Bug#1111591: marked as done (mozjs128: update to 128.14.0)

Tue, 19 Aug 2025 13:41:31 -0700 

Your message dated Tue, 19 Aug 2025 20:38:38 +0000
with message-id <[email protected]>
and subject line Bug#1111591: fixed in mozjs128 128.14.0-1
has caused the Debian Bug report #1111591,
regarding mozjs128: update to 128.14.0
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
1111591: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1111591
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
Source: mozjs128
Version: 128.13.0-1
Severity: important
Tags: trixie forky sid

The final scheduled mozjs128 release, 128.14.0, was released today
with some security fixes.

mozjs128 is only used by gjs (for GNOME Shell and several GNOME apps)
and cjs (for Cinnamon). Practically, I am not aware of any Firefox
CVEs ever being used to attack the desktop via gjs or cjs. Notably,
debian-security-support says about mozjs128 "Not covered by security
support, only suitable for trusted content". Therefore, updates for
mozjs* are handled via regular updates.

https://salsa.debian.org/debian/debian-security-support/-/blob/master/security-support.deb13#L30

https://whattrainisitnow.com/calendar/

Thank you,
Jeremy Bícha

--- End Message ---
--- Begin Message --- 
Source: mozjs128
Source-Version: 128.14.0-1
Done: Jeremy Bícha <[email protected]>

We believe that the bug you reported is fixed in the latest version of
mozjs128, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Jeremy Bícha <[email protected]> (supplier of updated mozjs128 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 18 Aug 2025 11:27:41 -0400
Source: mozjs128
Built-For-Profiles: noudeb
Architecture: source
Version: 128.14.0-1
Distribution: unstable
Urgency: high
Maintainer: Debian GNOME Maintainers 
<[email protected]>
Changed-By: Jeremy Bícha <[email protected]>
Closes: 1111591
Changes:
 mozjs128 (128.14.0-1) unstable; urgency=high
 .
   * New upstream release (Closes: #1111591)
     - MFSA-RESERVE-2025-1977130: Uninitialized memory in the JavaScript Engine
       component
     - MFSA-RESERVE-2025-2: Memory safety bugs
Checksums-Sha1:
 f5260028e4a12c14e4d995b8c683299a80f6e2b5 2416 mozjs128_128.14.0-1.dsc
 97a6b00ade1ef58b215cf7061a86c4299fd9d5ba 157263392 
mozjs128_128.14.0.orig.tar.xz
 720b0e6df0f33801697965cfac2b017c5906266a 53732 
mozjs128_128.14.0-1.debian.tar.xz
 9c2d26c105496ed7d2a9ba79a49feafa0b578824 8959 
mozjs128_128.14.0-1_source.buildinfo
Checksums-Sha256:
 b08eadebb8a17e95515ec725186551b43fe633e38c83e30e19869ff0faac31e6 2416 
mozjs128_128.14.0-1.dsc
 41cca35149710ce45fbabc5fefcf86a01fdf833fdb783941964fca3a55fb72dd 157263392 
mozjs128_128.14.0.orig.tar.xz
 cbd8b152d52ffe062d49ce19c1cb0d8c565b3f2f74b20b3a22b631947787bebd 53732 
mozjs128_128.14.0-1.debian.tar.xz
 a3288e76b53bfb6d4623aed3065c57b1ae4449db1eef6df151703a2d3ba631fe 8959 
mozjs128_128.14.0-1_source.buildinfo
Files:
 04cf17cff48efb07ef49486261928df4 2416 libs optional mozjs128_128.14.0-1.dsc
 66e67ee8b8ba967961691440c1457e2d 157263392 libs optional 
mozjs128_128.14.0.orig.tar.xz
 6d550072fa6a5a2151edb13f0fb1aa78 53732 libs optional 
mozjs128_128.14.0-1.debian.tar.xz
 e3e71261c94194e7221ac25f784c4d21 8959 libs optional 
mozjs128_128.14.0-1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEETQvhLw5HdtiqzpaW5mx3Wuv+bH0FAmik0BgACgkQ5mx3Wuv+
bH2J2RAAg/5kjWf3Aj/JrouJaLcKwqY+HkSvqTfvK6GXAVfoQWcBwkfDCm/GScsh
Nczt29wJ69aqcsSiVhgGomDJdssb3ILze68RMsBgLfZS5lmPkkMMtLj3K3UkFzHl
nl/6P+Oind7WIJem7mLU94M0VpnDCy6F0V3r0f6fl3cDt1IPLufKsCR0X/VqyaGw
eDVxDvEZttADXHiEj9WNTgu409czoHwURdkB+h9hzreXNUEBcdaXFkaZw3mcl9Qz
0RfjRkYKyZxtHUBaU9eDLsEYJUxKzg0XDK2+zfMjh9gXN7iFH78iOEX7a6Q2nqWP
oyaoFQRAfuKr3PrlliMoz5KGfrLYdvDGNIjt32IpBiHA644rnrHhwB0PvDOgoik5
qawRsbFLB9SkPb5Dnh7QFd+Mdf87FufeBlOww5kjZQcnk6HpJ55z6ysOyqZt3jt4
BTTnqaAdSOfO3/rS0osxAjZwunJCpG8h7g60XcEiv72Yh5Txnjz2rkOUuFJ/8Mqg
dWRiHaKRFIHBVZrDu2JgMuJOzYFFx8U0xg/Y0iZMbx061bioWpQeUVs7Q+UJR8aX
aqjAAulwUJ0FVqIydW4LfUOtVxRg78SuvSMN8oWXIRcosGaMj75NFcI9xICuryNO
AsYyWuPWNg3CvO5/SD+7qb7nlYOAmXJelIOulAu7WU9iPtdcYpI=
=xO8M
-----END PGP SIGNATURE-----

Attachment: pgpMbTr_U6FVi.pgp
Description: PGP signature


--- End Message ---

Reply via email to