[Buildroot] [git commit branch/2023.11.x] package/webkitgtk: security bump to version 2.42.5
Peter Korsgaard
peter at korsgaard.com
Fri Mar 8 13:00:24 UTC 2024
commit: https://git.buildroot.net/buildroot/commit/?id=ca5b2057015ab0b7b640a8ef8b663be74c622ae3
branch: https://git.buildroot.net/buildroot/commit/?id=refs/heads/2023.11.x
Fixes the following security issues:
https://webkitgtk.org/security/WSA-2024-0001.html
- CVE-2024-23222: Processing maliciously crafted web content may lead to
arbitrary code execution. Apple is aware of a report that this issue may
have been exploited. Description: A type confusion issue was addressed
with improved checks.
- CVE-2024-23206: A maliciously crafted webpage may be able to fingerprint
the user. Description: An access issue was addressed with improved access
restrictions.
- CVE-2024-23213: Processing web content may lead to arbitrary code execution.
Description: The issue was addressed with improved memory handling.
- CVE-2023-40414: Processing web content may lead to arbitrary code
execution. Description: A use-after-free issue was addressed with
improved memory management.
- CVE-2023-42833: Processing web content may lead to arbitrary code execution.
Description: A correctness issue was addressed with improved checks.
- CVE-2014-1745: Processing a file may lead to a denial-of-service or
potentially disclose memory contents. Description: The issue was
addressed with improved checks.
https://webkitgtk.org/security/WSA-2023-0012.html
- CVE-2023-42883: Processing a SVG image may lead to a denial-of-service.
Description: The issue was addressed with improved memory handling.
- CVE-2023-42890: Processing web content may lead to arbitrary code
execution. Description: The issue was addressed with improved memory
handling.
https://webkitgtk.org/security/WSA-2023-0011.html
- CVE-2023-42916: Processing web content may disclose sensitive information.
Apple is aware of a report that this issue may have been actively
exploited. Description: An out-of-bounds read was addressed with improved
input validation.
- CVE-2023-42917: Processing web content may lead to arbitrary code
execution. Apple is aware of a report that this issue may have been
actively exploited. Description: A memory corruption vulnerability was
addressed with improved locking.
Add an upstream post-2.42.5 patch to fix an issue with an invalid backport
causing a build issue.
Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
Acked-by: Adrian Perez de Castro <aperez at igalia.com>
Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
(cherry picked from commit de3684f57df79c19eba34dac98418ceeaccd03db)
Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
---
...LowLevelInterpreter.cpp-339-21-error-t6-w.patch | 39 ++++++++++++++++++++++
package/webkitgtk/webkitgtk.hash | 6 ++--
package/webkitgtk/webkitgtk.mk | 2 +-
3 files changed, 43 insertions(+), 4 deletions(-)
diff --git a/package/webkitgtk/0001-GTK-2.42.5-LowLevelInterpreter.cpp-339-21-error-t6-w.patch b/package/webkitgtk/0001-GTK-2.42.5-LowLevelInterpreter.cpp-339-21-error-t6-w.patch
new file mode 100644
index 0000000000..c9667fedbd
--- /dev/null
+++ b/package/webkitgtk/0001-GTK-2.42.5-LowLevelInterpreter.cpp-339-21-error-t6-w.patch
@@ -0,0 +1,39 @@
+From 3d5373575695b293b8559155431d0079a6153aff Mon Sep 17 00:00:00 2001
+From: Michael Catanzaro <mcatanzaro at redhat.com>
+Date: Mon, 5 Feb 2024 11:00:49 -0600
+Subject: [PATCH] =?UTF-8?q?[GTK]=20[2.42.5]=20LowLevelInterpreter.cpp:339:?=
+ =?UTF-8?q?21:=20error:=20=E2=80=98t6=E2=80=99=20was=20not=20declared=20in?=
+ =?UTF-8?q?=20this=20scope=20https://bugs.webkit.org/show=5Fbug.cgi=3Fid?=
+ =?UTF-8?q?=3D268739?=
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Unreviewed build fix. Seems a backport went badly, and we didn't notice
+because the code is architecture-specific.
+
+* Source/JavaScriptCore/llint/LowLevelInterpreter.cpp:
+(JSC::CLoop::execute):
+
+Upstream: https://github.com/WebKit/WebKit/commit/3d5373575695b293b8559155431d0079a6153aff
+Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
+---
+ Source/JavaScriptCore/llint/LowLevelInterpreter.cpp | 2 --
+ 1 file changed, 2 deletions(-)
+
+diff --git a/Source/JavaScriptCore/llint/LowLevelInterpreter.cpp b/Source/JavaScriptCore/llint/LowLevelInterpreter.cpp
+index 5064ead6cd2e..9a2e2653b121 100644
+--- a/Source/JavaScriptCore/llint/LowLevelInterpreter.cpp
++++ b/Source/JavaScriptCore/llint/LowLevelInterpreter.cpp
+@@ -336,8 +336,6 @@ JSValue CLoop::execute(OpcodeID entryOpcodeID, void* executableAddress, VM* vm,
+ UNUSED_VARIABLE(t2);
+ UNUSED_VARIABLE(t3);
+ UNUSED_VARIABLE(t5);
+- UNUSED_VARIABLE(t6);
+- UNUSED_VARIABLE(t7);
+
+ struct StackPointerScope {
+ StackPointerScope(CLoopStack& stack)
+--
+2.39.2
+
diff --git a/package/webkitgtk/webkitgtk.hash b/package/webkitgtk/webkitgtk.hash
index 59782732c3..ac4799d4cf 100644
--- a/package/webkitgtk/webkitgtk.hash
+++ b/package/webkitgtk/webkitgtk.hash
@@ -1,6 +1,6 @@
-# From https://www.webkitgtk.org/releases/webkitgtk-2.42.2.tar.xz.sums
-sha1 05bec6a824e46f043b865478735bc8395249510e webkitgtk-2.42.2.tar.xz
-sha256 5720aa3e8627f1b9f63252187d4df0f8233ae71d697b1796ebfbe5ca750bd118 webkitgtk-2.42.2.tar.xz
+# From https://www.webkitgtk.org/releases/webkitgtk-2.42.5.tar.xz.sums
+sha1 c3ffb2beaac56f1089029f2254482f48d9e3db37 webkitgtk-2.42.5.tar.xz
+sha256 b64278c1f20b8cfdbfb5ff573c37d871aba74a1db26d9b39f74e8953fe61e749 webkitgtk-2.42.5.tar.xz
# Hashes for license files:
sha256 0b5d3a7cc325942567373b0ecd757d07c132e0ebd7c97bfc63f7e1a76094edb4 Source/WebCore/LICENSE-APPLE
diff --git a/package/webkitgtk/webkitgtk.mk b/package/webkitgtk/webkitgtk.mk
index 611d7f65d3..075a36654f 100644
--- a/package/webkitgtk/webkitgtk.mk
+++ b/package/webkitgtk/webkitgtk.mk
@@ -4,7 +4,7 @@
#
################################################################################
-WEBKITGTK_VERSION = 2.42.2
+WEBKITGTK_VERSION = 2.42.5
WEBKITGTK_SITE = https://www.webkitgtk.org/releases
WEBKITGTK_SOURCE = webkitgtk-$(WEBKITGTK_VERSION).tar.xz
WEBKITGTK_INSTALL_STAGING = YES
More information about the buildroot
mailing list