New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
thunderbird, thunderbird-bin: 68.10.0 -> 78.0 [High security fixes] #93227
Conversation
06d00e3
to
fd5e9c4
Compare
Can we avoid backporting this at least until PGP support gets implemented (likely 78.2)? As release notes say "At this time, users of the Enigmail Add-on should not update to Thunderbird 78", and I personally depend on Enigmail. |
I agree. AFAIK it doesn't auto-upgrade yet (e.g. the Windows version, I mean). I expect 68 will be supported and default at least until this stuff is resolved upstream. |
1cead24
to
6b56880
Compare
Now expressions for both 68 (default) and 78 (with suffix) are available. |
LGTM. Did a quick run-test on Result of 3 packages built:- thunderbird - thunderbird-78 - thunderbird-bin-78 |
|
||
"--disable-gconf" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can we mention somewhere why these options were removed? (in the commit message perhaps)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Updated the commit message.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
-icu
was there twice. For the rest I can't see them referenced in the output, so I assume the flags being unsupported means that thunderbird now always bundles those dependencies :-/ I expect we should remove them from build inputs (some time).
- Updated the version and the source hash. - Removed unsupported options. - Updated the patch. - Tweaked dependencies; 78 requires newer versions.
70a326c
to
379d978
Compare
Is Thunderbird 78.1 coming? https://www.mozilla.org/en-US/security/advisories/mfsa2020-33/ |
I saw it yesterday accidentally (when looking at NSS stuff), but I still can't see any release notes or tarballs even now. |
Still not suitable for default.
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Both seem to work for me, but so far I haven't been brave enough to start that enigmail migration wizard.
Well, one of the extensions I've been using isn't compatible, but such things aren't really a surprise. |
I have and it didn't work. Exported my private key and it's a 2048 bit RSA key, 260kB in size, I get an error when trying to import it manually. Specifically I'm running into https://bugzilla.mozilla.org/show_bug.cgi?id=1654894. |
FYI |
Motivation for this change
https://www.mozilla.org/en-US/security/advisories/mfsa2020-29/
https://www.thunderbird.net/en-US/thunderbird/78.0/releasenotes/
Things done
sandbox
innix.conf
on non-NixOS linux)nix-shell -p nixpkgs-review --run "nixpkgs-review wip"
./result/bin/
)nix path-info -S
before and after)