From d85085e956731dbb4cf6290971bb4ed571f2b8abf9e8f7d18da4f5b24885fabf Mon Sep 17 00:00:00 2001
From: Wolfgang Rosenauer <wolfgang@rosenauer.org>
Date: Thu, 15 Jun 2017 11:08:05 +0000
Subject: [PATCH] - update to Thunderbird 52.2 (boo#1043960)   * Embedded
 images not shown in email received from Hotmail/Outlook     webmailer   *
 Detection of non-ASCII font names in font selector   * Attachment not
 forwarded correctly under certain circumstances   * Multiple requests for
 master password when GMail OAuth2 is enabled   * Large number of blank pages
 being printed under certain     circumstances when invalid preferences were
 present   * Messages sent via the Simple MAPI interface are forced to HTML  
 * Calendar: Invitations can't be printed   * Mailing list (group) not
 accessible from macOS or Outlook address book   * Clicking on links with
 references/anchors where target doesn't     exist in the message not opening
 in external browser   MFSA 2017-17   * CVE-2017-5472 (bmo#1365602)    
 Use-after-free using destroyed node when regenerating trees   * CVE-2017-7749
 (bmo#1355039)     Use-after-free during docshell reloading   * CVE-2017-7750
 (bmo#1356558)     Use-after-free with track elements   * CVE-2017-7751
 (bmo#1363396)     Use-after-free with content viewer listeners   *
 CVE-2017-7752 (bmo#1359547)     Use-after-free with IME input   *
 CVE-2017-7754 (bmo#1357090)     Out-of-bounds read in WebGL with ImageInfo
 object   * CVE-2017-7756 (bmo#1366595)     Use-after-free and use-after-scope
 logging XHR header errors   * CVE-2017-7757 (bmo#1356824)     Use-after-free
 in IndexedDB

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=376
---
 MozillaThunderbird.changes       | 50 ++++++++++++++++++++++++++++++++
 MozillaThunderbird.spec          |  6 ++--
 compare-locales.tar.xz           |  4 +--
 create-tar.sh                    |  4 +--
 l10n-52.1.1.tar.xz               |  3 --
 l10n-52.2.tar.xz                 |  3 ++
 thunderbird-52.1.1-source.tar.xz |  3 --
 thunderbird-52.2-source.tar.xz   |  3 ++
 8 files changed, 63 insertions(+), 13 deletions(-)
 delete mode 100644 l10n-52.1.1.tar.xz
 create mode 100644 l10n-52.2.tar.xz
 delete mode 100644 thunderbird-52.1.1-source.tar.xz
 create mode 100644 thunderbird-52.2-source.tar.xz

diff --git a/MozillaThunderbird.changes b/MozillaThunderbird.changes
index 8a1b9f2..b73eb73 100644
--- a/MozillaThunderbird.changes
+++ b/MozillaThunderbird.changes
@@ -1,3 +1,53 @@
+-------------------------------------------------------------------
+Wed Jun 14 11:34:58 UTC 2017 - wr@rosenauer.org
+
+- update to Thunderbird 52.2 (boo#1043960)
+  * Embedded images not shown in email received from Hotmail/Outlook
+    webmailer
+  * Detection of non-ASCII font names in font selector
+  * Attachment not forwarded correctly under certain circumstances
+  * Multiple requests for master password when GMail OAuth2 is enabled
+  * Large number of blank pages being printed under certain
+    circumstances when invalid preferences were present
+  * Messages sent via the Simple MAPI interface are forced to HTML
+  * Calendar: Invitations can't be printed
+  * Mailing list (group) not accessible from macOS or Outlook address book
+  * Clicking on links with references/anchors where target doesn't
+    exist in the message not opening in external browser
+  MFSA 2017-17
+  * CVE-2017-5472 (bmo#1365602)
+    Use-after-free using destroyed node when regenerating trees
+  * CVE-2017-7749 (bmo#1355039)
+    Use-after-free during docshell reloading
+  * CVE-2017-7750 (bmo#1356558)
+    Use-after-free with track elements
+  * CVE-2017-7751 (bmo#1363396)
+    Use-after-free with content viewer listeners
+  * CVE-2017-7752 (bmo#1359547)
+    Use-after-free with IME input
+  * CVE-2017-7754 (bmo#1357090)
+    Out-of-bounds read in WebGL with ImageInfo object
+  * CVE-2017-7756 (bmo#1366595)
+    Use-after-free and use-after-scope logging XHR header errors
+  * CVE-2017-7757 (bmo#1356824)
+    Use-after-free in IndexedDB
+  * CVE-2017-7778, CVE-2017-7778, CVE-2017-7771, CVE-2017-7772,
+    CVE-2017-7773, CVE-2017-7774, CVE-2017-7775, CVE-2017-7776,
+    CVE-2017-7777
+    Vulnerabilities in the Graphite 2 library
+  * CVE-2017-7758 (bmo#1368490)
+    Out-of-bounds read in Opus encoder
+  * CVE-2017-7763 (bmo#1360309)
+    Mac fonts render some unicode characters as spaces (MacOS only)
+  * CVE-2017-7764 (bmo#1364283)
+    Domain spoofing with combination of Canadian Syllabics and other
+    unicode blocks
+  * CVE-2017-7765 (bmo#1273265)
+    Mark of the Web bypass when saving executable files (Windows only)
+  * CVE-2017-5470
+    Memory safety bugs fixed in Firefox 54 and Firefox ESR 52.2
+- requires NSS 3.28.5
+
 -------------------------------------------------------------------
 Sun Jun  4 07:31:01 UTC 2017 - wr@rosenauer.org
 
diff --git a/MozillaThunderbird.spec b/MozillaThunderbird.spec
index 2b0977a..2fb5fb7 100644
--- a/MozillaThunderbird.spec
+++ b/MozillaThunderbird.spec
@@ -17,9 +17,9 @@
 #
 
 
-%define mainversion 52.1.1
+%define mainversion 52.2
 %define update_channel release
-%define releasedate 201705100000
+%define releasedate 201706120000
 
 %bcond_without mozilla_tb_kde4
 %bcond_with    mozilla_tb_valgrind
@@ -42,7 +42,7 @@ BuildRequires:  libgnomeui-devel
 BuildRequires:  libidl-devel
 BuildRequires:  libnotify-devel
 BuildRequires:  mozilla-nspr-devel >= 4.13.1
-BuildRequires:  mozilla-nss-devel >= 3.28.4
+BuildRequires:  mozilla-nss-devel >= 3.28.5
 BuildRequires:  python
 BuildRequires:  startup-notification-devel
 BuildRequires:  unzip
diff --git a/compare-locales.tar.xz b/compare-locales.tar.xz
index 6eeb7b2..ae2543a 100644
--- a/compare-locales.tar.xz
+++ b/compare-locales.tar.xz
@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:73246b91019b70e5761c6e72f830217d76a9da4f0af25f5a8b1fd4fe91bff804
-size 28384
+oid sha256:bdd0969f0cff0578e6a1ca6684e50752dffe4c6e5a6ac1b29f6ed0c4ed804c0d
+size 28356
diff --git a/create-tar.sh b/create-tar.sh
index 759a505..0cb430b 100644
--- a/create-tar.sh
+++ b/create-tar.sh
@@ -2,8 +2,8 @@
 
 CHANNEL="esr52"
 BRANCH="releases/comm-$CHANNEL"
-RELEASE_TAG="THUNDERBIRD_52_1_1_RELEASE"
-VERSION="52.1.1"
+RELEASE_TAG="THUNDERBIRD_52_2_0_RELEASE"
+VERSION="52.2"
 
 echo "cloning $BRANCH..."
 hg clone http://hg.mozilla.org/$BRANCH thunderbird
diff --git a/l10n-52.1.1.tar.xz b/l10n-52.1.1.tar.xz
deleted file mode 100644
index 570edd6..0000000
--- a/l10n-52.1.1.tar.xz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:96ee5278d26dccae90b93d52497bffa346662472d61213dbcf2c72a05d348797
-size 26225848
diff --git a/l10n-52.2.tar.xz b/l10n-52.2.tar.xz
new file mode 100644
index 0000000..a1b70d3
--- /dev/null
+++ b/l10n-52.2.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:2b9ec2281c733f1a469f71c34cf4ddb9077c016da1f0dad864fb4bd3384cd6f5
+size 26212088
diff --git a/thunderbird-52.1.1-source.tar.xz b/thunderbird-52.1.1-source.tar.xz
deleted file mode 100644
index aa19478..0000000
--- a/thunderbird-52.1.1-source.tar.xz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:9a35e6746c3704f0f44e89fcb485fe0d62246afdfd238af78f619f36de0a8f3f
-size 240259552
diff --git a/thunderbird-52.2-source.tar.xz b/thunderbird-52.2-source.tar.xz
new file mode 100644
index 0000000..159a618
--- /dev/null
+++ b/thunderbird-52.2-source.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:4f85ec5c053b5377b5d5094de8b5fbf04d235c6c4560ccfe3f9b9c33630b656b
+size 241028092