Compare commits
1 Commits
| Author | SHA256 | Date | |
|---|---|---|---|
| 256101dbb4 |
Binary file not shown.
@@ -1,16 +0,0 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQIzBAABCgAdFiEECb7tY/NGKi3/qzuHXstkl8GiAlYFAmgo0KsACgkQXstkl8Gi
|
||||
AlZV8A/+Pi6s83W+oDe57BBHcacZgG4Hhd+dlnLdQQ03fex/WYoFXdxFZP60pGyO
|
||||
16NpGhT3tk0O2nEc8F53jLj7n++z1LLQnIv5jBR5CEFY1+yqEadpV1Ny8ZCPf+FQ
|
||||
VDbimt76Qkl0spaDcfzn3979oQK4CdB4D7gC7GNGNDGNWN+EkN+eVBKE2lsWLIss
|
||||
34Wax3TpI8KOeYlwU3n+sVgTbUsdWWlfVM28YqGADb5AdNcEKy1WXJGPcsqH+c2v
|
||||
g5Ge8Mx8qLlz8x9rVXeQmP6FpOAK128MVaqAcyPvif/F/gD5fM4DzxXXByGhRGlc
|
||||
CBTTFuO6LEvvDNzIB5aDelC17imOHxuLEY/OzxzNaWO7SqrWkIwsFRPOW2F1Vj3R
|
||||
6PEm6IWXEO1Cg6fqUCS/7iPTvU2pzE4k6pFTF/S4gmIw13q8alRbqZUTobWgHveJ
|
||||
eBaH6C3jJVy0pV3vDOfHhJ6AhYFA0J53NjMF0uJGnfCXrYRYGkHN8CE+ljHLY9Sm
|
||||
NlDo77nbkAoAnxqRbr1xdURn9eq0nvJHGnF7BnxbQ13rjQLNlFTwQVyT4mrXPokQ
|
||||
O0v1KntmxCop6NTEgHKFOZeIhwNXcBhAfNaeERgJaxg00BYVeuCmZgu+wbqaIbwE
|
||||
az+ddvQy6mLRoUFPomSumEBadl2jW+iFAiD/culcEbxFlUc7yq0=
|
||||
=UXQh
|
||||
-----END PGP SIGNATURE-----
|
||||
BIN
firefox-128.14.0esr.source.tar.xz
LFS
Normal file
BIN
firefox-128.14.0esr.source.tar.xz
LFS
Normal file
Binary file not shown.
16
firefox-128.14.0esr.source.tar.xz.asc
Normal file
16
firefox-128.14.0esr.source.tar.xz.asc
Normal file
@@ -0,0 +1,16 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQIzBAABCgAdFiEECb7tY/NGKi3/qzuHXstkl8GiAlYFAmiaJT0ACgkQXstkl8Gi
|
||||
AlZWTQ//cg1Ykn/97gCDAwB54k6EuqVwO8cBc3B4WplGBRSFgy2dCEiHF4N6e+mH
|
||||
mvchBvOUXdObZ27kHX6cumZXJQjlw47bVS20RhksY1FQGEezfN3G1Xznqg1WbvJ5
|
||||
rUHA+KQIRsC+fobik07osBA0Ow7+R+6EKd+f5vMu4glHKWxn0kD17ChXepuXb4OM
|
||||
U8//oJgImCxm8JZsihyVyzRZM+MBje3dexP3DOiyaOaBNyy3gim2lCCMOFUcFEcB
|
||||
56zZzvHGV7H6incTc3vbYhBtrjwrNyk+mcD7ztJ1nfLcTpaFtX/oTZFQbNYb1Dfq
|
||||
+u5qr7KXlS53ef2nqZHdD9CDaiJ52h18eUj6dRTBY3aPth2I5XDb+jK3Zm2iffsW
|
||||
GSI3hA9Xu/EOzs7cUl092y/PfOL2GbNdIMNjONgCi/kXpV0nmx8joDsgEHtgFNEp
|
||||
eQYuEG3TNCSh1kfT6LWxD5bPiiJlpcsBoArEcmDhHqDTGZiU58CpPiZZ5K6MDtBz
|
||||
wS0fPtk6VT8fEmEeSwV6yGGPm2VWeVuJBPs+8uRhrJO9Rk1VXhiS2EgwiFTZU1z3
|
||||
PBZhaPyrBjJk9aImQ5tiI5dhWVkcqv9MAR6FY0sKAyVIAu+J4y/wceRSnHFBgY80
|
||||
/RNh2ljSkEtnBAtAEwnLx27cXCI/vLTkEguosoJvRLm0X3EZvWQ=
|
||||
=uWIm
|
||||
-----END PGP SIGNATURE-----
|
||||
@@ -1,3 +1,70 @@
|
||||
-------------------------------------------------------------------
|
||||
Fri Aug 22 17:41:00 UTC 2025 - Bjørn Lie <bjorn.lie@gmail.com>
|
||||
|
||||
- Update to version 128.14.0:
|
||||
+ CVE-2025-9179: Sandbox escape due to invalid pointer in the
|
||||
Audio/Video: GMP component
|
||||
+ CVE-2025-9180: Same-origin policy bypass in the Graphics:
|
||||
Canvas2D component
|
||||
+ CVE-2025-9181: Uninitialized memory in the JavaScript Engine
|
||||
component
|
||||
+ CVE-2025-9185: Memory safety bugs fixed in Firefox ESR 115.27,
|
||||
Firefox ESR 128.14, Thunderbird ESR 128.14, Firefox ESR 140.2,
|
||||
Thunderbird ESR 140.2, Firefox 142 and Thunderbird 142
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Jul 21 15:13:17 UTC 2025 - Bjørn Lie <bjorn.lie@gmail.com>
|
||||
|
||||
- Update to version 128.13.0:
|
||||
+ CVE-2025-8027: JavaScript engine only wrote partial return
|
||||
value to stack
|
||||
+ CVE-2025-8028: Large branch table could lead to truncated
|
||||
instruction
|
||||
+ CVE-2025-8029: javascript: URLs executed on object and embed
|
||||
tags
|
||||
+ CVE-2025-8030: Potential user-assisted code execution in “Copy
|
||||
as cURL” command
|
||||
+ CVE-2025-8031: Incorrect URL stripping in CSP reports
|
||||
+ CVE-2025-8032: XSLT documents could bypass CSP
|
||||
+ CVE-2025-8033: Incorrect JavaScript state machine for
|
||||
generators
|
||||
+ CVE-2025-8034: Memory safety bugs fixed in Firefox ESR 115.26,
|
||||
Firefox ESR 128.13, Thunderbird ESR 128.13, Firefox ESR 140.1,
|
||||
Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141
|
||||
+ CVE-2025-8035: Memory safety bugs fixed in Firefox ESR 128.13,
|
||||
Thunderbird ESR 128.13, Firefox ESR 140.1, Thunderbird ESR
|
||||
140.1, Firefox 141 and Thunderbird 141
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Jul 4 18:00:13 UTC 2025 - Bjørn Lie <bjorn.lie@gmail.com>
|
||||
|
||||
- Update to version 128.12.0:
|
||||
+ CVE-2025-6424: Use-after-free in FontFaceSet
|
||||
+ CVE-2025-6425: The WebCompat WebExtension shipped with Firefox
|
||||
exposed a persistent UUID
|
||||
+ CVE-2025-6426: No warning when opening executable terminal
|
||||
files on macOS
|
||||
+ CVE-2025-6429: Incorrect parsing of URLs could have allowed
|
||||
embedding of youtube.com
|
||||
+ CVE-2025-6430: Content-Disposition header ignored when a file
|
||||
is included in an embed or object tag
|
||||
- Changes from version 128.11.0:
|
||||
+ CVE-2025-5283: Double-free in libvpx encoder
|
||||
+ CVE-2025-5263: Error handling for script execution was
|
||||
incorrectly isolated from web content
|
||||
+ CVE-2025-5264: Potential local code execution in “Copy as cURL”
|
||||
command
|
||||
+ CVE-2025-5265: Potential local code execution in “Copy as cURL”
|
||||
command
|
||||
+ CVE-2025-5266: Script element events leaked cross-origin
|
||||
resource status
|
||||
+ CVE-2025-5267: Clickjacking vulnerability could have led to
|
||||
leaking saved payment card details
|
||||
+ CVE-2025-5268: Memory safety bugs fixed in Firefox 139,
|
||||
Thunderbird 139, Firefox ESR 128.11, and Thunderbird 128.11
|
||||
+ CVE-2025-5269: Memory safety bug fixed in Firefox ESR 128.11
|
||||
and Thunderbird 128.11
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue May 20 08:27:21 UTC 2025 - Bjørn Lie <bjorn.lie@gmail.com>
|
||||
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
#
|
||||
# spec file for package mozjs128
|
||||
#
|
||||
# Copyright (c) 2025 SUSE LLC
|
||||
# Copyright (c) 2025 SUSE LLC and contributors
|
||||
# Copyright (c) 2023 Frantisek Zatloukal <fzatlouk@redhat.com>
|
||||
# Copyright (c) 2014 Wolfgang Rosenauer
|
||||
#
|
||||
@@ -41,7 +41,7 @@ BuildArch: i686
|
||||
%global big_endian 1
|
||||
%endif
|
||||
Name: mozjs%{major}
|
||||
Version: 128.10.1
|
||||
Version: 128.14.0
|
||||
Release: 1%{?dist}
|
||||
Summary: SpiderMonkey JavaScript library
|
||||
License: MPL-2.0
|
||||
|
||||
Reference in New Issue
Block a user