Accepting request 115998 from mozilla:Factory

- update to Thunderbird 12.0.1 * fix regressions - POP3 filters (bmo#748090) - Message Body not loaded when using "Fetch Headers Only" (bmo#748865) - Received messages contain parts of other messages with movemail account (bmo#748726) - New mail notification issue (bmo#748997) - crash in nsMsgDatabase::MatchDbName (bmo#748432) - fixed build with gcc 4.7 * MFSA 2012-20/CVE-2012-0467/CVE-2012-0468 Miscellaneous memory safety hazards * MFSA 2012-22/CVE-2012-0469 (bmo#738985) use-after-free in IDBKeyRange * MFSA 2012-23/CVE-2012-0470 (bmo#734288) Invalid frees causes heap corruption in gfxImageSurface * MFSA 2012-24/CVE-2012-0471 (bmo#715319) Potential XSS via multibyte content processing errors * MFSA 2012-25/CVE-2012-0472 (bmo#744480) Potential memory corruption during font rendering using cairo-dwrite * MFSA 2012-26/CVE-2012-0473 (bmo#743475) WebGL.drawElements may read illegal video memory due to FindMaxUshortElement error * MFSA 2012-27/CVE-2012-0474 (bmo#687745, bmo#737307) Page load short-circuit can lead to XSS * MFSA 2012-28/CVE-2012-0475 (bmo#694576) Ambiguous IPv6 in Origin headers may bypass webserver access restrictions OBS-URL: https://build.opensuse.org/request/show/115998 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=99
2012-05-07 20:48:14 +00:00 · 2012-05-07 20:48:14 +00:00 · 52f2fb6c8d
commit 52f2fb6c8d
parent 3016e1a3a3 1e49694862
9 changed files with 77 additions and 12 deletions
--- a/MozillaThunderbird.changes
+++ b/MozillaThunderbird.changes
@ -1,7 +1,53 @@
+-------------------------------------------------------------------
+Mon Apr 30 06:43:26 UTC 2012 - wr@rosenauer.org
+
+- update to Thunderbird 12.0.1
+  * fix regressions
+    - POP3 filters (bmo#748090)
+    - Message Body not loaded when using "Fetch Headers Only"
+      (bmo#748865)
+    - Received messages contain parts of other messages with
+      movemail account (bmo#748726)
+    - New mail notification issue (bmo#748997)
+    - crash in nsMsgDatabase::MatchDbName (bmo#748432)
+
+-------------------------------------------------------------------
+Fri Apr 27 10:22:49 UTC 2012 - wr@rosenauer.org
+
+- fixed build with gcc 4.7
+
 -------------------------------------------------------------------
 Sat Apr 21 07:39:28 UTC 2012 - wr@rosenauer.org

 - update to Thunderbird 12.0 (bnc#758408)
+  * MFSA 2012-20/CVE-2012-0467/CVE-2012-0468
+    Miscellaneous memory safety hazards
+  * MFSA 2012-22/CVE-2012-0469 (bmo#738985)
+    use-after-free in IDBKeyRange
+  * MFSA 2012-23/CVE-2012-0470 (bmo#734288)
+    Invalid frees causes heap corruption in gfxImageSurface
+  * MFSA 2012-24/CVE-2012-0471 (bmo#715319)
+    Potential XSS via multibyte content processing errors
+  * MFSA 2012-25/CVE-2012-0472 (bmo#744480)
+    Potential memory corruption during font rendering using cairo-dwrite
+  * MFSA 2012-26/CVE-2012-0473 (bmo#743475)
+    WebGL.drawElements may read illegal video memory due to
+    FindMaxUshortElement error
+  * MFSA 2012-27/CVE-2012-0474 (bmo#687745, bmo#737307)
+    Page load short-circuit can lead to XSS
+  * MFSA 2012-28/CVE-2012-0475 (bmo#694576)
+    Ambiguous IPv6 in Origin headers may bypass webserver access
+    restrictions
+  * MFSA 2012-29/CVE-2012-0477 (bmo#718573)
+    Potential XSS through ISO-2022-KR/ISO-2022-CN decoding issues
+  * MFSA 2012-30/CVE-2012-0478 (bmo#727547)
+    Crash with WebGL content using textImage2D
+  * MFSA 2012-31/CVE-2011-3062 (bmo#739925)
+    Off-by-one error in OpenType Sanitizer
+  * MFSA 2012-32/CVE-2011-1187 (bmo#624621)
+    HTTP Redirections and remote content can be read by javascript errors
+  * MFSA 2012-33/CVE-2012-0479 (bmo#714631)
+    Potential site identity spoofing when loading RSS and Atom feeds
 - update Enigmail to 1.4.1
 - added mozilla-revert_621446.patch
 - added mozilla-libnotify.patch (bmo#737646)
--- a/MozillaThunderbird.spec
+++ b/MozillaThunderbird.spec
@ -40,11 +40,11 @@ BuildRequires:  update-desktop-files
 BuildRequires:  xorg-x11-libXt-devel
 BuildRequires:  yasm
 BuildRequires:  zip
-%define mainversion 12.0
+%define mainversion 12.0.1
 %define update_channel release
 Version:        %{mainversion}
 Release:        0
-%define releasedate 2012042100
+%define releasedate 2012042800
 Provides:       thunderbird = %{version}
 %if %{with_kde}
 # this is needed to match this package with the kde4 helper package without the main package
--- a/compare-locales.tar.bz2
+++ b/compare-locales.tar.bz2
@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:1cf4361be7ffc69552e513101e6abf5b419e1c1966edc70f83a7221c5a79c3aa
-size 29329
+oid sha256:8d3638287e651173ce4b9365d8ed67a43c38d1333fddb2071341f4d77bcb95f3
+size 29348
--- a/create-tar.sh
+++ b/create-tar.sh
@ -2,8 +2,8 @@

 CHANNEL="release"
 BRANCH="releases/comm-$CHANNEL"
-RELEASE_TAG="THUNDERBIRD_12_0_RELEASE"
-VERSION="12.0"
+RELEASE_TAG="THUNDERBIRD_12_0_1_RELEASE"
+VERSION="12.0.1"

 echo "cloning $BRANCH..."
 hg clone http://hg.mozilla.org/$BRANCH thunderbird
--- a/l10n-12.0.1.tar.bz2
+++ b/l10n-12.0.1.tar.bz2
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:fe77d369d7d60ee819b54372da5afd3b68331c30499105075fc95f2b9464f797
+size 25499303
--- a/l10n-12.0.tar.bz2
+++ b/l10n-12.0.tar.bz2
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:12a22326fc4fd28cce0ae056959548cbc40c3cf4489524f68acf73921a8edb08
-size 25501576
--- a/mailnews-literals.patch
+++ b/mailnews-literals.patch
@ -47,6 +47,25 @@ diff --git a/mailnews/base/src/nsMsgFolderCompactor.cpp b/mailnews/base/src/nsMs
         // if blockOffset is set, we added x-mozilla-status headers so
         // file pointer is already past them.
         if (!blockOffset)
+@@ -1211,17 +1211,17 @@ nsOfflineStoreCompactState::OnDataAvaila
+     if (NS_SUCCEEDED(rv))
+     {
+       if (m_startOfMsg)
+       {
+         m_startOfMsg = false;
+         // check if there's an envelope header; if not, write one.
+         if (strncmp(m_dataBuffer, "From ", 5))
+         {
+-          m_fileStream->Write("From "CRLF, 7, &bytesWritten);
+          m_fileStream->Write("From " CRLF, 7, &bytesWritten);
+           m_offlineMsgSize += bytesWritten;
+         }
+       }
+       m_fileStream->Write(m_dataBuffer, readCount, &bytesWritten);
+       m_offlineMsgSize += bytesWritten;
+       writeCount += bytesWritten;
+       count -= readCount;
+       if (writeCount != readCount)
 diff --git a/mailnews/compose/src/nsMsgAppleEncode.cpp b/mailnews/compose/src/nsMsgAppleEncode.cpp
 --- a/mailnews/compose/src/nsMsgAppleEncode.cpp
 +++ b/mailnews/compose/src/nsMsgAppleEncode.cpp
--- a/thunderbird-12.0-source.tar.bz2
+++ b/thunderbird-12.0-source.tar.bz2
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:0aae8543214b555a408de564014266d0cffbbb61fd927026af489966bed7ae34
-size 101199838
--- a/thunderbird-12.0.1-source.tar.bz2
+++ b/thunderbird-12.0.1-source.tar.bz2
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:573acd29f9f514bafa0a5daa0df39e62a82b3ebb573c7091693eacdcaf7fd234
+size 101196652