Bug#871242: marked as done (stretch-pu: package webkit2gtk/2.16.6-0+deb9u1)

To: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Subject: Bug#871242: marked as done (stretch-pu: package webkit2gtk/2.16.6-0+deb9u1)
From: owner@bugs.debian.org (Debian Bug Tracking System)
Date: Sat, 07 Oct 2017 10:40:35 +0000
Message-id: <[🔎] handler.871242.D871242.15073724572176.ackdone@bugs.debian.org>
Reply-to: 871242@bugs.debian.org
References: <1507372435.18586.64.camel@adam-barratt.org.uk> <CAAajCMbm4i+VsGKdUVTks_9cKG-90Vhy6GSLq1Gid0SEbqKoQw@mail.gmail.com>

Your message dated Sat, 07 Oct 2017 11:33:55 +0100
with message-id <1507372435.18586.64.camel@adam-barratt.org.uk>
and subject line Closing bugs for 9.2 point release
has caused the Debian Bug report #871242,
regarding stretch-pu: package webkit2gtk/2.16.6-0+deb9u1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
871242: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871242
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: submit <submit@bugs.debian.org>
Subject: stretch-pu: package webkit2gtk/2.16.6-0+deb9u1
From: Jeremy Bicha <jbicha@ubuntu.com>
Date: Mon, 7 Aug 2017 01:02:46 -0400
Message-id: <CAAajCMbm4i+VsGKdUVTks_9cKG-90Vhy6GSLq1Gid0SEbqKoQw@mail.gmail.com>

Package: release.debian.org
X-Debbugs-Cc:webkit2gtk@packages.debian.org
User: release.debian.org@packages.debian.org
Usertags: pu
Tags: stretch
Severity: normal

Background
-----------------
New minor releases of webkit2gtk are made approximately monthly to fix
high-impact bugs and security vulnerabilities. New major releases are
made every six months (next one is mid-September). Similar to Firefox
and Chromium, it's not really feasible to separate the security fixes
from other changes.

For Debian 9, webkit2gtk is still excluded from normal security
support and therefore the Debian Security Team is unwilling to accept
webkit2gtk updates via stretch-security to avoid confusing our users.

webkit2gtk 2.16.6 was released 2 weeks ago which is plenty of time for
any regressions to be identified. I am unaware of any regressions with
this update.

News
--------
https://webkitgtk.org/2017/06/20/webkitgtk2.16.4-released.html
https://webkitgtk.org/2017/06/27/webkitgtk2.16.5-released.html
https://webkitgtk.org/2017/07/24/webkitgtk2.16.6-released.html

Security Trackers
--------------------------
This update will fix all current stretch vulnerabilities listed at
https://security-tracker.debian.org/tracker/source-package/webkit2gtk

https://webkitgtk.org/security/WSA-2017-0005.html
https://webkitgtk.org/security/WSA-2017-0006.html

https://usn.ubuntu.com/usn/usn-3376-1/

Detailed Commit Log and Diff
------------------------------------------
https://trac.webkit.org/log/webkit/releases/WebKitGTK/webkit-2.16
from commits 217367-219816

You can view individual commits by clicking the radio buttons next to
the commit and the previous commit then click View Changes.

Or to view the whole set, see
https://trac.webkit.org/changeset?reponame=webkit&new=219817%40releases%2FWebKitGTK%2Fwebkit-2.16&old=217367%40releases%2FWebKitGTK%2Fwebkit-2.16

Or shortlink: https://is.gd/8UGt2U

Builds
--------
webkit2gtk 2.16.6 is available in Debian unstable, testing and
stretch-backports. It has built successfully on all release
architectures. powerpcspe is the only architecture where the new
version doesn't build but the stretch release version did.

Debian Changelog
--------------------------
webkit2gtk (2.16.6-0+deb9u1) stretch; urgency=medium

* Team upload.
* New upstream security and bugfix release.
* Fixes these security issues reported in WSA-2017-0005 and
WSA-2017-0006:
+ CVE-2017-2538, CVE-2017-7052 (fixed in 2.16.4)
+ CVE-2017-7018, CVE-2017-7030, CVE-2017-7034, CVE-2017-7037,
CVE-2017-7039, CVE-2017-7046, CVE-2017-7048, CVE-2017-7055,
CVE-2017-7056, CVE-2017-7061, CVE-2017-7064 (fixed in 2.16.6).
* Add debian/patches/fix-ftbfs-m68k.patch:
+ Fix FTBFS in m68k (Closes: #868126).

-- Jeremy Bicha <jbicha@ubuntu.com> Mon, 07 Aug 2017 00:35:25 -0400

Debdiff attached.

Thanks,
Jeremy Bicha

Attachment: webkit2gtk_2.16.6-0+deb9u1.debdiff
Description: Binary data

--- End Message ---

--- Begin Message ---

To: 863734-done@bugs.debian.org, 864027-done@bugs.debian.org, 864028-done@bugs.debian.org, 864911-done@bugs.debian.org, 865971-done@bugs.debian.org, 866045-done@bugs.debian.org, 866537-done@bugs.debian.org, 867814-done@bugs.debian.org, 868284-done@bugs.debian.org, 868517-done@bugs.debian.org, 868684-done@bugs.debian.org, 868756-done@bugs.debian.org, 868809-done@bugs.debian.org, 869414-done@bugs.debian.org, 869419-done@bugs.debian.org, 869434-done@bugs.debian.org, 869574-done@bugs.debian.org, 869577-done@bugs.debian.org, 869634-done@bugs.debian.org, 869661-done@bugs.debian.org, 869667-done@bugs.debian.org, 869676-done@bugs.debian.org, 869754-done@bugs.debian.org, 869772-done@bugs.debian.org, 869836-done@bugs.debian.org, 869920-done@bugs.debian.org, 869966-done@bugs.debian.org, 870005-done@bugs.debian.org, 870142-done@bugs.debian.org, 870181-done@bugs.debian.org, 870205-done@bugs.debian.org, 870465-done@bugs.debian.org, 870604-done@bugs.debian.org, 870609-done@bugs.debian.org, 870659-done@bugs.debian.org, 870911-done@bugs.debian.org, 871242-done@bugs.debian.org, 871440-done@bugs.debian.org, 871451-done@bugs.debian.org, 871466-done@bugs.debian.org, 871661-done@bugs.debian.org, 871720-done@bugs.debian.org, 871739-done@bugs.debian.org, 871943-done@bugs.debian.org, 872441-done@bugs.debian.org, 872774-done@bugs.debian.org, 872776-done@bugs.debian.org, 872818-done@bugs.debian.org, 872928-done@bugs.debian.org, 872953-done@bugs.debian.org, 872991-done@bugs.debian.org, 873054-done@bugs.debian.org, 873061-done@bugs.debian.org, 873309-done@bugs.debian.org, 873371-done@bugs.debian.org, 873479-done@bugs.debian.org, 873624-done@bugs.debian.org, 873771-done@bugs.debian.org, 874198-done@bugs.debian.org, 874350-done@bugs.debian.org, 874389-done@bugs.debian.org, 874477-done@bugs.debian.org, 874580-done@bugs.debian.org, 875695-done@bugs.debian.org, 875765-done@bugs.debian.org, 875777-done@bugs.debian.org, 876020-done@bugs.debian.org, 876092-done@bugs.debian.org, 876114-done@bugs.debian.org, 876116-done@bugs.debian.org, 876117-done@bugs.debian.org, 876139-done@bugs.debian.org, 876314-done@bugs.debian.org, 876629-done@bugs.debian.org, 876731-done@bugs.debian.org, 876909-done@bugs.debian.org, 876913-done@bugs.debian.org, 876949-done@bugs.debian.org, 877348-done@bugs.debian.org, 877415-done@bugs.debian.org, 875771-done@bugs.debian.org, 876633-done@bugs.debian.org

Subject: Closing bugs for 9.2 point release

From: "Adam D. Barratt" <adam@adam-barratt.org.uk>

Date: Sat, 07 Oct 2017 11:33:55 +0100

Message-id: <1507372435.18586.64.camel@adam-barratt.org.uk>
Version: 9.2

Hi.

The updates referenced by each of these bugs was included in today's
point release of stretch.

Regards,

Adam
--- End Message ---

Reply to:

Prev by Date: Bug#870609: marked as done (stretch-pu: xfonts-ayu/1:1.7a-1+deb9u1)
Next by Date: Bug#871440: marked as done (stretch-pu: package speech-dispatcher/0.8.6-4+deb9u1)
Previous by thread: Bug#870609: marked as done (stretch-pu: xfonts-ayu/1:1.7a-1+deb9u1)
Next by thread: Bug#871440: marked as done (stretch-pu: package speech-dispatcher/0.8.6-4+deb9u1)
Index(es):
- Date
- Thread