[Buildroot] [PATCH] package/wpewebkit: security bump to version 2.22.5
Thomas Petazzoni
thomas.petazzoni at bootlin.com
Mon Apr 15 19:40:41 UTC 2019
On Sun, 14 Apr 2019 20:57:36 +0200
Peter Korsgaard <peter at korsgaard.com> wrote:
> Fixes the following security issues:
>
> - CVE-2019-8518: Processing maliciously crafted web content may lead to
> arbitrary code execution. Multiple memory corruption issues were
> addressed with improved memory handling.
>
> - CVE-2019-8523: Processing maliciously crafted web content may lead to
> arbitrary code execution. Multiple memory corruption issues were
> addressed with improved memory handling.
>
> In addition, 2.22.5 contains a number of bugfixes. From the announcement:
>
> - Fix rendering of glyphs in Hebrew (and possibly other languages) when
> Unicode NFC normalization is used.
> - Fix several crashes and race conditions.
>
> Change SITE to https as the webserver uses HSTS.
>
> Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
> ---
> package/wpewebkit/wpewebkit.hash | 8 ++++----
> package/wpewebkit/wpewebkit.mk | 2 +-
> 2 files changed, 5 insertions(+), 5 deletions(-)
Applied to master, thanks.
Thomas
--
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
More information about the buildroot
mailing list