[Bug 239003] www/webkit2-gtk3: Update to 2.24.3 (fixes many code execution vulnerabilities)
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Fri Jul 5 10:27:38 UTC 2019
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=239003
Bug ID: 239003
Summary: www/webkit2-gtk3: Update to 2.24.3 (fixes many code
execution vulnerabilities)
Product: Ports & Packages
Version: Latest
Hardware: Any
OS: Any
Status: New
Keywords: patch, security
Severity: Affects Only Me
Priority: ---
Component: Individual Port(s)
Assignee: gnome at FreeBSD.org
Reporter: tobik at freebsd.org
CC: gnome at FreeBSD.org
Assignee: gnome at FreeBSD.org
Flags: maintainer-feedback?(gnome at FreeBSD.org)
Attachment #205528 maintainer-approval?(gnome at FreeBSD.org)
Flags:
CC: gnome at FreeBSD.org
Created attachment 205528
--> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=205528&action=edit
webkit2-gtk3.diff
2.24.0 has around a dozen known arbitrary code execution (and other)
vulnerabilities:
https://webkitgtk.org/security/WSA-2019-0002.html
https://webkitgtk.org/security/WSA-2019-0003.html
We should update to 2.24.3 ASAP.
Changes: https://webkitgtk.org/2019/04/09/webkitgtk2.24.1-released.html
Changes: https://webkitgtk.org/2019/05/17/webkitgtk2.24.2-released.html
Changes: https://webkitgtk.org/2019/07/02/webkitgtk2.24.3-released.html
Poudriere tested on 11.2/i386, 12.0/amd64. Locally on 13.0/amd64.
--
You are receiving this mail because:
You are the assignee for the bug.
You are on the CC list for the bug.
More information about the freebsd-gnome
mailing list