rpm/MozillaThunderbird
SHA256
1
0
Fork 0
forked from pool/MozillaThunderbird
Code Pull Requests Activity
0830f41da7
MozillaThunderbird/create-tar.sh
Wolfgang Rosenauer 191740d32d - Mozilla Thunderbird 60.8.0 
* Calendar: Problems when editing event times, some related to
    AM/PM setting in non-English locales
  MFSA 2019-23   (boo#1140868)
  * CVE-2019-9811 (bmo#1538007, bmo#1539598, bmo#1563327)
    Sandbox escape via installation of malicious languagepack
  * CVE-2019-11711 (bmo#1552541)
    Script injection within domain through inner window reuse
  * CVE-2019-11712 (bmo#1543804)
    Cross-origin POST requests can be made with NPAPI plugins by
    following 308 redirects
  * CVE-2019-11713 (bmo#1528481)
    Use-after-free with HTTP/2 cached stream
  * CVE-2019-11729 (bmo#1515342)
    Empty or malformed p256-ECDH public keys may trigger a segmentation fault
  * CVE-2019-11715 (bmo#1555523)
    HTML parsing error can contribute to content XSS
  * CVE-2019-11717 (bmo#1548306)
    Caret character improperly escaped in origins
  * CVE-2019-11719 (bmo#1540541)
    Out-of-bounds read when importing curve25519 private key
  * CVE-2019-11730 (bmo#1558299)
    Same-origin policy treats all files in a directory as having the
    same-origin
  * CVE-2019-11709 (bmo#1547266, bmo#1540759, bmo#1548822, bmo#1550498
    bmo#1515052, bmo#1539219, bmo#1547757, bmo#1550498, bmo#1533522)
    Memory safety bugs fixed in Firefox 68 and Firefox ESR 60.8 and
    Thunderbird 60.8

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=478
2019-07-12 06:49:32 +00:00

107 lines
3.4 KiB
Bash
Raw Blame History

#!/bin/bash
CHANNEL="esr60"
BRANCH="releases/comm-$CHANNEL"
RELEASE_TAG="ef6b0f0be269d5b7314fe9b359604c9f4f541055"
MOZ_RELEASE_TAG="eb76765892cfd646d3014e5f3b8df8c6753da2d2"
VERSION="60.8.0"
VERSION_SUFFIX=""
LOCALE_FILE="thunderbird-$VERSION/comm/mail/locales/l10n-changesets.json"
# check required tools
test -x /usr/bin/hg || ( echo "hg missing: execute zypper in mercurial"; exit 5 )
test -x /usr/bin/jq || ( echo "jq missing: execute zypper in jq"; exit 5 )
# use parallel compression, if available
compression='-J'
pixz -h > /dev/null 2>&1
if (($? != 127)); then
compression='-Ipixz'
fi
# we might have an upstream archive already and can skip the checkout
if [ -e thunderbird-$VERSION$VERSION_SUFFIX.source.tar.xz ]; then
echo "skip thunderbird checkout and use available archive"
# still need to extract the locale information from the archive
echo "extract locale list"
tar -xf thunderbird-$VERSION$VERSION_SUFFIX.source.tar.xz $LOCALE_FILE
# remove non-free untar licenced code from distributed tarball
#xz -d -v thunderbird-$VERSION$VERSION_SUFFIX.source.tar.xz && \
#tar -v --wildcards --delete -f thunderbird-$VERSION$VERSION_SUFFIX.source.tar \
# "thunderbird-${VERSION}/comm/other-licenses/7zstub" \
# "thunderbird-${VERSION}/other-licenses/7zstub" \
#&& \
#xz -9 -v thunderbird-$VERSION$VERSION_SUFFIX.source.tar
else
if [ -d thunderbird-$VERSION ]; then
pushd thunderbird-$VERSION
_repourl=$(hg paths)
case "$_repourl" in
*$BRANCH*)
echo "updating previous tree"
hg pull
popd
;;
* )
echo "removing obsolete tree"
popd
rm -rf thunderbird-$VERSION
;;
esac
fi
if [ ! -d thunderbird-$VERSION ]; then
echo "cloning new $BRANCH..."
hg clone http://hg.mozilla.org/releases/mozilla-$CHANNEL thunderbird-$VERSION
hg clone http://hg.mozilla.org/releases/comm-$CHANNEL thunderbird-$VERSION/comm
fi
pushd thunderbird-$VERSION
hg update --check $MOZ_RELEASE_TAG
pushd comm
hg update --check $RELEASE_TAG
popd
popd
echo "creating archive..."
rm -rf thunderbird-${VERSION}/{,comm/}other-licenses/7zstub
tar $compression -cf thunderbird-$VERSION.source.tar.xz --exclude=.hgtags --exclude=.hgignore --exclude=.hg --exclude=CVS thunderbird-${VERSION}
fi
# l10n
# http://l10n.mozilla.org/dashboard/?tree=tb30x -> shipped-locales
echo "fetching locales..."
test ! -d l10n && mkdir l10n
jq -r 'to_entries[]| "\(.key) \(.value|.revision)"' $LOCALE_FILE | \
while read locale changeset ; do
case $locale in
ja-JP-mac|en-US)
;;
*)
echo "reading changeset information for $locale"
echo "fetching $locale changeset $changeset ..."
#(
if [ -d l10n/$locale/.hg ]; then
(cd l10n/$locale; hg pull)
else
hg clone http://hg.mozilla.org/l10n-central/$locale l10n/$locale
fi
[ "$RELEASE_TAG" == "default" ] || hg -R l10n/$locale up -C -r $changeset
#) &
;;
esac
done
wait
echo "creating l10n archive..."
tar $compression -cf l10n-$VERSION.tar.xz \
--exclude=.hgtags --exclude=.hgignore --exclude=.hg --exclude=browser \
--exclude=suite \
l10n
# compare-locales
echo "creating compare-locales"
if [ -d compare-locales/.hg ]; then
(cd compare-locales; hg pull)
else
hg clone http://hg.mozilla.org/build/compare-locales
fi
tar $compression -cf compare-locales.tar.xz --exclude=.hgtags --exclude=.hgignore --exclude=.hg compare-locales
View Git Blame Copy Permalink