On Mon, Oct 28, 2024 at 10:24:04AM +0100, Chris Hofstaedtler wrote:
> b) various packages already ignore s390x (gnome? others?)
WebKitGTK still builds in s390x, but the Skia graphics library does
not support big-endian machines so if the Cairo backend is ever
dropped then we probably won't be able
On Wed, Dec 13, 2023 at 08:49:55PM -0700, Soren Stoutner wrote:
> Currently there is no real security support for Qt WebEngine in
> stable, which is an oversight that might surprise many Debian users.
> The purpose of this discussion is to figure out the best way to
> change that.
Hello,
I would
urity fixes in the latest versions of WPE WebKit:
+- CVE-2022-0108, CVE-2022-32885, CVE-2023-27932, CVE-2023-27954,
+ CVE-2023-28205 (fixed in 2.38.6 and 2.40.1).
+
+ -- Alberto Garcia Tue, 25 Apr 2023 09:17:43 +0200
+
wpewebkit (2.38.5-1) unstable; urgency=high
* New upstream release.
files.
+
+ -- Alberto Garcia Thu, 20 Apr 2023 14:29:23 +0200
+
webkit2gtk (2.40.0-3) unstable; urgency=medium
* debian/{rules,control.in}:
diff -Nru webkit2gtk-2.40.0/debian/copyright webkit2gtk-2.40.1/debian/copyright
--- webkit2gtk-2.40.0/debian/copyright 2023-03-21 18:11:48.0
.0
+0100
@@ -1,3 +1,14 @@
+gnome-calendar (43.1-2) unstable; urgency=high
+
+ [ Alberto Garcia ]
+ * debian/patches/validate-uri.patch:
+- Fix crash when adding an url manually (Closes: #1033239)
+
+ [ Jeremy Bicha ]
+ * Branch for bookworm
+
+ -- Alberto Garcia Mon, 20 Mar 2023 18:2
On Wed, Mar 08, 2023 at 09:36:23PM +, Alberto Garcia wrote:
> Upstream has just confirmed that the new WebKit API for GTK4 is
> final[1] so this is effectively a release candidate for WebKitGTK
> 2.40.0, to be released in ~10 days.
2.40.0-2 has been in unstable for a while, I had
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Control: block -1 by 1029206
Please unblock package evolution-data-server. Note that this has to
happen together with #1029206: either both packages migrate or none
will.
[ Reason ]
The new
I have a slightly related question for the release team, and apologies
in advance if I'm hijacking this thread.
WPE WebKit, the other major port of WebKit in Debian is also
introducing a new API in 2.40.0, although in this case the old API
will still be available (but deprecated) for a time.
Unli
Upstream has just confirmed that the new WebKit API for GTK4 is
final[1] so this is effectively a release candidate for WebKitGTK
2.40.0, to be released in ~10 days.
I just uploaded the packages, the GTK4 ones are in the NEW queue.
Jeremy, you can start testing the reverse dependencies whenever y
On Mon, Mar 06, 2023 at 12:29:05PM +, Alberto Garcia wrote:
> > It's been a while. Any progress? It's getting late in the freeze
> > already.
> upstream confirmed that there are some last minutes changes to
> the API so the final soname will happen with the officia
On Sat, Mar 04, 2023 at 05:24:04PM +0100, Paul Gevers wrote:
> > All build scripts are ready and the new GTK4 packages can
> > already be enabled by simply flipping the value of a variable in
> > debian/rules. We are just waiting to know the final SONAME.
>
> It's been a while. Any progress? It's
On Sat, Mar 04, 2023 at 05:24:04PM +0100, Paul Gevers wrote:
> > All build scripts are ready and the new GTK4 packages can
> > already be enabled by simply flipping the value of a variable in
> > debian/rules. We are just waiting to know the final SONAME.
>
> It's been a while. Any progress? It's
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock the package webkit2gtk
The webkit2gtk and wpewebkit packages are updated regularly with
security fixes (every month or two). The last one (2.38.5-1, same
version for both pac
On Sat, Jan 21, 2023 at 05:43:11PM +0100, Sebastian Ramacher wrote:
> > [ Other Info ]
> > webkit2gtk generally follows the GNOME release schedule. [5] A beta
> > (2.39.90) is expected in February. A release candidate (2.39.91)
> > around March 6, and the first stable release (2.40.0) around March
On Fri, Mar 04, 2022 at 11:43:41AM +0100, Alberto Garcia wrote:
> [ Reason ]
> There is an open bug in GLib[1] that is crashing the Epiphany web
> browser (debian bug #1005810).
>
> While the GLib bug itself hasn't been solved yet this has been worked
> around in Epi
+0100
@@ -1,3 +1,11 @@
+epiphany-browser (3.38.2-1+deb11u2) bullseye; urgency=medium
+
+ * d/p/glib-bug-workaround.patch:
+- Cherry pick upstream patch ff8ecbf6. This works around a bug in GLib
+ and fixes a UI process crash (Closes: #1005810).
+
+ -- Alberto Garcia Fri, 04 Mar 2022 11:
Control: tags -1 -moreinfo
Control: retitle -1 unblock: wpewebkit/2.32.3-2
On Mon, Aug 02, 2021 at 04:53:09PM +0200, Alberto Garcia wrote:
> I think I can simply rebuild wpewebkit to force disabling that
> extension and then it should work with the wpebackend-fdo package in
> testing.
On Sun, Aug 01, 2021 at 07:59:58PM +0200, Paul Gevers wrote:
> > Please unblock package wpewebkit
>
> wpewebkit is blocked behind wpebackend-fdo which was NACK'ed already
> due to build system changes. Can the upload be done in such a way
> that that dependency doesn't show up? Can wpebackend-fdo
+ CVE-2021-21775, CVE-2021-21779, CVE-2021-30663, CVE-2021-30665,
+ CVE-2021-30689, CVE-2021-30720, CVE-2021-30734, CVE-2021-30744,
+ CVE-2021-30749, CVE-2021-30795, CVE-2021-30797, CVE-2021-30799
+ (fixed in 2.32.3).
+
+ -- Alberto Garcia Sun, 25 Jul 2021 00:45:03 +0200
+
+wpew
30797, CVE-2021-30799
+ (fixed in 2.32.3).
+
+ -- Alberto Garcia Sun, 25 Jul 2021 00:25:47 +0200
+
+webkit2gtk (2.32.2-1) unstable; urgency=medium
+
+ * New upstream release.
+ * debian/patches/fix-ftbfs-m68k.patch:
++ Update patch.
+
+ -- Alberto Garcia Fri, 09 Jul 2021 13:41:26
On Thu, Jul 15, 2021 at 09:32:42PM +0200, Sebastian Ramacher wrote:
> > We synced up with this before; wpewebkit is closely related to
> > webkit and Alberto will keep both updated in stable.
>
> Is this also the plan for cog, wpebackend-fdo and libwpe?
I don't think those _require_ stable update
with libwpebackend-fdo-1.0-dev 1.10.0. This enables SHM buffer
+ exports.
+
+ -- Alberto Garcia Wed, 16 Jun 2021 15:31:16 +0200
+
+cog (0.10.0-1) experimental; urgency=medium
+
+ * New upstream release.
+ * debian/control:
+- Add build dependencies on libdrm-dev, libgbm-dev and libinput
On Wed, Jul 07, 2021 at 11:53:16AM +0200, Moritz Muehlenhoff wrote:
> > The concern also extends to web rendering engines not explicitly
> > mentioned here, with the exception of > role="source">webkit2gtk.
>
> Good point wrt the releases notes part. I guess we should simply
> make this
6-15 19:01:32.0 +0200
@@ -1,3 +1,24 @@
+libwpe (1.10.0-2) unstable; urgency=medium
+
+ * Upload to unstable.
+
+ -- Alberto Garcia Tue, 15 Jun 2021 19:01:32 +0200
+
+libwpe (1.10.0-1) experimental; urgency=medium
+
+ * New upstream release.
+ * debian/copyright:
++ Update copyr
/changelog 2021-06-16 11:29:41.0
+0200
@@ -1,3 +1,59 @@
+wpebackend-fdo (1.10.0-2) unstable; urgency=medium
+
+ * Upload to unstable.
+
+ -- Alberto Garcia Wed, 16 Jun 2021 11:29:41 +0200
+
+wpebackend-fdo (1.10.0-1) experimental; urgency=medium
+
+ * New upstream release.
+ * de
0 +0200
@@ -1,3 +1,39 @@
+wpewebkit (2.32.1-1) unstable; urgency=medium
+
+ * New upstream release.
+ * debian/patches/revert-soname-change.patch:
++ Drop this patch, this is now upstream.
+ * debian/patches/fix-ftbfs-m68k.patch:
++ Update patch.
+
+ -- Alberto Garcia Sat, 08 May 2021 16:53:58 +0200
On Wed, Jul 07, 2021 at 11:53:16AM +0200, Moritz Muehlenhoff wrote:
> > What's the security team's take on this? Will browsers other than
> > firefox, chromium and webkit2gtk itself be security supported
> > throughout bullseye's lifetime?
>
> We synced up with this before; wpewebkit is closely re
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package wpewebkit
webkit2gtk was unblocked last month, testing has the most recent
stable version and we will provide security updates during the
lifetime of bullseye, as we
really expects at least the -base and -good sets.
+ - For video playback (e.g YouTube) -bad is also recommended.
+ - The pulseaudio plugin was merged into the -good package so it will
+be always be available now. Move -alsa to Suggests.
+
+ -- Alberto Garcia Mon, 07 Jun 2021 10
On Fri, May 28, 2021 at 11:18:00AM +0200, Alberto Garcia wrote:
> unblock webkit2gtk/2.32.1-1
This upload introduced a regression (#989332) that should probably be
fixed for bullseye.
WebKitGTK has always used GStreamer internally but the Debian package
only _recommends_ the GStreamer plug
Control: tags -1 - moreinfo
On Fri, May 28, 2021 at 10:44:27PM +0200, Sebastian Ramacher wrote:
> libwebkit2gtk-4.0.so.37 libwebkit2gtk-4.0-37 #MINVER#
> * Build-Depends-Package: libwebkit2gtk-4.0-dev
> (c++)"WebKit::NetworkProcessMain(int, char**)@Base" 2.27.90
> - (c++)"WebKit::PluginProcess
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package webkit2gtk
Starting from buster webkit2gtk has been receiving security updates,
with a dozen DSAs published so far, at a pace of once every month or
two. These update
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package webkit2gtk
Starting from buster webkit2gtk has been receiving security updates,
with a dozen DSAs published so far, at a pace of once every month or
two. These update
egatools-1.9.98/debian/changelog 2020-04-15 14:28:54.0 +0200
@@ -1,3 +1,10 @@
+megatools (1.9.98-1+deb9u1) stretch; urgency=medium
+
+ * debian/patches/support-new-links.patch:
+- Add support for the new format of mega.nz links.
+
+ -- Alberto Garcia Wed, 15 Apr 2020 14:28:54 +02
On Wed, Apr 15, 2020 at 01:57:16PM +0200, Alberto Garcia wrote:
> +megatools (1.10.2-1+deb10u1) unstable; urgency=medium
There's an error in the patch, it should say 'buster' instead of
'unstable'. Otherwise it should be ok. Sorry for the noise.
Berto
0 +0200
@@ -1,3 +1,10 @@
+megatools (1.10.2-1+deb10u1) unstable; urgency=medium
+
+ * debian/patches/support-new-links.patch:
+- Add support for the new format of mega.nz links.
+
+ -- Alberto Garcia Wed, 15 Apr 2020 13:43:30 +0200
+
megatools (1.10.2-1) unstable; urgency=medium
On Wed, Aug 21, 2019 at 11:35:38PM +0100, Adam D. Barratt wrote:
> Please go ahead.
Uploaded, thanks.
Berto
use-emulator (1.5.7+dfsg1-2~deb10u1) unstable; urgency=medium
+
+ * Rebuild for buster.
+
+ -- Alberto Garcia Wed, 21 Aug 2019 10:46:12 +0300
+
+fuse-emulator (1.5.7+dfsg1-2) unstable; urgency=medium
+
+ * debian/patches/prefer-x11-over-wayland.patch:
+- Prefer the X11 GDK backend over the Wayland
On Tue, Aug 20, 2019 at 11:52:30PM +0100, Adam D. Barratt wrote:
> Please go ahead.
Thanks, I just uploaded the new version (source-only, please correct
me if it needed to be a binary upload).
Berto
On Thu, Jun 27, 2019 at 03:26:32PM +0300, Adrian Bunk wrote:
> > We like to support non-sse2 on i386, but we are not comfortable
> > fixing webkit2gtk at this stage of the release.
>
> Why is this relatively small change a problem in a package where new
> upstream versions are permitted after the
On Tue, Jun 25, 2019 at 11:04:59AM +0300, Alberto Garcia wrote:
> This upload disables the JIT compiler and enables the CLoop
> JavaScript interpreter, which is slower but works on all CPUs. It
> also removes the gcc SSE2 flags. Only the i386 build is affected by
> these changes.
I r
SE2-capable CPU.
+
+ -- Alberto Garcia Mon, 24 Jun 2019 16:34:09 +0300
+
webkit2gtk (2.24.2-1) unstable; urgency=medium
* New upstream release.
diff -Nru webkit2gtk-2.24.2/debian/NEWS webkit2gtk-2.24.2/debian/NEWS
--- webkit2gtk-2.24.2/debian/NEWS 2019-05-17 17:40:52.0 +0300
+++ we
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package webkit2gtk
The new upstream stable release contains (among others) fixes
for these three security bugs: CVE-2019-8595, CVE-2019-8607 and
CVE-2019-8615.
unblock webki
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package webkit2gtk
Upstream published the 2.24 stable branch recently and 2.22 is no
longer maintained.
We want to offer webkit2gtk security updates in buster and for that w
Control: tags -1 - moreinfo
On Mon, Feb 26, 2018 at 08:55:51PM +, Adam D. Barratt wrote:
> > I would like to upload a new grilo-plugins package, which contains
> > a fix for https://bugs.debian.org/887469
>
> The BTS metadata for that bug indicates that it affects the version
> of grilo-plug
.3-1+deb9u1) stretch; urgency=medium
+
+ * debian/patches/radiofrance.patch:
+- Fix Radio France source after website changes (Closes: #887469).
+
+ -- Alberto Garcia Wed, 17 Jan 2018 11:30:37 +0200
+
grilo-plugins (0.3.3-1) unstable; urgency=medium
* New upstream release.
diff -Nru grilo-
.
+ * debian/patches/systemd.patch:
+- Add missing Documentation key.
+ * debian/copyright:
+- Update copyright years.
+
+ -- Alberto Garcia Tue, 06 Jun 2017 12:01:04 +0300
+
filetea (0.1.16-3) unstable; urgency=medium
* Add systemd service file.
diff -Nru filetea-0.1.16/debian/co
Control: tag -1 - moreinfo
On Sat, Aug 29, 2015 at 03:39:45PM +0200, Julien Cristau wrote:
> > The 2.4 branch of webkit is a stable branch and there's no active
> > development there. However it's still maintained and there are
> > releases with important bugfixes periodically, so I think it's th
Package: release.debian.org
Severity: normal
Tags: jessie
User: release.debian@packages.debian.org
Usertags: pu
Hello,
webkitgtk 2.4.9 was released containing several bug fixes, including
the one for CVE-2015-2330.
I contacted the Debian security team in order to make a security
release with
ncy=medium
+
+ * debian/patches/g-closure-unref.diff:
++ Fix use-after-free warning when loading page into WebView
+ (Closes: #780444).
+ * debian/patches/fix-cloop.patch:
++ Fix crash on powerpc (Closes: #771841).
+
+ -- Alberto Garcia Thu, 26 Mar 2015 23:49:21 +0200
+
webkitgtk (2.4.8-1
oupMessage.
+
+ -- Alberto Garcia Fri, 06 Mar 2015 09:33:11 +0200
+
webkit2gtk (2.6.2+dfsg1-3) unstable; urgency=medium
* debian/patches/no-ssl-record-version.patch:
diff -Nru webkit2gtk-2.6.2+dfsg1/debian/libwebkit2gtk-4.0-doc.links webkit2gtk-2.6.2+dfsg1/debian/libwebkit2gtk-4.0-doc.links
---
use-ssl-api.patch:
+- Use the SSL endpoints for the Flickr API. The non-SSL API was
+ disabled on June 2014.
+ * fix-gcrypt-crash.patch:
+- Fix crash in gcrypt.
+ * debian/control:
+- Remove obsolete DM-Upload-Allowed flag.
+ * Update my e-mail address in debian/*.
+
+ -- Alberto G
Package: release.debian.org
Severity: normal
Tags: wheezy
User: release.debian@packages.debian.org
Usertags: pu
The current version of Frogr in Debian wheezy no longer works due to
an API change in Flickr.
http://code.flickr.net/2014/04/30/flickr-api-going-ssl-only-on-june-27th-2014/
A w
--- frogr-0.10/debian/changelog 2014-06-17 10:47:52.0 +0300
+++ frogr-0.10/debian/changelog 2015-01-19 15:50:01.0 +0200
@@ -1,3 +1,10 @@
+frogr (0.10-2) unstable; urgency=medium
+
+ * fix-gcrypt-crash.patch:
+- Fix crash in gcrypt.
+
+ -- Alberto Garcia Mon, 19 Jan 2015 15:4
er.
+ * debian/patches/render-text-control.patch:
++ Check for NULL pointer in SearchInputType.
+ * debian/patches/ax-focus-events.patch:
++ Fix accessible focus events in non-focused combo boxes.
+
+ -- Alberto Garcia Mon, 08 Dec 2014 13:26:23 +0100
+
webkitgtk (2.4.7-2) unstable;
patches/at-spi2.patch:
+ + Accessible values are no longer accessible via AT-SPI2.
+ * debian/patches/ax-focus-events.patch:
+ + Fix accessible focus events in non-focused combo boxes.
+
+ -- Alberto Garcia Sun, 07 Dec 2014 17:53:25 +0100
+
webkit2gtk (2.6.2+dfsg1-2) unstable; urgency=mediu
yword from the desktop file since the command
+ listed in Exec cannot open an image. This needs a separate file.
+
+ -- Alberto Garcia Sun, 02 Nov 2014 23:05:57 +0200
+
ocrfeeder (0.7.11-5) unstable; urgency=medium
* debian/control:
diff -Nru ocrfeeder-0.7.11/debian/patches/desktop-exec-code.
librest-dev is also
+ a dependency of libgoa-1.0-dev, but we should not rely on that.
+- Make grilo-plugins recommend dleyna-server (Closes: #765986).
+ * fix-dleyna-crash.patch:
+- Fix crash due to variable redefinition (Closes: #769357).
+
+ -- Alberto Garcia Sun, 16 Nov 2014 17
-13 14:11:23.0 +0200
@@ -1,3 +1,13 @@
+grilo-plugins (0.2.13-2) unstable; urgency=medium
+
+ * debian/control:
+- Add build dependency on librest-dev.
+- Make grilo-plugins recommend dleyna-server (Closes: #765986).
+ * fix-dleyna-crash.patch:
+- Fix crash due to variable redefin
2).
+ * debian/patches/flash-crash.patch:
++ Fix crash in the Flash player (Closes: #768929).
+
+ -- Alberto Garcia Tue, 11 Nov 2014 12:43:45 +0200
+
webkitgtk (2.4.7-1) unstable; urgency=medium
* New upstream release.
diff -Nru webkitgtk-2.4.7/debian/patches/flash-crash.patch webkitg
ash in the Flash player (Closes: #768341).
+
+ -- Alberto Garcia Mon, 10 Nov 2014 11:44:56 +0200
+
webkit2gtk (2.6.2+dfsg1-1) unstable; urgency=medium
* New upstream release.
diff -Nru webkit2gtk-2.6.2+dfsg1/debian/patches/fix-mips64-build.patch webkit2gtk-2.6.2+dfsg1/debian/patches/
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: binnmu
Hi,
the 'Pocket' plugin in grilo-plugins requires a version of librest
that was not available in kfreebsd when the package was built.
The latest librest is finally available so grilo-plugin
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: binnmu
Hi,
binutils recently added a fix for #688951 (CVE-2012-3509) which also
affects binutils-z80. The following binNMU will cause the fix to be
applied to binutils-z80:
nmu binutils-z80_2.22-3
On Thu, Sep 13, 2012 at 04:07:55PM +0200, Paul Menzel wrote:
> Berto, it would be awesome if you could test Ekiga from experimental
> [3][4] and report back if it fixes the issues for you.
I've just tried ekiga 3.9.90-1 and it seems to work now.
These are the new packages that I installed:
ekig
64 matches
Mail list logo
