From c53405a61a54b7d16c4652cef698d9c03bfe049d20759596f604f39e7c56a259 Mon Sep 17 00:00:00 2001
From: Wolfgang Rosenauer <wolfgang@rosenauer.org>
Date: Fri, 17 May 2024 13:37:32 +0000
Subject: [PATCH] - Mozilla Thunderbird 115.11.0   MFSA 2024-23 (bsc#1224056)  
 * CVE-2024-4367 (bmo#1893645)     Arbitrary JavaScript execution in PDF.js  
 * CVE-2024-4767 (bmo#1878577)     IndexedDB files retained in private
 browsing mode   * CVE-2024-4768 (bmo#1886082)     Potential permissions
 request bypass via clickjacking   * CVE-2024-4769 (bmo#1886108)    
 Cross-origin responses could be distinguished between script     and
 non-script content-types   * CVE-2024-4770 (bmo#1893270)     Use-after-free
 could occur when printing to PDF   * CVE-2024-4777 (bmo#1878199, bmo#1893340)
     Memory safety bugs fixed in Firefox 126, Firefox ESR 115.11,     and
 Thunderbird 115.11

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=757
---
 MozillaThunderbird.changes             | 20 ++++++++++++++++++++
 MozillaThunderbird.spec                |  4 ++--
 l10n-115.10.2.tar.xz                   |  3 ---
 l10n-115.11.0.tar.xz                   |  3 +++
 tar_stamps                             |  6 +++---
 thunderbird-115.10.2.source.tar.xz     |  3 ---
 thunderbird-115.10.2.source.tar.xz.asc | 16 ----------------
 thunderbird-115.11.0.source.tar.xz     |  3 +++
 thunderbird-115.11.0.source.tar.xz.asc | 16 ++++++++++++++++
 9 files changed, 47 insertions(+), 27 deletions(-)
 delete mode 100644 l10n-115.10.2.tar.xz
 create mode 100644 l10n-115.11.0.tar.xz
 delete mode 100644 thunderbird-115.10.2.source.tar.xz
 delete mode 100644 thunderbird-115.10.2.source.tar.xz.asc
 create mode 100644 thunderbird-115.11.0.source.tar.xz
 create mode 100644 thunderbird-115.11.0.source.tar.xz.asc

diff --git a/MozillaThunderbird.changes b/MozillaThunderbird.changes
index 136b586..97cfa1a 100644
--- a/MozillaThunderbird.changes
+++ b/MozillaThunderbird.changes
@@ -1,3 +1,23 @@
+-------------------------------------------------------------------
+Tue May 14 21:57:55 UTC 2024 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Thunderbird 115.11.0
+  MFSA 2024-23 (bsc#1224056)
+  * CVE-2024-4367 (bmo#1893645)
+    Arbitrary JavaScript execution in PDF.js
+  * CVE-2024-4767 (bmo#1878577)
+    IndexedDB files retained in private browsing mode
+  * CVE-2024-4768 (bmo#1886082)
+    Potential permissions request bypass via clickjacking
+  * CVE-2024-4769 (bmo#1886108)
+    Cross-origin responses could be distinguished between script
+    and non-script content-types
+  * CVE-2024-4770 (bmo#1893270)
+    Use-after-free could occur when printing to PDF
+  * CVE-2024-4777 (bmo#1878199, bmo#1893340)
+    Memory safety bugs fixed in Firefox 126, Firefox ESR 115.11,
+    and Thunderbird 115.11
+
 -------------------------------------------------------------------
 Sat May  4 20:06:54 UTC 2024 - Andreas Stieger <andreas.stieger@gmx.de>
 
diff --git a/MozillaThunderbird.spec b/MozillaThunderbird.spec
index b768305..7e1284f 100644
--- a/MozillaThunderbird.spec
+++ b/MozillaThunderbird.spec
@@ -29,8 +29,8 @@
 # major 69
 # mainver %%major.99
 %define major          115
-%define mainver        %major.10.2
-%define orig_version   115.10.2
+%define mainver        %major.11.0
+%define orig_version   115.11.0
 %define orig_suffix    %nil
 %define update_channel release
 %define source_prefix  thunderbird-%{orig_version}
diff --git a/l10n-115.10.2.tar.xz b/l10n-115.10.2.tar.xz
deleted file mode 100644
index 8d07158..0000000
--- a/l10n-115.10.2.tar.xz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:27fe8ba17c28058811987470b8cb3522878d36c671cf668e4a1a383048a7997d
-size 28322844
diff --git a/l10n-115.11.0.tar.xz b/l10n-115.11.0.tar.xz
new file mode 100644
index 0000000..cab23c7
--- /dev/null
+++ b/l10n-115.11.0.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:f07fff0a5cc0b84df0c924982f95e50dfc45d39135fcd59b0c05658103dfe659
+size 28748540
diff --git a/tar_stamps b/tar_stamps
index 7dc4f45..8361a0f 100644
--- a/tar_stamps
+++ b/tar_stamps
@@ -1,10 +1,10 @@
 PRODUCT="thunderbird"
 CHANNEL="esr115"
-VERSION="115.10.2"
+VERSION="115.11.0"
 VERSION_SUFFIX=""
 PREV_VERSION="115.10.1"
 PREV_VERSION_SUFFIX=""
 #SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
 RELEASE_REPO="https://hg.mozilla.org/releases/comm-esr115"
-RELEASE_TAG="c00947d502870f27efdbf2170db1c698bf947975"
-RELEASE_TIMESTAMP="20240426204036"
+RELEASE_TAG="5b6eb36cb2ba6e8cd3508d681ca416099b330c89"
+RELEASE_TIMESTAMP="20240513132046"
diff --git a/thunderbird-115.10.2.source.tar.xz b/thunderbird-115.10.2.source.tar.xz
deleted file mode 100644
index affdc09..0000000
--- a/thunderbird-115.10.2.source.tar.xz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:47bbd0645d7636a5bd81a3e613ef3181c4760dbb476f1609812e35659b7d24e6
-size 537592900
diff --git a/thunderbird-115.10.2.source.tar.xz.asc b/thunderbird-115.10.2.source.tar.xz.asc
deleted file mode 100644
index b8e38b7..0000000
--- a/thunderbird-115.10.2.source.tar.xz.asc
+++ /dev/null
@@ -1,16 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iQIzBAABCgAdFiEErdcHlHlwDcrf3VM34207E/PZMnQFAmYvvhEACgkQ4207E/PZ
-MnT/GxAAwQiuaDrY9rvNkjc5USw8TU+wMOZLE+Oyo82nhBoBbH57LBtMtsMtDqp0
-TIkwUpeLCMviEzWl9quSnK5c8dSukN5AKm+aH+POAHrFsehgpiD9jdbUNJCNCj3S
-Ky2c+iojrLNB4IaRKrw7mtvhw4z71qLm9ptOInBgzwntZuSqL+QvFff2PYXmYaLV
-RAm5jhM4c/nEJLR4C7sND9Pdakox/gfp/SaWMI/Hp9JyKR6EERla3MrR8hTlU2hy
-nx2wmOxtHzR/1i3zO+5jCpf2wCnZxU+alDCS21ZrM8coWKHFvXOO005/M/85NTt4
-TARq8G2S/JYRTPWFRukY0TWbm32G9/NTL1TSFdX46qppc5Efum+Q16f5dlXbYFC8
-J6K2XUQvVfPGZpQQpOZFxrL2kLuim44RXXnMLY3T4r1y9PzTHqTvNpjEPWqeSnfA
-0ffpluU8tttPSakA248lu7adEWTT24Ckn31DJUJ7xXgFEdmLTKHxPINiVBmP83hR
-g4nJWO32NtZVtj2GN5JXUVNBBkH9lV2cHrEPgNjcS13hbqIvCq7MGPyCy+X6CsP6
-LG43M6vEMK6UNR0fHd6gHyqdE+BuqoICtZRoPF2yRr6YsV7Vj+3O6aNaw1OO41tR
-EcR2V+CHzSb9cCYJwqi3bAvKXhXCUFtqTk55MCwX3WNDDn7yTCw=
-=FPYA
------END PGP SIGNATURE-----
diff --git a/thunderbird-115.11.0.source.tar.xz b/thunderbird-115.11.0.source.tar.xz
new file mode 100644
index 0000000..07d7f9f
--- /dev/null
+++ b/thunderbird-115.11.0.source.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:8c3af2e78f28a06e0a15bde45ae6952c74a0e6506c2920f453fbcca901ac619c
+size 530402016
diff --git a/thunderbird-115.11.0.source.tar.xz.asc b/thunderbird-115.11.0.source.tar.xz.asc
new file mode 100644
index 0000000..1bef1de
--- /dev/null
+++ b/thunderbird-115.11.0.source.tar.xz.asc
@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCgAdFiEErdcHlHlwDcrf3VM34207E/PZMnQFAmZCLiEACgkQ4207E/PZ
+MnR7rg//dNqR7dE3GP8EZhECXyuW6yn+qMReH6C1kNAOQIPSx8YAjQ+So/MJAayp
+9b4Mku/AFgGawfCFpb0u6sXQQEOKb0pJBBY11VgKYy7wYnMAHoL7N1V9deCRzq4K
+08pXty2WcVYJe+mVjMtGoRaVvPxe3Hf/Bl8PC620Z/DJeFdpmpo5EqMP1tK7x1kD
+nXRPROPcRYVPOjc2DsC5Tgr4X7idws0Zzdw/BvfxZ6y+LG1peB6WHB+5uZkFO9Yd
+D182H+vzjZ878dMDQM3zbbt3Ic9bt/J/w6/FBOrTI0L+a5jZM25jRR+B8UL6JnXs
+zUzNrRMe82R2QyzDX1LGXJKuC5K5mQbFOLiwoLxNILixBoceHAyaj6pQn6v2wdLA
+lT+G4hW9wdIA3nBcvN7R7P3m+kYXtUXWhA24NQDP3uclbsbuzyqnJqRRNEXjMQDJ
+NglYcG9BTmt8FOIp4naiBoPACBggZ5giU2wq1rQSyW3jf6TwQ+ADBpHVUeVHHWLp
+Zn0lUtQe9tN0MbvKN4cFkq7u5KuckbfCsYZ8pimELEAOIzTWzCAtBy3lBy2aP4vr
+MHALKUgBBvxS7bc+0vMm34nUjthVg5l711XNPeQsy1mNK38pEo2wYyebdQh56roW
+1E/S/CcPwih4yxAf42SDYQrsQPe6nEbOhCHeMn8cJnDguYI9P9g=
+=z7Es
+-----END PGP SIGNATURE-----