This bug was fixed in the package mozjs102 - 102.11.0-0ubuntu0.22.10.1 --------------- mozjs102 (102.11.0-0ubuntu0.22.10.1) kinetic-security; urgency=medium
* SECURITY UPDATE: New upstream release (LP: #2018905) - CVE-2023-32211: Content process crash due to invalid wasm code - CVE-2023-32215: Memory safety bugs - CVE-2023-29536: Invalid free from JavaScript code - CVE-2023-29548: Incorrect optimization result on ARM64 - CVE-2023-29550: Memory safety bugs - CVE-2023-29535: Potential Memory Corruption following Garbage Collector compaction - CVE-2023-25751: Incorrect code generation during JIT compilation - CVE-2023-25739: Use-after-free in mozilla::dom::ScriptLoadContext - CVE-2023-25735: Potential use-after-free from compartment mismatch -- Jeremy Bícha <jbi...@ubuntu.com> Tue, 09 May 2023 11:30:19 -0400 ** Changed in: mozjs102 (Ubuntu Kinetic) Status: Confirmed => Fix Released -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to mozjs102 in Ubuntu. https://bugs.launchpad.net/bugs/2018905 Title: Update mozjs102 to 102.11.0 Status in mozjs102 package in Ubuntu: Fix Released Status in mozjs102 source package in Jammy: Fix Released Status in mozjs102 source package in Kinetic: Fix Released Status in mozjs102 source package in Lunar: Fix Released Bug description: Impact ------ mozjs102 is the SpiderMonkey JavaScript engine from Firefox ESR. It is used by gjs to power GNOME Shell and some GNOME apps. There are new Firefox 102 ESR releases monthly until the end of August. https://whattrainisitnow.com/calendar/ This bug tracks updating Ubuntu 23.04 from 102.10.0 to 102.11.0, Ubuntu 22.10 from 102.3.0 to 102.11.0, and backporting this package to Ubuntu 22.04 LTS. Security Impact --------------- I looked through https://github.com/mozilla/gecko-dev/commits/esr102/js and searched for referenced bug numbers in https://www.mozilla.org/en-US/security/advisories/mfsa2023-17/ and found two CVEs for Ubuntu 23.04 Ubuntu 22.10 wasn't updated recently, so I listed 7 more CVEs there from previous Mozilla Advisories. Also, note that there are 4 more CVEs from 102.6.0-0ubuntu0.22.10.1 which was only pushed to -proposed and not to -security. (We ran into an issue with updating gjs for Ubuntu 22.04 LTS but that doesn't need to block updating mozjs102 by itself.) Test Case --------- https://wiki.ubuntu.com/DesktopTeam/TestPlans/gjs Security Sponsoring ------------------- sudo apt install git-buildpackage mkdir ../tarballs; cd ../tarballs pull-lp-source mozjs102 mantic # That avoids needing to recreate the original tarball from pristine-tar which takes a while. Also, running lintian takes a while. cd .. gbp clone https://salsa.debian.org/gnome-team/mozjs cd mozjs git checkout ubuntu/102/lunar gbp buildpackage --git-builder="debuild --no-lintian -S -nc" --git-tarball-dir=../tarballs git checkout ubuntu/102/kinetic gbp buildpackage --git-builder="debuild --no-lintian -S -nc -v102.3.0-1" --git-tarball-dir=../tarballs git checkout ubuntu/102/jammy gbp buildpackage --git-builder="debuild --no-lintian -S -nc" --git-tarball-dir=../tarballs Initial Testing Done -------------------- I built the package locally. I installed the library package on Ubuntu 23.04 and successfully completed the Test Case. Other Info ---------- I think it would be helpful to also push this update to Ubuntu 22.04 LTS even though we don't have any packages there using mozjs102 yet, since it is still a goal to update gjs there to use mozjs102. See LP: #1993214 It needs to go into `main` for Ubuntu 22.04 LTS but I think this will happen automatically since there is already a version in jammy- proposed in main. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/mozjs102/+bug/2018905/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp