mozjs128/mozjs128.changes

-------------------------------------------------------------------
Mon Nov  4 10:37:43 UTC 2024 - Bjørn Lie <bjorn.lie@gmail.com>

- Update to version 128.4.0:
  + CVE-2024-10458: Permission leak via embed or object elements
  + CVE-2024-10459: Use-after-free in layout with accessibility
  + CVE-2024-10460: Confusing display of origin for external
    protocol handler prompt
  + CVE-2024-10461: XSS due to Content-Disposition being ignored in
    multipart/x-mixed-replace response
  + CVE-2024-10462: Origin of permission prompt could be spoofed by
    long URL
  + CVE-2024-10463: Cross origin video frame leak
  + CVE-2024-10464: History interface could have been used to cause
    a Denial of Service condition in the browser
  + CVE-2024-10465: Clipboard "paste" button persisted across tabs
  + CVE-2024-10466: DOM push subscription message could hang
    Firefox
  + CVE-2024-10467: Memory safety bugs fixed in Firefox 132,
    Thunderbird 132, Firefox ESR 128.4, and Thunderbird 128.4

-------------------------------------------------------------------
Thu Oct 10 16:26:33 UTC 2024 - Bjørn Lie <bjorn.lie@gmail.com>

- Update to version 128.3.1:
  * CVE-2024-9680: Use-after-free in Animation timeline
- Changes from version 128.3.0:
  * CVE-2024-9392: Compromised content process can bypass site
    isolation
  * CVE-2024-9393: Cross-origin access to PDF contents through
    multipart responses
  * CVE-2024-9394: Cross-origin access to JSON contents through
    multipart responses
  * CVE-2024-8900: Clipboard write permission bypass
  * CVE-2024-9396: Potential memory corruption may occur when
    cloning certain objects
  * CVE-2024-9397: Potential directory upload bypass via
    clickjacking
  * CVE-2024-9398: External protocol handlers could be enumerated
    via popups
  * CVE-2024-9399: Specially crafted WebTransport requests could
    lead to denial of service
  * CVE-2024-9400: Potential memory corruption during JIT
    compilation
  * CVE-2024-9401: Memory safety bugs fixed in Firefox 131, Firefox
    ESR 115.16, Firefox ESR 128.3, Thunderbird 131, and Thunderbird
    128.3
  * CVE-2024-9402: Memory safety bugs fixed in Firefox 131, Firefox
    ESR 128.3, Thunderbird 131, and Thunderbird 128.3

-------------------------------------------------------------------
Mon Sep 30 17:35:18 UTC 2024 - Cliff Zhao <qzhao@suse.com>

- Add mozjs128-CVE-2024-45492.patch:
  Backporting 9bf0f2c1 from libexpat upstream, Detect integer
  overflow in function nextScaffoldPart.
  (CVE-2024-45492, bsc#1230038)

-------------------------------------------------------------------
Mon Sep 30 17:25:22 UTC 2024 - Cliff Zhao <qzhao@suse.com>

- Add mozjs128-CVE-2024-45491.patch:
  Backporting 8e439a99 from libexpat upstream, Detect integer
  overflow in dtdCopy.
  (CVE-2024-45491, bsc#1230037)

-------------------------------------------------------------------
Mon Sep 30 17:15:45 UTC 2024 - Cliff Zhao <qzhao@suse.com>

- Add mozjs128-CVE-2024-45490-part01-5c1a3164.patch:
  Backporting 5c1a3164 from libexpat upstream, Reject negative len
  for XML_ParseBuffer.
  CVE-2024-45490's fixes including 3 parts: 5c1a3164 for libexpat
  sources; c12f039b for libexpat tests; 2db23301 for libexpat docs;
  Because mozjs only embeds libexpat sources, so unnecessary to
  port prart02 and part03.
  (CVE-2024-45490, bsc#1230036)

-------------------------------------------------------------------
Wed Sep 25 14:02:27 UTC 2024 - Bjørn Lie <bjorn.lie@gmail.com>

- Update to version 128.2.0:
  + CVE-2024-8385: WASM type confusion involving ArrayTypes
  + CVE-2024-8381: Type confusion when looking up a property name
    in a "with" block
  + CVE-2024-8382: Internal event interfaces were exposed to web
    content when browser EventHandler listener callbacks ran
  + CVE-2024-8383: Firefox did not ask before openings news: links
    in an external application
  + CVE-2024-8384: Garbage collection could mis-color
    cross-compartment objects in OOM conditions
  + CVE-2024-8386: SelectElements could be shown over another site
    if popups are allowed
  + CVE-2024-8387: Memory safety bugs fixed in Firefox 130,
    Firefox ESR 128.2, and Thunderbird 128.2
- Drop 0001-Skip-failing-tests-on-ppc64-and-s390x.patch: Fixed
  upstream.

-------------------------------------------------------------------
Fri Aug 30 07:07:05 UTC 2024 - Bjørn Lie <bjorn.lie@gmail.com>

- Initial build for openSUSE.
Sync from SUSE:SLFO:Main mozjs128 revision bd2739d04598be6724dba1a7c20d1d1c 2024-11-12 12:30:48 +01:00			`-------------------------------------------------------------------`
			`Mon Nov 4 10:37:43 UTC 2024 - Bjørn Lie <bjorn.lie@gmail.com>`

			`- Update to version 128.4.0:`
			`+ CVE-2024-10458: Permission leak via embed or object elements`
			`+ CVE-2024-10459: Use-after-free in layout with accessibility`
			`+ CVE-2024-10460: Confusing display of origin for external`
			`protocol handler prompt`
			`+ CVE-2024-10461: XSS due to Content-Disposition being ignored in`
			`multipart/x-mixed-replace response`
			`+ CVE-2024-10462: Origin of permission prompt could be spoofed by`
			`long URL`
			`+ CVE-2024-10463: Cross origin video frame leak`
			`+ CVE-2024-10464: History interface could have been used to cause`
			`a Denial of Service condition in the browser`
			`+ CVE-2024-10465: Clipboard "paste" button persisted across tabs`
			`+ CVE-2024-10466: DOM push subscription message could hang`
			`Firefox`
			`+ CVE-2024-10467: Memory safety bugs fixed in Firefox 132,`
			`Thunderbird 132, Firefox ESR 128.4, and Thunderbird 128.4`

			`-------------------------------------------------------------------`
			`Thu Oct 10 16:26:33 UTC 2024 - Bjørn Lie <bjorn.lie@gmail.com>`

			`- Update to version 128.3.1:`
			`* CVE-2024-9680: Use-after-free in Animation timeline`
			`- Changes from version 128.3.0:`
			`* CVE-2024-9392: Compromised content process can bypass site`
			`isolation`
			`* CVE-2024-9393: Cross-origin access to PDF contents through`
			`multipart responses`
			`* CVE-2024-9394: Cross-origin access to JSON contents through`
			`multipart responses`
			`* CVE-2024-8900: Clipboard write permission bypass`
			`* CVE-2024-9396: Potential memory corruption may occur when`
			`cloning certain objects`
			`* CVE-2024-9397: Potential directory upload bypass via`
			`clickjacking`
			`* CVE-2024-9398: External protocol handlers could be enumerated`
			`via popups`
			`* CVE-2024-9399: Specially crafted WebTransport requests could`
			`lead to denial of service`
			`* CVE-2024-9400: Potential memory corruption during JIT`
			`compilation`
			`* CVE-2024-9401: Memory safety bugs fixed in Firefox 131, Firefox`
			`ESR 115.16, Firefox ESR 128.3, Thunderbird 131, and Thunderbird`
			`128.3`
			`* CVE-2024-9402: Memory safety bugs fixed in Firefox 131, Firefox`
			`ESR 128.3, Thunderbird 131, and Thunderbird 128.3`

			`-------------------------------------------------------------------`
			`Mon Sep 30 17:35:18 UTC 2024 - Cliff Zhao <qzhao@suse.com>`

			`- Add mozjs128-CVE-2024-45492.patch:`
			`Backporting 9bf0f2c1 from libexpat upstream, Detect integer`
			`overflow in function nextScaffoldPart.`
			`(CVE-2024-45492, bsc#1230038)`

			`-------------------------------------------------------------------`
			`Mon Sep 30 17:25:22 UTC 2024 - Cliff Zhao <qzhao@suse.com>`

			`- Add mozjs128-CVE-2024-45491.patch:`
			`Backporting 8e439a99 from libexpat upstream, Detect integer`
			`overflow in dtdCopy.`
			`(CVE-2024-45491, bsc#1230037)`

			`-------------------------------------------------------------------`
			`Mon Sep 30 17:15:45 UTC 2024 - Cliff Zhao <qzhao@suse.com>`

			`- Add mozjs128-CVE-2024-45490-part01-5c1a3164.patch:`
			`Backporting 5c1a3164 from libexpat upstream, Reject negative len`
			`for XML_ParseBuffer.`
			`CVE-2024-45490's fixes including 3 parts: 5c1a3164 for libexpat`
			`sources; c12f039b for libexpat tests; 2db23301 for libexpat docs;`
			`Because mozjs only embeds libexpat sources, so unnecessary to`
			`port prart02 and part03.`
			`(CVE-2024-45490, bsc#1230036)`

			`-------------------------------------------------------------------`
			`Wed Sep 25 14:02:27 UTC 2024 - Bjørn Lie <bjorn.lie@gmail.com>`

			`- Update to version 128.2.0:`
			`+ CVE-2024-8385: WASM type confusion involving ArrayTypes`
			`+ CVE-2024-8381: Type confusion when looking up a property name`
			`in a "with" block`
			`+ CVE-2024-8382: Internal event interfaces were exposed to web`
			`content when browser EventHandler listener callbacks ran`
			`+ CVE-2024-8383: Firefox did not ask before openings news: links`
			`in an external application`
			`+ CVE-2024-8384: Garbage collection could mis-color`
			`cross-compartment objects in OOM conditions`
			`+ CVE-2024-8386: SelectElements could be shown over another site`
			`if popups are allowed`
			`+ CVE-2024-8387: Memory safety bugs fixed in Firefox 130,`
			`Firefox ESR 128.2, and Thunderbird 128.2`
			`- Drop 0001-Skip-failing-tests-on-ppc64-and-s390x.patch: Fixed`
			`upstream.`

			`-------------------------------------------------------------------`
			`Fri Aug 30 07:07:05 UTC 2024 - Bjørn Lie <bjorn.lie@gmail.com>`

			`- Initial build for openSUSE.`