diff --git a/.gitignore b/.gitignore
index f21299a..46b2346 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,5 +1,5 @@
SOURCES/cbindgen-vendor.tar.xz
SOURCES/nspr-4.32.0-1.el8_1.src.rpm
SOURCES/nss-3.67.0-7.el8_1.src.rpm
-SOURCES/thunderbird-91.4.0.processed-source.tar.xz
-SOURCES/thunderbird-langpacks-91.4.0-20211201.tar.xz
+SOURCES/thunderbird-91.7.0.processed-source.tar.xz
+SOURCES/thunderbird-langpacks-91.7.0-20220308.tar.xz
diff --git a/.thunderbird.metadata b/.thunderbird.metadata
index ed9b29e..53e4f08 100644
--- a/.thunderbird.metadata
+++ b/.thunderbird.metadata
@@ -1,5 +1,5 @@
c822547dbc12e2baebdfdfb38b665e23f0c2513a SOURCES/cbindgen-vendor.tar.xz
b5fd1332d8e0d37339ae170c7bebcb63a40b22e0 SOURCES/nspr-4.32.0-1.el8_1.src.rpm
8fff814901e03c2518ede2f8992d898f5ba61ed9 SOURCES/nss-3.67.0-7.el8_1.src.rpm
-d24c56caa08e29c90b8e1872fa94d7413218b347 SOURCES/thunderbird-91.4.0.processed-source.tar.xz
-b31f3a5df2446bf64e16ffe88b0bb5e0e981249e SOURCES/thunderbird-langpacks-91.4.0-20211201.tar.xz
+0d9dea815661a0ad101d2fd758be855a542f2797 SOURCES/thunderbird-91.7.0.processed-source.tar.xz
+eab467b27d7ff768518cbb6ee38cc8b1ab793920 SOURCES/thunderbird-langpacks-91.7.0-20220308.tar.xz
diff --git a/SOURCES/expat-CVE-2022-25235.patch b/SOURCES/expat-CVE-2022-25235.patch
new file mode 100644
index 0000000..ac495b1
--- /dev/null
+++ b/SOURCES/expat-CVE-2022-25235.patch
@@ -0,0 +1,49 @@
+diff -up thunderbird-91.7.0/parser/expat/lib/xmltok.c.expat-CVE-2022-25235 thunderbird-91.7.0/parser/expat/lib/xmltok.c
+--- thunderbird-91.7.0/parser/expat/lib/xmltok.c.expat-CVE-2022-25235 2022-03-02 17:57:38.364361168 +0100
++++ thunderbird-91.7.0/parser/expat/lib/xmltok.c 2022-03-02 17:58:22.235512399 +0100
+@@ -65,13 +65,6 @@
+ + ((((byte)[2]) >> 5) & 1)] \
+ & (1u << (((byte)[2]) & 0x1F)))
+
+-#define UTF8_GET_NAMING(pages, p, n) \
+- ((n) == 2 \
+- ? UTF8_GET_NAMING2(pages, (const unsigned char *)(p)) \
+- : ((n) == 3 \
+- ? UTF8_GET_NAMING3(pages, (const unsigned char *)(p)) \
+- : 0))
+-
+ /* Detection of invalid UTF-8 sequences is based on Table 3.1B
+ of Unicode 3.2: http://www.unicode.org/unicode/reports/tr28/
+ with the additional restriction of not allowing the Unicode
+diff -up thunderbird-91.7.0/parser/expat/lib/xmltok_impl.c.expat-CVE-2022-25235 thunderbird-91.7.0/parser/expat/lib/xmltok_impl.c
+--- thunderbird-91.7.0/parser/expat/lib/xmltok_impl.c.expat-CVE-2022-25235 2022-03-02 17:57:38.365361172 +0100
++++ thunderbird-91.7.0/parser/expat/lib/xmltok_impl.c 2022-03-02 18:04:51.240853247 +0100
+@@ -34,7 +34,7 @@
+ case BT_LEAD ## n: \
+ if (end - ptr < n) \
+ return XML_TOK_PARTIAL_CHAR; \
+- if (!IS_NAME_CHAR(enc, ptr, n)) { \
++ if (IS_INVALID_CHAR(enc, ptr, n) || ! IS_NAME_CHAR(enc, ptr, n)) { \
+ *nextTokPtr = ptr; \
+ return XML_TOK_INVALID; \
+ } \
+@@ -62,7 +62,7 @@
+ case BT_LEAD ## n: \
+ if (end - ptr < n) \
+ return XML_TOK_PARTIAL_CHAR; \
+- if (!IS_NMSTRT_CHAR(enc, ptr, n)) { \
++ if (IS_INVALID_CHAR(enc, ptr, n) || ! IS_NMSTRT_CHAR(enc, ptr, n)) { \
+ *nextTokPtr = ptr; \
+ return XML_TOK_INVALID; \
+ } \
+@@ -1090,6 +1090,10 @@ PREFIX(prologTok)(const ENCODING *enc, c
+ case BT_LEAD ## n: \
+ if (end - ptr < n) \
+ return XML_TOK_PARTIAL_CHAR; \
++ if (IS_INVALID_CHAR(enc, ptr, n)) { \
++ *nextTokPtr = ptr; \
++ return XML_TOK_INVALID; \
++ } \
+ if (IS_NMSTRT_CHAR(enc, ptr, n)) { \
+ ptr += n; \
+ tok = XML_TOK_NAME; \
diff --git a/SOURCES/expat-CVE-2022-25236.patch b/SOURCES/expat-CVE-2022-25236.patch
new file mode 100644
index 0000000..84cafd2
--- /dev/null
+++ b/SOURCES/expat-CVE-2022-25236.patch
@@ -0,0 +1,40 @@
+diff -up thunderbird-91.7.0/parser/expat/lib/xmlparse.c.expat-CVE-2022-25236 thunderbird-91.7.0/parser/expat/lib/xmlparse.c
+--- thunderbird-91.7.0/parser/expat/lib/xmlparse.c.expat-CVE-2022-25236 2022-03-02 18:08:40.085642028 +0100
++++ thunderbird-91.7.0/parser/expat/lib/xmlparse.c 2022-03-02 18:13:31.838667958 +0100
+@@ -700,8 +700,7 @@ XML_ParserCreate(const XML_Char *encodin
+ XML_Parser XMLCALL
+ XML_ParserCreateNS(const XML_Char *encodingName, XML_Char nsSep)
+ {
+- XML_Char tmp[2];
+- *tmp = nsSep;
++ XML_Char tmp[2] = {nsSep, 0};
+ return XML_ParserCreate_MM(encodingName, NULL, tmp);
+ }
+ #endif
+@@ -1276,8 +1275,7 @@ XML_ExternalEntityParserCreate(XML_Parse
+ would be otherwise.
+ */
+ if (ns) {
+- XML_Char tmp[2];
+- *tmp = namespaceSeparator;
++ XML_Char tmp[2] = {parser->m_namespaceSeparator, 0};
+ parser = parserCreate(encodingName, &parser->m_mem, tmp, newDtd);
+ }
+ else {
+@@ -3667,6 +3665,16 @@ addBinding(XML_Parser parser, PREFIX *pr
+ if (!mustBeXML && isXMLNS
+ && (len > xmlnsLen || uri[len] != xmlnsNamespace[len]))
+ isXMLNS = XML_FALSE;
++ // NOTE: While Expat does not validate namespace URIs against RFC 3986,
++ // we have to at least make sure that the XML processor on top of
++ // Expat (that is splitting tag names by namespace separator into
++ // 2- or 3-tuples (uri-local or uri-local-prefix)) cannot be confused
++ // by an attacker putting additional namespace separator characters
++ // into namespace declarations. That would be ambiguous and not to
++ // be expected.
++ if (parser->m_ns && (uri[len] == parser->m_namespaceSeparator)) {
++ return XML_ERROR_SYNTAX;
++ }
+ }
+ isXML = isXML && len == xmlLen;
+ isXMLNS = isXMLNS && len == xmlnsLen;
diff --git a/SOURCES/expat-CVE-2022-25315.patch b/SOURCES/expat-CVE-2022-25315.patch
new file mode 100644
index 0000000..4d4efb7
--- /dev/null
+++ b/SOURCES/expat-CVE-2022-25315.patch
@@ -0,0 +1,24 @@
+diff -up thunderbird-91.7.0/parser/expat/lib/xmlparse.c.expat-CVE-2022-25315 thunderbird-91.7.0/parser/expat/lib/xmlparse.c
+--- thunderbird-91.7.0/parser/expat/lib/xmlparse.c.expat-CVE-2022-25315 2022-03-02 18:17:50.966583254 +0100
++++ thunderbird-91.7.0/parser/expat/lib/xmlparse.c 2022-03-02 18:19:27.636924735 +0100
+@@ -2479,6 +2479,7 @@ storeRawNames(XML_Parser parser)
+ while (tag) {
+ int bufSize;
+ int nameLen = sizeof(XML_Char) * (tag->name.strLen + 1);
++ size_t rawNameLen;
+ char *rawNameBuf = tag->buf + nameLen;
+ /* Stop if already stored. Since tagStack is a stack, we can stop
+ at the first entry that has already been copied; everything
+@@ -2490,7 +2491,11 @@ storeRawNames(XML_Parser parser)
+ /* For re-use purposes we need to ensure that the
+ size of tag->buf is a multiple of sizeof(XML_Char).
+ */
+- bufSize = nameLen + ROUND_UP(tag->rawNameLength, sizeof(XML_Char));
++ rawNameLen = ROUND_UP(tag->rawNameLength, sizeof(XML_Char));
++ /* Detect and prevent integer overflow. */
++ if (rawNameLen > (size_t)INT_MAX - nameLen)
++ return XML_FALSE;
++ bufSize = nameLen + (int)rawNameLen;
+ if (bufSize > tag->bufEnd - tag->buf) {
+ char *temp = (char *)REALLOC(tag->buf, bufSize);
+ if (temp == NULL)
diff --git a/SPECS/thunderbird.spec b/SPECS/thunderbird.spec
index ffa993f..2294f33 100644
--- a/SPECS/thunderbird.spec
+++ b/SPECS/thunderbird.spec
@@ -128,8 +128,8 @@ end}
%global build_langpacks 1
Summary: Mozilla Thunderbird mail/newsgroup client
Name: thunderbird
-Version: 91.4.0
-Release: 1%{?dist}
+Version: 91.7.0
+Release: 2%{?dist}
URL: http://www.mozilla.org/projects/thunderbird/
License: MPLv1.1 or GPLv2+ or LGPLv2+
Group: Applications/Internet
@@ -138,10 +138,14 @@ Group: Applications/Internet
ExcludeArch: %{ix86}
%endif
%if 0%{?rhel} == 8
+ %if %{rhel_minor_version} == 1
+ExcludeArch: %{ix86} aarch64 s390x
+ %else
ExcludeArch: %{ix86}
+ %endif
%endif
%if 0%{?rhel} == 7
-ExcludeArch: s390 ppc
+ExcludeArch: aarch64 s390 ppc
%endif
# We can't use the official tarball as it contains some test files that use
@@ -151,7 +155,7 @@ ExcludeArch: s390 ppc
# Link to official tarball: https://archive.mozilla.org/pub/thunderbird/releases/%%{version}%%{?pre_version}/source/thunderbird-%%{version}%%{?pre_version}.source.tar.xz
Source0: thunderbird-%{version}%{?pre_version}.processed-source.tar.xz
%if %{build_langpacks}
-Source1: thunderbird-langpacks-%{version}%{?ext_version}-20211201.tar.xz
+Source1: thunderbird-langpacks-%{version}%{?ext_version}-20220308.tar.xz
%endif
Source2: cbindgen-vendor.tar.xz
Source3: get-calendar-langpacks.sh
@@ -199,6 +203,9 @@ Patch512: mozilla-bmo849632.patch
Patch513: mozilla-bmo998749.patch
Patch514: mozilla-s390x-skia-gradient.patch
Patch515: mozilla-bmo1626236.patch
+Patch516: expat-CVE-2022-25235.patch
+Patch517: expat-CVE-2022-25236.patch
+Patch518: expat-CVE-2022-25315.patch
%if %{?system_nss}
%if !0%{?bundle_nss}
@@ -425,6 +432,9 @@ echo "use_rustts %{?use_rustts}"
%patch513 -p1 -b .mozilla-bmo998749
%patch514 -p1 -b .mozilla-s390x-skia-gradient
%patch515 -p1 -b .mozilla-bmo1626236
+%patch516 -p1 -b .expat-CVE-2022-25235
+%patch517 -p1 -b .expat-CVE-2022-25236
+%patch518 -p1 -b .expat-CVE-2022-25315
%patch237 -p1 -b .disable-openpgp-in-thunderbird
@@ -630,7 +640,7 @@ function build_bundled_package() {
echo $PKG_CONFIG_PATH
rpm -ivh %{SOURCE403}
- rpmbuild --nodeps --define '_prefix %{bundled_install_path}' -ba %{_specdir}/nss.spec
+ rpmbuild --nodeps --define '_prefix %{bundled_install_path}' --without=tests -ba %{_specdir}/nss.spec
pushd %{_buildrootdir}
#cleanup
#rm -rf {_buildrootdir}/usr/lib/debug/*
@@ -865,9 +875,9 @@ ls %{_buildrootdir}
export MACH_USE_SYSTEM_PYTHON=1
%if 0%{?use_llvmts}
#scl enable llvm-toolset-%{llvm_version} './mach build -v'
- ./mach build -v
+ ./mach build -v || exit 1
%else
- ./mach build -v
+ ./mach build -v || exit 1
%endif
# Look for the reason we get: /usr/lib/rpm/debugedit: canonicalization unexpectedly shrank by one character
readelf -wl objdir/dist/bin/libxul.so | grep "/"
@@ -1019,47 +1029,10 @@ rm -rf %{_prefix}/lib/debug/lib64/%{name}-devel-*
#
# See http://www.freedesktop.org/software/appstream/docs/ for more details.
#
-%{__mkdir_p} %{buildroot}%{_datadir}/appdata
-cat > %{buildroot}%{_datadir}/appdata/%{name}.appdata.xml <<EOF
-<?xml version="1.0" encoding="UTF-8"?>
-<!-- Copyright 2014 Richard Hughes <richard@hughsie.com> -->
-<!--
-BugReportURL: https://bugzilla.mozilla.org/show_bug.cgi?id=1071065
-SentUpstream: 2014-09-22
--->
-<application>
- <id type="desktop">mozilla-thunderbird.desktop</id>
- <metadata_license>CC0-1.0</metadata_license>
- <project_license>MPLv1.1 or GPLv2+ or LGPLv2+</project_license>
- <description>
- <p>
- Thunderbird is an email client that allows you to read, write and organise all
- of your email messages. It is compatible with most email accounts, including the
- most popular webmail services.
- </p>
- <p>
- Thunderbird is designed by Mozilla, a global community working together to make
- the Internet better. Mozilla believe that the Internet should be open, public,
- and accessible to everyone without any restrictions.
- </p>
- <ul>
- <li>Easier than ever to set up a new e-mail account</li>
- <li>Awesome search allows you to find your messages fast</li>
- <li>Thousands of add-ons give you the freedom to make Thunderbird your own</li>
- </ul>
- </description>
- <url type="homepage">http://www.mozilla.org/thunderbird/</url>
- <screenshots>
- <screenshot type="default">https://raw.githubusercontent.com/hughsie/fedora-appstream/master/screenshots-extra/mozilla-thunderbird/a.png</screenshot>
- </screenshots>
- <releases>
- <release version="%{version}" date="$(date '+%F')"/>
- </releases>
- <!-- FIXME: change this to an upstream email address for spec updates
- <updatecontact>someone_who_cares@upstream_project.org</updatecontact>
- -->
-</application>
-EOF
+
+# Register as an application to be visible in the software center
+mkdir -p $RPM_BUILD_ROOT%{_datadir}/appdata
+%{__cp} -p comm/mail/branding/%{name}/net.thunderbird.Thunderbird.appdata.xml $RPM_BUILD_ROOT%{_datadir}/appdata/thunderbird.appdata.xml
#---------------------------------------------------------------------
@@ -1151,6 +1124,21 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || :
#===============================================================================
%changelog
+* Tue Mar 08 2022 Eike Rathke <erack@redhat.com> - 91.7.0-2
+- Update to 91.7.0 build2
+
+* Thu Mar 03 2022 Eike Rathke <erack@redhat.com> - 91.7.0-1
+- Update to 91.7.0 build1
+
+* Mon Feb 07 2022 Eike Rathke <erack@redhat.com> - 91.6.0-1
+- Update to 91.6.0 build1
+
+* Fri Jan 07 2022 Eike Rathke <erack@redhat.com> - 91.5.0-1
+- Update to 91.5.0 build1
+
+* Mon Dec 06 2021 Eike Rathke <erack@redhat.com> - 91.4.0-2
+- Update to 91.4.0 build2
+
* Wed Dec 01 2021 Eike Rathke <erack@redhat.com> - 91.4.0-1
- Update to 91.4.0 build1