Your message dated Tue, 27 Jul 2021 19:01:01 +0000
with message-id <[email protected]>
and subject line unblock webkit2gtk
has caused the Debian Bug report #991554,
regarding unblock: webkit2gtk/2.32.3-1
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
991554: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991554
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: [email protected]
Usertags: unblock
Please unblock package webkit2gtk
Starting from buster webkit2gtk has been receiving security updates,
with a dozen DSAs published so far, at a pace of once every month or
two. These updates follow the upstream stable releases.
webkit2gtk 2.32.3 is the most recent stable point release. It was
published on the 23rd of July, and contains fixes for 13 security
bugs: CVE-2021-21775, CVE-2021-21779, CVE-2021-30663, CVE-2021-30665,
CVE-2021-30689, CVE-2021-30720, CVE-2021-30734, CVE-2021-30744,
CVE-2021-30749, CVE-2021-30758, CVE-2021-30795, CVE-2021-30797 and
CVE-2021-30799
See the upstream security advisory for more details:
https://webkitgtk.org/security/WSA-2021-0004.html
(note that it includes bugs that were fixed in earlier WebKitGTK
releases)
The debian part of the debdiff (attached) contains no changes other
than an update for a m68k-specific patch that fixes the build in that
architecture.
After this is unblocked I'll prepare a security update for buster.
unblock webkit2gtk/2.32.3-1
diff -Nru webkit2gtk-2.32.1/debian/changelog webkit2gtk-2.32.3/debian/changelog
--- webkit2gtk-2.32.1/debian/changelog 2021-06-07 10:39:51.000000000 +0200
+++ webkit2gtk-2.32.3/debian/changelog 2021-07-25 00:25:47.000000000 +0200
@@ -1,3 +1,30 @@
+webkit2gtk (2.32.3-1) unstable; urgency=high
+
+ * New upstream release.
+ * The WebKitGTK security advisory WSA-2021-0004 lists the following
+ security fixes in the latest versions of WebKitGTK:
+ + CVE-2021-30666, CVE-2021-30761 (fixed in 2.26.0).
+ + CVE-2021-30762 (fixed in 2.28.0).
+ + CVE-2021-1817, CVE-2021-1820, CVE-2021-1825, CVE-2021-1826,
+ CVE-2021-30661 (fixed in 2.30.0).
+ + CVE-2021-21806 (fixed in 2.30.6).
+ + CVE-2021-30682 (fixed in 2.32.0).
+ + CVE-2021-30758 (fixed in 2.32.2).
+ + CVE-2021-21775, CVE-2021-21779, CVE-2021-30663, CVE-2021-30665,
+ CVE-2021-30689, CVE-2021-30720, CVE-2021-30734, CVE-2021-30744,
+ CVE-2021-30749, CVE-2021-30795, CVE-2021-30797, CVE-2021-30799
+ (fixed in 2.32.3).
+
+ -- Alberto Garcia <[email protected]> Sun, 25 Jul 2021 00:25:47 +0200
+
+webkit2gtk (2.32.2-1) unstable; urgency=medium
+
+ * New upstream release.
+ * debian/patches/fix-ftbfs-m68k.patch:
+ + Update patch.
+
+ -- Alberto Garcia <[email protected]> Fri, 09 Jul 2021 13:41:26 +0200
+
webkit2gtk (2.32.1-2) unstable; urgency=high
* debian/control:
diff -Nru webkit2gtk-2.32.1/debian/patches/fix-ftbfs-m68k.patch
webkit2gtk-2.32.3/debian/patches/fix-ftbfs-m68k.patch
--- webkit2gtk-2.32.1/debian/patches/fix-ftbfs-m68k.patch 2021-06-07
10:39:51.000000000 +0200
+++ webkit2gtk-2.32.3/debian/patches/fix-ftbfs-m68k.patch 2021-07-25
00:25:47.000000000 +0200
@@ -196,3 +196,19 @@
bool CSSValue::isImplicitInitialValue() const
{
+Index: webkitgtk/Source/WebCore/rendering/InlineFlowBox.cpp
+===================================================================
+--- webkitgtk.orig/Source/WebCore/rendering/InlineFlowBox.cpp
++++ webkitgtk/Source/WebCore/rendering/InlineFlowBox.cpp
+@@ -53,7 +53,11 @@ struct SameSizeAsInlineFlowBox : public
+ void* pointers[5];
+ };
+
++#if defined(__m68k__)
++COMPILE_ASSERT(sizeof(InlineFlowBox) >= sizeof(SameSizeAsInlineFlowBox),
InlineFlowBox_should_stay_small);
++#else
+ COMPILE_ASSERT(sizeof(InlineFlowBox) == sizeof(SameSizeAsInlineFlowBox),
InlineFlowBox_should_stay_small);
++#endif
+
+ #if !ASSERT_WITH_SECURITY_IMPLICATION_DISABLED
+
--- End Message ---
--- Begin Message ---
Unblocked.
--- End Message ---
