Accepting request 1120173 from mozilla:Factory

- Mozilla Thunderbird 115.4.1 https://www.thunderbird.net/en-US/thunderbird/115.4.1/releasenotes https://www.thunderbird.net/en-US/thunderbird/115.4.0/releasenotes MFSA 2023-47 (bsc#1216338) * CVE-2023-5721 (bmo#1830820) Queued up rendering could have allowed websites to clickjack * CVE-2023-5732 (bmo#1690979, bmo#1836962) Address bar spoofing via bidirectional characters * CVE-2023-5724 (bmo#1836705) Large WebGL draw could have led to a crash * CVE-2023-5725 (bmo#1845739) WebExtensions could open arbitrary URLs * CVE-2023-5726 (bmo#1846205) Full screen notification obscured by file open dialog on macOS * CVE-2023-5727 (bmo#1847180) Download Protections were bypassed by .msix, .msixbundle, .appx, and .appxbundle files on Windows * CVE-2023-5728 (bmo#1852729) Improper object tracking during GC in the JavaScript engine could have led to a crash. * CVE-2023-5730 (bmo#1836607, bmo#1840918, bmo#1848694, bmo#1848833, bmo#1850191, bmo#1850259, bmo#1852596, bmo#1853201, bmo#1854002, bmo#1855306, bmo#1855640, bmo#1856695) Memory safety bugs fixed in Firefox 119, Firefox ESR 115.4, and Thunderbird 115.4.1 - removed obsolete mozilla-bmo1846703.patch - Mozilla Thunderbird 115.3.3 * fixed: "Folder Location" toolbar button did not work for local folders (bmo#1843979) OBS-URL: https://build.opensuse.org/request/show/1120173 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=321
2023-10-25 16:03:34 +00:00 · 2023-10-25 16:03:34 +00:00 · 759308472e
commit 759308472e
parent 5356bd4c50 62f65fe0ea
9 changed files with 71 additions and 85 deletions
--- a/MozillaThunderbird.changes
+++ b/MozillaThunderbird.changes
@ -1,3 +1,49 @@
+-------------------------------------------------------------------
+Tue Oct 24 20:52:32 UTC 2023 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 115.4.1
+  https://www.thunderbird.net/en-US/thunderbird/115.4.1/releasenotes
+  https://www.thunderbird.net/en-US/thunderbird/115.4.0/releasenotes
+  MFSA 2023-47 (bsc#1216338)
+  * CVE-2023-5721 (bmo#1830820)
+    Queued up rendering could have allowed websites to clickjack
+  * CVE-2023-5732 (bmo#1690979, bmo#1836962)
+    Address bar spoofing via bidirectional characters
+  * CVE-2023-5724 (bmo#1836705)
+    Large WebGL draw could have led to a crash
+  * CVE-2023-5725 (bmo#1845739)
+    WebExtensions could open arbitrary URLs
+  * CVE-2023-5726 (bmo#1846205)
+    Full screen notification obscured by file open dialog on macOS
+  * CVE-2023-5727 (bmo#1847180)
+    Download Protections were bypassed by .msix, .msixbundle,
+    .appx, and .appxbundle files on Windows
+  * CVE-2023-5728 (bmo#1852729)
+    Improper object tracking during GC in the JavaScript engine
+    could have led to a crash.
+  * CVE-2023-5730 (bmo#1836607, bmo#1840918, bmo#1848694, bmo#1848833,
+    bmo#1850191, bmo#1850259, bmo#1852596, bmo#1853201, bmo#1854002,
+    bmo#1855306, bmo#1855640, bmo#1856695)
+    Memory safety bugs fixed in Firefox 119, Firefox ESR 115.4,
+    and Thunderbird 115.4.1
+- removed obsolete mozilla-bmo1846703.patch
+
+-------------------------------------------------------------------
+Tue Oct 24 16:58:42 UTC 2023 - Andreas Stieger <andreas.stieger@gmx.de>
+
+- Mozilla Thunderbird 115.3.3
+  * fixed: "Folder Location" toolbar button did not work for
+    local folders (bmo#1843979)
+  * fixed: "Copy to <folder name> again" option disappeared from
+    context menu after copying to Gmail folder with non-ASCII
+    name (bmo#1856712)
+  * fixed: Default reply identity did not use "Delivered-To"
+    address when catch-all was active (bmo#1815559)
+  * fixed: "View Headers All" did not work when selected in
+    standalone message window (bmo#1855316)
+  * fixed: Viewing the mail filter log displayed an error if no
+    log file was present (bmo#1789244)
+
 -------------------------------------------------------------------
 Tue Oct 10 07:23:52 UTC 2023 - Wolfgang Rosenauer <wr@rosenauer.org>

--- a/MozillaThunderbird.spec
+++ b/MozillaThunderbird.spec
@ -29,8 +29,8 @@
 # major 69
 # mainver %%major.99
 %define major          115
-%define mainver        %major.3.2
-%define orig_version   115.3.2
+%define mainver        %major.4.1
+%define orig_version   115.4.1
 %define orig_suffix    %nil
 %define update_channel release
 %define source_prefix  thunderbird-%{orig_version}
@ -203,7 +203,6 @@ Patch19:        svg-rendering.patch
 Patch20:        mozilla-partial-revert-1768632.patch
 Patch21:        mozilla-bmo1775202.patch
 Patch22:        mozilla-rust-disable-future-incompat.patch
-Patch23:        mozilla-bmo1846703.patch
 %endif
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 PreReq:         /bin/sh
--- a/l10n-115.4.1.tar.xz
+++ b/l10n-115.4.1.tar.xz
--- a/mozilla-bmo1846703.patch
+++ b/mozilla-bmo1846703.patch
@ -1,59 +0,0 @@
-diff -rup a/media/ffvpx/libavcodec/x86/mathops.h b/media/ffvpx/libavcodec/x86/mathops.h
--- a/media/ffvpx/libavcodec/x86/mathops.h	2023-09-28 20:57:25.994782086 +0200
-+++ b/media/ffvpx/libavcodec/x86/mathops.h	2023-09-28 20:57:50.084785348 +0200
-@@ -35,12 +35,20 @@
- static av_always_inline av_const int MULL(int a, int b, unsigned shift)
- {
-     int rt, dummy;
-+    if (__builtin_constant_p(shift))
-     __asm__ (
-         "imull %3               \n\t"
-         "shrdl %4, %%edx, %%eax \n\t"
-         :"=a"(rt), "=d"(dummy)
-        :"a"(a), "rm"(b), "ci"((uint8_t)shift)
-+        :"a"(a), "rm"(b), "i"(shift & 0x1F)
-     );
-+    else
-+        __asm__ (
-+            "imull %3               \n\t"
-+            "shrdl %4, %%edx, %%eax \n\t"
-+            :"=a"(rt), "=d"(dummy)
-+            :"a"(a), "rm"(b), "c"((uint8_t)shift)
-+        );
-     return rt;
- }
- 
-@@ -113,19 +121,31 @@ __asm__ volatile(\
- // avoid +32 for shift optimization (gcc should do that ...)
- #define NEG_SSR32 NEG_SSR32
- static inline  int32_t NEG_SSR32( int32_t a, int8_t s){
-+    if (__builtin_constant_p(s))
-     __asm__ ("sarl %1, %0\n\t"
-          : "+r" (a)
-         : "ic" ((uint8_t)(-s))
-+         : "i" (-s & 0x1F)
-     );
-+    else
-+        __asm__ ("sarl %1, %0\n\t"
-+               : "+r" (a)
-+               : "c" ((uint8_t)(-s))
-+        );
-     return a;
- }
- 
- #define NEG_USR32 NEG_USR32
- static inline uint32_t NEG_USR32(uint32_t a, int8_t s){
-+    if (__builtin_constant_p(s))
-     __asm__ ("shrl %1, %0\n\t"
-          : "+r" (a)
-         : "ic" ((uint8_t)(-s))
-+         : "i" (-s & 0x1F)
-     );
-+    else
-+        __asm__ ("shrl %1, %0\n\t"
-+               : "+r" (a)
-+               : "c" ((uint8_t)(-s))
-+        );
-     return a;
- }
- 
--- a/8
+++ b/8
@ -1,10 +1,10 @@
 PRODUCT="thunderbird"
 CHANNEL="esr115"
-VERSION="115.3.2"
+VERSION="115.4.1"
 VERSION_SUFFIX=""
-PREV_VERSION="115.3.1"
+PREV_VERSION="115.4.0"
 PREV_VERSION_SUFFIX=""
 #SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
 RELEASE_REPO="https://hg.mozilla.org/releases/comm-esr115"
-RELEASE_TAG="33f0ab5fb689db8eeebb23c0eae3bff1b7aec37e"
-RELEASE_TIMESTAMP="20231010142850"
+RELEASE_TAG="f9f6aede26e0991093e5935b0d85b1cb9de3c346"
+RELEASE_TIMESTAMP="20231024181440"
--- a/thunderbird-115.3.2.source.tar.xz
+++ b/thunderbird-115.3.2.source.tar.xz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:927df96af2aa51d322c7c549aca26349656230b7bf5a79f135ab0fa4ceff71d3
-size 533609600
--- a/thunderbird-115.3.2.source.tar.xz.asc
+++ b/thunderbird-115.3.2.source.tar.xz.asc
@ -1,16 +0,0 @@
-----BEGIN PGP SIGNATURE-----
-
-iQIzBAABCgAdFiEErdcHlHlwDcrf3VM34207E/PZMnQFAmUld+YACgkQ4207E/PZ
-MnQMRg/+N3ujWfmk9DBQOR4zQrMBfKmqIuxMFHMbcg583WRb1cHiPsdH6ZLtCtrl
-HY7faODg17B/tV/aI2LBuHM+gkReAJAF8Qj9Fv7ELH3R1MFYBVV3GbYoe2rMC9xZ
-5itEmmyCbH+e2PWjTxvYldEbB/cfuCKk1OYBehjUaKZ9bl9J+2lWvj7P2d6pJiXB
-uKgcHkIt1ReUafw8F5obwNfD8ucQK8k3Uk6sn1ohoz+lFmnGSotgiXKBdW4JJC4C
-f/QOzcSThsHlDLOxUTWtZJN7b1m08s8HNOdx8fI8vGSFdjz7+y3TYQL6GqC2311e
-ZMkXm9QlF4OB3/GXb6RBeWjCxJIXid3DcajgPjlFkzTzkfAhjKFNp/52TFudCjQT
-BmpYDyOIUuV1dDljInmKSAAZx8upPgXXV9JzZw+tLc/dDlt0FetPs7tw8tN2LJID
-6W5jDTYr1/9YmTtJroghiCXIj5G2PGAwnwGb6EM2AA/G/pemHyPz4aWFimmzL33e
-HFSOFFdNVgBJ6mpKfbCV8gjVwX30ookZ6+cGsh8Y5LqStPoBaYlrxy/st5UAVmDu
-tg+/mtTsBytFcADYs7WcakCVFiq5dCd9w5cW7wTkDnMJ0j0jnWj4bpWylohoKn2N
-CBTMX0NTmz6Z2P2Z68lhqGEygcnLAapfUYohVjt6+KemcymEQm0=
-=VHZV
-----END PGP SIGNATURE-----
--- a/thunderbird-115.4.1.source.tar.xz
+++ b/thunderbird-115.4.1.source.tar.xz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:9914bbcaf6d99dbaccdb5e4d32859bfbc725ab2e1f285b483fa141e411b47036
+size 537988108
--- a/thunderbird-115.4.1.source.tar.xz.asc
+++ b/thunderbird-115.4.1.source.tar.xz.asc
@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCgAdFiEErdcHlHlwDcrf3VM34207E/PZMnQFAmU4JjYACgkQ4207E/PZ
+MnQJxw//ceW2DjC6xcdahFFyczVzKZ8BJqfktsX/eAx4HAfOMQYj3ufCTn2rFAN+
+p9aW2Txx0JBCyHpvbm4cb//N83CzT5O7jjtXc+Y9s936bIPxC3zQu46LLO3ucQGm
+hmoU2fszvtGtctJHm0+ouGMQl0sZZju9kic6wmzbZFaMBGcLqPkiGB4l5myGuN3U
+1yQob+M7R8CuPKmkHC62pNP6yteLPWNbFwuRZ6K7LzhdH8kDt+FWzK2vo3VTYO/7
+kVPvkYZE42GyriQoMfBUlnTDSab3ggkKo0BdxO4Ko+poZnKOd29M9TyuRdQV6n1b
+z9lBzMeBNRZ7iOWQJdyzy0RO+KOGvSubWOyKvjhWzyY3uw8DNAIuWeTywEvMraor
+t1Tnu3AwbJUB2+fsbhBsnh303aZdq85nIzW/3fIB6OGdYObPuAvl+a/bDVd2V4N0
+OUCeDZv3o0GMrbF1aPe0GfEba7ue41+PuuQ0Ihoyg+rONEbtHB2gnUaO8pBqEEgz
+dmamhHcDCX0wbdfaQJZj7Kq7FSBSCHolTyy02SvHfhr93YL2jQuiHJ+7XnAbY85r
+niFo7znQZZlt51IUerJD+16LBmYDw7mseolSUMRzFjlLzo26aazPsFgLtyvycfLK
+X/Wbtj1bC6nIF+k9Iuo5K6y9MSGchxC+5ZlyPVsd2yyGJM4NGyg=
+=DKLX
+-----END PGP SIGNATURE-----