Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaThunderbird for
openSUSE:Factory checked in at 2025-05-30 14:33:07
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/MozillaThunderbird (Old)
and /work/SRC/openSUSE:Factory/.MozillaThunderbird.new.25440 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "MozillaThunderbird"
Fri May 30 14:33:07 2025 rev:363 rq:1280770 version:128.11.0
Changes:
--------
--- /work/SRC/openSUSE:Factory/MozillaThunderbird/MozillaThunderbird.changes
2025-05-23 14:31:53.423965474 +0200
+++
/work/SRC/openSUSE:Factory/.MozillaThunderbird.new.25440/MozillaThunderbird.changes
2025-05-30 17:19:36.344963105 +0200
@@ -1,0 +2,29 @@
+Mon May 26 16:54:33 UTC 2025 - Wolfgang Rosenauer <w...@rosenauer.org>
+
+- Mozilla Thunderbird ESR 128.11.0
+ MFSA 2025-46 (boo#1243353)
+ * CVE-2025-5262 (bmo#1962421)
+ Double-free in libvpx encoder
+ * CVE-2025-5263 (bmo#1960745)
+ Error handling for script execution was incorrectly isolated
+ from web content
+ * CVE-2025-5264 (bmo#1950001)
+ Potential local code execution in “Copy as cURL” command
+ * CVE-2025-5265 (bmo#1962301)
+ Potential local code execution in “Copy as cURL” command
+ * CVE-2025-5266 (bmo#1965628)
+ Script element events leaked cross-origin resource status
+ * CVE-2025-5267 (bmo#1954137)
+ Clickjacking vulnerability could have led to leaking saved
+ payment card details
+ * CVE-2025-5268 (bmo#1950136, bmo#1958121, bmo#1960499,
+ bmo#1962634)
+ Memory safety bugs fixed in Firefox 139, Thunderbird 139,
+ Firefox ESR 128.11, and Thunderbird 128.11
+ * CVE-2025-5269 (bmo#1924108)
+ Memory safety bug fixed in Firefox ESR 128.11 and Thunderbird
+ 128.11
+ * fixed: Thunderbird could crash if message copying to Sent
+ folder was interrupted (bmo#1965304)
+
+-------------------------------------------------------------------
@@ -4 +33 @@
-- Mozilla Thunderbird ESR 128.0.2
+- Mozilla Thunderbird ESR 128.10.2
Old:
----
l10n-128.10.2esr.tar.xz
thunderbird-128.10.2esr.source.tar.xz
thunderbird-128.10.2esr.source.tar.xz.asc
New:
----
l10n-128.11.0esr.tar.xz
thunderbird-128.11.0esr.source.tar.xz
thunderbird-128.11.0esr.source.tar.xz.asc
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ MozillaThunderbird.spec ++++++
--- /var/tmp/diff_new_pack.67gdhT/_old 2025-05-30 17:19:46.573386450 +0200
+++ /var/tmp/diff_new_pack.67gdhT/_new 2025-05-30 17:19:46.581386781 +0200
@@ -29,8 +29,8 @@
# major 69
# mainver %%major.99
%define major 128
-%define mainver %major.10.2
-%define orig_version 128.10.2
+%define mainver %major.11.0
+%define orig_version 128.11.0
%define orig_suffix esr
%define update_channel esr
%define source_prefix thunderbird-%{orig_version}
++++++ l10n-128.10.2esr.tar.xz -> l10n-128.11.0esr.tar.xz ++++++
/work/SRC/openSUSE:Factory/MozillaThunderbird/l10n-128.10.2esr.tar.xz
/work/SRC/openSUSE:Factory/.MozillaThunderbird.new.25440/l10n-128.11.0esr.tar.xz
differ: char 15, line 1
++++++ tar_stamps ++++++
--- /var/tmp/diff_new_pack.67gdhT/_old 2025-05-30 17:19:46.965402675 +0200
+++ /var/tmp/diff_new_pack.67gdhT/_new 2025-05-30 17:19:46.969402841 +0200
@@ -1,11 +1,11 @@
PRODUCT="thunderbird"
CHANNEL="esr128"
-VERSION="128.10.2"
+VERSION="128.11.0"
VERSION_SUFFIX="esr"
-REV_VERSION="128.10.1"
+REV_VERSION="128.10.2"
PREV_VERSION_SUFFIX="esr"
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
RELEASE_REPO="https://hg.mozilla.org/releases/comm-esr128";
-RELEASE_TAG="7837c914bfafbf0e40020e9b3630e837503eb2b5"
-RELEASE_TIMESTAMP="20250519214323"
+RELEASE_TAG="3abba23fa667473fade7fe4c44e2b8d25dba5fd1"
+RELEASE_TIMESTAMP="20250522210530"
++++++ thunderbird-128.10.2esr.source.tar.xz ->
thunderbird-128.11.0esr.source.tar.xz ++++++
/work/SRC/openSUSE:Factory/MozillaThunderbird/thunderbird-128.10.2esr.source.tar.xz
/work/SRC/openSUSE:Factory/.MozillaThunderbird.new.25440/thunderbird-128.11.0esr.source.tar.xz
differ: char 15, line 1
