Bug 230844

Summary: www/webkit2-gtk3: Update to 2.20.5, fixes multiple vulnerabilities
Product: Ports & Packages Reporter: Dmitri Goutnik <dmgk>
Component: Individual Port(s)Assignee: freebsd-gnome (Nobody) <gnome>
Status: Closed FIXED    
Severity: Affects Some People Flags: bugzilla: maintainer-feedback? (gnome)
dmgk: merge-quarterly?
Priority: ---    
Version: Latest   
Hardware: Any   
OS: Any   
URL: https://webkitgtk.org/2018/08/13/webkitgtk2.20.5-released.html
Attachments:
Description Flags
webkit2-gtk3-2.20.5.patch
dmgk: maintainer-approval?
vuln.patch dmgk: maintainer-approval?

Description Dmitri Goutnik freebsd_committer freebsd_triage 2018-08-23 15:10:59 UTC 
Created attachment 196477 [details]
webkit2-gtk3-2.20.5.patch

- Update 2.20.3 -> 2.20.5

Changelog:

  2.20.4 [1]:
    - Fix a crash when leaving accelerated compositing mode.
    - Fix non-deterministic build failure due to missing JavaScriptCore/JSContextRef.h.
    - Security fixes: CVE-2018-4261, CVE-2018-4262, CVE-2018-4263, CVE-2018-4264, CVE-2018-4265, CVE-2018-4266, CVE-2018-4267, CVE-2018-4270, CVE-2018-4272, CVE-2018-4273, CVE-2018-4278, CVE-2018-4284.

  2.20.5 [2]:
    - Fix rendering artifacts in some web sites due to a bug introduced in 2.20.4.

[1] https://webkitgtk.org/2018/08/06/webkitgtk2.20.4-released.html
[2] https://webkitgtk.org/2018/08/13/webkitgtk2.20.5-released.html

QA:
  poudriere testport: OK (112a, 104i)
Comment 1 Dmitri Goutnik freebsd_committer freebsd_triage 2018-08-23 15:13:15 UTC 
Created attachment 196478 [details]
vuln.patch

Add VuXML entry.
Comment 2 commit-hook freebsd_committer freebsd_triage 2018-08-31 12:20:25 UTC 
A commit references this bug:

Author: jhale
Date: Fri Aug 31 12:19:59 UTC 2018
New revision: 478549
URL: https://svnweb.freebsd.org/changeset/ports/478549

Log:
  Fix build with Qt 5.11

  Adjust the local patch for CMakeLists.txt for the changes made upstream
  and fix it to find and link to QtDBus like it was intending.
  Add dependency on QtDBus since it links to it now.

  Bump PORTREVISION since QtDBus is detected now.

  PR:		230844
  Obtained from:	upstream

Changes:
  head/net-mgmt/seafile-gui/Makefile
  head/net-mgmt/seafile-gui/distinfo
  head/net-mgmt/seafile-gui/files/patch-CMakeLists.txt
Comment 3 Dmitri Goutnik freebsd_committer freebsd_triage 2018-10-01 15:42:03 UTC 
Done as part of bug #229761