commit MozillaThunderbird for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package MozillaThunderbird for openSUSE:Factory checked in at 2022-06-30 13:17:57 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/MozillaThunderbird (Old) and /work/SRC/openSUSE:Factory/.MozillaThunderbird.new.1548 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "MozillaThunderbird" Thu Jun 30 13:17:57 2022 rev:282 rq:985736 version:91.11.0 Changes: -------- --- /work/SRC/openSUSE:Factory/MozillaThunderbird/MozillaThunderbird.changes 2022-06-01 17:34:43.690745492 +0200 +++ /work/SRC/openSUSE:Factory/.MozillaThunderbird.new.1548/MozillaThunderbird.changes 2022-06-30 13:18:00.345517341 +0200 @@ -1,0 +2,32 @@ +Sun Jun 26 08:53:26 UTC 2022 - Wolfgang Rosenauer <wr@rosenauer.org> + +- Mozilla Thunderbird 91.11.0 + * CLIENTID fix for bmo#1759197 in Thunderbird 91.8.1 did not work + additional fix applied + * "Save-As" attachment dialog did not have filename pre-populated + MFSA 2022-26 (bsc#1200793) + * CVE-2022-34479 (bmo#1745595) + A popup window could be resized in a way to overlay the + address bar with web content + * CVE-2022-34470 (bmo#1765951) + Use-after-free in nsSHistory + * CVE-2022-34468 (bmo#1768537) + CSP sandbox header without `allow-scripts` can be bypassed + via retargeted javascript: URI + * CVE-2022-2226 (bmo#1775441) + An email with a mismatching OpenPGP signature date was + accepted as valid + * CVE-2022-34481 (bmo#1497246) + Potential integer overflow in ReplaceElementsAt + * CVE-2022-31744 (bmo#1757604) + CSP bypass enabling stylesheet injection + * CVE-2022-34472 (bmo#1770123) + Unavailable PAC file resulted in OCSP requests being blocked + * CVE-2022-34478 (bmo#1773717) + Microsoft protocols can be attacked if a user accepts a prompt + * CVE-2022-2200 (bmo#1771381) + Undesired attributes could be set as part of prototype pollution + * CVE-2022-34484 (bmo#1763634, bmo#1772651) + Memory safety bugs fixed in Thunderbird 91.11 and Thunderbird 102 + +------------------------------------------------------------------- Old: ---- l10n-91.10.0.tar.xz thunderbird-91.10.0.source.tar.xz thunderbird-91.10.0.source.tar.xz.asc New: ---- l10n-91.11.0.tar.xz thunderbird-91.11.0.source.tar.xz thunderbird-91.11.0.source.tar.xz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ MozillaThunderbird.spec ++++++ --- /var/tmp/diff_new_pack.PvrHMd/_old 2022-06-30 13:18:07.565522754 +0200 +++ /var/tmp/diff_new_pack.PvrHMd/_new 2022-06-30 13:18:07.569522758 +0200 @@ -29,8 +29,8 @@ # major 69 # mainver %major.99 %define major 91 -%define mainver %major.10.0 -%define orig_version 91.10.0 +%define mainver %major.11.0 +%define orig_version 91.11.0 %define orig_suffix %{nil} %define update_channel release %define source_prefix thunderbird-%{orig_version} ++++++ l10n-91.10.0.tar.xz -> l10n-91.11.0.tar.xz ++++++ ++++++ tar_stamps ++++++ --- /var/tmp/diff_new_pack.PvrHMd/_old 2022-06-30 13:18:07.789522922 +0200 +++ /var/tmp/diff_new_pack.PvrHMd/_new 2022-06-30 13:18:07.793522926 +0200 @@ -1,11 +1,11 @@ PRODUCT="thunderbird" CHANNEL="esr91" -VERSION="91.10.0" +VERSION="91.11.0" VERSION_SUFFIX="" -PREV_VERSION="91.9.1" +PREV_VERSION="91.10.0" PREV_VERSION_SUFFIX="" #SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation RELEASE_REPO="https://hg.mozilla.org/releases/comm-esr91" -RELEASE_TAG="a52d41376d0374e23a0848e42a21454150c4d6a2" -RELEASE_TIMESTAMP="20220520005021" +RELEASE_TAG="da48e7ecf800ec7761a3b6e0ca81e0c90adc30f7" +RELEASE_TIMESTAMP="20220628000715" ++++++ thunderbird-91.10.0.source.tar.xz -> thunderbird-91.11.0.source.tar.xz ++++++ /work/SRC/openSUSE:Factory/MozillaThunderbird/thunderbird-91.10.0.source.tar.xz /work/SRC/openSUSE:Factory/.MozillaThunderbird.new.1548/thunderbird-91.11.0.source.tar.xz differ: char 15, line 1
participants (1)
-
Source-Sync