Accepting request 1065878 from GNOME:Factory

OBS-URL: https://build.opensuse.org/request/show/1065878
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/mozjs102?expand=0&rev=8
This commit is contained in:
Dominique Leuenberger 2023-02-16 15:55:04 +00:00 committed by Git OBS Bridge
commit ee7b7246d8
6 changed files with 50 additions and 20 deletions

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:a7a4603417fcb42ec37f2cff9034280ce2ec772c0a5fc500fada4286ba3114aa
size 479538092

View File

@ -1,16 +0,0 @@
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEQ2D+IQnEl2MYb44h6+QekPbxL20FAmO8UKIACgkQ6+QekPbx
L201FQ//cZMs3qPzS5YG9AJz9w/Zp3o6sG/JxaBcWT0nUqai+z35LPB9pMnKIrd1
gjQz36h2MVYH159dtnsggN+IObVoSVr0Eg3+D4qT8BSCYugWYbhDpi9y19bUZDzv
lW84s6xpcBynEXELxOpGYNvWRrcPFAZ8LaoimQzy2iLLTF2buXP05/uzTYgyHWbh
mmrKakr7Xw0x4m9c8wln0OjB9hmO6eJ2tvKrZmSv0c2SOO1hmslCfKoFw8POjNfS
JBtjEmjn2usHrLQHL7l/arbw0m4VCwFjdTwxe3iFZV4okuRLHcnqN4L/HqM1vkEC
AQXbZYt7gYK4oxXGlFjIWH517gM3812sjwplgC7s/75SMbRLiDKKdGhNb42h8xzf
ZxQJGzQpfCbraRi8MM7tTthAge04h2hVcWqM2tCOjstXffgrWzcM6CMMiMMfwnM3
YpmBtamzXGQnOdNLE3SUW2Ho/xPgyp2w3JoqJMNcUik2mBLyQzxbB4t37G6wGbiQ
4v0be0t7yz07TkdEPYaqIPlvenoWuyxZWxvoVeaTBJsyQcIPG1BB7t7XmEll4mLi
DzfVndy/jezegg7htJQrCcdCdzL2S3OxTVVfiTWv+08Ihf9bW96jX6zcR1AvVBfP
NHdLk8lz5p9NzcT69awGKaIDV/4sEzHgWcOclMLptc9bkeaAlOk=
=ec8Q
-----END PGP SIGNATURE-----

View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:47f8f6243bce8c2ef51adf8c9626bbf643e1c225dcb9ba5653a055ed5e76ca48
size 479172816

View File

@ -0,0 +1,16 @@
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEQ2D+IQnEl2MYb44h6+QekPbxL20FAmPq5qgACgkQ6+QekPbx
L22e8g//SY6wfZhu8jhzZGcSVA39j9JeLGlbogfeQgpohMT1BQWi3FoKnUPLhndK
yZjCbJWAEdgdbCpr4gl7lcajtlT+7YcIvxQ97OxeBmvRRmiLni5E313POTL7XOYJ
hb6YJOr7xuXq6DfHkzMfcqhTE4IZ1FIZ+HzBzIGzVrkfz7NtRJjhr+sLpFaBBP/+
4/rElty4B+bIukhLc63nxTRPIzQOxk/4mACnnAE1ROdXjcaQgic1WcxTT8tcQhme
pEFQ33gCQYSRmqAixJa6GjjQBHEsKuU0pHsM2ksMceRS+LwGHEgJ/ifcw/BrKEwG
jxh6RcLJxRA1HWLdt0CLoOVmtkhkEoCQmR8AHfCiQZdP/TWB3M8j0s6+1WWp12hf
yv/YlUGww3byNMYSbBaLYffzzetWk6mq3dMe1rJbORDJmRXqFajlq1bBRv1eWZaF
K4/QUO+OTo7EBYykHFOhDboVaFgmnppOuj97QVKQxr1AHM6RazOYT4Vth0H0ac5X
4iadxseBmhRYNzDHHrCWaVlmsuxvlCf4iC+fIChy6xHnSEI55yEyIC6sC5Aw2QG0
aeXmSbNxOMc72jDBn9RFEBm/zu5uJN9A6TxXdghg7mKBFFjRpZXSJJgyMZEgo+AJ
yupVRDypyK9tGL9PAqy8u72KlJ9MHuSkL2arA8WLMocyzjLNScw=
=yT7T
-----END PGP SIGNATURE-----

View File

@ -1,3 +1,33 @@
-------------------------------------------------------------------
Tue Feb 14 22:30:07 UTC 2023 - Bjørn Lie <bjorn.lie@gmail.com>
- Update to version 102.8.0:
+ Various security fixes.
+ CVE-2023-25728: Content security policy leak in violation
reports using iframes.
+ CVE-2023-25730: Screen hijack via browser fullscreen mode.
+ CVE-2023-25743: Fullscreen notification not shown in Firefox
Focus.
+ CVE-2023-0767: Arbitrary memory write via PKCS 12 in NSS.
+ CVE-2023-25735: Potential use-after-free from compartment
mismatch in SpiderMonkey.
+ CVE-2023-25737: Invalid downcast in
SVGUtils::SetupStrokeGeometry.
+ CVE-2023-25738: Printing on Windows could potentially crash
Firefox with some device drivers.
+ CVE-2023-25739: Use-after-free in
mozilla::dom::ScriptLoadContext::~ScriptLoadContext.
+ CVE-2023-25729: Extensions could have opened external schemes
without user knowledge.
+ CVE-2023-25732: Out of bounds memory write from
EncodeInputStream.
+ CVE-2023-25734: Opening local .url files could cause unexpected
network loads.
+ CVE-2023-25742: Web Crypto ImportKey crashes tab.
+ CVE-2023-25744: Memory safety bugs fixed in Firefox 110 and
Firefox ESR 102.8.
+ CVE-2023-25746: Memory safety bugs fixed in Firefox ESR 102.8.
------------------------------------------------------------------- -------------------------------------------------------------------
Tue Jan 17 13:35:58 UTC 2023 - Bjørn Lie <bjorn.lie@gmail.com> Tue Jan 17 13:35:58 UTC 2023 - Bjørn Lie <bjorn.lie@gmail.com>

View File

@ -39,7 +39,7 @@ BuildArch: i686
%global big_endian 1 %global big_endian 1
%endif %endif
Name: mozjs%{major} Name: mozjs%{major}
Version: 102.7.0 Version: 102.8.0
Release: 1%{?dist} Release: 1%{?dist}
Summary: SpiderMonkey JavaScript library Summary: SpiderMonkey JavaScript library
License: MPL-2.0 License: MPL-2.0