Date: Fri, 05 Jul 2019 10:27:35 +0000 From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 239003] www/webkit2-gtk3: Update to 2.24.3 (fixes many code execution vulnerabilities) Message-ID: <bug-239003-7788@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D239003 Bug ID: 239003 Summary: www/webkit2-gtk3: Update to 2.24.3 (fixes many code execution vulnerabilities) Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Keywords: patch, security Severity: Affects Only Me Priority: --- Component: Individual Port(s) Assignee: gnome@FreeBSD.org Reporter: tobik@freebsd.org CC: gnome@FreeBSD.org Assignee: gnome@FreeBSD.org Flags: maintainer-feedback?(gnome@FreeBSD.org) Attachment #205528 maintainer-approval?(gnome@FreeBSD.org) Flags: CC: gnome@FreeBSD.org Created attachment 205528 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D205528&action= =3Dedit webkit2-gtk3.diff 2.24.0 has around a dozen known arbitrary code execution (and other) vulnerabilities: https://webkitgtk.org/security/WSA-2019-0002.html https://webkitgtk.org/security/WSA-2019-0003.html We should update to 2.24.3 ASAP. Changes: https://webkitgtk.org/2019/04/09/webkitgtk2.24.1-released.h= tml Changes: https://webkitgtk.org/2019/05/17/webkitgtk2.24.2-released.h= tml Changes: https://webkitgtk.org/2019/07/02/webkitgtk2.24.3-released.h= tml Poudriere tested on 11.2/i386, 12.0/amd64. Locally on 13.0/amd64. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-239003-7788>