From bbc012a208f91e8790dba571256ad27945f9189befadd00e4b5261c22a480353 Mon Sep 17 00:00:00 2001
From: Wolfgang Rosenauer <wolfgang@rosenauer.org>
Date: Wed, 20 Dec 2023 08:34:54 +0000
Subject: [PATCH] - Mozilla Thunderbird 115.6.0  
 https://www.thunderbird.net/en-US/thunderbird/115.6.0/releasenotes/   *
 Message selection misbehaved after selecting a sub-message in an     expanded
 thread, collapsing the thread, then pressing up/down to     move selection  
 * Thunderbird now attempts to reconnect on a new connection after     SMTP
 4xx errors   * HTML FileLink attachments used the wrong encoding   MFSA
 2023-55 (bsc#1217230)   * CVE-2023-50762 (bmo#1862625)     Truncated signed
 text was shown with a valid OpenPGP     signature   * CVE-2023-50761
 (bmo#1865647)     S/MIME signature accepted despite mismatching message date 
  * CVE-2023-6856 (bmo#1843782)     Heap-buffer-overflow affecting WebGL
 DrawElementsInstanced     method with Mesa VM driver   * CVE-2023-6857
 (bmo#1796023)     Symlinks may resolve to smaller than expected buffers   *
 CVE-2023-6858 (bmo#1826791)     Heap buffer overflow in nsTextFragment   *
 CVE-2023-6859 (bmo#1840144)     Use-after-free in PR_GetIdentitiesLayer   *
 CVE-2023-6860 (bmo#1854669)     Potential sandbox escape due to VideoBridge
 lack of texture     validation   * CVE-2023-6861 (bmo#1864118)     Heap
 buffer overflow affected nsWindow::PickerOpen(void) in     headless mode   *
 CVE-2023-6862 (bmo#1868042)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=741
---
 MozillaThunderbird.changes            | 42 +++++++++++++++++++++++++++
 MozillaThunderbird.spec               |  4 +--
 l10n-115.5.2.tar.xz                   |  3 --
 l10n-115.6.0.tar.xz                   |  3 ++
 tar_stamps                            |  8 ++---
 thunderbird-115.5.2.source.tar.xz     |  3 --
 thunderbird-115.5.2.source.tar.xz.asc | 16 ----------
 thunderbird-115.6.0.source.tar.xz     |  3 ++
 thunderbird-115.6.0.source.tar.xz.asc | 16 ++++++++++
 9 files changed, 70 insertions(+), 28 deletions(-)
 delete mode 100644 l10n-115.5.2.tar.xz
 create mode 100644 l10n-115.6.0.tar.xz
 delete mode 100644 thunderbird-115.5.2.source.tar.xz
 delete mode 100644 thunderbird-115.5.2.source.tar.xz.asc
 create mode 100644 thunderbird-115.6.0.source.tar.xz
 create mode 100644 thunderbird-115.6.0.source.tar.xz.asc

diff --git a/MozillaThunderbird.changes b/MozillaThunderbird.changes
index 6900f1f..f8c9de7 100644
--- a/MozillaThunderbird.changes
+++ b/MozillaThunderbird.changes
@@ -1,3 +1,45 @@
+-------------------------------------------------------------------
+Sun Dec 17 12:33:37 UTC 2023 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 115.6.0
+  https://www.thunderbird.net/en-US/thunderbird/115.6.0/releasenotes/
+  * Message selection misbehaved after selecting a sub-message in an
+    expanded thread, collapsing the thread, then pressing up/down to
+    move selection
+  * Thunderbird now attempts to reconnect on a new connection after
+    SMTP 4xx errors
+  * HTML FileLink attachments used the wrong encoding
+  MFSA 2023-55 (bsc#1217230)
+  * CVE-2023-50762 (bmo#1862625)
+    Truncated signed text was shown with a valid OpenPGP
+    signature
+  * CVE-2023-50761 (bmo#1865647)
+    S/MIME signature accepted despite mismatching message date
+  * CVE-2023-6856 (bmo#1843782)
+    Heap-buffer-overflow affecting WebGL DrawElementsInstanced
+    method with Mesa VM driver
+  * CVE-2023-6857 (bmo#1796023)
+    Symlinks may resolve to smaller than expected buffers
+  * CVE-2023-6858 (bmo#1826791)
+    Heap buffer overflow in nsTextFragment
+  * CVE-2023-6859 (bmo#1840144)
+    Use-after-free in PR_GetIdentitiesLayer
+  * CVE-2023-6860 (bmo#1854669)
+    Potential sandbox escape due to VideoBridge lack of texture
+    validation
+  * CVE-2023-6861 (bmo#1864118)
+    Heap buffer overflow affected nsWindow::PickerOpen(void) in
+    headless mode
+  * CVE-2023-6862 (bmo#1868042)
+    Use-after-free in nsDNSService
+  * CVE-2023-6863 (bmo#1868901)
+    Undefined behavior in ShutdownObserver()
+  * CVE-2023-6864 (bmo#1736385, bmo#1810805, bmo#1846328,
+    bmo#1856090, bmo#1858033, bmo#1858509, bmo#1862089,
+    bmo#1862777, bmo#1864015)
+    Memory safety bugs fixed in Firefox 121, Firefox ESR 115.6,
+    and Thunderbird 115.6
+
 -------------------------------------------------------------------
 Tue Dec 12 07:21:01 UTC 2023 - Wolfgang Rosenauer <wr@rosenauer.org>
 
diff --git a/MozillaThunderbird.spec b/MozillaThunderbird.spec
index d71ec56..61cc021 100644
--- a/MozillaThunderbird.spec
+++ b/MozillaThunderbird.spec
@@ -29,8 +29,8 @@
 # major 69
 # mainver %%major.99
 %define major          115
-%define mainver        %major.5.2
-%define orig_version   115.5.2
+%define mainver        %major.6.0
+%define orig_version   115.6.0
 %define orig_suffix    %nil
 %define update_channel release
 %define source_prefix  thunderbird-%{orig_version}
diff --git a/l10n-115.5.2.tar.xz b/l10n-115.5.2.tar.xz
deleted file mode 100644
index 37b5955..0000000
--- a/l10n-115.5.2.tar.xz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:9719207e9fec6f11c58d70407374d95a219f5227666d24e9126cc738e462fa28
-size 27975916
diff --git a/l10n-115.6.0.tar.xz b/l10n-115.6.0.tar.xz
new file mode 100644
index 0000000..5af2cf3
--- /dev/null
+++ b/l10n-115.6.0.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:dc0e2c5222608ddad6e5b9b80943916daaa5bbda1e7e6af22b4d538e3a6ebd11
+size 27946352
diff --git a/tar_stamps b/tar_stamps
index 25f87da..db8d5e3 100644
--- a/tar_stamps
+++ b/tar_stamps
@@ -1,10 +1,10 @@
 PRODUCT="thunderbird"
 CHANNEL="esr115"
-VERSION="115.5.2"
+VERSION="115.6.0"
 VERSION_SUFFIX=""
-PREV_VERSION="115.5.1"
+PREV_VERSION="115.5.2"
 PREV_VERSION_SUFFIX=""
 #SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
 RELEASE_REPO="https://hg.mozilla.org/releases/comm-esr115"
-RELEASE_TAG="a8cffa1042782293f03a22eebadf4fe01b566bac"
-RELEASE_TIMESTAMP="20231208140222"
+RELEASE_TAG="fe0d3990d4cb7d12d7ce40cc6646b9c0fbf04667"
+RELEASE_TIMESTAMP="20231214145928"
diff --git a/thunderbird-115.5.2.source.tar.xz b/thunderbird-115.5.2.source.tar.xz
deleted file mode 100644
index a5c6296..0000000
--- a/thunderbird-115.5.2.source.tar.xz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:b6cf71489366215bb0c0b16f50c1a3895afb2404970944c2fbba55a426ee15ce
-size 531855444
diff --git a/thunderbird-115.5.2.source.tar.xz.asc b/thunderbird-115.5.2.source.tar.xz.asc
deleted file mode 100644
index c13f1f2..0000000
--- a/thunderbird-115.5.2.source.tar.xz.asc
+++ /dev/null
@@ -1,16 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iQIzBAABCgAdFiEErdcHlHlwDcrf3VM34207E/PZMnQFAmV3Vi4ACgkQ4207E/PZ
-MnTF1xAAj9abEDlKXruO5zlgwbGZkn7/3Z5vla/vPkEPsS8NW3Cv3NtNSi1V2nx2
-MSD6YKVVJ808LL5QnWbXq0RhQG+enb2vWk973xEUT6AiE63JwDm7mBZyG7utIRKZ
-M2Knj/Yp8VuejHBaCQ6dpbkguE9n4IntAIp319mbv5w6ZnHssKPp1Hgsz5rqQlwB
-nKvJ+/nJPdEHyu42bOeuAwCz5QhMTskDFIeU3kuoZjRzlHgionq7Pdxtkxjk3FGe
-J40FibNYX1HY7p9JnPHgR2z6c+xIueFKapUlTz2lym5D02IXagvXo0DQNiQQOh+p
-QeUk5thg1UmWu9CIb1+yZ1OULl1An1r3JNlpEcRDUDK5wx/Wn/ant9qL6GOpeL/W
-ccdG39Vhw494ZlmomtVOimJIQziB0Vd9D0JotW7WDzsTuA3BwStKiG6mvmOH1wbp
-lf6yhu/NjYZgi62zlX35rWg9GB3YHvXPnxELq+Y8MRFjBaUjxFD5eIp0l5aX6Xae
-WR87kLf6C1p5MegvnziO8Gy7xUBh0LftNoYcTCn6+R3RN/VSXDp3fpLyYP2pGRTc
-rSElhEqLnKIpbYPbGNBb+mf8L7D9LVOGzXJ+LwiIdPWMqtQmBMf8n/buQg4+oRC7
-O0sYMAXPpPkKNR+IcX2OXAPyyxIJ83/2lMTUiPgws4HiD39BkzA=
-=pvGd
------END PGP SIGNATURE-----
diff --git a/thunderbird-115.6.0.source.tar.xz b/thunderbird-115.6.0.source.tar.xz
new file mode 100644
index 0000000..3ccde3c
--- /dev/null
+++ b/thunderbird-115.6.0.source.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:7f92e41c3700b2bf3333927a8d97d1c41ca8a84e0edce44c357efc59c8e9276b
+size 536313736
diff --git a/thunderbird-115.6.0.source.tar.xz.asc b/thunderbird-115.6.0.source.tar.xz.asc
new file mode 100644
index 0000000..5e7d059
--- /dev/null
+++ b/thunderbird-115.6.0.source.tar.xz.asc
@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCgAdFiEErdcHlHlwDcrf3VM34207E/PZMnQFAmV7aGQACgkQ4207E/PZ
+MnQXJhAAhmqZSHSSwmnizraJGorxlFOSpnXLrCtLUnJMi4xPuCkLd+vg49T8xOe5
+mSs6cvFYYsV086Q81wbQmAPwJR/L5fUOewjTJcsc4DpY9uoifB+yW6eSwPRqYF2f
+N972A+TszZLO7WOH97UUP4j922pb7JWcAoBPfetkaBLIwFHtWLYzUoN2k3Surajr
+CbbT2yefarYzIxyXlB99kSrAeCNPkTz0/XLv72Vx30uFaJrmkeRX+EKbrSMNzq5R
+N1ACB6S+I8hN0IhH7Kog6XnjuH73+kAh0sAielk9KzvYKTaZ2QHpYl3gLzJNA9w+
+CzjWR4rdcp6yNC9YBg29UZ/FmDLLvVm+sbW0A2KgbhGzV0RcrlVGeo9G5Pqp623g
+R/E+KXqbIwWXoU8iWulyzNZEK1CPP/CAAXwBiBcYqhExcYVzdcs+6Npqleq71Qa4
+r2Mpbhn5izPZRYLJCVe9ieX2Tor1JSR4Rp/X5VM1sXMjqnYV5d+b7p8LJSfgOSG1
+GaggNwDH0sWZ9lvC51Oby5ZDVbcS5x1D7HzvkY//hzgxrxtzXlsRtJ8Xp97YcNkG
+fZr6MQLwlW92oyrRgDUmSrsnkQrr89ci1HVa8E75FN9GVYkwJ37AG6zZJEBV/cA7
+23cOTCH1LpA34cj7sjz1E8eQ3oBfJ73F5veSDjbjO9K3CdH0z+c=
+=Ozvx
+-----END PGP SIGNATURE-----