[Buildroot] [PATCH] package/webkitgtk: security bump to version 2.42.5
Adrian Perez de Castro
aperez at igalia.com
Thu Feb 8 09:28:26 UTC 2024
Hi Peter,
I was about to submit basically the same patch, you have beaten me to it.
Thanks!
(Later today I to submit the wpewebkit update as well :D)
On Thu, 08 Feb 2024 08:09:39 +0100 Peter Korsgaard <peter at korsgaard.com> wrote:
> Fixes the following security issues:
>
> https://webkitgtk.org/security/WSA-2024-0001.html
>
> - CVE-2024-23222: Processing maliciously crafted web content may lead to
> arbitrary code execution. Apple is aware of a report that this issue may
> have been exploited. Description: A type confusion issue was addressed
> with improved checks.
>
> - CVE-2024-23206: A maliciously crafted webpage may be able to fingerprint
> the user. Description: An access issue was addressed with improved access
> restrictions.
>
> - CVE-2024-23213: Processing web content may lead to arbitrary code execution.
> Description: The issue was addressed with improved memory handling.
>
> - CVE-2023-40414: Processing web content may lead to arbitrary code
> execution. Description: A use-after-free issue was addressed with
> improved memory management.
>
> - CVE-2023-42833: Processing web content may lead to arbitrary code execution.
> Description: A correctness issue was addressed with improved checks.
>
> - CVE-2014-1745: Processing a file may lead to a denial-of-service or
> potentially disclose memory contents. Description: The issue was
> addressed with improved checks.
>
> https://webkitgtk.org/security/WSA-2023-0012.html
>
> - CVE-2023-42883: Processing a SVG image may lead to a denial-of-service.
> Description: The issue was addressed with improved memory handling.
>
> - CVE-2023-42890: Processing web content may lead to arbitrary code
> execution. Description: The issue was addressed with improved memory
> handling.
>
> https://webkitgtk.org/security/WSA-2023-0011.html
>
> - CVE-2023-42916: Processing web content may disclose sensitive information.
> Apple is aware of a report that this issue may have been actively
> exploited. Description: An out-of-bounds read was addressed with improved
> input validation.
>
> - CVE-2023-42917: Processing web content may lead to arbitrary code
> execution. Apple is aware of a report that this issue may have been
> actively exploited. Description: A memory corruption vulnerability was
> addressed with improved locking.
>
> Add an upstream post-2.42.5 patch to fix an issue with an invalid backport
> causing a build issue.
>
> Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
Acked-by: Adrian Perez de Castro <aperez at igalia.com>
> ---
> ...velInterpreter.cpp-339-21-error-t6-w.patch | 39 +++++++++++++++++++
> package/webkitgtk/webkitgtk.hash | 6 +--
> package/webkitgtk/webkitgtk.mk | 2 +-
> 3 files changed, 43 insertions(+), 4 deletions(-)
> create mode 100644 package/webkitgtk/0001-GTK-2.42.5-LowLevelInterpreter.cpp-339-21-error-t6-w.patch
>
> diff --git a/package/webkitgtk/0001-GTK-2.42.5-LowLevelInterpreter.cpp-339-21-error-t6-w.patch b/package/webkitgtk/0001-GTK-2.42.5-LowLevelInterpreter.cpp-339-21-error-t6-w.patch
> new file mode 100644
> index 0000000000..c9667fedbd
> --- /dev/null
> +++ b/package/webkitgtk/0001-GTK-2.42.5-LowLevelInterpreter.cpp-339-21-error-t6-w.patch
> @@ -0,0 +1,39 @@
> +From 3d5373575695b293b8559155431d0079a6153aff Mon Sep 17 00:00:00 2001
> +From: Michael Catanzaro <mcatanzaro at redhat.com>
> +Date: Mon, 5 Feb 2024 11:00:49 -0600
> +Subject: [PATCH] =?UTF-8?q?[GTK]=20[2.42.5]=20LowLevelInterpreter.cpp:339:?=
> + =?UTF-8?q?21:=20error:=20=E2=80=98t6=E2=80=99=20was=20not=20declared=20in?=
> + =?UTF-8?q?=20this=20scope=20https://bugs.webkit.org/show=5Fbug.cgi=3Fid?=
> + =?UTF-8?q?=3D268739?=
> +MIME-Version: 1.0
> +Content-Type: text/plain; charset=UTF-8
> +Content-Transfer-Encoding: 8bit
> +
> +Unreviewed build fix. Seems a backport went badly, and we didn't notice
> +because the code is architecture-specific.
> +
> +* Source/JavaScriptCore/llint/LowLevelInterpreter.cpp:
> +(JSC::CLoop::execute):
> +
> +Upstream: https://github.com/WebKit/WebKit/commit/3d5373575695b293b8559155431d0079a6153aff
> +Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
> +---
> + Source/JavaScriptCore/llint/LowLevelInterpreter.cpp | 2 --
> + 1 file changed, 2 deletions(-)
> +
> +diff --git a/Source/JavaScriptCore/llint/LowLevelInterpreter.cpp b/Source/JavaScriptCore/llint/LowLevelInterpreter.cpp
> +index 5064ead6cd2e..9a2e2653b121 100644
> +--- a/Source/JavaScriptCore/llint/LowLevelInterpreter.cpp
> ++++ b/Source/JavaScriptCore/llint/LowLevelInterpreter.cpp
> +@@ -336,8 +336,6 @@ JSValue CLoop::execute(OpcodeID entryOpcodeID, void* executableAddress, VM* vm,
> + UNUSED_VARIABLE(t2);
> + UNUSED_VARIABLE(t3);
> + UNUSED_VARIABLE(t5);
> +- UNUSED_VARIABLE(t6);
> +- UNUSED_VARIABLE(t7);
> +
> + struct StackPointerScope {
> + StackPointerScope(CLoopStack& stack)
> +--
> +2.39.2
> +
> diff --git a/package/webkitgtk/webkitgtk.hash b/package/webkitgtk/webkitgtk.hash
> index 59782732c3..ac4799d4cf 100644
> --- a/package/webkitgtk/webkitgtk.hash
> +++ b/package/webkitgtk/webkitgtk.hash
> @@ -1,6 +1,6 @@
> -# From https://www.webkitgtk.org/releases/webkitgtk-2.42.2.tar.xz.sums
> -sha1 05bec6a824e46f043b865478735bc8395249510e webkitgtk-2.42.2.tar.xz
> -sha256 5720aa3e8627f1b9f63252187d4df0f8233ae71d697b1796ebfbe5ca750bd118 webkitgtk-2.42.2.tar.xz
> +# From https://www.webkitgtk.org/releases/webkitgtk-2.42.5.tar.xz.sums
> +sha1 c3ffb2beaac56f1089029f2254482f48d9e3db37 webkitgtk-2.42.5.tar.xz
> +sha256 b64278c1f20b8cfdbfb5ff573c37d871aba74a1db26d9b39f74e8953fe61e749 webkitgtk-2.42.5.tar.xz
>
> # Hashes for license files:
> sha256 0b5d3a7cc325942567373b0ecd757d07c132e0ebd7c97bfc63f7e1a76094edb4 Source/WebCore/LICENSE-APPLE
> diff --git a/package/webkitgtk/webkitgtk.mk b/package/webkitgtk/webkitgtk.mk
> index 611d7f65d3..075a36654f 100644
> --- a/package/webkitgtk/webkitgtk.mk
> +++ b/package/webkitgtk/webkitgtk.mk
> @@ -4,7 +4,7 @@
> #
> ################################################################################
>
> -WEBKITGTK_VERSION = 2.42.2
> +WEBKITGTK_VERSION = 2.42.5
> WEBKITGTK_SITE = https://www.webkitgtk.org/releases
> WEBKITGTK_SOURCE = webkitgtk-$(WEBKITGTK_VERSION).tar.xz
> WEBKITGTK_INSTALL_STAGING = YES
> --
> 2.39.2
>
> _______________________________________________
> buildroot mailing list
> buildroot at buildroot.org
> https://lists.buildroot.org/mailman/listinfo/buildroot
>
Cheers,
—Adrián
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
URL: <http://lists.buildroot.org/pipermail/buildroot/attachments/20240208/7b563768/attachment-0001.asc>
More information about the buildroot
mailing list