projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 791d2ea) | patch
package/wpewebkit: security bump to version 2.22.5
authorPeter Korsgaard <peter@korsgaard.com>
Sun, 14 Apr 2019 18:57:36 +0000 (20:57 +0200)
committerThomas Petazzoni <thomas.petazzoni@bootlin.com>
Mon, 15 Apr 2019 19:40:05 +0000 (21:40 +0200)
commit7adf8da2fef4ebe8e81c01fdc96697eb70ed64c8
treec5f5e1755596b7d36adbaa5fb78b2bac909dfdd1tree
parent791d2ea8f816cde5041978b3e60cf2a5f87d3026commit | diff
package/wpewebkit: security bump to version 2.22.5

Fixes the following security issues:

- CVE-2019-8518: Processing maliciously crafted web content may lead to
  arbitrary code execution.  Multiple memory corruption issues were
  addressed with improved memory handling.

- CVE-2019-8523: Processing maliciously crafted web content may lead to
  arbitrary code execution.  Multiple memory corruption issues were
  addressed with improved memory handling.

In addition, 2.22.5 contains a number of bugfixes.  From the announcement:

  - Fix rendering of glyphs in Hebrew (and possibly other languages) when
    Unicode NFC normalization is used.
  - Fix several crashes and race conditions.

Change SITE to https as the webserver uses HSTS.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
package/wpewebkit/wpewebkit.hash diff | blob | history
package/wpewebkit/wpewebkit.mk diff | blob | history