- update to Thunderbird 45.7.0

* Message preview pane non-functional after IMAP folder was renamed or moved * "Move To" button on "Search Messages" panel not working * Message sent to "undisclosed recipients" shows no recipient (non-functional since Thunderbird version 38) * MFSA 2017-02 (Gecko 45.7.0) CVE-2017-5375: Excessive JIT code allocation allows bypass of ASLR and DEP (bmo#1325200, boo#1021814) CVE-2017-5376: Use-after-free in XSL (bmo#1311687, boo#1021817) CVE-2017-5378: Pointer and frame data leakage of Javascript objects (bmo#1312001, bmo#1330769, boo#1021818) CVE-2017-5380: Potential use-after-free during DOM manipulations (bmo#1322107, boo#1021819) CVE-2017-5390: Insecure communication methods in Developer Tools JSON viewer (bmo#1297361, boo#1021820) CVE-2017-5396: Use-after-free with Media Decoder (bmo#1329403, boo#1021821) CVE-2017-5383: Location bar spoofing with unicode characters (bmo#1323338, bmo#1324716, boo#1021822) CVE-2017-5386: WebExtensions can use data: protocol to affect other extensions (bmo#1319070, boo#1021823) CVE-2017-5373: Memory safety bugs fixed in Firefox 51 and Firefox ESR 45.7 (boo#1021824) OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=349
2017-01-25 10:46:35 +00:00 · 2017-01-25 10:46:35 +00:00 · cd4d95cddf
commit cd4d95cddf
parent 329b61bb18
8 changed files with 42 additions and 14 deletions
--- a/MozillaThunderbird.changes
+++ b/MozillaThunderbird.changes
@ -1,3 +1,31 @@
+-------------------------------------------------------------------
+Tue Jan 24 20:43:57 UTC 2017 - wr@rosenauer.org
+
+- update to Thunderbird 45.7.0
+  * Message preview pane non-functional after IMAP folder was renamed
+    or moved
+  * "Move To" button on "Search Messages" panel not working
+  * Message sent to "undisclosed recipients" shows no recipient
+    (non-functional since Thunderbird version 38)
+  * MFSA 2017-02 (Gecko 45.7.0)
+    CVE-2017-5375: Excessive JIT code allocation allows bypass of
+                   ASLR and DEP (bmo#1325200, boo#1021814)
+    CVE-2017-5376: Use-after-free in XSL (bmo#1311687, boo#1021817)
+    CVE-2017-5378: Pointer and frame data leakage of Javascript objects
+                   (bmo#1312001, bmo#1330769, boo#1021818)
+    CVE-2017-5380: Potential use-after-free during DOM manipulations
+                   (bmo#1322107, boo#1021819)
+    CVE-2017-5390: Insecure communication methods in Developer Tools
+                   JSON viewer (bmo#1297361, boo#1021820)
+    CVE-2017-5396: Use-after-free with Media Decoder
+                   (bmo#1329403, boo#1021821)
+    CVE-2017-5383: Location bar spoofing with unicode characters
+                   (bmo#1323338, bmo#1324716, boo#1021822)
+    CVE-2017-5386: WebExtensions can use data: protocol to affect other
+                   extensions (bmo#1319070, boo#1021823)
+    CVE-2017-5373: Memory safety bugs fixed in Firefox 51 and
+                   Firefox ESR 45.7 (boo#1021824)
+
 -------------------------------------------------------------------
 Thu Dec 29 08:33:21 UTC 2016 - wr@rosenauer.org

--- a/MozillaThunderbird.spec
+++ b/MozillaThunderbird.spec
@ -1,8 +1,8 @@
 #
 # spec file for package MozillaThunderbird
 #
-# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
-#               2006-2016 Wolfgang Rosenauer <wr@rosenauer.org>
+# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
+#               2006-2017 Wolfgang Rosenauer <wr@rosenauer.org>
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@ -17,9 +17,9 @@
 #


-%define mainversion 45.6.0
+%define mainversion 45.7.0
 %define update_channel release
-%define releasedate 2016122200
+%define releasedate 2017012400

 %if %suse_version > 1310
 %define gstreamer_ver 1.0
--- a/compare-locales.tar.xz
+++ b/compare-locales.tar.xz
@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:b00a893fa3aa495805aeb20ddebd1f51e2c4c352de1eaa42bede6f5ab9119848
-size 28360
+oid sha256:48d77c57afca1ec07ed17dc0b961d446deae414dc467a8cd4b98dc97f9c59a18
+size 28336
--- a/create-tar.sh
+++ b/create-tar.sh
@ -2,8 +2,8 @@

 CHANNEL="esr45"
 BRANCH="releases/comm-$CHANNEL"
-RELEASE_TAG="THUNDERBIRD_45_6_0_RELEASE"
-VERSION="45.6.0"
+RELEASE_TAG="THUNDERBIRD_45_7_0_RELEASE"
+VERSION="45.7.0"

 echo "cloning $BRANCH..."
 hg clone http://hg.mozilla.org/$BRANCH thunderbird
--- a/l10n-45.6.0.tar.xz
+++ b/l10n-45.6.0.tar.xz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:de63f7341fc4f6724951358a574ac2fc92833df802e13a4e28544ffba3d63550
-size 24499928
--- a/l10n-45.7.0.tar.xz
+++ b/l10n-45.7.0.tar.xz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:17e3bcaa6931dbf15f68cd18c234dcdd37864b944ca3e1456e4ba0f726c84f95
+size 24510672
--- a/thunderbird-45.6.0-source.tar.xz
+++ b/thunderbird-45.6.0-source.tar.xz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:d535cb2cfc2a3fd2ff82bba209b2e348eeb0331badd55d6520c841ad49e2cb02
-size 211901108
--- a/thunderbird-45.7.0-source.tar.xz
+++ b/thunderbird-45.7.0-source.tar.xz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:d0980a5cf329a8cc770166afb6dec1ccff51ed0c70ea0239ca0d0dd5399fd7cc
+size 211953556