Summary: | <net-libs/webkit-gtk-2.20.3: Multiple vulnerabilities (WSA-2018-0005) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Vlad K. <vk-gentoo-bugs> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | gnome |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | All | ||
URL: | https://webkitgtk.org/security/WSA-2018-0005.html | ||
See Also: | https://bugs.gentoo.org/show_bug.cgi?id=652820 | ||
Whiteboard: | B2 [glsa+ cve] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 652820, 655550, 661356 | ||
Bug Blocks: |
Description
Vlad K.
2018-06-15 12:58:03 UTC
Bump is done finally, but I'd prefer to let it simmer for a couple days in ~arch, as the upstream build system does something similar to chromium[jumbo-build] unconditionally now with some cmake dark magic and some ebuild things were reworked. So lets see what shakes out within 2-7 days. I suggest merging this into bug 652820, add CVE to alias there, also include WSA-2018-0003 things, etc... Added to an existing GLSA request. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d9aaff9f75c2d90539b4891c3de7619f8f3891a0 commit d9aaff9f75c2d90539b4891c3de7619f8f3891a0 Author: Mart Raudsepp <leio@gentoo.org> AuthorDate: 2018-08-16 21:15:32 +0000 Commit: Mart Raudsepp <leio@gentoo.org> CommitDate: 2018-08-16 21:32:30 +0000 net-libs/webkit-gtk: security cleanup Bug: https://bugs.gentoo.org/658168 Package-Manager: Portage-2.3.46, Repoman-2.3.10 net-libs/webkit-gtk/Manifest | 1 - .../webkit-gtk/files/2.20.3-jsc-build-fixes.patch | 14 - .../files/webkit-gtk-2.8.5-fix-ia64-build.patch | 21 -- net-libs/webkit-gtk/webkit-gtk-2.18.6.ebuild | 284 --------------------- 4 files changed, 320 deletions(-) This issue was resolved and addressed in GLSA 201808-04 at https://security.gentoo.org/glsa/201808-04 by GLSA coordinator Thomas Deutschmann (whissi). |