MozillaThunderbird

pool/MozillaThunderbird

SHA256

Fork 1

94c99d3af2 Accepting request 1226643 from mozilla:Factory factory Ana Guerrero 2024-11-27 21:11:26 +0000
98a906a372 - Mozilla Thunderbird 128.5.0 * IMAP could crash when reading cached messages * Enabling "Show Folder Size" on Maildir profile could render Thunderbird unusable * Messages corrupted by folder compaction were only fixed by user intervention * Reading a message from past the end of an mbox file did not cause an error * View -> Folders had duplicate F access keys * Add-ons adding columns to the message list could fail and cause display issue * "Empty trash on exit" and "Expunge inbox on exit" did not always work * Selecting a display option in View -> Tasks did not apply in the Task interface MFSA 2024-68 (bsc#1233695) * CVE-2024-11691 (bmo#1914707, bmo#1924184) Memory corruption in Apple GPU drivers * CVE-2024-11692 (bmo#1909535) Select list elements could be shown over another site * CVE-2024-11693 (bmo#1921458) Download Protections were bypassed by .library-ms files on Windows * CVE-2024-11694 (bmo#1924167) CSP Bypass and XSS Exposure via Web Compatibility Shims * CVE-2024-11695 (bmo#1925496) URL Bar Spoofing via Manipulated Punycode and Whitespace Characters * CVE-2024-11696 (bmo#1929600) Unhandled Exception in Add-on Signature Verification * CVE-2024-11697 (bmo#1842187) Improper Keypress Handling in Executable File Confirmation Dialog devel Wolfgang Rosenauer 2024-11-26 18:45:19 +0000
c2c19a4a10 Accepting request 1225214 from mozilla:Factory Ana Guerrero 2024-11-20 16:00:23 +0000
60298df72a - Mozilla Thunderbird 128.4.4 * QR codes were not scannable by Android app when using most high-contrast themes * Primary password prompt cancellation during mobile export was confusing - revert using xdg-desktop-portal as some desktops have limited support Wolfgang Rosenauer 2024-11-20 07:45:37 +0000
3d8cfe7559 Accepting request 1224250 from mozilla:Factory Ana Guerrero 2024-11-15 14:42:42 +0000
4d2fed0f19 MFSA 2024-61 * CVE-2024-11159 (bmo#1925929) Potential disclosure of plaintext in OpenPGP encrypted message Wolfgang Rosenauer 2024-11-14 16:17:04 +0000
b6bf4d10d2 - Mozilla Thunderbird 128.4.3 Fixes: * Folder corruption could cause Thunderbird to freeze and become unusable * Message corruption could be propagated when reading mbox * Folder compaction was not abandoned on shutdown * Folder compaction did not clean up on failure * Collapsed NNTP thread incorrectly indicated there were unread messages * Navigating to next unread message did not wait for all messages to be loaded * Applying column view to folder and children could break if folder error occurred * Remote content notifications were broken with encrypted messages * Updating criteria of a saved search resulted in poor search performance * Drop-downs may not work in some places - remove kmozillahelper support (boo#1226112) * removed mozilla-kde.patch * requires xdg-desktop-portal instead Wolfgang Rosenauer 2024-11-12 15:57:55 +0000
6a814cf117 Accepting request 1222591 from mozilla:Factory Ana Guerrero 2024-11-08 11:00:14 +0000
76d8c3602d Mozilla Thunderbird 128.4.2 Wolfgang Rosenauer 2024-11-07 21:02:45 +0000
b91e9162ab Accepting request 1219576 from mozilla:Factory Dominique Leuenberger 2024-10-30 17:05:09 +0000
55323a4dd2 - Mozilla Thunderbird 128.4.0 * Export Thunderbird account settings to Thunderbird Mobile via QRCode Bugfixes: * Unable to send an unencrypted response to an OpenPGP encrypted message MFSA 2024-58 (bsc#1231879) * CVE-2024-10458 (bmo#1921733) Permission leak via embed or object elements * CVE-2024-10459 (bmo#1919087) Use-after-free in layout with accessibility * CVE-2024-10460 (bmo#1912537) Confusing display of origin for external protocol handler prompt * CVE-2024-10461 (bmo#1914521) XSS due to Content-Disposition being ignored in multipart/x-mixed-replace response * CVE-2024-10462 (bmo#1920423) Origin of permission prompt could be spoofed by long URL * CVE-2024-10463 (bmo#1920800) Cross origin video frame leak * CVE-2024-10464 (bmo#1913000) History interface could have been used to cause a Denial of Service condition in the browser * CVE-2024-10465 (bmo#1918853) Clipboard "paste" button persisted across tabs * CVE-2024-10466 (bmo#1924154) DOM push subscription message could hang Firefox * CVE-2024-10467 (bmo#1829029, bmo#1888538, bmo#1900394, bmo#1904059, bmo#1917742, bmo#1919809, bmo#1923706) Memory safety bugs fixed in Firefox 132, Thunderbird 132, Firefox ESR 128.4, and Thunderbird 128.4 Wolfgang Rosenauer 2024-10-30 13:57:01 +0000
89bb3656e7 Accepting request 1217157 from mozilla:Factory Ana Guerrero 2024-10-23 19:10:36 +0000
a0efbebc8c Mozilla Thunderbird 128.3.3 Wolfgang Rosenauer 2024-10-23 07:03:59 +0000
cf32d334ea Accepting request 1208840 from mozilla:Factory Ana Guerrero 2024-10-18 13:58:20 +0000
4aa15214bf - Mozilla Thunderbird 128.3.2 bugfix release: https://www.thunderbird.net/en-US/thunderbird/128.3.2esr/releasenotes - bring back mozilla-bmo531915.patch to fix x86 Wolfgang Rosenauer 2024-10-18 10:35:47 +0000
b59cbcd641 Accepting request 1207082 from mozilla:Factory Ana Guerrero 2024-10-11 15:02:38 +0000
1fd0463a82 OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=773 Wolfgang Rosenauer 2024-10-11 07:57:33 +0000
18f716d93a - Mozilla Thunderbird 128.3.1 https://www.thunderbird.net/en-US/thunderbird/128.0esr/releasenotes/ and following release notes for minor version updates MFSA 2024-52 (bsc#1231413) * CVE-2024-9680 (bmo#1923344) Use-after-free in Animation timeline Mozilla Thunderbird 128.3.0 MFSA 2024-32 (128.0) MFSA 2024-37 (128.1) MFSA 2024-43 (128.2) MFSA 2024-49 (128.3) (bsc#1230979) * CVE-2024-9392 (bmo#1899154, bmo#1905843) Compromised content process can bypass site isolation * CVE-2024-9393 (bmo#1918301) Cross-origin access to PDF contents through multipart responses * CVE-2024-9394 (bmo#1918874) Cross-origin access to JSON contents through multipart responses * CVE-2024-8900 (bmo#1872841) Clipboard write permission bypass * CVE-2024-9396 (bmo#1912471) Potential memory corruption may occur when cloning certain objects * CVE-2024-9397 (bmo#1916659) Potential directory upload bypass via clickjacking * CVE-2024-9398 (bmo#1881037) External protocol handlers could be enumerated via popups * CVE-2024-9399 (bmo#1907726) Specially crafted WebTransport requests could lead to denial of service * CVE-2024-9400 (bmo#1915249) Potential memory corruption during JIT compilation Wolfgang Rosenauer 2024-10-11 05:22:34 +0000
929d950c92 Accepting request 1199551 from mozilla:Factory Ana Guerrero 2024-09-09 12:45:07 +0000
96fa744639 - Mozilla Thunderbird 115.15.0 MFSA 2024-44 (bsc#1229821) * CVE-2024-8381 (bmo#1912715) Type confusion when looking up a property name in a "with" block * CVE-2024-8382 (bmo#1906744) Internal event interfaces were exposed to web content when browser EventHandler listener callbacks ran * CVE-2024-8384 (bmo#1911288) Garbage collection could mis-color cross-compartment objects in OOM conditions Wolfgang Rosenauer 2024-09-09 06:51:08 +0000
1e3265442f Accepting request 1192519 from mozilla:Factory Dominique Leuenberger 2024-08-09 14:14:05 +0000
a523c0c1eb MFSA 2024-38 (bsc#1228648) * CVE-2024-7519 (bmo#1902307) Out of bounds memory access in graphics shared memory handling * CVE-2024-7521 (bmo#1904644) Incomplete WebAssembly exception handing * CVE-2024-7522 (bmo#1906727) Out of bounds read in editor component * CVE-2024-7525 (bmo#1909298) Missing permission check when creating a StreamFilter * CVE-2024-7526 (bmo#1910306) Uninitialized memory used by WebGL * CVE-2024-7527 (bmo#1871303) Use-after-free in JavaScript garbage collection * CVE-2024-7529 (bmo#1903187) Document content could partially obscure security prompts Wolfgang Rosenauer 2024-08-08 06:18:03 +0000
e0c4462a11 115.14.0, with changelog added Wolfgang Rosenauer 2024-08-08 06:15:00 +0000
548d5068a2 Accepting request 1187370 from mozilla:Factory Ana Guerrero 2024-07-15 17:48:43 +0000
d30235b5b6 - Mozilla Thunderbird 115.13.0 * After starting Thunderbird, the message list position was sometimes set to an incorrect position MFSA 2024-30 (bsc#1226316) * CVE-2024-6600 (bmo#1888340) Memory corruption in WebGL API * CVE-2024-6601 (bmo#1890748) Race condition in permission assignment * CVE-2024-6602 (bmo#1895032) Memory corruption in NSS * CVE-2024-6603 (bmo#1895081) Memory corruption in thread creation * CVE-2024-6604 (bmo#1748105, bmo#1837550, bmo#1884266) Memory safety bugs fixed in Firefox 128, Firefox ESR 115.13, and Thunderbird 115.13 Wolfgang Rosenauer 2024-07-14 10:15:54 +0000
9cc5c44788 Accepting request 1185328 from mozilla:Factory Ana Guerrero 2024-07-04 14:27:26 +0000
8ba563b611 Accepting request 1184892 from home:MSirringhaus:branches:mozilla:Factory Wolfgang Rosenauer 2024-07-04 07:50:23 +0000
12fa6354eb Accepting request 1181261 from mozilla:Factory Ana Guerrero 2024-06-17 17:33:19 +0000
8e5843b066 - Mozilla Thunderbird 115.12.0 https://www.thunderbird.net/en-US/thunderbird/115.12.0/releasenotes MFSA 2024-28 (bsc#1226027) * CVE-2024-5702 (bmo#1193389) Use-after-free in networking * CVE-2024-5688 (bmo#1895086) Use-after-free in JavaScript object transplant * CVE-2024-5690 (bmo#1883693) External protocol handlers leaked by timing attack * CVE-2024-5691 (bmo#1888695) Sandboxed iframes were able to bypass sandbox restrictions to open a new window * CVE-2024-5692 (bmo#1891234) Bypass of file name restrictions during saving * CVE-2024-5693 (bmo#1891319) Cross-Origin Image leak via Offscreen Canvas * CVE-2024-5696 (bmo#1896555) Memory Corruption in Text Fragments * CVE-2024-5700 (bmo#1862809, bmo#1889355, bmo#1893388, bmo#1895123) Memory safety bugs fixed in Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12 Wolfgang Rosenauer 2024-06-17 08:14:14 +0000
5e31e2142b Accepting request 1179943 from mozilla:Factory Ana Guerrero 2024-06-11 16:31:01 +0000
642c037730 - Mozilla Thunderbird 115.11.1 * Added a short anonymous survey that a small number of users will be randomly asked to complete Wolfgang Rosenauer 2024-06-04 07:15:57 +0000
7c82cf4bcb Accepting request 1175556 from mozilla:Factory Ana Guerrero 2024-05-21 16:37:20 +0000
c53405a61a - Mozilla Thunderbird 115.11.0 MFSA 2024-23 (bsc#1224056) * CVE-2024-4367 (bmo#1893645) Arbitrary JavaScript execution in PDF.js * CVE-2024-4767 (bmo#1878577) IndexedDB files retained in private browsing mode * CVE-2024-4768 (bmo#1886082) Potential permissions request bypass via clickjacking * CVE-2024-4769 (bmo#1886108) Cross-origin responses could be distinguished between script and non-script content-types * CVE-2024-4770 (bmo#1893270) Use-after-free could occur when printing to PDF * CVE-2024-4777 (bmo#1878199, bmo#1893340) Memory safety bugs fixed in Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11 Wolfgang Rosenauer 2024-05-17 13:37:32 +0000
0763350234 Accepting request 1171966 from mozilla:Factory Ana Guerrero 2024-05-06 15:52:58 +0000
bb96f838d2 Accepting request 1171925 from home:AndreasStieger:branches:mozilla:Factory Wolfgang Rosenauer 2024-05-05 09:06:17 +0000
94e186235a Accepting request 1169354 from mozilla:Factory Ana Guerrero 2024-04-21 18:27:23 +0000
ecbf912dc5 - Mozilla Thunderbird 115.10.1 https://www.thunderbird.net/en-US/thunderbird/115.10.1/releasenotes/ * fixed hangup introduced with 115.10.0 (bmo#1891889) Wolfgang Rosenauer 2024-04-20 13:14:08 +0000
d92bff57c9 Accepting request 1160556 from mozilla:Factory Ana Guerrero 2024-03-22 14:21:37 +0000
3ba157ec15 - LLVM18 breaks building Thunderbird on Tumbleweed; add * mozilla-fix-issues-with-llvm18.patch Wolfgang Rosenauer 2024-03-22 07:53:18 +0000
a874894d44 Accepting request 1155826 from mozilla:Factory Dominique Leuenberger 2024-03-07 17:30:09 +0000
4388f6b916 - Mozilla Thunderbird 115.8.1 https://www.thunderbird.net/en-US/thunderbird/115.8.1/releasenotes/ MFSA 2024-11 * CVE-2024-1936 (bmo#1860977) Leaking of encrypted email subjects to other conversations Wolfgang Rosenauer 2024-03-07 08:26:29 +0000
0e6aab1e2d Accepting request 1150520 from mozilla:Factory Ana Guerrero 2024-02-26 18:45:04 +0000
d3a997ecec Accepting request 1150189 from home:AndreasStieger:branches:mozilla:Factory Wolfgang Rosenauer 2024-02-25 21:23:03 +0000
e3fe8edab3 Accepting request 1141172 from mozilla:Factory Ana Guerrero 2024-01-24 18:05:45 +0000
b28fc45f13 - Mozilla Thunderbird 115.7.0 https://www.thunderbird.net/en-US/thunderbird/115.7.0/releasenotes/ MFSA 2024-04 (bsc#1218955) * CVE-2024-0741 (bmo#1864587) Out of bounds write in ANGLE * CVE-2024-0742 (bmo#1867152) Failure to update user input timestamp * CVE-2024-0746 (bmo#1660223) Crash when listing printers on Linux * CVE-2024-0747 (bmo#1764343) Bypass of Content Security Policy when directive unsafe-inline was set * CVE-2024-0749 (bmo#1813463) Phishing site popup could show local origin in address bar * CVE-2024-0750 (bmo#1863083) Potential permissions request bypass via clickjacking * CVE-2024-0751 (bmo#1865689) Privilege escalation through devtools * CVE-2024-0753 (bmo#1870262) HSTS policy on subdomain could bypass policy of upper domain * CVE-2024-0755 (bmo#1868456, bmo#1871445, bmo#1873701) Memory safety bugs fixed in Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7 Wolfgang Rosenauer 2024-01-24 08:26:57 +0000
8b936efa7d Accepting request 1138352 from mozilla:Factory Ana Guerrero 2024-01-12 22:46:51 +0000
dc40555405 Accepting request 1137913 from home:MSirringhaus:branches:mozilla:Factory Wolfgang Rosenauer 2024-01-12 16:08:01 +0000
7a4d4e067c Accepting request 1134147 from mozilla:Factory Ana Guerrero 2023-12-20 20:02:30 +0000
bbc012a208 - Mozilla Thunderbird 115.6.0 https://www.thunderbird.net/en-US/thunderbird/115.6.0/releasenotes/ * Message selection misbehaved after selecting a sub-message in an expanded thread, collapsing the thread, then pressing up/down to move selection * Thunderbird now attempts to reconnect on a new connection after SMTP 4xx errors * HTML FileLink attachments used the wrong encoding MFSA 2023-55 (bsc#1217230) * CVE-2023-50762 (bmo#1862625) Truncated signed text was shown with a valid OpenPGP signature * CVE-2023-50761 (bmo#1865647) S/MIME signature accepted despite mismatching message date * CVE-2023-6856 (bmo#1843782) Heap-buffer-overflow affecting WebGL DrawElementsInstanced method with Mesa VM driver * CVE-2023-6857 (bmo#1796023) Symlinks may resolve to smaller than expected buffers * CVE-2023-6858 (bmo#1826791) Heap buffer overflow in nsTextFragment * CVE-2023-6859 (bmo#1840144) Use-after-free in PR_GetIdentitiesLayer * CVE-2023-6860 (bmo#1854669) Potential sandbox escape due to VideoBridge lack of texture validation * CVE-2023-6861 (bmo#1864118) Heap buffer overflow affected nsWindow::PickerOpen(void) in headless mode * CVE-2023-6862 (bmo#1868042) Wolfgang Rosenauer 2023-12-20 08:34:54 +0000
68aa3a7dc3 Accepting request 1132769 from mozilla:Factory Ana Guerrero 2023-12-13 17:35:07 +0000
bd13e76487 - Mozilla Thunderbird 115.5.2 Bugfix release https://www.thunderbird.net/en-US/thunderbird/115.5.2/releasenotes/ Wolfgang Rosenauer 2023-12-12 22:10:43 +0000
afd0637e40 Accepting request 1129733 from mozilla:Factory Ana Guerrero 2023-11-29 20:21:06 +0000
5835378f85 - Mozilla Thunderbird 115.5.1 Bugfix release https://www.thunderbird.net/en-US/thunderbird/115.5.1/releasenotes * Advanced GnuPG keys may be protected with an unexpected passphrase * OpenPGP signatures rejected due to mismatched signature timestamp now display signature timestamp and clarifying message * Advanced address book search did not return results if display name was left blank * Clicking on attendee when inviting attendees added the attendee twice Wolfgang Rosenauer 2023-11-29 07:32:44 +0000
9e1f2838a9 Accepting request 1128271 from mozilla:Factory Ana Guerrero 2023-11-23 20:41:38 +0000
480e0302f0 MFSA 2023-52 (bsc#1217230) Wolfgang Rosenauer 2023-11-23 08:16:17 +0000
55bb2ec82a - Mozilla Thunderbird 115.5.0 https://www.thunderbird.net/en-US/thunderbird/115.5.0/releasenotes MFSA 2023-52 (bsc#) * CVE-2023-6204 (bmo#1841050) Out-of-bound memory access in WebGL2 blitFramebuffer * CVE-2023-6205 (bmo#1854076) Use-after-free in MessagePort::Entangled * CVE-2023-6206 (bmo#1857430) Clickjacking permission prompts using the fullscreen transition * CVE-2023-6207 (bmo#1861344) Use-after-free in ReadableByteStreamQueueEntry::Buffer * CVE-2023-6208 (bmo#1855345) Using Selection API would copy contents into X11 primary selection. * CVE-2023-6209 (bmo#1858570) Incorrect parsing of relative URLs starting with "///" * CVE-2023-6212 (bmo#1658432, bmo#1820983, bmo#1829252, bmo#1856072, bmo#1856091, bmo#1859030, bmo#1860943, bmo#1862782) Memory safety bugs fixed in Firefox 120, Firefox ESR 115.5, and Thunderbird 115.5 Wolfgang Rosenauer 2023-11-23 08:14:02 +0000
bd0ee26f99 Accepting request 1126791 from mozilla:Factory Ana Guerrero 2023-11-16 19:28:43 +0000
328f51e3db - Mozilla Thunderbird 115.4.3 Bugfix release https://www.thunderbird.net/en-US/thunderbird/115.4.3/releasenotes Wolfgang Rosenauer 2023-11-16 09:04:06 +0000
f1ace80360 Accepting request 1124229 from mozilla:Factory Ana Guerrero 2023-11-08 21:18:54 +0000
1bac4101c8 - Mozilla Thunderbird 115.4.2 https://www.thunderbird.net/en-US/thunderbird/115.4.2/releasenotes - build using rust/cargo 1.72 (1.69 about to be dropped from Factory) Wolfgang Rosenauer 2023-11-08 12:10:27 +0000
759308472e Accepting request 1120173 from mozilla:Factory Ana Guerrero 2023-10-25 16:03:34 +0000
62f65fe0ea - Mozilla Thunderbird 115.4.1 https://www.thunderbird.net/en-US/thunderbird/115.4.1/releasenotes https://www.thunderbird.net/en-US/thunderbird/115.4.0/releasenotes MFSA 2023-47 (bsc#1216338) * CVE-2023-5721 (bmo#1830820) Queued up rendering could have allowed websites to clickjack * CVE-2023-5732 (bmo#1690979, bmo#1836962) Address bar spoofing via bidirectional characters * CVE-2023-5724 (bmo#1836705) Large WebGL draw could have led to a crash * CVE-2023-5725 (bmo#1845739) WebExtensions could open arbitrary URLs * CVE-2023-5726 (bmo#1846205) Full screen notification obscured by file open dialog on macOS * CVE-2023-5727 (bmo#1847180) Download Protections were bypassed by .msix, .msixbundle, .appx, and .appxbundle files on Windows * CVE-2023-5728 (bmo#1852729) Improper object tracking during GC in the JavaScript engine could have led to a crash. * CVE-2023-5730 (bmo#1836607, bmo#1840918, bmo#1848694, bmo#1848833, bmo#1850191, bmo#1850259, bmo#1852596, bmo#1853201, bmo#1854002, bmo#1855306, bmo#1855640, bmo#1856695) Memory safety bugs fixed in Firefox 119, Firefox ESR 115.4, and Thunderbird 115.4.1 - removed obsolete mozilla-bmo1846703.patch Wolfgang Rosenauer 2023-10-25 06:36:45 +0000
f4ecfaed93 Accepting request 1120115 from home:AndreasStieger:branches:mozilla:Factory Wolfgang Rosenauer 2023-10-24 21:00:55 +0000
5356bd4c50 Accepting request 1116802 from mozilla:Factory Ana Guerrero 2023-10-11 21:54:45 +0000
6c4666a6b7 - Mozilla Thunderbird 115.3.2 Bugfix release https://www.thunderbird.net/en-US/thunderbird/115.3.2/releasenotes Wolfgang Rosenauer 2023-10-11 06:35:40 +0000
d9a56d1348 Accepting request 1114452 from mozilla:Factory Ana Guerrero 2023-10-01 19:22:40 +0000
c1979ea7d9 - Mozilla Thunderbird 115.3.1 MFSA 2023-45 (bsc#1215814) * CVE-2023-5217 (bmo#1855550) Heap buffer overflow in libvpx - Add mozilla-bmo1846703.patch Wolfgang Rosenauer 2023-09-29 20:44:41 +0000
03bb18356b Accepting request 1113844 from mozilla:Factory Dominique Leuenberger 2023-09-27 22:25:51 +0000
70c5946a5c - Mozilla Thunderbird 115.3.0 https://www.thunderbird.net/en-US/thunderbird/115.3.0/releasenotes MFSA 2023-43 (bsc#1215575) * CVE-2023-5168 (bmo#1846683) Out-of-bounds write in FilterNodeD2D1 * CVE-2023-5169 (bmo#1846685) Out-of-bounds write in PathOps * CVE-2023-5171 (bmo#1851599) Use-after-free in Ion Compiler * CVE-2023-5174 (bmo#1848454) Double-free in process spawning on Windows * CVE-2023-5176 (bmo#1836353, bmo#1842674, bmo#1843824, bmo#1843962, bmo#1848890, bmo#1850180, bmo#1850983, bmo#1851195) Memory safety bugs fixed in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3 Wolfgang Rosenauer 2023-09-27 09:43:36 +0000
263916113a Accepting request 1112694 from mozilla:Factory Ana Guerrero 2023-09-21 20:22:38 +0000
d383915fad - Mozilla Thunderbird 115.2.3 Bugfix release: https://www.thunderbird.net/en-US/thunderbird/115.2.3/releasenotes Wolfgang Rosenauer 2023-09-21 06:48:37 +0000
d485729260 Accepting request 1110767 from mozilla:Factory Ana Guerrero 2023-09-13 18:44:58 +0000
a81e9b4cb4 Accepting request 1110766 from home:AndreasStieger:branches:mozilla:Factory Wolfgang Rosenauer 2023-09-12 21:29:55 +0000
9ff5d4a1b6 Accepting request 1109528 from mozilla:Factory Ana Guerrero 2023-09-07 19:13:51 +0000
45ef0c0c50 mozilla-bmo1775202.patch Wolfgang Rosenauer 2023-09-07 11:34:15 +0000
98a8bbee26 - Mozilla Thunderbird 115.2.0 https://www.thunderbird.net/en-US/thunderbird/115.2.0/releasenotes MFSA 2023-38 (bsc#1214606) * CVE-2023-4573 (bmo#1846687) Memory corruption in IPC CanvasTranslator * CVE-2023-4574 (bmo#1846688) Memory corruption in IPC ColorPickerShownCallback * CVE-2023-4575 (bmo#1846689) Memory corruption in IPC FilePickerShownCallback * CVE-2023-4576 (bmo#1846694) Integer Overflow in RecordedSourceSurfaceCreation * CVE-2023-4577 (bmo#1847397) Memory corruption in JIT UpdateRegExpStatics * CVE-2023-4051 (bmo#1821884) Full screen notification obscured by file open dialog * CVE-2023-4578 (bmo#1839007) Error reporting methods in SpiderMonkey could have triggered an Out of Memory Exception * CVE-2023-4053 (bmo#1839079) Full screen notification obscured by external program * CVE-2023-4580 (bmo#1843046) Push notifications saved to disk unencrypted * CVE-2023-4581 (bmo#1843758) XLL file extensions were downloadable without warnings * CVE-2023-4582 (bmo#1773874) Buffer Overflow in WebGL glGetProgramiv * CVE-2023-4583 (bmo#1842030) Browsing Context potentially not cleared when closing Private Window * CVE-2023-4584 (bmo#1843968, bmo#1845205, bmo#1846080, Wolfgang Rosenauer 2023-08-31 07:59:41 +0000
f3bf95db38 Accepting request 1102113 from mozilla:Factory Dominique Leuenberger 2023-08-03 15:29:27 +0000
da50d4ab72 - Mozilla Thunderbird 102.14.0 MFSA 2023-32 (bsc#1213746) * CVE-2023-4045 (bmo#1833876) Offscreen Canvas could have bypassed cross-origin restrictions * CVE-2023-4046 (bmo#1837686) Incorrect value used during WASM compilation * CVE-2023-4047 (bmo#1839073) Potential permissions request bypass via clickjacking * CVE-2023-4048 (bmo#1841368) Crash in DOMParser due to out-of-memory conditions * CVE-2023-4049 (bmo#1842658) Fix potential race conditions when releasing platform objects * CVE-2023-4050 (bmo#1843038) Stack buffer overflow in StorageManager * CVE-2023-4054 (bmo#1840777) Lack of warning when opening appref-ms files * CVE-2023-4055 (bmo#1782561) Cookie jar overflow caused unexpected cookie jar state * CVE-2023-4056 (bmo#1820587, bmo#1824634, bmo#1839235, bmo#1842325, bmo#1843847) Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1, Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14 Wolfgang Rosenauer 2023-08-03 04:29:56 +0000
a858e257a4 Accepting request 1101575 from home:AndreasStieger:branches:mozilla:Factory Wolfgang Rosenauer 2023-07-31 18:28:50 +0000
08933f69a0 Accepting request 1100766 from mozilla:Factory Ana Guerrero 2023-07-26 11:24:38 +0000
c92ecfd31b - Mozilla Thunderbird 102.13.1 MFSA 2023-28 * CVE-2023-3417 (bmo#1835582) File Extension Spoofing using the Text Direction Override Character Wolfgang Rosenauer 2023-07-26 07:30:19 +0000
fbaa0b6684 Accepting request 1097755 from mozilla:Factory Dominique Leuenberger 2023-07-09 18:39:07 +0000
a450a78f9c - Mozilla Thunderbird 102.13.0 * Upstream RNP version numbers now recognized as official in about:support MFSA 2023-24 (bsc#1212438) * CVE-2023-37201 (bmo#1826002) Use-after-free in WebRTC certificate generation * CVE-2023-37202 (bmo#1834711) Potential use-after-free from compartment mismatch in SpiderMonkey * CVE-2023-37207 (bmo#1816287) Fullscreen notification obscured * CVE-2023-37208 (bmo#1837675) Lack of warning when opening Diagcab files * CVE-2023-37211 (bmo#1832306, bmo#1834862, bmo#1835886, bmo#1836550, bmo#1837450) Memory safety bugs fixed in Firefox 115, Firefox ESR 102.13, and Thunderbird 102.13 - mozilla-llvm16.patch has been applied upstream, remove it here Wolfgang Rosenauer 2023-07-08 18:44:08 +0000
545394691f Accepting request 1091973 from mozilla:Factory Dominique Leuenberger 2023-06-11 17:54:52 +0000
8ab03d7649 Accepting request 1091941 from home:AndreasStieger:branches:mozilla:Factory Wolfgang Rosenauer 2023-06-10 10:47:23 +0000
40c3790c5c Accepting request 1089289 from mozilla:Factory Dominique Leuenberger 2023-05-27 18:38:25 +0000
4055c03185 - Mozilla Thunderbird 102.11.2 * fixed POP3 regressions ins 102.11.1 * https://www.thunderbird.net/en-US/thunderbird/102.11.2/releasenotes/ Thunderbird 102.11.1 * https://www.thunderbird.net/en-US/thunderbird/102.11.1/releasenotes/ Wolfgang Rosenauer 2023-05-27 08:18:22 +0000
1fafb69c4a Accepting request 1086176 from mozilla:Factory Dominique Leuenberger 2023-05-11 10:33:56 +0000
23380907bc - Mozilla Thunderbird 102.11.0 * https://www.thunderbird.net/en-US/thunderbird/102.11.0/releasenotes MFSA 2023-18 (bsc#1211175) * CVE-2023-32205 (bmo#1753339, bmo#1753341) Browser prompts could have been obscured by popups * CVE-2023-32206 (bmo#1824892) Crash in RLBox Expat driver * CVE-2023-32207 (bmo#1826116) Potential permissions request bypass via clickjacking * CVE-2023-32211 (bmo#1823379) Content process crash due to invalid wasm code * CVE-2023-32212 (bmo#1826622) Potential spoof due to obscured address bar * CVE-2023-32213 (bmo#1826666) Potential memory corruption in FileReader::DoReadData() * CVE-2023-32214 (bmo#1828716) Potential DoS via exposed protocol handlers * CVE-2023-32215 (bmo#1540883, bmo#1751943, bmo#1814856, bmo#1820210, bmo#1821480, bmo#1827019, bmo#1827024, bmo#1827144, bmo#1827359, bmo#1830186) Memory safety bugs fixed in Firefox 113 and Firefox ESR 102.11 Wolfgang Rosenauer 2023-05-11 06:49:50 +0000
4d249b21a0 Accepting request 1083507 from mozilla:Factory Dominique Leuenberger 2023-04-28 14:24:28 +0000
96ebf6f723 - Mozilla Thunderbird 102.10.1 * https://www.thunderbird.net/en-US/thunderbird/102.10.1/releasenotes Wolfgang Rosenauer 2023-04-28 10:10:31 +0000
b9156650b9 Accepting request 1078519 from mozilla:Factory Dominique Leuenberger 2023-04-12 10:51:34 +0000
376ac03b18 * New messages will automatically select S/MIME if configured and OpenPGP is not * Calendar events with timezone America/Mexico_City incorrectly applied Daylight Savings Time MFSA 2023-15 (bsc#1210212) * CVE-2023-29531 (bmo#1794292) Out-of-bound memory access in WebGL on macOS * CVE-2023-29532 (bmo#1806394) Mozilla Maintenance Service Write-lock bypass * CVE-2023-29533 (bmo#1798219, bmo#1814597) Fullscreen notification obscured * MFSA-TMP-2023-0001 (bmo#1819244) Double-free in libwebp * CVE-2023-29535 (bmo#1820543) Potential Memory Corruption following Garbage Collector compaction * CVE-2023-29536 (bmo#1821959) Invalid free from JavaScript code * CVE-2023-0547 (bmo#1811298) Revocation status of S/Mime recipient certificates was not checked * CVE-2023-29479 (bmo#1824978) Hang when processing certain OpenPGP messages * CVE-2023-29539 (bmo#1784348) Content-Disposition filename truncation leads to Reflected File Download * CVE-2023-29541 (bmo#1810191) Files with malicious extensions could have been downloaded unsafely on Linux * CVE-2023-29542 (bmo#1810793, bmo#1815062) Bypass of file download extension restrictions * CVE-2023-29545 (bmo#1823077) Wolfgang Rosenauer 2023-04-11 20:58:19 +0000
7a75a56779 - Mozilla Thunderbird 102.10.0 - add mozilla-llvm16.patch trying to fix build with LLVM16 Wolfgang Rosenauer 2023-04-06 13:55:17 +0000
b695ba5251 - Mozilla Thunderbird 102.9.1 MFSA 2023-12 * CVE-2023-28427 (bmo#1822595) Matrix SDK bundled with Thunderbird vulnerable to denial-of-service attack Wolfgang Rosenauer 2023-03-29 12:48:43 +0000
121088b5d4 Accepting request 1074474 from mozilla:Factory Dominique Leuenberger 2023-03-27 16:15:46 +0000
3d74973d59 - add gcc13-fix.patch to support current Tumbleweed Wolfgang Rosenauer 2023-03-26 16:31:37 +0000
596c12be2a Accepting request 1072474 from mozilla:Factory Dominique Leuenberger 2023-03-16 21:59:08 +0000
b8ddf94b52 - build using rust 1.67 Wolfgang Rosenauer 2023-03-16 13:11:48 +0000
34b61a3e8e - Mozilla Thunderbird 102.9.0 * https://www.thunderbird.net/en-US/thunderbird/102.9.0/releasenotes MFSA 2023-11 (bsc#1209173)) * CVE-2023-25751 (bmo#1814899) Incorrect code generation during JIT compilation * CVE-2023-28164 (bmo#1809122) URL being dragged from a removed cross-origin iframe into the same tab triggered navigation * CVE-2023-28162 (bmo#1811327) Invalid downcast in Worklets * CVE-2023-25752 (bmo#1811627) Potential out-of-bounds when accessing throttled streams * CVE-2023-28163 (bmo#1817768) Windows Save As dialog resolved environment variables * CVE-2023-28176 (bmo#1808352, bmo#1811637, bmo#1815904, bmo#1817442, bmo#1818674) Memory safety bugs fixed in Thunderbird 102.9 - update create-tar.sh Wolfgang Rosenauer 2023-03-16 10:35:50 +0000

Commit Graph Select branches Hide Pull Requests devel factory Mono Color

Commit Graph

Select branches

Hide Pull Requests

devel

factory