Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 705264 - =net-libs/webkit-gtk-2.24.4 uses lexicographical version compare
Summary: =net-libs/webkit-gtk-2.24.4 uses lexicographical version compare
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Linux Gnome Desktop Team
URL:
Whiteboard:
Keywords:
Depends on: CVE-2019-8625, CVE-2019-8674, CVE-2019-8707, CVE-2019-8710, CVE-2019-8719, CVE-2019-8720, CVE-2019-8726, CVE-2019-8733, CVE-2019-8735, CVE-2019-8743, CVE-2019-8763, CVE-2019-8764, CVE-2019-8765, CVE-2019-8766, CVE-2019-8768, CVE-2019-8769, CVE-2019-8771, CVE-2019-8782, CVE-2019-8783, CVE-2019-8808, CVE-2019-8811, CVE-2019-8812, CVE-2019-8813, CVE-2019-8814, CVE-2019-8815, CVE-2019-8816, CVE-2019-8819, CVE-2019-8820, CVE-2019-8821, CVE-2019-8822, CVE-2019-8823, WSA-2019-0005, WSA-2019-0006
Blocks: 705240
  Show dependency tree
 
Reported: 2020-01-12 11:31 UTC by Sergei Trofimovich (RETIRED)
Modified: 2020-07-19 11:34 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Sergei Trofimovich (RETIRED) gentoo-dev 2020-01-12 11:31:18 UTC
net-libs/webkit-gtk uses lexicographical string version compare:

net-libs/webkit-gtk/webkit-gtk-2.24.4.ebuild:		if tc-is-gcc && [[ $(gcc-version) < 4.9 ]] ; then

The intention is likely to use 'ver_cmp'. See bug #705240 for hints to fix it.
Comment 1 Mart Raudsepp gentoo-dev 2020-01-12 11:56:07 UTC
it's removed in 2.26, pending slow arches to get rid of security vulnerable 2.24...
Comment 2 Sergei Trofimovich (RETIRED) gentoo-dev 2020-05-22 19:04:23 UTC
As gcc-10 is in the tree this now has a small chance to fire:

$ [[ 9 < 4.9 ]] && echo yes || echo no
no
$ [[ 10 < 4.9 ]] && echo yes || echo no
yes
Comment 3 Mart Raudsepp gentoo-dev 2020-05-22 19:09:51 UTC
Tell that to the arches that still haven't keyworded 2.26 nor 2.28 :)
Comment 4 Mart Raudsepp gentoo-dev 2020-07-19 11:34:28 UTC
The older versions with this problem are gone now