Revisions of thunderbird102
Wolfgang Rosenauer (wrosenauer)
accepted
request 1159886
from
Manfred Hollstein (manfred-h)
(revision 71)
- LLVM18 breaks building Firefox ESR and Thunderbird on Tumbleweed; add * mozilla-fix-issues-with-llvm18.patch - use autopatch
Wolfgang Rosenauer (wrosenauer)
accepted
request 1150303
from
Manfred Hollstein (manfred-h)
(revision 70)
- Use %%patch -P N for RPM-4.19
Wolfgang Rosenauer (wrosenauer)
accepted
request 1114402
from
Manfred Hollstein (manfred-h)
(revision 69)
- Mozilla Thunderbird 102.15.1 MFSA 2023-40 (bsc#???????) * CVE-2023-5129 (bmo#1852649 Heap buffer overflow in libwebp - Add mozilla-bmo1846703.patch
Wolfgang Rosenauer (wrosenauer)
committed
(revision 68)
- Mozilla Thunderbird 102.15.0 MFSA 2023-32 (bsc#1213746) * CVE-2023-4045 (bmo#1833876) Offscreen Canvas could have bypassed cross-origin restrictions * CVE-2023-4046 (bmo#1837686) Incorrect value used during WASM compilation * CVE-2023-4047 (bmo#1839073) Potential permissions request bypass via clickjacking * CVE-2023-4048 (bmo#1841368) Crash in DOMParser due to out-of-memory conditions * CVE-2023-4049 (bmo#1842658) Fix potential race conditions when releasing platform objects * CVE-2023-4050 (bmo#1843038) Stack buffer overflow in StorageManager * CVE-2023-4054 (bmo#1840777) Lack of warning when opening appref-ms files * CVE-2023-4055 (bmo#1782561) Cookie jar overflow caused unexpected cookie jar state * CVE-2023-4056 (bmo#1820587, bmo#1824634, bmo#1839235, bmo#1842325, bmo#1843847) Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1, Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14
Wolfgang Rosenauer (wrosenauer)
accepted
request 1104136
from
Manfred Hollstein (manfred-h)
(revision 67)
- Rectify build requirements for the upcoming openSUSE Leap 15.6
Wolfgang Rosenauer (wrosenauer)
committed
(revision 66)
- Mozilla Thunderbird 102.14.0 MFSA 2023-28 * CVE-2023-3417 (bmo#1835582, boo#1213658) File Extension Spoofing using the Text Direction Override Character
Wolfgang Rosenauer (wrosenauer)
committed
(revision 65)
- Mozilla Thunderbird 102.13.1 MFSA 2023- * Upstream RNP version numbers now recognized as official in about:support MFSA 2023-24 (bsc#1212438) * CVE-2023-37201 (bmo#1826002) Use-after-free in WebRTC certificate generation * CVE-2023-37202 (bmo#1834711) Potential use-after-free from compartment mismatch in SpiderMonkey * CVE-2023-37207 (bmo#1816287) Fullscreen notification obscured * CVE-2023-37208 (bmo#1837675) Lack of warning when opening Diagcab files * CVE-2023-37211 (bmo#1832306, bmo#1834862, bmo#1835886, bmo#1836550, bmo#1837450) Memory safety bugs fixed in Firefox 115, Firefox ESR 102.13, and Thunderbird 102.13
Wolfgang Rosenauer (wrosenauer)
committed
(revision 64)
Wolfgang Rosenauer (wrosenauer)
accepted
request 1097528
from
Manfred Hollstein (manfred-h)
(revision 63)
- mozilla-llvm16.patch has been applied upstream, remove it here
Wolfgang Rosenauer (wrosenauer)
committed
(revision 62)
- Mozilla Thunderbird 102.13.0
Wolfgang Rosenauer (wrosenauer)
accepted
request 1091940
from
Andreas Stieger (AndreasStieger)
(revision 61)
changelog
Wolfgang Rosenauer (wrosenauer)
committed
(revision 60)
- Mozilla Thunderbird 102.12.0
Wolfgang Rosenauer (wrosenauer)
committed
(revision 59)
- Mozilla Thunderbird 102.11.2 * fixed POP3 regressions ins 102.11.1 * https://www.thunderbird.net/en-US/thunderbird/102.11.2/releasenotes/ Thunderbird 102.11.1 * https://www.thunderbird.net/en-US/thunderbird/102.11.1/releasenotes/ - updated mozilla.keyring * https://www.thunderbird.net/en-US/thunderbird/102.11.0/releasenotes MFSA 2023-18 (bsc#1211175) * CVE-2023-32205 (bmo#1753339, bmo#1753341) Browser prompts could have been obscured by popups * CVE-2023-32206 (bmo#1824892) Crash in RLBox Expat driver * CVE-2023-32207 (bmo#1826116) Potential permissions request bypass via clickjacking * CVE-2023-32211 (bmo#1823379) Content process crash due to invalid wasm code * CVE-2023-32212 (bmo#1826622) Potential spoof due to obscured address bar * CVE-2023-32213 (bmo#1826666) Potential memory corruption in FileReader::DoReadData() * CVE-2023-32214 (bmo#1828716) Potential DoS via exposed protocol handlers * CVE-2023-32215 (bmo#1540883, bmo#1751943, bmo#1814856, bmo#1820210, bmo#1821480, bmo#1827019, bmo#1827024, bmo#1827144, bmo#1827359, bmo#1830186) Memory safety bugs fixed in Firefox 113 and Firefox ESR 102.11
Wolfgang Rosenauer (wrosenauer)
committed
(revision 58)
- Mozilla Thunderbird 102.11.0 * https://www.thunderbird.net/en-US/thunderbird/102.10.1/releasenotes
Wolfgang Rosenauer (wrosenauer)
committed
(revision 57)
- Mozilla Thunderbird 102.10.1 * New messages will automatically select S/MIME if configured and OpenPGP is not * Calendar events with timezone America/Mexico_City incorrectly applied Daylight Savings Time MFSA 2023-15 (bsc#1210212) * CVE-2023-29531 (bmo#1794292) Out-of-bound memory access in WebGL on macOS * CVE-2023-29532 (bmo#1806394) Mozilla Maintenance Service Write-lock bypass * CVE-2023-29533 (bmo#1798219, bmo#1814597) Fullscreen notification obscured * MFSA-TMP-2023-0001 (bmo#1819244) Double-free in libwebp * CVE-2023-29535 (bmo#1820543) Potential Memory Corruption following Garbage Collector compaction * CVE-2023-29536 (bmo#1821959) Invalid free from JavaScript code * CVE-2023-0547 (bmo#1811298) Revocation status of S/Mime recipient certificates was not checked * CVE-2023-29479 (bmo#1824978) Hang when processing certain OpenPGP messages * CVE-2023-29539 (bmo#1784348) Content-Disposition filename truncation leads to Reflected File Download * CVE-2023-29541 (bmo#1810191) Files with malicious extensions could have been downloaded unsafely on Linux * CVE-2023-29542 (bmo#1810793, bmo#1815062) Bypass of file download extension restrictions
Wolfgang Rosenauer (wrosenauer)
committed
(revision 56)
Wolfgang Rosenauer (wrosenauer)
committed
(revision 55)
Wolfgang Rosenauer (wrosenauer)
committed
(revision 54)
- Mozilla Thunderbird 102.10.0
Wolfgang Rosenauer (wrosenauer)
committed
(revision 53)
- add mozilla-llvm16.patch trying to fix build with LLVM16
Wolfgang Rosenauer (wrosenauer)
committed
(revision 52)
- Mozilla Thunderbird 102.9.1 MFSA 2023-12 * CVE-2023-28427 (bmo#1822595) Matrix SDK bundled with Thunderbird vulnerable to denial-of-service attack
Displaying revisions 1 - 20 of 71