Accepting request 1065821 from GNOME:Next

New upstream release OBS-URL: https://build.opensuse.org/request/show/1065821 OBS-URL: https://build.opensuse.org/package/show/GNOME:Factory/mozjs102?expand=0&rev=15
2023-02-15 08:01:13 +00:00 · 2023-02-15 08:01:13 +00:00 · b0e9a7bcf8
commit b0e9a7bcf8
parent 307cf13d8b
6 changed files with 50 additions and 20 deletions
--- a/firefox-102.7.0esr.source.tar.xz
+++ b/firefox-102.7.0esr.source.tar.xz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:a7a4603417fcb42ec37f2cff9034280ce2ec772c0a5fc500fada4286ba3114aa
-size 479538092
--- a/firefox-102.7.0esr.source.tar.xz.asc
+++ b/firefox-102.7.0esr.source.tar.xz.asc
@ -1,16 +0,0 @@
-----BEGIN PGP SIGNATURE-----
-
-iQIzBAABCgAdFiEEQ2D+IQnEl2MYb44h6+QekPbxL20FAmO8UKIACgkQ6+QekPbx
-L201FQ//cZMs3qPzS5YG9AJz9w/Zp3o6sG/JxaBcWT0nUqai+z35LPB9pMnKIrd1
-gjQz36h2MVYH159dtnsggN+IObVoSVr0Eg3+D4qT8BSCYugWYbhDpi9y19bUZDzv
-lW84s6xpcBynEXELxOpGYNvWRrcPFAZ8LaoimQzy2iLLTF2buXP05/uzTYgyHWbh
-mmrKakr7Xw0x4m9c8wln0OjB9hmO6eJ2tvKrZmSv0c2SOO1hmslCfKoFw8POjNfS
-JBtjEmjn2usHrLQHL7l/arbw0m4VCwFjdTwxe3iFZV4okuRLHcnqN4L/HqM1vkEC
-AQXbZYt7gYK4oxXGlFjIWH517gM3812sjwplgC7s/75SMbRLiDKKdGhNb42h8xzf
-ZxQJGzQpfCbraRi8MM7tTthAge04h2hVcWqM2tCOjstXffgrWzcM6CMMiMMfwnM3
-YpmBtamzXGQnOdNLE3SUW2Ho/xPgyp2w3JoqJMNcUik2mBLyQzxbB4t37G6wGbiQ
-4v0be0t7yz07TkdEPYaqIPlvenoWuyxZWxvoVeaTBJsyQcIPG1BB7t7XmEll4mLi
-DzfVndy/jezegg7htJQrCcdCdzL2S3OxTVVfiTWv+08Ihf9bW96jX6zcR1AvVBfP
-NHdLk8lz5p9NzcT69awGKaIDV/4sEzHgWcOclMLptc9bkeaAlOk=
-=ec8Q
-----END PGP SIGNATURE-----
--- a/firefox-102.8.0esr.source.tar.xz
+++ b/firefox-102.8.0esr.source.tar.xz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:47f8f6243bce8c2ef51adf8c9626bbf643e1c225dcb9ba5653a055ed5e76ca48
+size 479172816
--- a/firefox-102.8.0esr.source.tar.xz.asc
+++ b/firefox-102.8.0esr.source.tar.xz.asc
@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCgAdFiEEQ2D+IQnEl2MYb44h6+QekPbxL20FAmPq5qgACgkQ6+QekPbx
+L22e8g//SY6wfZhu8jhzZGcSVA39j9JeLGlbogfeQgpohMT1BQWi3FoKnUPLhndK
+yZjCbJWAEdgdbCpr4gl7lcajtlT+7YcIvxQ97OxeBmvRRmiLni5E313POTL7XOYJ
+hb6YJOr7xuXq6DfHkzMfcqhTE4IZ1FIZ+HzBzIGzVrkfz7NtRJjhr+sLpFaBBP/+
+4/rElty4B+bIukhLc63nxTRPIzQOxk/4mACnnAE1ROdXjcaQgic1WcxTT8tcQhme
+pEFQ33gCQYSRmqAixJa6GjjQBHEsKuU0pHsM2ksMceRS+LwGHEgJ/ifcw/BrKEwG
+jxh6RcLJxRA1HWLdt0CLoOVmtkhkEoCQmR8AHfCiQZdP/TWB3M8j0s6+1WWp12hf
+yv/YlUGww3byNMYSbBaLYffzzetWk6mq3dMe1rJbORDJmRXqFajlq1bBRv1eWZaF
+K4/QUO+OTo7EBYykHFOhDboVaFgmnppOuj97QVKQxr1AHM6RazOYT4Vth0H0ac5X
+4iadxseBmhRYNzDHHrCWaVlmsuxvlCf4iC+fIChy6xHnSEI55yEyIC6sC5Aw2QG0
+aeXmSbNxOMc72jDBn9RFEBm/zu5uJN9A6TxXdghg7mKBFFjRpZXSJJgyMZEgo+AJ
+yupVRDypyK9tGL9PAqy8u72KlJ9MHuSkL2arA8WLMocyzjLNScw=
+=yT7T
+-----END PGP SIGNATURE-----
--- a/mozjs102.changes
+++ b/mozjs102.changes
@ -1,3 +1,33 @@
+-------------------------------------------------------------------
+Tue Feb 14 22:30:07 UTC 2023 - Bjørn Lie <bjorn.lie@gmail.com>
+
+- Update to version 102.8.0:
+  + Various security fixes.
+  + CVE-2023-25728: Content security policy leak in violation
+    reports using iframes.
+  + CVE-2023-25730: Screen hijack via browser fullscreen mode.
+  + CVE-2023-25743: Fullscreen notification not shown in Firefox
+    Focus.
+  + CVE-2023-0767: Arbitrary memory write via PKCS 12 in NSS.
+  + CVE-2023-25735: Potential use-after-free from compartment
+    mismatch in SpiderMonkey.
+  + CVE-2023-25737: Invalid downcast in
+    SVGUtils::SetupStrokeGeometry.
+  + CVE-2023-25738: Printing on Windows could potentially crash
+    Firefox with some device drivers.
+  + CVE-2023-25739: Use-after-free in
+    mozilla::dom::ScriptLoadContext::~ScriptLoadContext.
+  + CVE-2023-25729: Extensions could have opened external schemes
+    without user knowledge.
+  + CVE-2023-25732: Out of bounds memory write from
+    EncodeInputStream.
+  + CVE-2023-25734: Opening local .url files could cause unexpected
+    network loads.
+  + CVE-2023-25742: Web Crypto ImportKey crashes tab.
+  + CVE-2023-25744: Memory safety bugs fixed in Firefox 110 and
+    Firefox ESR 102.8.
+  + CVE-2023-25746: Memory safety bugs fixed in Firefox ESR 102.8.
+
 -------------------------------------------------------------------
 Tue Jan 17 13:35:58 UTC 2023 - Bjørn Lie <bjorn.lie@gmail.com>

--- a/mozjs102.spec
+++ b/mozjs102.spec
@ -39,7 +39,7 @@ BuildArch:      i686
 %global big_endian 1
 %endif
 Name:           mozjs%{major}
-Version:        102.7.0
+Version:        102.8.0
 Release:        1%{?dist}
 Summary:        SpiderMonkey JavaScript library
 License:        MPL-2.0