Hello community,
here is the log from the commit of package MozillaThunderbird for openSUSE:Factory checked in at 2017-01-29 10:30:14
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/MozillaThunderbird (Old)
and /work/SRC/openSUSE:Factory/.MozillaThunderbird.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "MozillaThunderbird"
Changes:
--------
--- /work/SRC/openSUSE:Factory/MozillaThunderbird/MozillaThunderbird.changes 2017-01-04 19:29:15.557311410 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaThunderbird.new/MozillaThunderbird.changes 2017-02-03 17:30:36.756898194 +0100
@@ -1,0 +2,29 @@
+Tue Jan 24 20:43:57 UTC 2017 - wr@rosenauer.org
+
+- update to Thunderbird 45.7.0
+ * Message preview pane non-functional after IMAP folder was renamed
+ or moved
+ * "Move To" button on "Search Messages" panel not working
+ * Message sent to "undisclosed recipients" shows no recipient
+ (non-functional since Thunderbird version 38)
+ * Security updates from MFSA 2017-03 (Gecko 45.7.0) boo#1021991.
+ In general, these flaws cannot be exploited through email in
+ Thunderbird because scripting is disabled when reading mail,
+ but are potentially risks in browser or browser-like contexts:
+ CVE-2017-5375: Excessive JIT code allocation allows bypass of
+ ASLR and DEP (bmo#1325200, boo#1021814)
+ CVE-2017-5376: Use-after-free in XSL (bmo#1311687, boo#1021817)
+ CVE-2017-5378: Pointer and frame data leakage of Javascript objects
+ (bmo#1312001, bmo#1330769, boo#1021818)
+ CVE-2017-5380: Potential use-after-free during DOM manipulations
+ (bmo#1322107, boo#1021819)
+ CVE-2017-5390: Insecure communication methods in Developer Tools
+ JSON viewer (bmo#1297361, boo#1021820)
+ CVE-2017-5396: Use-after-free with Media Decoder
+ (bmo#1329403, boo#1021821)
+ CVE-2017-5383: Location bar spoofing with unicode characters
+ (bmo#1323338, bmo#1324716, boo#1021822)
+ CVE-2017-5373: Memory safety bugs fixed in Thunderbird 45.7
+ (boo#1021824)
+
+-------------------------------------------------------------------
Old:
----
l10n-45.6.0.tar.xz
thunderbird-45.6.0-source.tar.xz
New:
----
l10n-45.7.0.tar.xz
thunderbird-45.7.0-source.tar.xz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ MozillaThunderbird.spec ++++++
--- /var/tmp/diff_new_pack.EUVpPh/_old 2017-02-03 17:30:48.319261721 +0100
+++ /var/tmp/diff_new_pack.EUVpPh/_new 2017-02-03 17:30:48.319261721 +0100
@@ -1,8 +1,8 @@
#
# spec file for package MozillaThunderbird
#
-# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
-# 2006-2016 Wolfgang Rosenauer