rpm/MozillaThunderbird
SHA256
1
0
Fork 0
forked from pool/MozillaThunderbird
Code Pull Requests Activity
782 Commits 2 Branches 0 Tags 5.5 MiB
68aa3a7dc3
Commit Graph

782 Commits

This Branch
This Branch
All Branches
Author SHA256 Message Date
Ana Guerrero
68aa3a7dc3 Accepting request 1132769 from mozilla:Factory 
- Mozilla Thunderbird 115.5.2
  Bugfix release
  https://www.thunderbird.net/en-US/thunderbird/115.5.2/releasenotes/

OBS-URL: https://build.opensuse.org/request/show/1132769
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=326
 2023-12-13 17:35:07 +00:00
Wolfgang Rosenauer
bd13e76487 - Mozilla Thunderbird 115.5.2 
Bugfix release
  https://www.thunderbird.net/en-US/thunderbird/115.5.2/releasenotes/

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=739
 2023-12-12 22:10:43 +00:00
Ana Guerrero
afd0637e40 Accepting request 1129733 from mozilla:Factory 
- Mozilla Thunderbird 115.5.1
  Bugfix release
  https://www.thunderbird.net/en-US/thunderbird/115.5.1/releasenotes
  * Advanced GnuPG keys may be protected with an unexpected passphrase
  * OpenPGP signatures rejected due to mismatched signature timestamp
    now display signature timestamp and clarifying message
  * Advanced address book search did not return results if display name
    was left blank
  * Clicking on attendee when inviting attendees added the attendee twice

OBS-URL: https://build.opensuse.org/request/show/1129733
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=325
 2023-11-29 20:21:06 +00:00
Wolfgang Rosenauer
5835378f85 - Mozilla Thunderbird 115.5.1 
Bugfix release
  https://www.thunderbird.net/en-US/thunderbird/115.5.1/releasenotes
  * Advanced GnuPG keys may be protected with an unexpected passphrase
  * OpenPGP signatures rejected due to mismatched signature timestamp
    now display signature timestamp and clarifying message
  * Advanced address book search did not return results if display name
    was left blank
  * Clicking on attendee when inviting attendees added the attendee twice

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=737
 2023-11-29 07:32:44 +00:00
Ana Guerrero
9e1f2838a9 Accepting request 1128271 from mozilla:Factory 
- Mozilla Thunderbird 115.5.0
  https://www.thunderbird.net/en-US/thunderbird/115.5.0/releasenotes
  MFSA 2023-52 (bsc#1217230)
  * CVE-2023-6204 (bmo#1841050)
    Out-of-bound memory access in WebGL2 blitFramebuffer
  * CVE-2023-6205 (bmo#1854076)
    Use-after-free in MessagePort::Entangled
  * CVE-2023-6206 (bmo#1857430)
    Clickjacking permission prompts using the fullscreen transition
  * CVE-2023-6207 (bmo#1861344)
    Use-after-free in ReadableByteStreamQueueEntry::Buffer
  * CVE-2023-6208 (bmo#1855345)
    Using Selection API would copy contents into X11 primary
    selection.
  * CVE-2023-6209 (bmo#1858570)
    Incorrect parsing of relative URLs starting with "///"
  * CVE-2023-6212 (bmo#1658432, bmo#1820983, bmo#1829252, bmo#1856072,
    bmo#1856091, bmo#1859030, bmo#1860943, bmo#1862782)
    Memory safety bugs fixed in Firefox 120, Firefox ESR 115.5,
    and Thunderbird 115.5

OBS-URL: https://build.opensuse.org/request/show/1128271
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=324
 2023-11-23 20:41:38 +00:00
Wolfgang Rosenauer
480e0302f0 MFSA 2023-52 (bsc#1217230) 
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=735
 2023-11-23 08:16:17 +00:00
Wolfgang Rosenauer
55bb2ec82a - Mozilla Thunderbird 115.5.0 
https://www.thunderbird.net/en-US/thunderbird/115.5.0/releasenotes
  MFSA 2023-52 (bsc#)
  * CVE-2023-6204 (bmo#1841050)
    Out-of-bound memory access in WebGL2 blitFramebuffer
  * CVE-2023-6205 (bmo#1854076)
    Use-after-free in MessagePort::Entangled
  * CVE-2023-6206 (bmo#1857430)
    Clickjacking permission prompts using the fullscreen transition
  * CVE-2023-6207 (bmo#1861344)
    Use-after-free in ReadableByteStreamQueueEntry::Buffer
  * CVE-2023-6208 (bmo#1855345)
    Using Selection API would copy contents into X11 primary
    selection.
  * CVE-2023-6209 (bmo#1858570)
    Incorrect parsing of relative URLs starting with "///"
  * CVE-2023-6212 (bmo#1658432, bmo#1820983, bmo#1829252, bmo#1856072,
    bmo#1856091, bmo#1859030, bmo#1860943, bmo#1862782)
    Memory safety bugs fixed in Firefox 120, Firefox ESR 115.5,
    and Thunderbird 115.5

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=734
 2023-11-23 08:14:02 +00:00
Ana Guerrero
bd0ee26f99 Accepting request 1126791 from mozilla:Factory 
- Mozilla Thunderbird 115.4.3
  Bugfix release
  https://www.thunderbird.net/en-US/thunderbird/115.4.3/releasenotes

OBS-URL: https://build.opensuse.org/request/show/1126791
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=323
 2023-11-16 19:28:43 +00:00
Wolfgang Rosenauer
328f51e3db - Mozilla Thunderbird 115.4.3 
Bugfix release
  https://www.thunderbird.net/en-US/thunderbird/115.4.3/releasenotes

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=732
 2023-11-16 09:04:06 +00:00
Ana Guerrero
f1ace80360 Accepting request 1124229 from mozilla:Factory 
- Mozilla Thunderbird 115.4.2
  https://www.thunderbird.net/en-US/thunderbird/115.4.2/releasenotes
- build using rust/cargo 1.72 (1.69 about to be dropped from Factory)

OBS-URL: https://build.opensuse.org/request/show/1124229
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=322
 2023-11-08 21:18:54 +00:00
Wolfgang Rosenauer
1bac4101c8 - Mozilla Thunderbird 115.4.2 
https://www.thunderbird.net/en-US/thunderbird/115.4.2/releasenotes
- build using rust/cargo 1.72 (1.69 about to be dropped from Factory)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=730
 2023-11-08 12:10:27 +00:00
Ana Guerrero
759308472e Accepting request 1120173 from mozilla:Factory 
- Mozilla Thunderbird 115.4.1
  https://www.thunderbird.net/en-US/thunderbird/115.4.1/releasenotes
  https://www.thunderbird.net/en-US/thunderbird/115.4.0/releasenotes
  MFSA 2023-47 (bsc#1216338)
  * CVE-2023-5721 (bmo#1830820)
    Queued up rendering could have allowed websites to clickjack
  * CVE-2023-5732 (bmo#1690979, bmo#1836962)
    Address bar spoofing via bidirectional characters
  * CVE-2023-5724 (bmo#1836705)
    Large WebGL draw could have led to a crash
  * CVE-2023-5725 (bmo#1845739)
    WebExtensions could open arbitrary URLs
  * CVE-2023-5726 (bmo#1846205)
    Full screen notification obscured by file open dialog on macOS
  * CVE-2023-5727 (bmo#1847180)
    Download Protections were bypassed by .msix, .msixbundle,
    .appx, and .appxbundle files on Windows
  * CVE-2023-5728 (bmo#1852729)
    Improper object tracking during GC in the JavaScript engine
    could have led to a crash.
  * CVE-2023-5730 (bmo#1836607, bmo#1840918, bmo#1848694, bmo#1848833,
    bmo#1850191, bmo#1850259, bmo#1852596, bmo#1853201, bmo#1854002,
    bmo#1855306, bmo#1855640, bmo#1856695)
    Memory safety bugs fixed in Firefox 119, Firefox ESR 115.4,
    and Thunderbird 115.4.1
- removed obsolete mozilla-bmo1846703.patch

- Mozilla Thunderbird 115.3.3
  * fixed: "Folder Location" toolbar button did not work for
    local folders (bmo#1843979)

OBS-URL: https://build.opensuse.org/request/show/1120173
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=321
 2023-10-25 16:03:34 +00:00
Wolfgang Rosenauer
62f65fe0ea - Mozilla Thunderbird 115.4.1 
https://www.thunderbird.net/en-US/thunderbird/115.4.1/releasenotes
  https://www.thunderbird.net/en-US/thunderbird/115.4.0/releasenotes
  MFSA 2023-47 (bsc#1216338)
  * CVE-2023-5721 (bmo#1830820)
    Queued up rendering could have allowed websites to clickjack
  * CVE-2023-5732 (bmo#1690979, bmo#1836962)
    Address bar spoofing via bidirectional characters
  * CVE-2023-5724 (bmo#1836705)
    Large WebGL draw could have led to a crash
  * CVE-2023-5725 (bmo#1845739)
    WebExtensions could open arbitrary URLs
  * CVE-2023-5726 (bmo#1846205)
    Full screen notification obscured by file open dialog on macOS
  * CVE-2023-5727 (bmo#1847180)
    Download Protections were bypassed by .msix, .msixbundle,
    .appx, and .appxbundle files on Windows
  * CVE-2023-5728 (bmo#1852729)
    Improper object tracking during GC in the JavaScript engine
    could have led to a crash.
  * CVE-2023-5730 (bmo#1836607, bmo#1840918, bmo#1848694, bmo#1848833,
    bmo#1850191, bmo#1850259, bmo#1852596, bmo#1853201, bmo#1854002,
    bmo#1855306, bmo#1855640, bmo#1856695)
    Memory safety bugs fixed in Firefox 119, Firefox ESR 115.4,
    and Thunderbird 115.4.1
- removed obsolete mozilla-bmo1846703.patch

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=728
 2023-10-25 06:36:45 +00:00
Wolfgang Rosenauer
f4ecfaed93 Accepting request 1120115 from home:AndreasStieger:branches:mozilla:Factory 
Mozilla Thunderbird 115.3.3

OBS-URL: https://build.opensuse.org/request/show/1120115
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=727
 2023-10-24 21:00:55 +00:00
Ana Guerrero
5356bd4c50 Accepting request 1116802 from mozilla:Factory 
- Mozilla Thunderbird 115.3.2
  Bugfix release
  https://www.thunderbird.net/en-US/thunderbird/115.3.2/releasenotes

OBS-URL: https://build.opensuse.org/request/show/1116802
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=320
 2023-10-11 21:54:45 +00:00
Wolfgang Rosenauer
6c4666a6b7 - Mozilla Thunderbird 115.3.2 
Bugfix release
  https://www.thunderbird.net/en-US/thunderbird/115.3.2/releasenotes

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=725
 2023-10-11 06:35:40 +00:00
Ana Guerrero
d9a56d1348 Accepting request 1114452 from mozilla:Factory 
- Mozilla Thunderbird 115.3.1
  MFSA 2023-45 (bsc#1215814)
  * CVE-2023-5217 (bmo#1855550)
    Heap buffer overflow in libvpx
- Add mozilla-bmo1846703.patch

OBS-URL: https://build.opensuse.org/request/show/1114452
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=319
 2023-10-01 19:22:40 +00:00
Wolfgang Rosenauer
c1979ea7d9 - Mozilla Thunderbird 115.3.1 
MFSA 2023-45 (bsc#1215814)
  * CVE-2023-5217 (bmo#1855550)
    Heap buffer overflow in libvpx
- Add mozilla-bmo1846703.patch

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=723
 2023-09-29 20:44:41 +00:00
Dominique Leuenberger
03bb18356b Accepting request 1113844 from mozilla:Factory 
- Mozilla Thunderbird 115.3.0
  https://www.thunderbird.net/en-US/thunderbird/115.3.0/releasenotes
  MFSA 2023-43 (bsc#1215575)
  * CVE-2023-5168 (bmo#1846683)
    Out-of-bounds write in FilterNodeD2D1
  * CVE-2023-5169 (bmo#1846685)
    Out-of-bounds write in PathOps
  * CVE-2023-5171 (bmo#1851599)
    Use-after-free in Ion Compiler
  * CVE-2023-5174 (bmo#1848454)
    Double-free in process spawning on Windows
  * CVE-2023-5176 (bmo#1836353, bmo#1842674, bmo#1843824,
    bmo#1843962, bmo#1848890, bmo#1850180, bmo#1850983,
    bmo#1851195)
    Memory safety bugs fixed in Firefox 118, Firefox ESR 115.3,
    and Thunderbird 115.3

OBS-URL: https://build.opensuse.org/request/show/1113844
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=318
 2023-09-27 22:25:51 +00:00
Wolfgang Rosenauer
70c5946a5c - Mozilla Thunderbird 115.3.0 
https://www.thunderbird.net/en-US/thunderbird/115.3.0/releasenotes
  MFSA 2023-43 (bsc#1215575)
  * CVE-2023-5168 (bmo#1846683)
    Out-of-bounds write in FilterNodeD2D1
  * CVE-2023-5169 (bmo#1846685)
    Out-of-bounds write in PathOps
  * CVE-2023-5171 (bmo#1851599)
    Use-after-free in Ion Compiler
  * CVE-2023-5174 (bmo#1848454)
    Double-free in process spawning on Windows
  * CVE-2023-5176 (bmo#1836353, bmo#1842674, bmo#1843824,
    bmo#1843962, bmo#1848890, bmo#1850180, bmo#1850983,
    bmo#1851195)
    Memory safety bugs fixed in Firefox 118, Firefox ESR 115.3,
    and Thunderbird 115.3

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=721
 2023-09-27 09:43:36 +00:00
Ana Guerrero
263916113a Accepting request 1112694 from mozilla:Factory 
- Mozilla Thunderbird 115.2.3
  Bugfix release:
  https://www.thunderbird.net/en-US/thunderbird/115.2.3/releasenotes

OBS-URL: https://build.opensuse.org/request/show/1112694
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=317
 2023-09-21 20:22:38 +00:00
Wolfgang Rosenauer
d383915fad - Mozilla Thunderbird 115.2.3 
Bugfix release:
  https://www.thunderbird.net/en-US/thunderbird/115.2.3/releasenotes

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=719
 2023-09-21 06:48:37 +00:00
Ana Guerrero
d485729260 Accepting request 1110767 from mozilla:Factory 
OBS-URL: https://build.opensuse.org/request/show/1110767
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=316
 2023-09-13 18:44:58 +00:00
Wolfgang Rosenauer
a81e9b4cb4 Accepting request 1110766 from home:AndreasStieger:branches:mozilla:Factory 
Mozilla Thunderbird 115.2.2 bsc#1215231

OBS-URL: https://build.opensuse.org/request/show/1110766
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=717
 2023-09-12 21:29:55 +00:00
Ana Guerrero
9ff5d4a1b6 Accepting request 1109528 from mozilla:Factory 
- Mozilla Thunderbird 115.2.0
  https://www.thunderbird.net/en-US/thunderbird/115.2.0/releasenotes
  MFSA 2023-38 (bsc#1214606)
  * CVE-2023-4573 (bmo#1846687)
    Memory corruption in IPC CanvasTranslator
  * CVE-2023-4574 (bmo#1846688)
    Memory corruption in IPC ColorPickerShownCallback
  * CVE-2023-4575 (bmo#1846689)
    Memory corruption in IPC FilePickerShownCallback
  * CVE-2023-4576 (bmo#1846694)
    Integer Overflow in RecordedSourceSurfaceCreation
  * CVE-2023-4577 (bmo#1847397)
    Memory corruption in JIT UpdateRegExpStatics
  * CVE-2023-4051 (bmo#1821884)
    Full screen notification obscured by file open dialog
  * CVE-2023-4578 (bmo#1839007)
    Error reporting methods in SpiderMonkey could have triggered
    an Out of Memory Exception
  * CVE-2023-4053 (bmo#1839079)
    Full screen notification obscured by external program
  * CVE-2023-4580 (bmo#1843046)
    Push notifications saved to disk unencrypted
  * CVE-2023-4581 (bmo#1843758)
    XLL file extensions were downloadable without warnings
  * CVE-2023-4582 (bmo#1773874)
    Buffer Overflow in WebGL glGetProgramiv
  * CVE-2023-4583 (bmo#1842030)
    Browsing Context potentially not cleared when closing Private
    Window
  * CVE-2023-4584 (bmo#1843968, bmo#1845205, bmo#1846080,

OBS-URL: https://build.opensuse.org/request/show/1109528
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=315
 2023-09-07 19:13:51 +00:00
Wolfgang Rosenauer
45ef0c0c50 mozilla-bmo1775202.patch 
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=715
 2023-09-07 11:34:15 +00:00
Wolfgang Rosenauer
98a8bbee26 - Mozilla Thunderbird 115.2.0 
https://www.thunderbird.net/en-US/thunderbird/115.2.0/releasenotes
  MFSA 2023-38 (bsc#1214606)
  * CVE-2023-4573 (bmo#1846687)
    Memory corruption in IPC CanvasTranslator
  * CVE-2023-4574 (bmo#1846688)
    Memory corruption in IPC ColorPickerShownCallback
  * CVE-2023-4575 (bmo#1846689)
    Memory corruption in IPC FilePickerShownCallback
  * CVE-2023-4576 (bmo#1846694)
    Integer Overflow in RecordedSourceSurfaceCreation
  * CVE-2023-4577 (bmo#1847397)
    Memory corruption in JIT UpdateRegExpStatics
  * CVE-2023-4051 (bmo#1821884)
    Full screen notification obscured by file open dialog
  * CVE-2023-4578 (bmo#1839007)
    Error reporting methods in SpiderMonkey could have triggered
    an Out of Memory Exception
  * CVE-2023-4053 (bmo#1839079)
    Full screen notification obscured by external program
  * CVE-2023-4580 (bmo#1843046)
    Push notifications saved to disk unencrypted
  * CVE-2023-4581 (bmo#1843758)
    XLL file extensions were downloadable without warnings
  * CVE-2023-4582 (bmo#1773874)
    Buffer Overflow in WebGL glGetProgramiv
  * CVE-2023-4583 (bmo#1842030)
    Browsing Context potentially not cleared when closing Private
    Window
  * CVE-2023-4584 (bmo#1843968, bmo#1845205, bmo#1846080,

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=714
 2023-08-31 07:59:41 +00:00
Dominique Leuenberger
f3bf95db38 Accepting request 1102113 from mozilla:Factory 
- Mozilla Thunderbird 102.14.0
  MFSA 2023-32 (bsc#1213746)
  * CVE-2023-4045 (bmo#1833876)
    Offscreen Canvas could have bypassed cross-origin restrictions
  * CVE-2023-4046 (bmo#1837686)
    Incorrect value used during WASM compilation
  * CVE-2023-4047 (bmo#1839073)
    Potential permissions request bypass via clickjacking
  * CVE-2023-4048 (bmo#1841368)
    Crash in DOMParser due to out-of-memory conditions
  * CVE-2023-4049 (bmo#1842658)
    Fix potential race conditions when releasing platform objects
  * CVE-2023-4050 (bmo#1843038)
    Stack buffer overflow in StorageManager
  * CVE-2023-4054 (bmo#1840777)
    Lack of warning when opening appref-ms files
  * CVE-2023-4055 (bmo#1782561)
    Cookie jar overflow caused unexpected cookie jar state
  * CVE-2023-4056 (bmo#1820587, bmo#1824634, bmo#1839235,
    bmo#1842325, bmo#1843847)
    Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1,
    Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14

  * CVE-2023-3417 (bmo#1835582, boo#1213658)

OBS-URL: https://build.opensuse.org/request/show/1102113
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=314
 2023-08-03 15:29:27 +00:00
Wolfgang Rosenauer
da50d4ab72 - Mozilla Thunderbird 102.14.0 
MFSA 2023-32 (bsc#1213746)
  * CVE-2023-4045 (bmo#1833876)
    Offscreen Canvas could have bypassed cross-origin restrictions
  * CVE-2023-4046 (bmo#1837686)
    Incorrect value used during WASM compilation
  * CVE-2023-4047 (bmo#1839073)
    Potential permissions request bypass via clickjacking
  * CVE-2023-4048 (bmo#1841368)
    Crash in DOMParser due to out-of-memory conditions
  * CVE-2023-4049 (bmo#1842658)
    Fix potential race conditions when releasing platform objects
  * CVE-2023-4050 (bmo#1843038)
    Stack buffer overflow in StorageManager
  * CVE-2023-4054 (bmo#1840777)
    Lack of warning when opening appref-ms files
  * CVE-2023-4055 (bmo#1782561)
    Cookie jar overflow caused unexpected cookie jar state
  * CVE-2023-4056 (bmo#1820587, bmo#1824634, bmo#1839235,
    bmo#1842325, bmo#1843847)
    Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1,
    Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=712
 2023-08-03 04:29:56 +00:00
Wolfgang Rosenauer
a858e257a4 Accepting request 1101575 from home:AndreasStieger:branches:mozilla:Factory 
boo#1213658   OCD

OBS-URL: https://build.opensuse.org/request/show/1101575
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=711
 2023-07-31 18:28:50 +00:00
Ana Guerrero
08933f69a0 Accepting request 1100766 from mozilla:Factory 
- Mozilla Thunderbird 102.13.1
  MFSA 2023-28
  * CVE-2023-3417 (bmo#1835582)
    File Extension Spoofing using the Text Direction Override Character

OBS-URL: https://build.opensuse.org/request/show/1100766
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=313
 2023-07-26 11:24:38 +00:00
Wolfgang Rosenauer
c92ecfd31b - Mozilla Thunderbird 102.13.1 
MFSA 2023-28
  * CVE-2023-3417 (bmo#1835582)
    File Extension Spoofing using the Text Direction Override Character

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=709
 2023-07-26 07:30:19 +00:00
Dominique Leuenberger
fbaa0b6684 Accepting request 1097755 from mozilla:Factory 
- Mozilla Thunderbird 102.13.0
  * Upstream RNP version numbers now recognized as official in about:support
  MFSA 2023-24 (bsc#1212438)
  * CVE-2023-37201 (bmo#1826002)
    Use-after-free in WebRTC certificate generation
  * CVE-2023-37202 (bmo#1834711)
    Potential use-after-free from compartment mismatch in
    SpiderMonkey
  * CVE-2023-37207 (bmo#1816287)
    Fullscreen notification obscured
  * CVE-2023-37208 (bmo#1837675)
    Lack of warning when opening Diagcab files
  * CVE-2023-37211 (bmo#1832306, bmo#1834862, bmo#1835886,
    bmo#1836550, bmo#1837450)
    Memory safety bugs fixed in Firefox 115, Firefox ESR 102.13,
    and Thunderbird 102.13
- mozilla-llvm16.patch has been applied upstream, remove it here

OBS-URL: https://build.opensuse.org/request/show/1097755
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=312
 2023-07-09 18:39:07 +00:00
Wolfgang Rosenauer
a450a78f9c - Mozilla Thunderbird 102.13.0 
* Upstream RNP version numbers now recognized as official in about:support
  MFSA 2023-24 (bsc#1212438)
  * CVE-2023-37201 (bmo#1826002)
    Use-after-free in WebRTC certificate generation
  * CVE-2023-37202 (bmo#1834711)
    Potential use-after-free from compartment mismatch in
    SpiderMonkey
  * CVE-2023-37207 (bmo#1816287)
    Fullscreen notification obscured
  * CVE-2023-37208 (bmo#1837675)
    Lack of warning when opening Diagcab files
  * CVE-2023-37211 (bmo#1832306, bmo#1834862, bmo#1835886,
    bmo#1836550, bmo#1837450)
    Memory safety bugs fixed in Firefox 115, Firefox ESR 102.13,
    and Thunderbird 102.13
- mozilla-llvm16.patch has been applied upstream, remove it here

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=707
 2023-07-08 18:44:08 +00:00
Dominique Leuenberger
545394691f Accepting request 1091973 from mozilla:Factory 
OBS-URL: https://build.opensuse.org/request/show/1091973
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=311
 2023-06-11 17:54:52 +00:00
Wolfgang Rosenauer
8ab03d7649 Accepting request 1091941 from home:AndreasStieger:branches:mozilla:Factory 
Mozilla Thunderbird 102.12.0 bsc#1211922

OBS-URL: https://build.opensuse.org/request/show/1091941
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=705
 2023-06-10 10:47:23 +00:00
Dominique Leuenberger
40c3790c5c Accepting request 1089289 from mozilla:Factory 
- Mozilla Thunderbird 102.11.2
  * fixed POP3 regressions ins 102.11.1
  * https://www.thunderbird.net/en-US/thunderbird/102.11.2/releasenotes/
  Thunderbird 102.11.1
  * https://www.thunderbird.net/en-US/thunderbird/102.11.1/releasenotes/
- updated mozilla.keyring

OBS-URL: https://build.opensuse.org/request/show/1089289
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=310
 2023-05-27 18:38:25 +00:00
Wolfgang Rosenauer
4055c03185 - Mozilla Thunderbird 102.11.2 
* fixed POP3 regressions ins 102.11.1
  * https://www.thunderbird.net/en-US/thunderbird/102.11.2/releasenotes/
  Thunderbird 102.11.1
  * https://www.thunderbird.net/en-US/thunderbird/102.11.1/releasenotes/

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=703
 2023-05-27 08:18:22 +00:00
Dominique Leuenberger
1fafb69c4a Accepting request 1086176 from mozilla:Factory 
- Mozilla Thunderbird 102.11.0
  * https://www.thunderbird.net/en-US/thunderbird/102.11.0/releasenotes
  MFSA 2023-18 (bsc#1211175)
  * CVE-2023-32205 (bmo#1753339, bmo#1753341)
    Browser prompts could have been obscured by popups
  * CVE-2023-32206 (bmo#1824892)
    Crash in RLBox Expat driver
  * CVE-2023-32207 (bmo#1826116)
    Potential permissions request bypass via clickjacking
  * CVE-2023-32211 (bmo#1823379)
    Content process crash due to invalid wasm code
  * CVE-2023-32212 (bmo#1826622)
    Potential spoof due to obscured address bar
  * CVE-2023-32213 (bmo#1826666)
    Potential memory corruption in FileReader::DoReadData()
  * CVE-2023-32214 (bmo#1828716)
    Potential DoS via exposed protocol handlers
  * CVE-2023-32215 (bmo#1540883, bmo#1751943, bmo#1814856,
    bmo#1820210, bmo#1821480, bmo#1827019, bmo#1827024, bmo#1827144,
    bmo#1827359, bmo#1830186)
    Memory safety bugs fixed in Firefox 113 and Firefox ESR 102.11

OBS-URL: https://build.opensuse.org/request/show/1086176
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=309
 2023-05-11 10:33:56 +00:00
Wolfgang Rosenauer
23380907bc - Mozilla Thunderbird 102.11.0 
* https://www.thunderbird.net/en-US/thunderbird/102.11.0/releasenotes
  MFSA 2023-18 (bsc#1211175)
  * CVE-2023-32205 (bmo#1753339, bmo#1753341)
    Browser prompts could have been obscured by popups
  * CVE-2023-32206 (bmo#1824892)
    Crash in RLBox Expat driver
  * CVE-2023-32207 (bmo#1826116)
    Potential permissions request bypass via clickjacking
  * CVE-2023-32211 (bmo#1823379)
    Content process crash due to invalid wasm code
  * CVE-2023-32212 (bmo#1826622)
    Potential spoof due to obscured address bar
  * CVE-2023-32213 (bmo#1826666)
    Potential memory corruption in FileReader::DoReadData()
  * CVE-2023-32214 (bmo#1828716)
    Potential DoS via exposed protocol handlers
  * CVE-2023-32215 (bmo#1540883, bmo#1751943, bmo#1814856,
    bmo#1820210, bmo#1821480, bmo#1827019, bmo#1827024, bmo#1827144,
    bmo#1827359, bmo#1830186)
    Memory safety bugs fixed in Firefox 113 and Firefox ESR 102.11

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=701
 2023-05-11 06:49:50 +00:00
Dominique Leuenberger
4d249b21a0 Accepting request 1083507 from mozilla:Factory 
- Mozilla Thunderbird 102.10.1
  * https://www.thunderbird.net/en-US/thunderbird/102.10.1/releasenotes

OBS-URL: https://build.opensuse.org/request/show/1083507
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=308
 2023-04-28 14:24:28 +00:00
Wolfgang Rosenauer
96ebf6f723 - Mozilla Thunderbird 102.10.1 
* https://www.thunderbird.net/en-US/thunderbird/102.10.1/releasenotes

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=699
 2023-04-28 10:10:31 +00:00
Dominique Leuenberger
b9156650b9 Accepting request 1078519 from mozilla:Factory 
- Mozilla Thunderbird 102.10.0
  * New messages will automatically select S/MIME if configured and
    OpenPGP is not
  * Calendar events with timezone America/Mexico_City incorrectly
    applied Daylight Savings Time
  MFSA 2023-15 (bsc#1210212)
  * CVE-2023-29531 (bmo#1794292)
    Out-of-bound memory access in WebGL on macOS
  * CVE-2023-29532 (bmo#1806394)
    Mozilla Maintenance Service Write-lock bypass
  * CVE-2023-29533 (bmo#1798219, bmo#1814597)
    Fullscreen notification obscured
  * MFSA-TMP-2023-0001 (bmo#1819244)
    Double-free in libwebp
  * CVE-2023-29535 (bmo#1820543)
    Potential Memory Corruption following Garbage Collector compaction
  * CVE-2023-29536 (bmo#1821959)
    Invalid free from JavaScript code
  * CVE-2023-0547 (bmo#1811298)
    Revocation status of S/Mime recipient certificates was not checked
  * CVE-2023-29479 (bmo#1824978)
    Hang when processing certain OpenPGP messages
  * CVE-2023-29539 (bmo#1784348)
    Content-Disposition filename truncation leads to Reflected
    File Download
  * CVE-2023-29541 (bmo#1810191)
    Files with malicious extensions could have been downloaded
    unsafely on Linux
  * CVE-2023-29542 (bmo#1810793, bmo#1815062)
    Bypass of file download extension restrictions

OBS-URL: https://build.opensuse.org/request/show/1078519
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=307
 2023-04-12 10:51:34 +00:00
Wolfgang Rosenauer
376ac03b18 * New messages will automatically select S/MIME if configured and 
OpenPGP is not
  * Calendar events with timezone America/Mexico_City incorrectly
    applied Daylight Savings Time
  MFSA 2023-15 (bsc#1210212)
  * CVE-2023-29531 (bmo#1794292)
    Out-of-bound memory access in WebGL on macOS
  * CVE-2023-29532 (bmo#1806394)
    Mozilla Maintenance Service Write-lock bypass
  * CVE-2023-29533 (bmo#1798219, bmo#1814597)
    Fullscreen notification obscured
  * MFSA-TMP-2023-0001 (bmo#1819244)
    Double-free in libwebp
  * CVE-2023-29535 (bmo#1820543)
    Potential Memory Corruption following Garbage Collector compaction
  * CVE-2023-29536 (bmo#1821959)
    Invalid free from JavaScript code
  * CVE-2023-0547 (bmo#1811298)
    Revocation status of S/Mime recipient certificates was not checked
  * CVE-2023-29479 (bmo#1824978)
    Hang when processing certain OpenPGP messages
  * CVE-2023-29539 (bmo#1784348)
    Content-Disposition filename truncation leads to Reflected
    File Download
  * CVE-2023-29541 (bmo#1810191)
    Files with malicious extensions could have been downloaded
    unsafely on Linux
  * CVE-2023-29542 (bmo#1810793, bmo#1815062)
    Bypass of file download extension restrictions
  * CVE-2023-29545 (bmo#1823077)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=697
 2023-04-11 20:58:19 +00:00
Wolfgang Rosenauer
7a75a56779 - Mozilla Thunderbird 102.10.0 
- add mozilla-llvm16.patch trying to fix build with LLVM16

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=696
 2023-04-06 13:55:17 +00:00
Wolfgang Rosenauer
b695ba5251 - Mozilla Thunderbird 102.9.1 
MFSA 2023-12
  * CVE-2023-28427 (bmo#1822595)
    Matrix SDK bundled with Thunderbird vulnerable to
    denial-of-service attack

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=695
 2023-03-29 12:48:43 +00:00
Dominique Leuenberger
121088b5d4 Accepting request 1074474 from mozilla:Factory 
- add gcc13-fix.patch to support current Tumbleweed

OBS-URL: https://build.opensuse.org/request/show/1074474
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=306
 2023-03-27 16:15:46 +00:00
Wolfgang Rosenauer
3d74973d59 - add gcc13-fix.patch to support current Tumbleweed 
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=693
 2023-03-26 16:31:37 +00:00
Dominique Leuenberger
596c12be2a Accepting request 1072474 from mozilla:Factory 
- Mozilla Thunderbird 102.9.0
  * https://www.thunderbird.net/en-US/thunderbird/102.9.0/releasenotes
  MFSA 2023-11 (bsc#1209173))
  * CVE-2023-25751 (bmo#1814899)
    Incorrect code generation during JIT compilation
  * CVE-2023-28164 (bmo#1809122)
    URL being dragged from a removed cross-origin iframe into the
    same tab triggered navigation
  * CVE-2023-28162 (bmo#1811327)
    Invalid downcast in Worklets
  * CVE-2023-25752 (bmo#1811627)
    Potential out-of-bounds when accessing throttled streams
  * CVE-2023-28163 (bmo#1817768)
    Windows Save As dialog resolved environment variables
  * CVE-2023-28176 (bmo#1808352, bmo#1811637, bmo#1815904,
    bmo#1817442, bmo#1818674)
    Memory safety bugs fixed in Thunderbird 102.9
- update create-tar.sh
- build using rust 1.67
- Ensure gcc11-c++ gets used on Leap 15.5, too.

OBS-URL: https://build.opensuse.org/request/show/1072474
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=305
 2023-03-16 21:59:08 +00:00
Wolfgang Rosenauer
b8ddf94b52 - build using rust 1.67 
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=691
 2023-03-16 13:11:48 +00:00