commit mozjs128 for openSUSE:Factory

Source-Sync Tue, 26 Aug 2025 05:57:12 -0700

Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package mozjs128 for openSUSE:Factory 
checked in at 2025-08-26 14:55:59
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/mozjs128 (Old)
 and      /work/SRC/openSUSE:Factory/.mozjs128.new.30751 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "mozjs128"

Tue Aug 26 14:55:59 2025 rev:17 rq:1301223 version:128.14.0

Changes:
--------
--- /work/SRC/openSUSE:Factory/mozjs128/mozjs128.changes        2025-07-26 
13:40:58.748374248 +0200
+++ /work/SRC/openSUSE:Factory/.mozjs128.new.30751/mozjs128.changes     
2025-08-26 14:56:23.576877672 +0200
@@ -1,0 +2,14 @@
+Fri Aug 22 17:41:00 UTC 2025 - Bjørn Lie <bjorn....@gmail.com>
+
+- Update to version 128.14.0:
+  + CVE-2025-9179: Sandbox escape due to invalid pointer in the
+    Audio/Video: GMP component
+  + CVE-2025-9180: Same-origin policy bypass in the Graphics:
+    Canvas2D component
+  + CVE-2025-9181: Uninitialized memory in the JavaScript Engine
+    component
+  + CVE-2025-9185: Memory safety bugs fixed in Firefox ESR 115.27,
+    Firefox ESR 128.14, Thunderbird ESR 128.14, Firefox ESR 140.2,
+    Thunderbird ESR 140.2, Firefox 142 and Thunderbird 142
+
+-------------------------------------------------------------------

Old:
----
  firefox-128.13.0esr.source.tar.xz
  firefox-128.13.0esr.source.tar.xz.asc

New:
----
  firefox-128.14.0esr.source.tar.xz
  firefox-128.14.0esr.source.tar.xz.asc

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ mozjs128.spec ++++++
--- /var/tmp/diff_new_pack.EAhHyC/_old  2025-08-26 14:56:30.785178154 +0200
+++ /var/tmp/diff_new_pack.EAhHyC/_new  2025-08-26 14:56:30.785178154 +0200
@@ -1,7 +1,7 @@
 #
 # spec file for package mozjs128
 #
-# Copyright (c) 2025 SUSE LLC
+# Copyright (c) 2025 SUSE LLC and contributors
 # Copyright (c) 2023 Frantisek Zatloukal <fzatl...@redhat.com>
 # Copyright (c) 2014 Wolfgang Rosenauer
 #
@@ -41,7 +41,7 @@
 %global big_endian 1
 %endif
 Name:           mozjs%{major}
-Version:        128.13.0
+Version:        128.14.0
 Release:        1%{?dist}
 Summary:        SpiderMonkey JavaScript library
 License:        MPL-2.0

++++++ firefox-128.13.0esr.source.tar.xz -> firefox-128.14.0esr.source.tar.xz 
++++++
/work/SRC/openSUSE:Factory/mozjs128/firefox-128.13.0esr.source.tar.xz 
/work/SRC/openSUSE:Factory/.mozjs128.new.30751/firefox-128.14.0esr.source.tar.xz
 differ: char 15, line 1

commit mozjs128 for openSUSE:Factory

Reply via email to