*** This bug is a security vulnerability *** Public security bug reported:
Impact ------ GNOME Shell uses the SpiderMonkey JavaScript engine from Firefox ESR (mozjs). Firefox 92 ESR has reached end of life; therefore, we should switch to the 102 ESR series for security updates for the next year. This requires updating gjs from 1.72 to 1.74 from GNOME 43, as packaged in Ubuntu 22.10. This will be done as a Security Update. Uploaded Packages ----------------- We will introduce mozjs102, a new source package for Ubuntu 22.04 LTS, being careful to publish it in main, not universe. And we'll update gjs. No other packages need to be updated for this change. mozjs91 will remain in Ubuntu 22.04 LTS (source package removals are generally not possible), but nothing else in Ubuntu uses it. Test Case --------- https://wiki.ubuntu.com/DesktopTeam/TestPlans/gjs Prerequisite ------------ We need to get mozjs102 on the i386 whitelist for Ubuntu 22.04 LTS ** Affects: gjs (Ubuntu) Importance: Undecided Status: New ** Affects: mozjs102 (Ubuntu) Importance: Undecided Status: New ** Tags: jammy upgrade-software-version ** Summary changed: - Update gjs to 1.74 using mozjs102 102.3 + [jammy] Update gjs to 1.74 using mozjs102 102.3 ** Also affects: mozjs102 (Ubuntu) Importance: Undecided Status: New ** Description changed: Impact ------ GNOME Shell uses the SpiderMonkey JavaScript engine from Firefox ESR (mozjs). Firefox 92 ESR has reached end of life; therefore, we should switch to the 102 ESR series for security updates for the next year. This requires updating gjs from 1.72 to 1.74 from GNOME 43, as packaged in Ubuntu 22.10. This will be done as a Security Update. Uploaded Packages ----------------- We will introduce mozjs102, a new source package for Ubuntu 22.04 LTS, being careful to publish it in main, not universe. And we'll update gjs. No other packages need to be updated for this change. + mozjs91 will remain in Ubuntu 22.04 LTS (source package removals are generally not possible), but nothing else in Ubuntu uses it. Test Case --------- https://wiki.ubuntu.com/DesktopTeam/TestPlans/gjs + + Prerequisite + ------------ + We need to get mozjs102 on the i386 whitelist for Ubuntu 22.04 LTS -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to gjs in Ubuntu. https://bugs.launchpad.net/bugs/1993214 Title: [jammy] Update gjs to 1.74 using mozjs102 102.3 Status in gjs package in Ubuntu: New Status in mozjs102 package in Ubuntu: New Bug description: Impact ------ GNOME Shell uses the SpiderMonkey JavaScript engine from Firefox ESR (mozjs). Firefox 92 ESR has reached end of life; therefore, we should switch to the 102 ESR series for security updates for the next year. This requires updating gjs from 1.72 to 1.74 from GNOME 43, as packaged in Ubuntu 22.10. This will be done as a Security Update. Uploaded Packages ----------------- We will introduce mozjs102, a new source package for Ubuntu 22.04 LTS, being careful to publish it in main, not universe. And we'll update gjs. No other packages need to be updated for this change. mozjs91 will remain in Ubuntu 22.04 LTS (source package removals are generally not possible), but nothing else in Ubuntu uses it. Test Case --------- https://wiki.ubuntu.com/DesktopTeam/TestPlans/gjs Prerequisite ------------ We need to get mozjs102 on the i386 whitelist for Ubuntu 22.04 LTS To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gjs/+bug/1993214/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
