Overview Repositories Revisions Requests Users Attributes Meta

Revisions of MozillaThunderbird

buildservice-autocommit accepted request 1171966 from Wolfgang Rosenauer's avatar Wolfgang Rosenauer (wrosenauer) (revision 756) 
baserev update by copy to link target
buildservice-autocommit accepted request 1169354 from Wolfgang Rosenauer's avatar Wolfgang Rosenauer (wrosenauer) (revision 754) 
baserev update by copy to link target
Wolfgang Rosenauer's avatar Wolfgang Rosenauer (wrosenauer) committed (revision 753) 
- Mozilla Thunderbird 115.10.1
  https://www.thunderbird.net/en-US/thunderbird/115.10.1/releasenotes/
  * fixed hangup introduced with 115.10.0 (bmo#1891889)

- Mozilla Thunderbird 115.10.0
  https://www.thunderbird.net/en-US/thunderbird/115.10.0/releasenotes/
  MFSA 2024-20 (bsc#1222535)
  * CVE-2024-3852 (bmo#1883542)
    GetBoundName in the JIT returned the wrong object
  * CVE-2024-3854 (bmo#1884552)
    Out-of-bounds-read after mis-optimized switch statement
  * CVE-2024-3857 (bmo#1886683)
    Incorrect JITting of arguments led to use-after-free during
    garbage collection
  * CVE-2024-2609 (bmo#1866100)
    Permission prompt input delay could expire when not in focus
  * CVE-2024-3859 (bmo#1874489)
    Integer-overflow led to out-of-bounds-read in the OpenType sanitizer
  * CVE-2024-3861 (bmo#1883158)
    Potential use-after-free due to AlignedBuffer self-move
  * CVE-2024-3863 (bmo#1885855)
    Download Protections were bypassed by .xrm-ms files on Windows
  * CVE-2024-3302 (bmo#1881183)
    Denial of Service using HTTP/2 CONTINUATION frames
  * CVE-2024-3864 (bmo#1888333)
    Memory safety bug fixed in Firefox 125, Firefox ESR 115.10,
    and Thunderbird 115.10
buildservice-autocommit accepted request 1160556 from Wolfgang Rosenauer's avatar Wolfgang Rosenauer (wrosenauer) (revision 752) 
baserev update by copy to link target
Wolfgang Rosenauer's avatar Wolfgang Rosenauer (wrosenauer) committed (revision 751) 
- LLVM18 breaks building Thunderbird on Tumbleweed; add
  * mozilla-fix-issues-with-llvm18.patch

- Mozilla Thunderbird 115.9.0
  https://www.thunderbird.net/en-US/thunderbird/115.9.0/releasenotes/
  MFSA 2024-14 (bsc#1221327)
  * CVE-2024-0743 (bmo#1867408)
    Crash in NSS TLS method
  * CVE-2024-2605 (bmo#1872920)
    Windows Error Reporter could be used as a Sandbox escape vector
  * CVE-2024-2607 (bmo#1879939)
    JIT code failed to save return registers on Armv7-A
  * CVE-2024-2608 (bmo#1880692)
    Integer overflow could have led to out of bounds write
  * CVE-2024-2616 (bmo#1846197)
    Improve handling of out-of-memory conditions in ICU
  * CVE-2023-5388 (bmo#1780432)
    NSS susceptible to timing attack against RSA decryption
  * CVE-2024-2610 (bmo#1871112)
    Improper handling of html and body tags enabled CSP nonce leakage
  * CVE-2024-2611 (bmo#1876675)
    Clickjacking vulnerability could have led to a user accidentally
    granting permissions
  * CVE-2024-2612 (bmo#1879444)
    Self referencing object could have potentially led to a use-
    after-free
  * CVE-2024-2614 (bmo#1685358, bmo#1861016, bmo#1880405, bmo#1881093)
    Memory safety bugs fixed in Firefox 124, Firefox ESR 115.9,
    and Thunderbird 115.9
buildservice-autocommit accepted request 1155826 from Wolfgang Rosenauer's avatar Wolfgang Rosenauer (wrosenauer) (revision 750) 
baserev update by copy to link target
Wolfgang Rosenauer's avatar Wolfgang Rosenauer (wrosenauer) committed (revision 749) 
- Mozilla Thunderbird 115.8.1
  https://www.thunderbird.net/en-US/thunderbird/115.8.1/releasenotes/
  MFSA 2024-11
  * CVE-2024-1936 (bmo#1860977)
    Leaking of encrypted email subjects to other conversations
buildservice-autocommit accepted request 1150520 from Wolfgang Rosenauer's avatar Wolfgang Rosenauer (wrosenauer) (revision 748) 
baserev update by copy to link target
buildservice-autocommit accepted request 1141172 from Wolfgang Rosenauer's avatar Wolfgang Rosenauer (wrosenauer) (revision 746) 
baserev update by copy to link target
Wolfgang Rosenauer's avatar Wolfgang Rosenauer (wrosenauer) committed (revision 745) 
- Mozilla Thunderbird 115.7.0
  https://www.thunderbird.net/en-US/thunderbird/115.7.0/releasenotes/
  MFSA 2024-04 (bsc#1218955)
  * CVE-2024-0741 (bmo#1864587)
    Out of bounds write in ANGLE
  * CVE-2024-0742 (bmo#1867152)
    Failure to update user input timestamp
  * CVE-2024-0746 (bmo#1660223)
    Crash when listing printers on Linux
  * CVE-2024-0747 (bmo#1764343)
    Bypass of Content Security Policy when directive unsafe-inline was set
  * CVE-2024-0749 (bmo#1813463)
    Phishing site popup could show local origin in address bar
  * CVE-2024-0750 (bmo#1863083)
    Potential permissions request bypass via clickjacking
  * CVE-2024-0751 (bmo#1865689)
    Privilege escalation through devtools
  * CVE-2024-0753 (bmo#1870262)
    HSTS policy on subdomain could bypass policy of upper domain
  * CVE-2024-0755 (bmo#1868456, bmo#1871445, bmo#1873701)
    Memory safety bugs fixed in Firefox 122, Firefox ESR 115.7,
    and Thunderbird 115.7
buildservice-autocommit accepted request 1138352 from Wolfgang Rosenauer's avatar Wolfgang Rosenauer (wrosenauer) (revision 744) 
baserev update by copy to link target
Wolfgang Rosenauer's avatar Wolfgang Rosenauer (wrosenauer) accepted request 1137913 from Martin Sirringhaus's avatar Martin Sirringhaus (MSirringhaus) (revision 743) 
(untested) Mozilla Thunderbird 115.6.1
buildservice-autocommit accepted request 1134147 from Wolfgang Rosenauer's avatar Wolfgang Rosenauer (wrosenauer) (revision 742) 
baserev update by copy to link target
Wolfgang Rosenauer's avatar Wolfgang Rosenauer (wrosenauer) committed (revision 741) 
- Mozilla Thunderbird 115.6.0
  https://www.thunderbird.net/en-US/thunderbird/115.6.0/releasenotes/
  * Message selection misbehaved after selecting a sub-message in an
    expanded thread, collapsing the thread, then pressing up/down to
    move selection
  * Thunderbird now attempts to reconnect on a new connection after
    SMTP 4xx errors
  * HTML FileLink attachments used the wrong encoding
  MFSA 2023-55 (bsc#1217230)
  * CVE-2023-50762 (bmo#1862625)
    Truncated signed text was shown with a valid OpenPGP
    signature
  * CVE-2023-50761 (bmo#1865647)
    S/MIME signature accepted despite mismatching message date
  * CVE-2023-6856 (bmo#1843782)
    Heap-buffer-overflow affecting WebGL DrawElementsInstanced
    method with Mesa VM driver
  * CVE-2023-6857 (bmo#1796023)
    Symlinks may resolve to smaller than expected buffers
  * CVE-2023-6858 (bmo#1826791)
    Heap buffer overflow in nsTextFragment
  * CVE-2023-6859 (bmo#1840144)
    Use-after-free in PR_GetIdentitiesLayer
  * CVE-2023-6860 (bmo#1854669)
    Potential sandbox escape due to VideoBridge lack of texture
    validation
  * CVE-2023-6861 (bmo#1864118)
    Heap buffer overflow affected nsWindow::PickerOpen(void) in
    headless mode
  * CVE-2023-6862 (bmo#1868042)
buildservice-autocommit accepted request 1132769 from Wolfgang Rosenauer's avatar Wolfgang Rosenauer (wrosenauer) (revision 740) 
baserev update by copy to link target
Wolfgang Rosenauer's avatar Wolfgang Rosenauer (wrosenauer) committed (revision 739) 
- Mozilla Thunderbird 115.5.2
  Bugfix release
  https://www.thunderbird.net/en-US/thunderbird/115.5.2/releasenotes/
buildservice-autocommit accepted request 1129733 from Wolfgang Rosenauer's avatar Wolfgang Rosenauer (wrosenauer) (revision 738) 
baserev update by copy to link target
Wolfgang Rosenauer's avatar Wolfgang Rosenauer (wrosenauer) committed (revision 737) 
- Mozilla Thunderbird 115.5.1
  Bugfix release
  https://www.thunderbird.net/en-US/thunderbird/115.5.1/releasenotes
  * Advanced GnuPG keys may be protected with an unexpected passphrase
  * OpenPGP signatures rejected due to mismatched signature timestamp
    now display signature timestamp and clarifying message
  * Advanced address book search did not return results if display name
    was left blank
  * Clicking on attendee when inviting attendees added the attendee twice
Displaying revisions 1 - 20 of 756
openSUSE Build Service is sponsored by
Places