Wip/ritesh/debian security update 2019
- Apr 29, 2020
-
-
Apertis CI authored
-
- Apr 16, 2020
-
-
Alberto Garcia authored
webkit2gtk (2.26.4-1~deb10u3) buster-security; urgency=medium * debian/patches/cve-2020-11793-fix.patch: + Cherry-pick fix for CVE-2020-11793.
0e89928a
-
- Mar 30, 2020
-
-
Ritesh Raj Sarraf authoredUnverifiedceb9d87e
-
- Mar 16, 2020
-
-
Alberto Garcia authored
webkit2gtk (2.26.4-1~deb10u2) buster-security; urgency=medium * debian/patches/cve-2020-10018-fix.patch: + Cherry-pick fix for CVE-2020-10018. webkit2gtk (2.26.4-1~deb10u1) buster-security; urgency=medium * Rebuild for buster-backports. * debian/patches/force-single-process.patch: + Force the single-process mode in Evolution and Geary * debian/control: + Remove Breaks for Evolution < 3.34.1. + Remove build dependency on libwpebackend-fdo-1.0-dev. + Switch build dependency from libenchant-2-dev to libenchant-dev. webkit2gtk (2.26.4-1) unstable; urgency=high * New upstream release. * The WebKitGTK security advisory WSA-2020-0001 lists the following security fixes in the latest versions of WebKitGTK: + CVE-2019-8835, CVE-2019-8844, CVE-2019-8846 (fixed in 2.26.3) * The WebKitGTK security advisory WSA-2020-0002 lists the following security fixes in the latest versions of WebKitGTK: + CVE-2020-3862, CVE-2020-3864, CVE-2020-3865, CVE-2020-3867, CVE-2020-3868 (fixed in 2.26.4) * debian/rules: + Don't use the Gold linker on powerpc (Closes: #949618). + Run dh with --builddirectory=build. Some source files are generated inside this directory and are later referenced from the .gir files so their path names should be independent from the architecture. * debian/control: + Mark libwebkit2gtk-4.0-doc and libwebkit2gtk-4.0-37-gtk2 as Multi-Arch: foreign. + Update Standards-Version to 4.5.0 (no changes). * debian/patches/reduce-memory-overheads.patch: + Reduce memory usage when not using the Gold linker (Closes: #949621). * debian/patches/fix-ftbfs-m68k.patch: + Update to make it work with the current release (Closes: #949660). * debian/patches/detect-woff.patch: + Refresh. * Add debian/upstream/metadata. webkit2gtk (2.26.3-1) unstable; urgency=high * New upstream release. * The WebKitGTK security advisory WSA-2019-0006 lists the following security fixes in the latest versions of WebKitGTK: + CVE-2019-8765, CVE-2019-8821, CVE-2019-8822 (fixed in 2.24.4) + CVE-2019-8710, CVE-2019-8743, CVE-2019-8764, CVE-2019-8766, CVE-2019-8782, CVE-2019-8808, CVE-2019-8815 (fixed in 2.26.0) + CVE-2019-8783, CVE-2019-8811, CVE-2019-8813, CVE-2019-8816, CVE-2019-8819, CVE-2019-8820, CVE-2019-8823 (fixed in 2.26.1) + CVE-2019-8812, CVE-2019-8814 (fixed in 2.26.2) * Build without the bubblewrap sandbox if the required dependencies are not available (Closes: #944731): + debian/rules: - Pass -DENABLE_BUBBLEWRAP_SANDBOX depending on whether libseccomp is installed. - Add runtime dependencies on bubblewrap and xdg-dbus-proxy conditionally to the status of ENABLE_BUBBLEWRAP_SANDBOX. + debian/control: - Don't require bubblewrap, xdg-dbus-proxy or libseccomp-dev in alpha, ia64, m68k, riscv64, sh4 or sparc64. * Enable USE_WPE_RENDERER: + debian/control: - Add build dependency on libwpebackend-fdo-1.0-dev. + debian/rules: - Set USE_WPE_RENDERER depending on whether wpebackend-fdo is available or not (this allows disabling it by simply removing the build dependency). * debian/rules: + Use -g1 in all builds. The webkit2gtk debug packages are huge and I'm not convinced that they have been very useful for reporting bugs. Using -g1 is enough for a basic backtrace and it makes the packages easier to handle. + Install the NEWS file using debian/libwebkit2gtk-4.0-37.docs. * debian/control: + Switch build dependency from libenchant-dev to libenchant-2-dev (Closes: #948106). + Add build dependency on libx11-xcb-dev (Closes: #949430). + Add Rules-Requires-Root: no. * debian/patches/use-python3.patch: + The unversioned python interpreter (i.e. Python 2) is not installed by default anymore, so use Python 3 instead (Closes: #948839). * debian/patches/user-agent-branding.patch: + Refresh. * debian/libwebkit2gtk-4.0-37.symbols: + Add Build-Depends-Package field. * debian/copyright: + Update copyright years. webkit2gtk (2.26.2-1) unstable; urgency=medium * New upstream release. * debian/rules: + Stop building with -O1 for armhf and friends, the build seems to work just fine with -O2 now. * debian/control: + Require bubblewrap >= 0.3.1. * debian/patches/force-single-process.patch: + Remove this patch, the fixed version of Geary (3.34.1) is now in unstable. * The WebKitGTK security advisory WSA-2019-0005 lists the following security fixes in the latest versions of WebKitGTK: + CVE-2019-8768 (fixed in 2.24.0). + CVE-2019-8735 (fixed in 2.24.2). + CVE-2019-8726 (fixed in 2.24.3). + CVE-2019-8674, CVE-2019-8707, CVE-2019-8719, CVE-2019-8733 and CVE-2019-8763 (fixed in 2.24.4). + CVE-2019-8625, CVE-2019-8720, CVE-2019-8769 and CVE-2019-8771 (fixed in 2.26.0).
67c1c3b0
-
- Mar 18, 2020
-
-
Apertis CI authorede63ad568
-