Revisions of MozillaThunderbird
Dominique Leuenberger (dimstar_suse)
accepted
request 823878
from
Wolfgang Rosenauer (wrosenauer)
(revision 235)
Dominique Leuenberger (dimstar_suse)
accepted
request 818251
from
Wolfgang Rosenauer (wrosenauer)
(revision 234)
Dominique Leuenberger (dimstar_suse)
accepted
request 813558
from
Wolfgang Rosenauer (wrosenauer)
(revision 233)
- build with nodejs10 to be able to drop nodejs8 from TW - updated create-tar.sh
Dominique Leuenberger (dimstar_suse)
accepted
request 812112
from
Wolfgang Rosenauer (wrosenauer)
(revision 232)
Yuchen Lin (maxlin_factory)
accepted
request 808609
from
Wolfgang Rosenauer (wrosenauer)
(revision 231)
Dominique Leuenberger (dimstar_suse)
accepted
request 800587
from
Wolfgang Rosenauer (wrosenauer)
(revision 230)
- Mozilla Thunderbird 68.8.0 * Account Manager fixes and improvements * https://www.thunderbird.net/en-US/thunderbird/68.8.0/releasenotes MFSA 2020-18 (bsc#1171186) * CVE-2020-12397 (bmo#1617370) Sender Email Address Spoofing using encoded Unicode characters * CVE-2020-12387 (bmo#1545345) Use-after-free during worker shutdown * CVE-2020-6831 (bmo#1632241) Buffer overflow in SCTP chunk input validation * CVE-2020-12392 (bmo#1614468) Arbitrary local file access with 'Copy as cURL' * CVE-2020-12393 (bmo#1615471) Devtools' 'Copy as cURL' feature did not fully escape website-controlled data, potentially leading to command injection * CVE-2020-12395 (bmo#1595886, bmo#1611482, bmo#1614704, bmo#1624098, bmo#1625749, bmo#1626382, bmo#1628076, bmo#1631508) Memory safety bugs fixed in Thunderbird 68.8.0 - removed obsolete patch mozilla-bmo1580963.patch - Add mozilla-bmo1580963.patch to fix build with rust 1.43 (bmo#1580963) In general, these flaws cannot be exploited through email in
Dominique Leuenberger (dimstar_suse)
accepted
request 793242
from
Wolfgang Rosenauer (wrosenauer)
(revision 229)
Dominique Leuenberger (dimstar_suse)
accepted
request 787142
from
Factory Maintainer (factory-maintainer)
(revision 228)
Automatic submission by obs-autosubmit
Oliver Kurz (okurz-factory)
accepted
request 773527
from
Wolfgang Rosenauer (wrosenauer)
(revision 227)
- Mozilla Thunderbird 68.5.0 New * Support for Client Identity IMAP/SMTP Service Extension * Support for OAuth 2.0 authentication for POP3 accounts Fixes * Status area goes blank during account setup * Calendar: Could not remove color for default categories * Calendar: Prevent calendar component loading multiple times * Calendar: Today pane did not retain width between sessions MFSA 2020-07 (bsc#1163368) * CVE-2020-6793 (bmo#1608539) Out-of-bounds read when processing certain email messages * CVE-2020-6794 (bmo#1606619) Setting a master password post-Thunderbird 52 does not delete unencrypted previously stored passwords * CVE-2020-6795 (bmo#1611105) Crash processing S/MIME messages with multiple signatures * CVE-2020-6797 (bmo#1596668) (Mac OSX only) Extensions granted downloads.open permission could open arbitrary applications on Mac OSX * CVE-2020-6798 (bmo#1602944) Incorrect parsing of template tag could result in JavaScript injection * CVE-2020-6792 (bmo#1609607) Message ID calculcation was based on uninitialized data * CVE-2020-6800 (bmo#1595786,bmo#1596706,bmo#1598543,bmo#1604851, bmo#1608580,bmo#1608785,bmo#1605777) Memory safety bugs fixed in Thunderbird 68.5
Dominique Leuenberger (dimstar_suse)
accepted
request 769383
from
Wolfgang Rosenauer (wrosenauer)
(revision 226)
Dominique Leuenberger (dimstar_suse)
accepted
request 767881
from
Wolfgang Rosenauer (wrosenauer)
(revision 225)
- Mozilla Thunderbird 68.4.2 * Calendar: Task and Event tree colours adjusted for the dark theme * Retrieval of S/MIME certificates from LDAP failed * Address-parsing crash on some IMAP servers when mail.imap.use_envelope_cmd is set * Incorrect forwarding of HTML messages caused SMTP servers to respond with a timeout * Calendar: Various parts of the calendar UI stopped working when a second Thunderbird window opened
Dominique Leuenberger (dimstar_suse)
accepted
request 763056
from
Wolfgang Rosenauer (wrosenauer)
(revision 224)
- Mozilla Thunderbird 68.4.1 * Various improvements when setting up an account for a Microsoft Exchange server: Now offers IMAP/SMTP if available, better detection for Office 365 accounts; re-run configuration after password change Fixes: * After changing view layout, the message display pane showed garbled content under some circumstances * Various theme changes to achieve "pixel perfection": Unread icon, "no results" icon, paragraph format and font selector, background of folder summary tooltip * Tags were lost on messages in shared IMAP folders under some circumstances * Calendar: Event attendee dialog was not displayed correctly MFSA 2020-04 (bsc#1160498, bsc#1160305) * CVE-2019-17026 (bmo#1607443) IonMonkey type confusion with StoreElementHole and FallibleStoreElement * CVE-2019-17015 (bmo#1599005) Memory corruption in parent process during new content process initialization on Windows * CVE-2019-17016 (bmo#1599181) Bypass of @namespace CSS sanitization during pasting * CVE-2019-17017 (bmo#1603055) Type Confusion in XPCVariant.cpp * CVE-2019-17021 (bmo#1599008) Heap address disclosure in parent process during content process initialization on Windows * CVE-2019-17022 (bmo#1602843) CSS sanitization does not escape HTML tags * CVE-2019-17024 (bmo#1507180, bmo#1595470, bmo#1598605, bmo#1601826)
Dominique Leuenberger (dimstar_suse)
accepted
request 759724
from
Wolfgang Rosenauer (wrosenauer)
(revision 223)
- add mozilla-bmo1583471.patch to allow building with rust 1.39 - Mozilla Thunderbird 68.3.1 * In dark theme unread messages no longer shown in blue to distinguish from tagged messages * Account setup is now using client side DNS MX lookup instead of relying on a server Bugfixes * Searching LDAP address book crashed in some circumstances * Message navigation with backward and forward buttons did not work in some circumstances * WebExtension toolbar icons were displayed too small * Calendar: Tasks due today were not listed in bold * Calendar: Last day of long-running events was not shown
Dominique Leuenberger (dimstar_suse)
accepted
request 754691
from
Wolfgang Rosenauer (wrosenauer)
(revision 222)
- Mozilla Thunderbird 68.3.0: * Message display toolbar action WebExtension API * Navigation buttons are now available in content tabs, for example those opened via an add-on search * other bugfixes MFSA 2019-38 * CVE-2019-17008 (bmo#1546331) Use-after-free in worker destruction * CVE-2019-13722 (bmo#1580156) Stack corruption due to incorrect number of arguments in WebRTC code * CVE-2019-17010 (bmo#1581084) Use-after-free when performing device orientation checks * CVE-2019-17005 (bmo#1584170) Buffer overflow in plain text serializer * CVE-2019-17011 (bmo#1591334) Use-after-free when retrieving a document in antitracking * CVE-2019-17012 (bmo#1449736, bmo#1533957, bmo#1560667, bmo#1567209, bmo#1580288, bmo#1585760, bmo#1592502) Memory safety bugs fixed in Firefox 71 and Firefox ESR 68.3 * Various updates to improve performance and stability - updated create-tar.sh to cover buildid and origin repo information - changed locale building procedure * removed obsolete compare-locales.tar.xz and thunderbird-broken-locales-build.patch - add mozilla-bmo849632.patch to fix color issues on big endian
Dominique Leuenberger (dimstar_suse)
accepted
request 747029
from
Wolfgang Rosenauer (wrosenauer)
(revision 221)
Dominique Leuenberger (dimstar_suse)
accepted
request 744761
from
Wolfgang Rosenauer (wrosenauer)
(revision 220)
- Mozilla Thunderbird 68.2.1 * A language for the user interface can now be chosen in the advanced settings (multilingual UI) * Fixed problem with Google authentication (OAuth2) * Selected or unread messages were not shown in the correct color in the thread pane (message list) under some circumstances * When using a language pack, names of standard folders weren't localized (boo#1149126) * Address book default startup directory in preferences panel was not persisted * Chat: Extended context menu on Instant messaging status dialog (Show Accounts) - added mozilla-bmo1504834-part4.patch to fix some visual issues on big endian platforms
Dominique Leuenberger (dimstar_suse)
accepted
request 742150
from
Wolfgang Rosenauer (wrosenauer)
(revision 219)
- Mozilla Thunderbird 68.2.0 * Message Display WebExtension API * Message Search WebExtension API * Better visual feedback for unread messages when using the dark theme * Fixed various issues when editing mailing list * Fixed application windows not maintaining their size after restart MFSA 2019-33 (bsc#1154738) * CVE-2019-15903 (bmo#1584907) Heap overflow in expat library in XML_GetCurrentLineNumber * CVE-2019-11757 (bmo#1577107) Use-after-free when creating index updates in IndexedDB * CVE-2019-11758 (bmo#1536227) Potentially exploitable crash due to 360 Total Security * CVE-2019-11759 (bmo#1577953) Stack buffer overflow in HKDF output * CVE-2019-11760 (bmo#1577719) Stack buffer overflow in WebRTC networking * CVE-2019-11761 (bmo#1561502) Unintended access to a privileged JSONView object * CVE-2019-11762 (bmo#1582857) document.domain-based origin isolation has same-origin-property violation * CVE-2019-11763 (bmo#1584216) Incorrect HTML parsing results in XSS bypass technique * CVE-2019-11764 (bmo#1558522, bmo#1577061, bmo#1548044, bmo#1571223, bmo#1573048, bmo#1578933, bmo#1575217, bmo#1583684, bmo#1586845, bmo#1581950, bmo#1583463, bmo#1586599) Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2 - removed obsolete patches mozilla-bmo1573381.patch mozilla-bmo1512162.patch
Dominique Leuenberger (dimstar_suse)
accepted
request 737931
from
Wolfgang Rosenauer (wrosenauer)
(revision 218)
- Mozilla Thunderbird 68.1.2 Bugfixes * Some attachments couldn't be opened in messages originating from MS Outlook 2016 * Address book import from CSV * Performance problem in message body search * Ctrl+Enter to send a message would open an attachment if the attachment pane had focus * Calendar: Issues with "Today Pane" start-up * Calendar: Glitches with custom repeat and reminder number input * Calendar: Problems with WCAP provider - add mozilla-bmo1585099.patch to fix build with rust >= 1.38
Dominique Leuenberger (dimstar_suse)
accepted
request 733855
from
Wolfgang Rosenauer (wrosenauer)
(revision 217)
Yuchen Lin (maxlin_factory)
accepted
request 730872
from
Wolfgang Rosenauer (wrosenauer)
(revision 216)
- Mozilla Thunderbird 68.1.0 * Offer to configure Exchange accounts for Office365. A third-party add-on is required for this account type. IMAP still exists as alternative. * several bugfixes MFSA 2019-30 * CVE-2019-11739 (bmo#1571481) Covert Content Attack on S/MIME encryption using a crafted multipart/alternative message * CVE-2019-11746 (bmo#1564449) Use-after-free while manipulating video * CVE-2019-11744 (bmo#1562033) XSS by breaking out of title and textarea elements using innerHTML * CVE-2019-11742 (bmo#1559715) Same-origin policy violation with SVG filters and canvas to steal cross-origin images * CVE-2019-11752 (bmo#1501152) Use-after-free while extracting a key value in IndexedDB * CVE-2019-11743 (bmo#1560495) Cross-origin access to unload event attributes * CVE-2019-11740 (bmo#1563133,bmo#1573160) Memory safety bugs fixed in Firefox 69, Firefox ESR 68.1, and Firefox ESR 60.9, Thunderbird 68.1, and Thunderbird 60.9 - removed upstreamed fix-build-after-y2038-changes-in-glibc.patch - added thunderbird-locale-build.patch to fix locale build - Add -L flag to the stat call for checking file size of %{SOURCE4}. - Add fix-missing-return-warning.patch to silence a compiler warning. - Mozilla Thunderbird 68.0
Displaying revisions 101 - 120 of 335