UbuntuUpdates.org

Package "mozjs52"

This package belongs to a PPA: Ubuntu Mozilla Security




Name: mozjs52

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • SpiderMonkey JavaScript library
  • SpiderMonkey JavaScript library - development headers
Latest version: *DELETED*
Release: bionic (18.04)
Level: base
Repository: main

Links

All versions of this package
Bug fixes

Repository home page

Other versions of "mozjs52" in Bionic

Repository Area Version
base main 52.3.1-7fakesync1
security main 52.9.1-0ubuntu0.18.04.1
updates main 52.9.1-0ubuntu0.18.04.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: *DELETED* 2018-06-20 12:08:47 UTC
No changelog for deleted or moved packages.

Version: 52.8.1-0ubuntu0.18.04.1 2018-06-13 23:08:53 UTC

 mozjs52 (52.8.1-0ubuntu0.18.04.1) bionic-security; urgency=medium
 .
   * SECURITY UPDATE: Multiple memory safety issues
     - CVE-2017-7810, CVE-2017-7826, CVE-2018-5089, CVE-2018-5125,
       CVE-2018-5150
 .
   * Update to 52.8.1esr
   * Drop patches that are fixed upstream
     - remove debian/patches/remove-nspr-dependency.patch
     - remove debian/patches/tests-skip-on-all-64-bit-archs.patch
     - update debian/patches/series
   * Refresh patches
     - update debian/patches/include-configure-script.patch - the
       configure script is included in the tarball now. This patch should
       probably be renamed to something more appropriate
     - update debian/patches/pre-generate-old-configure.patch - a pre-generated
       old-configure script is included in the tarball now, although the one
       generated by js/src/make-source-package.sh includes the wrong aclocal.m4
       and doesn't work, so regenerate it again with the correct aclocal.m4
   * Move pre-generate-old-configure.patch to after
     Allow-to-override-ICU_DATA_FILE-from-the-environment.patch and drop
     Patch-pregenerated-old-configure-to-match-build-autoconf-.patch
     - update debian/patches/series
     - remove debian/patches/Patch-pregenerated-old-configure-to-match-build-autoconf-.patch
     - update debian/patches/pre-generate-old-configure.patch to refresh old-configure
   * Don't build-depend on libicu-dev - the bundled ICU is used and the
     distro ICU package ships the layout engine API since 60.2, which
     causes intl/icu_sources_data.py to fail due to source files excluded from
     the Mozilla source

CVE-2017-7810 Memory safety bugs were reported in Firefox 55 and Firefox ESR 52.3. Some of these bugs showed evidence of memory corruption and we presume that with
CVE-2017-7826 Memory safety bugs were reported in Firefox 56 and Firefox ESR 52.4. Some of these bugs showed evidence of memory corruption and we presume that with
CVE-2018-5089 Memory safety bugs were reported in Firefox 57 and Firefox ESR 52.5. Some of these bugs showed evidence of memory corruption and we presume that with
CVE-2018-5125 Memory safety bugs were reported in Firefox 58 and Firefox ESR 52.6. Some of these bugs showed evidence of memory corruption and we presume that with
CVE-2018-5150 Memory safety bugs were reported in Firefox 59, Firefox ESR 52.7, and Thunderbird 52.7. Some of these bugs showed evidence of memory corruption and w


About   -   Send Feedback to @ubuntu_updates