forked from pool/MozillaThunderbird
- Mozilla Thunderbird 91.11.0
* CLIENTID fix for bmo#1759197 in Thunderbird 91.8.1 did not work additional fix applied * "Save-As" attachment dialog did not have filename pre-populated MFSA 2022-26 (bsc#1200793) * CVE-2022-34479 (bmo#1745595) A popup window could be resized in a way to overlay the address bar with web content * CVE-2022-34470 (bmo#1765951) Use-after-free in nsSHistory * CVE-2022-34468 (bmo#1768537) CSP sandbox header without `allow-scripts` can be bypassed via retargeted javascript: URI * CVE-2022-2226 (bmo#1775441) An email with a mismatching OpenPGP signature date was accepted as valid * CVE-2022-34481 (bmo#1497246) Potential integer overflow in ReplaceElementsAt * CVE-2022-31744 (bmo#1757604) CSP bypass enabling stylesheet injection * CVE-2022-34472 (bmo#1770123) Unavailable PAC file resulted in OCSP requests being blocked * CVE-2022-34478 (bmo#1773717) Microsoft protocols can be attacked if a user accepts a prompt * CVE-2022-2200 (bmo#1771381) Undesired attributes could be set as part of prototype pollution * CVE-2022-34484 (bmo#1763634, bmo#1772651) Memory safety bugs fixed in Thunderbird 91.11 and Thunderbird 102 OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=640
This commit is contained in:
parent
5b920d1fa1
commit
08ffa63092
@ -1,3 +1,35 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Sun Jun 26 08:53:26 UTC 2022 - Wolfgang Rosenauer <wr@rosenauer.org>
|
||||||
|
|
||||||
|
- Mozilla Thunderbird 91.11.0
|
||||||
|
* CLIENTID fix for bmo#1759197 in Thunderbird 91.8.1 did not work
|
||||||
|
additional fix applied
|
||||||
|
* "Save-As" attachment dialog did not have filename pre-populated
|
||||||
|
MFSA 2022-26 (bsc#1200793)
|
||||||
|
* CVE-2022-34479 (bmo#1745595)
|
||||||
|
A popup window could be resized in a way to overlay the
|
||||||
|
address bar with web content
|
||||||
|
* CVE-2022-34470 (bmo#1765951)
|
||||||
|
Use-after-free in nsSHistory
|
||||||
|
* CVE-2022-34468 (bmo#1768537)
|
||||||
|
CSP sandbox header without `allow-scripts` can be bypassed
|
||||||
|
via retargeted javascript: URI
|
||||||
|
* CVE-2022-2226 (bmo#1775441)
|
||||||
|
An email with a mismatching OpenPGP signature date was
|
||||||
|
accepted as valid
|
||||||
|
* CVE-2022-34481 (bmo#1497246)
|
||||||
|
Potential integer overflow in ReplaceElementsAt
|
||||||
|
* CVE-2022-31744 (bmo#1757604)
|
||||||
|
CSP bypass enabling stylesheet injection
|
||||||
|
* CVE-2022-34472 (bmo#1770123)
|
||||||
|
Unavailable PAC file resulted in OCSP requests being blocked
|
||||||
|
* CVE-2022-34478 (bmo#1773717)
|
||||||
|
Microsoft protocols can be attacked if a user accepts a prompt
|
||||||
|
* CVE-2022-2200 (bmo#1771381)
|
||||||
|
Undesired attributes could be set as part of prototype pollution
|
||||||
|
* CVE-2022-34484 (bmo#1763634, bmo#1772651)
|
||||||
|
Memory safety bugs fixed in Thunderbird 91.11 and Thunderbird 102
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Thu May 26 07:56:09 UTC 2022 - Wolfgang Rosenauer <wr@rosenauer.org>
|
Thu May 26 07:56:09 UTC 2022 - Wolfgang Rosenauer <wr@rosenauer.org>
|
||||||
|
|
||||||
|
@ -29,8 +29,8 @@
|
|||||||
# major 69
|
# major 69
|
||||||
# mainver %major.99
|
# mainver %major.99
|
||||||
%define major 91
|
%define major 91
|
||||||
%define mainver %major.10.0
|
%define mainver %major.11.0
|
||||||
%define orig_version 91.10.0
|
%define orig_version 91.11.0
|
||||||
%define orig_suffix %{nil}
|
%define orig_suffix %{nil}
|
||||||
%define update_channel release
|
%define update_channel release
|
||||||
%define source_prefix thunderbird-%{orig_version}
|
%define source_prefix thunderbird-%{orig_version}
|
||||||
|
@ -1,10 +1,10 @@
|
|||||||
PRODUCT="thunderbird"
|
PRODUCT="thunderbird"
|
||||||
CHANNEL="esr91"
|
CHANNEL="esr91"
|
||||||
VERSION="91.10.0"
|
VERSION="91.11.0"
|
||||||
VERSION_SUFFIX=""
|
VERSION_SUFFIX=""
|
||||||
PREV_VERSION="91.9.1"
|
PREV_VERSION="91.10.0"
|
||||||
PREV_VERSION_SUFFIX=""
|
PREV_VERSION_SUFFIX=""
|
||||||
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
|
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
|
||||||
RELEASE_REPO="https://hg.mozilla.org/releases/comm-esr91"
|
RELEASE_REPO="https://hg.mozilla.org/releases/comm-esr91"
|
||||||
RELEASE_TAG="a52d41376d0374e23a0848e42a21454150c4d6a2"
|
RELEASE_TAG="da48e7ecf800ec7761a3b6e0ca81e0c90adc30f7"
|
||||||
RELEASE_TIMESTAMP="20220520005021"
|
RELEASE_TIMESTAMP="20220628000715"
|
||||||
|
@ -1,3 +0,0 @@
|
|||||||
version https://git-lfs.github.com/spec/v1
|
|
||||||
oid sha256:a0dbf9a8083a4dff8a0506b5f4c6910f681476e2c5fce081beda4493168e66f9
|
|
||||||
size 413952892
|
|
@ -1,16 +0,0 @@
|
|||||||
-----BEGIN PGP SIGNATURE-----
|
|
||||||
|
|
||||||
iQIzBAABCgAdFiEEQ2D+IQnEl2MYb44h6+QekPbxL20FAmKOpnwACgkQ6+QekPbx
|
|
||||||
L20tdw//XSN3MPmfipHx+sG7ttpoohrt4olNI4fu255iIwN+oY5c3bsnW9ZmVLG/
|
|
||||||
jGqgSbiDfC13ZUlIRb8eWAkRQSJm59KWqMGsio8n2VTc4sIsbkt/jRcyOYSA8zEk
|
|
||||||
M3DEI+MVPYPxu6VIiIsZhRrG1udB9Iptg3nvgy1+zhHvmWC4EZVLeZA+17gs9LnA
|
|
||||||
CD1C6a87bSjzZP0B9cYiUv4j/QZQDq98NXDz62QzcgvvMA817WhDXaNol2NiHa1z
|
|
||||||
IIKw0VSBWuIB6UnM3qyxUtVnLaznq4M+DMCrJzUrVOBOBzYh7KmKUcgak/KseojV
|
|
||||||
YjvQ4YVu553EAG7yl89A15FND6IVl9/T5s9GQL3CeMptK1HJFIs1xEjmalNzdUYZ
|
|
||||||
IXIPm5WdDr8btApEms1xTlZF3glq6971ZxeJXqoDJKWJD/vEepiu38tImxUx3jsA
|
|
||||||
63gncutNJJdPVe5gSjGZXKDNLMG9Hg0BEVoWg7IhkuDP3h8u1vo98awRJez3Qc0u
|
|
||||||
lQSGtG6b+rVMHHRNS0qb8Gy6wk1BO380HXLPnZFotN8oGcopmU59+sOtloEwyJYV
|
|
||||||
5MoP9se1jWVUTdqQsvO+uHgV5kH5xC7GM7Sq4j/DDxy+SdbLa902NS6JAxeCrzho
|
|
||||||
z7vMHfPu+PxUHlCQxvrkMqzy2+Nk/LfbVMFH1ZU9vYBNKi+qcY0=
|
|
||||||
=q9Z/
|
|
||||||
-----END PGP SIGNATURE-----
|
|
3
thunderbird-91.11.0.source.tar.xz
Normal file
3
thunderbird-91.11.0.source.tar.xz
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
version https://git-lfs.github.com/spec/v1
|
||||||
|
oid sha256:318e6d80eecf2d6f8af5c58e99333b8c4822a720a6193dc38848ff9a1e9e6dc8
|
||||||
|
size 408098564
|
16
thunderbird-91.11.0.source.tar.xz.asc
Normal file
16
thunderbird-91.11.0.source.tar.xz.asc
Normal file
@ -0,0 +1,16 @@
|
|||||||
|
-----BEGIN PGP SIGNATURE-----
|
||||||
|
|
||||||
|
iQIzBAABCgAdFiEEQ2D+IQnEl2MYb44h6+QekPbxL20FAmK6axsACgkQ6+QekPbx
|
||||||
|
L20wwQ/+Ls0P1VcNs9vitUgHjtss7r7rmZQ3jiXFaX/D9719uJfa/YcXHHgFNdXP
|
||||||
|
uVT9jjQFgIZgBN5SpIcaC7zygrh0nhbBw1Bg/4FWFyC8gHujvGMgF9hML+ltQx9x
|
||||||
|
sKZo6N5utcDfBdEU0kvCE9bgLGq00FCnke0jfut+jxv+sN0s85lPMcRR35PEjFS2
|
||||||
|
oEDqsauTbS+BJtA+oBF6D8IaLuZh9WA6zOgcqsNWmxxfCesUfVjYMihmicwFSvFQ
|
||||||
|
SZmrQrvNd5bdB84GsLhf67uhWdu7UwjUjuALWIiTXNug8zdUgT7R4VDWpbcYXf8T
|
||||||
|
VkA7HzmF6sABKkev4JX2DOxtVJwHGJteLFRNJYZnHwzz5o6qncs5I91j15SCc0AF
|
||||||
|
u4Oriy7yis6EPRR3PLgYg9omdFQmB8E8QPgNkldfUpV9S8W2/tbKpNKCk1uMY8DL
|
||||||
|
GkZNkPQY/Wx3CnPOy6bd1ACS9GwUdavacVvaiCLnVRRW+oWeGZ2C74CST8sXnodh
|
||||||
|
hiZ1GFwshhdOowP4E3XthW+ZVDy7aEnTNaBLWT9s0jOsqeGwMK+XYEihstLPAdhN
|
||||||
|
8Dq71zrmmQvnXPUlektykssVg2jox6F9xMCuM4z628/ajFoqApeJjvMYGiaQHJ8p
|
||||||
|
BnxFDuZvB7mPlWzbtIGCCqxPRVlFq8VR9ySG3i+PDMfApOkZAjE=
|
||||||
|
=eETF
|
||||||
|
-----END PGP SIGNATURE-----
|
Loading…
Reference in New Issue
Block a user