[Bug 1970779] Re: Multiple vulnerabilities in Focal, Impish and Jammy
** Changed in: wpewebkit (Ubuntu) Status: Fix Committed => New ** Summary changed: - Multiple vulnerabilities in Focal, Impish and Jammy + Upgrade to 2.36.3 for Focal, Impish and Jammy -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/1970779 Title: Upgrade to 2.36.3 for Focal, Impish and Jammy To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/wpewebkit/+bug/1970779/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1970779] Re: Multiple vulnerabilities in Focal, Impish and Jammy
Hi Luís, As my colleague mentioned to you previously, except for a few exceptions, such as ffmpeg, we generally don't accept new upstream maintenance releases into the security sponsoring process. As you can see on bug #1973814, the diff between the versions you want to upgrade are too big and introduce too many new changes that could cause regressions and other issues. If you really want to introduce new upstream microreleases, you can perhaps try getting them sponsored as Stable Release Updates: https://wiki.ubuntu.com/StableReleaseUpdates Otherwise, please send debdiffs only containing the security fixes. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/1970779 Title: Multiple vulnerabilities in Focal, Impish and Jammy To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/wpewebkit/+bug/1970779/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1970779] Re: Multiple vulnerabilities in Focal, Impish and Jammy
The upstream project issued a security advisory today: https://wpewebkit.org/security/WSA-2022-0005.html. The changelog in the patched packages was updated just now. These patched packages are currently building in my PPA (https://launchpad.net/~luis220413/+archive/ubuntu/security-updates), as of 08:48 UTC. ** Changed in: wpewebkit (Ubuntu) Status: In Progress => Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/1970779 Title: Multiple vulnerabilities in Focal, Impish and Jammy To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/wpewebkit/+bug/1970779/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
