[ubuntu/bionic-security] mozjs52 52.8.1-0ubuntu0.18.04.1 (Accepted)

[Chris Coulson]

mozjs52 (52.8.1-0ubuntu0.18.04.1) bionic-security; urgency=medium

  * SECURITY UPDATE: Multiple memory safety issues
    - CVE-2017-7810, CVE-2017-7826, CVE-2018-5089, CVE-2018-5125,
      CVE-2018-5150

  * Update to 52.8.1esr
  * Drop patches that are fixed upstream
    - remove debian/patches/remove-nspr-dependency.patch
    - remove debian/patches/tests-skip-on-all-64-bit-archs.patch
    - update debian/patches/series
  * Refresh patches
    - update debian/patches/include-configure-script.patch - the
      configure script is included in the tarball now. This patch should
      probably be renamed to something more appropriate
    - update debian/patches/pre-generate-old-configure.patch - a pre-generated
      old-configure script is included in the tarball now, although the one
      generated by js/src/make-source-package.sh includes the wrong aclocal.m4
      and doesn't work, so regenerate it again with the correct aclocal.m4
  * Move pre-generate-old-configure.patch to after
    Allow-to-override-ICU_DATA_FILE-from-the-environment.patch and drop
    Patch-pregenerated-old-configure-to-match-build-autoconf-.patch
    - update debian/patches/series
    - remove debian/patches/Patch-pregenerated-old-configure-to-match-build-autoconf-.patch
    - update debian/patches/pre-generate-old-configure.patch to refresh old-configure
  * Don't build-depend on libicu-dev - the bundled ICU is used and the
    distro ICU package ships the layout engine API since 60.2, which
    causes intl/icu_sources_data.py to fail due to source files excluded from
    the Mozilla source

Date: 2018-06-13 22:04:19.074425+00:00
Changed-By: Chris Coulson <chrisccoulson at ubuntu.com>
https://launchpad.net/ubuntu/+source/mozjs52/52.8.1-0ubuntu0.18.04.1
-------------- next part --------------
Sorry, changesfile not available.