SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for MozillaThunderbird-debuginfo-2.0.0.24-1.46.x86_64.rpm :
Tue Aug 18 14:00:00 2009 wrAATTrosenauer.org
- update to version 2.0.0.23
- export SUSE_ASNEEDED to fix build with 11.2 and up
- make NSS 3.12.3 the minimal build requirement for its security
fixes

Tue Jun 16 14:00:00 2009 wrAATTrosenauer.org
- security update to version 2.0.0.22

* MFSA-2009-14/MFSA-2009-24
Crashes with evidence of memory corruption

* MFSA-2009-17/CVE-2009-1307 (bmo#481342)
Same-origin violations when Adobe Flash loaded via
view-source: scheme

* MFSA-2009-27/CVE-2009-1836 (bmo#479880)
SSL tampering via non-200 responses to proxy CONNECT requests

* MFSA-2009-29/CVE-2009-1838 (bmo#489131)
Arbitrary code execution using event listeners attached to an
element whose owner document is null

* MFSA-2009-32/CVE-2009-1841 (bmo#479560)
JavaScript chrome privilege escalation

* MFSA-2009-33 (bmo#495057)
Crash viewing multipart/alternative message with text/enhanced
part
- fixed build with gcc 4.4 (mozilla-gcc44.patch)
- fixed startscript to be able to handle filenames with whitespaces

Wed Mar 11 13:00:00 2009 wrAATTrosenauer.org
- security update to version 2.0.0.21 (bnc#478625)
see for details
http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html

Sun Dec 28 13:00:00 2008 wrAATTrosenauer.org
- security update to version 2.0.0.19 (bnc#458973)
see for details
http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.html

Thu Dec 4 13:00:00 2008 wrAATTrosenauer.org
- added Lightning subpackage which contains the calendar extension

Fri Nov 21 13:00:00 2008 wrAATTrosenauer.org
- Add mozilla-shared-nss-db.patch which allows migrating to and
sharing with other applications using NSS
(same functionality as in xulrunner/firefox)
(can be disabled completely exporting MOZ_TB_NO_NSSHELPER=1)

Fri Nov 21 13:00:00 2008 mawAATTsuse.de
- Review and approve changes.

Thu Nov 13 13:00:00 2008 wrAATTrosenauer.org
- security update to version 2.0.0.18 (bnc#439841)

* MFSA 2008-48 / CVE-2008-5012
Image stealing via canvas and HTTP redirect

* MFSA 2008-50 / CVE-2008-5014 (bmo#436741)
Crash and remote code execution via __proto__ tampering

* MFSA 2008-52 / CVE-2008-5016 / CVE-2008-5017 / CVE-2008-5018
Crashes with evidence of memory corruption (rv:1.9.0.4/1.8.1.18)

* MFSA 2008-55 / CVE-2008-5021 (bmo#456896)
Crash and remote code execution in nsFrameManager

* MFSA 2008-56 / CVE-2008-5022 (bmo#460002)
nsXMLHttpRequest::NotifyEventListeners() same-origin violation

* MFSA 2008-58 / CVE-2008-5024 (bmo#453915)
Parsing error in E4X default namespace

Tue Oct 28 13:00:00 2008 wrAATTrosenauer.org
- fixed crash when nss_ldap is used (mozldap-charray_strdup.patch)
(bnc#439588) (patch from Stefan BrĂ¼ns)

Wed Oct 15 14:00:00 2008 mawAATTsuse.de
- Review and approve changes.

Wed Oct 8 14:00:00 2008 wrAATTrosenauer.org
- use system hunspell from 11.0 on (bnc#385739)
- remove more executable bits from non-executable files

Tue Sep 23 14:00:00 2008 wrAATTrosenauer.org
- security update to version 2.0.0.17 (bnc#429179)

* MFSA 2008-37 / CVE-2008-0016
UTF-8 URL stack buffer overflow

* MFSA 2008-38 / CVE-2008-3835
nsXMLDocument::OnChannelRedirect() same-origin violation

* MFSA 2008-41 / CVE-2008-4058 / CVE-2008-4059 / CVE-2008-4060
Privilege escalation via XPCnativeWrapper pollution

* MFSA 2008-42 / CVE-2008-4061 / CVE-2008-4062 / CVE-2008-4063
CVE-2008-4064
Crashes with evidence of memory corruption

* MFSA 2008-43 / CVE-2008-4065 / CVE-2008-4066
BOM characters, low surrogates stripped from JavaScript before
execution

* MFSA 2008-44 / CVE-2008-4067 / CVE-2008-4068
resource: traversal vulnerabilities

* MFSA 2008-46 / CVE-2008-4070
Heap overflow when canceling newsgroup message

Mon Sep 15 14:00:00 2008 wrAATTrosenauer.org
- fixed undefined operation in nsMailboxService.cpp (abuild.patch)
- cleanup spec a bit while merging from OBS/mozilla

* forwarding old fixes to cups-paper.patch, mozilla.sh.in and
add-plugins.sh (were fixed long ago in the OBS repo)

Thu Sep 11 14:00:00 2008 mauroAATTsuse.de
- Update to 2.0.0.16 (fixed bnc#417869), fixes:
+ MFSA 2008-34 Remote code execution by overflowing CSS
reference counter
+ MFSA 2008-33 Crash and remote code execution in block reflow
+ MFSA 2008-31 Peer-trusted certs can use alt names to spoof
+ MFSA 2008-29 Faulty .properties file results in uninitialized
memory being used
+ MFSA 2008-26 Buffer length checks in MIME processing
+ MFSA 2008-25 Arbitrary code execution in
mozIJSSubScriptLoader.loadSubScript()
+ MFSA 2008-24 Chrome script loading from fastload file
+ MFSA 2008-21 Crashes with evidence of memory corruption (rv:1.8.1.15)

Wed Jul 23 14:00:00 2008 schwabAATTsuse.de
- Remove unused includes.

Tue Jun 24 14:00:00 2008 mawAATTsuse.de
- Security update to version 2.0.0.14 (bnc#390992):
+ MFSA 2008-15 / CVE-2008-1236 and CVE-2008-1237: Crashes with
evidence of memory corruption (rv:1.8.1.13)
+ MFSA 2008-14 / CVE-2008-1233, CVE-2008-1234, and CVE-2008-1235:
JavaScript privilege escalation and arbitrary code execution
- Drop the following patches: thunderbird-2.0.0.14-backports.patch,
mozilla-missing-decl.patch, and unused-includes.patch
- Respin mozilla-gcc4.3-fixes.patch.

Fri May 30 14:00:00 2008 mawAATTsuse.de
- Add thunderbird-2.0.0.14-backports.patch (bnc390992).

Fri May 16 14:00:00 2008 schwabAATTsuse.de
- Remove unused includes.

Mon Mar 24 13:00:00 2008 mawAATTsuse.de
- Add mozilla-missing-decl.patch, which is necessary when building
against new versions of mozilla-nss (bmo#399589).

Fri Mar 7 13:00:00 2008 mawAATTsuse.de
- Security update to version 2.0.0.12 (bnc#354469)

* MFSA 2008-12 Buffer overflow in external MIME bodies
- Replace mozilla-maxpathlen.patch with mozilla-path_len.patch, for
consistency\'s sake.

Thu Jan 17 13:00:00 2008 mawAATTsuse.de
- Add mozilla-maxpathlen.patch (#354150 and bmo #412610).

Tue Jan 15 13:00:00 2008 mawAATTsuse.de
- Merge changes from the build service (thanks, Wolfgang)
- Update to version 2.0.9.9 (MFSA 2007-29)
- Update enigmail to version 0.95.6
- Add a -devel subpackage
- Various fixes to enable building with gcc 4.3.

Tue Nov 13 13:00:00 2007 mawAATTsuse.de
- Add thunderbird-gcc4.3-fixes.patch
- Add visibility.patch.

Thu Sep 13 14:00:00 2007 cthielAATTsuse.de
- recommend gpg instead of requireing a fixed path

Wed Sep 12 14:00:00 2007 mawAATTsuse.de
- Added gpg/pinentry requirements (#309160).

Tue Sep 4 14:00:00 2007 mawAATTsuse.de
- Don\'t run %fdupes on directories where multiple partitions
are liable to be mounted.

Mon Sep 3 14:00:00 2007 mawAATTsuse.de
- Merge some changes from the build service (thanks, Wolfgang):
+ Provide locale info (#302288)
+ Update releasedate
- Uncomment %clean.

Tue Aug 21 14:00:00 2007 mawAATTsuse.de
- Use %fdupes.

Tue Aug 21 14:00:00 2007 mawAATTsuse.de
- Merge updates from the build service:
- Update to security release 2.0.0.6:

* MFSA 2007-26 Privilege escalation through chrome-loaded
about:blank windows

* MFSA 2007-27 Unescaped URIs passed to external programs
- Update enigmail to version 0.95.3.

Wed Aug 15 14:00:00 2007 mawAATTsuse.de
- On x86_64, s390, and s390x, deactivate the hidden visibility
support, thereby fixing the build.

Wed Jul 25 14:00:00 2007 mawAATTsuse.de
- Security update to version 2.0.0.5 (#288115)
- This new release has fixes for:
MFSA 2007-18
CVE-2007-3734 - Browser flaws
CVE-2007-3735 - Javascript flaws
MFSA 2007-19
CVE-2007-3736
MFSA 2007-20
CVE-2007-3089
MFSA 2007-21
CVE-2007-3737
MFSA 2007-22
CVE-2007-3285
MFSA 2007-23
CVE-2007-3670
MFSA 2007-24
CVE-2007-3656
MFSA 2007-25
CVE-2007-3738
- Update to enigmail 0.95.2.

Thu Jun 21 14:00:00 2007 adrianAATTsuse.de
- fix changelog entry order

Sat Jun 16 14:00:00 2007 mawAATTsuse.de
- Merge update to 2.0.0.4 from the build service (thanks, Wolfgang)
- Remove some commented out stuff.

Wed Jun 13 14:00:00 2007 wrAATTrosenauer.org
- update to maintenance release 2.0.0.4
- update enigmail to 0.95.1
- adopted patches:

* fixed cups-paper.patch (copied from FF)

* removed obsolete visibility.patch

Tue Jun 12 14:00:00 2007 mawAATTsuse.de
- Merge chagnges from the build service (thanks, Wolfgang)
- Now use l10n-%{version}.tar.bz2 instead of l10n.tar.bz2 as
before.

Tue Jun 5 14:00:00 2007 mawAATTsuse.de
- Security update to version 1.5.0.12 (#271197).

Tue Jun 5 14:00:00 2007 sbrabecAATTsuse.cz
- Removed invalid desktop category \"Application\" (#254654).

Thu Apr 19 14:00:00 2007 wrAATTrosenauer.org
- update to final version 2.0.0.0
(http://www.mozilla.com/en-US/thunderbird/2.0.0.0/releasenotes/)
- update enigmail to 0.95.0

Wed Apr 18 14:00:00 2007 mfabianAATTsuse.de
- add Japanese to the languages which get PANGO enabled in the
start script to support the Japanese combining characters
U+3099 U+309A (see bugzilla #262718 comment #29).

Thu Apr 12 14:00:00 2007 wrAATTrosenauer.org
- update to 2.0.0.0rc1
- enabled translations package

Fri Mar 30 14:00:00 2007 wrAATTrosenauer.org
- update to snapshot 2.0.0.0pre-20070329
- security update enigmail 0.94.3
(Bugtraq #22758)

Fri Mar 30 14:00:00 2007 meissnerAATTsuse.de
- require unzip

Tue Mar 13 13:00:00 2007 wrAATTrosenauer.org
- update to snapshot 2.0pre-20060312
- removed implicit NSS version dependency

Thu Mar 8 13:00:00 2007 meissnerAATTsuse.de
- Upgraded to 1.5.0.10 security release.
- Upgraded to enigmail 0.94.2.

Thu Feb 15 13:00:00 2007 wrAATTrosenauer.org
- update to snapshot 2.0beta2-20060214
- fixed build on SLES9

Mon Feb 5 13:00:00 2007 wrAATTrosenauer.org
- fixed check in add-plugins.sh (#242237)

Tue Jan 30 13:00:00 2007 mawAATTsuse.de
- Add thunderbird-1.5.0.8-uninitalized-vars-232305.patch (#232305).

Fri Jan 19 13:00:00 2007 mawAATTsuse.de
- Add undefined-ops.patch, silencing some warnings.

Thu Nov 9 13:00:00 2006 jhargadonAATTsuse.de
- security update to version 1.5.0.8

Tue Sep 12 14:00:00 2006 starkAATTsuse.de
- security update to version 1.5.0.7

Mon Aug 14 14:00:00 2006 starkAATTsuse.de
- update enigmail to 0.94.1

* Added support for signing attachments with inline-PGP
- update mailredirect to 0.7.4
- added backend patch to allow replies to list with
ReplyToListThunderbirdExtension (#199125, bmo #45715)
- added mailnews.clobber_list_reply pref which switches
\"Reply All\" to \"Reply List\" functionality if set

Thu Jul 27 14:00:00 2006 starkAATTsuse.de
- security update to version 1.5.0.5 (#195043)
- fixed overwrite confirmation for GTK filesaver (#179531)

Wed Jun 7 14:00:00 2006 starkAATTsuse.de
- fixed up BuildRequires

Fri Jun 2 14:00:00 2006 mlsAATTsuse.de
- converted neededforbuild to BuildRequires

Fri Jun 2 14:00:00 2006 starkAATTsuse.de
- update to security/stability release 1.5.0.4 (#179011)
(http://www.mozilla.org/projects/security/known-vulnerabilities.html#Thunderbird)

Mon May 15 14:00:00 2006 starkAATTsuse.de
- update to version 1.5.0.2
- update mailredirect to 0.7.3
- save printer settings properly (#174082, bmo #324072)
- improved postscript output (bmo #334485)
- changed defaults for printer properties (#6534)
- get available paper sizes from CUPS (#65482)

Sat Mar 18 13:00:00 2006 starkAATTsuse.de
- translations package is suggested now by main package
- yet another set of upstream fixes (#148876)

Sun Mar 12 13:00:00 2006 starkAATTsuse.de
- added Khmer (km-
*) to pango locales (#157397)
- yet another set of upstream fixes (#148876)

Sat Mar 4 13:00:00 2006 starkAATTsuse.de
- latest security fixes from upstream (#148876)
- show multiple Reply-To addresses (bmo #106189)

Fri Feb 24 13:00:00 2006 starkAATTsuse.de
- added GTK category to desktop-file
- dumpstack.patch is in upstream patches now
- get some more patches (#148876)

Tue Feb 14 13:00:00 2006 starkAATTsuse.de
- applied set of security patches (#148876)

Tue Feb 7 13:00:00 2006 starkAATTsuse.de
- fixed disabling of Pango (#148788)

Thu Feb 2 13:00:00 2006 starkAATTsuse.de
- defined gssapi lib explicitely (#147670)

Wed Feb 1 13:00:00 2006 starkAATTsuse.de
- removed additional CA certs from builtin NSS
- make it possible to choose $HOME as download directory
(#144894, bmo #300856)
- cleaned up BuildRequires

Wed Jan 25 13:00:00 2006 mlsAATTsuse.de
- converted neededforbuild to BuildRequires

Mon Jan 23 13:00:00 2006 starkAATTsuse.de
- disable Pango if MOZ_ENABLE_PANGO is not set
and no typical language which needs Pango is used (#143428)
- preload libaoss for plugin sound (#117079)
- fix to ignore X composite extension (#135373)

Wed Jan 18 13:00:00 2006 starkAATTsuse.de
- added default (font) settings
- tweak useragent
- fixed DumpStackToFile() for glibc 2.4

Thu Jan 12 13:00:00 2006 starkAATTsuse.de
- update to 1.5 (20060111)
- added sytem extensions patch
- added XUL filechooser patch (MOZ_XUL_PICKER)
- update enigmail to 0.94.0
- use -fstack-protector where available
- use system NSS since CODE10

Wed Dec 28 13:00:00 2005 starkAATTsuse.de
- update to 1.5rc2 (20051227)

Sun Dec 11 13:00:00 2005 starkAATTsuse.de
- update to 1.5 (20051211)
- update enigmail to 0.93.2

Tue Nov 29 13:00:00 2005 starkAATTsuse.de
- update enigmail to 0.93.1
- added patch for GTK2 handling (#134831)

Fri Nov 25 13:00:00 2005 starkAATTsuse.de
- update to 1.5 (20051124)

Fri Oct 28 14:00:00 2005 starkAATTsuse.de
- update to latest 1.5 snapshot (20051027)
- added patch to be able to reply to and forward rfc822 messages
(bmo #204350)
- again don\'t provide and require NSS stuff
- removed disable-gconf patch (no registration needed in build
process anymore)
- added mailredirect extension
- removed update functionality

Mon Oct 10 14:00:00 2005 starkAATTsuse.de
- update to 1.5b2 (20051008)
- preinstall Enigmail (version 0.93.0) as global extension
- add all supported locales and use if installed

Tue Oct 4 14:00:00 2005 starkAATTsuse.de
- update to 1.5b2 (20051003) (RPM version 1.4.1)
- prerequire NSPR
- prepared translations subpackage
- fixed filelist
- fixed build with new gcc

Wed Sep 21 14:00:00 2005 starkAATTsuse.de
- update to 1.5b1 (20050920)
- added spellchecker integration with myspell (add-plugins.sh)
- removed aviary-install-global patch (not needed anymore, with
new EM)
- enabled pango font rendering (through cairo hopefully)
- fixed GNOME gconf registration (#117851)

Sat Aug 20 14:00:00 2005 starkAATTsuse.de
- workaround for linking with pangoxft and pangox
(broken by gtk 2.8 update) (#105764)

Thu Aug 18 14:00:00 2005 starkAATTsuse.de
- fixed Gdk-WARNING at startup (gtk.patch)
- fixed regression in profile locking change (bmo #303633)
- fixed crash with gtk 2.7 (bmo #300226, bnc #104586)

Wed Aug 3 14:00:00 2005 starkAATTsuse.de
- fixed profile locking (bmo #151188)

Fri Jul 29 14:00:00 2005 starkAATTsuse.de
- don\'t require and provide NSS libs (#98002)

Fri Jul 22 14:00:00 2005 starkAATTsuse.de
- fixed printing patch

Tue Jul 19 14:00:00 2005 starkAATTsuse.de
- added NSPR to PreReq
- disable stripping in specfile

Fri Jul 15 14:00:00 2005 starkAATTsuse.de
- update to 1.0.6 which restores API compatibility
- fixed width calculation in Postscript module (bmo #290292)

Thu Jul 14 14:00:00 2005 starkAATTsuse.de
- fixed filelist to include icon-file and startscript again

Tue Jul 12 14:00:00 2005 starkAATTsuse.de
- fixed remote usage behaviour in start script (bnc #41903)
- update to 1.0.5 security release
- fixed quoting patch
- moved desktop file to a Gnome independent location
- don\'t strip explicitely
- use RPM_OPT_FLAGS for NSS component
- fixed implicit declarations and uninitialized used variables

Thu Apr 28 14:00:00 2005 starkAATTsuse.de
- updated to current 1.0 branch version
- use static NSPR from other location

Sat Apr 23 14:00:00 2005 starkAATTsuse.de
- activate usage of system NSPR for distributions after 9.3
- add patch to be able to use systen NSPR at all
- extended desktop file

Fri Apr 22 14:00:00 2005 roAATTsuse.de
- apply mozilla-gcc4.patch

Wed Mar 23 13:00:00 2005 starkAATTsuse.de
- update to 1.0.2
- use system NSPR on SUSE releases after 9.3
- made startscript PIS aware
- set g-application-name correctly (bmo #281979)

Mon Mar 7 13:00:00 2005 starkAATTsuse.de
- don\'t use gconfd in registration phase (#66381)

Fri Feb 25 13:00:00 2005 starkAATTsuse.de
- update to version 1.0.1

Tue Feb 22 13:00:00 2005 starkAATTsuse.de
- added patch to create Postscript level 2 (instead of 3)
(special thanks to Jungshik Shin)
- disabled freetype explicitly to be able to use the above patch
(freetype wasn\'t used anymore since some time anyway)

Wed Feb 2 13:00:00 2005 starkAATTsuse.de
- added a JS crasher fix (bmc #268535)

Sat Jan 22 13:00:00 2005 starkAATTsuse.de
- added some backported bugfixes

Tue Dec 7 13:00:00 2004 starkAATTsuse.de
- update to 1.0
- fixed extra lines in replies (bmo #144998)
- fixed build on s390/s390x

Wed Nov 24 13:00:00 2004 starkAATTsuse.de
- update to 20041123 snapshot
- inherit downloadFolder patch from Firefox

Fri Nov 12 13:00:00 2004 starkAATTsuse.de
- fixed chrome filelist

Thu Nov 4 13:00:00 2004 starkAATTsuse.de
- update to 0.9
- sync patch-set with firefox base
- fixed neededforbuild to get GNOME functionalities

Fri Sep 17 14:00:00 2004 starkAATTsuse.de
- added some missing fixes for official release
- synced add-plugins.sh

Sat Sep 11 14:00:00 2004 starkAATTsuse.de
- update to official 0.8 version (20040911)
- fixed enigmail config

Mon Sep 6 14:00:00 2004 starkAATTsuse.de
- fixed profile directory

Fri Sep 3 14:00:00 2004 starkAATTsuse.de
- update to thunderbird 0.8 (20040903)
- update enigmail to 0.86.0 and ipc to 1.0.8 (deactivated)

Tue Aug 24 14:00:00 2004 starkAATTsuse.de
- update to thunderbird 0.7.3
- update enigmail to 0.85.0 and ipc to 1.0.7

Tue Jun 29 14:00:00 2004 starkAATTsuse.de
- update to thunderbird 0.7.1
- update enigmail to 0.84.1

Wed May 12 14:00:00 2004 roAATTsuse.de
- add some missing return values

Mon May 3 14:00:00 2004 starkAATTsuse.de
- update to Thunderbird 0.6 (based on 1.7rc1)
- use official branding for release builds
- added desktop-icon (#39139)

Fri Apr 2 14:00:00 2004 starkAATTsuse.de
- removing relocation of TEMP directory (#34391)

Fri Mar 26 13:00:00 2004 uliAATTsuse.de
- fixed hang during build on s390
* (bug #35440)

Mon Mar 8 13:00:00 2004 roAATTsuse.de
- match function declaration in enigmail mimedummy.cpp

Fri Mar 5 13:00:00 2004 starkAATTsuse.de
- more fixes for #35179
- added firefox as default handler for its protocols
- update enigmail to 0.83.4

Wed Mar 3 13:00:00 2004 starkAATTsuse.de
- removed unused patches for GTK2 build

Sun Feb 29 13:00:00 2004 starkAATTsuse.de
- improved start-script to interact with firefox and mozilla
(#35179)

Fri Feb 27 13:00:00 2004 starkAATTsuse.de
- update to 0.5
- spec-file cleanup

Wed Oct 15 14:00:00 2003 starkAATTsuse.de
- update to 0.3 (sync with mozilla 1.5)

Tue Jul 15 14:00:00 2003 starkAATTsuse.de
- initial package (snapshot 20030714)


  
ICM