MozillaThunderbird/tar_stamps
Wolfgang Rosenauer 5e8c474a19 - Mozilla Thunderbird 91.6.0
* TB will now offer to send large forwarded attachments via FileLink
  * Partially signed unencrypted messages displayed an incorrect
    "parrtially encrypted" notification
  * Attachments filenames were not sanitized before saving to disk
  * In the attachment bar, the "Import OpenPGP Key" item displayed
    for public keys displayed an error and did not import the key
  * "Open with" attachment dialog did not have a selected radio
    button option
  MFSA 2022-06 (bsc#1195682)
  * CVE-2022-22753 (bmo#1732435)
    Privilege Escalation to SYSTEM on Windows via Maintenance
    Service
  * CVE-2022-22754 (bmo#1750565)
    Extensions could have bypassed permission confirmation during
    update
  * CVE-2022-22756 (bmo#1317873)
    Drag and dropping an image could have resulted in the dropped
    object being an executable
  * CVE-2022-22759 (bmo#1739957)
    Sandboxed iframes could have executed script if the parent
    appended elements
  * CVE-2022-22760 (bmo#1740985, bmo#1748503)
    Cross-Origin responses could be distinguished between script
    and non-script content-types
  * CVE-2022-22761 (bmo#1745566)
    frame-ancestors Content Security Policy directive was not
    enforced for framed extension pages
  * CVE-2022-22763 (bmo#1740534)
    Script Execution during invalid object state

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=623
2022-02-11 22:30:53 +00:00

11 lines
339 B
Plaintext

PRODUCT="thunderbird"
CHANNEL="esr91"
VERSION="91.6.0"
VERSION_SUFFIX=""
PREV_VERSION="91.5.1"
PREV_VERSION_SUFFIX=""
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
RELEASE_REPO="https://hg.mozilla.org/releases/comm-esr91"
RELEASE_TAG="676bfbddd4b3ed77f818b6b07d9d8a79c61be4da"
RELEASE_TIMESTAMP="20220204195633"