Hello community, here is the log from the commit of package MozillaThunderbird for openSUSE:Factory checked in at 2016-03-20 11:48:33 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/MozillaThunderbird (Old) and /work/SRC/openSUSE:Factory/.MozillaThunderbird.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "MozillaThunderbird" Changes: -------- --- /work/SRC/openSUSE:Factory/MozillaThunderbird/MozillaThunderbird.changes 2016-03-02 14:20:54.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.MozillaThunderbird.new/MozillaThunderbird.changes 2016-03-20 11:48:35.000000000 +0100 @@ -1,0 +2,40 @@ +Fri Mar 11 12:57:25 UTC 2016 - w...@rosenauer.org + +- update to Thunderbird 38.7.0 (boo#969894) + * MFSA 2015-81/CVE-2015-4477 (bmo#1179484) + Use-after-free in MediaStream playback + * MFSA 2015-136/CVE-2015-7207 (bmo#1185256) + Same-origin policy violation using performance.getEntries and + history navigation + * MFSA 2016-16/CVE-2016-1952 + Miscellaneous memory safety hazards + * MFSA 2016-17/CVE-2016-1954 (bmo#1243178) + Local file overwriting and potential privilege escalation through + CSP reports + * MFSA 2016-20/CVE-2016-1957 (bmo#1227052) + Memory leak in libstagefright when deleting an array during MP4 + processing + * MFSA 2016-21/CVE-2016-1958 (bmo#1228754) + Displayed page address can be overridden + * MFSA 2016-23/CVE-2016-1960/ZDI-CAN-3545 (bmo#1246014) + Use-after-free in HTML5 string parser + * MFSA 2016-24/CVE-2016-1961/ZDI-CAN-3574 (bmo#1249377) + Use-after-free in SetBody + * MFSA 2016-25/CVE-2016-1962 (bmo#1240760) + Use-after-free when using multiple WebRTC data channels + * MFSA 2016-27/CVE-2016-1964 (bmo#1243335) + Use-after-free during XML transformations + * MFSA 2016-28/CVE-2016-1965 (bmo#1245264) + Addressbar spoofing though history navigation and Location protocol + property + * MFSA 2016-31/CVE-2016-1966 (bmo#1246054) + Memory corruption with malicious NPAPI plugin + * MFSA 2016-34/CVE-2016-1974 (bmo#1228103) + Out-of-bounds read in HTML parser following a failed allocation + * MFSA 2016-37/CVE-2016-1977/CVE-2016-2790/CVE-2016-2791/ + CVE-2016-2792/CVE-2016-2793/CVE-2016-2794/CVE-2016-2795/ + CVE-2016-2796/CVE-2016-2797/CVE-2016-2798/CVE-2016-2799/ + CVE-2016-2800/CVE-2016-2801/CVE-2016-2802 + Font vulnerabilities in the Graphite 2 library + +------------------------------------------------------------------- Old: ---- l10n-38.6.0.tar.xz thunderbird-38.6.0-source.tar.xz New: ---- l10n-38.7.0.tar.xz thunderbird-38.7.0-source.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ MozillaThunderbird.spec ++++++ --- /var/tmp/diff_new_pack.b4pABH/_old 2016-03-20 11:48:46.000000000 +0100 +++ /var/tmp/diff_new_pack.b4pABH/_new 2016-03-20 11:48:46.000000000 +0100 @@ -2,7 +2,7 @@ # spec file for package MozillaThunderbird # # Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. -# 2006-2015 Wolfgang Rosenauer <w...@rosenauer.org> +# 2006-2016 Wolfgang Rosenauer <w...@rosenauer.org> # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,7 +17,7 @@ # -%define mainversion 38.6.0 +%define mainversion 38.7.0 %define update_channel release %if %suse_version > 1210 @@ -75,7 +75,7 @@ %endif Version: %{mainversion} Release: 0 -%define releasedate 2016021200 +%define releasedate 2016031000 Provides: thunderbird = %{version} Provides: appdata() Provides: appdata(thunderbird.appdata.xml) ++++++ compare-locales.tar.xz ++++++ ++++++ create-tar.sh ++++++ --- /var/tmp/diff_new_pack.b4pABH/_old 2016-03-20 11:48:46.000000000 +0100 +++ /var/tmp/diff_new_pack.b4pABH/_new 2016-03-20 11:48:46.000000000 +0100 @@ -2,8 +2,8 @@ CHANNEL="esr38" BRANCH="releases/comm-$CHANNEL" -RELEASE_TAG="THUNDERBIRD_38_6_0_RELEASE" -VERSION="38.6.0" +RELEASE_TAG="THUNDERBIRD_38_7_0_RELEASE" +VERSION="38.7.0" echo "cloning $BRANCH..." hg clone http://hg.mozilla.org/$BRANCH thunderbird ++++++ l10n-38.6.0.tar.xz -> l10n-38.7.0.tar.xz ++++++ /work/SRC/openSUSE:Factory/MozillaThunderbird/l10n-38.6.0.tar.xz /work/SRC/openSUSE:Factory/.MozillaThunderbird.new/l10n-38.7.0.tar.xz differ: char 26, line 1 ++++++ thunderbird-38.6.0-source.tar.xz -> thunderbird-38.7.0-source.tar.xz ++++++ /work/SRC/openSUSE:Factory/MozillaThunderbird/thunderbird-38.6.0-source.tar.xz /work/SRC/openSUSE:Factory/.MozillaThunderbird.new/thunderbird-38.7.0-source.tar.xz differ: char 26, line 1