-
webkit2gtk (2.44.2-1) unstable; urgency=high
* New upstream release.
* debian/upstream/signing-key.asc:
- Replace Carlos Garcia's DSA key with the new RSA one.
-- Alberto Garcia <email address hidden> Thu, 16 May 2024 14:09:54 +0200
-
webkit2gtk (2.44.1-1) unstable; urgency=medium
* New upstream release.
* Re-enable WebGL on armel.
- debian/rules: stop using -DENABLE_WEBGL=OFF on armel, powerpc and
sh4.
* debian/patches/fix-ftbfs-i386.patch:
- Drop this patch, it is included in this release.
-- Alberto Garcia <email address hidden> Tue, 09 Apr 2024 14:09:50 +0200
-
webkit2gtk (2.44.0-2) unstable; urgency=high
* The WebKitGTK security advisory WSA-2024-0002 lists the following
security fixes in the latest versions of WebKitGTK:
- CVE-2024-23252, CVE-2024-23254, CVE-2024-23263, CVE-2024-23280,
CVE-2024-23284, CVE-2023-42950, CVE-2023-42956, CVE-2023-42843
(fixed in 2.44.0).
* debian/patches/fix-ftbfs-riscv64.patch:
- Treat riscv64 as an unknown CPU to fix a FTBFS in JavaScriptCore
(webkit bug #271371).
-- Alberto Garcia <email address hidden> Wed, 27 Mar 2024 22:57:51 +0100
-
webkit2gtk (2.44.0-1) unstable; urgency=medium
* New upstream release.
* Stop building the 4.0 API packages.
- debian/rules: Set ENABLE_SOUP2=NO
- debian/control.in: Remove build dependency on ccache.
* Replace debian/patches/fix-ftbfs-i386.patch with a new patch for this
version.
* debian/control.in:
- Build depend on libsoup-3.0-doc instead of libsoup2.4-doc.
- Enable the bubblewrap sandbox only in the architectures where
libseccomp is working (Closes: #1067643).
* Bring all changes from the 2.43 (experimental) branch.
* debian/gbp.conf:
- Update upstream branch name.
* debian/control.in:
- Add build dependency on libdrm-dev.
- Replace gobject-introspection with gobject-introspection-bin.
- Remove build dependendency on libwpebackend-fdo, upstream no longer
uses it.
- And missing ${gir:Depends} and ${gir:Provides} to the -dev and
gir1.2 packages.
* debian/rules:
- GTK4 is now the default, pass -DUSE_GTK4=OFF to the GTK3 builds.
- Build with -DUSE_LIBDRM=OFF in the Hurd.
- Build with -DUSE_LIBBACKTRACE=OFF.
* Use the documentation from the 6.0 API build and update path of
installed docs, upstream no longer uses the gtk-doc dir (see webkit
bug #265133).
* Rename libwebkit2gtk-4.0-doc to libwebkitgtk-doc and
libjavascriptcoregtk-4.0-bin to libjavascriptcoregtk-bin.
- debian/control.in: add the necessary Conflicts / Breaks / Replaces.
- debian/control-doc.in: control file for the transitional package.
- debian/control-jscbin.in: control file for the transitional package.
- Rename debian/libwebkit2gtk-4.0-doc.* -> libwebkitgtk-doc.*
- Remove debian/libjavascriptcoregtk-4.0-bin.*
- debian/rules: Add the USE_OLD_DOC_PKG and USE_OLD_JSCBIN_PKG
variables and the logic to decide which packages to build.
* Refresh debian/patches/disable-dmabuf-nvidia.patch.
* debian/source/lintian-overrides:
- Update source-is-missing overrides.
* debian/copyright:
- Update copyright information of all files.
-- Alberto Garcia <email address hidden> Mon, 25 Mar 2024 11:33:58 +0100
-
webkit2gtk (2.42.5-2) unstable; urgency=medium
* debian/rules:
- Don't copy CFLAGS to CXXFLAGS: -Werror=implicit-function-declaration
(default since dpkg 1.22.6) causes a FTBFS when added to the latter
(Closes: #1066411).
- Don't use ccache on the gtk4 build since it won't reuse any results
from the gtk3 builds.
-- Alberto Garcia <email address hidden> Thu, 14 Mar 2024 18:45:04 +0100
-
webkit2gtk (2.42.5-1) unstable; urgency=high
* New upstream release.
* debian/copyright:
- Update copyright information of all files.
* debian/rules:
- Remove last empty line from debian/control.
* debian/patches/fix-ftbfs-i386.patch:
- i386 build fix.
-- Alberto Garcia <email address hidden> Mon, 05 Feb 2024 11:55:25 +0100
-
webkit2gtk (2.42.4-1) unstable; urgency=high
* New upstream release.
-- Alberto Garcia <email address hidden> Fri, 15 Dec 2023 10:58:35 +0100
-
webkit2gtk (2.42.3-1) unstable; urgency=high
* New upstream release.
* Drop tweaks for some arches that are unsupported or haven't worked in
a long time: ia64, m68k, kfreebsd, mips and mipsel.
* Refresh all patches.
* debian/control.in:
- Set the debhelper compatibility level to 13.
* debian/rules:
- Stop overriding dh_missing, no longer needed with dh compat 13.
-- Alberto Garcia <email address hidden> Tue, 05 Dec 2023 14:28:29 +0100
-
webkit2gtk (2.42.2-1) unstable; urgency=high
* New upstream release.
* debian/copyright:
- Update copyright information of all files.
-- Alberto Garcia <email address hidden> Fri, 10 Nov 2023 19:02:00 +0100
-
webkit2gtk (2.42.1-2) unstable; urgency=medium
* debian/patches/disable-dmabuf-nvidia.patch:
- Disable the DMABuf renderer for NVIDIA proprietary drivers
(Closes: #1039720, #1052055).
-- Alberto Garcia <email address hidden> Wed, 04 Oct 2023 17:09:23 +0200
-
webkit2gtk (2.42.1-1) unstable; urgency=high
* New upstream release.
-- Alberto Garcia <email address hidden> Wed, 27 Sep 2023 10:49:22 +0200
-
webkit2gtk (2.42.0-1) unstable; urgency=medium
* New upstream release.
* Bring all changes from the 2.41 (experimental) branch.
* debian/gbp.conf:
- Update upstream branch name.
* debian/control.in:
- Remove the minimum versions of all build dependencies in the cases
where they are very old.
- Add build dependency on libjxl-dev, JPEGXL is now enabled by
default.
- Require CMake 3.16
* debian/control-common.in:
- Add dependency on libgles2. This is no longer detected automatically
because it's loaded at runtime by libepoxy (see #1050777).
* debian/source/lintian-overrides:
- Update source-is-missing overrides.
* debian/libwebkit2gtk-4.0-37.symbols:
- Update symbols.
* debian/rules:
- Use --max-parallel=2 in Debian mipsel builds again.
- Don't build jpegxl support on Ubuntu yet (it's still in universe)
(Jeremy Bicha).
* debian/copyright:
- Update copyright information of all files.
-- Alberto Garcia <email address hidden> Fri, 15 Sep 2023 14:49:49 +0200
-
webkit2gtk (2.40.5-1) unstable; urgency=high
* New upstream release.
* debian/rules:
- Use -O1 instead of -Os in sh4 (thanks, John Paul Adrian Glaubitz)
(Closes: #1042519).
* Drop debian/patches/fix-jsc-timestamp.patch.
-- Alberto Garcia <email address hidden> Wed, 02 Aug 2023 00:01:52 +0300
-
webkit2gtk (2.40.4-1) unstable; urgency=high
* New upstream release.
* debian/rules:
- Set Build-Depends-Indep to jdupes when USE_PREBUILT_DOCS is set.
-- Alberto Garcia <email address hidden> Thu, 06 Jul 2023 11:51:25 +0200
-
webkit2gtk (2.40.3-2) unstable; urgency=high
* debian/rules:
- Use override_dh_install-indep when setting up the documentation
(Closes: #1039877).
* debian/control.in:
- Move jdupes to Build-Depends-Indep.
-- Alberto Garcia <email address hidden> Thu, 29 Jun 2023 15:14:08 +0200
-
webkit2gtk (2.40.3-1) unstable; urgency=high
* New upstream release (Closes: #1036946).
* debian/control.in:
- Enable the bubblewrap sandbox in riscv64.
* debian/copyright:
- Update copyright information of all files.
* debian/patches/fix-jsc-timestamp.patch:
- Ensure reproducibility of __TIMESTAMP__ in JSCBytecodeCacheVersion.cpp.
-- Alberto Garcia <email address hidden> Wed, 28 Jun 2023 16:55:42 +0200
-
webkit2gtk (2.40.2-1) unstable; urgency=high
* New upstream release.
* debian/rules:
- Pass -VNone to dh_makeshlibs for javascriptcore to keep the behavior
of the debhelper compat level 11 and earlier.
-- Alberto Garcia <email address hidden> Tue, 30 May 2023 10:19:01 +0200
-
webkit2gtk (2.40.1-1) unstable; urgency=high
* New upstream release.
* debian/rules:
- Build with -DUSE_GBM=OFF in the Hurd (Closes: #1033999).
* Drop fix-script-message-received-marshaller.patch and
fix-gst-crash.patch. Refresh all other patches.
* debian/copyright:
- Update copyright information of all files.
-- Alberto Garcia <email address hidden> Thu, 20 Apr 2023 14:29:23 +0200
-
webkit2gtk (2.40.0-3) unstable; urgency=medium
* debian/{rules,control.in}:
- Add dependency on libgles2 on arm (Closes: #1033230).
-- Alberto Garcia <email address hidden> Tue, 21 Mar 2023 18:11:48 +0100
-
webkit2gtk (2.40.0-2) unstable; urgency=medium
* debian/patches/fix-script-message-received-marshaller.patch:
- Cherry pick fix for a regression that affects Epiphany.
* debian/patches/fix-gst-crash.patch:
- Cherry pick fix for a GStreamer-related crash.
-- Alberto Garcia <email address hidden> Sat, 18 Mar 2023 11:41:32 +0100
-
webkit2gtk (2.40.0-1) unstable; urgency=medium
* New upstream release.
* Bring all changes from the 2.39 (experimental) branch.
* The GTK4 build's API number changes from 5.0 to 6.0.
- debian/{rules,not-installed,control.in,control-common.in}: Update
all these files to reflect the API and package name changes.
* debian/rules:
- Build with -DDEBUG_FISSION=OFF since it adds the -gsplit-dwarf flag
that is currently not supported by dh_dwz (see #1016936).
- Disable WebGL in armel, mipsel, m68k, powerpc and sh4 to work around
a FTBFS caused by upstream bug #252670.
- Stop passing -DUSE_LD_GOLD=OFF, this option no longer exists (and
update reduce-memory-overheads.patch accordingly).
- Use reduced optimizations on m68k in order to lower memory
requirements (John Paul Adrian Glaubitz) (Closes: #1032404).
- Disable AVIF and GStreamer transcoding on Ubuntu (Jeremy Bicha).
- Build the 4.1 API version of the WebKit WebDriver if possible.
- Rename WebKit2WebExtension to WebKitWebProcessExtension in the GTK4
build's install files.
- Remove /usr/include/*/JavaScriptCore from the GTK4 build's .install
files.
* Use the documentation from the 4.1 API build. This simplifies the
build process a bit (the package is still named 4.0-doc to make
backports easier).
* debian/control.in:
- Add build dependencies on unifdef, libavif-dev and
libgstreamer-plugins-bad1.0-dev (for webrtc).
- Require libgstreamer-plugins-bad1.0-dev >= 1.20.0, this is needed
for USE_GSTREAMER_TRANSCODER.
- Don't use ccache on m68k (thanks, John Paul Adrian Glaubitz)
(Closes: #1033042).
* debian/copyright:
- Update copyright information of all files.
* debian/gbp.conf:
- Update upstream branch name.
* debian/libwebkit2gtk-4.0-37.symbols:
- Update symbols.
- Mark with (gtk3-only) and (gtk4-only) the symbols that are specific
to each build.
* debian/libwebkit2gtk-4.0-37.install:
- WebKit2GTK-*.mo is now WebKitGTK-*.mo.
* debian/libwebkit2gtk-4.0-dev.install:
- Update include path.
* debian/source/lintian-overrides:
- Update source-is-missing overrides.
* debian/patches/dont-detect-sse2.patch:
- Don't build ANGLE with SSE support in i386.
* Drop debian/patches/fix-non-unified-build.patch and use unified builds
in all architecture.
* Refresh all other patches.
-- Alberto Garcia <email address hidden> Fri, 17 Mar 2023 14:52:02 +0100
-
webkit2gtk (2.38.5-1) unstable; urgency=high
* New upstream release.
* The WebKitGTK security advisory WSA-2023-0002 lists the following
security fixes in the latest versions of WebKitGTK:
- CVE-2023-23529 (fixed in 2.38.5).
* Remove debian/patches/fix-nonunified-build.patch.
-- Alberto Garcia <email address hidden> Wed, 15 Feb 2023 18:10:55 +0100
-
webkit2gtk (2.38.4-2) unstable; urgency=high
* The WebKitGTK security advisory WSA-2023-0001 lists the following
security fixes in the latest versions of WebKitGTK:
- CVE-2022-42826, CVE-2023-23517, CVE-2023-23518 (fixed in 2.38.4).
* debian/patches/fix-nonunified-build.patch:
- Fix non-unified build (FTBFS in mipsel).
-- Alberto Garcia <email address hidden> Fri, 03 Feb 2023 15:52:39 +0100
-
webkit2gtk (2.38.4-1) unstable; urgency=high
* New upstream release.
* debian/control.in:
- Update Standards-Version to 4.6.2 (no changes).
- Rename obsolete packages in Build-Depends:
+ libfontconfig1-dev -> libfontconfig-dev
+ libfreetype6-dev -> libfreetype-dev
+ libegl1-mesa-dev -> libegl-dev
* debian/copyright:
- Update copyright information of all files.
-- Alberto Garcia <email address hidden> Thu, 02 Feb 2023 10:50:05 +0100
-
webkit2gtk (2.38.3-1) unstable; urgency=high
* New upstream release.
-- Alberto Garcia <email address hidden> Sat, 24 Dec 2022 16:24:20 +0100
-
webkit2gtk (2.38.2-1) unstable; urgency=high
* New upstream release.
* The WebKitGTK security advisory WSA-2022-0010 lists the following
security fixes in the latest versions of WebKitGTK:
- CVE-2022-32888 and CVE-2022-32923 (fixed in 2.38.0).
- CVE-2022-42799, CVE-2022-42823 and CVE-2022-42824 (fixed in 2.38.2).
* debian/patches/fix-nonunified-build.patch:
- Drop this patch.
-- Alberto Garcia <email address hidden> Fri, 04 Nov 2022 17:37:25 +0100
-
webkit2gtk (2.38.1-1) unstable; urgency=medium
* New upstream release.
* Refresh all patches.
-- Alberto Garcia <email address hidden> Fri, 21 Oct 2022 15:32:54 +0200
-
webkit2gtk (2.38.0-3) unstable; urgency=high
* debian/patches/fix-nonunified-build.patch:
- Fix non-unified GTK4 build.
-- Alberto Garcia <email address hidden> Wed, 28 Sep 2022 09:20:17 +0200
-
webkit2gtk (2.38.0-2) unstable; urgency=high
* The WebKitGTK security advisory WSA-2022-0009 lists the following
security fixes in the latest versions of WebKitGTK:
- CVE-2022-32891 (fixed in 2.36.5).
- CVE-2022-32886 and CVE-2022-32912 (fixed in 2.36.8).
* debian/rules:
- Build with -DENABLE_UNIFIED_BUILDS=OFF on mips, mipsel and sh4, we
are having problems to build webkit due to lack of memory (#1020642).
-- Alberto Garcia <email address hidden> Mon, 26 Sep 2022 11:25:41 +0200
-
webkit2gtk (2.38.0-1) unstable; urgency=high
* New upstream release (Closes: #986218).
* debian/rules:
- Add USE_PREBUILT_DOCS variable to allow using the prebuilt
documentation included in the upstream tarball when gi-docgen is
missing.
* Bring all changes from the 2.37 (experimental) branch.
* debian/gbp.conf:
- Update upstream branch name.
* Generate debian/control from debian/control.in and control-common.in
depending on whether we're making the soup2 (4.0 API), soup3 (4.1 API)
and/or gtk4 (5.0 API) builds.
* debian/rules:
- Add new target to generate debian/control.
- Enable the GTK4 build (Closes: #1016765).
- ENABLE_GTKDOC is now ENABLE_DOCUMENTATION.
- Make CCACHE_DIR and CCACHE_NOHASHDIR global variables so they also
apply to the install target. This fixes a FTBFS if the home dir is not
writable (as is the case with buildds)
* debian/control.in:
- Remove build dependency on libnotify-dev (no longer used by WebKit).
- Replace build dependency on gtk-doc-tools with gi-docgen.
* The documentation has been renamed from webkitdomgtk to
webkit2gtk-web-extension and from jsc-glib to javascriptcoregtk.
- Update debian/libwebkit2gtk-4.0-doc.doc-base.* and
debian/libwebkit2gtk-4.0-doc.links.
* Refresh all patches.
* debian/source/lintian-overrides:
- Update source-is-missing overrides.
* debian/copyright:
- Update copyright information of all files.
* debian/libwebkit2gtk-4.0-37.symbols:
- Update symbols.
-- Alberto Garcia <email address hidden> Fri, 16 Sep 2022 16:59:49 +0200
-
webkit2gtk (2.36.7-1) unstable; urgency=high
* New upstream release.
-- Alberto Garcia <email address hidden> Thu, 25 Aug 2022 01:49:31 +0200
-
webkit2gtk (2.36.6-1) unstable; urgency=high
* New upstream release.
* The WebKitGTK security advisory WSA-2022-0007 lists the following
security fixes in the latest versions of WebKitGTK:
- CVE identifiers: CVE-2022-32792, CVE-2022-32816 and CVE-2022-2294
(fixed in 2.36.5).
* debian/rules:
- Enable wpe on Ubuntu now that the MIR has been accepted (thanks,
Sebastien Bacher) (Closes: #1016585).
-- Alberto Garcia <email address hidden> Wed, 10 Aug 2022 14:56:32 +0200
-
webkit2gtk (2.36.4-1) unstable; urgency=high
* New upstream release.
* The WebKitGTK security advisory WSA-2022-0006 lists the following
security fixes in the latest versions of WebKitGTK:
- CVE-2022-22662 (fixed in 2.36.0).
- CVE-2022-22677 and CVE-2022-26710 (fixed in 2.36.4).
* debian/control:
- Don't use ccache in i386 because Ubuntu doesn't have it and Debian
can live without it (webkit-team/webkit!14).
* Update format of lintian overrides (see #1007002).
* debian/control:
- Update Standards-Version to 4.6.1.0 (no changes).
-- Alberto Garcia <email address hidden> Wed, 06 Jul 2022 13:54:15 +0200
-
webkit2gtk (2.36.3-1) unstable; urgency=high
* New upstream release.
* Use ccache to speed-up the compilation since the majority of the files
are identical in both the soup2 and soup3 builds.
- debian/control: Add build dependency on ccache.
- debian/rules: Set CCACHE_NOHASHDIR and CCACHE_BASEDIR so ccache
actually works with different build directories.
- debian/rules: Set CCACHE_DIR inside the source directory, otherwise
ccache would try to write to the home directory, which is forbidden
by the Debian policy.
-- Alberto Garcia <email address hidden> Sun, 29 May 2022 13:07:27 +0200
-
webkit2gtk (2.36.2-1) unstable; urgency=high
[ Alberto Garcia ]
* New upstream release.
[ Adrian Bunk ]
* debian/rules: lower memory requirements on sh4.
-- Alberto Garcia <email address hidden> Wed, 18 May 2022 10:13:09 +0200
-
webkit2gtk (2.36.1-1) unstable; urgency=medium
[ Alberto Garcia ]
* New upstream release.
[ Jeremy Bicha ]
* Reduce the number of parallel build jobs on Ubuntu's amd64
-- Alberto Garcia <email address hidden> Thu, 21 Apr 2022 16:47:44 +0200
-
webkit2gtk (2.36.0-3) unstable; urgency=medium
* debian/rules:
- Build with -Os, -g0 and ggc-min-expand=10 in mips / mipsel in order
to lower the memory requirements and revert the changes from
2.36.0-2 (thanks, Adrian Bunk).
-- Alberto Garcia <email address hidden> Mon, 04 Apr 2022 12:58:57 +0200
-
webkit2gtk (2.36.0-2) unstable; urgency=medium
* debian/rules:
- Disable unified builds in Debian/mipsel and reduce the number of
parallel jobs in order to prevent running out of memory.
* debian/control:
- Clarify in package descriptions that 4.0 and 4.1 packages use
different versions of libsoup and that the documentation package is
equally valid for both.
-- Alberto Garcia <email address hidden> Tue, 29 Mar 2022 23:06:22 +0200
-
webkit2gtk (2.36.0-1) unstable; urgency=medium
* New upstream release.
* Refresh all patches.
* debian/rules:
+ Build with CMAKE_BUILD_WITH_INSTALL_RPATH=ON, otherwise builds are
not reproducible if they happen in different directories.
* Bring all changes from the 2.35 (experimental) branch.
* debian/control:
+ Make libjavascriptcoregtk-4.0-dev depend on libglib2.0-dev.
* debian/source/lintian-overrides:
+ Update source-is-missing overrides.
* debian/libwebkit2gtk-4.0-37.symbols:
+ Update symbols.
* debian/copyright:
+ Update copyright information of all files.
* debian/gbp.conf:
+ Update upstream branch name.
* debian/rules:
+ USE_SYSTEMD was renamed to ENABLE_JOURNALD_LOG.
* debian/control:
+ Remove all Conflicts: lines, they are obsolete.
+ Make libjavascriptcoregtk-4.0-dev depend on libglib2.0-dev.
+ Simplify descriptions and remove references to the WebKit2 API
layer.
* Build the 4.1 API version of the packages. These use libsoup 3 instead
of libsoup 2 but are otherwise identical to the 4.0 API packages.
+ debian/control:
- Add build dependency on libsoup-3.0-dev.
- Add entries for the new packages. The 4.1 versions of the
WebDriver, JSC command-line interpreter and documentation are
currently not being generated.
+ debian/rules:
- Add commands to build both sets of packages.
+ debian/libwebkit2gtk-4.0-37.install:
- Update path of locale files to select only the exact API version.
+ debian/not-installed:
- Don't install the 4.1 build of the JSC command-line interpreter.
-- Alberto Garcia <email address hidden> Mon, 21 Mar 2022 23:10:15 +0100
-
webkit2gtk (2.34.6-1) unstable; urgency=high
[ Alberto Garcia ]
* New upstream release.
+ Fixes CVE-2022-22620.
[ Jeremy Bicha ]
* debian/rules:
+ Reduce the number of parallel build jobs on Ubuntu's arm64.
-- Alberto Garcia <email address hidden> Thu, 17 Feb 2022 19:52:20 +0100
-
webkit2gtk (2.34.5-1) unstable; urgency=high
* New upstream release.
+ Fixes CVE-2022-22589, CVE-2022-22590 and CVE-2022-22592.
-- Alberto Garcia <email address hidden> Wed, 09 Feb 2022 12:10:57 +0100
-
webkit2gtk (2.34.4-1) unstable; urgency=high
* New upstream release.
* Set the debhelper compatibility level to 12:
- Get rid of debian/compat.
- Add build dependency on debhelper-compat.
* debian/rules:
- Stop using --builddirectory=build, .gir files no longer seem to
contain references to the build directory (see the 2.27.90-1 entry
for more details).
* debian/copyright:
+ Update copyright years.
-- Alberto Garcia <email address hidden> Fri, 21 Jan 2022 11:44:16 +0100
-
webkit2gtk (2.34.3-1) unstable; urgency=high
[ Alberto Garcia ]
* New upstream release.
* The WebKitGTK security advisory WSA-2021-0007 lists the following
security fixes in the latest versions of WebKitGTK:
+ CVE-2021-30809, CVE-2021-30836 (fixed in 2.32.4).
+ CVE-2021-30818, CVE-2021-30823, CVE-2021-30884, CVE-2021-30888,
CVE-2021-30889, CVE-2021-30897 (fixed in 2.34.0).
+ CVE-2021-30887, CVE-2021-30890 (fixed in 2.34.3).
[ Sebastien Bacher ]
* debian/rules:
+ Explicitly disable lto since when it's on the build is failing, that
doesn't impact Debian by default but is an issue on Ubuntu.
(Closes: #1000598)
+ Don't recommend xdg-desktop-portal-gtk on Ubuntu i386, it's a partial
architecture and the binary doesn't exist (Closes: #1000599).
-- Alberto Garcia <email address hidden> Tue, 21 Dec 2021 00:59:40 +0100
-
webkit2gtk (2.34.2-1) unstable; urgency=medium
* New upstream release.
-- Alberto Garcia <email address hidden> Wed, 24 Nov 2021 15:56:26 +0100
-
webkit2gtk (2.34.1-1) unstable; urgency=high
[ Alberto Garcia ]
* New upstream release.
* debian/rules:
+ Build with -O1 in sh3 and sh4 (Closes: #995717).
* debian/copyright:
+ Update copyright information of all files.
* debian/libwebkit2gtk-4.0-37.symbols:
+ Update symbols.
* debian/libwebkit2gtk-4.0-37.lintian-overrides:
+ Override library-not-linked-against-libc.
* debian/source/lintian-overrides:
+ Update source-is-missing overrides.
* debian/control:
+ Update Standards-Version to 4.6.0.1 (no changes).
[ Sebastien Bacher ]
* debian/control, debian/rules:
+ handle gstreamer1.0-plugins-bad with the same Ubuntu override than
libav, it's also in universe (Closes: #995166).
-- Alberto Garcia <email address hidden> Fri, 22 Oct 2021 00:56:49 +0200
-
webkit2gtk (2.34.0-1) unstable; urgency=medium
* New upstream release.
* Bring all changes from the 2.33 (experimental) branch.
* debian/rules:
+ Build with -DUSE_SOUP2=ON.
* debian/control:
+ Add build dependency on liblcms2-dev (bug #880697).
+ Remove the dummy libwebkit2gtk-4.0-37-gtk2 package.
* debian/copyright:
+ Update copyright information of all files.
* debian/gbp.conf:
+ Update upstream branch name.
* debian/libwebkit2gtk-4.0-37.symbols:
+ Update symbols.
* debian/source/lintian-overrides:
+ Update source-is-missing overrides.
* Refresh all patches.
-- Alberto Garcia <email address hidden> Thu, 23 Sep 2021 12:10:43 +0200
-
webkit2gtk (2.32.4-1) unstable; urgency=high
* New upstream release.
* debian/source/lintian-overrides:
+ Update source-is-missing overrides.
-- Alberto Garcia <email address hidden> Fri, 17 Sep 2021 21:16:20 +0200
-
webkit2gtk (2.32.3-1) unstable; urgency=high
* New upstream release.
* The WebKitGTK security advisory WSA-2021-0004 lists the following
security fixes in the latest versions of WebKitGTK:
+ CVE-2021-30666, CVE-2021-30761 (fixed in 2.26.0).
+ CVE-2021-30762 (fixed in 2.28.0).
+ CVE-2021-1817, CVE-2021-1820, CVE-2021-1825, CVE-2021-1826,
CVE-2021-30661 (fixed in 2.30.0).
+ CVE-2021-21806 (fixed in 2.30.6).
+ CVE-2021-30682 (fixed in 2.32.0).
+ CVE-2021-30758 (fixed in 2.32.2).
+ CVE-2021-21775, CVE-2021-21779, CVE-2021-30663, CVE-2021-30665,
CVE-2021-30689, CVE-2021-30720, CVE-2021-30734, CVE-2021-30744,
CVE-2021-30749, CVE-2021-30795, CVE-2021-30797, CVE-2021-30799
(fixed in 2.32.3).
-- Alberto Garcia <email address hidden> Sun, 25 Jul 2021 00:25:47 +0200
-
webkit2gtk (2.32.2-1) unstable; urgency=medium
* New upstream release.
* debian/patches/fix-ftbfs-m68k.patch:
+ Update patch.
-- Alberto Garcia <email address hidden> Fri, 09 Jul 2021 13:41:26 +0200
-
webkit2gtk (2.32.1-2) unstable; urgency=high
* debian/control:
+ Update the dependencies on GStreamer plugins (Closes: #989332):
- WebKitGTK really expects at least the -base and -good sets.
- For video playback (e.g YouTube) -bad is also recommended.
- The pulseaudio plugin was merged into the -good package so it will
be always be available now. Move -alsa to Suggests.
-- Alberto Garcia <email address hidden> Mon, 07 Jun 2021 10:39:51 +0200
-
webkit2gtk (2.32.1-1) unstable; urgency=medium
* New upstream release.
* debian/patches/fix-ftbfs-m68k.patch:
+ Update patch.
* Downgrade dependency on xdg-desktop-portal-gtk to a recommendation.
This works around an autopkgtest regression in balsa (see #987686).
(Closes: #987428).
-- Alberto Garcia <email address hidden> Mon, 10 May 2021 12:20:44 +0200
-
webkit2gtk (2.32.0-2) unstable; urgency=high
* The WebKitGTK security advisory WSA-2021-0003 lists the following
security fixes in the latest versions of WebKitGTK:
+ CVE-2021-1788, CVE-2021-1844, CVE-2021-1871 (fixed in 2.32.0).
* debian/patches/fix-ftbfs-m68k.patch:
+ Compile BytecodeGenerator.cpp without optimizations on m68k and sh4,
otherwise the build fails due to gcc bugs.
* debian/gbp.conf:
+ Update upstream branch name.
-- Alberto Garcia <email address hidden> Thu, 22 Apr 2021 18:42:46 +0200
-
webkit2gtk (2.30.6-1) unstable; urgency=high
* New upstream release.
* debian/control:
+ Remove references to browser-plugin-freshplayer-pepperflash, this
package is no longer available, see #966474.
* debian/patches/include-libwpe.patch:
+ Fix build with wpebackend-fdo 1.8.1.
-- Alberto Garcia <email address hidden> Thu, 18 Mar 2021 16:05:45 +0100
-
webkit2gtk (2.30.5-1) unstable; urgency=high
* New upstream release (Closes: #978042).
* Remove some obsolete build dependencies (Closes: #979170):
+ gawk is not needed since WebKitGTK switched from autotools to CMake.
+ libgeoclue-2-dev and geoclue-2.0 are not required since WebKitGTK
2.25.1 (upstream bug 195994).
+ libupower-glib-dev is not required since WebKitGTK 2.19.92 (upstream
bug 181825).
+ libfile-copy-recursive-perl is not required since WebKitGTK 2.19.3
(upstream bug 180479).
+ mesa-common-dev used to provide GL/gl.h but this header is now in
libgl-dev.
+ libgles2-mesa-dev used to provide GLES3/gl3.h but this header is now
in libgles-dev.
+ libgl1-mesa-dev and libgles2-mesa-dev are now dummy packages.
+ libpango1.0-dev is not checked for any specific version at build
time so there's no need to list it.
* Update the minimum required versions of some packages:
+ cmake from 3.3 to 3.10
+ libglib2.0-dev from 2.36.0 to 2.44.0
+ libgtk-3-dev from 3.10.0 to 3.22.0
+ libcairo2-dev from 1.10.2 to 1.14.0
+ libsoup2.4-dev from 2.42.0 to 2.54.0.
* debian/patches/fix-mips-page-size.patch:
+ Increase the page size from 4KB to 16KB on MIPS, this fixes a crash
with Loongson CPUs that don't support 4KB pages (Closes: #977779).
* debian/copyright:
+ Update copyright years.
* debian/watch:
+ Set version to 4 (fixes older-debian-watch-file-standard).
* debian/control:
+ Update Standards-Version to 4.5.1 (no changes).
-- Alberto Garcia <email address hidden> Thu, 07 Jan 2021 14:23:52 +0100
-
webkit2gtk (2.30.4-1) unstable; urgency=high
* New upstream release.
* The WebKitGTK security advisory WSA-2020-0008 lists the following
security fixes in the latest versions of WebKitGTK:
+ CVE-2020-9952 (fixed in 2.28.3).
+ CVE-2020-9948, CVE-2020-9951 (fixed in 2.30.0).
+ CVE-2020-9983, CVE-2020-13584 (fixed in 2.30.3).
-- Alberto Garcia <email address hidden> Tue, 15 Dec 2020 15:23:01 +0100
-
webkit2gtk (2.30.3-1) unstable; urgency=high
* New upstream release
-- Alberto Garcia <email address hidden> Fri, 20 Nov 2020 15:24:07 +0100
-
webkit2gtk (2.30.2-1) unstable; urgency=medium
* New upstream release.
-- Alberto Garcia <email address hidden> Fri, 23 Oct 2020 12:18:03 +0200
-
webkit2gtk (2.30.1-1) unstable; urgency=medium
* New upstream release.
* debian/copyright:
+ Update copyright information of all files.
* debian/gbp.conf:
+ Update upstream branch name.
* debian/source/lintian-overrides:
+ Remove mailing-list-obsolete-in-debian-infrastructure.
-- Alberto Garcia <email address hidden> Mon, 21 Sep 2020 15:34:07 +0200
-
webkit2gtk (2.28.4-1) unstable; urgency=high
* New upstream release.
* Enable OpenGL ES in arm:
+ debian/patches/use-gles-on-arm.patch:
- Set ENABLE_GLES2_DEFAULT to ON on arm.
+ debian/control:
- Always depend on libgl1-mesa-dev.
-- Alberto Garcia <email address hidden> Tue, 28 Jul 2020 17:12:20 +0200
-
webkit2gtk (2.28.3-2) unstable; urgency=high
* The WebKitGTK security advisory WSA-2020-0006 lists the following
security fixes in the latest versions of WebKitGTK:
+ CVE-2020-9802, CVE-2020-9803, CVE-2020-9805, CVE-2020-9806,
CVE-2020-9807, CVE-2020-9843, CVE-2020-9850, CVE-2020-13753 (fixed
in 2.28.3).
* Don't build the documentation in binary-arch builds and with the nodoc
build profile (Closes: #962616).
+ debian/control:
- Move gtk-doc-tools and *-doc to Build-Depends-Indep.
- Add Build-Profiles: <!nodoc> to libwebkit2gtk-4.0-doc
+ debian/rules:
- Use dh_listpackages to decide whether to build the documentation.
-- Alberto Garcia <email address hidden> Fri, 10 Jul 2020 13:26:49 +0200
-
webkit2gtk (2.28.3-1) unstable; urgency=high
* New upstream release.
* debian/rules:
+ Remove disabling of openjpeg on Ubuntu, it's in main now (thanks,
Sebastien Bacher)
* debian/patches/dont-fallback-to-libwpe.patch:
+ Drop this patch.
* debian/copyright:
+ Update copyright information of all files.
-- Alberto Garcia <email address hidden> Thu, 09 Jul 2020 12:20:00 +0200
-
webkit2gtk (2.28.2-2) unstable; urgency=high
* debian/patches/dont-fallback-to-libwpe.patch:
+ Fix crash when DISPLAY is unset (Closes: #956219).
-- Alberto Garcia <email address hidden> Mon, 27 Apr 2020 14:55:16 +0200
-
webkit2gtk (2.28.2-1) unstable; urgency=high
* New upstream release (Closes: #956837).
* debian/patches/fix-ftbfs-mips64el.patch:
+ Drop this patch.
* debian/rules:
+ Don't set -Wall or -Wl,--as-needed, these are already used by
default. Fixes the debian-rules-uses-as-needed-linker-flag lintian
warning.
+ Include /usr/share/dpkg/buildflags.mk instead of setting the build
flags manually.
* debian/source/lintian-overrides:
+ Override mailing-list-obsolete-in-debian-infrastructure.
-- Alberto Garcia <email address hidden> Fri, 24 Apr 2020 14:49:30 +0200
-
webkit2gtk (2.28.1-2) unstable; urgency=high
* The WebKitGTK security advisory WSA-2020-0004 lists the following
security fixes in the latest versions of WebKitGTK:
+ CVE-2020-11793 (fixed in 2.28.1).
* fix-ftbfs-mips64el.patch:
+ Fix a FTBFS in mipsel64.
-- Alberto Garcia <email address hidden> Mon, 20 Apr 2020 01:50:19 +0200
-
webkit2gtk (2.28.1-1) unstable; urgency=medium
* New upstream release (Closes: #956219, #954026).
* debian/control:
+ Remove build dependency on libx11-xcb-dev now that gstreamer depends
on it (see #948143).
* debian/patches/use-python3.patch:
+ Drop patch, this is now upstream.
-- Alberto Garcia <email address hidden> Mon, 13 Apr 2020 13:08:54 +0200
-
webkit2gtk (2.28.0-2) unstable; urgency=high
* The WebKitGTK security advisory WSA-2020-0003 lists the following
security fixes in the latest versions of WebKitGTK:
+ CVE-2020-10018 (fixed in 2.28.0).
* debian/rules:
+ Disable the WPE renderer on Ubuntu since the required backend is in
universe (thanks, Sebastien Bacher).
* debian/gbp.conf:
+ Update upstream branch name.
-- Alberto Garcia <email address hidden> Thu, 12 Mar 2020 20:35:21 +0100
-
webkit2gtk (2.26.4-1) unstable; urgency=high
* New upstream release.
* The WebKitGTK security advisory WSA-2020-0001 lists the following
security fixes in the latest versions of WebKitGTK:
+ CVE-2019-8835, CVE-2019-8844, CVE-2019-8846 (fixed in 2.26.3)
* The WebKitGTK security advisory WSA-2020-0002 lists the following
security fixes in the latest versions of WebKitGTK:
+ CVE-2020-3862, CVE-2020-3864, CVE-2020-3865, CVE-2020-3867,
CVE-2020-3868 (fixed in 2.26.4)
* debian/rules:
+ Don't use the Gold linker on powerpc (Closes: #949618).
+ Run dh with --builddirectory=build. Some source files are generated
inside this directory and are later referenced from the .gir files
so their path names should be independent from the architecture.
* debian/control:
+ Mark libwebkit2gtk-4.0-doc and libwebkit2gtk-4.0-37-gtk2 as
Multi-Arch: foreign.
+ Update Standards-Version to 4.5.0 (no changes).
* debian/patches/reduce-memory-overheads.patch:
+ Reduce memory usage when not using the Gold linker
(Closes: #949621).
* debian/patches/fix-ftbfs-m68k.patch:
+ Update to make it work with the current release (Closes: #949660).
* debian/patches/detect-woff.patch:
+ Refresh.
* Add debian/upstream/metadata.
-- Alberto Garcia <email address hidden> Fri, 14 Feb 2020 14:55:40 +0100
-
webkit2gtk (2.26.3-1) unstable; urgency=high
* New upstream release.
* The WebKitGTK security advisory WSA-2019-0006 lists the following
security fixes in the latest versions of WebKitGTK:
+ CVE-2019-8765, CVE-2019-8821, CVE-2019-8822 (fixed in 2.24.4)
+ CVE-2019-8710, CVE-2019-8743, CVE-2019-8764, CVE-2019-8766,
CVE-2019-8782, CVE-2019-8808, CVE-2019-8815 (fixed in 2.26.0)
+ CVE-2019-8783, CVE-2019-8811, CVE-2019-8813, CVE-2019-8816,
CVE-2019-8819, CVE-2019-8820, CVE-2019-8823 (fixed in 2.26.1)
+ CVE-2019-8812, CVE-2019-8814 (fixed in 2.26.2)
* Build without the bubblewrap sandbox if the required dependencies are
not available (Closes: #944731):
+ debian/rules:
- Pass -DENABLE_BUBBLEWRAP_SANDBOX depending on whether libseccomp
is installed.
- Add runtime dependencies on bubblewrap and xdg-dbus-proxy
conditionally to the status of ENABLE_BUBBLEWRAP_SANDBOX.
+ debian/control:
- Don't require bubblewrap, xdg-dbus-proxy or libseccomp-dev in
alpha, ia64, m68k, riscv64, sh4 or sparc64.
* Enable USE_WPE_RENDERER:
+ debian/control:
- Add build dependency on libwpebackend-fdo-1.0-dev.
+ debian/rules:
- Set USE_WPE_RENDERER depending on whether wpebackend-fdo is
available or not (this allows disabling it by simply removing the
build dependency).
* debian/rules:
+ Use -g1 in all builds. The webkit2gtk debug packages are huge and
I'm not convinced that they have been very useful for reporting
bugs. Using -g1 is enough for a basic backtrace and it makes the
packages easier to handle.
+ Install the NEWS file using debian/libwebkit2gtk-4.0-37.docs.
* debian/control:
+ Switch build dependency from libenchant-dev to libenchant-2-dev
(Closes: #948106).
+ Add build dependency on libx11-xcb-dev (Closes: #949430).
+ Add Rules-Requires-Root: no.
* debian/patches/use-python3.patch:
+ The unversioned python interpreter (i.e. Python 2) is not installed
by default anymore, so use Python 3 instead (Closes: #948839).
* debian/patches/user-agent-branding.patch:
+ Refresh.
* debian/libwebkit2gtk-4.0-37.symbols:
+ Add Build-Depends-Package field.
* debian/copyright:
+ Update copyright years.
-- Alberto Garcia <email address hidden> Wed, 22 Jan 2020 13:44:09 +0100
-
webkit2gtk (2.26.2-1) unstable; urgency=medium
* New upstream release.
* debian/rules:
+ Stop building with -O1 for armhf and friends, the build seems to
work just fine with -O2 now.
* debian/control:
+ Require bubblewrap >= 0.3.1.
* debian/patches/force-single-process.patch:
+ Remove this patch, the fixed version of Geary (3.34.1) is now in
unstable.
* The WebKitGTK security advisory WSA-2019-0005 lists the following
security fixes in the latest versions of WebKitGTK:
+ CVE-2019-8768 (fixed in 2.24.0).
+ CVE-2019-8735 (fixed in 2.24.2).
+ CVE-2019-8726 (fixed in 2.24.3).
+ CVE-2019-8674, CVE-2019-8707, CVE-2019-8719, CVE-2019-8733 and
CVE-2019-8763 (fixed in 2.24.4).
+ CVE-2019-8625, CVE-2019-8720, CVE-2019-8769 and CVE-2019-8771
(fixed in 2.26.0).
-- Alberto Garcia <email address hidden> Wed, 06 Nov 2019 14:29:56 +0200
-
webkit2gtk (2.26.1-3) unstable; urgency=medium
* debian/rules:
+ Use -DWTF_CPU_ARM64_CORTEXA53=OFF to fix the arm64 build.
* debian/patches/force-single-process.patch:
+ Don't use this workaround for Evolution anymore, the fixed version
is now in unstable.
* debian/control:
+ Add Breaks for Evolution < 3.34.1.
+ Update Standards-Version to 4.4.1 (no changes).
-- Alberto Garcia <email address hidden> Wed, 09 Oct 2019 12:22:19 +0300
-
webkit2gtk (2.26.1-2) unstable; urgency=medium
* debian/patches/force-single-process.patch:
+ Force the single-process mode in Evolution and Geary.
* debian/gbp.conf:
+ Update upstream branch name.
-- Alberto Garcia <email address hidden> Mon, 07 Oct 2019 16:59:20 +0300
-
webkit2gtk (2.24.4-1) unstable; urgency=medium
* New upstream release (Closes: #931807).
* debian/libwebkit2gtk-4.0-37.symbols:
+ Update symbols.
-- Alberto Garcia <email address hidden> Wed, 28 Aug 2019 14:33:00 +0300
-
webkit2gtk (2.24.3-1) unstable; urgency=medium
* New upstream release (Closes: #929749).
* debian/control:
+ Recommend gstreamer1.0-libav. This package allows the user to play
most internet videos (Closes: #870814).
-- Alberto Garcia <email address hidden> Tue, 02 Jul 2019 13:03:13 +0300
-
webkit2gtk (2.24.2-2) unstable; urgency=high
* The WebKitGTK security advisory WSA-2019-0003 lists the following
security fixes in the latest versions of WebKitGTK+:
+ CVE-2019-8571, CVE-2019-8583, CVE-2019-8586, CVE-2019-8594,
CVE-2019-8609, CVE-2019-8611, CVE-2019-8622 and CVE-2019-8623
(fixed in 2.24.0).
+ CVE-2019-6237, CVE-2019-8584, CVE-2019-8587, CVE-2019-8596,
CVE-2019-8597, CVE-2019-8601, CVE-2019-8608, CVE-2019-8610 and
CVE-2019-8619 (fixed in 2.24.1).
+ CVE-2019-8595, CVE-2019-8607 and CVE-2019-8615 (fixed in 2.24.2).
* Use the CLoop Javascript interpreter in i386 and stop telling gcc to
use SSE2 instructions (Closes: #930935).
+ debian/rules:
- Build with -DENABLE_JIT=OFF -DENABLE_C_LOOP=ON and stop using
-msse2 -mfpmath=sse.
+ debian/patches/dont-detect-sse2.patch:
- Don't check for SSE2 support.
+ debian/NEWS:
- Remove item about the requirement to have an SSE2-capable CPU.
-- Alberto Garcia <email address hidden> Mon, 24 Jun 2019 16:34:09 +0300
-
webkit2gtk (2.24.2-1) unstable; urgency=medium
* New upstream release.
+ This fixes CVE-2019-8595, CVE-2019-8607 and CVE-2019-8615.
* debian/patches/fix-redirected-streams.patch,
debian/patches/fix-cjk-white-space.patch:
+ Drop these patches.
* debian/libwebkit2gtk-4.0-37.symbols:
+ Update symbols.
-- Alberto Garcia <email address hidden> Fri, 17 May 2019 17:40:52 +0300
-
webkit2gtk (2.24.1-2) unstable; urgency=high
* The WebKitGTK+ security advisory WSA-2019-0002 lists the following
security fixes in the latest versions of WebKitGTK+:
+ CVE-2019-6201, CVE-2019-7285, CVE-2019-7292, CVE-2019-8503,
CVE-2019-8515 (fixed in 2.22.6).
+ CVE-2019-8518, CVE-2019-8523 (fixed in 2.22.7).
+ CVE-2019-8524, CVE-2019-8535, CVE-2019-8536, CVE-2019-8544,
CVE-2019-8551, CVE-2019-8558, CVE-2019-8559, CVE-2019-8563,
CVE-2019-8506 (fixed in 2.24.0).
+ CVE-2019-11070, CVE-2019-6251 (fixed in 2.24.1).
* debian/patches/fix-redirected-streams.patch:
+ Fix playback of redirected streams (Closes: #928044).
* debian/patches/fix-cjk-white-space.patch:
+ Fix white space rendering with noto CJK font (Closes: #926872).
* debian/NEWS:
+ Add news item about the lack of support for pre-SSE2 i386 CPUs.
-- Alberto Garcia <email address hidden> Fri, 10 May 2019 12:39:42 +0300
-
webkit2gtk (2.24.1-1) unstable; urgency=high
* New upstream release.
+ This fixes CVE-2019-6251.
* GTK has dropped the '+' from its name, and so has WebKitGTK, so update
all references.
* debian/gbp.conf:
+ Update upstream branch name.
* debian/rules:
+ No need to chmod generate-gtkdoc anymore.
+ 32-bit x86 builds require SSE2 now.
* debian/watch:
+ Scan stable releases only.
* debian/patches/detect-woff.patch:
+ Refresh.
-- Alberto Garcia <email address hidden> Tue, 09 Apr 2019 17:31:03 +0300
-
webkit2gtk (2.22.7-1) unstable; urgency=high
* New upstream release (Closes: #921869).
-- Alberto Garcia <email address hidden> Sun, 03 Mar 2019 15:49:26 +0200
-
webkit2gtk (2.22.6-1) unstable; urgency=high
* New upstream release.
* The WebKitGTK+ security advisory WSA-2019-0001 lists the following
security fixes in the latest versions of WebKitGTK+:
+ CVE-2019-6226 (fixed in 2.22.0)
+ CVE-2019-6233 and CVE-2019-6234 (fixed in 2.22.4)
+ CVE-2019-6216, CVE-2019-6217, CVE-2019-6227 and CVE-2019-6229
(fixed in 2.22.5).
+ CVE-2019-6212 and CVE-2019-6215 (fixed in 2.22.6).
* debian/copyright:
+ Update copyright years.
-- Alberto Garcia <email address hidden> Sat, 09 Feb 2019 11:35:18 +0200
-
webkit2gtk (2.22.5-1) unstable; urgency=medium
* New upstream release.
* debian/patches/detect-jit.patch:
+ Drop patch, this has been fixed upstream.
* debian/patches/detect-woff.patch:
+ Refresh.
-- Alberto Garcia <email address hidden> Thu, 13 Dec 2018 20:43:29 +0200
-
webkit2gtk (2.22.4-1) unstable; urgency=high
* New upstream release.
* The WebKitGTK+ security advisory WSA-2018-0008 lists the following
security fixes in the latest versions of WebKitGTK+:
+ CVE-2018-4373 (fixed in 2.22.0).
+ CVE-2018-4375, CVE-2018-4376, CVE-2018-4378, CVE-2018-4382,
CVE-2018-4392 and CVE-2018-4416 (fixed in 2.22.1).
+ CVE-2018-4345 and CVE-2018-4386 (fixed in 2.22.3).
+ CVE-2018-4372 (fixed in 2.22.4).
* debian/control:
+ libwoff-dev is now available on kfreebsd, so we can use it.
-- Alberto Garcia <email address hidden> Thu, 22 Nov 2018 14:59:41 +0200
-
webkit2gtk (2.22.3-1) unstable; urgency=medium
* New upstream release.
[ Jeremy Bicha ]
* Enable woff2 support in Ubuntu too.
* Opt out of Ubuntu language packs. This package is updated too often.
[ Alberto Garcia ]
* debian/patches/detect-woff.patch:
+ WOFF2 is not available on all platforms, so don't abort the build if
it's not installed. This way it's enough if we simply remove
libwoff-dev from the Build-Depends when necessary.
* debian/control:
+ Don't depend on libwoff-dev on kfreebsd, it's not available.
-- Alberto Garcia <email address hidden> Mon, 29 Oct 2018 13:36:11 +0200
-
webkit2gtk (2.22.2-1) unstable; urgency=medium
* New upstream release.
* debian/upstream/signing-key.asc:
+ Add Adrian Perez's GPG key to the keyring. He'll also be in charge
of making upstream releases.
* debian/patches/fix-ftbfs-x32.patch:
+ Fix the X32 build.
* debian/patches/fix-ftbfs-armel.patch:
+ Fix the armel build.
+ debian/rules:
- Stop passing -DENABLE_JIT=OFF manually.
-- Alberto Garcia <email address hidden> Sat, 22 Sep 2018 00:31:55 +0300
-
webkit2gtk (2.22.1-1) unstable; urgency=medium
* New upstream release.
* debian/patches/replace-stdmax.patch:
+ Drop patch, this has been merged upstream.
-- Alberto Garcia <email address hidden> Thu, 20 Sep 2018 11:55:58 +0300
-
webkit2gtk (2.22.0-2) unstable; urgency=medium
* Upload to unstable.
* debian/rules:
+ Disable JIT on armel, it's currently broken.
* debian/gbp.conf:
+ Update upstream branch name.
* debian/watch:
+ Scan stable releases only.
-- Alberto Garcia <email address hidden> Fri, 14 Sep 2018 21:23:00 +0300
-
webkit2gtk (2.20.5-1) unstable; urgency=medium
* New upstream release.
* debian/patches/fix-ftbfs-m68k.patch:
+ Update patch (Closes: #902100).
-- Alberto Garcia <email address hidden> Mon, 13 Aug 2018 10:52:34 +0300
-
webkit2gtk (2.20.4-1) unstable; urgency=high
* New upstream release.
+ This fixes CVE-2018-4261, CVE-2018-4262, CVE-2018-4263,
CVE-2018-4264, CVE-2018-4265, CVE-2018-4266, CVE-2018-4267,
CVE-2018-4270, CVE-2018-4272, CVE-2018-4273, CVE-2018-4278,
CVE-2018-4284.
* Don't use NEWS as an upstream changelog anymore (as required by Debian
policy 4.2.0).
* debian/control:
+ Update Standards-Version to 4.2.0.
-- Alberto Garcia <email address hidden> Mon, 06 Aug 2018 16:39:27 +0300
-
webkit2gtk (2.20.3-1) unstable; urgency=high
* New upstream release.
+ This fixes CVE-2018-4190, CVE-2018-4199, CVE-2018-4218,
CVE-2018-4222, CVE-2018-4232, CVE-2018-4233, CVE-2018-4246 and
CVE-2018-11646.
* debian/control:
+ Remove compatibility with versions of debhelper < 9.20151219 in
override_dh_strip, we require version 10 since 2.20.1-1.
* debian/patches/fix-atomics-build.patch:
+ The __atomic_fetch_add_8() check is now in this release. Update the
patch to enable THREADS_PREFER_PTHREAD_FLAG. This fixes the riscv64
build.
* debian/rules:
+ Build with -DRELEASE_WITHOUT_OPTIMIZATIONS if "noopt" is set.
* debian/libwebkit2gtk-4.0-doc.install, debian/rules:
+ Update path of installed documentation. This changed upstream in
2.20.2 but it was reverted in this release.
-- Alberto Garcia <email address hidden> Tue, 12 Jun 2018 12:58:42 +0300
-
webkit2gtk (2.20.2-1) unstable; urgency=high
* New upstream release.
+ This fixes CVE-2018-4200.
* debian/patches/fix-atomics-build.patch:
+ Set THREADS_PREFER_PTHREAD_FLAG to ON. This fixes the build in
riscv64 (thanks, Aurelien Jarno).
* debian/libwebkit2gtk-4.0-doc.install, debian/rules:
+ Update path of installed documentation (see WebKit #184771).
-- Alberto Garcia <email address hidden> Mon, 07 May 2018 14:41:30 +0300
-
webkit2gtk (2.20.1-1) unstable; urgency=medium
[ Alberto Garcia ]
* New upstream release.
* debian/rules:
+ Ubuntu doesn't install changelogs with dh_installchangelogs, so
let's use dh_installdocs instead (but keep dh_installchangelogs for
Debian).
* debian/control:
+ Update Standards-Version to 4.1.4 (no changes needed).
[ Jeremy Bicha ]
* The WebKitGTK+ security advisory WSA-2018-0003 lists the following
security fixes in the latest versions of WebKitGTK+:
+ CVE-2018-4101, CVE-2018-4113, CVE-2018-4114, CVE-2018-4117,
CVE-2018-4118, CVE-2018-4119, CVE-2018-4120, CVE-2018-4122,
CVE-2018-4125, CVE-2018-4127, CVE-2018-4128, CVE-2018-4129,
CVE-2018-4133, CVE-2018-4146, CVE-2018-4161, CVE-2018-4162,
CVE-2018-4163, CVE-2018-4165 (fixed in 2.20.0).
* Update Vcs fields for migration to https://salsa.debian.org/
* Enable gstreamer-gl on Ubuntu too (LP: #1752197)
* Bump debhelper compat to 10
-- Alberto Garcia <email address hidden> Tue, 10 Apr 2018 20:34:42 +0200
-
webkit2gtk (2.20.0-2) unstable; urgency=medium
* Upload to unstable (Closes: #889659, #888543).
* debian/gbp.conf:
+ Update upstream branch name.
* debian/NEWS:
+ Add news item about the Gigacage feature.
-- Alberto Garcia <email address hidden> Wed, 21 Mar 2018 14:31:13 +0200
-
webkit2gtk (2.18.6-1) unstable; urgency=high
* New upstream release.
+ This fixes CVE-2018-4088, CVE-2017-13885, CVE-2017-7165,
CVE-2017-13884, CVE-2017-7160, CVE-2017-7153, CVE-2017-7153,
CVE-2017-7161 and CVE-2018-4096.
-- Alberto Garcia <email address hidden> Wed, 24 Jan 2018 13:30:06 +0200
-
webkit2gtk (2.18.5-1) unstable; urgency=high
* New upstream release.
+ This includes fixes to mitigate the effects of the Spectre
vulnerability (CVE-2017-5753 and CVE-2017-5715).
-- Alberto Garcia <email address hidden> Wed, 10 Jan 2018 14:23:33 +0200
-
webkit2gtk (2.18.4-1) unstable; urgency=high
[ Alberto Garcia ]
* New upstream release.
+ This fixes CVE-2017-13866, CVE-2017-13870, CVE-2017-7156 and
CVE-2017-13856.
* Refresh all patches.
* debian/control:
+ Request native version of the Ruby package (thanks, Helmut Grohne)
(Closes: #881637).
* Instead of passing -DUSE_GSTREAMER_GL=OFF explicitly, let CMake do it
if libgstreamer-plugins-bad1.0-dev is not installed.
+ debian/patches/detect-gstreamer-gl.patch:
- Disable USE_GSTREAMER_GL if GStreamerGL is not found.
+ debian/rules:
- Remove the list of architectures that are not using GStreamerGL.
* debian/control:
+ Don't require libgstreamer-plugins-bad1.0-dev in hppa, m68k,
powerpcspe, sh4 or x32.
[ Jeremy Bicha ]
* debian/control: Update Vcs-Git to point to correct branch.
* Allow setting the distributor name in the User Agent string. Ubuntu
wants this patch, but since it makes it easier to identify the user
let's leave it disabled in Debian (Closes: #883712).
+ debian/patches/user-agent-branding.patch:
- Patch to support updating the User-Agent string.
+ debian/rules:
- Pass -DUSER_AGENT_GTK_DISTRIBUTOR_NAME when building for Ubuntu.
-- Alberto Garcia <email address hidden> Tue, 19 Dec 2017 18:31:33 +0200
-
webkit2gtk (2.18.3-1) unstable; urgency=high
* New upstream release.
* The WebKitGTK+ security advisory WSA-2017-0009 lists the following
security fixes in the latest versions of WebKitGTK+:
+ CVE-2017-13783, CVE-2017-13784, CVE-2017-13785, CVE-2017-13791,
CVE-2017-13792, CVE-2017-13793, CVE-2017-13794, CVE-2017-13795,
CVE-2017-13796 and CVE-2017-13802 (fixed in 2.18.1).
+ CVE-2017-13788, CVE-2017-13798, CVE-2017-13803 (fixed in 2.18.3)
* Several cross-compilation fixes in debian/rules (thanks, Helmut
Grohne) (Closes: #881341):
+ Include /usr/share/dpkg/architecture.mk instead of calling
dpkg-architecture manually to set the DEB_*_ARCH variables.
+ Use DEB_BUILD_ARCH_BITS to decide whether to pass --no-keep-memory
to the linker.
+ Use DEB_HOST_ARCH to decide whether to use -g1, -DENABLE_JIT=OFF and
-DUSE_GSTREAMER_GL=OFF.
+ Remove the --no-relax flag for alpha, this was a workaround for a 10
year old binutils bug.
-- Alberto Garcia <email address hidden> Sat, 11 Nov 2017 14:26:11 +0200
-
webkit2gtk (2.18.2-1) unstable; urgency=medium
* New upstream release.
* debian/control:
+ Set the minimum versions of these build dependencies: cmake >= 3.3,
libcairo2-dev >= 1.10.2, libfontconfig1-dev >= 2.8, and
libgcrypt20-dev >= 1.7.0, libxml2-dev >= 2.8.
-- Alberto Garcia <email address hidden> Fri, 27 Oct 2017 15:05:15 +0200
-
webkit2gtk (2.18.1-1) unstable; urgency=medium
* New upstream release.
* The WebKitGTK+ security advisory WSA-2017-0008 lists the following
security fixes in the latest versions of WebKitGTK+:
+ CVE-2017-7081 and CVE-2017-7142 (fixed in 2.16.1).
+ CVE-2017-7094 (fixed in 2.16.3).
+ CVE-2017-7099 (fixed in 2.16.4).
+ CVE-2017-7087, CVE-2017-7089, CVE-2017-7090, CVE-2017-7091,
CVE-2017-7092, CVE-2017-7093, CVE-2017-7095, CVE-2017-7096,
CVE-2017-7098, CVE-2017-7100, CVE-2017-7102, CVE-2017-7104,
CVE-2017-7107, CVE-2017-7109, CVE-2017-7111, CVE-2017-7117,
CVE-2017-7120 (fixed in 2.18.0).
* debian/control:
+ Recommend the Pulseaudio or ALSA GStreamer plugins, since they're
needed for audio playback (Closes: #877281).
* debian/patches/fix-ftbfs-alpha.patch:
+ This patch is no longer needed, drop it.
* Refresh all other patches.
* debian/control:
+ Remove 'Priority: extra' fields, all packages have optional priority
now (the 'extra' priority has been deprecated).
* debian/copyright:
+ Use https for the Format URL.
-- Alberto Garcia <email address hidden> Wed, 18 Oct 2017 14:36:55 +0300
-
webkit2gtk (2.18.0-2) unstable; urgency=medium
* Upload to unstable.
* debian/gbp.conf:
+ Update upstream branch name.
* The WebKitGTK+ security advisory WSA-2017-0007 lists the following
security fixes in WebKitGTK+ 2.16.3:
+ CVE-2017-1000121.
+ CVE-2017-1000122.
-- Alberto Garcia <email address hidden> Thu, 14 Sep 2017 10:44:32 +0300
-
webkit2gtk (2.16.6-1) unstable; urgency=high
* New upstream release.
* The WebKitGTK+ security advisory WSA-2017-0006 lists the following
security fixes in the latest versions of WebKitGTK+:
+ CVE-2017-7020 (fixed in 2.16.1).
+ CVE-2017-7006, CVE-2017-7012, CVE-2017-7019, CVE-2017-7038,
CVE-2017-7041, CVE-2017-7042, CVE-2017-7043, CVE-2017-7049
(fixed in 2.16.2).
+ CVE-2017-7011, CVE-2017-7040, CVE-2017-7059 (fixed in 2.16.3).
+ CVE-2017-7052 (fixed in 2.16.4).
+ CVE-2017-7018, CVE-2017-7030, CVE-2017-7034, CVE-2017-7037,
CVE-2017-7039, CVE-2017-7046, CVE-2017-7048, CVE-2017-7055,
CVE-2017-7056, CVE-2017-7061, CVE-2017-7064 (fixed in 2.16.6).
* debian/patches/fix-ftbfs-m68k.patch:
+ Fix FTBFS in m68k (Closes: #868126).
* Override typelib-package-name-does-not-match and
gir-missing-typelib-dependency lintian warnings in
gir1.2-javascriptcoregtk-4.0, gir1.2-webkit2-4.0,
libjavascriptcoregtk-4.0-dev and libwebkit2gtk-4.0-dev.
-- Alberto Garcia <email address hidden> Thu, 27 Jul 2017 02:16:11 +0200
-
webkit2gtk (2.16.5-1) unstable; urgency=medium
* New upstream release (Closes: #865772).
-- Alberto Garcia <email address hidden> Tue, 27 Jun 2017 10:29:49 +0300
-
webkit2gtk (2.16.4-1) unstable; urgency=high
* New upstream release.
+ This fixes CVE-2017-2538.
-- Alberto Garcia <email address hidden> Tue, 20 Jun 2017 17:24:48 +0300
-
webkit2gtk (2.16.3-2) unstable; urgency=medium
* Upload to unstable (Closes: #836055).
* debian/watch:
+ Stop scanning the 2.15 branch.
* debian/gbp.conf:
+ Update upstream branch name.
* The WebKitGTK+ security advisory WSA-2017-0004 lists the following
security fixes in the latest versions of WebKitGTK+:
+ CVE-2017-2505, CVE-2017-2508, CVE-2017-2514, CVE-2017-2521
(fixed in 2.16.0).
+ CVE-2017-2504, CVE-2017-2506, CVE-2017-2515, CVE-2017-2525,
CVE-2017-2526, CVE-2017-2528, CVE-2017-2530, CVE-2017-2531,
CVE-2017-2536, CVE-2017-2544, CVE-2017-2547, CVE-2017-2549,
CVE-2017-6980, CVE-2017-6984 (fixed in 2.16.1).
+ CVE-2017-2496, CVE-2017-2510, CVE-2017-2539 (fixed in 2.16.3).
-- Alberto Garcia <email address hidden> Thu, 01 Jun 2017 00:29:57 +0300
-
webkit2gtk (2.14.7-1) unstable; urgency=medium
* New upstream release.
* debian/copyright:
+ Update copyright years and remove nonexistent files.
-- Alberto Garcia <email address hidden> Tue, 09 May 2017 16:48:39 +0300
-
webkit2gtk (2.14.6-1) unstable; urgency=high
* New upstream release.
+ This fixes CVE-2016-9643, CVE-2017-2364, CVE-2017-2367,
CVE-2017-2377, CVE-2017-2392, CVE-2017-2394, CVE-2017-2415,
CVE-2017-2419, CVE-2017-2442, CVE-2017-2446, CVE-2017-2454,
CVE-2017-2459, CVE-2017-2460, CVE-2017-2465, CVE-2017-2466,
CVE-2017-2468, CVE-2017-2470, CVE-2017-2471, CVE-2017-2475,
CVE-2017-2476, CVE-2017-2481.
* debian/control:
+ Downgrade libwebkit2gtk-4.0-37-gtk2 from Recommends to Suggests,
since most apps that depend on webkit2gtk don't need this.
-- Alberto Garcia <email address hidden> Fri, 07 Apr 2017 13:56:45 +0300
-
webkit2gtk (2.14.5-2) unstable; urgency=medium
* debian/patches/fix-ftbfs-x32.patch:
+ Fix FTBFS in x32 (Closes: #856498).
* debian/libwebkit2gtk-4.0-doc.links:
+ Remove webkit2gtk-4.0.devhelp2.gz -> webkit2gtk.devhelp2.gz symlink
as it is now obsolete (see upstream bug #139369) (Closes: #857412)
-- Alberto Garcia <email address hidden> Mon, 13 Mar 2017 12:48:26 +0200
-
webkit2gtk (2.14.5-1) unstable; urgency=high
* New upstream release (Closes: #855103).
-- Alberto Garcia <email address hidden> Wed, 15 Feb 2017 10:42:51 +0200
-
webkit2gtk (2.14.4-1) unstable; urgency=high
* New upstream release.
+ This fixes CVE-2017-2365, CVE-2017-2366, CVE-2017-2373,
CVE-2017-2363, CVE-2017-2362, CVE-2017-2350, CVE-2017-2350,
CVE-2017-2354, CVE-2017-2355, CVE-2017-2356, CVE-2017-2371,
CVE-2017-2364 and CVE-2017-2369.
* debian/patches/fix-ftbfs-hurd.patch:
+ Fix FTBFS in Hurd.
-- Alberto Garcia <email address hidden> Fri, 10 Feb 2017 14:17:37 +0200
-
webkit2gtk (2.14.3-1) unstable; urgency=high
* New upstream release.
+ The WebKitGTK+ security advisory WSA-2017-0001 published along with
this release lists the following security fixes in the latest
versions of WebKitGTK+:
- CVE-2016-4743, CVE-2016-7587, CVE-2016-7598 (fixed in 2.14.0).
- CVE-2016-4692, CVE-2016-7610 (fixed in 2.14.1).
- CVE-2016-7611, CVE-2016-7640, CVE-2016-7642, CVE-2016-7646,
CVE-2016-7648, CVE-2016-7649 (fixed in 2.14.2)
- CVE-2016-7586, CVE-2016-7589, CVE-2016-7592, CVE-2016-7599,
CVE-2016-7623, CVE-2016-7632, CVE-2016-7635, CVE-2016-7639,
CVE-2016-7645, CVE-2016-7641, CVE-2016-7652, CVE-2016-7654,
CVE-2016-7656 (fixed in 2.14.3)
* Verify GPG signature of the upstream tarball:
+ debian/upstream/signing-key.asc:
- Add key file.
+ debian/watch:
- Add pgpsigurlmangle option.
* debian/rules:
+ Use the NEWS file as the upstream changelog.
-- Alberto Garcia <email address hidden> Wed, 18 Jan 2017 11:28:41 +0200
-
webkit2gtk (2.14.2-1) unstable; urgency=medium
* New upstream release (Closes: #839379, #839397).
* debian/patches/fix-ftbfs-armel.patch:
+ The previous update broke this patch, fix it now.
* debian/rules:
+ Don't use the gold linker in kFreeBSD, its version of libxslt is
still affected by #801989. We should be able to revert this change
once we have libxslt >= 1.1.29.
+ Enable gold again in mips and mipsel now that #834147 is fixed and
we have binutils 2.27-9.
* debian/libwebkit2gtk-4.0-37.symbols:
+ Update.
-- Alberto Garcia <email address hidden> Thu, 03 Nov 2016 11:29:40 +0200
-
webkit2gtk (2.14.1-1) unstable; urgency=medium
* New upstream release.
* debian/patches/install-minibrowser.patch:
+ Drop patch, this has been merged upstream.
* debian/rules:
+ Set -DENABLE_MINIBROWSER=ON.
* debian/libjavascriptcoregtk-4.0-bin.install:
+ Install the jsc executable in /usr/bin.
* debian/patches/fix-ftbfs-armel.patch:
+ Add output message telling whether we need to build Atomics.cpp.
* debian/control:
+ Update Vcs-* links (thanks, Jeremy Bicha) (Closes: #840483).
* debian/compat:
+ Set debhelper compatibility level to 9.
-- Alberto Garcia <email address hidden> Wed, 12 Oct 2016 14:09:27 +0300
-
webkit2gtk (2.14.0-1) unstable; urgency=medium
* New upstream release.
* debian/watch:
+ Stop scanning the 2.13 branch.
* debian/gbp.conf:
+ Update upstream branch name.
-- Alberto Garcia <email address hidden> Tue, 20 Sep 2016 15:31:35 +0300
-
webkit2gtk (2.12.5-1) unstable; urgency=medium
* New upstream release.
* debian/patches/fix-ftbfs-m68k.patch:
+ Drop this patch, the m68k build has been broken for ages.
* debian/patches/fix-ftbfs-sparc64.patch:
+ Refresh.
-- Alberto Garcia <email address hidden> Mon, 05 Sep 2016 13:49:55 +0300
-
webkit2gtk (2.12.4-2) unstable; urgency=high
* debian/rules:
+ Don't use the gold linker in mips/mipsel, see #834147.
* Set urgency=high to get the CVE fixes into testing quickly.
-- Alberto Garcia <email address hidden> Tue, 30 Aug 2016 10:53:50 +0300
-
webkit2gtk (2.12.4-1) unstable; urgency=medium
* New upstream release.
+ Security fixes: CVE-2016-4622, CVE-2016-4624, CVE-2016-4591,
CVE-2016-4590.
* debian/patches/hide-gtk2-plugins.patch:
+ Remove, this is now upstream.
-- Alberto Garcia <email address hidden> Wed, 24 Aug 2016 08:41:58 -0400
-
webkit2gtk (2.12.3-1) unstable; urgency=high
* New upstream release (Closes: #821228).
+ This fixes CVE-2016-1856 and CVE-2016-1857.
* debian/control:
+ Now that the GTK+ transition to 3.20 is done, we can revert the
build dependency on gtk+3 back to >= 3.10.
* debian/rules:
+ Pass '--with gir' to dh instead of overriding dh_shlibdeps.
-- Alberto Garcia <email address hidden> Tue, 24 May 2016 11:17:40 +0200
-
webkit2gtk (2.12.2-1) unstable; urgency=medium
* New upstream release (Closes: #803104).
* debian/control:
+ Update build dependency on gtk+3 to >= 3.20 (see #820309).
+ Update Standards-Version to 3.9.8 (no changes needed).
-- Alberto Garcia <email address hidden> Thu, 28 Apr 2016 11:46:35 +0300
-
webkit2gtk (2.12.1-1) unstable; urgency=medium
* New upstream release.
* debian/patches/fix-ftbfs-freebsd.patch,
debian/patches/fix-ftbfs-powerpc.patch,
debian/patches/fix-ftbfs-hurd.patch:
+ Remove, all these are upstream now.
* debian/patches/fix-ftbfs-alpha.patch,
debian/patches/fix-ftbfs-m68k.patch,
debian/patches/fix-ftbfs-sparc64.patch,
debian/patches/hide-gtk2-plugins.patch
+ Refresh.
-- Alberto Garcia <email address hidden> Thu, 14 Apr 2016 14:07:29 +0300
-
webkit2gtk (2.12.0-2) unstable; urgency=medium
* debian/patches/fix-ftbfs-freebsd.patch:
+ Fix FTBFS in GNU/kFreeBSD.
* debian/patches/fix-ftbfs-powerpc.patch:
+ Fix FTBFS in PowerPC.
* debian/patches/fix-ftbfs-hurd.patch:
+ Fix FTBFS in the Hurd.
-- Alberto Garcia <email address hidden> Sun, 03 Apr 2016 15:54:37 +0300
-
webkit2gtk (2.12.0-1) unstable; urgency=medium
* New upstream release.
* Refresh all patches.
* debian/source/lintian-overrides:
+ Update source-is-missing overrides.
* debian/libwebkit2gtk-4.0-37.symbols:
+ Update.
* debian/copyright:
+ Remove files that no longer exist.
-- Alberto Garcia <email address hidden> Tue, 22 Mar 2016 12:16:08 +0200
-
webkit2gtk (2.10.9-1) unstable; urgency=medium
* New upstream release.
-- Alberto Garcia <email address hidden> Fri, 18 Mar 2016 12:35:25 +0200
-
webkit2gtk (2.10.8-1) unstable; urgency=high
* New upstream release. This fixes CVE-2016-1726 (Closes: #802380).
* Allow building the package with debhelper < 9.20151219. This won't
produce any debug packages (since they are automatically generated
now), but it can be useful for backports.
+ debian/control:
- Revert build dependency on debhelper back to >= 9.
+ debian/rules:
- Don't make dh_strip fail if it doesn't support --ddeb-migration.
* debian/rules:
+ The list of architectures in which the debug packages are causing
problems continues to grow, so let's try the opposite approach: we
build by default using -g1 except in the cases where we know that
-g works fine (amd64, ppc64, ppc64el).
+ Enable all hardening flags.
* debian/patches/fix-ftbfs-m68k.patch:
+ Enclose the changes to the compile assertions inside an #ifdef block
so they only apply to m68k.
* debian/patches/fix-ftbfs-alpha.patch:
+ Fix FTBFS in alpha (Closes: #815124).
* debian/patches/fix-ftbfs-sparc64.patch:
+ Add patch metadata.
* debian/source/lintian-overrides:
+ Update overrides so the latest lintian doesn't give more
source-is-missing false positives.
* debian/control:
+ Bump Standards-Version to 3.9.7; no changes needed.
+ Use secure URIs for the Vcs-* fields.
-- Alberto Garcia <email address hidden> Sat, 12 Mar 2016 00:07:55 +0200
-
webkit2gtk (2.10.6-1) unstable; urgency=medium
* New upstream release.
-- Alberto Garcia <email address hidden> Wed, 27 Jan 2016 16:48:08 +0200
-
webkit2gtk (2.10.5-1) unstable; urgency=high
* New upstream release. Fixes CVE-2015-7096 and CVE-2015-7098.
This release doesn't contain any non-DFSG files in the original
tarball, so we can ship it as-is and remove the +dfsg suffix from the
Debian version.
+ debian/watch:
- Remove the 'dversionmangle' option.
+ debian/rules:
- Remove the get-orig-source target.
- Don't generate (and clean) jquery.min.js.
+ debian/control:
- Remove build dependency on slimit.
+ debian/jquery-1.9.1.js:
- Remove.
* debian/patches/fix-ftbfs-sparc64.patch:
+ Fix FTBFS on sparc64 (Closes: #806816).
* debian/rules:
+ Don't pass -DENABLE_YARR_JIT=0, passing -DENABLE_JIT=OFF already
takes care of that.
+ Remove EXTRA_DH_ARGUMENTS, this is no longer being used.
* debian/watch:
+ Only scan releases from the stable branches.
* Migrate to automatic -dbgsym packages:
+ debian/control:
- Remove the entries for libjavascriptcoregtk-4.0-18-dbg and
libwebkit2gtk-4.0-37-dbg.
- Require debhelper >= 9.20151219.
+ debian/rules:
- Replace --dbg-package with --ddeb-migration in dh_strip.
* debian/copyright:
+ Update copyright years.
+ Remove mentions to jquery (which is no longer included) and
FontWithNoValidEncoding.fon, which is a regular font in the FON file
format.
-- Alberto Garcia <email address hidden> Thu, 21 Jan 2016 14:26:30 +0200
-
webkit2gtk (2.10.4+dfsg1-1) unstable; urgency=medium
* New upstream release.
* debian/patches/install-minibrowser.patch:
+ Refresh.
* webkit2gtk includes a binary called WebKitPluginProcess2 that allows
loading plugins that depend on GTK+2, like Adobe Flash or Google
Hangouts. This however has the side effect of requiring GTK+2 and all
its dependencies. We're moving the WebKitPluginProcess2 to a separate
package so users that don't need any of those plugins don't need to
install GTK+2 (Closes: #804412).
+ debian/control:
- Add the entry for the new libwebkit2gtk-4.0-37-gtk2 package.
+ debian/rules:
- Run dh_strip on the new package as well.
+ debian/patches/hide-gtk2-plugins.patch:
- Hide plugins if the plugin process is not available.
+ debian/libwebkit2gtk-4.0-37-gtk2.install:
- Install WebKitPluginProcess2.
+ debian/libwebkit2gtk-4.0-37.install:
- Remove WebKitPluginProcess2.
+ debian/NEWS:
- Add news item about the new package.
-- Alberto Garcia <email address hidden> Thu, 12 Nov 2015 23:10:53 +0200
-
webkit2gtk (2.10.3+dfsg1-1) unstable; urgency=medium
* New upstream release.
* debian/rules:
+ The size of the webkit2gtk -dbg packages is huge and has been a
source of headaches in many architectures that cannot build them or
deal with them easily. Our current approach has been to disable them
completely for those architectures. For this release we'll build
them again but using -g1 instead, which produces _way_ smaller files
that are still useful for backtraces.
+ Use -g1 for mips64el as well.
+ Build using -DG_DISABLE_CAST_CHECKS when not in debug mode.
* debian/control:
+ Drop the gir1.2-gtk* and gir1.2-soup* build dependencies, they are
already being pulled by libgtk*-dev and libsoup*-dev.
+ Make libegl1-mesa-dev an explicit requirement in all architectures,
it's necessary for the Wayland target.
-- Alberto Garcia <email address hidden> Mon, 26 Oct 2015 14:41:33 +0200
-
webkit2gtk (2.10.2+dfsg1-1) unstable; urgency=medium
* New upstream release.
* debian/rules:
+ Don't build debug packages in arm64, it kills the buildd.
-- Alberto Garcia <email address hidden> Thu, 15 Oct 2015 13:36:30 +0300
-
webkit2gtk (2.10.1+dfsg1-1) unstable; urgency=medium
* New upstream release.
* debian/patches/install-minibrowser.patch:
+ Refresh.
-- Alberto Garcia <email address hidden> Wed, 14 Oct 2015 10:57:35 +0300
-
webkit2gtk (2.10.0+dfsg1-1) unstable; urgency=medium
* New upstream release.
* debian/patches/fix-ftbfs-gcc5.patch:
+ Remove, this has been merged upstream.
* debian/patches/restore_sparc_code.patch:
+ Remove, this is obsolete.
* debian/patches/install-minibrowser.patch,
debian/patches/fix-ftbfs-m68k.patch:
+ Refresh.
* debian/control:
+ Add build dependency on libhyphen-dev.
+ Build depend on libegl1-mesa-dev and libgles2-mesa-dev on arm64,
armel and armhf.
* debian/libwebkit2gtk-4.0-37.symbols:
+ Update.
* debian/copyright:
+ Remove files that no longer exist from the list.
+ Reorder paragraphs to fix 'unused-paragraph...' lintian warnings.
* debian/source/lintian-overrides:
+ lintian gives false positives with many of the javascript files in
the source tarball, thinking that they are minified (see #798900).
-- Alberto Garcia <email address hidden> Tue, 22 Sep 2015 17:21:00 +0300
-
webkit2gtk (2.8.5+dfsg1-3) unstable; urgency=medium
* debian/rules:
+ Do not run dh_builddeb in parallel, it is very I/O intensive for
some buildds.
-- Alberto Garcia <email address hidden> Thu, 10 Sep 2015 15:01:57 +0300
-
webkit2gtk (2.8.5+dfsg1-2) unstable; urgency=medium
* debian/patches/fix-ftbfs-gcc5.patch:
+ Fix FTBFS with GCC 5 in some architectures.
-- Alberto Garcia <email address hidden> Mon, 24 Aug 2015 07:41:11 +0300
-
webkit2gtk (2.8.5+dfsg1-1) unstable; urgency=medium
* New upstream release.
-- Alberto Garcia <email address hidden> Fri, 07 Aug 2015 11:25:09 +0300
-
webkit2gtk (2.8.4+dfsg1-1) unstable; urgency=medium
* New upstream release.
+ Uses _ABI64 instead of _MIPS_SIM_ABI64 for mips64el. Closes: #789262.
* debian/patches/fix-ftbfs-m68k.patch:
+ Refreshed.
-- Emilio Pozuelo Monfort <email address hidden> Thu, 09 Jul 2015 12:02:15 +0200
-
webkit2gtk (2.8.3+dfsg1-1) unstable; urgency=medium
* New upstream release.
* debian/rules:
+ The default linker uses too much memory and it makes the build fail
in i386, so let's get back to the old behavior and disable gold in
arm64 only.
+ The shared library is too big in i386 and this is causing problems
when generating the introspection bindings, so use -g1. See also
upstream bug #140176.
-- Alberto Garcia <email address hidden> Mon, 18 May 2015 12:53:57 +0300
-
webkit2gtk (2.8.2+dfsg1-2) unstable; urgency=medium
* debian/rules:
+ Disable the gold linker, it's causing problems in arm64 at least.
-- Alberto Garcia <email address hidden> Wed, 13 May 2015 14:29:30 +0300
-
webkit2gtk (2.8.2+dfsg1-1) unstable; urgency=medium
[ Alberto Garcia ]
* New upstream release.
[ Helge Deller ]
* debian/rules:
+ Disable debugging symbols in hppa (Closes: #784176).
[ Andreas Schwab ]
* debian/patches/fix-ftbfs-m68k.patch:
+ Fix FTBFS in m68k.
-- Alberto Garcia <email address hidden> Tue, 12 May 2015 15:31:38 +0300
-
webkit2gtk (2.8.1+dfsg1-1) unstable; urgency=medium
* New upstream release.
* Drop all patches, except:
+ debian/patches/restore_sparc_code.patch:
- Refresh and update it to make it work with cmake.
+ debian/patches/install-minibrowser.patch:
- Update for this release.
* debian/libwebkit2gtk-4.0-37.symbols:
+ Update.
* debian/libwebkit2gtk-4.0-doc.install:
+ Update documentation path in the source tree.
* debian/copyright:
+ Update copyright years.
* debian/control:
+ Add build dependencies on libgnutls28-dev and libnotify-dev.
-- Alberto Garcia <email address hidden> Mon, 27 Apr 2015 21:22:35 +0300
-
webkit2gtk (2.6.2+dfsg1-4) unstable; urgency=medium
* debian/patches/fix-ftbfs-hppa.patch:
+ Fix FTBFS in HPPA (Closes: #776281).
* debian/libwebkit2gtk-4.0-doc.links:
+ Add symbolic link to make the documentation appear in devhelp
(Closes: #777589).
* debian/patches/fix-gstreamer-leak.patch:
+ Fix memory leak in GStreamer code.
* debian/patches/remote-inspector.patch:
+ Make the remote inspector work again.
* debian/patches/render-block-cast.patch:
+ Fix invalid cast in WebCore::RenderBlock::blockSelectionGaps.
* debian/patches/fix-jit-crash.patch:
+ Fix crash in SpeculativeJIT::compile() when loading theblaze.com.
* debian/patches/fix-null-renderer.patch:
+ NULL pointer check in HTMLPlugInImageElement.
* debian/patches/fix-integer-overflow.patch:
+ Fix crash due to integer overflow.
* debian/patches/serialized-script-value.patch:
+ Prevent unsafe access to internal types.
* debian/patches/http-latin1.patch:
+ HTTP header values should be treated as latin1, not UTF-8.
* debian/patches/fix-null-string-conversion.patch:
+ Add NULL check to convertToUTF8String().
* debian/patches/fix-timers-animations.patch:
+ Timers might never be fired during animations.
* debian/patches/fix-ax-crash.patch:
+ Recursive crash at WebCore::accessibleNameForNode.
* debian/patches/fix-clearselection-segfault.patch:
+ Fix segfault when calling clearSelection on a detached RenderObject.
* debian/patches/fix-date.patch:
+ String(new Date(Mar 30 2014 01:00:00)) is wrong in CET.
* debian/patches/check-tls-errors.patch:
+ Check TLS errors as soon as they are set in the SoupMessage.
-- Alberto Garcia <email address hidden> Fri, 06 Mar 2015 09:33:11 +0200
-
webkit2gtk (2.6.2+dfsg1-3) unstable; urgency=medium
* debian/patches/no-ssl-record-version.patch:
+ Don't use a SSL3.0 record version in client hello.
* debian/patches/nullptr-accessibilitymenulistoption.patch:
+ Check for NULL pointers in AccessibilityMenuListOption.
* debian/patches/nullptr-applystylecommand.patch:
+ Check for NULL pointer in ApplyStyleCommand.
* debian/patches/nullptr-frameprogresstracker.patch:
+ Check for NULL pointer in FrameProgressTracker.
* debian/patches/render-text-control.patch:
+ Check for NULL pointer in SearchInputType.
* debian/patches/twitter-inserted-text.patch:
+ Fix inserted text when typing in the Twitter message box.
* debian/patches/protect-document.patch:
+ Protect Document in ProcessingInstruction::setXSLStyleSheet(). This
is a security fix, see https://codereview.chromium.org/579133004.
* debian/patches/at-spi2.patch:
+ Accessible values are no longer accessible via AT-SPI2.
* debian/patches/ax-focus-events.patch:
+ Fix accessible focus events in non-focused combo boxes.
-- Alberto Garcia <email address hidden> Sun, 07 Dec 2014 17:53:25 +0100
-
webkit2gtk (2.6.2+dfsg1-2) unstable; urgency=medium
* debian/patches/fix-mips64-build.patch:
+ Fix mips64el build (Closes: #767598).
* debian/patches/flash-crash.patch:
+ Fix crash in the Flash player (Closes: #768341).
-- Alberto Garcia <email address hidden> Mon, 10 Nov 2014 11:44:56 +0200
-
webkit2gtk (2.6.2+dfsg1-1) unstable; urgency=medium
* New upstream release.
-- Alberto Garcia <email address hidden> Thu, 23 Oct 2014 12:17:48 +0300
-
webkit2gtk (2.6.1+dfsg1-2) unstable; urgency=medium
* debian/rules:
+ Disable debugging symbols in armel and kfreebsd-amd64.
* debian/control:
+ Bump Standards-Version to 3.9.6; no changes needed.
-- Alberto Garcia <email address hidden> Wed, 15 Oct 2014 15:03:26 +0300
-
webkit2gtk (2.6.1+dfsg1-1) unstable; urgency=medium
* New upstream release.
* debian/patches/fix-header-template.patch:
+ Remove.
-- Alberto Garcia <email address hidden> Mon, 13 Oct 2014 15:18:12 +0300
-
webkit2gtk (2.6.0+dfsg1-3) unstable; urgency=medium
* debian/patches/atomic_build_fix.patch:
+ Make -latomic work also when --as-needed is present (Closes:
764193).
* debian/rules:
+ Don't build -dbg packages if we don't have debugging symbols.
+ Disable debugging symbols in armhf (Closes: #764192).
-- Alberto Garcia <email address hidden> Mon, 06 Oct 2014 15:18:03 +0300
-
webkit2gtk (2.6.0+dfsg1-2) unstable; urgency=medium
[ Alberto Garcia ]
* debian/patches/atomic_build_fix.patch:
+ Add -latomic also to shared libraries.
[ Emilio Pozuelo Monfort ]
* debian/rules:
+ Disable debugging symbols on powerpc. Should fix the build
as otherwise the linker needs too much memory and fails.
+ Disable JIT on armel. Should fix the build.
* Upload to unstable.
-- Emilio Pozuelo Monfort <email address hidden> Thu, 02 Oct 2014 00:42:20 +0200
