-
mozjs102 (102.15.1-0ubuntu0.23.04.1) lunar-security; urgency=medium
* New upstream release (LP: #2036634)
- CVE-2023-4046: Incorrect value used during WASM compilation
-- Jeremy Bícha <email address hidden> Tue, 19 Sep 2023 15:50:00 -0400
-
mozjs102 (102.13.0-0ubuntu0.23.04.1) lunar-security; urgency=medium
* New upstream release (LP: #2026197)
- CVE-2023-37202: Potential use-after-free from compartment mismatch
in SpiderMonkey
- CVE-2023-37211: Memory safety bugs
-- Jeremy Bícha <email address hidden> Thu, 06 Jul 2023 07:12:35 -0400
-
mozjs102 (102.12.0-0ubuntu0.23.04.1) lunar-security; urgency=medium
* New upstream release (LP: #2023047) (Closes: #1037158)
- CVE-2023-34416: Memory safety bugs
* Update debian/upstream/signing-key.asc per upstream rotation
-- Jeremy Bícha <email address hidden> Tue, 06 Jun 2023 12:05:08 -0400
-
mozjs102 (102.11.0-0ubuntu0.23.04.1) lunar-security; urgency=high
* SECURITY UPDATE: New upstream release (LP: #2018905)
- CVE-2023-32211: Content process crash due to invalid wasm code
- CVE-2023-32215: Memory safety bugs
-- Jeremy Bícha <email address hidden> Tue, 09 May 2023 11:30:19 -0400
-
mozjs102 (102.10.0-1) unstable; urgency=high
* New upstream release (LP: #2015880)
- CVE-2023-29536: Invalid free from JavaScript code
- CVE-2023-29548: Incorrect optimization result on ARM64
- CVE-2023-29550: Memory safety bugs
- CVE-2023-29535: Potential Memory Corruption following Garbage Collector
compaction
-- Jeremy Bícha <email address hidden> Mon, 10 Apr 2023 19:48:42 -0400
-
mozjs102 (102.9.0-1) unstable; urgency=high
[ Jeremy Bicha ]
* New upstream release
- CVE-2023-25751: Incorrect code generation during JIT compilation
[ John Paul Adrian Glaubitz ]
* Disable large-arraybuffers/base.js on all big-endian targets
(Closes: #1020700)
-- Jeremy Bicha <email address hidden> Mon, 13 Mar 2023 11:03:53 -0400
-
mozjs102 (102.8.0-1) unstable; urgency=medium
* New upstream release
* Drop Python 3.11 patch: applied in new release
-- Jeremy Bicha <email address hidden> Wed, 15 Feb 2023 08:57:21 -0500
-
mozjs102 (102.7.0-1) unstable; urgency=medium
* New upstream release
* Cherry-pick patch to fix build with Python 3.11 (Closes: #1028716)
* Re-export upstream signing key without extra signatures
* Update standards version to 4.6.2, no changes needed
-- Jeremy Bicha <email address hidden> Tue, 17 Jan 2023 15:57:16 -0500
-
mozjs102 (102.6.0-1) unstable; urgency=medium
* New upstream release
-- Jeremy Bicha <email address hidden> Mon, 12 Dec 2022 17:16:33 -0500
-
mozjs102 (102.5.0-1) unstable; urgency=medium
* New upstream release
-- Jeremy Bicha <email address hidden> Tue, 15 Nov 2022 12:28:41 -0500
-
mozjs102 (102.4.0-1) unstable; urgency=medium
* New upstream release
* Drop ARMv7 atomic operations patch: applied in new release
-- Jeremy Bicha <email address hidden> Mon, 17 Oct 2022 14:03:07 -0400
-
mozjs102 (102.3.0-1) unstable; urgency=medium
* Team upload
[ Jeremy Bicha ]
* New upstream release
[ Simon McVittie ]
* d/p/jit-Only-use-ARMv7-atomic-operations-on-ARMv7-or-higher.patch:
* Add patch to avoid using ARMv7 atomic operations on armel
* d/p/js-Enable-JIT-by-default-on-ARMv7-or-up-but-not-ARMv6-or-.patch:
Attempt to solve FTBFS on armel by disabling JIT
* Update Lintian overrides
* d/copyright: Remove patterns that no longer match anything
* Standards-Version: 4.6.1 (no changes required)
[ Adrian Bunk ]
* d/p/js-arm-i386-no-simd.patch:
Avoid SIMD (SSE/NEON) on 32-bit ARM and x86. It is not in the baseline
of our i386/armel/armhf ports.
* d/rules: Build with -Wl,--allow-multiple-definition on armel
(works around mozjs102's equivalent of mozjs91 bug #1017979)
* Go back to using the default gcc on armel (Closes: #1018047)
* Exclude basic/bug-1649234-1.js test on armel (Closes: #1017961)
-- Simon McVittie <email address hidden> Sat, 24 Sep 2022 20:53:33 +0100