forked from pool/MozillaThunderbird
Accepting request 1036233 from mozilla:Factory
- Mozilla Thunderbird 102.5.0
* changes and fixes as described here
https://www.thunderbird.net/en-US/thunderbird/102.5.0/releasenotes
MFSA 2022-49 (bsc#1205270)
* CVE-2022-45403 (bmo#1762078)
Service Workers might have learned size of cross-origin media files
* CVE-2022-45404 (bmo#1790815)
Fullscreen notification bypass
* CVE-2022-45405 (bmo#1791314)
Use-after-free in InputStream implementation
* CVE-2022-45406 (bmo#1791975)
Use-after-free of a JavaScript Realm
* CVE-2022-45408 (bmo#1793829)
Fullscreen notification bypass via windowName
* CVE-2022-45409 (bmo#1796901)
Use-after-free in Garbage Collection
* CVE-2022-45410 (bmo#1658869)
ServiceWorker-intercepted requests bypassed SameSite cookie policy
* CVE-2022-45411 (bmo#1790311)
Cross-Site Tracing was possible via non-standard override headers
* CVE-2022-45412 (bmo#1791029)
Symlinks may resolve to partially uninitialized buffers
* CVE-2022-45416 (bmo#1793676)
Keystroke Side-Channel Leakage
* CVE-2022-45418 (bmo#1795815)
Custom mouse cursor could have been drawn over browser UI
* CVE-2022-45420 (bmo#1792643)
Iframe contents could be rendered outside the iframe
* CVE-2022-45421 (bmo#1767920, bmo#1789808, bmo#1794061)
Memory safety bugs fixed in Thunderbird 102.5
OBS-URL: https://build.opensuse.org/request/show/1036233
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=298
This commit is contained in:
Dominique Leuenberger
Git OBS Bridge
commit
e387b3a5d8
@ -1,3 +1,37 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Sat Nov 12 22:48:04 UTC 2022 - Wolfgang Rosenauer <wr@rosenauer.org>
|
||||||
|
|
||||||
|
- Mozilla Thunderbird 102.5.0
|
||||||
|
* changes and fixes as described here
|
||||||
|
https://www.thunderbird.net/en-US/thunderbird/102.5.0/releasenotes
|
||||||
|
MFSA 2022-49 (bsc#1205270)
|
||||||
|
* CVE-2022-45403 (bmo#1762078)
|
||||||
|
Service Workers might have learned size of cross-origin media files
|
||||||
|
* CVE-2022-45404 (bmo#1790815)
|
||||||
|
Fullscreen notification bypass
|
||||||
|
* CVE-2022-45405 (bmo#1791314)
|
||||||
|
Use-after-free in InputStream implementation
|
||||||
|
* CVE-2022-45406 (bmo#1791975)
|
||||||
|
Use-after-free of a JavaScript Realm
|
||||||
|
* CVE-2022-45408 (bmo#1793829)
|
||||||
|
Fullscreen notification bypass via windowName
|
||||||
|
* CVE-2022-45409 (bmo#1796901)
|
||||||
|
Use-after-free in Garbage Collection
|
||||||
|
* CVE-2022-45410 (bmo#1658869)
|
||||||
|
ServiceWorker-intercepted requests bypassed SameSite cookie policy
|
||||||
|
* CVE-2022-45411 (bmo#1790311)
|
||||||
|
Cross-Site Tracing was possible via non-standard override headers
|
||||||
|
* CVE-2022-45412 (bmo#1791029)
|
||||||
|
Symlinks may resolve to partially uninitialized buffers
|
||||||
|
* CVE-2022-45416 (bmo#1793676)
|
||||||
|
Keystroke Side-Channel Leakage
|
||||||
|
* CVE-2022-45418 (bmo#1795815)
|
||||||
|
Custom mouse cursor could have been drawn over browser UI
|
||||||
|
* CVE-2022-45420 (bmo#1792643)
|
||||||
|
Iframe contents could be rendered outside the iframe
|
||||||
|
* CVE-2022-45421 (bmo#1767920, bmo#1789808, bmo#1794061)
|
||||||
|
Memory safety bugs fixed in Thunderbird 102.5
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Sat Nov 5 16:19:55 UTC 2022 - Wolfgang Rosenauer <wr@rosenauer.org>
|
Sat Nov 5 16:19:55 UTC 2022 - Wolfgang Rosenauer <wr@rosenauer.org>
|
||||||
|
|
||||||
|
|||||||
@ -29,8 +29,8 @@
|
|||||||
# major 69
|
# major 69
|
||||||
# mainver %major.99
|
# mainver %major.99
|
||||||
%define major 102
|
%define major 102
|
||||||
%define mainver %major.4.2
|
%define mainver %major.5.0
|
||||||
%define orig_version 102.4.2
|
%define orig_version 102.5.0
|
||||||
%define orig_suffix %{nil}
|
%define orig_suffix %{nil}
|
||||||
%define update_channel release
|
%define update_channel release
|
||||||
%define source_prefix thunderbird-%{orig_version}
|
%define source_prefix thunderbird-%{orig_version}
|
||||||
|
|||||||
@ -1,10 +1,10 @@
|
|||||||
PRODUCT="thunderbird"
|
PRODUCT="thunderbird"
|
||||||
CHANNEL="esr102"
|
CHANNEL="esr102"
|
||||||
VERSION="102.4.2"
|
VERSION="102.5.0"
|
||||||
VERSION_SUFFIX=""
|
VERSION_SUFFIX=""
|
||||||
PREV_VERSION="102.4.1"
|
PREV_VERSION="102.4.2"
|
||||||
PREV_VERSION_SUFFIX=""
|
PREV_VERSION_SUFFIX=""
|
||||||
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
|
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
|
||||||
RELEASE_REPO="https://hg.mozilla.org/releases/comm-esr102"
|
RELEASE_REPO="https://hg.mozilla.org/releases/comm-esr102"
|
||||||
RELEASE_TAG="bece6c033f6b24b9c126598da7c6eb5bc2a48b14"
|
RELEASE_TAG="b6e9b5a1d1b53d26cfb7032ef2ff02203ab0486b"
|
||||||
RELEASE_TIMESTAMP="20221101185644"
|
RELEASE_TIMESTAMP="20221115143058"
|
||||||
|
|||||||
@ -1,3 +0,0 @@
|
|||||||
version https://git-lfs.github.com/spec/v1
|
|
||||||
oid sha256:ffc4a0499ccef41dccd99a683715199e9c839d628240dfb4b5f52bf1e6c902d5
|
|
||||||
size 500913544
|
|
||||||
@ -1,16 +0,0 @@
|
|||||||
-----BEGIN PGP SIGNATURE-----
|
|
||||||
|
|
||||||
iQIzBAABCgAdFiEEQ2D+IQnEl2MYb44h6+QekPbxL20FAmNiamsACgkQ6+QekPbx
|
|
||||||
L23dwA//aXpks6eJ6nnCg5ZxdcrTu6Chcj43pb6f96OIm+0Bpz60ny1bed6p1/ph
|
|
||||||
v0spUf8mNUgrUYnDDVJszAoTb2WepD55F4Grel0nZGAG8WlI7v9b/KlTeTKOnCd+
|
|
||||||
ZlUyTtK2rJji9BKBOmkUtNVXs+Ru1BFfqWz9UZ+jHKd8Mm8SuKQW0osE4DlYvKPP
|
|
||||||
7yj9cBP3Koql4asHbctLW1COLcN2CTm9qmwrAXcMqkfrTMEi7MoLpgvzfIuC/sGl
|
|
||||||
lmxHEdrsvjUjUbvJRlo4Sgf9deQcNSwpTfsL/phDTUh7k0ojvAvcOOEDaTB8QDS7
|
|
||||||
doK0r3bjYKWyu89LPv4voOZrijv3jKwxRu/fSapJjVDW2aqM5669m5hmoeR8Qd0K
|
|
||||||
KgFHgh3fls5lNM0Iw8lL+Bab50KoVF10Zqp8oTPMNrrhY/5Oh0iWfuW/dDgtc64M
|
|
||||||
srmFcHiMDQ/UOWyB3cebS1ekUkFzsbtFjbsNpIzqhHBvXRQqLcivnxVutVhPY0xr
|
|
||||||
mQN2ILf4eD+q3zi/L3t7SohqhgW2M+qVvusBP4NtmfM0TsoSrk/8QH9Sj10bOnJo
|
|
||||||
iP9vAvotqKVzoXb3fdD651U87J2BsyqJR51GmRgoBVvYZDMKDHLJ6Wt400+PAN2R
|
|
||||||
MVOwuTQZqUhLXw5ixW9w3GddI552pmhI3gfB5U1SDQp1pPnBuzc=
|
|
||||||
=hvpX
|
|
||||||
-----END PGP SIGNATURE-----
|
|
||||||
3
thunderbird-102.5.0.source.tar.xz
Normal file
3
thunderbird-102.5.0.source.tar.xz
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
version https://git-lfs.github.com/spec/v1
|
||||||
|
oid sha256:bdf8c4882e951939950b3c8aec26b15414c61c02560804f1940070f4b945d38c
|
||||||
|
size 506950192
|
||||||
16
thunderbird-102.5.0.source.tar.xz.asc
Normal file
16
thunderbird-102.5.0.source.tar.xz.asc
Normal file
@ -0,0 +1,16 @@
|
|||||||
|
-----BEGIN PGP SIGNATURE-----
|
||||||
|
|
||||||
|
iQIzBAABCgAdFiEEQ2D+IQnEl2MYb44h6+QekPbxL20FAmNzwLkACgkQ6+QekPbx
|
||||||
|
L232KRAAidSZRWeQpQ5g9s/IABUtpfYGHfw+gRBx5mWtHq69HaD9cMxTtfh+Us9P
|
||||||
|
pGjXVWuzI+QYyrw5StmXqhHhgNwodAm1LSTc0VXu3elbszvwsetwj9P5vZEI5zOz
|
||||||
|
Pl5PnJC4nVewP1hHc+m1xjz5fuLkWFyB9Xl25zrL1f1NsPYa6V3g9yGZ3x7dKmBx
|
||||||
|
OPi24qNiN3R4ph5pj9t1A1+WnqygIT2NoeyFj7ScDDcXFepA2Z1qsVAj2eITR/qe
|
||||||
|
jgNoxHuPJ4BWVbv+vtdRZkdaU57RFbVEDG5hquWzPVtWaDQh2Ux+DYtcsTthlqW+
|
||||||
|
6D6np1C1TY89iaNBcKozxr9HKqE7Q+3UVnk+y69ZqQBBrgpTXp+KM8N/JA2aRlko
|
||||||
|
wAh2tNFM0EOd8uRdSy7QinWfBqppYLV+lMuqoXUcuZZD60F63dmGXbry0m/WBqs+
|
||||||
|
MRJmh2uNoHYtOzjZjHM3fJW+Upg1arLf16qwUfPb0ZJ7bchhTtzFoydBETQHMnQ1
|
||||||
|
ax+EvDPPurw9jEJAM1gH5o/I+62hBFUvEy/ThBQkCmMUzcSnQpzr+iklaqGeO7lG
|
||||||
|
FPEf8fjGFPyRn3u6ZLbZxiKJFwXKm7OtHT7l4sXvsWIp9kUr/XEWUeTLOjpMSg7K
|
||||||
|
5KQBKFQL4PYDP4QY/vJ863QQzMY50phOxAWEJF+jrVzf9gYibS4=
|
||||||
|
=WxnT
|
||||||
|
-----END PGP SIGNATURE-----
|
||||||
Loading…
Reference in New Issue
Block a user