Accepting request 1085783 from GNOME:Factory

OBS-URL: https://build.opensuse.org/request/show/1085783 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/mozjs102?expand=0&rev=12
2023-05-10 14:17:01 +00:00 · 2023-05-10 14:17:01 +00:00 · 5ba140574d
commit 5ba140574d
parent bfb30a3b8e 2d5e4eb5a0
6 changed files with 38 additions and 20 deletions
--- a/firefox-102.10.0esr.source.tar.xz
+++ b/firefox-102.10.0esr.source.tar.xz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:8c6954dfbc22cedb77a49092d84cbc43c84bf22ebe7fd0b8874c1ada7b0afbf8
-size 479026088
--- a/firefox-102.10.0esr.source.tar.xz.asc
+++ b/firefox-102.10.0esr.source.tar.xz.asc
@ -1,16 +0,0 @@
-----BEGIN PGP SIGNATURE-----
-
-iQIzBAABCgAdFiEEQ2D+IQnEl2MYb44h6+QekPbxL20FAmQrEcIACgkQ6+QekPbx
-L20fnRAAnrxGpxH1X9IdCY89hD6eaqNVJ+R8E8elVdoZVc5+/7IzjwYgPUfuj1b/
-/WQpUcZMNNIyFQy0oVYbxAZRJVBJxpIr32Wpxr9rqCQjidaI4KZL9f2SZHmSCKpv
-H4rsKlsvS9QtI/ycIHM/JxbqJmqaS6cfsoww7s7NrrWiRtFGE7RwkHs0jwJpqw78
-gE9Fkcu0od3qRbtGLbqlJx6Rfynvpk40IAo4NfZ+ZwmBWTBm+Idb8TCzoJC81x7x
-PytWENYErNtf735OHkaNZocj0fQtesW60GR4iKDukIhziwYOqZjlXD7JqUShs/OF
-3eIBoDKk6yC4hGAbbLsvCFEJ6OK8m+k4WCk+sGIL4ms2n5Km6jQdUDYmkbFnI6ld
-cX2zaYALfcwc1/Y93mkFvxfO9uGGP8zJgSiMOAMzgUlQhr6u9SJ1IquVEo5eJynB
-gfuv/2snmCV6fRxIoXSpoePl6H20bKee5V6h3XWAYDyBX7gx9UgrdsF8EoY/V9qm
-k4n6oCE/m6r3erirVPa6A4O7bvvsM/wFPHGOmF0vbUc/DnNVv8M1uOppjErdh2bD
-qmsWS64oyb25c+7chX9gMEedb75GNxVJ+lZtH2a8MIggHpMpO3hIBlts519KlJpV
-JcLGArIhTB6aTm5qyIHLKW7AheKKNerfLM7EDgo+VbPNAduQHx0=
-=F3Gx
-----END PGP SIGNATURE-----
--- a/firefox-102.11.0esr.source.tar.xz
+++ b/firefox-102.11.0esr.source.tar.xz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:e7f120e7967ea283909c1ec7cfdbf422bba515163842e739bfa1a608808cce33
+size 477769716
--- a/firefox-102.11.0esr.source.tar.xz.asc
+++ b/firefox-102.11.0esr.source.tar.xz.asc
@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCgAdFiEEQ2D+IQnEl2MYb44h6+QekPbxL20FAmRT1/cACgkQ6+QekPbx
+L20fUg//a2q+xMEnyGPyqq8qdvGx8b0/eZroLCu7uceBVNooc81jcjd/DSj6nokm
+8hziG/bzUma8JmFG6PGP2mXhKrQ+Gv2Rq6qpaEeJH/QhzJ0y7m7bC8VP0QcLEohg
+4QkO6nEKAQ2DdKt9XMs2laIuaolEIN3urZT7pL0xPog6o2ZKnB7D6Ip2LOUO5L68
+d3AANqgrMfOl4Osq65eeru2xp/8f4Oi6KDdHAXkhmrqJh3lF3Q9TNXc9yZImlMcb
+Vle/wwRemVUxfNIbb6DZpnzd8dpN73ZW9/u+Dzjzoa+sjlZoVveJmHruXkrOaEga
+UHcHeOA5rI01swn3C8tMdLhPjFAy9k4X0VNP/jWscCgpTZU+whygAPoeMFtn4Qxf
+BuG6M7uVo5/TFNYtTZhPN0oIBNcDXOBV9kpbOLpFbf6hXCcaefbo6oPxr6xaAKp+
+NphWRi0b+b8iwzbOyJloUG2M7eu9uWjAAjzfSvGlebhBG5ug87QY7ckki61iAUTy
+/kBfxzKt9bTn1Q6305TFtvaIIPJ4FARWzEANva76GN305c0dP+Uz5KT6UoVhZvzX
+ML6UBCG3jx6pYlCvHRazfVuw09zYyv4M/y4oI4fDn/3QzXjH7arLxbbZAw7jiUUZ
+NA1hd9g5/TPHgimZhUIBsvlFXY/dkDHbfaQkWRieCkXdI85q4pk=
+=/Z9r
+-----END PGP SIGNATURE-----
--- a/mozjs102.changes
+++ b/mozjs102.changes
@ -1,3 +1,21 @@
+-------------------------------------------------------------------
+Tue May  9 07:49:33 UTC 2023 - Bjørn Lie <bjorn.lie@gmail.com>
+
+- Update to version 102.11.0:
+  + Various security fixes.
+  + CVE-2023-32205: Browser prompts could have been obscured by
+    popups
+  + CVE-2023-32206: Crash in RLBox Expat driver
+  + CVE-2023-32207: Potential permissions request bypass via
+    clickjacking
+  + CVE-2023-32211: Content process crash due to invalid wasm code
+  + CVE-2023-32212: Potential spoof due to obscured address bar
+  + CVE-2023-32213: Potential memory corruption in
+    FileReader::DoReadData()
+  + CVE-2023-32214: Potential DoS via exposed protocol handlers
+  + CVE-2023-32215: Memory safety bugs fixed in Firefox 113 and
+    Firefox ESR 102.11
+
 -------------------------------------------------------------------
 Wed Apr 26 01:51:01 UTC 2023 - Yifan Jiang <yfjiang@suse.com>

--- a/mozjs102.spec
+++ b/mozjs102.spec
@ -41,7 +41,7 @@ BuildArch:      i686
 %global big_endian 1
 %endif
 Name:           mozjs%{major}
-Version:        102.10.0
+Version:        102.11.0
 Release:        1%{?dist}
 Summary:        SpiderMonkey JavaScript library
 License:        MPL-2.0