rpm/MozillaThunderbird
SHA256
1
0
Fork 0
forked from pool/MozillaThunderbird
Code Pull Requests Activity

- update to Thunderbird 52.8 (bsc#1092548)

Browse Source 
MFSA 2018-13
  * CVE-2018-5183 (bmo#1454692)
    Backport critical security fixes in Skia
  * CVE-2018-5184 (bmo#1411592, bsc#1093152)
    Full plaintext recovery in S/MIME via chosen-ciphertext attack
  * CVE-2018-5154 (bmo#1443092)
    Use-after-free with SVG animations and clip paths
  * CVE-2018-5155 (bmo#1448774)
    Use-after-free with SVG animations and text paths
  * CVE-2018-5159 (bmo#1441941)
    Integer overflow and out-of-bounds write in Skia
  * CVE-2018-5161 (bmo#1411720)
    Hang via malformed headers
  * CVE-2018-5162 (bmo#1457721, bsc#1093152)
    Encrypted mail leaks plaintext through src attribute
  * CVE-2018-5170 (bmo#1411732)
    Filename spoofing for external attachments
  * CVE-2018-5168 (bmo#1449548)
    Lightweight themes can be installed without user interaction
  * CVE-2018-5174 (bmo#1447080) (Windows only)
    Windows Defender SmartScreen UI runs with less secure behavior
    for downloaded files in Windows 10 April 2018 Update
  * CVE-2018-5178 (bmo#1443891)
    Buffer overflow during UTF-8 to Unicode string conversion
    through legacy extension
  * CVE-2018-5185 (bmo#1450345)
    Leaking plaintext through HTML forms
  * CVE-2018-5150 (bmo#1388020,bmo#1433609,bmo#1409440,bmo#1448705,
    bmo#1451376,bmo#1452202,bmo#1444668,bmo#1393367,bmo#1411415,

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=406
This commit is contained in:
Wolfgang Rosenauer 2018-05-19 10:55:26 +00:00 committed by Git OBS Bridge
parent b632ec1b68
commit cd0e3ea9a0
8 changed files with 49 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
MozillaThunderbird.changes
View File

@ -1,3 +1,40 @@
-------------------------------------------------------------------
Sat May 19 06:16:58 UTC 2018 - wr@rosenauer.org
- update to Thunderbird 52.8 (bsc#1092548)
MFSA 2018-13
* CVE-2018-5183 (bmo#1454692)
Backport critical security fixes in Skia
* CVE-2018-5184 (bmo#1411592, bsc#1093152)
Full plaintext recovery in S/MIME via chosen-ciphertext attack
* CVE-2018-5154 (bmo#1443092)
Use-after-free with SVG animations and clip paths
* CVE-2018-5155 (bmo#1448774)
Use-after-free with SVG animations and text paths
* CVE-2018-5159 (bmo#1441941)
Integer overflow and out-of-bounds write in Skia
* CVE-2018-5161 (bmo#1411720)
Hang via malformed headers
* CVE-2018-5162 (bmo#1457721, bsc#1093152)
Encrypted mail leaks plaintext through src attribute
* CVE-2018-5170 (bmo#1411732)
Filename spoofing for external attachments
* CVE-2018-5168 (bmo#1449548)
Lightweight themes can be installed without user interaction
* CVE-2018-5174 (bmo#1447080) (Windows only)
Windows Defender SmartScreen UI runs with less secure behavior
for downloaded files in Windows 10 April 2018 Update
* CVE-2018-5178 (bmo#1443891)
Buffer overflow during UTF-8 to Unicode string conversion
through legacy extension
* CVE-2018-5185 (bmo#1450345)
Leaking plaintext through HTML forms
* CVE-2018-5150 (bmo#1388020,bmo#1433609,bmo#1409440,bmo#1448705,
bmo#1451376,bmo#1452202,bmo#1444668,bmo#1393367,bmo#1411415,
bmo#1426129)
Memory safety bugs fixed in Firefox 60, Firefox ESR 52.8 and
Thunderbird 52.8
------------------------------------------------------------------- -------------------------------------------------------------------
Wed Mar 28 01:31:17 CEST 2018 - ro@suse.de Wed Mar 28 01:31:17 CEST 2018 - ro@suse.de

4
MozillaThunderbird.spec
View File

@ -17,9 +17,9 @@
# #
%define mainversion 52.7 %define mainversion 52.8
%define update_channel release %define update_channel release
%define releasedate 201803230000 %define releasedate 201805170000
%bcond_without mozilla_tb_kde4 %bcond_without mozilla_tb_kde4
%bcond_with mozilla_tb_valgrind %bcond_with mozilla_tb_valgrind

4
compare-locales.tar.xz
View File

@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1 version https://git-lfs.github.com/spec/v1
oid sha256:5619c69ab0ddc415df1634783c3ee50c80dc6690d2bf2ce0c1d1103311c9ef87 oid sha256:691c3b54bb73f087ac1a393c94cd4d92fe88c2e910212e8ef629122463879cf6
size 28372 size 28380

4
create-tar.sh
View File

@ -2,8 +2,8 @@
CHANNEL="esr52" CHANNEL="esr52"
BRANCH="releases/comm-$CHANNEL" BRANCH="releases/comm-$CHANNEL"
RELEASE_TAG="THUNDERBIRD_52_7_0_RELEASE" RELEASE_TAG="THUNDERBIRD_52_8_0_RELEASE"
VERSION="52.7" VERSION="52.8"
echo "cloning $BRANCH..." echo "cloning $BRANCH..."
hg clone http://hg.mozilla.org/$BRANCH thunderbird hg clone http://hg.mozilla.org/$BRANCH thunderbird

3
l10n-52.7.tar.xz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:e5489e085b0432ceed78f5542b2e09380e0586d9d8cb209433c45db150783d5a
size 26230056

3
l10n-52.8.tar.xz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:eec5c42b4fa59543986bc86e4dfe624aa5d900ea838e8cef419cc25c8b09369e
size 26214028

3
thunderbird-52.7-source.tar.xz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:30e34c7c4facfe1601db7a9983a2dc1375b417ed7af35758256d38b6dcae9ad1
size 242326388

3
thunderbird-52.8-source.tar.xz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:aad1950fcf929bf557f977cbc88e5577215f20e0b080fe4c1dee64fba20433a8
size 242321452