436119c28b
Don't inline push with more than 1 argument A vulnerability where the JavaScript JIT compiler inlines Array.prototype.push with multiple arguments that results in the stack pointer being off by 8 bytes after a bailout. This leaks a memory address to the calling function which can be used as part of an exploit inside the sandboxed content process. Bump PKGREVISION |
||
|---|---|---|
| .. | ||
| patches | ||
| buildlink3.mk | ||
| DESCR | ||
| distinfo | ||
| hacks.mk | ||
| Makefile | ||
| PLIST | ||
| PLIST.Linux | ||