-
webkit2gtk (2.42.4-0ubuntu0.23.04.1) lunar-security; urgency=medium
* Update to 2.42.4 to fix security issues.
- CVE-2023-42883
-- Marc Deslauriers <email address hidden> Tue, 09 Jan 2024 08:38:41 -0500
-
webkit2gtk (2.42.3-0ubuntu0.23.04.1) lunar-security; urgency=medium
* Update to 2.42.3 to fix security issues.
- CVE-2023-42916, CVE-2023-42917
-- Marc Deslauriers <email address hidden> Wed, 06 Dec 2023 11:08:56 -0500
-
webkit2gtk (2.42.2-0ubuntu0.23.04.1) lunar-security; urgency=medium
* Update to 2.42.2 to fix security issues.
- CVE-2023-41983, CVE-2023-42852
-- Marc Deslauriers <email address hidden> Thu, 16 Nov 2023 13:04:58 -0500
-
webkit2gtk (2.42.1-0ubuntu0.23.04.1) lunar-security; urgency=medium
* Update to 2.42.1 to fix security issues.
- CVE-2023-39928, CVE-2023-41074, CVE-2023-41993
-- Marc Deslauriers <email address hidden> Wed, 04 Oct 2023 10:31:08 -0400
-
webkit2gtk (2.40.5-0ubuntu0.23.04.1) lunar-security; urgency=medium
* Update to 2.40.5 to fix security issues.
- CVE-2023-38133, CVE-2023-38572, CVE-2023-38592, CVE-2023-38594,
CVE-2023-38595, CVE-2023-38597, CVE-2023-38599, CVE-2023-38600,
CVE-2023-38611
- debian/patches/fix-jsc-timestamp.patch: removed, included in new
version.
-- Marc Deslauriers <email address hidden> Thu, 03 Aug 2023 12:26:06 -0400
-
webkit2gtk (2.40.4-0ubuntu0.23.04.1) lunar-security; urgency=medium
* Update to 2.40.4 to fix security issues.
- CVE-2023-28204, CVE-2023-32373, CVE-2023-32439, CVE-2023-37450
-- Marc Deslauriers <email address hidden> Fri, 21 Jul 2023 12:26:54 -0400
-
webkit2gtk (2.40.1-0ubuntu0.23.04.1) lunar-security; urgency=medium
* Updated to 2.40.1 to fix security issues.
- CVE-2022-0108, CVE-2022-32885, CVE-2023-27932, CVE-2023-27954,
CVE-2023-28205
* Removed patches included in new version:
- fix-script-message-received-marshaller.patch
- fix-gst-crash.patch
- ab3a72163b82dabbc3028b877d3e95cdca29739f.patch
- 672628fb19da7b1b93ab08eaa288fdb3ef5897d9.patch
- 2a0f7a05e87b25c828813ba6945978c51a2610aa.patch
- adae6f1191279924b2af177e3e8ba94ce7516212.patch
- 5725527e969ef5d52759e35d253f6ca9b05741d4.patch
- c07cdb6ae80b0847da58a6acb1022b8b3e170073.patch
-- Marc Deslauriers <email address hidden> Mon, 24 Apr 2023 12:45:28 -0400
-
webkit2gtk (2.40.0-3ubuntu1) lunar; urgency=medium
* debian/patches:
- ab3a72163b82dabbc3028b877d3e95cdca29739f.patch
- 672628fb19da7b1b93ab08eaa288fdb3ef5897d9.patch
- 2a0f7a05e87b25c828813ba6945978c51a2610aa.patch
- adae6f1191279924b2af177e3e8ba94ce7516212.patch
- 5725527e969ef5d52759e35d253f6ca9b05741d4.patch
- c07cdb6ae80b0847da58a6acb1022b8b3e170073.patch
Cherry-pick riscv64 upstream build fixes
-- Gianfranco Costamagna <email address hidden> Tue, 21 Mar 2023 20:17:16 +0100
-
webkit2gtk (2.40.0-2ubuntu1) lunar; urgency=medium
* Add runtime dependency on libgles2 (Closes: #1033230)
* debian/patches:
- ab3a72163b82dabbc3028b877d3e95cdca29739f.patch
- 672628fb19da7b1b93ab08eaa288fdb3ef5897d9.patch
- 2a0f7a05e87b25c828813ba6945978c51a2610aa.patch
- adae6f1191279924b2af177e3e8ba94ce7516212.patch
- 5725527e969ef5d52759e35d253f6ca9b05741d4.patch
- c07cdb6ae80b0847da58a6acb1022b8b3e170073.patch
Cherry-pick untested riscv64 upstream build fixes
-- Gianfranco Costamagna <email address hidden> Tue, 21 Mar 2023 20:17:16 +0100
-
webkit2gtk (2.40.0-2) unstable; urgency=medium
* debian/patches/fix-script-message-received-marshaller.patch:
- Cherry pick fix for a regression that affects Epiphany.
* debian/patches/fix-gst-crash.patch:
- Cherry pick fix for a GStreamer-related crash.
-- Alberto Garcia <email address hidden> Sat, 18 Mar 2023 11:41:32 +0100
-
webkit2gtk (2.39.91-1ubuntu2) lunar; urgency=medium
* debian/patches:
- ab3a72163b82dabbc3028b877d3e95cdca29739f.patch
- 672628fb19da7b1b93ab08eaa288fdb3ef5897d9.patch
- 2a0f7a05e87b25c828813ba6945978c51a2610aa.patch
- adae6f1191279924b2af177e3e8ba94ce7516212.patch
- 5725527e969ef5d52759e35d253f6ca9b05741d4.patch
- c07cdb6ae80b0847da58a6acb1022b8b3e170073.patch
Cherry-pick untested riscv64 upstream build fixes
-- Gianfranco Costamagna <email address hidden> Mon, 13 Mar 2023 15:12:39 +0100
-
webkit2gtk (2.39.91-1ubuntu1) lunar; urgency=medium
* Merge from Debian experimental. Remaining changes:
- debian/rules: Disable support for AVIF & gstreamer transcoding on Ubuntu
- debian/patches/8696.patch: cherry-pick
upstream proposed build fix for riscv64 (LP: #2008798)
-- Gianfranco Costamagna <email address hidden> Mon, 13 Mar 2023 09:57:03 +0100
-
webkit2gtk (2.39.91-1) experimental; urgency=medium
* New upstream development release.
* debian/rules:
- Disable WebGL in armel and mipsel to work around a FTBFS caused by
upstream bug #252670.
- Use reduced optimizations on m68k in order to lower memory
requirements (John Paul Adrian Glaubitz) (Closes: #1032404).
- Rename libwebkitgtk-6.0-3 to libwebkitgtk-6.0-4 after a soname bump.
- Rename WebKit2WebExtension to WebKitWebProcessExtension in the GTK4
build's install files.
- Enable the GTK4 packages (6.0 API) now that the API is stable.
* Remove fix-api-headers.patch and fix-ftbfs-i386.patch.
* debian/patches/fix-gtk4-build.patch:
- Fix the GTK4 build.
* debian/libwebkit2gtk-4.0-37.symbols:
- Update symbols.
* debian/source/lintian-overrides:
- Update source-is-missing overrides.
* debian/copyright:
- Update copyright information of all files.
-- Alberto Garcia <email address hidden> Wed, 08 Mar 2023 19:21:39 +0100
-
webkit2gtk (2.39.90-1ubuntu1) lunar; urgency=medium
* Enable the GTK4 build
* debian/rules: Disable support for AVIF & gstreamer transcoding on Ubuntu
webkit2gtk (2.39.90-1) experimental; urgency=medium
* New upstream development release.
* Refresh all patches.
* debian/rules:
- Remove /usr/include/*/JavaScriptCore from the GTK4 build's .install
files.
- Build with -DDEBUG_FISSION=OFF since it adds the -gsplit-dwarf flag
that is currently not supported by dh_dwz (see #1016936).
- Rename libjavascriptcoregtk-6.0-0 to libjavascriptcoregtk-6.0-1 and
libwebkitgtk-6.0-2 to libwebkitgtk-6.0-3 after their soname bumps.
* debian/libwebkit2gtk-4.0-37.symbols:
- Update symbols.
* debian/patches/fix-api-headers.patch:
- Fix API headers.
* debian/patches/fix-ftbfs-i386.patch:
- Fix FTBFS in i386.
* debian/copyright:
- Update copyright information of all files.
webkit2gtk (2.39.7-1) experimental; urgency=medium
* New upstream development release.
* debian/rules:
- Rename libwebkitgtk-6.0-1 to libwebkitgtk-6.0-2 after a soname bump.
* Drop debian/rules/fix-non-unified-build.patch and use unified builds
in mipsel.
* debian/libwebkit2gtk-4.0-37.symbols:
- Update symbols.
webkit2gtk (2.39.5-1) experimental; urgency=medium
* New upstream development release.
* debian/libwebkit2gtk-4.0-37.symbols:
- Mark with (gtk3-only) all symbols that were removed from the GTK4
build.
* Refresh all patches.
- Drop fix-public-header.patch.
* debian/rules:
- Rename libwebkitgtk-6.0-0 to libwebkitgtk-6.0-1 after a soname bump.
* debian/copyright:
- Update copyright information of all files.
webkit2gtk (2.39.4-1) experimental; urgency=medium
* New upstream development release.
* Refresh all patches.
* debian/patches/fix-public-header.patch:
- Fix regression in the public headers (webkit bug #250701).
* debian/libwebkit2gtk-4.0-37.symbols:
- Update symbols.
* debian/copyright:
- Update copyright information of all files.
* debian/control.in:
- Update Standards-Version to 4.6.2 (no changes).
- Rename obsolete packages in Build-Depends:
+ libfontconfig1-dev -> libfontconfig-dev
+ libfreetype6-dev -> libfreetype-dev
+ libegl1-mesa-dev -> libegl-dev
webkit2gtk (2.39.3-1) experimental; urgency=medium
* New upstream development release.
* Refresh all patches.
* debian/libwebkit2gtk-4.0-37.symbols:
- Update symbols.
* debian/patches/fix-non-unified-build.patch:
- Update for 2.93.3.
* debian/control.in:
- Require libgstreamer-plugins-bad1.0-dev >= 1.20.0, this is needed
for USE_GSTREAMER_TRANSCODER.
* debian/copyright:
- Update copyright information of all files.
webkit2gtk (2.39.2-1) experimental; urgency=medium
* New upstream development release.
* Refresh all patches.
* debian/libwebkit2gtk-4.0-37.symbols:
- Update symbols.
* Make the gtk4 build work again (this is now the 6.0 API). In this
build upstream finally removed the '2' suffix so webkit2gtk is now
webkitgtk again in all file names.
- debian/{rules,not-installed,control.in,control-common.in}: Update
all these files to reflect the API and package name changes.
* Use the documentation from the 4.1 API build. This simplifies the
build process a bit (the package is still named 4.0-doc to make
backports easier).
* debian/rules:
- Build the 4.1 API version of the WebKit WebDriver if possible.
- Stop passing -DUSE_LD_GOLD=OFF, this option no longer exists (and
update reduce-memory-overheads.patch accordingly).
* debian/copyright:
- Update copyright information of all files.
webkit2gtk (2.39.1-1) experimental; urgency=medium
* New upstream development release.
* debian/watch, debian/gbp.conf:
- Update for 2.39.x packages in experimental.
* Refresh all patches.
* debian/control.in:
- Add build dependencies on unifdef, libavif-dev and
libgstreamer-plugins-bad1.0-dev (for webrtc).
- Disable the gtk4 (5.0 API) build, upstream replaced this with the
6.0 API which is not stable yet.
* debian/libwebkit2gtk-4.0-37.install:
- WebKit2GTK-*.mo is now WebKitGTK-*.mo.
* debian/libwebkit2gtk-4.0-dev.install:
- Update include path.
* debian/libwebkit2gtk-4.0-37.symbols:
- Update symbols.
* debian/patches/dont-detect-sse2.patch:
- Don't build ANGLE with SSE support in i386.
* debian/patches/fix-non-unified-build.patch:
- Fix non-unified build.
* debian/source/lintian-overrides:
- Update source-is-missing overrides.
* debian/copyright:
- Update copyright information of all files.
-- Jeremy Bicha <email address hidden> Tue, 21 Feb 2023 10:00:09 -0500
-
webkit2gtk (2.38.5-1) unstable; urgency=high
* New upstream release.
* The WebKitGTK security advisory WSA-2023-0002 lists the following
security fixes in the latest versions of WebKitGTK:
- CVE-2023-23529 (fixed in 2.38.5).
* Remove debian/patches/fix-nonunified-build.patch.
-- Alberto Garcia <email address hidden> Wed, 15 Feb 2023 18:10:55 +0100
-
webkit2gtk (2.38.4-2) unstable; urgency=high
* The WebKitGTK security advisory WSA-2023-0001 lists the following
security fixes in the latest versions of WebKitGTK:
- CVE-2022-42826, CVE-2023-23517, CVE-2023-23518 (fixed in 2.38.4).
* debian/patches/fix-nonunified-build.patch:
- Fix non-unified build (FTBFS in mipsel).
-- Alberto Garcia <email address hidden> Fri, 03 Feb 2023 15:52:39 +0100
-
webkit2gtk (2.38.4-1) unstable; urgency=high
* New upstream release.
* debian/control.in:
- Update Standards-Version to 4.6.2 (no changes).
- Rename obsolete packages in Build-Depends:
+ libfontconfig1-dev -> libfontconfig-dev
+ libfreetype6-dev -> libfreetype-dev
+ libegl1-mesa-dev -> libegl-dev
* debian/copyright:
- Update copyright information of all files.
-- Alberto Garcia <email address hidden> Thu, 02 Feb 2023 10:50:05 +0100
-
webkit2gtk (2.38.3-1) unstable; urgency=high
* New upstream release.
-- Alberto Garcia <email address hidden> Sat, 24 Dec 2022 16:24:20 +0100
-
webkit2gtk (2.38.2-1) unstable; urgency=high
* New upstream release.
* The WebKitGTK security advisory WSA-2022-0010 lists the following
security fixes in the latest versions of WebKitGTK:
- CVE-2022-32888 and CVE-2022-32923 (fixed in 2.38.0).
- CVE-2022-42799, CVE-2022-42823 and CVE-2022-42824 (fixed in 2.38.2).
* debian/patches/fix-nonunified-build.patch:
- Drop this patch.
-- Alberto Garcia <email address hidden> Fri, 04 Nov 2022 17:37:25 +0100
-
webkit2gtk (2.38.1-1) unstable; urgency=medium
* New upstream release.
* Refresh all patches.
-- Alberto Garcia <email address hidden> Fri, 21 Oct 2022 15:32:54 +0200
-
webkit2gtk (2.38.0-1) unstable; urgency=high
* New upstream release (Closes: #986218).
* debian/rules:
- Add USE_PREBUILT_DOCS variable to allow using the prebuilt
documentation included in the upstream tarball when gi-docgen is
missing.
* Bring all changes from the 2.37 (experimental) branch.
* debian/gbp.conf:
- Update upstream branch name.
* Generate debian/control from debian/control.in and control-common.in
depending on whether we're making the soup2 (4.0 API), soup3 (4.1 API)
and/or gtk4 (5.0 API) builds.
* debian/rules:
- Add new target to generate debian/control.
- Enable the GTK4 build (Closes: #1016765).
- ENABLE_GTKDOC is now ENABLE_DOCUMENTATION.
- Make CCACHE_DIR and CCACHE_NOHASHDIR global variables so they also
apply to the install target. This fixes a FTBFS if the home dir is not
writable (as is the case with buildds)
* debian/control.in:
- Remove build dependency on libnotify-dev (no longer used by WebKit).
- Replace build dependency on gtk-doc-tools with gi-docgen.
* The documentation has been renamed from webkitdomgtk to
webkit2gtk-web-extension and from jsc-glib to javascriptcoregtk.
- Update debian/libwebkit2gtk-4.0-doc.doc-base.* and
debian/libwebkit2gtk-4.0-doc.links.
* Refresh all patches.
* debian/source/lintian-overrides:
- Update source-is-missing overrides.
* debian/copyright:
- Update copyright information of all files.
* debian/libwebkit2gtk-4.0-37.symbols:
- Update symbols.
-- Alberto Garcia <email address hidden> Fri, 16 Sep 2022 16:59:49 +0200
