#17308 closed enhancement (fixed)

js-102.5.0

Reported by: Bruce Dubbs Owned by: ken@…
Priority: elevated Milestone: 11.3
Component: BOOK Version: git
Severity: normal Keywords:
Cc:

Description

New minor version.

Change History (9)

comment:1 by ken@…, 22 months ago

Owner: changed from blfs-book to ken@…
Priority: normalelevated
Status: newassigned

The fix for CVE-2022-45406: Use-after-free of a JavaScript Realm reported in the fixes for firefox-102.5.0 #17306 is in the js/src code and therefore also applies to js-102.5.0. Rated high.

comment:2 by ken@…, 22 months ago

My normal machine is still on python-3.10, so I'll use the measurements from an intel with 3.11. There, the size is bigger, and over 200 items in the first test report UNEXPECTED failures, on the AMD with 3.10 only 8 such failures.

For the avoidance of doubt, both are on 6.0.x kernels and not using my own CFLAGS etc.

comment:3 by Bruce Dubbs, 22 months ago

This is what I have for the current version:

601.3 Elapsed Time -  firefox-102.4.0esr.source
 
md5sum : 5ad962e43ad29245238feeba558941d9  /usr/src/firefox/firefox-102.4.0esr.source.tar.xz
470824 /usr/src/firefox/firefox-102.4.0esr.source.tar.xz SIZE (459.789 MB)
7170696 kilobytes BUILD SIZE (7002.632 MB)
SBU=6.396
 
hostname: lfs11
BFLAGS=-j16

Current instructions worked fine for me. The kernel is 6.0.7.

in reply to:  2 ; comment:4 by Xi Ruoyao, 22 months ago

Replying to ken@…:

My normal machine is still on python-3.10, so I'll use the measurements from an intel with 3.11. There, the size is bigger, and over 200 items in the first test report UNEXPECTED failures, on the AMD with 3.10 only 8 such failures.

For the avoidance of doubt, both are on 6.0.x kernels and not using my own CFLAGS etc.

Do you have the same ICU version on the systems?

in reply to:  4 ; comment:5 by ken@…, 22 months ago

Replying to Xi Ruoyao:

Replying to ken@…:

My normal machine is still on python-3.10, so I'll use the measurements from an intel with 3.11. There, the size is bigger, and over 200 items in the first test report UNEXPECTED failures, on the AMD with 3.10 only 8 such failures.

For the avoidance of doubt, both are on 6.0.x kernels and not using my own CFLAGS etc.

Do you have the same ICU version on the systems?

Good question - I thought about this when lucidly awake during sleep. The amd has 71.1 (hoping to update the system in the next couple of weeks). On the up-to-date intel I misread the number of failures (112) and they are indeed all related to Date/Time. Unfortunately I threw away the build on the amd, rerunning and trying without the sed (it only affects one file which is outside js) - confirm that is NOT needed (DESTDIR install). Running tests now.

Running tests now

comment:6 by ken@…, 22 months ago

"over 100" seems right. I also omitted the '--wpt=disabled' on the intel. Sorry for the noise.

in reply to:  5 comment:7 by ken@…, 22 months ago

Replying to ken@…: Unfortunately I threw away the build on the amd, rerunning and trying without the sed (it only affects one file which is outside js) - confirm that is NOT needed (DESTDIR install).

Insert expletives here. Of course it wasn't needed, that is the machine still on python-3.10. On 3.11 configure blows up without it. <sigh/>

comment:9 by ken@…, 22 months ago

Resolution: fixed
Status: assignedclosed

Security Advisory SA11.2-042 created.

Note: See TracTickets for help on using tickets.