Skip to content
Snippets Groups Projects

Wip/ritesh/debian security update 2019

Merged Wip/ritesh/debian security update 2019
wip/ritesh/debian-security-update-2019 into apertis/v2019-security
Merged Ritesh Raj Sarraf requested to merge wip/ritesh/debian-security-update-2019 into apertis/v2019-security
  1. Apr 29, 2020
  3. Apr 16, 2020
  5. Mar 30, 2020
  7. Mar 16, 2020
    • Alberto Garcia's avatar
      Import Debian changes 2.26.4-1~deb10u2 · 67c1c3b0
      Alberto Garcia authored 
      webkit2gtk (2.26.4-1~deb10u2) buster-security; urgency=medium

  * debian/patches/cve-2020-10018-fix.patch:
    + Cherry-pick fix for CVE-2020-10018.

webkit2gtk (2.26.4-1~deb10u1) buster-security; urgency=medium

  * Rebuild for buster-backports.
  * debian/patches/force-single-process.patch:
    + Force the single-process mode in Evolution and Geary
  * debian/control:
    + Remove Breaks for Evolution < 3.34.1.
    + Remove build dependency on libwpebackend-fdo-1.0-dev.
    + Switch build dependency from libenchant-2-dev to libenchant-dev.

webkit2gtk (2.26.4-1) unstable; urgency=high

  * New upstream release.
  * The WebKitGTK security advisory WSA-2020-0001 lists the following
    security fixes in the latest versions of WebKitGTK:
    + CVE-2019-8835, CVE-2019-8844, CVE-2019-8846 (fixed in 2.26.3)
  * The WebKitGTK security advisory WSA-2020-0002 lists the following
    security fixes in the latest versions of WebKitGTK:
    + CVE-2020-3862, CVE-2020-3864, CVE-2020-3865, CVE-2020-3867,
      CVE-2020-3868 (fixed in 2.26.4)
  * debian/rules:
    + Don't use the Gold linker on powerpc (Closes: #949618).
    + Run dh with --builddirectory=build. Some source files are generated
      inside this directory and are later referenced from the .gir files
      so their path names should be independent from the architecture.
  * debian/control:
    + Mark libwebkit2gtk-4.0-doc and libwebkit2gtk-4.0-37-gtk2 as
      Multi-Arch: foreign.
    + Update Standards-Version to 4.5.0 (no changes).
  * debian/patches/reduce-memory-overheads.patch:
    + Reduce memory usage when not using the Gold linker
      (Closes: #949621).
  * debian/patches/fix-ftbfs-m68k.patch:
    + Update to make it work with the current release (Closes: #949660).
  * debian/patches/detect-woff.patch:
    + Refresh.
  * Add debian/upstream/metadata.

webkit2gtk (2.26.3-1) unstable; urgency=high

  * New upstream release.
  * The WebKitGTK security advisory WSA-2019-0006 lists the following
    security fixes in the latest versions of WebKitGTK:
    + CVE-2019-8765, CVE-2019-8821, CVE-2019-8822 (fixed in 2.24.4)
    + CVE-2019-8710, CVE-2019-8743, CVE-2019-8764, CVE-2019-8766,
      CVE-2019-8782, CVE-2019-8808, CVE-2019-8815 (fixed in 2.26.0)
    + CVE-2019-8783, CVE-2019-8811, CVE-2019-8813, CVE-2019-8816,
      CVE-2019-8819, CVE-2019-8820, CVE-2019-8823 (fixed in 2.26.1)
    + CVE-2019-8812, CVE-2019-8814 (fixed in 2.26.2)
  * Build without the bubblewrap sandbox if the required dependencies are
    not available (Closes: #944731):
    + debian/rules:
      - Pass -DENABLE_BUBBLEWRAP_SANDBOX depending on whether libseccomp
        is installed.
      - Add runtime dependencies on bubblewrap and xdg-dbus-proxy
        conditionally to the status of ENABLE_BUBBLEWRAP_SANDBOX.
    + debian/control:
      - Don't require bubblewrap, xdg-dbus-proxy or libseccomp-dev in
        alpha, ia64, m68k, riscv64, sh4 or sparc64.
  * Enable USE_WPE_RENDERER:
    + debian/control:
      - Add build dependency on libwpebackend-fdo-1.0-dev.
    + debian/rules:
      - Set USE_WPE_RENDERER depending on whether wpebackend-fdo is
        available or not (this allows disabling it by simply removing the
        build dependency).
  * debian/rules:
    + Use -g1 in all builds. The webkit2gtk debug packages are huge and
      I'm not convinced that they have been very useful for reporting
      bugs. Using -g1 is enough for a basic backtrace and it makes the
      packages easier to handle.
    + Install the NEWS file using debian/libwebkit2gtk-4.0-37.docs.
  * debian/control:
    + Switch build dependency from libenchant-dev to libenchant-2-dev
      (Closes: #948106).
    + Add build dependency on libx11-xcb-dev (Closes: #949430).
    + Add Rules-Requires-Root: no.
  * debian/patches/use-python3.patch:
    + The unversioned python interpreter (i.e. Python 2) is not installed
      by default anymore, so use Python 3 instead (Closes: #948839).
  * debian/patches/user-agent-branding.patch:
    + Refresh.
  * debian/libwebkit2gtk-4.0-37.symbols:
    + Add Build-Depends-Package field.
  * debian/copyright:
    + Update copyright years.

webkit2gtk (2.26.2-1) unstable; urgency=medium

  * New upstream release.
  * debian/rules:
    + Stop building with -O1 for armhf and friends, the build seems to
      work just fine with -O2 now.
  * debian/control:
    + Require bubblewrap >= 0.3.1.
  * debian/patches/force-single-process.patch:
    + Remove this patch, the fixed version of Geary (3.34.1) is now in
      unstable.
  * The WebKitGTK security advisory WSA-2019-0005 lists the following
    security fixes in the latest versions of WebKitGTK:
    + CVE-2019-8768 (fixed in 2.24.0).
    + CVE-2019-8735 (fixed in 2.24.2).
    + CVE-2019-8726 (fixed in 2.24.3).
    + CVE-2019-8674, CVE-2019-8707, CVE-2019-8719, CVE-2019-8733 and
      CVE-2019-8763 (fixed in 2.24.4).
    + CVE-2019-8625, CVE-2019-8720, CVE-2019-8769 and CVE-2019-8771
      (fixed in 2.26.0).
      67c1c3b0
  9. Mar 18, 2020
Apertis Website Terms of Use Privacy Policy