Revisions of thunderbird102
Wolfgang Rosenauer (wrosenauer)
accepted
request 1159886
from
Manfred Hollstein (manfred-h)
(revision 71)
- LLVM18 breaks building Firefox ESR and Thunderbird on Tumbleweed; add * mozilla-fix-issues-with-llvm18.patch - use autopatch
Wolfgang Rosenauer (wrosenauer)
accepted
request 1150303
from
Manfred Hollstein (manfred-h)
(revision 70)
- Use %%patch -P N for RPM-4.19
Wolfgang Rosenauer (wrosenauer)
accepted
request 1114402
from
Manfred Hollstein (manfred-h)
(revision 69)
- Mozilla Thunderbird 102.15.1
MFSA 2023-40 (bsc#???????)
* CVE-2023-5129 (bmo#1852649
Heap buffer overflow in libwebp
- Add mozilla-bmo1846703.patch
Wolfgang Rosenauer (wrosenauer)
committed
(revision 68)
- Mozilla Thunderbird 102.15.0
MFSA 2023-32 (bsc#1213746)
* CVE-2023-4045 (bmo#1833876)
Offscreen Canvas could have bypassed cross-origin restrictions
* CVE-2023-4046 (bmo#1837686)
Incorrect value used during WASM compilation
* CVE-2023-4047 (bmo#1839073)
Potential permissions request bypass via clickjacking
* CVE-2023-4048 (bmo#1841368)
Crash in DOMParser due to out-of-memory conditions
* CVE-2023-4049 (bmo#1842658)
Fix potential race conditions when releasing platform objects
* CVE-2023-4050 (bmo#1843038)
Stack buffer overflow in StorageManager
* CVE-2023-4054 (bmo#1840777)
Lack of warning when opening appref-ms files
* CVE-2023-4055 (bmo#1782561)
Cookie jar overflow caused unexpected cookie jar state
* CVE-2023-4056 (bmo#1820587, bmo#1824634, bmo#1839235,
bmo#1842325, bmo#1843847)
Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1,
Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14
Wolfgang Rosenauer (wrosenauer)
accepted
request 1104136
from
Manfred Hollstein (manfred-h)
(revision 67)
- Rectify build requirements for the upcoming openSUSE Leap 15.6
Wolfgang Rosenauer (wrosenauer)
committed
(revision 66)
- Mozilla Thunderbird 102.14.0
MFSA 2023-28
* CVE-2023-3417 (bmo#1835582, boo#1213658)
File Extension Spoofing using the Text Direction Override Character
Wolfgang Rosenauer (wrosenauer)
committed
(revision 65)
- Mozilla Thunderbird 102.13.1
MFSA 2023-
* Upstream RNP version numbers now recognized as official in about:support
MFSA 2023-24 (bsc#1212438)
* CVE-2023-37201 (bmo#1826002)
Use-after-free in WebRTC certificate generation
* CVE-2023-37202 (bmo#1834711)
Potential use-after-free from compartment mismatch in
SpiderMonkey
* CVE-2023-37207 (bmo#1816287)
Fullscreen notification obscured
* CVE-2023-37208 (bmo#1837675)
Lack of warning when opening Diagcab files
* CVE-2023-37211 (bmo#1832306, bmo#1834862, bmo#1835886,
bmo#1836550, bmo#1837450)
Memory safety bugs fixed in Firefox 115, Firefox ESR 102.13,
and Thunderbird 102.13
Wolfgang Rosenauer (wrosenauer)
committed
(revision 64)
Wolfgang Rosenauer (wrosenauer)
accepted
request 1097528
from
Manfred Hollstein (manfred-h)
(revision 63)
- mozilla-llvm16.patch has been applied upstream, remove it here
Wolfgang Rosenauer (wrosenauer)
accepted
request 1091940
from
Andreas Stieger (AndreasStieger)
(revision 61)
changelog
Wolfgang Rosenauer (wrosenauer)
committed
(revision 59)
- Mozilla Thunderbird 102.11.2
* fixed POP3 regressions ins 102.11.1
* https://www.thunderbird.net/en-US/thunderbird/102.11.2/releasenotes/
Thunderbird 102.11.1
* https://www.thunderbird.net/en-US/thunderbird/102.11.1/releasenotes/
- updated mozilla.keyring
* https://www.thunderbird.net/en-US/thunderbird/102.11.0/releasenotes
MFSA 2023-18 (bsc#1211175)
* CVE-2023-32205 (bmo#1753339, bmo#1753341)
Browser prompts could have been obscured by popups
* CVE-2023-32206 (bmo#1824892)
Crash in RLBox Expat driver
* CVE-2023-32207 (bmo#1826116)
Potential permissions request bypass via clickjacking
* CVE-2023-32211 (bmo#1823379)
Content process crash due to invalid wasm code
* CVE-2023-32212 (bmo#1826622)
Potential spoof due to obscured address bar
* CVE-2023-32213 (bmo#1826666)
Potential memory corruption in FileReader::DoReadData()
* CVE-2023-32214 (bmo#1828716)
Potential DoS via exposed protocol handlers
* CVE-2023-32215 (bmo#1540883, bmo#1751943, bmo#1814856,
bmo#1820210, bmo#1821480, bmo#1827019, bmo#1827024, bmo#1827144,
bmo#1827359, bmo#1830186)
Memory safety bugs fixed in Firefox 113 and Firefox ESR 102.11
Wolfgang Rosenauer (wrosenauer)
committed
(revision 58)
- Mozilla Thunderbird 102.11.0 * https://www.thunderbird.net/en-US/thunderbird/102.10.1/releasenotes
Wolfgang Rosenauer (wrosenauer)
committed
(revision 57)
- Mozilla Thunderbird 102.10.1
* New messages will automatically select S/MIME if configured and
OpenPGP is not
* Calendar events with timezone America/Mexico_City incorrectly
applied Daylight Savings Time
MFSA 2023-15 (bsc#1210212)
* CVE-2023-29531 (bmo#1794292)
Out-of-bound memory access in WebGL on macOS
* CVE-2023-29532 (bmo#1806394)
Mozilla Maintenance Service Write-lock bypass
* CVE-2023-29533 (bmo#1798219, bmo#1814597)
Fullscreen notification obscured
* MFSA-TMP-2023-0001 (bmo#1819244)
Double-free in libwebp
* CVE-2023-29535 (bmo#1820543)
Potential Memory Corruption following Garbage Collector compaction
* CVE-2023-29536 (bmo#1821959)
Invalid free from JavaScript code
* CVE-2023-0547 (bmo#1811298)
Revocation status of S/Mime recipient certificates was not checked
* CVE-2023-29479 (bmo#1824978)
Hang when processing certain OpenPGP messages
* CVE-2023-29539 (bmo#1784348)
Content-Disposition filename truncation leads to Reflected
File Download
* CVE-2023-29541 (bmo#1810191)
Files with malicious extensions could have been downloaded
unsafely on Linux
* CVE-2023-29542 (bmo#1810793, bmo#1815062)
Bypass of file download extension restrictions
Wolfgang Rosenauer (wrosenauer)
committed
(revision 56)
Wolfgang Rosenauer (wrosenauer)
committed
(revision 55)
Wolfgang Rosenauer (wrosenauer)
committed
(revision 53)
- add mozilla-llvm16.patch trying to fix build with LLVM16
Wolfgang Rosenauer (wrosenauer)
committed
(revision 52)
- Mozilla Thunderbird 102.9.1
MFSA 2023-12
* CVE-2023-28427 (bmo#1822595)
Matrix SDK bundled with Thunderbird vulnerable to
denial-of-service attack
Displaying revisions 1 - 20 of 71
