* [Buildroot] [git commit branch/2022.02.x] package/webkitgtk: security bump to version 2.38.5
@ 2023-03-05 10:21 Peter Korsgaard
0 siblings, 0 replies; only message in thread
From: Peter Korsgaard @ 2023-03-05 10:21 UTC (permalink / raw)
To: buildroot
commit: https://git.buildroot.net/buildroot/commit/?id=73a1b21d9ec66dbf95fcbc676209c49903579127
branch: https://git.buildroot.net/buildroot/commit/?id=refs/heads/2022.02.x
Bugfix release, with many security fixes, including (but not limited to)
a patch for CVE-2023-23529.
Release notes:
https://webkitgtk.org/2023/02/15/webkitgtk2.38.5-released.html
Accompanying security advisory:
https://webkitgtk.org/security/WSA-2023-0002.html
Also raise the minimal GCC version to 8.3, which was already required since webkitgtk-2.36.4.
Similar to commit ec1ff802df9a0f17dd2b734ba536a5e206aa5aa4,
we do check on >= GCC 8, because we can't check on >= GCC 8.3.
https://github.com/WebKit/WebKit/commit/f812c5db1ff22bcbe1070ca4ed613085cd36499b
Signed-off-by: Thomas Devoogdt <thomas.devoogdt@gmail.com>
Acked-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 4c7fcbbe75de5c535e8d5dd7182900b6d09e2b03)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
package/webkitgtk/Config.in | 4 ++--
package/webkitgtk/webkitgtk.hash | 8 ++++----
package/webkitgtk/webkitgtk.mk | 2 +-
3 files changed, 7 insertions(+), 7 deletions(-)
diff --git a/package/webkitgtk/Config.in b/package/webkitgtk/Config.in
index b3a1ada767..bd5cd87379 100644
--- a/package/webkitgtk/Config.in
+++ b/package/webkitgtk/Config.in
@@ -12,7 +12,7 @@ config BR2_PACKAGE_WEBKITGTK_ARCH_SUPPORTS
depends on BR2_TOOLCHAIN_HAS_SYNC_4
depends on BR2_PACKAGE_LIBGPG_ERROR_ARCH_SUPPORTS # libgcrypt
-comment "webkitgtk needs libgtk3 and a toolchain w/ C++, wchar, threads, dynamic library, gcc >= 7, host gcc >= 4.9"
+comment "webkitgtk needs libgtk3 and a toolchain w/ C++, wchar, threads, dynamic library, gcc >= 8, host gcc >= 4.9"
depends on BR2_PACKAGE_WEBKITGTK_ARCH_SUPPORTS
depends on !BR2_BINFMT_FLAT
depends on !BR2_PACKAGE_LIBGTK3 || !BR2_INSTALL_LIBSTDCPP || \
@@ -28,7 +28,7 @@ config BR2_PACKAGE_WEBKITGTK
depends on BR2_HOST_GCC_AT_LEAST_4_9 # icu, host-ruby
depends on BR2_INSTALL_LIBSTDCPP
depends on BR2_TOOLCHAIN_HAS_THREADS # wayland, icu, libsoup
- depends on BR2_TOOLCHAIN_GCC_AT_LEAST_7
+ depends on BR2_TOOLCHAIN_GCC_AT_LEAST_8
depends on BR2_USE_WCHAR # icu, libsoup
depends on BR2_PACKAGE_LIBGTK3
depends on BR2_PACKAGE_WEBKITGTK_ARCH_SUPPORTS
diff --git a/package/webkitgtk/webkitgtk.hash b/package/webkitgtk/webkitgtk.hash
index 34fd19d3de..c771297b5a 100644
--- a/package/webkitgtk/webkitgtk.hash
+++ b/package/webkitgtk/webkitgtk.hash
@@ -1,7 +1,7 @@
-# From https://webkitgtk.org/releases/webkitgtk-2.38.4.tar.xz.sums
-md5 1c9ca83a0ad7e4ca9e933094572cb7d9 webkitgtk-2.38.4.tar.xz
-sha1 38b47df2be9bfb97d68fce8c7fa2819966a79036 webkitgtk-2.38.4.tar.xz
-sha256 4f47ea29a2d4d5f15eef3dc9e2d6c6f067e8de863a3f64455e1ccf9693cc1d36 webkitgtk-2.38.4.tar.xz
+# From https://webkitgtk.org/releases/webkitgtk-2.38.5.tar.xz.sums
+md5 de05d314a3ecb5fb3835e4d84f8f466d webkitgtk-2.38.5.tar.xz
+sha1 1774390c628bb3a524d4ed76f11de4a878078db6 webkitgtk-2.38.5.tar.xz
+sha256 40c20c43022274df5893f22b1054fa894c3eea057389bb08aee08c5b0bb0c1a7 webkitgtk-2.38.5.tar.xz
# Hashes for license files:
sha256 0b5d3a7cc325942567373b0ecd757d07c132e0ebd7c97bfc63f7e1a76094edb4 Source/WebCore/LICENSE-APPLE
diff --git a/package/webkitgtk/webkitgtk.mk b/package/webkitgtk/webkitgtk.mk
index 1cefc3a472..0327ef2485 100644
--- a/package/webkitgtk/webkitgtk.mk
+++ b/package/webkitgtk/webkitgtk.mk
@@ -4,7 +4,7 @@
#
################################################################################
-WEBKITGTK_VERSION = 2.38.4
+WEBKITGTK_VERSION = 2.38.5
WEBKITGTK_SITE = https://www.webkitgtk.org/releases
WEBKITGTK_SOURCE = webkitgtk-$(WEBKITGTK_VERSION).tar.xz
WEBKITGTK_INSTALL_STAGING = YES
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2023-03-05 10:33 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-03-05 10:21 [Buildroot] [git commit branch/2022.02.x] package/webkitgtk: security bump to version 2.38.5 Peter Korsgaard
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.