GNU bug report logs - #51564
Old libsoup package failing system reconfigure

Previous Next

Package: guix;

Reported by: Disseminate Dissent <disseminatedissent <at> protonmail.com>

Date: Tue, 2 Nov 2021 06:04:02 UTC

Severity: normal

Merged with 51555, 51559

Done: Mark H Weaver <mhw <at> netris.org>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Mark H Weaver <mhw <at> netris.org>
To: Leo Famulari <leo <at> famulari.name>
Cc: 51564 <at> debbugs.gnu.org, 51555 <at> debbugs.gnu.org, Liliana Marie Prikler <liliana.prikler <at> gmail.com>, 51559 <at> debbugs.gnu.org, 51591 <at> debbugs.gnu.org
Subject: bug#51564: [PATCH] gnu: webkitgtk: Fix configure failures.
Date: Thu, 04 Nov 2021 18:23:42 -0400

Hi Leo,

Leo Famulari <leo <at> famulari.name> writes:

> On Thu, Nov 04, 2021 at 08:57:18AM -0400, Mark H Weaver wrote:
>> Although the WebKitGTK package itself built successfully using GCC 11,
>> the switch to GCC 11 caused many failures in programs that use
>> WebKitGTK.  For example:
>
> Should we just revert the WebKitGTK upgrade for now?

I'm reluctant to do that, because it would mean reintroducing
CVE-2021-30846, CVE-2021-30851 and CVE-2021-42762.  According to
<https://www.webkitgtk.org/security/WSA-2021-0006.html>, two of those
CVEs could allow an attacker to execute arbitrary code via maliciously
crafted web content.

For now, I've reverted back to using clang-11 to compile WebKitGTK,
which works correctly on x86_64-linux, but another fix will be needed to
i686-linux users.  I have some ideas on how to fix it.  I'll write about
that soon at 51591 <at> debbugs.gnu.org.

      Regards,
        Mark

-- 
Disinformation flourishes because many people care deeply about injustice
but very few check the facts.  Ask me about <https://stallmansupport.org>.
This bug report was last modified 3 years and 196 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.