Commit Graph

330 Commits

Author SHA256 Message Date
Dominique Leuenberger
b7af7687d9 Accepting request 362033 from mozilla:Factory
1

OBS-URL: https://build.opensuse.org/request/show/362033
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=157
2016-03-02 13:20:52 +00:00
Wolfgang Rosenauer
35e3b574dc Accepting request 361907 from home:AndreasStieger:branches:mozilla:Factory
adjust _constraints to current peak build memory and disk usage

OBS-URL: https://build.opensuse.org/request/show/361907
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=306
2016-02-26 20:59:10 +00:00
Dominique Leuenberger
44d2a75f52 Accepting request 359408 from mozilla:Factory
- update to Thunderbird 38.6.0 (boo#963520)
  * Filters ran on a different folder than selected
  * MFSA 2016-01/CVE-2016-1930
    Miscellaneous memory safety hazards
  * MFSA 2016-03/CVE-2016-1935 (bmo#1220450)
    Buffer overflow in WebGL after out of memory allocation

OBS-URL: https://build.opensuse.org/request/show/359408
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=156
2016-02-25 20:57:16 +00:00
Wolfgang Rosenauer
2c46f24181 - update to Thunderbird 38.6.0 (boo#963520)
* Filters ran on a different folder than selected
  * MFSA 2016-01/CVE-2016-1930
    Miscellaneous memory safety hazards
  * MFSA 2016-03/CVE-2016-1935 (bmo#1220450)
    Buffer overflow in WebGL after out of memory allocation

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=304
2016-02-13 22:43:38 +00:00
Dominique Leuenberger
bf426d38cc Accepting request 357295 from mozilla:Factory
Automatic submission by obs-autosubmit

OBS-URL: https://build.opensuse.org/request/show/357295
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=155
2016-02-12 10:20:50 +00:00
Wolfgang Rosenauer
357946612d Accepting request 355724 from home:olh:branches:mozilla:Factory
- Using -g for CFLAGS is controlled via project settings, it should
  not be enforced by the mozilla buildsystem.

OBS-URL: https://build.opensuse.org/request/show/355724
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=302
2016-01-26 06:33:46 +00:00
Dominique Leuenberger
8507199109 Accepting request 354747 from mozilla:Factory
1

OBS-URL: https://build.opensuse.org/request/show/354747
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=154
2016-01-23 00:14:14 +00:00
Wolfgang Rosenauer
7116c1cc9d Accepting request 354473 from home:olh:branches:mozilla:Factory
- Add build conditionals for valgrind and -Os
- Convert existing conditions for kde to bcond

OBS-URL: https://build.opensuse.org/request/show/354473
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=300
2016-01-19 10:28:29 +00:00
Dominique Leuenberger
048f52ad7a Accepting request 351297 from mozilla:Factory
OBS-URL: https://build.opensuse.org/request/show/351297
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=153
2016-01-05 08:41:03 +00:00
Wolfgang Rosenauer
d3c64bdb3b - update to Thunderbird 38.5.1
* requires NSS 3.20.2 to fix
    MFSA 2015-150/CVE-2015-7575 (bmo#1158489)
    MD5 signatures accepted within TLS 1.2 ServerKeyExchange in
    server signature
- explicitely require libXcomposite-devel

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=299
2015-12-30 08:16:54 +00:00
Dominique Leuenberger
5a4a0de36c Accepting request 350596 from mozilla:Factory
- update to Thunderbird 38.5.0 (bnc#959277)
  * MFSA 2015-134/CVE-2015-7201
    Miscellaneous memory safety hazards
  * MFSA 2015-138/CVE-2015-7210 (bmo#1218326)
    Use-after-free in WebRTC when datachannel is used after being
    destroyed
  * MFSA 2015-139/CVE-2015-7212 (bmo#1222809)
    Integer overflow allocating extremely large textures
  * MFSA 2015-145/CVE-2015-7205 (bmo#1220493)
    Underflow through code inspection
  * MFSA 2015-146/CVE-2015-7213 (bmo#1206211)
    Integer overflow in MP4 playback in 64-bit versions
  * MFSA 2015-147/CVE-2015-7222 (bmo#1216748)
    Integer underflow and buffer overflow processing MP4 metadata in
    libstagefright
  * MFSA 2015-149/CVE-2015-7214 (bmo#1228950)
    Cross-site reading attack through data and view-source URIs

OBS-URL: https://build.opensuse.org/request/show/350596
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=152
2015-12-27 00:59:47 +00:00
Wolfgang Rosenauer
4ced64011d - update to Thunderbird 38.5.0 (bnc#959277)
* MFSA 2015-134/CVE-2015-7201
    Miscellaneous memory safety hazards
  * MFSA 2015-138/CVE-2015-7210 (bmo#1218326)
    Use-after-free in WebRTC when datachannel is used after being
    destroyed
  * MFSA 2015-139/CVE-2015-7212 (bmo#1222809)
    Integer overflow allocating extremely large textures
  * MFSA 2015-145/CVE-2015-7205 (bmo#1220493)
    Underflow through code inspection
  * MFSA 2015-146/CVE-2015-7213 (bmo#1206211)
    Integer overflow in MP4 playback in 64-bit versions
  * MFSA 2015-147/CVE-2015-7222 (bmo#1216748)
    Integer underflow and buffer overflow processing MP4 metadata in
    libstagefright
  * MFSA 2015-149/CVE-2015-7214 (bmo#1228950)
    Cross-site reading attack through data and view-source URIs

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=297
2015-12-23 20:10:39 +00:00
Dominique Leuenberger
e76517dbff Accepting request 346366 from mozilla:Factory
- update to Thunderbird 38.4.0 (bnc#952810)
  * MFSA 2015-116/CVE-2015-4513/CVE-2015-4514
    Miscellaneous memory safety hazards
  * MFSA 2015-122/CVE-2015-7188 (bmo#1199430)
    Trailing whitespace in IP address hostnames can bypass same-origin policy
  * MFSA 2015-123/CVE-2015-7189 (bmo#1205900)
    Buffer overflow during image interactions in canvas
  * MFSA 2015-127/CVE-2015-7193 (bmo#1210302)
    CORS preflight is bypassed when non-standard Content-Type headers
    are received
  * MFSA 2015-128/CVE-2015-7194 (bmo#1211262)
    Memory corruption in libjar through zip files
  * MFSA 2015-130/CVE-2015-7196 (bmo#1140616)
    JavaScript garbage collection crash with Java applet
  * MFSA 2015-131/CVE-2015-7198/CVE-2015-7199/CVE-2015-7200
    (bmo#1188010, bmo#1204061, bmo#1204155)
    Vulnerabilities found through code inspection
  * MFSA 2015-132/CVE-2015-7197 (bmo#1204269)
    Mixed content WebSocket policy bypass through workers
  * MFSA 2015-133/CVE-2015-7181/CVE-2015-7182/CVE-2015-7183
    (bmo#1202868, bmo#1205157)
    NSS and NSPR memory corruption issues
    (fixed in mozilla-nspr and mozilla-nss packages)
- requires NSPR 4.10.10 and NSS 3.19.2.1
- added explicit appdata provides (bnc#952325)

--------------------------------------------------------------------

OBS-URL: https://build.opensuse.org/request/show/346366
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=151
2015-12-03 12:29:04 +00:00
Wolfgang Rosenauer
f3c23e58a5 - update to Thunderbird 38.4.0 (bnc#952810)
* MFSA 2015-116/CVE-2015-4513/CVE-2015-4514
    Miscellaneous memory safety hazards
  * MFSA 2015-122/CVE-2015-7188 (bmo#1199430)
    Trailing whitespace in IP address hostnames can bypass same-origin policy
  * MFSA 2015-123/CVE-2015-7189 (bmo#1205900)
    Buffer overflow during image interactions in canvas
  * MFSA 2015-127/CVE-2015-7193 (bmo#1210302)
    CORS preflight is bypassed when non-standard Content-Type headers
    are received
  * MFSA 2015-128/CVE-2015-7194 (bmo#1211262)
    Memory corruption in libjar through zip files
  * MFSA 2015-130/CVE-2015-7196 (bmo#1140616)
    JavaScript garbage collection crash with Java applet
  * MFSA 2015-131/CVE-2015-7198/CVE-2015-7199/CVE-2015-7200
    (bmo#1188010, bmo#1204061, bmo#1204155)
    Vulnerabilities found through code inspection
  * MFSA 2015-132/CVE-2015-7197 (bmo#1204269)
    Mixed content WebSocket policy bypass through workers
  * MFSA 2015-133/CVE-2015-7181/CVE-2015-7182/CVE-2015-7183
    (bmo#1202868, bmo#1205157)
    NSS and NSPR memory corruption issues
    (fixed in mozilla-nspr and mozilla-nss packages)
- requires NSPR 4.10.10 and NSS 3.19.2.1
- added explicit appdata provides (bnc#952325)
--------------------------------------------------------------------

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=295
2015-11-24 07:57:32 +00:00
Stephan Kulow
e1dd3b70cc Accepting request 336566 from mozilla:Factory
1

OBS-URL: https://build.opensuse.org/request/show/336566
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=150
2015-10-12 08:00:41 +00:00
Wolfgang Rosenauer
536fa4ffa1 Accepting request 336538 from devel:ARM:Factory
- fix build on aarch64 by reusing the crashreporter conditional
  from MozillaFirefox

- mozilla-arm64-libjpeg-turbo.patch: fix libjpeg-turbo configuration

OBS-URL: https://build.opensuse.org/request/show/336538
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=293
2015-10-05 15:42:43 +00:00
Wolfgang Rosenauer
73325deeb2 - update to Thunderbird 38.3.0 (bnc#947003)
* MFSA 2015-96/CVE-2015-4500
    Miscellaneous memory safety hazards
  * MFSA 2015-100/CVE-2015-4505 (bmo#1177861) (Windows only)
    Arbitrary file manipulation by local user through Mozilla updater
  * MFSA 2015-101/CVE-2015-4506 (bmo#1192226)
    Buffer overflow in libvpx while parsing vp9 format video
  * MFSA 2015-105/CVE-2015-4511 (bmo#1200148)
    Buffer overflow while decoding WebM video
  * MFSA 2015-106/CVE-2015-4509 (bmo#1198435)
    Use-after-free while manipulating HTML media content
  * MFSA 2015-110/CVE-2015-4519 (bmo#1189814)
    Dragging and dropping images exposes final URL after redirects
  * MFSA 2015-111/CVE-2015-4520 (bmo#1200856, bmo#1200869)
    Errors in the handling of CORS preflight request headers
  * MFSA 2015-112/CVE-2015-4517/CVE-2015-4521/CVE-2015-4522/
    CVE-2015-7174/CVE-2015-7175/CVE-2015-7176/CVE-2015-7177/
    CVE-2015-7180
    Vulnerabilities found through code inspection
  * MFSA 2015-113/CVE-2015-7178/CVE-2015-7179 (bmo#1189860,
    bmo#1190526) (Windows only)
    Memory safety errors in libGLES in the ANGLE graphics library
- rebased patches

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=292
2015-09-30 11:27:49 +00:00
Dominique Leuenberger
2b6c6d2a16 Accepting request 323869 from mozilla:Factory
- update to Thunderbird 38.2.0 (bnc#940806)
  * MFSA 2015-79/CVE-2015-4473
    Miscellaneous memory safety hazards
  * MFSA 2015-80/CVE-2015-4475 (bmo#1175396)
    Out-of-bounds read with malformed MP3 file
  * MFSA 2015-82/CVE-2015-4478 (bmo#1105914)
    Redefinition of non-configurable JavaScript object properties
  * MFSA 2015-83/CVE-2015-4479/CVE-2015-4480/CVE-2015-4493
    Overflow issues in libstagefright
  * MFSA 2015-84/CVE-2015-4481 (bmo1171518)
    Arbitrary file overwriting through Mozilla Maintenance Service
    with hard links (only affected Windows)
  * MFSA 2015-85/CVE-2015-4482 (bmo#1184500)
    Out-of-bounds write with Updater and malicious MAR file
    (does not affect openSUSE RPM packages which do not ship the
     updater)
  * MFSA 2015-87/CVE-2015-4484 (bmo#1171540)
    Crash when using shared memory in JavaScript
  * MFSA 2015-88/CVE-2015-4491 (bmo#1184009)
    Heap overflow in gdk-pixbuf when scaling bitmap images
  * MFSA 2015-89/CVE-2015-4485/CVE-2015-4486 (bmo#1177948, bmo#1178148)
    Buffer overflows on Libvpx when decoding WebM video
  * MFSA 2015-90/CVE-2015-4487/CVE-2015-4488/CVE-2015-4489
    Vulnerabilities found through code inspection
  * MFSA 2015-92/CVE-2015-4492 (bmo#1185820)
    Use-after-free in XMLHttpRequest with shared workers

OBS-URL: https://build.opensuse.org/request/show/323869
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=149
2015-08-21 05:39:41 +00:00
Wolfgang Rosenauer
0c573ffde9 - update to Thunderbird 38.2.0 (bnc#940806)
* MFSA 2015-79/CVE-2015-4473
    Miscellaneous memory safety hazards
  * MFSA 2015-80/CVE-2015-4475 (bmo#1175396)
    Out-of-bounds read with malformed MP3 file
  * MFSA 2015-82/CVE-2015-4478 (bmo#1105914)
    Redefinition of non-configurable JavaScript object properties
  * MFSA 2015-83/CVE-2015-4479/CVE-2015-4480/CVE-2015-4493
    Overflow issues in libstagefright
  * MFSA 2015-84/CVE-2015-4481 (bmo1171518)
    Arbitrary file overwriting through Mozilla Maintenance Service
    with hard links (only affected Windows)
  * MFSA 2015-85/CVE-2015-4482 (bmo#1184500)
    Out-of-bounds write with Updater and malicious MAR file
    (does not affect openSUSE RPM packages which do not ship the
     updater)
  * MFSA 2015-87/CVE-2015-4484 (bmo#1171540)
    Crash when using shared memory in JavaScript
  * MFSA 2015-88/CVE-2015-4491 (bmo#1184009)
    Heap overflow in gdk-pixbuf when scaling bitmap images
  * MFSA 2015-89/CVE-2015-4485/CVE-2015-4486 (bmo#1177948, bmo#1178148)
    Buffer overflows on Libvpx when decoding WebM video
  * MFSA 2015-90/CVE-2015-4487/CVE-2015-4488/CVE-2015-4489
    Vulnerabilities found through code inspection
  * MFSA 2015-92/CVE-2015-4492 (bmo#1185820)
    Use-after-free in XMLHttpRequest with shared workers

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=290
2015-08-17 19:13:54 +00:00
Stephan Kulow
ed8a4c6d0c Accepting request 316435 from mozilla:Factory
- update to Thunderbird 38.1.0 (bnc#935979)
  * MFSA 2015-59/CVE-2015-2724/CVE-2015-2725
    Miscellaneous memory safety hazards
  * MFSA 2015-60/CVE-2015-2727 (bmo#1163422)
    Local files or privileged URLs in pages can be opened into new tabs
  * MFSA 2015-61/CVE-2015-2728 (bmo#1142210)
    Type confusion in Indexed Database Manager
  * MFSA 2015-62/CVE-2015-2729 (bmo#1122218)
    Out-of-bound read while computing an oscillator rendering range in Web Audio
  * MFSA 2015-63/CVE-2015-2731 (bmo#1149891)
    Use-after-free in Content Policy due to microtask execution error
  * MFSA 2015-64/CVE-2015-2730 (bmo#1125025)
    ECDSA signature validation fails to handle some signatures correctly
    (this fix is shipped by NSS 3.19.1 externally)
  * MFSA 2015-65/CVE-2015-2722/CVE-2015-2733 (bmo#1166924, bmo#1169867)
    Use-after-free in workers while using XMLHttpRequest
  * MFSA 2015-66/CVE-2015-2734/CVE-2015-2735/CVE-2015-2736/CVE-2015-2737
    CVE-2015-2738/CVE-2015-2739/CVE-2015-2740
    Vulnerabilities found through code inspection
  * MFSA 2015-67/CVE-2015-2741 (bmo#1147497)
    Key pinning is ignored when overridable errors are encountered
  * MFSA 2015-69/CVE-2015-2743 (bmo#1163109)
    Privilege escalation in PDF.js
  * MFSA 2015-70/CVE-2015-4000 (bmo#1138554)
    NSS accepts export-length DHE keys with regular DHE cipher suites
    (this fix is shipped by NSS 3.19.1 externally)
  * MFSA 2015-71/CVE-2015-2721 (bmo#1086145)
    NSS incorrectly permits skipping of ServerKeyExchange
    (this fix is shipped by NSS 3.19.1 externally)
- requires NSS 3.19.2

OBS-URL: https://build.opensuse.org/request/show/316435
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=148
2015-07-16 15:16:33 +00:00
Wolfgang Rosenauer
87a77ac520 the provided feature seems not to be used and its maintenance
is not worth the ongoing efforts
- tb-develdirs.patch is now mozilla-develdirs.patch as it is a
  platform configuration now

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=288
2015-07-13 13:23:20 +00:00
Wolfgang Rosenauer
ee16cb9334 - update to Thunderbird 38.1.0 (bnc#935979)
* MFSA 2015-59/CVE-2015-2724/CVE-2015-2725
    Miscellaneous memory safety hazards
  * MFSA 2015-60/CVE-2015-2727 (bmo#1163422)
    Local files or privileged URLs in pages can be opened into new tabs
  * MFSA 2015-61/CVE-2015-2728 (bmo#1142210)
    Type confusion in Indexed Database Manager
  * MFSA 2015-62/CVE-2015-2729 (bmo#1122218)
    Out-of-bound read while computing an oscillator rendering range in Web Audio
  * MFSA 2015-63/CVE-2015-2731 (bmo#1149891)
    Use-after-free in Content Policy due to microtask execution error
  * MFSA 2015-64/CVE-2015-2730 (bmo#1125025)
    ECDSA signature validation fails to handle some signatures correctly
    (this fix is shipped by NSS 3.19.1 externally)
  * MFSA 2015-65/CVE-2015-2722/CVE-2015-2733 (bmo#1166924, bmo#1169867)
    Use-after-free in workers while using XMLHttpRequest
  * MFSA 2015-66/CVE-2015-2734/CVE-2015-2735/CVE-2015-2736/CVE-2015-2737
    CVE-2015-2738/CVE-2015-2739/CVE-2015-2740
    Vulnerabilities found through code inspection
  * MFSA 2015-67/CVE-2015-2741 (bmo#1147497)
    Key pinning is ignored when overridable errors are encountered
  * MFSA 2015-69/CVE-2015-2743 (bmo#1163109)
    Privilege escalation in PDF.js
  * MFSA 2015-70/CVE-2015-4000 (bmo#1138554)
    NSS accepts export-length DHE keys with regular DHE cipher suites
    (this fix is shipped by NSS 3.19.1 externally)
  * MFSA 2015-71/CVE-2015-2721 (bmo#1086145)
    NSS incorrectly permits skipping of ServerKeyExchange
    (this fix is shipped by NSS 3.19.1 externally)
- requires NSS 3.19.2

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=287
2015-07-12 19:36:20 +00:00
Wolfgang Rosenauer
c16dd81a2f - update to Thunderbird 38.0.1
* includes Lightning as default extension
- rebased patches
- removed obsolete patches:
  * mozilla-ppc.patch
  * mozilla-nullptr-gcc45.patch
  * mozilla-bug1024492.patch
- dropped openSUSE specific patches
  * thunderbird-shared-nss-db.patch
  * mozilla-shared-nss-db.patch
  the provided feature seems not to be used and its maintenance
  is not worth the ongoing efforts

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=286
2015-06-21 11:26:59 +00:00
Dominique Leuenberger
291aed84d5 Accepting request 309123 from mozilla:Factory
1

OBS-URL: https://build.opensuse.org/request/show/309123
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=147
2015-06-12 18:25:57 +00:00
Wolfgang Rosenauer
c6fe02a4b9 Accepting request 309059 from home:dirkmueller:branches:mozilla:Factory
- add mozilla-bug1024492.patch:
  * Fixes build against GCC 5.x

OBS-URL: https://build.opensuse.org/request/show/309059
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=284
2015-05-29 06:59:35 +00:00
Dominique Leuenberger
c1530015bc Accepting request 307239 from mozilla:Factory
- update to Thunderbird 31.7.0 (bnc#930622)
  * MFSA 2015-46/CVE-2015-2708
    Miscellaneous memory safety hazards
  * MFSA 2015-47/VE-2015-0797 (bmo#1080995)
    Buffer overflow parsing H.264 video with Linux Gstreamer
  * MFSA 2015-48/CVE-2015-2710 (bmo#1149542)
    Buffer overflow with SVG content and CSS
  * MFSA 2015-51/CVE-2015-2713 (bmo#1153478)
    Use-after-free during text processing with vertical text enabled
  * MFSA 2015-54/CVE-2015-2716 (bmo#1140537)
    Buffer overflow when parsing compressed XML
  * MFSA 2015-57/CVE-2011-3079 (bmo#1087565)
    Privilege escalation through IPC channel messages

OBS-URL: https://build.opensuse.org/request/show/307239
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=146
2015-05-20 21:49:33 +00:00
Wolfgang Rosenauer
31dfd780c3 - update to Thunderbird 31.7.0 (bnc#930622)
* MFSA 2015-46/CVE-2015-2708
    Miscellaneous memory safety hazards
  * MFSA 2015-47/VE-2015-0797 (bmo#1080995)
    Buffer overflow parsing H.264 video with Linux Gstreamer
  * MFSA 2015-48/CVE-2015-2710 (bmo#1149542)
    Buffer overflow with SVG content and CSS
  * MFSA 2015-51/CVE-2015-2713 (bmo#1153478)
    Use-after-free during text processing with vertical text enabled
  * MFSA 2015-54/CVE-2015-2716 (bmo#1140537)
    Buffer overflow when parsing compressed XML
  * MFSA 2015-57/CVE-2011-3079 (bmo#1087565)
    Privilege escalation through IPC channel messages

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=282
2015-05-15 07:51:09 +00:00
Wolfgang Rosenauer
825432ec5c - update to Thunderbird 31.7.0 (bnc#)
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=281
2015-05-10 18:18:29 +00:00
Dominique Leuenberger
14bfb14699 Accepting request 293911 from mozilla:Factory
- update to Thunderbird 31.6.0 (bnc#925368)
  * MFSA 2015-30/CVE-2015-0815
    Miscellaneous memory safety hazards
  * MFSA 2015-31/CVE-2015-0813 (bmo#1106596))
    Use-after-free when using the Fluendo MP3 GStreamer plugin
  * MFSA 2015-33/CVE-2015-0816 (bmo#1144991)
    resource:// documents can load privileged pages
  * MFSA-2015-37/CVE-2015-0807 (bmo#1111834)
    CORS requests should not follow 30x redirections after preflight
  * MFSA-2015-40/CVE-2015-0801 (bmo#1146339)
    Same-origin bypass through anchor navigation

OBS-URL: https://build.opensuse.org/request/show/293911
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=145
2015-04-07 07:27:57 +00:00
Wolfgang Rosenauer
62f2afc69d - update to Thunderbird 31.6.0 (bnc#925368)
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=279
2015-04-01 11:32:39 +00:00
Wolfgang Rosenauer
38bddc9630 - update to Thunderbird 31.6.0 (bnc#)
* MFSA 2015-30/CVE-2015-0815
    Miscellaneous memory safety hazards
  * MFSA 2015-31/CVE-2015-0813 (bmo#1106596))
    Use-after-free when using the Fluendo MP3 GStreamer plugin
  * MFSA 2015-33/CVE-2015-0816 (bmo#1144991)
    resource:// documents can load privileged pages
  * MFSA-2015-37/CVE-2015-0807 (bmo#1111834)
    CORS requests should not follow 30x redirections after preflight
  * MFSA-2015-40/CVE-2015-0801 (bmo#1146339)
    Same-origin bypass through anchor navigation

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=278
2015-04-01 08:39:28 +00:00
Dominique Leuenberger
bceab34bab Accepting request 287636 from mozilla:Factory
- update to Thunderbird 31.5.0 (bnc#917597)
  * MFSA 2015-11/CVE-2015-0836
    Miscellaneous memory safety hazards
  * MFSA 2015-12/CVE-2015-0833 (bmo#945192)
    Invoking Mozilla updater will load locally stored DLL files
    (Windows only)
  * MFSA 2015-16/CVE-2015-0831 (bmo#1130514)
    Use-after-free in IndexedDB
  * MFSA 2015-19/CVE-2015-0827 (bmo#1117304)
    Out-of-bounds read and write while rendering SVG content
  * MFSA 2015-24/CVE-2015-0822 (bmo#1110557)
    Reading of local files through manipulation of form autocomplete

OBS-URL: https://build.opensuse.org/request/show/287636
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=144
2015-02-27 10:07:10 +00:00
Wolfgang Rosenauer
c8437f581e * MFSA 2015-11/CVE-2015-0836
Miscellaneous memory safety hazards
  * MFSA 2015-12/CVE-2015-0833 (bmo#945192)
    Invoking Mozilla updater will load locally stored DLL files
    (Windows only)
  * MFSA 2015-16/CVE-2015-0831 (bmo#1130514)
    Use-after-free in IndexedDB
  * MFSA 2015-19/CVE-2015-0827 (bmo#1117304)
    Out-of-bounds read and write while rendering SVG content
  * MFSA 2015-24/CVE-2015-0822 (bmo#1110557)
    Reading of local files through manipulation of form autocomplete

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=276
2015-02-25 06:21:26 +00:00
Wolfgang Rosenauer
7348dc708d - update to Thunderbird 31.5.0 (bnc#917597)
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=275
2015-02-23 20:56:52 +00:00
Stephan Kulow
184acd8705 Accepting request 281363 from mozilla:Factory
- update to Thunderbird 31.4.0 (bnc#910669)
  * MFSA 2015-01/CVE-2014-8634/CVE-2014-8635
    Miscellaneous memory safety hazards
  * MFSA 2015-03/CVE-2014-8638 (bmo#1080987)
    sendBeacon requests lack an Origin header
  * MFSA 2015-04/CVE-2014-8639 (bmo#1095859)
    Cookie injection through Proxy Authenticate responses
- added mozilla-icu-strncat.patch to fix post build checks

OBS-URL: https://build.opensuse.org/request/show/281363
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=143
2015-01-21 20:50:44 +00:00
Wolfgang Rosenauer
fc87750066 * MFSA 2015-01/CVE-2014-8634/CVE-2014-8635
Miscellaneous memory safety hazards
  * MFSA 2015-03/CVE-2014-8638 (bmo#1080987)
    sendBeacon requests lack an Origin header
  * MFSA 2015-04/CVE-2014-8639 (bmo#1095859)
    Cookie injection through Proxy Authenticate responses

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=273
2015-01-15 06:21:00 +00:00
Wolfgang Rosenauer
f64cbe5d63 - update to Thunderbird 31.4.0 (bnc#910669)
- added mozilla-icu-strncat.patch to fix post build checks

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=272
2015-01-14 19:25:33 +00:00
Dominique Leuenberger
14550b9ec5 Accepting request 263823 from mozilla:Factory
- update to Thunderbird 31.3.0 (bnc#908009)
  * MFSA 2014-83/CVE-2014-1587
    Miscellaneous memory safety hazards
  * MFSA 2014-85/CVE-2014-1590 (bmo#1087633)
    XMLHttpRequest crashes with some input streams
  * MFSA 2014-87/CVE-2014-1592 (bmo#1088635)
    Use-after-free during HTML5 parsing
  * MFSA 2014-88/CVE-2014-1593 (bmo#1085175)
    Buffer overflow while parsing media content
  * MFSA 2014-89/CVE-2014-1594 (bmo#1074280)
    Bad casting from the BasicThebesLayer to BasicContainerLayer

OBS-URL: https://build.opensuse.org/request/show/263823
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=142
2014-12-06 12:47:25 +00:00
Wolfgang Rosenauer
ec608e1657 - update to Thunderbird 31.3.0 (bnc#908009)
* MFSA 2014-83/CVE-2014-1587
    Miscellaneous memory safety hazards
  * MFSA 2014-85/CVE-2014-1590 (bmo#1087633)
    XMLHttpRequest crashes with some input streams
  * MFSA 2014-87/CVE-2014-1592 (bmo#1088635)
    Use-after-free during HTML5 parsing
  * MFSA 2014-88/CVE-2014-1593 (bmo#1085175)
    Buffer overflow while parsing media content
  * MFSA 2014-89/CVE-2014-1594 (bmo#1074280)
    Bad casting from the BasicThebesLayer to BasicContainerLayer

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=270
2014-12-03 06:49:38 +00:00
Dominique Leuenberger
53c1db1fe8 Accepting request 262392 from mozilla:Factory
OBS-URL: https://build.opensuse.org/request/show/262392
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=141
2014-11-24 10:18:02 +00:00
Wolfgang Rosenauer
31a07683a7 OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=269 2014-11-19 22:03:23 +00:00
Wolfgang Rosenauer
662abdc59c Accepting request 262389 from home:Ledest:bashisms
fix mozilla.sh script after previous commit

OBS-URL: https://build.opensuse.org/request/show/262389
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=268
2014-11-19 22:02:44 +00:00
Wolfgang Rosenauer
ab381eff50 Accepting request 261959 from home:Ledest:bashisms
fix bashism in mozilla.sh script

OBS-URL: https://build.opensuse.org/request/show/261959
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=267
2014-11-17 17:55:33 +00:00
Stephan Kulow
260827d830 Accepting request 259625 from mozilla:Factory
1

OBS-URL: https://build.opensuse.org/request/show/259625
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=140
2014-11-07 08:05:47 +00:00
Wolfgang Rosenauer
2e705fc3de Accepting request 259595 from home:Guillaume_G:branches:mozilla:Factory
Fix ARM (armv7) build

OBS-URL: https://build.opensuse.org/request/show/259595
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=265
2014-11-04 11:16:51 +00:00
Stephan Kulow
7e1a154f53 Accepting request 258425 from mozilla:Factory
- remove add-plugins.sh and use /usr/share/myspell directly
  (bnc#900639)

OBS-URL: https://build.opensuse.org/request/show/258425
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=139
2014-11-01 07:13:58 +00:00
Wolfgang Rosenauer
093f311c0c OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=263 2014-10-25 18:42:54 +00:00
Wolfgang Rosenauer
ad6b799fda - remove add-plugins.sh and use /usr/share/myspell directly
(bnc#900639)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=262
2014-10-25 18:41:53 +00:00
Stephan Kulow
bfc496d781 Accepting request 256558 from mozilla:Factory
- update to Thunderbird 31.2.0 (bnc#900941)
  * MFSA 2014-74/CVE-2014-1574
    Miscellaneous memory safety hazards
  * MFSA 2014-75/CVE-2014-1576 (bmo#1041512)
    Buffer overflow during CSS manipulation
  * MFSA 2014-76/CVE-2014-1577 (bmo#1012609)
    Web Audio memory corruption issues with custom waveforms
  * MFSA 2014-77/CVE-2014-1578 (bmo#1063327)
    Out-of-bounds write with WebM video
  * MFSA 2014-79/CVE-2014-1581 (bmo#1068218)
    Use-after-free interacting with text directionality
  * MFSA 2014-81/CVE-2014-1585/CVE-2014-1586 (bmo#1062876, bmo#1062981)
    Inconsistent video sharing within iframe
- added basic appdata definition

- update to Thunderbird 31.1.2

OBS-URL: https://build.opensuse.org/request/show/256558
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=138
2014-10-16 12:53:03 +00:00
Wolfgang Rosenauer
80abd4cdc4 - added basic appdata definition
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=260
2014-10-15 05:48:06 +00:00