Opened 4 months ago

Closed 4 months ago

#15367 closed enhancement (fixed)

JS78.13.0 (from firefox)

Reported by: ken@… Owned by: ken@…
Priority: elevated Milestone: 11.0
Component: BOOK Version: git
Severity: normal Keywords:
Cc:

Description

For the moment, we still need to use firefox-78 releases for JS78 (SpiderMonkey, otherwise known as mozjs by some distros).

78.13.0 is now available, compared to 78.12.0 the js/src code has one small change in the jit code. I have no idea if this is a vulnerability fix or just a general fix, but upgrading seems like a good idea.

Change History (7)

comment:1 by ken@…, 4 months ago

Owner: changed from blfs-book to ken@…
Status: newassigned
Summary: JS78-13.0 (from firefox)JS78.13.0 (from firefox)

comment:2 by Xi Ruoyao, 4 months ago

Installed on my system w/o problem.

A note: both GJS and polkit don't use JIT for now because their scripts are unlikely to get significant performance gain from it.

in reply to:  2 comment:3 by ken@…, 4 months ago

Replying to Xi Ruoyao:

Installed on my system w/o problem.

A note: both GJS and polkit don't use JIT for now because their scripts are unlikely to get significant performance gain from it.

Interesting, nevertheless it is an explicit security fix, https://www.mozilla.org/en-US/security/advisories/mfsa2021-34/ - see CVE-2021-29984.

There are the usual bunch of other fixes in ff 78.13 and 91.0. I'm still hitting random failures in updates of 91.0, starting to wonder if a short-term workaround is to add a firefox-legacy page for 78.13.0.

comment:4 by ken@…, 4 months ago

Priority: normalelevated

comment:5 by ken@…, 4 months ago

Book updated in @883e3763504bb709345891b0daf4ed4fe7b07d03 10.1-757

Security advisory (with a note that gjs and polkit are not affected) to follow tomorrow or thursday.

comment:6 by ken@…, 4 months ago

SA 10.1-088.

comment:7 by ken@…, 4 months ago

Resolution: fixed
Status: assignedclosed
Note: See TracTickets for help on using tickets.