SHA256
1
0
forked from pool/mozjs102

Accepting request 1085761 from GNOME:Next

- Update to version 102.11.0:
  + Various security fixes.
  + CVE-2023-32205: Browser prompts could have been obscured by
    popups
  + CVE-2023-32206: Crash in RLBox Expat driver
  + CVE-2023-32207: Potential permissions request bypass via
    clickjacking
  + CVE-2023-32211: Content process crash due to invalid wasm code
  + CVE-2023-32212: Potential spoof due to obscured address bar
  + CVE-2023-32213: Potential memory corruption in
    FileReader::DoReadData()
  + CVE-2023-32214: Potential DoS via exposed protocol handlers
  + CVE-2023-32215: Memory safety bugs fixed in Firefox 113 and
    Firefox ESR 102.11

OBS-URL: https://build.opensuse.org/request/show/1085761
OBS-URL: https://build.opensuse.org/package/show/GNOME:Factory/mozjs102?expand=0&rev=23
This commit is contained in:
Bjørn Lie 2023-05-09 17:57:26 +00:00 committed by Git OBS Bridge
parent eedfcdb20a
commit 2d5e4eb5a0
6 changed files with 38 additions and 20 deletions

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:8c6954dfbc22cedb77a49092d84cbc43c84bf22ebe7fd0b8874c1ada7b0afbf8
size 479026088

View File

@ -1,16 +0,0 @@
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEQ2D+IQnEl2MYb44h6+QekPbxL20FAmQrEcIACgkQ6+QekPbx
L20fnRAAnrxGpxH1X9IdCY89hD6eaqNVJ+R8E8elVdoZVc5+/7IzjwYgPUfuj1b/
/WQpUcZMNNIyFQy0oVYbxAZRJVBJxpIr32Wpxr9rqCQjidaI4KZL9f2SZHmSCKpv
H4rsKlsvS9QtI/ycIHM/JxbqJmqaS6cfsoww7s7NrrWiRtFGE7RwkHs0jwJpqw78
gE9Fkcu0od3qRbtGLbqlJx6Rfynvpk40IAo4NfZ+ZwmBWTBm+Idb8TCzoJC81x7x
PytWENYErNtf735OHkaNZocj0fQtesW60GR4iKDukIhziwYOqZjlXD7JqUShs/OF
3eIBoDKk6yC4hGAbbLsvCFEJ6OK8m+k4WCk+sGIL4ms2n5Km6jQdUDYmkbFnI6ld
cX2zaYALfcwc1/Y93mkFvxfO9uGGP8zJgSiMOAMzgUlQhr6u9SJ1IquVEo5eJynB
gfuv/2snmCV6fRxIoXSpoePl6H20bKee5V6h3XWAYDyBX7gx9UgrdsF8EoY/V9qm
k4n6oCE/m6r3erirVPa6A4O7bvvsM/wFPHGOmF0vbUc/DnNVv8M1uOppjErdh2bD
qmsWS64oyb25c+7chX9gMEedb75GNxVJ+lZtH2a8MIggHpMpO3hIBlts519KlJpV
JcLGArIhTB6aTm5qyIHLKW7AheKKNerfLM7EDgo+VbPNAduQHx0=
=F3Gx
-----END PGP SIGNATURE-----

View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:e7f120e7967ea283909c1ec7cfdbf422bba515163842e739bfa1a608808cce33
size 477769716

View File

@ -0,0 +1,16 @@
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEQ2D+IQnEl2MYb44h6+QekPbxL20FAmRT1/cACgkQ6+QekPbx
L20fUg//a2q+xMEnyGPyqq8qdvGx8b0/eZroLCu7uceBVNooc81jcjd/DSj6nokm
8hziG/bzUma8JmFG6PGP2mXhKrQ+Gv2Rq6qpaEeJH/QhzJ0y7m7bC8VP0QcLEohg
4QkO6nEKAQ2DdKt9XMs2laIuaolEIN3urZT7pL0xPog6o2ZKnB7D6Ip2LOUO5L68
d3AANqgrMfOl4Osq65eeru2xp/8f4Oi6KDdHAXkhmrqJh3lF3Q9TNXc9yZImlMcb
Vle/wwRemVUxfNIbb6DZpnzd8dpN73ZW9/u+Dzjzoa+sjlZoVveJmHruXkrOaEga
UHcHeOA5rI01swn3C8tMdLhPjFAy9k4X0VNP/jWscCgpTZU+whygAPoeMFtn4Qxf
BuG6M7uVo5/TFNYtTZhPN0oIBNcDXOBV9kpbOLpFbf6hXCcaefbo6oPxr6xaAKp+
NphWRi0b+b8iwzbOyJloUG2M7eu9uWjAAjzfSvGlebhBG5ug87QY7ckki61iAUTy
/kBfxzKt9bTn1Q6305TFtvaIIPJ4FARWzEANva76GN305c0dP+Uz5KT6UoVhZvzX
ML6UBCG3jx6pYlCvHRazfVuw09zYyv4M/y4oI4fDn/3QzXjH7arLxbbZAw7jiUUZ
NA1hd9g5/TPHgimZhUIBsvlFXY/dkDHbfaQkWRieCkXdI85q4pk=
=/Z9r
-----END PGP SIGNATURE-----

View File

@ -1,3 +1,21 @@
-------------------------------------------------------------------
Tue May 9 07:49:33 UTC 2023 - Bjørn Lie <bjorn.lie@gmail.com>
- Update to version 102.11.0:
+ Various security fixes.
+ CVE-2023-32205: Browser prompts could have been obscured by
popups
+ CVE-2023-32206: Crash in RLBox Expat driver
+ CVE-2023-32207: Potential permissions request bypass via
clickjacking
+ CVE-2023-32211: Content process crash due to invalid wasm code
+ CVE-2023-32212: Potential spoof due to obscured address bar
+ CVE-2023-32213: Potential memory corruption in
FileReader::DoReadData()
+ CVE-2023-32214: Potential DoS via exposed protocol handlers
+ CVE-2023-32215: Memory safety bugs fixed in Firefox 113 and
Firefox ESR 102.11
-------------------------------------------------------------------
Wed Apr 26 01:51:01 UTC 2023 - Yifan Jiang <yfjiang@suse.com>

View File

@ -41,7 +41,7 @@ BuildArch: i686
%global big_endian 1
%endif
Name: mozjs%{major}
Version: 102.10.0
Version: 102.11.0
Release: 1%{?dist}
Summary: SpiderMonkey JavaScript library
License: MPL-2.0