Buildroot Archive on lore.kernel.org
 help / color / mirror / Atom feed
From: Adrian Perez de Castro <aperez@igalia.com>
To: Thomas Devoogdt <thomas@devoogdt.com>
Cc: Bernd Kuhls <bernd.kuhls@t-online.de>,
	Thomas Devoogdt <thomas.devoogdt@gmail.com>,
	Fabrice Fontaine <fontaine.fabrice@gmail.com>,
	buildroot@buildroot.org
Subject: Re: [Buildroot] [PATCH v1 3/3] package/webkitgtk: security bump to version 2.38.5
Date: Mon, 20 Feb 2023 11:29:39 +0200	[thread overview]
Message-ID: <20230220112939.GB446957@igalia.com> (raw)
In-Reply-To: <20230220090923.2155635-3-thomas.devoogdt@barco.com>


[-- Attachment #1.1: Type: text/plain, Size: 4052 bytes --]

Hi Thomas, all,

On Mon, 20 Feb 2023 10:09:23 +0100 Thomas Devoogdt <thomas@devoogdt.com> wrote:
> From: Thomas Devoogdt <thomas.devoogdt@gmail.com>
> 
> Bugfix release, with many security fixes, including (but not limited to)
> a patch for CVE-2023-23529.
> 
> Release notes:
> 
>   https://webkitgtk.org/2023/02/15/webkitgtk2.38.5-released.html

Hehe, I was just about to submit this update myself after smoke-testing
a build. Thanks for sending it :-)

> Accompanying security advisory:
> 
>   https://webkitgtk.org/security/WSA-2023-0002.html
> 
> Also raise the minimal GCC version to 8.3, which was already required since webkitgtk-2.36.4.
> Similar to commit ec1ff802df9a0f17dd2b734ba536a5e206aa5aa4,
> we do check on >= GCC 8, because we can't check on >= GCC 8.3.
> 
>   https://github.com/WebKit/WebKit/commit/f812c5db1ff22bcbe1070ca4ed613085cd36499b
> 
> Signed-off-by: Thomas Devoogdt <thomas.devoogdt@gmail.com>

Acked-by: Adrian Perez de Castro <aperez@igalia.com>

> ---
>  package/webkitgtk/Config.in      | 4 ++--
>  package/webkitgtk/webkitgtk.hash | 8 ++++----
>  package/webkitgtk/webkitgtk.mk   | 2 +-
>  3 files changed, 7 insertions(+), 7 deletions(-)
> 
> diff --git a/package/webkitgtk/Config.in b/package/webkitgtk/Config.in
> index dc5d738dae..976341093e 100644
> --- a/package/webkitgtk/Config.in
> +++ b/package/webkitgtk/Config.in
> @@ -16,7 +16,7 @@ config BR2_PACKAGE_WEBKITGTK_ARCH_SUPPORTS
>  	depends on BR2_TOOLCHAIN_HAS_SYNC_4
>  	depends on BR2_PACKAGE_LIBGPG_ERROR_ARCH_SUPPORTS # libgcrypt
>  
> -comment "webkitgtk needs libgtk3 and a toolchain w/ C++, wchar, threads, dynamic library, gcc >= 7, host gcc >= 4.9"
> +comment "webkitgtk needs libgtk3 and a toolchain w/ C++, wchar, threads, dynamic library, gcc >= 8, host gcc >= 4.9"
>  	depends on BR2_PACKAGE_WEBKITGTK_ARCH_SUPPORTS
>  	depends on !BR2_BINFMT_FLAT
>  	depends on !BR2_PACKAGE_LIBGTK3 || !BR2_INSTALL_LIBSTDCPP || \
> @@ -32,7 +32,7 @@ config BR2_PACKAGE_WEBKITGTK
>  	depends on BR2_HOST_GCC_AT_LEAST_4_9 # icu, host-ruby
>  	depends on BR2_INSTALL_LIBSTDCPP
>  	depends on BR2_TOOLCHAIN_HAS_THREADS # wayland, icu, libsoup
> -	depends on BR2_TOOLCHAIN_GCC_AT_LEAST_7
> +	depends on BR2_TOOLCHAIN_GCC_AT_LEAST_8
>  	depends on BR2_USE_WCHAR # icu, libsoup
>  	depends on BR2_PACKAGE_LIBGTK3
>  	depends on BR2_PACKAGE_WEBKITGTK_ARCH_SUPPORTS
> diff --git a/package/webkitgtk/webkitgtk.hash b/package/webkitgtk/webkitgtk.hash
> index 34fd19d3de..c771297b5a 100644
> --- a/package/webkitgtk/webkitgtk.hash
> +++ b/package/webkitgtk/webkitgtk.hash
> @@ -1,7 +1,7 @@
> -# From https://webkitgtk.org/releases/webkitgtk-2.38.4.tar.xz.sums
> -md5  1c9ca83a0ad7e4ca9e933094572cb7d9  webkitgtk-2.38.4.tar.xz
> -sha1  38b47df2be9bfb97d68fce8c7fa2819966a79036  webkitgtk-2.38.4.tar.xz
> -sha256  4f47ea29a2d4d5f15eef3dc9e2d6c6f067e8de863a3f64455e1ccf9693cc1d36  webkitgtk-2.38.4.tar.xz
> +# From https://webkitgtk.org/releases/webkitgtk-2.38.5.tar.xz.sums
> +md5  de05d314a3ecb5fb3835e4d84f8f466d  webkitgtk-2.38.5.tar.xz
> +sha1  1774390c628bb3a524d4ed76f11de4a878078db6  webkitgtk-2.38.5.tar.xz
> +sha256  40c20c43022274df5893f22b1054fa894c3eea057389bb08aee08c5b0bb0c1a7  webkitgtk-2.38.5.tar.xz
>  
>  # Hashes for license files:
>  sha256  0b5d3a7cc325942567373b0ecd757d07c132e0ebd7c97bfc63f7e1a76094edb4  Source/WebCore/LICENSE-APPLE
> diff --git a/package/webkitgtk/webkitgtk.mk b/package/webkitgtk/webkitgtk.mk
> index a6974db926..3263f7fea0 100644
> --- a/package/webkitgtk/webkitgtk.mk
> +++ b/package/webkitgtk/webkitgtk.mk
> @@ -4,7 +4,7 @@
>  #
>  ################################################################################
>  
> -WEBKITGTK_VERSION = 2.38.4
> +WEBKITGTK_VERSION = 2.38.5
>  WEBKITGTK_SITE = https://www.webkitgtk.org/releases
>  WEBKITGTK_SOURCE = webkitgtk-$(WEBKITGTK_VERSION).tar.xz
>  WEBKITGTK_INSTALL_STAGING = YES
> -- 
> 2.39.2
> 
> _______________________________________________
> buildroot mailing list
> buildroot@buildroot.org
> https://lists.buildroot.org/mailman/listinfo/buildroot
> 

Cheers,
—Adrián

[-- Attachment #1.2: signature.asc --]
[-- Type: application/pgp-signature, Size: 195 bytes --]

[-- Attachment #2: Type: text/plain, Size: 150 bytes --]

_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

  reply	other threads:[~2023-02-20  9:30 UTC|newest]

Thread overview: 22+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-02-20  9:09 [Buildroot] [PATCH v1 1/3] Revert "xorg-server: not available with musl on ARM" Thomas Devoogdt
2023-02-20  9:09 ` [Buildroot] [PATCH v1 2/3] package/libgtk3: re-enable atk-bridge Thomas Devoogdt
2023-02-20 17:22   ` Peter Korsgaard
2023-02-20 18:53     ` Thomas Devoogdt
2023-02-20 20:03       ` Peter Korsgaard
2023-02-20 20:49     ` Thomas Petazzoni via buildroot
2023-02-20 20:57       ` Peter Korsgaard
2023-02-21 15:52         ` Thomas Devoogdt
2023-02-21 19:27           ` [Buildroot] [PATCH v3 1/4] package/at-spi2-core: bump to version 2.47.1 Thomas Devoogdt
2023-02-21 19:28             ` [Buildroot] [PATCH v3 2/4] package/at-spi2-atk: remove package Thomas Devoogdt
2023-02-21 19:28             ` [Buildroot] [PATCH v3 3/4] package/atk: " Thomas Devoogdt
2023-02-21 19:28             ` [Buildroot] [PATCH v3 4/4] package/libgtk3: only update-icon-cache when the demos are built Thomas Devoogdt
2023-02-23  6:58               ` François Perrad
2023-02-23  8:01                 ` Thomas Devoogdt
2023-02-23 12:56                   ` [Buildroot] [PATCH v4 4/4] package/libgtk3: fix update-icon-cache on empty directory Thomas Devoogdt
2023-02-25  9:52                     ` Thomas Petazzoni via buildroot
2023-02-20  9:09 ` [Buildroot] [PATCH v1 3/3] package/webkitgtk: security bump to version 2.38.5 Thomas Devoogdt
2023-02-20  9:29   ` Adrian Perez de Castro [this message]
2023-02-20 13:01     ` Thomas Devoogdt
2023-02-20 13:27       ` Adrian Perez de Castro
2023-02-20 17:22   ` Peter Korsgaard
2023-02-20 17:17 ` [Buildroot] [PATCH v1 1/3] Revert "xorg-server: not available with musl on ARM" Peter Korsgaard

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20230220112939.GB446957@igalia.com \
    --to=aperez@igalia.com \
    --cc=bernd.kuhls@t-online.de \
    --cc=buildroot@buildroot.org \
    --cc=fontaine.fabrice@gmail.com \
    --cc=thomas.devoogdt@gmail.com \
    --cc=thomas@devoogdt.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox