merge in 115.3.3 changelog

• Files Changed
• Browse Source

- Mozilla Thunderbird 115.4.1

• Files Changed
• Browse Source

- removed obsolete mozilla-bmo1846703.patch

• Files Changed
• Browse Source

- Mozilla Thunderbird 115.4.0

• Files Changed
• Browse Source

  Bugfix release
  https://www.thunderbird.net/en-US/thunderbird/115.3.2/releasenotes

• Files Changed
• Browse Source

- Mozilla Thunderbird 115.3.2

• Files Changed
• Browse Source

- Mozilla Thunderbird 115.3.1
  MFSA 2023-45 (bsc#1215814)
  * CVE-2023-5217 (bmo#1855550)
    Heap buffer overflow in libvpx
  https://www.thunderbird.net/en-US/thunderbird/115.3.0/releasenotes
  MFSA 2023-43 (bsc#1215575)
  * CVE-2023-5168 (bmo#1846683)
    Out-of-bounds write in FilterNodeD2D1
  * CVE-2023-5169 (bmo#1846685)
    Out-of-bounds write in PathOps
  * CVE-2023-5171 (bmo#1851599)
    Use-after-free in Ion Compiler
  * CVE-2023-5174 (bmo#1848454)
    Double-free in process spawning on Windows
  * CVE-2023-5176 (bmo#1836353, bmo#1842674, bmo#1843824,
    bmo#1843962, bmo#1848890, bmo#1850180, bmo#1850983,
    bmo#1851195)
    Memory safety bugs fixed in Firefox 118, Firefox ESR 115.3,
    and Thunderbird 115.3

• Files Changed
• Browse Source

- Add mozilla-bmo1846703.patch

• Files Changed
• Browse Source

• Files Changed
• Browse Source

- Mozilla Thunderbird 115.3.0
  Bugfix release:
  https://www.thunderbird.net/en-US/thunderbird/115.2.3/releasenotes

• Files Changed
• Browse Source

• Files Changed
• Browse Source

- Mozilla Thunderbird 115.2.3

• Files Changed
• Browse Source

- Mozilla Thunderbird 115.2.2
  https://www.thunderbird.net/en-US/thunderbird/115.2.2/releasenotes
  MFSA 2023-40 (bsc#1215231)
  * CVE-2023-4863 (bmo# bmo#1852649)
    Heap buffer overflow in libwebp

  https://www.thunderbird.net/en-US/thunderbird/115.2.1/releasenotes
  * new: Column separators are now shown between all columns in
    tree view (bmo#1847441)
  * fixed: New mail notification always opened message in message
    pane, even if pane was disabled (bmo#1840092)
  * fixed: After moving an IMAP message to another folder, the
    incorrect message was selected in the message list
    (bmo#1845376)
  * fixed: Adding a tag to an IMAP message opened in a tab failed
    (bmo#1844452)
  * fixed: Junk/Spam folders were not always shown in Unified
    Folders mode (bmo#1838672)
  * fixed: Middle-clicking a folder or message did not open it in
    a background tab, as in previous versions (bmo#1842482)
  * fixed: Settings tab visual improvements: Advanced Fonts
    dialog, Section headers hidden behind search box
    (bmo#1717382,bmo#1846751)
  * fixed: Various visual and style fixes
    (bmo#1843707,bmo#1849823)

• Files Changed
• Browse Source

• Files Changed
• Browse Source

- Mozilla Thunderbird 115.2.2

• Files Changed
• Browse Source

• Files Changed
• Browse Source

- Mozilla Thunderbird 115.2.1
  https://www.thunderbird.net/en-US/thunderbird/115.2.0/releasenotes
  MFSA 2023-38 (bsc#1214606)
  * CVE-2023-4573 (bmo#1846687)
    Memory corruption in IPC CanvasTranslator
  * CVE-2023-4574 (bmo#1846688)
    Memory corruption in IPC ColorPickerShownCallback
  * CVE-2023-4575 (bmo#1846689)
    Memory corruption in IPC FilePickerShownCallback
  * CVE-2023-4576 (bmo#1846694)
    Integer Overflow in RecordedSourceSurfaceCreation
  * CVE-2023-4577 (bmo#1847397)
    Memory corruption in JIT UpdateRegExpStatics
  * CVE-2023-4051 (bmo#1821884)
    Full screen notification obscured by file open dialog
  * CVE-2023-4578 (bmo#1839007)
    Error reporting methods in SpiderMonkey could have triggered
    an Out of Memory Exception
  * CVE-2023-4053 (bmo#1839079)
    Full screen notification obscured by external program
  * CVE-2023-4580 (bmo#1843046)
    Push notifications saved to disk unencrypted
  * CVE-2023-4581 (bmo#1843758)
    XLL file extensions were downloadable without warnings
  * CVE-2023-4582 (bmo#1773874)
    Buffer Overflow in WebGL glGetProgramiv
  * CVE-2023-4583 (bmo#1842030)
    Browsing Context potentially not cleared when closing Private
    Window
  * CVE-2023-4584 (bmo#1843968, bmo#1845205, bmo#1846080,

• Files Changed
• Browse Source

• Files Changed
• Browse Source

- Mozilla Thunderbird 115.2.0

• Files Changed
• Browse Source

  bugfixes as documented here
  https://www.thunderbird.net/en-US/thunderbird/115.1.1/releasenotes
  MFSA 2023-33 (bsc#1213746)
  * CVE-2023-4045 (bmo#1833876)
    Offscreen Canvas could have bypassed cross-origin restrictions
  * CVE-2023-4046 (bmo#1837686)
    Incorrect value used during WASM compilation
  * CVE-2023-4047 (bmo#1839073)
    Potential permissions request bypass via clickjacking
  * CVE-2023-4048 (bmo#1841368)
    Crash in DOMParser due to out-of-memory conditions
  * CVE-2023-4049 (bmo#1842658)
    Fix potential race conditions when releasing platform objects
  * CVE-2023-4050 (bmo#1843038)
    Stack buffer overflow in StorageManager
  * CVE-2023-4052 (bmo#1824420)
    File deletion and privilege escalation through Firefox uninstaller
  * CVE-2023-4054 (bmo#1840777)
    Lack of warning when opening appref-ms files
  * CVE-2023-4055 (bmo#1782561)
    Cookie jar overflow caused unexpected cookie jar state
  * CVE-2023-4056 (bmo#1820587, bmo#1824634, bmo#1839235, bmo#1842325,
    bmo#1843847)
    Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1,
    Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14
  * CVE-2023-4057 (bmo#1841682)
    Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1,
    and Thunderbird 115.1

• Files Changed
• Browse Source