Content-Transfer-Encoding: 7bit
Content-Type: multipart/mixed; boundary="_----------=_151681194226080"
MIME-Version: 1.0
Date: Wed, 24 Jan 2018 16:39:02 +0000
From: "Ryo ONODERA" <ryoon@netbsd.org>
Subject: CVS commit: pkgsrc/mail/thunderbird
To: pkgsrc-changes@NetBSD.org
Reply-To: ryoon@netbsd.org
Message-Id: <20180124163902.C8351FBDE@cvs.NetBSD.org>
Sender: pkgsrc-changes-owner@NetBSD.org
Precedence: bulk

This is a multi-part message in MIME format.

--_----------=_151681194226080
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset="US-ASCII"

Module Name:	pkgsrc
Committed By:	ryoon
Date:		Wed Jan 24 16:39:02 UTC 2018

Modified Files:
	pkgsrc/mail/thunderbird: Makefile distinfo

Log Message:
Update to 52.5.2

Changelog:
Fix
 This releases fixes the "Mailsploit" vulnerability and other vulnerabilities
 detected by the "Cure53" audit. For details and various other security
 fixes see here.

CVE-2017-7845: Buffer overflow when drawing and validating elements with
  ANGLE library using Direct 3D 9
CVE-2017-7846: JavaScript Execution via RSS in mailbox:// origin
CVE-2017-7847: Local path string can be leaked from RSS feed
CVE-2017-7848: RSS Feed vulnerable to new line Injection
CVE-2017-7829: Mailsploit part 1: From address with encoded null character
  is cut off in message header display


To generate a diff of this commit:
cvs rdiff -u -r1.200 -r1.201 pkgsrc/mail/thunderbird/Makefile
cvs rdiff -u -r1.194 -r1.195 pkgsrc/mail/thunderbird/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


--_----------=_151681194226080
Content-Disposition: inline
Content-Length: 2115
Content-Transfer-Encoding: binary
Content-Type: text/x-diff; charset=us-ascii

Modified files:

Index: pkgsrc/mail/thunderbird/Makefile
diff -u pkgsrc/mail/thunderbird/Makefile:1.200 pkgsrc/mail/thunderbird/Makefile:1.201
--- pkgsrc/mail/thunderbird/Makefile:1.200	Mon Nov 27 23:36:39 2017
+++ pkgsrc/mail/thunderbird/Makefile	Wed Jan 24 16:39:02 2018
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.200 2017/11/27 23:36:39 ryoon Exp $
+# $NetBSD: Makefile,v 1.201 2018/01/24 16:39:02 ryoon Exp $
 
 DISTNAME=	thunderbird-${TB_VER}.source
 PKGNAME=	thunderbird-${TB_VER}
-TB_VER=		52.5.0
+TB_VER=		52.5.2
 CATEGORIES=	mail
 MASTER_SITES=	${MASTER_SITE_MOZILLA:=thunderbird/releases/${TB_VER}/source/}
 EXTRACT_SUFX=	.tar.xz

Index: pkgsrc/mail/thunderbird/distinfo
diff -u pkgsrc/mail/thunderbird/distinfo:1.194 pkgsrc/mail/thunderbird/distinfo:1.195
--- pkgsrc/mail/thunderbird/distinfo:1.194	Mon Nov 27 23:36:39 2017
+++ pkgsrc/mail/thunderbird/distinfo	Wed Jan 24 16:39:02 2018
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.194 2017/11/27 23:36:39 ryoon Exp $
+$NetBSD: distinfo,v 1.195 2018/01/24 16:39:02 ryoon Exp $
 
-SHA1 (thunderbird-52.5.0.source.tar.xz) = c06e4ba0bf2a8bdcc3daca4b71e9d455aaa9ce7d
-RMD160 (thunderbird-52.5.0.source.tar.xz) = aff0a4113a56406d3de5c608c2a1ed57fdd6c339
-SHA512 (thunderbird-52.5.0.source.tar.xz) = b9b599e5853887bd518e5a57f6fd04751bb78f553f97b260cd9ba7268c4cff307be40b81b00f1320f5a5156e5c67115595b2d389f931c265d0c3448f56fb8319
-Size (thunderbird-52.5.0.source.tar.xz) = 230282080 bytes
+SHA1 (thunderbird-52.5.2.source.tar.xz) = 7d723c07e1a0800a0fef30ad2bea8c2be143292a
+RMD160 (thunderbird-52.5.2.source.tar.xz) = d1fcd567cf773996693de3da8228ad465f1ce42d
+SHA512 (thunderbird-52.5.2.source.tar.xz) = d626d3d37959539b15b5d2ae4a580fcc160380974bfc1a69a1fc8ff2435932e90a69fa386d5ecb6721d9154603c6b7d063e3368f6f995fea057eb593c06ef4ff
+Size (thunderbird-52.5.2.source.tar.xz) = 230369636 bytes
 SHA1 (patch-calendar_lightning_Makefile.in) = 02a1528f2da82f1d4ff4931a7d7dc8227b7fa9f2
 SHA1 (patch-calendar_lightning_build_universal.mk) = 86dc2c6b4f9feb835570111078aa5d08a389d0da
 SHA1 (patch-calendar_providers_gdata_Makefile.in) = 0e90ddc9aecc817b0b150bbc37d23ddec97b093e


--_----------=_151681194226080--