diff options
author | Mark H Weaver <mhw@netris.org> | 2016-03-21 18:53:39 -0400 |
---|---|---|
committer | Mark H Weaver <mhw@netris.org> | 2016-03-22 07:38:22 -0400 |
commit | 58cc369f32d0b83d845fcf3cb2bdb5a8abdd2bb3 (patch) | |
tree | dd278ab7d306b2cc22f711c951bd075d99a27ad8 | |
parent | 1020fb6ac7c3d378618a7db66686f8b95c838a91 (diff) | |
download | gnu-guix-58cc369f32d0b83d845fcf3cb2bdb5a8abdd2bb3.tar gnu-guix-58cc369f32d0b83d845fcf3cb2bdb5a8abdd2bb3.tar.gz |
gnu: webkitgtk-2.4: Update to 2.4.10 [fixes many security flaws].
Fixes CVE-2014-1748, CVE-2015-1071, CVE-2015-1076, CVE-2015-1081,
CVE-2015-1083, CVE-2015-1120, CVE-2015-1122, CVE-2015-1127, CVE-2015-1153,
CVE-2015-1155, CVE-2015-3658, CVE-2015-3659, CVE-2015-3727, CVE-2015-3731,
CVE-2015-3741, CVE-2015-3743, CVE-2015-3745, CVE-2015-3747, CVE-2015-3748,
CVE-2015-3749, CVE-2015-3752, CVE-2015-5788, CVE-2015-5794, CVE-2015-5801,
CVE-2015-5809, CVE-2015-5822, and CVE-2015-5928.
* gnu/packages/patches/webkitgtk-2.4-sql-init-string.patch: Delete file.
* gnu-system.am (dist_patch_DATA): Remove it.
* gnu/packages/webkit.scm (webkitgtk-2.4): Update to 2.4.10.
[source]: Remove patch.
-rw-r--r-- | gnu-system.am | 1 | ||||
-rw-r--r-- | gnu/packages/patches/webkitgtk-2.4-sql-init-string.patch | 17 | ||||
-rw-r--r-- | gnu/packages/webkit.scm | 6 |
3 files changed, 2 insertions, 22 deletions
diff --git a/gnu-system.am b/gnu-system.am index c819b5ab97..6cdc1e3345 100644 --- a/gnu-system.am +++ b/gnu-system.am @@ -776,7 +776,6 @@ dist_patch_DATA = \ gnu/packages/patches/w3m-force-ssl_verify_server-on.patch \ gnu/packages/patches/w3m-disable-sslv2-and-sslv3.patch \ gnu/packages/patches/w3m-disable-weak-ciphers.patch \ - gnu/packages/patches/webkitgtk-2.4-sql-init-string.patch \ gnu/packages/patches/weechat-python.patch \ gnu/packages/patches/weex-vacopy.patch \ gnu/packages/patches/wicd-bitrate-none-fix.patch \ diff --git a/gnu/packages/patches/webkitgtk-2.4-sql-init-string.patch b/gnu/packages/patches/webkitgtk-2.4-sql-init-string.patch deleted file mode 100644 index 671b5fb910..0000000000 --- a/gnu/packages/patches/webkitgtk-2.4-sql-init-string.patch +++ /dev/null @@ -1,17 +0,0 @@ -Copied from Fedora. - -https://bugzilla.redhat.com/show_bug.cgi?id=1189303 -http://pkgs.fedoraproject.org/cgit/webkitgtk.git/commit/?id=e689e45d0cc2c50484e69d20371ba607af7326f3 - -diff -up webkitgtk-2.4.9/Source/WebCore/platform/sql/SQLiteStatement.cpp.sql_initialize_string webkitgtk-2.4.9/Source/WebCore/platform/sql/SQLiteStatement.cpp ---- webkitgtk-2.4.9/Source/WebCore/platform/sql/SQLiteStatement.cpp.sql_initialize_string 2015-09-14 09:25:43.004200172 +0200 -+++ webkitgtk-2.4.9/Source/WebCore/platform/sql/SQLiteStatement.cpp 2015-09-14 09:25:57.852082368 +0200 -@@ -71,7 +71,7 @@ int SQLiteStatement::prepare() - // this lets SQLite avoid an extra string copy. - size_t lengthIncludingNullCharacter = query.length() + 1; - -- const char* tail; -+ const char* tail = nullptr; - int error = sqlite3_prepare_v2(m_database.sqlite3Handle(), query.data(), lengthIncludingNullCharacter, &m_statement, &tail); - - if (error != SQLITE_OK) diff --git a/gnu/packages/webkit.scm b/gnu/packages/webkit.scm index 3f2d11e70c..a57c11b98b 100644 --- a/gnu/packages/webkit.scm +++ b/gnu/packages/webkit.scm @@ -136,16 +136,14 @@ HTML/CSS applications to full-fledged web browsers.") (define-public webkitgtk-2.4 (package (inherit webkitgtk) (name "webkitgtk") - (version "2.4.9") + (version "2.4.10") (source (origin (method url-fetch) (uri (string-append "http://www.webkitgtk.org/releases/" name "-" version ".tar.xz")) (sha256 (base32 - "0r651ar3p0f8zwl7764kyimxk5hy88cwy116pv8cl5l8hbkjkpxg")) - (patches - (list (search-patch "webkitgtk-2.4-sql-init-string.patch"))))) + "0566yx5lxi40g0wpvmwbc8y76akd7zph7flrjdp2vv3z1nra9z9k")))) (build-system gnu-build-system) (arguments '(#:tests? #f ; no tests |