From e3e1a007a4689318ac700385c1e1a2e22da49cb5 Mon Sep 17 00:00:00 2001 From: Jacob Wang Date: Tue, 12 Aug 2025 17:25:51 +0800 Subject: [PATCH 1/2] [CVE]update to thunderbird-128.13.0-3 to #ICSLER update to thunderbird-128.13.0-3 for CVE-2025-8027 CVE-2025-8028 CVE-2025-8029 CVE-2025-8030 CVE-2025-8031 CVE-2025-8032 CVE-2025-8033 CVE-2025-8034 CVE-2025-8035 Project: TC2024080204 Signed-off-by: Jacob Wang --- download | 4 +-- ...an8 => thunderbird-redhat-default-prefs.js | 8 ++--- thunderbird.spec | 32 ++++++++++--------- 3 files changed, 23 insertions(+), 21 deletions(-) rename thunderbird-anolis-default-prefs.js.an8 => thunderbird-redhat-default-prefs.js (87%) diff --git a/download b/download index f46f678..dc3d027 100644 --- a/download +++ b/download @@ -1,6 +1,6 @@ fc25f988b87b5187d4e2f006efa699a3 cbindgen-vendor.tar.xz -23db5d84a1273580e4144cf47ad6f787 thunderbird-128.12.0esr.processed-source.tar.xz -23c2b4c59050799e3ffb34af22d4803f thunderbird-langpacks-128.12.0esr-20250630.tar.xz +74a5d9658eb5f346f1b461b2d1d7934c thunderbird-128.13.0esr.b3.processed-source.tar.xz +1f5d8d29cc5237c21aa0cb7dc5743a26 thunderbird-langpacks-128.13.0esr-20250723.tar.xz 7b35b9a003996b1f1dbc3cd936a609f2 nspr-4.35.0-1.el8_1.src.rpm ab085bce989de91681f48fdd05be4c0f nss-3.101.0-7.el8_2.src.rpm dbf6357877e3e1042de1a95cdfb61507 nss-3.101.0-7.el9_2.src.rpm diff --git a/thunderbird-anolis-default-prefs.js.an8 b/thunderbird-redhat-default-prefs.js similarity index 87% rename from thunderbird-anolis-default-prefs.js.an8 rename to thunderbird-redhat-default-prefs.js index e54f49c..15faa7b 100644 --- a/thunderbird-anolis-default-prefs.js.an8 +++ b/thunderbird-redhat-default-prefs.js @@ -1,15 +1,15 @@ pref("app.update.enabled", false); pref("app.update.autoInstallEnabled", false); -/* Allow users to set custom colors */ -/* pref("browser.display.use_system_colors", true); */ -pref("general.useragent.vendor", "Anolis OS"); +/* Allow users to set custom colors*/ +/* pref("browser.display.use_system_colors", true);*/ +pref("general.useragent.vendor", "Red Hat"); pref("general.useragent.vendorSub", "THUNDERBIRD_RPM_VR"); pref("intl.locale.matchOS", true); pref("mail.shell.checkDefaultClient", false); pref("toolkit.networkmanager.disable", false); pref("offline.autoDetect", true); -/* Disable global indexing by default */ +/* Disable global indexing by default*/ pref("mailnews.database.global.indexer.enabled", false); /* Do not switch to Smart Folders after upgrade to 3.0b4 */ diff --git a/thunderbird.spec b/thunderbird.spec index e7f8a01..874284e 100644 --- a/thunderbird.spec +++ b/thunderbird.spec @@ -1,4 +1,3 @@ -%define anolis_release .0.1 # Set for local builds only %global disable_toolsets 0 @@ -14,17 +13,17 @@ %{lua: function dist_to_rhel_minor(str, start) - match = string.match(str, ".module%+an8.%d+") + match = string.match(str, ".module%+el8.%d+") if match then return string.sub(match, 13) end - match = string.match(str, ".an8_%d+") + match = string.match(str, ".el8_%d+") if match then return string.sub(match, 6) end - match = string.match(str, ".an8") + match = string.match(str, ".el8") if match then - return 8 + return 10 end match = string.match(str, ".module%+el9.%d+") if match then @@ -128,7 +127,7 @@ end} # If set to .b2 or .b3 ... the processed source file needs to be renamed before upload, e.g. # thunderbird-102.8.0.b2.processed-source.tar.xz # When unset use processed source file name as is. -#%%global buildnum .b2 +%global buildnum .b3 %bcond_without langpacks @@ -138,8 +137,8 @@ end} Summary: Mozilla Thunderbird mail/newsgroup client Name: thunderbird -Version: 128.12.0 -Release: 1%{anolis_release}%{?dist} +Version: 128.13.0 +Release: 3%{?dist} URL: http://www.mozilla.org/projects/thunderbird/ License: MPLv1.1 or GPLv2+ or LGPLv2+ @@ -158,7 +157,6 @@ ExcludeArch: %{ix86} %endif %endif %endif -ExcludeArch: loongarch64 # We can't use the official tarball as it contains some test files that use # licenses that are rejected by Red Hat Legal. @@ -167,12 +165,12 @@ ExcludeArch: loongarch64 #Source0: https://archive.mozilla.org/pub/thunderbird/releases/%%{version}%%{?pre_version}/source/thunderbird-%%{version}%%{?pre_version}.processed-source.tar.xz Source0: thunderbird-%{version}%{?pre_version}%{?buildnum}.processed-source.tar.xz %if %{with langpacks} -Source1: thunderbird-langpacks-%{version}%{?pre_version}-20250630.tar.xz +Source1: thunderbird-langpacks-%{version}%{?pre_version}-20250723.tar.xz %endif Source2: cbindgen-vendor.tar.xz Source3: process-official-tarball Source10: thunderbird-mozconfig -Source12: thunderbird-anolis-default-prefs.js.an8 +Source12: thunderbird-redhat-default-prefs.js Source20: thunderbird.desktop Source21: thunderbird.sh.in Source24: mozilla-api-key @@ -334,7 +332,6 @@ BuildRequires: zlib-devel BuildRequires: gcc-toolset-%{gts_version}-runtime BuildRequires: gcc-toolset-%{gts_version}-binutils BuildRequires: gcc-toolset-%{gts_version}-gcc -BuildRequires: gcc-toolset-%{gts_version}-gcc-c++ BuildRequires: gcc-toolset-%{gts_version}-gcc-plugin-annobin # Do not explicitly require gcc-toolset-%%{gts_version}-gcc-c++ instead fail # when clang is upgraded to depend on a later toolset and adjust version. @@ -1663,9 +1660,14 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || : #=============================================================================== %changelog -* Thu Jul 03 2025 Liwei Ge - 128.12.0-1.0.1 -- Rebrand to Anolis -- Remove loongarch64 arch(Zhao Hang) +* Wed Jul 23 2025 Eike Rathke - 128.13.0-3 +- Update to 128.13.0 build3 + +* Tue Jul 22 2025 Eike Rathke - 128.13.0-2 +- Update to 128.13.0 build2 + +* Mon Jul 21 2025 Eike Rathke - 128.13.0-1 +- Update to 128.13.0 build1 * Mon Jun 30 2025 Eike Rathke - 128.12.0-1 - Update to 128.12.0 build1 -- Gitee From 596b240c875182423e7a2ab03ec035e3b3347a1d Mon Sep 17 00:00:00 2001 From: Zhao Hang Date: Mon, 20 Dec 2021 03:27:54 +0000 Subject: [PATCH 2/2] rebrand: rename js file and update vendor --- ...=> thunderbird-anolis-default-prefs.js.an8 | 8 ++++---- thunderbird.spec | 19 +++++++++++++------ 2 files changed, 17 insertions(+), 10 deletions(-) rename thunderbird-redhat-default-prefs.js => thunderbird-anolis-default-prefs.js.an8 (87%) diff --git a/thunderbird-redhat-default-prefs.js b/thunderbird-anolis-default-prefs.js.an8 similarity index 87% rename from thunderbird-redhat-default-prefs.js rename to thunderbird-anolis-default-prefs.js.an8 index 15faa7b..e54f49c 100644 --- a/thunderbird-redhat-default-prefs.js +++ b/thunderbird-anolis-default-prefs.js.an8 @@ -1,15 +1,15 @@ pref("app.update.enabled", false); pref("app.update.autoInstallEnabled", false); -/* Allow users to set custom colors*/ -/* pref("browser.display.use_system_colors", true);*/ -pref("general.useragent.vendor", "Red Hat"); +/* Allow users to set custom colors */ +/* pref("browser.display.use_system_colors", true); */ +pref("general.useragent.vendor", "Anolis OS"); pref("general.useragent.vendorSub", "THUNDERBIRD_RPM_VR"); pref("intl.locale.matchOS", true); pref("mail.shell.checkDefaultClient", false); pref("toolkit.networkmanager.disable", false); pref("offline.autoDetect", true); -/* Disable global indexing by default*/ +/* Disable global indexing by default */ pref("mailnews.database.global.indexer.enabled", false); /* Do not switch to Smart Folders after upgrade to 3.0b4 */ diff --git a/thunderbird.spec b/thunderbird.spec index 874284e..31802d3 100644 --- a/thunderbird.spec +++ b/thunderbird.spec @@ -1,3 +1,4 @@ +%define anolis_release .0.1 # Set for local builds only %global disable_toolsets 0 @@ -13,17 +14,17 @@ %{lua: function dist_to_rhel_minor(str, start) - match = string.match(str, ".module%+el8.%d+") + match = string.match(str, ".module%+an8.%d+") if match then return string.sub(match, 13) end - match = string.match(str, ".el8_%d+") + match = string.match(str, ".an8_%d+") if match then return string.sub(match, 6) end - match = string.match(str, ".el8") + match = string.match(str, ".an8") if match then - return 10 + return 8 end match = string.match(str, ".module%+el9.%d+") if match then @@ -138,7 +139,7 @@ end} Summary: Mozilla Thunderbird mail/newsgroup client Name: thunderbird Version: 128.13.0 -Release: 3%{?dist} +Release: 3%{anolis_release}%{?dist} URL: http://www.mozilla.org/projects/thunderbird/ License: MPLv1.1 or GPLv2+ or LGPLv2+ @@ -157,6 +158,7 @@ ExcludeArch: %{ix86} %endif %endif %endif +ExcludeArch: loongarch64 # We can't use the official tarball as it contains some test files that use # licenses that are rejected by Red Hat Legal. @@ -170,7 +172,7 @@ Source1: thunderbird-langpacks-%{version}%{?pre_version}-20250723.tar.xz Source2: cbindgen-vendor.tar.xz Source3: process-official-tarball Source10: thunderbird-mozconfig -Source12: thunderbird-redhat-default-prefs.js +Source12: thunderbird-anolis-default-prefs.js.an8 Source20: thunderbird.desktop Source21: thunderbird.sh.in Source24: mozilla-api-key @@ -332,6 +334,7 @@ BuildRequires: zlib-devel BuildRequires: gcc-toolset-%{gts_version}-runtime BuildRequires: gcc-toolset-%{gts_version}-binutils BuildRequires: gcc-toolset-%{gts_version}-gcc +BuildRequires: gcc-toolset-%{gts_version}-gcc-c++ BuildRequires: gcc-toolset-%{gts_version}-gcc-plugin-annobin # Do not explicitly require gcc-toolset-%%{gts_version}-gcc-c++ instead fail # when clang is upgraded to depend on a later toolset and adjust version. @@ -1660,6 +1663,10 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || : #=============================================================================== %changelog +* Tue Aug 12 2025 Liwei Ge - 128.13.0-3.0.1 +- Rebrand to Anolis +- Remove loongarch64 arch(Zhao Hang) + * Wed Jul 23 2025 Eike Rathke - 128.13.0-3 - Update to 128.13.0 build3 -- Gitee