forked from pool/MozillaThunderbird
- Mozilla Thunderbird 91.5.0
https://www.thunderbird.net/en-US/thunderbird/91.5.0/releasenotes MFSA 2022-03 (bsc#1194547) * CVE-2022-22746 (bmo#1735071) Calling into reportValidity could have lead to fullscreen window spoof * CVE-2022-22743 (bmo#1739220) Browser window spoof using fullscreen mode * CVE-2022-22742 (bmo#1739923) Out-of-bounds memory access when inserting text in edit mode * CVE-2022-22741 (bmo#1740389) Browser window spoof using fullscreen mode * CVE-2022-22740 (bmo#1742334) Use-after-free of ChannelEventQueue::mOwner * CVE-2022-22738 (bmo#1742382) Heap-buffer-overflow in blendGaussianBlur * CVE-2022-22737 (bmo#1745874) Race condition when playing audio files * CVE-2021-4140 (bmo#1746720) Iframe sandbox bypass with XSLT * CVE-2022-22748 (bmo#1705211) Spoofed origin on external protocol launch dialog * CVE-2022-22745 (bmo#1735856) Leaking cross-origin URLs through securitypolicyviolation event * CVE-2022-22744 (bmo#1737252) The 'Copy as curl' feature in DevTools did not fully escape website-controlled data, potentially leading to command injection * CVE-2022-22747 (bmo#1735028) Crash when handling empty pkcs7 sequence * CVE-2022-22739 (bmo#1744158) OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=620
This commit is contained in:
parent
794263a781
commit
ed5ea29202
@ -1,3 +1,42 @@
|
||||
-------------------------------------------------------------------
|
||||
Fri Jan 7 16:13:57 UTC 2022 - Wolfgang Rosenauer <wr@rosenauer.org>
|
||||
|
||||
- Mozilla Thunderbird 91.5.0
|
||||
https://www.thunderbird.net/en-US/thunderbird/91.5.0/releasenotes
|
||||
MFSA 2022-03 (bsc#1194547)
|
||||
* CVE-2022-22746 (bmo#1735071)
|
||||
Calling into reportValidity could have lead to fullscreen
|
||||
window spoof
|
||||
* CVE-2022-22743 (bmo#1739220)
|
||||
Browser window spoof using fullscreen mode
|
||||
* CVE-2022-22742 (bmo#1739923)
|
||||
Out-of-bounds memory access when inserting text in edit mode
|
||||
* CVE-2022-22741 (bmo#1740389)
|
||||
Browser window spoof using fullscreen mode
|
||||
* CVE-2022-22740 (bmo#1742334)
|
||||
Use-after-free of ChannelEventQueue::mOwner
|
||||
* CVE-2022-22738 (bmo#1742382)
|
||||
Heap-buffer-overflow in blendGaussianBlur
|
||||
* CVE-2022-22737 (bmo#1745874)
|
||||
Race condition when playing audio files
|
||||
* CVE-2021-4140 (bmo#1746720)
|
||||
Iframe sandbox bypass with XSLT
|
||||
* CVE-2022-22748 (bmo#1705211)
|
||||
Spoofed origin on external protocol launch dialog
|
||||
* CVE-2022-22745 (bmo#1735856)
|
||||
Leaking cross-origin URLs through securitypolicyviolation event
|
||||
* CVE-2022-22744 (bmo#1737252)
|
||||
The 'Copy as curl' feature in DevTools did not fully escape
|
||||
website-controlled data, potentially leading to command injection
|
||||
* CVE-2022-22747 (bmo#1735028)
|
||||
Crash when handling empty pkcs7 sequence
|
||||
* CVE-2022-22739 (bmo#1744158)
|
||||
Missing throttling on external protocol launch dialog
|
||||
* CVE-2022-22751 (bmo#1664149, bmo#1737816, bmo#1739366,
|
||||
bmo#1740274, bmo#1740797, bmo#1741201, bmo#1741869, bmo#1743221,
|
||||
bmo#1743515, bmo#1745373, bmo#1746011)
|
||||
Memory safety bugs fixed in Thunderbird 91.5
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Dec 28 20:20:30 UTC 2021 - Bjørn Lie <bjorn.lie@gmail.com>
|
||||
|
||||
|
@ -1,7 +1,7 @@
|
||||
#
|
||||
# spec file
|
||||
#
|
||||
# Copyright (c) 2021 SUSE LLC
|
||||
# Copyright (c) 2022 SUSE LLC
|
||||
# 2006-2021 Wolfgang Rosenauer <wr@rosenauer.org>
|
||||
#
|
||||
# All modifications and additions to the file contributed by third parties
|
||||
@ -26,8 +26,8 @@
|
||||
# major 69
|
||||
# mainver %major.99
|
||||
%define major 91
|
||||
%define mainver %major.4.1
|
||||
%define orig_version 91.4.1
|
||||
%define mainver %major.5.0
|
||||
%define orig_version 91.5.0
|
||||
%define orig_suffix %{nil}
|
||||
%define update_channel release
|
||||
%define source_prefix thunderbird-%{orig_version}
|
||||
|
@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:58357a0157b34de992f4a7c2c5a35bcbd956d11b0b0061df97bcfcefb4a594da
|
||||
size 28646024
|
3
l10n-91.5.0.tar.xz
Normal file
3
l10n-91.5.0.tar.xz
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:a3fdd64670634c9337473d4a6f59191103ca0584047cf258da5db22966e65156
|
||||
size 28627244
|
@ -1,10 +1,10 @@
|
||||
PRODUCT="thunderbird"
|
||||
CHANNEL="esr91"
|
||||
VERSION="91.4.1"
|
||||
VERSION="91.5.0"
|
||||
VERSION_SUFFIX=""
|
||||
PREV_VERSION="91.4.0"
|
||||
PREV_VERSION="91.4.1"
|
||||
PREV_VERSION_SUFFIX=""
|
||||
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
|
||||
RELEASE_REPO="https://hg.mozilla.org/releases/comm-esr91"
|
||||
RELEASE_TAG="11529576c3a7d89514771d1e0f5fa116eef29b81"
|
||||
RELEASE_TIMESTAMP="20211216022855"
|
||||
RELEASE_TAG="bcd2aab51cd0889d506d29455210d65602b97430"
|
||||
RELEASE_TIMESTAMP="20220106182030"
|
||||
|
@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:f1079ed2cbd335a417b18929c5018d8ade9fb1d0c8cba9fdb2b6d672f14074f1
|
||||
size 408805472
|
@ -1,16 +0,0 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQIzBAABCgAdFiEEQ2D+IQnEl2MYb44h6+QekPbxL20FAmG8fOQACgkQ6+QekPbx
|
||||
L21alhAAs680nSh8Q0nZxEE9mfOtLSpRWlal5KsPwGxVobNZ9wbiAiqSKgA1dNHp
|
||||
AxqxUTt5ZGlvICzSKBrssvZyNyw1V4wLXYW4RDRTzeFPSCeAANdi6/pOue+E1AYB
|
||||
XMiw69ZlfT6OtRh5iQiuYVtfectOVBV+92ZxBvBv3sJcLhWen4Jbr9I+yhRl31Hs
|
||||
m3VtPMg4m3S6nxSQaZkErkFrg8hVCOxxkCF8gycpRTQGVc4qYpuuutIH8aCITGpM
|
||||
cdauOamSF83XXQB9HZqp4deGhYxS0Zt8RkfGGM5C2oMPnoaoOcKM5g7SHk9oFqyn
|
||||
rmUZ+YweV8D6dhzTFkwLtJ2l0u7jpmfF59VjYqPDDmjkr0OE+48ilNdwir03rgAj
|
||||
s5ptGkqI62AFSeekj2vDMBHRpmgZW/xOBO6Lg0s1NIyySr8k1NrmGQLYWeGaFbcR
|
||||
NICrlXKaLJVXFE/yOPO5jB3qff3foulWENP2WZtvuzJFMg/TxvgKL9fl0f9EShWm
|
||||
SIV1zD65BxU7K4KzGKhd2L/IAj28XmhtHwccF9gWlLQALtsLfoAK+acVKwje/aQQ
|
||||
1MxvvNp0Rt1vpdDwNWzT5KNIJgZ1Tu6oBe/f6jJXAo44wWGEwRrdlqZG5KnlkWEi
|
||||
2a5SeGmXjkwyF++bxsYQ4sbsM7f7/lyQy0yETa/2XFW0ipRgBig=
|
||||
=cguv
|
||||
-----END PGP SIGNATURE-----
|
3
thunderbird-91.5.0.source.tar.xz
Normal file
3
thunderbird-91.5.0.source.tar.xz
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:b89a8e1b57d5be828a7346e817120d7c763a258a2397a23393b7ceb3ce810ab2
|
||||
size 405937856
|
16
thunderbird-91.5.0.source.tar.xz.asc
Normal file
16
thunderbird-91.5.0.source.tar.xz.asc
Normal file
@ -0,0 +1,16 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQIzBAABCgAdFiEEQ2D+IQnEl2MYb44h6+QekPbxL20FAmHXnp8ACgkQ6+QekPbx
|
||||
L23cexAAg90hG/vxcAKjy6JNVpKIa7eZOZUbyHAe8pJU8+L58tMIkFciF3vI1cDN
|
||||
/qgjHXX/3ZOI797QRVBgnKBcys3hz0TRX0w942jAnnV9rIeFSZ656WbJOUroucHY
|
||||
4Cn1C5Vu7s77Y3AbUgMKP+/xgMhSXiHB5LfC/J4LT5gIkM5+X9cebnMctFvyUasK
|
||||
WqDPXvqB92u+qSYNo3Uof8OA3i6olNZYyP7PpHh3R23Z95rrBb4D2AroU+7Z2YXy
|
||||
qJkQjLcVApggbCfUGeiL5qBVJFUQYypTN4o9BxJdkp789rWWXgeSfrgA4vD+uraz
|
||||
dFtmv+SrITST3ToPszf3nfPC8km2Nb90IArJO/fIJuRF3oxsKq0ZgHdj1XmzIpsR
|
||||
uzyXGvGTfCmLjhkOAE8DTx/tnIt1DOFcVvGue6hifDFwUbejSbYV0vGiZpQ+f26W
|
||||
Q7IdrDF2kpgtznBfpobaMANXWT63MyrY1ryZQxOEKqdt/KZpCwxCc01gYCodOSoK
|
||||
9T/j+JSI0tAtW7v+3VMnagqpEJ4EXPWUzs8xkZJbsWkj4aZ7ndKp+TnccO1rPT5E
|
||||
qCAZfAnN6SjV36KNQi/WJvDNqad1IL1oQlxNlDbRA3+Cq8UVz+6hbhCb72mhHZv/
|
||||
baZWCcnYGlI7/1eh+t8PHg1wcKZTn37vFV8vvvYqnQZHaeHiV8I=
|
||||
=lgac
|
||||
-----END PGP SIGNATURE-----
|
Loading…
Reference in New Issue
Block a user