Bug 230844 - www/webkit2-gtk3: Update to 2.20.5, fixes multiple vulnerabilities
Summary: www/webkit2-gtk3: Update to 2.20.5, fixes multiple vulnerabilities
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Some People
Assignee: freebsd-gnome (Nobody)
URL: https://webkitgtk.org/2018/08/13/webk...
Keywords:
Depends on:
Blocks:
 
Reported: 2018-08-23 15:10 UTC by Dmitri Goutnik
Modified: 2018-10-01 15:42 UTC (History)
0 users

See Also:
bugzilla: maintainer-feedback? (gnome)
dmgk: merge-quarterly?

Attachments
webkit2-gtk3-2.20.5.patch (2.95 KB, patch)
2018-08-23 15:10 UTC, Dmitri Goutnik 		dmgk: maintainer-approval?
Details | Diff
vuln.patch (1.60 KB, patch)
2018-08-23 15:13 UTC, Dmitri Goutnik 		dmgk: maintainer-approval?
Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Dmitri Goutnik freebsd_committer freebsd_triage 2018-08-23 15:10:59 UTC 
Created attachment 196477 [details]
webkit2-gtk3-2.20.5.patch

- Update 2.20.3 -> 2.20.5

Changelog:

  2.20.4 [1]:
    - Fix a crash when leaving accelerated compositing mode.
    - Fix non-deterministic build failure due to missing JavaScriptCore/JSContextRef.h.
    - Security fixes: CVE-2018-4261, CVE-2018-4262, CVE-2018-4263, CVE-2018-4264, CVE-2018-4265, CVE-2018-4266, CVE-2018-4267, CVE-2018-4270, CVE-2018-4272, CVE-2018-4273, CVE-2018-4278, CVE-2018-4284.

  2.20.5 [2]:
    - Fix rendering artifacts in some web sites due to a bug introduced in 2.20.4.

[1] https://webkitgtk.org/2018/08/06/webkitgtk2.20.4-released.html
[2] https://webkitgtk.org/2018/08/13/webkitgtk2.20.5-released.html

QA:
  poudriere testport: OK (112a, 104i)
Comment 1 Dmitri Goutnik freebsd_committer freebsd_triage 2018-08-23 15:13:15 UTC 
Created attachment 196478 [details]
vuln.patch

Add VuXML entry.
Comment 2 commit-hook freebsd_committer freebsd_triage 2018-08-31 12:20:25 UTC 
A commit references this bug:

Author: jhale
Date: Fri Aug 31 12:19:59 UTC 2018
New revision: 478549
URL: https://svnweb.freebsd.org/changeset/ports/478549

Log:
  Fix build with Qt 5.11

  Adjust the local patch for CMakeLists.txt for the changes made upstream
  and fix it to find and link to QtDBus like it was intending.
  Add dependency on QtDBus since it links to it now.

  Bump PORTREVISION since QtDBus is detected now.

  PR:		230844
  Obtained from:	upstream

Changes:
  head/net-mgmt/seafile-gui/Makefile
  head/net-mgmt/seafile-gui/distinfo
  head/net-mgmt/seafile-gui/files/patch-CMakeLists.txt
Comment 3 Dmitri Goutnik freebsd_committer freebsd_triage 2018-10-01 15:42:03 UTC 
Done as part of bug #229761