Re: [OE-core] [PATCH 6/7] webkitgtk: update to 2.10.7

2016-02-25 Thread Alexander Kanavin
On 02/24/2016 07:19 PM, akuster808 wrote: Many vulnerability notifications will make the same statements. Updating a package that other packages depend on can cause a cascading set of failures. Now you have a bigger set of problems to contend with. I don't think the possibility of failures

Re: [OE-core] [PATCH 6/7] webkitgtk: update to 2.10.7

2016-02-24 Thread akuster808
On 02/24/2016 03:55 AM, Alexander Kanavin wrote: > On 02/16/2016 05:55 PM, akuster808 wrote: > >>> Yes, which means that jethro (which has 2.8.5) needs the same update. >> >> there is a bug open for that 8877. there are a huge number of CVE's that >> need fixing. > > I wrote a comment in that

Re: [OE-core] [PATCH 6/7] webkitgtk: update to 2.10.7

2016-02-24 Thread Alexander Kanavin
On 02/16/2016 05:55 PM, akuster808 wrote: Yes, which means that jethro (which has 2.8.5) needs the same update. there is a bug open for that 8877. there are a huge number of CVE's that need fixing. I wrote a comment in that bug, but I think it bears repeating here: Please read this, it's a

Re: [OE-core] [PATCH 6/7] webkitgtk: update to 2.10.7

2016-02-16 Thread akuster808
On 02/16/2016 06:34 AM, Alexander Kanavin wrote: > On 02/11/2016 09:08 PM, akuster808 wrote: >> this update includes: >> >> >> CVE-2015-7096 >> Versions affected: WebKitGTK+ before 2.10.5. >> >> CVE-2015-7098 >> Versions affected: WebKitGTK+ before 2.10.5. >> >> >>

Re: [OE-core] [PATCH 6/7] webkitgtk: update to 2.10.7

2016-02-16 Thread Alexander Kanavin
On 02/11/2016 09:08 PM, akuster808 wrote: this update includes: CVE-2015-7096 Versions affected: WebKitGTK+ before 2.10.5. CVE-2015-7098 Versions affected: WebKitGTK+ before 2.10.5. http://webkitgtk.org/security.html Yes, which means that jethro (which has 2.8.5) needs the same

Re: [OE-core] [PATCH 6/7] webkitgtk: update to 2.10.7

2016-02-11 Thread akuster808
this update includes: CVE-2015-7096 Versions affected: WebKitGTK+ before 2.10.5. CVE-2015-7098 Versions affected: WebKitGTK+ before 2.10.5. http://webkitgtk.org/security.html On 02/10/2016 04:42 AM, Alexander Kanavin wrote: > Signed-off-by: Alexander Kanavin

[OE-core] [PATCH 6/7] webkitgtk: update to 2.10.7

2016-02-10 Thread Alexander Kanavin
Signed-off-by: Alexander Kanavin --- meta/recipes-sato/webkit/{webkitgtk_2.10.5.bb => webkitgtk_2.10.7.bb} | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) rename meta/recipes-sato/webkit/{webkitgtk_2.10.5.bb => webkitgtk_2.10.7.bb} (96%) diff --git