From 9bb3d7bcac12cc3f35cdffbd430c740cf8daaa8a4379936f9b63f6af976ab872 Mon Sep 17 00:00:00 2001
From: Wolfgang Rosenauer <wolfgang@rosenauer.org>
Date: Mon, 29 Oct 2018 08:28:50 +0000
Subject: [PATCH 1/2] Accepting request 644807 from
 home:Guillaume_G:branches:mozilla:Factory

- Update _constraints for armv6/7
- Add patch to fix build on armv7:
  * mozilla-bmo1463035.patch
- Add memory-constraints to avoid OOM errors

OBS-URL: https://build.opensuse.org/request/show/644807
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=436
---
 MozillaThunderbird.changes |  16 +++++
 MozillaThunderbird.spec    |   7 +-
 _constraints               |   9 ---
 mozilla-bmo1463035.patch   | 130 +++++++++++++++++++++++++++++++++++++
 4 files changed, 152 insertions(+), 10 deletions(-)
 create mode 100644 mozilla-bmo1463035.patch

diff --git a/MozillaThunderbird.changes b/MozillaThunderbird.changes
index 31a8c68..bb6ac28 100644
--- a/MozillaThunderbird.changes
+++ b/MozillaThunderbird.changes
@@ -1,3 +1,19 @@
+-------------------------------------------------------------------
+Thu Oct 25 14:40:14 UTC 2018 - Guillaume GARDET <guillaume.gardet@opensuse.org>
+
+- Update _constraints for armv6/7
+
+-------------------------------------------------------------------
+Thu Oct 25 08:26:12 UTC 2018 - Guillaume GARDET <guillaume.gardet@opensuse.org>
+
+- Add patch to fix build on armv7:
+  * mozilla-bmo1463035.patch
+
+-------------------------------------------------------------------
+Thu Oct 25 08:25:52 UTC 2018 - Guillaume GARDET <guillaume.gardet@opensuse.org>
+
+- Add memory-constraints to avoid OOM errors
+
 -------------------------------------------------------------------
 Fri Oct 12 14:26:17 UTC 2018 - meissner@suse.com
 
diff --git a/MozillaThunderbird.spec b/MozillaThunderbird.spec
index 96f3d8c..357702c 100644
--- a/MozillaThunderbird.spec
+++ b/MozillaThunderbird.spec
@@ -13,7 +13,7 @@
 # license that conforms to the Open Source Definition (Version 1.9)
 # published by the Open Source Initiative.
 
-# Please submit bugfixes or comments via http://bugs.opensuse.org/
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
 #
 
 
@@ -42,6 +42,7 @@ BuildRequires:  libXcomposite-devel
 BuildRequires:  libcurl-devel
 BuildRequires:  libidl-devel
 BuildRequires:  libnotify-devel
+BuildRequires:  memory-constraints
 BuildRequires:  mozilla-nspr-devel >= 4.19
 BuildRequires:  mozilla-nss-devel >= 3.36.4
 BuildRequires:  python
@@ -119,6 +120,7 @@ Patch7:         mozilla-bmo1375074.patch
 Patch8:         mozilla-bmo1464766.patch
 Patch9:         mozilla-i586-DecoderDoctorLogger.patch
 Patch10:        mozilla-i586-domPrefs.patch
+Patch11:        mozilla-bmo1463035.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 PreReq:         coreutils fileutils textutils /bin/sh
 Recommends:     libcanberra0
@@ -202,6 +204,7 @@ symbols meant for upload to Mozilla's crash collector database.
 %patch9 -p1
 %patch10 -p1
 %endif
+%patch11 -p1
 
 %build
 # no need to add build time to binaries
@@ -251,6 +254,8 @@ export MOZCONFIG=$RPM_BUILD_DIR/mozconfig
 # is not forced into CFLAGS
 export MOZ_DEBUG_FLAGS="-pipe"
 #
+# Limit RAM usage to avoid OOM
+%limit_build -m 1500
 cat << EOF > $MOZCONFIG
 mk_add_options MOZILLA_OFFICIAL=1
 mk_add_options BUILD_OFFICIAL=1
diff --git a/_constraints b/_constraints
index d08bc8a..ff2151c 100644
--- a/_constraints
+++ b/_constraints
@@ -12,15 +12,6 @@
     <conditions>
       <arch>armv6l</arch>
       <arch>armv7l</arch>
-    </conditions>
-    <hardware>
-      <memory>
-        <size unit="M">2600</size>
-      </memory>
-    </hardware>
-  </overwrite>
-  <overwrite>
-    <conditions>
       <arch>aarch64</arch>
     </conditions>
     <hardware>
diff --git a/mozilla-bmo1463035.patch b/mozilla-bmo1463035.patch
new file mode 100644
index 0000000..039f039
--- /dev/null
+++ b/mozilla-bmo1463035.patch
@@ -0,0 +1,130 @@
+
+# HG changeset patch
+# User Mike Hommey <mh+mozilla@glandium.org>
+# Date 1526871862 -32400
+# Node ID 94f21505ff13cd089f7129cd24927cf8b31a0f43
+# Parent  1800b8895c08bc0c60302775dc0a4b5ea4deb310
+Bug 1463035 - Remove MOZ_SIGNAL_TRAMPOLINE. r?darchons
+
+For some reason, GNU as is not happy with the assembly generated after
+bug 1238661 anymore on Debian armel.
+
+OTOH, as mentioned in bug 1238661 comment 4, we actually don't need this
+workaround anymore, so let's just kill it.
+
+
+diff --git a/mfbt/LinuxSignal.h b/mfbt/LinuxSignal.h
+deleted file mode 100644
+--- a/mfbt/LinuxSignal.h
++++ /dev/null
+@@ -1,45 +0,0 @@
+-/* This Source Code Form is subject to the terms of the Mozilla Public
+- * License, v. 2.0. If a copy of the MPL was not distributed with this
+- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+-
+-#ifndef mozilla_LinuxSignal_h
+-#define mozilla_LinuxSignal_h
+-
+-namespace mozilla {
+-
+-#if defined(__arm__)
+-
+-// Some (old) Linux kernels on ARM have a bug where a signal handler
+-// can be called without clearing the IT bits in CPSR first. The result
+-// is that the first few instructions of the handler could be skipped,
+-// ultimately resulting in crashes. To workaround this bug, the handler
+-// on ARM is a trampoline that starts with enough NOP instructions, so
+-// that even if the IT bits are not cleared, only the NOP instructions
+-// will be skipped over.
+-
+-template <void (*H)(int, siginfo_t*, void*)>
+-__attribute__((naked)) void
+-SignalTrampoline(int aSignal, siginfo_t* aInfo, void* aContext)
+-{
+-  asm volatile (
+-    "nop; nop; nop; nop"
+-    : : : "memory");
+-
+-  asm volatile (
+-    "b %0"
+-    :
+-    : "X"(H)
+-    : "memory");
+-}
+-
+-# define MOZ_SIGNAL_TRAMPOLINE(h) (mozilla::SignalTrampoline<h>)
+-
+-#else // __arm__
+-
+-# define MOZ_SIGNAL_TRAMPOLINE(h) (h)
+-
+-#endif // __arm__
+-
+-} // namespace mozilla
+-
+-#endif // mozilla_LinuxSignal_h
+diff --git a/mfbt/moz.build b/mfbt/moz.build
+--- a/mfbt/moz.build
++++ b/mfbt/moz.build
+@@ -117,20 +117,16 @@ EXPORTS["double-conversion"] = [
+ LOCAL_INCLUDES += [
+     '/mfbt/double-conversion',
+ ]
+ 
+ if CONFIG['OS_ARCH'] == 'WINNT':
+     EXPORTS.mozilla += [
+         'WindowsVersion.h',
+     ]
+-elif CONFIG['OS_ARCH'] == 'Linux':
+-    EXPORTS.mozilla += [
+-        'LinuxSignal.h',
+-    ]
+ 
+ UNIFIED_SOURCES += [
+     'Assertions.cpp',
+     'ChaosMode.cpp',
+     'double-conversion/double-conversion/bignum-dtoa.cc',
+     'double-conversion/double-conversion/bignum.cc',
+     'double-conversion/double-conversion/cached-powers.cc',
+     'double-conversion/double-conversion/diy-fp.cc',
+diff --git a/tools/profiler/core/platform-linux-android.cpp b/tools/profiler/core/platform-linux-android.cpp
+--- a/tools/profiler/core/platform-linux-android.cpp
++++ b/tools/profiler/core/platform-linux-android.cpp
+@@ -55,17 +55,16 @@
+ #ifdef __GLIBC__
+ #include <execinfo.h>   // backtrace, backtrace_symbols
+ #endif  // def __GLIBC__
+ #include <strings.h>    // index
+ #include <errno.h>
+ #include <stdarg.h>
+ 
+ #include "prenv.h"
+-#include "mozilla/LinuxSignal.h"
+ #include "mozilla/PodOperations.h"
+ #include "mozilla/DebugOnly.h"
+ 
+ #include <string.h>
+ #include <list>
+ 
+ using namespace mozilla;
+ 
+@@ -272,17 +271,17 @@ Sampler::Sampler(PSLockRef aLock)
+ 
+   // NOTE: We don't initialize LUL here, instead initializing it in
+   // SamplerThread's constructor. This is because with the
+   // profiler_suspend_and_sample_thread entry point, we want to be able to
+   // sample without waiting for LUL to be initialized.
+ 
+   // Request profiling signals.
+   struct sigaction sa;
+-  sa.sa_sigaction = MOZ_SIGNAL_TRAMPOLINE(SigprofHandler);
++  sa.sa_sigaction = SigprofHandler;
+   sigemptyset(&sa.sa_mask);
+   sa.sa_flags = SA_RESTART | SA_SIGINFO;
+   if (sigaction(SIGPROF, &sa, &mOldSigprofHandler) != 0) {
+     MOZ_CRASH("Error installing SIGPROF handler in the profiler");
+   }
+ }
+ 
+ void
+

From effd24db38d34959b6dd927955b4322b1b451d5bfc09c6f26e6952df0e735fa1 Mon Sep 17 00:00:00 2001
From: Wolfgang Rosenauer <wolfgang@rosenauer.org>
Date: Thu, 1 Nov 2018 17:28:09 +0000
Subject: [PATCH 2/2] - update to Thunderbird 60.3.0   * various theme fixes  
 * Shift+PageUp/PageDown in Write window   * Gloda attachment filtering   *
 Mailing list address auto-complete enter/return handling   * Thunderbird hung
 if HTML signature references non-existent image   * Filters not working for
 headers that appear more than once - Security fixes for the Mozilla platform
 picked up from 60.3   (Firefox ESR release). In general, these flaws cannot
 be exploited   through email in Thunderbird because scripting is disabled
 when   reading mail, but are potentially risks in browser or browser-like  
 contexts (MFSA 2018-28) (bsc#1112852)   * CVE-2018-12391 (bmo#1478843)
 (Android only)     HTTP Live Stream audio data is accessible cross-origin   *
 CVE-2018-12392 (bmo#1492823)     Crash with nested event loops   *
 CVE-2018-12393 (bmo#1495011)     Integer overflow during Unicode conversion
 while loading JavaScript   * CVE-2018-12389 (bmo#1498460, bmo#1499198)    
 Memory safety bugs fixed in Firefox ESR 60.3   * CVE-2018-12390 (bmo#1487098,
 bmo#1487660, bmo#1490234, bmo#1496159,     bmo#1443748, bmo#1496340,
 bmo#1483905, bmo#1493347, bmo#1488803,     bmo#1498701, bmo#1498482,
 bmo#1442010, bmo#1495245, bmo#1483699,     bmo#1469486, bmo#1484905,
 bmo#1490561, bmo#1492524, bmo#1481844)     Memory safety bugs fixed in
 Firefox 63 and Firefox ESR 60.3

  * Fix security info dialog in compose window not showing

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=437
---
 MozillaThunderbird.changes           | 37 +++++++++++++++++++++++++---
 MozillaThunderbird.spec              |  4 +--
 compare-locales.tar.xz               |  4 +--
 create-tar.sh                        |  6 ++---
 l10n-60.2.1.tar.xz                   |  3 ---
 l10n-60.3.0.tar.xz                   |  3 +++
 thunderbird-60.2.1.source.tar.xz     |  3 ---
 thunderbird-60.2.1.source.tar.xz.asc | 17 -------------
 thunderbird-60.3.0.source.tar.xz     |  3 +++
 thunderbird-60.3.0.source.tar.xz.asc | 17 +++++++++++++
 10 files changed, 63 insertions(+), 34 deletions(-)
 delete mode 100644 l10n-60.2.1.tar.xz
 create mode 100644 l10n-60.3.0.tar.xz
 delete mode 100644 thunderbird-60.2.1.source.tar.xz
 delete mode 100644 thunderbird-60.2.1.source.tar.xz.asc
 create mode 100644 thunderbird-60.3.0.source.tar.xz
 create mode 100644 thunderbird-60.3.0.source.tar.xz.asc

diff --git a/MozillaThunderbird.changes b/MozillaThunderbird.changes
index bb6ac28..db9ca39 100644
--- a/MozillaThunderbird.changes
+++ b/MozillaThunderbird.changes
@@ -1,16 +1,45 @@
 -------------------------------------------------------------------
-Thu Oct 25 14:40:14 UTC 2018 - Guillaume GARDET <guillaume.gardet@opensuse.org>
+Tue Oct 30 08:18:23 UTC 2018 - wr@rosenauer.org
+
+- update to Thunderbird 60.3.0
+  * various theme fixes
+  * Shift+PageUp/PageDown in Write window
+  * Gloda attachment filtering
+  * Mailing list address auto-complete enter/return handling
+  * Thunderbird hung if HTML signature references non-existent image
+  * Filters not working for headers that appear more than once
+- Security fixes for the Mozilla platform picked up from 60.3
+  (Firefox ESR release). In general, these flaws cannot be exploited
+  through email in Thunderbird because scripting is disabled when
+  reading mail, but are potentially risks in browser or browser-like
+  contexts (MFSA 2018-28) (bsc#1112852)
+  * CVE-2018-12391 (bmo#1478843) (Android only)
+    HTTP Live Stream audio data is accessible cross-origin
+  * CVE-2018-12392 (bmo#1492823)
+    Crash with nested event loops
+  * CVE-2018-12393 (bmo#1495011)
+    Integer overflow during Unicode conversion while loading JavaScript
+  * CVE-2018-12389 (bmo#1498460, bmo#1499198)
+    Memory safety bugs fixed in Firefox ESR 60.3
+  * CVE-2018-12390 (bmo#1487098, bmo#1487660, bmo#1490234, bmo#1496159,
+    bmo#1443748, bmo#1496340, bmo#1483905, bmo#1493347, bmo#1488803,
+    bmo#1498701, bmo#1498482, bmo#1442010, bmo#1495245, bmo#1483699,
+    bmo#1469486, bmo#1484905, bmo#1490561, bmo#1492524, bmo#1481844)
+    Memory safety bugs fixed in Firefox 63 and Firefox ESR 60.3
+
+-------------------------------------------------------------------
+Thu Oct 25 14:40:14 UTC 2018 - guillaume.gardet@opensuse.org
 
 - Update _constraints for armv6/7
 
 -------------------------------------------------------------------
-Thu Oct 25 08:26:12 UTC 2018 - Guillaume GARDET <guillaume.gardet@opensuse.org>
+Thu Oct 25 08:26:12 UTC 2018 - guillaume.gardet@opensuse.org
 
 - Add patch to fix build on armv7:
   * mozilla-bmo1463035.patch
 
 -------------------------------------------------------------------
-Thu Oct 25 08:25:52 UTC 2018 - Guillaume GARDET <guillaume.gardet@opensuse.org>
+Thu Oct 25 08:25:52 UTC 2018 - guillaume.gardet@opensuse.org
 
 - Add memory-constraints to avoid OOM errors
 
@@ -31,7 +60,7 @@ Tue Oct  2 10:08:00 UTC 2018 - wr@rosenauer.org
   * Fix multiple requests for master password when Google Mail or
     Calendar OAuth2 is enabled
   * Fix scrollbar of the address entry auto-complete popup
-  * Fix security info dialog in compose window not showing 
+  * Fix security info dialog in compose window not showing
     certificate status
   * Fix links in the Add-on Manager's search results and theme
     browsing tabs that opened in external browser
diff --git a/MozillaThunderbird.spec b/MozillaThunderbird.spec
index 357702c..ff41b81 100644
--- a/MozillaThunderbird.spec
+++ b/MozillaThunderbird.spec
@@ -17,9 +17,9 @@
 #
 
 
-%define mainversion 60.2.1
+%define mainversion 60.3.0
 %define update_channel release
-%define releasedate 20180930223627
+%define releasedate 20181025202514
 
 %bcond_without mozilla_tb_kde4
 %bcond_with    mozilla_tb_valgrind
diff --git a/compare-locales.tar.xz b/compare-locales.tar.xz
index 9da5f4a..392183b 100644
--- a/compare-locales.tar.xz
+++ b/compare-locales.tar.xz
@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:ad03f7c20354dd56fa2501c5018e7b2ce512315da9b462c37358f4b7d30b26af
-size 28372
+oid sha256:158df1b15780d704364f4d7ee7eb6289252d8f338ce6823da325bb0129a65181
+size 28432
diff --git a/create-tar.sh b/create-tar.sh
index 14a69c7..0971bd1 100644
--- a/create-tar.sh
+++ b/create-tar.sh
@@ -2,9 +2,9 @@
 
 CHANNEL="esr60"
 BRANCH="releases/comm-$CHANNEL"
-RELEASE_TAG="5cdee4ae33c0868ae420a5a826c63b42d823c584"
-MOZ_RELEASE_TAG="8d71faee5dcdd0773b7e0830b8fad96a6bda559b"
-VERSION="60.2.1"
+RELEASE_TAG="dd958ef605d132d08a063f29606737ffb3453e68"
+MOZ_RELEASE_TAG="ab014151d4c338562949c28aa140786b548856ca"
+VERSION="60.3.0"
 VERSION_SUFFIX=""
 LOCALE_FILE="thunderbird-$VERSION/comm/mail/locales/l10n-changesets.json"
 
diff --git a/l10n-60.2.1.tar.xz b/l10n-60.2.1.tar.xz
deleted file mode 100644
index 57b1570..0000000
--- a/l10n-60.2.1.tar.xz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:6cfc0c4dd586141d79fde3aa1360c50bd78f90ef393484a7112f8afd416e2067
-size 27451556
diff --git a/l10n-60.3.0.tar.xz b/l10n-60.3.0.tar.xz
new file mode 100644
index 0000000..bd7030f
--- /dev/null
+++ b/l10n-60.3.0.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:7be94c4cce5562e3a414691beee347a8b4940c41742e8270090d8b4215fcefb9
+size 27433892
diff --git a/thunderbird-60.2.1.source.tar.xz b/thunderbird-60.2.1.source.tar.xz
deleted file mode 100644
index 7883e8b..0000000
--- a/thunderbird-60.2.1.source.tar.xz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:d313f25cd7ddc016bf8e4d4115f14b34a66621c0feabbc0dd72f9304cb93d7bf
-size 284570000
diff --git a/thunderbird-60.2.1.source.tar.xz.asc b/thunderbird-60.2.1.source.tar.xz.asc
deleted file mode 100644
index 8ab3acc..0000000
--- a/thunderbird-60.2.1.source.tar.xz.asc
+++ /dev/null
@@ -1,17 +0,0 @@
------BEGIN PGP SIGNATURE-----
-Version: GnuPG v2.0.14 (GNU/Linux)
-
-iQIcBAABCAAGBQJbsjeEAAoJELu+vbskxvNV2hEP/3dWNPNcF0+A1S+ePf/JXyn8
-a3DFlu2s7ihtsFy4EW7CcOHyMdRIiKAPlrCKJR4DQorL0C1S+Q/WaFyyibQX3oSi
-Q/g1Ch1sKKz03YIKweLHzz0eTQDvcxY2AbJkrsJNNrZH/5MvCh0jbohWeBwsJ3s7
-OtxPDAHBSSL0oJOj6klrBfWMLamOyBhiH8RdUTJzsIHuKusco6hJwlilQrwnfTZB
-FZfp88D69v2bQS1JdkzJvSQFD0GsS75fej3qwvqMiUiuBFl4KYD+oly0Th3XqHt6
-PD+1YqagRPpZt253Sv12KUG06OkoK+TgTiseKbY1lT2k+4TvSw68jocZbsIYuOFH
-uxyVWQhWxkwvcxeD1qZr0r0NjFd8uFvG72G6JxRfYUO2XjGKBqYjexUhI8zzAoyU
-00AmnwyeTEMg8Y/PTlh7NxKMITJFUX5HAatSB9eyBgQdKcalbZb+lCQZzccv9kd6
-9JxeRg+8TlM8SNOv3upLdqH8m2DCNCgWpURJW10+jf5O1qIm5G2K2lvffum9lTJ+
-cOu8+WN5lFR9UV3f0nAvWDb7KeK/i+pIDVozhCKXuGJbWRguhtVQICJBzYcn3lk0
-VB/xHlDrK4oIEG/BWAWAZsDt8ScRn4d0bwIVPC/NAN14AaritBFcR6lwfBGRH6on
-pbq7+PPTen/nfk303ub5
-=y8ku
------END PGP SIGNATURE-----
diff --git a/thunderbird-60.3.0.source.tar.xz b/thunderbird-60.3.0.source.tar.xz
new file mode 100644
index 0000000..156315b
--- /dev/null
+++ b/thunderbird-60.3.0.source.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:23fc097a5aa62006919029df890e5e2bec38c2c3e6081723040ef702ff6e4a7b
+size 285211708
diff --git a/thunderbird-60.3.0.source.tar.xz.asc b/thunderbird-60.3.0.source.tar.xz.asc
new file mode 100644
index 0000000..25c9d50
--- /dev/null
+++ b/thunderbird-60.3.0.source.tar.xz.asc
@@ -0,0 +1,17 @@
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2.0.14 (GNU/Linux)
+
+iQIcBAABCAAGBQJb2EY1AAoJELu+vbskxvNVjCAP+wVmU2xhLhneLRJ/0iE6wWD6
+PH/9lt/wNi8KutxeVzfrnS1AS/RnpgbTkbVg9FZqzJQ30SjhQ4u/3i7MsgFpCS4Y
+qhNs0sIvp7RKDTd+2wubk+/GLoDSPlSdEJO3jTUXBc6D25GzMfrd89kShJsLlfb8
+WqFchIwP3ivlIaocL5/I1+GOhP4KxND10RgEICKwwJ3qlE+AKsX+pGWvM7McKjuJ
+Usnss7BtXB/QfjjJEdTMCx+imFPbUV4SWg9UaY5H/sPHxhlNbulHgGjuUdFJPrU5
+RSCkkOYodp/XsIvVneswGmoqd3g9v3rF5Dari1YavxSB/LguafDmny83hgVnyiUp
+KohhntuQmLuOaT1YL78igc1QY/edtFd8wpsjwI27aIuI20wqT0kN+maSOExvavDI
+Z60SIflw12GOg9ZqnsWiOdc67reD0fT8e56xfSOXELQUklDBubg9Lxz4P/06zFUb
+cvNd961Cg3GuYloBkTpWKMcuvfRiGmR+EbHFTVEHbcYsdvWaAHHmcbup18ak/fUx
+LoheXza7zXbjYrwWyEWiXuhpFFzuqSLojeuBW8omklw8Ia3+p+4NZHCFUjt+3eEh
+AQpLf7Jh0UCogXKEgUowPyetUv1oBYWosyRLvkBBUwZaZ+DvjLneRf6bDB/BCoSE
+lrUVNb11lX42wHZpcJVB
+=KX6F
+-----END PGP SIGNATURE-----