Accepting request 1042892 from GNOME:Next

New upstream release OBS-URL: https://build.opensuse.org/request/show/1042892 OBS-URL: https://build.opensuse.org/package/show/GNOME:Factory/mozjs102?expand=0&rev=11
2022-12-14 17:12:23 +00:00 · 2022-12-14 17:12:23 +00:00 · 12f5359628
commit 12f5359628
parent 24dc957ecc
6 changed files with 37 additions and 20 deletions
--- a/firefox-102.5.0esr.source.tar.xz
+++ b/firefox-102.5.0esr.source.tar.xz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:017dd44b1285913f477074802707a4c76ed1a28270ec5a327bbb76574cc057d8
-size 478705384
--- a/firefox-102.5.0esr.source.tar.xz.asc
+++ b/firefox-102.5.0esr.source.tar.xz.asc
@ -1,16 +0,0 @@
-----BEGIN PGP SIGNATURE-----
-
-iQIzBAABCgAdFiEEQ2D+IQnEl2MYb44h6+QekPbxL20FAmNpdPgACgkQ6+QekPbx
-L23vExAAlvhxLn18IHKlXu3ogOGfB9TBwXgsO5jzBbe9hyqGi/IpNgN6QPWzlEfj
-nlIPSYurbr/+fwQESWMXZyofmcQrxucS+PD4CUYM538P3j57+nB7ZiL+OhEIr8/9
-twnTGLLO9yBemZn7J/pSDES6s30ptBqi7QUzA/gSF4v7/VG+YI/DanoxXqDdknj3
-wC0knuOoX4g1e+FC6Q9nd6OaangCg76FuvsZ3JNq/sS03jtCXBISrPqQxkMHlzz2
-8KOuIGeeaC/+Jg1A82OT8P/xKTJDaQW2qhXvC6FwnJklO2MKXJHnB430kLmywuhP
-u9pvB9izR2vv5F4ECbsx5YYAXbXJDhor02jgJu1OM3P2wa/qVrfKR+kgQJDeNVNA
-pC7vPT5PGiCBH2dXyWcA+Go0jz6kB3bUYxaMBTjNWdwJyHu6QsKM4R0w2ywSmnUf
-3MbXapBn26tOnBwk2op66GEzhuVAW+HRr+IWo84JAExFtB68QjnwKuHevndmoRpG
-E0McPUa79XcVkPU9trzncUcb83vi4+Qx+WX4Xtb7f1hxmeVp2aO+B6H8+Vauk6FB
-gjCTj3TRQcb+gAC3WezqSxPgNtLZieSZ9dMHAi7Ztrw49aCwEKBoWR6snsFnlNSN
-q2YeB/8TFjSNBVffL65ab1KPWXxiv04GYAWunS7XMes8t9xmDqw=
-=4Z9J
-----END PGP SIGNATURE-----
--- a/firefox-102.6.0esr.source.tar.xz
+++ b/firefox-102.6.0esr.source.tar.xz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:d23154a4d876d76122161e7be2659de6e88985802d9e5125baf1d133f37f0ffe
+size 478856656
--- a/firefox-102.6.0esr.source.tar.xz.asc
+++ b/firefox-102.6.0esr.source.tar.xz.asc
@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCgAdFiEEQ2D+IQnEl2MYb44h6+QekPbxL20FAmOOemgACgkQ6+QekPbx
+L21gcxAAlpXMM66LLLAQMmDR7vED8xgz9RZmEjUj4kAn1yETyYtNMks/70ZZMKy2
+oFXIfQbA5WXt740CT6kE6bn0SshRbtEjEUJS2HpA+wVAAtVkKfkKZkSpRPtPeVbX
+nYZNtCWSMgna+cRB8yVzCJ1Rkml9lIeB374Ten7PoAQZ9YBx8BuYdnVYlSEdl38c
+Vyf3Y94sDMDqW8EdGe5ccPanodgrlAerQz4Z4VjLsF2tFkC5mwmm7U0KTsyve8hJ
+seEb2BNJZi+lkbjlyiMWsU4YLb3RFyDf6w5eJpOaCLYdYeaabO/Tw5T7MdDFRZtL
+GN0RYYkmJ/uOPlHAQyRL17Y1omyl08wEh+DNj2Ataw3yJWH2Ih64uYkwZ53lAe7Y
+/ayKtd+Ifj1l5OBaD96Z+eGWYCunF6/J6kCX4+uGhGUrCfSRRVxYirosPHsESAjf
+Gkljlp7ZdahsEhHyw26hSRxoTbYTUudANLZQAnhaKfOwtfcu43JAGKdNT6hddAlk
+esg7Xlt3FgTR0xPAPOxFohxKWUQ+xbx1D2CODxX40NKvoyTh+wy28dFv+k+w00l
+F5rswPr8a3BAk7ijYtA1OZRMONIgHnNy0vi8wcJRrHzLqRlKuWSjMlBKSPKkQ82F
+KIq5xgkR0ZPkxb/R/mtSGPmVtqIYbdv9wnB0sTsUpl04scWFrto=
+=1V2Y
+-----END PGP SIGNATURE-----
--- a/mozjs102.changes
+++ b/mozjs102.changes
@ -1,3 +1,20 @@
+-------------------------------------------------------------------
+Wed Dec 14 10:31:25 UTC 2022 - Bjørn Lie <bjorn.lie@gmail.com>
+
+- Update to version 102.6.0:
+  + Various stability, functionality, and security fixes.
+  + CVE-2022-46880: Use-after-free in WebGL.
+  + CVE-2022-46872: Arbitrary file read from a compromised content
+    process.
+  + CVE-2022-46881: Memory corruption in WebGL.
+  + CVE-2022-46874: Drag and Dropped Filenames could have been
+    truncated to malicious extensions.
+  + CVE-2022-46875: Download Protections were bypassed by .atloc
+    and .ftploc files on Mac OS.
+  + CVE-2022-46882: Use-after-free in WebGL.
+  + CVE-2022-46878: Memory safety bugs fixed in Firefox 108 and
+    Firefox ESR 102.6.
+
 -------------------------------------------------------------------
 Fri Nov 18 18:04:53 UTC 2022 - Bjørn Lie <bjorn.lie@gmail.com>

--- a/mozjs102.spec
+++ b/mozjs102.spec
@ -39,7 +39,7 @@ BuildArch:      i686
 %global big_endian 1
 %endif
 Name:           mozjs%{major}
-Version:        102.5.0
+Version:        102.6.0
 Release:        1%{?dist}
 Summary:        SpiderMonkey JavaScript library
 License:        MPL-2.0