Bug#991554: unblock: webkit2gtk/2.32.3-1
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock
Please unblock package webkit2gtk
Starting from buster webkit2gtk has been receiving security updates,
with a dozen DSAs published so far, at a pace of once every month or
two. These updates follow the upstream stable releases.
webkit2gtk 2.32.3 is the most recent stable point release. It was
published on the 23rd of July, and contains fixes for 13 security
bugs: CVE-2021-21775, CVE-2021-21779, CVE-2021-30663, CVE-2021-30665,
CVE-2021-30689, CVE-2021-30720, CVE-2021-30734, CVE-2021-30744,
CVE-2021-30749, CVE-2021-30758, CVE-2021-30795, CVE-2021-30797 and
CVE-2021-30799
See the upstream security advisory for more details:
https://webkitgtk.org/security/WSA-2021-0004.html
(note that it includes bugs that were fixed in earlier WebKitGTK
releases)
The debian part of the debdiff (attached) contains no changes other
than an update for a m68k-specific patch that fixes the build in that
architecture.
After this is unblocked I'll prepare a security update for buster.
unblock webkit2gtk/2.32.3-1
diff -Nru webkit2gtk-2.32.1/debian/changelog webkit2gtk-2.32.3/debian/changelog
--- webkit2gtk-2.32.1/debian/changelog 2021-06-07 10:39:51.000000000 +0200
+++ webkit2gtk-2.32.3/debian/changelog 2021-07-25 00:25:47.000000000 +0200
@@ -1,3 +1,30 @@
+webkit2gtk (2.32.3-1) unstable; urgency=high
+
+ * New upstream release.
+ * The WebKitGTK security advisory WSA-2021-0004 lists the following
+ security fixes in the latest versions of WebKitGTK:
+ + CVE-2021-30666, CVE-2021-30761 (fixed in 2.26.0).
+ + CVE-2021-30762 (fixed in 2.28.0).
+ + CVE-2021-1817, CVE-2021-1820, CVE-2021-1825, CVE-2021-1826,
+ CVE-2021-30661 (fixed in 2.30.0).
+ + CVE-2021-21806 (fixed in 2.30.6).
+ + CVE-2021-30682 (fixed in 2.32.0).
+ + CVE-2021-30758 (fixed in 2.32.2).
+ + CVE-2021-21775, CVE-2021-21779, CVE-2021-30663, CVE-2021-30665,
+ CVE-2021-30689, CVE-2021-30720, CVE-2021-30734, CVE-2021-30744,
+ CVE-2021-30749, CVE-2021-30795, CVE-2021-30797, CVE-2021-30799
+ (fixed in 2.32.3).
+
+ -- Alberto Garcia <berto@igalia.com> Sun, 25 Jul 2021 00:25:47 +0200
+
+webkit2gtk (2.32.2-1) unstable; urgency=medium
+
+ * New upstream release.
+ * debian/patches/fix-ftbfs-m68k.patch:
+ + Update patch.
+
+ -- Alberto Garcia <berto@igalia.com> Fri, 09 Jul 2021 13:41:26 +0200
+
webkit2gtk (2.32.1-2) unstable; urgency=high
* debian/control:
diff -Nru webkit2gtk-2.32.1/debian/patches/fix-ftbfs-m68k.patch webkit2gtk-2.32.3/debian/patches/fix-ftbfs-m68k.patch
--- webkit2gtk-2.32.1/debian/patches/fix-ftbfs-m68k.patch 2021-06-07 10:39:51.000000000 +0200
+++ webkit2gtk-2.32.3/debian/patches/fix-ftbfs-m68k.patch 2021-07-25 00:25:47.000000000 +0200
@@ -196,3 +196,19 @@
bool CSSValue::isImplicitInitialValue() const
{
+Index: webkitgtk/Source/WebCore/rendering/InlineFlowBox.cpp
+===================================================================
+--- webkitgtk.orig/Source/WebCore/rendering/InlineFlowBox.cpp
++++ webkitgtk/Source/WebCore/rendering/InlineFlowBox.cpp
+@@ -53,7 +53,11 @@ struct SameSizeAsInlineFlowBox : public
+ void* pointers[5];
+ };
+
++#if defined(__m68k__)
++COMPILE_ASSERT(sizeof(InlineFlowBox) >= sizeof(SameSizeAsInlineFlowBox), InlineFlowBox_should_stay_small);
++#else
+ COMPILE_ASSERT(sizeof(InlineFlowBox) == sizeof(SameSizeAsInlineFlowBox), InlineFlowBox_should_stay_small);
++#endif
+
+ #if !ASSERT_WITH_SECURITY_IMPLICATION_DISABLED
+
Reply to: