diff --git a/firefox-102.7.0esr.source.tar.xz b/firefox-102.7.0esr.source.tar.xz deleted file mode 100644 index 74944e6..0000000 --- a/firefox-102.7.0esr.source.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:a7a4603417fcb42ec37f2cff9034280ce2ec772c0a5fc500fada4286ba3114aa -size 479538092 diff --git a/firefox-102.7.0esr.source.tar.xz.asc b/firefox-102.7.0esr.source.tar.xz.asc deleted file mode 100644 index a4396fd..0000000 --- a/firefox-102.7.0esr.source.tar.xz.asc +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQIzBAABCgAdFiEEQ2D+IQnEl2MYb44h6+QekPbxL20FAmO8UKIACgkQ6+QekPbx -L201FQ//cZMs3qPzS5YG9AJz9w/Zp3o6sG/JxaBcWT0nUqai+z35LPB9pMnKIrd1 -gjQz36h2MVYH159dtnsggN+IObVoSVr0Eg3+D4qT8BSCYugWYbhDpi9y19bUZDzv -lW84s6xpcBynEXELxOpGYNvWRrcPFAZ8LaoimQzy2iLLTF2buXP05/uzTYgyHWbh -mmrKakr7Xw0x4m9c8wln0OjB9hmO6eJ2tvKrZmSv0c2SOO1hmslCfKoFw8POjNfS -JBtjEmjn2usHrLQHL7l/arbw0m4VCwFjdTwxe3iFZV4okuRLHcnqN4L/HqM1vkEC -AQXbZYt7gYK4oxXGlFjIWH517gM3812sjwplgC7s/75SMbRLiDKKdGhNb42h8xzf -ZxQJGzQpfCbraRi8MM7tTthAge04h2hVcWqM2tCOjstXffgrWzcM6CMMiMMfwnM3 -YpmBtamzXGQnOdNLE3SUW2Ho/xPgyp2w3JoqJMNcUik2mBLyQzxbB4t37G6wGbiQ -4v0be0t7yz07TkdEPYaqIPlvenoWuyxZWxvoVeaTBJsyQcIPG1BB7t7XmEll4mLi -DzfVndy/jezegg7htJQrCcdCdzL2S3OxTVVfiTWv+08Ihf9bW96jX6zcR1AvVBfP -NHdLk8lz5p9NzcT69awGKaIDV/4sEzHgWcOclMLptc9bkeaAlOk= -=ec8Q ------END PGP SIGNATURE----- diff --git a/firefox-102.8.0esr.source.tar.xz b/firefox-102.8.0esr.source.tar.xz new file mode 100644 index 0000000..e185b7f --- /dev/null +++ b/firefox-102.8.0esr.source.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:47f8f6243bce8c2ef51adf8c9626bbf643e1c225dcb9ba5653a055ed5e76ca48 +size 479172816 diff --git a/firefox-102.8.0esr.source.tar.xz.asc b/firefox-102.8.0esr.source.tar.xz.asc new file mode 100644 index 0000000..78e3433 --- /dev/null +++ b/firefox-102.8.0esr.source.tar.xz.asc @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCgAdFiEEQ2D+IQnEl2MYb44h6+QekPbxL20FAmPq5qgACgkQ6+QekPbx +L22e8g//SY6wfZhu8jhzZGcSVA39j9JeLGlbogfeQgpohMT1BQWi3FoKnUPLhndK +yZjCbJWAEdgdbCpr4gl7lcajtlT+7YcIvxQ97OxeBmvRRmiLni5E313POTL7XOYJ +hb6YJOr7xuXq6DfHkzMfcqhTE4IZ1FIZ+HzBzIGzVrkfz7NtRJjhr+sLpFaBBP/+ +4/rElty4B+bIukhLc63nxTRPIzQOxk/4mACnnAE1ROdXjcaQgic1WcxTT8tcQhme +pEFQ33gCQYSRmqAixJa6GjjQBHEsKuU0pHsM2ksMceRS+LwGHEgJ/ifcw/BrKEwG +jxh6RcLJxRA1HWLdt0CLoOVmtkhkEoCQmR8AHfCiQZdP/TWB3M8j0s6+1WWp12hf +yv/YlUGww3byNMYSbBaLYffzzetWk6mq3dMe1rJbORDJmRXqFajlq1bBRv1eWZaF +K4/QUO+OTo7EBYykHFOhDboVaFgmnppOuj97QVKQxr1AHM6RazOYT4Vth0H0ac5X +4iadxseBmhRYNzDHHrCWaVlmsuxvlCf4iC+fIChy6xHnSEI55yEyIC6sC5Aw2QG0 +aeXmSbNxOMc72jDBn9RFEBm/zu5uJN9A6TxXdghg7mKBFFjRpZXSJJgyMZEgo+AJ +yupVRDypyK9tGL9PAqy8u72KlJ9MHuSkL2arA8WLMocyzjLNScw= +=yT7T +-----END PGP SIGNATURE----- diff --git a/mozjs102.changes b/mozjs102.changes index 0469085..d102297 100644 --- a/mozjs102.changes +++ b/mozjs102.changes @@ -1,3 +1,33 @@ +------------------------------------------------------------------- +Tue Feb 14 22:30:07 UTC 2023 - Bjørn Lie + +- Update to version 102.8.0: + + Various security fixes. + + CVE-2023-25728: Content security policy leak in violation + reports using iframes. + + CVE-2023-25730: Screen hijack via browser fullscreen mode. + + CVE-2023-25743: Fullscreen notification not shown in Firefox + Focus. + + CVE-2023-0767: Arbitrary memory write via PKCS 12 in NSS. + + CVE-2023-25735: Potential use-after-free from compartment + mismatch in SpiderMonkey. + + CVE-2023-25737: Invalid downcast in + SVGUtils::SetupStrokeGeometry. + + CVE-2023-25738: Printing on Windows could potentially crash + Firefox with some device drivers. + + CVE-2023-25739: Use-after-free in + mozilla::dom::ScriptLoadContext::~ScriptLoadContext. + + CVE-2023-25729: Extensions could have opened external schemes + without user knowledge. + + CVE-2023-25732: Out of bounds memory write from + EncodeInputStream. + + CVE-2023-25734: Opening local .url files could cause unexpected + network loads. + + CVE-2023-25742: Web Crypto ImportKey crashes tab. + + CVE-2023-25744: Memory safety bugs fixed in Firefox 110 and + Firefox ESR 102.8. + + CVE-2023-25746: Memory safety bugs fixed in Firefox ESR 102.8. + ------------------------------------------------------------------- Tue Jan 17 13:35:58 UTC 2023 - Bjørn Lie diff --git a/mozjs102.spec b/mozjs102.spec index 74e3318..a57dfd2 100644 --- a/mozjs102.spec +++ b/mozjs102.spec @@ -39,7 +39,7 @@ BuildArch: i686 %global big_endian 1 %endif Name: mozjs%{major} -Version: 102.7.0 +Version: 102.8.0 Release: 1%{?dist} Summary: SpiderMonkey JavaScript library License: MPL-2.0