Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
Name: libmozjs-128-0 | Distribution: openSUSE Tumbleweed |
Version: 128.2.0 | Vendor: openSUSE |
Release: 2.1 | Build date: Mon Sep 30 19:35:18 2024 |
Group: System/Libraries | Build host: reproducible |
Size: 18802186 | Source RPM: mozjs128-128.2.0-2.1.src.rpm |
Packager: https://bugs.opensuse.org | |
Url: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/SpiderMonkey | |
Summary: JavaScript's library |
JavaScript is the Netscape-developed object scripting language used in millions of web pages and server applications worldwide. Netscape's JavaScript is a superset of the ECMA-262 Edition 3 (ECMAScript) standard scripting language, with only mild differences from the published standard. This package contains the JavaScript's library.
MPL-2.0
* Mon Sep 30 2024 Cliff Zhao <qzhao@suse.com> - Add mozjs128-CVE-2024-45492.patch: Backporting 9bf0f2c1 from libexpat upstream, Detect integer overflow in function nextScaffoldPart. (CVE-2024-45492, bsc#1230038) * Mon Sep 30 2024 Cliff Zhao <qzhao@suse.com> - Add mozjs128-CVE-2024-45491.patch: Backporting 8e439a99 from libexpat upstream, Detect integer overflow in dtdCopy. (CVE-2024-45491, bsc#1230037) * Mon Sep 30 2024 Cliff Zhao <qzhao@suse.com> - Add mozjs128-CVE-2024-45490-part01-5c1a3164.patch: Backporting 5c1a3164 from libexpat upstream, Reject negative len for XML_ParseBuffer. CVE-2024-45490's fixes including 3 parts: 5c1a3164 for libexpat sources; c12f039b for libexpat tests; 2db23301 for libexpat docs; Because mozjs only embeds libexpat sources, so unnecessary to port prart02 and part03. (CVE-2024-45490, bsc#1230036) * Wed Sep 25 2024 Bjørn Lie <bjorn.lie@gmail.com> - Update to version 128.2.0: + CVE-2024-8385: WASM type confusion involving ArrayTypes + CVE-2024-8381: Type confusion when looking up a property name in a "with" block + CVE-2024-8382: Internal event interfaces were exposed to web content when browser EventHandler listener callbacks ran + CVE-2024-8383: Firefox did not ask before openings news: links in an external application + CVE-2024-8384: Garbage collection could mis-color cross-compartment objects in OOM conditions + CVE-2024-8386: SelectElements could be shown over another site if popups are allowed + CVE-2024-8387: Memory safety bugs fixed in Firefox 130, Firefox ESR 128.2, and Thunderbird 128.2 - Drop 0001-Skip-failing-tests-on-ppc64-and-s390x.patch: Fixed upstream. * Fri Aug 30 2024 Bjørn Lie <bjorn.lie@gmail.com> - Initial build for openSUSE.
/usr/lib64/libmozjs-128.so.0 /usr/lib64/libmozjs-128.so.0.0.0 /usr/share/licenses/libmozjs-128-0 /usr/share/licenses/libmozjs-128-0/LICENSE
Generated by rpm2html 1.8.1
Fabrice Bellet, Fri Oct 4 00:53:07 2024