[Buildroot] [git commit branch/2022.02.x] package/webkitgtk: security bump to version 2.38.5
Peter Korsgaard
peter at korsgaard.com
Sun Mar 5 10:21:34 UTC 2023
commit: https://git.buildroot.net/buildroot/commit/?id=73a1b21d9ec66dbf95fcbc676209c49903579127
branch: https://git.buildroot.net/buildroot/commit/?id=refs/heads/2022.02.x
Bugfix release, with many security fixes, including (but not limited to)
a patch for CVE-2023-23529.
Release notes:
https://webkitgtk.org/2023/02/15/webkitgtk2.38.5-released.html
Accompanying security advisory:
https://webkitgtk.org/security/WSA-2023-0002.html
Also raise the minimal GCC version to 8.3, which was already required since webkitgtk-2.36.4.
Similar to commit ec1ff802df9a0f17dd2b734ba536a5e206aa5aa4,
we do check on >= GCC 8, because we can't check on >= GCC 8.3.
https://github.com/WebKit/WebKit/commit/f812c5db1ff22bcbe1070ca4ed613085cd36499b
Signed-off-by: Thomas Devoogdt <thomas.devoogdt at gmail.com>
Acked-by: Adrian Perez de Castro <aperez at igalia.com>
Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
(cherry picked from commit 4c7fcbbe75de5c535e8d5dd7182900b6d09e2b03)
Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
---
package/webkitgtk/Config.in | 4 ++--
package/webkitgtk/webkitgtk.hash | 8 ++++----
package/webkitgtk/webkitgtk.mk | 2 +-
3 files changed, 7 insertions(+), 7 deletions(-)
diff --git a/package/webkitgtk/Config.in b/package/webkitgtk/Config.in
index b3a1ada767..bd5cd87379 100644
--- a/package/webkitgtk/Config.in
+++ b/package/webkitgtk/Config.in
@@ -12,7 +12,7 @@ config BR2_PACKAGE_WEBKITGTK_ARCH_SUPPORTS
depends on BR2_TOOLCHAIN_HAS_SYNC_4
depends on BR2_PACKAGE_LIBGPG_ERROR_ARCH_SUPPORTS # libgcrypt
-comment "webkitgtk needs libgtk3 and a toolchain w/ C++, wchar, threads, dynamic library, gcc >= 7, host gcc >= 4.9"
+comment "webkitgtk needs libgtk3 and a toolchain w/ C++, wchar, threads, dynamic library, gcc >= 8, host gcc >= 4.9"
depends on BR2_PACKAGE_WEBKITGTK_ARCH_SUPPORTS
depends on !BR2_BINFMT_FLAT
depends on !BR2_PACKAGE_LIBGTK3 || !BR2_INSTALL_LIBSTDCPP || \
@@ -28,7 +28,7 @@ config BR2_PACKAGE_WEBKITGTK
depends on BR2_HOST_GCC_AT_LEAST_4_9 # icu, host-ruby
depends on BR2_INSTALL_LIBSTDCPP
depends on BR2_TOOLCHAIN_HAS_THREADS # wayland, icu, libsoup
- depends on BR2_TOOLCHAIN_GCC_AT_LEAST_7
+ depends on BR2_TOOLCHAIN_GCC_AT_LEAST_8
depends on BR2_USE_WCHAR # icu, libsoup
depends on BR2_PACKAGE_LIBGTK3
depends on BR2_PACKAGE_WEBKITGTK_ARCH_SUPPORTS
diff --git a/package/webkitgtk/webkitgtk.hash b/package/webkitgtk/webkitgtk.hash
index 34fd19d3de..c771297b5a 100644
--- a/package/webkitgtk/webkitgtk.hash
+++ b/package/webkitgtk/webkitgtk.hash
@@ -1,7 +1,7 @@
-# From https://webkitgtk.org/releases/webkitgtk-2.38.4.tar.xz.sums
-md5 1c9ca83a0ad7e4ca9e933094572cb7d9 webkitgtk-2.38.4.tar.xz
-sha1 38b47df2be9bfb97d68fce8c7fa2819966a79036 webkitgtk-2.38.4.tar.xz
-sha256 4f47ea29a2d4d5f15eef3dc9e2d6c6f067e8de863a3f64455e1ccf9693cc1d36 webkitgtk-2.38.4.tar.xz
+# From https://webkitgtk.org/releases/webkitgtk-2.38.5.tar.xz.sums
+md5 de05d314a3ecb5fb3835e4d84f8f466d webkitgtk-2.38.5.tar.xz
+sha1 1774390c628bb3a524d4ed76f11de4a878078db6 webkitgtk-2.38.5.tar.xz
+sha256 40c20c43022274df5893f22b1054fa894c3eea057389bb08aee08c5b0bb0c1a7 webkitgtk-2.38.5.tar.xz
# Hashes for license files:
sha256 0b5d3a7cc325942567373b0ecd757d07c132e0ebd7c97bfc63f7e1a76094edb4 Source/WebCore/LICENSE-APPLE
diff --git a/package/webkitgtk/webkitgtk.mk b/package/webkitgtk/webkitgtk.mk
index 1cefc3a472..0327ef2485 100644
--- a/package/webkitgtk/webkitgtk.mk
+++ b/package/webkitgtk/webkitgtk.mk
@@ -4,7 +4,7 @@
#
################################################################################
-WEBKITGTK_VERSION = 2.38.4
+WEBKITGTK_VERSION = 2.38.5
WEBKITGTK_SITE = https://www.webkitgtk.org/releases
WEBKITGTK_SOURCE = webkitgtk-$(WEBKITGTK_VERSION).tar.xz
WEBKITGTK_INSTALL_STAGING = YES
More information about the buildroot
mailing list