SUSE Package Hub - SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-3554

Update Info

SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-3554

Security update for mozjs78

Type: security

Severity: moderate

Issued: 2024-10-09

Description:

This update for mozjs78 fixes the following issues:

- CVE-2024-45490: Fixed negative len for XML_ParseBuffer in embedded expat (bnc#1230036)
- CVE-2024-45491: Fixed integer overflow in dtdCopy in embedded expat (bnc#1230037)
- CVE-2024-45492: Fixed integer overflow in function nextScaffoldPart in embedded expat (bnc#1230038)

References

Packages

mozjs78-78.15.0-150400.3.6.2