[blfs-book] r21800 - in trunk/BOOK: general/genlib introduction/welcome

Thu, 04 Jul 2019 20:39:17 -0700 

Author: renodr
Date: Thu Jul  4 19:48:25 2019
New Revision: 21800

Log:
Add a security patch for mozjs.

Modified:
   trunk/BOOK/general/genlib/js60.xml
   trunk/BOOK/introduction/welcome/changelog.xml

Modified: trunk/BOOK/general/genlib/js60.xml
==============================================================================
--- trunk/BOOK/general/genlib/js60.xml  Thu Jul  4 17:04:56 2019        (r21799)
+++ trunk/BOOK/general/genlib/js60.xml  Thu Jul  4 19:48:25 2019        (r21800)
@@ -70,6 +70,16 @@
       </listitem>
     </itemizedlist>
 
+    <bridgehead renderas="sect3">Additional Downloads</bridgehead>
+    <itemizedlist spacing="compact">
+      <listitem>
+        <para>
+          Required patch:
+          <ulink url="&patch-root;/js60-&JS60-version;-security_fix-1.patch"/>
+        </para>
+      </listitem>
+    </itemizedlist>
+
     <bridgehead renderas="sect3">JS60 Dependencies</bridgehead>
 
     <bridgehead renderas="sect4">Required</bridgehead>
@@ -96,6 +106,20 @@
   <sect2 role="installation">
     <title>Installation of JS</title>
 
+    <caution>
+      <para>If you are reinstalling JS60 with the security patch listed in this
+      page, save all work and exit your GNOME Session if you have one running.
+      Replacing the JS60 binary will cause the GNOME Shell to crash and return
+      you to your display manager or TTY. After installing the patch, 
+      reinstall <xref linkend="gjs"/>. Polkit is unaffected.</para>
+    </caution>
+
+    <para>
+      First, apply a security patch:
+    </para>
+
+<screen><userinput remap="pre">patch -Np1 -i 
../js60-&JS60-version;-security_fix-1.patch</userinput></screen>
+
     <para>
       Install <application>JS</application> by running the following
       commands:

Modified: trunk/BOOK/introduction/welcome/changelog.xml
==============================================================================
--- trunk/BOOK/introduction/welcome/changelog.xml       Thu Jul  4 17:04:56 
2019        (r21799)
+++ trunk/BOOK/introduction/welcome/changelog.xml       Thu Jul  4 19:48:25 
2019        (r21800)
@@ -43,9 +43,16 @@
     -->
 
     <listitem>
-      <para>July 3rd, 2019</para>
+      <para>July 4th, 2019</para>
       <itemizedlist>
         <listitem>
+          <para>[renodr] - Add a security patch to fix CVE-2019-11707 in JS60.
+          When applying this patch and rebuilding JS60, please exit any GNOME
+          session that you might have open, or it will crash (SIGSEGV) when the
+          js60 interpreter is replaced. Fixes
+          <ulink url="&blfs-ticket-root;12198">#12198</ulink>.</para>
+        </listitem>
+        <listitem>
           <para>[bdubbs] - Update to mariadb-10.3.16. Fixes
           <ulink url="&blfs-ticket-root;12166">#12166</ulink>.</para>
         </listitem>
-- 
http://lists.linuxfromscratch.org/listinfo/blfs-book
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page

Reply via email to