08ffa63092
* CLIENTID fix for bmo#1759197 in Thunderbird 91.8.1 did not work
additional fix applied
* "Save-As" attachment dialog did not have filename pre-populated
MFSA 2022-26 (bsc#1200793)
* CVE-2022-34479 (bmo#1745595)
A popup window could be resized in a way to overlay the
address bar with web content
* CVE-2022-34470 (bmo#1765951)
Use-after-free in nsSHistory
* CVE-2022-34468 (bmo#1768537)
CSP sandbox header without `allow-scripts` can be bypassed
via retargeted javascript: URI
* CVE-2022-2226 (bmo#1775441)
An email with a mismatching OpenPGP signature date was
accepted as valid
* CVE-2022-34481 (bmo#1497246)
Potential integer overflow in ReplaceElementsAt
* CVE-2022-31744 (bmo#1757604)
CSP bypass enabling stylesheet injection
* CVE-2022-34472 (bmo#1770123)
Unavailable PAC file resulted in OCSP requests being blocked
* CVE-2022-34478 (bmo#1773717)
Microsoft protocols can be attacked if a user accepts a prompt
* CVE-2022-2200 (bmo#1771381)
Undesired attributes could be set as part of prototype pollution
* CVE-2022-34484 (bmo#1763634, bmo#1772651)
Memory safety bugs fixed in Thunderbird 91.11 and Thunderbird 102
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=640
11 lines
341 B
Plaintext
11 lines
341 B
Plaintext
PRODUCT="thunderbird"
|
|
CHANNEL="esr91"
|
|
VERSION="91.11.0"
|
|
VERSION_SUFFIX=""
|
|
PREV_VERSION="91.10.0"
|
|
PREV_VERSION_SUFFIX=""
|
|
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
|
|
RELEASE_REPO="https://hg.mozilla.org/releases/comm-esr91"
|
|
RELEASE_TAG="da48e7ecf800ec7761a3b6e0ca81e0c90adc30f7"
|
|
RELEASE_TIMESTAMP="20220628000715"
|