Hello community,
here is the log from the commit of package MozillaThunderbird for openSUSE:Factory checked in at 2016-09-01 14:01:48
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/MozillaThunderbird (Old)
and /work/SRC/openSUSE:Factory/.MozillaThunderbird.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "MozillaThunderbird"
Changes:
--------
--- /work/SRC/openSUSE:Factory/MozillaThunderbird/MozillaThunderbird.changes 2016-08-12 15:34:54.000000000 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaThunderbird.new/MozillaThunderbird.changes 2016-09-01 14:01:49.000000000 +0200
@@ -1,0 +2,38 @@
+Tue Aug 30 06:55:14 UTC 2016 - wr@rosenauer.org
+
+- update to Thunderbird 45.3.0 (boo#991809)
+ * Disposition-Notification-To could not be used in
+ mail.compose.other.header
+ * "edit as new message" on a received message pre-filled the sender
+ as the composing identity.
+ * Certain messages caused corruption of the drafts summary database.
+ security fixes:
+ * MFSA 2016-62/CVE-2016-2836
+ Miscellaneous memory safety hazards
+ * MFSA 2016-63/CVE-2016-2830 (bmo#1255270)
+ Favicon network connection can persist when page is closed
+ * MFSA 2016-64/CVE-2016-2838 (bmo#1279814)
+ Buffer overflow rendering SVG with bidirectional content
+ * MFSA 2016-65/CVE-2016-2839 (bmo#1275339)
+ Cairo rendering crash due to memory allocation issue with FFmpeg 0.10
+ * MFSA 2016-67/CVE-2016-5252 (bmo#1268854)
+ Stack underflow during 2D graphics rendering
+ * MFSA 2016-70/CVE-2016-5254 (bmo#1266963)
+ Use-after-free when using alt key and toplevel menus
+ * MFSA 2016-72/CVE-2016-5258 (bmo#1279146)
+ Use-after-free in DTLS during WebRTC session shutdown
+ * MFSA 2016-73/CVE-2016-5259 (bmo#1282992)
+ Use-after-free in service workers with nested sync events
+ * MFSA 2016-76/CVE-2016-5262 (bmo#1277475)
+ Scripts on marquee tag can execute in sandboxed iframes
+ * MFSA 2016-77/CVE-2016-2837 (bmo#1274637)
+ Buffer overflow in ClearKey Content Decryption Module (CDM)
+ during video playback
+ * MFSA 2016-78/CVE-2016-5263 (bmo#1276897)
+ Type confusion in display transformation
+ * MFSA 2016-79/CVE-2016-5264 (bmo#1286183)
+ Use-after-free when applying SVG effects
+ * MFSA 2016-80/CVE-2016-5265 (bmo#1278013)
+ Same-origin policy violation using local HTML file and saved shortcut file
+
+-------------------------------------------------------------------
Old:
----
l10n-45.2.tar.xz
thunderbird-45.2-source.tar.xz
New:
----
l10n-45.3.0.tar.xz
thunderbird-45.3.0-source.tar.xz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ MozillaThunderbird.spec ++++++
--- /var/tmp/diff_new_pack.alVDo2/_old 2016-09-01 14:02:02.000000000 +0200
+++ /var/tmp/diff_new_pack.alVDo2/_new 2016-09-01 14:02:02.000000000 +0200
@@ -1,7 +1,7 @@
#
# spec file for package MozillaThunderbird
#
-# Copyright (c) 2016 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
# 2006-2016 Wolfgang Rosenauer