{gnome_dir}/share/icons/hicolor/${size}x${size}/apps/
+ cp %{buildroot}%{progdir}/chrome/icons/default/default$size.png \
+ %{buildroot}%{gnome_dir}/share/icons/hicolor/${size}x${size}/apps/%{progname}.png
+done
+# excluded files
+rm -f %{buildroot}%{progdir}/thunderbird
+rm -f %{buildroot}%{progdir}/removed-files
+rm -f %{buildroot}%{progdir}/precomplete
+rm -f %{buildroot}%{progdir}/updater
+rm -f %{buildroot}%{progdir}/updater.ini
+rm -f %{buildroot}%{progdir}/update.locale
+rm -f %{buildroot}%{progdir}/dictionaries/en-US*
+rm -f %{buildroot}%{progdir}/nspr-config
+# Some sites use different partitions for /usr/(lib|lib64) and /usr/share. Since you
+# can't create hardlinks across partitions, we'll do this more than once.
+%fdupes %{buildroot}%{progdir}
+%fdupes %{buildroot}%{_libdir}/mozilla
+%fdupes %{buildroot}%{_datadir}
+
+%post
+# update mime and desktop database
+%mime_database_post
+%desktop_database_post
+%icon_theme_cache_post
+exit 0
+
+%postun
+%icon_theme_cache_postun
+%desktop_database_postun
+%mime_database_postun
+exit 0
+
+%files
+%defattr(-,root,root)
+%attr(755,root,root) %{progdir}/%{progname}.sh
+%dir %{progdir}
+%{progdir}/application.ini
+%{progdir}/dependentlibs.list
+%{progdir}/*.so
+%exclude %{progdir}/librnp.so
+%{progdir}/glxtest
+%{progdir}/vaapitest
+%{progdir}/omni.ja
+%{progdir}/fonts/
+%{progdir}/pingsender
+%{progdir}/platform.ini
+%{progdir}/rnp-cli
+%{progdir}/rnpkeys
+%{progdir}/thunderbird-bin
+# crashreporter files
+%if %crashreporter
+%{progdir}/crashreporter
+%{progdir}/minidump-analyzer
+%endif
+%dir %{progdir}/chrome/
+%{progdir}/chrome/icons/
+%{progdir}/defaults/
+%{progdir}/isp/
+%{_datadir}/appdata/
+%{_datadir}/applications/%{desktop_file_name}.desktop
+%{_datadir}/icons/hicolor/*/apps/%{progname}.png
+%{_datadir}/icons/hicolor/symbolic/apps/%{progname}-symbolic.svg
+%{_bindir}/%{progname}
+
+%files openpgp-librnp
+%{progdir}/librnp.so
+
+%if %localize
+%files translations-common -f %{_tmppath}/translations.common
+%defattr(-,root,root)
+%dir %{progdir}/extensions/
+
+%files translations-other -f %{_tmppath}/translations.other
+%defattr(-,root,root)
+%dir %{progdir}/extensions/
+%endif
+
+%changelog
diff --git a/_constraints b/_constraints
new file mode 100644
index 0000000..6f6a063
--- /dev/null
+++ b/_constraints
@@ -0,0 +1,60 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<constraints>
+ <hardware>
+ <disk>
+ <size unit="G">36</size>
+ </disk>
+ <memory>
+ <size unit="G">9</size>
+ </memory>
+ </hardware>
+ <hostlabel exclude="true">SLOW_CPU</hostlabel>
+ <overwrite>
+ <conditions>
+ <arch>armv6l</arch>
+ <arch>armv7l</arch>
+ </conditions>
+ <hardware>
+ <disk>
+ <size unit="G">12</size>
+ </disk>
+ <memory>
+ <size unit="G">5</size>
+ </memory>
+ </hardware>
+ </overwrite>
+ <overwrite>
+ <conditions>
+ <arch>aarch64</arch>
+ </conditions>
+ <hardware>
+ <memory>
+ <size unit="G">16</size>
+ </memory>
+ </hardware>
+ </overwrite>
+ <overwrite>
+ <conditions>
+ <arch>ppc64</arch>
+ <arch>ppc64le</arch>
+ </conditions>
+ <hardware>
+ <physicalmemory>
+ <size unit="G">11</size>
+ </physicalmemory>
+ <memoryperjob>
+ <size unit="M">2500</size>
+ </memoryperjob>
+ </hardware>
+ </overwrite>
+ <overwrite>
+ <conditions>
+ <arch>x86_64</arch>
+ </conditions>
+ <hardware>
+ <memory>
+ <size unit="G">18</size>
+ </memory>
+ </hardware>
+ </overwrite>
+</constraints>
diff --git a/create-tar.sh b/create-tar.sh
new file mode 100644
index 0000000..a304722
--- /dev/null
+++ b/create-tar.sh
@@ -0,0 +1,575 @@
+#!/bin/bash
+
+function main() {
+ # Exit script on CTRL+C
+ trap "exit" INT
+
+ if [ $# -ne 1 ]; then
+ print_usage_and_exit
+ fi
+
+ check_required_tools
+
+ # Sourcing the given tar_stamps-file to have the variables available
+ TAR_STAMP="$1"
+ source "$TAR_STAMP" || print_usage_and_exit
+
+ set_internal_variables
+
+ check_what_to_do_with_source_tarballs
+ download_upstream_source_tarballs
+
+ if [ -z ${SKIP_LOCALES+x} ]; then
+ check_what_to_do_with_locales_tarballs
+ create_locales_tarballs
+ else
+ printf "%-40s: User forced skip (SKIP_LOCALES set)\n" "locales"
+ fi
+
+ clean_up_old_tarballs
+}
+
+function print_usage_and_exit() {
+ echo "Usage: create-tar.sh tar_stamps"
+ echo ""
+ echo "Where tar_stamps should look like this:"
+ echo ""
+ cat << EOF
+# Node ID: 64ee63facd4ff96b3e8590cff559d7e97ac6b061
+PRODUCT="firefox" # "firefox" or "thunderbird"
+CHANNEL="esr60"
+VERSION="60.7.0"
+VERSION_SUFFIX="esr"
+RELEASE_TAG="" # Needs only to be set if no tar-ball can be downloaded
+PREV_VERSION="60.6.3" # Prev. version only needed for locales (leave empty to force l10n-generation)
+PREV_VERSION_SUFFIX="esr"
+#SKIP_LOCALES="" # Uncomment to skip l10n-generation
+EOF
+
+ exit 1
+}
+
+function check_required_tools() {
+ # check required tools
+ check_for_binary /usr/bin/hg "mercurial"
+ check_for_binary /usr/bin/jq "jq"
+ which python3 > /dev/null || exit 1
+
+ # use parallel compression, if available
+ compression='-J'
+ pixz -h > /dev/null 2>&1
+ if (($? != 127)); then
+ compression='-Ipixz'
+ fi
+}
+
+function set_internal_variables() {
+ # Internal variables
+ BRANCH="releases/mozilla-$CHANNEL"
+ if [ "$PRODUCT" = "firefox" ]; then
+ FF_LOCALE_FILE="firefox-$VERSION/browser/locales/l10n-changesets.json"
+ else
+ FF_LOCALE_FILE="thunderbird-$VERSION/browser/locales/l10n-changesets.json"
+ TB_LOCALE_FILE="thunderbird-$VERSION/comm/mail/locales/l10n-changesets.json"
+ FF_PREV_LOCALE_FILE="thunderbird-$PREV_VERSION/browser/locales/l10n-changesets.json"
+ TB_PREV_LOCALE_FILE="thunderbird-$PREV_VERSION/comm/mail/locales/l10n-changesets.json"
+ L10N_STRING_PATTERNS="thunderbird-$VERSION/comm/python/l10n/tbxchannel/l10n_merge.py"
+ fi
+
+ SOURCE_TARBALL="$PRODUCT-$VERSION$VERSION_SUFFIX.source.tar.xz"
+ PREV_SOURCE_TARBALL="$PRODUCT-$PREV_VERSION$PREV_VERSION_SUFFIX.source.tar.xz"
+ if [ "$PRODUCT" = "thunderbird" ]; then
+ TB_LOCALE_TARBALL="$PRODUCT-$VERSION$VERSION_SUFFIX.strings_all.tar.zst"
+ fi
+ FTP_URL="https://ftp.mozilla.org/pub/$PRODUCT/releases/$VERSION$VERSION_SUFFIX/source"
+ FTP_CANDIDATES_BASE_URL="https://ftp.mozilla.org/pub/%s/candidates"
+ LOCALES_URL="https://product-details.mozilla.org/1.0/l10n"
+ FF_L10N_MONOREPO="https://github.com/mozilla-l10n/firefox-l10n"
+ PRODUCT_URL="https://product-details.mozilla.org/1.0"
+ ALREADY_EXTRACTED_LOCALES_FILE=0
+}
+
+function get_ftp_candidates_url() {
+ local CURR_PRODUCT="$1"
+ local VERSION_WITH_SUFFIX="$2"
+ printf "$FTP_CANDIDATES_BASE_URL/$VERSION_WITH_SUFFIX-candidates" "$CURR_PRODUCT"
+}
+
+function check_tarball_source () {
+ TARBALL=$1
+ # Print out what is going to be done:
+ if [ -e "$TARBALL" ]; then
+ echo "Reuse existing file"
+ elif wget --spider "$FTP_URL/$TARBALL" 2> /dev/null; then
+ echo "Download file"
+ else
+ local CANDIDATE_TARBALL_LOCATION=""
+ CANDIDATE_TARBALL_LOCATION="$(printf "%s/%s/source/%s" "$(get_ftp_candidates_url "$PRODUCT" "$VERSION$VERSION_SUFFIX")" "$BUILD_ID" "$TARBALL" )"
+ if wget --spider "$CANDIDATE_TARBALL_LOCATION" 2> /dev/null; then
+ echo "Download UNRELEASED candidate ($BUILD_ID)"
+ else
+ echo "Mercurial checkout"
+ fi
+ fi
+}
+
+function ask_cont_abort_question() {
+ while true; do
+ read -r -p "$1 [(c)ontinue/(a)bort] " ca
+ case $ca in
+ [Cc]* ) return 0 ;;
+ [Aa]* ) return 1 ;;
+ * ) echo "Please answer c or a.";;
+ esac
+ done
+}
+
+function check_for_binary() {
+ if ! test -x "$1"; then
+ echo "$1 is missing: execute zypper in $2"
+ exit 5
+ fi
+}
+
+function get_source_stamp() {
+ local CURR_BUILD_ID="$1"
+ local FTP_CANDIDATES_BASE_URL=$(get_ftp_candidates_url "$PRODUCT" "$VERSION$VERSION_SUFFIX")
+ local FTP_CANDIDATES_JSON_SUFFIX="${CURR_BUILD_ID}/linux-x86_64/en-US/$PRODUCT-$VERSION$VERSION_SUFFIX.json"
+ local BUILD_JSON=$(curl --silent --fail "$FTP_CANDIDATES_BASE_URL/$FTP_CANDIDATES_JSON_SUFFIX") || return 1;
+ local REV=$(echo "$BUILD_JSON" | jq .moz_source_stamp)
+ local SOURCE_REPO=$(echo "$BUILD_JSON" | jq .moz_source_repo)
+ TIMESTAMP=$(echo "$BUILD_JSON" | jq .buildid)
+ echo "Extending $TAR_STAMP with:"
+ echo "RELEASE_REPO=${SOURCE_REPO}"
+ echo "RELEASE_TAG=${REV}"
+ echo "RELEASE_TIMESTAMP=${TIMESTAMP}"
+ # We "remove and add" instead of "replace" in case the entries are not there yet
+ # Removing the old RELEASE_-tags
+ sed -i "/RELEASE_\(TAG\|REPO\|TIMESTAMP\)=.*/d" "$TAR_STAMP"
+ # Appending the new
+ echo "RELEASE_REPO=$SOURCE_REPO" >> "$TAR_STAMP"
+ echo "RELEASE_TAG=$REV" >> "$TAR_STAMP"
+ echo "RELEASE_TIMESTAMP=$TIMESTAMP" >> "$TAR_STAMP"
+}
+
+function get_build_number() {
+ local LAST_FOUND=""
+ local CURR_PRODUCT="$1"
+ local VERSION_WITH_SUFFIX="$2"
+ local CURR_BUILD_ID=""
+ local CURR_FTP_BASE_URL=""
+ CURR_BUILD_ID=$(curl --silent "$PRODUCT_URL/$CURR_PRODUCT.json" | jq -e '.["releases"] | .["'$CURR_PRODUCT-$VERSION_WITH_SUFFIX'"] | .["build_number"]')
+
+ # Slow fall-back
+ if [ $? -ne 0 ]; then
+ echo "Build number not found in product URL, falling back to slow FTP-parsing." 1>&2
+ CURR_FTP_BASE_URL=$(get_ftp_candidates_url "$CURR_PRODUCT" "$VERSION_WITH_SUFFIX")
+ # Unfortunately, locales-files are not associated to releases, but to builds.
+ # And since we don't know which build was the final build, we grep them all from
+ # the candidates-page, sort them and take the last one which should be the oldest
+ # Error only if not even the first one exists
+ LAST_FOUND=$(curl --silent --fail "$CURR_FTP_BASE_URL/" | grep -o "build[0-9]*/" | sort | uniq | tail -n 1 | cut -d "/" -f 1)
+ else
+ LAST_FOUND="build$CURR_BUILD_ID"
+ fi
+
+ if [ "$LAST_FOUND" != "" ]; then
+ echo "$LAST_FOUND"
+ return 0
+ else
+ echo "Error: Could not find build-number for $CURR_PRODUCT $VERSION_WITH_SUFFIX !" 1>&2
+ return 1
+ fi
+}
+
+function locales_get() {
+ local CURR_PRODUCT="$1"
+ local TMP_VERSION="$2"
+ local CURR_BUILD_ID="$3"
+ # Make first letter of CURR_PRODUCT upper case
+ CURR_PRODUCT_CAP="${CURR_PRODUCT^}"
+ URL_TO_CHECK="${LOCALES_URL}/${CURR_PRODUCT_CAP}-${TMP_VERSION}"
+ FINAL_URL="${URL_TO_CHECK}-${CURR_BUILD_ID}.json"
+ if wget --quiet --spider "$FINAL_URL"; then
+ echo "$FINAL_URL"
+ return 0
+ else
+ echo "Error: Could not find locales-file (json) for Firefox $TMP_VERSION !" 1>&2
+ return 1
+ fi
+}
+
+function locales_parse_file() {
+ FILE="$1"
+ python3 -c "import json; import sys; \
+ print('\n'.join(['{} {}'.format(key, value['revision']) \
+ for key, value in sorted(json.load(sys.stdin).items())]));" < "$FILE"
+}
+
+function locales_parse_url() {
+ URL="$1"
+ curl -s "$URL" | python3 -c "import json; import sys; \
+ print('\n'.join(['{} {}'.format(key, value['changeset']) \
+ for key, value in sorted(json.load(sys.stdin)['locales'].items())]));"
+}
+
+function extract_locales_file() {
+ if [ $ALREADY_EXTRACTED_LOCALES_FILE -ne 1 ]; then
+ # still need to extract the locale information from the archive
+ echo "extract locale changesets"
+ if [ "$PRODUCT" = "thunderbird" ]; then
+ tar -xf "$SOURCE_TARBALL" "$FF_LOCALE_FILE" "$TB_LOCALE_FILE" "$L10N_STRING_PATTERNS"
+ else
+ tar -xf "$SOURCE_TARBALL" "$FF_LOCALE_FILE"
+ fi
+ ALREADY_EXTRACTED_LOCALES_FILE=1
+ else
+ echo "Skipping locale changeset extraction, as it was already done."
+ fi
+}
+
+function locales_unchanged() {
+ local CURR_PRODUCT="$1"
+ local CURR_BUILD_ID="$2"
+ local PREV_BUILD_ID=$(get_build_number "$CURR_PRODUCT" "$PREV_VERSION$PREV_VERSION_SUFFIX")
+ # If no json-file for one of the versions can be found, we say "they changed"
+ prev_url=$(locales_get "$CURR_PRODUCT" "$PREV_VERSION$PREV_VERSION_SUFFIX" "$PREV_BUILD_ID") || return 1
+ prev_content=$(locales_parse_url "$prev_url") || exit 1
+
+ curr_url=$(locales_get "$CURR_PRODUCT" "$VERSION$VERSION_SUFFIX" "$CURR_BUILD_ID")
+ if [ $? -ne 0 ]; then
+ # We did not find a locales file upstream on the servers
+ if [ -e "$SOURCE_TARBALL" ]; then
+ # We can find out what the locales are, by extracting the json-file from the tar-ball
+ # instead of getting it from the server
+ extract_locales_file || return 1
+ curr_content=$(locales_parse_file "$FF_LOCALE_FILE") || exit 1
+ else
+ # We can't know what the locales are in the current version
+ return 1
+ fi
+ else
+ curr_content=$(locales_parse_url "$curr_url") || exit 1
+ fi
+
+ diff -y --suppress-common-lines -d <(echo "$prev_content") <(echo "$curr_content")
+}
+
+function get_locales_directories() {
+ pattern="$1"
+
+ # This file contains a list of directories, upstream uses to build locales
+ # If it is there, use it. If not, default to all FF + 3 TB-dirs.
+ if [ -e "$L10N_STRING_PATTERNS" ]; then
+ python3 -c "import os; import sys; \
+ sys.path.append(os.path.dirname(\"$L10N_STRING_PATTERNS\")); \
+ from l10n_merge import $pattern; \
+ print(\" \".join([p.strip('*') for p in $pattern]));"
+ else
+ if [ "$pattern" = "GECKO_STRINGS_PATTERNS" ]; then
+ # Default of Firefox: Take all
+ echo "{lang}/"
+ else
+ # Default of Thunderbird: Take those 3 dirs
+ echo "{lang}/calendar/" "{lang}/chat/" "{lang}/mail/"
+ fi
+ fi
+}
+
+function create_and_copy_locales() {
+ locale="$1"
+ source_base="$2"
+ source_template="$3"
+ final_dest="$4"
+
+ # Replace {lang} with the actual language-basedir
+ for template in $source_template; do
+ locale_source=$(echo "$template" | sed "s|{lang}|./$source_base/$locale|g")
+ locale_dest=$(echo "$template" | sed "s|{lang}|./$final_dest/$locale|g")
+
+ # Create intermediary folders
+ for destdir in $locale_dest; do
+ mkdir -p "$destdir"
+ done
+
+ # Copy over FF-files
+ cp -r "$locale_source"/* "$locale_dest"
+ done
+}
+
+function check_what_to_do_with_source_tarballs() {
+ # Get ID
+ BUILD_ID=$(get_build_number "$PRODUCT" "$VERSION$VERSION_SUFFIX")
+
+ # Check what is going to be done and ask for consent
+ for ff in $SOURCE_TARBALL $SOURCE_TARBALL.asc; do
+ printf "%-40s: %s\n" "$ff" "$(check_tarball_source $ff)"
+ done
+
+ if [ "$PRODUCT" = "thunderbird" ]; then
+ printf "%-40s: %s\n" "$TB_LOCALE_TARBALL" "$(check_tarball_source $TB_LOCALE_TARBALL)"
+ fi
+
+ ask_cont_abort_question "Is this ok?" || exit 0
+}
+
+function check_what_to_do_with_locales_tarballs() {
+ if [ -e "$TB_LOCALE_TARBALL" ]; then
+ return;
+ fi
+
+ LOCALES_CHANGED=1
+
+ extract_locales_file
+
+ if [ "$PREV_VERSION" != "" ]; then
+ # If we have a previous version, check either FF or (TB and FF)
+ if [ "$PRODUCT" = "firefox" ]; then
+ locales_unchanged "$PRODUCT" "$BUILD_ID"
+ else
+ # Currently, upstream 'forgets' which Firefox-locales get used for which Thunderbird-release upon release
+ # so, instead of parsing upstream JSON-files, we rely on the previous tarball being there and comparing
+ # the lang-files directly
+ # FF_BUILD_ID=$(get_build_number "firefox" "$VERSION$VERSION_SUFFIX")
+ # locales_unchanged "$PRODUCT" "$BUILD_ID" && locales_unchanged "firefox" "$FF_BUILD_ID"
+ if [ -e "$PREV_SOURCE_TARBALL" ]; then
+ echo "extract previous locale changesets"
+ tar -xf "$PREV_SOURCE_TARBALL" "$FF_PREV_LOCALE_FILE" "$TB_PREV_LOCALE_FILE"
+
+ curr_ff_content=$(locales_parse_file "$FF_LOCALE_FILE") || exit 1
+ prev_ff_content=$(locales_parse_file "$FF_PREV_LOCALE_FILE") || exit 1
+ curr_tb_content=$(locales_parse_file "$TB_LOCALE_FILE") || exit 1
+ prev_tb_content=$(locales_parse_file "$TB_PREV_LOCALE_FILE") || exit 1
+
+ diff -y --suppress-common-lines -d <(echo "$prev_ff_content") <(echo "$curr_ff_content") ||
+ diff -y --suppress-common-lines -d <(echo "$prev_tb_content") <(echo "$curr_tb_content")
+ fi
+ fi
+ LOCALES_CHANGED=$?
+ fi
+
+ # New line for better visibility
+ echo ""
+ if [ $LOCALES_CHANGED -eq 1 ]; then
+ printf "%-40s: Need to download.\n" "locales"
+ ask_cont_abort_question "Is this ok?" || exit 0
+ else
+ printf "%-40s: Did not change. Skipping.\n" "locales"
+ fi
+}
+
+function download_release_or_candidate_file() {
+ local upstream_file="$1"
+ if [ -e "$upstream_file" ]; then
+ return;
+ fi
+
+ if ! wget --quiet --show-progress --progress=bar "$FTP_URL/$upstream_file"; then
+ local CANDIDATE_TARBALL_LOCATION=""
+ CANDIDATE_TARBALL_LOCATION="$(printf "%s/%s/source/%s" "$(get_ftp_candidates_url "$PRODUCT" "$VERSION$VERSION_SUFFIX")" "$BUILD_ID" "$upstream_file" )"
+ wget --quiet --show-progress --progress=bar "$CANDIDATE_TARBALL_LOCATION"
+ fi
+}
+
+function download_upstream_source_tarballs() {
+ # Try to download tar-ball from officiall mozilla-mirror
+ download_release_or_candidate_file "$SOURCE_TARBALL"
+ download_release_or_candidate_file "$SOURCE_TARBALL.asc"
+
+ if [ "$PRODUCT" = "thunderbird" ]; then
+ download_release_or_candidate_file "$TB_LOCALE_TARBALL"
+ fi
+
+ # we might have an upstream archive already and can skip the checkout
+ if [ -e "$SOURCE_TARBALL" ]; then
+ get_source_stamp "$BUILD_ID"
+ else
+ # We are working on a version that is not yet published on the mozilla mirror
+ # so we have to actually check out the repo
+ clone_and_repackage_sources
+ fi
+}
+
+function clone_and_repackage_sources() {
+ if [ -d "$PRODUCT-$VERSION" ]; then
+ pushd "$PRODUCT-$VERSION" || exit 1
+ _repourl=$(hg paths)
+ case "$_repourl" in
+ *$BRANCH*)
+ echo "updating previous tree"
+ hg pull
+ popd || exit 1
+ ;;
+ * )
+ echo "removing obsolete tree"
+ popd || exit 1
+ rm -rf "$PRODUCT-$VERSION"
+ ;;
+ esac
+ fi
+ if [ ! -d "$PRODUCT-$VERSION" ]; then
+ echo "cloning new $BRANCH..."
+ hg clone "https://hg.mozilla.org/$BRANCH $PRODUCT-$VERSION"
+ if [ "$PRODUCT" = "thunderbird" ]; then
+ hg clone "https://hg.mozilla.org/releases/comm-$CHANNEL" "$PRODUCT-$VERSION/comm"
+ fi
+ fi
+ pushd "$PRODUCT-$VERSION" || exit 1
+
+ # parse out the Firefox-release tag for this Thunderbird-checkout
+ if [ "$PRODUCT" = "thunderbird" ]; then
+ FF_RELEASE_TAG=$(grep ^GECKO_HEAD_REV ./comm/.gecko_rev.yml | awk -F ' ' '{print $2}') || exit 1
+ echo "Parsed Firefox base ID from .gecko_rev.yml: $FF_RELEASE_TAG"
+ else
+ FF_RELEASE_TAG="$RELEASE_TAG"
+ fi
+
+ hg update --check "$FF_RELEASE_TAG"
+ [ "$FF_RELEASE_TAG" == "default" ] || hg update -r "$FF_RELEASE_TAG"
+ # get repo and source stamp
+ local REV=$(hg -R . parent --template="{node|short}\n")
+ local SOURCE_REPO=$(hg showconfig paths.default 2>/dev/null | head -n1 | sed -e "s/^ssh:/https:/")
+ TIMESTAMP=$(date +%Y%m%d%H%M%S)
+
+ if [ "$PRODUCT" = "thunderbird" ]; then
+ pushd comm || exit 1
+ hg update --check "$RELEASE_TAG"
+ popd || exit 1
+ rm -rf thunderbird-"${VERSION}"/{,comm/}other-licenses/7zstub
+ fi
+ popd || exit 1
+
+ echo "Extending $TAR_STAMP with:"
+ echo "RELEASE_REPO=${SOURCE_REPO}"
+ echo "RELEASE_TAG=${REV}"
+ echo "RELEASE_TIMESTAMP=${TIMESTAMP}"
+
+ # We "remove and add" instead of "replace" in case the entries are not there yet
+ # Removing the old RELEASE_-tags
+ sed -i "/RELEASE_\(TAG\|REPO\|TIMESTAMP\)=.*/d" "$TAR_STAMP"
+ # Appending the new
+ echo "RELEASE_REPO=$SOURCE_REPO" >> "$TAR_STAMP"
+ echo "RELEASE_TAG=$REV" >> "$TAR_STAMP"
+ echo "RELEASE_TIMESTAMP=$TIMESTAMP" >> "$TAR_STAMP"
+
+ echo "creating archive..."
+ tar "$compression" -cf "$PRODUCT-$VERSION$VERSION_SUFFIX.source.tar.xz" --exclude-vcs "$PRODUCT-$VERSION"
+ ALREADY_EXTRACTED_LOCALES_FILE=1
+}
+
+function create_locales_tarballs() {
+ if [ ! -z ${SKIP_LOCALES+x} ]; then
+ echo "Skipping locales-creation."
+ exit 0
+ fi
+
+ if [ -e "$TB_LOCALE_TARBALL" ]; then
+ echo "Repackaging upstream lang-tarball."
+ zstd -dcf "$TB_LOCALE_TARBALL" | xz > "l10n-$VERSION$VERSION_SUFFIX.tar.xz"
+ else
+ if [ "$LOCALES_CHANGED" -ne 0 ]; then
+ clone_and_repackage_locales
+ elif [ -f "l10n-$PREV_VERSION$PREV_VERSION_SUFFIX.tar.xz" ]; then
+ # Locales did not change, but the old tar-ball is in this directory
+ # Simply rename it:
+ echo "Moving l10n-$PREV_VERSION$PREV_VERSION_SUFFIX.tar.xz to l10n-$VERSION$VERSION_SUFFIX.tar.xz"
+ mv "l10n-$PREV_VERSION$PREV_VERSION_SUFFIX.tar.xz" "l10n-$VERSION$VERSION_SUFFIX.tar.xz"
+ fi
+ fi
+}
+
+function clone_and_repackage_locales() {
+ # l10n
+ FINAL_L10N_BASE="l10n"
+ FF_L10N_BASE="l10n" # Only change this in TB-builds to a separate dir
+ TB_L10N_BASE="l10n_tb"
+
+ # If we are doing Thunderbird, we'll have to checkout both TB and FF l10n-repos
+ # Thunderbird has one single mono-repo, FF has one for each language
+ if [ "$PRODUCT" = "thunderbird" ]; then
+ echo "Fetching Thunderbird locales..."
+ if [ -d "$TB_L10N_BASE/.hg" ]; then
+ pushd "$TB_L10N_BASE/" || exit 1
+ hg pull || exit 1
+ popd || exit 1
+ else
+ hg clone "https://hg.mozilla.org/projects/comm-l10n/" "$TB_L10N_BASE/" || exit 1
+ fi
+ # Just using the first entry here, as all languages have the same changeset
+ tb_changeset=$(jq -r 'to_entries[0]| "\(.key) \(.value|.revision)"' "$TB_LOCALE_FILE" | cut -d " " -f 2)
+ [ "$RELEASE_TAG" == "default" ] || hg -R "$TB_L10N_BASE/" up -C -r "$tb_changeset" || exit 1
+ FF_L10N_BASE="l10n_ff"
+ fi
+
+ # This is only relevant for Thunderbird-builds
+ # Here, the relevant directories we need to copy from FF and from TB
+ # are specified in a python-file in the tarball
+ # Is of form '{lang}/Foo/bar/ {lang}/Baz/bar/ ..'
+ ff_locale_template=$(get_locales_directories "GECKO_STRINGS_PATTERNS")
+ tb_locale_template=$(get_locales_directories "COMM_STRINGS_PATTERNS")
+
+ echo "Fetching Browser locales..."
+ if [ -d "$FF_L10N_BASE/.git" ]; then
+ pushd "$FF_L10N_BASE/" || exit 1
+ git fetch -a || exit 1
+ popd || exit 1
+ else
+ git clone "$FF_L10N_MONOREPO" "$FF_L10N_BASE" || exit 1
+ fi
+ # Currently all locales show the same changeset-hash, as they moved to a monorepo. We just take the first one.
+ changeset=$(jq -r 'to_entries[0]| "\(.key) \(.value|.revision)"' "$FF_LOCALE_FILE" | cut -d " " -f 2)
+ [ "$RELEASE_TAG" == "default" ] || git -C "$FF_L10N_BASE/" switch --detach "$changeset" || exit 1
+
+ # No-op, if we are building FF:
+ test ! -d $FINAL_L10N_BASE && mkdir $FINAL_L10N_BASE
+
+ # If we are doing TB, we have to merge both l10n-repos
+ if [ "$PRODUCT" = "thunderbird" ] && test -d "$TB_L10N_BASE/$locale/" ; then
+ jq -r 'to_entries[]| "\(.key) \(.value|.revision)"' "$FF_LOCALE_FILE" | \
+ while read -r locale changeset ; do
+ case $locale in
+ ja-JP-mac|en-US)
+ ;;
+ *)
+ create_and_copy_locales "$locale" "$FF_L10N_BASE" "$ff_locale_template" "$FINAL_L10N_BASE"
+ create_and_copy_locales "$locale" "$TB_L10N_BASE" "$tb_locale_template" "$FINAL_L10N_BASE"
+ ;;
+ esac
+ done
+ fi
+
+ echo "creating l10n archive..."
+ local TAR_FLAGS="--exclude-vcs"
+ # For reproducable tarballs
+ # Convert TIMESTAMP to ISO-format, so tar can understand it, then set mtime to it
+ local MTIME=$(python3 -c "from datetime import datetime; print(datetime.strptime(${TIMESTAMP}, '%Y%m%d%H%M%S').isoformat())")
+ TAR_FLAGS="$TAR_FLAGS --sort=name --format=posix --pax-option=delete=atime,delete=ctime,exthdr.name=%d/PaxHeaders/%f --numeric-owner --owner=0 --group=0 --mode=go+u,go-w --clamp-mtime --mtime=$MTIME"
+
+ if [ "$PRODUCT" = "thunderbird" ]; then
+ TAR_FLAGS="$TAR_FLAGS --exclude=suite"
+ fi
+ tar "$compression" -cf "l10n-$VERSION$VERSION_SUFFIX.tar.xz" $TAR_FLAGS "$FINAL_L10N_BASE"
+}
+
+function clean_up_old_tarballs() {
+ if [ -e "$PREV_SOURCE_TARBALL" ]; then
+ echo ""
+ echo "Deleting old sources tarball $PREV_SOURCE_TARBALL"
+ ask_cont_abort_question "Is this ok?" || exit 0
+ rm "$PREV_SOURCE_TARBALL"
+ rm "$PREV_SOURCE_TARBALL.asc"
+ # if old and new lang-tarball are there, delete the old one
+ if [ -f "l10n-$PREV_VERSION$PREV_VERSION_SUFFIX.tar.xz" ] && [ -f "l10n-$VERSION$VERSION_SUFFIX.tar.xz" ]; then
+ rm "l10n-$PREV_VERSION$PREV_VERSION_SUFFIX.tar.xz"
+ fi
+ fi
+ # If we downloaded the upstream zstd-tarball and repackaged it, remove it now
+ if [ -f "$TB_LOCALE_TARBALL" ] && [ -f "l10n-$VERSION$VERSION_SUFFIX.tar.xz" ]; then
+ echo ""
+ echo "Deleting old sources tarball $TB_LOCALE_TARBALL"
+ ask_cont_abort_question "Is this ok?" || exit 0
+ rm "$TB_LOCALE_TARBALL"
+ fi
+}
+
+main "$@"
diff --git a/l10n-115.13.0.tar.xz b/l10n-115.13.0.tar.xz
new file mode 100644
index 0000000..d428294
--- /dev/null
+++ b/l10n-115.13.0.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:6cfbb88684d6a32bdeda1505178e3e72def6f650a0ca10f61505e1edcf69fe57
+size 30001028
diff --git a/l10n-115.14.0.tar.xz b/l10n-115.14.0.tar.xz
new file mode 100644
index 0000000..f442b01
--- /dev/null
+++ b/l10n-115.14.0.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:172a381e8712eb00dbed57b0f7f4e9ff23891854f4716af1c478f47c8f361c42
+size 30003396
diff --git a/l10n-115.15.0.tar.xz b/l10n-115.15.0.tar.xz
new file mode 100644
index 0000000..4836f54
--- /dev/null
+++ b/l10n-115.15.0.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:14f891ecacb5296f675dad6075e512089902824b28928c20ea3a2998797db58b
+size 30459468
diff --git a/l10n-128.3.2esr.tar.xz b/l10n-128.3.2esr.tar.xz
new file mode 100644
index 0000000..641bf52
--- /dev/null
+++ b/l10n-128.3.2esr.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:fc89755949f0321bf52d3a63cee91a3355faeaf65d7a926f1fdb9a79c8e4f85e
+size 30492540
diff --git a/l10n-128.3.3esr.tar.xz b/l10n-128.3.3esr.tar.xz
new file mode 100644
index 0000000..641bf52
--- /dev/null
+++ b/l10n-128.3.3esr.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:fc89755949f0321bf52d3a63cee91a3355faeaf65d7a926f1fdb9a79c8e4f85e
+size 30492540
diff --git a/l10n-128.4.0esr.tar.xz b/l10n-128.4.0esr.tar.xz
new file mode 100644
index 0000000..3c35f5e
--- /dev/null
+++ b/l10n-128.4.0esr.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:977b4e8d0e7f7f3e4ea493fdd5418ddc449259e5241b4589444cbedf0d8edb6f
+size 30573364
diff --git a/l10n-128.4.2esr.tar.xz b/l10n-128.4.2esr.tar.xz
new file mode 100644
index 0000000..3c35f5e
--- /dev/null
+++ b/l10n-128.4.2esr.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:977b4e8d0e7f7f3e4ea493fdd5418ddc449259e5241b4589444cbedf0d8edb6f
+size 30573364
diff --git a/l10n-128.4.3esr.tar.xz b/l10n-128.4.3esr.tar.xz
new file mode 100644
index 0000000..3c35f5e
--- /dev/null
+++ b/l10n-128.4.3esr.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:977b4e8d0e7f7f3e4ea493fdd5418ddc449259e5241b4589444cbedf0d8edb6f
+size 30573364
diff --git a/l10n-128.4.4esr.tar.xz b/l10n-128.4.4esr.tar.xz
new file mode 100644
index 0000000..3c35f5e
--- /dev/null
+++ b/l10n-128.4.4esr.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:977b4e8d0e7f7f3e4ea493fdd5418ddc449259e5241b4589444cbedf0d8edb6f
+size 30573364
diff --git a/l10n-128.5.0esr.tar.xz b/l10n-128.5.0esr.tar.xz
new file mode 100644
index 0000000..e444252
--- /dev/null
+++ b/l10n-128.5.0esr.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:411ccf5d02af3237d9bbbb9091d7c84d307812e150cda2a228adcb297431c7cf
+size 30663244
diff --git a/l10n-128.5.1esr.tar.xz b/l10n-128.5.1esr.tar.xz
new file mode 100644
index 0000000..e444252
--- /dev/null
+++ b/l10n-128.5.1esr.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:411ccf5d02af3237d9bbbb9091d7c84d307812e150cda2a228adcb297431c7cf
+size 30663244
diff --git a/l10n-128.5.2esr.tar.xz b/l10n-128.5.2esr.tar.xz
new file mode 100644
index 0000000..e444252
--- /dev/null
+++ b/l10n-128.5.2esr.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:411ccf5d02af3237d9bbbb9091d7c84d307812e150cda2a228adcb297431c7cf
+size 30663244
diff --git a/mozilla-aarch64-startup-crash.patch b/mozilla-aarch64-startup-crash.patch
new file mode 100644
index 0000000..5d9f98d
--- /dev/null
+++ b/mozilla-aarch64-startup-crash.patch
@@ -0,0 +1,26 @@
+# HG changeset patch
+# User msirringhaus@suse.de
+# Date 1558442998 -7200
+# Tue May 21 14:49:58 2019 +0200
+# Node ID 386083b58d8558141901d796ec6919a4aba7ad3a
+# Parent 76b747f7d113bddbb8593184d81e1bfe5fd51af0
+bsc#991344 - Rpi3: Firefox crashes after a few seconds of usage
+bmo#1302554 - ARM/AARCH64: Firefox crashes on NULL nsIChannel** result pointer in nsIOService::NewChannelFromURIWithProxyFlagsInternal()
+
+diff --git a/netwerk/base/nsIOService.cpp b/netwerk/base/nsIOService.cpp
+--- a/netwerk/base/nsIOService.cpp
++++ b/netwerk/base/nsIOService.cpp
+@@ -1159,7 +1159,13 @@ nsresult nsIOService::NewChannelFromURIW
+ }
+ }
+
++#if defined(__aarch64__)
++ if (result) {
++ channel.forget(result);
++ }
++#else
+ channel.forget(result);
++#endif
+ return NS_OK;
+ }
+
diff --git a/mozilla-bmo1504834-part1.patch b/mozilla-bmo1504834-part1.patch
new file mode 100644
index 0000000..843f03e
--- /dev/null
+++ b/mozilla-bmo1504834-part1.patch
@@ -0,0 +1,92 @@
+# HG changeset patch
+# Parent 9fcbd287056a40084b1e679f787bf683b291f323
+Taken from https://bugzilla.mozilla.org/show_bug.cgi?id=1504834
+
+Index: firefox-128.0/gfx/2d/DrawTargetSkia.cpp
+===================================================================
+--- firefox-128.0.orig/gfx/2d/DrawTargetSkia.cpp
++++ firefox-128.0/gfx/2d/DrawTargetSkia.cpp
+@@ -156,7 +156,8 @@ static IntRect CalculateSurfaceBounds(co
+ }
+
+ static const int kARGBAlphaOffset =
+- SurfaceFormat::A8R8G8B8_UINT32 == SurfaceFormat::B8G8R8A8 ? 3 : 0;
++ 0; // Skia is always BGRA SurfaceFormat::A8R8G8B8_UINT32 ==
++ // SurfaceFormat::B8G8R8A8 ? 3 : 0;
+
+ static bool VerifyRGBXFormat(uint8_t* aData, const IntSize& aSize,
+ const int32_t aStride, SurfaceFormat aFormat) {
+Index: firefox-128.0/gfx/2d/Types.h
+===================================================================
+--- firefox-128.0.orig/gfx/2d/Types.h
++++ firefox-128.0/gfx/2d/Types.h
+@@ -89,18 +89,11 @@ enum class SurfaceFormat : int8_t {
+ // This represents the unknown format.
+ UNKNOWN, // TODO: Replace uses with Maybe<SurfaceFormat>.
+
+-// The following values are endian-independent synonyms. The _UINT32 suffix
+-// indicates that the name reflects the layout when viewed as a uint32_t
+-// value.
+-#if MOZ_LITTLE_ENDIAN()
++ // The following values are endian-independent synonyms. The _UINT32 suffix
++ // indicates that the name reflects the layout when viewed as a uint32_t
++ // value.
+ A8R8G8B8_UINT32 = B8G8R8A8, // 0xAARRGGBB
+ X8R8G8B8_UINT32 = B8G8R8X8, // 0x00RRGGBB
+-#elif MOZ_BIG_ENDIAN()
+- A8R8G8B8_UINT32 = A8R8G8B8, // 0xAARRGGBB
+- X8R8G8B8_UINT32 = X8R8G8B8, // 0x00RRGGBB
+-#else
+-# error "bad endianness"
+-#endif
+
+ // The following values are OS and endian-independent synonyms.
+ //
+Index: firefox-128.0/gfx/skia/skia/modules/skcms/skcms.cc
+===================================================================
+--- firefox-128.0.orig/gfx/skia/skia/modules/skcms/skcms.cc
++++ firefox-128.0/gfx/skia/skia/modules/skcms/skcms.cc
+@@ -31,6 +31,8 @@
+ #include <avx512fintrin.h>
+ #include <avx512dqintrin.h>
+ #endif
++#else
++ #define SKCMS_PORTABLE
+ #endif
+
+ using namespace skcms_private;
+@@ -324,20 +326,28 @@ enum {
+ static uint16_t read_big_u16(const uint8_t* ptr) {
+ uint16_t be;
+ memcpy(&be, ptr, sizeof(be));
+-#if defined(_MSC_VER)
+- return _byteswap_ushort(be);
++#if __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__
++ return be;
+ #else
+- return __builtin_bswap16(be);
++ #if defined(_MSC_VER)
++ return _byteswap_ushort(be);
++ #else
++ return __builtin_bswap16(be);
++ #endif
+ #endif
+ }
+
+ static uint32_t read_big_u32(const uint8_t* ptr) {
+ uint32_t be;
+ memcpy(&be, ptr, sizeof(be));
+-#if defined(_MSC_VER)
+- return _byteswap_ulong(be);
++#if __BYTE_ORDER == __ORDER_BIG_ENDIAN__
++ return be;
+ #else
+- return __builtin_bswap32(be);
++ #if defined(_MSC_VER)
++ return _byteswap_ulong(be);
++ #else
++ return __builtin_bswap32(be);
++ #endif
+ #endif
+ }
+
diff --git a/mozilla-bmo1504834-part3.patch b/mozilla-bmo1504834-part3.patch
new file mode 100644
index 0000000..18e9106
--- /dev/null
+++ b/mozilla-bmo1504834-part3.patch
@@ -0,0 +1,17 @@
+# HG changeset patch
+# Parent 09cd4ac2cc607e85aa572425b824fbab386af607
+For FF68, AntiAliasing of XULTexts seem to be broken on big endian (s390x). Text and icons of the sandwich-menu to the
+right of the address bar, as well as plugin-windows appears transparant, which usually means unreadable (white on white).
+
+diff --git a/gfx/skia/skia/src/opts/SkBlitMask_opts.h b/gfx/skia/skia/src/opts/SkBlitMask_opts.h
+--- a/gfx/skia/skia/src/opts/SkBlitMask_opts.h
++++ b/gfx/skia/skia/src/opts/SkBlitMask_opts.h
+@@ -210,6 +210,8 @@ namespace SK_OPTS_NS {
+ // ~~~>
+ // a = 1*aa + d(1-1*aa) = aa + d(1-aa)
+ // c = 0*aa + d(1-1*aa) = d(1-aa)
++ // TODO: Check this for endian-issues!
++ // Do we need to switch 255 to the front for all of those tuples?
+ return (aa & Sk4px(skvx::byte16{0,0,0,255, 0,0,0,255, 0,0,0,255, 0,0,0,255}))
+ + d.approxMulDiv255(aa.inv());
+ };
diff --git a/mozilla-bmo1512162.patch b/mozilla-bmo1512162.patch
new file mode 100644
index 0000000..3ca46d4
--- /dev/null
+++ b/mozilla-bmo1512162.patch
@@ -0,0 +1,35 @@
+# HG changeset patch
+# Parent f9f5af4c88f2f3172a4f30d7e42bd2131bf24146
+This fixes a broken build for gcc < 9 on ppc64le.
+This patch can be removed for newer gcc-versions.
+
+Index: firefox-115.0/js/xpconnect/src/XPCWrappedNative.cpp
+===================================================================
+--- firefox-115.0.orig/js/xpconnect/src/XPCWrappedNative.cpp
++++ firefox-115.0/js/xpconnect/src/XPCWrappedNative.cpp
+@@ -1061,7 +1061,11 @@ class MOZ_STACK_CLASS CallMethodHelper f
+ MOZ_ALWAYS_INLINE bool GetOutParamSource(uint8_t paramIndex,
+ MutableHandleValue srcp) const;
+
+- MOZ_ALWAYS_INLINE bool GatherAndConvertResults();
++#if !(__GNUC__ && __linux__ && __PPC64__ && _LITTLE_ENDIAN)
++// Work around a compiler bug on ppc64le (bug 1512162).
++ MOZ_ALWAYS_INLINE
++#endif
++ bool GatherAndConvertResults();
+
+ MOZ_ALWAYS_INLINE bool QueryInterfaceFastPath();
+
+@@ -1108,7 +1112,11 @@ class MOZ_STACK_CLASS CallMethodHelper f
+
+ ~CallMethodHelper();
+
+- MOZ_ALWAYS_INLINE bool Call();
++#if !(__GNUC__ && __linux__ && __PPC64__ && _LITTLE_ENDIAN)
++// Work around a compiler bug on ppc64le (bug 1512162).
++ MOZ_ALWAYS_INLINE
++#endif
++ bool Call();
+
+ // Trace implementation so we can put our CallMethodHelper in a Rooted<T>.
+ void trace(JSTracer* aTrc);
diff --git a/mozilla-bmo1775202.patch b/mozilla-bmo1775202.patch
new file mode 100644
index 0000000..1b1f5b1
--- /dev/null
+++ b/mozilla-bmo1775202.patch
@@ -0,0 +1,26 @@
+From: Mike Hommey <mh@glandium.org>
+Date: Sun, 14 Aug 2022 07:01:33 +0900
+Subject: Work around bz#1775202 to fix FTBFS on ppc64el
+
+---
+ third_party/libwebrtc/moz.build | 7 +++++++
+ 1 file changed, 7 insertions(+)
+
+diff --git a/third_party/libwebrtc/moz.build b/third_party/libwebrtc/moz.build
+index 976cf373..311519c 100644
+--- a/third_party/libwebrtc/moz.build
++++ b/third_party/libwebrtc/moz.build
+@@ -566,6 +566,13 @@ if CONFIG["CPU_ARCH"] == "arm" and CONFIG["OS_TARGET"] == "Linux":
+ "/third_party/libwebrtc/third_party/pipewire/pipewire_gn"
+ ]
+
++if CONFIG["CPU_ARCH"] == "ppc64" and CONFIG["OS_TARGET"] == "Linux":
++
++ DIRS += [
++ "/third_party/libwebrtc/modules/desktop_capture/desktop_capture_gn",
++ "/third_party/libwebrtc/modules/desktop_capture/primitives_gn",
++ ]
++
+ if CONFIG["CPU_ARCH"] == "x86" and CONFIG["OS_TARGET"] == "Linux":
+
+ DIRS += [
diff --git a/mozilla-bmo531915.patch b/mozilla-bmo531915.patch
new file mode 100644
index 0000000..b84209d
--- /dev/null
+++ b/mozilla-bmo531915.patch
@@ -0,0 +1,33 @@
+# HG changeset patch
+# User Wolfgang Rosenauer <wr@rosenauer.org>
+# Parent fa8a5832a374ccd7af5db927b992b5d9f15273ef
+
+diff --git a/modules/fdlibm/src/math_private.h b/modules/fdlibm/src/math_private.h
+--- a/modules/fdlibm/src/math_private.h
++++ b/modules/fdlibm/src/math_private.h
+@@ -25,19 +25,24 @@
+
+ #include "fdlibm.h"
+
+ /*
+ * Emulate FreeBSD internal double types.
+ * Adapted from https://github.com/freebsd/freebsd-src/search?q=__double_t
+ */
+
++#ifdef __i386__
++typedef long double __double_t;
++typedef long double __float_t;
++#else
+ typedef double __double_t;
++typedef float __float_t;
++#endif
+ typedef __double_t double_t;
+-typedef float __float_t;
+
+ /*
+ * The original fdlibm code used statements like:
+ * n0 = ((*(int*)&one)>>29)^1; * index of high word *
+ * ix0 = *(n0+(int*)&x); * high word of x *
+ * ix1 = *((1-n0)+(int*)&x); * low word of x *
+ * to dig two 32 bit words out of the 64 bit IEEE floating point
+ * value. That is non-ANSI, and, moreover, the gcc instruction
diff --git a/mozilla-bmo849632.patch b/mozilla-bmo849632.patch
new file mode 100644
index 0000000..ec1ee03
--- /dev/null
+++ b/mozilla-bmo849632.patch
@@ -0,0 +1,26 @@
+# HG changeset patch
+# Parent 3de59fe1b8708c01e134ce698c4232b8a854f617
+Problem: webGL sites are displayed in the wrong color (usually blue-ish)
+Solution: Problem is with skia once again. Output of webgl seems endian-correct, but skia only
+ knows how to deal with little endian.
+ So we swizzle the output of webgl after reading it from readpixels()
+Note: This does not fix all webGL sites, but is a step in the right direction
+
+Index: firefox-115.0/gfx/gl/GLContext.h
+===================================================================
+--- firefox-115.0.orig/gfx/gl/GLContext.h
++++ firefox-115.0/gfx/gl/GLContext.h
+@@ -1560,6 +1560,13 @@ class GLContext : public GenericAtomicRe
+ BEFORE_GL_CALL;
+ mSymbols.fReadPixels(x, y, width, height, format, type, pixels);
+ OnSyncCall();
++#if MOZ_BIG_ENDIAN()
++ uint8_t* itr = (uint8_t*)pixels;
++ for (GLsizei i = 0; i < width * height; i++) {
++ NativeEndian::swapToLittleEndianInPlace((uint32_t*)itr, 1);
++ itr += 4;
++ }
++#endif
+ AFTER_GL_CALL;
+ mHeavyGLCallsSinceLastFlush = true;
+ }
diff --git a/mozilla-bmo998749.patch b/mozilla-bmo998749.patch
new file mode 100644
index 0000000..91a6168
--- /dev/null
+++ b/mozilla-bmo998749.patch
@@ -0,0 +1,29 @@
+# HG changeset patch
+# User msirringhaus@suse.de
+# Date 1583738770 -3600
+# Mon Mar 09 08:26:10 2020 +0100
+# Node ID 34676feac1a542e409e22acf5b98735f8313b1ce
+# Parent 506857dace0a08d1c9685e3ac264646590b3e27f
+[mq]: mozilla-bmo998749.patch
+
+diff -r 506857dace0a -r 34676feac1a5 gfx/2d/FilterProcessing.h
+--- a/gfx/2d/FilterProcessing.h Fri Feb 28 12:31:51 2020 +0100
++++ b/gfx/2d/FilterProcessing.h Mon Mar 09 08:26:10 2020 +0100
+@@ -13,10 +13,17 @@
+ namespace mozilla {
+ namespace gfx {
+
++#if MOZ_BIG_ENDIAN()
++const ptrdiff_t B8G8R8A8_COMPONENT_BYTEOFFSET_B = 3;
++const ptrdiff_t B8G8R8A8_COMPONENT_BYTEOFFSET_G = 2;
++const ptrdiff_t B8G8R8A8_COMPONENT_BYTEOFFSET_R = 1;
++const ptrdiff_t B8G8R8A8_COMPONENT_BYTEOFFSET_A = 0;
++#else
+ const ptrdiff_t B8G8R8A8_COMPONENT_BYTEOFFSET_B = 0;
+ const ptrdiff_t B8G8R8A8_COMPONENT_BYTEOFFSET_G = 1;
+ const ptrdiff_t B8G8R8A8_COMPONENT_BYTEOFFSET_R = 2;
+ const ptrdiff_t B8G8R8A8_COMPONENT_BYTEOFFSET_A = 3;
++#endif
+
+ class FilterProcessing {
+ public:
diff --git a/mozilla-fix-aarch64-libopus.patch b/mozilla-fix-aarch64-libopus.patch
new file mode 100644
index 0000000..ded3d2c
--- /dev/null
+++ b/mozilla-fix-aarch64-libopus.patch
@@ -0,0 +1,15 @@
+# HG changeset patch
+# Parent af2c24874d79cbebb444727ae96f2fefa3f22b47
+
+diff --git a/media/libopus/silk/arm/arm_silk_map.c b/media/libopus/silk/arm/arm_silk_map.c
+--- a/media/libopus/silk/arm/arm_silk_map.c
++++ b/media/libopus/silk/arm/arm_silk_map.c
+@@ -28,7 +28,7 @@ POSSIBILITY OF SUCH DAMAGE.
+ # include "config.h"
+ #endif
+
+-#include "main_FIX.h"
++#include "../fixed/main_FIX.h"
+ #include "NSQ.h"
+ #include "SigProc_FIX.h"
+
diff --git a/mozilla-fix-issues-with-llvm18.patch b/mozilla-fix-issues-with-llvm18.patch
new file mode 100644
index 0000000..e827c2e
--- /dev/null
+++ b/mozilla-fix-issues-with-llvm18.patch
@@ -0,0 +1,94 @@
+Adapt the shipped rust-bindgen copy for LLVM-18 and later,
+and tell cargo we've modified the code of rust-bindgen so
+the checksum verification of this crate should be skipped
+
+diff -rup a/Cargo.lock b/Cargo.lock
+--- a/Cargo.lock 2024-03-14 06:21:23.000000000 +0100
++++ b/Cargo.lock 2024-03-20 13:15:35.146224179 +0100
+@@ -414,8 +414,8 @@ dependencies = [
+ [[package]]
+ name = "bindgen"
+ version = "0.64.0"
+-source = "registry+https://github.com/rust-lang/crates.io-index"
+-checksum = "c4243e6031260db77ede97ad86c27e501d646a27ab57b59a574f725d98ab1fb4"
++#source = "registry+https://github.com/rust-lang/crates.io-index"
++#checksum = "c4243e6031260db77ede97ad86c27e501d646a27ab57b59a574f725d98ab1fb4"
+ dependencies = [
+ "bitflags 1.3.2",
+ "cexpr",
+diff -rup a/Cargo.toml b/Cargo.toml
+--- a/Cargo.toml 2024-03-20 13:09:16.152828408 +0100
++++ b/Cargo.toml 2024-03-20 13:14:09.072867031 +0100
+@@ -193,3 +193,8 @@ weedle2 = "=4.0.0"
+ # Shut up such messages for now to make the build succeed
+ [future-incompat-report]
+ frequency = "never"
++
++[patch.crates-io.bindgen_0_64_0]
++package = "bindgen"
++version = "0.64.0"
++path = "third_party/rust/bindgen"
+diff -rup a/third_party/rust/bindgen/ir/item.rs b/third_party/rust/bindgen/ir/item.rs
+--- a/third_party/rust/bindgen/ir/item.rs 2024-03-14 06:21:40.000000000 +0100
++++ b/third_party/rust/bindgen/ir/item.rs 2024-03-20 13:11:32.062844514 +0100
+@@ -1434,6 +1434,7 @@ impl Item {
+ // We allowlist cursors here known to be unhandled, to prevent being
+ // too noisy about this.
+ match cursor.kind() {
++ CXCursor_LinkageSpec => return Err(ParseError::Recurse),
+ CXCursor_MacroDefinition |
+ CXCursor_MacroExpansion |
+ CXCursor_UsingDeclaration |
+
+
+Adapt the WebRTC code to use 64-bit timestamp to fix a build
+failure with Clang-18 and later
+
+diff -rup a/dom/media/gmp-plugin-openh264/gmp-fake-openh264.cpp b/dom/media/gmp-plugin-openh264/gmp-fake-openh264.cpp
+--- a/dom/media/gmp-plugin-openh264/gmp-fake-openh264.cpp 2024-03-14 06:21:25.000000000 +0100
++++ b/dom/media/gmp-plugin-openh264/gmp-fake-openh264.cpp 2024-03-20 13:17:20.839584778 +0100
+@@ -99,7 +99,7 @@ struct EncodedFrame {
+ uint8_t y_;
+ uint8_t u_;
+ uint8_t v_;
+- uint32_t timestamp_;
++ uint64_t timestamp_;
+ } idr_nalu;
+ };
+ #pragma pack(pop)
+diff -rup a/dom/media/gtest/TestGMPRemoveAndDelete.cpp b/dom/media/gtest/TestGMPRemoveAndDelete.cpp
+--- a/dom/media/gtest/TestGMPRemoveAndDelete.cpp 2024-03-14 06:21:25.000000000 +0100
++++ b/dom/media/gtest/TestGMPRemoveAndDelete.cpp 2024-03-20 13:17:20.839584778 +0100
+@@ -361,7 +361,7 @@ void GMPRemoveTest::gmp_Decode() {
+ uint8_t y_;
+ uint8_t u_;
+ uint8_t v_;
+- uint32_t timestamp_;
++ uint64_t timestamp_;
+ } idr_nalu;
+ };
+ #pragma pack(pop)
+diff -rup a/dom/media/webrtc/libwebrtcglue/WebrtcGmpVideoCodec.cpp b/dom/media/webrtc/libwebrtcglue/WebrtcGmpVideoCodec.cpp
+--- a/dom/media/webrtc/libwebrtcglue/WebrtcGmpVideoCodec.cpp 2024-03-14 06:21:24.000000000 +0100
++++ b/dom/media/webrtc/libwebrtcglue/WebrtcGmpVideoCodec.cpp 2024-03-20 13:17:20.842918112 +0100
+@@ -540,7 +540,7 @@ void WebrtcGmpVideoEncoder::Encoded(
+
+ webrtc::VideoFrameType ft;
+ GmpFrameTypeToWebrtcFrameType(aEncodedFrame->FrameType(), &ft);
+- uint32_t timestamp = (aEncodedFrame->TimeStamp() * 90ll + 999) / 1000;
++ uint64_t timestamp = (aEncodedFrame->TimeStamp() * 90ll + 999) / 1000;
+
+ GMP_LOG_DEBUG("GMP Encoded: %" PRIu64 ", type %d, len %d",
+ aEncodedFrame->TimeStamp(), aEncodedFrame->BufferType(),
+diff -rup a/dom/media/webrtc/libwebrtcglue/WebrtcGmpVideoCodec.h b/dom/media/webrtc/libwebrtcglue/WebrtcGmpVideoCodec.h
+--- a/dom/media/webrtc/libwebrtcglue/WebrtcGmpVideoCodec.h 2024-03-14 06:21:24.000000000 +0100
++++ b/dom/media/webrtc/libwebrtcglue/WebrtcGmpVideoCodec.h 2024-03-20 13:17:32.442921055 +0100
+@@ -302,7 +302,7 @@ class WebrtcGmpVideoEncoder : public GMP
+ int64_t timestamp_us;
+ };
+ // Map rtp time -> input image data
+- DataMutex<std::map<uint32_t, InputImageData>> mInputImageMap;
++ DataMutex<std::map<uint64_t, InputImageData>> mInputImageMap;
+
+ MediaEventProducer<uint64_t> mInitPluginEvent;
+ MediaEventProducer<uint64_t> mReleasePluginEvent;
diff --git a/mozilla-fix-top-level-asm.patch b/mozilla-fix-top-level-asm.patch
new file mode 100644
index 0000000..72f2c20
--- /dev/null
+++ b/mozilla-fix-top-level-asm.patch
@@ -0,0 +1,66 @@
+From 91bb79836ee274855393bdf6ab10e24899b1b349 Mon Sep 17 00:00:00 2001
+From: Martin Liska <mliska@suse.cz>
+Date: Fri, 17 May 2019 14:41:35 +0200
+Subject: [PATCH] Fix top-level asm issue.
+
+---
+ security/sandbox/linux/moz.build | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/security/sandbox/linux/moz.build b/security/sandbox/linux/moz.build
+--- a/security/sandbox/linux/moz.build
++++ b/security/sandbox/linux/moz.build
+@@ -66,32 +66,32 @@ UNIFIED_SOURCES += [
+ "../chromium/base/time/time_now_posix.cc",
+ "../chromium/sandbox/linux/bpf_dsl/bpf_dsl.cc",
+ "../chromium/sandbox/linux/bpf_dsl/codegen.cc",
+ "../chromium/sandbox/linux/bpf_dsl/dump_bpf.cc",
+ "../chromium/sandbox/linux/bpf_dsl/policy.cc",
+ "../chromium/sandbox/linux/bpf_dsl/policy_compiler.cc",
+ "../chromium/sandbox/linux/bpf_dsl/syscall_set.cc",
+ "../chromium/sandbox/linux/seccomp-bpf/die.cc",
+- "../chromium/sandbox/linux/seccomp-bpf/syscall.cc",
+ "broker/SandboxBrokerCommon.cpp",
+ "Sandbox.cpp",
+ "SandboxBrokerClient.cpp",
+ "SandboxFilter.cpp",
+ "SandboxFilterUtil.cpp",
+ "SandboxHooks.cpp",
+ "SandboxInfo.cpp",
+ "SandboxLogging.cpp",
+ "SandboxOpenedFiles.cpp",
+ "SandboxReporterClient.cpp",
+ ]
+
+ SOURCES += [
+ "../chromium/base/strings/safe_sprintf.cc",
+ "../chromium/base/third_party/icu/icu_utf.cc",
++ "../chromium/sandbox/linux/seccomp-bpf/syscall.cc",
+ "../chromium/sandbox/linux/seccomp-bpf/trap.cc",
+ "../chromium/sandbox/linux/services/syscall_wrappers.cc",
+ ]
+
+ # This copy of SafeSPrintf doesn't need to avoid the Chromium logging
+ # dependency like the one in libxul does, but this way the behavior is
+ # consistent. See also the comment in SandboxLogging.h.
+ SOURCES["../chromium/base/strings/safe_sprintf.cc"].flags += ["-DNDEBUG"]
+@@ -105,16 +105,19 @@ if CONFIG["CC_TYPE"] in ("clang", "gcc")
+ "-Wno-unreachable-code-return"
+ ]
+
+ if CONFIG["CC_TYPE"] in ("clang", "gcc"):
+ CXXFLAGS += ["-Wno-error=stack-protector"]
+ SOURCES["../chromium/sandbox/linux/services/syscall_wrappers.cc"].flags += [
+ "-Wno-empty-body",
+ ]
++ SOURCES['../chromium/sandbox/linux/seccomp-bpf/syscall.cc'].flags += [
++ '-fno-lto'
++ ]
+
+ # gcc lto likes to put the top level asm in syscall.cc in a different partition
+ # from the function using it which breaks the build. Work around that by
+ # forcing there to be only one partition.
+ for f in CONFIG["OS_CXXFLAGS"]:
+ if f.startswith("-flto") and CONFIG["CC_TYPE"] != "clang":
+ LDFLAGS += ["--param lto-partitions=1"]
+
diff --git a/mozilla-kde.patch b/mozilla-kde.patch
new file mode 100644
index 0000000..b5b9b92
--- /dev/null
+++ b/mozilla-kde.patch
@@ -0,0 +1,1774 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Wolfgang Rosenauer <wolfgang@rosenauer.org>
+Date: Tue, 8 Aug 2023 16:13:48 +0300
+Subject: [PATCH] Add KDE integration to Firefox (toolkit parts)
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Bug: https://bugzilla.mozilla.org/show_bug.cgi?id=140751
+Bug: https://bugzilla.suse.com/show_bug.cgi?id=170055
+
+EDIT: Björn Bidar: Removed handling for obsolete special files
+
+Co-authored-by: Wolfgang Rosenauer <wolfgang@rosenauer.org>
+Co-authored-by: Lubos Lunak <lunak@suse.com>
+Co-authored-by: Björn Bidar <bjorn.bidar@thaodan.de>
+---
+ modules/libpref/Preferences.cpp | 1 +
+ modules/libpref/moz.build | 4 +
+ python/mozbuild/mozpack/chrome/flags.py | 1 +
+ python/mozbuild/mozpack/chrome/manifest.py | 1 +
+ toolkit/components/downloads/moz.build | 4 +
+ .../mozapps/downloads/HelperAppDlg.sys.mjs | 70 +++--
+ .../unixproxy/nsUnixSystemProxySettings.cpp | 29 ++
+ toolkit/xre/moz.build | 2 +
+ toolkit/xre/nsKDEUtils.cpp | 286 ++++++++++++++++++
+ toolkit/xre/nsKDEUtils.h | 53 ++++
+ uriloader/exthandler/HandlerServiceParent.cpp | 6 +-
+ uriloader/exthandler/moz.build | 3 +
+ .../exthandler/unix/nsCommonRegistry.cpp | 42 +++
+ uriloader/exthandler/unix/nsCommonRegistry.h | 28 ++
+ uriloader/exthandler/unix/nsKDERegistry.cpp | 75 +++++
+ uriloader/exthandler/unix/nsKDERegistry.h | 35 +++
+ uriloader/exthandler/unix/nsMIMEInfoUnix.cpp | 28 +-
+ .../exthandler/unix/nsOSHelperAppService.cpp | 10 +-
+ widget/gtk/moz.build | 1 +
+ widget/gtk/nsFilePicker.cpp | 230 +++++++++++++-
+ widget/gtk/nsFilePicker.h | 6 +
+ xpcom/components/ManifestParser.cpp | 10 +
+ xpcom/components/moz.build | 1 +
+ xpcom/io/nsLocalFileUnix.cpp | 20 +-
+ 24 files changed, 910 insertions(+), 36 deletions(-)
+ create mode 100644 toolkit/xre/nsKDEUtils.cpp
+ create mode 100644 toolkit/xre/nsKDEUtils.h
+ create mode 100644 uriloader/exthandler/unix/nsCommonRegistry.cpp
+ create mode 100644 uriloader/exthandler/unix/nsCommonRegistry.h
+ create mode 100644 uriloader/exthandler/unix/nsKDERegistry.cpp
+ create mode 100644 uriloader/exthandler/unix/nsKDERegistry.h
+
+diff --git a/modules/libpref/Preferences.cpp b/modules/libpref/Preferences.cpp
+--- a/modules/libpref/Preferences.cpp
++++ b/modules/libpref/Preferences.cpp
+@@ -92,16 +92,17 @@
+ #include "PLDHashTable.h"
+ #include "prdtoa.h"
+ #include "prlink.h"
+ #include "xpcpublic.h"
+ #include "js/RootingAPI.h"
+ #ifdef MOZ_BACKGROUNDTASKS
+ # include "mozilla/BackgroundTasks.h"
+ #endif
++#include "nsKDEUtils.h"
+
+ #ifdef DEBUG
+ # include <map>
+ #endif
+
+ #ifdef MOZ_MEMORY
+ # include "mozmemory.h"
+ #endif
+diff --git a/modules/libpref/moz.build b/modules/libpref/moz.build
+--- a/modules/libpref/moz.build
++++ b/modules/libpref/moz.build
+@@ -121,16 +121,20 @@ EXPORTS.mozilla += [
+ ]
+ EXPORTS.mozilla += sorted(["!" + g for g in gen_h])
+
+ UNIFIED_SOURCES += [
+ "Preferences.cpp",
+ "SharedPrefMap.cpp",
+ ]
+
++LOCAL_INCLUDES += [
++ '/toolkit/xre'
++]
++
+ gen_all_tuple = tuple(gen_h + gen_cpp + gen_rs)
+
+ GeneratedFile(
+ *gen_all_tuple,
+ script="init/generate_static_pref_list.py",
+ entry_point="emit_code",
+ inputs=["init/StaticPrefList.yaml"]
+ )
+diff --git a/python/mozbuild/mozpack/chrome/flags.py b/python/mozbuild/mozpack/chrome/flags.py
+--- a/python/mozbuild/mozpack/chrome/flags.py
++++ b/python/mozbuild/mozpack/chrome/flags.py
+@@ -229,16 +229,17 @@ class Flags(OrderedDict):
+ "os": StringFlag,
+ "osversion": VersionFlag,
+ "abi": StringFlag,
+ "platform": Flag,
+ "xpcnativewrappers": Flag,
+ "tablet": Flag,
+ "process": StringFlag,
+ "backgroundtask": StringFlag,
++ "desktop": StringFlag,
+ }
+ RE = re.compile(r"([!<>=]+)")
+
+ def __init__(self, *flags):
+ """
+ Initialize a set of flags given in string form.
+ flags = Flags('contentaccessible=yes', 'appversion>=3.5')
+ """
+diff --git a/python/mozbuild/mozpack/chrome/manifest.py b/python/mozbuild/mozpack/chrome/manifest.py
+--- a/python/mozbuild/mozpack/chrome/manifest.py
++++ b/python/mozbuild/mozpack/chrome/manifest.py
+@@ -38,16 +38,17 @@ class ManifestEntry(object):
+ "os",
+ "osversion",
+ "abi",
+ "xpcnativewrappers",
+ "tablet",
+ "process",
+ "contentaccessible",
+ "backgroundtask",
++ "desktop",
+ ]
+
+ def __init__(self, base, *flags):
+ """
+ Initialize a manifest entry with the given base path and flags.
+ """
+ self.base = base
+ self.flags = Flags(*flags)
+diff --git a/toolkit/components/downloads/moz.build b/toolkit/components/downloads/moz.build
+--- a/toolkit/components/downloads/moz.build
++++ b/toolkit/components/downloads/moz.build
+@@ -46,10 +46,14 @@ XPCOM_MANIFESTS += [
+
+ if CONFIG["MOZ_PLACES"]:
+ EXTRA_JS_MODULES += [
+ "DownloadHistory.sys.mjs",
+ ]
+
+ FINAL_LIBRARY = "xul"
+
++LOCAL_INCLUDES += [
++ '/toolkit/xre'
++]
++
+ with Files("**"):
+ BUG_COMPONENT = ("Toolkit", "Downloads API")
+diff --git a/toolkit/mozapps/downloads/HelperAppDlg.sys.mjs b/toolkit/mozapps/downloads/HelperAppDlg.sys.mjs
+--- a/toolkit/mozapps/downloads/HelperAppDlg.sys.mjs
++++ b/toolkit/mozapps/downloads/HelperAppDlg.sys.mjs
+@@ -1227,36 +1227,66 @@ nsUnknownContentTypeDialog.prototype = {
+ params.handlerApp &&
+ params.handlerApp.executable &&
+ params.handlerApp.executable.isFile()
+ ) {
+ // Remember the file they chose to run.
+ this.chosenApp = params.handlerApp;
+ }
+ } else if ("@mozilla.org/applicationchooser;1" in Cc) {
+- var nsIApplicationChooser = Ci.nsIApplicationChooser;
+- var appChooser = Cc["@mozilla.org/applicationchooser;1"].createInstance(
+- nsIApplicationChooser
+- );
+- appChooser.init(
+- this.mDialog,
+- this.dialogElement("strings").getString("chooseAppFilePickerTitle")
+- );
+- var contentTypeDialogObj = this;
+- let appChooserCallback = function appChooserCallback_done(aResult) {
+- if (aResult) {
+- contentTypeDialogObj.chosenApp = aResult.QueryInterface(
+- Ci.nsILocalHandlerApp
+- );
+- }
+- contentTypeDialogObj.finishChooseApp();
+- };
+- appChooser.open(this.mLauncher.MIMEInfo.MIMEType, appChooserCallback);
+- // The finishChooseApp is called from appChooserCallback
+- return;
++ // handle the KDE case which is implemented in the filepicker
++ // therefore falling back to Gtk2 like behaviour if KDE is running
++ // FIXME this should be better handled in the nsIApplicationChooser
++ // interface
++ var env = Components.classes["@mozilla.org/process/environment;1"]
++ .getService(Components.interfaces.nsIEnvironment);
++ if (env.get('KDE_FULL_SESSION') == "true")
++ {
++ var nsIFilePicker = Ci.nsIFilePicker;
++ var fp = Cc["@mozilla.org/filepicker;1"]
++ .createInstance(nsIFilePicker);
++ fp.init(this.mDialog,
++ this.dialogElement("strings").getString("chooseAppFilePickerTitle"),
++ nsIFilePicker.modeOpen);
++
++ fp.appendFilters(nsIFilePicker.filterApps);
++
++ fp.open(aResult => {
++ if (aResult == nsIFilePicker.returnOK && fp.file) {
++ // Remember the file they chose to run.
++ var localHandlerApp =
++ Cc["@mozilla.org/uriloader/local-handler-app;1"].
++ createInstance(Ci.nsILocalHandlerApp);
++ localHandlerApp.executable = fp.file;
++ this.chosenApp = localHandlerApp;
++ }
++ this.finishChooseApp();
++ });
++ } else {
++ var nsIApplicationChooser = Ci.nsIApplicationChooser;
++ var appChooser = Cc["@mozilla.org/applicationchooser;1"].createInstance(
++ nsIApplicationChooser
++ );
++ appChooser.init(
++ this.mDialog,
++ this.dialogElement("strings").getString("chooseAppFilePickerTitle")
++ );
++ var contentTypeDialogObj = this;
++ let appChooserCallback = function appChooserCallback_done(aResult) {
++ if (aResult) {
++ contentTypeDialogObj.chosenApp = aResult.QueryInterface(
++ Ci.nsILocalHandlerApp
++ );
++ }
++ contentTypeDialogObj.finishChooseApp();
++ };
++ appChooser.open(this.mLauncher.MIMEInfo.MIMEType, appChooserCallback);
++ // The finishChooseApp is called from appChooserCallback
++ return;
++ }
+ } else {
+ var nsIFilePicker = Ci.nsIFilePicker;
+ var fp = Cc["@mozilla.org/filepicker;1"].createInstance(nsIFilePicker);
+ fp.init(
+ this.mDialog.browsingContext,
+ this.dialogElement("strings").getString("chooseAppFilePickerTitle"),
+ nsIFilePicker.modeOpen
+ );
+diff --git a/toolkit/system/unixproxy/nsUnixSystemProxySettings.cpp b/toolkit/system/unixproxy/nsUnixSystemProxySettings.cpp
+--- a/toolkit/system/unixproxy/nsUnixSystemProxySettings.cpp
++++ b/toolkit/system/unixproxy/nsUnixSystemProxySettings.cpp
+@@ -11,16 +11,18 @@
+ #include "prenv.h"
+ #include "nsInterfaceHashtable.h"
+ #include "nsHashtablesFwd.h"
+ #include "nsHashKeys.h"
+ #include "nsNetUtil.h"
+ #include "nsISupportsPrimitives.h"
+ #include "nsIGSettingsService.h"
+ #include "nsReadableUtils.h"
++#include "nsPrintfCString.h"
++#include "nsKDEUtils.h"
+
+ using namespace mozilla;
+
+ class nsUnixSystemProxySettings final : public nsISystemProxySettings {
+ public:
+ NS_DECL_ISUPPORTS
+ NS_DECL_NSISYSTEMPROXYSETTINGS
+
+@@ -34,16 +36,18 @@ class nsUnixSystemProxySettings final :
+ nsCOMPtr<nsIGSettingsCollection> mProxySettings;
+ nsInterfaceHashtable<nsCStringHashKey, nsIGSettingsCollection>
+ mSchemeProxySettings;
+ nsresult GetProxyFromGSettings(const nsACString& aScheme,
+ const nsACString& aHost, int32_t aPort,
+ nsACString& aResult);
+ nsresult SetProxyResultFromGSettings(const char* aKeyBase, const char* aType,
+ nsACString& aResult);
++ nsresult GetProxyFromKDE(const nsACString& aScheme, const nsACString& aHost,
++ PRInt32 aPort, nsACString& aResult);
+ };
+
+ NS_IMPL_ISUPPORTS(nsUnixSystemProxySettings, nsISystemProxySettings)
+
+ NS_IMETHODIMP
+ nsUnixSystemProxySettings::GetMainThreadOnly(bool* aMainThreadOnly) {
+ // dbus prevents us from being threadsafe, but this routine should not block
+ // anyhow
+@@ -388,24 +392,49 @@ nsresult nsUnixSystemProxySettings::GetP
+ return NS_OK;
+ }
+
+ nsresult nsUnixSystemProxySettings::GetProxyForURI(const nsACString& aSpec,
+ const nsACString& aScheme,
+ const nsACString& aHost,
+ const int32_t aPort,
+ nsACString& aResult) {
++ if (nsKDEUtils::kdeSupport())
++ return GetProxyFromKDE(aScheme, aHost, aPort, aResult);
++
+ if (mProxySettings) {
+ nsresult rv = GetProxyFromGSettings(aScheme, aHost, aPort, aResult);
+ if (NS_SUCCEEDED(rv)) return rv;
+ }
+
+ return GetProxyFromEnvironment(aScheme, aHost, aPort, aResult);
+ }
+
++nsresult nsUnixSystemProxySettings::GetProxyFromKDE(const nsACString& aScheme,
++ const nsACString& aHost,
++ PRInt32 aPort,
++ nsACString& aResult) {
++ nsAutoCString url;
++ url = aScheme;
++ url += "://";
++ url += aHost;
++ if (aPort >= 0) {
++ url += ":";
++ url += nsPrintfCString("%d", aPort);
++ }
++ nsTArray<nsCString> command;
++ command.AppendElement("GETPROXY"_ns);
++ command.AppendElement(url);
++ nsTArray<nsCString> result;
++ if (!nsKDEUtils::command(command, &result) || result.Length() != 1)
++ return NS_ERROR_FAILURE;
++ aResult = result[0];
++ return NS_OK;
++}
++
+ NS_IMETHODIMP
+ nsUnixSystemProxySettings::GetSystemWPADSetting(bool* aSystemWPADSetting) {
+ *aSystemWPADSetting = false;
+ return NS_OK;
+ }
+
+ NS_IMPL_COMPONENT_FACTORY(nsUnixSystemProxySettings) {
+ auto result = MakeRefPtr<nsUnixSystemProxySettings>();
+diff --git a/toolkit/xre/moz.build b/toolkit/xre/moz.build
+--- a/toolkit/xre/moz.build
++++ b/toolkit/xre/moz.build
+@@ -91,17 +91,19 @@ elif CONFIG["MOZ_WIDGET_TOOLKIT"] == "co
+ "../components/printingui",
+ ]
+ elif CONFIG["MOZ_WIDGET_TOOLKIT"] == "uikit":
+ UNIFIED_SOURCES += [
+ "nsNativeAppSupportDefault.cpp",
+ "UIKitDirProvider.mm",
+ ]
+ elif CONFIG["MOZ_WIDGET_TOOLKIT"] == "gtk":
++ EXPORTS += ['nsKDEUtils.h']
+ UNIFIED_SOURCES += [
++ "nsKDEUtils.cpp",
+ "nsNativeAppSupportUnix.cpp",
+ ]
+ CXXFLAGS += CONFIG["MOZ_X11_SM_CFLAGS"]
+ else:
+ UNIFIED_SOURCES += [
+ "nsNativeAppSupportDefault.cpp",
+ ]
+
+diff --git a/toolkit/xre/nsKDEUtils.cpp b/toolkit/xre/nsKDEUtils.cpp
+new file mode 100644
+--- /dev/null
++++ b/toolkit/xre/nsKDEUtils.cpp
+@@ -0,0 +1,286 @@
++/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
++/* This Source Code Form is subject to the terms of the Mozilla Public
++ * License, v. 2.0. If a copy of the MPL was not distributed with this
++ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
++
++#include "nsKDEUtils.h"
++#include "nsIWidget.h"
++#include "nsISupportsPrimitives.h"
++#include "nsIMutableArray.h"
++#include "nsComponentManagerUtils.h"
++#include "nsArrayUtils.h"
++
++#include <gtk/gtk.h>
++
++#include <limits.h>
++#include <stdio.h>
++#include <sys/wait.h>
++#include <sys/resource.h>
++#include <unistd.h>
++#include <X11/Xlib.h>
++// copied from X11/X.h as a hack since for an unknown
++// reason it's not picked up from X11/X.h
++//#ifndef None
++//# define None 0L /* universal null resource or null atom */
++//#endif
++
++// #define DEBUG_KDE
++#ifdef DEBUG_KDE
++# define KMOZILLAHELPER "kmozillahelper"
++#else
++// not need for lib64, it's a binary
++# define KMOZILLAHELPER "/usr/lib/mozilla/kmozillahelper"
++#endif
++
++#define KMOZILLAHELPER_VERSION 6
++#define MAKE_STR2(n) #n
++#define MAKE_STR(n) MAKE_STR2(n)
++
++static bool getKdeSession() {
++ if (PR_GetEnv("KDE_FULL_SESSION")) {
++ return true;
++ }
++ return false;
++}
++
++static bool getKdeSupport() {
++ nsTArray<nsCString> command;
++ command.AppendElement("CHECK"_ns);
++ command.AppendElement("KMOZILLAHELPER_VERSION"_ns);
++ bool kde = nsKDEUtils::command(command);
++#ifdef DEBUG_KDE
++ fprintf(stderr, "KDE RUNNING %d\n", kde);
++#endif
++ return kde;
++}
++
++nsKDEUtils::nsKDEUtils() : commandFile(NULL), replyFile(NULL) {}
++
++nsKDEUtils::~nsKDEUtils() {
++ // closeHelper(); not actually useful, exiting will close the fd too
++}
++
++nsKDEUtils* nsKDEUtils::self() {
++ static nsKDEUtils s;
++ return &s;
++}
++
++static bool helperRunning = false;
++static bool helperFailed = false;
++
++bool nsKDEUtils::kdeSession() {
++ static bool session = getKdeSession();
++ return session;
++}
++
++bool nsKDEUtils::kdeSupport() {
++ static bool support = kdeSession() && getKdeSupport();
++ return support && helperRunning;
++}
++
++struct nsKDECommandData {
++ FILE* file;
++ nsTArray<nsCString>* output;
++ GMainLoop* loop;
++ bool success;
++};
++
++static gboolean kdeReadFunc(GIOChannel*, GIOCondition, gpointer data) {
++ nsKDECommandData* p = static_cast<nsKDECommandData*>(data);
++ char buf[8192]; // TODO big enough
++ bool command_done = false;
++ bool command_failed = false;
++ while (!command_done && !command_failed &&
++ fgets(buf, 8192, p->file) !=
++ NULL) { // TODO what if the kernel splits a line into two chunks?
++ // #ifdef DEBUG_KDE
++ // fprintf( stderr, "READ: %s %d\n", buf, feof( p->file ));
++ // #endif
++ if (char* eol = strchr(buf, '\n')) *eol = '\0';
++ command_done = (strcmp(buf, "\\1") == 0);
++ command_failed = (strcmp(buf, "\\0") == 0);
++ nsAutoCString line(buf);
++ line.ReplaceSubstring("\\n", "\n");
++ line.ReplaceSubstring(
++ "\\"
++ "\\",
++ "\\"); // \\ -> \ , i.e. unescape
++ if (p->output && !(command_done || command_failed))
++ p->output->AppendElement(nsCString(buf)); // TODO utf8?
++ }
++ bool quit = false;
++ if (feof(p->file) || command_failed) {
++ quit = true;
++ p->success = false;
++ }
++ if (command_done) { // reading one reply finished
++ quit = true;
++ p->success = true;
++ }
++ if (quit) {
++ if (p->loop) g_main_loop_quit(p->loop);
++ return FALSE;
++ }
++ return TRUE;
++}
++
++bool nsKDEUtils::command(const nsTArray<nsCString>& command,
++ nsTArray<nsCString>* output) {
++ return self()->internalCommand(command, NULL, false, output);
++}
++
++bool nsKDEUtils::command(nsIArray* command, nsIArray** output) {
++ nsTArray<nsCString> in;
++ PRUint32 length;
++ command->GetLength(&length);
++ for (PRUint32 i = 0; i < length; i++) {
++ nsCOMPtr<nsISupportsCString> str = do_QueryElementAt(command, i);
++ if (str) {
++ nsAutoCString s;
++ str->GetData(s);
++ in.AppendElement(s);
++ }
++ }
++
++ nsTArray<nsCString> out;
++ bool ret = self()->internalCommand(in, NULL, false, &out);
++
++ if (!output) return ret;
++
++ nsCOMPtr<nsIMutableArray> result = do_CreateInstance(NS_ARRAY_CONTRACTID);
++ if (!result) return false;
++
++ for (PRUint32 i = 0; i < out.Length(); i++) {
++ nsCOMPtr<nsISupportsCString> rstr =
++ do_CreateInstance(NS_SUPPORTS_CSTRING_CONTRACTID);
++ if (!rstr) return false;
++
++ rstr->SetData(out[i]);
++ result->AppendElement(rstr);
++ }
++
++ NS_ADDREF(*output = result);
++ return ret;
++}
++
++bool nsKDEUtils::commandBlockUi(const nsTArray<nsCString>& command,
++ GtkWindow* parent,
++ nsTArray<nsCString>* output) {
++ return self()->internalCommand(command, parent, true, output);
++}
++
++bool nsKDEUtils::internalCommand(const nsTArray<nsCString>& command,
++ GtkWindow* parent, bool blockUi,
++ nsTArray<nsCString>* output) {
++ if (!startHelper()) return false;
++ feedCommand(command);
++ // do not store the data in 'this' but in extra structure, just in case there
++ // is reentrancy (can there be? the event loop is re-entered)
++ nsKDECommandData data;
++ data.file = replyFile;
++ data.output = output;
++ data.success = false;
++ if (blockUi) {
++ data.loop = g_main_loop_new(NULL, FALSE);
++ GtkWidget* window = gtk_window_new(GTK_WINDOW_TOPLEVEL);
++ if (parent && gtk_window_get_group(parent))
++ gtk_window_group_add_window(gtk_window_get_group(parent),
++ GTK_WINDOW(window));
++ gtk_widget_realize(window);
++ gtk_widget_set_sensitive(window, TRUE);
++ gtk_grab_add(window);
++ GIOChannel* channel = g_io_channel_unix_new(fileno(data.file));
++ g_io_add_watch(channel,
++ static_cast<GIOCondition>(G_IO_IN | G_IO_ERR | G_IO_HUP),
++ kdeReadFunc, &data);
++ g_io_channel_unref(channel);
++ g_main_loop_run(data.loop);
++ g_main_loop_unref(data.loop);
++ gtk_grab_remove(window);
++ gtk_widget_destroy(window);
++ } else {
++ data.loop = NULL;
++ while (kdeReadFunc(NULL, static_cast<GIOCondition>(0), &data))
++ ;
++ }
++ return data.success;
++}
++
++bool nsKDEUtils::startHelper() {
++ if (helperRunning) return true;
++ if (helperFailed) return false;
++ helperFailed = true;
++ int fdcommand[2];
++ int fdreply[2];
++ if (pipe(fdcommand) < 0) return false;
++ if (pipe(fdreply) < 0) {
++ close(fdcommand[0]);
++ close(fdcommand[1]);
++ return false;
++ }
++ char* args[2] = {const_cast<char*>(KMOZILLAHELPER), NULL};
++ switch (fork()) {
++ case -1: {
++ close(fdcommand[0]);
++ close(fdcommand[1]);
++ close(fdreply[0]);
++ close(fdreply[1]);
++ return false;
++ }
++ case 0: // child
++ {
++ if (dup2(fdcommand[0], STDIN_FILENO) < 0) _exit(1);
++ if (dup2(fdreply[1], STDOUT_FILENO) < 0) _exit(1);
++ int maxfd = 1024; // close all other fds
++ struct rlimit rl;
++ if (getrlimit(RLIMIT_NOFILE, &rl) == 0) maxfd = rl.rlim_max;
++ for (int i = 3; i < maxfd; ++i) close(i);
++#ifdef DEBUG_KDE
++ execvp(KMOZILLAHELPER, args);
++#else
++ execv(KMOZILLAHELPER, args);
++#endif
++ _exit(1); // failed
++ }
++ default: // parent
++ {
++ commandFile = fdopen(fdcommand[1], "w");
++ replyFile = fdopen(fdreply[0], "r");
++ close(fdcommand[0]);
++ close(fdreply[1]);
++ if (commandFile == NULL || replyFile == NULL) {
++ closeHelper();
++ return false;
++ }
++ // ok, helper ready, getKdeRunning() will check if it works
++ }
++ }
++ helperFailed = false;
++ helperRunning = true;
++ return true;
++}
++
++void nsKDEUtils::closeHelper() {
++ if (commandFile != NULL)
++ fclose(commandFile); // this will also make the helper quit
++ if (replyFile != NULL) fclose(replyFile);
++ helperRunning = false;
++}
++
++void nsKDEUtils::feedCommand(const nsTArray<nsCString>& command) {
++ for (int i = 0; i < command.Length(); ++i) {
++ nsCString line = command[i];
++ line.ReplaceSubstring("\\",
++ "\\"
++ "\\"); // \ -> \\ , i.e. escape
++ line.ReplaceSubstring("\n", "\\n");
++#ifdef DEBUG_KDE
++ fprintf(stderr, "COMM: %s\n", line.get());
++#endif
++ fputs(line.get(), commandFile);
++ fputs("\n", commandFile);
++ }
++ fputs("\\E\n",
++ commandFile); // done as \E, so it cannot happen in normal data
++ fflush(commandFile);
++}
+diff --git a/toolkit/xre/nsKDEUtils.h b/toolkit/xre/nsKDEUtils.h
+new file mode 100644
+--- /dev/null
++++ b/toolkit/xre/nsKDEUtils.h
+@@ -0,0 +1,53 @@
++/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
++/* This Source Code Form is subject to the terms of the Mozilla Public
++ * License, v. 2.0. If a copy of the MPL was not distributed with this
++ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
++
++#ifndef nsKDEUtils_h__
++#define nsKDEUtils_h__
++
++#include "nsString.h"
++#include "nsTArray.h"
++#include <stdio.h>
++
++typedef struct _GtkWindow GtkWindow;
++
++class nsIArray;
++
++class NS_EXPORT nsKDEUtils {
++ public:
++ /* Returns true if running inside a KDE session (regardless of whether there
++ is KDE support available for Firefox). This should be used e.g. when
++ determining dialog button order but not for code that requires the KDE
++ support. */
++ static bool kdeSession();
++ /* Returns true if running inside a KDE session and KDE support is available
++ for Firefox. This should be used everywhere where the external helper is
++ needed. */
++ static bool kdeSupport();
++ /* Executes the given helper command, returns true if helper returned success.
++ */
++ static bool command(const nsTArray<nsCString>& command,
++ nsTArray<nsCString>* output = NULL);
++ static bool command(nsIArray* command, nsIArray** output = NULL);
++ /* Like command(), but additionally blocks the parent widget like if there was
++ a modal dialog shown and enters the event loop (i.e. there are still paint
++ updates, this is for commands that take long). */
++ static bool commandBlockUi(const nsTArray<nsCString>& command,
++ GtkWindow* parent,
++ nsTArray<nsCString>* output = NULL);
++
++ private:
++ nsKDEUtils();
++ ~nsKDEUtils();
++ static nsKDEUtils* self();
++ bool startHelper();
++ void closeHelper();
++ void feedCommand(const nsTArray<nsCString>& command);
++ bool internalCommand(const nsTArray<nsCString>& command, GtkWindow* parent,
++ bool isParent, nsTArray<nsCString>* output);
++ FILE* commandFile;
++ FILE* replyFile;
++};
++
++#endif // nsKDEUtils
+diff --git a/uriloader/exthandler/HandlerServiceParent.cpp b/uriloader/exthandler/HandlerServiceParent.cpp
+--- a/uriloader/exthandler/HandlerServiceParent.cpp
++++ b/uriloader/exthandler/HandlerServiceParent.cpp
+@@ -13,17 +13,17 @@
+ #include "ContentHandlerService.h"
+ #include "nsIExternalProtocolService.h"
+ #include "nsStringEnumerator.h"
+ #include "nsIMutableArray.h"
+ #include "nsCExternalHandlerService.h"
+ #include "nsComponentManagerUtils.h"
+ #include "nsServiceManagerUtils.h"
+ #ifdef MOZ_WIDGET_GTK
+-# include "unix/nsGNOMERegistry.h"
++# include "unix/nsCommonRegistry.h"
+ #endif
+
+ using mozilla::dom::ContentHandlerService;
+ using mozilla::dom::HandlerApp;
+ using mozilla::dom::HandlerInfo;
+ using mozilla::dom::RemoteHandlerApp;
+
+ namespace {
+@@ -309,18 +309,18 @@ mozilla::ipc::IPCResult HandlerServicePa
+ mozilla::ipc::IPCResult HandlerServiceParent::RecvExistsForProtocolOS(
+ const nsACString& aProtocolScheme, bool* aHandlerExists) {
+ if (aProtocolScheme.Length() > MAX_SCHEME_LENGTH) {
+ *aHandlerExists = false;
+ return IPC_OK();
+ }
+ #ifdef MOZ_WIDGET_GTK
+ // Check the GNOME registry for a protocol handler
+- *aHandlerExists =
+- nsGNOMERegistry::HandlerExists(PromiseFlatCString(aProtocolScheme).get());
++ *aHandlerExists = nsCommonRegistry::HandlerExists(
++ PromiseFlatCString(aProtocolScheme).get());
+ #else
+ *aHandlerExists = false;
+ #endif
+ return IPC_OK();
+ }
+
+ /*
+ * Check if a handler exists for the provided protocol. Check the datastore
+diff --git a/uriloader/exthandler/moz.build b/uriloader/exthandler/moz.build
+--- a/uriloader/exthandler/moz.build
++++ b/uriloader/exthandler/moz.build
+@@ -81,17 +81,19 @@ elif CONFIG["MOZ_WIDGET_TOOLKIT"] == "ui
+ else:
+ # These files can't be built in unified mode because they redefine LOG.
+ SOURCES += [
+ osdir + "/nsOSHelperAppService.cpp",
+ ]
+
+ if CONFIG["MOZ_WIDGET_TOOLKIT"] == "gtk":
+ UNIFIED_SOURCES += [
++ "unix/nsCommonRegistry.cpp",
+ "unix/nsGNOMERegistry.cpp",
++ "unix/nsKDERegistry.cpp",
+ "unix/nsMIMEInfoUnix.cpp",
+ ]
+ elif CONFIG["MOZ_WIDGET_TOOLKIT"] == "android":
+ UNIFIED_SOURCES += [
+ "android/nsMIMEInfoAndroid.cpp",
+ ]
+ elif CONFIG["MOZ_WIDGET_TOOLKIT"] == "windows":
+ UNIFIED_SOURCES += [
+@@ -130,15 +132,16 @@ include("/ipc/chromium/chromium-config.m
+ FINAL_LIBRARY = "xul"
+
+ LOCAL_INCLUDES += [
+ "/docshell/base",
+ "/dom/base",
+ "/dom/ipc",
+ "/netwerk/base",
+ "/netwerk/protocol/http",
++ "/toolkit/xre",
+ ]
+
+ if CONFIG["MOZ_ENABLE_DBUS"]:
+ CXXFLAGS += CONFIG["MOZ_DBUS_CFLAGS"]
+
+ if CONFIG["MOZ_WIDGET_TOOLKIT"] == "gtk":
+ CXXFLAGS += CONFIG["MOZ_GTK3_CFLAGS"]
+diff --git a/uriloader/exthandler/unix/nsCommonRegistry.cpp b/uriloader/exthandler/unix/nsCommonRegistry.cpp
+new file mode 100644
+--- /dev/null
++++ b/uriloader/exthandler/unix/nsCommonRegistry.cpp
+@@ -0,0 +1,42 @@
++/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
++/* This Source Code Form is subject to the terms of the Mozilla Public
++ * License, v. 2.0. If a copy of the MPL was not distributed with this
++ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
++
++#include "nsCommonRegistry.h"
++
++#include "nsGNOMERegistry.h"
++#include "nsKDERegistry.h"
++#include "nsString.h"
++#include "nsKDEUtils.h"
++
++/* static */ bool nsCommonRegistry::HandlerExists(const char* aProtocolScheme) {
++ if (nsKDEUtils::kdeSupport())
++ return nsKDERegistry::HandlerExists(aProtocolScheme);
++ return nsGNOMERegistry::HandlerExists(aProtocolScheme);
++}
++
++/* static */ nsresult nsCommonRegistry::LoadURL(nsIURI* aURL) {
++ if (nsKDEUtils::kdeSupport()) return nsKDERegistry::LoadURL(aURL);
++ return nsGNOMERegistry::LoadURL(aURL);
++}
++
++/* static */ void nsCommonRegistry::GetAppDescForScheme(
++ const nsACString& aScheme, nsAString& aDesc) {
++ if (nsKDEUtils::kdeSupport())
++ return nsKDERegistry::GetAppDescForScheme(aScheme, aDesc);
++ return nsGNOMERegistry::GetAppDescForScheme(aScheme, aDesc);
++}
++
++/* static */ already_AddRefed<nsMIMEInfoBase>
++nsCommonRegistry::GetFromExtension(const nsACString& aFileExt) {
++ if (nsKDEUtils::kdeSupport())
++ return nsKDERegistry::GetFromExtension(aFileExt);
++ return nsGNOMERegistry::GetFromExtension(aFileExt);
++}
++
++/* static */ already_AddRefed<nsMIMEInfoBase> nsCommonRegistry::GetFromType(
++ const nsACString& aMIMEType) {
++ if (nsKDEUtils::kdeSupport()) return nsKDERegistry::GetFromType(aMIMEType);
++ return nsGNOMERegistry::GetFromType(aMIMEType);
++}
+diff --git a/uriloader/exthandler/unix/nsCommonRegistry.h b/uriloader/exthandler/unix/nsCommonRegistry.h
+new file mode 100644
+--- /dev/null
++++ b/uriloader/exthandler/unix/nsCommonRegistry.h
+@@ -0,0 +1,28 @@
++/* This Source Code Form is subject to the terms of the Mozilla Public
++ * License, v. 2.0. If a copy of the MPL was not distributed with this
++ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
++
++#ifndef nsCommonRegistry_h__
++#define nsCommonRegistry_h__
++
++#include "nsIURI.h"
++#include "nsCOMPtr.h"
++
++class nsMIMEInfoBase;
++
++class nsCommonRegistry {
++ public:
++ static bool HandlerExists(const char* aProtocolScheme);
++
++ static nsresult LoadURL(nsIURI* aURL);
++
++ static void GetAppDescForScheme(const nsACString& aScheme, nsAString& aDesc);
++
++ static already_AddRefed<nsMIMEInfoBase> GetFromExtension(
++ const nsACString& aFileExt);
++
++ static already_AddRefed<nsMIMEInfoBase> GetFromType(
++ const nsACString& aMIMEType);
++};
++
++#endif
+diff --git a/uriloader/exthandler/unix/nsKDERegistry.cpp b/uriloader/exthandler/unix/nsKDERegistry.cpp
+new file mode 100644
+--- /dev/null
++++ b/uriloader/exthandler/unix/nsKDERegistry.cpp
+@@ -0,0 +1,75 @@
++/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
++/* This Source Code Form is subject to the terms of the Mozilla Public
++ * License, v. 2.0. If a copy of the MPL was not distributed with this
++ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
++
++#include "mozilla/StaticPrefs_browser.h"
++#include "nsKDERegistry.h"
++#include "prlink.h"
++#include "prmem.h"
++#include "nsString.h"
++#include "nsMIMEInfoUnix.h"
++#include "nsKDEUtils.h"
++
++/* static */ bool nsKDERegistry::HandlerExists(const char* aProtocolScheme) {
++ nsTArray<nsCString> command;
++ command.AppendElement("HANDLEREXISTS"_ns);
++ command.AppendElement(nsAutoCString(aProtocolScheme));
++ return nsKDEUtils::command(command);
++}
++
++/* static */ nsresult nsKDERegistry::LoadURL(nsIURI* aURL) {
++ nsTArray<nsCString> command;
++ command.AppendElement("OPEN"_ns);
++ nsCString url;
++ aURL->GetSpec(url);
++ command.AppendElement(url);
++ bool rv = nsKDEUtils::command(command);
++ if (!rv) return NS_ERROR_FAILURE;
++
++ return NS_OK;
++}
++
++/* static */ void nsKDERegistry::GetAppDescForScheme(const nsACString& aScheme,
++ nsAString& aDesc) {
++ nsTArray<nsCString> command;
++ command.AppendElement("GETAPPDESCFORSCHEME"_ns);
++ command.AppendElement(aScheme);
++ nsTArray<nsCString> output;
++ if (nsKDEUtils::command(command, &output) && output.Length() == 1)
++ CopyUTF8toUTF16(output[0], aDesc);
++}
++
++/* static */ already_AddRefed<nsMIMEInfoBase> nsKDERegistry::GetFromExtension(
++ const nsACString& aFileExt) {
++ NS_ASSERTION(aFileExt[0] != '.', "aFileExt shouldn't start with a dot");
++ nsTArray<nsCString> command;
++ command.AppendElement("GETFROMEXTENSION"_ns);
++ command.AppendElement(aFileExt);
++ return GetFromHelper(command);
++}
++
++/* static */ already_AddRefed<nsMIMEInfoBase> nsKDERegistry::GetFromType(
++ const nsACString& aMIMEType) {
++ nsTArray<nsCString> command;
++ command.AppendElement("GETFROMTYPE"_ns);
++ command.AppendElement(aMIMEType);
++ return GetFromHelper(command);
++}
++
++/* static */ already_AddRefed<nsMIMEInfoBase> nsKDERegistry::GetFromHelper(
++ const nsTArray<nsCString>& command) {
++ nsTArray<nsCString> output;
++ if (nsKDEUtils::command(command, &output) && output.Length() == 3) {
++ nsCString mimetype = output[0];
++ RefPtr<nsMIMEInfoUnix> mimeInfo = new nsMIMEInfoUnix(mimetype);
++ NS_ENSURE_TRUE(mimeInfo, nullptr);
++ nsCString description = output[1];
++ mimeInfo->SetDescription(NS_ConvertUTF8toUTF16(description));
++ nsCString handlerAppName = output[2];
++ mimeInfo->SetPreferredAction(nsIMIMEInfo::saveToDisk);
++ mimeInfo->SetDefaultDescription(NS_ConvertUTF8toUTF16(handlerAppName));
++ return mimeInfo.forget();
++ }
++ return nullptr;
++}
+diff --git a/uriloader/exthandler/unix/nsKDERegistry.h b/uriloader/exthandler/unix/nsKDERegistry.h
+new file mode 100644
+--- /dev/null
++++ b/uriloader/exthandler/unix/nsKDERegistry.h
+@@ -0,0 +1,35 @@
++/* This Source Code Form is subject to the terms of the Mozilla Public
++ * License, v. 2.0. If a copy of the MPL was not distributed with this
++ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
++
++#ifndef nsKDERegistry_h__
++#define nsKDERegistry_h__
++
++#include "nsIURI.h"
++#include "nsCOMPtr.h"
++#include "nsTArray.h"
++
++class nsMIMEInfoBase;
++// class nsAutoCString;
++// class nsCString;
++
++class nsKDERegistry {
++ public:
++ static bool HandlerExists(const char* aProtocolScheme);
++
++ static nsresult LoadURL(nsIURI* aURL);
++
++ static void GetAppDescForScheme(const nsACString& aScheme, nsAString& aDesc);
++
++ static already_AddRefed<nsMIMEInfoBase> GetFromExtension(
++ const nsACString& aFileExt);
++
++ static already_AddRefed<nsMIMEInfoBase> GetFromType(
++ const nsACString& aMIMEType);
++
++ private:
++ static already_AddRefed<nsMIMEInfoBase> GetFromHelper(
++ const nsTArray<nsCString>& command);
++};
++
++#endif // nsKDERegistry_h__
+diff --git a/uriloader/exthandler/unix/nsMIMEInfoUnix.cpp b/uriloader/exthandler/unix/nsMIMEInfoUnix.cpp
+--- a/uriloader/exthandler/unix/nsMIMEInfoUnix.cpp
++++ b/uriloader/exthandler/unix/nsMIMEInfoUnix.cpp
+@@ -1,27 +1,30 @@
+ /* -*- Mode: C++; tab-width: 3; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+ #include "nsMIMEInfoUnix.h"
+-#include "nsGNOMERegistry.h"
++#include "nsCommonRegistry.h"
+ #include "nsIGIOService.h"
+ #include "nsNetCID.h"
+ #include "nsIIOService.h"
+ #include "nsLocalFile.h"
+
+ #ifdef MOZ_ENABLE_DBUS
+ # include "nsDBusHandlerApp.h"
+ #endif
++#if defined(XP_UNIX) && !defined(XP_MACOSX)
++# include "nsKDEUtils.h"
++#endif
+
+ nsresult nsMIMEInfoUnix::LoadUriInternal(nsIURI* aURI) {
+- return nsGNOMERegistry::LoadURL(aURI);
++ return nsCommonRegistry::LoadURL(aURI);
+ }
+
+ NS_IMETHODIMP nsMIMEInfoUnix::GetDefaultExecutable(nsIFile** aExecutable) {
+ // This needs to be implemented before FirefoxBridge will work on Linux.
+ // To implement this and be consistent, GetHasDefaultHandler and
+ // LaunchDefaultWithFile should probably be made to be consistent.
+ // Right now, they aren't. GetHasDefaultHandler reports true in cases
+ // where calling LaunchDefaultWithFile will fail due to not finding the
+@@ -37,25 +40,25 @@ nsMIMEInfoUnix::GetHasDefaultHandler(boo
+ // give the GNOME answer.
+ if (GetDefaultApplication()) {
+ return nsMIMEInfoImpl::GetHasDefaultHandler(_retval);
+ }
+
+ *_retval = false;
+
+ if (mClass == eProtocolInfo) {
+- *_retval = nsGNOMERegistry::HandlerExists(mSchemeOrType.get());
++ *_retval = nsCommonRegistry::HandlerExists(mSchemeOrType.get());
+ } else {
+ RefPtr<nsMIMEInfoBase> mimeInfo =
+- nsGNOMERegistry::GetFromType(mSchemeOrType);
++ nsCommonRegistry::GetFromType(mSchemeOrType);
+ if (!mimeInfo) {
+ nsAutoCString ext;
+ nsresult rv = GetPrimaryExtension(ext);
+ if (NS_SUCCEEDED(rv)) {
+- mimeInfo = nsGNOMERegistry::GetFromExtension(ext);
++ mimeInfo = nsCommonRegistry::GetFromExtension(ext);
+ }
+ }
+ if (mimeInfo) *_retval = true;
+ }
+
+ if (*_retval) return NS_OK;
+
+ return NS_OK;
+@@ -67,16 +70,31 @@ nsresult nsMIMEInfoUnix::LaunchDefaultWi
+ // give the GNOME answer.
+ if (GetDefaultApplication()) {
+ return nsMIMEInfoImpl::LaunchDefaultWithFile(aFile);
+ }
+
+ nsAutoCString nativePath;
+ aFile->GetNativePath(nativePath);
+
++ if (nsKDEUtils::kdeSupport()) {
++ bool supports;
++ if (NS_SUCCEEDED(GetHasDefaultHandler(&supports)) && supports) {
++ nsTArray<nsCString> command;
++ command.AppendElement("OPEN"_ns);
++ command.AppendElement(nativePath);
++ command.AppendElement("MIMETYPE"_ns);
++ command.AppendElement(mSchemeOrType);
++ if (nsKDEUtils::command(command)) return NS_OK;
++ }
++ if (!GetDefaultApplication()) return NS_ERROR_FILE_NOT_FOUND;
++
++ return LaunchWithIProcess(GetDefaultApplication(), nativePath);
++ }
++
+ nsCOMPtr<nsIGIOService> giovfs = do_GetService(NS_GIOSERVICE_CONTRACTID);
+ if (!giovfs) {
+ return NS_ERROR_FAILURE;
+ }
+
+ // nsGIOMimeApp->Launch wants a URI string instead of local file
+ nsresult rv;
+ nsCOMPtr<nsIIOService> ioservice =
+diff --git a/uriloader/exthandler/unix/nsOSHelperAppService.cpp b/uriloader/exthandler/unix/nsOSHelperAppService.cpp
+--- a/uriloader/exthandler/unix/nsOSHelperAppService.cpp
++++ b/uriloader/exthandler/unix/nsOSHelperAppService.cpp
+@@ -5,17 +5,17 @@
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+ #include <sys/types.h>
+ #include <sys/stat.h>
+
+ #include "nsOSHelperAppService.h"
+ #include "nsMIMEInfoUnix.h"
+ #ifdef MOZ_WIDGET_GTK
+-# include "nsGNOMERegistry.h"
++# include "nsCommonRegistry.h"
+ # ifdef MOZ_BUILD_APP_IS_BROWSER
+ # include "nsIToolkitShellService.h"
+ # include "nsIGNOMEShellService.h"
+ # endif
+ #endif
+ #include "nsISupports.h"
+ #include "nsString.h"
+ #include "nsReadableUtils.h"
+@@ -1101,17 +1101,17 @@ nsresult nsOSHelperAppService::GetHandle
+
+ nsresult nsOSHelperAppService::OSProtocolHandlerExists(
+ const char* aProtocolScheme, bool* aHandlerExists) {
+ nsresult rv = NS_OK;
+
+ if (!XRE_IsContentProcess()) {
+ #ifdef MOZ_WIDGET_GTK
+ // Check the GNOME registry for a protocol handler
+- *aHandlerExists = nsGNOMERegistry::HandlerExists(aProtocolScheme);
++ *aHandlerExists = nsCommonRegistry::HandlerExists(aProtocolScheme);
+ #else
+ *aHandlerExists = false;
+ #endif
+ } else {
+ *aHandlerExists = false;
+ nsCOMPtr<nsIHandlerService> handlerSvc =
+ do_GetService(NS_HANDLERSERVICE_CONTRACTID, &rv);
+ if (NS_SUCCEEDED(rv) && handlerSvc) {
+@@ -1121,17 +1121,17 @@ nsresult nsOSHelperAppService::OSProtoco
+ }
+
+ return rv;
+ }
+
+ NS_IMETHODIMP nsOSHelperAppService::GetApplicationDescription(
+ const nsACString& aScheme, nsAString& _retval) {
+ #ifdef MOZ_WIDGET_GTK
+- nsGNOMERegistry::GetAppDescForScheme(aScheme, _retval);
++ nsCommonRegistry::GetAppDescForScheme(aScheme, _retval);
+ return _retval.IsEmpty() ? NS_ERROR_NOT_AVAILABLE : NS_OK;
+ #else
+ return NS_ERROR_NOT_AVAILABLE;
+ #endif
+ }
+
+ NS_IMETHODIMP nsOSHelperAppService::IsCurrentAppOSDefaultForProtocol(
+ const nsACString& aScheme, bool* _retval) {
+@@ -1226,17 +1226,17 @@ already_AddRefed<nsMIMEInfoBase> nsOSHel
+ nsresult rv =
+ LookUpTypeAndDescription(NS_ConvertUTF8toUTF16(aFileExt), majorType,
+ minorType, mime_types_description, true);
+
+ if (NS_FAILED(rv) || majorType.IsEmpty()) {
+ #ifdef MOZ_WIDGET_GTK
+ LOG("Looking in GNOME registry\n");
+ RefPtr<nsMIMEInfoBase> gnomeInfo =
+- nsGNOMERegistry::GetFromExtension(aFileExt);
++ nsCommonRegistry::GetFromExtension(aFileExt);
+ if (gnomeInfo) {
+ LOG("Got MIMEInfo from GNOME registry\n");
+ return gnomeInfo.forget();
+ }
+ #endif
+
+ rv = LookUpTypeAndDescription(NS_ConvertUTF8toUTF16(aFileExt), majorType,
+ minorType, mime_types_description, false);
+@@ -1339,17 +1339,17 @@ already_AddRefed<nsMIMEInfoBase> nsOSHel
+
+ // Now look up our extensions
+ nsAutoString extensions, mime_types_description;
+ LookUpExtensionsAndDescription(majorType, minorType, extensions,
+ mime_types_description);
+
+ #ifdef MOZ_WIDGET_GTK
+ if (handler.IsEmpty()) {
+- RefPtr<nsMIMEInfoBase> gnomeInfo = nsGNOMERegistry::GetFromType(aMIMEType);
++ RefPtr<nsMIMEInfoBase> gnomeInfo = nsCommonRegistry::GetFromType(aMIMEType);
+ if (gnomeInfo) {
+ LOG("Got MIMEInfo from GNOME registry without extensions; setting them "
+ "to %s\n",
+ NS_LossyConvertUTF16toASCII(extensions).get());
+
+ NS_ASSERTION(!gnomeInfo->HasExtensions(), "How'd that happen?");
+ gnomeInfo->SetFileExtensions(NS_ConvertUTF16toUTF8(extensions));
+ return gnomeInfo.forget();
+diff --git a/widget/gtk/moz.build b/widget/gtk/moz.build
+--- a/widget/gtk/moz.build
++++ b/widget/gtk/moz.build
+@@ -146,16 +146,17 @@ FINAL_LIBRARY = "xul"
+
+ LOCAL_INCLUDES += [
+ "/layout/base",
+ "/layout/forms",
+ "/layout/generic",
+ "/layout/xul",
+ "/other-licenses/atk-1.0",
+ "/third_party/cups/include",
++ "/toolkit/xre",
+ "/widget",
+ "/widget/headless",
+ "/widget/x11",
+ ]
+
+ DEFINES["CAIRO_GFX"] = True
+
+ DEFINES["MOZ_APP_NAME"] = '"%s"' % CONFIG["MOZ_APP_NAME"]
+diff --git a/widget/gtk/nsFilePicker.cpp b/widget/gtk/nsFilePicker.cpp
+--- a/widget/gtk/nsFilePicker.cpp
++++ b/widget/gtk/nsFilePicker.cpp
+@@ -1,15 +1,16 @@
+ /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+ /* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+ #include <dlfcn.h>
+ #include <gtk/gtk.h>
++#include <gdk/gdkx.h>
+ #include <sys/types.h>
+ #include <sys/stat.h>
+ #include <unistd.h>
+
+ #include "mozilla/Types.h"
+ #include "AsyncDBus.h"
+ #include "nsGtkUtils.h"
+ #include "nsIFileURL.h"
+@@ -25,16 +26,18 @@
+ #include "nsArrayEnumerator.h"
+ #include "nsEnumeratorUtils.h"
+ #include "nsNetUtil.h"
+ #include "nsReadableUtils.h"
+ #include "MozContainer.h"
+ #include "WidgetUtilsGtk.h"
+
+ #include "nsFilePicker.h"
++#include "nsKDEUtils.h"
++#include "nsURLHelper.h"
+
+ #undef LOG
+ #ifdef MOZ_LOGGING
+ # include "mozilla/Logging.h"
+ # include "nsTArray.h"
+ # include "Units.h"
+ extern mozilla::LazyLogModule gWidgetLog;
+ # define LOG(args) MOZ_LOG(gWidgetLog, mozilla::LogLevel::Debug, args)
+@@ -302,17 +305,18 @@ nsFilePicker::AppendFilters(int32_t aFil
+ mAllowURLs = !!(aFilterMask & filterAllowURLs);
+ return nsBaseFilePicker::AppendFilters(aFilterMask);
+ }
+
+ NS_IMETHODIMP
+ nsFilePicker::AppendFilter(const nsAString& aTitle, const nsAString& aFilter) {
+ if (aFilter.EqualsLiteral("..apps")) {
+ // No platform specific thing we can do here, really....
+- return NS_OK;
++ // Unless it's KDE.
++ if (mMode != modeOpen || !nsKDEUtils::kdeSupport()) return NS_OK;
+ }
+
+ nsAutoCString filter, name;
+ CopyUTF16toUTF8(aFilter, filter);
+ CopyUTF16toUTF8(aTitle, name);
+
+ mFilters.AppendElement(filter);
+ mFilterNames.AppendElement(name);
+@@ -416,16 +420,39 @@ NS_IMETHODIMP
+ nsFilePicker::Open(nsIFilePickerShownCallback* aCallback) {
+ // Can't show two dialogs concurrently with the same filepicker
+ if (mFileChooser) return NS_ERROR_NOT_AVAILABLE;
+
+ if (MaybeBlockFilePicker(aCallback)) {
+ return NS_OK;
+ }
+
++ // KDE file picker is not handled via callback
++ if (nsKDEUtils::kdeSupport()) {
++ mCallback = aCallback;
++ NS_ADDREF_THIS();
++ g_idle_add(
++ [](gpointer data) -> gboolean {
++ nsFilePicker* queuedPicker = (nsFilePicker*)data;
++ nsIFilePicker::ResultCode result;
++ queuedPicker->kdeFileDialog(&result);
++ if (queuedPicker->mCallback) {
++ queuedPicker->mCallback->Done(result);
++ queuedPicker->mCallback = nullptr;
++ } else {
++ queuedPicker->mResult = result;
++ }
++ NS_RELEASE(queuedPicker);
++ return G_SOURCE_REMOVE;
++ },
++ this);
++
++ return NS_OK;
++ }
++
+ NS_ConvertUTF16toUTF8 title(mTitle);
+
+ GtkWindow* parent_widget =
+ GTK_WINDOW(mParentWidget->GetNativeData(NS_NATIVE_SHELLWIDGET));
+
+ GtkFileChooserAction action = GetGtkFileChooserAction(mMode);
+
+ const gchar* accept_button;
+@@ -707,16 +734,215 @@ void nsFilePicker::Done(void* file_choos
+ mCallback->Done(result);
+ mCallback = nullptr;
+ } else {
+ mResult = result;
+ }
+ NS_RELEASE_THIS();
+ }
+
++nsCString nsFilePicker::kdeMakeFilter(int index) {
++ nsCString buf = mFilters[index];
++ for (PRUint32 i = 0; i < buf.Length(); ++i)
++ if (buf[i] == ';') // KDE separates just using spaces
++ buf.SetCharAt(' ', i);
++ if (!mFilterNames[index].IsEmpty()) {
++ buf += "|";
++ buf += mFilterNames[index].get();
++ }
++ return buf;
++}
++
++static PRInt32 windowToXid(nsIWidget* widget) {
++ GtkWindow* parent_widget =
++ GTK_WINDOW(widget->GetNativeData(NS_NATIVE_SHELLWIDGET));
++ GdkWindow* gdk_window =
++ gtk_widget_get_window(gtk_widget_get_toplevel(GTK_WIDGET(parent_widget)));
++ return GDK_WINDOW_XID(gdk_window);
++}
++
++NS_IMETHODIMP nsFilePicker::kdeFileDialog(nsIFilePicker::ResultCode* aReturn) {
++ NS_ENSURE_ARG_POINTER(aReturn);
++
++ if (mMode == modeOpen && mFilters.Length() == 1 &&
++ mFilters[0].EqualsLiteral("..apps"))
++ return kdeAppsDialog(aReturn);
++
++ nsCString title;
++ title.Adopt(ToNewUTF8String(mTitle));
++
++ const char* arg = NULL;
++ if (mAllowURLs) {
++ switch (mMode) {
++ case nsIFilePicker::modeOpen:
++ case nsIFilePicker::modeOpenMultiple:
++ arg = "GETOPENURL";
++ break;
++ case nsIFilePicker::modeSave:
++ arg = "GETSAVEURL";
++ break;
++ case nsIFilePicker::modeGetFolder:
++ arg = "GETDIRECTORYURL";
++ break;
++ }
++ } else {
++ switch (mMode) {
++ case nsIFilePicker::modeOpen:
++ case nsIFilePicker::modeOpenMultiple:
++ arg = "GETOPENFILENAME";
++ break;
++ case nsIFilePicker::modeSave:
++ arg = "GETSAVEFILENAME";
++ break;
++ case nsIFilePicker::modeGetFolder:
++ arg = "GETDIRECTORYFILENAME";
++ break;
++ }
++ }
++
++ nsAutoCString directory;
++ if (mDisplayDirectory) {
++ mDisplayDirectory->GetNativePath(directory);
++ } else if (mPrevDisplayDirectory) {
++ mPrevDisplayDirectory->GetNativePath(directory);
++ }
++
++ nsAutoCString startdir;
++ if (!directory.IsEmpty()) {
++ startdir = directory;
++ }
++ if (mMode == nsIFilePicker::modeSave) {
++ if (!startdir.IsEmpty()) {
++ startdir += "/";
++ startdir += ToNewUTF8String(mDefault);
++ } else
++ startdir = ToNewUTF8String(mDefault);
++ }
++
++ nsAutoCString filters;
++ PRInt32 count = mFilters.Length();
++ if (count == 0) // just in case
++ filters = "*";
++ else {
++ filters = kdeMakeFilter(0);
++ for (PRInt32 i = 1; i < count; ++i) {
++ filters += "\n";
++ filters += kdeMakeFilter(i);
++ }
++ }
++
++ nsTArray<nsCString> command;
++ command.AppendElement(nsAutoCString(arg));
++ command.AppendElement(startdir);
++ if (mMode != nsIFilePicker::modeGetFolder) {
++ command.AppendElement(filters);
++ nsAutoCString selected;
++ selected.AppendInt(mSelectedType);
++ command.AppendElement(selected);
++ }
++ command.AppendElement(title);
++ if (mMode == nsIFilePicker::modeOpenMultiple)
++ command.AppendElement("MULTIPLE"_ns);
++ if (PRInt32 xid = windowToXid(mParentWidget)) {
++ command.AppendElement("PARENT"_ns);
++ nsAutoCString parent;
++ parent.AppendInt(xid);
++ command.AppendElement(parent);
++ }
++
++ nsTArray<nsCString> output;
++ if (nsKDEUtils::commandBlockUi(
++ command,
++ GTK_WINDOW(mParentWidget->GetNativeData(NS_NATIVE_SHELLWIDGET)),
++ &output)) {
++ *aReturn = nsIFilePicker::returnOK;
++ mFiles.Clear();
++ if (mMode != nsIFilePicker::modeGetFolder) {
++ mSelectedType = atoi(output[0].get());
++ output.RemoveElementAt(0);
++ }
++ if (mMode == nsIFilePicker::modeOpenMultiple) {
++ mFileURL.Truncate();
++ PRUint32 count = output.Length();
++ for (PRUint32 i = 0; i < count; ++i) {
++ nsCOMPtr<nsIFile> localfile;
++ nsresult rv = NS_NewNativeLocalFile(output[i], PR_FALSE,
++ getter_AddRefs(localfile));
++ if (NS_SUCCEEDED(rv)) mFiles.AppendObject(localfile);
++ }
++ } else {
++ if (output.Length() == 0)
++ mFileURL = nsCString();
++ else if (mAllowURLs)
++ mFileURL = output[0];
++ else // GetFile() actually requires it to be url even for local files :-/
++ {
++ nsCOMPtr<nsIFile> localfile;
++ nsresult rv = NS_NewNativeLocalFile(output[0], PR_FALSE,
++ getter_AddRefs(localfile));
++ if (NS_SUCCEEDED(rv))
++ rv = net_GetURLSpecFromActualFile(localfile, mFileURL);
++ }
++ }
++ // Remember last used directory.
++ nsCOMPtr<nsIFile> file;
++ GetFile(getter_AddRefs(file));
++ if (file) {
++ nsCOMPtr<nsIFile> dir;
++ file->GetParent(getter_AddRefs(dir));
++ nsCOMPtr<nsIFile> localDir(dir);
++ if (localDir) {
++ localDir.swap(mPrevDisplayDirectory);
++ }
++ }
++ if (mMode == nsIFilePicker::modeSave) {
++ nsCOMPtr<nsIFile> file;
++ GetFile(getter_AddRefs(file));
++ if (file) {
++ bool exists = false;
++ file->Exists(&exists);
++ if (exists) // TODO do overwrite check in the helper app
++ *aReturn = nsIFilePicker::returnReplace;
++ }
++ }
++ } else {
++ *aReturn = nsIFilePicker::returnCancel;
++ }
++ return NS_OK;
++}
++
++NS_IMETHODIMP nsFilePicker::kdeAppsDialog(nsIFilePicker::ResultCode* aReturn) {
++ NS_ENSURE_ARG_POINTER(aReturn);
++
++ nsCString title;
++ title.Adopt(ToNewUTF8String(mTitle));
++
++ nsTArray<nsCString> command;
++ command.AppendElement("APPSDIALOG"_ns);
++ command.AppendElement(title);
++ if (PRInt32 xid = windowToXid(mParentWidget)) {
++ command.AppendElement("PARENT"_ns);
++ nsAutoCString parent;
++ parent.AppendInt(xid);
++ command.AppendElement(parent);
++ }
++
++ nsTArray<nsCString> output;
++ if (nsKDEUtils::commandBlockUi(
++ command,
++ GTK_WINDOW(mParentWidget->GetNativeData(NS_NATIVE_SHELLWIDGET)),
++ &output)) {
++ *aReturn = nsIFilePicker::returnOK;
++ mFileURL = output.Length() > 0 ? output[0] : nsCString();
++ } else {
++ *aReturn = nsIFilePicker::returnCancel;
++ }
++ return NS_OK;
++}
++
+ // All below functions available as of GTK 3.20+
+ void* nsFilePicker::GtkFileChooserNew(const gchar* title, GtkWindow* parent,
+ GtkFileChooserAction action,
+ const gchar* accept_label) {
+ static auto sGtkFileChooserNativeNewPtr =
+ (void* (*)(const gchar*, GtkWindow*, GtkFileChooserAction, const gchar*,
+ const gchar*))dlsym(RTLD_DEFAULT,
+ "gtk_file_chooser_native_new");
+diff --git a/widget/gtk/nsFilePicker.h b/widget/gtk/nsFilePicker.h
+--- a/widget/gtk/nsFilePicker.h
++++ b/widget/gtk/nsFilePicker.h
+@@ -71,16 +71,22 @@ class nsFilePicker : public nsBaseFilePi
+ nsString mDefaultExtension;
+
+ nsTArray<nsCString> mFilters;
+ nsTArray<nsCString> mFilterNames;
+
+ private:
+ static nsIFile* mPrevDisplayDirectory;
+
++ bool kdeRunning();
++ bool getKdeRunning();
++ NS_IMETHODIMP kdeFileDialog(nsIFilePicker::ResultCode* aReturn);
++ NS_IMETHODIMP kdeAppsDialog(nsIFilePicker::ResultCode* aReturn);
++ nsCString kdeMakeFilter(int index);
++
+ void* GtkFileChooserNew(const gchar* title, GtkWindow* parent,
+ GtkFileChooserAction action,
+ const gchar* accept_label);
+ void GtkFileChooserShow(void* file_chooser);
+ void GtkFileChooserDestroy(void* file_chooser);
+ void GtkFileChooserSetModal(void* file_chooser, GtkWindow* parent_widget,
+ gboolean modal);
+
+diff --git a/xpcom/components/ManifestParser.cpp b/xpcom/components/ManifestParser.cpp
+--- a/xpcom/components/ManifestParser.cpp
++++ b/xpcom/components/ManifestParser.cpp
+@@ -38,16 +38,17 @@
+ #include "nsTextFormatter.h"
+ #include "nsVersionComparator.h"
+ #include "nsXPCOMCIDInternal.h"
+
+ #include "nsIConsoleService.h"
+ #include "nsIScriptError.h"
+ #include "nsIXULAppInfo.h"
+ #include "nsIXULRuntime.h"
++#include "nsKDEUtils.h"
+
+ using namespace mozilla;
+
+ struct ManifestDirective {
+ const char* directive;
+ int argc;
+
+ bool ischrome;
+@@ -389,16 +390,17 @@ void ParseManifest(NSLocationType aType,
+ constexpr auto kRemoteEnabled = u"remoteenabled"_ns;
+ constexpr auto kRemoteRequired = u"remoterequired"_ns;
+ constexpr auto kApplication = u"application"_ns;
+ constexpr auto kAppVersion = u"appversion"_ns;
+ constexpr auto kGeckoVersion = u"platformversion"_ns;
+ constexpr auto kOs = u"os"_ns;
+ constexpr auto kOsVersion = u"osversion"_ns;
+ constexpr auto kABI = u"abi"_ns;
++ constexpr auto kDesktop = u"desktop"_ns;
+ constexpr auto kProcess = u"process"_ns;
+ #if defined(MOZ_WIDGET_ANDROID)
+ constexpr auto kTablet = u"tablet"_ns;
+ #endif
+ // You might expect this to be guarded by MOZ_BACKGROUNDTASKS, but it's not
+ // possible to have conditional manifest contents, so we need to recognize and
+ // discard these tokens even when MOZ_BACKGROUNDTASKS is not set.
+ constexpr auto kBackgroundTask = u"backgroundtask"_ns;
+@@ -448,39 +450,44 @@ void ParseManifest(NSLocationType aType,
+ CopyUTF8toUTF16(s, abi);
+ abi.Insert(char16_t('_'), 0);
+ abi.Insert(osTarget, 0);
+ }
+ }
+ }
+
+ nsAutoString osVersion;
++ nsAutoString desktop;
+ #if defined(XP_WIN)
+ # pragma warning(push)
+ # pragma warning(disable : 4996) // VC12+ deprecates GetVersionEx
+ OSVERSIONINFO info = {sizeof(OSVERSIONINFO)};
+ if (GetVersionEx(&info)) {
+ nsTextFormatter::ssprintf(osVersion, u"%ld.%ld", info.dwMajorVersion,
+ info.dwMinorVersion);
+ }
++ desktop = u"win"_ns;
+ # pragma warning(pop)
+ #elif defined(MOZ_WIDGET_COCOA)
+ SInt32 majorVersion = nsCocoaFeatures::macOSVersionMajor();
+ SInt32 minorVersion = nsCocoaFeatures::macOSVersionMinor();
+ nsTextFormatter::ssprintf(osVersion, u"%ld.%ld", majorVersion, minorVersion);
++ desktop = u"macosx"_ns);
+ #elif defined(MOZ_WIDGET_GTK)
+ nsTextFormatter::ssprintf(osVersion, u"%ld.%ld", gtk_major_version,
+ gtk_minor_version);
++ desktop = nsKDEUtils::kdeSession() ? u"kde"_ns : u"gnome"_ns;
+ #elif defined(MOZ_WIDGET_ANDROID)
+ bool isTablet = false;
+ if (jni::IsAvailable()) {
+ jni::String::LocalRef release = java::sdk::Build::VERSION::RELEASE();
+ osVersion.Assign(release->ToString());
+ isTablet = java::GeckoAppShell::IsTablet();
+ }
++ desktop = u"android"_ns;
+ #endif
+
+ if (XRE_IsContentProcess()) {
+ process = kContent;
+ } else {
+ process = kMain;
+ }
+
+@@ -571,25 +578,27 @@ void ParseManifest(NSLocationType aType,
+ // When in background task mode, default to not registering
+ // category directivies unless backgroundtask=1 is specified.
+ TriState stBackgroundTask = (BackgroundTasks::IsBackgroundTaskMode() &&
+ strcmp("category", directive->directive) == 0)
+ ? eBad
+ : eUnspecified;
+ #endif
+ int flags = 0;
++ TriState stDesktop = eUnspecified;
+
+ while ((token = nsCRT::strtok(whitespace, kWhitespace, &whitespace)) &&
+ ok) {
+ ToLowerCase(token);
+ NS_ConvertASCIItoUTF16 wtoken(token);
+
+ if (CheckStringFlag(kApplication, wtoken, appID, stApp) ||
+ CheckOsFlag(kOs, wtoken, osTarget, stOs) ||
+ CheckStringFlag(kABI, wtoken, abi, stABI) ||
++ CheckStringFlag(kDesktop, wtoken, desktop, stDesktop) ||
+ CheckStringFlag(kProcess, wtoken, process, stProcess) ||
+ CheckVersionFlag(kOsVersion, wtoken, osVersion, stOsVersion) ||
+ CheckVersionFlag(kAppVersion, wtoken, appVersion, stAppVersion) ||
+ CheckVersionFlag(kGeckoVersion, wtoken, geckoVersion,
+ stGeckoVersion)) {
+ continue;
+ }
+
+@@ -639,16 +648,17 @@ void ParseManifest(NSLocationType aType,
+
+ LogMessageWithContext(
+ aFile, line, "Unrecognized chrome manifest modifier '%s'.", token);
+ ok = false;
+ }
+
+ if (!ok || stApp == eBad || stAppVersion == eBad ||
+ stGeckoVersion == eBad || stOs == eBad || stOsVersion == eBad ||
++ stDesktop == eBad ||
+ #ifdef MOZ_WIDGET_ANDROID
+ stTablet == eBad ||
+ #endif
+ #ifdef MOZ_BACKGROUNDTASKS
+ stBackgroundTask == eBad ||
+ #endif
+ stABI == eBad || stProcess == eBad) {
+ continue;
+diff --git a/xpcom/components/moz.build b/xpcom/components/moz.build
+--- a/xpcom/components/moz.build
++++ b/xpcom/components/moz.build
+@@ -67,16 +67,17 @@ LOCAL_INCLUDES += [
+ "../base",
+ "../build",
+ "../ds",
+ "/chrome",
+ "/js/xpconnect/loader",
+ "/js/xpconnect/src",
+ "/layout/build",
+ "/modules/libjar",
++ "/toolkit/xre",
+ ]
+
+ if CONFIG["MOZ_WIDGET_TOOLKIT"] == "gtk":
+ CXXFLAGS += CONFIG["MOZ_GTK3_CFLAGS"]
+
+ include("/ipc/chromium/chromium-config.mozbuild")
+
+ PYTHON_UNITTEST_MANIFESTS += [
+diff --git a/xpcom/io/nsLocalFileUnix.cpp b/xpcom/io/nsLocalFileUnix.cpp
+--- a/xpcom/io/nsLocalFileUnix.cpp
++++ b/xpcom/io/nsLocalFileUnix.cpp
+@@ -46,16 +46,17 @@
+ #include "nsString.h"
+ #include "nsIDirectoryEnumerator.h"
+ #include "nsSimpleEnumerator.h"
+ #include "private/pprio.h"
+ #include "prlink.h"
+
+ #ifdef MOZ_WIDGET_GTK
+ # include "nsIGIOService.h"
++# include "nsKDEUtils.h"
+ #endif
+
+ #ifdef MOZ_WIDGET_COCOA
+ # include <Carbon/Carbon.h>
+ # include "CocoaFileUtils.h"
+ # include "prmem.h"
+ # include "plbase64.h"
+
+@@ -2205,20 +2206,28 @@ nsLocalFile::SetPersistentDescriptor(con
+
+ NS_IMETHODIMP
+ nsLocalFile::Reveal() {
+ if (!FilePreferences::IsAllowedPath(mPath)) {
+ return NS_ERROR_FILE_ACCESS_DENIED;
+ }
+
+ #ifdef MOZ_WIDGET_GTK
++ nsAutoCString url;
+ nsCOMPtr<nsIGIOService> giovfs = do_GetService(NS_GIOSERVICE_CONTRACTID);
+- if (!giovfs) {
+- return NS_ERROR_FAILURE;
++ url = mPath;
++ if (nsKDEUtils::kdeSupport()) {
++ nsTArray<nsCString> command;
++ command.AppendElement("REVEAL"_ns);
++ command.AppendElement(mPath);
++ return nsKDEUtils::command(command) ? NS_OK : NS_ERROR_FAILURE;
+ }
++
++ if (!giovfs) return NS_ERROR_FAILURE;
++
+ return giovfs->RevealFile(this);
+ #elif defined(MOZ_WIDGET_COCOA)
+ CFURLRef url;
+ if (NS_SUCCEEDED(GetCFURL(&url))) {
+ nsresult rv = CocoaFileUtils::RevealFileInFinder(url);
+ ::CFRelease(url);
+ return rv;
+ }
+@@ -2230,16 +2239,23 @@ nsLocalFile::Reveal() {
+
+ NS_IMETHODIMP
+ nsLocalFile::Launch() {
+ if (!FilePreferences::IsAllowedPath(mPath)) {
+ return NS_ERROR_FILE_ACCESS_DENIED;
+ }
+
+ #ifdef MOZ_WIDGET_GTK
++ if (nsKDEUtils::kdeSupport()) {
++ nsTArray<nsCString> command;
++ command.AppendElement("OPEN"_ns);
++ command.AppendElement(mPath);
++ return nsKDEUtils::command(command) ? NS_OK : NS_ERROR_FAILURE;
++ }
++
+ nsCOMPtr<nsIGIOService> giovfs = do_GetService(NS_GIOSERVICE_CONTRACTID);
+ if (!giovfs) {
+ return NS_ERROR_FAILURE;
+ }
+
+ return giovfs->LaunchFile(mPath);
+ #elif defined(MOZ_WIDGET_ANDROID)
+ // Not supported on GeckoView
diff --git a/mozilla-libavcodec58_91.patch b/mozilla-libavcodec58_91.patch
new file mode 100644
index 0000000..a893446
--- /dev/null
+++ b/mozilla-libavcodec58_91.patch
@@ -0,0 +1,16 @@
+# HG changeset patch
+# Parent 60fc1933af9d4f1769025a6f1d9a60db6b899315
+
+Index: firefox-127.0/dom/media/platforms/ffmpeg/FFmpegRuntimeLinker.cpp
+===================================================================
+--- firefox-127.0.orig/dom/media/platforms/ffmpeg/FFmpegRuntimeLinker.cpp
++++ firefox-127.0/dom/media/platforms/ffmpeg/FFmpegRuntimeLinker.cpp
+@@ -49,6 +49,8 @@ static const char* sLibs[] = {
+ "libavcodec.so.61",
+ "libavcodec.so.60",
+ "libavcodec.so.59",
++ "libavcodec.so.58.134",
++ "libavcodec.so.58.91",
+ "libavcodec.so.58",
+ "libavcodec-ffmpeg.so.58",
+ "libavcodec-ffmpeg.so.57",
diff --git a/mozilla-nongnome-proxies.patch b/mozilla-nongnome-proxies.patch
new file mode 100644
index 0000000..44a4990
--- /dev/null
+++ b/mozilla-nongnome-proxies.patch
@@ -0,0 +1,33 @@
+# HG changeset patch
+# User Wolfgang Rosenauer
+# Date 1558442915 -7200
+# Tue May 21 14:48:35 2019 +0200
+# Node ID 6bcf2dfebc1ea2aa34e5cc61152709fc8e409dc5
+# Parent 715f01d61df8627117e6aefca540f0c1bba45011
+Do not use gconf for proxy settings if not running within Gnome
+Index: toolkit/system/unixproxy/nsUnixSystemProxySettings.cpp
+===================================================================
+RCS file: /cvsroot/mozilla/toolkit/system/unixproxy/nsUnixSystemProxySettings.cpp,v
+retrieving revision 1.1
+
+diff --git a/toolkit/system/unixproxy/nsUnixSystemProxySettings.cpp b/toolkit/system/unixproxy/nsUnixSystemProxySettings.cpp
+--- a/toolkit/system/unixproxy/nsUnixSystemProxySettings.cpp
++++ b/toolkit/system/unixproxy/nsUnixSystemProxySettings.cpp
+@@ -52,10 +52,13 @@ nsUnixSystemProxySettings::GetMainThread
+ }
+
+ void nsUnixSystemProxySettings::Init() {
+- mGSettings = do_GetService(NS_GSETTINGSSERVICE_CONTRACTID);
+- if (mGSettings) {
+- mGSettings->GetCollectionForSchema("org.gnome.system.proxy"_ns,
+- getter_AddRefs(mProxySettings));
++ const char* sessionType = PR_GetEnv("DESKTOP_SESSION");
++ if (sessionType && !strcmp(sessionType, "gnome")) {
++ mGSettings = do_GetService(NS_GSETTINGSSERVICE_CONTRACTID);
++ if (mGSettings) {
++ mGSettings->GetCollectionForSchema("org.gnome.system.proxy"_ns,
++ getter_AddRefs(mProxySettings));
++ }
+ }
+ }
+
diff --git a/mozilla-ntlm-full-path.patch b/mozilla-ntlm-full-path.patch
new file mode 100644
index 0000000..dc8bb4e
--- /dev/null
+++ b/mozilla-ntlm-full-path.patch
@@ -0,0 +1,18 @@
+# HG changeset patch
+# User Petr Cerny <pcerny@novell.com>
+# Parent 7308e4a7c1f769f4bbbc90870b849cadd99495a6
+# Parent 1c6a565013e4c5f3494f964269783939cd5ed0b8
+Bug 634334 - call to the ntlm_auth helper fails
+
+diff --git a/extensions/auth/nsAuthSambaNTLM.cpp b/extensions/auth/nsAuthSambaNTLM.cpp
+--- a/extensions/auth/nsAuthSambaNTLM.cpp
++++ b/extensions/auth/nsAuthSambaNTLM.cpp
+@@ -160,7 +160,7 @@ nsresult nsAuthSambaNTLM::SpawnNTLMAuthH
+ const char* username = PR_GetEnv("USER");
+ if (!username) return NS_ERROR_FAILURE;
+
+- const char* const args[] = {"ntlm_auth",
++ const char* const args[] = {"/usr/bin/ntlm_auth",
+ "--helper-protocol",
+ "ntlmssp-client-1",
+ "--use-cached-creds",
diff --git a/mozilla-partial-revert-1768632.patch b/mozilla-partial-revert-1768632.patch
new file mode 100644
index 0000000..c4e63d5
--- /dev/null
+++ b/mozilla-partial-revert-1768632.patch
@@ -0,0 +1,13 @@
+Index: firefox-102.4.0/mfbt/EnumSet.h
+===================================================================
+--- firefox-102.4.0.orig/mfbt/EnumSet.h
++++ firefox-102.4.0/mfbt/EnumSet.h
+@@ -326,7 +326,7 @@ class EnumSet {
+ }
+ }
+
+- static constexpr size_t kMaxBits = MaxBits();
++ static constexpr size_t kMaxBits = EnumSet().MaxBits();
+
+ Serialized mBitField;
+
diff --git a/mozilla-pgo.patch b/mozilla-pgo.patch
new file mode 100644
index 0000000..4b65e21
--- /dev/null
+++ b/mozilla-pgo.patch
@@ -0,0 +1,124 @@
+# HG changeset patch
+# User Wolfgang Rosenauer <wr@rosenauer.org>
+# Parent 9959fe2a13a39cbeb98ca1bef2e21caba16717bd
+
+Index: firefox-115.0/build/moz.configure/lto-pgo.configure
+===================================================================
+--- firefox-115.0.orig/build/moz.configure/lto-pgo.configure
++++ firefox-115.0/build/moz.configure/lto-pgo.configure
+@@ -251,8 +251,8 @@ def lto(
+ cflags.append("-flto")
+ ldflags.append("-flto")
+ else:
+- cflags.append("-flto=thin")
+- ldflags.append("-flto=thin")
++ cflags.append("-flto")
++ ldflags.append("-flto")
+
+ if target.os == "Android" and "cross" in values:
+ # Work around https://github.com/rust-lang/rust/issues/90088
+@@ -268,7 +268,7 @@ def lto(
+ if "full" in values:
+ cflags.append("-flto")
+ else:
+- cflags.append("-flto=thin")
++ cflags.append("-flto")
+ # With clang-cl, -flto can only be used with -c or -fuse-ld=lld.
+ # AC_TRY_LINKs during configure don't have -c, so pass -fuse-ld=lld.
+ cflags.append("-fuse-ld=lld")
+Index: firefox-115.0/build/pgo/profileserver.py
+===================================================================
+--- firefox-115.0.orig/build/pgo/profileserver.py
++++ firefox-115.0/build/pgo/profileserver.py
+@@ -11,7 +11,7 @@ import subprocess
+ import sys
+
+ import mozcrash
+-from mozbuild.base import BinaryNotFoundException, MozbuildObject
++from mozbuild.base import BinaryNotFoundException, MozbuildObject, BuildEnvironmentNotFoundException
+ from mozfile import TemporaryDirectory
+ from mozhttpd import MozHttpd
+ from mozprofile import FirefoxProfile, Preferences
+@@ -87,9 +87,22 @@ if __name__ == "__main__":
+ locations = ServerLocations()
+ locations.add_host(host="127.0.0.1", port=PORT, options="primary,privileged")
+
+- old_profraw_files = glob.glob("*.profraw")
+- for f in old_profraw_files:
+- os.remove(f)
++ using_gcc = False
++ try:
++ if build.config_environment.substs.get('CC_TYPE') == 'gcc':
++ using_gcc = True
++ except BuildEnvironmentNotFoundException:
++ pass
++
++ if using_gcc:
++ for dirpath, _, filenames in os.walk('.'):
++ for f in filenames:
++ if f.endswith('.gcda'):
++ os.remove(os.path.join(dirpath, f))
++ else:
++ old_profraw_files = glob.glob('*.profraw')
++ for f in old_profraw_files:
++ os.remove(f)
+
+ with TemporaryDirectory() as profilePath:
+ # TODO: refactor this into mozprofile
+@@ -213,6 +226,10 @@ if __name__ == "__main__":
+ print("Firefox exited successfully, but produced a crashreport")
+ sys.exit(1)
+
++ print('Copying profile data....')
++ os.system('pwd');
++ os.system('tar cf profdata.tar.gz `find . -name "*.gcda"`; cd ..; tar xf instrumented/profdata.tar.gz;');
++
+ llvm_profdata = env.get("LLVM_PROFDATA")
+ if llvm_profdata:
+ profraw_files = glob.glob("*.profraw")
+Index: firefox-115.0/build/unix/mozconfig.unix
+===================================================================
+--- firefox-115.0.orig/build/unix/mozconfig.unix
++++ firefox-115.0/build/unix/mozconfig.unix
+@@ -4,6 +4,15 @@ if [ -n "$FORCE_GCC" ]; then
+ CC="$MOZ_FETCHES_DIR/gcc/bin/gcc"
+ CXX="$MOZ_FETCHES_DIR/gcc/bin/g++"
+
++ if [ -n "$MOZ_PGO" ]; then
++ if [ -z "$USE_ARTIFACT" ]; then
++ ac_add_options --enable-lto
++ fi
++ export AR="$topsrcdir/gcc/bin/gcc-ar"
++ export NM="$topsrcdir/gcc/bin/gcc-nm"
++ export RANLIB="$topsrcdir/gcc/bin/gcc-ranlib"
++ fi
++
+ # We want to make sure we use binutils and other binaries in the tooltool
+ # package.
+ mk_add_options "export PATH=$MOZ_FETCHES_DIR/gcc/bin:$MOZ_FETCHES_DIR/binutils/bin:$PATH"
+Index: firefox-115.0/extensions/spellcheck/src/moz.build
+===================================================================
+--- firefox-115.0.orig/extensions/spellcheck/src/moz.build
++++ firefox-115.0/extensions/spellcheck/src/moz.build
+@@ -28,3 +28,5 @@ EXPORTS.mozilla += [
+ "mozInlineSpellChecker.h",
+ "mozSpellChecker.h",
+ ]
++
++CXXFLAGS += ['-fno-devirtualize']
+Index: firefox-115.0/toolkit/components/terminator/nsTerminator.cpp
+===================================================================
+--- firefox-115.0.orig/toolkit/components/terminator/nsTerminator.cpp
++++ firefox-115.0/toolkit/components/terminator/nsTerminator.cpp
+@@ -460,6 +460,11 @@ void nsTerminator::StartWatchdog() {
+ }
+ #endif
+
++ // Disable watchdog for PGO train builds - writting profile information at
++ // exit may take time and it is better to make build hang rather than
++ // silently produce poorly performing binary.
++ crashAfterMS = INT32_MAX;
++
+ UniquePtr<Options> options(new Options());
+ // crashAfterTicks is guaranteed to be > 0 as
+ // crashAfterMS >= ADDITIONAL_WAIT_BEFORE_CRASH_MS >> HEARTBEAT_INTERVAL_MS
diff --git a/mozilla-reduce-rust-debuginfo.patch b/mozilla-reduce-rust-debuginfo.patch
new file mode 100644
index 0000000..06543a0
--- /dev/null
+++ b/mozilla-reduce-rust-debuginfo.patch
@@ -0,0 +1,15 @@
+# HG changeset patch
+# Parent 135d931b3e674a670473f69f8c079e741ac63643
+
+diff --git a/build/moz.configure/rust.configure b/build/moz.configure/rust.configure
+--- a/build/moz.configure/rust.configure
++++ b/build/moz.configure/rust.configure
+@@ -668,7 +668,7 @@ def rust_compile_flags(
+ debug_assertions = False
+
+ if debug_symbols:
+- debug_info = "2"
++ debug_info = '1'
+
+ opts = []
+
diff --git a/mozilla-rust-disable-future-incompat.patch b/mozilla-rust-disable-future-incompat.patch
new file mode 100644
index 0000000..88ec553
--- /dev/null
+++ b/mozilla-rust-disable-future-incompat.patch
@@ -0,0 +1,12 @@
+diff -rup a/Cargo.toml b/Cargo.toml
+--- a/Cargo.toml 2023-07-04 15:15:01.089470619 +0200
++++ b/Cargo.toml 2023-07-04 15:24:31.626226962 +0200
+@@ -188,3 +188,8 @@ uniffi_bindgen = "=0.23.0"
+ uniffi_build = "=0.23.0"
+ uniffi_macros = "=0.23.0"
+ weedle2 = "=4.0.0"
++
++# Package code v0.1.4 uses code "that will be rejected by a future version of Rust"
++# Shut up such messages for now to make the build succeed
++[future-incompat-report]
++frequency = "never"
diff --git a/mozilla-s390-context.patch b/mozilla-s390-context.patch
new file mode 100644
index 0000000..dfd7c7a
--- /dev/null
+++ b/mozilla-s390-context.patch
@@ -0,0 +1,33 @@
+# HG changeset patch
+# User msirringhaus@suse.de
+# Date 1558452408 -7200
+# Tue May 21 17:26:48 2019 +0200
+# Node ID 602e92722e765a3c238d3b96b26c0c8063b5eeb4
+# Parent 783ceb006fcdabe5ad23bd561362e721c7ed5f8c
+[mq]: mozilla-s390-context.patch
+
+diff --git a/js/src/wasm/WasmSignalHandlers.cpp b/js/src/wasm/WasmSignalHandlers.cpp
+--- a/js/src/wasm/WasmSignalHandlers.cpp
++++ b/js/src/wasm/WasmSignalHandlers.cpp
+@@ -174,6 +174,10 @@ using mozilla::DebugOnly;
+ # define FP_sig(p) ((p)->uc_mcontext.gregs[REG_FPRS])
+ # define SP_sig(p) ((p)->uc_mcontext.gregs[REG_SP])
+ # endif
++# if defined(__linux__) && defined(__s390x__)
++# define GR_sig(p, x) ((p)->uc_mcontext.gregs[x])
++# define PSWa_sig(p) ((p)->uc_mcontext.psw.addr)
++# endif
+ # elif defined(__NetBSD__)
+ # define EIP_sig(p) ((p)->uc_mcontext.__gregs[_REG_EIP])
+ # define EBP_sig(p) ((p)->uc_mcontext.__gregs[_REG_EBP])
+@@ -416,6 +420,10 @@ struct macos_aarch64_context {
+ # define FP_sig(p) RFP_sig(p)
+ # define SP_sig(p) R03_sig(p)
+ # define LR_sig(p) RRA_sig(p)
++# elif defined(__s390x__)
++# define PC_sig(p) PSWa_sig(p)
++# define SP_sig(p) GR_sig(p, 15)
++# define FP_sig(p) GR_sig(p, 11)
+ # elif defined(__riscv)
+ # define PC_sig(p) RPC_sig(p)
+ # define FP_sig(p) RFP_sig(p)
diff --git a/mozilla-silence-no-return-type.patch b/mozilla-silence-no-return-type.patch
new file mode 100644
index 0000000..6bbf5d1
--- /dev/null
+++ b/mozilla-silence-no-return-type.patch
@@ -0,0 +1,590 @@
+# HG changeset patch
+# Parent af0655f894a27ef60aa8438af7939a5ebc498df0
+
+Index: firefox-128.0/gfx/skia/skia/include/codec/SkEncodedOrigin.h
+===================================================================
+--- firefox-128.0.orig/gfx/skia/skia/include/codec/SkEncodedOrigin.h
++++ firefox-128.0/gfx/skia/skia/include/codec/SkEncodedOrigin.h
+@@ -41,6 +41,7 @@ static inline SkMatrix SkEncodedOriginTo
+ case kLeftBottom_SkEncodedOrigin: return SkMatrix::MakeAll( 0, 1, 0, -1, 0, h, 0, 0, 1);
+ }
+ SK_ABORT("Unexpected origin");
++ SkUNREACHABLE;
+ }
+
+ /**
+Index: firefox-128.0/gfx/skia/skia/include/private/gpu/ganesh/GrTypesPriv.h
+===================================================================
+--- firefox-128.0.orig/gfx/skia/skia/include/private/gpu/ganesh/GrTypesPriv.h
++++ firefox-128.0/gfx/skia/skia/include/private/gpu/ganesh/GrTypesPriv.h
+@@ -301,6 +301,7 @@ static inline bool GrTextureTypeHasRestr
+ default:
+ SK_ABORT("Unexpected texture type");
+ }
++ SkUNREACHABLE;
+ }
+
+ //////////////////////////////////////////////////////////////////////////////
+Index: firefox-128.0/gfx/skia/skia/src/core/SkDescriptor.cpp
+===================================================================
+--- firefox-128.0.orig/gfx/skia/skia/src/core/SkDescriptor.cpp
++++ firefox-128.0/gfx/skia/skia/src/core/SkDescriptor.cpp
+@@ -26,6 +26,7 @@ std::unique_ptr<SkDescriptor> SkDescript
+ void SkDescriptor::operator delete(void* p) { ::operator delete(p); }
+ void* SkDescriptor::operator new(size_t) {
+ SK_ABORT("Descriptors are created with placement new.");
++ SkUNREACHABLE;
+ }
+
+ void SkDescriptor::flatten(SkWriteBuffer& buffer) const {
+Index: firefox-128.0/gfx/skia/skia/src/core/SkGeometry.h
+===================================================================
+--- firefox-128.0.orig/gfx/skia/skia/src/core/SkGeometry.h
++++ firefox-128.0/gfx/skia/skia/src/core/SkGeometry.h
+@@ -281,6 +281,7 @@ static inline bool SkCubicIsDegenerate(S
+ return true;
+ }
+ SK_ABORT("Invalid SkCubicType");
++ SkUNREACHABLE;
+ }
+
+ static inline const char* SkCubicTypeName(SkCubicType type) {
+@@ -293,6 +294,7 @@ static inline const char* SkCubicTypeNam
+ case SkCubicType::kLineOrPoint: return "kLineOrPoint";
+ }
+ SK_ABORT("Invalid SkCubicType");
++ SkUNREACHABLE;
+ }
+
+ /** Returns the cubic classification.
+Index: firefox-128.0/gfx/skia/skia/src/core/SkTextBlob.cpp
+===================================================================
+--- firefox-128.0.orig/gfx/skia/skia/src/core/SkTextBlob.cpp
++++ firefox-128.0/gfx/skia/skia/src/core/SkTextBlob.cpp
+@@ -213,6 +213,7 @@ void SkTextBlob::operator delete(void* p
+
+ void* SkTextBlob::operator new(size_t) {
+ SK_ABORT("All blobs are created by placement new.");
++ SkUNREACHABLE;
+ }
+
+ void* SkTextBlob::operator new(size_t, void* p) {
+Index: firefox-128.0/gfx/skia/skia/src/core/SkTypeface_remote.h
+===================================================================
+--- firefox-128.0.orig/gfx/skia/skia/src/core/SkTypeface_remote.h
++++ firefox-128.0/gfx/skia/skia/src/core/SkTypeface_remote.h
+@@ -108,12 +108,14 @@ public:
+ bool isLogging() const {return fIsLogging;}
+
+ protected:
+- int onGetUPEM() const override { SK_ABORT("Should never be called."); }
++ int onGetUPEM() const override { SK_ABORT("Should never be called."); SkUNREACHABLE; }
+ std::unique_ptr<SkStreamAsset> onOpenStream(int* ttcIndex) const override {
+ SK_ABORT("Should never be called.");
++ SkUNREACHABLE;
+ }
+ sk_sp<SkTypeface> onMakeClone(const SkFontArguments& args) const override {
+ SK_ABORT("Should never be called.");
++ SkUNREACHABLE;
+ }
+ bool onGlyphMaskNeedsCurrentColor() const override {
+ return fGlyphMaskNeedsCurrentColor;
+@@ -121,10 +123,12 @@ protected:
+ int onGetVariationDesignPosition(SkFontArguments::VariationPosition::Coordinate coordinates[],
+ int coordinateCount) const override {
+ SK_ABORT("Should never be called.");
++ SkUNREACHABLE;
+ }
+ int onGetVariationDesignParameters(SkFontParameters::Variation::Axis parameters[],
+ int parameterCount) const override {
+ SK_ABORT("Should never be called.");
++ SkUNREACHABLE;
+ }
+ void onGetFamilyName(SkString* familyName) const override {
+ // Used by SkStrikeCache::DumpMemoryStatistics.
+@@ -132,15 +136,19 @@ protected:
+ }
+ bool onGetPostScriptName(SkString*) const override {
+ SK_ABORT("Should never be called.");
++ SkUNREACHABLE;
+ }
+ SkTypeface::LocalizedStrings* onCreateFamilyNameIterator() const override {
+ SK_ABORT("Should never be called.");
++ SkUNREACHABLE;
+ }
+ int onGetTableTags(SkFontTableTag tags[]) const override {
+ SK_ABORT("Should never be called.");
++ SkUNREACHABLE;
+ }
+ size_t onGetTableData(SkFontTableTag, size_t offset, size_t length, void* data) const override {
+ SK_ABORT("Should never be called.");
++ SkUNREACHABLE;
+ }
+ std::unique_ptr<SkScalerContext> onCreateScalerContext(
+ const SkScalerContextEffects& effects, const SkDescriptor* desc) const override
+@@ -154,20 +162,25 @@ protected:
+ }
+ void onGetFontDescriptor(SkFontDescriptor*, bool*) const override {
+ SK_ABORT("Should never be called.");
++ SkUNREACHABLE;
+ }
+ void getGlyphToUnicodeMap(SkUnichar*) const override {
+ SK_ABORT("Should never be called.");
++ SkUNREACHABLE;
+ }
+
+ void getPostScriptGlyphNames(SkString*) const override {
+ SK_ABORT("Should never be called.");
++ SkUNREACHABLE;
+ }
+
+ std::unique_ptr<SkAdvancedTypefaceMetrics> onGetAdvancedMetrics() const override {
+ SK_ABORT("Should never be called.");
++ SkUNREACHABLE;
+ }
+ void onCharsToGlyphs(const SkUnichar* chars, int count, SkGlyphID glyphs[]) const override {
+ SK_ABORT("Should never be called.");
++ SkUNREACHABLE;
+ }
+ int onCountGlyphs() const override {
+ return this->glyphCount();
+@@ -175,6 +188,7 @@ protected:
+
+ void* onGetCTFontRef() const override {
+ SK_ABORT("Should never be called.");
++ SkUNREACHABLE;
+ }
+
+ private:
+Index: firefox-128.0/gfx/skia/skia/src/effects/imagefilters/SkBlurImageFilter.cpp
+===================================================================
+--- firefox-128.0.orig/gfx/skia/skia/src/effects/imagefilters/SkBlurImageFilter.cpp
++++ firefox-128.0/gfx/skia/skia/src/effects/imagefilters/SkBlurImageFilter.cpp
+@@ -799,6 +799,7 @@ sk_sp<SkSpecialImage> cpu_blur(const ski
+ return maker;
+ }
+ SK_ABORT("Sigma is out of range.");
++ SkUNREACHABLE;
+ };
+
+ PassMaker* makerX = makeMaker(sigma.width());
+Index: firefox-128.0/gfx/skia/skia/src/fonts/SkFontMgr_indirect.cpp
+===================================================================
+--- firefox-128.0.orig/gfx/skia/skia/src/fonts/SkFontMgr_indirect.cpp
++++ firefox-128.0/gfx/skia/skia/src/fonts/SkFontMgr_indirect.cpp
+@@ -69,6 +69,7 @@ void SkFontMgr_Indirect::onGetFamilyName
+
+ sk_sp<SkFontStyleSet> SkFontMgr_Indirect::onCreateStyleSet(int index) const {
+ SK_ABORT("Not implemented");
++ SkUNREACHABLE;
+ }
+
+ sk_sp<SkFontStyleSet> SkFontMgr_Indirect::onMatchFamily(const char familyName[]) const {
+Index: firefox-128.0/gfx/skia/skia/src/sksl/SkSLOperator.cpp
+===================================================================
+--- firefox-128.0.orig/gfx/skia/skia/src/sksl/SkSLOperator.cpp
++++ firefox-128.0/gfx/skia/skia/src/sksl/SkSLOperator.cpp
+@@ -51,7 +51,7 @@ OperatorPrecedence Operator::getBinaryPr
+ case Kind::BITWISEXOREQ: // fall through
+ case Kind::BITWISEOREQ: return OperatorPrecedence::kAssignment;
+ case Kind::COMMA: return OperatorPrecedence::kSequence;
+- default: SK_ABORT("unsupported binary operator");
++ default: SkUNREACHABLE;
+ }
+ }
+
+Index: firefox-128.0/gfx/skia/skia/src/sksl/ir/SkSLType.h
+===================================================================
+--- firefox-128.0.orig/gfx/skia/skia/src/sksl/ir/SkSLType.h
++++ firefox-128.0/gfx/skia/skia/src/sksl/ir/SkSLType.h
+@@ -468,6 +468,7 @@ public:
+
+ virtual SkSpan<const Field> fields() const {
+ SK_ABORT("Internal error: not a struct");
++ SkUNREACHABLE;
+ }
+
+ /**
+Index: firefox-128.0/gfx/skia/skia/src/utils/SkShadowUtils.cpp
+===================================================================
+--- firefox-128.0.orig/gfx/skia/skia/src/utils/SkShadowUtils.cpp
++++ firefox-128.0/gfx/skia/skia/src/utils/SkShadowUtils.cpp
+@@ -140,6 +140,7 @@ struct SpotVerticesFactory {
+ return true;
+ }
+ SK_ABORT("Uninitialized occluder type?");
++ SkUNREACHABLE;
+ }
+
+ sk_sp<SkVertices> makeVertices(const SkPath& path, const SkMatrix& ctm,
+Index: firefox-128.0/intl/icu/source/i18n/number_rounding.cpp
+===================================================================
+--- firefox-128.0.orig/intl/icu/source/i18n/number_rounding.cpp
++++ firefox-128.0/intl/icu/source/i18n/number_rounding.cpp
+@@ -287,6 +287,7 @@ FractionPrecision Precision::constructFr
+ settings.fMaxFrac = static_cast<digits_t>(maxFrac);
+ settings.fMinSig = -1;
+ settings.fMaxSig = -1;
++ settings.fPriority = UNUM_ROUNDING_PRIORITY_RELAXED;
+ PrecisionUnion union_;
+ union_.fracSig = settings;
+ return {RND_FRACTION, union_};
+@@ -298,6 +299,7 @@ Precision Precision::constructSignifican
+ settings.fMaxFrac = -1;
+ settings.fMinSig = static_cast<digits_t>(minSig);
+ settings.fMaxSig = static_cast<digits_t>(maxSig);
++ settings.fPriority = UNUM_ROUNDING_PRIORITY_RELAXED;
+ PrecisionUnion union_;
+ union_.fracSig = settings;
+ return {RND_SIGNIFICANT, union_};
+Index: firefox-128.0/js/src/irregexp/imported/regexp-parser.cc
+===================================================================
+--- firefox-128.0.orig/js/src/irregexp/imported/regexp-parser.cc
++++ firefox-128.0/js/src/irregexp/imported/regexp-parser.cc
+@@ -2781,6 +2781,7 @@ bool MayContainStrings(ClassSetOperandTy
+ if (operand->IsClassRanges()) return false;
+ return operand->AsClassSetExpression()->may_contain_strings();
+ }
++ UNREACHABLE();
+ }
+
+ } // namespace
+Index: firefox-128.0/third_party/libwebrtc/api/adaptation/resource.cc
+===================================================================
+--- firefox-128.0.orig/third_party/libwebrtc/api/adaptation/resource.cc
++++ firefox-128.0/third_party/libwebrtc/api/adaptation/resource.cc
+@@ -22,6 +22,7 @@ const char* ResourceUsageStateToString(R
+ return "kUnderuse";
+ }
+ RTC_CHECK_NOTREACHED();
++ return nullptr;
+ }
+
+ ResourceListener::~ResourceListener() {}
+Index: firefox-128.0/third_party/libwebrtc/api/rtp_parameters.cc
+===================================================================
+--- firefox-128.0.orig/third_party/libwebrtc/api/rtp_parameters.cc
++++ firefox-128.0/third_party/libwebrtc/api/rtp_parameters.cc
+@@ -33,6 +33,7 @@ const char* DegradationPreferenceToStrin
+ return "balanced";
+ }
+ RTC_CHECK_NOTREACHED();
++ return "";
+ }
+
+ const double kDefaultBitratePriority = 1.0;
+Index: firefox-128.0/third_party/libwebrtc/api/video/video_frame_buffer.cc
+===================================================================
+--- firefox-128.0.orig/third_party/libwebrtc/api/video/video_frame_buffer.cc
++++ firefox-128.0/third_party/libwebrtc/api/video/video_frame_buffer.cc
+@@ -106,6 +106,8 @@ const char* VideoFrameBufferTypeToString
+ default:
+ RTC_DCHECK_NOTREACHED();
+ }
++ RTC_DCHECK_NOTREACHED();
++ return nullptr;
+ }
+
+ int I420BufferInterface::ChromaWidth() const {
+Index: firefox-128.0/third_party/libwebrtc/api/video_codecs/video_codec.cc
+===================================================================
+--- firefox-128.0.orig/third_party/libwebrtc/api/video_codecs/video_codec.cc
++++ firefox-128.0/third_party/libwebrtc/api/video_codecs/video_codec.cc
+@@ -162,6 +162,7 @@ const char* CodecTypeToPayloadString(Vid
+ return kPayloadNameH265;
+ }
+ RTC_CHECK_NOTREACHED();
++ return "";
+ }
+
+ VideoCodecType PayloadStringToCodecType(const std::string& name) {
+Index: firefox-128.0/third_party/libwebrtc/api/video_codecs/video_encoder_software_fallback_wrapper.cc
+===================================================================
+--- firefox-128.0.orig/third_party/libwebrtc/api/video_codecs/video_encoder_software_fallback_wrapper.cc
++++ firefox-128.0/third_party/libwebrtc/api/video_codecs/video_encoder_software_fallback_wrapper.cc
+@@ -189,6 +189,7 @@ class VideoEncoderSoftwareFallbackWrappe
+ return fallback_encoder_.get();
+ }
+ RTC_CHECK_NOTREACHED();
++ return nullptr;
+ }
+
+ // Updates encoder with last observed parameters, such as callbacks, rates,
+@@ -382,6 +383,7 @@ int32_t VideoEncoderSoftwareFallbackWrap
+ return fallback_encoder_->Encode(frame, frame_types);
+ }
+ RTC_CHECK_NOTREACHED();
++ return WEBRTC_VIDEO_CODEC_ERROR;
+ }
+
+ int32_t VideoEncoderSoftwareFallbackWrapper::EncodeWithMainEncoder(
+Index: firefox-128.0/third_party/libwebrtc/call/adaptation/video_stream_adapter.cc
+===================================================================
+--- firefox-128.0.orig/third_party/libwebrtc/call/adaptation/video_stream_adapter.cc
++++ firefox-128.0/third_party/libwebrtc/call/adaptation/video_stream_adapter.cc
+@@ -169,6 +169,7 @@ const char* Adaptation::StatusToString(A
+ return "kRejectedByConstraint";
+ }
+ RTC_CHECK_NOTREACHED();
++ return "";
+ }
+
+ Adaptation::Adaptation(int validation_id,
+@@ -391,6 +392,7 @@ VideoStreamAdapter::RestrictionsOrState
+ return Adaptation::Status::kAdaptationDisabled;
+ }
+ RTC_CHECK_NOTREACHED();
++ return Adaptation::Status::kAdaptationDisabled;
+ }
+
+ Adaptation VideoStreamAdapter::GetAdaptationDown() {
+@@ -473,6 +475,7 @@ VideoStreamAdapter::GetAdaptationDownSte
+ return Adaptation::Status::kAdaptationDisabled;
+ }
+ RTC_CHECK_NOTREACHED();
++ return Adaptation::Status::kAdaptationDisabled;
+ }
+
+ VideoStreamAdapter::RestrictionsOrState VideoStreamAdapter::DecreaseResolution(
+@@ -626,6 +629,8 @@ Adaptation VideoStreamAdapter::GetAdaptD
+ }
+ }
+ RTC_CHECK_NOTREACHED();
++ return RestrictionsOrStateToAdaptation(
++ Adaptation::Status::kAdaptationDisabled, input_state);
+ }
+
+ VideoStreamAdapter::RestrictionsOrState
+Index: firefox-128.0/third_party/libwebrtc/call/rtp_payload_params.cc
+===================================================================
+--- firefox-128.0.orig/third_party/libwebrtc/call/rtp_payload_params.cc
++++ firefox-128.0/third_party/libwebrtc/call/rtp_payload_params.cc
+@@ -406,7 +406,7 @@ absl::optional<FrameDependencyStructure>
+ case VideoCodecType::kVideoCodecH265:
+ return absl::nullopt;
+ }
+- RTC_DCHECK_NOTREACHED() << "Unsupported codec.";
++ RTC_CHECK_NOTREACHED();
+ }
+
+ void RtpPayloadParams::GenericToGeneric(int64_t shared_frame_id,
+Index: firefox-128.0/third_party/libwebrtc/call/video_send_stream.cc
+===================================================================
+--- firefox-128.0.orig/third_party/libwebrtc/call/video_send_stream.cc
++++ firefox-128.0/third_party/libwebrtc/call/video_send_stream.cc
+@@ -30,6 +30,7 @@ const char* StreamTypeToString(VideoSend
+ return "flexfec";
+ }
+ RTC_CHECK_NOTREACHED();
++ return "";
+ }
+
+ } // namespace
+Index: firefox-128.0/third_party/libwebrtc/media/base/codec.cc
+===================================================================
+--- firefox-128.0.orig/third_party/libwebrtc/media/base/codec.cc
++++ firefox-128.0/third_party/libwebrtc/media/base/codec.cc
+@@ -262,6 +262,7 @@ bool Codec::Matches(const Codec& codec)
+ case Type::kVideo:
+ return IsSameCodecSpecific(name, params, codec.name, codec.params);
+ }
++ return false; // unreached
+ };
+
+ return matches_id && matches_type_specific();
+Index: firefox-128.0/third_party/libwebrtc/modules/audio_processing/agc2/clipping_predictor.cc
+===================================================================
+--- firefox-128.0.orig/third_party/libwebrtc/modules/audio_processing/agc2/clipping_predictor.cc
++++ firefox-128.0/third_party/libwebrtc/modules/audio_processing/agc2/clipping_predictor.cc
+@@ -378,7 +378,7 @@ std::unique_ptr<ClippingPredictor> Creat
+ config.reference_window_delay, config.clipping_threshold,
+ /*adaptive_step_estimation=*/false);
+ }
+- RTC_DCHECK_NOTREACHED();
++ RTC_CHECK_NOTREACHED();
+ }
+
+ } // namespace webrtc
+Index: firefox-128.0/third_party/libwebrtc/modules/audio_processing/agc2/input_volume_stats_reporter.cc
+===================================================================
+--- firefox-128.0.orig/third_party/libwebrtc/modules/audio_processing/agc2/input_volume_stats_reporter.cc
++++ firefox-128.0/third_party/libwebrtc/modules/audio_processing/agc2/input_volume_stats_reporter.cc
+@@ -48,6 +48,7 @@ constexpr absl::string_view MetricNamePr
+ case InputVolumeType::kRecommended:
+ return "WebRTC.Audio.Apm.RecommendedInputVolume.";
+ }
++ RTC_CHECK_NOTREACHED();
+ }
+
+ metrics::Histogram* CreateVolumeHistogram(InputVolumeType input_volume_type) {
+Index: firefox-128.0/third_party/libwebrtc/modules/audio_processing/agc2/rnn_vad/rnn_fc.cc
+===================================================================
+--- firefox-128.0.orig/third_party/libwebrtc/modules/audio_processing/agc2/rnn_vad/rnn_fc.cc
++++ firefox-128.0/third_party/libwebrtc/modules/audio_processing/agc2/rnn_vad/rnn_fc.cc
+@@ -60,6 +60,8 @@ rtc::FunctionView<float(float)> GetActiv
+ case ActivationFunction::kSigmoidApproximated:
+ return ::rnnoise::SigmoidApproximated;
+ }
++ // supposed to be never reached apparently therefore returning bogus
++ return ::rnnoise::TansigApproximated;
+ }
+
+ } // namespace
+Index: firefox-128.0/third_party/libwebrtc/modules/audio_processing/audio_processing_impl.cc
+===================================================================
+--- firefox-128.0.orig/third_party/libwebrtc/modules/audio_processing/audio_processing_impl.cc
++++ firefox-128.0/third_party/libwebrtc/modules/audio_processing/audio_processing_impl.cc
+@@ -101,6 +101,7 @@ GainControl::Mode Agc1ConfigModeToInterf
+ return GainControl::kFixedDigital;
+ }
+ RTC_CHECK_NOTREACHED();
++ return GainControl::kAdaptiveAnalog;
+ }
+
+ bool MinimizeProcessingForUnusedOutput() {
+@@ -168,7 +169,7 @@ int AudioFormatValidityToErrorCode(Audio
+ case AudioFormatValidity::kInvalidChannelCount:
+ return AudioProcessing::kBadNumberChannelsError;
+ }
+- RTC_DCHECK(false);
++ RTC_CHECK_NOTREACHED();
+ }
+
+ // Returns an AudioProcessing::Error together with the best possible option for
+@@ -2425,6 +2426,7 @@ void AudioProcessingImpl::InitializeNois
+ return NsConfig::SuppressionLevel::k21dB;
+ }
+ RTC_CHECK_NOTREACHED();
++ return NsConfig::SuppressionLevel::k6dB;
+ };
+
+ NsConfig cfg;
+Index: firefox-128.0/third_party/libwebrtc/modules/audio_processing/include/audio_processing.cc
+===================================================================
+--- firefox-128.0.orig/third_party/libwebrtc/modules/audio_processing/include/audio_processing.cc
++++ firefox-128.0/third_party/libwebrtc/modules/audio_processing/include/audio_processing.cc
+@@ -32,6 +32,7 @@ std::string NoiseSuppressionLevelToStrin
+ return "VeryHigh";
+ }
+ RTC_CHECK_NOTREACHED();
++ return "";
+ }
+
+ std::string GainController1ModeToString(const Agc1Config::Mode& mode) {
+@@ -44,6 +45,7 @@ std::string GainController1ModeToString(
+ return "FixedDigital";
+ }
+ RTC_CHECK_NOTREACHED();
++ return "";
+ }
+
+ } // namespace
+Index: firefox-128.0/third_party/libwebrtc/modules/audio_processing/transient/transient_suppressor_impl.cc
+===================================================================
+--- firefox-128.0.orig/third_party/libwebrtc/modules/audio_processing/transient/transient_suppressor_impl.cc
++++ firefox-128.0/third_party/libwebrtc/modules/audio_processing/transient/transient_suppressor_impl.cc
+@@ -53,6 +53,7 @@ std::string GetVadModeLabel(TransientSup
+ case TransientSuppressor::VadMode::kNoVad:
+ return "no VAD";
+ }
++ RTC_CHECK_NOTREACHED();
+ }
+
+ } // namespace
+Index: firefox-128.0/third_party/libwebrtc/modules/congestion_controller/goog_cc/goog_cc_network_control.cc
+===================================================================
+--- firefox-128.0.orig/third_party/libwebrtc/modules/congestion_controller/goog_cc/goog_cc_network_control.cc
++++ firefox-128.0/third_party/libwebrtc/modules/congestion_controller/goog_cc/goog_cc_network_control.cc
+@@ -95,6 +95,8 @@ BandwidthLimitedCause GetBandwidthLimite
+ case LossBasedState::kDelayBasedEstimate:
+ return BandwidthLimitedCause::kDelayBasedLimited;
+ }
++ // just return something by default
++ return BandwidthLimitedCause::kLossLimitedBwe;
+ }
+
+ } // namespace
+Index: firefox-128.0/third_party/libwebrtc/modules/desktop_capture/linux/wayland/screencast_portal.cc
+===================================================================
+--- firefox-128.0.orig/third_party/libwebrtc/modules/desktop_capture/linux/wayland/screencast_portal.cc
++++ firefox-128.0/third_party/libwebrtc/modules/desktop_capture/linux/wayland/screencast_portal.cc
+@@ -44,6 +44,7 @@ ScreenCastPortal::CaptureSourceType Scre
+ case CaptureType::kAnyScreenContent:
+ return ScreenCastPortal::CaptureSourceType::kAnyScreenContent;
+ }
++ RTC_CHECK_NOTREACHED();
+ }
+
+ ScreenCastPortal::ScreenCastPortal(CaptureType type, PortalNotifier* notifier)
+Index: firefox-128.0/third_party/libwebrtc/modules/pacing/bitrate_prober.cc
+===================================================================
+--- firefox-128.0.orig/third_party/libwebrtc/modules/pacing/bitrate_prober.cc
++++ firefox-128.0/third_party/libwebrtc/modules/pacing/bitrate_prober.cc
+@@ -84,6 +84,7 @@ bool BitrateProber::ReadyToSetActiveStat
+ return packet_size >=
+ std::min(RecommendedMinProbeSize(), config_.min_packet_size.Get());
+ }
++ RTC_CHECK_NOTREACHED();
+ }
+
+ void BitrateProber::OnIncomingPacket(DataSize packet_size) {
+Index: firefox-128.0/third_party/libwebrtc/modules/rtp_rtcp/source/create_video_rtp_depacketizer.cc
+===================================================================
+--- firefox-128.0.orig/third_party/libwebrtc/modules/rtp_rtcp/source/create_video_rtp_depacketizer.cc
++++ firefox-128.0/third_party/libwebrtc/modules/rtp_rtcp/source/create_video_rtp_depacketizer.cc
+@@ -46,6 +46,7 @@ std::unique_ptr<VideoRtpDepacketizer> Cr
+ return std::make_unique<VideoRtpDepacketizerGeneric>();
+ }
+ RTC_CHECK_NOTREACHED();
++ return nullptr;
+ }
+
+ } // namespace webrtc
+Index: firefox-128.0/third_party/libwebrtc/modules/rtp_rtcp/source/rtp_sender.cc
+===================================================================
+--- firefox-128.0.orig/third_party/libwebrtc/modules/rtp_rtcp/source/rtp_sender.cc
++++ firefox-128.0/third_party/libwebrtc/modules/rtp_rtcp/source/rtp_sender.cc
+@@ -138,6 +138,7 @@ bool IsNonVolatile(RTPExtensionType type
+ #endif
+ }
+ RTC_CHECK_NOTREACHED();
++ return false;
+ }
+
+ bool HasBweExtension(const RtpHeaderExtensionMap& extensions_map) {
+Index: firefox-128.0/third_party/libwebrtc/modules/video_coding/codecs/vp8/default_temporal_layers.cc
+===================================================================
+--- firefox-128.0.orig/third_party/libwebrtc/modules/video_coding/codecs/vp8/default_temporal_layers.cc
++++ firefox-128.0/third_party/libwebrtc/modules/video_coding/codecs/vp8/default_temporal_layers.cc
+@@ -110,6 +110,7 @@ size_t BufferToIndex(Vp8BufferReference
+ case Vp8FrameConfig::Vp8BufferReference::kNone:
+ RTC_CHECK_NOTREACHED();
+ }
++ RTC_CHECK_NOTREACHED();
+ }
+
+ } // namespace
+Index: firefox-128.0/third_party/libwebrtc/modules/video_coding/codecs/vp8/temporal_layers_checker.cc
+===================================================================
+--- firefox-128.0.orig/third_party/libwebrtc/modules/video_coding/codecs/vp8/temporal_layers_checker.cc
++++ firefox-128.0/third_party/libwebrtc/modules/video_coding/codecs/vp8/temporal_layers_checker.cc
+@@ -30,6 +30,7 @@ TemporalLayersChecker::CreateTemporalLay
+ return std::make_unique<TemporalLayersChecker>(num_temporal_layers);
+ }
+ RTC_CHECK_NOTREACHED();
++ return nullptr;
+ }
+
+ TemporalLayersChecker::TemporalLayersChecker(int num_temporal_layers)
+Index: firefox-128.0/third_party/libwebrtc/video/adaptation/video_stream_encoder_resource_manager.cc
+===================================================================
+--- firefox-128.0.orig/third_party/libwebrtc/video/adaptation/video_stream_encoder_resource_manager.cc
++++ firefox-128.0/third_party/libwebrtc/video/adaptation/video_stream_encoder_resource_manager.cc
+@@ -64,6 +64,7 @@ std::string ToString(VideoAdaptationReas
+ return "cpu";
+ }
+ RTC_CHECK_NOTREACHED();
++ return "";
+ }
+
+ std::vector<bool> GetActiveLayersFlags(const VideoCodec& codec) {
diff --git a/mozilla.keyring b/mozilla.keyring
new file mode 100644
index 0000000..7588492
--- /dev/null
+++ b/mozilla.keyring
@@ -0,0 +1,405 @@
+This file contains the public PGP key that is used to sign builds and
+artifacts of Mozilla projects (such as Firefox and Thunderbird).
+
+Please realize that this file itself or the public key servers may be
+compromised. You are encouraged to validate the authenticity of these keys in
+an out-of-band manner.
+
+Mozilla users: pgp < KEY
+
+pub rsa4096 2015-07-17 [SC]
+ 14F26682D0916CDD81E37B6D61B7B526D98F0353
+uid [ full ] Mozilla Software Releases <release@mozilla.com>
+sub rsa4096 2015-07-17 [S] [expired: 2017-07-16]
+sub rsa4096 2017-06-22 [S] [expired: 2019-06-22]
+sub rsa4096 2019-05-30 [S] [expired: 2021-05-29]
+sub rsa4096 2021-05-17 [S] [expired: 2023-05-17]
+sub rsa4096 2023-05-05 [S] [expires: 2025-05-04]
+
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mQINBFWpQAQBEAC+9wVlwGLy8ILCybLesuB3KkHHK+Yt1F1PJaI30X448ttGzxCz
+PQpH6BoA73uzcTReVjfCFGvM4ij6qVV2SNaTxmNBrL1uVeEUsCuGduDUQMQYRGxR
+tWq5rCH48LnltKPamPiEBzrgFL3i5bYEUHO7M0lATEknG7Iaz697K/ssHREZfuuc
+B4GNxXMgswZ7GTZO3VBDVEw5GwU3sUvww93TwMC29lIPCux445AxZPKr5sOVEsEn
+dUB2oDMsSAoS/dZcl8F4otqfR1pXg618cU06omvq5yguWLDRV327BLmezYK0prD3
+P+7qwEp8MTVmxlbkrClS5j5pR47FrJGdyupNKqLzK+7hok5kBxhsdMsdTZLd4tVR
+jXf04isVO3iFFf/GKuwscOi1+ZYeB3l3sAqgFUWnjbpbHxfslTmo7BgvmjZvAH5Z
+asaewF3wA06biCDJdcSkC9GmFPmN5DS5/Dkjwfj8+dZAttuSKfmQQnypUPaJ2sBu
+blnJ6INpvYgsEZjV6CFG1EiDJDPu2Zxap8ep0iRMbBBZnpfZTn7SKAcurDJptxin
+CRclTcdOdi1iSZ35LZW0R2FKNnGL33u1IhxU9HRLw3XuljXCOZ84RLn6M+PBc1eZ
+suv1TA+Mn111yD3uDv/u/edZ/xeJccF6bYcMvUgRRZh0sgZ0ZT4b0Q6YcQARAQAB
+tC9Nb3ppbGxhIFNvZnR3YXJlIFJlbGVhc2VzIDxyZWxlYXNlQG1vemlsbGEuY29t
+PokCOAQTAQIAIgUCValABAIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQ
+Ybe1JtmPA1NQqg//Rr6/V7uLqrIwx0UFknyNJasRJZhUkYxdGsLD18zO0Na8Ve3Q
+sYpOC3ojpqaFUzpqm6KNv8eXfd/Ku7j3WGr9kPkbjZNghvy6V5Lva4JkxO6LMxKk
+JYqiqF2o1Gfda8NfcK08GFy4C0L8zNwlADvmdMo4382tmHNGbTTft7BeVaRrE9xW
+9eGmGQ2jYOsjxb5MsadAdZUuK8IC95ZHlUDR3gH9KqhfbQWp5Bo924Kiv+f2JUzN
+rrG98eOm1Qb8F9rePzZ2DOYRJyOe4p8Gpl+kojCXNntkJgcwJ1a1yRE6wy9RzpeB
+lCeoQuLS92MNne+deQZUskTZFoYXUadf6vbdfqL0nuPCKdl9lhef1QNwE30IRymt
+6fhJCFffFQjGdeMfSiCHgcI8ichQbrzhBCGGR3bAHan9c2EbQ+puqG3Aa0YjX6Db
+GJjWOI6A61bqSPepLCMVaXqV2mZEIaZWdZkOHjnRrU6CJdXG/+D4m1YBZwYM60eJ
+kNu4eMMwMFnRsHiWf7bhqKptwuk8HyIGp2o4j8iqrFRVJEbK/ctdhA3H1AlKug9f
+NrfwCfqhNCSBju97V03U26j04JMn9nrZ2UEGbpty+8ONTb38WX5/oC61BgwV8Ki4
+6Lwyb7fImUzz8jE83pjh7s3+NCKvvbH+VfT12f+V/fsphN3EwGwJPTC3fX2IRgQQ
+EQIABgUCVaz/SwAKCRB2JUA9fw0VsVNkAKDjhUW5GyFNcyj9ot48v+lSh5GBIACf
+Ten/Rpo5tf77Uq7445cVs80EK5CIRgQQEQIABgUCVa064wAKCRDDTldH4j3WdwW5
+AKCVDRxKjb/XYqGhjBCKYhbQ4xJuOACfVIpzE3wGLC/cm9eUnSVnv+elQnKIXgQQ
+EQgABgUCVgZXYwAKCRACWrAQaxfqHqzWAP9dzEHoZNwH5JYxotudv3FOotVThaQr
+jnk+5StnObpxnAD9FmYyAyYGh4o7axeDCgmW1J89+1cZtDnFPKnBpGFMB4uIXgQQ
+EQoABgUCVa0s/gAKCRDwqefc055FLpQGAP99Z2ISKW+7FYoKJ3vDrxTtfcbZEff7
+8ufoinmAlZb2bQD/a2fOcprjWDal9Orfq7g6htkX3VISemg+SDQ/ig+b3uyJARwE
+EAECAAYFAlWs/X4ACgkQs8WpWFCKQ/JrjAf7B+fGzEs8xfc010a6KZXcO1W4/Va0
+Q+zcqF+DpQwK7b3S6oD5tCVKD9oFyDXkrlT6Tnwuu+slZwRDIyH6hI6tPb3G8Gsk
+vjXMeL0IdgZsw1DSxN0pZ0Z9mxFq/UkC/6TmFA1IJmOWtFCH/1irQWqbDxPmWp+d
+Xs2EhH8QzX1KQOE9v/YlsCdmTstMiHy3R8r7prsonpCa36zGheC/UNDpycKdT8JL
+zeCFcIWXmA7SCTeJ0XCSuS68FOwfe7nn9oagQZZe/6gh5ecuCoW9HLBWpyIPqUCz
+1CXSImLc6BbZYMpAetacarVPa6hiltNicxFE/A3T1F8ZjAcugPKBngUR/4kBHAQQ
+AQIABgUCVa0XXAAKCRBlc4Lb/yURCkCYB/95w/9/0rpi+5xtoO2NR0KlqYVG5+NF
+1r42XB6t7gVJ9UGF3meV+ekgDSzNrfroqxpzWmV1t3MRJeSMmVS25nC1hAZVQHKd
+gX9xVxW3SSufX/jPstvo2U/X3k8q8PhLS6Ihk8YJC3ScjMiNMRpkITMeVdXsdQsY
+WStiT48wlWK4gSNMCG5iovdGDTEKErHTIWJl/Wx5el1kvUwg1rKo9uRS2CS/lnlV
+6YztDY0cBBOqXP6pXXiWBuVW39LJxsSHq13vpeQ/GHeDxAJ6Y+fPuaV3qBmGZ91o
+1/HkxTABFPkISylkPo/2PCoo4Hu31MZ0jQWdihJ7gzf+B7/w6whS79eAiQEcBBAB
+AgAGBQJVrWVaAAoJEOQyfGw+ApnAc7AH/0TKg3VR4IEB3NP2C7dX/72PWO0EOh8J
+w67XDccRK0lXDILg/CujsYq9EzEofv2LmQFvCuCkoBFEcGas+J2vP3jsY/G5bjZp
+XALHkAx7MKlOgsgfeVqMtwaHIoR+y9Hg12TjM7Gt970UBwTIqC8SG6Z1bVWxUdc+
+7Zsn43Dq8z99saOUKD6HMyl9upbjAYwL28NRQtIrNiDZ5lEmDOLh+4hWblxjxWMX
+AKjg6sucrNzKD2uKGe9XdB6IkYpdfrNGPtgcnXWdfaRNk16eGVzWDVI/9mkY/G+L
+E40eK6oRyMf736CvlQjcv7JBVGTsj3W28phNLLU0UidYK/QmS3AVmBeJARwEEAEC
+AAYFAlXBWXAACgkQiRc/lXxV+V6gKQf/d/KfgiYg0Z4dqO3g1p40sgLuxVplhpDk
+J4yP5K2isdb6I7GJykVw+po6tUCfB7KeLWiZy0I3KJDU1Ikk+Jv3uGSRMT1riSpM
+Ja2pVhh+jaamHIFj2o0mG9HmEAuGKktJH8s6Jax3SiPGODRhFO8suc7B8FpB7f5q
+TUDK2J18MlnSK3NN1/zl6OdXScrISQ0cNyJ0RMgW5RSXC7wKzR89tfcDK1wInD8r
+cOMHz6Va5g8ehq2XCPKvBAlgo8El17+4UaRLhS0suVz4THPsGASYzZVKIhQQBf+8
+xDXd6zJ/UgkC4iBWHtLm5jvm6Xhsu04s28TmgiH4FKLsstAUFzbiQYkBHAQQAQIA
+BgUCVdIa6gAKCRCtfLmfgki6D8xCB/9Q+rCTDQCbWQkRoSV77+kmIb+KVFTcgxfR
+Z1L0bKL5YqI6HuCJLgU1ioTxq8W4g+SDv4s69/LIajYYZvSRNv0kGRzm2D4vpcnw
+ymyYCJkzcZkuBeyR50S69+1cStbFb7jZMpyZ6rwnKdYOccDSMdaynJGt4rqiY+ra
+DPF0H4LExx9a1JFh21Fd0MDc15vsoRZtrOkM8QaKD85hZ/AGOwlw+Kb3DEfjNGcv
+nuNp54HfJc0Z5kwVYoOKUatBgjLpRRvl43lUGRaaCCMaNpNZXM20ZhrbTjXRlko8
+QVMUXqE20sDNwv+dDa6G8nBkIGNIHeixrVrVPP7hH5JRMtjZbsWFiQEcBBABCAAG
+BQJVrQFGAAoJEFbucY3ODhVLNDgH/izNHcsr1BRnV3yQ6T9sTJJ187BwF1hRLR+Y
+3op+fJr+nQ9301XAqLqNbzEB91hRUi2Gb8LTZxxq0gahWzSqmdAE0ObXGGlrEmfj
+FSSTFyQ1xRvzooYNZzTjN91XX1dERjyj9SOHBETsZrN01BZB1t3EgoDM7PCNTsX0
+qC65unWvBDftnLdiJ6s3UC9sorMk8q3Zl6DacFw8QKSmJL1R0OPvXiSOZtGQK9Jg
+YyHiXQE3MOP5SFSk61e1IawocYn32CXM+EkgtXK5q/thc8OdwsgLAJmGpVB3qd2K
+9OaEOKCUV/V91a2P8hCx8MMV2sQgHcMB221wDIWbD5PTHNtCegaJARwEEAEIAAYF
+AlWtIrEACgkQo9ZSFzt2Po+mXgf/dUPf6q+aDFoDjLIsfJH5QS8Nn/7frUUdElg8
+PdGxtZ6SQep6uR5fgc+PwOElhUxa665WYtRJ459RWAYmbh2kkP/paGBf9nW0A2wS
+koXyJNydJcanyjwHyqKUbBLsXJAvGFtbYRsbeXkEPM5CaKgRUwc8Ilzo9/53CZF/
+avZK4FJX00lZq0/Z8dIY8jUEF64IbJgbaUe1gkuxu7zURgjVKK4bb4lLy/s3tRe0
+00hrKVbFcaNoIZs+Vk/3A/TFdYHFY6I2JpLIeSSJd/Ywh6/YZfGkSHfzn87Dfkyr
+gXKQMQ5JvQQgKbO6GPBZSygxWU7R2tNNAJKHSh0/PJ8J7yrqj4kBHAQQAQgABgUC
+Va05AwAKCRD20Pdh3MzspCvWB/9DAEaNx5WF3ktmw6jP5cCv60HDwgsmJHusGyAo
+53Gwjo4Fx6hv5QYQpTbO4af+4KpFGkex+bZniOJWpT+NJkhx55xbzA903MoZ9+dI
+oCtG4K41kA2mMYSpR097yF3fwtuP70UgMZqiCmz/iKFzsrdhjE0KvBjptnYGEWk5
+MMh5xlpzGom3LV/A+KAmEdPw+GCaj5H6qG3/PtWXz+RmjG0sRPycHaNJCWuLz4xM
+xV28oAG53Gqc3cDes4Hpds4fPOa8+we7yKTK/2O3lfOUOvKncsoS3vHC/GNfGD86
+RX/vz2TW4GMaLmn75xcAYT0MINIFBf/tXjN1BNrmvrGkkxnbiQEcBBABCgAGBQJV
+rQlbAAoJEDNC4bZno4hjKL8H/An2CRzW8IsEjFKD+J+xa5hJYQbcb5W5wjGSs9PL
+/pRbH0t8FNS1DevRqoq3xdL5EEUpUgae54gix0An0qKhzC4MRdD9sYFy42mDP7f6
+8Vw2sCZltfBtOHaha7Qj2U28DE9j7Dx04lkHWjdHudJV5PVaPpelW8EDIOMx+4nG
+WnXiYEKKMRWpR2BVV1FXnsfbfP2HWpxVaxxWt7WqOmswU0lJCb2bSLteEn8YoA1i
+CMLMdMaVXyX92v8Quh2N0NWtzXgc94ug8GiucGKoo2SpdFlXVCysqlPfKBestJlL
+93dqP6dOwqoHqOscTJB6rvNzi2tmtAu7WDy4C+BBXNhbYpGJAhwEEAECAAYFAlWs
++ygACgkQljt4MQo3sXysaw/+J6Ztawe/qT5aLW6it+zLq+3oD21UgM1TVP81CjwL
+hlHj9wuuGDe+xE8dZA7kvpngKjAxxXPQX/B4rz27Y+kHCvelOSrLW5kodTsPWIkL
+cSYMRo4Pws0RIGQBXI8tDIaJJcj7BYb9O7OjCziTEjP5KxDeZ6o4n0NFnZk5NNhS
+6B1VnC3Y34DIj4koxm1N5O5br4z8kTc5PN9bMxOZn2u+KxGIeEwZJbHvtrgeAxUP
+96B2dUo+jgSuro5jSkIyD+wpfo5o6+/kCtDiXEWo//AHJAwOal02QAodUtrMggwz
+J19FfnU8RgiKFjivrbfZi6ITM6RHg+DSF+KnaW2wkc3mGTB0qJsgSLGwOgfv37Qx
+O1tTdPxbSfWnZJAspylC74dgh+XOYYDji9tjPtrKZ8sEaHiUVFlO4QTOTlB9yYwO
+E7uI/3MKe3Q+0M2a85gvX+S0CdznpXo71aMFj0Hd/7ZMuKNausJZhagHAILbve1M
+IATkkfbCTxg5bdYgvdVGAIgUEAAO8mvLl1EvOJgkME5a/I/mK6MLxByuCMaT0RMr
+U9S881f+AJuJ3Qxbbo8vN0Iy9KmiCIptcSMKBKLHeMonYaXM8O392/XUKbgSBXkL
+oTOybMT+LZhO0upOhpRJqmtyDT1Wjxp7FBku/sUjJXCVy7YpjwkkLxZmvWIhleb7
+S8uJAhwEEAECAAYFAlWs/LgACgkQEstOl+B+Z9HYNA//UKMSIfS0bdY6K+zhxuMS
+lIyol8Z/ynkDZSZ8SOeXZViLyRCRoXhY2g6JsygWLsZpthI8fnleQhwy1GLCxWMF
+n/PiRjj++VHoJYK/ANP23bC+tyl+jT9gwoPF0eGdWnnot1jGO6f6jFqam0KAL/XN
+6ePUrNo0jbrYVrEUer20PYsM3tqGlGgOOFikMoYWwsAVOEh2I5Sgi6iAYfx12RYW
+eKw37loDwSr2FNZ5zjxdIyUQnKN1YMd0/Rfi2d86OVD7dV2qa94TFUvYmicpdcOM
+9pogKVGmbhz7lirjuAidRhdZkuU+rxvIAd07Oc3bQRdsUCJAs/kjO71v9ov/NqKu
+j/BLixxIa0D0eKE41yL13RCfZIG46nI/F5PvLXhDp7sIeohIWsvYv239A9yXfq6B
+TeXZ1j8YTlY86yN38JStf8pbGWKlGARM7e1o9DHYY3irLCOWCAnKmF14wbbTMOAe
+w2VzxV8895Bweeo2fyCOGFI6SzvOSaOQPUlfmiKmtJrwreg71Vsv64X8X6FHajZY
+V9dYJFS2gO8cYJ/zajzn/oeYVTtpsFpJmq7fWByjGd7pAnZHuuSEy/57GEptmYRu
+zmI2gn7vYz1rZAbLThFsk/auCU3VYke8Dd3jHnxBuq2+Pa8TmLxibvnE1ZKd0gqZ
+dMNY/rT4+LZI+xDczzF3Z7mJAhwEEAECAAYFAlWtLOIACgkQirEyljoGU3rjMhAA
+ijskigHf8Q3D3B4Oz673cLNOGfAyEdHWNqlJW0Vcdo05iF8q8utwqmziRWw4PbpO
+cdPpUqLb61rWfjSkq4PVTOr8leHHNj/a4aiAYt8DtnpcwJqTmktiijo0Ptn0v8ao
+fdRJSVLtPcV0FydLzK6oLovszdWAQ4iVdFjppvdDJtjT4ooXFmZgZg6KzqjEGm8G
+4wS4tMlFR4AJZIpWN5gAeLZhCg3jfuKWEgAIVwJZfVPp8qFTIMDCbHGcmszqeDKj
+G5hY8q+KeQBs7/jjibY7QjSk+qFvWPlES2NGCnjrD5NL+T5W0AlQZS3kgbDWbnSm
+r/xr6OzL8+bi03J3gRW/oWmCIlzvxUJuLgR5M3TRS4GqYfNVs4etgIW7QZXwTo/5
+W8zd5P8UcKOuEFPtmfRjoRZYY30TqrmO9BQkHLKcDbqgnWcm55HaRdkK6+j4tKik
+f12/VXez1tP4CkHcMJWE4g3poANtZmHia2MPO9/+1P/pCxUb5jwBF+CDiDhDel1Y
+8b7u/ERIugpl8TqGJx+GkUlw0cotZ7BoweNwLXwDDDQlIoA4BT+LFLGQBtUQKMQY
+TrDv4PUucMfB96yiEwlw40IdkmHgcBxXFNNxDHMsxEIW2TYoITfmkShiIm7XkcSE
+oilPpHFmh6JXpnqOsBhfO0FxKSWkNjsCKCMUGLww5kKJAhwEEAEIAAYFAlWs//EA
+CgkQP/MbrxBL+eLdOg//Z9Tcp9kElDdZl3e6aJqGpGviNqIA20KbvYrham5Kn3B9
+1LhvMkypT6fZWAwbNCBHxvOSbOolcSSLpbaHK3A5jsg5MhLJ2G3Xpf7Z91+Mqg/H
+iOiJkaAhPoJ0Ny6BCB7jg3yaKLDP4wBwDbOH7JWuP7uQmQ12mqu6WFxok7e53bH5
+i4gmu3QIO21RXyWoLJy/1Y5X3ljPZ1tNawy/Sz8UjeLau2Sl1mQ6JxWWCeLp7Cvw
+p+j6nKOFm/hVDlgnFrfIp9aYHjR2fVpwIFxvfff94gm20EywerlcGOAMeT+1QKZy
+1V1ekBVX+2zdQ8RPJGZPqXyxnLg9SyUhdLJBPNDNe5ALfolfn2pvBGM3hnRunGOs
+PrK53WjGqvXXYhyIkJEd+UoyQBp6zUY/KKFK/7yjgZxX7sCSwNjDlFT2fB1gfll1
+vKoYocPQl2t/B3beKOZJzBkSMk1hBdE0A7URkOoYrFQTdzsSUVwY+/0IAhvxqGKc
+HhinLDFON6ee082511VVMrSbCxcnsThjc61CMYA1TxL01Jzb3QIoTWT3W1t2HRZD
+/aXcDsg6UMHm1xC1MdZKeKpdJWrnnseC9b/tGuqw2EHitYDquVBmPkx0UoAdsbB5
+ec3q8n4J45VJFJcSrrps/vRSNn0bUqcZlpZSZERdqBTBkbizxgFnvJx734JLhlaJ
+AhwEEAEIAAYFAlWtG6MACgkQlWNH9vvzpBVikRAAmfUzps72Opq31lRHZXXGD4/H
+FP9SyYRnWzaOWGDMfgO9p3IcRl3qRwOuThCvn+qxTHmRT8KUD8uko9zIU+ttx/zx
+An3hvO1nCzsiW33N4vU+Y78Uvs7Rumm2CNif+dKDL41FnVpA191b3T3NGWfigvqB
+78fWv/WJIuPJuAhCoJYFbK0Vv2/QF2UAo9O2wdBo0ELZKmP5tWfJuLbc8XzuzgaP
+4xzRdgJ+P+IFA4q1zQ49FHQeRWBSWkxFAp3iI9sdH5Na+Lup2vLSDYYmdDOyII5w
+5QQ+Y8M78Bvt5GBOk52KfTH3oNjDwtd7ae46yWrSy7razs75klSxi125IfcPr/r8
+e6jt08WVDZRak5mLPryNlf/Y+ymFe07aIp3eiKO1/SJp2K73fCTslXDt/OuzKZSp
+656hybxUrRPiXBxHMOWkcPllZqBXf6GxnN+Fdyutk/e+0EBjpK02AxHY3igA3411
+2ZGTGXNCL8ywTidVweOfjyqiWAnCSUvF6+efjRgg2mlD1g6ZDRiKpl9p/ZGETjCh
+urlpGSKhtCZWZIGt0x0iSLy4surqDrwwuBqEPSZ08KRr+q9R8HIPuAwjq2CjqDyj
+DFNuLx8dhbUUVIAl7a9nJotsph5VK7c/BF0uLW5YnPJYsXG7z1KixL2ydoH1kL41
+zXdcIWBP8H7yPVgUxCKJAhwEEAEIAAYFAlWtG98ACgkQvBcwG0kbPyEIVxAA4imw
+p7Df/j5ZZcZ+kkBwAhFO+WnJMfkNNl4g/7vsFKbWFBpiYuGmlvX+poM3nTsWCuEv
+v3QohbZHGJS/hY2kdAuxurTI6w4FvvJ0Akz1DUANIF9gfJ9Omu2Znb9xG1fzyCSc
+EzUgaf3aim7zyp0arjjqR/msmd2sCjqvy5VgRK21tYAfhWmzdJQntIlCEExfTh9x
+guELDLSK3j7ngZla1T3BwE1dlcPVD6l9bl/7ZV5uXmotOqFU+1dBcFG4NKNXmnG5
+TV7x3Ih6Xt982SCpBgVsEow1XFPf0jflPBn6DGJsgpmuIjdymgpJacwZCYkGbTSj
+wAeSibYvCw1MRYtrCXd7KlmmQxhYTvvzyoQSqaiIQM8daaXddcy4IdHoOoEJVzfA
+/BCyEkb0KhhjTWXQoRBXcxhJYOUjH5nhHd+zml+MHHiy1dL+xANHaBzFaNHpxYUs
+FN2MLcMW4rpCnOx/8pRu/o757Y2Ps+ypLUbGPxZJJa26zYXXTAUDDEgEFFM9Rifu
+jVCps146sRbrodzgIajc4ScgAWVkHDTKYfq6IBLJZHp8KB1fYFkVrUtwjMmyZCpG
+7FqWITGTWOoRbYAsInWuzT7PN+vb/sk0xOk1PzSJV1CmCH9izKrTqRAU42jd4yqV
+IuQ3hN8wXoeolSlK3wl27fDtK2EDzVhklvjGdreJAhwEEAEIAAYFAlbwOBsACgkQ
+RPRuFG0COV30vQ//Vzyu44NJZrDWdrAyMngMOZ+qIUkeRdtKHEzAFXl6je1ZLyXT
+aSKhyWtdxD+NPA4E8vQbEqbcpvzkBhOgfNgVOxWUxC+njB5xhg4PuZLcffm+98S3
+ncyu+bYuhA/kLgOJA2HL1vIQEobdM0XJhVM8G7bhKKSdS5NUd6BS8AgKL5YXbguO
+ZwDVq0yuVPg9VNqG5eTwL8fvZhH4L6I5Rh/wv1g++FvnEGRR+7ePprkc2pnJC8j3
+7Z08YzRf5aWCJu89EDsL8wWI/jydPcGLnitNEROfovRX/A647VUl7M4kL0oyblJb
+9JFbzPK97YeMwQTUYQOHIp8KsYYKjuBvq9q/Rr9DNpyijp1pshfjEiEZ4YDjTkGX
+uWu5EMSlVpC4nEtiBlKT3kMk1mqmc2F7A/g5ug1w+e72E1EbVJMDtAgzjc0+V4kt
+RxtTGa8PlfyWouBwL6ReVpEyVz3NS7++QcSY98DgMODMxFggna/zf3bef/lC6RGk
+kHyIOC+IhI+q72m0MjdCmzsSA8fqT0PNYs349+sCKw6ocgjSHZlR/8gEZbZC+Fwx
+Jf6be2N7eo6hYctOe5XpLaMApVnD3qtw6C9CxWJ4zT6WLyI0SAF3YWmIgLtlYhfF
+nRs0ObRXiO7tz0FBuTXD3vljjzq7t8DDK1IS4Cx5AnTZI4rz+/aiD0k5AhmJAhwE
+EAEIAAYFAlbwOPIACgkQt4bvJaijiaC0TBAAppcnj7MhOQh+yQCzljw403/hEW5/
+iVEyhfkEtF8lnJQPwSCvKphln4B9/E/Z6HBZ5MNew9xj/JrL/JZfk+E81vSs/fhg
+lCXB83bFo/fZ6cnqhubcPlXyXLSAY7J195n+DdInbza5ABuaJW6UeVHbGGM+th7L
+S6sYmzoOM1oU8mLzugo57M2a0SZNE2GTjeHFzdeFmKtjk6zGhJcdDMvKNalQZyuf
+KSEc7+9j5r0KlJOWY4VMqfYMY6qgiQ89IVSutWbhj+oiivCgi030sXmrdOSwG8/G
+gufKpYOQ1ZLXrxzowYJ02vAewYCe20PTyzGt5ReB9XkokffvHnKcxHxhyC6HiAyG
+B+8+yf0tJk4Fd7uW6zjGDvphPQhH6bPObVVaMiayEfJhhHbRNmJnUKXRc2CGL0X6
+vbZ12Y1bAALAttEpsNC544WMwLfUCcGfaRTF1E4OpQucU/uizaxGPiUd8Ateqt+m
+3GwjY9HAb9QN8ejiOTkH6XsYSzw4KA4iPqqMySHY/DMyfFuilNWd8m93agApO+8r
+9+6xjurnbkh50rYtunP3FCMul2QW1wXaGxPTt7a/IcL00NRVwZmJwa3Ys1OrYMRA
+OXM0QvRzpHZOsuqHG45jjaRejMZKSQL0zJOyKgtv4YrG1fceLrZWvu7ZjWVNd+0B
+nGitgBkGm5VQMuGJAhwEEAEIAAYFAlbwjIoACgkQpIWg7VG4t8QFOw//YFD2UifK
+W2VfUy2ig+ewXOwe/BzVfweN/Im+HSN94ooTEwR5wgdYIjxPV+eEKFfAEsazv8b3
+ktZJI+/IxEalHBA+mR4TC2/UlrOgsVCnTHYKL5yJRVHPrdOQ+Zm+kk4vszYocDtC
+SPp+/aoRE8u91i6Qu0UdGjMe82HG6qdzVj6bXH9ZFRiWRsfkGxB31cnvfE+aZB+V
+qfuy0pbqegJXUE/6In8XRsS12xAk58KM0b8jKQGqYaBB6xE9WDpip5sPycougy6U
+29170n+U57c6+x5JQhHC/Rb2AqB8Yl1msC4bj4UsqxWHmLRdcqZs04GiVsrk2fLD
+fSfsu023IZPyOhaV/t2KE4DwnAu4b9Sq7PNNzf9yrsgRL4c4OzWEYpMzt38V5QRt
+ETJvuuthOypREVNuIs21oRomMJd+PjGsayDuKA7xe/SxDe8tPkoy+FdAfevPXfhy
+NWX0vTtcZDpVustEMmoDs7EzlBddrNplsnRZoqW2JyMLErLujc5N8juDPqmAASVy
+d7SBUD03e8apjzZSfJhbZsxw4W9z7+rETRSy7o2DPXCabjTGwB1naIc9W4wU/aWU
+N81qZZecKLVLxpiXeoUwF3VIJme5Ye1KumsQpTJoi3tVmJ7XDaW9OD8shJtvhlOc
+ddt1E4kl9iximuLfhzUjPJyS/ASYhpPNMVSJAhwEEAEKAAYFAlWtDgMACgkQw701
+5G3UXaVUfg/+P9+3vFqijhzT7XkLuNrI9GTn3KslTAPU0Oe/BdLPTMKELqn1YVxk
+lnrznLbjL9qkwYwXxY5HT6ykeS+CzQIDLLtXqR1NAz3EWVAm4dT+xqaJZmfCoJ40
++VqZdQHLjgmj9PFTK7f3vyZ3Ux6em7Z+h7C1ba8jYZS+6GnmGw6+v6LxzRh1SFUm
+YBj/X+GPBYg6cnymr+9b2CwTMbczO5XN3hU9UtdF4UlupPvEuV5XWFpCw64kVwxP
+OQvvUJ3aTqEGiCAqd8ntyVZ1MWtaob7GI/bj7dTOoSogUqF3aZawfoUHPp6izTd4
+8aRnZhpsK47Y6jIaHDCILhKoAESTnpN1yjqaRIbviHJyYFOHnQESTS7AWrolQVmP
++pmThZWauh+PLVcs4ktp/6CKYvmgnP30HhrPczE7RVKIT32LU3MvT3nFzDmKUruK
+eLUNO6LnJ8XwZEVIE3TOVcF+2ME3EcKfV4RwAlBBgYa8DB/CM/rCtoyxdxYSRpHn
+9bxbNL6kn+CPAwRZGAChfOPGMhHBh3iDUJaIt79Cq9j6QcZUYfhj1sIvvkDyl0Bc
+5U4slbTM6KP5aZgFlCcI9HWwGx/5qIbb1rQNVjxwtiUWediS04YaQ6yt7f/yXbdl
+hxPdXDMe/9gdDyuDvP4+1FZbDiV6VT7Bl+UhQnkwf4kuCbSMFjdu+cyJAjMEEAEI
+AB0WIQRZyp4tKjMd4lGqJCdfA8dnwkek1QUCWQ72QgAKCRBfA8dnwkek1aBpEACI
+6mkO7aXYQyejkTbSyLdE7FoNI4Nq6aKvvQLt+vlGATLgSdz8v7QLGd3KkJYoO5SY
+kKjrkGZG4Nb3GOCnWnewBmvCqt7C5/Idl1JTVPdF9CgMHQkwP2F8Tg5X1Ag9oZeL
+yRKB/xWbX1LGizRy5s9G6yhq1rwoatNI+Wz36fdCmCqmphm92uPyxuAxy+JZhAbT
+/vmANGKlEN5Wjryrp3tmMEhnuJykWq2ZxYiJ9jpx/cNLyjf8fSDBhLXOTG0FYBrZ
+k+ZJtw1LlzA36K7IbnunO2qOJzDgvemo5FmGYcm6hyYCzqxBj1VJDmhHu7NZMeMn
+vT4d8Py1xBPGPFRYmaK5AP/D07cdDPYawlZA6dMPGE8xSfQxbrayJrj0+vpjSJPt
+DUHrg7L+PdpvyVxi8Py0Zfe05h6SjBPrw3eTQS6ODkoZQyh8D7M2HKUiUxvfufvn
+LEfeWpd7Vp7hl/VdP3TtbOzL9H/89O5ywf7S/oRKaqgOWkYhs3cfyjqz2boQk8nw
+N29sLzm5cH+APxNcju7sz07klp8dRNeImbmgj8mT1xId10mAixJ0NOY8udLhlwg1
+UfsYhP+Yvy9yMcoSZOs5+RjluW/E2qubP3RUt81ohUupdM0NVUJiR/I3Ri6ARb3V
+S2aAGtW4oS6PpyVT0dkWrlp8VqFpNTUKE95dNi5Og7kCDQRgos3VARAAtSRABroy
+kqOO+3Zq3pehRGM2aft2djiigKhhVg+eJr+YffIU2Q73l9zniYSzVMkFVuJPd7Wk
+BnlEMIn8BUGh04op6MV+kzX0guu3v/9i/0agNS31xAdXzmf1i5sbQU1eRylyZRSi
+sM2iuF7BYrfSsOBHv71cf+iM94KxrzXiB1bDNL4DN0T5+vCoDjgHaXbten4Qdm6O
+djBCUv9Ix8dhT4OzHwHOUK7gomTrQM6Hyb0vgQsDXKV2Ps/pWOSk/J2cCrQUrafF
+qkVAAC3m6kaGU8te6YlAU7GFcf4MOPw15WTM2iaKWwPkwK9b/Ro/5RfZbqnde8EB
+AoFkg0X8mshGVDBtYCaW+1qUA3ZBcQzUvosYUsNQC9Nx8Y9/tkqCwIBUzsxuIrSY
+HxeqPThxSMvCmg2qHXmmbAxsbOz3DTOwKpWSRGOCTGFpsLBqWigjG+L+9iIx+7kr
+2gH8tYck1RPyQm04k9udD8wwXCvylTUzNVd876sN3o1xySaO5nz8JtM//xPPctFF
+MZmC01bBn+jRuapDqY+qTFL+eKherOUZgs3nHt7cEBz3m8neGg0/JhyBwS6sQF7h
+0ETBapVDlKCRuvAgJHIrjejL5v+kVRrH9L6ey5CAdRG9SbffsNwZoo5o8SrdGcX6
+hpFiqg1jZWvZv5x7/PPSW7fPuNNHsoxVRn8AEQEAAYkEcgQYAQoAJhYhBBTyZoLQ
+kWzdgeN7bWG3tSbZjwNTBQJgos3VAhsCBQkDwmcAAkAJEGG3tSbZjwNTwXQgBBkB
+CgAdFiEEQ2D+IQnEl2MYb44h6+QekPbxL20FAmCizdUACgkQ6+QekPbxL22N6w/+
+ObmFWpCr0dmV1tm+1tuCL05sJ031KFl3EkH389FmrMMoVk49e7H5Urn77ezQXO9M
+e8R0nZgVUavJdKcJzgf1IZtLq5Vq5q563I8gglr8rJaaefGYuv9jitx/Ca2s+uvJ
+MUHgMeBPmFFOKoIF8QgOJdkSht2lIkd6bd89ayLLoIXlGi8d6K4tEWeMigtds9FY
+cyX7o8xXmt9XqCIaMbkJtiUzjz63dN0O81UCj0TvK17KXAvclhzrriZuo2rOeDTB
+cQmKKy2UKZaJjUqiezuOg1t513ZIzhy1oXzg5CJb5jgsmZmjtJjr161fv5d8Yock
+j73z2/z47wry6ThESfYSkIxJIiIP5SwZyNMeeHSZUnaMTqzd5kDL5qnNrhJHCBBy
+xcIBcGppv3VjZ1QNU1k0Tx+MzpfZtbE//idw+Q7Iz9T/3zjN79JhYi1tzzaaQR6J
+oEiNMpHHkdkOGRwfdipM7oKl7HKl+zJCzaLTE4mbInCxSgn+1RhI+rGzTXVxqIKo
+nYrWra4EVBAgguMrxNMjuEtbsF54Q27x2+H/Mew+et6K/suqyh63Szfd14LWEj4N
+aR89tEz76nJyJFuFtDeGSmu68/Pi5S8Ls9MxKJJiIJmc3lQqDUTHEiLc7RtZAsgA
+WlLc6UnFsaCqXKJxuaMs7qFD7pqSGfHxYboBxax7Sqrttw//eC7rghiFzfcnEZQn
+6+GPW3FJc5P1diSLto99six3uaWKjvSnZScvPOe8ogJt1JQpQAABoHfd7HzzlGzJ
+tU/yDL931WD6nETp6b/dk7t3aUpk8WFMG19L+L9QbEpjxDi2wozO7CGg6FhC7mu+
+KsSsorLqd3QYKoBLG0Pb2K3Zz3PN7y17kf1Aixa2//prFNfpEGwP9flz2TUvSdtd
+9JvcnDz+/3yB63tmuCsUPZaR3lhTkNiXZG7WTALA1AqIUKFpxI+cOQxaO2+H6XXi
+ON3x8A2Pzd1mZyuUMPk2c6I/c1ZfzJXxF/WJVfuztZXNCGocYF4kB3X07uOuiKrI
+DMXDT3Op3wJ0RInpjyyPlwwov3zIVQcG3mfWPclXNcIRSAdadLq6yhTBUVbhMd2j
+2qga1vtaVlH/m0zFhib88RLf1/FiVX76D1q+anG+gT+SsMPd7hSGQQ2+6ngBAvx4
+T1IHtFgPqfNaA49m8b3aAorGo6Bbzmwh4Xr+7DM2fSskBskGdIPZgA4Vyu4/PC5a
+CTyd0NqlBgj/g7XRQMGvFRkdnEIcVZbvxdzn4j16dS+43dUzFMLKThRbkUaunaYo
+ZPIYuiqbwCoFX7vJdgBMaTxYfkClc5LJSVr+X+9RYNwlOn4kiQzKstVtl/qfpDow
+6QsGmA9J7v8Vt9JEg052REcZZmC5Ag0EValA9AEQAK/z677fpoVUj4zQz0g60wVW
+f+1y2lGb8iFYICmvrJyaEra5SRkyihYA1WmEzhN4T//tHw3UIfe646+GkY3eIQW2
+jY9DM2XaElmMN8k/v54nbn5oD7rNEyCTFTvCOq5d74HH1vw96Lzay1vy45E7jPWv
+qfg9Se8KAnzElohTJjizyhU+0QbmPHnQlY8gOkT/SvRo9bFEUnqjWh0fRq+K1tdL
+PhcFB1scc25iFqh9IAKUGDur8jQ+SDHCjgQlkFOg3rbqtaUOnVHPohfrBM90ZNwu
+neFgQY7ZFSUidCimp/EN4CXnzgjDYXUUA42S8G86+G4KAJC22gRQo4mcVmehwHTH
+0glfLmUK7TEu29A1KWNL3R/R7ZdyajjpCvUaK2A0Abj3ZE2BSDbJrVlbBVfy5kfP
+dZjhd3wUWqFaDHiVcImcjZRWPncllhcy6fhqEy3ELZrkezpJjnARsVkij3GXz6oX
++HVULne2w0dkTXydR6muZI/GeNtrLHmA8B3/0/TllmLy8ChmYZVIKZ8zt1ghq3f+
+hFTXgtZil7eBewZgA6L+EXXK6dZj14lbe6CMS2kungTX9stU1s42I+WRbiqiLpAx
+CX6qcLBOWrJwsOep2nvu5bhrPHptSfRhF4Vs1xteVFckCWhcLgdYi/Je1XBEM+AA
+Va0k1FiywCg7MqlG6toLABEBAAGJBEQEGAECAA8FAlWpQPQCGwIFCQPCZwACKQkQ
+Ybe1JtmPA1PBXSAEGQECAAYFAlWpQPQACgkQHGnE5V6ZBdsvxQ/6A62ZteN0b/TV
+fSJ51SdG66amwe2rpRX4UdSw7ifxo3qhgEICQmXR5c09qXwl17MFJWM3FhGrbxnA
+5KGgeWGtqrPup4QZPKU+l2Ea2QLSJSiBq5QqqEgZvR14Lhr/hCGhBAq9s/xbp8fb
+KNJj/uWiZ+uTPbt5T5rgKJ4+g3B6DNO1rH7F70OLrd32mxZs4pSxngHRAyiMPB59
+yQVDsVMha0JTqC+P96itUzvnInc/9mwE0EMiBtpDTkoBwbJVPnuv+7FjkOLn5s5u
+3RLH9fe8z1xnV0fPC0/ndrlNiuBpAn3zVCsWasvW18Vz8K+CQY8Sw0Jw75edBgFo
+z2QMFxHfDpMJefvMadB7mdte1lKk/Im9KFFH8Idh9b6zD0a/+Ooujukx6QpFfAVh
+e2sT2CIm2nmMAuAZI2cCt7SC+REn9n9MSuIWxN8YTE3qgAUB6F3ea0O0hGlLl+z5
+UOfX0bNAs+ebx/P6PczJtDzeqpmRb0QXqo55JWXLvmXT/fgjF7fNTTLsyCtV+xH6
+ZFKGpvGJGJMHApEbz2a0hy12RZH58eI1ueN3Tzn8nI57+oYSsqFw/QgcdGXDonLG
+JsPVzIpQRg92/GXSukWF+MsCjVOilHRSY1wfPPmJ7+kMQ4rdXpjAhwNYJc1ff5N+
+omCxCKoFgYsCXlFCHFKs4JwRbTdd3MkuqBAAlBlIjym8NyJIBltfWckuhQTX4BiB
+ltGPNga9CpQsml519EePuLtoe5H0fTUp4UYbL0ZzyJImQE2uw/hMNZ36bA057YtH
+OoP4FcPUwv6wsl5JC87UR1XFhAXb5xSU0qdi3hWh0hm772X6CBlM8lM6GtT/fDZk
+SGNXMQaIs1X/O9vf8wGg+HwLJcaCvybI4w7w1K0R7WjWZlJXutCZf8hRc0d88W/q
+SZYooKD9q2S7foqaJhySIaF11sH5ETvVP3oCfGVIVhKWb0Tp2jXPXlXLeRAQA8S+
+4B1o5XHiM+J3SNXhPQHRGQ3VGcDn45itg3F4xQX2Qvo4SV42NMYd6TykM/dIfQyJ
+DOVg3CT3+nqfjCknf94SNvyZprHEPmpcDeseoPMw8kjKNwDwPXFLxBRntPgnqVXD
+cNN41OH2kqx4jF7FLlRmwNpB2mFVH8xeVuRm7h2WZRsaEoqvivhzRtESVA2um5Eg
+763CVTcNYlK6MD/iy8JzbMuZBrlOHr58HKDdcOy1W0z2quESGoqrwA995IgPav/1
+DSpyuJPNc/oUTWlhpYshqYKoflezAyKj30+UzC3R/mY03ri6zUvCgXHNgZlKUsM3
+VEXk6h5oDuaXniHLLzuxjTBVrILnGYgHSFRP80L/knz+o4Uvq4wj7NHnruc5fP1f
+oFxRNsMt40yRJfW5Ag0EWUvZtQEQAL4dTYeBoI6UxWcu7kERc+Tz13WUwSPmOIU6
+RdoXqBc2QyOki8s+uDqIJbpt2YJUPWnPgoU0rDt+msOG9tpAjPVg5pHJe8H9tXxv
+aPICQ1YxYw1m8E1kRGio4EurP2G/H/YI3vwRskqI8cp04t88k1DfeKvXYVY34kO/
+VM12XTfRcsiMdmDubTqNPYU1kmYNeqMT+OzI9QE2kulCK0DHDJzqdJLnOkrn1z0l
+rFAPoNpVtHZh4D7yB8FH3I1qk9npRdNXvSjhXu4ptvRuszktjEcfHK+ikYP3jVqR
+4eWiOKrkVIWJOCsOKIUE27PXndGLbUuDzCvrKusR6W9vF+mYK1p3pT2PYX8HEeJu
+zrd1UFBvCWPf2k5RQqHk4JIaKfjAlCPnSXmPHXqSGtD083RJhFkbz4U07/glHWer
++M+Sw+hYT/v+XOhQm3CG/PUaeX2ud6GFefymX/tA1FYJqVxVOye2axoA3lO7yM5s
+K/JHMdL7bFZtXVcGCwAqU2mkD2yEkFAzPLBHKigKg+4VimsTbG9jPOS+qtv65x6u
+IOOsic3Ud2/BB/lfbvplIvQyJYw8HKb8O0XkUPcD3Q1i8p54JSHhiJm42H699uMm
+iJeLzTkQJG7KApEv6nOb+jLyr2DZXuX82/UvZAmzWZg/XOf2xz44/RDXkL865dqR
+YenXNaOXABEBAAGJBHIEGAEIACYWIQQU8maC0JFs3YHje21ht7Um2Y8DUwUCWUvZ
+tQIbAgUJA8JnAAJACRBht7Um2Y8DU8F0IAQZAQgAHRYhBNzqxdlhNbkcTqZyq7u+
+vbskxvNVBQJZS9m1AAoJELu+vbskxvNVBVMP/21uU+8NpPLpBn6SHJtIAffFYMSn
+p0gplOjfiItA8HDbc1vqZlVpdk2xyFw6b7g+vTg1gQzF7uoAZK1czRLCt7ocxntL
+VgPuSO1ZHt4hJG5Ze1UUJSDq8Pp+TTL43rg6irDLdYDBBHYESnXWAKRAIuPb1e15
+6pAdpSynwJ3+qPyqj5vDLkPrtMWGp7qWQpXcHaXMea8m4+/RLNIjvRof/t6jrUer
+mzs91Z+/C3N8ugD/aZrXTiNkF/H6BiuITZoB0j+rjy4fxEQvTYq9C3NoaBIRxJEP
+ApxGnHKe9K9N1ZBELjCUCT1MkbBmf4CJtEgJvSScVh1yZNv+TVDfN6RwF9CwOM8b
+VrOH1VuX/L/XiIRRT02eGrvv3EvQ+BhceJpWN+GsHKQM658trZ7RhHo2PR0ib+D7
+hWQprcktqutTfRFPMrgcFTPXKeR57cxvjk+B2LoLSOom3oTNEtUaMuBE8E/jbONX
+34QsHWDKfLc3XpLEN+bO65AfTiR4/qtnZBmldBUG9xbrW0qcWz+M5P3S6ssbor3V
+DxxrX+Fv6pJccwlgYNFQxQOz8GrZhF0cU48e+0XpU2NFeyueHQ8lb9yYdvhc7mkG
+c87iIb+ILah57Wqi52Jd4f0DS2zkxN6ab5/UVEkffNwXfjN0IW28Ga4BtZvoXVGV
+Jo4vsGytMFdMRzRB/uAQAI21c3TTrO4TL42NcFQ0RY7yAlaKzXTXVNxC8v/QQKIs
+DrNvs4w15rF/t2LXc8Cr3aUNuDtE7x+FaNwZLypCe+RFOy66AG2ENuNt5tTGN3mg
+bJZl+01Cd1xPpOzmRfAJnH7YD+J4QuCEEgraAXPfp3MhjeHWtQaWDu29fbTtPx0k
+/Bh0qxHFPWxhnYpktnjZEoMmwPMBeitCvcr66UzUmezgVZc0HxJ/LO9Bss7P3egv
+60wPnXn579wDGnIriDUhHRcn2KuMI7eT4pL4HHjAAJB/8+vcUzYPuqtxULf5ciu8
+V+ajzHtqBcgwNR/gm/7i+4qKPo14fYBftH5PDj9iD88WIQX7paVbYHJZjrmnpM2i
+niL/DRVuxqAPToIc4hMXj8YPeTqS/1ckOzyYgFI9aRaLxZOR0uno1WTRBifwOcy3
+NTwSHK/6YbtJbqoVwISJrGUuvOfBlkJZVlCzVsPG1+QZaPAL3HxVXavYgCu2hze4
+OOWUe2Xuqihw8hb+F1rhP64/QtpjPxgLLb1NIBpm6OgdZjRjCbl9xnd3RvH6hYxO
++zgdn3icn2fFHhdZ7xtYcZZrg9QOXuv6LDvVe5I4VyszNs0jtdcx0P+T5VIrKFAY
+yf0CCuL/UQTRrW0SrKOV/RZHuvdpVYK3YIAyd49kKjLk6O9awFQy7cXq3PhjatBi
+uQINBFzwOeoBEACt8eaLW7jX3n5tQQ+ICeGOBIVbzAnXlH9bjdTqollM+iiwkdlB
+NNEGku7+uQ9dTofem6cbSUXuh5kJNLy5tUIG4oGZLvpAjLdHP8zslgTglQymoWSb
+v2ss4pq8xoDbp6E51dkowkyFSuELZKMFHgPiJbfYXxQmbwEiFhGs4+21lwtI4tVO
+9zs1XbzJD9XtomxkcYaePeBxpI9JnrWIUKt70JPZi/QcxPMG2si/YitnCVamcVw8
+Wri+W7MAJW3SyNjJUqx/cIOib8vdZVxvdWRIZmdkWkFO6vv4IotEBCflt6cD0EIy
+3Ijn3nDDf59v7wpdWXidjzVjKF0F8jUiX6S/ZuEz4lvdotpCgJGhDmdi4pVCYbmS
+hKbffgcSJ/BWn4wCOHKPA+XB75zzPj17dcWR8D9GM/sgusJy2fbHDcOdADPynKW3
+Ok1CENJDx7DTDwm2fPRMut4utSL1FMSl7zBDRabcPr1nw+zERjmSjm3R91ayrQ9U
+KlP/4P8Xkhjc3FFWrRQ1Q7/SlkUmrTqSouQcOolGMa2ENNgqNeOY7oE5xnPs64TL
+AzQ9z66u0dHTMODAS1A6C0l66LrPVYGoQLDkM7WQn7zznFdnKR2nsPOUi0mMdyrG
+/62iARtNvuF4xdsUAoCKti3wOsXRuUhiXei4N4qdr8IaIEIFgYEKKtaqzwARAQAB
+iQRyBBgBCgAmFiEEFPJmgtCRbN2B43ttYbe1JtmPA1MFAlzwOeoCGwIFCQPCZwAC
+QAkQYbe1JtmPA1PBdCAEGQEKAB0WIQQJezEwd65ioC+E2k3xpmaPu31XLgUCXPA5
+6gAKCRDxpmaPu31XLopQEACKv8mYt4aMc0oA25UJXMRig2lXJDqOZBUSvFFm8t6X
+gdG0zFdzFo4gqpje68kNyt9duhvOMsVwkzUr+5Di7FccvgwceU3X5ngWpnV/GcXg
+79m5viipWUdBRoyZ90oi4D5K6fhlmszmWyiD7KDrjdtIdGnjAuprztkc/JBlIwlm
+u/40JyDR5Dfxp256DlzsJ/HH8LbdjJG/F0XvtZUwcHefa7mDXtIWszsMoJnEoLzO
+kZvJ13rhJcTHVQImClyS3o9+Pk6DTfy4Ad0w+9nF0rZp+8/GXZGilfn/NXMj0elY
+u5WiyCBqargRkrHpebNKW9jxRca02aDS2Yrf8dlseO1d9FXZPOBWIxDRG++TqRhB
+K8FUW00DikRDrrV5RsIiXtgtRqH+hwknE33i8m8/KKC5/pUl3Af5f+vMKsT3s1mM
+X2zA+NmLUxJCXLz70WqLoShI8QEj+RLk9yuk97bo7KoNSv6xNwXotJKzp08VAnVN
+X/QddmV6Z7SnocEs+S6Z0L69sEffMgUaCkH09mIt1yu0DaeOl7fM2iD3VcO6jJ94
+Dg8olkhBgrZERe3sXR2fciFtsqHxYc9zP7YyL7vPbUQ8BogxEfIQZPGdpnG5pTM0
+NSX/mgkOWI2VJFDe/rOFTdTk+8mKVnFdaUfHA48qIeS0V0zMLd4OZkrYlW3iKvZp
+s6IAEACauiivWdvKvJgKMyi3fvicXn4qL8nV1X6lmOBqDn4bb0N0mtpiqXfvG950
++29rcCJSj6qSMVj8ZHuwVktrEoWX6lpJbWwEdUh+35DnjfGOYN8gW8bx0CfyqEx5
+0W++DK5Wj+L+DL7jgJ/l7dMKxLdjijkg+v4yI516nzRbrx3x77U8n+H1V9bHrDfS
+cESnr3PtWS4ze4yDrr9Xp+YK8A7RkIctH2ToyEixin8utvfa56dGpUai7gIRZ+0b
+tWY0FX6g/VRHwwhLIzTsaFveQGuzFbXaGkOhRASitKtbQo2fD39qAMixkKOctN9A
+/nA3dZU8BlJj7258+P36jQDOilr2Y7RlTSTZS5aXeAPbwILwKCNcDjV0keerGSqi
+V2zkiH0vAJcxVokn+iMj6VOaM1RyxskgFara0Vt3IuAjnirES/OVuIkhgpebmGXB
+PcHqLWpFDtEdLv6YtOwScE0eYb5/SA3XsmK3qgzEAzBfchwl4PqAhiQAf/tbx5Eg
+AUbFmwhEcgd9xMY5w6+8/5FjoXwHYmdfjKT9iD7QxF3LnymskoKQQGWBHiwJjaA8
+LYPpopUg9we00zNdSGNXv1Lau9AM//ATiusH8iLJj33ofQh6FviQG6W3TlLPqx/o
+IxxNj5bPAQy6dRKB1TxlWr4X0pUWxuqBeObPoHS9j0ysxKPru7kCDQRkVUBzARAA
+1cD3n5ue0sCcZmqX2FbtIFRsk39rlGkvuxYABsWBTzr0RbRW7h46VzWbOcU5ZmbJ
+rp/bhgkSYRR3drmzT63yUZ62dnww6e5LJjGSt19zzcber9BHELjqKqfAfLNsuZ7Z
+Q5p78c6uiJhe8WpbWogbspxJ20duraLGmK4Kl23fa3tF0Gng1RLhoFcSVK/WtDZy
+C+elPKpch1Sru6sw/r8ktfuhNIRGxdbj/lFHNVOzCXb3MTAqpIynNGMocFFnqWLZ
+LtItphHxPUqVr6LKvc3i3aMlC6IvLNg0Nu8O088Hg3Ah9tRmXKOshLjYjPeXqM9e
+dqoWWqpzxDTNl6JlFMwP+OacMKsyX7Wq+ZXC/o3ygC/oclYUKtiuoGg47fSCN2GS
+3V2GX2zFlT6SEvEQQb2g5yISLX9Q/g9AyJdqtfaLe4Fv6vM4P1xhOUDnjmdoulm3
+FGkC701ZF7eFhMSRUM9QhkGH6Yz2TvS4ht6Whg7aVt4ErIoJfj9jzJOp6k9vna5L
+mgkj8l19NTiUQ7gk98H3wW4mRrINxZ2yQD47V/LJ+tUamJc5ac+I0VP7c15xmKEJ
+2rfGCGhiSWQwZZw7Y2/qoADSBlI28RlBTuRP2i6AdwyJU+75CzxGzMpr/wBLhZT+
+fNRV4HHd5dgR3YxajpkzZ6wXL2aaJhznFEmLBLokOwMAEQEAAYkEcgQYAQoAJhYh
+BBTyZoLQkWzdgeN7bWG3tSbZjwNTBQJkVUBzAhsCBQkDwmcAAkAJEGG3tSbZjwNT
+wXQgBBkBCgAdFiEErdcHlHlwDcrf3VM34207E/PZMnQFAmRVQHMACgkQ4207E/PZ
+MnRgdg/+LAha8Vh1SIVpXzUHVdx81kPyxBSaXtOtbBw6u9EiPW+xCUiF/pyn7H1l
+u+hAodeNFADsXmmONKcBjURVfwO81s60gLKYBXxpcLLQXrfNOLrYMnokr5FfuI3z
+Z0AoSnEoS9ufnf/7spjba8RldV1q2krdw1KtbiLq3D8v4E3qRfx5SqCA+eJSavaA
+h3aBi6lvRlUSZmz8RWwq6gP9Z4BiTTyFp5jQv1ZKJb5OJ+44A0pS+RvGDRq/bAAU
+QULLIJVOhiTM74sb/BPmeRYUS++ee10IFW4bsrKJonCoSQTXQexOpH6AAFXeZDak
+JfyjTxnl3+AtA4VEp1UJIm0Ywe0h6lT0isSJPVp3RFZRPjq0g+/VniBsvYhLE/70
+ph9ImU4HXdNumZVqXqawmIDRwv7NbYjpQ8QnzcP3vJ5XQ4/bNU/xWd1eM2gdpbXI
+9B46ER7fQcIJRNrawbEbfzuHy5nINAzrznsg+fAC76w2Omrn547QiY2ey7jy7k79
+tlCXGXWAt9ikkJ95BCLsOu5OTxPi4/UUS2en1yDbx5ej7Hh79oEZxzubW1+v5O1+
+tXgMOWd6ZgXwquq50vs+X4mi7BKE2b1Mi6Zq2Y+Kw7dAEbYYzhsSA+SRPu5vrJgL
+TNQmGxxbrSA+lCUvQ8dPywXz00vKiQwI9uRqtK0LX1BLuHKIhg4OgxAAnmFSZgu7
+wIsE2kBYwabCSIFJZzHu0lgtRyYrY8Xh7Pg+V9slIiMGG4SIyq5eUfmU8bXjc4vQ
+kE6KHxsbbzN6gFVLX1KDjxRKh+/nG/RDtfw/ic7iiXZfgkEqzIVgIrtlDb/DK6ZD
+MeABnJcZZTJMAC4lWpJGgmnZxfAIGmtcUOA0CKGT43suyYET7L7HXd0TM+cJRnbE
+b7m8OexT9Xqqwezfqoi1MGH2g8lRKQE4Z2eEFvCiuJnCw547wtpJWEQrGw1eqL3A
+S8Y051YqblbXLbgf5Oa49yo630ehq9OxoLd7+GdWwYBlr/0EzPUWezhdIKKvh1RO
++FQGAlzYJ6Pq7BPwvu3dC3YYdN3Ax/8dj5036Y+mHgDsnmlUk8dlziJ0O3h1fke/
+W81ABx4ASBktXAf1IweRbbxqW8OgMhG6xHTeiEjjav7SmlD0XVOxjhI+qBoNPovW
+lChqONxablBkuh0Jd6kdNiaSEM9cd60kK3GT/dBMyv0yVhhLci6HQZ+Mf4cbn0Kt
+ayzuQLOcdRCN3FF/JNQH3v6LA1MdRfmJlgC4UdiepBb1uCgtVIPizRuXWDjyjzeP
+ZRN/AqaUbEoNBHhIz0nKhQGDbst4ugIzJWIX+6UokwPC3jvJqQQttccjAy6kXBmx
+fxyRMB5BEeLY0+qVPyvOxpXEGnlSHYmdIS4=
+=ZEQW
+-----END PGP PUBLIC KEY BLOCK-----
diff --git a/mozilla.sh.in b/mozilla.sh.in
new file mode 100644
index 0000000..4e68168
--- /dev/null
+++ b/mozilla.sh.in
@@ -0,0 +1,210 @@
+#!/bin/sh
+#
+# ***** BEGIN LICENSE BLOCK *****
+# Version: MPL 1.1/GPL 2.0/LGPL 2.1
+#
+# The contents of this file are subject to the Mozilla Public License Version
+# 1.1 (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+# http://www.mozilla.org/MPL/
+#
+# Software distributed under the License is distributed on an "AS IS" basis,
+# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+# for the specific language governing rights and limitations under the
+# License.
+#
+# The Original Code is mozilla.org Code.
+#
+# The Initial Developer of the Original Code is
+# Netscape Communications Corporation.
+# Portions created by the Initial Developer are Copyright (C) 1998
+# the Initial Developer. All Rights Reserved.
+#
+# Contributor(s):
+# Wolfgang Rosenauer <wolfgang.rosenauer@suse.de>
+# <wr@rosenauer.org>
+#
+# Alternatively, the contents of this file may be used under the terms of
+# either the GNU General Public License Version 2 or later (the "GPL"), or
+# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+# in which case the provisions of the GPL or the LGPL are applicable instead
+# of those above. If you wish to allow use of your version of this file only
+# under the terms of either the GPL or the LGPL, and not to allow others to
+# use your version of this file under the terms of the MPL, indicate your
+# decision by deleting the provisions above and replace them with the notice
+# and other provisions required by the GPL or the LGPL. If you do not delete
+# the provisions above, a recipient may use your version of this file under
+# the terms of any one of the MPL, the GPL or the LGPL.
+#
+# ***** END LICENSE BLOCK *****
+
+##
+## Usage:
+##
+## $ mozilla [args]
+##
+## This script is meant to run a mozilla program from the mozilla
+## rpm installation.
+##
+## The script will setup all the environment voodoo needed to make
+## mozilla work.
+
+cmdname=`basename $0`
+
+##
+## Variables
+##
+MOZ_DIST_BIN="%PREFIX"
+MOZ_DIST_LIB="%PROGDIR"
+MOZ_APPNAME="%APPNAME"
+MOZ_PROGRAM="$MOZ_DIST_LIB/$MOZ_APPNAME-bin"
+MOZ_LANGPACKS_DIR="$MOZ_DIST_LIB/langpacks"
+MOZ_EXTENSIONS_PROFILE_DIR="$HOME/.mozilla/extensions/{ec8030f7-c20a-464f-9b0e-13a3a9e97384}"
+
+MOZ_APP_LAUNCHER="$MOZ_DIST_LIB/$MOZ_APPNAME.sh"
+if [ "$0" = "$MOZ_APP_LAUNCHER" ]; then
+ [ -h "/usr/bin/$MOZ_APPNAME" ] && \
+ _link=$(readlink -f "/usr/bin/$MOZ_APPNAME")
+ if [ "$_link" = "$MOZ_APP_LAUNCHER" ]; then
+ export MOZ_APP_LAUNCHER="/usr/bin/$MOZ_APPNAME"
+ fi
+else
+ export MOZ_APP_LAUNCHER="/usr/bin/$MOZ_APPNAME"
+fi
+
+MOZILLA_FIVE_HOME="$MOZ_DIST_LIB"
+export MOZILLA_FIVE_HOME
+LD_LIBRARY_PATH=$MOZ_DIST_LIB${LD_LIBRARY_PATH:+:$LD_LIBRARY_PATH}
+export LD_LIBRARY_PATH
+
+# needed for SUN Java under Xorg >= 7.2
+export LIBXCB_ALLOW_SLOPPY_LOCK=1
+
+# disable Gnome crash dialog (doesn't make sense anyway)
+export GNOME_DISABLE_CRASH_DIALOG=1
+
+# Wayland
+# Only supported on newer systems
+WAYLAND_SUPPORTED=%WAYLAND_SUPPORTED
+
+# $XDG_SESSION_TYPE should contain either x11 or wayland
+if [ $WAYLAND_SUPPORTED -eq 1 ] && [ "$XDG_SESSION_TYPE" = "wayland" ] && [ -z "$MOZ_ENABLE_WAYLAND" ]; then
+ export MOZ_ENABLE_WAYLAND=1
+fi
+
+##
+## Use D-Bus remote exclusively when there's Wayland display.
+##
+if [ "$WAYLAND_DISPLAY" ]; then
+ export MOZ_DBUS_REMOTE=1
+fi
+
+# xinput2 (boo#1173320)
+. /etc/os-release
+if [ "$ID" = "opensuse-tumbleweed" ]; then
+ export MOZ_USE_XINPUT2=1
+fi
+
+##
+## To disable the use of Firefox localization handling for
+## the home profile, set MOZ_DISABLE_LANGPACKS=1
+## in your environment before launching Firefox.
+## currently disabled by default since langpacks
+## are shipped as app sideloading addons
+##
+#
+MOZ_DISABLE_LANGPACKS=1
+export MOZ_DISABLE_LANGPACKS
+#
+
+##
+## Automatically installed langpacks are tracked by .suse-langpack-install
+## config file.
+##
+SUSE_LANGPACK_CONFIG="$MOZ_EXTENSIONS_PROFILE_DIR/.suse-langpack-install"
+
+# MOZ_DISABLE_LANGPACKS disables language packs completely
+MOZILLA_DOWN=0
+if ! [ $MOZ_DISABLE_LANGPACKS ] || [ $MOZ_DISABLE_LANGPACKS -eq 0 ]; then
+ if [ -x $MOZ_PROGRAM ]; then
+ # Is firefox running?
+ /bin/pidof %APPNAME% > /dev/null 2>&1
+ MOZILLA_DOWN=$?
+ fi
+fi
+
+# Modify language pack configuration only when firefox is not running
+# and language packs are not disabled
+if [ $MOZILLA_DOWN -ne 0 ]; then
+ # Clear already installed langpacks
+ mkdir -p $MOZ_EXTENSIONS_PROFILE_DIR
+ if [ -f $SUSE_LANGPACK_CONFIG ]; then
+ rm `cat $SUSE_LANGPACK_CONFIG` > /dev/null 2>&1
+ rm $SUSE_LANGPACK_CONFIG > /dev/null 2>&1
+ # remove all empty langpacks dirs while they block installation of langpacks
+ rmdir $MOZ_EXTENSIONS_PROFILE_DIR/langpack* > /dev/null 2>&1
+ fi
+ # Get locale from system
+ CURRENT_LOCALE=$LC_ALL
+ CURRENT_LOCALE=${CURRENT_LOCALE:-$LC_MESSAGES}
+ CURRENT_LOCALE=${CURRENT_LOCALE:-$LANG}
+ # Try with a local variant first, then without a local variant
+ SHORTMOZLOCALE=`echo $CURRENT_LOCALE | sed "s|_\([^.]*\).*||g" | sed "s|\..*||g"`
+ MOZLOCALE=`echo $CURRENT_LOCALE | sed "s|_\([^.]*\).*|-\1|g" | sed "s|\..*||g"`
+ create_langpack_link() {
+ local language=$*
+ local langpack=langpack-${language}@firefox.mozilla.org.xpi
+ if [ -f $MOZ_LANGPACKS_DIR/$langpack ]; then
+ rm -rf $MOZ_EXTENSIONS_PROFILE_DIR/$langpack
+ # If the target file is a symlink (the fallback langpack),
+ # install the original file instead of the fallback one
+ if [ -h $MOZ_LANGPACKS_DIR/$langpack ]; then
+ langpack=`readlink $MOZ_LANGPACKS_DIR/$langpack`
+ fi
+ ln -s $MOZ_LANGPACKS_DIR/$langpack \
+ $MOZ_EXTENSIONS_PROFILE_DIR/$langpack
+ echo $MOZ_EXTENSIONS_PROFILE_DIR/$langpack > $SUSE_LANGPACK_CONFIG
+ return 0
+ fi
+ return 1
+ }
+ create_langpack_link $MOZLOCALE || create_langpack_link $SHORTMOZLOCALE || true
+fi
+
+
+moz_debug=0
+script_args=""
+pass_arg_count=0
+while [ $# -gt $pass_arg_count ]
+do
+ case "$1" in
+ -d | --debugger)
+ moz_debugger=$2;
+ if [ "${moz_debugger}" != "" ]; then
+ shift 2
+ moz_debug=1
+ else
+ echo "-d requires an argument"
+ exit 1
+ fi
+ ;;
+ *)
+ # Move the unrecognized argument to the end of the list.
+ arg="$1"
+ shift
+ set -- "$@" "$arg"
+ pass_arg_count=`expr $pass_arg_count + 1`
+ ;;
+ esac
+done
+
+if [ $moz_debug -eq 1 ]; then
+ tmpfile=`mktemp /tmp/mozargs.XXXXXX` || { echo "Cannot create temporary file" >&2; exit 1; }
+ trap " [ -f \"$tmpfile\" ] && /bin/rm -f -- \"$tmpfile\"" 0 1 2 3 13 15
+ echo "set args ${1+"$@"}" > $tmpfile
+ echo "run" >> $tmpfile
+ echo "$moz_debugger $MOZ_PROGRAM -x $tmpfile"
+ exec $moz_debugger "$MOZ_PROGRAM" -x $tmpfile
+else
+ exec $MOZ_PROGRAM "$@"
+fi
diff --git a/one_swizzle_to_rule_them_all.patch b/one_swizzle_to_rule_them_all.patch
new file mode 100644
index 0000000..23e4c18
--- /dev/null
+++ b/one_swizzle_to_rule_them_all.patch
@@ -0,0 +1,34 @@
+# HG changeset patch
+# User M. Sirringhaus <msirringhaus@suse.de>
+# Date 1645518286 -3600
+# Tue Feb 22 09:24:46 2022 +0100
+# Node ID 494640792b4677f6462e95b90a54a4e22aeb738b
+# Parent 81832d035e101471dcf52dd91de287268add7a91
+imported patch one_swizzle_to_rule_them_all.patch
+
+Index: firefox-115.0/gfx/webrender_bindings/RenderCompositorSWGL.cpp
+===================================================================
+--- firefox-115.0.orig/gfx/webrender_bindings/RenderCompositorSWGL.cpp
++++ firefox-115.0/gfx/webrender_bindings/RenderCompositorSWGL.cpp
+@@ -7,6 +7,7 @@
+ #include "RenderCompositorSWGL.h"
+
+ #include "mozilla/gfx/Logging.h"
++#include "mozilla/gfx/Swizzle.h"
+ #include "mozilla/widget/CompositorWidget.h"
+
+ #ifdef MOZ_WIDGET_GTK
+@@ -242,6 +243,13 @@ void RenderCompositorSWGL::CommitMappedB
+ }
+ mDT->Flush();
+
++#if MOZ_BIG_ENDIAN()
++ // One swizzle to rule them all.
++ gfx::SwizzleData(mMappedData, mMappedStride, gfx::SurfaceFormat::B8G8R8A8,
++ mMappedData, mMappedStride, gfx::SurfaceFormat::A8R8G8B8,
++ mDT->GetSize());
++#endif
++
+ // Done with the DT. Hand it back to the widget and clear out any trace of it.
+ mWidget->EndRemoteDrawingInRegion(mDT, mDirtyRegion);
+ mDirtyRegion.SetEmpty();
diff --git a/spellcheck.js b/spellcheck.js
new file mode 100644
index 0000000..01cd0ee
--- /dev/null
+++ b/spellcheck.js
@@ -0,0 +1 @@
+pref("spellchecker.dictionary_path", "/usr/share/myspell");
diff --git a/suse-default-prefs.js b/suse-default-prefs.js
new file mode 100644
index 0000000..6a7df07
--- /dev/null
+++ b/suse-default-prefs.js
@@ -0,0 +1,24 @@
+pref("general.useragent.vendor", "SUSE");
+pref("general.useragent.vendorSub", "RPM_VERSION");
+pref("font.default", "sans-serif");
+pref("font.default.x-western", "sans-serif");
+pref("font.name.monospace.x-western", "monospace");
+pref("font.name.monospace.x-unicode", "monospace");
+pref("network.negotiate-auth.gsslib", "GSSAPI");
+pref("print.print_edge_top", 14); // 1/100 of an inch
+pref("print.print_edge_left", 16); // 1/100 of an inch
+pref("print.print_edge_right", 16); // 1/100 of an inch
+pref("print.print_edge_bottom", 14); // 1/100 of an inch
+pref("intl.locale.requested", "");
+pref("intl.multilingual.enabled", true);
+
+// do not disable system-global or app-global extensions
+pref("extensions.autoDisableScopes", 3);
+pref("extensions.shownSelectionUI", true);
+
+// spellcheck
+pref("spellchecker.dictionary_path", "/usr/share/myspell");
+
+// (KDE) desktop support
+//pref("widget.use-xdg-desktop-portal.file-picker", 1);
+
diff --git a/svg-rendering.patch b/svg-rendering.patch
new file mode 100644
index 0000000..d04de51
--- /dev/null
+++ b/svg-rendering.patch
@@ -0,0 +1,29 @@
+# HG changeset patch
+# User M. Sirringhaus <msirringhaus@suse.de>
+# Date 1645518286 -3600
+# Tue Feb 22 09:24:46 2022 +0100
+# Node ID 81832d035e101471dcf52dd91de287268add7a91
+# Parent 66f7ce16eb4965108687280e5443edd610631efb
+imported patch svg-rendering.patch
+
+diff --git a/image/imgFrame.cpp b/image/imgFrame.cpp
+--- a/image/imgFrame.cpp
++++ b/image/imgFrame.cpp
+@@ -372,6 +372,17 @@ nsresult imgFrame::InitWithDrawable(gfxD
+ return NS_ERROR_OUT_OF_MEMORY;
+ }
+
++#if MOZ_BIG_ENDIAN()
++ if (aBackend == gfx::BackendType::SKIA && canUseDataSurface) {
++ // SKIA is lying about what format it returns on big endian
++ for (int ii=0; ii < mRawSurface->GetSize().Height()*mRawSurface->Stride() / 4; ++ii) {
++ uint32_t *vals = (uint32_t*)(mRawSurface->GetData());
++ uint32_t val = ((vals[ii] << 8) & 0xFF00FF00 ) | ((vals[ii] >> 8) & 0xFF00FF );
++ vals[ii] = (val << 16) | (val >> 16);
++ }
++ }
++#endif
++
+ if (!canUseDataSurface) {
+ // We used an offscreen surface, which is an "optimized" surface from
+ // imgFrame's perspective.
diff --git a/tar_stamps b/tar_stamps
new file mode 100644
index 0000000..8134a9f
--- /dev/null
+++ b/tar_stamps
@@ -0,0 +1,10 @@
+PRODUCT="thunderbird"
+CHANNEL="esr128"
+VERSION="128.5.2"
+VERSION_SUFFIX="esr"
+REV_VERSION="128.5.1"
+PREV_VERSION_SUFFIX="esr"
+#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
+RELEASE_REPO="https://hg.mozilla.org/releases/comm-esr128"
+RELEASE_TAG="2e403316e9cb803e5ad9bd34eab5bf812fd32186"
+RELEASE_TIMESTAMP="20241210220830"
diff --git a/thunderbird-115.13.0.source.tar.xz b/thunderbird-115.13.0.source.tar.xz
new file mode 100644
index 0000000..2ab1b93
--- /dev/null
+++ b/thunderbird-115.13.0.source.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:057f9436b383d668fc266d96dc62b50e669a68ee2af462e020997f5e274fc59e
+size 531342044
diff --git a/thunderbird-115.13.0.source.tar.xz.asc b/thunderbird-115.13.0.source.tar.xz.asc
new file mode 100644
index 0000000..1568d30
--- /dev/null
+++ b/thunderbird-115.13.0.source.tar.xz.asc
@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCgAdFiEErdcHlHlwDcrf3VM34207E/PZMnQFAmaNskQACgkQ4207E/PZ
+MnQFpA/9G4Ony2Yv2hqeM3wNgO9ZdtvN55iF9xSL0OUXxMEQrjt+FdGTNyJQ8uw2
+hroSGS8QSo/uwcUsVUwj3CD+bTxftf5bcfqv8noXwSk46nqSbklMtM105iGjEnpr
+jegHz1X018B+sYrPhmTyMAwP2cHZa6mUma4hErr0VdcNuGQFACzmsgR3NzTsG6pQ
+ecnoJVTRi3ZJIAFRUbdEbn2NugOKkwEwFTTycS1eXH41df6nZkKgmOsBXsT2ZuQr
+9jIR7TUBopcZCUA1Cr7HB6FtBbj+7LKcKykpvZrowyh375x+4ehs1md2xWvQm8Ur
+t4SnbxZ7Bf37PsL/FJYqhwDaMa/GVthh7h5GKhPURMqht3zlpF+gQnz/jRyAgLQA
+4CaIFqTLaEQF29vMIns5Dvb56OI9bNQYEe8GTvFhh/jF+GQwN38M/x6zwjQcHiv5
+hPHVO6dEuOtg9B2QadJRQGhol/+MGqAaAVpBkNUCmT6ANUPrt2dRZC3wn14Nb1SL
+hhDIMe6sTt0ZdF67Nb0lYxN2f7XO4idX7B8AQOfsWCDJJqOj2y/Lo0uPEDvlY5KS
+D1w04m7Go8NZMvUBHIgS1O6d7PGFFLO35ncYTdTWYNprfIH5Sx1nMCnb+Y/jCFsl
+58Z7fVySgSXkl2+GDFspPGWCgmvvuOFrH5Y6KWBRPWYgWNqPz0E=
+=on8F
+-----END PGP SIGNATURE-----
diff --git a/thunderbird-115.14.0.source.tar.xz b/thunderbird-115.14.0.source.tar.xz
new file mode 100644
index 0000000..e1773b2
--- /dev/null
+++ b/thunderbird-115.14.0.source.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:037fc3f03f5ee4f23d4947ad285504d280e926c4e1a6b224d7351f668c6ed7f0
+size 533296972
diff --git a/thunderbird-115.14.0.source.tar.xz.asc b/thunderbird-115.14.0.source.tar.xz.asc
new file mode 100644
index 0000000..12086d4
--- /dev/null
+++ b/thunderbird-115.14.0.source.tar.xz.asc
@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCgAdFiEErdcHlHlwDcrf3VM34207E/PZMnQFAmar6QAACgkQ4207E/PZ
+MnQKUQ//auM1mf53PcOxpyX3VNGH6VcquXbFfzdmxStOyijdaVV1q47W6BQjY4uL
+3+ITqfw63C0rmrlNBS20w0YdRLiQdaRPrLI4Gj6GOLA8oeeYr5yEiXPuDuWvIpL2
+71UjOiPABanEiXCmnmB4A6zXzeCGLo5lrCfsjJ1Q64uvqL/B6C0T83N2caxzJeRB
+FIjTHs/HP5jEDNgkPZlRYC6EQzwsu35P8fhx/XjzkZefVsRt9g6EgNjK/fF4Auty
+LeyjbL4rz20izyh0tJ8f41cZWTHChydp6W9XA7+z7tVlTC92AmhyhKbiJJaC55Gj
+LptssG21AKyvuAT7q9S1BeZ9oNX5wBfwUGp5YcJGPVssQ0ZGRdpVyLyehsqK5HZM
+XmkzAoyyqBKRe+0MyiWgGj36STf68wh2ZdRt2yvmymZiWBgtOgSCa3qlXYzFwVWT
+5GxXbLACO6JKmXg+1PWOLPVvpLMjj2uHOPMWfb8IrgEndA81+D2qQUYh/2VncoRF
+RdML2m6Yf403xSw+6Ckauhhsx739CnjoISJRTtu9qvYm9wDY9RRZwg6zQsKpww+9
+0RQntiWLT48uG5/D2OB/jpngsb6QPhpzyLa2qiY1+ctcAcGqPN6MdDrfFIQbpPbO
+cTWi3ljxL+nbfHVJdHY77IkXF3qwBTQVT4yzS5qWgqPf5kC7c0g=
+=YzDJ
+-----END PGP SIGNATURE-----
diff --git a/thunderbird-115.15.0.source.tar.xz b/thunderbird-115.15.0.source.tar.xz
new file mode 100644
index 0000000..56aa662
--- /dev/null
+++ b/thunderbird-115.15.0.source.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:eb04e62171586570e83ce538d4e2feca51c24b2def84fb5c1d0baa9269d41cc7
+size 534455612
diff --git a/thunderbird-115.15.0.source.tar.xz.asc b/thunderbird-115.15.0.source.tar.xz.asc
new file mode 100644
index 0000000..fbe6220
--- /dev/null
+++ b/thunderbird-115.15.0.source.tar.xz.asc
@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCgAdFiEErdcHlHlwDcrf3VM34207E/PZMnQFAmbXrwUACgkQ4207E/PZ
+MnSSXBAAjscNC/NThi+i8p+exea5QWpM96FZkF5eRJ/jS9dWLm2UH9xZDPyDCJvy
+PXArlpWlIWWG21Pws7fy4g3RZcceim94QWhgMd75DJCKmZ9dgKJLtZla3Qs226b9
+G1DwXfonJUEh/cd1fQQ3ewRUwdnzgjyRMvJeDDdzClKqApuEF9hr7h7aJNObzU1R
+2n2gEpQrKIpWT5ijTlcr4tBTGqs3JkmXhzsH68XpzqXspWcpSJzSiEntH2iBvC8Z
+dfedsgGBA03gbyuFd+haD3/vxsARHAmme/o5xbrUcUIrZTkRVpI6mnFY0CzFx30K
+IilGvGy1mW7oxyakNAQvPpSTCcy8FPXdbi1oGRN1nS8kgpJhiW0pb7m7oh5ul1xi
+Hw1nT3ZJfikr/U2t8nTsXwgiuEnG6hqEh5Us6QR/f8rEEWd9TrbfLWXW4NfWImHZ
+OafCrzLzAUK4nSzN6AI+ZQqUBq0mru6z67I1CX6t2KCo7GdZwDhsWm8CrN/I0JlF
+5RuimLUpCs6Q25ZuPFaLojQHzImgXO48Y/lUHtaDYSdHHBhF7GYhLj3zA3ljuDIv
+rxmJpSaMBgn4zk4igQn7y3ScY5Ht0yHHdd3bkewcD02AuOWqYyFKuYmm3kTU+GjZ
+nY9j30eL+zXgVDWuD4vlTFvgieag9P6+HK/K8uzflJ8FiHzXy6U=
+=VPte
+-----END PGP SIGNATURE-----
diff --git a/thunderbird-128.3.2esr.source.tar.xz b/thunderbird-128.3.2esr.source.tar.xz
new file mode 100644
index 0000000..ab2a853
--- /dev/null
+++ b/thunderbird-128.3.2esr.source.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:7c836d148dafc1d46297e77a4984858c2130f6703cec80d6beb8aadd693dd711
+size 671832068
diff --git a/thunderbird-128.3.2esr.source.tar.xz.asc b/thunderbird-128.3.2esr.source.tar.xz.asc
new file mode 100644
index 0000000..402bb7c
--- /dev/null
+++ b/thunderbird-128.3.2esr.source.tar.xz.asc
@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCgAdFiEErdcHlHlwDcrf3VM34207E/PZMnQFAmcPBroACgkQ4207E/PZ
+MnRnbA//Y3tIyxzMQx66vaV+HCHvnhHzX9Nfub7YgwHDwI3+aqpx5YmNmGonZ0N2
+K2xNeCG5BBavno4XFaxGbV7HgT7qWIPGoGK+FxAUoVTD5MkYRSi/MIWQhe7F+2nS
+uDlgjdUDeY2IeTg9qv+JT58ZwIhrGdStehekCV7thZSr3phom9oCKFQOTgCCsV+R
+xVrQKCn+uZDJ7ShPgGECJcCn9L/JABNj9OQqLXrCNrM2ekvGCwWHmsg4z9+kwefH
+Zt9wFIns3LaQ8ZRL3/4YnFWXFK6ALIghTowUdXxEvPXY+rb3NggAHw3UTXAThzOs
+WSLY0dOjbUcBYnWxY4l33qSypT5ZQ36WIxSAuMrHFFrCIIzymlU+h6g/EEmGQo3T
+Q03UONOmvYsCzzrOnQQPZLdyzy4P0dkm3rDm2r3bYWzADgxzC/Cp61EBXtdDXHmf
+3OmPoDCdp42yWryAxtHwpmAxJb+H7cr1YhFnvt1w1wVOjeNns6GdaM9muGdRfYAY
+NfnbCnG5Jd1+CkezYKbdsUVc0DnVD6wQ7oHgkrGn2/+bIhZrk6G64MWDxuP6Obj3
+LqclcYITde4Nkps250M8eMZSF96AoKgd4A38ahCoCpvz/98sHa97dpuoYOgqHVoz
++FqPwbU0ruMmVOkm3LCNg23LI0d+KYCXO7Uh3HuKnAPTG2zm8SY=
+=ulMO
+-----END PGP SIGNATURE-----
diff --git a/thunderbird-128.3.3esr.source.tar.xz b/thunderbird-128.3.3esr.source.tar.xz
new file mode 100644
index 0000000..4ec4561
--- /dev/null
+++ b/thunderbird-128.3.3esr.source.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:ddb5ab460d79ab3094197d1c4821a17e36775601a3bd33351b82e61770b4b221
+size 679424276
diff --git a/thunderbird-128.3.3esr.source.tar.xz.asc b/thunderbird-128.3.3esr.source.tar.xz.asc
new file mode 100644
index 0000000..c1915ee
--- /dev/null
+++ b/thunderbird-128.3.3esr.source.tar.xz.asc
@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCgAdFiEErdcHlHlwDcrf3VM34207E/PZMnQFAmcW0Z8ACgkQ4207E/PZ
+MnTzYw/+LOmWjNV2XaAQSvZioQnV5jjuamEXcCRW0QeYguzFM8qxBQUV/4dyKPJc
+lmUsTqL4nolwPyYgh4iBAIP0WkrN39ypJuojECNNPGNBUe7R/AvSuP8yqUT0+BP3
+kU25F0hOP9e47pyrx3efbFhGJcQiUzt1mDfe2B/sPuqfjmBuhtoDH5y6PRluL+Q+
+p+mABWOy/Y+YaC4h7RyLiYG5N8iR5bThLwYVxyHuqMGrrohUzxShW4jIiE51DlLD
+qlLHOwlTjV7bURx37CsfN+02pQYsHPlOVqW0OaCgZG3LwiAvSbdcp/74Ywsa0JU9
+tE6v/1JIddRojMPwMj6OEHTnJO27q8/EE7ybzdBELNpVMhMIBRPbTtp/gJHUfHOf
+2RnmFG8kQUvnx7iiXeczFyZaRc7cExRBEDXtl+AAGaYt34yxjL7NsthXQlP2DaJq
+XZwFbRDm9RUlSp3uog+9lqhi6huPfgwypnK4qmn5yKomp0jTd0O3stSP/StuAWAq
+0orNxDd8NWrzfDLRxOVA3C+LIP4KEq1t1XM3Qq1NaXhy7MvfwG4rPtJbAktDuJam
+qxEzRkD9bgaR1hX8UmGGI0+jtQf2qXjUmp5ytoOfQmKyIJofnWgrCmjHhzYuUPzU
+qNSiwcwFM2e1gFVgqZCtbCLBYQK6vKK6Mux8MN45FG+gmHy3pSc=
+=KF9v
+-----END PGP SIGNATURE-----
diff --git a/thunderbird-128.4.0esr.source.tar.xz b/thunderbird-128.4.0esr.source.tar.xz
new file mode 100644
index 0000000..20789cc
--- /dev/null
+++ b/thunderbird-128.4.0esr.source.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:81f43a2680412a6afdb5fdf6b8296c92d0d6812892399b174723c4f753d5429f
+size 672888608
diff --git a/thunderbird-128.4.0esr.source.tar.xz.asc b/thunderbird-128.4.0esr.source.tar.xz.asc
new file mode 100644
index 0000000..1e44e10
--- /dev/null
+++ b/thunderbird-128.4.0esr.source.tar.xz.asc
@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCgAdFiEErdcHlHlwDcrf3VM34207E/PZMnQFAmccK9QACgkQ4207E/PZ
+MnR2QxAAkgK4UuUluI1Y00cvBIUu9xww5qWKs9Uy8bdjgVApe3Wem1ZM1ua+uCEQ
+gNr077kGoVEsrINlOT/+VXjsELVehD6cuyGlha/oZ21P6fkJYVyG7Z9tDAIxXVVD
+wqC1ziMVHaYlNWvYo4w3fSTnr3YT9DhDRK2nj3KtCRsIbWPYU/FirUfTZUisZ6yr
+/Pv3a3hlNsXkT6742xOkwScjIV50SPZWlAEKjyG9fpQVtv3/nvRQ/GhE9/fjE0LV
+TzrBt8+sWY9AaC0qBf9yUEDPmzieyhrhipzQZ6I80v7UgRGSta3/gU5Peg3wuZ9p
+wDmJjH27gykzhrxDKUWiTgWVo5l5qgOz4csiQnBMMzxB1CTT8Q05EUSqnfi3oetk
+R23/DRNqzeVBWzWGvFVzwgMxsqOtyzheIq6n0/rk4dloR6j+1yCx52+zC0TDEWV4
+UZTlsp0Z2O1l+wLG/Uc2IUwy7QQf1eS9Es+aFWg+U8hFdCOpb1T/yfPX2dZYaBHd
+5Bo2URoG+h3JcavxMpI303lO4SZ2Wcdqi+XdHdXqt0zWw2nbAYTJw1KniPk+XDoL
+bkk+szsOa1Bmyja2+bFOirlcbKbnTHLmRpBMhqnylU4H59IIk80nWo5fzpqB4A7L
+kmj8/1ci/FOkhN6tq9tyW0GpBPfBZ5/xacpb97xoSYJTi4DyPXk=
+=I1Xu
+-----END PGP SIGNATURE-----
diff --git a/thunderbird-128.4.2esr.source.tar.xz b/thunderbird-128.4.2esr.source.tar.xz
new file mode 100644
index 0000000..7a2c37a
--- /dev/null
+++ b/thunderbird-128.4.2esr.source.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:6fa81eeabb89f02792738718168586bd75c07dc9256e79b26438da70e80dd0d8
+size 676111384
diff --git a/thunderbird-128.4.2esr.source.tar.xz.asc b/thunderbird-128.4.2esr.source.tar.xz.asc
new file mode 100644
index 0000000..439bdc8
--- /dev/null
+++ b/thunderbird-128.4.2esr.source.tar.xz.asc
@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCgAdFiEErdcHlHlwDcrf3VM34207E/PZMnQFAmcqwJcACgkQ4207E/PZ
+MnTD5xAAgc9k3sduB8s0xkx6DAq5H1Ry54W8zBy/nalqqwnCH4Txv5YJB1hIs42e
+VlJoSE1jlg++xgtf0bZWhN1u9RcvHDj6YMoT+/fVE5639AN2ZZFr57DoVGvYKQUy
+dEcQtJo7EpOb2eU+c/SlOECVnqQaBSH46NPgKdOYB8Kw6N3AVKH51P8xVgDqXO7b
+eW+EcKu4qTNf8vqJMNPA4/H9tFFHR9k1Tw992V2FCafb6ymslkq9+p7rSGQP4m9l
+s+TRghvElDW0ot3pb0IxUlt6RJ/kmIrZXis9Wiev7gSf2Ofqfb2JHxDdM7qNNR/J
+4KrQV0Azpg6UgF71IYXANGIMF9cWele47uLLhMfFxkro8sX1eTEN+u03IzuW91BC
+GuN0lNwKHskk94F0M1z2Lsq68eiSN+36l3IpBsb6FFP0RCyCGzI5NeuhtY1OUxxa
+nEHUvyUyVjF5x+ce/q0oxfbPP7/HMvaBuoiasw40ookOV1eNBNam4RpyMb2TAavu
+YtrpLhQxqbJeP9JGi3IJm5ZIgnQB1X+j1Cy8OJTUzdKHxuLxjb+Y+RuznVGqJYEF
+J+JuUkE97ZG3/lXek+eVUCWNYql3wlpm04y2MxLXDlZjxWKRKTcut3BVkQs3l+6P
+fFQP0njuTEqU5cPRCf+DVDOdbRbfkJIzGSM/f7EE7vLcXppDOvs=
+=QEVU
+-----END PGP SIGNATURE-----
diff --git a/thunderbird-128.4.3esr.source.tar.xz b/thunderbird-128.4.3esr.source.tar.xz
new file mode 100644
index 0000000..4aae9d6
--- /dev/null
+++ b/thunderbird-128.4.3esr.source.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:146edcfee47ebaa3fb6cf877a0747140dd011a3f6b674c98cdc61b9e98bbd61c
+size 673965268
diff --git a/thunderbird-128.4.3esr.source.tar.xz.asc b/thunderbird-128.4.3esr.source.tar.xz.asc
new file mode 100644
index 0000000..5785690
--- /dev/null
+++ b/thunderbird-128.4.3esr.source.tar.xz.asc
@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCgAdFiEErdcHlHlwDcrf3VM34207E/PZMnQFAmcu5GkACgkQ4207E/PZ
+MnRj5RAAj7dKSmOsVy+HBFm7I5GSZJauNe4AsFqTODFxp7imh6MwCjz+vcToKn3v
++u8UV+RGxihmcvQ4bzmnV4YP0ZUAAFWueONv7b4n3Mc/hp38Ej+s2QSfxsFcptnX
+LYZ1LkAuxld+ixVtgx+/rLAZjt85MLU0+QgviTuuNCl6Antlro6KBRfO8hK64O8m
+zHHewJRQGPdrBqbaIGpIyeWhDAJ3iV2FN0cIqD7O2prWMpeHhWlKcopMAtBUem83
+g2QM1FqsuthRKb4yWt9hJEEM1g6MDsiU15gIlcIZEkgO2sD48QxPVPshXvAQCNCp
+MD+SwZt0Rg6fWDcvYQWJo3tCrO7M+8+ccX05Qm3y88yCLpt17DGBZ4Lpr/DpmSMH
+vbpFe7gUusJm6Jh8UGQXF43otWzsCgRQwCcpbpMggw+1YbHrREuLSQd1iSeNxu9l
+NQDjtN8SxkBZINlFPXpjdGkSApN2vgvkly3QNJ6yC85IijkWdOm9vaA405adYVff
+CfXJlSUxLC709E+owMOPvhtnbaC/0WAiXuTmSDUzhU6ZFtBAv3SMjxWqI9pg1E7d
+EdeFxrRi3RXvJigaqVAB0ax+b4Qrr2sk5xwPzwOTJyfL0new93Wp/y2ZgN/BuLrD
+p/uXKkmMzbMu0ZvLIKxVhiMZNzeoc1l7qUnVZwlDRaC66ynetkA=
+=Mwsw
+-----END PGP SIGNATURE-----
diff --git a/thunderbird-128.4.4esr.source.tar.xz b/thunderbird-128.4.4esr.source.tar.xz
new file mode 100644
index 0000000..43d6149
--- /dev/null
+++ b/thunderbird-128.4.4esr.source.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:370fae094c0f600e8eb54628c34485c7da6528f905613d41d6975092566731cd
+size 677533120
diff --git a/thunderbird-128.4.4esr.source.tar.xz.asc b/thunderbird-128.4.4esr.source.tar.xz.asc
new file mode 100644
index 0000000..df0fd2c
--- /dev/null
+++ b/thunderbird-128.4.4esr.source.tar.xz.asc
@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCgAdFiEErdcHlHlwDcrf3VM34207E/PZMnQFAmc77a4ACgkQ4207E/PZ
+MnRvWBAA03Se7xB+PlNX+ZbgufJOkWIJ1NtMz7OVYFvVMOfptdjZs4Z0yzgjGMGz
+FC8ji7faKzuB64GQK0I0VJZbtUUJoHDpQCzG4OaGIFngTFxTOHHybD1ERdOCIiXU
+/RZeiaski6hs0wSEz29ws4O2OPyjO1ygtfQyyjfIiX5clFviDBCoZKTpGNHnAy3o
+VW4eCMrDT8mD7sOUShV3c+AOxdDhO5vZfSs9LY6H131p9Jxpy18ZTXJyxcgPcO2K
+4UYwnLFWLyU8fTre4TMGGe3dxOTVKsuicX3qtuRbtaQDf0+t2+13zbngpj0eu8ol
+LSuYP8I85Vo4g97DLCMQcX7sA5ef9ZR9sVsabkdeVD5CNvm5vWjkgwu9qlHHUeW3
+awZqufmoNaMM5UMWmWFi7wOPVYv0G/OgiMdwcHkTtBrurCBzBezve9t7H7H6zhOS
+FWxoqQQN+QKTB9ytpmhZ1ZV39IU87ijrUnBpjhs66EufkADpD24ombG5cMU9JO+9
+hFqrc7hNTRcCdhDvm2m450+vbUY8EZ1k0PKKcAdRzFyvRPKKJ+Y+KV0kjyJ2PgN8
+ev+1IiN/9hHQVPnOEh66YyPgoiegIAVZVZzJDd9JOfUwcRCrODRVlwlFdiw+INDY
+F1YRVvRnMq7cmXNBA31WkrTT2yCB7wY3dzLUzsXvN7KZYDWgqfI=
+=8WEs
+-----END PGP SIGNATURE-----
diff --git a/thunderbird-128.5.0esr.source.tar.xz b/thunderbird-128.5.0esr.source.tar.xz
new file mode 100644
index 0000000..20e2ab9
--- /dev/null
+++ b/thunderbird-128.5.0esr.source.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:e92ef24c1da888853d78d926c56599d1e0c7ad67a404d10dfea9483124e731cd
+size 677426000
diff --git a/thunderbird-128.5.0esr.source.tar.xz.asc b/thunderbird-128.5.0esr.source.tar.xz.asc
new file mode 100644
index 0000000..5e2fbc4
--- /dev/null
+++ b/thunderbird-128.5.0esr.source.tar.xz.asc
@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCgAdFiEErdcHlHlwDcrf3VM34207E/PZMnQFAmdE3WoACgkQ4207E/PZ
+MnTOtBAArzDhhzvgO1pf31tzSu0HXZq01mCMjadDl4CZR4pVWbDvwnNf34y19MQ5
+68TcR5Fj03xnrJC2x+MfJVW36Ry2T1B6oUmxJznPom9HrTa22E9wvdgZu9rQhtLN
+SIQVTndqAXZeNxkLoY2lqtx25pHmPh8JqiaiA0Mg2Uws2xHmCZrdU9ZqZm76gF/J
+IqaSdK3ZcfV3FPbTEBhg67JYchqwepXwlyrl2lg7uLAaQyNGwFVTzGn+U9VGp3xw
+BYTJLebnJc/H0I9r6O+9Pnqj2o2GlhEKVKabhO9/dzoa1keFKjaPHLkStioHXc8f
+in2aoEqH3cgIkKLNxmpCpcO5RVelDSFE5xQxiB8MGQTRyLGtMNFHzXvCEFZVF3Hx
+HJ1vxEuwaEhbHTDjGNpjy57y25BJnJR0JFxxUlZ4upSymqp8iW1JhQhQAFMJoDUn
+EvMRMntD+9EUjbD2Cp/OO7dddACi1a50HLP4OlHU5pGEyNShIHoBJdo1Q0VHeg/7
+bXumwStRiWob/RoFAFFxjcxmxeyX9L/qynPh718PLdmXrzk7Xldwf9nCd222UE1/
+Zet9iXZOwhQSGziwu0JOzy4PJhFWZrVkpNLwL69Kpk6Lfz/9PnLM+oxa83Jep7Ic
+Bi6lVFGx2MCRlophhRpDaT72pfkcsYfXkAPgUzWM4yDQS6E/LrQ=
+=ebtR
+-----END PGP SIGNATURE-----
diff --git a/thunderbird-128.5.1esr.source.tar.xz b/thunderbird-128.5.1esr.source.tar.xz
new file mode 100644
index 0000000..cc57f68
--- /dev/null
+++ b/thunderbird-128.5.1esr.source.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:035fb708f98cf4c90a193a1b3c8a381613ae4001af8c5a62a876d469c097bb5b
+size 678670780
diff --git a/thunderbird-128.5.1esr.source.tar.xz.asc b/thunderbird-128.5.1esr.source.tar.xz.asc
new file mode 100644
index 0000000..c610bb5
--- /dev/null
+++ b/thunderbird-128.5.1esr.source.tar.xz.asc
@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCgAdFiEErdcHlHlwDcrf3VM34207E/PZMnQFAmdOCLkACgkQ4207E/PZ
+MnT21xAAjC9a3QrufXUe43PondZ7rD/HZqHy701dHwQFycsfb63SpYZbYbl+6RKd
+0mlfnwShNEL/tBVl6Y7ls/Y8bCfRenwJiGbHOQ1ZYeVIaIHHgUhts0gusLf/sWvF
+2OE5PsKULNTfg88stZK681ff0+eHCy7F3dB0hkGn/G1jb7haYoZDd3CZ8P3rBYP9
+nJ6IJyAwf3vmH0eym/2QnJLqU9tGgyM5hcYDD5WQzrH3GPM9ZzxkI0ZSECjlF2Sw
+V5OnHI0Qd2ONcuF6e1PD93h2g8L8nke7WdnGeTj4yUBXUyWPqRaGyU/nDgvL+A7n
+rrbaMdzMA98DdX7o3FzL8CyvSByEmNF/iKCEkR3Y9+i4KmbYvoi5F+ehjUuus6xq
++LY1egWJZ0gULRuPIKRp6fY9yAQ9aFig76oKxRrNfyrrZwa8CB3LP156PP5g50ey
+zGGyYwZzszGD0iPKzVOOsFMtuy3R3W7W+Zw27xnKcKQkU2uLcRCZOFbcaeHD9Php
+6tFIWR6QkDM5ghjM43vx+xAwyp8jKVDlJs/FpcP5Dn75aQPRj8URq0BVmB2QrTuY
+1yyRSCs9J6yk7i7nlORIQ0weBybw3ZE5nix2lpuAFqOxeajrL2EwmSwZ4+20Dkch
+s3Bqd4CqgVRcDtE77G4u+UtqZdbX2CVx0OFmnQdBxjdO4VJZGAQ=
+=8TqA
+-----END PGP SIGNATURE-----
diff --git a/thunderbird-128.5.2esr.source.tar.xz b/thunderbird-128.5.2esr.source.tar.xz
new file mode 100644
index 0000000..956d25a
--- /dev/null
+++ b/thunderbird-128.5.2esr.source.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:ef932fe30fcc3f90f465feffcf641147d678ec3ecda220f317046e715a905547
+size 674696420
diff --git a/thunderbird-128.5.2esr.source.tar.xz.asc b/thunderbird-128.5.2esr.source.tar.xz.asc
new file mode 100644
index 0000000..44134f1
--- /dev/null
+++ b/thunderbird-128.5.2esr.source.tar.xz.asc
@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCgAdFiEErdcHlHlwDcrf3VM34207E/PZMnQFAmdYwtsACgkQ4207E/PZ
+MnSKlw/9EZFoDtdDUpAc2Pbl2DikDicgcRd+B461HDMUbyvWXYp5uVfXVG1Bvcwn
+HzKx4wl3lsgWIOcZkUopK5NazQXsneZpYcpA/evRAcVxN1/Tm01G3tMprCvmRaSA
+Wwf2KWyPp0uMUu0y9u9As1z1EaaKfqrSefo3mOmJNGlskBubz1nT/1sxV86ujzCd
+onB07wAYUNFkzyQzDxevrKMG3osXw4lZOEf0TwOTRp5fFWjmbMYSn9e8RKpOgiqG
+wVOt4byRdS2/iUwkrmZs5jelKOCjjlKzWcnSwS8mIWhEFzGZ8xp9A2Eoe7ws45kk
+dFaRsH9pX11B/hCOxsRWc8irg59XvvepJX75hPWV4WEkbWfOqLt6a1TBOi4bbiI7
+Ng0odcgy59Q9pkK7dHnXRSDY5JhY8XOTA3MLNLXhhn0Dqhc6jUv8oMjdgk2rYfDV
+/oo2zCdtVvMgQm4aAzRVcKPsuMiOUiTbpEjSSjHHg4YqF7BVQG3gZ3B0lkAZU7pH
+pk7Q0XRf9Y3EmKaVqHqJdRxRvogBvCDrLIuFHtAeMRhQlm8oZZXmQukGifd1uQFn
+qjAkIeapzQ/IpInCKrJT+OMaO1X8zn+xrJUfOugTOgwLpW4o4Y7l5U6NBab/9BxM
+ov3XkKIJ39N2FwmXR49sVD7JHOlIGwixTNhPE62CqlvjYqft+ZU=
+=HaSZ
+-----END PGP SIGNATURE-----
diff --git a/thunderbird-fix-CVE-2024-34703.patch b/thunderbird-fix-CVE-2024-34703.patch
new file mode 100644
index 0000000..9cd7848
--- /dev/null
+++ b/thunderbird-fix-CVE-2024-34703.patch
@@ -0,0 +1,20 @@
+https://github.com/randombit/botan/commit/94e9154c143aa5264da6254a6a1be5bc66ee2b5a
+
+diff --git a/comm/third_party/botan/src/lib/pubkey/ec_group/ec_group.cpp b/comm/third_party/botan/src/lib/pubkey/ec_group/ec_group.cpp
+index bb60bacf7ba..214751b4eb0 100644
+--- a/comm/third_party/botan/src/lib/pubkey/ec_group/ec_group.cpp
++++ b/comm/third_party/botan/src/lib/pubkey/ec_group/ec_group.cpp
+@@ -334,8 +334,11 @@ std::shared_ptr<EC_Group_Data> EC_Group::BER_decode_EC_group(const uint8_t bits[
+ .end_cons()
+ .verify_end();
+
+- if(p.bits() < 64 || p.is_negative() || !is_bailie_psw_probable_prime(p))
+- throw Decoding_Error("Invalid ECC p parameter");
++ if(p.bits() < 112 || p.bits() > 1024)
++ throw Decoding_Error("ECC p parameter is invalid size");
++
++ if(p.is_negative() || !is_bailie_psw_probable_prime(p))
++ throw Decoding_Error("ECC p parameter is not a prime");
+
+ if(a.is_negative() || a >= p)
+ throw Decoding_Error("Invalid ECC a parameter");
diff --git a/thunderbird-rpmlintrc b/thunderbird-rpmlintrc
new file mode 100644
index 0000000..86c1048
--- /dev/null
+++ b/thunderbird-rpmlintrc
@@ -0,0 +1 @@
+addFilter("no-jar-manifest")
diff --git a/thunderbird-silence-no-return.patch b/thunderbird-silence-no-return.patch
new file mode 100644
index 0000000..c4fa183
--- /dev/null
+++ b/thunderbird-silence-no-return.patch
@@ -0,0 +1,12 @@
+Index: thunderbird-128.4.2/comm/mailnews/base/src/MboxMsgInputStream.cpp
+===================================================================
+--- thunderbird-128.4.2.orig/comm/mailnews/base/src/MboxMsgInputStream.cpp
++++ thunderbird-128.4.2/comm/mailnews/base/src/MboxMsgInputStream.cpp
+@@ -263,6 +263,7 @@ class MboxParser {
+ default:
+ MOZ_ASSERT_UNREACHABLE(); // should not happen
+ }
++ return data;
+ }
+
+ // Attempt to parse a "From " line to extract sender and timestamp.
diff --git a/thunderbird.appdata.xml b/thunderbird.appdata.xml
new file mode 100644
index 0000000..ba0bd99
--- /dev/null
+++ b/thunderbird.appdata.xml
@@ -0,0 +1,22 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+Upstream does not want to ship it https://bugzilla.mozilla.org/show_bug.cgi?id=1071065
+so maintain a stub in here.
+-->
+
+<application>
+ <id type="desktop">thunderbird.desktop</id>
+ <metadata_license>CC0-1.0</metadata_license>
+ <description>
+ <p>
+ Thunderbird is a free, open-source, cross-platform application for
+ managing email, news feeds, chat, and news groups. It is a local
+ (rather than browser- or web-based) email application that is powerful
+ yet easy to use.
+ </p>
+ </description>
+ <url type="homepage">https://www.thunderbird.net/</url>
+ <screenshots>
+ <screenshot type="default">https://upload.wikimedia.org/wikipedia/commons/9/9d/Mozilla_Thunderbird_GNOME.png</screenshot>
+ </screenshots>
+</application>
diff --git a/thunderbird.desktop b/thunderbird.desktop
new file mode 100644
index 0000000..84460b3
--- /dev/null
+++ b/thunderbird.desktop
@@ -0,0 +1,12 @@
+[Desktop Entry]
+Encoding=UTF-8
+Name=Thunderbird
+GenericName=Mail/News Client
+Comment=Mail/News Client
+TryExec=thunderbird
+Exec=thunderbird %u
+Icon=thunderbird
+Terminal=false
+Type=Application
+StartupNotify=true
+MimeType=x-scheme-handler/mailto;