-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 16 Apr 2024 07:52:09 -0400 Source: mozjs115 Built-For-Profiles: noudeb Architecture: source Version: 115.10.0-1 Distribution: unstable Urgency: high Maintainer: Debian GNOME Maintainers <pkg-gnome-maintainers@lists.alioth.debian.org> Changed-By: Jeremy Bícha <jbicha@ubuntu.com> Launchpad-Bugs-Fixed: 2061860 Changes: mozjs115 (115.10.0-1) unstable; urgency=high . * New upstream release (LP: #2061860) - CVE-2024-3852: GetBoundName in the JIT returned the wrong object - CVE-2024-3854: Out-of-bounds-read after mis-optimized switch statement - CVE-2024-3857: Incorrect JITting of arguments led to use-after-free during garbage collection Checksums-Sha1: 17475fb1b0b7c2a3b504ced8130686b692ee3e15 2393 mozjs115_115.10.0-1.dsc a657661a3024c5c27b92a0b9b4ba62b1b6040b59 145639392 mozjs115_115.10.0.orig.tar.xz bbd7ac0db3028d8534c472960d7a55e3046a0ec6 69840 mozjs115_115.10.0-1.debian.tar.xz ed7a33a4549dcf25d1fd4a9fd90103e57d24711d 7375 mozjs115_115.10.0-1_source.buildinfo Checksums-Sha256: d31a133550e70f840ca4aac66e92593d4c7b60c38c5cbc636a3e0f98d20527f1 2393 mozjs115_115.10.0-1.dsc 9f59a734cd5d5444b1afc2f83c1c7c8098fc781c04bf856550f64f240e644219 145639392 mozjs115_115.10.0.orig.tar.xz beed09c7f5d35949da1254d8846ee571a384edc37456de24b3858542aa8fc57d 69840 mozjs115_115.10.0-1.debian.tar.xz 9f1a4c353ef9d90b0f10af45c68d7b27219c48e24e3dd521a276ba3cf5c8664e 7375 mozjs115_115.10.0-1_source.buildinfo Files: 1bb2546ca2ef0ba1dcb6cbb59c753751 2393 libs optional mozjs115_115.10.0-1.dsc 1c7c1983e08033e549c805ebc06018ab 145639392 libs optional mozjs115_115.10.0.orig.tar.xz 169b6482f2918ad07c13a461514cc845 69840 libs optional mozjs115_115.10.0-1.debian.tar.xz aec6f7d64e59bb3a8c84ddb393b4b705 7375 libs optional mozjs115_115.10.0-1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEETQvhLw5HdtiqzpaW5mx3Wuv+bH0FAmYemtEACgkQ5mx3Wuv+ bH0Lwg//WLqIIS7nvOc44Ho9+FcZn7OuC8DshGgZ4uIl+uzP2cbPjsirPr/3nMWD acexxJemCnDNF+Rxxs+MBskPX7RXoawPCg7VKiBzKCcygpDa2rZ3LJdJWd1vrw3h xuSGLgtTJTMbjsHP4iaVshImXhaweHAHp7KatUq6ECusILj3f/2JnWHy5u+Mx69i mDTskVOwpoolb6XbctVm3h6/AJKJ1/keGxG1HPBXw/a0AO3FWIHFZ/VFh/MnoPoU ZSs4lCxFCVqF61EDE6zZiqQpDwGbYmLFSsT6Dtz3twmlJ/upOpOtiCzEJ8oThSoL Gbz7D6czFtSfoSK8gVGmVASrN8AKzNU80gfrydaDsBw9RrZ4dCl178XGclJcFiji Khi7lP1Y2xulDWUotwOp0o9o/k2LaqSlLf2wyx73jguSpwz7VeiY39o6jdGS1Y2F WqJOCJi5lxpC4W0rEAedoA1Bk9hfY4ZR4eQc2aVfDF9fHn9FKsBnCP0SRGijxqSJ R9Y5IwWEVWUgFfY6dw8tfW7yOu7WXL9VAr8WXnJ3WJt3jdzK++Z66Wdyl1SMw9O+ 7Dqq1lSkUrS0Ujzd8De53E9kdnBLrn7We56cBQsPLQKKg5XQKkINSKBDuSLZAwy7 /SP9MgKOI4VcgwY1eTZLjIYK6Cp+l+jRUOh0AbrgTL51EncqQ5s= =I1FC -----END PGP SIGNATURE-----