Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
Name: mozjs115 | Distribution: SUSE Linux Framework One |
Version: 115.4.0 | Vendor: SUSE LLC <https://www.suse.com/> |
Release: slfo.1.2.2 | Build date: Mon Sep 30 19:35:18 2024 |
Group: System/Libraries | Build host: reproducible |
Size: 16022768 | Source RPM: mozjs115-115.4.0-slfo.1.2.2.src.rpm |
Packager: https://www.suse.com/ | |
Url: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/SpiderMonkey | |
Summary: SpiderMonkey JavaScript library |
SpiderMonkey is the code-name for Mozilla Firefox's C++ implementation of JavaScript. It is intended to be embedded in other applications that provide host environments for JavaScript.
MPL-2.0
* Mon Sep 30 2024 [email protected] - Add mozjs115-CVE-2024-45492.patch: Backporting 9bf0f2c1 from libexpat upstream, Detect integer overflow in function nextScaffoldPart. (CVE-2024-45492, bsc#1230038) * Mon Sep 30 2024 [email protected] - Add mozjs115-CVE-2024-45491.patch: Backporting 8e439a99 from libexpat upstream, Detect integer overflow in dtdCopy. (CVE-2024-45491, bsc#1230037) * Mon Sep 30 2024 [email protected] - Add mozjs115-CVE-2024-45490-part01-5c1a3164.patch: Backporting 5c1a3164 from libexpat upstream, Reject negative len for XML_ParseBuffer. CVE-2024-45490's fixes including 3 parts: 5c1a3164 for libexpat sources; c12f039b for libexpat tests; 2db23301 for libexpat docs; Because mozjs only embeds libexpat sources, so unnecessary to port prart02 and part03. (CVE-2024-45490, bsc#1230036) * Thu Apr 04 2024 [email protected] - Properly tag patches. * Thu Dec 07 2023 [email protected] - mozjs115 requires gcc >= 8.1, icu >= 73.1. Specify them in spec. * Wed Dec 06 2023 [email protected] - Update icu data file name in spec to build in big endian machine. * Tue Nov 28 2023 [email protected] - Use %patch -p N instead of deprecated %patchN. * Thu Nov 09 2023 [email protected] - Update to version 115.4.0: + Various security fixes and other quality improvements. + CVE-2023-5721: Queued up rendering could have allowed websites to clickjack + CVE-2023-5732: Address bar spoofing via bidirectional characters + CVE-2023-5724: Large WebGL draw could have led to a crash + CVE-2023-5725: WebExtensions could open arbitrary URLs + CVE-2023-5726: Full screen notification obscured by file open dialog on macOS + CVE-2023-5727: Download Protections were bypassed by .msix, .msixbundle, .appx, and .appxbundle files on Windows + CVE-2023-5728: Improper object tracking during GC in the JavaScript engine could have led to a crash + CVE-2023-5730: Memory safety bugs fixed in Firefox 119, Firefox ESR 115.4, and Thunderbird 115.4.1 * Sun Oct 01 2023 [email protected] - Update to version 115.3.1: + Security fix: CVE-2023-5217: Heap buffer overflow in libvpx. - Changes from version 115.3.0: + Various security fixes and other quality improvements. + CVE-2023-5168: Out-of-bounds write in FilterNodeD2D1 + CVE-2023-5169: Out-of-bounds write in PathOps + CVE-2023-5171: Use-after-free in Ion Compiler + CVE-2023-5174: Double-free in process spawning on Windows + CVE-2023-5176: Memory safety bugs fixed in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3 * Mon Sep 25 2023 [email protected] - Update to version 115.2.1: + Security fix: CVE-2023-4863: Heap buffer overflow in libwebp. * Tue Sep 05 2023 [email protected] - Update to version 115.2.0: + Various security fixes and other quality improvements. + CVE-2023-4573: Memory corruption in IPC CanvasTranslator + CVE-2023-4574: Memory corruption in IPC ColorPickerShownCallback + CVE-2023-4575: Memory corruption in IPC FilePickerShownCallback + CVE-2023-4576: Integer Overflow in RecordedSourceSurfaceCreation + CVE-2023-4577: Memory corruption in JIT UpdateRegExpStatics + CVE-2023-4051: Full screen notification obscured by file open dialog + CVE-2023-4578: Error reporting methods in SpiderMonkey could have triggered an Out of Memory Exception + CVE-2023-4053: Full screen notification obscured by external program + CVE-2023-4580: Push notifications saved to disk unencrypted + CVE-2023-4581: XLL file extensions were downloadable without warnings + CVE-2023-4582: Buffer Overflow in WebGL glGetProgramiv + CVE-2023-4583: Browsing Context potentially not cleared when closing Private Window + CVE-2023-4584: Memory safety bugs fixed in Firefox 117, Firefox ESR 102.15, Firefox ESR 115.2, Thunderbird 102.15, and Thunderbird 115.2 + CVE-2023-4585: Memory safety bugs fixed in Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2 * Fri Aug 11 2023 [email protected] - Initial packaging for openSUSE, based on mozjs102.
/usr/bin/js115 /usr/share/doc/packages/mozjs115 /usr/share/doc/packages/mozjs115/README.html
Generated by rpm2html 1.8.1
Fabrice Bellet, Wed Dec 11 23:37:55 2024