From d37b9ed35aa0a1691ee2c1291107ccbfad77623f37efd81204fc6f20a40e8a23 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bj=C3=B8rn=20Lie?= Date: Wed, 12 Apr 2023 11:13:12 +0000 Subject: [PATCH] Accepting request 1078549 from GNOME:Next New upstream release OBS-URL: https://build.opensuse.org/request/show/1078549 OBS-URL: https://build.opensuse.org/package/show/GNOME:Factory/mozjs102?expand=0&rev=19 --- firefox-102.10.0esr.source.tar.xz | 3 +++ firefox-102.10.0esr.source.tar.xz.asc | 16 ++++++++++++++ firefox-102.9.0esr.source.tar.xz | 3 --- firefox-102.9.0esr.source.tar.xz.asc | 16 -------------- mozjs102.changes | 30 +++++++++++++++++++++++++++ mozjs102.spec | 6 +++--- 6 files changed, 52 insertions(+), 22 deletions(-) create mode 100644 firefox-102.10.0esr.source.tar.xz create mode 100644 firefox-102.10.0esr.source.tar.xz.asc delete mode 100644 firefox-102.9.0esr.source.tar.xz delete mode 100644 firefox-102.9.0esr.source.tar.xz.asc diff --git a/firefox-102.10.0esr.source.tar.xz b/firefox-102.10.0esr.source.tar.xz new file mode 100644 index 0000000..cc4bcc0 --- /dev/null +++ b/firefox-102.10.0esr.source.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:8c6954dfbc22cedb77a49092d84cbc43c84bf22ebe7fd0b8874c1ada7b0afbf8 +size 479026088 diff --git a/firefox-102.10.0esr.source.tar.xz.asc b/firefox-102.10.0esr.source.tar.xz.asc new file mode 100644 index 0000000..af47010 --- /dev/null +++ b/firefox-102.10.0esr.source.tar.xz.asc @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCgAdFiEEQ2D+IQnEl2MYb44h6+QekPbxL20FAmQrEcIACgkQ6+QekPbx +L20fnRAAnrxGpxH1X9IdCY89hD6eaqNVJ+R8E8elVdoZVc5+/7IzjwYgPUfuj1b/ +/WQpUcZMNNIyFQy0oVYbxAZRJVBJxpIr32Wpxr9rqCQjidaI4KZL9f2SZHmSCKpv +H4rsKlsvS9QtI/ycIHM/JxbqJmqaS6cfsoww7s7NrrWiRtFGE7RwkHs0jwJpqw78 +gE9Fkcu0od3qRbtGLbqlJx6Rfynvpk40IAo4NfZ+ZwmBWTBm+Idb8TCzoJC81x7x +PytWENYErNtf735OHkaNZocj0fQtesW60GR4iKDukIhziwYOqZjlXD7JqUShs/OF +3eIBoDKk6yC4hGAbbLsvCFEJ6OK8m+k4WCk+sGIL4ms2n5Km6jQdUDYmkbFnI6ld +cX2zaYALfcwc1/Y93mkFvxfO9uGGP8zJgSiMOAMzgUlQhr6u9SJ1IquVEo5eJynB +gfuv/2snmCV6fRxIoXSpoePl6H20bKee5V6h3XWAYDyBX7gx9UgrdsF8EoY/V9qm +k4n6oCE/m6r3erirVPa6A4O7bvvsM/wFPHGOmF0vbUc/DnNVv8M1uOppjErdh2bD +qmsWS64oyb25c+7chX9gMEedb75GNxVJ+lZtH2a8MIggHpMpO3hIBlts519KlJpV +JcLGArIhTB6aTm5qyIHLKW7AheKKNerfLM7EDgo+VbPNAduQHx0= +=F3Gx +-----END PGP SIGNATURE----- diff --git a/firefox-102.9.0esr.source.tar.xz b/firefox-102.9.0esr.source.tar.xz deleted file mode 100644 index a6b6ef8..0000000 --- a/firefox-102.9.0esr.source.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:31b074623f09ca821a8a7dee0b3d2df1a45f1164264d31c26b4969a4d6a21dd1 -size 484308672 diff --git a/firefox-102.9.0esr.source.tar.xz.asc b/firefox-102.9.0esr.source.tar.xz.asc deleted file mode 100644 index 21be5c1..0000000 --- a/firefox-102.9.0esr.source.tar.xz.asc +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQIzBAABCgAdFiEEQ2D+IQnEl2MYb44h6+QekPbxL20FAmQKc+QACgkQ6+QekPbx -L20bKg/9GV9W2/nkaQBKCBPEajre6U79+cRq2ZDvsxJDhfIz2qa9bvgYiR885sKZ -h4HqpIxjFZJzabFmyZHKa8Ag1KplMveD0bhd+CSJBaSXc7eMzB/oAPzObMFTJBlm -xh2xHJbA5hIEyTmZHxPlVivNGaVl51nQoe04r0/Kr599yHvwaiyiHh5xqJNaaTLZ -ZpSuQoKE1Gdqeo+ElpcSbIHzTEEP9n54vOpETaf5n4v0tptJFzAIDn4uJKhaTr+Y -iXONfV+iL/Z824qGvsI6q2yIaPh4o6UISc7PhFnjQw0wTuP9HM49OZhRMsEiiDL0 -/lIv3bUcFxsMUWiJQ4jmSy9zoEFtMguWGH9o5XN9TVoY4h8yQ0kBDVTCY3iEoHpm -o+Iua/hnOEbmdnTSoMLP9vLLmuwbv8U4EE07z67UjHsc40yq3JD2iPpHu1b99CuL -O9Zz4fcs/Y7+Z3RyMQ5O03H+atw0IFsHNUQ964x2lS6sTfkwii6caHoGBvAVTsLN -T56qSTyiRnlCLc4AXU9fvQ1zsSoHZ7ruOpofmyTlUhIkrfn90+Yp4ioAPPyHXiGq -mqCWohNEQFJ2UfwI+YGaQcUYXpx2qWIed+G3r8mYqKWm2oFu1owSpm4YXn9h63Hi -u5xf3gLG50K47E3UXF4DL/3DI/yCS5VN+kKFJ20dVo/8dgqOHB4= -=3+9A ------END PGP SIGNATURE----- diff --git a/mozjs102.changes b/mozjs102.changes index 74e6823..ecfaf1f 100644 --- a/mozjs102.changes +++ b/mozjs102.changes @@ -1,3 +1,33 @@ +------------------------------------------------------------------- +Wed Apr 12 03:13:05 UTC 2023 - Bjørn Lie + +- Update to version 102.10.0: + + Various security fixes. + + CVE-2023-29531: Out-of-bound memory access in WebGL on macOS + + CVE-2023-29532: Mozilla Maintenance Service Write-lock bypass + + CVE-2023-29533: Fullscreen notification obscured + + MFSA-TMP-2023-0001: Double-free in libwebp + + CVE-2023-29535: Potential Memory Corruption following Garbage + Collector compaction + + CVE-2023-29536: Invalid free from JavaScript code + + CVE-2023-29539: Content-Disposition filename truncation leads + to Reflected File Download + + CVE-2023-29541: Files with malicious extensions could have been + downloaded unsafely on Linux + + CVE-2023-29542: Bypass of file download extension restrictions + + CVE-2023-29545: Windows Save As dialog resolved environment + variables + + CVE-2023-1945: Memory Corruption in Safe Browsing Code + + CVE-2023-29548: Incorrect optimization result on ARM64 + + CVE-2023-29550: Memory safety bugs fixed in Firefox 112 and + Firefox ESR 102.10 + +------------------------------------------------------------------- +Fri Apr 7 09:22:05 UTC 2023 - Bjørn Lie + +- Replace clang-devel and llvm-devel with clang and llvm-gold + BuildRequires. + ------------------------------------------------------------------- Tue Mar 14 14:32:18 UTC 2023 - Bjørn Lie diff --git a/mozjs102.spec b/mozjs102.spec index 5f8b4e7..ae0121c 100644 --- a/mozjs102.spec +++ b/mozjs102.spec @@ -39,7 +39,7 @@ BuildArch: i686 %global big_endian 1 %endif Name: mozjs%{major} -Version: 102.9.0 +Version: 102.10.0 Release: 1%{?dist} Summary: SpiderMonkey JavaScript library License: MPL-2.0 @@ -72,12 +72,12 @@ Patch20: Fix-i586-float-math.patch BuildRequires: autoconf213 BuildRequires: cargo BuildRequires: ccache -BuildRequires: clang-devel +BuildRequires: clang BuildRequires: gcc BuildRequires: gcc-c++ BuildRequires: libtool BuildRequires: llvm -BuildRequires: llvm-devel +BuildRequires: llvm-gold BuildRequires: nasm BuildRequires: pkgconfig BuildRequires: python3-devel