forked from pool/MozillaThunderbird
- Mozilla Thunderbird 91.6.0
* TB will now offer to send large forwarded attachments via FileLink * Partially signed unencrypted messages displayed an incorrect "parrtially encrypted" notification * Attachments filenames were not sanitized before saving to disk * In the attachment bar, the "Import OpenPGP Key" item displayed for public keys displayed an error and did not import the key * "Open with" attachment dialog did not have a selected radio button option MFSA 2022-06 (bsc#1195682) * CVE-2022-22753 (bmo#1732435) Privilege Escalation to SYSTEM on Windows via Maintenance Service * CVE-2022-22754 (bmo#1750565) Extensions could have bypassed permission confirmation during update * CVE-2022-22756 (bmo#1317873) Drag and dropping an image could have resulted in the dropped object being an executable * CVE-2022-22759 (bmo#1739957) Sandboxed iframes could have executed script if the parent appended elements * CVE-2022-22760 (bmo#1740985, bmo#1748503) Cross-Origin responses could be distinguished between script and non-script content-types * CVE-2022-22761 (bmo#1745566) frame-ancestors Content Security Policy directive was not enforced for framed extension pages * CVE-2022-22763 (bmo#1740534) Script Execution during invalid object state OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=623
This commit is contained in:
parent
c34bf76e06
commit
5e8c474a19
@ -1,3 +1,42 @@
|
||||
-------------------------------------------------------------------
|
||||
Sat Feb 5 14:11:31 UTC 2022 - Wolfgang Rosenauer <wr@rosenauer.org>
|
||||
|
||||
- Mozilla Thunderbird 91.6.0
|
||||
* TB will now offer to send large forwarded attachments via FileLink
|
||||
* Partially signed unencrypted messages displayed an incorrect
|
||||
"parrtially encrypted" notification
|
||||
* Attachments filenames were not sanitized before saving to disk
|
||||
* In the attachment bar, the "Import OpenPGP Key" item displayed
|
||||
for public keys displayed an error and did not import the key
|
||||
* "Open with" attachment dialog did not have a selected radio
|
||||
button option
|
||||
MFSA 2022-06 (bsc#1195682)
|
||||
* CVE-2022-22753 (bmo#1732435)
|
||||
Privilege Escalation to SYSTEM on Windows via Maintenance
|
||||
Service
|
||||
* CVE-2022-22754 (bmo#1750565)
|
||||
Extensions could have bypassed permission confirmation during
|
||||
update
|
||||
* CVE-2022-22756 (bmo#1317873)
|
||||
Drag and dropping an image could have resulted in the dropped
|
||||
object being an executable
|
||||
* CVE-2022-22759 (bmo#1739957)
|
||||
Sandboxed iframes could have executed script if the parent
|
||||
appended elements
|
||||
* CVE-2022-22760 (bmo#1740985, bmo#1748503)
|
||||
Cross-Origin responses could be distinguished between script
|
||||
and non-script content-types
|
||||
* CVE-2022-22761 (bmo#1745566)
|
||||
frame-ancestors Content Security Policy directive was not
|
||||
enforced for framed extension pages
|
||||
* CVE-2022-22763 (bmo#1740534)
|
||||
Script Execution during invalid object state
|
||||
* CVE-2022-22764 (bmo#1742682, bmo#1744165, bmo#1746545,
|
||||
bmo#1748210, bmo#1748279)
|
||||
Memory safety bugs fixed in Thunderbird 91.6
|
||||
- do not use ccache by default
|
||||
- removed obsolete mozilla-bmo1745560.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Sat Jan 22 09:57:59 UTC 2022 - Manfred Hollstein <manfred.h@gmx.net>
|
||||
|
||||
|
@ -2,7 +2,7 @@
|
||||
# spec file
|
||||
#
|
||||
# Copyright (c) 2022 SUSE LLC
|
||||
# 2006-2021 Wolfgang Rosenauer <wr@rosenauer.org>
|
||||
# 2006-2022 Wolfgang Rosenauer <wr@rosenauer.org>
|
||||
#
|
||||
# All modifications and additions to the file contributed by third parties
|
||||
# remain the property of their copyright owners, unless otherwise agreed
|
||||
@ -26,8 +26,8 @@
|
||||
# major 69
|
||||
# mainver %major.99
|
||||
%define major 91
|
||||
%define mainver %major.5.1
|
||||
%define orig_version 91.5.1
|
||||
%define mainver %major.6.0
|
||||
%define orig_version 91.6.0
|
||||
%define orig_suffix %{nil}
|
||||
%define update_channel release
|
||||
%define source_prefix thunderbird-%{orig_version}
|
||||
@ -38,9 +38,6 @@
|
||||
# upstream default is clang (to use gcc for large parts set to 0)
|
||||
%define clang_build 0
|
||||
|
||||
# PIE, full relro
|
||||
%define build_hardened 1
|
||||
|
||||
%bcond_with only_print_mozconfig
|
||||
|
||||
%bcond_without mozilla_tb_kde4
|
||||
@ -48,7 +45,7 @@
|
||||
%bcond_without mozilla_tb_optimize_for_size
|
||||
|
||||
# define if ccache should be used or not
|
||||
%define useccache 1
|
||||
%define useccache 0
|
||||
|
||||
# Firefox only supports i686
|
||||
%ifarch %ix86
|
||||
@ -207,7 +204,6 @@ Patch28: mozilla-libavcodec58_91.patch
|
||||
Patch29: mozilla-silence-no-return-type.patch
|
||||
Patch30: mozilla-bmo531915.patch
|
||||
Patch31: mozilla-bmo1724679.patch
|
||||
Patch32: mozilla-bmo1745560.patch
|
||||
%endif
|
||||
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
||||
PreReq: /bin/sh
|
||||
@ -310,7 +306,6 @@ fi
|
||||
%patch29 -p1
|
||||
%patch30 -p1
|
||||
%patch31 -p1
|
||||
%patch32 -p1
|
||||
%endif
|
||||
|
||||
%build
|
||||
@ -366,9 +361,7 @@ export CFLAGS="$CFLAGS -fimplicit-constexpr"
|
||||
# Limit RAM usage during link
|
||||
export LDFLAGS="${LDFLAGS} -Wl,--no-keep-memory -Wl,--reduce-memory-overheads"
|
||||
%endif
|
||||
%if 0%{?build_hardened}
|
||||
export LDFLAGS="${LDFLAGS} -fPIC -Wl,-z,relro,-z,now"
|
||||
%endif
|
||||
%ifarch ppc64 ppc64le
|
||||
%if 0%{?clang_build} == 0
|
||||
export CFLAGS="$CFLAGS -mminimal-toc"
|
||||
@ -530,9 +523,10 @@ sed -r '/^(ja-JP-mac|en-US|$)/d;s/ .*$//' $RPM_BUILD_DIR/%{source_prefix}/comm/m
|
||||
>> %{_tmppath}/translations.$_l10ntarget
|
||||
' -- {}
|
||||
%endif
|
||||
|
||||
%if 0%{useccache} != 0
|
||||
ccache -s
|
||||
%endif
|
||||
%endif
|
||||
|
||||
%install
|
||||
cd $RPM_BUILD_DIR/obj
|
||||
|
@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:bf372dd234e130669ceca5b15b2a312893b03f6d7a7e14bcb3c8b10822943ff8
|
||||
size 28849860
|
3
l10n-91.6.0.tar.xz
Normal file
3
l10n-91.6.0.tar.xz
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:2a949123ba7b07ac78562ebb9038b691b072823c0237d1644c05fd4464319cfc
|
||||
size 28819616
|
@ -1,14 +0,0 @@
|
||||
diff --git a/widget/gtk/mozwayland/mozwayland.c b/widget/gtk/mozwayland/mozwayland.c
|
||||
--- a/widget/gtk/mozwayland/mozwayland.c
|
||||
+++ b/widget/gtk/mozwayland/mozwayland.c
|
||||
@@ -200,3 +200,10 @@
|
||||
|
||||
MOZ_EXPORT void wl_list_insert_list(struct wl_list* list,
|
||||
struct wl_list* other) {}
|
||||
+
|
||||
+MOZ_EXPORT struct wl_proxy* wl_proxy_marshal_flags(
|
||||
+ struct wl_proxy* proxy, uint32_t opcode,
|
||||
+ const struct wl_interface* interface, uint32_t version, uint32_t flags,
|
||||
+ ...) {
|
||||
+ return NULL;
|
||||
+}
|
@ -1,10 +1,10 @@
|
||||
PRODUCT="thunderbird"
|
||||
CHANNEL="esr91"
|
||||
VERSION="91.5.1"
|
||||
VERSION="91.6.0"
|
||||
VERSION_SUFFIX=""
|
||||
PREV_VERSION="91.5.0"
|
||||
PREV_VERSION="91.5.1"
|
||||
PREV_VERSION_SUFFIX=""
|
||||
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
|
||||
RELEASE_REPO="https://hg.mozilla.org/releases/comm-esr91"
|
||||
RELEASE_TAG="46a4af6b62978ae76a41fcf57bc3309c4d9bb22e"
|
||||
RELEASE_TIMESTAMP="20220120011414"
|
||||
RELEASE_TAG="676bfbddd4b3ed77f818b6b07d9d8a79c61be4da"
|
||||
RELEASE_TIMESTAMP="20220204195633"
|
||||
|
@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:15918d48c59988ddeba3c7b5d98cf483db9c38a782dfbf6472dc889fed9b9c8a
|
||||
size 405332676
|
@ -1,16 +0,0 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQIzBAABCgAdFiEEQ2D+IQnEl2MYb44h6+QekPbxL20FAmHqDckACgkQ6+QekPbx
|
||||
L22h3g/9Gtqoij3wrjH4hRjcaoq7/kLdouDTLXLWUs8yO3UdPJlsssdkFrYHpvXB
|
||||
/WjXSDS7FY6mPxVWIDgeF2N8s07fIeDFB5tCAzJhpb4hpkYIrszGJXed7vvuJZmC
|
||||
BzXqPZdhLi6njo6iHwtPFWoidrT+fOEM4tdFUG2pVSjrUNr5A3QbQySzyuwh5G1W
|
||||
sj5SmtqotwZY60r3tx2j81PcxU3pn29piU7NJ9ma/PTmxj3vI6xZWfsvYk3UJnNK
|
||||
RbMlVwyj10qQKAHYB7mLba7GzSqWBGezeyysTtTinR7qMC3CPopYfOSfwcL+FJul
|
||||
lUFvYhIQlcXRIRcp1AHTspfGGIHgpVrJBQK2iIcsFmxXpCNkJq6m2Z7O//YyQslN
|
||||
uxJpMCMXtEr1ULATJVMoI963e+3C0bJz4FpzcN3Xoh++GmifKeo+DhW0Hq7uR/Yq
|
||||
PJr9ci99ti4wtsDVm4UKgqx7PQm1Mg3Gp8c1EKx05pRMjg64zBzAL84wa+oi8lTM
|
||||
LyVFFyIn5Jslt9izudQrgB1TXcCChEt+HK8yPRWUBqAqMXNuCj7gaSA2CN1yXKsx
|
||||
tO5ijyXX2XP4NgVfn9p+iI48geEfKB4YJMmNFzfXbhOp1yQ48uGd0kYoLFl9K79m
|
||||
5ysFEzl5qXH586YPYECMQheFZmKI3679EGzDgq4JawXnE1swshU=
|
||||
=n0Mf
|
||||
-----END PGP SIGNATURE-----
|
3
thunderbird-91.6.0.source.tar.xz
Normal file
3
thunderbird-91.6.0.source.tar.xz
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:e9c6a82a41c869ce291d50352250856cbb3e9be8e603038be72cd5bc52438afb
|
||||
size 404738672
|
16
thunderbird-91.6.0.source.tar.xz.asc
Normal file
16
thunderbird-91.6.0.source.tar.xz.asc
Normal file
@ -0,0 +1,16 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQIzBAABCgAdFiEEQ2D+IQnEl2MYb44h6+QekPbxL20FAmH9ursACgkQ6+QekPbx
|
||||
L22lAQ/+KaxdNSpa33jrG9KtWEk/gPpSQAKyeZmqpKuNpnlPowM8gAb5cehPEhtm
|
||||
olzcdZV3CNS2KPIkd7fa+UuncV3Ze9zoD3HlDmGobduzpP0NZtDiW4xPnidFDrKG
|
||||
d1YvLoCR7lSD9TSN+yhNwqWkyqJdeFkyZ4tiJhIzz0sPjdOf+DzaQVIokZ4aOLR5
|
||||
I9Yn7LB5Q3ijt+NhZeGKPVgHgWwQxwyI/xW4pHxGQX1nSyHQHTmMLp3QToEej0OU
|
||||
tAwA3ZlPMNhbl+G6wejXQPJZUigfUQxme6hE6//CAmVlIJWdgmqY6zEDJMwHk+A9
|
||||
VEHaVp1bnUaV9FSrHYpCo17zgwdia2MXeQUJWLllUwiOJQh/leXu4MP5yMGOL4ll
|
||||
i9bu7avAT077m1wpwMxqV39bVf2YR0o3KpAUa5sx46TuusUBzSpxb95c4dsapP8q
|
||||
rywnJxUACIo5jP3v97GLkrE/481YNSjtdYIoKJn3oEIOMgKQfOs7fAK+IyEc35LD
|
||||
JHf/87v3015k95s1eYpqYvR3LbJrbei72SbtrIURYy+4fiz1G7CYOa0gfvinM/S6
|
||||
b8+8ND/E/qg9UySofyRzSSMY2mlHBmfoFCe8P99kuwNVGNTMeuB40HK/UuZS7MXH
|
||||
PxXy97LbPmNoBZPLaK1NY3bk64gJNyr8DD1fE1QO1fdSwh0Tx6A=
|
||||
=kv22
|
||||
-----END PGP SIGNATURE-----
|
Loading…
Reference in New Issue
Block a user