-
webkit2gtk (2.28.3-0ubuntu0.19.10.1) eoan-security; urgency=medium
* Updated to 2.28.3 to fix security issues.
- CVE-2020-9802, CVE-2020-9803, CVE-2020-9805, CVE-2020-9806,
CVE-2020-9807, CVE-2020-9843, CVE-2020-9850, CVE-2020-13753
-- Marc Deslauriers <email address hidden> Mon, 13 Jul 2020 08:25:24 -0400
-
webkit2gtk (2.28.2-0ubuntu0.19.10.1) eoan-security; urgency=medium
* Updated to 2.28.2 to fix security issue.
- CVE-2020-3899
-- Marc Deslauriers <email address hidden> Tue, 28 Apr 2020 11:25:00 -0400
-
webkit2gtk (2.28.1-0ubuntu0.19.10.1) eoan-security; urgency=medium
* Updated to 2.28.1 to fix security issue.
- CVE-2020-11793
* debian/patches/upstream_archs_fix.patch: removed, no longer needed.
-- Marc Deslauriers <email address hidden> Thu, 16 Apr 2020 08:57:08 -0400
-
webkit2gtk (2.28.0-0ubuntu0.19.10.2) eoan-security; urgency=medium
* Updated to 2.28.0 to fix security issue.
- debian/patches/*, debian/*.symbols: updated for 2.28.0.
- CVE-2020-10018
* debian/patches/upstream_archs_fix.patch:
- workaround a regression on ppc64el, the fix is a temporary hackish
solution until upstreams comes with a proper one.
-- Marc Deslauriers <email address hidden> Wed, 25 Mar 2020 12:48:08 -0400
-
webkit2gtk (2.26.4-0ubuntu0.19.10.1) eoan-security; urgency=medium
* Updated to 2.26.4 to fix security issues.
- CVE-2020-3862, CVE-2020-3864, CVE-2020-3865, CVE-2020-3867,
CVE-2020-3868
-- Marc Deslauriers <email address hidden> Fri, 14 Feb 2020 14:23:31 -0500
-
webkit2gtk (2.26.3-0ubuntu0.19.10.1) eoan-security; urgency=medium
* Updated to 2.26.3 to fix security issues.
- CVE-2019-8835, CVE-2019-8844, CVE-2019-8846
-- Marc Deslauriers <email address hidden> Tue, 28 Jan 2020 12:55:35 -0500
-
webkit2gtk (2.26.2-0ubuntu0.19.10.1) eoan-security; urgency=medium
* Updated to 2.26.2 to fix security issues.
- CVE-2019-8812, CVE-2019-8814
-- Marc Deslauriers <email address hidden> Fri, 08 Nov 2019 09:51:54 -0500
-
webkit2gtk (2.26.1-3) unstable; urgency=medium
* debian/rules:
+ Use -DWTF_CPU_ARM64_CORTEXA53=OFF to fix the arm64 build.
* debian/patches/force-single-process.patch:
+ Don't use this workaround for Evolution anymore, the fixed version
is now in unstable.
* debian/control:
+ Add Breaks for Evolution < 3.34.1.
+ Update Standards-Version to 4.4.1 (no changes).
-- Alberto Garcia <email address hidden> Wed, 09 Oct 2019 12:22:19 +0300
-
webkit2gtk (2.26.1-2) unstable; urgency=medium
* debian/patches/force-single-process.patch:
+ Force the single-process mode in Evolution and Geary.
* debian/gbp.conf:
+ Update upstream branch name.
-- Alberto Garcia <email address hidden> Mon, 07 Oct 2019 16:59:20 +0300
-
webkit2gtk (2.26.1-1) experimental; urgency=medium
[ Jeremy Bicha ]
* Suggest instead of Recommend gstreamer1.0-libav on Ubuntu
[ Alberto Garcia ]
* New upstream release.
-- Alberto Garcia <email address hidden> Mon, 23 Sep 2019 15:55:10 +0300
-
webkit2gtk (2.26.0-1ubuntu1) eoan; urgency=medium
* Resynchronize on Debian, remaining change
* debian/control:
- lower gstreamer1.0-libav Recommends to Sugggests, it's in universe
-- Sebastien Bacher <email address hidden> Wed, 11 Sep 2019 10:03:10 +0200
-
webkit2gtk (2.25.92-1ubuntu1) eoan; urgency=medium
* Resynchronize on Debian, remaining change
* debian/control:
- lower gstreamer1.0-libav Recommends to Sugggests, it's in universe
webkit2gtk (2.25.92-1) experimental; urgency=medium
* New upstream development release.
* Refresh all patches.
* debian/source/lintian-overrides:
+ Update source-is-missing override.
* debian/libwebkit2gtk-4.0-37.symbols:
+ Update symbols.
-- Sebastien Bacher <email address hidden> Mon, 09 Sep 2019 16:58:43 +0200
-
webkit2gtk (2.25.4-1ubuntu1) eoan; urgency=medium
* Resynchronize on Debian, remaining change
* debian/control:
- lower gstreamer1.0-libav Recommends to Sugggests, it's in universe
webkit2gtk (2.25.4-1) experimental; urgency=medium
* New upstream development release.
* Refresh all patches.
* debian/source/lintian-overrides:
+ Update source-is-missing override.
* Use the CLoop Javascript interpreter in i386 and stop telling gcc to
use SSE2 instructions (Closes: #930935).
+ debian/rules:
- Build with -DENABLE_JIT=OFF -DENABLE_C_LOOP=ON and stop using
-msse2 -mfpmath=sse.
+ debian/patches/dont-detect-sse2.patch:
- Don't check for SSE2 support.
+ debian/NEWS:
- Remove item about the requirement to have an SSE2-capable CPU.
* WebKitGTK 2.25.3 no longer ships the GTK 2 plugin process:
+ debian/control:
- Drop build dependency on libgtk2.0-dev.
- Remove the libwebkit2gtk-4.0-37-gtk2 package.
+ debian/NEWS:
- Add item explaining the removal of the GTK 2 plugin process.
+ debian/libwebkit2gtk-4.0-37-gtk2.install:
- Drop this file.
* debian/control:
+ Recommend gstreamer1.0-libav. This package allows the user to play
most internet videos (Closes: #870814).
+ Update Standards-Version to 4.4.0 (no changes).
* debian/libwebkit2gtk-4.0-37.symbols:
+ Update symbols.
webkit2gtk (2.25.2-1) experimental; urgency=medium
* New upstream development release.
* debian/patches/webdriver-path.patch,
debian/patches/fix-ftbfs-hurd.patch:
+ Remove.
* debian/patches/detect-woff.patch
+ Refresh.
* debian/rules:
+ Build with -DUSE_WPE_RENDERER=OFF.
webkit2gtk (2.25.1-1) experimental; urgency=medium
* New upstream development release.
* Refresh all patches.
* debian/rules:
+ Don't add -msse2 manually to CFLAGS, WebKitGTK does this automatically
now.
* debian/control:
+ Add build and runtime dependencies on bubblewrap, xdg-dbus-proxy and
libseccomp-dev (ENABLE_BUBBLEWRAP_SANDBOX is now on by default).
* debian/patches/webdriver-path.patch:
+ Fix name of the WebKitWebDriver executable.
* debian/watch, debian/gbp.conf:
+ Update for 2.25.x packages in experimental.
* debian/libwebkit2gtk-4.0-37.symbols:
+ Update symbols.
-- Sebastien Bacher <email address hidden> Tue, 20 Aug 2019 20:16:58 +0200
-
webkit2gtk (2.24.3-1ubuntu1) eoan; urgency=medium
* Drop Recommends on gstreamer1.0-libav which is not in Ubuntu main.
-- Steve Langasek <email address hidden> Fri, 05 Jul 2019 11:32:19 -0700
-
webkit2gtk (2.24.3-1) unstable; urgency=medium
* New upstream release (Closes: #929749).
* debian/control:
+ Recommend gstreamer1.0-libav. This package allows the user to play
most internet videos (Closes: #870814).
-- Alberto Garcia <email address hidden> Tue, 02 Jul 2019 13:03:13 +0300
-
webkit2gtk (2.24.2-2) unstable; urgency=high
* The WebKitGTK security advisory WSA-2019-0003 lists the following
security fixes in the latest versions of WebKitGTK+:
+ CVE-2019-8571, CVE-2019-8583, CVE-2019-8586, CVE-2019-8594,
CVE-2019-8609, CVE-2019-8611, CVE-2019-8622 and CVE-2019-8623
(fixed in 2.24.0).
+ CVE-2019-6237, CVE-2019-8584, CVE-2019-8587, CVE-2019-8596,
CVE-2019-8597, CVE-2019-8601, CVE-2019-8608, CVE-2019-8610 and
CVE-2019-8619 (fixed in 2.24.1).
+ CVE-2019-8595, CVE-2019-8607 and CVE-2019-8615 (fixed in 2.24.2).
* Use the CLoop Javascript interpreter in i386 and stop telling gcc to
use SSE2 instructions (Closes: #930935).
+ debian/rules:
- Build with -DENABLE_JIT=OFF -DENABLE_C_LOOP=ON and stop using
-msse2 -mfpmath=sse.
+ debian/patches/dont-detect-sse2.patch:
- Don't check for SSE2 support.
+ debian/NEWS:
- Remove item about the requirement to have an SSE2-capable CPU.
-- Alberto Garcia <email address hidden> Mon, 24 Jun 2019 16:34:09 +0300
-
webkit2gtk (2.24.2-1) unstable; urgency=medium
* New upstream release.
+ This fixes CVE-2019-8595, CVE-2019-8607 and CVE-2019-8615.
* debian/patches/fix-redirected-streams.patch,
debian/patches/fix-cjk-white-space.patch:
+ Drop these patches.
* debian/libwebkit2gtk-4.0-37.symbols:
+ Update symbols.
-- Alberto Garcia <email address hidden> Fri, 17 May 2019 17:40:52 +0300
-
webkit2gtk (2.24.1-2) unstable; urgency=high
* The WebKitGTK+ security advisory WSA-2019-0002 lists the following
security fixes in the latest versions of WebKitGTK+:
+ CVE-2019-6201, CVE-2019-7285, CVE-2019-7292, CVE-2019-8503,
CVE-2019-8515 (fixed in 2.22.6).
+ CVE-2019-8518, CVE-2019-8523 (fixed in 2.22.7).
+ CVE-2019-8524, CVE-2019-8535, CVE-2019-8536, CVE-2019-8544,
CVE-2019-8551, CVE-2019-8558, CVE-2019-8559, CVE-2019-8563,
CVE-2019-8506 (fixed in 2.24.0).
+ CVE-2019-11070, CVE-2019-6251 (fixed in 2.24.1).
* debian/patches/fix-redirected-streams.patch:
+ Fix playback of redirected streams (Closes: #928044).
* debian/patches/fix-cjk-white-space.patch:
+ Fix white space rendering with noto CJK font (Closes: #926872).
* debian/NEWS:
+ Add news item about the lack of support for pre-SSE2 i386 CPUs.
-- Alberto Garcia <email address hidden> Fri, 10 May 2019 12:39:42 +0300
-
webkit2gtk (2.24.1-1) unstable; urgency=high
* New upstream release.
+ This fixes CVE-2019-6251.
* GTK has dropped the '+' from its name, and so has WebKitGTK, so update
all references.
* debian/gbp.conf:
+ Update upstream branch name.
* debian/rules:
+ No need to chmod generate-gtkdoc anymore.
+ 32-bit x86 builds require SSE2 now.
* debian/watch:
+ Scan stable releases only.
* debian/patches/detect-woff.patch:
+ Refresh.
-- Alberto Garcia <email address hidden> Tue, 09 Apr 2019 17:31:03 +0300
