Package "mozjs102"

Name: mozjs102


This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • SpiderMonkey JavaScript library
  • SpiderMonkey JavaScript library - development headers

Latest version: 102.6.0-0ubuntu0.22.04.1
Release: jammy (22.04)
Level: proposed
Repository: main


Other versions of "mozjs102" in Jammy

No other version of this package is available in the Jammy release.

Packages in group

Deleted packages are displayed in grey.


Version: 102.6.0-0ubuntu0.22.04.1 2023-02-06 14:38:50 UTC

  mozjs102 (102.6.0-0ubuntu0.22.04.1) jammy-security; urgency=medium

  * SECURITY UPDATE: Backport to Ubuntu 22.04 LTS (LP: #1993214)
    - CVE-2022-40957: Incoherent instruction cache when building WASM on ARM64
    - CVE-2022-42928: Memory Corruption in JS Engine
    - CVE-2022-42932: Memory safety bugs
    - CVE-2022-45406: Use-after-free of a JavaScript Realm
    - CVE-2022-45409: Use-after-free in Garbage Collection
  * Drop jit-Only-use-ARMv7-atomic-operations-on-ARMv7-or-higher.patch:
    - applied in new release

 -- Jeremy Bicha <email address hidden> Tue, 13 Dec 2022 14:57:22 -0500

1993214 [jammy] Update gjs to 1.74 using mozjs102 102.3
CVE-2022-40957 Inconsistent data in instruction and data cache when creating wasm code could lead to a potentially exploitable crash.<br>*This bug only affects Fire
CVE-2022-42928 Certain types of allocations were missing annotations that, if the Garbage Collector was in a specific state, could have lead to memory corruption an
CVE-2022-42932 Mozilla developers Ashley Hale and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird 102.3. Some of these bugs showed evide
CVE-2022-45406 If an out-of-memory condition occurred when creating a JavaScript global, a JavaScript realm may be deleted while references to it lived on in a Base
CVE-2022-45409 The garbage collector could have been aborted in several states and zones and <code>GCRuntime::finishCollection</code> may not have been called, lead

About   -   Send Feedback to @ubuntu_updates