Bug 24541

Suggested advisory:
========================

The updated packages fix a bug in the calendar:

Can't create repeating event with end date when using certain time zones, for example Europe/Minsk.

References:
https://www.thunderbird.net/en-US/thunderbird/60.6.0/releasenotes/
========================

Updated packages in core/updates_testing:
========================
thunderbird-60.6.0-1.mga6
thunderbird-enigmail-60.6.0-1.mga6
thunderbird-ar-60.6.0-1.mga6
thunderbird-ast-60.6.0-1.mga6
thunderbird-be-60.6.0-1.mga6
thunderbird-bg-60.6.0-1.mga6
thunderbird-br-60.6.0-1.mga6
thunderbird-ca-60.6.0-1.mga6
thunderbird-cs-60.6.0-1.mga6
thunderbird-cy-60.6.0-1.mga6
thunderbird-da-60.6.0-1.mga6
thunderbird-de-60.6.0-1.mga6
thunderbird-el-60.6.0-1.mga6
thunderbird-en_GB-60.6.0-1.mga6
thunderbird-en_US-60.6.0-1.mga6
thunderbird-es_AR-60.6.0-1.mga6
thunderbird-es_ES-60.6.0-1.mga6
thunderbird-et-60.6.0-1.mga6
thunderbird-eu-60.6.0-1.mga6
thunderbird-fi-60.6.0-1.mga6
thunderbird-fr-60.6.0-1.mga6
thunderbird-fy_NL-60.6.0-1.mga6
thunderbird-ga_IE-60.6.0-1.mga6
thunderbird-gd-60.6.0-1.mga6
thunderbird-gl-60.6.0-1.mga6
thunderbird-he-60.6.0-1.mga6
thunderbird-hr-60.6.0-1.mga6
thunderbird-hsb-60.6.0-1.mga6
thunderbird-hu-60.6.0-1.mga6
thunderbird-hy_AM-60.6.0-1.mga6
thunderbird-id-60.6.0-1.mga6
thunderbird-is-60.6.0-1.mga6
thunderbird-it-60.6.0-1.mga6
thunderbird-ja-60.6.0-1.mga6
thunderbird-ko-60.6.0-1.mga6
thunderbird-lt-60.6.0-1.mga6
thunderbird-nb_NO-60.6.0-1.mga6
thunderbird-nl-60.6.0-1.mga6
thunderbird-nn_NO-60.6.0-1.mga6
thunderbird-pl-60.6.0-1.mga6
thunderbird-pt_BR-60.6.0-1.mga6
thunderbird-pt_PT-60.6.0-1.mga6
thunderbird-ro-60.6.0-1.mga6
thunderbird-ru-60.6.0-1.mga6
thunderbird-si-60.6.0-1.mga6
thunderbird-sk-60.6.0-1.mga6
thunderbird-sl-60.6.0-1.mga6
thunderbird-sq-60.6.0-1.mga6
thunderbird-sv_SE-60.6.0-1.mga6
thunderbird-tr-60.6.0-1.mga6
thunderbird-uk-60.6.0-1.mga6
thunderbird-vi-60.6.0-1.mga6
thunderbird-zh_CN-60.6.0-1.mga6
thunderbird-zh_TW-60.6.0-1.mga6

from SRPMS:
thunderbird-60.6.0-1.mga6.src.rpm
thunderbird-l10n-60.6.0-1.mga6.src.rpm

Source RPM: (none) => thunderbird, thunderbird-l10n
Assignee: bugsquad => qa-bugs
Status: NEW => ASSIGNED
Version: Cauldron => 6

64 bit thunderbird 60.6.0-1 incl swedish.
Simple tests = it works here;
Plasma, nvidia.
Shut down Thunderbird, upgraded, restarted, and saw my mail are still there and i can send using SMTP and retreive using offline IMAP like usual.

I have never used calendar, did not try it now either.

This system updates all to updates_testing.  Let it install, incl swedish translation.

CC: (none) => fri

64-bit Thunderbird, US English

Sent and received POP email, read newsgroup messages. All looked good.Have been using the same version in Cauldron for a couple of days or so, and it's good there, too.

I do not use the calendar, nor do I use enigmail, so I can't test those.

CC: (none) => andrewsfarm

mga6

Updated Thunderbird (GB English) on x86_64
POP3 account working as always, local folders all intact.
Set a calendar alarm and waited for it to trigger.  It came up on time.
Repeating date entries still on record.

OK for me.

CC: (none) => tarazed25

MGA6-32 MATE on IBM Thinkpad R50e
Installed thunderbird and thunderbird-nl overwriting a previous version
At CLI:
$ thunderbird 

(thunderbird:6127): Gtk-WARNING **: Theme parsing error: <data>:1:31: Expected ')' in color definition

(thunderbird:6127): Gtk-WARNING **: Theme parsing error: <data>:1:75: Expected ')' in color definition
alloc factor 0,900000 0,900000
alloc factor 0,900000 0,900000

Thunderbird opens normally, tested by sending and receiving simple mail and with attachments to/from other mail account on desktop PC.

OK for me.

CC: (none) => herman.viaene

on mga6-64  kernel-desktop  plasma

packages installed cleanly:
thunderbird-en_GB-60.6.0-1.mga6.noarch 
thunderbird-60.6.0-1.mga6.x86_64  

email (POP, SMTP):  OK
Calendar: OK
Address book: OK
Movemail: OK

I don't use enigmail or IMAP

looks OK for mga6-64

CC: (none) => jim

That should do it. Thanks, guys.

OKing and Validating. Suggested advisory in Comment 1.

Whiteboard: (none) => MGA6-32-OK MGA6-64-OK
Keywords: (none) => validated_update
CC: (none) => sysadmin-bugs

We should update this again to 60.6.1, with additional security fixes:
https://www.mozilla.org/en-US/security/advisories/mfsa2019-11/
https://www.mozilla.org/en-US/security/advisories/mfsa2019-12/

Summary: Thunderbird 60.6.0 => Thunderbird 60.6.1
Whiteboard: MGA6-32-OK MGA6-64-OK => (none)
Keywords: validated_update => (none)

There is also en update for enigmail: 2.0.10

Assignee: qa-bugs => nicolas.salguero

Fedora has issued an advisory for this today (March 29):
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/2LKJX4XFUISMUN6H4VQJY7MSG5SM7LGB/

Suggested advisory:
========================

The updated packages fix security vulnerabilities:

Use-after-free when removing in-use DOM elements. (CVE-2019-9790)

Type inference is incorrect for constructors entered through on-stack replacement with IonMonkey. (CVE-2019-9791)

IonMonkey leaks JS_OPTIMIZED_OUT magic value to script. (CVE-2019-9792)

Improper bounds checks when Spectre mitigations are disabled. (CVE-2019-9793)

Command line arguments not discarded during execution. (CVE-2019-9794)

Type-confusion in IonMonkey JIT compiler. (CVE-2019-9795)

Use-after-free with SMIL animation controller. (CVE-2019-9796)

Windows programs that are not 'URL Handlers' are exposed to web content. (CVE-2019-9801)

Proxy Auto-Configuration file can define localhost access to be proxied. (CVE-2018-18506)

Memory safety bugs fixed in Firefox 66, Firefox ESR 60.6, and Thunderbird 60.6. (CVE-2019-9788)

IonMonkey MArraySlice has incorrect alias information. (CVE-2019-9810)

Ionmonkey type confusion with __proto__ mutations. (CVE-2019-9813)

References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9790
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9791
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9792
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9793
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9794
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9795
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9796
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9801
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18506
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9788
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9810
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9813
https://www.mozilla.org/en-US/security/advisories/mfsa2019-11/
https://www.mozilla.org/en-US/security/advisories/mfsa2019-12/
https://www.thunderbird.net/en-US/thunderbird/60.6.0/releasenotes/
https://www.thunderbird.net/en-US/thunderbird/60.6.1/releasenotes/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/2LKJX4XFUISMUN6H4VQJY7MSG5SM7LGB/
========================

Updated packages in core/updates_testing:
========================
thunderbird-60.6.1-1.mga6
thunderbird-enigmail-60.6.1-1.mga6
thunderbird-ar-60.6.1-1.mga6
thunderbird-ast-60.6.1-1.mga6
thunderbird-be-60.6.1-1.mga6
thunderbird-bg-60.6.1-1.mga6
thunderbird-br-60.6.1-1.mga6
thunderbird-ca-60.6.1-1.mga6
thunderbird-cs-60.6.1-1.mga6
thunderbird-cy-60.6.1-1.mga6
thunderbird-da-60.6.1-1.mga6
thunderbird-de-60.6.1-1.mga6
thunderbird-el-60.6.1-1.mga6
thunderbird-en_GB-60.6.1-1.mga6
thunderbird-en_US-60.6.1-1.mga6
thunderbird-es_AR-60.6.1-1.mga6
thunderbird-es_ES-60.6.1-1.mga6
thunderbird-et-60.6.1-1.mga6
thunderbird-eu-60.6.1-1.mga6
thunderbird-fi-60.6.1-1.mga6
thunderbird-fr-60.6.1-1.mga6
thunderbird-fy_NL-60.6.1-1.mga6
thunderbird-ga_IE-60.6.1-1.mga6
thunderbird-gd-60.6.1-1.mga6
thunderbird-gl-60.6.1-1.mga6
thunderbird-he-60.6.1-1.mga6
thunderbird-hr-60.6.1-1.mga6
thunderbird-hsb-60.6.1-1.mga6
thunderbird-hu-60.6.1-1.mga6
thunderbird-hy_AM-60.6.1-1.mga6
thunderbird-id-60.6.1-1.mga6
thunderbird-is-60.6.1-1.mga6
thunderbird-it-60.6.1-1.mga6
thunderbird-ja-60.6.1-1.mga6
thunderbird-ko-60.6.1-1.mga6
thunderbird-lt-60.6.1-1.mga6
thunderbird-nb_NO-60.6.1-1.mga6
thunderbird-nl-60.6.1-1.mga6
thunderbird-nn_NO-60.6.1-1.mga6
thunderbird-pl-60.6.1-1.mga6
thunderbird-pt_BR-60.6.1-1.mga6
thunderbird-pt_PT-60.6.1-1.mga6
thunderbird-ro-60.6.1-1.mga6
thunderbird-ru-60.6.1-1.mga6
thunderbird-si-60.6.1-1.mga6
thunderbird-sk-60.6.1-1.mga6
thunderbird-sl-60.6.1-1.mga6
thunderbird-sq-60.6.1-1.mga6
thunderbird-sv_SE-60.6.1-1.mga6
thunderbird-tr-60.6.1-1.mga6
thunderbird-uk-60.6.1-1.mga6
thunderbird-vi-60.6.1-1.mga6
thunderbird-zh_CN-60.6.1-1.mga6
thunderbird-zh_TW-60.6.1-1.mga6

from SRPMS:
thunderbird-60.6.1-1.mga6.src.rpm
thunderbird-l10n-60.6.1-1.mga6.src.rpm

Assignee: nicolas.salguero => qa-bugs

Tested 60.6.1 with a 32 bits Fujitsu laptop, in portuguese and with enigmail.

All is working.

CC: (none) => lists.jjorge
Whiteboard: (none) => MGA6-32-OK

Simple tests = it works here;
64 bit thunderbird 60.6.i-1 incl swedish. Plasma, nvidia.
This system updates all to updates_testing.

Shut down Thunderbird, upgraded, restarted, and saw my mail are still there and i can send using SMTP and retreive using offline IMAP like usual.

I have never used calendar nor enigmail, did not try it now either.

mga6, x86_64

Latest Thunderbird working here.  Calendar looks OK - alle evts preserved.  tested a reminder alarm.  That was OK.

Installed this with the US-English language pack. sent and received POP mail, and received newsgroup messages. I too don't use enigmail or the calendar.

Looks good here - moving it on.

Keywords: (none) => validated_update
Whiteboard: MGA6-32-OK => MGA6-32-OK MGA6-64-OK

An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2019-0129.html

Status: ASSIGNED => RESOLVED
Resolution: (none) => FIXED