https://www.thunderbird.net/en-US/thunderbird/115.10.1/releasenotes/
  * fixed hangup introduced with 115.10.0 (bmo#1891889)
  https://www.thunderbird.net/en-US/thunderbird/115.10.0/releasenotes/
  MFSA 2024-20 (bsc#1222535)
  * CVE-2024-3852 (bmo#1883542)
    GetBoundName in the JIT returned the wrong object
  * CVE-2024-3854 (bmo#1884552)
    Out-of-bounds-read after mis-optimized switch statement
  * CVE-2024-3857 (bmo#1886683)
    Incorrect JITting of arguments led to use-after-free during
    garbage collection
  * CVE-2024-2609 (bmo#1866100)
    Permission prompt input delay could expire when not in focus
  * CVE-2024-3859 (bmo#1874489)
    Integer-overflow led to out-of-bounds-read in the OpenType sanitizer
  * CVE-2024-3861 (bmo#1883158)
    Potential use-after-free due to AlignedBuffer self-move
  * CVE-2024-3863 (bmo#1885855)
    Download Protections were bypassed by .xrm-ms files on Windows
  * CVE-2024-3302 (bmo#1881183)
    Denial of Service using HTTP/2 CONTINUATION frames
  * CVE-2024-3864 (bmo#1888333)
    Memory safety bug fixed in Firefox 125, Firefox ESR 115.10,
    and Thunderbird 115.10

• Files Changed
• Browse Source

- Mozilla Thunderbird 115.10.1

• Files Changed
• Browse Source

- Mozilla Thunderbird 115.10.0
  https://www.thunderbird.net/en-US/thunderbird/115.9.0/releasenotes/
  MFSA 2024-14 (bsc#1221327)
  * CVE-2024-0743 (bmo#1867408)
    Crash in NSS TLS method
  * CVE-2024-2605 (bmo#1872920)
    Windows Error Reporter could be used as a Sandbox escape vector
  * CVE-2024-2607 (bmo#1879939)
    JIT code failed to save return registers on Armv7-A
  * CVE-2024-2608 (bmo#1880692)
    Integer overflow could have led to out of bounds write
  * CVE-2024-2616 (bmo#1846197)
    Improve handling of out-of-memory conditions in ICU
  * CVE-2023-5388 (bmo#1780432)
    NSS susceptible to timing attack against RSA decryption
  * CVE-2024-2610 (bmo#1871112)
    Improper handling of html and body tags enabled CSP nonce leakage
  * CVE-2024-2611 (bmo#1876675)
    Clickjacking vulnerability could have led to a user accidentally
    granting permissions
  * CVE-2024-2612 (bmo#1879444)
    Self referencing object could have potentially led to a use-
    after-free
  * CVE-2024-2614 (bmo#1685358, bmo#1861016, bmo#1880405, bmo#1881093)
    Memory safety bugs fixed in Firefox 124, Firefox ESR 115.9,
    and Thunderbird 115.9

• Files Changed
• Browse Source

- LLVM18 breaks building Thunderbird on Tumbleweed; add
  * mozilla-fix-issues-with-llvm18.patch

• Files Changed
• Browse Source

- Mozilla Thunderbird 115.9.0

• Files Changed
• Browse Source

Create subpackage MozillaThunderbird-openpgp-librnp

This is a groundwork for being able to swap librnp with sequoia-octopus-librnp.

• Files Changed
• Browse Source

  https://www.thunderbird.net/en-US/thunderbird/115.8.1/releasenotes/
  MFSA 2024-11
  * CVE-2024-1936 (bmo#1860977)
    Leaking of encrypted email subjects to other conversations

• Files Changed
• Browse Source

- Mozilla Thunderbird 115.8.1

• Files Changed
• Browse Source

changelog

• Files Changed
• Browse Source

- Mozilla Thunderbird 115.8.0
  https://www.thunderbird.net/en-US/thunderbird/115.7.0/releasenotes/
  MFSA 2024-04 (bsc#1218955)
  * CVE-2024-0741 (bmo#1864587)
    Out of bounds write in ANGLE
  * CVE-2024-0742 (bmo#1867152)
    Failure to update user input timestamp
  * CVE-2024-0746 (bmo#1660223)
    Crash when listing printers on Linux
  * CVE-2024-0747 (bmo#1764343)
    Bypass of Content Security Policy when directive unsafe-inline was set
  * CVE-2024-0749 (bmo#1813463)
    Phishing site popup could show local origin in address bar
  * CVE-2024-0750 (bmo#1863083)
    Potential permissions request bypass via clickjacking
  * CVE-2024-0751 (bmo#1865689)
    Privilege escalation through devtools
  * CVE-2024-0753 (bmo#1870262)
    HSTS policy on subdomain could bypass policy of upper domain
  * CVE-2024-0755 (bmo#1868456, bmo#1871445, bmo#1873701)
    Memory safety bugs fixed in Firefox 122, Firefox ESR 115.7,
    and Thunderbird 115.7

• Files Changed
• Browse Source

- Mozilla Thunderbird 115.7.0

- Mozilla Thunderbird 115.6.1
  https://www.thunderbird.net/en-US/thunderbird/115.6.1/releasenotes/
  * new: OAuth2 now supported for comcast.net (bmo#1844810)
  * fixed: High CPU usage sometimes occurred with IMAP CONDSTORE
    (conditional STORE) enabled (bmo#1839256)
  * fixed: Replying to a collapsed thread via keyboard shortcut
    (Ctrl+R/Cmd+R) opened a reply for every message in the thread
    (bmo#1866819)
  * fixed: Enabling Grouped By view after reversing sort order of
    column header caused messages to be grouped incorrectly
    (bmo#1868794)
  * fixed: Opening thread pane context menu via keyboard did not
    always scroll view to selection (bmo#1867532)
  * fixed: New mail indicator for POP3 accounts did not indicate
    new messages ready to be downloaded (bmo#1870619)
  * fixed: Messages could not be moved to folders using Message >
    Move To if text or a link in the message had been clicked on
    first (bmo#1868474)
  * fixed: MIME part boundaries were not properly terminated
    (bmo#1805558)

• Files Changed
• Browse Source

- Mozilla Thunderbird 115.6.1 (build1)
  https://www.thunderbird.net/en-US/thunderbird/115.6.0/releasenotes/
  * Message selection misbehaved after selecting a sub-message in an
    expanded thread, collapsing the thread, then pressing up/down to
    move selection
  * Thunderbird now attempts to reconnect on a new connection after
    SMTP 4xx errors
  * HTML FileLink attachments used the wrong encoding
  MFSA 2023-55 (bsc#1217230)
  * CVE-2023-50762 (bmo#1862625)
    Truncated signed text was shown with a valid OpenPGP
    signature
  * CVE-2023-50761 (bmo#1865647)
    S/MIME signature accepted despite mismatching message date
  * CVE-2023-6856 (bmo#1843782)
    Heap-buffer-overflow affecting WebGL DrawElementsInstanced
    method with Mesa VM driver
  * CVE-2023-6857 (bmo#1796023)
    Symlinks may resolve to smaller than expected buffers
  * CVE-2023-6858 (bmo#1826791)
    Heap buffer overflow in nsTextFragment
  * CVE-2023-6859 (bmo#1840144)
    Use-after-free in PR_GetIdentitiesLayer
  * CVE-2023-6860 (bmo#1854669)
    Potential sandbox escape due to VideoBridge lack of texture
    validation
  * CVE-2023-6861 (bmo#1864118)
    Heap buffer overflow affected nsWindow::PickerOpen(void) in
    headless mode
  * CVE-2023-6862 (bmo#1868042)

• Files Changed
• Browse Source

- Mozilla Thunderbird 115.6.0

• Files Changed
• Browse Source

- Mozilla Thunderbird 115.5.2
  Bugfix release
  https://www.thunderbird.net/en-US/thunderbird/115.5.2/releasenotes/
  Bugfix release
  https://www.thunderbird.net/en-US/thunderbird/115.5.1/releasenotes
  * Advanced GnuPG keys may be protected with an unexpected passphrase
  * OpenPGP signatures rejected due to mismatched signature timestamp
    now display signature timestamp and clarifying message
  * Advanced address book search did not return results if display name
    was left blank
  * Clicking on attendee when inviting attendees added the attendee twice

• Files Changed
• Browse Source

- Mozilla Thunderbird 115.5.1
  MFSA 2023-52 (bsc#1217230)
  * CVE-2023-6204 (bmo#1841050)
    Out-of-bound memory access in WebGL2 blitFramebuffer
  * CVE-2023-6205 (bmo#1854076)
    Use-after-free in MessagePort::Entangled
  * CVE-2023-6206 (bmo#1857430)
    Clickjacking permission prompts using the fullscreen transition
  * CVE-2023-6207 (bmo#1861344)
    Use-after-free in ReadableByteStreamQueueEntry::Buffer
  * CVE-2023-6208 (bmo#1855345)
    Using Selection API would copy contents into X11 primary
    selection.
  * CVE-2023-6209 (bmo#1858570)
    Incorrect parsing of relative URLs starting with "///"
  * CVE-2023-6212 (bmo#1658432, bmo#1820983, bmo#1829252, bmo#1856072,
    bmo#1856091, bmo#1859030, bmo#1860943, bmo#1862782)
    Memory safety bugs fixed in Firefox 120, Firefox ESR 115.5,
    and Thunderbird 115.5

• Files Changed
• Browse Source

- Mozilla Thunderbird 115.5.0
  https://www.thunderbird.net/en-US/thunderbird/115.5.0/releasenotes
  Bugfix release
  https://www.thunderbird.net/en-US/thunderbird/115.4.3/releasenotes

• Files Changed
• Browse Source

- Mozilla Thunderbird 115.4.3

• Files Changed
• Browse Source

- Mozilla Thunderbird 115.4.2
  https://www.thunderbird.net/en-US/thunderbird/115.4.2/releasenotes

• Files Changed
• Browse Source

- build using rust/cargo 1.72 (1.69 about to be dropped from Factory)
  https://www.thunderbird.net/en-US/thunderbird/115.4.1/releasenotes
  https://www.thunderbird.net/en-US/thunderbird/115.4.0/releasenotes
  MFSA 2023-47 (bsc#1216338)
  * CVE-2023-5721 (bmo#1830820)
    Queued up rendering could have allowed websites to clickjack
  * CVE-2023-5732 (bmo#1690979, bmo#1836962)
    Address bar spoofing via bidirectional characters
  * CVE-2023-5724 (bmo#1836705)
    Large WebGL draw could have led to a crash
  * CVE-2023-5725 (bmo#1845739)
    WebExtensions could open arbitrary URLs
  * CVE-2023-5726 (bmo#1846205)
    Full screen notification obscured by file open dialog on macOS
  * CVE-2023-5727 (bmo#1847180)
    Download Protections were bypassed by .msix, .msixbundle,
    .appx, and .appxbundle files on Windows
  * CVE-2023-5728 (bmo#1852729)
    Improper object tracking during GC in the JavaScript engine
    could have led to a crash.
  * CVE-2023-5730 (bmo#1836607, bmo#1840918, bmo#1848694, bmo#1848833,
    bmo#1850191, bmo#1850259, bmo#1852596, bmo#1853201, bmo#1854002,
    bmo#1855306, bmo#1855640, bmo#1856695)
    Memory safety bugs fixed in Firefox 119, Firefox ESR 115.4,
    and Thunderbird 115.4.1

• Files Changed
• Browse Source

merge in 115.3.3 changelog

• Files Changed
• Browse Source