Update to 140.5.0 ESR; Sync with mozilla:Factory #9
@@ -1,24 +1,52 @@
|
||||
-------------------------------------------------------------------
|
||||
Tue Nov 4 13:57:53 UTC 2025 - Martin Sirringhaus <martin.sirringhaus@suse.com>
|
||||
Mon Nov 17 10:52:31 UTC 2025 - Yoshio Sato <vasua.ukraine@gmail.com>
|
||||
|
||||
- Mozilla Thunderbird 140.4
|
||||
* changed: Account Hub is now disabled by default for second
|
||||
email account (bmo#1992027)
|
||||
* changed: Flatpak runtime has been updated to Freedesktop SDK
|
||||
24.08 (bmo#1952100)
|
||||
* fixed: Users could not read mail signed with OpenPGP v6 and
|
||||
PQC keys (bmo#1986845)
|
||||
* fixed: Image preview in Insert Image dialog failed with CSP
|
||||
error for web resources (bmo#1989392)
|
||||
* fixed: Emptying trash on exit did not work with some
|
||||
providers (bmo#1975147)
|
||||
* fixed: Thunderbird could crash when applying filters
|
||||
(bmo#1987880)
|
||||
* fixed: Users were unable to override expired mail server
|
||||
certificate (bmo#1979323)
|
||||
* fixed: Opening Website header link in RSS feed incorrectly
|
||||
re-encoded URL parameters (bmo#1971035)
|
||||
* fixed: Security fixes
|
||||
- Add build_limit for s390x on SLE16 (bsc#1247774)
|
||||
* by Martin Sirringhaus <martin.sirringhaus@suse.com>
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Sun Nov 9 12:24:12 UTC 2025 - Wolfgang Rosenauer <wr@rosenauer.org>
|
||||
|
||||
- Mozilla Thunderbird 140.5.0 ESR
|
||||
MFSA 2025-91 (bsc#1253188)
|
||||
* CVE-2025-13012 (bmo#1991458)
|
||||
Race condition in the Graphics component
|
||||
* CVE-2025-13016 (bmo#1992130)
|
||||
Incorrect boundary conditions in the JavaScript: WebAssembly
|
||||
component
|
||||
* CVE-2025-13017 (bmo#1980904)
|
||||
Same-origin policy bypass in the DOM: Notifications component
|
||||
* CVE-2025-13018 (bmo#1984940)
|
||||
Mitigation bypass in the DOM: Security component
|
||||
* CVE-2025-13019 (bmo#1988412)
|
||||
Same-origin policy bypass in the DOM: Workers component
|
||||
* CVE-2025-13013 (bmo#1991945)
|
||||
Mitigation bypass in the DOM: Core & HTML component
|
||||
* CVE-2025-13020 (bmo#1995686)
|
||||
Use-after-free in the WebRTC: Audio/Video component
|
||||
* CVE-2025-13014 (bmo#1994241)
|
||||
Use-after-free in the Audio/Video component
|
||||
* CVE-2025-13015 (bmo#1994164)
|
||||
Spoofing issue in Thunderbird
|
||||
* fixed: Could not drag and drop ICS file to Today Pane
|
||||
(bmo#1992935)
|
||||
* fixed: With Thunderbird closed, clicking a 'mailto:' link to
|
||||
send signed message failed (bmo#1972857)
|
||||
* fixed: Upgrade from 128.x->140.x broke authentication for
|
||||
@att.net using Yahoo backend (bmo#1978361)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Sat Oct 18 05:29:10 UTC 2025 - Wolfgang Rosenauer <wr@rosenauer.org>
|
||||
|
||||
- Mozilla Thunderbird 140.4.0 ESR
|
||||
* Account Hub is now disabled by default for second email account
|
||||
* Users could not read mail signed with OpenPGP v6 and PQC keys
|
||||
* Image preview in Insert Image dialog failed with CSP error for web resources
|
||||
* Emptying trash on exit did not work with some providers
|
||||
* Thunderbird could crash when applying filters
|
||||
* Users were unable to override expired mail server certificate
|
||||
* Opening Website header link in RSS feed incorrectly re-encoded
|
||||
URL parameters
|
||||
MFSA 2025-85 (bsc#1251263)
|
||||
* CVE-2025-11708 (bmo#1988931)
|
||||
Use-after-free in MediaTrackGraphImpl::GetInstance()
|
||||
@@ -44,12 +72,13 @@ Tue Nov 4 13:57:53 UTC 2025 - Martin Sirringhaus <martin.sirringhaus@suse.com>
|
||||
bmo#1988912, bmo#1989734, bmo#1990085, bmo#1991899)
|
||||
Memory safety bugs fixed in Firefox ESR 140.4, Thunderbird
|
||||
ESR 140.4, Firefox 144 and Thunderbird 144
|
||||
- Replace mozilla-bmo998749.patch with upstreams version
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Nov 4 13:45:07 UTC 2025 - Martin Sirringhaus <martin.sirringhaus@suse.com>
|
||||
Tue Sep 30 16:41:53 UTC 2025 - Wolfgang Rosenauer <wr@rosenauer.org>
|
||||
|
||||
- Add build_limit for s390x on SLE16 (bsc#1247774)
|
||||
- Mozilla Thunderbird 140.3.1 ESR
|
||||
* several bugfixes listed here
|
||||
https://www.thunderbird.net/en-US/thunderbird/140.3.1esr/releasenotes
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Sun Sep 14 06:58:42 UTC 2025 - Wolfgang Rosenauer <wr@rosenauer.org>
|
||||
@@ -5278,7 +5307,7 @@ Fri Jun 19 17:00:11 UTC 2015 - wr@rosenauer.org
|
||||
- tb-develdirs.patch is now mozilla-develdirs.patch as it is a
|
||||
platform configuration now
|
||||
|
||||
--------------------------------------------------------------------
|
||||
-------------------------------------------------------------------
|
||||
Thu Jun 18 10:30:18 UTC 2015 - schwab@suse.de
|
||||
|
||||
- mozilla-arm64-libjpeg-turbo.patch: fix libjpeg-turbo configuration
|
||||
|
||||
@@ -30,8 +30,8 @@
|
||||
# major 69
|
||||
# mainver %%major.99
|
||||
%define major 140
|
||||
%define mainver %major.4.0
|
||||
%define orig_version 140.4.0
|
||||
%define mainver %major.5.0
|
||||
%define orig_version 140.5.0
|
||||
%define orig_suffix esr
|
||||
%define update_channel esr
|
||||
%define source_prefix thunderbird-%{orig_version}
|
||||
|
||||
@@ -1,61 +1,29 @@
|
||||
# HG changeset patch
|
||||
# User Kagami Sascha Rosylight <krosylight@proton.me>
|
||||
# Date 1758587698 0
|
||||
# Node ID 48d7a6b864335c3f49a33b3e570f85338b125bd1
|
||||
# Parent 1ac42c45ad132e1b2d498af6d8f0315839c2b25a
|
||||
Bug 998749 - Use SurfaceFormatBit::OS_* for FilterProcessing.h r=tnikkel
|
||||
# User msirringhaus@suse.de
|
||||
# Date 1583738770 -3600
|
||||
# Mon Mar 09 08:26:10 2020 +0100
|
||||
# Node ID 34676feac1a542e409e22acf5b98735f8313b1ce
|
||||
# Parent 506857dace0a08d1c9685e3ac264646590b3e27f
|
||||
[mq]: mozilla-bmo998749.patch
|
||||
|
||||
Differential Revision: https://phabricator.services.mozilla.com/D265733
|
||||
|
||||
|
||||
diff --git a/gfx/2d/FilterProcessing.h b/gfx/2d/FilterProcessing.h
|
||||
--- a/gfx/2d/FilterProcessing.h
|
||||
+++ b/gfx/2d/FilterProcessing.h
|
||||
@@ -5,23 +5,26 @@
|
||||
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
||||
diff -r 506857dace0a -r 34676feac1a5 gfx/2d/FilterProcessing.h
|
||||
--- a/gfx/2d/FilterProcessing.h Fri Feb 28 12:31:51 2020 +0100
|
||||
+++ b/gfx/2d/FilterProcessing.h Mon Mar 09 08:26:10 2020 +0100
|
||||
@@ -13,10 +13,17 @@
|
||||
namespace mozilla {
|
||||
namespace gfx {
|
||||
|
||||
#ifndef _MOZILLA_GFX_FILTERPROCESSING_H_
|
||||
#define _MOZILLA_GFX_FILTERPROCESSING_H_
|
||||
|
||||
#include "2D.h"
|
||||
#include "Filters.h"
|
||||
|
||||
-namespace mozilla {
|
||||
-namespace gfx {
|
||||
+namespace mozilla::gfx {
|
||||
|
||||
-const ptrdiff_t B8G8R8A8_COMPONENT_BYTEOFFSET_B = 0;
|
||||
-const ptrdiff_t B8G8R8A8_COMPONENT_BYTEOFFSET_G = 1;
|
||||
-const ptrdiff_t B8G8R8A8_COMPONENT_BYTEOFFSET_R = 2;
|
||||
-const ptrdiff_t B8G8R8A8_COMPONENT_BYTEOFFSET_A = 3;
|
||||
+const ptrdiff_t B8G8R8A8_COMPONENT_BYTEOFFSET_B =
|
||||
+ static_cast<ptrdiff_t>(mozilla::gfx::SurfaceFormatBit::OS_B) / 8;
|
||||
+const ptrdiff_t B8G8R8A8_COMPONENT_BYTEOFFSET_G =
|
||||
+ static_cast<ptrdiff_t>(mozilla::gfx::SurfaceFormatBit::OS_G) / 8;
|
||||
+const ptrdiff_t B8G8R8A8_COMPONENT_BYTEOFFSET_R =
|
||||
+ static_cast<ptrdiff_t>(mozilla::gfx::SurfaceFormatBit::OS_R) / 8;
|
||||
+const ptrdiff_t B8G8R8A8_COMPONENT_BYTEOFFSET_A =
|
||||
+ static_cast<ptrdiff_t>(mozilla::gfx::SurfaceFormatBit::OS_A) / 8;
|
||||
+#if MOZ_BIG_ENDIAN()
|
||||
+const ptrdiff_t B8G8R8A8_COMPONENT_BYTEOFFSET_B = 3;
|
||||
+const ptrdiff_t B8G8R8A8_COMPONENT_BYTEOFFSET_G = 2;
|
||||
+const ptrdiff_t B8G8R8A8_COMPONENT_BYTEOFFSET_R = 1;
|
||||
+const ptrdiff_t B8G8R8A8_COMPONENT_BYTEOFFSET_A = 0;
|
||||
+#else
|
||||
const ptrdiff_t B8G8R8A8_COMPONENT_BYTEOFFSET_B = 0;
|
||||
const ptrdiff_t B8G8R8A8_COMPONENT_BYTEOFFSET_G = 1;
|
||||
const ptrdiff_t B8G8R8A8_COMPONENT_BYTEOFFSET_R = 2;
|
||||
const ptrdiff_t B8G8R8A8_COMPONENT_BYTEOFFSET_A = 3;
|
||||
+#endif
|
||||
|
||||
class FilterProcessing {
|
||||
public:
|
||||
// Fast approximate division by 255. It has the property that
|
||||
// for all 0 <= v <= 255*255, FastDivideBy255(v) == v/255.
|
||||
// But it only uses two adds and two shifts instead of an
|
||||
// integer division (which is expensive on many processors).
|
||||
template <class B, class A>
|
||||
@@ -155,12 +158,11 @@ class FilterProcessing {
|
||||
static inline unsigned umax(unsigned a, unsigned b) {
|
||||
return a - ((a - b) & -(a < b));
|
||||
}
|
||||
|
||||
static inline unsigned umin(unsigned a, unsigned b) {
|
||||
return a - ((a - b) & -(a > b));
|
||||
}
|
||||
|
||||
-} // namespace gfx
|
||||
-} // namespace mozilla
|
||||
+} // namespace mozilla::gfx
|
||||
|
||||
#endif // _MOZILLA_GFX_FILTERPROCESSING_H_
|
||||
|
||||
|
||||
@@ -1,10 +1,10 @@
|
||||
PRODUCT="thunderbird"
|
||||
CHANNEL="esr140"
|
||||
VERSION="140.4.0"
|
||||
VERSION="140.5.0"
|
||||
VERSION_SUFFIX="esr"
|
||||
REV_VERSION="140.3.0"
|
||||
REV_VERSION="140.4.0"
|
||||
PREV_VERSION_SUFFIX="esr"
|
||||
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
|
||||
RELEASE_REPO="https://hg.mozilla.org/releases/comm-esr140"
|
||||
RELEASE_TAG="efb07defaa2d56105675dc1d936af581ebfd8ffa"
|
||||
RELEASE_TIMESTAMP="20251010020716"
|
||||
RELEASE_TAG="6a3011b7161c6f3a36d5116f2608d51b19fb4d58"
|
||||
RELEASE_TIMESTAMP="20251108022659"
|
||||
|
||||
Binary file not shown.
@@ -1,16 +0,0 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQIzBAABCgAdFiEECb7tY/NGKi3/qzuHXstkl8GiAlYFAmjonrYACgkQXstkl8Gi
|
||||
AlYivQ//R8nMW8KSwBndAW82/SA8bJh5cTm9uXJpwfRi+0oQ0QARTADrmpV4kQyR
|
||||
Ld/Gyzvcoo3SKCp683xBEDxsuVBUd0x63IRdjf09gYDBRmVmq22bfUWgrhKtD9J0
|
||||
2yDOPd1TnFYpQe0kYoyPthjCrRbRI73LnV0kep57b9LI0xz0gJ/WamHMwQpXEVHO
|
||||
9z1aaXODUlcHpssWw/VBqZLPEWduqy/pnf0lFFJqtZVcuCJjdazOdiVHq8vVGVdb
|
||||
kxml6SbnKHZFlfmqbIjov2Bg0xlGDSvkCCc3jHq3ZGoCC7urzcZReicashn0AZTn
|
||||
OL6w5RbuHK6MhYOOs+IvHQ9bM/qUBi0Ck/zj9DAqZm4Q4rkfcWKkG85sbyZPASyD
|
||||
8wwu+fBYIKJ92d8RxWd0+c7tIu4HpOzZ4eDLBvn/c5Pasaa1wb9QfqhbJr50ZWOv
|
||||
Yl/kAXrF6ae23paht4R6ViGkXGwFTJuhAuKp+J+UTnXl/nCLis06x1FqfdXMiGcY
|
||||
VVGjO9TvE9FD9koYu855/ELUC9By8dbQ7qZeEgj1WLK2/Qfs2UQSsyCd4kvTqYNG
|
||||
0PA/I6WRewRPkCsRV9zcvtQR8XvnwasHhzkSA16Ozy11Tars9rUbXEtnkkCRUUsh
|
||||
gbi6WYZWzoSqhYa3xzMuHxjyLr4voiziug6iBmWeCkuSZJXiFi0=
|
||||
=hVEC
|
||||
-----END PGP SIGNATURE-----
|
||||
BIN
thunderbird-140.5.0esr.source.tar.xz
LFS
Normal file
BIN
thunderbird-140.5.0esr.source.tar.xz
LFS
Normal file
Binary file not shown.
16
thunderbird-140.5.0esr.source.tar.xz.asc
Normal file
16
thunderbird-140.5.0esr.source.tar.xz.asc
Normal file
@@ -0,0 +1,16 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQIzBAABCgAdFiEECb7tY/NGKi3/qzuHXstkl8GiAlYFAmkOzIQACgkQXstkl8Gi
|
||||
AlasTQ/+JbrEW3aHRhVa1xBwFx5aUXroEAcufGOovpwlmb8wYmmyeuELWbzsrQRv
|
||||
SX7HqLrF8FYfZOgy8qHbz7W8zIHSi5K312u2WuDdguj4SkUdJp5Qimnq6uW+eBBo
|
||||
bVrKXFSvUvseuswutCjBLha/A49VHvJehz6f9ITCyva3yiK8LOVEeX/QNkP9Ust7
|
||||
8Ry+cgrmWGw3vN991OqYvg3mwKKGuQHk//11gaUaRU2yO6r6bkLWB+bMedGWZWhb
|
||||
WC+o3Weu1jR5piNKLTrZZjKV5PK4va7bIW13amu+t+XiNBGt/CMnXr2isTJ+qRIs
|
||||
F7P9yk+mjEoFo3RDslCZorSLv+8VHglIhtw4Ont4KMDzuXru76/RwIa7qaG8vINp
|
||||
Dx2BOKmIde26X63Nva87+KdEf4x+DoVkPr4yqWUxEugUlWuVXGvBLEhszfbmEqA5
|
||||
E8XdYLX4fnrG9kAAg4pGccIYJ4LIu/n82ZDKU7u/vea2Sdcemdcgn35/8jnbs3oV
|
||||
MNDduQ/ISxIzGuYbosfIIk7oMWUpc7bwnnNb+PuB4GOHNl/PjGXO0iOFgx8iUEPQ
|
||||
jLHYNVDnPCI2Cdqx5JsObv6zlN9NyJKNVEnDKh9fLmqolkdiy97wSn/Hjz1EwmjG
|
||||
MlOCr6YByB9kUPPEVYYh852J2yUirgxzc5eA0TuuM9GeL+wQClY=
|
||||
=wq2n
|
||||
-----END PGP SIGNATURE-----
|
||||
Reference in New Issue
Block a user