| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: libmozjs-115-0 | Distribution: openSUSE:Factory:zSystems |
| Version: 115.15.0 | Vendor: openSUSE |
| Release: 2.1 | Build date: Wed Nov 20 17:47:26 2024 |
| Group: System/Libraries | Build host: reproducible |
| Size: 13663482 | Source RPM: mozjs115-115.15.0-2.1.src.rpm |
| Packager: https://bugs.opensuse.org | |
| Url: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/SpiderMonkey | |
| Summary: JavaScript's library | |
JavaScript is the Netscape-developed object scripting language used in millions of web pages and server applications worldwide. Netscape's JavaScript is a superset of the ECMA-262 Edition 3 (ECMAScript) standard scripting language, with only mild differences from the published standard. This package contains the JavaScript's library.
MPL-2.0
* Wed Nov 20 2024 Bjørn Lie <[email protected]>
- Fix build against icu 76.1: link the correct libraries (icu-uc
instead of icu-i18n).
* Mon Oct 21 2024 Bjørn Lie <[email protected]>
- Update to version 115.15.0:
+ Various security fixes and other quality improvements.
- This is the last version from Mozilla, please port to newer
versions: At minimum version 128.
* Mon Sep 30 2024 Cliff Zhao <[email protected]>
- Add mozjs115-CVE-2024-45492.patch:
Backporting 9bf0f2c1 from libexpat upstream, Detect integer
overflow in function nextScaffoldPart.
(CVE-2024-45492, bsc#1230038)
* Mon Sep 30 2024 Cliff Zhao <[email protected]>
- Add mozjs115-CVE-2024-45491.patch:
Backporting 8e439a99 from libexpat upstream, Detect integer
overflow in dtdCopy.
(CVE-2024-45491, bsc#1230037)
* Mon Sep 30 2024 Cliff Zhao <[email protected]>
- Add mozjs115-CVE-2024-45490-part01-5c1a3164.patch:
Backporting 5c1a3164 from libexpat upstream, Reject negative len
for XML_ParseBuffer.
CVE-2024-45490's fixes including 3 parts: 5c1a3164 for libexpat
sources; c12f039b for libexpat tests; 2db23301 for libexpat docs;
Because mozjs only embeds libexpat sources, so unnecessary to
port prart02 and part03.
(CVE-2024-45490, bsc#1230036)
* Thu Apr 04 2024 Dominique Leuenberger <[email protected]>
- Properly tag patches.
* Thu Dec 07 2023 Yifan Jiang <[email protected]>
- mozjs115 requires gcc >= 8.1, icu >= 73.1. Specify them in spec.
* Wed Dec 06 2023 Yifan Jiang <[email protected]>
- Update icu data file name in spec to build in big endian machine.
* Tue Nov 28 2023 Dominique Leuenberger <[email protected]>
- Use %patch -p N instead of deprecated %patchN.
* Thu Nov 09 2023 Bjørn Lie <[email protected]>
- Update to version 115.4.0:
+ Various security fixes and other quality improvements.
+ CVE-2023-5721: Queued up rendering could have allowed websites
to clickjack
+ CVE-2023-5732: Address bar spoofing via bidirectional
characters
+ CVE-2023-5724: Large WebGL draw could have led to a crash
+ CVE-2023-5725: WebExtensions could open arbitrary URLs
+ CVE-2023-5726: Full screen notification obscured by file open
dialog on macOS
+ CVE-2023-5727: Download Protections were bypassed by .msix,
.msixbundle, .appx, and .appxbundle files on Windows
+ CVE-2023-5728: Improper object tracking during GC in the
JavaScript engine could have led to a crash
+ CVE-2023-5730: Memory safety bugs fixed in Firefox 119, Firefox
ESR 115.4, and Thunderbird 115.4.1
* Sun Oct 01 2023 Bjørn Lie <[email protected]>
- Update to version 115.3.1:
+ Security fix: CVE-2023-5217: Heap buffer overflow in libvpx.
- Changes from version 115.3.0:
+ Various security fixes and other quality improvements.
+ CVE-2023-5168: Out-of-bounds write in FilterNodeD2D1
+ CVE-2023-5169: Out-of-bounds write in PathOps
+ CVE-2023-5171: Use-after-free in Ion Compiler
+ CVE-2023-5174: Double-free in process spawning on Windows
+ CVE-2023-5176: Memory safety bugs fixed in Firefox 118, Firefox
ESR 115.3, and Thunderbird 115.3
* Mon Sep 25 2023 Bjørn Lie <[email protected]>
- Update to version 115.2.1:
+ Security fix: CVE-2023-4863: Heap buffer overflow in libwebp.
* Tue Sep 05 2023 Bjørn Lie <[email protected]>
- Update to version 115.2.0:
+ Various security fixes and other quality improvements.
+ CVE-2023-4573: Memory corruption in IPC CanvasTranslator
+ CVE-2023-4574: Memory corruption in IPC
ColorPickerShownCallback
+ CVE-2023-4575: Memory corruption in IPC FilePickerShownCallback
+ CVE-2023-4576: Integer Overflow in
RecordedSourceSurfaceCreation
+ CVE-2023-4577: Memory corruption in JIT UpdateRegExpStatics
+ CVE-2023-4051: Full screen notification obscured by file open
dialog
+ CVE-2023-4578: Error reporting methods in SpiderMonkey could
have triggered an Out of Memory Exception
+ CVE-2023-4053: Full screen notification obscured by external
program
+ CVE-2023-4580: Push notifications saved to disk unencrypted
+ CVE-2023-4581: XLL file extensions were downloadable without
warnings
+ CVE-2023-4582: Buffer Overflow in WebGL glGetProgramiv
+ CVE-2023-4583: Browsing Context potentially not cleared when
closing Private Window
+ CVE-2023-4584: Memory safety bugs fixed in Firefox 117, Firefox
ESR 102.15, Firefox ESR 115.2, Thunderbird 102.15, and
Thunderbird 115.2
+ CVE-2023-4585: Memory safety bugs fixed in Firefox 117, Firefox
ESR 115.2, and Thunderbird 115.2
* Fri Aug 11 2023 Bjørn Lie <[email protected]>
- Initial packaging for openSUSE, based on mozjs102.
/usr/lib64/libmozjs-115.so.0 /usr/lib64/libmozjs-115.so.0.0.0 /usr/share/licenses/libmozjs-115-0 /usr/share/licenses/libmozjs-115-0/LICENSE
Generated by rpm2html 1.8.1
Fabrice Bellet, Wed Dec 4 00:10:59 2024