-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 11 Apr 2024 15:35:46 +0200 Source: wpewebkit Architecture: source Version: 2.44.1-1 Distribution: unstable Urgency: high Maintainer: Debian WebKit Maintainers <pkg-webkit-maintainers@lists.alioth.debian.org> Changed-By: Alberto Garcia <berto@igalia.com> Changes: wpewebkit (2.44.1-1) unstable; urgency=high . * New upstream release. * The WPE WebKit security advisory WSA-2024-0002 lists the following security fixes in the latest versions of WPE WebKit: - CVE-2024-23252, CVE-2024-23254, CVE-2024-23263, CVE-2024-23280, CVE-2024-23284, CVE-2023-42950, CVE-2023-42956, CVE-2023-42843 (fixed in 2.44.0). * Refresh all patches. * debian/rules: - Stop setting USE_LD_GOLD, it has been removed upstream so it no longer has any effect (see webkit bug #235476). - Unify the sh3 and sh4 build flags. - Don't copy CFLAGS to CXXFLAGS: -Werror=implicit-function-declaration (default since dpkg 1.22.6) causes a FTBFS when added to the latter (see #1066411). - Stop using -DENABLE_WEBGL=OFF on armel and powerpc. - Build with -DUSE_LIBBACKTRACE=OFF. * debian/control: - Enable the bubblewrap sandbox only in the architectures where libseccomp is working. * debian/patches/fix-ftbfs-riscv64.patch: - Treat riscv64 as an unknown CPU to fix a FTBFS in JavaScriptCore (webkit bug #271371). * debian/patches/fix-ftbfs-i386.patch: - Drop this patch, it is included in this release. * debian/debian/libwpewebkit-doc.* - Update debhelper scripts to reflect the upstream changes of the installation paths. * debian/source/lintian-overrides: - Update source-is-missing overrides. * Update copyright information of all files. Checksums-Sha1: cdc9d1985142a17b193de8417959eb5e6da73d62 3480 wpewebkit_2.44.1-1.dsc b4d61467f0fb27bb45919ae160efe71d40fda6a0 35164408 wpewebkit_2.44.1.orig.tar.xz 350214a7863aedc1f4ed20e585ea0e5a48a97b89 195 wpewebkit_2.44.1.orig.tar.xz.asc 6087d5a2d2929e616d13703c6749a2012543db58 48476 wpewebkit_2.44.1-1.debian.tar.xz abcf70829e05640b53594c643e70efd629f54309 11848 wpewebkit_2.44.1-1_source.buildinfo Checksums-Sha256: a91c9f5ede69566b0a1917d404827039028218fc03da2aefd240951665df3497 3480 wpewebkit_2.44.1-1.dsc 2c9fbf4fcf8884d34102283e2b008ce0b0bc2cf07de78f564a8b34347e7bc19b 35164408 wpewebkit_2.44.1.orig.tar.xz b56849d77c91cd54066ab2c3e96b679a944947f918e9f078ed1c6cb832124f1a 195 wpewebkit_2.44.1.orig.tar.xz.asc e95f20aea5360f7658d55004f4b2437b3e25e60cf3d11f6379d5b59ccab0bc92 48476 wpewebkit_2.44.1-1.debian.tar.xz 8ae087b613928997bcc2a468fc0ca80670f7253fbb37f9ac6f016ece53b87d67 11848 wpewebkit_2.44.1-1_source.buildinfo Files: 3ad6547cf2e9ca118fb2ace38c628ef3 3480 libs optional wpewebkit_2.44.1-1.dsc 51290d5cf1e032145f2a30971393b006 35164408 libs optional wpewebkit_2.44.1.orig.tar.xz 31bb63b94ad5d66d68478e576d8a5564 195 libs optional wpewebkit_2.44.1.orig.tar.xz.asc b3721ee2a9edfd06c762f5aa5009663a 48476 libs optional wpewebkit_2.44.1-1.debian.tar.xz d59db42df98d2a26a4d32ca51729f1b0 11848 libs optional wpewebkit_2.44.1-1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEYrwugQBKzlHMYFizAAyEYu0C2AIFAmYYcBUACgkQAAyEYu0C 2AI0hA//ar8ypGGOm/Q1h7yKYPK0uTORPrjUKJTDgg178RkG5vOtHGRI5eGzDxtC RtyKtM/eNvtzVIFAE/o20DjiVHjR0cSlHllP/yWVs2TcbOge6ZcL0DNMJ/tDKlmJ vb3PHNOiZzTOR+sp+5xJ12YV2z2NWhf9LKBh9ghO6YZL9rqth4uidw4eAacB9HGo PhB2pCLOjY3BKV29SGI/zogTzx5u+wgd6icvUlT/beFAYqhH3oboJOYYcMsJ6X7w as7H0JsmOh3Okh7O+O5DFAdVnsP8ZIS8rjA9+0EI1eN93O+7y968bSs6L/KZQifQ /2pU4tkjYXITpHTd4nfmz46WJfEZxR69f2y1F0bOsiojzqDfq3E59ky5uKGM4vX5 vDXXpHjY4qc6AC5vBqsv+vnKvChlOmPBc5wg28pFoYdiEAJ++9nZKwvmvbAXJZ3h FUpjPm3r5PiqJDizqak+nvHH0lCZCB4zBIFQiVSHuvtd3nkKCklQ2xB776n/JjZS hz7/EPQ1EegQpvNcFpQpxJpyhWq4WElZ5IvAWITkJf6UryLCv8r690Ytv1WwqLPk Wb5PDwN/kJ7KVtO/ciSmlaQsPvKL6xQnDh8HP33iOnF5vse+URvgyR/RASzTJE6V 6SROpAfRi7IkA7CFY8UMNGXqJUso/9TGH1KIsalD7R2wodZxPiA= =HJ6+ -----END PGP SIGNATURE-----