------------------------------------------------------------------- Fri Dec 16 13:06:13 UTC 2016 - wr@rosenauer.org - update to Thunderbird 45.6.0 (boo#1015422) ------------------------------------------------------------------- Thu Dec 1 09:58:57 UTC 2016 - astieger@suse.com - Mozilla Thunderbird 45.5.1: * CVE-2016-9079: SVG Animation Remote Code Execution (MFSA 2016-92, bsc#1012964, bmo#1321066) ------------------------------------------------------------------- Sat Nov 19 14:20:05 UTC 2016 - astieger@suse.com - Mozilla Thunderbird 45.5.0 (boo#1009026) * Fixes for security flaws that cannot be exploited through email because scripting is disabled when reading mail, but are potentially risks in browser or browser-like contexts: CVE-2016-5296: Heap-buffer-overflow WRITE in rasterize_edges_1 (bsc#1010411) CVE-2016-5297: Incorrect argument length checking in Javascript (bsc#1010401) CVE-2016-9066: Integer overflow leading to a buffer overflow in nsScriptLoadHandler (bsc#1010404) CVE-2016-5291: Same-origin policy violation using local HTML file and saved shortcut file (bsc#1010410) CVE-2016-5290: Memory safety bugs fixed in Thunderbird ESR 45.5 (bsc#1010427) - Changed behavior: * Changed recipient address entry: Arrow-keys now copy the pop-up value to the input field. Mouse-hovered pop-up value can no longer be confirmed with tab or enter key. This restores the behavior of Thunderbird 24. * Support changes to character limit in Twitter - Bugs fixed: * Reply with selected text containing quote resulted in wrong quoting level indication * Email invitation might not be displayed when description contains non-ASCII characters * Attempting to sort messages on the Date field whilst a quick filter is applied got stuck on sort descending * Mail address display at header pane displayed incorrectly if the address contains UTF-8 according to RFC 6532 ------------------------------------------------------------------- Sat Oct 1 07:12:08 UTC 2016 - wr@rosenauer.org - update to Thunderbird 45.4.0 (boo#999701) * Display name was truncated if no separating space before email address. * Recipient addresses were shown in wrong color in some circumstances. * Additional spaces were inserted when drafts were edited. * Mail saved as template copied In-Reply-To and References from original email. * Threading broken when editing message draft, due to loss of Message-ID * "Apply columns to..." did not honor special folders ------------------------------------------------------------------- Tue Aug 30 06:55:14 UTC 2016 - wr@rosenauer.org - update to Thunderbird 45.3.0 (boo#991809) * Disposition-Notification-To could not be used in mail.compose.other.header * "edit as new message" on a received message pre-filled the sender as the composing identity. * Certain messages caused corruption of the drafts summary database. security fixes: * MFSA 2016-62/CVE-2016-2836 Miscellaneous memory safety hazards * MFSA 2016-63/CVE-2016-2830 (bmo#1255270) Favicon network connection can persist when page is closed * MFSA 2016-64/CVE-2016-2838 (bmo#1279814) Buffer overflow rendering SVG with bidirectional content * MFSA 2016-65/CVE-2016-2839 (bmo#1275339) Cairo rendering crash due to memory allocation issue with FFmpeg 0.10 * MFSA 2016-67/CVE-2016-5252 (bmo#1268854) Stack underflow during 2D graphics rendering * MFSA 2016-70/CVE-2016-5254 (bmo#1266963) Use-after-free when using alt key and toplevel menus * MFSA 2016-72/CVE-2016-5258 (bmo#1279146) Use-after-free in DTLS during WebRTC session shutdown * MFSA 2016-73/CVE-2016-5259 (bmo#1282992) Use-after-free in service workers with nested sync events * MFSA 2016-76/CVE-2016-5262 (bmo#1277475) Scripts on marquee tag can execute in sandboxed iframes * MFSA 2016-77/CVE-2016-2837 (bmo#1274637) Buffer overflow in ClearKey Content Decryption Module (CDM) during video playback * MFSA 2016-78/CVE-2016-5263 (bmo#1276897) Type confusion in display transformation * MFSA 2016-79/CVE-2016-5264 (bmo#1286183) Use-after-free when applying SVG effects * MFSA 2016-80/CVE-2016-5265 (bmo#1278013) Same-origin policy violation using local HTML file and saved shortcut file ------------------------------------------------------------------- Fri Aug 5 13:47:12 UTC 2016 - pcerny@suse.com - Fix for possible buffer overrun (bsc#990856) CVE-2016-6354 (bmo#1292534) [mozilla-flex_buffer_overrun.patch] ------------------------------------------------------------------- Thu Jul 21 11:50:27 UTC 2016 - mailaender@opensuse.org - add a screenshot to appdata.xml ------------------------------------------------------------------- Thu Jun 30 09:18:14 UTC 2016 - wr@rosenauer.org - update to Thunderbird 45.2 (boo#983549) Security fixes: * CVE-2016-2818, CVE-2016-2815: Memory safety bugs (MFSA2016-49) - drop mozilla-flexible-array-member-in-union.patch, upstream ------------------------------------------------------------------- Fri Jun 24 14:10:58 UTC 2016 - wr@rosenauer.org - mozilla-binutils-visibility.patch to fix build issues with gcc/binutils combination used in Leap 42.2 (boo#984637) ------------------------------------------------------------------- Thu Jun 23 10:15:51 UTC 2016 - wr@rosenauer.org - build with -fno-delete-null-pointer-checks for Tumbleweed/gcc6 as long as underlying issues have been addressed upstream (boo#986162) ------------------------------------------------------------------- Mon Jun 13 20:28:01 UTC 2016 - agraf@suse.com - Fix running on 48bit va aarch64 (bsc#984126) - Add patch mozilla-aarch64-48bit-va.patch ------------------------------------------------------------------- Fri May 27 12:51:23 UTC 2016 - wr@rosenauer.org - update to Thunderbird 45.1.1 * When entering members into a mailing list, the enter key dismissed the panel instead of just moving onto the next line * Email without HTML elements was sent as HTML, despite "Delivery Format: Auto-detect" option * Options applied to a template were lost when the template was used * Contacts could not be deleted when they were found through a search * Views from global searches did not respect "mail.threadpane.use_correspondents" ------------------------------------------------------------------- Wed May 25 18:20:24 UTC 2016 - badshah400@gmail.com - The conditional testing for gcc was failing for different openSUSE versions, drop it and apply patches unconditionally. ------------------------------------------------------------------- Tue May 24 18:28:31 UTC 2016 - badshah400@gmail.com - Add patches to fix building with gcc >= 6: + mozilla-gcc6.patch: patch taken from fedora's git and is essentially identical to upstream firefox patch: https://hg.mozilla.org/mozilla-central/rev/55212130f19d. + mozilla-flexible-array-member-in-union.patch: patch taken from upstream bmo#1272649. ------------------------------------------------------------------- Thu May 12 15:21:45 UTC 2016 - dimstar@opensuse.org - Copy the icons to /usr/share/icons instead of symlinking them: in preparation for containerized apps (e.g. xdg-app) as well as AppStream metadata extraction, there are a couple locations that need to be real files for system integration (.desktop files, icons, mime-type info). ------------------------------------------------------------------- Sat May 7 22:19:09 UTC 2016 - wr@rosenauer.org - update to Thunderbird 45.1.0 (boo#977333) * MFSA 2016-39/CVE-2016-2806/CVE-2016-2807 (boo#977375, boo#977376) Miscellaneous memory safety hazards ------------------------------------------------------------------- Wed Apr 27 04:26:56 UTC 2016 - badshah400@gmail.com - For openSUSE > 13.2, the build fails for i586 as it goes out of memory. Prevent this from happening by disabing parallel build in this particular case (i.e. do not pass mk_add_options MOZ_MAKE_FLAGS%{?jobs:-j%jobs}). ------------------------------------------------------------------- Sat Apr 16 08:11:14 UTC 2016 - wr@rosenauer.org - update to Thunderbird 45.0 (boo#969894) * Add a Correspondents column combining Sender and Recipient * Much better support for XMPP chatrooms and commands * Remote content exceptions: Improved options to add exceptions * Implement option to always use HTML formatting to prevent unexpected format loss when converting messages to plain text * Use OpenStreetmap for maps (even allow the user to choose from list of map services) * Allow spell checking and dictionary selection in the subject line * Allow editing of From when composing a message * Add dropdown in compose to allow specific setting of font size * Return/Enter in composer will now insert a new paragraph by default (shift-Enter will insert a line break) * Allow copying of name and email address from the message header of an email * Mail.ru supports OAuth authentication * MFSA 2016-16/CVE-2016-1952/CVE-2016-1953 Miscellaneous memory safety hazards * MFSA 2016-17/CVE-2016-1954 (bmo#1243178) Local file overwriting and potential privilege escalation through CSP reports * MFSA 2016-18/CVE-2016-1955 (bmo#1208946) CSP reports fail to strip location information for embedded iframe pages * MFSA 2016-19/CVE-2016-1956 (bmo#1199923) Linux video memory DOS with Intel drivers * MFSA 2016-20/CVE-2016-1957 (bmo#1227052) Memory leak in libstagefright when deleting an array during MP4 processing * MFSA 2016-23/CVE-2016-1960/ZDI-CAN-3545 (bmo#1246014) Use-after-free in HTML5 string parser * MFSA 2016-24/CVE-2016-1961/ZDI-CAN-3574 (bmo#1249377) Use-after-free in SetBody * MFSA 2016-27/CVE-2016-1964 (bmo#1243335) Use-after-free during XML transformations * MFSA 2016-34/CVE-2016-1974 (bmo#1228103) Out-of-bounds read in HTML parser following a failed allocation * MFSA 2016-35/CVE-2016-1950 (bmo#1245528) Buffer overflow during ASN.1 decoding in NSS (fixed by requiring 3.21.1) * MFSA 2016-36/CVE-2016-1979 (bmo#1185033) Use-after-free during processing of DER encoded keys in NSS (fixed by requiring 3.21.1) * MFSA 2016-37/CVE-2016-1977/CVE-2016-2790/CVE-2016-2791/ CVE-2016-2792/CVE-2016-2793/CVE-2016-2794/CVE-2016-2795/ CVE-2016-2796/CVE-2016-2797/CVE-2016-2798/CVE-2016-2799/ CVE-2016-2800/CVE-2016-2801/CVE-2016-2802 Font vulnerabilities in the Graphite 2 library - remove obsolete patches: * mozilla-arm-disable-edsp.patch * mozilla-icu-strncat.patch * mozilla-arm64-libjpeg-turbo.patch - added required mozilla platform patches: * mozilla-no-stdcxx-check.patch ------------------------------------------------------------------- Wed Apr 6 21:54:09 UTC 2016 - astieger@suse.com - update to Thunderbird 38.7.2 * disable Graphite font shaping library (same upstream changelog as 38.7.1) ------------------------------------------------------------------- Fri Mar 25 09:40:09 UTC 2016 - wr@rosenauer.org - update to Thunderbird 38.7.1 * disabled Graphite font shaping library ------------------------------------------------------------------- Fri Mar 11 12:57:25 UTC 2016 - wr@rosenauer.org - update to Thunderbird 38.7.0 (boo#969894) * MFSA 2015-81/CVE-2015-4477 (bmo#1179484) Use-after-free in MediaStream playback * MFSA 2015-136/CVE-2015-7207 (bmo#1185256) Same-origin policy violation using performance.getEntries and history navigation * MFSA 2016-16/CVE-2016-1952 Miscellaneous memory safety hazards * MFSA 2016-17/CVE-2016-1954 (bmo#1243178) Local file overwriting and potential privilege escalation through CSP reports * MFSA 2016-20/CVE-2016-1957 (bmo#1227052) Memory leak in libstagefright when deleting an array during MP4 processing * MFSA 2016-21/CVE-2016-1958 (bmo#1228754) Displayed page address can be overridden * MFSA 2016-23/CVE-2016-1960/ZDI-CAN-3545 (bmo#1246014) Use-after-free in HTML5 string parser * MFSA 2016-24/CVE-2016-1961/ZDI-CAN-3574 (bmo#1249377) Use-after-free in SetBody * MFSA 2016-25/CVE-2016-1962 (bmo#1240760) Use-after-free when using multiple WebRTC data channels * MFSA 2016-27/CVE-2016-1964 (bmo#1243335) Use-after-free during XML transformations * MFSA 2016-28/CVE-2016-1965 (bmo#1245264) Addressbar spoofing though history navigation and Location protocol property * MFSA 2016-31/CVE-2016-1966 (bmo#1246054) Memory corruption with malicious NPAPI plugin * MFSA 2016-34/CVE-2016-1974 (bmo#1228103) Out-of-bounds read in HTML parser following a failed allocation * MFSA 2016-37/CVE-2016-1977/CVE-2016-2790/CVE-2016-2791/ CVE-2016-2792/CVE-2016-2793/CVE-2016-2794/CVE-2016-2795/ CVE-2016-2796/CVE-2016-2797/CVE-2016-2798/CVE-2016-2799/ CVE-2016-2800/CVE-2016-2801/CVE-2016-2802 Font vulnerabilities in the Graphite 2 library ------------------------------------------------------------------- Fri Feb 26 15:45:19 UTC 2016 - astieger@suse.com - adjust _constraints to current peak build memory and disk usage ------------------------------------------------------------------- Sat Feb 13 08:32:09 UTC 2016 - wr@rosenauer.org - update to Thunderbird 38.6.0 (boo#963520) * Filters ran on a different folder than selected * MFSA 2016-01/CVE-2016-1930 Miscellaneous memory safety hazards * MFSA 2016-03/CVE-2016-1935 (bmo#1220450) Buffer overflow in WebGL after out of memory allocation ------------------------------------------------------------------- Mon Jan 25 10:39:23 UTC 2016 - olaf@aepfle.de - Using -g for CFLAGS is controlled via project settings, it should not be enforced by the mozilla buildsystem. ------------------------------------------------------------------- Mon Jan 18 07:32:51 UTC 2016 - olaf@aepfle.de - Add build conditionals for valgrind and -Os - Convert existing conditions for kde to bcond ------------------------------------------------------------------- Tue Dec 29 20:30:59 UTC 2015 - wr@rosenauer.org - update to Thunderbird 38.5.1 * requires NSS 3.20.2 to fix MFSA 2015-150/CVE-2015-7575 (bmo#1158489) MD5 signatures accepted within TLS 1.2 ServerKeyExchange in server signature - explicitely require libXcomposite-devel ------------------------------------------------------------------- Wed Dec 23 10:13:38 UTC 2015 - wr@rosenauer.org - update to Thunderbird 38.5.0 (bnc#959277) * MFSA 2015-134/CVE-2015-7201 Miscellaneous memory safety hazards * MFSA 2015-138/CVE-2015-7210 (bmo#1218326) Use-after-free in WebRTC when datachannel is used after being destroyed * MFSA 2015-139/CVE-2015-7212 (bmo#1222809) Integer overflow allocating extremely large textures * MFSA 2015-145/CVE-2015-7205 (bmo#1220493) Underflow through code inspection * MFSA 2015-146/CVE-2015-7213 (bmo#1206211) Integer overflow in MP4 playback in 64-bit versions * MFSA 2015-147/CVE-2015-7222 (bmo#1216748) Integer underflow and buffer overflow processing MP4 metadata in libstagefright * MFSA 2015-149/CVE-2015-7214 (bmo#1228950) Cross-site reading attack through data and view-source URIs ------------------------------------------------------------------- Tue Nov 17 07:58:43 UTC 2015 - wr@rosenauer.org - update to Thunderbird 38.4.0 (bnc#952810) * MFSA 2015-116/CVE-2015-4513/CVE-2015-4514 Miscellaneous memory safety hazards * MFSA 2015-122/CVE-2015-7188 (bmo#1199430) Trailing whitespace in IP address hostnames can bypass same-origin policy * MFSA 2015-123/CVE-2015-7189 (bmo#1205900) Buffer overflow during image interactions in canvas * MFSA 2015-127/CVE-2015-7193 (bmo#1210302) CORS preflight is bypassed when non-standard Content-Type headers are received * MFSA 2015-128/CVE-2015-7194 (bmo#1211262) Memory corruption in libjar through zip files * MFSA 2015-130/CVE-2015-7196 (bmo#1140616) JavaScript garbage collection crash with Java applet * MFSA 2015-131/CVE-2015-7198/CVE-2015-7199/CVE-2015-7200 (bmo#1188010, bmo#1204061, bmo#1204155) Vulnerabilities found through code inspection * MFSA 2015-132/CVE-2015-7197 (bmo#1204269) Mixed content WebSocket policy bypass through workers * MFSA 2015-133/CVE-2015-7181/CVE-2015-7182/CVE-2015-7183 (bmo#1202868, bmo#1205157) NSS and NSPR memory corruption issues (fixed in mozilla-nspr and mozilla-nss packages) - requires NSPR 4.10.10 and NSS 3.19.2.1 - added explicit appdata provides (bnc#952325) ------------------------------------------------------------------- Mon Oct 5 12:44:39 UTC 2015 - dmueller@suse.com - fix build on aarch64 by reusing the crashreporter conditional from MozillaFirefox ------------------------------------------------------------------- Mon Sep 28 18:00:50 UTC 2015 - wr@rosenauer.org - update to Thunderbird 38.3.0 (bnc#947003) * MFSA 2015-96/CVE-2015-4500 Miscellaneous memory safety hazards * MFSA 2015-100/CVE-2015-4505 (bmo#1177861) (Windows only) Arbitrary file manipulation by local user through Mozilla updater * MFSA 2015-101/CVE-2015-4506 (bmo#1192226) Buffer overflow in libvpx while parsing vp9 format video * MFSA 2015-105/CVE-2015-4511 (bmo#1200148) Buffer overflow while decoding WebM video * MFSA 2015-106/CVE-2015-4509 (bmo#1198435) Use-after-free while manipulating HTML media content * MFSA 2015-110/CVE-2015-4519 (bmo#1189814) Dragging and dropping images exposes final URL after redirects * MFSA 2015-111/CVE-2015-4520 (bmo#1200856, bmo#1200869) Errors in the handling of CORS preflight request headers * MFSA 2015-112/CVE-2015-4517/CVE-2015-4521/CVE-2015-4522/ CVE-2015-7174/CVE-2015-7175/CVE-2015-7176/CVE-2015-7177/ CVE-2015-7180 Vulnerabilities found through code inspection * MFSA 2015-113/CVE-2015-7178/CVE-2015-7179 (bmo#1189860, bmo#1190526) (Windows only) Memory safety errors in libGLES in the ANGLE graphics library - rebased patches ------------------------------------------------------------------- Sat Aug 15 11:41:30 UTC 2015 - wr@rosenauer.org - update to Thunderbird 38.2.0 (bnc#940806) * MFSA 2015-79/CVE-2015-4473 Miscellaneous memory safety hazards * MFSA 2015-80/CVE-2015-4475 (bmo#1175396) Out-of-bounds read with malformed MP3 file * MFSA 2015-82/CVE-2015-4478 (bmo#1105914) Redefinition of non-configurable JavaScript object properties * MFSA 2015-83/CVE-2015-4479/CVE-2015-4480/CVE-2015-4493 Overflow issues in libstagefright * MFSA 2015-84/CVE-2015-4481 (bmo1171518) Arbitrary file overwriting through Mozilla Maintenance Service with hard links (only affected Windows) * MFSA 2015-85/CVE-2015-4482 (bmo#1184500) Out-of-bounds write with Updater and malicious MAR file (does not affect openSUSE RPM packages which do not ship the updater) * MFSA 2015-87/CVE-2015-4484 (bmo#1171540) Crash when using shared memory in JavaScript * MFSA 2015-88/CVE-2015-4491 (bmo#1184009) Heap overflow in gdk-pixbuf when scaling bitmap images * MFSA 2015-89/CVE-2015-4485/CVE-2015-4486 (bmo#1177948, bmo#1178148) Buffer overflows on Libvpx when decoding WebM video * MFSA 2015-90/CVE-2015-4487/CVE-2015-4488/CVE-2015-4489 Vulnerabilities found through code inspection * MFSA 2015-92/CVE-2015-4492 (bmo#1185820) Use-after-free in XMLHttpRequest with shared workers ------------------------------------------------------------------- Wed Jul 8 07:10:59 UTC 2015 - wr@rosenauer.org - update to Thunderbird 38.1.0 (bnc#935979) * MFSA 2015-59/CVE-2015-2724/CVE-2015-2725 Miscellaneous memory safety hazards * MFSA 2015-60/CVE-2015-2727 (bmo#1163422) Local files or privileged URLs in pages can be opened into new tabs * MFSA 2015-61/CVE-2015-2728 (bmo#1142210) Type confusion in Indexed Database Manager * MFSA 2015-62/CVE-2015-2729 (bmo#1122218) Out-of-bound read while computing an oscillator rendering range in Web Audio * MFSA 2015-63/CVE-2015-2731 (bmo#1149891) Use-after-free in Content Policy due to microtask execution error * MFSA 2015-64/CVE-2015-2730 (bmo#1125025) ECDSA signature validation fails to handle some signatures correctly (this fix is shipped by NSS 3.19.1 externally) * MFSA 2015-65/CVE-2015-2722/CVE-2015-2733 (bmo#1166924, bmo#1169867) Use-after-free in workers while using XMLHttpRequest * MFSA 2015-66/CVE-2015-2734/CVE-2015-2735/CVE-2015-2736/CVE-2015-2737 CVE-2015-2738/CVE-2015-2739/CVE-2015-2740 Vulnerabilities found through code inspection * MFSA 2015-67/CVE-2015-2741 (bmo#1147497) Key pinning is ignored when overridable errors are encountered * MFSA 2015-69/CVE-2015-2743 (bmo#1163109) Privilege escalation in PDF.js * MFSA 2015-70/CVE-2015-4000 (bmo#1138554) NSS accepts export-length DHE keys with regular DHE cipher suites (this fix is shipped by NSS 3.19.1 externally) * MFSA 2015-71/CVE-2015-2721 (bmo#1086145) NSS incorrectly permits skipping of ServerKeyExchange (this fix is shipped by NSS 3.19.1 externally) - requires NSS 3.19.2 ------------------------------------------------------------------- Fri Jun 19 17:00:11 UTC 2015 - wr@rosenauer.org - update to Thunderbird 38.0.1 * includes Lightning as default extension - rebased patches - removed obsolete patches: * mozilla-ppc.patch * mozilla-nullptr-gcc45.patch * mozilla-bug1024492.patch - dropped openSUSE specific patches * thunderbird-shared-nss-db.patch * mozilla-shared-nss-db.patch the provided feature seems not to be used and its maintenance is not worth the ongoing efforts - tb-develdirs.patch is now mozilla-develdirs.patch as it is a platform configuration now -------------------------------------------------------------------- Thu Jun 18 10:30:18 UTC 2015 - schwab@suse.de - mozilla-arm64-libjpeg-turbo.patch: fix libjpeg-turbo configuration ------------------------------------------------------------------- Thu May 28 10:28:13 UTC 2015 - dmueller@suse.com - add mozilla-bug1024492.patch: * Fixes build against GCC 5.x ------------------------------------------------------------------- Sat May 9 07:22:49 UTC 2015 - wr@rosenauer.org - update to Thunderbird 31.7.0 (bnc#930622) * MFSA 2015-46/CVE-2015-2708 Miscellaneous memory safety hazards * MFSA 2015-47/VE-2015-0797 (bmo#1080995) Buffer overflow parsing H.264 video with Linux Gstreamer * MFSA 2015-48/CVE-2015-2710 (bmo#1149542) Buffer overflow with SVG content and CSS * MFSA 2015-51/CVE-2015-2713 (bmo#1153478) Use-after-free during text processing with vertical text enabled * MFSA 2015-54/CVE-2015-2716 (bmo#1140537) Buffer overflow when parsing compressed XML * MFSA 2015-57/CVE-2011-3079 (bmo#1087565) Privilege escalation through IPC channel messages ------------------------------------------------------------------- Tue Mar 31 05:02:16 UTC 2015 - wr@rosenauer.org - update to Thunderbird 31.6.0 (bnc#925368) * MFSA 2015-30/CVE-2015-0815 Miscellaneous memory safety hazards * MFSA 2015-31/CVE-2015-0813 (bmo#1106596)) Use-after-free when using the Fluendo MP3 GStreamer plugin * MFSA 2015-33/CVE-2015-0816 (bmo#1144991) resource:// documents can load privileged pages * MFSA-2015-37/CVE-2015-0807 (bmo#1111834) CORS requests should not follow 30x redirections after preflight * MFSA-2015-40/CVE-2015-0801 (bmo#1146339) Same-origin bypass through anchor navigation ------------------------------------------------------------------- Mon Feb 23 12:42:57 UTC 2015 - wr@rosenauer.org - update to Thunderbird 31.5.0 (bnc#917597) * MFSA 2015-11/CVE-2015-0836 Miscellaneous memory safety hazards * MFSA 2015-12/CVE-2015-0833 (bmo#945192) Invoking Mozilla updater will load locally stored DLL files (Windows only) * MFSA 2015-16/CVE-2015-0831 (bmo#1130514) Use-after-free in IndexedDB * MFSA 2015-19/CVE-2015-0827 (bmo#1117304) Out-of-bounds read and write while rendering SVG content * MFSA 2015-24/CVE-2015-0822 (bmo#1110557) Reading of local files through manipulation of form autocomplete ------------------------------------------------------------------- Sat Jan 10 18:33:52 UTC 2015 - wr@rosenauer.org - update to Thunderbird 31.4.0 (bnc#910669) * MFSA 2015-01/CVE-2014-8634/CVE-2014-8635 Miscellaneous memory safety hazards * MFSA 2015-03/CVE-2014-8638 (bmo#1080987) sendBeacon requests lack an Origin header * MFSA 2015-04/CVE-2014-8639 (bmo#1095859) Cookie injection through Proxy Authenticate responses - added mozilla-icu-strncat.patch to fix post build checks ------------------------------------------------------------------- Sun Nov 30 08:37:33 UTC 2014 - wr@rosenauer.org - update to Thunderbird 31.3.0 (bnc#908009) * MFSA 2014-83/CVE-2014-1587 Miscellaneous memory safety hazards * MFSA 2014-85/CVE-2014-1590 (bmo#1087633) XMLHttpRequest crashes with some input streams * MFSA 2014-87/CVE-2014-1592 (bmo#1088635) Use-after-free during HTML5 parsing * MFSA 2014-88/CVE-2014-1593 (bmo#1085175) Buffer overflow while parsing media content * MFSA 2014-89/CVE-2014-1594 (bmo#1074280) Bad casting from the BasicThebesLayer to BasicContainerLayer ------------------------------------------------------------------- Sun Nov 16 21:22:00 UTC 2014 - Led - fix bashism in mozilla.sh script ------------------------------------------------------------------- Tue Nov 4 08:16:43 UTC 2014 - guillaume@opensuse.org - Limit RAM usage during link for ARM ------------------------------------------------------------------- Sat Oct 25 18:41:27 UTC 2014 - wr@rosenauer.org - remove add-plugins.sh and use /usr/share/myspell directly (bnc#900639) ------------------------------------------------------------------- Sun Oct 12 22:47:42 UTC 2014 - wr@rosenauer.org - update to Thunderbird 31.2.0 (bnc#900941) * MFSA 2014-74/CVE-2014-1574 Miscellaneous memory safety hazards * MFSA 2014-75/CVE-2014-1576 (bmo#1041512) Buffer overflow during CSS manipulation * MFSA 2014-76/CVE-2014-1577 (bmo#1012609) Web Audio memory corruption issues with custom waveforms * MFSA 2014-77/CVE-2014-1578 (bmo#1063327) Out-of-bounds write with WebM video * MFSA 2014-79/CVE-2014-1581 (bmo#1068218) Use-after-free interacting with text directionality * MFSA 2014-81/CVE-2014-1585/CVE-2014-1586 (bmo#1062876, bmo#1062981) Inconsistent video sharing within iframe - added basic appdata definition ------------------------------------------------------------------- Wed Sep 24 09:15:02 UTC 2014 - wr@rosenauer.org - update to Thunderbird 31.1.2 ------------------------------------------------------------------- Tue Sep 9 12:53:41 UTC 2014 - wolfgang@rosenauer.org - update to Thunderbird 31.1.1 * Fixed an issue where mailing lists with spaces in their names couldn't be autocompleted (bmo#1060901) * Fixed an occasional startup crash (bmo#1005336) ------------------------------------------------------------------- Fri Aug 29 13:02:19 UTC 2014 - wr@rosenauer.org - update to Thunderbird 31.1.0 (bnc#894370) * MFSA 2014-67/CVE-2014-1553/CVE-2014-1562 Miscellaneous memory safety hazards * MFSA 2014-68/CVE-2014-1563 (bmo#1018524) Use-after-free during DOM interactions with SVG * MFSA 2014-69/CVE-2014-1564 (bmo#1045977) Uninitialized memory use during GIF rendering * MFSA 2014-70/CVE-2014-1565 (bmo#1047831) Out-of-bounds read in Web Audio audio timeline * MFSA 2014-72/CVE-2014-1567 (bmo#1037641) Use-after-free setting text directionality - added mozilla-nullptr-gcc45.patch to build on gcc 4.5 dists (e.g. openSUSE 11.4) ------------------------------------------------------------------- Sun Jul 27 20:25:46 UTC 2014 - wr@rosenauer.org - update to Thunderbird 31.0 * based on Gecko 31 * Autocompleting email addresses now matches against any part of the name or email * Composing a mail to a newsgroup will now autocomplete newsgroup names * Insecure NTLM (pre-NTLMv2) authentication disabled - rebased patches - removed enigmail entirely from source package - removed obsolete patches * libffi-ppc64le.patch * ppc64le-support.patch * xpcom-ppc64le.patch - use GStreamer 1.0 after 13.1 - switched source archives to use xz instead of bz2 ------------------------------------------------------------------- Sun Jul 20 15:59:49 UTC 2014 - wr@rosenauer.org - update to Thunderbird 24.7.0 (bnc#887746) * MFSA 2014-56/CVE-2014-1547/CVE-2014-1548 Miscellaneous memory safety hazards * MFSA 2014-61/CVE-2014-1555 (bmo#1023121) Use-after-free with FireOnStateChange event * MFSA 2014-62/CVE-2014-1556 (bmo#1028891) Exploitable WebGL crash with Cesium JavaScript library * MFSA 2014-63/CVE-2014-1544 (bmo#963150) Use-after-free while when manipulating certificates in the trusted cache (solved with NSS 3.16.2 requirement) * MFSA 2014-64/CVE-2014-1557 (bmo#913805) Crash in Skia library when scaling high quality images - disabled enigmail build as with version 1.7 it's a standalone source package ------------------------------------------------------------------- Sat Jun 7 09:07:06 UTC 2014 - wr@rosenauer.org - update to Thunderbird 24.6.0 (bnc#881874) * MFSA 2014-48/CVE-2014-1533/CVE-2014-1534 (bmo#921622, bmo#967354, bmo#969517, bmo#969549, bmo#973874, bmo#978652, bmo#978811, bmo#988719, bmo#990868, bmo#991981, bmo#992274, bmo#994907, bmo#995679, bmo#995816, bmo#995817, bmo#996536, bmo#996715, bmo#999651, bmo#1000598, bmo#1000960, bmo#1002340, bmo#1005578, bmo#1007223, bmo#1009952, bmo#1011007) Miscellaneous memory safety hazards (rv:30.0 / rv:24.6) * MFSA 2014-49/CVE-2014-1536/CVE-2014-1537/CVE-2014-1538 (bmo#989994, bmo#999274, bmo#1005584) Use-after-free and out of bounds issues found using Address Sanitizer * MFSA 2014-52/CVE-2014-1541 (bmo#1000185) Use-after-free with SMIL Animation Controller * MFSA 2014-55/CVE-2014-1545 (bmo#1018783) Out of bounds write in NSPR - require NSPR 4.10.6 because of MFSA 2014-55/CVE-2014-1545 ------------------------------------------------------------------- Fri Apr 25 09:41:14 UTC 2014 - wr@rosenauer.org - update to Thunderbird 24.5.0 (bnc#875378) * MFSA 2014-34/CVE-2014-1518 Miscellaneous memory safety hazards * MFSA 2014-37/CVE-2014-1523 (bmo#969226) Out of bounds read while decoding JPG images * MFSA 2014-38/CVE-2014-1524 (bmo#989183) Buffer overflow when using non-XBL object as XBL * MFSA 2014-42/CVE-2014-1529 (bmo#987003) Privilege escalation through Web Notification API * MFSA 2014-43/CVE-2014-1530 (bmo#895557) Cross-site scripting (XSS) using history navigations * MFSA 2014-44/CVE-2014-1531 (bmo#987140) Use-after-free in imgLoader while resizing images * MFSA 2014-46/CVE-2014-1532 (bmo#966006) Use-after-free in nsHostResolver - use shipped-locales as the authoritative source for supported locales (some unsupported locales disappear from -other package) ------------------------------------------------------------------- Tue Mar 18 21:45:43 UTC 2014 - wr@rosenauer.org - update to Thunderbird 24.4.0 (bnc#868603) * MFSA 2014-15/CVE-2014-1493/CVE-2014-1494 Miscellaneous memory safety hazards * MFSA 2014-17/CVE-2014-1497 (bmo#966311) Out of bounds read during WAV file decoding * MFSA 2014-26/CVE-2014-1508 (bmo#963198) Information disclosure through polygon rendering in MathML * MFSA 2014-27/CVE-2014-1509 (bmo#966021) Memory corruption in Cairo during PDF font rendering * MFSA 2014-28/CVE-2014-1505 (bmo#941887) SVG filters information disclosure through feDisplacementMap * MFSA 2014-29/CVE-2014-1510/CVE-2014-1511 (bmo#982906, bmo#982909) Privilege escalation using WebIDL-implemented APIs * MFSA 2014-30/CVE-2014-1512 (bmo#982957) Use-after-free in TypeObject * MFSA 2014-31/CVE-2014-1513 (bmo#982974) Out-of-bounds read/write through neutering ArrayBuffer objects * MFSA 2014-32/CVE-2014-1514 (bmo#983344) Out-of-bounds write through TypedArrayObject after neutering ------------------------------------------------------------------- Mon Feb 3 16:07:28 UTC 2014 - wr@rosenauer.org - update to Thunderbird 24.3.0 (bnc#861847) * MFSA 2014-01/CVE-2014-1477/CVE-2014-1478 Miscellaneous memory safety hazards (rv:27.0 / rv:24.3) * MFSA 2014-02/CVE-2014-1479 (bmo#911864) Clone protected content with XBL scopes * MFSA 2014-04/CVE-2014-1482 (bmo#943803) Incorrect use of discarded images by RasterImage * MFSA 2014-08/CVE-2014-1486 (bmo#942164) Use-after-free with imgRequestProxy and image proccessing * MFSA 2014-09/CVE-2014-1487 (bmo#947592) Cross-origin information leak through web workers * MFSA 2014-12/CVE-2014-1490/CVE-2014-1491 (bmo#934545, bmo#930874, bmo#930857) NSS ticket handling issues * MFSA 2014-13/CVE-2014-1481(bmo#936056) Inconsistent JavaScript handling of access to Window objects - requires NSS 3.15.4 - renamed ppc64le patches to streamline with Firefox package ------------------------------------------------------------------- Fri Dec 13 21:29:16 UTC 2013 - uweigand@de.ibm.com - Add support for powerpc64le-linux. * ppc64le-support.patch: general support * libffi-ppc64le.patch: libffi backport * xpcom-ppc64le.patch: port xpcom ------------------------------------------------------------------- Sun Dec 8 10:18:03 UTC 2013 - wr@rosenauer.org - update to Thunderbird 24.2.0 (bnc#854370) * requires NSS 3.15.3.1 or higher * MFSA 2013-104/CVE-2013-5609/CVE-2013-5610 Miscellaneous memory safety hazards * MFSA 2013-108/CVE-2013-5616 (bmo#938341) Use-after-free in event listeners * MFSA 2013-109/CVE-2013-5618 (bmo#926361) Use-after-free during Table Editing * MFSA 2013-111/CVE-2013-6671 (bmo#930281) Segmentation violation when replacing ordered list elements * MFSA 2013-113/CVE-2013-6673 (bmo#970380) Trust settings for built-in roots ignored during EV certificate validation * MFSA 2013-114/CVE-2013-5613 (bmo#930381, bmo#932449) Use-after-free in synthetic mouse movement * MFSA 2013-115/CVE-2013-5615 (bmo#929261) GetElementIC typed array stubs can be generated outside observed typesets * MFSA 2013-116/CVE-2013-6629/CVE-2013-6630 (bmo#891693) JPEG information leak * MFSA 2013-117 (bmo#946351) Mis-issued ANSSI/DCSSI certificate (fixed via NSS 3.15.3.1) ------------------------------------------------------------------- Tue Nov 19 08:08:00 UTC 2013 - wr@rosenauer.org - update to Thunderbird 24.1.1 * requires NSPR 4.10.2 and NSS 3.15.3 for security reasons * fix binary compatibility issues for patch level updates (bmo#927073) ------------------------------------------------------------------- Thu Oct 24 17:18:23 UTC 2013 - wr@rosenauer.org - update to Thunderbird 24.1.0 (bnc#847708) * requires NSS 3.15.2 or above * MFSA 2013-93/CVE-2013-5590/CVE-2013-5591/CVE-2013-5592 Miscellaneous memory safety hazards * MFSA 2013-94/CVE-2013-5593 (bmo#868327) Spoofing addressbar through SELECT element * MFSA 2013-95/CVE-2013-5604 (bmo#914017) Access violation with XSLT and uninitialized data * MFSA 2013-96/CVE-2013-5595 (bmo#916580) Improperly initialized memory and overflows in some JavaScript functions * MFSA 2013-97/CVE-2013-5596 (bmo#910881) Writing to cycle collected object during image decoding * MFSA 2013-98/CVE-2013-5597 (bmo#918864) Use-after-free when updating offline cache * MFSA 2013-100/CVE-2013-5599/CVE-2013-5600/CVE-2013-5601 (bmo#915210, bmo#915576, bmo#916685) Miscellaneous use-after-free issues found through ASAN fuzzing * MFSA 2013-101/CVE-2013-5602 (bmo#897678) Memory corruption in workers * MFSA 2013-102/CVE-2013-5603 (bmo#916404) Use-after-free in HTML document templates ------------------------------------------------------------------- Thu Oct 10 14:43:22 UTC 2013 - wr@rosenauer.org - update to Thunderbird 24.0.1 * fqdn for smtp server name was not accepted (bmo#913785) * fixed crash in PL_strncasecmp (bmo#917955) - update Enigmail to 1.6 * The passphrase timeout configuration in Enigmail is now read and written from/to gpg-agent. * New dialog to change the expiry date of keys * New function to search for the OpenPGP keys of all Address Book entries on a keyserver * removed obsolete enigmail-build.patch ------------------------------------------------------------------- Sat Sep 14 20:32:28 UTC 2013 - wr@rosenauer.org - update to Thunderbird 24.0 (bnc#840485) * MFSA 2013-76/CVE-2013-1718/CVE-2013-1719 Miscellaneous memory safety hazards * MFSA 2013-77/CVE-2013-1720 (bmo#888820) Improper state in HTML5 Tree Builder with templates * MFSA 2013-79/CVE-2013-1722 (bmo#893308) Use-after-free in Animation Manager during stylesheet cloning * MFSA 2013-80/CVE-2013-1723 (bmo#891292) NativeKey continues handling key messages after widget is destroyed * MFSA 2013-81/CVE-2013-1724 (bmo#894137) Use-after-free with select element * MFSA 2013-82/CVE-2013-1725 (bmo#876762) Calling scope for new Javascript objects can lead to memory corruption * MFSA 2013-85/CVE-2013-1728 (bmo#883686) Uninitialized data in IonMonkey * MFSA 2013-88/CVE-2013-1730 (bmo#851353) Compartment mismatch re-attaching XBL-backed nodes * MFSA 2013-89/CVE-2013-1732 (bmo#883514) Buffer overflow with multi-column, lists, and floats * MFSA 2013-90/CVE-2013-1735/CVE-2013-1736 (bmo#898871, bmo#906301) Memory corruption involving scrolling * MFSA 2013-91/CVE-2013-1737 (bmo#907727) User-defined properties on DOM proxies get the wrong "this" object * MFSA 2013-92/CVE-2013-1738 (bmo#887334, bmo#882897) GC hazard with default compartments and frame chain restoration - moved greek to common translation package - require NSPR 4.10 and NSS 3.15.1 - add GStreamer build requirements for Gecko - added enigmail-build.patch to fix TB packaging (bmo#886095) - removed obsolete patches: * enigmail-old-gcc.patch * mozilla-gcc43-enums.patch * mozilla-gcc43-template_hacks.patch * mozilla-gcc43-templates_instantiation.patch * ppc-xpcshell.patch ------------------------------------------------------------------- Fri Aug 2 06:01:03 UTC 2013 - wr@rosenauer.org - update to Thunderbird 17.0.8 (bnc#833389) * MFSA 2013-63/CVE-2013-1701 Miscellaneous memory safety hazards * MFSA 2013-68/CVE-2013-1709 (bmo#838253) Document URI misrepresentation and masquerading * MFSA 2013-69/CVE-2013-1710 (bmo#871368) CRMF requests allow for code execution and XSS attacks * MFSA 2013-72/CVE-2013-1713 (bmo#887098) Wrong principal used for validating URI for some Javascript components * MFSA 2013-73/CVE-2013-1714 (bmo#879787) Same-origin bypass with web workers and XMLHttpRequest * MFSA 2013-75/CVE-2013-1717 (bmo#406541, bmo#738397) Local Java applets may read contents of local file system ------------------------------------------------------------------- Wed Jul 17 17:28:39 UTC 2013 - wr@rosenauer.org - update Enigmail to 1.5.2 * bugfix release ------------------------------------------------------------------- Mon Jun 24 10:17:22 UTC 2013 - wr@rosenauer.org - update to Thunderbird 17.0.7 (bnc#825935) * MFSA 2013-49/CVE-2013-1682 Miscellaneous memory safety hazards * MFSA 2013-50/CVE-2013-1684/CVE-2013-1685/CVE-2013-1686 Memory corruption found using Address Sanitizer * MFSA 2013-51/CVE-2013-1687 (bmo#863933, bmo#866823) Privileged content access and execution via XBL * MFSA 2013-53/CVE-2013-1690 (bmo#857883) Execution of unmapped memory through onreadystatechange event * MFSA 2013-54/CVE-2013-1692 (bmo#866915) Data in the body of XHR HEAD requests leads to CSRF attacks * MFSA 2013-55/CVE-2013-1693 (bmo#711043) SVG filters can lead to information disclosure * MFSA 2013-56/CVE-2013-1694 (bmo#848535) PreserveWrapper has inconsistent behavior * MFSA 2013-59/CVE-2013-1697 (bmo#858101) XrayWrappers can be bypassed to run user defined methods in a privileged context ------------------------------------------------------------------- Tue Jun 4 20:41:42 UTC 2013 - dvaleev@suse.com - prevent xpc-shell crashing on powerpc ppc-xpcshell.patch ------------------------------------------------------------------- Sat May 11 08:46:37 UTC 2013 - wr@rosenauer.org - update to Thunderbird 17.0.6 (bnc#819204) * MFSA 2013-41/CVE-2013-0801/CVE-2013-1669 Miscellaneous memory safety hazards * MFSA 2013-42/CVE-2013-1670 (bmo#853709) Privileged access for content level constructor * MFSA 2013-46/CVE-2013-1674 (bmo#860971) Use-after-free with video and onresize event * MFSA 2013-47/CVE-2013-1675 (bmo#866825) Uninitialized functions in DOMSVGZoomEvent * MFSA 2013-48/CVE-2013-1676/CVE-2013-1677/CVE-2013-1678/ CVE-2013-1679/CVE-2013-1680/CVE-2013-1681 Memory corruption found using Address Sanitizer ------------------------------------------------------------------- Fri Mar 29 18:25:38 UTC 2013 - wr@rosenauer.org - update to Thunderbird 17.0.5 (bnc#813026) * requires NSPR 4.9.5 and NSS 3.14.3 * MFSA 2013-30/CVE-2013-0788/CVE-2013-0789 Miscellaneous memory safety hazards * MFSA 2013-31/CVE-2013-0800 (bmo#825721) Out-of-bounds write in Cairo library * MFSA 2013-35/CVE-2013-0796 (bmo#827106) WebGL crash with Mesa graphics driver on Linux * MFSA 2013-36/CVE-2013-0795 (bmo#825697) Bypass of SOW protections allows cloning of protected nodes * MFSA 2013-38/CVE-2013-0793 (bmo#803870) Cross-site scripting (XSS) using timed history navigations ------------------------------------------------------------------- Fri Mar 8 10:35:29 UTC 2013 - wr@rosenauer.org - update to Thunderbird 17.0.4 (bnc#808243) * MFSA 2013-29/CVE-2013-0787 (bmo#848644) Use-after-free in HTML Editor ------------------------------------------------------------------- Sun Feb 17 12:09:06 UTC 2013 - wr@rosenauer.org - update to Thunderbird 17.0.3 (bnc#804248) * MFSA 2013-21/CVE-2013-0783 Miscellaneous memory safety hazards * MFSA 2013-24/CVE-2013-0773 (bmo#809652) Web content bypass of COW and SOW security wrappers * MFSA 2013-25/CVE-2013-0774 (bmo#827193) Privacy leak in JavaScript Workers * MFSA 2013-26/CVE-2013-0775 (bmo#831095) Use-after-free in nsImageLoadingContent * MFSA 2013-27/CVE-2013-0776 (bmo#796475) Phishing on HTTPS connection through malicious proxy * MFSA 2013-28/CVE-2013-0780/CVE-2013-0782 Use-after-free, out of bounds read, and buffer overflow issues found using Address Sanitizer ------------------------------------------------------------------- Mon Feb 11 08:25:24 UTC 2013 - wr@rosenauer.org - update Enigmail to 1.5.1 * The release fixes the regressions found in the past few weeks ------------------------------------------------------------------- Sat Jan 5 12:40:00 UTC 2013 - wr@rosenauer.org - update to Thunderbird 17.0.2 (bnc#796895) * MFSA 2013-01/CVE-2013-0749/CVE-2013-0769/CVE-2013-0770 Miscellaneous memory safety hazards * MFSA 2013-02/CVE-2013-0760/CVE-2013-0762/CVE-2013-0766/CVE-2013-0767 CVE-2013-0761/CVE-2013-0763/CVE-2013-0771/CVE-2012-5829 Use-after-free and buffer overflow issues found using Address Sanitizer * MFSA 2013-03/CVE-2013-0768 (bmo#815795) Buffer Overflow in Canvas * MFSA 2013-04/CVE-2012-0759 (bmo#802026) URL spoofing in addressbar during page loads * MFSA 2013-05/CVE-2013-0744 (bmo#814713) Use-after-free when displaying table with many columns and column groups * MFSA 2013-07/CVE-2013-0764 (bmo#804237) Crash due to handling of SSL on threads * MFSA 2013-08/CVE-2013-0745 (bmo#794158) AutoWrapperChanger fails to keep objects alive during garbage collection * MFSA 2013-09/CVE-2013-0746 (bmo#816842) Compartment mismatch with quickstubs returned values * MFSA 2013-10/CVE-2013-0747 (bmo#733305) Event manipulation in plugin handler to bypass same-origin policy * MFSA 2013-11/CVE-2013-0748 (bmo#806031) Address space layout leaked in XBL objects * MFSA 2013-12/CVE-2013-0750 (bmo#805121) Buffer overflow in Javascript string concatenation * MFSA 2013-13/CVE-2013-0752 (bmo#805024) Memory corruption in XBL with XML bindings containing SVG * MFSA 2013-14/CVE-2013-0757 (bmo#813901) Chrome Object Wrapper (COW) bypass through changing prototype * MFSA 2013-15/CVE-2013-0758 (bmo#813906) Privilege escalation through plugin objects * MFSA 2013-16/CVE-2013-0753 (bmo#814001) Use-after-free in serializeToStream * MFSA 2013-17/CVE-2013-0754 (bmo#814026) Use-after-free in ListenerManager * MFSA 2013-18/CVE-2013-0755 (bmo#814027) Use-after-free in Vibrate * MFSA 2013-19/CVE-2013-0756 (bmo#814029) Use-after-free in Javascript Proxy objects - requires NSS 3.14.1 (MFSA 2013-20, CVE-2013-0743) - update Enigmail to 1.5.0 ------------------------------------------------------------------- Mon Nov 26 11:10:11 UTC 2012 - wr@rosenauer.org - fix KDE integration for file dialogs - fix some rpmlint warnings (mkdir.done files) - build on SLE11 * mozilla-gcc43-enums.patch * mozilla-gcc43-template_hacks.patch * mozilla-gcc43-templates_instantiation.patch ------------------------------------------------------------------- Tue Nov 20 20:42:04 UTC 2012 - wr@rosenauer.org - update to Thunderbird 17.0 (bnc#790140) * MFSA 2012-91/CVE-2012-5842/CVE-2012-5843 Miscellaneous memory safety hazards * MFSA 2012-92/CVE-2012-4202 (bmo#758200) Buffer overflow while rendering GIF images * MFSA 2012-93/CVE-2012-4201 (bmo#747607) evalInSanbox location context incorrectly applied * MFSA 2012-94/CVE-2012-5836 (bmo#792857) Crash when combining SVG text on path with CSS * MFSA 2012-96/CVE-2012-4204 (bmo#778603) Memory corruption in str_unescape * MFSA 2012-97/CVE-2012-4205 (bmo#779821) XMLHttpRequest inherits incorrect principal within sandbox * MFSA 2012-99/CVE-2012-4208 (bmo#798264) XrayWrappers exposes chrome-only properties when not in chrome compartment * MFSA 2012-100/CVE-2012-5841 (bmo#805807) Improper security filtering for cross-origin wrappers * MFSA 2012-101/CVE-2012-4207 (bmo#801681) Improper character decoding in HZ-GB-2312 charset * MFSA 2012-102/CVE-2012-5837 (bmo#800363) Script entered into Developer Toolbar runs with chrome privileges * MFSA 2012-103/CVE-2012-4209 (bmo#792405) Frames can shadow top.location * MFSA 2012-105/CVE-2012-4214/CVE-2012-4215/CVE-2012-4216/ CVE-2012-5829/CVE-2012-5839/CVE-2012-5840/CVE-2012-4212/ CVE-2012-4213/CVE-2012-4217/CVE-2012-4218 Use-after-free and buffer overflow issues found using Address Sanitizer * MFSA 2012-106/CVE-2012-5830/CVE-2012-5833/CVE-2012-5835/CVE-2012-5838 Use-after-free, buffer overflow, and memory corruption issues found using Address Sanitizer - rebased patches - disabled WebRTC since build is broken (bmo#776877) - update Enigmail to 1.4.6 ------------------------------------------------------------------- Sat Oct 27 08:58:22 UTC 2012 - wr@rosenauer.org - update to Thunderbird 16.0.2 (bnc#786522) * MFSA 2012-90/CVE-2012-4194/CVE-2012-4195/CVE-2012-4196 (bmo#800666, bmo#793121, bmo#802557) Fixes for Location object issues ------------------------------------------------------------------- Thu Oct 11 03:16:52 UTC 2012 - wr@rosenauer.org - update to Thunderbird 16.0.1 (bnc#783533) * MFSA 2012-88/CVE-2012-4191 (bmo#798045) Miscellaneous memory safety hazards * MFSA 2012-89/CVE-2012-4192/CVE-2012-4193 (bmo#799952, bmo#720619) defaultValue security checks not applied ------------------------------------------------------------------- Mon Oct 8 13:27:10 UTC 2012 - wr@rosenauer.org - update to Thunderbird 16.0 (bnc#783533) * MFSA 2012-74/CVE-2012-3982/CVE-2012-3983 Miscellaneous memory safety hazards * MFSA 2012-75/CVE-2012-3984 (bmo#575294) select element persistance allows for attacks * MFSA 2012-76/CVE-2012-3985 (bmo#655649) Continued access to initial origin after setting document.domain * MFSA 2012-77/CVE-2012-3986 (bmo#775868) Some DOMWindowUtils methods bypass security checks * MFSA 2012-79/CVE-2012-3988 (bmo#725770) DOS and crash with full screen and history navigation * MFSA 2012-80/CVE-2012-3989 (bmo#783867) Crash with invalid cast when using instanceof operator * MFSA 2012-81/CVE-2012-3991 (bmo#783260) GetProperty function can bypass security checks * MFSA 2012-82/CVE-2012-3994 (bmo#765527) top object and location property accessible by plugins * MFSA 2012-83/CVE-2012-3993/CVE-2012-4184 (bmo#768101, bmo#780370) Chrome Object Wrapper (COW) does not disallow acces to privileged functions or properties * MFSA 2012-84/CVE-2012-3992 (bmo#775009) Spoofing and script injection through location.hash * MFSA 2012-85/CVE-2012-3995/CVE-2012-4179/CVE-2012-4180/ CVE-2012-4181/CVE-2012-4182/CVE-2012-4183 Use-after-free, buffer overflow, and out of bounds read issues found using Address Sanitizer * MFSA 2012-86/CVE-2012-4185/CVE-2012-4186/CVE-2012-4187/ CVE-2012-4188 Heap memory corruption issues found using Address Sanitizer * MFSA 2012-87/CVE-2012-3990 (bmo#787704) Use-after-free in the IME State Manager - update Enigmail to version 1.4.5 ------------------------------------------------------------------- Sun Aug 26 14:59:20 UTC 2012 - wr@rosenauer.org - update to Thunderbird 15.0 (bnc#777588) * MFSA 2012-57/CVE-2012-1970 Miscellaneous memory safety hazards * MFSA 2012-58/CVE-2012-1972/CVE-2012-1973/CVE-2012-1974/CVE-2012-1975 CVE-2012-1976/CVE-2012-3956/CVE-2012-3957/CVE-2012-3958/CVE-2012-3959 CVE-2012-3960/CVE-2012-3961/CVE-2012-3962/CVE-2012-3963/CVE-2012-3964 Use-after-free issues found using Address Sanitizer * MFSA 2012-59/CVE-2012-1956 (bmo#756719) Location object can be shadowed using Object.defineProperty * MFSA 2012-61/CVE-2012-3966 (bmo#775794, bmo#775793) Memory corruption with bitmap format images with negative height * MFSA 2012-62/CVE-2012-3967/CVE-2012-3968 WebGL use-after-free and memory corruption * MFSA 2012-63/CVE-2012-3969/CVE-2012-3970 SVG buffer overflow and use-after-free issues * MFSA 2012-64/CVE-2012-3971 Graphite 2 memory corruption * MFSA 2012-65/CVE-2012-3972 (bmo#746855) Out-of-bounds read in format-number in XSLT * MFSA 2012-68/CVE-2012-3975 (bmo#770684) DOMParser loads linked resources in extensions when parsing text/html * MFSA 2012-70/CVE-2012-3978 (bmo#770429) Location object security checks bypassed by chrome code * MFSA 2012-72/CVE-2012-3980 (bmo#771859) Web console eval capable of executing chrome-privileged code - update Enigmail to 1.4.4 ------------------------------------------------------------------- Sun Jul 29 07:22:19 UTC 2012 - aj@suse.de - Fix mozilla-kde.patch to include sys/resource.h for getrlimit etc (glibc 2.16) ------------------------------------------------------------------- Sun Jul 15 08:06:50 UTC 2012 - wr@rosenauer.org - update to Thunderbird 14.0 (bnc#771583) * MFSA 2012-42/CVE-2012-1949/CVE-2012-1948 Miscellaneous memory safety hazards * MFSA 2012-44/CVE-2012-1951/CVE-2012-1954/CVE-2012-1953/CVE-2012-1952 Gecko memory corruption * MFSA 2012-45/CVE-2012-1955 (bmo#757376) Spoofing issue with location * MFSA 2012-47/CVE-2012-1957 (bmo#750096) Improper filtering of javascript in HTML feed-view * MFSA 2012-48/CVE-2012-1958 (bmo#750820) use-after-free in nsGlobalWindow::PageHidden * MFSA 2012-49/CVE-2012-1959 (bmo#754044, bmo#737559) Same-compartment Security Wrappers can be bypassed * MFSA 2012-50/CVE-2012-1960 (bmo#761014) Out of bounds read in QCMS * MFSA 2012-51/CVE-2012-1961 (bmo#761655) X-Frame-Options header ignored when duplicated * MFSA 2012-52/CVE-2012-1962 (bmo#764296) JSDependentString::undepend string conversion results in memory corruption * MFSA 2012-53/CVE-2012-1963 (bmo#767778) Content Security Policy 1.0 implementation errors cause data leakage * MFSA 2012-56/CVE-2012-1967 (bmo#758344) Code execution through javascript: URLs * relicensed to MPL-2.0 - update Enigmail to 1.4.3 ------------------------------------------------------------------- Thu Jul 5 09:58:15 UTC 2012 - adrian@suse.de - no crashreport on %arm, fixing build ------------------------------------------------------------------- Fri Jun 15 07:00:43 UTC 2012 - wr@rosenauer.org - update to Thunderbird 13.0.1 * bugfix release ------------------------------------------------------------------- Sat Jun 2 12:41:08 UTC 2012 - wr@rosenauer.org - update to Thunderbird 13.0 (bnc#765204) * MFSA 2012-34/CVE-2012-1938/CVE-2012-1937/CVE-2011-3101 Miscellaneous memory safety hazards * MFSA 2012-36/CVE-2012-1944 (bmo#751422) Content Security Policy inline-script bypass * MFSA 2012-37/CVE-2012-1945 (bmo#670514) Information disclosure though Windows file shares and shortcut files * MFSA 2012-38/CVE-2012-1946 (bmo#750109) Use-after-free while replacing/inserting a node in a document * MFSA 2012-40/CVE-2012-1947/CVE-2012-1940/CVE-2012-1941 Buffer overflow and use-after-free issues found using Address Sanitizer - require NSS 3.13.4 * MFSA 2012-39/CVE-2012-0441 (bmo#715073) - fix build with system NSPR (mozilla-system-nspr.patch) - add dependentlibs.list for improved XRE startup - update enigmail to 1.4.2 ------------------------------------------------------------------- Wed May 16 05:38:46 UTC 2012 - wr@rosenauer.org - reenabled crashreporter for Factory/12.2 (fix in mozilla-gcc47.patch) ------------------------------------------------------------------- Mon Apr 30 06:43:26 UTC 2012 - wr@rosenauer.org - update to Thunderbird 12.0.1 * fix regressions - POP3 filters (bmo#748090) - Message Body not loaded when using "Fetch Headers Only" (bmo#748865) - Received messages contain parts of other messages with movemail account (bmo#748726) - New mail notification issue (bmo#748997) - crash in nsMsgDatabase::MatchDbName (bmo#748432) ------------------------------------------------------------------- Fri Apr 27 10:22:49 UTC 2012 - wr@rosenauer.org - fixed build with gcc 4.7 ------------------------------------------------------------------- Sat Apr 21 07:39:28 UTC 2012 - wr@rosenauer.org - update to Thunderbird 12.0 (bnc#758408) * MFSA 2012-20/CVE-2012-0467/CVE-2012-0468 Miscellaneous memory safety hazards * MFSA 2012-22/CVE-2012-0469 (bmo#738985) use-after-free in IDBKeyRange * MFSA 2012-23/CVE-2012-0470 (bmo#734288) Invalid frees causes heap corruption in gfxImageSurface * MFSA 2012-24/CVE-2012-0471 (bmo#715319) Potential XSS via multibyte content processing errors * MFSA 2012-25/CVE-2012-0472 (bmo#744480) Potential memory corruption during font rendering using cairo-dwrite * MFSA 2012-26/CVE-2012-0473 (bmo#743475) WebGL.drawElements may read illegal video memory due to FindMaxUshortElement error * MFSA 2012-27/CVE-2012-0474 (bmo#687745, bmo#737307) Page load short-circuit can lead to XSS * MFSA 2012-28/CVE-2012-0475 (bmo#694576) Ambiguous IPv6 in Origin headers may bypass webserver access restrictions * MFSA 2012-29/CVE-2012-0477 (bmo#718573) Potential XSS through ISO-2022-KR/ISO-2022-CN decoding issues * MFSA 2012-30/CVE-2012-0478 (bmo#727547) Crash with WebGL content using textImage2D * MFSA 2012-31/CVE-2011-3062 (bmo#739925) Off-by-one error in OpenType Sanitizer * MFSA 2012-32/CVE-2011-1187 (bmo#624621) HTTP Redirections and remote content can be read by javascript errors * MFSA 2012-33/CVE-2012-0479 (bmo#714631) Potential site identity spoofing when loading RSS and Atom feeds - update Enigmail to 1.4.1 - added mozilla-revert_621446.patch - added mozilla-libnotify.patch (bmo#737646) - added mailnew-showalert.patch (bmo#739146) - added mozilla-gcc47.patch and mailnews-literals.patch to fix compilation issues with recent gcc 4.7 - disabled crashreporter temporarily for Factory (gcc 4.7 issue) ------------------------------------------------------------------- Tue Mar 27 22:17:05 UTC 2012 - wr@rosenauer.org - update to Thunderbird 11.0.1 (bnc#755060) * Fixing an issue where filters can get messed up (bmo#735940) * Fixes a hang when switching IMAP folders, or doing other imap functions (bmo#733731) ------------------------------------------------------------------- Fri Mar 9 20:42:21 UTC 2012 - wr@rosenauer.org - update to Thunderbird 11.0 (bnc#750044) * MFSA 2012-13/CVE-2012-0455 (bmo#704354) XSS with Drag and Drop and Javascript: URL * MFSA 2012-14/CVE-2012-0456/CVE-2012-0457 (bmo#711653, #720103) SVG issues found with Address Sanitizer * MFSA 2012-15/CVE-2012-0451 (bmo#717511) XSS with multiple Content Security Policy headers * MFSA 2012-16/CVE-2012-0458 Escalation of privilege with Javascript: URL as home page * MFSA 2012-17/CVE-2012-0459 (bmo#723446) Crash when accessing keyframe cssText after dynamic modification * MFSA 2012-18/CVE-2012-0460 (bmo#727303) window.fullScreen writeable by untrusted content * MFSA 2012-19/CVE-2012-0461/CVE-2012-0462/CVE-2012-0464/ CVE-2012-0463 Miscellaneous memory safety hazards - update enigmail to 1.4 - added KDE integration patches (bnc#749440) ------------------------------------------------------------------- Mon Feb 27 17:15:05 CET 2012 - jslaby@suse.de - update enigmail to 1.3.99 (1.4a1pre) ------------------------------------------------------------------- Thu Feb 16 10:54:42 UTC 2012 - wr@rosenauer.org - update to Thunderbird 10.0.2 (bnc#747328) * CVE-2011-3026 (bmo#727401) libpng: integer overflow leading to heap-buffer overflow ------------------------------------------------------------------- Thu Feb 9 08:10:32 UTC 2012 - wr@rosenauer.org - update to version 10.0.1 (bnc#746616) * MFSA 2012-10/CVE-2012-0452 (bmo#724284) use after free in nsXBLDocumentInfo::ReadPrototypeBindings - Use YARR interpreter instead of PCRE on platforms where YARR JIT is not supported, since PCRE doesnt build (bmo#691898) - fix ppc64 build (bmo#703534) ------------------------------------------------------------------- Sun Jan 29 17:31:32 UTC 2012 - wr@rosenauer.org - update to version 10.0 (bnc#744275) * MFSA 2012-01/CVE-2012-0442/CVE-2012-0443 Miscellaneous memory safety hazards * MFSA 2012-03/CVE-2012-0445 (bmo#701071)