Hello community, here is the log from the commit of package MozillaThunderbird for openSUSE:Factory checked in at 2020-05-07 17:51:25 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/MozillaThunderbird (Old) and /work/SRC/openSUSE:Factory/.MozillaThunderbird.new.2738 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "MozillaThunderbird" Thu May 7 17:51:25 2020 rev:230 rq:800587 version:68.8.0 Changes: -------- --- /work/SRC/openSUSE:Factory/MozillaThunderbird/MozillaThunderbird.changes 2020-04-15 19:52:18.761539958 +0200 +++ /work/SRC/openSUSE:Factory/.MozillaThunderbird.new.2738/MozillaThunderbird.changes 2020-05-07 17:51:47.813434585 +0200 @@ -1,0 +2,29 @@ +Tue May 5 07:49:33 UTC 2020 - Wolfgang Rosenauer <w...@rosenauer.org> + +- Mozilla Thunderbird 68.8.0 + * Account Manager fixes and improvements + * https://www.thunderbird.net/en-US/thunderbird/68.8.0/releasenotes + MFSA 2020-18 (bsc#1171186) + * CVE-2020-12397 (bmo#1617370) + Sender Email Address Spoofing using encoded Unicode characters + * CVE-2020-12387 (bmo#1545345) + Use-after-free during worker shutdown + * CVE-2020-6831 (bmo#1632241) + Buffer overflow in SCTP chunk input validation + * CVE-2020-12392 (bmo#1614468) + Arbitrary local file access with 'Copy as cURL' + * CVE-2020-12393 (bmo#1615471) + Devtools' 'Copy as cURL' feature did not fully escape + website-controlled data, potentially leading to command injection + * CVE-2020-12395 (bmo#1595886, bmo#1611482, bmo#1614704, bmo#1624098, + bmo#1625749, bmo#1626382, bmo#1628076, bmo#1631508) + Memory safety bugs fixed in Thunderbird 68.8.0 +- removed obsolete patch mozilla-bmo1580963.patch + +------------------------------------------------------------------- +Tue May 5 07:00:36 UTC 2020 - Ismail Dönmez <idon...@suse.com> + +- Add mozilla-bmo1580963.patch to fix build with rust 1.43 + (bmo#1580963) + +------------------------------------------------------------------- Old: ---- l10n-68.7.0.tar.xz thunderbird-68.7.0.source.tar.xz thunderbird-68.7.0.source.tar.xz.asc New: ---- l10n-68.8.0.tar.xz thunderbird-68.8.0.source.tar.xz thunderbird-68.8.0.source.tar.xz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ MozillaThunderbird.spec ++++++ --- /var/tmp/diff_new_pack.T5o4gj/_old 2020-05-07 17:52:11.305484404 +0200 +++ /var/tmp/diff_new_pack.T5o4gj/_new 2020-05-07 17:52:11.305484404 +0200 @@ -26,8 +26,8 @@ # major 69 # mainver %major.99 %define major 68 -%define mainver %major.7.0 -%define orig_version 68.7.0 +%define mainver %major.8.0 +%define orig_version 68.8.0 %define orig_suffix %{nil} %define update_channel release %define source_prefix thunderbird-%{mainver} ++++++ l10n-68.7.0.tar.xz -> l10n-68.8.0.tar.xz ++++++ /work/SRC/openSUSE:Factory/MozillaThunderbird/l10n-68.7.0.tar.xz /work/SRC/openSUSE:Factory/.MozillaThunderbird.new.2738/l10n-68.8.0.tar.xz differ: char 8, line 1 ++++++ tar_stamps ++++++ --- /var/tmp/diff_new_pack.T5o4gj/_old 2020-05-07 17:52:11.529484878 +0200 +++ /var/tmp/diff_new_pack.T5o4gj/_new 2020-05-07 17:52:11.529484878 +0200 @@ -1,10 +1,10 @@ PRODUCT="thunderbird" CHANNEL="esr68" -VERSION="68.7.0" +VERSION="68.8.0" VERSION_SUFFIX="" -PREV_VERSION="68.6.0" +PREV_VERSION="68.7.0" PREV_VERSION_SUFFIX="" #SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation RELEASE_REPO="https://hg.mozilla.org/releases/comm-esr68" -RELEASE_TAG="f7099fd16d6f5dff22154eab3161674142501739" -RELEASE_TIMESTAMP="20200407160932" +RELEASE_TAG="4c022a34cd5dd776671721c44db89f693f59132c" +RELEASE_TIMESTAMP="20200504155042" ++++++ thunderbird-68.7.0.source.tar.xz -> thunderbird-68.8.0.source.tar.xz ++++++ /work/SRC/openSUSE:Factory/MozillaThunderbird/thunderbird-68.7.0.source.tar.xz /work/SRC/openSUSE:Factory/.MozillaThunderbird.new.2738/thunderbird-68.8.0.source.tar.xz differ: char 15, line 1