webkit2gtk (2.44.2-1~deb12u1) bookworm-security; urgency=medium * Rebuild for bookworm-security. * Disable JPEG XL to avoid adding new dependencies. - debian/control.in: Remove build dependency on libjxl-dev. - debian/rules: Build with -DUSE_JPEGXL=OFF. * debian/rules: - Enable ENABLE_SOUP2, USE_OLD_DOC_PKG and USE_OLD_JSCBIN_PKG to keep using the old package names. * debian/control.in: - Replace gobject-introspection-bin with gobject-introspection. - Make the -dev packages depend on the gir packages. - Build depend on ccache. -- Alberto Garcia <berto@igalia.com> Tue, 21 May 2024 16:12:54 +0200 webkit2gtk (2.44.2-1) unstable; urgency=high * New upstream release. * debian/upstream/signing-key.asc: - Replace Carlos Garcia's DSA key with the new RSA one. -- Alberto Garcia <berto@igalia.com> Thu, 16 May 2024 14:09:54 +0200 webkit2gtk (2.44.1-1) unstable; urgency=medium * New upstream release. * Re-enable WebGL on armel. - debian/rules: stop using -DENABLE_WEBGL=OFF on armel, powerpc and sh4. * debian/patches/fix-ftbfs-i386.patch: - Drop this patch, it is included in this release. -- Alberto Garcia <berto@igalia.com> Tue, 09 Apr 2024 14:09:50 +0200 webkit2gtk (2.44.0-2) unstable; urgency=high * The WebKitGTK security advisory WSA-2024-0002 lists the following security fixes in the latest versions of WebKitGTK: - CVE-2024-23252, CVE-2024-23254, CVE-2024-23263, CVE-2024-23280, CVE-2024-23284, CVE-2023-42950, CVE-2023-42956, CVE-2023-42843 (fixed in 2.44.0). * debian/patches/fix-ftbfs-riscv64.patch: - Treat riscv64 as an unknown CPU to fix a FTBFS in JavaScriptCore (webkit bug #271371). -- Alberto Garcia <berto@igalia.com> Wed, 27 Mar 2024 22:57:51 +0100 webkit2gtk (2.44.0-1) unstable; urgency=medium * New upstream release. * Stop building the 4.0 API packages. - debian/rules: Set ENABLE_SOUP2=NO - debian/control.in: Remove build dependency on ccache. * Replace debian/patches/fix-ftbfs-i386.patch with a new patch for this version. * debian/control.in: - Build depend on libsoup-3.0-doc instead of libsoup2.4-doc. - Enable the bubblewrap sandbox only in the architectures where libseccomp is working (Closes: #1067643). * Bring all changes from the 2.43 (experimental) branch. * debian/gbp.conf: - Update upstream branch name. * debian/control.in: - Add build dependency on libdrm-dev. - Replace gobject-introspection with gobject-introspection-bin. - Remove build dependendency on libwpebackend-fdo, upstream no longer uses it. - And missing ${gir:Depends} and ${gir:Provides} to the -dev and gir1.2 packages. * debian/rules: - GTK4 is now the default, pass -DUSE_GTK4=OFF to the GTK3 builds. - Build with -DUSE_LIBDRM=OFF in the Hurd. - Build with -DUSE_LIBBACKTRACE=OFF. * Use the documentation from the 6.0 API build and update path of installed docs, upstream no longer uses the gtk-doc dir (see webkit bug #265133). * Rename libwebkit2gtk-4.0-doc to libwebkitgtk-doc and libjavascriptcoregtk-4.0-bin to libjavascriptcoregtk-bin. - debian/control.in: add the necessary Conflicts / Breaks / Replaces. - debian/control-doc.in: control file for the transitional package. - debian/control-jscbin.in: control file for the transitional package. - Rename debian/libwebkit2gtk-4.0-doc.* -> libwebkitgtk-doc.* - Remove debian/libjavascriptcoregtk-4.0-bin.* - debian/rules: Add the USE_OLD_DOC_PKG and USE_OLD_JSCBIN_PKG variables and the logic to decide which packages to build. * Refresh debian/patches/disable-dmabuf-nvidia.patch. * debian/source/lintian-overrides: - Update source-is-missing overrides. * debian/copyright: - Update copyright information of all files. -- Alberto Garcia <berto@igalia.com> Mon, 25 Mar 2024 11:33:58 +0100 webkit2gtk (2.42.5-2) unstable; urgency=medium * debian/rules: - Don't copy CFLAGS to CXXFLAGS: -Werror=implicit-function-declaration (default since dpkg 1.22.6) causes a FTBFS when added to the latter (Closes: #1066411). - Don't use ccache on the gtk4 build since it won't reuse any results from the gtk3 builds. -- Alberto Garcia <berto@igalia.com> Thu, 14 Mar 2024 18:45:04 +0100 webkit2gtk (2.42.5-1) unstable; urgency=high * New upstream release. * debian/copyright: - Update copyright information of all files. * debian/rules: - Remove last empty line from debian/control. * debian/patches/fix-ftbfs-i386.patch: - i386 build fix. -- Alberto Garcia <berto@igalia.com> Mon, 05 Feb 2024 11:55:25 +0100 webkit2gtk (2.42.4-1) unstable; urgency=high * New upstream release. -- Alberto Garcia <berto@igalia.com> Fri, 15 Dec 2023 10:58:35 +0100 webkit2gtk (2.42.3-1) unstable; urgency=high * New upstream release. * Drop tweaks for some arches that are unsupported or haven't worked in a long time: ia64, m68k, kfreebsd, mips and mipsel. * Refresh all patches. * debian/control.in: - Set the debhelper compatibility level to 13. * debian/rules: - Stop overriding dh_missing, no longer needed with dh compat 13. -- Alberto Garcia <berto@igalia.com> Tue, 05 Dec 2023 14:28:29 +0100 webkit2gtk (2.42.2-1) unstable; urgency=high * New upstream release. * debian/copyright: - Update copyright information of all files. -- Alberto Garcia <berto@igalia.com> Fri, 10 Nov 2023 19:02:00 +0100 webkit2gtk (2.42.1-2) unstable; urgency=medium * debian/patches/disable-dmabuf-nvidia.patch: - Disable the DMABuf renderer for NVIDIA proprietary drivers (Closes: #1039720, #1052055). -- Alberto Garcia <berto@igalia.com> Wed, 04 Oct 2023 17:09:23 +0200 webkit2gtk (2.42.1-1) unstable; urgency=high * New upstream release. -- Alberto Garcia <berto@igalia.com> Wed, 27 Sep 2023 10:49:22 +0200 webkit2gtk (2.42.0-1) unstable; urgency=medium * New upstream release. * Bring all changes from the 2.41 (experimental) branch. * debian/gbp.conf: - Update upstream branch name. * debian/control.in: - Remove the minimum versions of all build dependencies in the cases where they are very old. - Add build dependency on libjxl-dev, JPEGXL is now enabled by default. - Require CMake 3.16 * debian/control-common.in: - Add dependency on libgles2. This is no longer detected automatically because it's loaded at runtime by libepoxy (see #1050777). * debian/source/lintian-overrides: - Update source-is-missing overrides. * debian/libwebkit2gtk-4.0-37.symbols: - Update symbols. * debian/rules: - Use --max-parallel=2 in Debian mipsel builds again. - Don't build jpegxl support on Ubuntu yet (it's still in universe) (Jeremy Bicha). * debian/copyright: - Update copyright information of all files. -- Alberto Garcia <berto@igalia.com> Fri, 15 Sep 2023 14:49:49 +0200 webkit2gtk (2.40.5-1) unstable; urgency=high * New upstream release. * debian/rules: - Use -O1 instead of -Os in sh4 (thanks, John Paul Adrian Glaubitz) (Closes: #1042519). * Drop debian/patches/fix-jsc-timestamp.patch. -- Alberto Garcia <berto@igalia.com> Wed, 02 Aug 2023 00:01:52 +0300 webkit2gtk (2.40.4-1) unstable; urgency=high * New upstream release. * debian/rules: - Set Build-Depends-Indep to jdupes when USE_PREBUILT_DOCS is set. -- Alberto Garcia <berto@igalia.com> Fri, 21 Jul 2023 11:01:47 +0200 webkit2gtk (2.40.3-2) unstable; urgency=high * debian/rules: - Use override_dh_install-indep when setting up the documentation (Closes: #1039877). * debian/control.in: - Move jdupes to Build-Depends-Indep. -- Alberto Garcia <berto@igalia.com> Thu, 29 Jun 2023 15:14:08 +0200 webkit2gtk (2.40.3-1) unstable; urgency=high * New upstream release (Closes: #1036946). * debian/control.in: - Enable the bubblewrap sandbox in riscv64. * debian/copyright: - Update copyright information of all files. * debian/patches/fix-jsc-timestamp.patch: - Ensure reproducibility of __TIMESTAMP__ in JSCBytecodeCacheVersion.cpp. -- Alberto Garcia <berto@igalia.com> Wed, 28 Jun 2023 16:55:42 +0200 webkit2gtk (2.40.2-1) unstable; urgency=high * New upstream release. * debian/rules: - Pass -VNone to dh_makeshlibs for javascriptcore to keep the behavior of the debhelper compat level 11 and earlier. -- Alberto Garcia <berto@igalia.com> Tue, 30 May 2023 10:19:01 +0200 webkit2gtk (2.40.1-1) unstable; urgency=high * New upstream release. * debian/rules: - Build with -DUSE_GBM=OFF in the Hurd (Closes: #1033999). * Drop fix-script-message-received-marshaller.patch and fix-gst-crash.patch. Refresh all other patches. * debian/copyright: - Update copyright information of all files. -- Alberto Garcia <berto@igalia.com> Thu, 20 Apr 2023 14:29:23 +0200 webkit2gtk (2.40.0-3) unstable; urgency=medium * debian/{rules,control.in}: - Add dependency on libgles2 on arm (Closes: #1033230). -- Alberto Garcia <berto@igalia.com> Tue, 21 Mar 2023 18:11:48 +0100 webkit2gtk (2.40.0-2) unstable; urgency=medium * debian/patches/fix-script-message-received-marshaller.patch: - Cherry pick fix for a regression that affects Epiphany. * debian/patches/fix-gst-crash.patch: - Cherry pick fix for a GStreamer-related crash. -- Alberto Garcia <berto@igalia.com> Sat, 18 Mar 2023 11:41:32 +0100 webkit2gtk (2.40.0-1) unstable; urgency=medium * New upstream release. * Bring all changes from the 2.39 (experimental) branch. * The GTK4 build's API number changes from 5.0 to 6.0. - debian/{rules,not-installed,control.in,control-common.in}: Update all these files to reflect the API and package name changes. * debian/rules: - Build with -DDEBUG_FISSION=OFF since it adds the -gsplit-dwarf flag that is currently not supported by dh_dwz (see #1016936). - Disable WebGL in armel, mipsel, m68k, powerpc and sh4 to work around a FTBFS caused by upstream bug #252670. - Stop passing -DUSE_LD_GOLD=OFF, this option no longer exists (and update reduce-memory-overheads.patch accordingly). - Use reduced optimizations on m68k in order to lower memory requirements (John Paul Adrian Glaubitz) (Closes: #1032404). - Disable AVIF and GStreamer transcoding on Ubuntu (Jeremy Bicha). - Build the 4.1 API version of the WebKit WebDriver if possible. - Rename WebKit2WebExtension to WebKitWebProcessExtension in the GTK4 build's install files. - Remove /usr/include/*/JavaScriptCore from the GTK4 build's .install files. * Use the documentation from the 4.1 API build. This simplifies the build process a bit (the package is still named 4.0-doc to make backports easier). * debian/control.in: - Add build dependencies on unifdef, libavif-dev and libgstreamer-plugins-bad1.0-dev (for webrtc). - Require libgstreamer-plugins-bad1.0-dev >= 1.20.0, this is needed for USE_GSTREAMER_TRANSCODER. - Don't use ccache on m68k (thanks, John Paul Adrian Glaubitz) (Closes: #1033042). * debian/copyright: - Update copyright information of all files. * debian/gbp.conf: - Update upstream branch name. * debian/libwebkit2gtk-4.0-37.symbols: - Update symbols. - Mark with (gtk3-only) and (gtk4-only) the symbols that are specific to each build. * debian/libwebkit2gtk-4.0-37.install: - WebKit2GTK-*.mo is now WebKitGTK-*.mo. * debian/libwebkit2gtk-4.0-dev.install: - Update include path. * debian/source/lintian-overrides: - Update source-is-missing overrides. * debian/patches/dont-detect-sse2.patch: - Don't build ANGLE with SSE support in i386. * Drop debian/patches/fix-non-unified-build.patch and use unified builds in all architecture. * Refresh all other patches. -- Alberto Garcia <berto@igalia.com> Fri, 17 Mar 2023 14:52:02 +0100 webkit2gtk (2.38.5-1) unstable; urgency=high * New upstream release. * The WebKitGTK security advisory WSA-2023-0002 lists the following security fixes in the latest versions of WebKitGTK: - CVE-2023-23529 (fixed in 2.38.5). * Remove debian/patches/fix-nonunified-build.patch. -- Alberto Garcia <berto@igalia.com> Wed, 15 Feb 2023 18:10:55 +0100 webkit2gtk (2.38.4-2) unstable; urgency=high * The WebKitGTK security advisory WSA-2023-0001 lists the following security fixes in the latest versions of WebKitGTK: - CVE-2022-42826, CVE-2023-23517, CVE-2023-23518 (fixed in 2.38.4). * debian/patches/fix-nonunified-build.patch: - Fix non-unified build (FTBFS in mipsel). -- Alberto Garcia <berto@igalia.com> Fri, 03 Feb 2023 15:52:39 +0100 webkit2gtk (2.38.4-1) unstable; urgency=high * New upstream release. * debian/control.in: - Update Standards-Version to 4.6.2 (no changes). - Rename obsolete packages in Build-Depends: + libfontconfig1-dev -> libfontconfig-dev + libfreetype6-dev -> libfreetype-dev + libegl1-mesa-dev -> libegl-dev * debian/copyright: - Update copyright information of all files. -- Alberto Garcia <berto@igalia.com> Thu, 02 Feb 2023 10:50:05 +0100 webkit2gtk (2.38.3-1) unstable; urgency=high * New upstream release. -- Alberto Garcia <berto@igalia.com> Sat, 24 Dec 2022 16:24:20 +0100 webkit2gtk (2.38.2-1) unstable; urgency=high * New upstream release. * The WebKitGTK security advisory WSA-2022-0010 lists the following security fixes in the latest versions of WebKitGTK: - CVE-2022-32888 and CVE-2022-32923 (fixed in 2.38.0). - CVE-2022-42799, CVE-2022-42823 and CVE-2022-42824 (fixed in 2.38.2). * debian/patches/fix-nonunified-build.patch: - Drop this patch. -- Alberto Garcia <berto@igalia.com> Fri, 04 Nov 2022 17:37:25 +0100 webkit2gtk (2.38.1-1) unstable; urgency=medium * New upstream release. * Refresh all patches. -- Alberto Garcia <berto@igalia.com> Fri, 21 Oct 2022 15:32:54 +0200 webkit2gtk (2.38.0-3) unstable; urgency=high * debian/patches/fix-nonunified-build.patch: - Fix non-unified GTK4 build. -- Alberto Garcia <berto@igalia.com> Wed, 28 Sep 2022 09:20:17 +0200 webkit2gtk (2.38.0-2) unstable; urgency=high * The WebKitGTK security advisory WSA-2022-0009 lists the following security fixes in the latest versions of WebKitGTK: - CVE-2022-32891 (fixed in 2.36.5). - CVE-2022-32886 and CVE-2022-32912 (fixed in 2.36.8). * debian/rules: - Build with -DENABLE_UNIFIED_BUILDS=OFF on mips, mipsel and sh4, we are having problems to build webkit due to lack of memory (#1020642). -- Alberto Garcia <berto@igalia.com> Mon, 26 Sep 2022 11:25:41 +0200 webkit2gtk (2.38.0-1) unstable; urgency=high * New upstream release (Closes: #986218). * debian/rules: - Add USE_PREBUILT_DOCS variable to allow using the prebuilt documentation included in the upstream tarball when gi-docgen is missing. * Bring all changes from the 2.37 (experimental) branch. * debian/gbp.conf: - Update upstream branch name. * Generate debian/control from debian/control.in and control-common.in depending on whether we're making the soup2 (4.0 API), soup3 (4.1 API) and/or gtk4 (5.0 API) builds. * debian/rules: - Add new target to generate debian/control. - Enable the GTK4 build (Closes: #1016765). - ENABLE_GTKDOC is now ENABLE_DOCUMENTATION. - Make CCACHE_DIR and CCACHE_NOHASHDIR global variables so they also apply to the install target. This fixes a FTBFS if the home dir is not writable (as is the case with buildds) * debian/control.in: - Remove build dependency on libnotify-dev (no longer used by WebKit). - Replace build dependency on gtk-doc-tools with gi-docgen. * The documentation has been renamed from webkitdomgtk to webkit2gtk-web-extension and from jsc-glib to javascriptcoregtk. - Update debian/libwebkit2gtk-4.0-doc.doc-base.* and debian/libwebkit2gtk-4.0-doc.links. * Refresh all patches. * debian/source/lintian-overrides: - Update source-is-missing overrides. * debian/copyright: - Update copyright information of all files. * debian/libwebkit2gtk-4.0-37.symbols: - Update symbols. -- Alberto Garcia <berto@igalia.com> Fri, 16 Sep 2022 16:59:49 +0200 webkit2gtk (2.36.7-1) unstable; urgency=high * New upstream release. -- Alberto Garcia <berto@igalia.com> Thu, 25 Aug 2022 01:49:31 +0200 webkit2gtk (2.36.6-1) unstable; urgency=high * New upstream release. * The WebKitGTK security advisory WSA-2022-0007 lists the following security fixes in the latest versions of WebKitGTK: - CVE identifiers: CVE-2022-32792, CVE-2022-32816 and CVE-2022-2294 (fixed in 2.36.5). * debian/rules: - Enable wpe on Ubuntu now that the MIR has been accepted (thanks, Sebastien Bacher) (Closes: #1016585). -- Alberto Garcia <berto@igalia.com> Wed, 10 Aug 2022 14:56:32 +0200 webkit2gtk (2.36.4-1) unstable; urgency=high * New upstream release. * The WebKitGTK security advisory WSA-2022-0006 lists the following security fixes in the latest versions of WebKitGTK: - CVE-2022-22662 (fixed in 2.36.0). - CVE-2022-22677 and CVE-2022-26710 (fixed in 2.36.4). * debian/control: - Don't use ccache in i386 because Ubuntu doesn't have it and Debian can live without it (webkit-team/webkit!14). * Update format of lintian overrides (see #1007002). * debian/control: - Update Standards-Version to 4.6.1.0 (no changes). -- Alberto Garcia <berto@igalia.com> Wed, 06 Jul 2022 13:54:15 +0200 webkit2gtk (2.36.3-1) unstable; urgency=high * New upstream release. * Use ccache to speed-up the compilation since the majority of the files are identical in both the soup2 and soup3 builds. - debian/control: Add build dependency on ccache. - debian/rules: Set CCACHE_NOHASHDIR and CCACHE_BASEDIR so ccache actually works with different build directories. - debian/rules: Set CCACHE_DIR inside the source directory, otherwise ccache would try to write to the home directory, which is forbidden by the Debian policy. -- Alberto Garcia <berto@igalia.com> Sun, 29 May 2022 13:07:27 +0200 webkit2gtk (2.36.2-1) unstable; urgency=high [ Alberto Garcia ] * New upstream release. [ Adrian Bunk ] * debian/rules: lower memory requirements on sh4. -- Alberto Garcia <berto@igalia.com> Wed, 18 May 2022 10:13:09 +0200 webkit2gtk (2.36.1-1) unstable; urgency=medium [ Alberto Garcia ] * New upstream release. [ Jeremy Bicha ] * Reduce the number of parallel build jobs on Ubuntu's amd64 -- Alberto Garcia <berto@igalia.com> Thu, 21 Apr 2022 16:47:44 +0200 webkit2gtk (2.36.0-3) unstable; urgency=medium * debian/rules: - Build with -Os, -g0 and ggc-min-expand=10 in mips / mipsel in order to lower the memory requirements and revert the changes from 2.36.0-2 (thanks, Adrian Bunk). -- Alberto Garcia <berto@igalia.com> Mon, 04 Apr 2022 12:58:57 +0200 webkit2gtk (2.36.0-2) unstable; urgency=medium * debian/rules: - Disable unified builds in Debian/mipsel and reduce the number of parallel jobs in order to prevent running out of memory. * debian/control: - Clarify in package descriptions that 4.0 and 4.1 packages use different versions of libsoup and that the documentation package is equally valid for both. -- Alberto Garcia <berto@igalia.com> Tue, 29 Mar 2022 23:06:22 +0200 webkit2gtk (2.36.0-1) unstable; urgency=medium * New upstream release. * Refresh all patches. * debian/rules: + Build with CMAKE_BUILD_WITH_INSTALL_RPATH=ON, otherwise builds are not reproducible if they happen in different directories. * Bring all changes from the 2.35 (experimental) branch. * debian/control: + Make libjavascriptcoregtk-4.0-dev depend on libglib2.0-dev. * debian/source/lintian-overrides: + Update source-is-missing overrides. * debian/libwebkit2gtk-4.0-37.symbols: + Update symbols. * debian/copyright: + Update copyright information of all files. * debian/gbp.conf: + Update upstream branch name. * debian/rules: + USE_SYSTEMD was renamed to ENABLE_JOURNALD_LOG. * debian/control: + Remove all Conflicts: lines, they are obsolete. + Make libjavascriptcoregtk-4.0-dev depend on libglib2.0-dev. + Simplify descriptions and remove references to the WebKit2 API layer. * Build the 4.1 API version of the packages. These use libsoup 3 instead of libsoup 2 but are otherwise identical to the 4.0 API packages. + debian/control: - Add build dependency on libsoup-3.0-dev. - Add entries for the new packages. The 4.1 versions of the WebDriver, JSC command-line interpreter and documentation are currently not being generated. + debian/rules: - Add commands to build both sets of packages. + debian/libwebkit2gtk-4.0-37.install: - Update path of locale files to select only the exact API version. + debian/not-installed: - Don't install the 4.1 build of the JSC command-line interpreter. -- Alberto Garcia <berto@igalia.com> Mon, 21 Mar 2022 23:10:15 +0100 webkit2gtk (2.34.6-1) unstable; urgency=high [ Alberto Garcia ] * New upstream release. + Fixes CVE-2022-22620. [ Jeremy Bicha ] * debian/rules: + Reduce the number of parallel build jobs on Ubuntu's arm64. -- Alberto Garcia <berto@igalia.com> Thu, 17 Feb 2022 19:52:20 +0100 webkit2gtk (2.34.5-1) unstable; urgency=high * New upstream release. + Fixes CVE-2022-22589, CVE-2022-22590 and CVE-2022-22592. -- Alberto Garcia <berto@igalia.com> Wed, 09 Feb 2022 12:10:57 +0100 webkit2gtk (2.34.4-1) unstable; urgency=high * New upstream release. * Set the debhelper compatibility level to 12: - Get rid of debian/compat. - Add build dependency on debhelper-compat. * debian/rules: - Stop using --builddirectory=build, .gir files no longer seem to contain references to the build directory (see the 2.27.90-1 entry for more details). * debian/copyright: + Update copyright years. -- Alberto Garcia <berto@igalia.com> Fri, 21 Jan 2022 11:44:16 +0100 webkit2gtk (2.34.3-1) unstable; urgency=high [ Alberto Garcia ] * New upstream release. * The WebKitGTK security advisory WSA-2021-0007 lists the following security fixes in the latest versions of WebKitGTK: + CVE-2021-30809, CVE-2021-30836 (fixed in 2.32.4). + CVE-2021-30818, CVE-2021-30823, CVE-2021-30884, CVE-2021-30888, CVE-2021-30889, CVE-2021-30897 (fixed in 2.34.0). + CVE-2021-30887, CVE-2021-30890 (fixed in 2.34.3). [ Sebastien Bacher ] * debian/rules: + Explicitly disable lto since when it's on the build is failing, that doesn't impact Debian by default but is an issue on Ubuntu. (Closes: #1000598) + Don't recommend xdg-desktop-portal-gtk on Ubuntu i386, it's a partial architecture and the binary doesn't exist (Closes: #1000599). -- Alberto Garcia <berto@igalia.com> Tue, 21 Dec 2021 00:59:40 +0100 webkit2gtk (2.34.2-1) unstable; urgency=medium * New upstream release. -- Alberto Garcia <berto@igalia.com> Wed, 24 Nov 2021 15:56:26 +0100 webkit2gtk (2.34.1-1) unstable; urgency=high [ Alberto Garcia ] * New upstream release. * debian/rules: + Build with -O1 in sh3 and sh4 (Closes: #995717). * debian/copyright: + Update copyright information of all files. * debian/libwebkit2gtk-4.0-37.symbols: + Update symbols. * debian/libwebkit2gtk-4.0-37.lintian-overrides: + Override library-not-linked-against-libc. * debian/source/lintian-overrides: + Update source-is-missing overrides. * debian/control: + Update Standards-Version to 4.6.0.1 (no changes). [ Sebastien Bacher ] * debian/control, debian/rules: + handle gstreamer1.0-plugins-bad with the same Ubuntu override than libav, it's also in universe (Closes: #995166). -- Alberto Garcia <berto@igalia.com> Fri, 22 Oct 2021 00:56:49 +0200 webkit2gtk (2.34.0-1) unstable; urgency=medium * New upstream release. * Bring all changes from the 2.33 (experimental) branch. * debian/rules: + Build with -DUSE_SOUP2=ON. * debian/control: + Add build dependency on liblcms2-dev (bug #880697). + Remove the dummy libwebkit2gtk-4.0-37-gtk2 package. * debian/copyright: + Update copyright information of all files. * debian/gbp.conf: + Update upstream branch name. * debian/libwebkit2gtk-4.0-37.symbols: + Update symbols. * debian/source/lintian-overrides: + Update source-is-missing overrides. * Refresh all patches. -- Alberto Garcia <berto@igalia.com> Thu, 23 Sep 2021 12:10:43 +0200 webkit2gtk (2.32.4-1) unstable; urgency=high * New upstream release. * debian/source/lintian-overrides: + Update source-is-missing overrides. -- Alberto Garcia <berto@igalia.com> Fri, 17 Sep 2021 21:16:20 +0200 webkit2gtk (2.32.3-1) unstable; urgency=high * New upstream release. * The WebKitGTK security advisory WSA-2021-0004 lists the following security fixes in the latest versions of WebKitGTK: + CVE-2021-30666, CVE-2021-30761 (fixed in 2.26.0). + CVE-2021-30762 (fixed in 2.28.0). + CVE-2021-1817, CVE-2021-1820, CVE-2021-1825, CVE-2021-1826, CVE-2021-30661 (fixed in 2.30.0). + CVE-2021-21806 (fixed in 2.30.6). + CVE-2021-30682 (fixed in 2.32.0). + CVE-2021-30758 (fixed in 2.32.2). + CVE-2021-21775, CVE-2021-21779, CVE-2021-30663, CVE-2021-30665, CVE-2021-30689, CVE-2021-30720, CVE-2021-30734, CVE-2021-30744, CVE-2021-30749, CVE-2021-30795, CVE-2021-30797, CVE-2021-30799 (fixed in 2.32.3). -- Alberto Garcia <berto@igalia.com> Sun, 25 Jul 2021 00:25:47 +0200 webkit2gtk (2.32.2-1) unstable; urgency=medium * New upstream release. * debian/patches/fix-ftbfs-m68k.patch: + Update patch. -- Alberto Garcia <berto@igalia.com> Fri, 09 Jul 2021 13:41:26 +0200 webkit2gtk (2.32.1-2) unstable; urgency=high * debian/control: + Update the dependencies on GStreamer plugins (Closes: #989332): - WebKitGTK really expects at least the -base and -good sets. - For video playback (e.g YouTube) -bad is also recommended. - The pulseaudio plugin was merged into the -good package so it will be always be available now. Move -alsa to Suggests. -- Alberto Garcia <berto@igalia.com> Mon, 07 Jun 2021 10:39:51 +0200 webkit2gtk (2.32.1-1) unstable; urgency=medium * New upstream release. * debian/patches/fix-ftbfs-m68k.patch: + Update patch. * Downgrade dependency on xdg-desktop-portal-gtk to a recommendation. This works around an autopkgtest regression in balsa (see #987686). (Closes: #987428). -- Alberto Garcia <berto@igalia.com> Mon, 10 May 2021 12:20:44 +0200 webkit2gtk (2.32.0-2) unstable; urgency=high * The WebKitGTK security advisory WSA-2021-0003 lists the following security fixes in the latest versions of WebKitGTK: + CVE-2021-1788, CVE-2021-1844, CVE-2021-1871 (fixed in 2.32.0). * debian/patches/fix-ftbfs-m68k.patch: + Compile BytecodeGenerator.cpp without optimizations on m68k and sh4, otherwise the build fails due to gcc bugs. * debian/gbp.conf: + Update upstream branch name. -- Alberto Garcia <berto@igalia.com> Thu, 22 Apr 2021 18:42:46 +0200 webkit2gtk (2.32.0-1) experimental; urgency=medium * New upstream release (Closes: #984522). * debian/control: + Make the gir packages require the exact binary versions of libwebkit2gtk-4.0-37 and libjavascriptcoregtk-4.0-18 * debian/watch: + Scan stable releases only. * debian/rules: + Add dependency on xdg-desktop-portal-gtk when the bubblewrap sandbox is enabled (see webkit bug #213148) (thanks, Hannes Müller). -- Alberto Garcia <berto@igalia.com> Fri, 26 Mar 2021 15:15:20 +0100 webkit2gtk (2.31.91-1) experimental; urgency=medium * New upstream development release. * debian/patches/fix-mips-page-size.patch: + Increase the page size from 4KB to 16KB on MIPS, this fixes a crash with Loongson CPUs that don't support 4KB pages (see #977779). * debian/patches/fix-ftbfs-i386.patch: + Drop this patch. -- Alberto Garcia <berto@igalia.com> Fri, 12 Mar 2021 16:19:15 +0100 webkit2gtk (2.31.90-1) experimental; urgency=medium * New upstream development release. * Enable the gamepad support only on Linux (Closes: #980745): + debian/rules: + Pass -DENABLE_GAMEPAD=OFF on non-Linux build. + debian/control: + Depend on libmanette-0.2-dev only on Linux. * debian/patches/fix-ftbfs-x32.patch: + Refresh patch. * debian/control: + Depend on GStreamer >= 1.14.0. + Update Standards-Version to 4.5.1 (no changes). * debian/libwebkit2gtk-4.0-37.symbols: + Update symbols. * debian/copyright: + Update copyright information of all files. * debian/watch: + Set version to 4 (fixes older-debian-watch-file-standard). * debian/patches/fix-ftbfs-i386.patch: + Fix build on i386 (upstream bug #222480). -- Alberto Garcia <berto@igalia.com> Sat, 27 Feb 2021 22:02:35 +0100 webkit2gtk (2.31.1-1) experimental; urgency=medium * New upstream development release. * Remove some obsolete build dependencies (see #979170): + gawk is not needed since WebKitGTK switched from autotools to CMake. + libgeoclue-2-dev and geoclue-2.0 are not required since WebKitGTK 2.25.1 (upstream bug 195994). + libupower-glib-dev is not required since WebKitGTK 2.19.92 (upstream bug 181825). + libfile-copy-recursive-perl is not required since WebKitGTK 2.19.3 (upstream bug 180479). + mesa-common-dev used to provide GL/gl.h but this header is now in libgl-dev. + libgles2-mesa-dev used to provide GLES3/gl3.h but this header is now in libgles-dev. + libgl1-mesa-dev and libgles2-mesa-dev are now dummy packages. + libpango1.0-dev is not checked for any specific version at build time so there's no need to list it. * Update the minimum required versions of some packages: + cmake from 3.3 to 3.10 + libglib2.0-dev from 2.36.0 to 2.44.0 + libgtk-3-dev from 3.10.0 to 3.22.0 + libcairo2-dev from 1.10.2 to 1.14.0 + libsoup2.4-dev from 2.42.0 to 2.54.0. * debian/copyright: + Update copyright information of all files. * debian/watch, debian/gbp.conf: + Update for 2.31.x packages in experimental. * Use -DFORCE_32BIT on 32-bit builds. + This replaces debian/patches/fix-ftbfs-x86.patch. * Refresh all patches. * debian/control: + Add build dependency on libmanette-0.2-dev. + Stop suggesting browser-plugin-freshplayer-pepperflash for libwebkit2gtk-4.0-37-gtk2. * debian/NEWS: - Add item explaining the removal of support for NPAPI plugins. * debian/libwebkit2gtk-4.0-37.symbols: + Update symbols. * Enable the build on non-Linux architectures (Closes: #978098): + debian/rules: - Build with -DUSE_SYSTEMD=OFF if the OS is not Linux. + debian/patches/fix-ftbfs-hurd.patch: - Add alternative implementation of scanDirectoryForDictionaries() that does not use PATH_MAX (for the Hurd). + debian/control: - Set the architecture of all binary packages to 'any' and require bubblewrap, systemd and libwpebackend-fdo on Linux only. -- Alberto Garcia <berto@igalia.com> Sat, 16 Jan 2021 16:38:36 +0100 webkit2gtk (2.30.4-1) unstable; urgency=high * New upstream release. * The WebKitGTK security advisory WSA-2020-0008 lists the following security fixes in the latest versions of WebKitGTK: + CVE-2020-9952 (fixed in 2.28.3). + CVE-2020-9948, CVE-2020-9951 (fixed in 2.30.0). + CVE-2020-9983, CVE-2020-13584 (fixed in 2.30.3). -- Alberto Garcia <berto@igalia.com> Tue, 15 Dec 2020 15:23:01 +0100 webkit2gtk (2.30.3-1) unstable; urgency=high * New upstream release -- Alberto Garcia <berto@igalia.com> Fri, 20 Nov 2020 15:24:07 +0100 webkit2gtk (2.30.2-1) unstable; urgency=medium * New upstream release. -- Alberto Garcia <berto@igalia.com> Fri, 23 Oct 2020 12:18:03 +0200 webkit2gtk (2.30.1-1) unstable; urgency=medium * New upstream release. * debian/copyright: + Update copyright information of all files. * debian/gbp.conf: + Update upstream branch name. * debian/source/lintian-overrides: + Remove mailing-list-obsolete-in-debian-infrastructure. -- Alberto Garcia <berto@igalia.com> Mon, 21 Sep 2020 15:34:07 +0200 webkit2gtk (2.30.0-1) experimental; urgency=medium * New upstream release. * debian/watch: + Scan stable releases only. -- Alberto Garcia <berto@igalia.com> Fri, 11 Sep 2020 15:54:31 +0200 webkit2gtk (2.29.92-1) experimental; urgency=medium * New upstream development release. -- Alberto Garcia <berto@igalia.com> Fri, 04 Sep 2020 17:10:45 +0200 webkit2gtk (2.29.91-1) experimental; urgency=medium * New upstream development release (Closes: #967992). * debian/copyright: + Update copyright information of all files. -- Alberto Garcia <berto@igalia.com> Fri, 14 Aug 2020 14:31:36 +0200 webkit2gtk (2.29.4-1) experimental; urgency=medium * New upstream development release. * debian/control: + Install libgl1-mesa-dev unconditionally. The decision of which gl library to use is now taken directly by cmake. * Don't build the documentation in binary-arch builds and with the nodoc build profile. + debian/control: - Move gtk-doc-tools and *-doc to Build-Depends-Indep. - Add Build-Profiles: <!nodoc> to libwebkit2gtk-4.0-doc + debian/rules: - Use dh_listpackages to decide whether to build the documentation. * debian/libwebkit2gtk-4.0-37.symbols: + Update symbols. -- Alberto Garcia <berto@igalia.com> Wed, 29 Jul 2020 23:17:24 +0200 webkit2gtk (2.29.3-1) experimental; urgency=medium * New upstream development release. * debian/rules: + Remove disabling of openjpeg on Ubuntu, it's in main now (thanks, Sebastien Bacher) * debian/copyright: + Update copyright information of all files. * debian/libwebkit2gtk-4.0-37.symbols: + Update symbols. * debian/source/lintian-overrides: + Update source-is-missing overrides. -- Alberto Garcia <berto@igalia.com> Wed, 08 Jul 2020 10:42:33 +0200 webkit2gtk (2.29.2-1) experimental; urgency=medium * New upstream development release. * debian/patches/fix-ftbfs-m68k.patch: + Refresh. * debian/libwebkit2gtk-4.0-37.symbols: + Update symbols. -- Alberto Garcia <berto@igalia.com> Thu, 25 Jun 2020 14:16:50 +0200 webkit2gtk (2.29.1-1) experimental; urgency=medium * New upstream development release (Closes: #945237). * debian/watch, debian/gbp.conf: + Update for 2.29.x packages in experimental. * Refresh all patches. * debian/patches/dont-fallback-to-libwpe.patch, debian/patches/user-agent-branding.patch: + Drop these patches, they are now included upstream. * debian/rules: + Replace USER_AGENT_GTK_DISTRIBUTOR_NAME with the new USER_AGENT_BRANDING build option in Ubuntu. * debian/patches/detect-gstreamer-gl.patch, debian/patches/detect-woff.patch: + Drop these patches. We won't be making backports of WebKitGTK 2.29.x for stretch. * debian/libwebkit2gtk-4.0-37.symbols: + Update symbols. * debian/control: + Add build dependency on libsystemd-dev. * debian/source/lintian-overrides: + Update source-is-missing overrides. -- Alberto Garcia <berto@igalia.com> Mon, 18 May 2020 16:43:00 +0200 webkit2gtk (2.28.2-2) unstable; urgency=high * debian/patches/dont-fallback-to-libwpe.patch: + Fix crash when DISPLAY is unset (Closes: #956219). -- Alberto Garcia <berto@igalia.com> Mon, 27 Apr 2020 14:55:16 +0200 webkit2gtk (2.28.2-1) unstable; urgency=high * New upstream release (Closes: #956837). * debian/patches/fix-ftbfs-mips64el.patch: + Drop this patch. * debian/rules: + Don't set -Wall or -Wl,--as-needed, these are already used by default. Fixes the debian-rules-uses-as-needed-linker-flag lintian warning. + Include /usr/share/dpkg/buildflags.mk instead of setting the build flags manually. * debian/source/lintian-overrides: + Override mailing-list-obsolete-in-debian-infrastructure. -- Alberto Garcia <berto@igalia.com> Fri, 24 Apr 2020 14:49:30 +0200 webkit2gtk (2.28.1-2) unstable; urgency=high * The WebKitGTK security advisory WSA-2020-0004 lists the following security fixes in the latest versions of WebKitGTK: + CVE-2020-11793 (fixed in 2.28.1). * fix-ftbfs-mips64el.patch: + Fix a FTBFS in mipsel64. -- Alberto Garcia <berto@igalia.com> Mon, 20 Apr 2020 01:50:19 +0200 webkit2gtk (2.28.1-1) unstable; urgency=medium * New upstream release (Closes: #956219, #954026). * debian/control: + Remove build dependency on libx11-xcb-dev now that gstreamer depends on it (see #948143). * debian/patches/use-python3.patch: + Drop patch, this is now upstream. -- Alberto Garcia <berto@igalia.com> Mon, 13 Apr 2020 13:08:54 +0200 webkit2gtk (2.28.0-2) unstable; urgency=high * The WebKitGTK security advisory WSA-2020-0003 lists the following security fixes in the latest versions of WebKitGTK: + CVE-2020-10018 (fixed in 2.28.0). * debian/rules: + Disable the WPE renderer on Ubuntu since the required backend is in universe (thanks, Sebastien Bacher). * debian/gbp.conf: + Update upstream branch name. -- Alberto Garcia <berto@igalia.com> Thu, 12 Mar 2020 20:35:21 +0100 webkit2gtk (2.28.0-1) experimental; urgency=medium * New upstream release. * debian/watch: + Scan stable releases only. -- Alberto Garcia <berto@igalia.com> Tue, 10 Mar 2020 14:22:29 +0100 webkit2gtk (2.27.91-1) experimental; urgency=medium * New upstream development release. * Refresh debian/patches/dont-detect-sse2.patch. * debian/rules: + Use -mlra -fno-move-loop-invariants in sh3 and sh4 builds (thanks, Adrian Glaubitz) (Closes: #952482). + Use jdupes to remove duplicate files in libwebkit2gtk-4.0-doc. * debian/control: + Add build dependency on jdupes. + Update Standards-Version to 4.5.0 (no changes). * debian/WebKitWebDriver.1: + Fix grammar. * debian/copyright: + Update copyright information of all files. -- Alberto Garcia <berto@igalia.com> Thu, 27 Feb 2020 16:50:58 +0100 webkit2gtk (2.27.90-1) experimental; urgency=medium * New upstream development release. * debian/patches/use-python3.patch: + The unversioned python interpreter (i.e. Python 2) is not installed by default anymore, so use Python 3 instead (Closes: #948839). * debian/control: + Drop build dependency on python. + Mark libwebkit2gtk-4.0-doc and libwebkit2gtk-4.0-37-gtk2 as Multi-Arch: foreign. * debian/rules: + Don't use the Gold linker on powerpc (Closes: #949618). + Run dh with --builddirectory=build. Some source files are generated inside this directory and are later referenced from the .gir files so their path names should be independent from the architecture. * Refresh all patches. * debian/patches/reduce-memory-overheads.patch: + Reduce memory usage when not using the Gold linker (Closes: #949621). * debian/patches/fix-ftbfs-m68k.patch: + Bring the patch from the unstable branch. * Add debian/upstream/metadata. * debian/libwebkit2gtk-4.0-37.symbols: + Update symbols. -- Alberto Garcia <berto@igalia.com> Tue, 11 Feb 2020 00:06:15 +0100 webkit2gtk (2.27.4-1) experimental; urgency=medium * New upstream development release. * debian/control: + Switch build dependency from libenchant-dev to libenchant-2-dev (Closes: #948106). + Add build dependency on libx11-xcb-dev. + Add Rules-Requires-Root: no. * debian/source/lintian-overrides: + Update source-is-missing override. * debian/copyright: + Update copyright years. * debian/libwebkit2gtk-4.0-37.symbols: + Update symbols. + Add Build-Depends-Package field. -- Alberto Garcia <berto@igalia.com> Fri, 10 Jan 2020 16:47:54 +0100 webkit2gtk (2.27.3-1) experimental; urgency=medium * New upstream development release. * Build without the bubblewrap sandbox if the required dependencies are not available: + debian/rules: - Pass -DENABLE_BUBBLEWRAP_SANDBOX depending on whether libseccomp is installed. - Add runtime dependencies on bubblewrap and xdg-dbus-proxy conditionally to the status of ENABLE_BUBBLEWRAP_SANDBOX. + debian/control: - Don't require bubblewrap, xdg-dbus-proxy or libseccomp-dev in alpha, ia64, m68k, riscv64, sh4 or sparc64. * Enable USE_WPE_RENDERER: + debian/control: - Add build dependency on libwpebackend-fdo-1.0-dev. + debian/rules: - Set USE_WPE_RENDERER depending on whether wpebackend-fdo is available or not (this allows disabling it by simply removing the build dependency). * debian/rules: + Use -g1 in all builds. The webkit2gtk debug packages are huge and I'm not convinced that they have been very useful for reporting bugs. Using -g1 is enough for a basic backtrace and it makes the packages easier to handle. + Install the NEWS file using debian/libwebkit2gtk-4.0-37.docs. * debian/patches/detect-woff.patch: + Refresh. * debian/control: + Add build dependency on python. * debian/libwebkit2gtk-4.0-37.symbols: + Update symbols. -- Alberto Garcia <berto@igalia.com> Tue, 26 Nov 2019 17:31:23 +0200 webkit2gtk (2.27.2-1) experimental; urgency=medium * New upstream development release. * debian/control: + Require bubblewrap >= 0.3.1. + Update Standards-Version to 4.4.1 (no changes). + Add Breaks for Evolution < 3.34.1 (see WebKit bug #201033). * debian/rules: + Stop building with -O1 for armhf and friends, the build seems to work just fine with -O2 now. * Drop fix-ftbfs-m68k.patch, we are not building for m68k anyway. * debian/source/lintian-overrides: + Update source-is-missing override. * debian/libwebkit2gtk-4.0-37.symbols: + Update symbols. -- Alberto Garcia <berto@igalia.com> Tue, 22 Oct 2019 21:33:09 +0300 webkit2gtk (2.27.1-1) experimental; urgency=medium * New upstream development release. * debian/watch, debian/gbp.conf: + Update for 2.27.x packages in experimental. * Refresh all patches. + Use -DWTF_CPU_ARM64_CORTEXA53=OFF to fix the arm64 build. * debian/libwebkit2gtk-4.0-37.symbols: + Update symbols. -- Alberto Garcia <berto@igalia.com> Tue, 08 Oct 2019 16:58:23 +0300 webkit2gtk (2.26.1-1) experimental; urgency=medium [ Jeremy Bicha ] * Suggest instead of Recommend gstreamer1.0-libav on Ubuntu [ Alberto Garcia ] * New upstream release. -- Alberto Garcia <berto@igalia.com> Mon, 23 Sep 2019 15:55:10 +0300 webkit2gtk (2.26.0-1) experimental; urgency=medium * New upstream release. * debian/watch: + Scan stable releases only. * debian/copyright: + Remove nonexistent files. * Add a dummy libwebkit2gtk-4.0-37-gtk2 with a transition plan for people who still need to use Flash. + debian/control: - Add the package, suggest browser-plugin-freshplayer-pepperflash. + debian/libwebkit2gtk-4.0-37-gtk2.NEWS: - Add news item about the Flash transition plan. -- Alberto Garcia <berto@igalia.com> Tue, 10 Sep 2019 16:22:11 +0300 webkit2gtk (2.25.92-1) experimental; urgency=medium * New upstream development release. * Refresh all patches. * debian/source/lintian-overrides: + Update source-is-missing override. * debian/libwebkit2gtk-4.0-37.symbols: + Update symbols. -- Alberto Garcia <berto@igalia.com> Tue, 03 Sep 2019 15:14:06 +0300 webkit2gtk (2.25.4-1) experimental; urgency=medium * New upstream development release. * Refresh all patches. * debian/source/lintian-overrides: + Update source-is-missing override. * Use the CLoop Javascript interpreter in i386 and stop telling gcc to use SSE2 instructions (Closes: #930935). + debian/rules: - Build with -DENABLE_JIT=OFF -DENABLE_C_LOOP=ON and stop using -msse2 -mfpmath=sse. + debian/patches/dont-detect-sse2.patch: - Don't check for SSE2 support. + debian/NEWS: - Remove item about the requirement to have an SSE2-capable CPU. * WebKitGTK 2.25.3 no longer ships the GTK 2 plugin process: + debian/control: - Drop build dependency on libgtk2.0-dev. - Remove the libwebkit2gtk-4.0-37-gtk2 package. + debian/NEWS: - Add item explaining the removal of the GTK 2 plugin process. + debian/libwebkit2gtk-4.0-37-gtk2.install: - Drop this file. * debian/control: + Recommend gstreamer1.0-libav. This package allows the user to play most internet videos (Closes: #870814). + Update Standards-Version to 4.4.0 (no changes). * debian/libwebkit2gtk-4.0-37.symbols: + Update symbols. -- Alberto Garcia <berto@igalia.com> Fri, 09 Aug 2019 11:52:26 +0200 # Older entries have been removed from this changelog. # To read the complete changelog use `apt changelog libjavascriptcoregtk-4.1-0`.
Generated by dwww version 1.15 on Sun Jun 16 16:30:40 CEST 2024.