Accepting request 1036701 from GNOME:Next

New stable release

OBS-URL: https://build.opensuse.org/request/show/1036701
OBS-URL: https://build.opensuse.org/package/show/GNOME:Factory/mozjs102?expand=0&rev=9

firefox-102.4.0esr.source.tar.xz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:e79f0ddd4914dfbff61c5eea7ff28ad2dd12ecfbf3d63a41dab57d50171d904e
-size 482118312

firefox-102.4.0esr.source.tar.xz.asc

@@ -1,16 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iQIzBAABCgAdFiEEQ2D+IQnEl2MYb44h6+QekPbxL20FAmNEQg4ACgkQ6+QekPbx
-L23HrQ//SXRGcRBBymWJGjU7qmq4Fk1ZkxVrQPx8NxR+EQkMwx96Q2JdfAkkZRPW
-FuUX8psvV9bvxaT052eNvv/PILitYU8mI8KHuk+NCIxL4St4FwQUEXlULwL0p6W4
-kJUsjgWu5qXBgC/ZwFUc7Xijx9g1iC8PzZmI11qA8nouYHsdbdmTiFs8L7NaM4Jy
-gXId21J0K5cRsGJGbZucizDEnK4kwxjeZK9Sr1bETAyJtvfzdN3A0b8ZGCNty0GL
-6ZyEjJY4cATbnRhdxjOHb2CLMXVWFgKDXNnpTPVNnAmrqWkJh7zmoh3d/CGpF8Zz
-OoGO9iFviUuhrdPaAhxbNB4kD19vY+hdocvFuiRjXP6uw8hx/h6WpL/pEanwgPUJ
-B82G+mB3A9J9NnwAiJcH7loijjXTd8N14IWsw4rpKBA3+8Jypv8Y0M09AksfleX1
-zLRoVsbfne76ZmIQvWwRLZTuVoXFG6SLY7BWvHmXuFeR+rMGY0M/x7UKILKNikOl
-GlMkzlBOFIN/koIvvGs7kE8mUwU27MlM3/USB5GapH47HAUObYS5ex/Yq/dxP7VS
-HZbZbKwPzPlh5CmhHlL/hOn4P4U3n3uiYOumeL11i+CMo71yfdCY4gI4SwugYOeN
-/iYm8utgW695bkua91hmt3KgVNq13Gc2soz4ReL907Gj+4AAmyI=
-=vuJ1
------END PGP SIGNATURE-----

firefox-102.5.0esr.source.tar.xz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:017dd44b1285913f477074802707a4c76ed1a28270ec5a327bbb76574cc057d8
+size 478705384

firefox-102.5.0esr.source.tar.xz.asc

@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCgAdFiEEQ2D+IQnEl2MYb44h6+QekPbxL20FAmNpdPgACgkQ6+QekPbx
+L23vExAAlvhxLn18IHKlXu3ogOGfB9TBwXgsO5jzBbe9hyqGi/IpNgN6QPWzlEfj
+nlIPSYurbr/+fwQESWMXZyofmcQrxucS+PD4CUYM538P3j57+nB7ZiL+OhEIr8/9
+twnTGLLO9yBemZn7J/pSDES6s30ptBqi7QUzA/gSF4v7/VG+YI/DanoxXqDdknj3
+wC0knuOoX4g1e+FC6Q9nd6OaangCg76FuvsZ3JNq/sS03jtCXBISrPqQxkMHlzz2
+8KOuIGeeaC/+Jg1A82OT8P/xKTJDaQW2qhXvC6FwnJklO2MKXJHnB430kLmywuhP
+u9pvB9izR2vv5F4ECbsx5YYAXbXJDhor02jgJu1OM3P2wa/qVrfKR+kgQJDeNVNA
+pC7vPT5PGiCBH2dXyWcA+Go0jz6kB3bUYxaMBTjNWdwJyHu6QsKM4R0w2ywSmnUf
+3MbXapBn26tOnBwk2op66GEzhuVAW+HRr+IWo84JAExFtB68QjnwKuHevndmoRpG
+E0McPUa79XcVkPU9trzncUcb83vi4+Qx+WX4Xtb7f1hxmeVp2aO+B6H8+Vauk6FB
+gjCTj3TRQcb+gAC3WezqSxPgNtLZieSZ9dMHAi7Ztrw49aCwEKBoWR6snsFnlNSN
+q2YeB/8TFjSNBVffL65ab1KPWXxiv04GYAWunS7XMes8t9xmDqw=
+=4Z9J
+-----END PGP SIGNATURE-----

mozjs102.changes

@@ -1,3 +1,29 @@
+-------------------------------------------------------------------
+Fri Nov 18 18:04:53 UTC 2022 - Bjørn Lie <bjorn.lie@gmail.com>
+
+- Update to version 102.5.0:
+  + Various stability, functionality, and security fixes.
+  + CVE-2022-45403: Service Workers might have learned size of
+    cross-origin media files.
+  + CVE-2022-45404: Fullscreen notification bypass.
+  + CVE-2022-45405: Use-after-free in InputStream implementation.
+  + CVE-2022-45406: Use-after-free of a JavaScript Realm.
+  + CVE-2022-45408: Fullscreen notification bypass via windowName.
+  + CVE-2022-45409: Use-after-free in Garbage Collection.
+  + CVE-2022-45410: ServiceWorker-intercepted requests bypassed
+    SameSite cookie policy.
+  + CVE-2022-45411: Cross-Site Tracing was possible via
+    non-standard override headers.
+  + CVE-2022-45412: Symlinks may resolve to partially uninitialized
+    buffers.
+  + CVE-2022-45416: Keystroke Side-Channel Leakage.
+  + CVE-2022-45418: Custom mouse cursor could have been drawn over
+    browser UI.
+  + CVE-2022-45420: Iframe contents could be rendered outside the
+    iframe.
+  + CVE-2022-45421: Memory safety bugs fixed in Firefox 107 and
+    Firefox ESR 102.5.
+
 -------------------------------------------------------------------
 Tue Oct 18 14:14:17 UTC 2022 - Bjørn Lie <bjorn.lie@gmail.com>
 

mozjs102.spec

@@ -39,7 +39,7 @@ BuildArch:      i686
 %global big_endian 1
 %endif
 Name:           mozjs%{major}
-Version:        102.4.0
+Version:        102.5.0
 Release:        1%{?dist}
 Summary:        SpiderMonkey JavaScript library
 License:        MPL-2.0