Ubuntu
webkit2gtk package

Multiple vulnerabilities in Bionic

Bug #1970783 reported by Luís Infante da Câmara
256
This bug affects 1 person
Affects Status Importance Assigned to Milestone
webkit2gtk (Ubuntu)
In Progress
Wishlist
Unassigned

Bug Description

The version in Bionic has multiple vulnerabilities.

Please backport version 2.36.7 or at least the security fixes in that version.

Upstream and Debian have released advisories on April 8.

See original description
Luís Infante da Câmara (luis220413)
information type: Public → Public Security
Luís Infante da Câmara (luis220413)
description: updated
information type: Public Security → Private Security
Changed in webkit2gtk (Ubuntu):
status: New → Incomplete
Luís Infante da Câmara (luis220413)
description: updated
Changed in webkit2gtk (Ubuntu):
status: Incomplete → Opinion
status: Opinion → New
information type: Private Security → Public Security
Revision history for this message
Marc Deslauriers (mdeslaur) wrote :

We are no longer able to update webkit2gtk in bionic as it has new toolchain requirements that can't be met. See:

https://wiki.ubuntu.com/SecurityTeam/FAQ#WebKitGTK

Changed in webkit2gtk (Ubuntu):
importance: Undecided → Wishlist
status: New → Confirmed
Luís Infante da Câmara (luis220413)
Changed in webkit2gtk (Ubuntu):
status: Confirmed → In Progress
assignee: nobody → Luís Cunha dos Reis Infante da Câmara (luis220413)
Revision history for this message
Luís Infante da Câmara (luis220413) wrote (last edit ):

Upstream bugs for CMake and ICU requirements:
* CMake (3.12 then 3.21, Bionic has 3.10): https://bugs.webkit.org/show_bug.cgi?id=221727
* ICU (61.2, Bionic has 60.3): https://bugs.webkit.org/show_bug.cgi?id=229608

When I tried to build the new version (merged from Debian testing and with the requirements on CMake and ICU versions lowered to the versions in Ubuntu 18.04), I got the following error:

-- Platform-specific CMakeLists not found: /home/user/webkit2gtk-2.36.3/Source/bmalloc/PlatformGTK.cmake
CMake Error at Source/cmake/WebKitMacros.cmake:155 (target_link_libraries):
  Object library target "bmalloc" may not link to anything.
Call Stack (most recent call first):
  Source/cmake/WebKitMacros.cmake:299 (_WEBKIT_TARGET)
  Source/bmalloc/CMakeLists.txt:682 (WEBKIT_FRAMEWORK)

-- Configuring incomplete, errors occurred!

All builds of this source package in my PPA do not install the required version of GCC (bug #1979136).

Revision history for this message
Luís Infante da Câmara (luis220413) wrote :
Luís Infante da Câmara (luis220413)
description: updated
Luís Infante da Câmara (luis220413)
Changed in webkit2gtk (Ubuntu):
assignee: Luís Infante da Câmara (luis220413) → nobody
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Bug attachments

Remote bug watches

Bug watches keep track of this bug in other bug trackers.