* New upstream release (LP: #2061860)
- CVE-2024-3852: GetBoundName in the JIT returned the wrong object
- CVE-2024-3854: Out-of-bounds-read after mis-optimized switch statement
- CVE-2024-3857: Incorrect JITting of arguments led to use-after-free
during garbage collection
This bug was fixed in the package mozjs115 - 115.10.0-1
---------------
mozjs115 (115.10.0-1) unstable; urgency=high
* New upstream release (LP: #2061860)
- CVE-2024-3852: GetBoundName in the JIT returned the wrong object
- CVE-2024-3854: Out-of-bounds-read after mis-optimized switch statement
- CVE-2024-3857: Incorrect JITting of arguments led to use-after-free
during garbage collection
-- Jeremy Bícha <email address hidden> Tue, 16 Apr 2024 07:52:09 -0400