forked from pool/MozillaThunderbird
Accepting request 800587 from mozilla:Factory
- Mozilla Thunderbird 68.8.0 * Account Manager fixes and improvements * https://www.thunderbird.net/en-US/thunderbird/68.8.0/releasenotes MFSA 2020-18 (bsc#1171186) * CVE-2020-12397 (bmo#1617370) Sender Email Address Spoofing using encoded Unicode characters * CVE-2020-12387 (bmo#1545345) Use-after-free during worker shutdown * CVE-2020-6831 (bmo#1632241) Buffer overflow in SCTP chunk input validation * CVE-2020-12392 (bmo#1614468) Arbitrary local file access with 'Copy as cURL' * CVE-2020-12393 (bmo#1615471) Devtools' 'Copy as cURL' feature did not fully escape website-controlled data, potentially leading to command injection * CVE-2020-12395 (bmo#1595886, bmo#1611482, bmo#1614704, bmo#1624098, bmo#1625749, bmo#1626382, bmo#1628076, bmo#1631508) Memory safety bugs fixed in Thunderbird 68.8.0 - removed obsolete patch mozilla-bmo1580963.patch - Add mozilla-bmo1580963.patch to fix build with rust 1.43 (bmo#1580963) In general, these flaws cannot be exploited through email in OBS-URL: https://build.opensuse.org/request/show/800587 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=230
This commit is contained in:
Dominique Leuenberger
Git OBS Bridge
commit
f9bbc6bdab
@ -1,3 +1,32 @@
|
||||
-------------------------------------------------------------------
|
||||
Tue May 5 07:49:33 UTC 2020 - Wolfgang Rosenauer <wr@rosenauer.org>
|
||||
|
||||
- Mozilla Thunderbird 68.8.0
|
||||
* Account Manager fixes and improvements
|
||||
* https://www.thunderbird.net/en-US/thunderbird/68.8.0/releasenotes
|
||||
MFSA 2020-18 (bsc#1171186)
|
||||
* CVE-2020-12397 (bmo#1617370)
|
||||
Sender Email Address Spoofing using encoded Unicode characters
|
||||
* CVE-2020-12387 (bmo#1545345)
|
||||
Use-after-free during worker shutdown
|
||||
* CVE-2020-6831 (bmo#1632241)
|
||||
Buffer overflow in SCTP chunk input validation
|
||||
* CVE-2020-12392 (bmo#1614468)
|
||||
Arbitrary local file access with 'Copy as cURL'
|
||||
* CVE-2020-12393 (bmo#1615471)
|
||||
Devtools' 'Copy as cURL' feature did not fully escape
|
||||
website-controlled data, potentially leading to command injection
|
||||
* CVE-2020-12395 (bmo#1595886, bmo#1611482, bmo#1614704, bmo#1624098,
|
||||
bmo#1625749, bmo#1626382, bmo#1628076, bmo#1631508)
|
||||
Memory safety bugs fixed in Thunderbird 68.8.0
|
||||
- removed obsolete patch mozilla-bmo1580963.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue May 5 07:00:36 UTC 2020 - Ismail Dönmez <idonmez@suse.com>
|
||||
|
||||
- Add mozilla-bmo1580963.patch to fix build with rust 1.43
|
||||
(bmo#1580963)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Apr 9 17:27:50 UTC 2020 - Andreas Stieger <andreas.stieger@gmx.de>
|
||||
|
||||
@ -15,7 +44,7 @@ Thu Apr 9 17:27:50 UTC 2020 - Andreas Stieger <andreas.stieger@gmx.de>
|
||||
* Calendar: Cancelled events didn't show with a line-through
|
||||
* Various security fixes
|
||||
MFSA 2020-14
|
||||
In general, these flaws cannot be exploited through email in
|
||||
In general, these flaws cannot be exploited through email in
|
||||
Thunderbird because scripting is disabled when reading mail, but
|
||||
are potentially risks in browser or browser-like contexts.
|
||||
* CVE-2020-6819 (bmo#1620818, bsc#1168630)
|
||||
|
||||
@ -26,8 +26,8 @@
|
||||
# major 69
|
||||
# mainver %major.99
|
||||
%define major 68
|
||||
%define mainver %major.7.0
|
||||
%define orig_version 68.7.0
|
||||
%define mainver %major.8.0
|
||||
%define orig_version 68.8.0
|
||||
%define orig_suffix %{nil}
|
||||
%define update_channel release
|
||||
%define source_prefix thunderbird-%{mainver}
|
||||
|
||||
@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:864dd346f0b6057992088532d19bd82db9870818bebf81ba2cb4907c7ec4e4d7
|
||||
size 31367516
|
||||
3
l10n-68.8.0.tar.xz
Normal file
3
l10n-68.8.0.tar.xz
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:08c901b6099402af1bb93b88c0f762f324423c69ee8d5daf876f69117e01f018
|
||||
size 28524256
|
||||
@ -1,10 +1,10 @@
|
||||
PRODUCT="thunderbird"
|
||||
CHANNEL="esr68"
|
||||
VERSION="68.7.0"
|
||||
VERSION="68.8.0"
|
||||
VERSION_SUFFIX=""
|
||||
PREV_VERSION="68.6.0"
|
||||
PREV_VERSION="68.7.0"
|
||||
PREV_VERSION_SUFFIX=""
|
||||
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
|
||||
RELEASE_REPO="https://hg.mozilla.org/releases/comm-esr68"
|
||||
RELEASE_TAG="f7099fd16d6f5dff22154eab3161674142501739"
|
||||
RELEASE_TIMESTAMP="20200407160932"
|
||||
RELEASE_TAG="4c022a34cd5dd776671721c44db89f693f59132c"
|
||||
RELEASE_TIMESTAMP="20200504155042"
|
||||
|
||||
@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:bc2efd2fee1d8f856a177e1579d529890dbf3621e6fb32a443c225ff7bf14b84
|
||||
size 339588604
|
||||
@ -1,16 +0,0 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQIzBAABCgAdFiEECXsxMHeuYqAvhNpN8aZmj7t9Vy4FAl6Mwk0ACgkQ8aZmj7t9
|
||||
Vy6p3Q/9G+GAxLMMktbWjRXNwCcfyQ5w4jS3HXs01/mfOzNRupEVIvgU01Ola6Km
|
||||
zsd6kV6eZdT3of1xXqfkgA5ZN3ebmHQWkVi/ro8gleE14SGJtMQ0bIpMzG5eb4pw
|
||||
SLjraeCj5R+jIc884pkL1tAdlCIptDqEqgJTbMBPnlJltpE8QAQ4RpR2akefrbPV
|
||||
EdG7qyqClJcQU16DlehCCbkBOEFHkwxxZOlx7S/o0c0p001GHecXLkzkHRpD8QIA
|
||||
pVwfl7WAassK0r0KoKqxeq7RvTu6zC5rGz+wcV/dlHG+Wwu4LtAFDB8UUs64rxFm
|
||||
ACUPoJePJfjGRSh3nscrahtAGgM5mv8EgY0jSn19raF3xoPSU38iU+Vfum++Gdde
|
||||
ymRQJryXDSxSaAqzR7AHSwhOTqHirB/3NWK2/1rm/s9LV/EBfF/w4KfRDNDk1pqc
|
||||
pRRSO+N/tbUUNCLYcRXyOVRBOwz/1SLXFswhjeRY2jKx09lNKt1r4FAdhkt0em4y
|
||||
t3KAHMnY/Ql6Z9aKXoRRO0YxxCbW/Z4NQ009rgiY1zyc+1SJ3tsweg9BDuWyYRL0
|
||||
/g13RKb1eMnkYGzDFlPH8yvK7JyS05j6Wo5T+6qL+GnJeIBeBYYRLZBd5HKiTwBS
|
||||
xtTDBmEyD47FQUrCjE3RCou1PObIJjOJUvnLiztyKwbT0gyrYhY=
|
||||
=o6zt
|
||||
-----END PGP SIGNATURE-----
|
||||
3
thunderbird-68.8.0.source.tar.xz
Normal file
3
thunderbird-68.8.0.source.tar.xz
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:ce87c3f2bb37d4ee827a32df16b25396590e98fbf6e8072ca16ba68c0d10cb0b
|
||||
size 335068956
|
||||
16
thunderbird-68.8.0.source.tar.xz.asc
Normal file
16
thunderbird-68.8.0.source.tar.xz.asc
Normal file
@ -0,0 +1,16 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQIzBAABCgAdFiEECXsxMHeuYqAvhNpN8aZmj7t9Vy4FAl6wUIMACgkQ8aZmj7t9
|
||||
Vy60jg/8DSdxpIMih+dAqtxXLG3UvW6XRRZGx6C28CQeL0AtzxUQ06s+o4wexrp3
|
||||
lhT53gBJg8/17p/id7vHx32prqsP5/iMoIIQZWgFJpf3h61QTyrTYyXzbQuTWqbI
|
||||
jsHuB+65c3EWBA5/vf/bkm6gBn6UZn3bX0QuPaYIGZBO7ge8S9Smsu9Xzu7XpcBK
|
||||
N1wbB/jvPI4pf4nGPxs8O7wzj4ZU8nq3M41b0JB/uqCmgDHGhk/cgdJCPRA7i20E
|
||||
3thd+ztJv2PBmHbQHk5oZtIdeadE1GNrQZwNbi9zvbehi4x/5WznP31XWPM1KzK+
|
||||
dyM2l+BpHfGa9tLJfxoP4DGOcEMGC3xBZAGFJEubu5hPj+h1/bE9ivuxyIsO3OxU
|
||||
JT8rSkpcxfTI1BAT9GHlZ7thMCEGj4BA6wop/GMIpJqTi29+0z/2yEp0A+cSR67F
|
||||
5V1pRaUPyP6C0+iAD648w9juVnrkbnC0ae/r1LFqPQNTm0pkM0ccBhL6IGHERaSB
|
||||
7RSgbsblsRG7k7sb+2Eb6X0Bg4sJIGer2nLWAN64ijCkTy2getrRTv0MMgxfU1Ck
|
||||
eOG1s256P3gwUuRjiyU1dkMem2rsOfCHuZHRwXV2A3Fbidg8LsIcRULtN1o/Tc7l
|
||||
OFlYGXaLCoFiX37h5iFdUT5GTVx187zBv9NUlHUFFATvc9rSVI0=
|
||||
=fZKh
|
||||
-----END PGP SIGNATURE-----
|
||||
Loading…
x
Reference in New Issue
Block a user