Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

MozillaThunderbird-52.5.2-53.1 RPM for x86_64

From OpenSuSE Leap 42.3 updates for x86_64

Name: MozillaThunderbird Distribution: openSUSE Leap 42.3
Version: 52.5.2 Vendor: openSUSE
Release: 53.1 Build date: Sun Dec 24 08:30:45 2017
Group: Productivity/Networking/Email/Clients Build host: lamb53
Size: 108712131 Source RPM: MozillaThunderbird-52.5.2-53.1.src.rpm
Packager: http://bugs.opensuse.org
Url: http://www.mozilla.org/products/thunderbird/
Summary: The Stand-Alone Mozilla Mail Component
Mozilla Thunderbird is a redesign of the Mozilla Mail component. It is
written using the XUL user interface language and designed to be
cross-platform. It is a stand-alone application instead of part of the
Mozilla application suite.

Provides

Requires

License

MPL-2.0

Changelog

* Sat Dec 23 2017 wr@rosenauer.org
  - update to Thunderbird 52.5.2
    * This releases fixes the "Mailsploit" vulnerability and other
      vulnerabilities detected by the "Cure53" audit (MFSA 2017-30)
    * CVE-2017-7846 (bmo#1411716, bsc#1074043)
      JavaScript Execution via RSS in mailbox:// origin
    * CVE-2017-7847 (bmo#1411708, bsc#1074044)
      Local path string can be leaked from RSS feed
    * CVE-2017-7848 (bmo#1411699, bsc#1074045)
      RSS Feed vulnerable to new line Injection
    * CVE-2017-7829 (bmo#1423432, bsc#1074046)
      Mailsploit part 1: From address with encoded null character is
      cut off in message header display
* Fri Dec 08 2017 dimstar@opensuse.org
  - Explicitly buildrequires python2-xml: The build system relies on
    it. We wrongly relied on other packages pulling it in for us.
* Thu Dec 07 2017 dimstar@opensuse.org
  - Escape the usage of %{VERSION} when calling out to rpm.
    RPM 4.14 has %{VERSION} defined as 'the main packages version'.
* Wed Nov 22 2017 wr@rosenauer.org
  - update to Thunderbird 52.5.0 (bsc#1068101)
    * Better support for Charter/Spectrum IMAP: Thunderbird will now
      detect Charter's IMAP service and send an additional IMAP select
      command to the server. Check the various preferences ending in
      "force_select" to see whether auto-detection has discovered this case.
    * In search folders spanning multiple base folders clicking on a
      message sometimes marked another message as read
    * IMAP alerts have been corrected and now show the correct server
      name in case of connection problems
    * POP alerts have been corrected and now indicate connection problems
      in case the configured POP server cannot be found
    MFSA 2017-26
    * CVE-2017-7828 (bmo#1406750. bmo#1412252)
      Use-after-free of PressShell while restyling layout
    * CVE-2017-7830 (bmo#1408990)
      Cross-origin URL information leak through Resource Timing API
    * CVE-2017-7826
      Memory safety bugs fixed in Firefox 57 and Firefox ESR 52.5
* Fri Nov 10 2017 zaitor@opensuse.org
  - Drop obsolete libgnomeui-devel BuildRequires: No longer needed.
  - Add explicit pkgconfig(gconf-2.0), pkgconfig(gobject-2.0),
    pkgconfig(gtk+-2.0), pkgconfig(gtk+-unix-print-2.0),
    pkgconfig(glib-2.0), pkgconfig(gobject-2.0) and
    pkgconfig(gdk-x11-2.0) BuildRequires: Previously pulled in by
    libgnomeui-devel, and is what configure really checks for.
* Wed Oct 04 2017 astieger@suse.com
  - Mozilla Thunderbird 52.4.0 (bsc#1060445)
    * new behavior was introduced for replies to mailing list posts:
      "When replying to a mailing list, reply will be sent to address
      in From header ignoring Reply-to header". A new preference
      mail.override_list_reply_to allows to restore the previous behavior.
    * Under certain circumstances (image attachment and non-image
      attachment), attached images were shown truncated in messages
      stored in IMAP folders not synchronised for offline use.
    * IMAP UIDs > 0x7FFFFFFF now handled properly
    Security fixes from Gecko 52.4esr
    * CVE-2017-7793 (bmo#1371889)
      Use-after-free with Fetch API
    * CVE-2017-7818 (bmo#1363723)
      Use-after-free during ARIA array manipulation
    * CVE-2017-7819 (bmo#1380292)
      Use-after-free while resizing images in design mode
    * CVE-2017-7824 (bmo#1398381)
      Buffer overflow when drawing and validating elements with ANGLE
    * CVE-2017-7805 (bmo#1377618) (fixed via NSS requirement)
      Use-after-free in TLS 1.2 generating handshake hashes
    * CVE-2017-7814 (bmo#1376036)
      Blob and data URLs bypass phishing and malware protection warnings
    * CVE-2017-7825 (bmo#1393624, bmo#1390980) (OSX-only)
      OS X fonts render some Tibetan and Arabic unicode characters as spaces
    * CVE-2017-7823 (bmo#1396320)
      CSP sandbox directive did not create a unique origin
    * CVE-2017-7810
      Memory safety bugs fixed in Firefox 56 and Firefox ESR 52.4
* Thu Sep 28 2017 dimstar@opensuse.org
  - Add alsa-devel BuildRequires: we care for ALSA support to be
    built and thus need to ensure we get the dependencies in place.
    In the past, alsa-devel was pulled in by accident: we
    buildrequire libgnome-devel. This required esound-devel and that
    in turn pulled in alsa-devel for us. libgnome is being fixed to
    no longer require esound-devel.
* Tue Aug 15 2017 wr@rosenauer.org
  - update to Thunderbird 52.3 (boo#1052829)
    Fixed issues:
    * Unwanted inline images shown in rogue SPAM messages
    * Deleting message from the POP3 server not working when maildir
      storage was used
    * Message disposition flag (replied / forwarded) lost when reply or
      forwarded message was stored as draft and draft was sent later
    * Inline images not scaled to fit when printing
    * Selected text from another message sometimes included in a reply
    * No authorisation prompt displayed when inserting image into email
      body although image URL requires authentication
    * Large attachments taking a long time to open under some circumstances
    security
    Security fixes from Gecko 52.3esr
    * CVE-2017-7798 (bmo#1371586, bmo#1372112)
      XUL injection in the style editor in devtools
    * CVE-2017-7800 (bmo#1374047)
      Use-after-free in WebSockets during disconnection
    * CVE-2017-7801 (bmo#1371259)
      Use-after-free with marquee during window resizing
    * CVE-2017-7784 (bmo#1376087)
      Use-after-free with image observers
    * CVE-2017-7802 (bmo#1378147)
      Use-after-free resizing image elements
    * CVE-2017-7785 (bmo#1356985)
      Buffer overflow manipulating ARIA attributes in DOM
    * CVE-2017-7786 (bmo#1365189)
      Buffer overflow while painting non-displayable SVG
    * CVE-2017-7753 (bmo#1353312)
      Out-of-bounds read with cached style data and pseudo-elements#
    * CVE-2017-7787 (bmo#1322896)
      Same-origin policy bypass with iframes through page reloads
    * CVE-2017-7807 (bmo#1376459)
      Domain hijacking through AppCache fallback
    * CVE-2017-7792 (bmo#1368652)
      Buffer overflow viewing certificates with an extremely long OID
    * CVE-2017-7804 (bmo#1372849)
      Memory protection bypass through WindowsDllDetourPatcher
    * CVE-2017-7791 (bmo#1365875)
      Spoofing following page navigation with data: protocol and modal alerts
    * CVE-2017-7782 (bmo#1344034)
      WindowsDllDetourPatcher allocates memory without DEP protections
    * CVE-2017-7803 (bmo#1377426)
      CSP containing 'sandbox' improperly applied
    * CVE-2017-7779
      Memory safety bugs fixed in Firefox 55 and Firefox ESR 52.3
* Wed Aug 09 2017 schwab@suse.de
  - mozilla-ucontext.patch: use ucontext_t instead of struct ucontext
* Wed Jun 28 2017 guillaume@opensuse.org
  - mozilla-disable-neon-option.patch has been dropped silently, so
    remove the --disable-neon option as it is not available anymore.
* Sun Jun 25 2017 wr@rosenauer.org
  - update to Thunderbird 52.2.1
    * Problems with Gmail fixed (folders not showing, repeated email
      download, etc.) introduced in version 52.2.0. (boo#1045895)
* Wed Jun 14 2017 wr@rosenauer.org
  - update to Thunderbird 52.2 (boo#1043960)
    * Embedded images not shown in email received from Hotmail/Outlook
      webmailer
    * Detection of non-ASCII font names in font selector
    * Attachment not forwarded correctly under certain circumstances
    * Multiple requests for master password when GMail OAuth2 is enabled
    * Large number of blank pages being printed under certain
      circumstances when invalid preferences were present
    * Messages sent via the Simple MAPI interface are forced to HTML
    * Calendar: Invitations can't be printed
    * Mailing list (group) not accessible from macOS or Outlook address book
    * Clicking on links with references/anchors where target doesn't
      exist in the message not opening in external browser
    MFSA 2017-17
    * CVE-2017-5472 (bmo#1365602)
      Use-after-free using destroyed node when regenerating trees
    * CVE-2017-7749 (bmo#1355039)
      Use-after-free during docshell reloading
    * CVE-2017-7750 (bmo#1356558)
      Use-after-free with track elements
    * CVE-2017-7751 (bmo#1363396)
      Use-after-free with content viewer listeners
    * CVE-2017-7752 (bmo#1359547)
      Use-after-free with IME input
    * CVE-2017-7754 (bmo#1357090)
      Out-of-bounds read in WebGL with ImageInfo object
    * CVE-2017-7756 (bmo#1366595)
      Use-after-free and use-after-scope logging XHR header errors
    * CVE-2017-7757 (bmo#1356824)
      Use-after-free in IndexedDB
    * CVE-2017-7778, CVE-2017-7778, CVE-2017-7771, CVE-2017-7772,
      CVE-2017-7773, CVE-2017-7774, CVE-2017-7775, CVE-2017-7776,
      CVE-2017-7777
      Vulnerabilities in the Graphite 2 library
    * CVE-2017-7758 (bmo#1368490)
      Out-of-bounds read in Opus encoder
    * CVE-2017-7763 (bmo#1360309)
      Mac fonts render some unicode characters as spaces (MacOS only)
    * CVE-2017-7764 (bmo#1364283)
      Domain spoofing with combination of Canadian Syllabics and other
      unicode blocks
    * CVE-2017-7765 (bmo#1273265)
      Mark of the Web bypass when saving executable files (Windows only)
    * CVE-2017-5470
      Memory safety bugs fixed in Firefox 54 and Firefox ESR 52.2
  - requires NSS 3.28.5
* Sun Jun 04 2017 wr@rosenauer.org
  - remove legacy -Os optimization breaking gcc7/i586 (boo#1042090)
* Thu Jun 01 2017 wr@rosenauer.org
  - explicitely optimize with -O2 for openSUSE > 13.2/Leap 42 to work
    with gcc7 (boo#1040105, boo#1042090)
* Thu May 11 2017 wr@rosenauer.org
  - update to Thunderbird 52.1.1
    * fixed crash when compacting IMAP folder (boo#1038753)
    * Some attachments could not be opened or saved if the message
      body is empty
    * Unable to load full message via POP if message was downloaded
      partially (or only headers) before
    * Large attachments may not be shown or saved correctly if the
      message is stored in an IMAP folder which is not synchronized
      for offline use
* Mon May 01 2017 wr@rosenauer.org
  - update to Thunderbird 52.1.0
    * Background images not working and other issues related to
      embedded images when composing email have been fixed
    * Google Oauth setup can sometimes not progress to the next step
    * requires NSS >= 3.28.4
  - security fixes (boo#1035082), MFSA 2017-13
    * CVE-2017-5443 (bmo#1342661)
      Out-of-bounds write during BinHex decoding
    * CVE-2017-5429 (bmo#1341096, bmo#1342823, bmo#1343261, bmo#1348894,
      bmo#1348941, bmo#1349340, bmo#1350844, bmo#1352926, bmo#1353088)
      Memory safety bugs fixed in Firefox 53, Firefox ESR 45.9, and
      Firefox ESR 52.1
    * CVE-2017-5464 (bmo#1347075)
      Memory corruption with accessibility and DOM manipulation
    * CVE-2017-5465 (bmo#1347617)
      Out-of-bounds read in ConvolvePixel
    * CVE-2017-5466 (bmo#1353975)
      Origin confusion when reloading isolated data:text/html URL
    * CVE-2017-5467 (bmo#1347262)
      Memory corruption when drawing Skia content
    * CVE-2017-5460 (bmo#1343642)
      Use-after-free in frame selection
    * CVE-2017-5461 (bmo#1344380)
      Out-of-bounds write in Base64 encoding in NSS
    * CVE-2017-5449 (bmo#1340127)
      Crash during bidirectional unicode manipulation with animation
    * CVE-2017-5446 (bmo#1343505)
      Out-of-bounds read when HTTP/2 DATA frames are sent with incorrect data
    * CVE-2017-5447 (bmo#1343552)
      Out-of-bounds read during glyph processing
    * CVE-2017-5444 (bmo#1344461)
      Buffer overflow while parsing application/http-index-format content
    * CVE-2017-5445 (bmo#1344467)
      Uninitialized values used while parsing application/http-index-format
      content
    * CVE-2017-5442 (bmo#1347979)
      Use-after-free during style changes
    * CVE-2017-5469 (bmo#1292534)
      Potential Buffer overflow in flex-generated code
    * CVE-2017-5440 (bmo#1336832)
      Use-after-free in txExecutionState destructor during XSLT processing
    * CVE-2017-5441 (bmo#1343795)
      Use-after-free with selection during scroll events
    * CVE-2017-5439 (bmo#1336830)
      Use-after-free in nsTArray Length() during XSLT processing
    * CVE-2017-5438 (bmo#1336828)
      Use-after-free in nsAutoPtr during XSLT processing
    * CVE-2017-5437 (bmo#1343453)
      Vulnerabilities in Libevent library
    * CVE-2017-5436 (bmo#1345461)
      Out-of-bounds write with malicious font in Graphite 2
    * CVE-2017-5435 (bmo#1350683)
      Use-after-free during transaction processing in the editor
    * CVE-2017-5434 (bmo#1349946)
      Use-after-free during focus handling
    * CVE-2017-5433 (bmo#1347168)
      Use-after-free in SMIL animation functions
    * CVE-2017-5432 (bmo#1346654)
      Use-after-free in text input selection
    * CVE-2017-5430 (bmo#1329796, bmo#1337418, bmo#1339722, bmo#1340482,
      bmo#1342101, bmo#1344081, bmo#1344305, bmo#1344686, bmo#1346140,
      bmo#1346419, bmo#1348143, bmo#1349621, bmo#1349719, bmo#1353476)
      Memory safety bugs fixed in Firefox 53 and Firefox ESR 52.1
    * CVE-2017-5459 (bmo#1333858)
      Buffer overflow in WebGL
    * CVE-2017-5462 (bmo#1345089)
      DRBG flaw in NSS
    * CVE-2017-5454 (bmo#1349276)
      Sandbox escape allowing file system read access through file
      picker
    * CVE-2017-5451 (bmo#1273537)
      Addressbar spoofing with onblur event
* Mon Apr 17 2017 wr@rosenauer.org
  - update to Thunderbird 52.0.1
    * Clicking on a link in an email may not open this link in the
      external browser
    * addon blocklist updates
  - enable ALSA for systems w/o PA
  - require libffi explicitely to fix PPC64LE build where a system
    library is required
* Sat Mar 18 2017 wr@rosenauer.org
  - update to Thunderbird 52.0
    * Optionally remove corresponding data files when removing an account
    * Possibility to copy message filter
    * Calendar: Event can now be created and edited in a tab
    * Calendar: Processing of received invitation counter proposals
    * Chat: Support Twitter Direct Messages
    * Chat: Liking and favoriting in Twitter
    * Chat: Removed Yahoo! Messenger support
    * serveral bugfixes
  - security fixes (bsc#1028391, MFSA 2017-09):
    In general, these flaws cannot be exploited through email because
    scripting is disabled when reading mail, but are potentially
    risks in browser or browser-like contexts.
    * CVE-2017-5400: asm.js JIT-spray bypass of ASLR and DEP (bmo#1334933)
    * CVE-2017-5401: Memory Corruption when handling ErrorResult (bmo#1328861)
    * CVE-2017-5402: Use-after-free working with events in FontFace objects (bmo#1334876)
    * CVE-2017-5403: Use-after-free using addRange to add range to an incorrect root object (bmo#1340186)
    * CVE-2017-5404: Use-after-free working with ranges in selections (bmo#1340138)
    * CVE-2017-5406: Segmentation fault in Skia with canvas operations (bmo#1306890)
    * CVE-2017-5407: Pixel and history stealing via floating-point timing side channel with SVG filters (bmo#1336622)
    * CVE-2017-5410: Memory corruption during JavaScript garbage collection incremental sweeping (bmo#1330687)
    * CVE-2017-5408: Cross-origin reading of video captions in violation of CORS (bmo#1313711)
    * CVE-2017-5412: Buffer overflow read in SVG filters (bmo#1328323)
    * CVE-2017-5413: Segmentation fault during bidirectional operations (bmo#1337504)
    * CVE-2017-5414: File picker can choose incorrect default directory (bmo#1319370)
    * CVE-2017-5416: Null dereference crash in HttpChannel (bmo#1328121)
    * CVE-2017-5426: Gecko Media Plugin sandbox is not started if seccomp-bpf filter is running (bmo#1257361)
    * CVE-2017-5418: Out of bounds read when parsing HTTP digest authorization responses (bmo#1338876)
    * CVE-2017-5419: Repeated authentication prompts lead to DOS attack (bmo#1312243)
    * CVE-2017-5405: FTP response codes can cause use of uninitialized values for ports (bmo#1336699)
    * CVE-2017-5421: Print preview spoofing (bmo#1301876)
    * CVE-2017-5422: DOS attack by using view-source: protocol repeatedly in one hyperlink (bmo#1295002)
    * CVE-2017-5399: Memory safety bugs fixed in Thunderbird 52
    * CVE-2017-5398: Memory safety bugs fixed in Thunderbird 52 and Thunderbird 45.8
  - removed obsolete patches
    * mozilla-aarch64-48bit-va.patch
    * mozilla-binutils-visibility.patch
    * mozilla-flex_buffer_overrun.patch
    * mozilla-gcc6.patch
  - added generic mozilla patches
    * mozilla-aarch64-startup-crash.patch
  - require newer versions of NSPR and NSS
  - use Gtk3 for Tumbleweed
* Tue Mar 07 2017 wr@rosenauer.org
  - update to Thunderbird 45.8.0 (boo#1028391)
    * MFSA 2017-07
      CVE-2017-5400: asm.js JIT-spray bypass of ASLR and DEP
      (bmo#1334933)
      CVE-2017-5401: Memory Corruption when handling ErrorResult
      (bmo#1328861)
      CVE-2017-5402: Use-after-free working with events in FontFace
      objects (bmo#1334876)
      CVE-2017-5404: Use-after-free working with ranges in selections
      (bmo#1340138)
      CVE-2017-5407: Pixel and history stealing via floating-point
      timing side channel with SVG filters (bmo#1336622)
      CVE-2017-5410: Memory corruption during JavaScript garbage
      collection incremental sweeping (bmo#1330687)
      CVE-2017-5408: Cross-origin reading of video captions in violation
      of CORS (bmo#1313711)
      CVE-2017-5405: FTP response codes can cause use of
      uninitialized values for ports (bmo#1336699)
      CVE-2017-5398: Memory safety bugs fixed in Firefox 52 and
      Firefox ESR 45.8
* Thu Feb 09 2017 wr@rosenauer.org
  - update to Thunderbird 45.7.1
    * fixed Crash when viewing certain IMAP messages (introduced in 45.7.0)
* Tue Jan 24 2017 wr@rosenauer.org
  - update to Thunderbird 45.7.0
    * Message preview pane non-functional after IMAP folder was renamed
      or moved
    * "Move To" button on "Search Messages" panel not working
    * Message sent to "undisclosed recipients" shows no recipient
      (non-functional since Thunderbird version 38)
    * Security updates from MFSA 2017-03 (Gecko 45.7.0) boo#1021991.
      In general, these flaws cannot be exploited through email in
      Thunderbird because scripting is disabled when reading mail,
      but are potentially risks in browser or browser-like contexts:
      CVE-2017-5375: Excessive JIT code allocation allows bypass of
      ASLR and DEP (bmo#1325200, boo#1021814)
      CVE-2017-5376: Use-after-free in XSL (bmo#1311687, boo#1021817)
      CVE-2017-5378: Pointer and frame data leakage of Javascript objects
      (bmo#1312001, bmo#1330769, boo#1021818)
      CVE-2017-5380: Potential use-after-free during DOM manipulations
      (bmo#1322107, boo#1021819)
      CVE-2017-5390: Insecure communication methods in Developer Tools
      JSON viewer (bmo#1297361, boo#1021820)
      CVE-2017-5396: Use-after-free with Media Decoder
      (bmo#1329403, boo#1021821)
      CVE-2017-5383: Location bar spoofing with unicode characters
      (bmo#1323338, bmo#1324716, boo#1021822)
      CVE-2017-5373: Memory safety bugs fixed in Thunderbird 45.7
      (boo#1021824)
* Thu Dec 29 2016 wr@rosenauer.org
  - update to Thunderbird 45.6.0 (boo#1015422)
    * The system integration dialog was shown every time when starting
      Thunderbird
    * MFSA 2016-96
      CVE-2016-9899: Use-after-free while manipulating DOM events and
      audio elements (bmo#1317409)
      CVE-2016-9895: CSP bypass using marquee tag (bmo#1312272)
      CVE-2016-9897: Memory corruption in libGLES (bmo#1301381)
      CVE-2016-9898: Use-after-free in Editor while manipulating DOM
      subtrees (bmo#1314442)
      CVE-2016-9900: Restricted external resources can be loaded by
      SVG images through data URLs (bmo#1319122)
      CVE-2016-9904: Cross-origin information leak in shared atoms
      (bmo#1317936)
      CVE-2016-9905: Crash in EnumerateSubDocuments (bmo#1293985)
      CVE-2016-9893: Memory safety bugs fixed in Thunderbird 45.6
* Thu Dec 01 2016 astieger@suse.com
  - Mozilla Thunderbird 45.5.1:
    * CVE-2016-9079: SVG Animation Remote Code Execution
      (MFSA 2016-92, bsc#1012964, bmo#1321066)
* Sat Nov 19 2016 astieger@suse.com
  - Mozilla Thunderbird 45.5.0 (boo#1009026)
    * Fixes for security flaws that cannot be exploited through email
      because scripting is disabled when reading mail, but are
      potentially risks in browser or browser-like contexts:
      CVE-2016-5296: Heap-buffer-overflow WRITE in rasterize_edges_1
      (bsc#1010411)
      CVE-2016-5297: Incorrect argument length checking in Javascript
      (bsc#1010401)
      CVE-2016-9066: Integer overflow leading to a buffer overflow in
      nsScriptLoadHandler (bsc#1010404)
      CVE-2016-5291: Same-origin policy violation using local HTML file
      and saved shortcut file (bsc#1010410)
      CVE-2016-5290: Memory safety bugs fixed in Thunderbird ESR 45.5
      (bsc#1010427)
  - Changed behavior:
    * Changed recipient address entry: Arrow-keys now copy the pop-up
      value to the input field. Mouse-hovered pop-up value can no
      longer be confirmed with tab or enter key. This restores the
      behavior of Thunderbird 24.
    * Support changes to character limit in Twitter
  - Bugs fixed:
    * Reply with selected text containing quote resulted in wrong
      quoting level indication
    * Email invitation might not be displayed when description
      contains non-ASCII characters
    * Attempting to sort messages on the Date field whilst a quick
      filter is applied got stuck on sort descending
    * Mail address display at header pane displayed incorrectly if
      the address contains UTF-8 according to RFC 6532
* Sat Oct 01 2016 wr@rosenauer.org
  - update to Thunderbird 45.4.0 (boo#999701)
    * Display name was truncated if no separating space before email
      address.
    * Recipient addresses were shown in wrong color in some circumstances.
    * Additional spaces were inserted when drafts were edited.
    * Mail saved as template copied In-Reply-To and References from
      original email.
    * Threading broken when editing message draft, due to loss of Message-ID
    * "Apply columns to..." did not honor special folders
* Tue Aug 30 2016 wr@rosenauer.org
  - update to Thunderbird 45.3.0 (boo#991809)
    * Disposition-Notification-To could not be used in
      mail.compose.other.header
    * "edit as new message" on a received message pre-filled the sender
      as the composing identity.
    * Certain messages caused corruption of the drafts summary database.
    security fixes:
    * MFSA 2016-62/CVE-2016-2836
      Miscellaneous memory safety hazards
    * MFSA 2016-63/CVE-2016-2830 (bmo#1255270)
      Favicon network connection can persist when page is closed
    * MFSA 2016-64/CVE-2016-2838 (bmo#1279814)
      Buffer overflow rendering SVG with bidirectional content
    * MFSA 2016-65/CVE-2016-2839 (bmo#1275339)
      Cairo rendering crash due to memory allocation issue with FFmpeg 0.10
    * MFSA 2016-67/CVE-2016-5252 (bmo#1268854)
      Stack underflow during 2D graphics rendering
    * MFSA 2016-70/CVE-2016-5254 (bmo#1266963)
      Use-after-free when using alt key and toplevel menus
    * MFSA 2016-72/CVE-2016-5258 (bmo#1279146)
      Use-after-free in DTLS during WebRTC session shutdown
    * MFSA 2016-73/CVE-2016-5259 (bmo#1282992)
      Use-after-free in service workers with nested sync events
    * MFSA 2016-76/CVE-2016-5262 (bmo#1277475)
      Scripts on marquee tag can execute in sandboxed iframes
    * MFSA 2016-77/CVE-2016-2837 (bmo#1274637)
      Buffer overflow in ClearKey Content Decryption Module (CDM)
      during video playback
    * MFSA 2016-78/CVE-2016-5263 (bmo#1276897)
      Type confusion in display transformation
    * MFSA 2016-79/CVE-2016-5264 (bmo#1286183)
      Use-after-free when applying SVG effects
    * MFSA 2016-80/CVE-2016-5265 (bmo#1278013)
      Same-origin policy violation using local HTML file and saved shortcut file
* Fri Aug 05 2016 pcerny@suse.com
  - Fix for possible buffer overrun (bsc#990856)
    CVE-2016-6354 (bmo#1292534)
    [mozilla-flex_buffer_overrun.patch]
* Thu Jul 21 2016 mailaender@opensuse.org
  - add a screenshot to appdata.xml
* Thu Jun 30 2016 wr@rosenauer.org
  - update to Thunderbird 45.2 (boo#983549)
    Security fixes:
    * CVE-2016-2818, CVE-2016-2815: Memory safety bugs (MFSA2016-49)
  - drop mozilla-flexible-array-member-in-union.patch, upstream
* Fri Jun 24 2016 wr@rosenauer.org
  - mozilla-binutils-visibility.patch to fix build issues with
    gcc/binutils combination used in Leap 42.2 (boo#984637)
* Thu Jun 23 2016 wr@rosenauer.org
  - build with -fno-delete-null-pointer-checks for Tumbleweed/gcc6
    as long as underlying issues have been addressed upstream
    (boo#986162)
* Mon Jun 13 2016 agraf@suse.com
  - Fix running on 48bit va aarch64 (bsc#984126)
    - Add patch mozilla-aarch64-48bit-va.patch
* Fri May 27 2016 wr@rosenauer.org
  - update to Thunderbird 45.1.1
    * When entering members into a mailing list, the enter key
      dismissed the panel instead of just moving onto the next line
    * Email without HTML elements was sent as HTML, despite
      "Delivery Format: Auto-detect" option
    * Options applied to a template were lost when the template was used
    * Contacts could not be deleted when they were found through a search
    * Views from global searches did not respect
      "mail.threadpane.use_correspondents"
* Wed May 25 2016 badshah400@gmail.com
  - The conditional testing for gcc was failing for different
    openSUSE versions, drop it and apply patches unconditionally.
* Tue May 24 2016 badshah400@gmail.com
  - Add patches to fix building with gcc >= 6:
    + mozilla-gcc6.patch: patch taken from fedora's git and is
      essentially identical to upstream firefox patch:
      https://hg.mozilla.org/mozilla-central/rev/55212130f19d.
    + mozilla-flexible-array-member-in-union.patch: patch taken
      from upstream bmo#1272649.
* Thu May 12 2016 dimstar@opensuse.org
  - Copy the icons to /usr/share/icons instead of symlinking them:
    in preparation for containerized apps (e.g. xdg-app) as well as
    AppStream metadata extraction, there are a couple locations that
    need to be real files for system integration (.desktop files,
    icons, mime-type info).
* Sat May 07 2016 wr@rosenauer.org
  - update to Thunderbird 45.1.0 (boo#977333)
    * MFSA 2016-39/CVE-2016-2806/CVE-2016-2807 (boo#977375, boo#977376)
      Miscellaneous memory safety hazards
* Wed Apr 27 2016 badshah400@gmail.com
  - For openSUSE > 13.2, the build fails for i586 as it goes out of
    memory. Prevent this from happening by disabing parallel build
    in this particular case (i.e. do not pass
    mk_add_options MOZ_MAKE_FLAGS%{?jobs:-j%jobs}).
* Sat Apr 16 2016 wr@rosenauer.org
  - update to Thunderbird 45.0 (boo#969894)
    * Add a Correspondents column combining Sender and Recipient
    * Much better support for XMPP chatrooms and commands
    * Remote content exceptions: Improved options to add exceptions
    * Implement option to always use HTML formatting to prevent
      unexpected format loss when converting messages to plain text
    * Use OpenStreetmap for maps (even allow the user to choose from
      list of map services)
    * Allow spell checking and dictionary selection in the subject line
    * Allow editing of From when composing a message
    * Add dropdown in compose to allow specific setting of font size
    * Return/Enter in composer will now insert a new paragraph by
      default (shift-Enter will insert a line break)
    * Allow copying of name and email address from the message header
      of an email
    * Mail.ru supports OAuth authentication
    * MFSA 2016-16/CVE-2016-1952/CVE-2016-1953
      Miscellaneous memory safety hazards
    * MFSA 2016-17/CVE-2016-1954 (bmo#1243178)
      Local file overwriting and potential privilege escalation through
      CSP reports
    * MFSA 2016-18/CVE-2016-1955 (bmo#1208946)
      CSP reports fail to strip location information for embedded iframe pages
    * MFSA 2016-19/CVE-2016-1956 (bmo#1199923)
      Linux video memory DOS with Intel drivers
    * MFSA 2016-20/CVE-2016-1957 (bmo#1227052)
      Memory leak in libstagefright when deleting an array during MP4
      processing
    * MFSA 2016-23/CVE-2016-1960/ZDI-CAN-3545 (bmo#1246014)
      Use-after-free in HTML5 string parser
    * MFSA 2016-24/CVE-2016-1961/ZDI-CAN-3574 (bmo#1249377)
      Use-after-free in SetBody
    * MFSA 2016-27/CVE-2016-1964 (bmo#1243335)
      Use-after-free during XML transformations
    * MFSA 2016-34/CVE-2016-1974 (bmo#1228103)
      Out-of-bounds read in HTML parser following a failed allocation
    * MFSA 2016-35/CVE-2016-1950 (bmo#1245528)
      Buffer overflow during ASN.1 decoding in NSS
      (fixed by requiring 3.21.1)
    * MFSA 2016-36/CVE-2016-1979 (bmo#1185033)
      Use-after-free during processing of DER encoded keys in NSS
      (fixed by requiring 3.21.1)
    * MFSA 2016-37/CVE-2016-1977/CVE-2016-2790/CVE-2016-2791/
      CVE-2016-2792/CVE-2016-2793/CVE-2016-2794/CVE-2016-2795/
      CVE-2016-2796/CVE-2016-2797/CVE-2016-2798/CVE-2016-2799/
      CVE-2016-2800/CVE-2016-2801/CVE-2016-2802
      Font vulnerabilities in the Graphite 2 library
  - remove obsolete patches:
    * mozilla-arm-disable-edsp.patch
    * mozilla-icu-strncat.patch
    * mozilla-arm64-libjpeg-turbo.patch
  - added required mozilla platform patches:
    * mozilla-no-stdcxx-check.patch
* Wed Apr 06 2016 astieger@suse.com
  - update to Thunderbird 38.7.2
    * disable Graphite font shaping library (same upstream changelog
      as 38.7.1)
* Fri Mar 25 2016 wr@rosenauer.org
  - update to Thunderbird 38.7.1
    * disabled Graphite font shaping library
* Fri Mar 11 2016 wr@rosenauer.org
  - update to Thunderbird 38.7.0 (boo#969894)
    * MFSA 2015-81/CVE-2015-4477 (bmo#1179484)
      Use-after-free in MediaStream playback
    * MFSA 2015-136/CVE-2015-7207 (bmo#1185256)
      Same-origin policy violation using performance.getEntries and
      history navigation
    * MFSA 2016-16/CVE-2016-1952
      Miscellaneous memory safety hazards
    * MFSA 2016-17/CVE-2016-1954 (bmo#1243178)
      Local file overwriting and potential privilege escalation through
      CSP reports
    * MFSA 2016-20/CVE-2016-1957 (bmo#1227052)
      Memory leak in libstagefright when deleting an array during MP4
      processing
    * MFSA 2016-21/CVE-2016-1958 (bmo#1228754)
      Displayed page address can be overridden
    * MFSA 2016-23/CVE-2016-1960/ZDI-CAN-3545 (bmo#1246014)
      Use-after-free in HTML5 string parser
    * MFSA 2016-24/CVE-2016-1961/ZDI-CAN-3574 (bmo#1249377)
      Use-after-free in SetBody
    * MFSA 2016-25/CVE-2016-1962 (bmo#1240760)
      Use-after-free when using multiple WebRTC data channels
    * MFSA 2016-27/CVE-2016-1964 (bmo#1243335)
      Use-after-free during XML transformations
    * MFSA 2016-28/CVE-2016-1965 (bmo#1245264)
      Addressbar spoofing though history navigation and Location protocol
      property
    * MFSA 2016-31/CVE-2016-1966 (bmo#1246054)
      Memory corruption with malicious NPAPI plugin
    * MFSA 2016-34/CVE-2016-1974 (bmo#1228103)
      Out-of-bounds read in HTML parser following a failed allocation
    * MFSA 2016-37/CVE-2016-1977/CVE-2016-2790/CVE-2016-2791/
      CVE-2016-2792/CVE-2016-2793/CVE-2016-2794/CVE-2016-2795/
      CVE-2016-2796/CVE-2016-2797/CVE-2016-2798/CVE-2016-2799/
      CVE-2016-2800/CVE-2016-2801/CVE-2016-2802
      Font vulnerabilities in the Graphite 2 library
* Fri Feb 26 2016 astieger@suse.com
  - adjust _constraints to current peak build memory and disk usage
* Sat Feb 13 2016 wr@rosenauer.org
  - update to Thunderbird 38.6.0 (boo#963520)
    * Filters ran on a different folder than selected
    * MFSA 2016-01/CVE-2016-1930
      Miscellaneous memory safety hazards
    * MFSA 2016-03/CVE-2016-1935 (bmo#1220450)
      Buffer overflow in WebGL after out of memory allocation
* Mon Jan 25 2016 olaf@aepfle.de
  - Using -g for CFLAGS is controlled via project settings, it should
    not be enforced by the mozilla buildsystem.
* Mon Jan 18 2016 olaf@aepfle.de
  - Add build conditionals for valgrind and -Os
  - Convert existing conditions for kde to bcond
* Tue Dec 29 2015 wr@rosenauer.org
  - update to Thunderbird 38.5.1
    * requires NSS 3.20.2 to fix
      MFSA 2015-150/CVE-2015-7575 (bmo#1158489)
      MD5 signatures accepted within TLS 1.2 ServerKeyExchange in
      server signature
  - explicitely require libXcomposite-devel
* Wed Dec 23 2015 wr@rosenauer.org
  - update to Thunderbird 38.5.0 (bnc#959277)
    * MFSA 2015-134/CVE-2015-7201
      Miscellaneous memory safety hazards
    * MFSA 2015-138/CVE-2015-7210 (bmo#1218326)
      Use-after-free in WebRTC when datachannel is used after being
      destroyed
    * MFSA 2015-139/CVE-2015-7212 (bmo#1222809)
      Integer overflow allocating extremely large textures
    * MFSA 2015-145/CVE-2015-7205 (bmo#1220493)
      Underflow through code inspection
    * MFSA 2015-146/CVE-2015-7213 (bmo#1206211)
      Integer overflow in MP4 playback in 64-bit versions
    * MFSA 2015-147/CVE-2015-7222 (bmo#1216748)
      Integer underflow and buffer overflow processing MP4 metadata in
      libstagefright
    * MFSA 2015-149/CVE-2015-7214 (bmo#1228950)
      Cross-site reading attack through data and view-source URIs
* Tue Nov 17 2015 wr@rosenauer.org
  - update to Thunderbird 38.4.0 (bnc#952810)
    * MFSA 2015-116/CVE-2015-4513/CVE-2015-4514
      Miscellaneous memory safety hazards
    * MFSA 2015-122/CVE-2015-7188 (bmo#1199430)
      Trailing whitespace in IP address hostnames can bypass same-origin policy
    * MFSA 2015-123/CVE-2015-7189 (bmo#1205900)
      Buffer overflow during image interactions in canvas
    * MFSA 2015-127/CVE-2015-7193 (bmo#1210302)
      CORS preflight is bypassed when non-standard Content-Type headers
      are received
    * MFSA 2015-128/CVE-2015-7194 (bmo#1211262)
      Memory corruption in libjar through zip files
    * MFSA 2015-130/CVE-2015-7196 (bmo#1140616)
      JavaScript garbage collection crash with Java applet
    * MFSA 2015-131/CVE-2015-7198/CVE-2015-7199/CVE-2015-7200
      (bmo#1188010, bmo#1204061, bmo#1204155)
      Vulnerabilities found through code inspection
    * MFSA 2015-132/CVE-2015-7197 (bmo#1204269)
      Mixed content WebSocket policy bypass through workers
    * MFSA 2015-133/CVE-2015-7181/CVE-2015-7182/CVE-2015-7183
      (bmo#1202868, bmo#1205157)
      NSS and NSPR memory corruption issues
      (fixed in mozilla-nspr and mozilla-nss packages)
  - requires NSPR 4.10.10 and NSS 3.19.2.1
  - added explicit appdata provides (bnc#952325)
* Mon Oct 05 2015 dmueller@suse.com
  - fix build on aarch64 by reusing the crashreporter conditional
    from MozillaFirefox
* Mon Sep 28 2015 wr@rosenauer.org
  - update to Thunderbird 38.3.0 (bnc#947003)
    * MFSA 2015-96/CVE-2015-4500
      Miscellaneous memory safety hazards
    * MFSA 2015-100/CVE-2015-4505 (bmo#1177861) (Windows only)
      Arbitrary file manipulation by local user through Mozilla updater
    * MFSA 2015-101/CVE-2015-4506 (bmo#1192226)
      Buffer overflow in libvpx while parsing vp9 format video
    * MFSA 2015-105/CVE-2015-4511 (bmo#1200148)
      Buffer overflow while decoding WebM video
    * MFSA 2015-106/CVE-2015-4509 (bmo#1198435)
      Use-after-free while manipulating HTML media content
    * MFSA 2015-110/CVE-2015-4519 (bmo#1189814)
      Dragging and dropping images exposes final URL after redirects
    * MFSA 2015-111/CVE-2015-4520 (bmo#1200856, bmo#1200869)
      Errors in the handling of CORS preflight request headers
    * MFSA 2015-112/CVE-2015-4517/CVE-2015-4521/CVE-2015-4522/
      CVE-2015-7174/CVE-2015-7175/CVE-2015-7176/CVE-2015-7177/
      CVE-2015-7180
      Vulnerabilities found through code inspection
    * MFSA 2015-113/CVE-2015-7178/CVE-2015-7179 (bmo#1189860,
      bmo#1190526) (Windows only)
      Memory safety errors in libGLES in the ANGLE graphics library
  - rebased patches
* Sat Aug 15 2015 wr@rosenauer.org
  - update to Thunderbird 38.2.0 (bnc#940806)
    * MFSA 2015-79/CVE-2015-4473
      Miscellaneous memory safety hazards
    * MFSA 2015-80/CVE-2015-4475 (bmo#1175396)
      Out-of-bounds read with malformed MP3 file
    * MFSA 2015-82/CVE-2015-4478 (bmo#1105914)
      Redefinition of non-configurable JavaScript object properties
    * MFSA 2015-83/CVE-2015-4479/CVE-2015-4480/CVE-2015-4493
      Overflow issues in libstagefright
    * MFSA 2015-84/CVE-2015-4481 (bmo1171518)
      Arbitrary file overwriting through Mozilla Maintenance Service
      with hard links (only affected Windows)
    * MFSA 2015-85/CVE-2015-4482 (bmo#1184500)
      Out-of-bounds write with Updater and malicious MAR file
      (does not affect openSUSE RPM packages which do not ship the
      updater)
    * MFSA 2015-87/CVE-2015-4484 (bmo#1171540)
      Crash when using shared memory in JavaScript
    * MFSA 2015-88/CVE-2015-4491 (bmo#1184009)
      Heap overflow in gdk-pixbuf when scaling bitmap images
    * MFSA 2015-89/CVE-2015-4485/CVE-2015-4486 (bmo#1177948, bmo#1178148)
      Buffer overflows on Libvpx when decoding WebM video
    * MFSA 2015-90/CVE-2015-4487/CVE-2015-4488/CVE-2015-4489
      Vulnerabilities found through code inspection
    * MFSA 2015-92/CVE-2015-4492 (bmo#1185820)
      Use-after-free in XMLHttpRequest with shared workers
* Wed Jul 08 2015 wr@rosenauer.org
  - update to Thunderbird 38.1.0 (bnc#935979)
    * MFSA 2015-59/CVE-2015-2724/CVE-2015-2725
      Miscellaneous memory safety hazards
    * MFSA 2015-60/CVE-2015-2727 (bmo#1163422)
      Local files or privileged URLs in pages can be opened into new tabs
    * MFSA 2015-61/CVE-2015-2728 (bmo#1142210)
      Type confusion in Indexed Database Manager
    * MFSA 2015-62/CVE-2015-2729 (bmo#1122218)
      Out-of-bound read while computing an oscillator rendering range in Web Audio
    * MFSA 2015-63/CVE-2015-2731 (bmo#1149891)
      Use-after-free in Content Policy due to microtask execution error
    * MFSA 2015-64/CVE-2015-2730 (bmo#1125025)
      ECDSA signature validation fails to handle some signatures correctly
      (this fix is shipped by NSS 3.19.1 externally)
    * MFSA 2015-65/CVE-2015-2722/CVE-2015-2733 (bmo#1166924, bmo#1169867)
      Use-after-free in workers while using XMLHttpRequest
    * MFSA 2015-66/CVE-2015-2734/CVE-2015-2735/CVE-2015-2736/CVE-2015-2737
      CVE-2015-2738/CVE-2015-2739/CVE-2015-2740
      Vulnerabilities found through code inspection
    * MFSA 2015-67/CVE-2015-2741 (bmo#1147497)
      Key pinning is ignored when overridable errors are encountered
    * MFSA 2015-69/CVE-2015-2743 (bmo#1163109)
      Privilege escalation in PDF.js
    * MFSA 2015-70/CVE-2015-4000 (bmo#1138554)
      NSS accepts export-length DHE keys with regular DHE cipher suites
      (this fix is shipped by NSS 3.19.1 externally)
    * MFSA 2015-71/CVE-2015-2721 (bmo#1086145)
      NSS incorrectly permits skipping of ServerKeyExchange
      (this fix is shipped by NSS 3.19.1 externally)
  - requires NSS 3.19.2
* Fri Jun 19 2015 wr@rosenauer.org
  - update to Thunderbird 38.0.1
    * includes Lightning as default extension
  - rebased patches
  - removed obsolete patches:
    * mozilla-ppc.patch
    * mozilla-nullptr-gcc45.patch
    * mozilla-bug1024492.patch
  - dropped openSUSE specific patches
    * thunderbird-shared-nss-db.patch
    * mozilla-shared-nss-db.patch
      the provided feature seems not to be used and its maintenance
      is not worth the ongoing efforts
  - tb-develdirs.patch is now mozilla-develdirs.patch as it is a
    platform configuration now
* Thu Jun 18 2015 schwab@suse.de
  - mozilla-arm64-libjpeg-turbo.patch: fix libjpeg-turbo configuration
* Thu May 28 2015 dmueller@suse.com
  - add mozilla-bug1024492.patch:
    * Fixes build against GCC 5.x
* Sat May 09 2015 wr@rosenauer.org
  - update to Thunderbird 31.7.0 (bnc#930622)
    * MFSA 2015-46/CVE-2015-2708
      Miscellaneous memory safety hazards
    * MFSA 2015-47/VE-2015-0797 (bmo#1080995)
      Buffer overflow parsing H.264 video with Linux Gstreamer
    * MFSA 2015-48/CVE-2015-2710 (bmo#1149542)
      Buffer overflow with SVG content and CSS
    * MFSA 2015-51/CVE-2015-2713 (bmo#1153478)
      Use-after-free during text processing with vertical text enabled
    * MFSA 2015-54/CVE-2015-2716 (bmo#1140537)
      Buffer overflow when parsing compressed XML
    * MFSA 2015-57/CVE-2011-3079 (bmo#1087565)
      Privilege escalation through IPC channel messages
* Tue Mar 31 2015 wr@rosenauer.org
  - update to Thunderbird 31.6.0 (bnc#925368)
    * MFSA 2015-30/CVE-2015-0815
      Miscellaneous memory safety hazards
    * MFSA 2015-31/CVE-2015-0813 (bmo#1106596))
      Use-after-free when using the Fluendo MP3 GStreamer plugin
    * MFSA 2015-33/CVE-2015-0816 (bmo#1144991)
      resource:// documents can load privileged pages
    * MFSA-2015-37/CVE-2015-0807 (bmo#1111834)
      CORS requests should not follow 30x redirections after preflight
    * MFSA-2015-40/CVE-2015-0801 (bmo#1146339)
      Same-origin bypass through anchor navigation
* Mon Feb 23 2015 wr@rosenauer.org
  - update to Thunderbird 31.5.0 (bnc#917597)
    * MFSA 2015-11/CVE-2015-0836
      Miscellaneous memory safety hazards
    * MFSA 2015-12/CVE-2015-0833 (bmo#945192)
      Invoking Mozilla updater will load locally stored DLL files
      (Windows only)
    * MFSA 2015-16/CVE-2015-0831 (bmo#1130514)
      Use-after-free in IndexedDB
    * MFSA 2015-19/CVE-2015-0827 (bmo#1117304)
      Out-of-bounds read and write while rendering SVG content
    * MFSA 2015-24/CVE-2015-0822 (bmo#1110557)
      Reading of local files through manipulation of form autocomplete
* Sat Jan 10 2015 wr@rosenauer.org
  - update to Thunderbird 31.4.0 (bnc#910669)
    * MFSA 2015-01/CVE-2014-8634/CVE-2014-8635
      Miscellaneous memory safety hazards
    * MFSA 2015-03/CVE-2014-8638 (bmo#1080987)
      sendBeacon requests lack an Origin header
    * MFSA 2015-04/CVE-2014-8639 (bmo#1095859)
      Cookie injection through Proxy Authenticate responses
  - added mozilla-icu-strncat.patch to fix post build checks
* Sun Nov 30 2014 wr@rosenauer.org
  - update to Thunderbird 31.3.0 (bnc#908009)
    * MFSA 2014-83/CVE-2014-1587
      Miscellaneous memory safety hazards
    * MFSA 2014-85/CVE-2014-1590 (bmo#1087633)
      XMLHttpRequest crashes with some input streams
    * MFSA 2014-87/CVE-2014-1592 (bmo#1088635)
      Use-after-free during HTML5 parsing
    * MFSA 2014-88/CVE-2014-1593 (bmo#1085175)
      Buffer overflow while parsing media content
    * MFSA 2014-89/CVE-2014-1594 (bmo#1074280)
      Bad casting from the BasicThebesLayer to BasicContainerLayer
* Sun Nov 16 2014 Led <ledest@gmail.com>
  - fix bashism in mozilla.sh script
* Tue Nov 04 2014 guillaume@opensuse.org
  - Limit RAM usage during link for ARM
* Sat Oct 25 2014 wr@rosenauer.org
  - remove add-plugins.sh and use /usr/share/myspell directly
    (bnc#900639)
* Sun Oct 12 2014 wr@rosenauer.org
  - update to Thunderbird 31.2.0 (bnc#900941)
    * MFSA 2014-74/CVE-2014-1574
      Miscellaneous memory safety hazards
    * MFSA 2014-75/CVE-2014-1576 (bmo#1041512)
      Buffer overflow during CSS manipulation
    * MFSA 2014-76/CVE-2014-1577 (bmo#1012609)
      Web Audio memory corruption issues with custom waveforms
    * MFSA 2014-77/CVE-2014-1578 (bmo#1063327)
      Out-of-bounds write with WebM video
    * MFSA 2014-79/CVE-2014-1581 (bmo#1068218)
      Use-after-free interacting with text directionality
    * MFSA 2014-81/CVE-2014-1585/CVE-2014-1586 (bmo#1062876, bmo#1062981)
      Inconsistent video sharing within iframe
  - added basic appdata definition
* Wed Sep 24 2014 wr@rosenauer.org
  - update to Thunderbird 31.1.2
* Tue Sep 09 2014 wolfgang@rosenauer.org
  - update to Thunderbird 31.1.1
    * Fixed an issue where mailing lists with spaces in their names
      couldn't be autocompleted (bmo#1060901)
    * Fixed an occasional startup crash (bmo#1005336)
* Fri Aug 29 2014 wr@rosenauer.org
  - update to Thunderbird 31.1.0 (bnc#894370)
    * MFSA 2014-67/CVE-2014-1553/CVE-2014-1562
      Miscellaneous memory safety hazards
    * MFSA 2014-68/CVE-2014-1563 (bmo#1018524)
      Use-after-free during DOM interactions with SVG
    * MFSA 2014-69/CVE-2014-1564 (bmo#1045977)
      Uninitialized memory use during GIF rendering
    * MFSA 2014-70/CVE-2014-1565 (bmo#1047831)
      Out-of-bounds read in Web Audio audio timeline
    * MFSA 2014-72/CVE-2014-1567 (bmo#1037641)
      Use-after-free setting text directionality
  - added mozilla-nullptr-gcc45.patch to build on gcc 4.5 dists
    (e.g. openSUSE 11.4)
* Sun Jul 27 2014 wr@rosenauer.org
  - update to Thunderbird 31.0
    * based on Gecko 31
    * Autocompleting email addresses now matches against any part of
      the name or email
    * Composing a mail to a newsgroup will now autocomplete newsgroup
      names
    * Insecure NTLM (pre-NTLMv2) authentication disabled
  - rebased patches
  - removed enigmail entirely from source package
  - removed obsolete patches
    * libffi-ppc64le.patch
    * ppc64le-support.patch
    * xpcom-ppc64le.patch
  - use GStreamer 1.0 after 13.1
  - switched source archives to use xz instead of bz2
* Sun Jul 20 2014 wr@rosenauer.org
  - update to Thunderbird 24.7.0 (bnc#887746)
    * MFSA 2014-56/CVE-2014-1547/CVE-2014-1548
      Miscellaneous memory safety hazards
    * MFSA 2014-61/CVE-2014-1555 (bmo#1023121)
      Use-after-free with FireOnStateChange event
    * MFSA 2014-62/CVE-2014-1556 (bmo#1028891)
      Exploitable WebGL crash with Cesium JavaScript library
    * MFSA 2014-63/CVE-2014-1544 (bmo#963150)
      Use-after-free while when manipulating certificates in the trusted cache
      (solved with NSS 3.16.2 requirement)
    * MFSA 2014-64/CVE-2014-1557 (bmo#913805)
      Crash in Skia library when scaling high quality images
  - disabled enigmail build as with version 1.7 it's a standalone
    source package
* Sat Jun 07 2014 wr@rosenauer.org
  - update to Thunderbird 24.6.0 (bnc#881874)
    * MFSA 2014-48/CVE-2014-1533/CVE-2014-1534
      (bmo#921622, bmo#967354, bmo#969517, bmo#969549, bmo#973874,
      bmo#978652, bmo#978811, bmo#988719, bmo#990868, bmo#991981,
      bmo#992274, bmo#994907, bmo#995679, bmo#995816, bmo#995817,
      bmo#996536, bmo#996715, bmo#999651, bmo#1000598,
      bmo#1000960, bmo#1002340, bmo#1005578, bmo#1007223,
      bmo#1009952, bmo#1011007)
      Miscellaneous memory safety hazards (rv:30.0 / rv:24.6)
    * MFSA 2014-49/CVE-2014-1536/CVE-2014-1537/CVE-2014-1538
      (bmo#989994, bmo#999274, bmo#1005584)
      Use-after-free and out of bounds issues found using Address Sanitizer
    * MFSA 2014-52/CVE-2014-1541 (bmo#1000185)
      Use-after-free with SMIL Animation Controller
    * MFSA 2014-55/CVE-2014-1545 (bmo#1018783)
      Out of bounds write in NSPR
  - require NSPR 4.10.6 because of MFSA 2014-55/CVE-2014-1545
* Fri Apr 25 2014 wr@rosenauer.org
  - update to Thunderbird 24.5.0 (bnc#875378)
    * MFSA 2014-34/CVE-2014-1518
      Miscellaneous memory safety hazards
    * MFSA 2014-37/CVE-2014-1523 (bmo#969226)
      Out of bounds read while decoding JPG images
    * MFSA 2014-38/CVE-2014-1524 (bmo#989183)
      Buffer overflow when using non-XBL object as XBL
    * MFSA 2014-42/CVE-2014-1529 (bmo#987003)
      Privilege escalation through Web Notification API
    * MFSA 2014-43/CVE-2014-1530 (bmo#895557)
      Cross-site scripting (XSS) using history navigations
    * MFSA 2014-44/CVE-2014-1531 (bmo#987140)
      Use-after-free in imgLoader while resizing images
    * MFSA 2014-46/CVE-2014-1532 (bmo#966006)
      Use-after-free in nsHostResolver
  - use shipped-locales as the authoritative source for supported
    locales (some unsupported locales disappear from -other package)
* Tue Mar 18 2014 wr@rosenauer.org
  - update to Thunderbird 24.4.0 (bnc#868603)
    * MFSA 2014-15/CVE-2014-1493/CVE-2014-1494
      Miscellaneous memory safety hazards
    * MFSA 2014-17/CVE-2014-1497 (bmo#966311)
      Out of bounds read during WAV file decoding
    * MFSA 2014-26/CVE-2014-1508 (bmo#963198)
      Information disclosure through polygon rendering in MathML
    * MFSA 2014-27/CVE-2014-1509 (bmo#966021)
      Memory corruption in Cairo during PDF font rendering
    * MFSA 2014-28/CVE-2014-1505 (bmo#941887)
      SVG filters information disclosure through feDisplacementMap
    * MFSA 2014-29/CVE-2014-1510/CVE-2014-1511 (bmo#982906, bmo#982909)
      Privilege escalation using WebIDL-implemented APIs
    * MFSA 2014-30/CVE-2014-1512 (bmo#982957)
      Use-after-free in TypeObject
    * MFSA 2014-31/CVE-2014-1513 (bmo#982974)
      Out-of-bounds read/write through neutering ArrayBuffer objects
    * MFSA 2014-32/CVE-2014-1514 (bmo#983344)
      Out-of-bounds write through TypedArrayObject after neutering
* Mon Feb 03 2014 wr@rosenauer.org
  - update to Thunderbird 24.3.0 (bnc#861847)
    * MFSA 2014-01/CVE-2014-1477/CVE-2014-1478
      Miscellaneous memory safety hazards (rv:27.0 / rv:24.3)
    * MFSA 2014-02/CVE-2014-1479 (bmo#911864)
      Clone protected content with XBL scopes
    * MFSA 2014-04/CVE-2014-1482 (bmo#943803)
      Incorrect use of discarded images by RasterImage
    * MFSA 2014-08/CVE-2014-1486 (bmo#942164)
      Use-after-free with imgRequestProxy and image proccessing
    * MFSA 2014-09/CVE-2014-1487 (bmo#947592)
      Cross-origin information leak through web workers
    * MFSA 2014-12/CVE-2014-1490/CVE-2014-1491
      (bmo#934545, bmo#930874, bmo#930857)
      NSS ticket handling issues
    * MFSA 2014-13/CVE-2014-1481(bmo#936056)
      Inconsistent JavaScript handling of access to Window objects
  - requires NSS 3.15.4
  - renamed ppc64le patches to streamline with Firefox package
* Fri Dec 13 2013 uweigand@de.ibm.com
  - Add support for powerpc64le-linux.
    * ppc64le-support.patch: general support
    * libffi-ppc64le.patch: libffi backport
    * xpcom-ppc64le.patch: port xpcom
* Sun Dec 08 2013 wr@rosenauer.org
  - update to Thunderbird 24.2.0 (bnc#854370)
    * requires NSS 3.15.3.1 or higher
    * MFSA 2013-104/CVE-2013-5609/CVE-2013-5610
      Miscellaneous memory safety hazards
    * MFSA 2013-108/CVE-2013-5616 (bmo#938341)
      Use-after-free in event listeners
    * MFSA 2013-109/CVE-2013-5618 (bmo#926361)
      Use-after-free during Table Editing
    * MFSA 2013-111/CVE-2013-6671 (bmo#930281)
      Segmentation violation when replacing ordered list elements
    * MFSA 2013-113/CVE-2013-6673 (bmo#970380)
      Trust settings for built-in roots ignored during EV certificate
      validation
    * MFSA 2013-114/CVE-2013-5613 (bmo#930381, bmo#932449)
      Use-after-free in synthetic mouse movement
    * MFSA 2013-115/CVE-2013-5615 (bmo#929261)
      GetElementIC typed array stubs can be generated outside observed
      typesets
    * MFSA 2013-116/CVE-2013-6629/CVE-2013-6630 (bmo#891693)
      JPEG information leak
    * MFSA 2013-117 (bmo#946351)
      Mis-issued ANSSI/DCSSI certificate
      (fixed via NSS 3.15.3.1)
* Tue Nov 19 2013 wr@rosenauer.org
  - update to Thunderbird 24.1.1
    * requires NSPR 4.10.2 and NSS 3.15.3 for security reasons
    * fix binary compatibility issues for patch level updates
      (bmo#927073)
* Thu Oct 24 2013 wr@rosenauer.org
  - update to Thunderbird 24.1.0 (bnc#847708)
    * requires NSS 3.15.2 or above
    * MFSA 2013-93/CVE-2013-5590/CVE-2013-5591/CVE-2013-5592
      Miscellaneous memory safety hazards
    * MFSA 2013-94/CVE-2013-5593 (bmo#868327)
      Spoofing addressbar through SELECT element
    * MFSA 2013-95/CVE-2013-5604 (bmo#914017)
      Access violation with XSLT and uninitialized data
    * MFSA 2013-96/CVE-2013-5595 (bmo#916580)
      Improperly initialized memory and overflows in some JavaScript
      functions
    * MFSA 2013-97/CVE-2013-5596 (bmo#910881)
      Writing to cycle collected object during image decoding
    * MFSA 2013-98/CVE-2013-5597 (bmo#918864)
      Use-after-free when updating offline cache
    * MFSA 2013-100/CVE-2013-5599/CVE-2013-5600/CVE-2013-5601
      (bmo#915210, bmo#915576, bmo#916685)
      Miscellaneous use-after-free issues found through ASAN fuzzing
    * MFSA 2013-101/CVE-2013-5602 (bmo#897678)
      Memory corruption in workers
    * MFSA 2013-102/CVE-2013-5603 (bmo#916404)
      Use-after-free in HTML document templates
* Thu Oct 10 2013 wr@rosenauer.org
  - update to Thunderbird 24.0.1
    * fqdn for smtp server name was not accepted (bmo#913785)
    * fixed crash in PL_strncasecmp (bmo#917955)
  - update Enigmail to 1.6
    * The passphrase timeout configuration in Enigmail is now read and
      written from/to gpg-agent.
    * New dialog to change the expiry date of keys
    * New function to search for the OpenPGP keys of all Address Book
      entries on a keyserver
    * removed obsolete enigmail-build.patch
* Sat Sep 14 2013 wr@rosenauer.org
  - update to Thunderbird 24.0 (bnc#840485)
    * MFSA 2013-76/CVE-2013-1718/CVE-2013-1719
      Miscellaneous memory safety hazards
    * MFSA 2013-77/CVE-2013-1720 (bmo#888820)
      Improper state in HTML5 Tree Builder with templates
    * MFSA 2013-79/CVE-2013-1722 (bmo#893308)
      Use-after-free in Animation Manager during stylesheet cloning
    * MFSA 2013-80/CVE-2013-1723 (bmo#891292)
      NativeKey continues handling key messages after widget is destroyed
    * MFSA 2013-81/CVE-2013-1724 (bmo#894137)
      Use-after-free with select element
    * MFSA 2013-82/CVE-2013-1725 (bmo#876762)
      Calling scope for new Javascript objects can lead to memory corruption
    * MFSA 2013-85/CVE-2013-1728 (bmo#883686)
      Uninitialized data in IonMonkey
    * MFSA 2013-88/CVE-2013-1730 (bmo#851353)
      Compartment mismatch re-attaching XBL-backed nodes
    * MFSA 2013-89/CVE-2013-1732 (bmo#883514)
      Buffer overflow with multi-column, lists, and floats
    * MFSA 2013-90/CVE-2013-1735/CVE-2013-1736 (bmo#898871, bmo#906301)
      Memory corruption involving scrolling
    * MFSA 2013-91/CVE-2013-1737 (bmo#907727)
      User-defined properties on DOM proxies get the wrong "this" object
    * MFSA 2013-92/CVE-2013-1738 (bmo#887334, bmo#882897)
      GC hazard with default compartments and frame chain restoration
  - moved greek to common translation package
  - require NSPR 4.10 and NSS 3.15.1
  - add GStreamer build requirements for Gecko
  - added enigmail-build.patch to fix TB packaging (bmo#886095)
  - removed obsolete patches:
    * enigmail-old-gcc.patch
    * mozilla-gcc43-enums.patch
    * mozilla-gcc43-template_hacks.patch
    * mozilla-gcc43-templates_instantiation.patch
    * ppc-xpcshell.patch
* Fri Aug 02 2013 wr@rosenauer.org
  - update to Thunderbird 17.0.8 (bnc#833389)
    * MFSA 2013-63/CVE-2013-1701
      Miscellaneous memory safety hazards
    * MFSA 2013-68/CVE-2013-1709 (bmo#838253)
      Document URI misrepresentation and masquerading
    * MFSA 2013-69/CVE-2013-1710 (bmo#871368)
      CRMF requests allow for code execution and XSS attacks
    * MFSA 2013-72/CVE-2013-1713 (bmo#887098)
      Wrong principal used for validating URI for some Javascript
      components
    * MFSA 2013-73/CVE-2013-1714 (bmo#879787)
      Same-origin bypass with web workers and XMLHttpRequest
    * MFSA 2013-75/CVE-2013-1717 (bmo#406541, bmo#738397)
      Local Java applets may read contents of local file system
* Wed Jul 17 2013 wr@rosenauer.org
  - update Enigmail to 1.5.2
    * bugfix release
* Mon Jun 24 2013 wr@rosenauer.org
  - update to Thunderbird 17.0.7 (bnc#825935)
    * MFSA 2013-49/CVE-2013-1682
      Miscellaneous memory safety hazards
    * MFSA 2013-50/CVE-2013-1684/CVE-2013-1685/CVE-2013-1686
      Memory corruption found using Address Sanitizer
    * MFSA 2013-51/CVE-2013-1687 (bmo#863933, bmo#866823)
      Privileged content access and execution via XBL
    * MFSA 2013-53/CVE-2013-1690 (bmo#857883)
      Execution of unmapped memory through onreadystatechange event
    * MFSA 2013-54/CVE-2013-1692 (bmo#866915)
      Data in the body of XHR HEAD requests leads to CSRF attacks
    * MFSA 2013-55/CVE-2013-1693 (bmo#711043)
      SVG filters can lead to information disclosure
    * MFSA 2013-56/CVE-2013-1694 (bmo#848535)
      PreserveWrapper has inconsistent behavior
    * MFSA 2013-59/CVE-2013-1697 (bmo#858101)
      XrayWrappers can be bypassed to run user defined methods in a
      privileged context
* Tue Jun 04 2013 dvaleev@suse.com
  - prevent xpc-shell crashing on powerpc
    ppc-xpcshell.patch
* Sat May 11 2013 wr@rosenauer.org
  - update to Thunderbird 17.0.6 (bnc#819204)
    * MFSA 2013-41/CVE-2013-0801/CVE-2013-1669
      Miscellaneous memory safety hazards
    * MFSA 2013-42/CVE-2013-1670 (bmo#853709)
      Privileged access for content level constructor
    * MFSA 2013-46/CVE-2013-1674 (bmo#860971)
      Use-after-free with video and onresize event
    * MFSA 2013-47/CVE-2013-1675 (bmo#866825)
      Uninitialized functions in DOMSVGZoomEvent
    * MFSA 2013-48/CVE-2013-1676/CVE-2013-1677/CVE-2013-1678/
      CVE-2013-1679/CVE-2013-1680/CVE-2013-1681
      Memory corruption found using Address Sanitizer
* Fri Mar 29 2013 wr@rosenauer.org
  - update to Thunderbird 17.0.5 (bnc#813026)
    * requires NSPR 4.9.5 and NSS 3.14.3
    * MFSA 2013-30/CVE-2013-0788/CVE-2013-0789
      Miscellaneous memory safety hazards
    * MFSA 2013-31/CVE-2013-0800 (bmo#825721)
      Out-of-bounds write in Cairo library
    * MFSA 2013-35/CVE-2013-0796 (bmo#827106)
      WebGL crash with Mesa graphics driver on Linux
    * MFSA 2013-36/CVE-2013-0795 (bmo#825697)
      Bypass of SOW protections allows cloning of protected nodes
    * MFSA 2013-38/CVE-2013-0793 (bmo#803870)
      Cross-site scripting (XSS) using timed history navigations
* Fri Mar 08 2013 wr@rosenauer.org
  - update to Thunderbird 17.0.4 (bnc#808243)
    * MFSA 2013-29/CVE-2013-0787 (bmo#848644)
      Use-after-free in HTML Editor
* Sun Feb 17 2013 wr@rosenauer.org
  - update to Thunderbird 17.0.3 (bnc#804248)
    * MFSA 2013-21/CVE-2013-0783
      Miscellaneous memory safety hazards
    * MFSA 2013-24/CVE-2013-0773 (bmo#809652)
      Web content bypass of COW and SOW security wrappers
    * MFSA 2013-25/CVE-2013-0774 (bmo#827193)
      Privacy leak in JavaScript Workers
    * MFSA 2013-26/CVE-2013-0775 (bmo#831095)
      Use-after-free in nsImageLoadingContent
    * MFSA 2013-27/CVE-2013-0776 (bmo#796475)
      Phishing on HTTPS connection through malicious proxy
    * MFSA 2013-28/CVE-2013-0780/CVE-2013-0782
      Use-after-free, out of bounds read, and buffer overflow issues
      found using Address Sanitizer
* Mon Feb 11 2013 wr@rosenauer.org
  - update Enigmail to 1.5.1
    * The release fixes the regressions found in the past few
      weeks
* Sat Jan 05 2013 wr@rosenauer.org
  - update to Thunderbird 17.0.2 (bnc#796895)
    * MFSA 2013-01/CVE-2013-0749/CVE-2013-0769/CVE-2013-0770
      Miscellaneous memory safety hazards
    * MFSA 2013-02/CVE-2013-0760/CVE-2013-0762/CVE-2013-0766/CVE-2013-0767
      CVE-2013-0761/CVE-2013-0763/CVE-2013-0771/CVE-2012-5829
      Use-after-free and buffer overflow issues found using Address Sanitizer
    * MFSA 2013-03/CVE-2013-0768 (bmo#815795)
      Buffer Overflow in Canvas
    * MFSA 2013-04/CVE-2012-0759 (bmo#802026)
      URL spoofing in addressbar during page loads
    * MFSA 2013-05/CVE-2013-0744 (bmo#814713)
      Use-after-free when displaying table with many columns and column groups
    * MFSA 2013-07/CVE-2013-0764 (bmo#804237)
      Crash due to handling of SSL on threads
    * MFSA 2013-08/CVE-2013-0745 (bmo#794158)
      AutoWrapperChanger fails to keep objects alive during garbage collection
    * MFSA 2013-09/CVE-2013-0746 (bmo#816842)
      Compartment mismatch with quickstubs returned values
    * MFSA 2013-10/CVE-2013-0747 (bmo#733305)
      Event manipulation in plugin handler to bypass same-origin policy
    * MFSA 2013-11/CVE-2013-0748 (bmo#806031)
      Address space layout leaked in XBL objects
    * MFSA 2013-12/CVE-2013-0750 (bmo#805121)
      Buffer overflow in Javascript string concatenation
    * MFSA 2013-13/CVE-2013-0752 (bmo#805024)
      Memory corruption in XBL with XML bindings containing SVG
    * MFSA 2013-14/CVE-2013-0757 (bmo#813901)
      Chrome Object Wrapper (COW) bypass through changing prototype
    * MFSA 2013-15/CVE-2013-0758 (bmo#813906)
      Privilege escalation through plugin objects
    * MFSA 2013-16/CVE-2013-0753 (bmo#814001)
      Use-after-free in serializeToStream
    * MFSA 2013-17/CVE-2013-0754 (bmo#814026)
      Use-after-free in ListenerManager
    * MFSA 2013-18/CVE-2013-0755 (bmo#814027)
      Use-after-free in Vibrate
    * MFSA 2013-19/CVE-2013-0756 (bmo#814029)
      Use-after-free in Javascript Proxy objects
  - requires NSS 3.14.1 (MFSA 2013-20, CVE-2013-0743)
  - update Enigmail to 1.5.0
* Mon Nov 26 2012 wr@rosenauer.org
  - fix KDE integration for file dialogs
  - fix some rpmlint warnings (mkdir.done files)
  - build on SLE11
    * mozilla-gcc43-enums.patch
    * mozilla-gcc43-template_hacks.patch
    * mozilla-gcc43-templates_instantiation.patch
* Tue Nov 20 2012 wr@rosenauer.org
  - update to Thunderbird 17.0 (bnc#790140)
    * MFSA 2012-91/CVE-2012-5842/CVE-2012-5843
      Miscellaneous memory safety hazards
    * MFSA 2012-92/CVE-2012-4202 (bmo#758200)
      Buffer overflow while rendering GIF images
    * MFSA 2012-93/CVE-2012-4201 (bmo#747607)
      evalInSanbox location context incorrectly applied
    * MFSA 2012-94/CVE-2012-5836 (bmo#792857)
      Crash when combining SVG text on path with CSS
    * MFSA 2012-96/CVE-2012-4204 (bmo#778603)
      Memory corruption in str_unescape
    * MFSA 2012-97/CVE-2012-4205 (bmo#779821)
      XMLHttpRequest inherits incorrect principal within sandbox
    * MFSA 2012-99/CVE-2012-4208 (bmo#798264)
      XrayWrappers exposes chrome-only properties when not in chrome
      compartment
    * MFSA 2012-100/CVE-2012-5841 (bmo#805807)
      Improper security filtering for cross-origin wrappers
    * MFSA 2012-101/CVE-2012-4207 (bmo#801681)
      Improper character decoding in HZ-GB-2312 charset
    * MFSA 2012-102/CVE-2012-5837 (bmo#800363)
      Script entered into Developer Toolbar runs with chrome privileges
    * MFSA 2012-103/CVE-2012-4209 (bmo#792405)
      Frames can shadow top.location
    * MFSA 2012-105/CVE-2012-4214/CVE-2012-4215/CVE-2012-4216/
      CVE-2012-5829/CVE-2012-5839/CVE-2012-5840/CVE-2012-4212/
      CVE-2012-4213/CVE-2012-4217/CVE-2012-4218
      Use-after-free and buffer overflow issues found using Address
      Sanitizer
    * MFSA 2012-106/CVE-2012-5830/CVE-2012-5833/CVE-2012-5835/CVE-2012-5838
      Use-after-free, buffer overflow, and memory corruption issues
      found using Address Sanitizer
  - rebased patches
  - disabled WebRTC since build is broken (bmo#776877)
  - update Enigmail to 1.4.6
* Sat Oct 27 2012 wr@rosenauer.org
  - update to Thunderbird 16.0.2 (bnc#786522)
    * MFSA 2012-90/CVE-2012-4194/CVE-2012-4195/CVE-2012-4196
      (bmo#800666, bmo#793121, bmo#802557)
      Fixes for Location object issues
* Thu Oct 11 2012 wr@rosenauer.org
  - update to Thunderbird 16.0.1 (bnc#783533)
    * MFSA 2012-88/CVE-2012-4191 (bmo#798045)
      Miscellaneous memory safety hazards
    * MFSA 2012-89/CVE-2012-4192/CVE-2012-4193 (bmo#799952, bmo#720619)
      defaultValue security checks not applied
* Mon Oct 08 2012 wr@rosenauer.org
  - update to Thunderbird 16.0 (bnc#783533)
    * MFSA 2012-74/CVE-2012-3982/CVE-2012-3983
      Miscellaneous memory safety hazards
    * MFSA 2012-75/CVE-2012-3984 (bmo#575294)
      select element persistance allows for attacks
    * MFSA 2012-76/CVE-2012-3985 (bmo#655649)
      Continued access to initial origin after setting document.domain
    * MFSA 2012-77/CVE-2012-3986 (bmo#775868)
      Some DOMWindowUtils methods bypass security checks
    * MFSA 2012-79/CVE-2012-3988 (bmo#725770)
      DOS and crash with full screen and history navigation
    * MFSA 2012-80/CVE-2012-3989 (bmo#783867)
      Crash with invalid cast when using instanceof operator
    * MFSA 2012-81/CVE-2012-3991 (bmo#783260)
      GetProperty function can bypass security checks
    * MFSA 2012-82/CVE-2012-3994 (bmo#765527)
      top object and location property accessible by plugins
    * MFSA 2012-83/CVE-2012-3993/CVE-2012-4184 (bmo#768101, bmo#780370)
      Chrome Object Wrapper (COW) does not disallow acces to privileged
      functions or properties
    * MFSA 2012-84/CVE-2012-3992 (bmo#775009)
      Spoofing and script injection through location.hash
    * MFSA 2012-85/CVE-2012-3995/CVE-2012-4179/CVE-2012-4180/
      CVE-2012-4181/CVE-2012-4182/CVE-2012-4183
      Use-after-free, buffer overflow, and out of bounds read issues
      found using Address Sanitizer
    * MFSA 2012-86/CVE-2012-4185/CVE-2012-4186/CVE-2012-4187/
      CVE-2012-4188
      Heap memory corruption issues found using Address Sanitizer
    * MFSA 2012-87/CVE-2012-3990 (bmo#787704)
      Use-after-free in the IME State Manager
  - update Enigmail to version 1.4.5
* Sun Aug 26 2012 wr@rosenauer.org
  - update to Thunderbird 15.0 (bnc#777588)
    * MFSA 2012-57/CVE-2012-1970
      Miscellaneous memory safety hazards
    * MFSA 2012-58/CVE-2012-1972/CVE-2012-1973/CVE-2012-1974/CVE-2012-1975
      CVE-2012-1976/CVE-2012-3956/CVE-2012-3957/CVE-2012-3958/CVE-2012-3959
      CVE-2012-3960/CVE-2012-3961/CVE-2012-3962/CVE-2012-3963/CVE-2012-3964
      Use-after-free issues found using Address Sanitizer
    * MFSA 2012-59/CVE-2012-1956 (bmo#756719)
      Location object can be shadowed using Object.defineProperty
    * MFSA 2012-61/CVE-2012-3966 (bmo#775794, bmo#775793)
      Memory corruption with bitmap format images with negative height
    * MFSA 2012-62/CVE-2012-3967/CVE-2012-3968
      WebGL use-after-free and memory corruption
    * MFSA 2012-63/CVE-2012-3969/CVE-2012-3970
      SVG buffer overflow and use-after-free issues
    * MFSA 2012-64/CVE-2012-3971
      Graphite 2 memory corruption
    * MFSA 2012-65/CVE-2012-3972 (bmo#746855)
      Out-of-bounds read in format-number in XSLT
    * MFSA 2012-68/CVE-2012-3975 (bmo#770684)
      DOMParser loads linked resources in extensions when parsing
      text/html
    * MFSA 2012-70/CVE-2012-3978 (bmo#770429)
      Location object security checks bypassed by chrome code
    * MFSA 2012-72/CVE-2012-3980 (bmo#771859)
      Web console eval capable of executing chrome-privileged code
  - update Enigmail to 1.4.4
* Sun Jul 29 2012 aj@suse.de
  - Fix mozilla-kde.patch to include sys/resource.h for getrlimit etc (glibc 2.16)
* Sun Jul 15 2012 wr@rosenauer.org
  - update to Thunderbird 14.0 (bnc#771583)
    * MFSA 2012-42/CVE-2012-1949/CVE-2012-1948
      Miscellaneous memory safety hazards
    * MFSA 2012-44/CVE-2012-1951/CVE-2012-1954/CVE-2012-1953/CVE-2012-1952
      Gecko memory corruption
    * MFSA 2012-45/CVE-2012-1955 (bmo#757376)
      Spoofing issue with location
    * MFSA 2012-47/CVE-2012-1957 (bmo#750096)
      Improper filtering of javascript in HTML feed-view
    * MFSA 2012-48/CVE-2012-1958 (bmo#750820)
      use-after-free in nsGlobalWindow::PageHidden
    * MFSA 2012-49/CVE-2012-1959 (bmo#754044, bmo#737559)
      Same-compartment Security Wrappers can be bypassed
    * MFSA 2012-50/CVE-2012-1960 (bmo#761014)
      Out of bounds read in QCMS
    * MFSA 2012-51/CVE-2012-1961 (bmo#761655)
      X-Frame-Options header ignored when duplicated
    * MFSA 2012-52/CVE-2012-1962 (bmo#764296)
      JSDependentString::undepend string conversion results in memory
      corruption
    * MFSA 2012-53/CVE-2012-1963 (bmo#767778)
      Content Security Policy 1.0 implementation errors cause data
      leakage
    * MFSA 2012-56/CVE-2012-1967 (bmo#758344)
      Code execution through javascript: URLs
    * relicensed to MPL-2.0
  - update Enigmail to 1.4.3
* Thu Jul 05 2012 adrian@suse.de
  - no crashreport on %arm, fixing build
* Fri Jun 15 2012 wr@rosenauer.org
  - update to Thunderbird 13.0.1
    * bugfix release
* Sat Jun 02 2012 wr@rosenauer.org
  - update to Thunderbird 13.0 (bnc#765204)
    * MFSA 2012-34/CVE-2012-1938/CVE-2012-1937/CVE-2011-3101
      Miscellaneous memory safety hazards
    * MFSA 2012-36/CVE-2012-1944 (bmo#751422)
      Content Security Policy inline-script bypass
    * MFSA 2012-37/CVE-2012-1945 (bmo#670514)
      Information disclosure though Windows file shares and shortcut
      files
    * MFSA 2012-38/CVE-2012-1946 (bmo#750109)
      Use-after-free while replacing/inserting a node in a document
    * MFSA 2012-40/CVE-2012-1947/CVE-2012-1940/CVE-2012-1941
      Buffer overflow and use-after-free issues found using Address
      Sanitizer
  - require NSS 3.13.4
    * MFSA 2012-39/CVE-2012-0441 (bmo#715073)
  - fix build with system NSPR (mozilla-system-nspr.patch)
  - add dependentlibs.list for improved XRE startup
  - update enigmail to 1.4.2
* Wed May 16 2012 wr@rosenauer.org
  - reenabled crashreporter for Factory/12.2
    (fix in mozilla-gcc47.patch)
* Mon Apr 30 2012 wr@rosenauer.org
  - update to Thunderbird 12.0.1
    * fix regressions
    - POP3 filters (bmo#748090)
    - Message Body not loaded when using "Fetch Headers Only"
      (bmo#748865)
    - Received messages contain parts of other messages with
      movemail account (bmo#748726)
    - New mail notification issue (bmo#748997)
    - crash in nsMsgDatabase::MatchDbName (bmo#748432)
* Fri Apr 27 2012 wr@rosenauer.org
  - fixed build with gcc 4.7
* Sat Apr 21 2012 wr@rosenauer.org
  - update to Thunderbird 12.0 (bnc#758408)
    * MFSA 2012-20/CVE-2012-0467/CVE-2012-0468
      Miscellaneous memory safety hazards
    * MFSA 2012-22/CVE-2012-0469 (bmo#738985)
      use-after-free in IDBKeyRange
    * MFSA 2012-23/CVE-2012-0470 (bmo#734288)
      Invalid frees causes heap corruption in gfxImageSurface
    * MFSA 2012-24/CVE-2012-0471 (bmo#715319)
      Potential XSS via multibyte content processing errors
    * MFSA 2012-25/CVE-2012-0472 (bmo#744480)
      Potential memory corruption during font rendering using cairo-dwrite
    * MFSA 2012-26/CVE-2012-0473 (bmo#743475)
      WebGL.drawElements may read illegal video memory due to
      FindMaxUshortElement error
    * MFSA 2012-27/CVE-2012-0474 (bmo#687745, bmo#737307)
      Page load short-circuit can lead to XSS
    * MFSA 2012-28/CVE-2012-0475 (bmo#694576)
      Ambiguous IPv6 in Origin headers may bypass webserver access
      restrictions
    * MFSA 2012-29/CVE-2012-0477 (bmo#718573)
      Potential XSS through ISO-2022-KR/ISO-2022-CN decoding issues
    * MFSA 2012-30/CVE-2012-0478 (bmo#727547)
      Crash with WebGL content using textImage2D
    * MFSA 2012-31/CVE-2011-3062 (bmo#739925)
      Off-by-one error in OpenType Sanitizer
    * MFSA 2012-32/CVE-2011-1187 (bmo#624621)
      HTTP Redirections and remote content can be read by javascript errors
    * MFSA 2012-33/CVE-2012-0479 (bmo#714631)
      Potential site identity spoofing when loading RSS and Atom feeds
  - update Enigmail to 1.4.1
  - added mozilla-revert_621446.patch
  - added mozilla-libnotify.patch (bmo#737646)
  - added mailnew-showalert.patch (bmo#739146)
  - added mozilla-gcc47.patch and mailnews-literals.patch to fix
    compilation issues with recent gcc 4.7
  - disabled crashreporter temporarily for Factory (gcc 4.7 issue)
* Tue Mar 27 2012 wr@rosenauer.org
  - update to Thunderbird 11.0.1 (bnc#755060)
    * Fixing an issue where filters can get messed up (bmo#735940)
    * Fixes a hang when switching IMAP folders, or doing other
      imap functions (bmo#733731)
* Fri Mar 09 2012 wr@rosenauer.org
  - update to Thunderbird 11.0 (bnc#750044)
    * MFSA 2012-13/CVE-2012-0455 (bmo#704354)
      XSS with Drag and Drop and Javascript: URL
    * MFSA 2012-14/CVE-2012-0456/CVE-2012-0457 (bmo#711653, #720103)
      SVG issues found with Address Sanitizer
    * MFSA 2012-15/CVE-2012-0451 (bmo#717511)
      XSS with multiple Content Security Policy headers
    * MFSA 2012-16/CVE-2012-0458
      Escalation of privilege with Javascript: URL as home page
    * MFSA 2012-17/CVE-2012-0459 (bmo#723446)
      Crash when accessing keyframe cssText after dynamic modification
    * MFSA 2012-18/CVE-2012-0460 (bmo#727303)
      window.fullScreen writeable by untrusted content
    * MFSA 2012-19/CVE-2012-0461/CVE-2012-0462/CVE-2012-0464/
      CVE-2012-0463
      Miscellaneous memory safety hazards
  - update enigmail to 1.4
  - added KDE integration patches (bnc#749440)
* Mon Feb 27 2012 jslaby@suse.de
  - update enigmail to 1.3.99 (1.4a1pre)
* Thu Feb 16 2012 wr@rosenauer.org
  - update to Thunderbird 10.0.2 (bnc#747328)
    * CVE-2011-3026 (bmo#727401)
      libpng: integer overflow leading to heap-buffer overflow
* Thu Feb 09 2012 wr@rosenauer.org
  - update to version 10.0.1 (bnc#746616)
    * MFSA 2012-10/CVE-2012-0452 (bmo#724284)
      use after free in nsXBLDocumentInfo::ReadPrototypeBindings
  - Use YARR interpreter instead of PCRE on platforms where YARR JIT
    is not supported, since PCRE doesnt build (bmo#691898)
  - fix ppc64 build (bmo#703534)
* Sun Jan 29 2012 wr@rosenauer.org
  - update to version 10.0 (bnc#744275)
    * MFSA 2012-01/CVE-2012-0442/CVE-2012-0443
      Miscellaneous memory safety hazards
    * MFSA 2012-03/CVE-2012-0445 (bmo#701071)
      <iframe> element exposed across domains via name attribute
    * MFSA 2012-04/CVE-2011-3659 (bmo#708198)
      Child nodes from nsDOMAttribute still accessible after removal
      of nodes
    * MFSA 2012-05/CVE-2012-0446 (bmo#705651)
      Frame scripts calling into untrusted objects bypass security
      checks
    * MFSA 2012-06/CVE-2012-0447 (bmo#710079)
      Uninitialized memory appended when encoding icon images may
      cause information disclosure
    * MFSA 2012-07/CVE-2012-0444 (bmo#719612)
      Potential Memory Corruption When Decoding Ogg Vorbis files
    * MFSA 2012-08/CVE-2012-0449 (bmo#701806, bmo#702466)
      Crash with malformed embedded XSLT stylesheets
  - update enigmail to 1.3.5
  - added mozilla-disable-neon-option.patch to be able to disable
    neon on ARM
  - removed obsolete PPC64 patch
* Sun Dec 18 2011 wr@rosenauer.org
  - update to version 9.0 (bnc#737533)
    * MFSA 2011-53/CVE-2011-3660
      Miscellaneous memory safety hazards (rv:9.0)
    * MFSA 2011-54/CVE-2011-3661 (bmo#691299)
      Potentially exploitable crash in the YARR regular expression
      library
    * MFSA 2011-55/CVE-2011-3658 (bmo#708186)
      nsSVGValue out-of-bounds access
    * MFSA 2011-56/CVE-2011-3663 (bmo#704482)
      Key detection without JavaScript via SVG animation
    * MFSA 2011-58/VE-2011-3665 (bmo#701259)
      Crash scaling <video> to extreme sizes
  - fixed accessibility under GNOME 3 (bnc#732898)
    (mozilla-a11y.patch)
  - do not show update channel in about box
    (tb-no-update-channel.patch)
* Sun Dec 04 2011 wr@rosenauer.org
  - update enigmail to 1.3.4 (bnc#733002)
    * fixes several regressions from previous release
* Mon Nov 21 2011 wr@rosenauer.org
  - do not disable system addons
  - fixed enigmail localizations
* Mon Nov 21 2011 dvaleev@suse.com
  - fix powerpc build
  - disable crashreporter on ppc and ppc64
* Mon Nov 07 2011 wr@rosenauer.org
  - update to version 8.0 (bnc#728520)
    * MFSA 2011-47/CVE-2011-3648 (bmo#690225)
      Potential XSS against sites using Shift-JIS
    * MFSA 2011-48/CVE-2011-3651/CVE-2011-3652/CVE-2011-3654
      Miscellaneous memory safety hazards
    * MFSA 2011-49/CVE-2011-3650 (bmo#674776)
      Memory corruption while profiling using Firebug
    * MFSA 2011-52/CVE-2011-3655 (bmo#672182)
      Code execution via NoWaiverWrapper
  - rebased patches
  - update enigmail to 1.3.3
  - update icon cache after install/removal (bnc#726758)
* Fri Sep 30 2011 wr@rosenauer.org
  - update to minor version 7.0.1
    * fixed staged addon updates
    * Disabled the what's new tab for updaters from 7.0 (bmo#690290)
    * Insert Characters & Symbols fix (bmo#690267)
* Mon Sep 26 2011 wr@rosenauer.org
  - update to version 7.0 (bnc#720264)
    * MFSA 2011-36
      Miscellaneous memory safety hazards
    * MFSA 2011-39/CVE-2011-3000 (bmo#655389)
      Defense against multiple Location headers due to CRLF Injection
    * MFSA 2011-40/CVE-2011-2372/CVE-2011-3001
      Code installation through holding down Enter
    * MFSA 2011-42/CVE-2011-3232
      Potentially exploitable crash in the YARR regular expression
      library
    * MFSA 2011-44/CVE-2011-3005 (bmo#675747)
      Use after free reading OGG headers
  - removed obsolete mozilla-cairo-lcd.patch
* Tue Sep 13 2011 wr@rosenauer.org
  - update enigmail to 1.3.2 (no changelog available)
  - add dbus-1-glib-devel to BuildRequires (not pulled automatically
    anymore with 12.1)
* Fri Sep 09 2011 wr@rosenauer.org
  - make enigmail a subversion of Thunderbird to fix %release
    number tracking issues with the Open Build Service
    (taken from dmueller's 3.1.x changes)
* Wed Sep 07 2011 pcerny@suse.com
  - security update to 6.0.2 (bnc#714931)
    * Complete blocking of certificates issued by DigiNotar
      (bmo#683449)
* Fri Sep 02 2011 pcerny@suse.com
  - security update to 6.0.1 (bnc#714931)
    * MFSA 2011-34
      Protection against fraudulent DigiNotar certificates
      (bmo#682927)
* Wed Aug 17 2011 jslaby@suse.de
  - update enigmail to 1.3 final
* Fri Aug 12 2011 wr@rosenauer.org
  - update to version 6.0 (bnc#712224)
    including security fixes MFSA 2011-31
    * CVE-2011-2989/CVE-2011-2991/CVE-2011-2992/CVE-2011-2985
      Miscellaneous memory safety hazards
    * CVE-2011-2988 (bmo#665936)
      String crash using WebGL shaders
    * CVE-2011-2987 (bmo#665934)
      Heap overflow in ANGLE library
    * CVE-2011-0084 (bmo#648094)
      Crash in SVGTextElement.getCharNumAtPosition()
    * CVE-2011-2986 (bmo#655836)
      Cross-origin data theft using canvas and Windows D2D
  - add mozilla-curl.patch to remove dependencies to obsolete curl
    header
* Sat Jul 30 2011 jslaby@suse.de
  - update enigmail to 1.2.99 (1.3a1pre)
* Fri Jul 29 2011 wr@rosenauer.org
  - update to version 6.0b2
    * removed obsolete patches
    - mozilla-gio.patch
    - thunderbird-gio.patch
  - fix symbol dumper for linux3 platform
* Sat Jul 09 2011 wr@rosenauer.org
  - update to version 5.0
  - update enigmail to version 1.2
  - improved logic for the launcher command
  - enable gio usage (instead of gnomevfs) for 11.4 and newer
  - build dump_syms dynamic to build on 12.1 and above
* Mon Jun 20 2011 wr@rosenauer.org
  - security update to version 3.1.11 (bnc#701296)
    * MFSA 2011-19/CVE-2011-2374 CVE-2011-2376 CVE-2011-2364
      CVE-2011-2365
      Miscellaneous memory safety hazards
    * MFSA 2011-20/CVE-2011-2373 (bmo#617247)
      Use-after-free vulnerability when viewing XUL document with
      script disabled
    * MFSA 2011-21/CVE-2011-2377 (bmo#638018, bmo#639303)
      Memory corruption due to multipart/x-mixed-replace images
    * MFSA 2011-22/CVE-2011-2371 (bmo#664009)
      Integer overflow and arbitrary code execution in
      Array.reduceRight()
    * MFSA 2011-23/CVE-2011-0083 CVE-2011-0085 CVE-2011-2363
      Multiple dangling pointer vulnerabilities
    * MFSA 2011-24/CVE-2011-2362 (bmo#616264)
      Cookie isolation error
  - speed up find-external-requires.sh
  - do not build dump_syms static as it is not needed for us
    - > fixes build for 12.1 and above
* Fri Apr 15 2011 wr@rosenauer.org
  - security update to version 3.1.10 (bnc#689281)
    * MFSA 2011-12/ CVE-2011-0069 CVE-2011-0070 CVE-2011-0072
      CVE-2011-0074 CVE-2011-0075 CVE-2011-0077 CVE-2011-0078
      CVE-2011-0080 CVE-2011-0081
      Miscellaneous memory safety hazards
* Fri Mar 25 2011 idoenmez@novell.com
  - Add mozilla-gcc46.patch: fix compilation with gcc 4.6
    See the following bug reports:
      https://bugzilla.mozilla.org/show_bug.cgi?id=623116
      https://bugzilla.mozilla.org/show_bug.cgi?id=623123
      https://bugzilla.mozilla.org/show_bug.cgi?id=623126
      https://bugzilla.mozilla.org/show_bug.cgi?id=628371
* Tue Feb 22 2011 wr@rosenauer.org
  - security update to version 3.1.8 (build3) (bnc#667155)
    * MFSA 2011-01/CVE-2011-0053/CVE-2011-0062
      Miscellaneous memory safety hazards (rv:1.9.2.14/ 1.9.1.17)
    * MFSA 2011-08/CVE-2010-1585 (bmo#562547)
      ParanoidFragmentSink allows javascript: URLs in chrome documents
    * MFSA 2011-09/CVE-2011-0061 (bmo#610601)
      Crash caused by corrupted JPEG image
* Thu Jan 13 2011 wr@rosenauer.org
  - rename desktop file for 11.4 and above (bnc#664211)
* Mon Jan 10 2011 wr@rosenauer.org
  - add x-scheme-handler/mailto as mimetype to the desktop file
    as needed by newer Gnome environment
* Mon Nov 29 2010 wr@rosenauer.org
  - security update to version 3.1.7 (bnc#657016)
    * MFSA 2010-74/CVE-2010-3776/CVE-2010-3777/CVE-2010-3778
      Miscellaneous memory safety hazards (rv:1.9.2.13/ 1.9.1.16)
    * MFSA 2010-75/CVE-2010-3769 (bmo#608336)
      Buffer overflow while line breaking after document.write with
      long string
    * MFSA 2010-78/CVE-2010-3768 (bmo#527276)
      Add support for OTS font sanitizer
  - provide versioned "thunderbird" symbol
* Wed Oct 27 2010 wr@rosenauer.org
  - security update to version 3.1.6 (bnc#649492)
    * MFSA 2010-73/CVE-2010-3765 (bmo#607222)
      Heap buffer overflow mixing document.write and DOM insertion
* Wed Oct 06 2010 wr@rosenauer.org
  - security update to version 3.1.5 (bnc#645315)
    * MFSA 2010-64/CVE-2010-3174/CVE-2010-3175/CVE-2010-3176
      Miscellaneous memory safety hazards
    * MFSA 2010-65/CVE-2010-3179 (bmo#583077)
      Buffer overflow and memory corruption using document.write
    * MFSA 2010-66/CVE-2010-3180 (bmo#588929)
      Use-after-free error in nsBarProp
    * MFSA 2010-67/CVE-2010-3183 (bmo#598669)
      Dangling pointer vulnerability in LookupGetterOrSetter
    * MFSA 2010-69/CVE-2010-3178 (bmo#576616)
      Cross-site information disclosure via modal calls
    * MFSA 2010-70/CVE-2010-3170 (bmo#578697)
      SSL wildcard certificate matching IP addresses
    * MFSA 2010-71/CVE-2010-3182 (bmo#590753, bnc#642502)
      Unsafe library loading vulnerabilities
    * MFSA 2010-72/CVE-2010-3173
      Insecure Diffie-Hellman key exchange
    * new extra locales
    * removed upstreamed mozilla-helper-app.patch
  - require mozilla-nss >= 3.12.8
* Wed Sep 15 2010 wr@rosenauer.org
  - update to version 3.1.4
    * fixing startup topcrash
* Mon Aug 30 2010 wr@rosenauer.org
  - security update to version 3.1.3 (bnc#637303)
    * MFSA 2010-49/CVE-2010-3169
      Miscellaneous memory safety hazards
    * MFSA 2010-50/CVE-2010-2765 (bmo#576447)
      Frameset integer overflow vulnerability
    * MFSA 2010-51/CVE-2010-2767 (bmo#584512)
      Dangling pointer vulnerability using DOM plugin array
    * MFSA 2010-53/CVE-2010-3166 (bmo#579655)
      Heap buffer overflow in nsTextFrameUtils::TransformText
    * MFSA 2010-54/CVE-2010-2760 (bmo#585815)
      Dangling pointer vulnerability in nsTreeSelection
    * MFSA 2010-55/CVE-2010-3168 (bmo#576075)
      XUL tree removal crash and remote code execution
    * MFSA 2010-56/CVE-2010-3167 (bmo#576070)
      Dangling pointer vulnerability in nsTreeContentView
    * MFSA 2010-57/CVE-2010-2766 (bmo#580445)
      Crash and remote code execution in normalizeDocument
    * MFSA 2010-59/CVE-2010-2762 (bmo#584180)
      SJOW creates scope chains ending in outer object
    * MFSA 2010-61/CVE-2010-2768 (bmo#579744)
      UTF-7 XSS by overriding document charset using <object> type
      attribute
    * MFSA 2010-62/CVE-2010-2769 (bmo#520189)
      Copy-and-paste or drag-and-drop into designMode document allows
      XSS
    * MFSA 2010-63/CVE-2010-2764 (bmo#552090)
      Information leak via XMLHttpRequest statusText
  - ESD notification sound fix included upstream
* Mon Aug 30 2010 wr@rosenauer.org
  - fixed build with latest Gnome
    (mozilla-gdk-pixbuf.patch)
* Sat Jul 24 2010 wr@rosenauer.org
  - update to version 3.1.1
    * based on the Gecko 1.9.2 platform
    * Faster Search Results
    * Quick Filter Toolbar
    * New Migration Assistant
    * Saved Files Manager
  - update to enigmail 1.1.2
  - enable crashreporter and package buildsymbols
  - fixed esd sound output (notifications) (bmo#576365)
* Fri Jul 16 2010 wr@rosenauer.org
  - security update to 3.0.6 (bnc#622506)
    * MFSA 2010-34/CVE-2010-1211/CVE-2010-1212
      Miscellaneous memory safety hazards
    * MFSA 2010-39/CVE-2010-2752 (bmo#574059)
      nsCSSValue::Array index integer overflow
    * MFSA 2010-40/CVE-2010-2753 (bmo#571106)
      nsTreeSelection dangling pointer remote code execution
      vulnerability
    * MFSA 2010-41/CVE-2010-1205 (bmo#570451)
      Remote code execution using malformed PNG image
    * MFSA 2010-42/CVE-2010-1213 (bmo#568148)
      Cross-origin data disclosure via Web Workers and importScripts
    * MFSA 2010-46/CVE-2010-0654 (bmo#524223)
      Cross-domain data theft using CSS
    * MFSA 2010-47/CVE-2010-2754 (bmo#568564)
      Cross-origin data leakage from script filename in error messages
* Fri May 21 2010 wr@rosenauer.org
  - security update to 3.0.5 (bnc#603356)
    * MFSA 2010-25/CVE-2010-1121 (bmo#555109)
      Re-use of freed object due to scope confusion
    * MFSA 2010-26/CVE-2010-1200/CVE-2010-1201/CVE-2010-1202/
      CVE-2010-1203
      Crashes with evidence of memory corruption (rv:1.9.1.10)
    * MFSA 2010-29/CVE-2010-1196 (bmo#534666)
      Heap buffer overflow in nsGenericDOMDataNode::SetTextInternal
    * MFSA 2010-30/CVE-2010-1199 (bmo#554255)
      Integer Overflow in XSLT Node Sorting
* Mon Apr 12 2010 wr@rosenauer.org
  - do not encode the RPM release number into the useragent
    to avoid non useful republishing (bnc#593807)
* Wed Mar 17 2010 wr@rosenauer.org
  - security update to 3.0.4 (bnc#586567)
    * MFSA 2010-16/CVE-2010-0173/CVE-2010-0174
      Crashes with evidence of memory corruption
    * MFSA 2010-17/CVE-2010-0175 (bmo#540100,375928)
      Remote code execution with use-after-free in nsTreeSelection
    * MFSA 2010-18/CVE-2010-0176 (bmo#538308)
      Dangling pointer vulnerability in nsTreeContentView
    * MFSA 2010-22/CVE-2009-3555 (bmo#545755)
      Update NSS to support TLS renegotiation indication
    * MFSA 2010-24/CVE-2010-0182 (bmo#490790)
      XMLDocument::load() doesn't check nsIContentPolicy
* Sun Feb 28 2010 wr@rosenauer.org
  - update to 3.0.3
    * Fix for missing folders or empty folder pane after updating
      to Thunderbird 3.0.2
* Fri Feb 26 2010 wr@rosenauer.org
  - security update to 3.0.2 (bnc#576969)
    * MFSA 2010-01/CVE-2010-0159
      Crashes with evidence of memory corruption
    * MFSA 2010-03/CVE-2009-1571
      Use-after-free crash in HTML parser
    * various stability improvements
  - update enigmail to 1.0.1
    * Czech, Dutch, Polish and Portuguese (Brazilian) languages
      were added to the release.
    * there are several fixes related using OpenPGP Smartcards
  - use system hunspell again (bnc#582276)
* Mon Jan 11 2010 wr@rosenauer.org
  - update to 3.0.1
    * fixed UI issues related to some combinations of installed addons
      (bmo#398702)
  - fixed session restore (bnc#528406, bmo#508986)
  - removed obsolete lightning stuff from spec file
  - removed obsolete orbit-devel build requirement
* Mon Dec 07 2009 wr@rosenauer.org
  - update to 3.0 (bnc#559819)
  - update enigmail to final version 1.0.0
  - use --disable-updater and removed obsolete UI patch and
    pref changes
  - use internal cairo up to 11.1 (Gecko now requires at least 1.8.8)
  - added mozilla-clipboard.patch fixing a common crash (bmo#495392)
  - removed upstreamed patch thunderbird-cs-smtpauth.patch
* Wed Oct 07 2009 wr@rosenauer.org
  - fixed startup-notification (bnc#518603)
    (mozilla-startup-notification.patch)
* Tue Sep 29 2009 wr@rosenauer.org
  - fixed CS locale to allow SMTP AUTH sending of mails (bnc#542809)
* Tue Sep 15 2009 wr@rosenauer.org
  - update to 3.0b4
    * removed upstreamed patches
    * based on Gecko 1.9.1.3 (inheriting security fixes)
    * new global search
* Tue Aug 25 2009 wr@rosenauer.org
  - reversioned enigmail to 0.96.99 (as it's actually 0.97a and 0.96
    has been released already)
  - fixed RPM group for the translation subpackages
* Fri Aug 21 2009 wr@rosenauer.org
  - remove obsolete code for protocol handlers (bmo#389732)
    (mozilla-protocol_handler.patch)
  - new enigmail snapshot (20090813)
  - require pinentry-gui for 11.2 and up (bnc#441084)
* Sun Aug 09 2009 wr@rosenauer.org
  - Gtk filechooser allows alternative button order (as used in KDE)
    (bnc#527418)
  - translations{,-common} package doesn't provide en-US
  - split translations into -common and -other packages (bnc#529180)
* Tue Jul 28 2009 wr@rosenauer.org
  - fixed wrong %exclude by removing unwanted files at %install stage
* Fri Jul 17 2009 wr@rosenauer.org
  - major update to 3.0b3
  - update enigmail to 0.96pre
  - created enigmail subpackage and install to system wide location
    for Thunderbird and SeaMonkey
  - define MOZ_APP_LAUNCHER for session management (bmo#453689)
    (mozilla-app-launcher.patch and mozilla.sh.in)
  - move opensuse.js prefs to all-opensuse.js prefs to be able
    to override prefs in all-thunderbird.js
  - move intl.locale.matchOS to all-opensuse.js
  - added mozilla-jemalloc_deepbind.patch to fix various possible
    crashes (bnc#503151, bmo#493541)
* Fri Jun 19 2009 coolo@novell.com
  - disable as-needed for this package as it fails to build with it
* Tue Jun 02 2009 wr@rosenauer.org
  - Fixed build issue for gcc 4.4 (mozilla-gcc44.patch)
* Wed Mar 18 2009 wr@rosenauer.org
  - security update to version 2.0.0.21 (bnc#484321)
    * MFSA 2009-07/CVE-2009-0771, CVE-2009-0772, CVE-2009-0773
      CVE-2009-0774:
      Crashes with evidence of memory corruption (rv:1.9.0.7)
    * MFSA 2009-09/CVE-2009-0776:
      XML data theft via RDFXMLDataSource and cross-domain redirect
    * MFSA 2009-10/CVE-2009-0040:
      Upgrade PNG library to fix memory safety hazards

Files

/usr/bin/thunderbird
/usr/lib64/thunderbird
/usr/lib64/thunderbird/Throbber-small.gif
/usr/lib64/thunderbird/application.ini
/usr/lib64/thunderbird/blocklist.xml
/usr/lib64/thunderbird/chrome
/usr/lib64/thunderbird/chrome.manifest
/usr/lib64/thunderbird/chrome/icons
/usr/lib64/thunderbird/chrome/icons/default
/usr/lib64/thunderbird/chrome/icons/default/default16.png
/usr/lib64/thunderbird/chrome/icons/default/default22.png
/usr/lib64/thunderbird/chrome/icons/default/default24.png
/usr/lib64/thunderbird/chrome/icons/default/default256.png
/usr/lib64/thunderbird/chrome/icons/default/default32.png
/usr/lib64/thunderbird/chrome/icons/default/default48.png
/usr/lib64/thunderbird/crashreporter
/usr/lib64/thunderbird/crashreporter.ini
/usr/lib64/thunderbird/defaults
/usr/lib64/thunderbird/defaults/messenger
/usr/lib64/thunderbird/defaults/messenger/mailViews.dat
/usr/lib64/thunderbird/defaults/pref
/usr/lib64/thunderbird/defaults/pref/all-l10n.js
/usr/lib64/thunderbird/defaults/pref/all-opensuse.js
/usr/lib64/thunderbird/defaults/pref/all-thunderbird.js
/usr/lib64/thunderbird/defaults/pref/channel-prefs.js
/usr/lib64/thunderbird/defaults/pref/kde.js
/usr/lib64/thunderbird/dependentlibs.list
/usr/lib64/thunderbird/dictionaries
/usr/lib64/thunderbird/distribution
/usr/lib64/thunderbird/distribution/extensions
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/app.ini
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/calendar-js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/calendar-js/calAlarm.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/calendar-js/calAlarmMonitor.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/calendar-js/calAlarmService.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/calendar-js/calAttachment.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/calendar-js/calAttendee.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/calendar-js/calCachedCalendar.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/calendar-js/calCalendarManager.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/calendar-js/calCalendarSearchService.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/calendar-js/calDateTime.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/calendar-js/calDateTimeFormatter.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/calendar-js/calDavRequestHandlers.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/calendar-js/calDeletedItems.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/calendar-js/calDuration.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/calendar-js/calEvent.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/calendar-js/calFilter.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/calendar-js/calFreeBusyService.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/calendar-js/calHtmlExport.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/calendar-js/calICSService-worker.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/calendar-js/calICSService.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/calendar-js/calIcsImportExport.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/calendar-js/calIcsParser.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/calendar-js/calIcsSerializer.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/calendar-js/calItemBase.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/calendar-js/calItipItem.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/calendar-js/calListFormatter.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/calendar-js/calMonthGridPrinter.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/calendar-js/calOutlookCSVImportExport.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/calendar-js/calPeriod.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/calendar-js/calProtocolHandler.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/calendar-js/calRecurrenceDate.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/calendar-js/calRecurrenceInfo.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/calendar-js/calRecurrenceRule.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/calendar-js/calRelation.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/calendar-js/calStartupService.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/calendar-js/calTimezone.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/calendar-js/calTodo.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/calendar-js/calTransactionManager.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/calendar-js/calUtils.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/calendar-js/calWcapCalendar.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/calendar-js/calWcapCalendarItems.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/calendar-js/calWcapErrors.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/calendar-js/calWcapRequest.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/calendar-js/calWcapSession.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/calendar-js/calWcapUtils.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/calendar-js/calWeekInfoService.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/calendar-js/calWeekPrinter.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/chrome.jar
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/chrome.manifest
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/components
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/components/calBackendLoader.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/components/calCompositeCalendar.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/components/calDavCalendar.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/components/calDefaultACLManager.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/components/calICALJSComponents.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/components/calICSCalendar.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/components/calImportExportModule.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/components/calItemModule.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/components/calItipEmailTransport.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/components/calItipProtocolHandler.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/components/calMemoryCalendar.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/components/calSleepMonitor.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/components/calStorageCalendar.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/components/calTimezoneService.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/components/calWcapCalendarModule.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/components/components.manifest
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/components/icaljs-manifest
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/components/interfaces.xpt
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/components/lightningTextCalendarConverter.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/defaults
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/defaults/preferences
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/defaults/preferences/lightning.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/install.rdf
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/modules
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/modules/calAlarmUtils.jsm
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/modules/calAsyncUtils.jsm
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/modules/calAuthUtils.jsm
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/modules/calExtract.jsm
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/modules/calHashedArray.jsm
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/modules/calItemUtils.jsm
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/modules/calIteratorUtils.jsm
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/modules/calItipUtils.jsm
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/modules/calPrintUtils.jsm
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/modules/calProviderUtils.jsm
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/modules/calRecurrenceUtils.jsm
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/modules/calStorageHelpers.jsm
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/modules/calStorageUpgrade.jsm
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/modules/calUtils.jsm
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/modules/calViewUtils.jsm
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/modules/calXMLUtils.jsm
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/modules/ical.js
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/modules/ltnInvitationUtils.jsm
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/modules/ltnUtils.jsm
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/timezones
/usr/lib64/thunderbird/distribution/extensions/{e2fda1a4-762b-4020-b5ad-a41df1933103}/timezones/zones.json
/usr/lib64/thunderbird/extensions
/usr/lib64/thunderbird/extensions/{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
/usr/lib64/thunderbird/fonts
/usr/lib64/thunderbird/fonts/EmojiOneMozilla.ttf
/usr/lib64/thunderbird/icudt58l.dat
/usr/lib64/thunderbird/isp
/usr/lib64/thunderbird/isp/Bogofilter.sfd
/usr/lib64/thunderbird/isp/DSPAM.sfd
/usr/lib64/thunderbird/isp/POPFile.sfd
/usr/lib64/thunderbird/isp/SpamAssassin.sfd
/usr/lib64/thunderbird/isp/SpamPal.sfd
/usr/lib64/thunderbird/isp/movemail.rdf
/usr/lib64/thunderbird/isp/rss.rdf
/usr/lib64/thunderbird/libldap60.so
/usr/lib64/thunderbird/libldif60.so
/usr/lib64/thunderbird/liblgpllibs.so
/usr/lib64/thunderbird/libmozsandbox.so
/usr/lib64/thunderbird/libmozsqlite3.so
/usr/lib64/thunderbird/libprldap60.so
/usr/lib64/thunderbird/libxul.so
/usr/lib64/thunderbird/omni.ja
/usr/lib64/thunderbird/platform.ini
/usr/lib64/thunderbird/plugin-container
/usr/lib64/thunderbird/run-mozilla.sh
/usr/lib64/thunderbird/thunderbird-bin
/usr/lib64/thunderbird/thunderbird.sh
/usr/share/appdata
/usr/share/appdata/thunderbird.appdata.xml
/usr/share/applications/thunderbird.desktop
/usr/share/icons/hicolor/16x16/apps/thunderbird.png
/usr/share/icons/hicolor/22x22/apps/thunderbird.png
/usr/share/icons/hicolor/24x24/apps/thunderbird.png
/usr/share/icons/hicolor/256x256/apps/thunderbird.png
/usr/share/icons/hicolor/32x32/apps/thunderbird.png
/usr/share/icons/hicolor/48x48/apps/thunderbird.png


Generated by rpm2html 1.8.1

Fabrice Bellet, Fri Jan 10 06:13:27 2020