[Buildroot] [PATCH v2] package/quickjs: security bump to version 2025-09-13

[Buildroot] [PATCH v2] package/quickjs: security bump to version 2025-09-13

[Francois Perrad via buildroot]

fixes this serie of CVE:
https://security-tracker.debian.org/tracker/CVE-2025-62490
https://security-tracker.debian.org/tracker/CVE-2025-62491
https://security-tracker.debian.org/tracker/CVE-2025-62492
https://security-tracker.debian.org/tracker/CVE-2025-62493
https://security-tracker.debian.org/tracker/CVE-2025-62494
https://security-tracker.debian.org/tracker/CVE-2025-62495
https://security-tracker.debian.org/tracker/CVE-2025-62496

For release notes, see:
https://bellard.org/quickjs/Changelog

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
---
 package/quickjs/Config.in    | 2 +-
 package/quickjs/quickjs.hash | 2 +-
 package/quickjs/quickjs.mk   | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/package/quickjs/Config.in b/package/quickjs/Config.in
index a59d46070..0ae0389b2 100644
--- a/package/quickjs/Config.in
+++ b/package/quickjs/Config.in
@@ -10,7 +10,7 @@ config BR2_PACKAGE_QUICKJS
 	depends on BR2_USE_MMU # fork()
 	help
 	  QuickJS is a small and embeddable Javascript engine.
-	  It supports the ES2020 specification including modules,
+	  It supports the ES2023 specification including modules,
 	  asynchronous generators, proxies and BigInt.
 
 	  https://bellard.org/quickjs/
diff --git a/package/quickjs/quickjs.hash b/package/quickjs/quickjs.hash
index 798c857a1..70dfb2d19 100644
--- a/package/quickjs/quickjs.hash
+++ b/package/quickjs/quickjs.hash
@@ -1,3 +1,3 @@
 # Locally calculated
-sha256  2f20074c25166ef6f781f381c50d57b502cb85d470d639abccebbef7954c83bf  quickjs-2025-04-26.tar.xz
+sha256  6f1f322aea3bb3a90858db85c9fe717013fde4df7dfcafe2f57e78f5bb4b4a0c  quickjs-2025-09-13.tar.xz
 sha256  598fd7fc928e4350abce36e337ba5a1346923c5c692f5be92c3d8e29ddd7c18d  LICENSE
diff --git a/package/quickjs/quickjs.mk b/package/quickjs/quickjs.mk
index e2170b297..511f14245 100644
--- a/package/quickjs/quickjs.mk
+++ b/package/quickjs/quickjs.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-QUICKJS_VERSION = 2025-04-26
+QUICKJS_VERSION = 2025-09-13
 QUICKJS_SOURCE = quickjs-$(QUICKJS_VERSION).tar.xz
 QUICKJS_SITE = https://bellard.org/quickjs
 QUICKJS_LICENSE = MIT
-- 
2.43.0

_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

Re: [Buildroot] [PATCH v2] package/quickjs: security bump to version 2025-09-13

[Julien Olivain via buildroot]

On 07/04/2026 09:22, Francois Perrad via buildroot wrote:
> fixes this serie of CVE:
> https://security-tracker.debian.org/tracker/CVE-2025-62490
> https://security-tracker.debian.org/tracker/CVE-2025-62491
> https://security-tracker.debian.org/tracker/CVE-2025-62492
> https://security-tracker.debian.org/tracker/CVE-2025-62493
> https://security-tracker.debian.org/tracker/CVE-2025-62494
> https://security-tracker.debian.org/tracker/CVE-2025-62495
> https://security-tracker.debian.org/tracker/CVE-2025-62496
> 
> For release notes, see:
> https://bellard.org/quickjs/Changelog
> 
> Signed-off-by: Francois Perrad <francois.perrad@gadz.org>

Applied to master, thanks.
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot