pool/mozjs128
SHA256
16
0
Fork 0
Code Issues Pull Requests Activity

Commit Graph

  • 256101dbb4 CVE fixes slfo-1.2 Mike Gorse 2025-10-29 14:40:56 -05:00
  • 487374f571 Accepting request 1314210 from GNOME:Factory factory Ana Guerrero 2025-10-29 20:05:54 +00:00
  • 89f3484149 - Add mozjs128-CVE-2025-62813.patch: fix possible crash when processing untrusted LZ4 frames (bsc#1252607 CVE-2025-62813). Bjørn Lie 2025-10-28 21:47:18 +00:00
  • 2d2cf71563 Accepting request 1301223 from GNOME:Factory Ana Guerrero 2025-08-26 12:55:59 +00:00
  • e30eefe137 - Update to version 128.14.0: + CVE-2025-9179: Sandbox escape due to invalid pointer in the Audio/Video: GMP component + CVE-2025-9180: Same-origin policy bypass in the Graphics: Canvas2D component + CVE-2025-9181: Uninitialized memory in the JavaScript Engine component + CVE-2025-9185: Memory safety bugs fixed in Firefox ESR 115.27, Firefox ESR 128.14, Thunderbird ESR 128.14, Firefox ESR 140.2, Thunderbird ESR 140.2, Firefox 142 and Thunderbird 142 Bjørn Lie 2025-08-25 08:36:54 +00:00
  • 07300e4a43 Accepting request 1295755 from GNOME:Factory Dominique Leuenberger 2025-07-26 11:40:21 +00:00
  • 6c4371a726 - Update to version 128.13.0: + CVE-2025-8027: JavaScript engine only wrote partial return value to stack + CVE-2025-8028: Large branch table could lead to truncated instruction + CVE-2025-8029: javascript: URLs executed on object and embed tags + CVE-2025-8030: Potential user-assisted code execution in “Copy as cURL” command + CVE-2025-8031: Incorrect URL stripping in CSP reports + CVE-2025-8032: XSLT documents could bypass CSP + CVE-2025-8033: Incorrect JavaScript state machine for generators + CVE-2025-8034: Memory safety bugs fixed in Firefox ESR 115.26, Firefox ESR 128.13, Thunderbird ESR 128.13, Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141 + CVE-2025-8035: Memory safety bugs fixed in Firefox ESR 128.13, Thunderbird ESR 128.13, Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141 Bjørn Lie 2025-07-25 11:52:19 +00:00
  • 999805c065 Accepting request 1290730 from GNOME:Factory Ana Guerrero 2025-07-06 15:04:20 +00:00
  • 32f2364d95 - Update to version 128.12.0: + CVE-2025-6424: Use-after-free in FontFaceSet + CVE-2025-6425: The WebCompat WebExtension shipped with Firefox exposed a persistent UUID + CVE-2025-6426: No warning when opening executable terminal files on macOS + CVE-2025-6429: Incorrect parsing of URLs could have allowed embedding of youtube.com + CVE-2025-6430: Content-Disposition header ignored when a file is included in an embed or object tag - Changes from version 128.11.0: + CVE-2025-5283: Double-free in libvpx encoder + CVE-2025-5263: Error handling for script execution was incorrectly isolated from web content + CVE-2025-5264: Potential local code execution in “Copy as cURL” command + CVE-2025-5265: Potential local code execution in “Copy as cURL” command + CVE-2025-5266: Script element events leaked cross-origin resource status + CVE-2025-5267: Clickjacking vulnerability could have led to leaking saved payment card details + CVE-2025-5268: Memory safety bugs fixed in Firefox 139, Thunderbird 139, Firefox ESR 128.11, and Thunderbird 128.11 + CVE-2025-5269: Memory safety bug fixed in Firefox ESR 128.11 and Thunderbird 128.11 Bjørn Lie 2025-07-04 19:00:59 +00:00
  • d1256fc5e3 Sync from SUSE:SLFO:Main mozjs128 revision c077fe0be71f1027858e56cef8f3d460 slfo-main Adrian Schröter 2025-06-18 16:33:14 +02:00
  • 10aea6f0dc Accepting request 1280010 from GNOME:Factory Ana Guerrero 2025-05-27 16:50:49 +00:00
  • dd81bf5d93 - Update to version 128.10.1: + MFSA 2025-37: - CVE-2025-4920 (bmo#1966612): Out-of-bounds access when resolving Promise objects - CVE-2025-4921 (bmo#1966614): Out-of-bounds access when optimizing linear sums Dominique Leuenberger 2025-05-26 08:03:12 +00:00
  • 3222358544 Sync from SUSE:SLFO:Main mozjs128 revision b49d7a5b3b309fefdecba5e77c70a8e8 Adrian Schröter 2025-04-24 00:19:56 +02:00
  • a656d37f7e Accepting request 1269660 from GNOME:Factory Ana Guerrero 2025-04-17 14:05:50 +00:00
  • b3ede9cf88 - Add libtheora-avoid-negative-shift.patch: avoid negative shift in huffdec.c (bsc#1234837 CVE-2024-56431). Dominique Leuenberger 2025-04-15 15:24:38 +00:00
  • 5420c69d7f Accepting request 1267703 from GNOME:Factory Ana Guerrero 2025-04-08 15:51:08 +00:00
  • db35e6e3f6 - Update to version 128.9.0: + CVE-2025-3028, CVE-2025-3029, CVE-2025-3030. Dominique Leuenberger 2025-04-07 14:17:44 +00:00
  • 76e480c57f Accepting request 1265728 from GNOME:Factory Ana Guerrero 2025-04-02 15:06:59 +00:00
  • cce5fbc45f New stable release Dominique Leuenberger 2025-03-31 10:05:47 +00:00
  • a5a2db979a Sync from SUSE:SLFO:Main mozjs128 revision 7a0de0607b56b7013e084201e6c2b7ae Adrian Schröter 2025-02-20 09:55:50 +01:00
  • 9db829524e Accepting request 1244830 from GNOME:Factory Ana Guerrero 2025-02-11 20:21:22 +00:00
  • 3d7a27a43d - Update to version 128.7.0: + Various security fixes: CVE-2025-1009, CVE-2025-1010, CVE-2025-1011, CVE-2025-1012, CVE-2024-11704, CVE-2025-1013, CVE-2025-1014, CVE-2025-1016, CVE-2025-1017. - Changes from version 128.6.0: + Various security fixes: CVE-2025-0237, CVE-2025-0238, CVE-2025-0239, CVE-2025-0240, CVE-2025-0241, CVE-2025-0242, CVE-2025-0243. Bjørn Lie 2025-02-10 17:23:08 +00:00
  • b30031f867 Accepting request 1231636 from GNOME:Factory Ana Guerrero 2024-12-18 19:08:43 +00:00
  • 500bcb0b5a Add mozjs115-CVE-2024-11498.patch: Backporting bf4781a2 from upstream, Check height limit in modular trees. Also rewrite the implementation to use iterative checking instead of recursive checking of tree property values, to ensure stack usage is low. Before, it was possible for appropriately-crafted files to use a significant amount of stack. (CVE-2024-11498, bsc#1233786) Add mozjs115-CVE-2024-11403.patch: Backporting 9cc451b9 from upstream, Port the Huffman lookup table size fix from brunsli. (CVE-2024-11403, bsc#1233766) Dominique Leuenberger 2024-12-17 08:03:21 +00:00
  • cc8c4869bc Accepting request 1231258 from GNOME:Factory Ana Guerrero 2024-12-16 18:09:22 +00:00
  • 58e0c564f1 Accepting request 1231247 from home:qzhao:branches:GNOME:Factory Bjørn Lie 2024-12-15 18:17:34 +00:00
  • 6db4aa5227 Accepting request 1227992 from GNOME:Factory Ana Guerrero 2024-12-04 14:26:26 +00:00
  • eba3def8c9 OBS-URL: https://build.opensuse.org/package/show/GNOME:Factory/mozjs128?expand=0&rev=14 Dominique Leuenberger 2024-12-03 13:37:25 +00:00
  • 4cf8282bc6 Accepting request 1225118 from GNOME:Factory Ana Guerrero 2024-11-20 15:59:22 +00:00
  • 2dec7927d4 - Drop autoconf213 BuildRequires: the source embeds autoconf.sh directly. Bjørn Lie 2024-11-19 14:34:44 +00:00
  • 83907bbec3 Accepting request 1224801 from home:dimstar:Factory Bjørn Lie 2024-11-18 10:26:13 +00:00
  • eb532f0fa1 Sync from SUSE:SLFO:Main mozjs128 revision bd2739d04598be6724dba1a7c20d1d1c Adrian Schröter 2024-11-12 12:30:48 +01:00
  • 468b567397 Accepting request 1221106 from GNOME:Factory Ana Guerrero 2024-11-05 14:39:19 +00:00
  • 48380366e8 OBS-URL: https://build.opensuse.org/package/show/GNOME:Factory/mozjs128?expand=0&rev=9 Bjørn Lie 2024-11-04 17:17:45 +00:00
  • e99adf620a Accepting request 1207251 from GNOME:Factory Dominique Leuenberger 2024-10-12 11:24:53 +00:00
  • be3dc18cb1 - Update to version 128.3.1: * CVE-2024-9680: Use-after-free in Animation timeline - Changes from version 128.3.0: * CVE-2024-9392: Compromised content process can bypass site isolation * CVE-2024-9393: Cross-origin access to PDF contents through multipart responses * CVE-2024-9394: Cross-origin access to JSON contents through multipart responses * CVE-2024-8900: Clipboard write permission bypass * CVE-2024-9396: Potential memory corruption may occur when cloning certain objects * CVE-2024-9397: Potential directory upload bypass via clickjacking * CVE-2024-9398: External protocol handlers could be enumerated via popups * CVE-2024-9399: Specially crafted WebTransport requests could lead to denial of service * CVE-2024-9400: Potential memory corruption during JIT compilation * CVE-2024-9401: Memory safety bugs fixed in Firefox 131, Firefox ESR 115.16, Firefox ESR 128.3, Thunderbird 131, and Thunderbird 128.3 * CVE-2024-9402: Memory safety bugs fixed in Firefox 131, Firefox ESR 128.3, Thunderbird 131, and Thunderbird 128.3 Dominique Leuenberger 2024-10-11 13:42:17 +00:00
  • 3dde0dbb73 Accepting request 1205195 from GNOME:Factory Ana Guerrero 2024-10-02 19:34:48 +00:00
  • 34f8d859b3 Add Patches mozjs78-CVE-2024-45490-part01-5c1a3164.patch, mozjs78-CVE-2024-45491.patch, mozjs78-CVE-2024-45492.patch: fix security issues. Dominique Leuenberger 2024-10-02 11:58:07 +00:00
  • 97bf19a483 Accepting request 1203624 from GNOME:Factory Ana Guerrero 2024-09-25 19:57:29 +00:00
  • 411ff4013e - Update to version 128.2.0: + CVE-2024-8385: WASM type confusion involving ArrayTypes + CVE-2024-8381: Type confusion when looking up a property name in a "with" block + CVE-2024-8382: Internal event interfaces were exposed to web content when browser EventHandler listener callbacks ran + CVE-2024-8383: Firefox did not ask before openings news: links in an external application + CVE-2024-8384: Garbage collection could mis-color cross-compartment objects in OOM conditions + CVE-2024-8386: SelectElements could be shown over another site if popups are allowed + CVE-2024-8387: Memory safety bugs fixed in Firefox 130, Firefox ESR 128.2, and Thunderbird 128.2 - Drop 0001-Skip-failing-tests-on-ppc64-and-s390x.patch: Fixed upstream. Bjørn Lie 2024-09-25 15:31:59 +00:00
  • 02d356f0a3 Accepting request 1198684 from GNOME:Factory Ana Guerrero 2024-09-05 13:46:49 +00:00
  • d767173d94 Needed for "next" gjs, might as well push it now early Dominique Leuenberger 2024-09-04 11:32:12 +00:00