Buildroot Archive on lore.kernel.org
 help / color / mirror / Atom feed
From: Adrian Perez de Castro <aperez@igalia.com>
To: Peter Korsgaard <peter@korsgaard.com>
Cc: Samuel Martin <s.martin49@gmail.com>, buildroot@buildroot.org
Subject: Re: [Buildroot] [PATCH 2/4] package/wpewebkit: security bump to version 2.44.2
Date: Wed, 29 May 2024 16:31:55 +0200	[thread overview]
Message-ID: <20240529163155.GB375910@igalia.com> (raw)
In-Reply-To: <87ttihrvm6.fsf@dell.be.48ers.dk>


[-- Attachment #1.1: Type: text/plain, Size: 2264 bytes --]

Hi Peter, all,

On Wed, 29 May 2024 08:16:17 +0200 Peter Korsgaard <peter@korsgaard.com> wrote:
> >>>>> "Adrian" == Adrian Perez de Castro <aperez@igalia.com> writes:
> 
>  > Update to the most recent stable release of WPE WebKit. As this is a
>  > change to a newer release series, there are a few changes in the CMake
>  > build options. Dependencies mostly remain the same. The main changes
>  > are:
> 
>  >  - The new ENABLE_WEB_CODECS option is set along with ENABLE_VIDEO and
>  >    ENABLE_WEB_RTC depending on BR2_PACKAGE_WPEWEBKIT_MULTIMEDIA.
>  >  - The new USE_LIBBACKTRACE option is set accordingly, depending on
>  >    BR2_PACKAGE_LIBBACKTRACE.
>  >  - WebAssembly does not work with ENABLE_C_LOOP, so it needs to be
>  >    disabled alongside it for MIPSr6, ARMv5 and ARMv6; not that building
>  >    WebAssembly support is enabled by default.
>  >  - ENABLE_ACCESSIBILITY has been removed, instead the new USE_ATK option
>  >    can be used to the same effect.
>  >  - JPEG2000 is no longer supported, the openjpeg dependency is removed.
> 
>  > Release notes and announcement:
> 
>  >   - https://wpewebkit.org/blog/2024-wpewebkit-2.44.html
> 
>  >   - https://wpewebkit.org/release/wpewebkit-2.44.0.html
>  >   - https://wpewebkit.org/release/wpewebkit-2.44.1.html
>  >   - https://wpewebkit.org/release/wpewebkit-2.44.2.html
> 
>  > Relevant security advisories:
> 
>  >   - https://wpewebkit.org/security/WSA-2024-0002.html
>  >   - https://wpewebkit.org/security/WSA-2024-0003.html
> 
>  > Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
>  
>  >  WPEWEBKIT_SITE = https://wpewebkit.org/releases
>  > -WPEWEBKIT_SOURCE = wpewebkit-$(WPEWEBKIT_VERSION).tar.xz
>  > +WPEWEBKIT_SOURCE = wpewebkit-$(WPEWEBKIT_VERSION).tar.lz
> 
> I know of the xz backdoor issue, but we use .xz in a LOT of packages and
> upstream provides .tar.xz, so I prefer to use that here as well to not
> have to pull in host-lzip.

Yes, I've been following the discussion, and how Buildroot wasn't
affected due to being somewhat slow picking updates =)

Good to know that you prefer to keep using .xz packages, I have just
submitted a version bump to Cog and kept using .xz as well there.

> Committed with that changed, thanks.

Thank you!

Cheers,
—Adrián

[-- Attachment #1.2: signature.asc --]
[-- Type: application/pgp-signature, Size: 195 bytes --]

[-- Attachment #2: Type: text/plain, Size: 150 bytes --]

_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

  reply	other threads:[~2024-05-29 14:32 UTC|newest]

Thread overview: 19+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-05-22  9:16 [Buildroot] [PATCH 0/4] Update WPE WebKit to the 2.44 release series Adrian Perez de Castro
2024-05-22  9:16 ` [Buildroot] [PATCH 1/4] package/libwpe: bump to version 1.16.0 Adrian Perez de Castro
2024-05-28  5:20   ` Peter Korsgaard
2024-06-08 16:47   ` Peter Korsgaard
2024-05-22  9:16 ` [Buildroot] [PATCH 2/4] package/wpewebkit: security bump to version 2.44.2 Adrian Perez de Castro
2024-05-29  6:16   ` Peter Korsgaard
2024-05-29 14:31     ` Adrian Perez de Castro [this message]
2024-06-08 16:47   ` Peter Korsgaard
2024-05-22  9:16 ` [Buildroot] [PATCH 3/4] package/libavif: new package Adrian Perez de Castro
2024-07-12 21:05   ` Thomas Petazzoni via buildroot
2024-08-05 13:19     ` Adrian Perez de Castro
2024-08-05 13:45       ` Thomas Petazzoni via buildroot
2024-05-22  9:16 ` [Buildroot] [PATCH 4/4] package/wpewebkit: use libavif if enabled Adrian Perez de Castro
2024-07-12 21:07   ` Thomas Petazzoni via buildroot
  -- strict thread matches above, loose matches on Subject: below --
2024-06-19 10:34 [Buildroot] [PATCH 2/4] package/wpewebkit: security bump to version 2.44.2 Michael Nosthoff via buildroot
2024-06-19 11:05 ` Adrian Perez de Castro
2024-06-23  9:03   ` Peter Korsgaard
2024-06-24 20:04     ` Adrian Perez de Castro
2024-06-25 10:27       ` Michael Nosthoff via buildroot

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20240529163155.GB375910@igalia.com \
    --to=aperez@igalia.com \
    --cc=buildroot@buildroot.org \
    --cc=peter@korsgaard.com \
    --cc=s.martin49@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox