pool/MozillaThunderbird
SHA256
4
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity
211 Commits 2 Branches 0 Tags 5.6 MiB
73325deeb2
Commit Graph

15 Commits

Author SHA256 Message Date
Wolfgang Rosenauer
73325deeb2 - update to Thunderbird 38.3.0 (bnc#947003) 
* MFSA 2015-96/CVE-2015-4500
    Miscellaneous memory safety hazards
  * MFSA 2015-100/CVE-2015-4505 (bmo#1177861) (Windows only)
    Arbitrary file manipulation by local user through Mozilla updater
  * MFSA 2015-101/CVE-2015-4506 (bmo#1192226)
    Buffer overflow in libvpx while parsing vp9 format video
  * MFSA 2015-105/CVE-2015-4511 (bmo#1200148)
    Buffer overflow while decoding WebM video
  * MFSA 2015-106/CVE-2015-4509 (bmo#1198435)
    Use-after-free while manipulating HTML media content
  * MFSA 2015-110/CVE-2015-4519 (bmo#1189814)
    Dragging and dropping images exposes final URL after redirects
  * MFSA 2015-111/CVE-2015-4520 (bmo#1200856, bmo#1200869)
    Errors in the handling of CORS preflight request headers
  * MFSA 2015-112/CVE-2015-4517/CVE-2015-4521/CVE-2015-4522/
    CVE-2015-7174/CVE-2015-7175/CVE-2015-7176/CVE-2015-7177/
    CVE-2015-7180
    Vulnerabilities found through code inspection
  * MFSA 2015-113/CVE-2015-7178/CVE-2015-7179 (bmo#1189860,
    bmo#1190526) (Windows only)
    Memory safety errors in libGLES in the ANGLE graphics library
- rebased patches

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=292
 2015-09-30 11:27:49 +00:00
Wolfgang Rosenauer
c16dd81a2f - update to Thunderbird 38.0.1 
* includes Lightning as default extension
- rebased patches
- removed obsolete patches:
  * mozilla-ppc.patch
  * mozilla-nullptr-gcc45.patch
  * mozilla-bug1024492.patch
- dropped openSUSE specific patches
  * thunderbird-shared-nss-db.patch
  * mozilla-shared-nss-db.patch
  the provided feature seems not to be used and its maintenance
  is not worth the ongoing efforts

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=286
 2015-06-21 11:26:59 +00:00
Wolfgang Rosenauer
c34ff70793 - update to Thunderbird 31.0 
* based on Gecko 31
  * Autocompleting email addresses now matches against any part of
    the name or email
  * Composing a mail to a newsgroup will now autocomplete newsgroup
    names
  * Insecure NTLM (pre-NTLMv2) authentication disabled
- rebased patches
- removed enigmail entirely from source package
- removed obsolete patches
  * libffi-ppc64le.patch
  * ppc64le-support.patch
  * xpcom-ppc64le.patch
- use GStreamer 1.0 after 13.1
- switched source archives to use xz instead of bz2

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=251
 2014-07-28 13:29:31 +00:00
Wolfgang Rosenauer
a964b1e186 OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=239 2014-02-04 06:26:19 +00:00
Wolfgang Rosenauer
929740e2de - update to Thunderbird 24.3.0 (bnc#861847) 
* requires NSS 3.15.4
- renamed ppc64le patches to streamline with Firefox package

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=237
 2014-02-03 16:33:09 +00:00
Wolfgang Rosenauer
1cbaa007b0 - update to Thunderbird 24.0 (bnc#840485) 
- require NSPR 4.10 and NSS 3.15.1
- add GStreamer build requirements for Gecko
- added enigmail-build.patch to fix TB packaging (bmo#886095)
- removed obsolete patches:
  * enigmail-old-gcc.patch
  * mozilla-gcc43-enums.patch
  * mozilla-gcc43-template_hacks.patch
  * mozilla-gcc43-templates_instantiation.patch
  * ppc-xpcshell.patch

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=222
 2013-09-16 09:26:56 +00:00
Wolfgang Rosenauer
1b7efd7222 - fix KDE integration for file dialogs 
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=201
 2012-11-26 11:26:43 +00:00
Wolfgang Rosenauer
456670b3c9 - update to Thunderbird 17.0 (bnc#790140) 
* MFSA 2012-91/CVE-2012-5842/CVE-2012-5843
    Miscellaneous memory safety hazards
  * MFSA 2012-92/CVE-2012-4202 (bmo#758200)
    Buffer overflow while rendering GIF images
  * MFSA 2012-93/CVE-2012-4201 (bmo#747607)
    evalInSanbox location context incorrectly applied
  * MFSA 2012-94/CVE-2012-5836 (bmo#792857)
    Crash when combining SVG text on path with CSS
  * MFSA 2012-96/CVE-2012-4204 (bmo#778603)
    Memory corruption in str_unescape
  * MFSA 2012-97/CVE-2012-4205 (bmo#779821)
    XMLHttpRequest inherits incorrect principal within sandbox
  * MFSA 2012-99/CVE-2012-4208 (bmo#798264)
    XrayWrappers exposes chrome-only properties when not in chrome
    compartment
  * MFSA 2012-100/CVE-2012-5841 (bmo#805807)
    Improper security filtering for cross-origin wrappers
  * MFSA 2012-101/CVE-2012-4207 (bmo#801681)
    Improper character decoding in HZ-GB-2312 charset
  * MFSA 2012-102/CVE-2012-5837 (bmo#800363)
    Script entered into Developer Toolbar runs with chrome privileges
  * MFSA 2012-103/CVE-2012-4209 (bmo#792405)
    Frames can shadow top.location
  * MFSA 2012-105/CVE-2012-4214/CVE-2012-4215/CVE-2012-4216/
    CVE-2012-5829/CVE-2012-5839/CVE-2012-5840/CVE-2012-4212/
    CVE-2012-4213/CVE-2012-4217/CVE-2012-4218
    Use-after-free and buffer overflow issues found using Address
    Sanitizer
  * MFSA 2012-106/CVE-2012-5830/CVE-2012-5833/CVE-2012-5835/CVE-2012-5838

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=198
 2012-11-20 21:23:42 +00:00
Wolfgang Rosenauer
4100df6994 - update to Thunderbird 16.0 (bnc#783533) 
- update Enigmail to version 1.4.5

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=191
 2012-10-09 11:36:47 +00:00
Wolfgang Rosenauer
f8e817275d - update to Thunderbird 15.0 (bnc#777588) 
* MFSA 2012-57/CVE-2012-1970
    Miscellaneous memory safety hazards
  * MFSA 2012-58/CVE-2012-1972/CVE-2012-1973/CVE-2012-1974/CVE-2012-1975
    CVE-2012-1976/CVE-2012-3956/CVE-2012-3957/CVE-2012-3958/CVE-2012-3959
    CVE-2012-3960/CVE-2012-3961/CVE-2012-3962/CVE-2012-3963/CVE-2012-3964
    Use-after-free issues found using Address Sanitizer
  * MFSA 2012-59/CVE-2012-1956 (bmo#756719)
    Location object can be shadowed using Object.defineProperty
  * MFSA 2012-61/CVE-2012-3966 (bmo#775794, bmo#775793)
    Memory corruption with bitmap format images with negative height
  * MFSA 2012-62/CVE-2012-3967/CVE-2012-3968
    WebGL use-after-free and memory corruption
  * MFSA 2012-63/CVE-2012-3969/CVE-2012-3970
    SVG buffer overflow and use-after-free issues
  * MFSA 2012-64/CVE-2012-3971
    Graphite 2 memory corruption
  * MFSA 2012-65/CVE-2012-3972 (bmo#746855)
    Out-of-bounds read in format-number in XSLT
  * MFSA 2012-68/CVE-2012-3975 (bmo#770684)
    DOMParser loads linked resources in extensions when parsing
    text/html
  * MFSA 2012-70/CVE-2012-3978 (bmo#770429)
    Location object security checks bypassed by chrome code
  * MFSA 2012-72/CVE-2012-3980 (bmo#771859)
    Web console eval capable of executing chrome-privileged code
- update Enigmail to 1.4.4

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=189
 2012-08-28 19:12:48 +00:00
Wolfgang Rosenauer
456e1b3bf4 Accepting request 129194 from home:a_jaeger:FactoryFix 
Fix mozilla-kde.patch to include sys/resource.h for getrlimit etc (glibc 2.16)

OBS-URL: https://build.opensuse.org/request/show/129194
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=187
 2012-07-29 09:31:48 +00:00
Wolfgang Rosenauer
bff98d2e04 - update to Thunderbird 14.0 (bnc#) 
* relicensed to MPL-2.0
- update Enigmail to 1.4.3
  * bugfix release

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=184
 2012-07-16 08:37:53 +00:00
Wolfgang Rosenauer
9c02a444ab - update to Thunderbird 13.0 (bnc#765204) 
* MFSA 2012-34/CVE-2012-1938/CVE-2012-1937/CVE-2011-3101
    Miscellaneous memory safety hazards
  * MFSA 2012-36/CVE-2012-1944 (bmo#751422)
    Content Security Policy inline-script bypass
  * MFSA 2012-37/CVE-2012-1945 (bmo#670514)
    Information disclosure though Windows file shares and shortcut
    files
  * MFSA 2012-38/CVE-2012-1946 (bmo#750109)
    Use-after-free while replacing/inserting a node in a document
  * MFSA 2012-40/CVE-2012-1947/CVE-2012-1940/CVE-2012-1941
    Buffer overflow and use-after-free issues found using Address
    Sanitizer
- require NSS 3.13.4
  * MFSA 2012-39/CVE-2012-0441 (bmo#715073)
- fix build with system NSPR (mozilla-system-nspr.patch)
- add dependentlibs.list for improved XRE startup
- update enigmail to 1.4.2

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=178
 2012-06-06 06:41:25 +00:00
Wolfgang Rosenauer
2b3fd56291 - update to Thunderbird 12.0b5 
- update Enigmail to 1.4.1
- added mozilla-revert_621446.patch
- added mozilla-libnotify.patch (bmo#737646)
- added mailnew-showalert.patch (bmo#739146)
- added mozilla-gcc47.patch and mailnews-literals.patch to fix
  compilation issues with recent gcc 4.7
- disabled crashreporter temporarily for Factory (gcc 4.7 issue)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=166
 2012-04-20 21:16:28 +00:00
Wolfgang Rosenauer
2f435219ac - update to Thunderbird 11.0 (bnc#750044) 
* MFSA 2012-13/CVE-2012-0455 (bmo#704354)
    XSS with Drag and Drop and Javascript: URL
  * MFSA 2012-14/CVE-2012-0456/CVE-2012-0457 (bmo#711653, #720103)
    SVG issues found with Address Sanitizer
  * MFSA 2012-15/CVE-2012-0451 (bmo#717511)
    XSS with multiple Content Security Policy headers
  * MFSA 2012-16/CVE-2012-0458
    Escalation of privilege with Javascript: URL as home page
  * MFSA 2012-17/CVE-2012-0459 (bmo#723446)
    Crash when accessing keyframe cssText after dynamic modification
  * MFSA 2012-18/CVE-2012-0460 (bmo#727303)
    window.fullScreen writeable by untrusted content
  * MFSA 2012-19/CVE-2012-0461/CVE-2012-0462/CVE-2012-0464/
    CVE-2012-0463
    Miscellaneous memory safety hazards
- update enigmail to 1.4
- added KDE integration patches (bnc#749440)

- update enigmail to 1.3.99 (1.4a1pre)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=162
 2012-03-14 07:47:37 +00:00