From 382cf0734e20c0e2fbfc85367438caf94cd96b4c1aaadb2d647a69ed6830d6eb Mon Sep 17 00:00:00 2001
From: Wolfgang Rosenauer <wolfgang@rosenauer.org>
Date: Tue, 14 Jan 2025 20:39:07 +0000
Subject: [PATCH] - Mozilla Thunderbird 128.6.0   * New mail notification was
 not hidden after reading the new message   * New mail notification could show
 for the wrong folder, causing     repeated alerts   * macOS shortcut CMD+1
 did not restore the main window when it was     minimized   * Clicking the
 context menu "Reply" button resulted in "Reply-All"   * Switching from "All",
 "Unread", and "Threads with unread" did not work   * Downloading message
 headers from a newsgroup could cause a hang   * Message list performance slow
 when many updates happened at once   * "mailto:" links did not apply the
 compose format of the current identity   * Authentication failure of AUTH
 PLAIN or AUTH LOGIN did not fall     back to USERPASS   MFSA 2025-05 
 (bsc#1234991)   * CVE-2025-0237 (bmo#1915257)     WebChannel APIs susceptible
 to confused deputy attack   * CVE-2025-0238 (bmo#1915535)     Use-after-free
 when breaking lines in text   * CVE-2025-0239 (bmo#1929156)     Alt-Svc ALPN
 validation failure when redirected   * CVE-2025-0240 (bmo#1929623)    
 Compartment mismatch when parsing JavaScript JSON module   * CVE-2025-0241
 (bmo#1933023)     Memory corruption when using JavaScript Text Segmentation  
 * CVE-2025-0242 (bmo#1874523, bmo#1926454, bmo#1931873, bmo#1932169)    
 Memory safety bugs fixed in Firefox 134, Thunderbird 134,     Firefox ESR
 115.19, Firefox ESR 128.6, Thunderbird 115.19,     and Thunderbird 128.6   *
 CVE-2025-0243 (bmo#1827142, bmo#1932783)     Memory safety bugs fixed in
 Firefox 134, Thunderbird 134,

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=794
---
 MozillaThunderbird.changes                    | 35 +++++++++++++++++++
 MozillaThunderbird.spec                       |  8 ++---
 ...28.5.2esr.tar.xz => l10n-128.6.0esr.tar.xz |  0
 tar_stamps                                    |  8 ++---
 thunderbird-128.5.2esr.source.tar.xz          |  3 --
 thunderbird-128.5.2esr.source.tar.xz.asc      | 16 ---------
 thunderbird-128.6.0esr.source.tar.xz          |  3 ++
 thunderbird-128.6.0esr.source.tar.xz.asc      | 16 +++++++++
 8 files changed, 62 insertions(+), 27 deletions(-)
 rename l10n-128.5.2esr.tar.xz => l10n-128.6.0esr.tar.xz (100%)
 delete mode 100644 thunderbird-128.5.2esr.source.tar.xz
 delete mode 100644 thunderbird-128.5.2esr.source.tar.xz.asc
 create mode 100644 thunderbird-128.6.0esr.source.tar.xz
 create mode 100644 thunderbird-128.6.0esr.source.tar.xz.asc

diff --git a/MozillaThunderbird.changes b/MozillaThunderbird.changes
index 38db769..ea1a77a 100644
--- a/MozillaThunderbird.changes
+++ b/MozillaThunderbird.changes
@@ -1,3 +1,38 @@
+-------------------------------------------------------------------
+Wed Jan  8 08:12:38 UTC 2025 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 128.6.0
+  * New mail notification was not hidden after reading the new message
+  * New mail notification could show for the wrong folder, causing
+    repeated alerts
+  * macOS shortcut CMD+1 did not restore the main window when it was
+    minimized
+  * Clicking the context menu "Reply" button resulted in "Reply-All"
+  * Switching from "All", "Unread", and "Threads with unread" did not work
+  * Downloading message headers from a newsgroup could cause a hang
+  * Message list performance slow when many updates happened at once
+  * "mailto:" links did not apply the compose format of the current identity
+  * Authentication failure of AUTH PLAIN or AUTH LOGIN did not fall
+    back to USERPASS
+  MFSA 2025-05  (bsc#1234991)
+  * CVE-2025-0237 (bmo#1915257)
+    WebChannel APIs susceptible to confused deputy attack
+  * CVE-2025-0238 (bmo#1915535)
+    Use-after-free when breaking lines in text
+  * CVE-2025-0239 (bmo#1929156)
+    Alt-Svc ALPN validation failure when redirected
+  * CVE-2025-0240 (bmo#1929623)
+    Compartment mismatch when parsing JavaScript JSON module
+  * CVE-2025-0241 (bmo#1933023)
+    Memory corruption when using JavaScript Text Segmentation
+  * CVE-2025-0242 (bmo#1874523, bmo#1926454, bmo#1931873, bmo#1932169)
+    Memory safety bugs fixed in Firefox 134, Thunderbird 134,
+    Firefox ESR 115.19, Firefox ESR 128.6, Thunderbird 115.19,
+    and Thunderbird 128.6
+  * CVE-2025-0243 (bmo#1827142, bmo#1932783)
+    Memory safety bugs fixed in Firefox 134, Thunderbird 134,
+    Firefox ESR 128.6, and Thunderbird 128.6
+
 -------------------------------------------------------------------
 Wed Dec 11 15:48:02 UTC 2024 - Wolfgang Rosenauer <wr@rosenauer.org>
 
diff --git a/MozillaThunderbird.spec b/MozillaThunderbird.spec
index a012743..c8eed4c 100644
--- a/MozillaThunderbird.spec
+++ b/MozillaThunderbird.spec
@@ -1,8 +1,8 @@
 #
 # spec file for package MozillaThunderbird
 #
-# Copyright (c) 2024 SUSE LLC
-# Copyright (c) 2006-2024 Wolfgang Rosenauer <wr@rosenauer.org>
+# Copyright (c) 2025 SUSE LLC
+# Copyright (c) 2006-2025 Wolfgang Rosenauer <wr@rosenauer.org>
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -29,8 +29,8 @@
 # major 69
 # mainver %%major.99
 %define major          128
-%define mainver        %major.5.2
-%define orig_version   128.5.2
+%define mainver        %major.6.0
+%define orig_version   128.6.0
 %define orig_suffix    esr
 %define update_channel esr
 %define source_prefix  thunderbird-%{orig_version}
diff --git a/l10n-128.5.2esr.tar.xz b/l10n-128.6.0esr.tar.xz
similarity index 100%
rename from l10n-128.5.2esr.tar.xz
rename to l10n-128.6.0esr.tar.xz
diff --git a/tar_stamps b/tar_stamps
index 8134a9f..baae46b 100644
--- a/tar_stamps
+++ b/tar_stamps
@@ -1,10 +1,10 @@
 PRODUCT="thunderbird"
 CHANNEL="esr128"
-VERSION="128.5.2"
+VERSION="128.6.0"
 VERSION_SUFFIX="esr"
-REV_VERSION="128.5.1"
+REV_VERSION="128.5.2"
 PREV_VERSION_SUFFIX="esr"
 #SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
 RELEASE_REPO="https://hg.mozilla.org/releases/comm-esr128"
-RELEASE_TAG="2e403316e9cb803e5ad9bd34eab5bf812fd32186"
-RELEASE_TIMESTAMP="20241210220830"
+RELEASE_TAG="ae3d6df4c922bfec881437177690a3115d85b469"
+RELEASE_TIMESTAMP="20250107005646"
diff --git a/thunderbird-128.5.2esr.source.tar.xz b/thunderbird-128.5.2esr.source.tar.xz
deleted file mode 100644
index 956d25a..0000000
--- a/thunderbird-128.5.2esr.source.tar.xz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:ef932fe30fcc3f90f465feffcf641147d678ec3ecda220f317046e715a905547
-size 674696420
diff --git a/thunderbird-128.5.2esr.source.tar.xz.asc b/thunderbird-128.5.2esr.source.tar.xz.asc
deleted file mode 100644
index 44134f1..0000000
--- a/thunderbird-128.5.2esr.source.tar.xz.asc
+++ /dev/null
@@ -1,16 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iQIzBAABCgAdFiEErdcHlHlwDcrf3VM34207E/PZMnQFAmdYwtsACgkQ4207E/PZ
-MnSKlw/9EZFoDtdDUpAc2Pbl2DikDicgcRd+B461HDMUbyvWXYp5uVfXVG1Bvcwn
-HzKx4wl3lsgWIOcZkUopK5NazQXsneZpYcpA/evRAcVxN1/Tm01G3tMprCvmRaSA
-Wwf2KWyPp0uMUu0y9u9As1z1EaaKfqrSefo3mOmJNGlskBubz1nT/1sxV86ujzCd
-onB07wAYUNFkzyQzDxevrKMG3osXw4lZOEf0TwOTRp5fFWjmbMYSn9e8RKpOgiqG
-wVOt4byRdS2/iUwkrmZs5jelKOCjjlKzWcnSwS8mIWhEFzGZ8xp9A2Eoe7ws45kk
-dFaRsH9pX11B/hCOxsRWc8irg59XvvepJX75hPWV4WEkbWfOqLt6a1TBOi4bbiI7
-Ng0odcgy59Q9pkK7dHnXRSDY5JhY8XOTA3MLNLXhhn0Dqhc6jUv8oMjdgk2rYfDV
-/oo2zCdtVvMgQm4aAzRVcKPsuMiOUiTbpEjSSjHHg4YqF7BVQG3gZ3B0lkAZU7pH
-pk7Q0XRf9Y3EmKaVqHqJdRxRvogBvCDrLIuFHtAeMRhQlm8oZZXmQukGifd1uQFn
-qjAkIeapzQ/IpInCKrJT+OMaO1X8zn+xrJUfOugTOgwLpW4o4Y7l5U6NBab/9BxM
-ov3XkKIJ39N2FwmXR49sVD7JHOlIGwixTNhPE62CqlvjYqft+ZU=
-=HaSZ
------END PGP SIGNATURE-----
diff --git a/thunderbird-128.6.0esr.source.tar.xz b/thunderbird-128.6.0esr.source.tar.xz
new file mode 100644
index 0000000..a41e9ff
--- /dev/null
+++ b/thunderbird-128.6.0esr.source.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:1ab6155cd756f905d9b3a85b47b106e5a32626a3eec006c263b811772c4682f3
+size 675443868
diff --git a/thunderbird-128.6.0esr.source.tar.xz.asc b/thunderbird-128.6.0esr.source.tar.xz.asc
new file mode 100644
index 0000000..a247a61
--- /dev/null
+++ b/thunderbird-128.6.0esr.source.tar.xz.asc
@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCgAdFiEErdcHlHlwDcrf3VM34207E/PZMnQFAmd9lBgACgkQ4207E/PZ
+MnRIaRAAwFAhsmCG33UUkO5Wg/1Wd78j/PeawBztYtQaCcjJnSWxtRQnohqyogQW
+w6xyeVwnxf1fWgz9SrOsT6VpnizoM/kBLDQjzKnWbUvPO6fMrh9rFX69dpcTEUGH
+8hX694RuZEpEEhyhN/Y4jaTf0J5QFfjaevykr0A8/iHuEY/kuPXBnFrSNkNaL4bJ
+b0C3uw2zqOFpaSoC5ry8YJCTWOwD2bgllIoLdK4wniTlU5cRq4qKbCs52rUGPoa0
+J9SnveBF9b+xZo+MpJJ/fiLdIjBnMrPcL0sJ2d5PUVSrtkzgcF/RWo0Zao9afg4F
+zZp9c0xV6jG0HE3oPFdiYjKuxuf7vxyRovVG6RHLOQs9TogZ6NAilWbLiALFEmpA
+t5BdQZo+uJjDq4nNs25n1IAD02oPTF2EvPmf0xq87QT87y2pQyPk65/9F1tTreAt
+DezLr9EaeA2sDpDg8+go4Hfa00PZ2N0pW/j5Eq/RcIpp5vd2L8AGhME/sEVm5NfL
+hwSF/04gLYUaAtUb9h4kzxkXHUNTCv66L6vxtYckS6lDQ0rY9I2C/EQBxf0AHI+w
+nM8zgf7hSBeATsZktUZXyF/0jeQOg7L1UsA2jr8ozXLqKz73NY7wSS96VSu1pjAO
+Hm2t7m002PRw61mq99lz8QeniH+Je/4G7YvZWtXxxC1bs9Z1pLw=
+=fXCV
+-----END PGP SIGNATURE-----