From unknown Sun Aug 10 16:49:20 2025 X-Loop: help-debbugs@gnu.org Subject: [bug#69539] [PATCH]: Update webkitgtk to 2.42.5 Resent-From: =?UTF-8?Q?Andr=C3=A9?= A. Gomes Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Mon, 04 Mar 2024 10:41:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 69539 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 69539@debbugs.gnu.org X-Debbugs-Original-To: guix-patches@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.170954880425831 (code B ref -1); Mon, 04 Mar 2024 10:41:01 +0000 Received: (at submit) by debbugs.gnu.org; 4 Mar 2024 10:40:04 +0000 Received: from localhost ([127.0.0.1]:42046 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1rh5jn-0006iZ-Ei for submit@debbugs.gnu.org; Mon, 04 Mar 2024 05:40:03 -0500 Received: from lists.gnu.org ([209.51.188.17]:50774) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1rh5jl-0006ha-8B for submit@debbugs.gnu.org; Mon, 04 Mar 2024 05:40:01 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rh5jG-00054u-LY for guix-patches@gnu.org; Mon, 04 Mar 2024 05:39:31 -0500 Received: from mail-lf1-x136.google.com ([2a00:1450:4864:20::136]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1rh5jA-0003K1-E8 for guix-patches@gnu.org; Mon, 04 Mar 2024 05:39:26 -0500 Received: by mail-lf1-x136.google.com with SMTP id 2adb3069b0e04-51323dfce59so3572084e87.3 for ; Mon, 04 Mar 2024 02:39:24 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1709548763; x=1710153563; darn=gnu.org; h=mime-version:user-agent:message-id:date:subject:to:from:from:to:cc :subject:date:message-id:reply-to; bh=CfOEaOWH071TrCwjWAUfjDdKhhvq3blyxz6C4ELSFyU=; b=FtGf4SgK3Z8GEjTT/c0qfOu1CuGd+03Z8Bntc7xdlwdRz9LPrup5NAcuxbU/YkX6VY kKze9glXG7Kn7F1lsq7u+Zmd3HbfoVQswPYRf2H+nZ3KE6W6D6AScZDSsiYg6UXxLvzH oultPSpf3Lrn+DXwpfCIL6eVxwwAwNhmhZ9pvTRWr15ZPA2UPrDO92fi0jzQUEmFxajo XZLiTQMan0bI6zGyMAlfmFNZh1SDyajc9OE4ro6ScHSHGKcGyat8DG0kRbJSvMA8qHFk xd8R6n1xZCauLnYSfAtnN6QpxavhkXDO3mZp5wabkKXQN99VKy8paZbB4wvFotwn+/cO 7PrA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1709548763; x=1710153563; h=mime-version:user-agent:message-id:date:subject:to:from :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=CfOEaOWH071TrCwjWAUfjDdKhhvq3blyxz6C4ELSFyU=; b=lA5henYdoDOgS58cGtMggpsFetDlg4dOKN/pyVMBH+YM0oIamw/M3k7XjVIJNQ6zG3 EgrvhjSyicvEJ5V8bTxWO31HX7WSN9+KXvy+B0c33uDd+H/rPZaBjRLGDd+bHme9lGIx /Gj+uFdfSzm/h6sxnlN2kiNK2/0UNocYUHWBrt8A2Mi64OaVA7xcKRTLgsyQbeP10rYR yZTynfk3+WzPgKcg4iH6W1iJPVJZ3oyGbgFdtkDyJFblIkxxtuK6roWdbXVZ+zqOwSwD Mi+zuZsR3+PXvTu7pRekBLCF1FtnuWGJCPol9AnC0+2RvbTsKU2UcuRcAvTrsLdylwRy zBSw== X-Gm-Message-State: AOJu0YxdW9AvBdY0df7Iap93LTMWtjXbKlzv7R8K/WmqKMbcodOFuylO AgQzGdUol2JvSV4uqdFl2fsMAnrulGekReRGCjGevzEkB78tMhBzo+RRIJ2K60M= X-Google-Smtp-Source: AGHT+IEtEyUVc9fCI6nH1fHbryGoNckAZNDb+pwu/lzzIPniG8Mq3fX9UOiqqpjzlUQic8JUnaQV7Q== X-Received: by 2002:a05:6512:20c3:b0:513:1577:3d66 with SMTP id u3-20020a05651220c300b0051315773d66mr4517908lfr.64.1709548762683; Mon, 04 Mar 2024 02:39:22 -0800 (PST) Received: from mini (82.131.75.21.cable.starman.ee. [82.131.75.21]) by smtp.gmail.com with ESMTPSA id y14-20020ac2446e000000b005134c57f794sm83482lfl.112.2024.03.04.02.39.22 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 04 Mar 2024 02:39:22 -0800 (PST) From: =?UTF-8?Q?Andr=C3=A9?= A. Gomes Date: Mon, 04 Mar 2024 12:39:21 +0200 Message-ID: <87h6hmwaau.fsf@gmail.com> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-=" Received-SPF: pass client-ip=2a00:1450:4864:20::136; envelope-from=andremegafone@gmail.com; helo=mail-lf1-x136.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-Spam-Score: -1.3 (-) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -2.3 (--) --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Attached, thanks. --=20 Andr=C3=A9 A. Gomes "You cannot even find the ruins..." --=-=-= Content-Type: text/x-patch Content-Disposition: attachment; filename=0001-gnu-webkitgtk-Update-to-2.42.5-security-fixes.patch >From 456b45fffb25e33ce06c838117e329e9ac73c021 Mon Sep 17 00:00:00 2001 From: "Andre A. Gomes" Date: Mon, 4 Mar 2024 12:36:39 +0200 Subject: [PATCH 2/2] gnu: webkitgtk: Update to 2.42.5 [security fixes]. Fixes CVE-2024-23222, CVE-2024-23206, CVE-2024-23213. * gnu/packages/webkit.scm (webkitgtk): Update to 2.42.5. --- gnu/packages/webkit.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/webkit.scm b/gnu/packages/webkit.scm index d359d01f98..5eaded88d9 100644 --- a/gnu/packages/webkit.scm +++ b/gnu/packages/webkit.scm @@ -127,13 +127,13 @@ (define-public wpebackend-fdo (define-public webkitgtk (package (name "webkitgtk") - (version "2.42.4") + (version "2.42.5") (source (origin (method url-fetch) (uri (string-append "https://www.webkitgtk.org/releases/" name "-" version ".tar.xz")) (sha256 - (base32 "11pdcwmdj3i9aarrf7wsfvadi6jnkaf6zf7c5i2768x2plq8na2j")) + (base32 "0jg7c7z572afywwrnvdj3m5agaviv0vkqmzznnzzv30byb0phhmn")) (patches (search-patches "webkitgtk-adjust-bubblewrap-paths.patch")))) (build-system cmake-build-system) -- 2.41.0 --=-=-=-- From unknown Sun Aug 10 16:49:20 2025 X-Loop: help-debbugs@gnu.org Subject: [bug#69539] [PATCH 2/2] gnu: webkitgtk: Update to 2.42.5 [security fixes]. Resent-From: Liliana Marie Prikler Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Mon, 04 Mar 2024 19:56:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 69539 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: "Andre A. Gomes" Cc: 69539@debbugs.gnu.org, Leo Famulari Received: via spool by 69539-submit@debbugs.gnu.org id=B69539.1709582148501 (code B ref 69539); Mon, 04 Mar 2024 19:56:01 +0000 Received: (at 69539) by debbugs.gnu.org; 4 Mar 2024 19:55:48 +0000 Received: from localhost ([127.0.0.1]:44953 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1rhEPc-000081-HM for submit@debbugs.gnu.org; Mon, 04 Mar 2024 14:55:48 -0500 Received: from mail-ed1-f66.google.com ([209.85.208.66]:60750) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1rhEPa-00007p-Rc for 69539@debbugs.gnu.org; Mon, 04 Mar 2024 14:55:47 -0500 Received: by mail-ed1-f66.google.com with SMTP id 4fb4d7f45d1cf-5645960cd56so6678981a12.1 for <69539@debbugs.gnu.org>; Mon, 04 Mar 2024 11:55:16 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1709582051; x=1710186851; darn=debbugs.gnu.org; h=mime-version:user-agent:content-transfer-encoding:references :in-reply-to:date:cc:to:from:subject:message-id:from:to:cc:subject :date:message-id:reply-to; bh=VwY0s2MmMgXuLrYSlc/9tsa3czjGLyyOM/0b6vzFsz4=; b=QrpoZNOZMWJ3LE8LEhsTCcDg2Uuvor4zapV7JO1/3GRU8/evpQ+VQn1izF8fcEgBcm cEtK686mPgY7O98BuEO8PfwnCPHLXjUnglO37TtN5cBr3TFbFYhhBvaaHPCCsSRWBH1e ZUurTEJG12hsYDBb22oY0o5Jl2nDMwW+mHQqe7NbDWettj/WDWHT6Nw7Gpu7K1JvtcdW jJLnDHFqJEDBKI/Q4exj8JCp3upBKJoWDKaJyCcGsm84EK3ieoGHJAO/Lj+7gowgeF0k fMNBOE+lVoaKsfUoliWHWXBf/y14+XmSgI9FoM80ufrskTssR/+d1rf2yO/pG5AsTfbB L5dA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1709582051; x=1710186851; h=mime-version:user-agent:content-transfer-encoding:references :in-reply-to:date:cc:to:from:subject:message-id:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=VwY0s2MmMgXuLrYSlc/9tsa3czjGLyyOM/0b6vzFsz4=; b=IORgZwmg31cccVLcJ+ktAAzP6ZoNI6/MExKRisGfeKhOddQ/+/FLkn1qRXIwcOWIpa sb2bTAM5NlAwMFm/x1otIoXixz+E2vL3uS2YzOkISMQZjNaWatgPPzr8H+9l2+P4ZE/W p0wab/JNIYZFgSptf0Zd3H+8bs5oeOX6FCTq2jyCG+i91hWB9ogqxYunN7XtbANEDvEB uuov5L4ihORUPPJam9/Viz0VLUX95T5oOIMnFaq2lXjdz47+lzjhR1WfZlIk1y9gszUa aRm+PDfH7rw9Sc2hp+qvkFW4WqtM5IjAZKEJnkZ50fe0CVUgtPxWEc4gHh3Qeg4Rgd3p 5kCQ== X-Gm-Message-State: AOJu0YwiKIgONiTnXNTnrgRW4nhnXW/3lKVWWj27QfOWHkULObwALCRl Nt6nnc9uS3H4m+qhtrUcntvZYxAWBDSexQ1m8+ueMmFvQtha9MLg X-Google-Smtp-Source: AGHT+IGQ5ajwZDRSbApJ8+zIquUhvbWi2JA2twVeKW4nLykHByuBmWKX9jzdJ2rncV3WSObvPbQ40w== X-Received: by 2002:a05:6402:2267:b0:565:9c76:73c3 with SMTP id du7-20020a056402226700b005659c7673c3mr7034396edb.29.1709582050862; Mon, 04 Mar 2024 11:54:10 -0800 (PST) Received: from lumine.fritz.box (85-127-52-93.dsl.dynamic.surfer.at. [85.127.52.93]) by smtp.gmail.com with ESMTPSA id dj27-20020a05640231bb00b005667b411c38sm4551834edb.65.2024.03.04.11.54.09 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 04 Mar 2024 11:54:10 -0800 (PST) Message-ID: <24f115cf4bab0c4d1c4d504203706ef50799d479.camel@gmail.com> From: Liliana Marie Prikler Date: Mon, 04 Mar 2024 20:54:08 +0100 In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable User-Agent: Evolution 3.46.4 MIME-Version: 1.0 X-Spam-Score: -0.0 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) Am Montag, dem 04.03.2024 um 12:36 +0200 schrieb Andre A. Gomes: > Fixes CVE-2024-23222, CVE-2024-23206, CVE-2024-23213. >=20 > * gnu/packages/webkit.scm (webkitgtk): Update to 2.42.5. > --- As always the hint from my side that Webkit is a huge package causing many rebuilds (and thus a graft would be advised). CC'd Leo Famulari from the security team. Cheers From unknown Sun Aug 10 16:49:20 2025 MIME-Version: 1.0 X-Mailer: MIME-tools 5.505 (Entity 5.505) X-Loop: help-debbugs@gnu.org From: help-debbugs@gnu.org (GNU bug Tracking System) To: =?UTF-8?Q?Andr=C3=A9?= A. Gomes Subject: bug#69539: closed (Re: [bug#69539] [PATCH]: Update webkitgtk to 2.42.5) Message-ID: References: <87h6hmwaau.fsf@gmail.com> X-Gnu-PR-Message: they-closed 69539 X-Gnu-PR-Package: guix-patches X-Gnu-PR-Keywords: patch Reply-To: 69539@debbugs.gnu.org Date: Fri, 08 Mar 2024 09:38:02 +0000 Content-Type: multipart/mixed; boundary="----------=_1709890682-31123-1" This is a multi-part message in MIME format... ------------=_1709890682-31123-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Your bug report #69539: [PATCH]: Update webkitgtk to 2.42.5 which was filed against the guix-patches package, has been closed. The explanation is attached below, along with your original report. If you require more details, please reply to 69539@debbugs.gnu.org. --=20 69539: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=3D69539 GNU Bug Tracking System Contact help-debbugs@gnu.org with problems ------------=_1709890682-31123-1 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at 69539-done) by debbugs.gnu.org; 8 Mar 2024 09:37:53 +0000 Received: from localhost ([127.0.0.1]:56652 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1riWfo-00085f-NH for submit@debbugs.gnu.org; Fri, 08 Mar 2024 04:37:52 -0500 Received: from mail-wm1-f46.google.com ([209.85.128.46]:55764) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1riWfl-00085P-1f for 69539-done@debbugs.gnu.org; Fri, 08 Mar 2024 04:37:51 -0500 Received: by mail-wm1-f46.google.com with SMTP id 5b1f17b1804b1-41316e76147so4786735e9.3 for <69539-done@debbugs.gnu.org>; Fri, 08 Mar 2024 01:37:16 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1709890571; x=1710495371; darn=debbugs.gnu.org; h=in-reply-to:content-disposition:mime-version:references :mail-followup-to:message-id:subject:cc:to:from:date:sender:from:to :cc:subject:date:message-id:reply-to; bh=4w+dI4FUIeQgH9Ce5F38NgYe+594WNJ31Hqhue839/0=; b=njrpupLZhIkEIl7SG/Dcn6+356gpzGXVjpb3JdARsvziofYUJAhwHi1kKBu9zX0mCo ibIZQAb9tQMLOyQCYpQjiA9RvlN+1N99/SmnJMI0BHvm3msawyfqWsVAZqL+UlOb0BP2 FDW0p1pAzmtD8GVO7O4beVSh5zoUhYh+ytjGWBiZ4OOEbSepMdslymlQXJ1g6YUarhCe ouk8LrVvXDDSMDj5ZkEGyX03wtFdnvNUNFOzWYr+3IXUhupbDJQhJTS99gsZImdziOyV BQ2YPiiM9jTaYXSacDXwHl6nPoQVbp9VnZEycg9dV9c5UTFGaDABqgTDKCZteKssEHqu +LDA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1709890571; x=1710495371; h=in-reply-to:content-disposition:mime-version:references :mail-followup-to:message-id:subject:cc:to:from:date:sender :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=4w+dI4FUIeQgH9Ce5F38NgYe+594WNJ31Hqhue839/0=; b=QjJUoJCVsB6G3X1i2fD2J6w9n6rodrtloz80xVvP2Jp2gK6pQyh341dMq7NgCm/B1B O0PQtzW7bpbnTbf0BHFj+ly6msZgHuLwsQuizLqjaoHEoz8Yq3MDdBQfGbdTBoSePhLa ofTkP1nmlbt57Zjrm9LmbJVtOr7dwwGUGwBPyeCFoyh2KPRbjeoipn5jQ7tF4sQz36Zs 3gF/eCsl76vRUAYMDyUH+YPC7xQTmd2zYojBPFdStAl5z7BcaS79kf6s+lBiQP9AnfMG eewRx+NfPdVpi2GTCPk3Lfl5edPdtPU0iAZ8BBZ02yxu4ITaaSMJE6Zbub5NZ/1iKoCB QWaw== X-Gm-Message-State: AOJu0YzPxwme48WBDQ+nxriE6SXEC6dg7FWBc+ZoasNdAUPV5CB428Jw u7erzOesLNYkzdrbTvgovs3Yd32rnjDrQQrJn0ICRGtKN6stLwn8 X-Google-Smtp-Source: AGHT+IELN3J3qfCJuQEayWYQ+5uN7VBVxgqsvsklDJPKh+nE2y9VlBMPzi1ZsGTDuh9kIi74so4Nog== X-Received: by 2002:a05:600c:1f81:b0:412:f137:6ba9 with SMTP id je1-20020a05600c1f8100b00412f1376ba9mr6031666wmb.24.1709890570738; Fri, 08 Mar 2024 01:36:10 -0800 (PST) Received: from localhost ([141.226.12.177]) by smtp.gmail.com with ESMTPSA id s7-20020adfeb07000000b0033e7633b163sm1337755wrn.22.2024.03.08.01.36.09 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 08 Mar 2024 01:36:09 -0800 (PST) Date: Fri, 8 Mar 2024 11:36:08 +0200 From: Efraim Flashner To: =?utf-8?B?QW5kcsOpIEEu?= Gomes Subject: Re: [bug#69539] [PATCH]: Update webkitgtk to 2.42.5 Message-ID: Mail-Followup-To: Efraim Flashner , =?utf-8?B?QW5kcsOpIEEu?= Gomes , 69539-done@debbugs.gnu.org References: <87h6hmwaau.fsf@gmail.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="0JeFxc5ypybYZ/Qn" Content-Disposition: inline In-Reply-To: <87h6hmwaau.fsf@gmail.com> X-PGP-Key-ID: 0x41AAE7DCCA3D8351 X-PGP-Key: https://flashner.co.il/~efraim/efraim_flashner.asc X-PGP-Fingerprint: A28B F40C 3E55 1372 662D 14F7 41AA E7DC CA3D 8351 X-Spam-Score: 0.2 (/) X-Debbugs-Envelope-To: 69539-done Cc: 69539-done@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -0.8 (/) --0JeFxc5ypybYZ/Qn Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Thanks. I found a bug report about it failing to build on i686 so I added a snippet for that. Patch pushed! --=20 Efraim Flashner =D7=A8=D7=A0=D7=A9=D7=9C=D7=A4 = =D7=9D=D7=99=D7=A8=D7=A4=D7=90 GPG key =3D A28B F40C 3E55 1372 662D 14F7 41AA E7DC CA3D 8351 Confidentiality cannot be guaranteed on emails sent or received unencrypted --0JeFxc5ypybYZ/Qn Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEoov0DD5VE3JmLRT3Qarn3Mo9g1EFAmXq3AcACgkQQarn3Mo9 g1H4rRAAlUNh8uMORpSGNWL9VNZVvCcgh4CEPC4u183MODh42gFzbIBqBG7i5KMg Mg+XKMyjtE+j6N3rMksV6y7GyI10VR6MVL+5s+8yCkpEG91v2GS0H88pvVZRQGpu eXI3SOIPXTC5pzNCVfIPvog1ua5OhbeYqs3szlWOCFOmrBSNlmxaKEpljiJWATZK cJYxtad2y7cdJ0V9h57SehU9xsQuIgNYFHYVVp7ei3m0XHNYOoR7K0a5nvK1JyNy tTHQVRp3kmostz9mD4qhSjvgRUX9M2kK/Ug6e845B5XQ8LhbbjvYIMxcP9es2i7O yAIGlzFl8NTNDrIOcke8bgnxz90lFitQ2koQGSJ76xlTGYfdpew8qHTv6yJsRQ02 HjNGuahzRVNQ8KL/X+gpjvo4IxBUmCmuhk/7GBezL6Uq7Oo6jX4O5bBMdOsoCnEx 7L4ZjXdIIwaC0bSK1n8/nPYG1W7w1E5Yn4mCMqNN5bO0jplB0xHZbGftQGsE9kLb LcRu3fe52AZJOC32Iddd3+yjHX6DioBgZUAMiAsmUVdHlss49bHszQ0Q8oShyBXv BToUoaL+HdG3vXPgh6VFphQ0oo73thNPmSBQBd2ah8pKRsXvQkTxBWstVONEFcD5 QhWv0xr0KWwyHlfG3NGHvbUkQZE8+K1ZZt0AhgaT8dGIpAvgnN0= =X1SY -----END PGP SIGNATURE----- --0JeFxc5ypybYZ/Qn-- ------------=_1709890682-31123-1 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at submit) by debbugs.gnu.org; 4 Mar 2024 10:40:04 +0000 Received: from localhost ([127.0.0.1]:42046 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1rh5jn-0006iZ-Ei for submit@debbugs.gnu.org; Mon, 04 Mar 2024 05:40:03 -0500 Received: from lists.gnu.org ([209.51.188.17]:50774) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1rh5jl-0006ha-8B for submit@debbugs.gnu.org; Mon, 04 Mar 2024 05:40:01 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rh5jG-00054u-LY for guix-patches@gnu.org; Mon, 04 Mar 2024 05:39:31 -0500 Received: from mail-lf1-x136.google.com ([2a00:1450:4864:20::136]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1rh5jA-0003K1-E8 for guix-patches@gnu.org; Mon, 04 Mar 2024 05:39:26 -0500 Received: by mail-lf1-x136.google.com with SMTP id 2adb3069b0e04-51323dfce59so3572084e87.3 for ; Mon, 04 Mar 2024 02:39:24 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1709548763; x=1710153563; darn=gnu.org; h=mime-version:user-agent:message-id:date:subject:to:from:from:to:cc :subject:date:message-id:reply-to; bh=CfOEaOWH071TrCwjWAUfjDdKhhvq3blyxz6C4ELSFyU=; b=FtGf4SgK3Z8GEjTT/c0qfOu1CuGd+03Z8Bntc7xdlwdRz9LPrup5NAcuxbU/YkX6VY kKze9glXG7Kn7F1lsq7u+Zmd3HbfoVQswPYRf2H+nZ3KE6W6D6AScZDSsiYg6UXxLvzH oultPSpf3Lrn+DXwpfCIL6eVxwwAwNhmhZ9pvTRWr15ZPA2UPrDO92fi0jzQUEmFxajo XZLiTQMan0bI6zGyMAlfmFNZh1SDyajc9OE4ro6ScHSHGKcGyat8DG0kRbJSvMA8qHFk xd8R6n1xZCauLnYSfAtnN6QpxavhkXDO3mZp5wabkKXQN99VKy8paZbB4wvFotwn+/cO 7PrA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1709548763; x=1710153563; h=mime-version:user-agent:message-id:date:subject:to:from :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=CfOEaOWH071TrCwjWAUfjDdKhhvq3blyxz6C4ELSFyU=; b=lA5henYdoDOgS58cGtMggpsFetDlg4dOKN/pyVMBH+YM0oIamw/M3k7XjVIJNQ6zG3 EgrvhjSyicvEJ5V8bTxWO31HX7WSN9+KXvy+B0c33uDd+H/rPZaBjRLGDd+bHme9lGIx /Gj+uFdfSzm/h6sxnlN2kiNK2/0UNocYUHWBrt8A2Mi64OaVA7xcKRTLgsyQbeP10rYR yZTynfk3+WzPgKcg4iH6W1iJPVJZ3oyGbgFdtkDyJFblIkxxtuK6roWdbXVZ+zqOwSwD Mi+zuZsR3+PXvTu7pRekBLCF1FtnuWGJCPol9AnC0+2RvbTsKU2UcuRcAvTrsLdylwRy zBSw== X-Gm-Message-State: AOJu0YxdW9AvBdY0df7Iap93LTMWtjXbKlzv7R8K/WmqKMbcodOFuylO AgQzGdUol2JvSV4uqdFl2fsMAnrulGekReRGCjGevzEkB78tMhBzo+RRIJ2K60M= X-Google-Smtp-Source: AGHT+IEtEyUVc9fCI6nH1fHbryGoNckAZNDb+pwu/lzzIPniG8Mq3fX9UOiqqpjzlUQic8JUnaQV7Q== X-Received: by 2002:a05:6512:20c3:b0:513:1577:3d66 with SMTP id u3-20020a05651220c300b0051315773d66mr4517908lfr.64.1709548762683; Mon, 04 Mar 2024 02:39:22 -0800 (PST) Received: from mini (82.131.75.21.cable.starman.ee. [82.131.75.21]) by smtp.gmail.com with ESMTPSA id y14-20020ac2446e000000b005134c57f794sm83482lfl.112.2024.03.04.02.39.22 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 04 Mar 2024 02:39:22 -0800 (PST) From: =?utf-8?Q?Andr=C3=A9_A=2E_Gomes?= To: guix-patches@gnu.org Subject: [PATCH]: Update webkitgtk to 2.42.5 Date: Mon, 04 Mar 2024 12:39:21 +0200 Message-ID: <87h6hmwaau.fsf@gmail.com> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-=" Received-SPF: pass client-ip=2a00:1450:4864:20::136; envelope-from=andremegafone@gmail.com; helo=mail-lf1-x136.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-Spam-Score: -1.3 (-) X-Debbugs-Envelope-To: submit X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -2.3 (--) --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Attached, thanks. --=20 Andr=C3=A9 A. Gomes "You cannot even find the ruins..." --=-=-= Content-Type: text/x-patch Content-Disposition: attachment; filename=0001-gnu-webkitgtk-Update-to-2.42.5-security-fixes.patch >From 456b45fffb25e33ce06c838117e329e9ac73c021 Mon Sep 17 00:00:00 2001 From: "Andre A. Gomes" Date: Mon, 4 Mar 2024 12:36:39 +0200 Subject: [PATCH 2/2] gnu: webkitgtk: Update to 2.42.5 [security fixes]. Fixes CVE-2024-23222, CVE-2024-23206, CVE-2024-23213. * gnu/packages/webkit.scm (webkitgtk): Update to 2.42.5. --- gnu/packages/webkit.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/webkit.scm b/gnu/packages/webkit.scm index d359d01f98..5eaded88d9 100644 --- a/gnu/packages/webkit.scm +++ b/gnu/packages/webkit.scm @@ -127,13 +127,13 @@ (define-public wpebackend-fdo (define-public webkitgtk (package (name "webkitgtk") - (version "2.42.4") + (version "2.42.5") (source (origin (method url-fetch) (uri (string-append "https://www.webkitgtk.org/releases/" name "-" version ".tar.xz")) (sha256 - (base32 "11pdcwmdj3i9aarrf7wsfvadi6jnkaf6zf7c5i2768x2plq8na2j")) + (base32 "0jg7c7z572afywwrnvdj3m5agaviv0vkqmzznnzzv30byb0phhmn")) (patches (search-patches "webkitgtk-adjust-bubblewrap-paths.patch")))) (build-system cmake-build-system) -- 2.41.0 --=-=-=-- ------------=_1709890682-31123-1--