Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package mozjs128 for openSUSE:Factory
checked in at 2024-09-25 21:57:29
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/mozjs128 (Old)
and /work/SRC/openSUSE:Factory/.mozjs128.new.29891 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "mozjs128"
Wed Sep 25 21:57:29 2024 rev:2 rq:1203624 version:128.2.0
Changes:
--------
--- /work/SRC/openSUSE:Factory/mozjs128/mozjs128.changes 2024-09-05
15:47:20.432452418 +0200
+++ /work/SRC/openSUSE:Factory/.mozjs128.new.29891/mozjs128.changes
2024-09-25 21:58:10.992481894 +0200
@@ -1,0 +2,20 @@
+Wed Sep 25 14:02:27 UTC 2024 - Bjørn Lie <bjorn....@gmail.com>
+
+- Update to version 128.2.0:
+ + CVE-2024-8385: WASM type confusion involving ArrayTypes
+ + CVE-2024-8381: Type confusion when looking up a property name
+ in a "with" block
+ + CVE-2024-8382: Internal event interfaces were exposed to web
+ content when browser EventHandler listener callbacks ran
+ + CVE-2024-8383: Firefox did not ask before openings news: links
+ in an external application
+ + CVE-2024-8384: Garbage collection could mis-color
+ cross-compartment objects in OOM conditions
+ + CVE-2024-8386: SelectElements could be shown over another site
+ if popups are allowed
+ + CVE-2024-8387: Memory safety bugs fixed in Firefox 130,
+ Firefox ESR 128.2, and Thunderbird 128.2
+- Drop 0001-Skip-failing-tests-on-ppc64-and-s390x.patch: Fixed
+ upstream.
+
+-------------------------------------------------------------------
Old:
----
0001-Skip-failing-tests-on-ppc64-and-s390x.patch
firefox-128.1.0esr.source.tar.xz
firefox-128.1.0esr.source.tar.xz.asc
New:
----
firefox-128.2.0esr.source.tar.xz
firefox-128.2.0esr.source.tar.xz.asc
BETA DEBUG BEGIN:
Old: Firefox ESR 128.2, and Thunderbird 128.2
- Drop 0001-Skip-failing-tests-on-ppc64-and-s390x.patch: Fixed
upstream.
BETA DEBUG END:
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ mozjs128.spec ++++++
--- /var/tmp/diff_new_pack.Ji87ps/_old 2024-09-25 21:58:16.008690118 +0200
+++ /var/tmp/diff_new_pack.Ji87ps/_new 2024-09-25 21:58:16.008690118 +0200
@@ -41,7 +41,7 @@
%global big_endian 1
%endif
Name: mozjs%{major}
-Version: 128.1.0
+Version: 128.2.0
Release: 1%{?dist}
Summary: SpiderMonkey JavaScript library
License: MPL-2.0
@@ -75,15 +75,13 @@
# PATCH-FIX-UPSTREAM -- s390x/ppc64 fixes, TODO: file bug report upstream?
Patch18: spidermonkey_style_check_disable_s390x.patch
# PATCH-FIX-OPENSUSE
-Patch19: 0001-Skip-failing-tests-on-ppc64-and-s390x.patch
-# PATCH-FIX-OPENSUSE
Patch20: Fix-i586-float-math.patch
BuildRequires: autoconf213
BuildRequires: cargo
-BuildRequires: rust-cbindgen
BuildRequires: ccache
BuildRequires: clang
+BuildRequires: rust-cbindgen
%if 0%{?sle_version} && 0%{?sle_version} < 160000
BuildRequires: gcc11
BuildRequires: gcc11-c++
@@ -161,8 +159,6 @@
%ifarch s390x
%patch -P 18 -p1
%endif
-# Fixes for ppc64 and s390x, there is no need to keep it in ifarch here since
mozilla tests support ifarch conditions
-%patch -P 19 -p1
%patch -P 20 -p1
# Copy out the LICENSE file
++++++ firefox-128.1.0esr.source.tar.xz -> firefox-128.2.0esr.source.tar.xz
++++++
/work/SRC/openSUSE:Factory/mozjs128/firefox-128.1.0esr.source.tar.xz
/work/SRC/openSUSE:Factory/.mozjs128.new.29891/firefox-128.2.0esr.source.tar.xz
differ: char 15, line 1
