Re: [Buildroot] [PATCH 1/1] package/wpewebkit: security bump to version 2.48.3

From: Thomas Petazzoni via buildroot <buildroot@buildroot.org>
To: Adrian Perez de Castro <aperez@igalia.com>
Cc: buildroot@buildroot.org
Subject: Re: [Buildroot] [PATCH 1/1] package/wpewebkit: security bump to version 2.48.3
Date: Wed, 30 Jul 2025 22:32:28 +0200	[thread overview]
Message-ID: <20250730223228.036ad445@windsurf> (raw)
In-Reply-To: <20250708215011.1213438-1-aperez@igalia.com>

On Wed,  9 Jul 2025 00:50:09 +0300
Adrian Perez de Castro <aperez@igalia.com> wrote:

> This bumps WPE WebKit to the 2.48 stable series, skipping over 2.46.
> 
> WPE WebKit 2.48 and 2.46 highlights:
> 
> - https://wpewebkit.org/blog/2025-04-11-wpewebkit-2.48.html
> - https://wpewebkit.org/blog/2024-wpewebkit-2.46.html
> 
> Release notes:
> 
> - https://wpewebkit.org/release/wpewebkit-2.48.3.html
> - https://wpewebkit.org/release/wpewebkit-2.48.2.html
> - https://wpewebkit.org/release/wpewebkit-2.48.1.html
> - https://wpewebkit.org/release/wpewebkit-2.48.0.html
> - https://wpewebkit.org/release/wpewebkit-2.46.7.html
> - https://wpewebkit.org/release/wpewebkit-2.46.6.html
> - https://wpewebkit.org/release/wpewebkit-2.46.5.html
> - https://wpewebkit.org/release/wpewebkit-2.46.4.html
> - https://wpewebkit.org/release/wpewebkit-2.46.3.html
> - https://wpewebkit.org/release/wpewebkit-2.46.2.html
> - https://wpewebkit.org/release/wpewebkit-2.46.1.html
> - https://wpewebkit.org/release/wpewebkit-2.46.0.html
> 
> Fixes the following security issues:
> 
> - From https://wpewebkit.org/security/WSA-2025-0004.html
>   CVE-2025-24223, CVE-2025-31204, CVE-2025-31205, CVE-2025-31206,
>   CVE-2025-31215, CVE-2025-31257
> 
> - From https://wpewebkit.org/security/WSA-2025-0003.html
>   CVE-2024-54551, CVE-2025-24208, CVE-2025-24209, CVE-2025-24213,
>   CVE-2025-24216, CVE-2025-24264, CVE-2025-30427
> 
> - From https://wpewebkit.org/security/WSA-2025-0002.html
>   CVE-2024-44192, CVE-2024-54467, CVE-2025-24201
> 
> - From https://wpewebkit.org/security/WSA-2025-0001.html
>   CVE-2024-27856, CVE-2024-54543, CVE-2024-54658, CVE-2025-24143,
>   CVE-2025-24150, CVE-2025-24158, CVE-2025-24162
> 
> - From https://wpewebkit.org/security/WSA-2024-0008.html
>   CVE-2024-54479, CVE-2024-54502, CVE-2024-54505, CVE-2024-54508,
>   CVE-2024-54534
> 
> - From https://wpewebkit.org/security/WSA-2024-0007.html
>   CVE-2024-44308, CVE-2024-44309
> 
> - From https://wpewebkit.org/security/WSA-2024-0006.html
>   CVE-2024-44185, CVE-2024-44244, CVE-2024-44296
> 
> - From https://wpewebkit.org/security/WSA-2024-0005.html
>   CVE-2024-40866, CVE-2024-44187
> 
> As for build system changes, the minimum GCC requirement gets raised to
> version 11 [1], the ENABLE_SPEECH_SYNTHESIS option is now enabled by
> default [2] and needs handling, and Skia (bundled with the sources) is
> now preferred on little-endian targets.
> 
> [1] https://github.com/WebKit/WebKit/commit/682ac4ba74c53d0cd488c7a595096224a9abb036
> [2] https://github.com/WebKit/WebKit/commit/10381a8de938024f31935184af470ccbce0b22d9
> 
> Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
> ---
>  ...d-with-USE_SKIA_OPENTYPE_SVG-ON-and-.patch | 44 +++++++++++++++++++
>  package/wpewebkit/Config.in                   | 11 ++---
>  package/wpewebkit/wpewebkit.hash              |  8 ++--
>  package/wpewebkit/wpewebkit.mk                | 27 +++++++++++-
>  4 files changed, 79 insertions(+), 11 deletions(-)
>  create mode 100644 package/wpewebkit/0001-WPE-Fix-the-build-with-USE_SKIA_OPENTYPE_SVG-ON-and-.patch

Applied to master, thanks.

Thomas
-- 
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot