Accepting request 1042892 from GNOME:Next

New upstream release OBS-URL: https://build.opensuse.org/request/show/1042892 OBS-URL: https://build.opensuse.org/package/show/GNOME:Factory/mozjs102?expand=0&rev=11
2022-12-14 17:12:23 +00:00
parent 24dc957ecc
commit 12f5359628
6 changed files with 37 additions and 20 deletions
--- a/mozjs102.changes
+++ b/mozjs102.changes
@@ -1,3 +1,20 @@
+-------------------------------------------------------------------
+Wed Dec 14 10:31:25 UTC 2022 - Bjørn Lie <bjorn.lie@gmail.com>
+
+- Update to version 102.6.0:
+  + Various stability, functionality, and security fixes.
+  + CVE-2022-46880: Use-after-free in WebGL.
+  + CVE-2022-46872: Arbitrary file read from a compromised content
+    process.
+  + CVE-2022-46881: Memory corruption in WebGL.
+  + CVE-2022-46874: Drag and Dropped Filenames could have been
+    truncated to malicious extensions.
+  + CVE-2022-46875: Download Protections were bypassed by .atloc
+    and .ftploc files on Mac OS.
+  + CVE-2022-46882: Use-after-free in WebGL.
+  + CVE-2022-46878: Memory safety bugs fixed in Firefox 108 and
+    Firefox ESR 102.6.
+
 -------------------------------------------------------------------
 Fri Nov 18 18:04:53 UTC 2022 - Bjørn Lie <bjorn.lie@gmail.com>