From: Raspbian automatic forward porter Date: Thu, 8 Aug 2019 14:06:24 +0000 (+0100) Subject: Merge version 2.22.7-1+rpi1 and 2.24.2-1 to produce 2.24.2-1+rpi1 X-Git-Tag: archive/raspbian/2.24.2-1+rpi1^0 X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=c8300be15283af2ac7da37c84ec353c35f88c9ee;p=webkit2gtk.git Merge version 2.22.7-1+rpi1 and 2.24.2-1 to produce 2.24.2-1+rpi1 --- c8300be15283af2ac7da37c84ec353c35f88c9ee diff --cc debian/changelog index 5c4c2a5de2,e5224cae53..f5c2d9a0f1 --- a/debian/changelog +++ b/debian/changelog @@@ -1,37 -1,48 +1,56 @@@ - webkit2gtk (2.22.7-1+rpi1) buster-staging; urgency=medium ++webkit2gtk (2.24.2-1+rpi1) buster-staging; urgency=medium + + [changes brought forward from 2.6.2+dfsg1-3+rpi1 by Peter Michael Green at Sun, 25 Jan 2015 02:14:50 +0000] + * Disable javascript JIT as it doesn't appear to be armv6 compatible + (at least I assume that is the cause of the assembler errors) + - -- Raspbian forward porter Sun, 07 Apr 2019 15:26:48 +0000 ++ -- Raspbian forward porter Thu, 08 Aug 2019 14:06:22 +0000 + - webkit2gtk (2.22.7-1) unstable; urgency=high + webkit2gtk (2.24.2-1) unstable; urgency=medium - * New upstream release (Closes: #921869). + * New upstream release. + + This fixes CVE-2019-8595, CVE-2019-8607 and CVE-2019-8615. + * debian/patches/fix-redirected-streams.patch, + debian/patches/fix-cjk-white-space.patch: + + Drop these patches. + * debian/libwebkit2gtk-4.0-37.symbols: + + Update symbols. - -- Alberto Garcia Sun, 03 Mar 2019 15:49:26 +0200 + -- Alberto Garcia Fri, 17 May 2019 17:40:52 +0300 - webkit2gtk (2.22.6-1) unstable; urgency=high + webkit2gtk (2.24.1-2) unstable; urgency=high - * New upstream release. - * The WebKitGTK+ security advisory WSA-2019-0001 lists the following + * The WebKitGTK+ security advisory WSA-2019-0002 lists the following security fixes in the latest versions of WebKitGTK+: - + CVE-2019-6226 (fixed in 2.22.0) - + CVE-2019-6233 and CVE-2019-6234 (fixed in 2.22.4) - + CVE-2019-6216, CVE-2019-6217, CVE-2019-6227 and CVE-2019-6229 - (fixed in 2.22.5). - + CVE-2019-6212 and CVE-2019-6215 (fixed in 2.22.6). - * debian/copyright: - + Update copyright years. + + CVE-2019-6201, CVE-2019-7285, CVE-2019-7292, CVE-2019-8503, + CVE-2019-8515 (fixed in 2.22.6). + + CVE-2019-8518, CVE-2019-8523 (fixed in 2.22.7). + + CVE-2019-8524, CVE-2019-8535, CVE-2019-8536, CVE-2019-8544, + CVE-2019-8551, CVE-2019-8558, CVE-2019-8559, CVE-2019-8563, + CVE-2019-8506 (fixed in 2.24.0). + + CVE-2019-11070, CVE-2019-6251 (fixed in 2.24.1). + * debian/patches/fix-redirected-streams.patch: + + Fix playback of redirected streams (Closes: #928044). + * debian/patches/fix-cjk-white-space.patch: + + Fix white space rendering with noto CJK font (Closes: #926872). + * debian/NEWS: + + Add news item about the lack of support for pre-SSE2 i386 CPUs. - -- Alberto Garcia Sat, 09 Feb 2019 11:35:18 +0200 + -- Alberto Garcia Fri, 10 May 2019 12:39:42 +0300 - webkit2gtk (2.22.5-1) unstable; urgency=medium + webkit2gtk (2.24.1-1) unstable; urgency=high * New upstream release. - * debian/patches/detect-jit.patch: - + Drop patch, this has been fixed upstream. + + This fixes CVE-2019-6251. + * GTK has dropped the '+' from its name, and so has WebKitGTK, so update + all references. + * debian/gbp.conf: + + Update upstream branch name. + * debian/rules: + + No need to chmod generate-gtkdoc anymore. + + 32-bit x86 builds require SSE2 now. + * debian/watch: + + Scan stable releases only. * debian/patches/detect-woff.patch: + Refresh.