diff --git a/MozillaThunderbird.changes b/MozillaThunderbird.changes index b0cf029..dc57ae3 100644 --- a/MozillaThunderbird.changes +++ b/MozillaThunderbird.changes @@ -1,3 +1,19 @@ +------------------------------------------------------------------- +Sat Dec 23 18:36:42 UTC 2017 - wr@rosenauer.org + +- update to Thunderbird 52.5.2 + * This releases fixes the "Mailsploit" vulnerability and other + vulnerabilities detected by the "Cure53" audit (MFSA 2017-30) + * CVE-2017-7846 (bmo#1411716, bsc#1074043) + JavaScript Execution via RSS in mailbox:// origin + * CVE-2017-7847 (bmo#1411708, bsc#1074044) + Local path string can be leaked from RSS feed + * CVE-2017-7848 (bmo#1411699, bsc#1074045) + RSS Feed vulnerable to new line Injection + * CVE-2017-7829 (bmo#1423432, bsc#1074046) + Mailsploit part 1: From address with encoded null character is + cut off in message header display + ------------------------------------------------------------------- Fri Dec 8 15:53:30 UTC 2017 - dimstar@opensuse.org diff --git a/MozillaThunderbird.spec b/MozillaThunderbird.spec index b4b0aba..fb2dd03 100644 --- a/MozillaThunderbird.spec +++ b/MozillaThunderbird.spec @@ -17,9 +17,9 @@ # -%define mainversion 52.5.0 +%define mainversion 52.5.2 %define update_channel release -%define releasedate 201711210000 +%define releasedate 201712220000 %bcond_without mozilla_tb_kde4 %bcond_with mozilla_tb_valgrind diff --git a/compare-locales.tar.xz b/compare-locales.tar.xz index 16a6195..11a1e01 100644 --- a/compare-locales.tar.xz +++ b/compare-locales.tar.xz @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:1b49c2014db3bd6fc015c950f5f1b7dba25e99d89ac7646658514f6129976ae6 -size 28388 +oid sha256:a2b34b61f64bf1c9715f218b9dab90fb95eb15c9e29cc3195ac9a2546666ec36 +size 28376 diff --git a/create-tar.sh b/create-tar.sh index e71401f..e8310ba 100644 --- a/create-tar.sh +++ b/create-tar.sh @@ -2,8 +2,8 @@ CHANNEL="esr52" BRANCH="releases/comm-$CHANNEL" -RELEASE_TAG="THUNDERBIRD_52_5_0_RELEASE" -VERSION="52.5.0" +RELEASE_TAG="THUNDERBIRD_52_5_2_RELEASE" +VERSION="52.5.2" echo "cloning $BRANCH..." hg clone http://hg.mozilla.org/$BRANCH thunderbird diff --git a/l10n-52.5.0.tar.xz b/l10n-52.5.0.tar.xz deleted file mode 100644 index 81e5055..0000000 --- a/l10n-52.5.0.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:7a924cf19c3ecd601d2004ba0166b9b28f331153355ef5478358605aeb3650d0 -size 26215464 diff --git a/l10n-52.5.2.tar.xz b/l10n-52.5.2.tar.xz new file mode 100644 index 0000000..e872523 --- /dev/null +++ b/l10n-52.5.2.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:1ce68842f35878969a160d4e4b68ff80eb26dce18d00040279fc9b7e685ea729 +size 26212512 diff --git a/thunderbird-52.5.0-source.tar.xz b/thunderbird-52.5.0-source.tar.xz deleted file mode 100644 index 6897bf5..0000000 --- a/thunderbird-52.5.0-source.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:57246e6a6a3ae40f3ed21a2f43ee6589b2c77383af9f0d238ead262d0612a236 -size 242215136 diff --git a/thunderbird-52.5.2-source.tar.xz b/thunderbird-52.5.2-source.tar.xz new file mode 100644 index 0000000..1f25783 --- /dev/null +++ b/thunderbird-52.5.2-source.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:5bd859d3e940df6bfef46dfd5a9300b618d6557406c0d66e7c41af444541a662 +size 242240724