Commit Graph

734 Commits

Author SHA256 Message Date
Wolfgang Rosenauer
db081d1533 - Mozilla Thunderbird 78.4.1
* Bugfixes and minor features
    https://www.thunderbird.net/en-US/thunderbird/78.4.1/releasenotes/

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=560
2020-11-08 18:36:03 +00:00
Dominique Leuenberger
d7a7c5a683 Accepting request 843275 from mozilla:Factory
- Mozilla Thunderbird 78.4.0
  * MailExtensions: browser.tabs.sendMessage API added
  * MailExtensions: messageDisplayScripts API added
  * Yahoo and AOL mail users using password authentication will be
    migrated to OAuth2
  * MailExtensions: messageDisplay APIs extended to support multiple
    selected messages
  * MailExtensions: compose.begin functions now support creating a
    message with attachments
  * multiple bugfixes
  MFSA 2020-47 (bsc#1177872)
  * CVE-2020-15969 (bmo#1666570)
    Use-after-free in usersctp
  * CVE-2020-15683 (bmo#1576843, bmo#1656987, bmo#1660954, bmo#1662760,
    bmo#1663439, bmo#1666140)
    Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4

OBS-URL: https://build.opensuse.org/request/show/843275
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=241
2020-10-26 15:08:16 +00:00
Wolfgang Rosenauer
63df217471 MFSA 2020-47 (bsc#1177872)
* CVE-2020-15969 (bmo#1666570)
    Use-after-free in usersctp
  * CVE-2020-15683 (bmo#1576843, bmo#1656987, bmo#1660954, bmo#1662760,
    bmo#1663439, bmo#1666140)
    Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=558
2020-10-21 20:18:32 +00:00
Wolfgang Rosenauer
69e75a6f77 - Mozilla Thunderbird 78.4.0
* MailExtensions: browser.tabs.sendMessage API added
  * MailExtensions: messageDisplayScripts API added
  * Yahoo and AOL mail users using password authentication will be
    migrated to OAuth2
  * MailExtensions: messageDisplay APIs extended to support multiple
    selected messages
  * MailExtensions: compose.begin functions now support creating a
    message with attachments
  * multiple bugfixes

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=557
2020-10-21 09:31:04 +00:00
Dominique Leuenberger
7975166d69 Accepting request 842109 from mozilla:Factory
- Mozilla Thunderbird 78.3.3
  * OpenPGP: Improved support for encrypting with subkeys
  * OpenPGP message status icons were not visible in message header pane
  * OpenPGP Key Manager was missing from Tools menu on macOS
  * Creating a new calendar event did not require an event title
- remove python2 dependencies for TW
- support wayland mode/autodetection in startup wrapper
- replace some Requires to use requires_ge macro where appropriate
- improve langpack build (as already used for Firefox)
- add ccache statistics output to build

OBS-URL: https://build.opensuse.org/request/show/842109
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=240
2020-10-20 14:01:45 +00:00
Wolfgang Rosenauer
8d908f5892 - Mozilla Thunderbird 78.3.3
* OpenPGP: Improved support for encrypting with subkeys
  * OpenPGP message status icons were not visible in message header pane
  * OpenPGP Key Manager was missing from Tools menu on macOS
  * Creating a new calendar event did not require an event title
- remove python2 dependencies for TW
- support wayland mode/autodetection in startup wrapper
- replace some Requires to use requires_ge macro where appropriate
- improve langpack build (as already used for Firefox)
- add ccache statistics output to build

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=555
2020-10-16 13:01:17 +00:00
Wolfgang Rosenauer
3bdd2525c1 - remove python2 dependencies for Leap 15 and TW
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=554
2020-10-08 14:14:28 +00:00
Dominique Leuenberger
f92938469c Accepting request 840001 from mozilla:Factory
- Mozilla Thunderbird 78.3.2
  * OpenPGP: Improved support for encrypting with subkeys
  * OpenPGP: Encrypted messages with international characters were
    sometimes displayed incorrectly
  * Single-click deletion of recipient pills with middle mouse
    button restored
  * Searching an address book list did not display results
  * Dark mode, high contrast, and Windows theming fixes

OBS-URL: https://build.opensuse.org/request/show/840001
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=239
2020-10-08 11:09:58 +00:00
Wolfgang Rosenauer
4a103ac86f - Mozilla Thunderbird 78.3.2
* OpenPGP: Improved support for encrypting with subkeys
  * OpenPGP: Encrypted messages with international characters were
    sometimes displayed incorrectly
  * Single-click deletion of recipient pills with middle mouse
    button restored
  * Searching an address book list did not display results
  * Dark mode, high contrast, and Windows theming fixes

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=552
2020-10-07 09:44:38 +00:00
Dominique Leuenberger
aa32e73753 Accepting request 838449 from mozilla:Factory
- Mozilla Thunderbird 78.3.1
  * fix crash in nsImapProtocol::CreateNewLineFromSocket (bmo#1667120)

- Mozilla Thunderbird 78.3.0
  MFSA 2020-44 (bsc#1176756)
  * CVE-2020-15677 (bmo#1641487)
    Download origin spoofing via redirect
  * CVE-2020-15676 (bmo#1646140)
    XSS when pasting attacker-controlled data into a
    contenteditable element
  * CVE-2020-15678 (bmo#1660211)
    When recursing through layers while scrolling, an iterator
    may have become invalid, resulting in a potential use-after-
    free scenario
  * CVE-2020-15673 (bmo#1648493, bmo#1660800)
    Memory safety bugs fixed in Thunderbird 78.3
- requires NSPR >= 4.25.1
- removed obsolete thunderbird-bmo1664607.patch

- Mozilla Thunderbird 78.2.2
  https://www.thunderbird.net/en-US/thunderbird/78.2.2/releasenotes
- added thunderbird-bmo1664607.patch required for builds w/o updater
  (boo#1176384)

- Mozilla Thunderbird 78.2.1
  * based on Mozilla's 78 ESR codebase
  * many new and changed features
    https://www.thunderbird.net/en-US/thunderbird/78.0/releasenotes/#whatsnew
  * built-in OpenPGP support (enigmail neither required nor supported)
- added platform patches:

OBS-URL: https://build.opensuse.org/request/show/838449
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=238
2020-10-03 16:55:52 +00:00
Wolfgang Rosenauer
04ffbb1d9e - added platform patches:
* mozilla-s390x-skia-gradient.patch
  * mozilla-pipewire-0-3.patch
  * mozilla-bmo1512162.patch
  * mozilla-bmo1626236.patch
  * mozilla-bmo998749.patch
  * mozilla-sandbox-fips.patch
- removed obsolete platform patches
  * mozilla-s390-bigendian.patch
  * mozilla-nestegg-big-endian.patch
  * mozilla-openaes-decl.patch
  * mozilla-cubeb-noreturn.patch

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=550
2020-09-25 09:39:00 +00:00
Wolfgang Rosenauer
c90bbb3be9 - Mozilla Thunderbird 78.3.1
* fix crash in nsImapProtocol::CreateNewLineFromSocket (bmo#1667120)

- Mozilla Thunderbird 78.3.0
  MFSA 2020-44 (bsc#1176756)
  * CVE-2020-15677 (bmo#1641487)
    Download origin spoofing via redirect
  * CVE-2020-15676 (bmo#1646140)
    XSS when pasting attacker-controlled data into a
    contenteditable element
  * CVE-2020-15678 (bmo#1660211)
    When recursing through layers while scrolling, an iterator
    may have become invalid, resulting in a potential use-after-
    free scenario
  * CVE-2020-15673 (bmo#1648493, bmo#1660800)
    Memory safety bugs fixed in Thunderbird 78.3
- requires NSPR >= 4.25.1
- removed obsolete thunderbird-bmo1664607.patch

- Mozilla Thunderbird 78.2.2
  https://www.thunderbird.net/en-US/thunderbird/78.2.2/releasenotes
- added thunderbird-bmo1664607.patch required for builds w/o updater
  (boo#1176384)

- Mozilla Thunderbird 78.2.1
  * based on Mozilla's 78 ESR codebase
  * many new and changed features
    https://www.thunderbird.net/en-US/thunderbird/78.0/releasenotes/#whatsnew
  * built-in OpenPGP support (enigmail neither required nor supported)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=549
2020-09-25 06:32:50 +00:00
Dominique Leuenberger
7eb9850829 Accepting request 832601 from mozilla:Factory
Automatic submission by obs-autosubmit

OBS-URL: https://build.opensuse.org/request/show/832601
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=237
2020-09-09 15:47:19 +00:00
Wolfgang Rosenauer
85d782a0f4 - Mozilla Thunderbird 68.12.0
MFSA 2020-40 (bsc#1175686)
  * CVE-2020-15663 (bmo#1643199)
    Downgrade attack on the Mozilla Maintenance Service could have
    resulted in escalation of privilege
  * CVE-2020-15664 (bmo#1658214)
    Attacker-induced prompt for extension installation
  * CVE-2020-15669 (bmo#1656957)
    Use-After-Free when aborting an operation

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=547
2020-08-30 11:12:59 +00:00
Wolfgang Rosenauer
b774973e49 Accepting request 830280 from home:michel_mno:branches:mozilla:Factory
- Put back %limit_build macro usage to avoid build error PowerPC
  (remove memoryperjob constraint)

OBS-URL: https://build.opensuse.org/request/show/830280
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=546
2020-08-30 11:02:29 +00:00
Dominique Leuenberger
bf3f1cf325 Accepting request 828128 from mozilla:Factory
OBS-URL: https://build.opensuse.org/request/show/828128
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=236
2020-08-23 07:20:12 +00:00
Wolfgang Rosenauer
cfff8c3277 Accepting request 828067 from home:marxin:memory-constraint
Use memoryperjob constraint instead of %limit_build macro.

OBS-URL: https://build.opensuse.org/request/show/828067
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=544
2020-08-20 10:39:48 +00:00
Dominique Leuenberger
6ff89622cd Accepting request 823878 from mozilla:Factory
OBS-URL: https://build.opensuse.org/request/show/823878
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=235
2020-08-05 18:26:12 +00:00
Wolfgang Rosenauer
17467a5a91 Accepting request 823877 from home:AndreasStieger:branches:mozilla:Factory
some past changelog

OBS-URL: https://build.opensuse.org/request/show/823877
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=542
2020-08-01 11:37:02 +00:00
Wolfgang Rosenauer
11aeb7fac9 Accepting request 823875 from home:AndreasStieger:branches:mozilla:Factory
Mozilla Thunderbird 68.11.0 - MFSA 2020-35 (bsc#1174538)

OBS-URL: https://build.opensuse.org/request/show/823875
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=541
2020-08-01 11:17:36 +00:00
Dominique Leuenberger
5e753c676b Accepting request 818251 from mozilla:Factory
OBS-URL: https://build.opensuse.org/request/show/818251
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=234
2020-07-06 14:14:16 +00:00
Wolfgang Rosenauer
8146a35a9e Accepting request 818183 from home:AndreasStieger:branches:mozilla:Factory
Mozilla Thunderbird 68.10.0

OBS-URL: https://build.opensuse.org/request/show/818183
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=539
2020-07-02 06:27:27 +00:00
Dominique Leuenberger
69737b701e Accepting request 813558 from mozilla:Factory
- build with nodejs10 to be able to drop nodejs8 from TW
- updated create-tar.sh

OBS-URL: https://build.opensuse.org/request/show/813558
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=233
2020-06-14 16:15:05 +00:00
Wolfgang Rosenauer
e65691f980 - updated create-tar.sh
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=537
2020-06-11 15:01:14 +00:00
Wolfgang Rosenauer
623455131b - build with nodejs10 to be able to drop nodejs8 from TW
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=536
2020-06-11 14:54:15 +00:00
Dominique Leuenberger
7a3d6901f5 Accepting request 812112 from mozilla:Factory
OBS-URL: https://build.opensuse.org/request/show/812112
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=232
2020-06-08 21:57:56 +00:00
Wolfgang Rosenauer
cde3667d7c Accepting request 812111 from home:AndreasStieger:branches:mozilla:Factory
Mozilla Thunderbird 68.9.0
MFSA 2020-22 (bsc#1172402)

OBS-URL: https://build.opensuse.org/request/show/812111
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=534
2020-06-06 22:07:29 +00:00
Yuchen Lin
f545cc667e Accepting request 808609 from mozilla:Factory
OBS-URL: https://build.opensuse.org/request/show/808609
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=231
2020-05-28 07:09:41 +00:00
Wolfgang Rosenauer
52917cea5c Accepting request 808559 from home:AndreasStieger:branches:mozilla:Factory
Mozilla Thunderbird 68.8.1

OBS-URL: https://build.opensuse.org/request/show/808559
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=532
2020-05-25 06:47:34 +00:00
Dominique Leuenberger
f9bbc6bdab Accepting request 800587 from mozilla:Factory
- Mozilla Thunderbird 68.8.0
  * Account Manager fixes and improvements
  * https://www.thunderbird.net/en-US/thunderbird/68.8.0/releasenotes
  MFSA 2020-18 (bsc#1171186)
  * CVE-2020-12397 (bmo#1617370)
    Sender Email Address Spoofing using encoded Unicode characters
  * CVE-2020-12387 (bmo#1545345)
    Use-after-free during worker shutdown
  * CVE-2020-6831 (bmo#1632241)
    Buffer overflow in SCTP chunk input validation
  * CVE-2020-12392 (bmo#1614468)
    Arbitrary local file access with 'Copy as cURL'
  * CVE-2020-12393 (bmo#1615471)
    Devtools' 'Copy as cURL' feature did not fully escape
    website-controlled data, potentially leading to command injection
  * CVE-2020-12395 (bmo#1595886, bmo#1611482, bmo#1614704, bmo#1624098,
    bmo#1625749, bmo#1626382, bmo#1628076, bmo#1631508)
    Memory safety bugs fixed in Thunderbird 68.8.0
- removed obsolete patch mozilla-bmo1580963.patch

- Add mozilla-bmo1580963.patch to fix build with rust 1.43
  (bmo#1580963)

  In general, these flaws cannot be exploited through email in

OBS-URL: https://build.opensuse.org/request/show/800587
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=230
2020-05-07 15:51:25 +00:00
Wolfgang Rosenauer
a8238222fd OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=530 2020-05-06 07:27:49 +00:00
Wolfgang Rosenauer
472726a884 * Account Manager fixes and improvements
* https://www.thunderbird.net/en-US/thunderbird/68.8.0/releasenotes
  MFSA 2020-18 (bsc#1171186)
  * CVE-2020-12397 (bmo#1617370)
    Sender Email Address Spoofing using encoded Unicode characters
  * CVE-2020-12387 (bmo#1545345)
    Use-after-free during worker shutdown
  * CVE-2020-6831 (bmo#1632241)
    Buffer overflow in SCTP chunk input validation
  * CVE-2020-12392 (bmo#1614468)
    Arbitrary local file access with 'Copy as cURL'
  * CVE-2020-12393 (bmo#1615471)
    Devtools' 'Copy as cURL' feature did not fully escape
    website-controlled data, potentially leading to command injection
  * CVE-2020-12395 (bmo#1595886, bmo#1611482, bmo#1614704, bmo#1624098,
    bmo#1625749, bmo#1626382, bmo#1628076, bmo#1631508)
    Memory safety bugs fixed in Thunderbird 68.8.0
- removed obsolete patch mozilla-bmo1580963.patch
  (bmo#1580963)
  In general, these flaws cannot be exploited through email in

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=529
2020-05-06 07:22:35 +00:00
Wolfgang Rosenauer
f31294e41a - Mozilla Thunderbird 68.8.0
- Add mozilla-bmo1580963.patch to fix build with rust 1.43

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=528
2020-05-05 07:51:42 +00:00
Wolfgang Rosenauer
34187271c9 Accepting request 800249 from home:namtrac:branches:mozilla:Factory
- Add mozilla-bmo1580963.patch to fix build with rust 1.43

OBS-URL: https://build.opensuse.org/request/show/800249
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=527
2020-05-05 07:28:14 +00:00
Dominique Leuenberger
ccc9188360 Accepting request 793242 from mozilla:Factory
OBS-URL: https://build.opensuse.org/request/show/793242
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=229
2020-04-15 17:52:17 +00:00
Wolfgang Rosenauer
12132f7191 Accepting request 793228 from home:AndreasStieger:branches:mozilla:Factory
MFSA 2020-14 data

OBS-URL: https://build.opensuse.org/request/show/793228
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=525
2020-04-11 21:13:39 +00:00
Wolfgang Rosenauer
8f09505c5b Accepting request 792897 from home:AndreasStieger:branches:mozilla:Factory
Mozilla Thunderbird 68.7.0

OBS-URL: https://build.opensuse.org/request/show/792897
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=524
2020-04-10 08:30:57 +00:00
Dominique Leuenberger
15eff75ea5 Accepting request 787142 from mozilla:Factory
Automatic submission by obs-autosubmit

OBS-URL: https://build.opensuse.org/request/show/787142
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=228
2020-03-24 21:31:06 +00:00
Wolfgang Rosenauer
56310e4a94 - Mozilla Thunderbird 68.6.0
MFSA 2020-10 (bsc#1166238)
  * CVE-2020-6805 (bmo#1610880)
    Use-after-free when removing data about origins
  * CVE-2020-6806 (bmo#1612308)
    BodyStream::OnInputStreamReady was missing protections against
    state confusion
  * CVE-2020-6807 (bmo#1614971)
    Use-after-free in cubeb during stream destruction
  * CVE-2020-6811 (bmo#1607742)
    Devtools' 'Copy as cURL' feature did not fully escape
    website-controlled data, potentially leading to command injection
  * CVE-2019-20503 (bmo#1613765)
    Out of bounds reads in sctp_load_addresses_from_init
  * CVE-2020-6812 (bmo#1616661)
    The names of AirPods with personally identifiable information
    were exposed to websites with camera or microphone permission
  * CVE-2020-6814 (bmo#1592078, bmo#1604847, bmo#1608256, bmo#1612636,
    bmo#1614339)
    Memory safety bugs fixed in Thunderbird 68.6
- requires NSS >= 3.44.3

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=522
2020-03-14 13:26:42 +00:00
Oliver Kurz
1afcee9271 Accepting request 773527 from mozilla:Factory
- Mozilla Thunderbird 68.5.0
  New
  * Support for Client Identity IMAP/SMTP Service Extension
  * Support for OAuth 2.0 authentication for POP3 accounts
  Fixes
  * Status area goes blank during account setup
  * Calendar: Could not remove color for default categories
  * Calendar: Prevent calendar component loading multiple times
  * Calendar: Today pane did not retain width between sessions
  MFSA 2020-07 (bsc#1163368)
  * CVE-2020-6793 (bmo#1608539)
    Out-of-bounds read when processing certain email messages
  * CVE-2020-6794 (bmo#1606619)
    Setting a master password post-Thunderbird 52 does not delete
    unencrypted previously stored passwords
  * CVE-2020-6795 (bmo#1611105)
    Crash processing S/MIME messages with multiple signatures
  * CVE-2020-6797 (bmo#1596668) (Mac OSX only)
    Extensions granted downloads.open permission could open arbitrary
    applications on Mac OSX
  * CVE-2020-6798 (bmo#1602944)
    Incorrect parsing of template tag could result in JavaScript injection
  * CVE-2020-6792 (bmo#1609607)
    Message ID calculcation was based on uninitialized data
  * CVE-2020-6800 (bmo#1595786,bmo#1596706,bmo#1598543,bmo#1604851,
    bmo#1608580,bmo#1608785,bmo#1605777)
    Memory safety bugs fixed in Thunderbird 68.5

OBS-URL: https://build.opensuse.org/request/show/773527
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=227
2020-02-14 15:23:55 +00:00
Wolfgang Rosenauer
b44fdf6e1e - Mozilla Thunderbird 68.5.0
New
  * Support for Client Identity IMAP/SMTP Service Extension
  * Support for OAuth 2.0 authentication for POP3 accounts
  Fixes
  * Status area goes blank during account setup
  * Calendar: Could not remove color for default categories
  * Calendar: Prevent calendar component loading multiple times
  * Calendar: Today pane did not retain width between sessions
  MFSA 2020-07 (bsc#1163368)
  * CVE-2020-6793 (bmo#1608539)
    Out-of-bounds read when processing certain email messages
  * CVE-2020-6794 (bmo#1606619)
    Setting a master password post-Thunderbird 52 does not delete
    unencrypted previously stored passwords
  * CVE-2020-6795 (bmo#1611105)
    Crash processing S/MIME messages with multiple signatures
  * CVE-2020-6797 (bmo#1596668) (Mac OSX only)
    Extensions granted downloads.open permission could open arbitrary
    applications on Mac OSX
  * CVE-2020-6798 (bmo#1602944)
    Incorrect parsing of template tag could result in JavaScript injection
  * CVE-2020-6792 (bmo#1609607)
    Message ID calculcation was based on uninitialized data
  * CVE-2020-6800 (bmo#1595786,bmo#1596706,bmo#1598543,bmo#1604851,
    bmo#1608580,bmo#1608785,bmo#1605777)
    Memory safety bugs fixed in Thunderbird 68.5

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=520
2020-02-11 20:44:27 +00:00
Dominique Leuenberger
41d44a95d8 Accepting request 769383 from mozilla:Factory
OBS-URL: https://build.opensuse.org/request/show/769383
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=226
2020-02-06 12:06:03 +00:00
Wolfgang Rosenauer
4f424022cb Accepting request 769375 from home:hellcp:branches:mozilla:Factory
- Use a symbolic icon from branding internals

OBS-URL: https://build.opensuse.org/request/show/769375
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=518
2020-02-02 19:22:31 +00:00
Dominique Leuenberger
8d496767d5 Accepting request 767881 from mozilla:Factory
- Mozilla Thunderbird 68.4.2
  * Calendar: Task and Event tree colours adjusted for the dark theme
  * Retrieval of S/MIME certificates from LDAP failed
  * Address-parsing crash on some IMAP servers when
    mail.imap.use_envelope_cmd is set
  * Incorrect forwarding of HTML messages caused SMTP servers to
    respond with a timeout
  * Calendar: Various parts of the calendar UI stopped working when
    a second Thunderbird window opened

OBS-URL: https://build.opensuse.org/request/show/767881
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=225
2020-01-30 08:37:03 +00:00
Wolfgang Rosenauer
88ea2f535a - Mozilla Thunderbird 68.4.2
* Calendar: Task and Event tree colours adjusted for the dark theme
  * Retrieval of S/MIME certificates from LDAP failed
  * Address-parsing crash on some IMAP servers when
    mail.imap.use_envelope_cmd is set
  * Incorrect forwarding of HTML messages caused SMTP servers to
    respond with a timeout
  * Calendar: Various parts of the calendar UI stopped working when
    a second Thunderbird window opened

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=516
2020-01-27 10:15:48 +00:00
Dominique Leuenberger
ad8ff75d18 Accepting request 763056 from mozilla:Factory
- Mozilla Thunderbird 68.4.1
  * Various improvements when setting up an account for a Microsoft
    Exchange server: Now offers IMAP/SMTP if available, better
    detection for Office 365 accounts; re-run configuration after
    password change
  Fixes:
  * After changing view layout, the message display pane showed
    garbled content under some circumstances
  * Various theme changes to achieve "pixel perfection": Unread icon,
    "no results" icon, paragraph format and font selector, background
    of folder summary tooltip
  * Tags were lost on messages in shared IMAP folders under some
    circumstances
  * Calendar: Event attendee dialog was not displayed correctly
  MFSA 2020-04 (bsc#1160498, bsc#1160305)
  * CVE-2019-17026 (bmo#1607443)
    IonMonkey type confusion with StoreElementHole and FallibleStoreElement
  * CVE-2019-17015 (bmo#1599005)
    Memory corruption in parent process during new content process
    initialization on Windows
  * CVE-2019-17016 (bmo#1599181)
    Bypass of @namespace CSS sanitization during pasting
  * CVE-2019-17017 (bmo#1603055)
    Type Confusion in XPCVariant.cpp
  * CVE-2019-17021 (bmo#1599008)
    Heap address disclosure in parent process during content process
    initialization on Windows
  * CVE-2019-17022 (bmo#1602843)
    CSS sanitization does not escape HTML tags
  * CVE-2019-17024 (bmo#1507180, bmo#1595470, bmo#1598605, bmo#1601826)

OBS-URL: https://build.opensuse.org/request/show/763056
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=224
2020-01-14 19:57:48 +00:00
Wolfgang Rosenauer
c3ae989234 - removed obsolete patch mozilla-bmo1511604.patch
- added mozilla-bmo1602730.patch to fix LE<->BE issues in the
  platform (bmo#1602730)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=514
2020-01-11 08:43:34 +00:00
Wolfgang Rosenauer
424175f38c MFSA 2020-04 (bsc#1160498, bsc#1160305)
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=513
2020-01-11 08:36:41 +00:00
Wolfgang Rosenauer
5d0ef2ba91 - Mozilla Thunderbird 68.4.1
* Various improvements when setting up an account for a Microsoft
    Exchange server: Now offers IMAP/SMTP if available, better
    detection for Office 365 accounts; re-run configuration after
    password change
  Fixes:
  * After changing view layout, the message display pane showed
    garbled content under some circumstances
  * Various theme changes to achieve "pixel perfection": Unread icon,
    "no results" icon, paragraph format and font selector, background
    of folder summary tooltip
  * Tags were lost on messages in shared IMAP folders under some
    circumstances
  * Calendar: Event attendee dialog was not displayed correctly
  MFSA 2020-04  (bsc#1160498)
  * CVE-2019-17026 (bmo#1607443)
    IonMonkey type confusion with StoreElementHole and FallibleStoreElement
  * CVE-2019-17015 (bmo#1599005)
    Memory corruption in parent process during new content process
    initialization on Windows
  * CVE-2019-17016 (bmo#1599181)
    Bypass of @namespace CSS sanitization during pasting
  * CVE-2019-17017 (bmo#1603055)
    Type Confusion in XPCVariant.cpp
  * CVE-2019-17021 (bmo#1599008)
    Heap address disclosure in parent process during content process
    initialization on Windows
  * CVE-2019-17022 (bmo#1602843)
    CSS sanitization does not escape HTML tags
  * CVE-2019-17024 (bmo#1507180, bmo#1595470, bmo#1598605, bmo#1601826)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=512
2020-01-10 15:53:07 +00:00
Dominique Leuenberger
e9c5824a54 Accepting request 759724 from mozilla:Factory
- add mozilla-bmo1583471.patch to allow building with rust 1.39

- Mozilla Thunderbird 68.3.1
  * In dark theme unread messages no longer shown in blue to
    distinguish from tagged messages
  * Account setup is now using client side DNS MX lookup instead of
    relying on a server
  Bugfixes
  * Searching LDAP address book crashed in some circumstances
  * Message navigation with backward and forward buttons did not work
    in some circumstances
  * WebExtension toolbar icons were displayed too small
  * Calendar: Tasks due today were not listed in bold
  * Calendar: Last day of long-running events was not shown

OBS-URL: https://build.opensuse.org/request/show/759724
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=223
2019-12-30 12:48:52 +00:00