Source: mozjs128 Version: 128.13.0-1 Severity: important Tags: trixie forky sid
The final scheduled mozjs128 release, 128.14.0, was released today with some security fixes. mozjs128 is only used by gjs (for GNOME Shell and several GNOME apps) and cjs (for Cinnamon). Practically, I am not aware of any Firefox CVEs ever being used to attack the desktop via gjs or cjs. Notably, debian-security-support says about mozjs128 "Not covered by security support, only suitable for trusted content". Therefore, updates for mozjs* are handled via regular updates. https://salsa.debian.org/debian/debian-security-support/-/blob/master/security-support.deb13#L30 https://whattrainisitnow.com/calendar/ Thank you, Jeremy BĂcha
