From: Thomas Devoogdt <thomas@devoogdt.com>
To: buildroot@buildroot.org
Cc: Adrian Perez de Castro <aperez@igalia.com>,
Thomas Devoogdt <thomas@devoogdt.com>,
Thomas Devoogdt <thomas.devoogdt@barco.com>
Subject: [Buildroot] [PATCH v2 1/4] package/webkitgtk: security bump to version 2.40.5
Date: Sat, 9 Sep 2023 09:57:50 +0200 [thread overview]
Message-ID: <20230909075753.7471-1-thomas@devoogdt.com> (raw)
Bugfix release with many security fixes, including (but not limited to)
patches for CVE-2023-37450, CVE-2023-38133, CVE-2023-38572, CVE-2023-38592,
CVE-2023-38594, CVE-2023-38595, CVE-2023-38597, CVE-2023-38599,
CVE-2023-38600, and CVE-2023-38611.
Release notes:
https://webkitgtk.org/2023/07/21/webkitgtk2.40.4-released.html
https://webkitgtk.org/2023/08/01/webkitgtk2.40.5-released.html
Accompanying security advisory:
https://webkitgtk.org/security/WSA-2023-0006.html
https://webkitgtk.org/security/WSA-2023-0007.html
Signed-off-by: Thomas Devoogdt <thomas.devoogdt@barco.com>
---
v2: no change
---
...e-when-gstreamer-support-is-disabled.patch | 36 +++++++++++++++++++
package/webkitgtk/webkitgtk.hash | 6 ++--
package/webkitgtk/webkitgtk.mk | 2 +-
3 files changed, 40 insertions(+), 4 deletions(-)
create mode 100644 package/webkitgtk/0001-Fix-build-failure-when-gstreamer-support-is-disabled.patch
diff --git a/package/webkitgtk/0001-Fix-build-failure-when-gstreamer-support-is-disabled.patch b/package/webkitgtk/0001-Fix-build-failure-when-gstreamer-support-is-disabled.patch
new file mode 100644
index 0000000000..3fa23b215b
--- /dev/null
+++ b/package/webkitgtk/0001-Fix-build-failure-when-gstreamer-support-is-disabled.patch
@@ -0,0 +1,36 @@
+From 9b31965cdf362768e86f7e592e59e68fb3351261 Mon Sep 17 00:00:00 2001
+From: Matt Turner <mattst88@gmail.com>
+Date: Tue, 8 Aug 2023 16:51:25 -0700
+Subject: [PATCH] Fix build failure when gstreamer support is disabled
+ https://bugs.webkit.org/show_bug.cgi?id=259931 https://bugs.gentoo.org/911663
+
+Reviewed by Carlos Alberto Lopez Perez.
+
+* Source/WebCore/loader/MixedContentChecker.cpp:
+
+Canonical link: https://commits.webkit.org/260527.429@fix-build
+
+(cherry picked from commit f5ceef5bf2e3c4d7203a37b9e2d2fdd9b1bb2732)
+
+Upstream: https://github.com/WebKit/WebKit/commit/f5ceef5bf2e3c4d7203a37b9e2d2fdd9b1bb2732
+Signed-off-by: Thomas Devoogdt <thomas.devoogdt@barco.com>
+---
+ Source/WebCore/loader/MixedContentChecker.cpp | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/Source/WebCore/loader/MixedContentChecker.cpp b/Source/WebCore/loader/MixedContentChecker.cpp
+index 9b4c7fe62020..ac4733bc08bc 100644
+--- a/Source/WebCore/loader/MixedContentChecker.cpp
++++ b/Source/WebCore/loader/MixedContentChecker.cpp
+@@ -33,6 +33,8 @@
+ #include "ContentSecurityPolicy.h"
+ #include "Document.h"
+ #include "Frame.h"
++#include "FrameLoader.h"
++#include "FrameLoaderClient.h"
+ #include "SecurityOrigin.h"
+
+ namespace WebCore {
+--
+2.42.0
+
diff --git a/package/webkitgtk/webkitgtk.hash b/package/webkitgtk/webkitgtk.hash
index 756ac13ec2..7f50f1aa7b 100644
--- a/package/webkitgtk/webkitgtk.hash
+++ b/package/webkitgtk/webkitgtk.hash
@@ -1,6 +1,6 @@
-# From https://www.webkitgtk.org/releases/webkitgtk-2.40.3.tar.xz.sums
-sha1 74ee7241f2add46897019e22bd4f8e19e09027bb webkitgtk-2.40.3.tar.xz
-sha256 cc0aa83f40dbc64c1c6ae42ec6b85af4be2a9dbf524cfcb95f89a367fb5098dd webkitgtk-2.40.3.tar.xz
+# From https://www.webkitgtk.org/releases/webkitgtk-2.40.5.tar.xz.sums
+sha1 2f4d06b021115eb4106177f7d5f534f45b5d3b2e webkitgtk-2.40.5.tar.xz
+sha256 7de051a263668621d91a61a5eb1c3771d1a7cec900043d4afef06c326c16037f webkitgtk-2.40.5.tar.xz
# Hashes for license files:
sha256 0b5d3a7cc325942567373b0ecd757d07c132e0ebd7c97bfc63f7e1a76094edb4 Source/WebCore/LICENSE-APPLE
diff --git a/package/webkitgtk/webkitgtk.mk b/package/webkitgtk/webkitgtk.mk
index 32f6102797..71599477f2 100644
--- a/package/webkitgtk/webkitgtk.mk
+++ b/package/webkitgtk/webkitgtk.mk
@@ -4,7 +4,7 @@
#
################################################################################
-WEBKITGTK_VERSION = 2.40.3
+WEBKITGTK_VERSION = 2.40.5
WEBKITGTK_SITE = https://www.webkitgtk.org/releases
WEBKITGTK_SOURCE = webkitgtk-$(WEBKITGTK_VERSION).tar.xz
WEBKITGTK_INSTALL_STAGING = YES
--
2.34.1
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
next reply other threads:[~2023-09-09 7:58 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-09-09 7:57 Thomas Devoogdt [this message]
2023-09-09 7:57 ` [Buildroot] [PATCH v2 2/4] package/webkitgtk: allow both X11 and Wayland Thomas Devoogdt
2023-09-22 16:01 ` Yann E. MORIN
2023-09-09 7:57 ` [Buildroot] [PATCH v2 3/4] package/webkitgtk: make gbm support optional Thomas Devoogdt
2023-09-09 7:57 ` [Buildroot] [PATCH v2 4/4] package/webkitgtk: add a USE_OPENGL_OR_ES config option Thomas Devoogdt
2023-09-22 16:01 ` [Buildroot] [PATCH v2 1/4] package/webkitgtk: security bump to version 2.40.5 Yann E. MORIN
2023-09-26 6:06 ` Peter Korsgaard
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230909075753.7471-1-thomas@devoogdt.com \
--to=thomas@devoogdt.com \
--cc=aperez@igalia.com \
--cc=buildroot@buildroot.org \
--cc=thomas.devoogdt@barco.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.