1
0

- update to Thunderbird 52.2 (boo#1043960)

* Embedded images not shown in email received from Hotmail/Outlook
    webmailer
  * Detection of non-ASCII font names in font selector
  * Attachment not forwarded correctly under certain circumstances
  * Multiple requests for master password when GMail OAuth2 is enabled
  * Large number of blank pages being printed under certain
    circumstances when invalid preferences were present
  * Messages sent via the Simple MAPI interface are forced to HTML
  * Calendar: Invitations can't be printed
  * Mailing list (group) not accessible from macOS or Outlook address book
  * Clicking on links with references/anchors where target doesn't
    exist in the message not opening in external browser
  MFSA 2017-17
  * CVE-2017-5472 (bmo#1365602)
    Use-after-free using destroyed node when regenerating trees
  * CVE-2017-7749 (bmo#1355039)
    Use-after-free during docshell reloading
  * CVE-2017-7750 (bmo#1356558)
    Use-after-free with track elements
  * CVE-2017-7751 (bmo#1363396)
    Use-after-free with content viewer listeners
  * CVE-2017-7752 (bmo#1359547)
    Use-after-free with IME input
  * CVE-2017-7754 (bmo#1357090)
    Out-of-bounds read in WebGL with ImageInfo object
  * CVE-2017-7756 (bmo#1366595)
    Use-after-free and use-after-scope logging XHR header errors
  * CVE-2017-7757 (bmo#1356824)
    Use-after-free in IndexedDB

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=376
This commit is contained in:
Wolfgang Rosenauer 2017-06-15 11:08:05 +00:00 committed by Git OBS Bridge
parent a1880e072f
commit d85085e956
8 changed files with 63 additions and 13 deletions

View File

@ -1,3 +1,53 @@
-------------------------------------------------------------------
Wed Jun 14 11:34:58 UTC 2017 - wr@rosenauer.org
- update to Thunderbird 52.2 (boo#1043960)
* Embedded images not shown in email received from Hotmail/Outlook
webmailer
* Detection of non-ASCII font names in font selector
* Attachment not forwarded correctly under certain circumstances
* Multiple requests for master password when GMail OAuth2 is enabled
* Large number of blank pages being printed under certain
circumstances when invalid preferences were present
* Messages sent via the Simple MAPI interface are forced to HTML
* Calendar: Invitations can't be printed
* Mailing list (group) not accessible from macOS or Outlook address book
* Clicking on links with references/anchors where target doesn't
exist in the message not opening in external browser
MFSA 2017-17
* CVE-2017-5472 (bmo#1365602)
Use-after-free using destroyed node when regenerating trees
* CVE-2017-7749 (bmo#1355039)
Use-after-free during docshell reloading
* CVE-2017-7750 (bmo#1356558)
Use-after-free with track elements
* CVE-2017-7751 (bmo#1363396)
Use-after-free with content viewer listeners
* CVE-2017-7752 (bmo#1359547)
Use-after-free with IME input
* CVE-2017-7754 (bmo#1357090)
Out-of-bounds read in WebGL with ImageInfo object
* CVE-2017-7756 (bmo#1366595)
Use-after-free and use-after-scope logging XHR header errors
* CVE-2017-7757 (bmo#1356824)
Use-after-free in IndexedDB
* CVE-2017-7778, CVE-2017-7778, CVE-2017-7771, CVE-2017-7772,
CVE-2017-7773, CVE-2017-7774, CVE-2017-7775, CVE-2017-7776,
CVE-2017-7777
Vulnerabilities in the Graphite 2 library
* CVE-2017-7758 (bmo#1368490)
Out-of-bounds read in Opus encoder
* CVE-2017-7763 (bmo#1360309)
Mac fonts render some unicode characters as spaces (MacOS only)
* CVE-2017-7764 (bmo#1364283)
Domain spoofing with combination of Canadian Syllabics and other
unicode blocks
* CVE-2017-7765 (bmo#1273265)
Mark of the Web bypass when saving executable files (Windows only)
* CVE-2017-5470
Memory safety bugs fixed in Firefox 54 and Firefox ESR 52.2
- requires NSS 3.28.5
-------------------------------------------------------------------
Sun Jun 4 07:31:01 UTC 2017 - wr@rosenauer.org

View File

@ -17,9 +17,9 @@
#
%define mainversion 52.1.1
%define mainversion 52.2
%define update_channel release
%define releasedate 201705100000
%define releasedate 201706120000
%bcond_without mozilla_tb_kde4
%bcond_with mozilla_tb_valgrind
@ -42,7 +42,7 @@ BuildRequires: libgnomeui-devel
BuildRequires: libidl-devel
BuildRequires: libnotify-devel
BuildRequires: mozilla-nspr-devel >= 4.13.1
BuildRequires: mozilla-nss-devel >= 3.28.4
BuildRequires: mozilla-nss-devel >= 3.28.5
BuildRequires: python
BuildRequires: startup-notification-devel
BuildRequires: unzip

View File

@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:73246b91019b70e5761c6e72f830217d76a9da4f0af25f5a8b1fd4fe91bff804
size 28384
oid sha256:bdd0969f0cff0578e6a1ca6684e50752dffe4c6e5a6ac1b29f6ed0c4ed804c0d
size 28356

View File

@ -2,8 +2,8 @@
CHANNEL="esr52"
BRANCH="releases/comm-$CHANNEL"
RELEASE_TAG="THUNDERBIRD_52_1_1_RELEASE"
VERSION="52.1.1"
RELEASE_TAG="THUNDERBIRD_52_2_0_RELEASE"
VERSION="52.2"
echo "cloning $BRANCH..."
hg clone http://hg.mozilla.org/$BRANCH thunderbird

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:96ee5278d26dccae90b93d52497bffa346662472d61213dbcf2c72a05d348797
size 26225848

3
l10n-52.2.tar.xz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:2b9ec2281c733f1a469f71c34cf4ddb9077c016da1f0dad864fb4bd3384cd6f5
size 26212088

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:9a35e6746c3704f0f44e89fcb485fe0d62246afdfd238af78f619f36de0a8f3f
size 240259552

View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:4f85ec5c053b5377b5d5094de8b5fbf04d235c6c4560ccfe3f9b9c33630b656b
size 241028092