[Buildroot] [PATCH] package/webkitgtk: security bump to 2.52.3

* [Buildroot] [PATCH] package/webkitgtk: security bump to 2.52.3
@ 2026-04-20 21:44 Adrian Perez de Castro
  2026-04-22 21:03 ` Julien Olivain via buildroot
  2026-05-04 14:47 ` Thomas Perale via buildroot
  0 siblings, 2 replies; 3+ messages in thread
From: Adrian Perez de Castro @ 2026-04-20 21:44 UTC (permalink / raw)
  To: buildroot; +Cc: Adrian Perez de Castro

This bumps WebKitGTK to the 2.52 stable series. A welcome change
is the addition of the USE_GSTREAMER CMake option that can be used
as a blanket option to toggle all multimedia support, which matches
exactly the intention behind BR2_PACKAGE_WEBKITGTK_MULTIMEDIA.

Includes fixes (among others) for CVE-2026-20643, CVE-2026-20664,
CVE-2026-20665, CVE-2026-20691, CVE-2026-28857, CVE-2026-28859,
CVE-2026-28861, CVE-2026-28871, CVE-2025-43457, CVE-2025-46299,
CVE-2026-20608, CVE-2026-20635, CVE-2026-20636, CVE-2026-20644,
CVE-2026-20652, and CVE-2026-20676.

Highlights of the 2.52 series:
- https://webkitgtk.org/2026/03/18/webkitgtk-2.52-highlights.html

Release notes:
- https://webkitgtk.org/2026/04/16/webkitgtk2.52.3-released.html
- https://webkitgtk.org/2026/04/13/webkitgtk2.52.2-released.html
- https://webkitgtk.org/2026/03/27/webkitgtk2.52.1-released.html
- https://webkitgtk.org/2026/03/18/webkitgtk2.52.0-released.html
- https://webkitgtk.org/2026/03/12/webkitgtk2.50.6-released.html

Security advisories:
- https://webkitgtk.org/security/WSA-2026-0002.html
- https://webkitgtk.org/security/WSA-2026-0001.html

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
---
 package/webkitgtk/webkitgtk.hash |  6 +++---
 package/webkitgtk/webkitgtk.mk   | 12 +++---------
 2 files changed, 6 insertions(+), 12 deletions(-)

diff --git a/package/webkitgtk/webkitgtk.hash b/package/webkitgtk/webkitgtk.hash
index 77bdc5485b..03b8d0a9be 100644
--- a/package/webkitgtk/webkitgtk.hash
+++ b/package/webkitgtk/webkitgtk.hash
@@ -1,6 +1,6 @@
-# From https://webkitgtk.org/releases/webkitgtk-2.50.5.tar.xz.sums
-sha1  e93f7efa9fbc7304cc159c35d8e76d7febab2515  webkitgtk-2.50.5.tar.xz
-sha256  8737631bac3e9c7ad3e5208f9370e076c09d9c45b39980021ce54edadcc6f94f  webkitgtk-2.50.5.tar.xz
+# From https://webkitgtk.org/releases/webkitgtk-2.52.3.tar.xz.sums
+sha1  17f9b127618040a5f3fcbb70e37ea16ab6d69b0b  webkitgtk-2.52.3.tar.xz
+sha256  5b3e0d174e63dcc28848b1194e0e7448d5948c3c2427ecd931c2c5be5261aebb  webkitgtk-2.52.3.tar.xz
 
 # Hashes for license files:
 sha256  0b5d3a7cc325942567373b0ecd757d07c132e0ebd7c97bfc63f7e1a76094edb4  Source/WebCore/LICENSE-APPLE
diff --git a/package/webkitgtk/webkitgtk.mk b/package/webkitgtk/webkitgtk.mk
index 26c70ae6c8..54e769d589 100644
--- a/package/webkitgtk/webkitgtk.mk
+++ b/package/webkitgtk/webkitgtk.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-WEBKITGTK_VERSION = 2.50.5
+WEBKITGTK_VERSION = 2.52.3
 WEBKITGTK_SITE = https://www.webkitgtk.org/releases
 WEBKITGTK_SOURCE = webkitgtk-$(WEBKITGTK_VERSION).tar.xz
 WEBKITGTK_INSTALL_STAGING = YES
@@ -56,16 +56,10 @@ WEBKITGTK_CONF_OPTS += -DENABLE_BUBBLEWRAP_SANDBOX=OFF
 endif
 
 ifeq ($(BR2_PACKAGE_WEBKITGTK_MULTIMEDIA),y)
-WEBKITGTK_CONF_OPTS += \
-	-DENABLE_VIDEO=ON \
-	-DENABLE_WEB_AUDIO=ON \
-	-DENABLE_WEB_CODECS=ON
+WEBKITGTK_CONF_OPTS += -DUSE_GSTREAMER=ON
 WEBKITGTK_DEPENDENCIES += gstreamer1 gst1-libav gst1-plugins-bad gst1-plugins-base
 else
-WEBKITGTK_CONF_OPTS += \
-	-DENABLE_VIDEO=OFF \
-	-DENABLE_WEB_AUDIO=OFF \
-	-DENABLE_WEB_CODECS=OFF
+WEBKITGTK_CONF_OPTS += -DUSE_GSTREAMER=OFF
 endif
 
 ifeq ($(BR2_PACKAGE_WEBKITGTK_WEBDRIVER),y)
-- 
2.53.0

_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

^ permalink raw reply related	[flat|nested] 3+ messages in thread