pool/mozjs128
SHA256
16
0
Fork 0
Code Issues Pull Requests Activity
Files
factory
mozjs128/mozjs128.changes
Bjørn Lie 89f3484149 - Add mozjs128-CVE-2025-62813.patch: fix possible crash when 
processing untrusted LZ4 frames (bsc#1252607 CVE-2025-62813).

OBS-URL: https://build.opensuse.org/package/show/GNOME:Factory/mozjs128?expand=0&rev=36
2025-10-28 21:47:18 +00:00

281 lines
12 KiB
Plaintext
Raw Permalink Blame History

-------------------------------------------------------------------
Tue Oct 28 21:05:52 UTC 2025 - Michael Gorse <mgorse@suse.com>
- Add mozjs128-CVE-2025-62813.patch: fix possible crash when
processing untrusted LZ4 frames (bsc#1252607 CVE-2025-62813).
-------------------------------------------------------------------
Fri Aug 22 17:41:00 UTC 2025 - Bjørn Lie <bjorn.lie@gmail.com>
- Update to version 128.14.0:
+ CVE-2025-9179: Sandbox escape due to invalid pointer in the
Audio/Video: GMP component
+ CVE-2025-9180: Same-origin policy bypass in the Graphics:
Canvas2D component
+ CVE-2025-9181: Uninitialized memory in the JavaScript Engine
component
+ CVE-2025-9185: Memory safety bugs fixed in Firefox ESR 115.27,
Firefox ESR 128.14, Thunderbird ESR 128.14, Firefox ESR 140.2,
Thunderbird ESR 140.2, Firefox 142 and Thunderbird 142
-------------------------------------------------------------------
Mon Jul 21 15:13:17 UTC 2025 - Bjørn Lie <bjorn.lie@gmail.com>
- Update to version 128.13.0:
+ CVE-2025-8027: JavaScript engine only wrote partial return
value to stack
+ CVE-2025-8028: Large branch table could lead to truncated
instruction
+ CVE-2025-8029: javascript: URLs executed on object and embed
tags
+ CVE-2025-8030: Potential user-assisted code execution in “Copy
as cURL” command
+ CVE-2025-8031: Incorrect URL stripping in CSP reports
+ CVE-2025-8032: XSLT documents could bypass CSP
+ CVE-2025-8033: Incorrect JavaScript state machine for
generators
+ CVE-2025-8034: Memory safety bugs fixed in Firefox ESR 115.26,
Firefox ESR 128.13, Thunderbird ESR 128.13, Firefox ESR 140.1,
Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141
+ CVE-2025-8035: Memory safety bugs fixed in Firefox ESR 128.13,
Thunderbird ESR 128.13, Firefox ESR 140.1, Thunderbird ESR
140.1, Firefox 141 and Thunderbird 141
-------------------------------------------------------------------
Fri Jul 4 18:00:13 UTC 2025 - Bjørn Lie <bjorn.lie@gmail.com>
- Update to version 128.12.0:
+ CVE-2025-6424: Use-after-free in FontFaceSet
+ CVE-2025-6425: The WebCompat WebExtension shipped with Firefox
exposed a persistent UUID
+ CVE-2025-6426: No warning when opening executable terminal
files on macOS
+ CVE-2025-6429: Incorrect parsing of URLs could have allowed
embedding of youtube.com
+ CVE-2025-6430: Content-Disposition header ignored when a file
is included in an embed or object tag
- Changes from version 128.11.0:
+ CVE-2025-5283: Double-free in libvpx encoder
+ CVE-2025-5263: Error handling for script execution was
incorrectly isolated from web content
+ CVE-2025-5264: Potential local code execution in “Copy as cURL”
command
+ CVE-2025-5265: Potential local code execution in “Copy as cURL”
command
+ CVE-2025-5266: Script element events leaked cross-origin
resource status
+ CVE-2025-5267: Clickjacking vulnerability could have led to
leaking saved payment card details
+ CVE-2025-5268: Memory safety bugs fixed in Firefox 139,
Thunderbird 139, Firefox ESR 128.11, and Thunderbird 128.11
+ CVE-2025-5269: Memory safety bug fixed in Firefox ESR 128.11
and Thunderbird 128.11
-------------------------------------------------------------------
Tue May 20 08:27:21 UTC 2025 - Bjørn Lie <bjorn.lie@gmail.com>
- Update to version 128.10.1:
+ MFSA 2025-37:
- CVE-2025-4920 (bmo#1966612): Out-of-bounds access when
resolving Promise objects
- CVE-2025-4921 (bmo#1966614): Out-of-bounds access when
optimizing linear sums
-------------------------------------------------------------------
Thu Apr 10 19:54:36 UTC 2025 - Michael Gorse <mgorse@suse.com>
- Add libtheora-avoid-negative-shift.patch: avoid negative shift in
huffdec.c (bsc#1234837 CVE-2024-56431).
-------------------------------------------------------------------
Mon Apr 7 13:44:14 UTC 2025 - Bjørn Lie <bjorn.lie@gmail.com>
- Update to version 128.9.0:
+ CVE-2025-3028, CVE-2025-3029, CVE-2025-3030.
-------------------------------------------------------------------
Sun Mar 30 12:57:32 UTC 2025 - Bjørn Lie <bjorn.lie@gmail.com>
- Update to version 128.8.1:
+ CVE-2025-2857: Incorrect handle could lead to sandbox escapes.
- Changes from version 128.8.0:
+ Various security fixes: CVE-2024-43097, CVE-2025-1930,
CVE-2025-1931, CVE-2025-1932, CVE-2025-1933, CVE-2025-1934,
CVE-2025-1935, CVE-2025-1936.
-------------------------------------------------------------------
Sat Feb 8 12:41:56 UTC 2025 - Bjørn Lie <bjorn.lie@gmail.com>
- Update to version 128.7.0:
+ Various security fixes: CVE-2025-1009, CVE-2025-1010,
CVE-2025-1011, CVE-2025-1012, CVE-2024-11704, CVE-2025-1013,
CVE-2025-1014, CVE-2025-1016, CVE-2025-1017.
- Changes from version 128.6.0:
+ Various security fixes: CVE-2025-0237, CVE-2025-0238,
CVE-2025-0239, CVE-2025-0240, CVE-2025-0241, CVE-2025-0242,
CVE-2025-0243.
-------------------------------------------------------------------
Thu Dec 11 13:12:28 UTC 2024 - Cliff Zhao <qzhao@suse.com>
- Add mozjs128-CVE-2024-11498.patch:
Backporting bf4781a2 from upstream, Check height limit in modular
trees. Also rewrite the implementation to use iterative checking
instead of recursive checking of tree property values, to ensure
stack usage is low. Before, it was possible for
appropriately-crafted files to use a significant amount of stack.
(CVE-2024-11498, bsc#1233786)
-------------------------------------------------------------------
Thu Dec 09 11:28:05 UTC 2024 - Cliff Zhao <qzhao@suse.com>
- Add mozjs128-CVE-2024-11403.patch:
Backporting 9cc451b9 from upstream, Port the Huffman lookup table
size fix from brunsli.
(CVE-2024-11403, bsc#1233766)
-------------------------------------------------------------------
Thu Dec 05 15:06:01 UTC 2024 - Cliff Zhao <qzhao@suse.com>
- Add mozjs128-CVE-2024-50602.patch:
Backporting 51c70190 from upstream,
* lib: Make XML_StopParser refuse to stop/suspend an unstarted parser.
* lib: Be explicit about XML_PARSING in XML_StopParser.
(CVE-2024-50602, bsc#1232599, bsc#1232602)
-------------------------------------------------------------------
Tue Dec 3 08:05:03 UTC 2024 - Bjørn Lie <bjorn.lie@gmail.com>
- Update to version 128.5.1:
+ Fixed an issue that prevented some websites from loading when
using SSL Inspection. (bmo#1933747)
- Changes from version 128.5.0:
+ Various security fixes and other quality improvements.
+ CVE-2024-11691: Out-of-bounds write in Apple GPU drivers via
WebGL.
+ CVE-2024-11692: Select list elements could be shown over
another site.
+ CVE-2024-11694: CSP Bypass and XSS Exposure via Web
Compatibility Shims.
+ CVE-2024-11695: URL Bar Spoofing via Manipulated Punycode and
Whitespace Characters.
+ CVE-2024-11696: Unhandled Exception in Add-on Signature
Verification.
+ CVE-2024-11697: Improper Keypress Handling in Executable File
Confirmation Dialog.
-------------------------------------------------------------------
Mon Nov 18 16:05:42 UTC 2024 - Dominique Leuenberger <dimstar@opensuse.org>
- Drop autoconf213 BuildRequires: the source embeds autoconf.sh
directly.
-------------------------------------------------------------------
Mon Nov 18 09:08:31 UTC 2024 - Dominique Leuenberger <dimstar@opensuse.org>
- Fix build against icu 76.1: link the correct libraries (icu-uc
instead of icu-i18n).
-------------------------------------------------------------------
Mon Nov 4 10:37:43 UTC 2024 - Bjørn Lie <bjorn.lie@gmail.com>
- Update to version 128.4.0:
+ CVE-2024-10458: Permission leak via embed or object elements
+ CVE-2024-10459: Use-after-free in layout with accessibility
+ CVE-2024-10460: Confusing display of origin for external
protocol handler prompt
+ CVE-2024-10461: XSS due to Content-Disposition being ignored in
multipart/x-mixed-replace response
+ CVE-2024-10462: Origin of permission prompt could be spoofed by
long URL
+ CVE-2024-10463: Cross origin video frame leak
+ CVE-2024-10464: History interface could have been used to cause
a Denial of Service condition in the browser
+ CVE-2024-10465: Clipboard "paste" button persisted across tabs
+ CVE-2024-10466: DOM push subscription message could hang
Firefox
+ CVE-2024-10467: Memory safety bugs fixed in Firefox 132,
Thunderbird 132, Firefox ESR 128.4, and Thunderbird 128.4
-------------------------------------------------------------------
Thu Oct 10 16:26:33 UTC 2024 - Bjørn Lie <bjorn.lie@gmail.com>
- Update to version 128.3.1:
* CVE-2024-9680: Use-after-free in Animation timeline
- Changes from version 128.3.0:
* CVE-2024-9392: Compromised content process can bypass site
isolation
* CVE-2024-9393: Cross-origin access to PDF contents through
multipart responses
* CVE-2024-9394: Cross-origin access to JSON contents through
multipart responses
* CVE-2024-8900: Clipboard write permission bypass
* CVE-2024-9396: Potential memory corruption may occur when
cloning certain objects
* CVE-2024-9397: Potential directory upload bypass via
clickjacking
* CVE-2024-9398: External protocol handlers could be enumerated
via popups
* CVE-2024-9399: Specially crafted WebTransport requests could
lead to denial of service
* CVE-2024-9400: Potential memory corruption during JIT
compilation
* CVE-2024-9401: Memory safety bugs fixed in Firefox 131, Firefox
ESR 115.16, Firefox ESR 128.3, Thunderbird 131, and Thunderbird
128.3
* CVE-2024-9402: Memory safety bugs fixed in Firefox 131, Firefox
ESR 128.3, Thunderbird 131, and Thunderbird 128.3
-------------------------------------------------------------------
Mon Sep 30 17:35:18 UTC 2024 - Cliff Zhao <qzhao@suse.com>
- Add mozjs128-CVE-2024-45492.patch:
Backporting 9bf0f2c1 from libexpat upstream, Detect integer
overflow in function nextScaffoldPart.
(CVE-2024-45492, bsc#1230038)
-------------------------------------------------------------------
Mon Sep 30 17:25:22 UTC 2024 - Cliff Zhao <qzhao@suse.com>
- Add mozjs128-CVE-2024-45491.patch:
Backporting 8e439a99 from libexpat upstream, Detect integer
overflow in dtdCopy.
(CVE-2024-45491, bsc#1230037)
-------------------------------------------------------------------
Mon Sep 30 17:15:45 UTC 2024 - Cliff Zhao <qzhao@suse.com>
- Add mozjs128-CVE-2024-45490-part01-5c1a3164.patch:
Backporting 5c1a3164 from libexpat upstream, Reject negative len
for XML_ParseBuffer.
CVE-2024-45490's fixes including 3 parts: 5c1a3164 for libexpat
sources; c12f039b for libexpat tests; 2db23301 for libexpat docs;
Because mozjs only embeds libexpat sources, so unnecessary to
port prart02 and part03.
(CVE-2024-45490, bsc#1230036)
-------------------------------------------------------------------
Wed Sep 25 14:02:27 UTC 2024 - Bjørn Lie <bjorn.lie@gmail.com>
- Update to version 128.2.0:
+ CVE-2024-8385: WASM type confusion involving ArrayTypes
+ CVE-2024-8381: Type confusion when looking up a property name
in a "with" block
+ CVE-2024-8382: Internal event interfaces were exposed to web
content when browser EventHandler listener callbacks ran
+ CVE-2024-8383: Firefox did not ask before openings news: links
in an external application
+ CVE-2024-8384: Garbage collection could mis-color
cross-compartment objects in OOM conditions
+ CVE-2024-8386: SelectElements could be shown over another site
if popups are allowed
+ CVE-2024-8387: Memory safety bugs fixed in Firefox 130,
Firefox ESR 128.2, and Thunderbird 128.2
- Drop 0001-Skip-failing-tests-on-ppc64-and-s390x.patch: Fixed
upstream.
-------------------------------------------------------------------
Fri Aug 30 07:07:05 UTC 2024 - Bjørn Lie <bjorn.lie@gmail.com>
- Initial build for openSUSE.
Reference in New Issue View Git Blame Copy Permalink