1
webkit (1.3.10-0ubuntu4) natty; urgency=low
4
- add a explict conflict against libwebkit-1.0-2. This helps
5
the apt resolver to cleanly upgrade and there is a implicit
6
conflict there already (because of the conflicting -common)
9
-- Michael Vogt <michael.vogt@ubuntu.com> Mon, 17 Jan 2011 12:18:49 +0100
11
webkit (1.3.10-0ubuntu3) natty; urgency=low
13
* debian/libwebkitgtk-1.0-0.symbols:
1
webkit (1.3.10-1ubuntu1) natty; urgency=low
3
* Synchronize on Debian, remaining diff is:
4
* debian/libwebkitgtk-1.0-0.symbols, debian/libwebkitgtk-3.0-0.symbols:
14
5
- Use regexp to add symbols that only appear on the ARM build
16
-- Robert Ancell <robert.ancell@canonical.com> Thu, 13 Jan 2011 09:55:50 -0600
18
webkit (1.3.10-0ubuntu2) natty; urgency=low
20
* debian/libwebkitgtk-1.0-0.symbols:
21
6
- Use regexp to disable C++ private symbols
23
-- Robert Ancell <robert.ancell@canonical.com> Wed, 12 Jan 2011 15:03:55 -0600
25
webkit (1.3.10-0ubuntu1) natty; urgency=low
27
* New upstream release
28
* debian/libwebkitgtk-1.0-0.symbols:
30
- Use unmangled names for C++ symbols
31
- Mark C++ symbols as optional (they should be private)
32
7
* debian/patches/01_missing_armv7_files.patch:
33
8
- Add files missing for ARMv7 build
35
-- Robert Ancell <robert.ancell@canonical.com> Wed, 12 Jan 2011 10:09:19 -0600
37
webkit (1.3.9-0ubuntu1) natty; urgency=low
39
* New upstream release
41
- Add build-depends on libglib2.0-dev
42
- Bump build-depends on libgail-dev, libgirepository1.0-dev,
44
- Rename packages from libwebkit to libwebkitgtk
45
- Rename gir1.0 package to gir1.2
47
- Update for new package/library names
48
* debian/libwebkitgtk-1.0-0.symbols:
51
- Build with --with-gtk=2.0
52
- Update for new package names
55
* debian/patches/04-spoof-user-agent-to-google.patch:
56
* debian/patches/ubuntu-gir-version.patch:
58
* debian/patches/02-pool-fixup-and-sparc-support.patch:
59
* debian/patches/05-fix-jit-on-kfreebsd-i386.patch:
60
- Disabled, the don't apply and we don't support these architectures
61
* debian/patches/cve-2010-3120.patch:
62
* debian/patches/cve-2010-2901.patch:
63
* debian/patches/cve-2010-2900.patch:
64
* debian/patches/cve-2010-2651.patch:
65
* debian/patches/cve-2010-2646.patch:
68
-- Robert Ancell <robert.ancell@canonical.com> Tue, 11 Jan 2011 03:56:19 +1100
70
webkit (1.2.5-2.1ubuntu1) UNRELEASED; urgency=low
72
* Merge with Debian unstable, remaining Ubuntu changes:
74
- Don't build-depends on gir-repository-dev it's not required
75
- Use standards-version 3.9.1
77
* debian/patches/ubuntu-gir-version.patch:
78
- Use the current gobject introspection abi
80
-- Robert Ancell <robert.ancell@canonical.com> Wed, 22 Dec 2010 14:58:12 +1100
82
webkit (1.2.5-2.1) unstable; urgency=low
84
* Non-maintainer upload.
85
* Add patch 05-fix-jit-on-kfreebsd-i386.patch by Petr Salinger and
86
Michael Dorrington: Fixes Javascript JIT crashing on kfreebsd-i386
89
-- gregor herrmann <gregoa@debian.org> Wed, 10 Nov 2010 23:28:55 +0100
91
webkit (1.2.5-2) unstable; urgency=high
93
* Unapply 02-pool-fixup-and-sparc-support.patch and
94
04-spoof-user-agent-to-google.patch in git. This prevents the
95
creation of an unwanted debian-changes patch.
97
-- Michael Gilbert <michael.s.gilbert@gmail.com> Mon, 18 Oct 2010 22:00:36 -0400
99
webkit (1.2.5-1) unstable; urgency=high
101
[ Gustavo Noronha Silva ]
103
* New upstream release
104
- fixes the following CVES:
106
CVE-2010-1780 CVE-2010-3113 CVE-2010-1814 CVE-2010-1812
107
CVE-2010-1815 CVE-2010-3115 CVE-2010-1807 CVE-2010-3114
108
CVE-2010-3116 CVE-2010-3257 CVE-2010-3259
111
* fix cve-2010-2646: security origin bypass using IFRAME elements.
112
* fix cve-2010-2651: vulnerability in css style rendering.
113
* fix cve-2010-2900: vulnerability with large canvas elements when using the
115
* fix cve-2010-2901: vulnerability in the rendering implementation.
116
* fix cve-2010-3120: vulnerability in geolocation feature.
118
-- Gustavo Noronha Silva <kov@debian.org> Sat, 16 Oct 2010 17:50:56 -0300
120
webkit (1.2.4-1) unstable; urgency=high
123
- fixes the following CVEs (thus urgency=high):
125
CVE-2010-1781 CVE-2010-1782 CVE-2010-1784 CVE-2010-1785
126
CVE-2010-1786 CVE-2010-1787 CVE-2010-1788 CVE-2010-1790
127
CVE-2010-1792 CVE-2010-1793 CVE-2010-2648
129
* debian/patches/04-spoof-user-agent-to-google.patch:
130
- updated from the latest patch proposed for inclusion upstream
131
- does not have the annoying g_message() (Closes: #592670)
133
-- Gustavo Noronha Silva <kov@debian.org> Fri, 03 Sep 2010 17:52:14 -0300
135
webkit (1.2.3-2) unstable; urgency=low
137
* debian/patches/04-spoof-user-agent-to-google.patch:
138
- spoof User Agent when talking to Google servers;
139
this should make Youtube HTML5 work again (Closes: #567311)
141
-- Gustavo Noronha Silva <kov@debian.org> Tue, 10 Aug 2010 20:04:20 -0300
143
webkit (1.2.3-1) unstable; urgency=low
145
* New upstream stable release
146
- fixes building with ICU 4.4.1 (Closes: #589046)
147
- all CVE patches included, so drop them
149
-- Gustavo Noronha Silva <kov@debian.org> Thu, 15 Jul 2010 18:33:04 -0300
151
webkit (1.2.2-1) unstable; urgency=low
154
* Turn direct source changes into a patch.
155
* Fix cve-2010-1386: geolocation information disclosure.
156
* Fix cve-2010-1392: possible code execution in html button logic.
157
* Fix cve-2010-1405: possible code execution in vertical positioning logic.
158
* Fix cve-2010-1407: iframe information disclosure.
159
* Fix cve-2010-1416: svg cross-site information disclosure.
160
* Fix cve-2010-1417: possible code execution in the css implementation (this
161
is currently duplicated as cve-2010-1665 in mitre's cve database).
162
* Fix cve-2010-1418: remote web script and/or html injection.
163
* Fix cve-2010-1421: remote modification of clipboard contents.
164
* Fix cve-2010-1422: keyboard focus hijack (this is duplicated as
165
cve-2010-2295 in mitre's cve database).
166
* Fix cve-2010-1501: add check to prevent cross-site request forgery (this
167
may be duplicated as cve-2010-1767 in mitre's cve database).
168
* Fix cve-2010-1664: possible code execution due to improper html5 media
170
* Fix cve-2010-1758: possible code execution in xml dom processor.
171
* Fix cve-2010-1759: another possible code execution issue in the xml dom
172
processor (this is duplicated as cve-2010-2300 in mitre's database).
173
* Fix cve-2010-1760: user credential information disclosure.
174
* Fix cve-2010-1761: possible code execution in frameview logic.
175
* Fix cve-2010-1762: webscript and/or html injection using the textarea
176
element (this is duplicated as cve-2010-2301 in mitre's database).
177
* Fix cve-2010-1770: possible code execution due to improper handling of the
178
ibm1147 character set.
179
* Fix cve-2010-1771: possible code execution due to improper font handling
180
(this is duplicated as cve-2010-2302 in mitre's database).
181
* Fix cve-2010-1772: geolocation disconnectframe timer issue (this is
182
duplicated as cve-2010-2303 in mitre's database).
183
* Fix cve-2010-1773: integer overflow in alphabet conversion (this is
184
duplicated as cve-2010-2304 and cve-2010-2441 in mitre's database)
186
* Fix cve-2010-1774: integer overflow in table layout handling (this is
187
duplicated as cve-2010-2297 in mitre's database).
189
[ Gustavo Noronha Silva ]
190
* New upstream release
191
- adds a new symbol, fixed symbols file to include it
192
* debian/patches/01-fix-bashism-in-build.patch:
193
- removed, no longer needed
195
-- Gustavo Noronha Silva <kov@debian.org> Mon, 12 Jul 2010 15:23:17 -0300
197
webkit (1.2.1-2) unstable; urgency=high
199
* debian/patches/01-fix-bashism-in-build.diff:
200
- remove bashism from the code that handles Web Inspector files,
201
that end up not being installed. (Closes: #581893)
202
* Marking this release as urgency=high, given the 1.2.0 series was
203
already well tested, and testing has a quite buggy version for some
206
-- Gustavo Noronha Silva <kov@debian.org> Mon, 17 May 2010 11:33:48 -0300
208
webkit (1.2.1-1) unstable; urgency=low
211
* Convert to source format version 3.0 (quilt) to make it easier to support
212
security backports in the future.
213
- Create patches for existing debian modifications (sparc-support.patch
214
and pool-fixup.patch)
215
* Use ${misc:Depends}.
216
* Bump standards to 3.8.4 (no changes required).
218
[ Gustavo Noronha Silva ]
219
* New upstream release
220
- fixes SPARC build (Closes: #579472)
222
-- Gustavo Noronha Silva <kov@debian.org> Thu, 13 May 2010 17:35:08 -0300
224
webkit (1.2.0-1) unstable; urgency=low
226
* New upstream release - this is the first release in the 1.2 stable
229
-- Gustavo Noronha Silva <kov@debian.org> Wed, 07 Apr 2010 20:18:57 -0300
231
webkit (1.1.90-1) unstable; urgency=low
233
* New upstream release
234
- This marks the preparation for the 1.2 stable branch
236
- updated with changes since 1.1.22
237
* debian/libwebkit-1.0-2.symbols:
238
- added new API introduced in 1.1.23
240
-- Gustavo Noronha Silva <kov@debian.org> Wed, 17 Mar 2010 15:05:11 -0300
242
webkit (1.1.22-1) unstable; urgency=low
244
* New upstream release
245
- Fixes crash with unknown content types in data:// URIs
247
- Sends Accept header for sub resources, which makes a few sites become
248
happy again (Closes: #563736)
250
- updated with changes since 1.1.21
252
- replace gobject-introspection-repository, to avoid failures on upgrade
255
-- Gustavo Noronha Silva <kov@debian.org> Tue, 16 Feb 2010 11:55:07 -0200
257
webkit (1.1.21-2) unstable; urgency=low
260
- Build-Depend on soup 2.29.90; WebKitGTK+'s configure system checks for
261
this version to enable cookie policy-related features, and we want
263
* Import patch from upstream to fix crash when returning to a cached page
264
which has data: uris, and is in the page cache (Closes: #569950)
266
-- Gustavo Noronha Silva <kov@debian.org> Mon, 15 Feb 2010 11:49:00 -0200
268
webkit (1.1.21-1) unstable; urgency=low
270
* New upstream release
271
- imported a number of fixes to the scrolling code that made navigating
272
the history crashy with page cache enabled (Closes: #569072)
274
- updated with changes since 1.1.20.
275
* debian/libwebkit-1.0-2.symbols:
276
- added a symbol that was added in 1.1.21.
278
-- Gustavo Noronha Silva <kov@debian.org> Wed, 10 Feb 2010 20:31:38 -0200
280
webkit (1.1.20-1) unstable; urgency=low
282
* New upstream release
284
- Updated with changes since 1.1.19.
286
-- Gustavo Noronha Silva <kov@debian.org> Thu, 04 Feb 2010 19:30:57 -0200
288
webkit (1.1.19-1) unstable; urgency=low
290
* New upstream release
291
- Fixes crashes related to clearing the clipboard, which many users were
292
experiencing (Closes: #565166)
294
-- Gustavo Noronha Silva <kov@debian.org> Wed, 20 Jan 2010 20:09:57 -0200
296
webkit (1.1.18-2) unstable; urgency=low
299
- build-depend on gobject-introspection >= 0.6.2, following what the
300
configure script does (Closes: #564453)
302
-- Gustavo Noronha Silva <kov@debian.org> Sat, 09 Jan 2010 20:14:23 -0200
304
webkit (1.1.18-1) unstable; urgency=low
306
* New upstream release
307
- adds basic Content-Encoding support, thanks to soup
309
- fixes over-advertising content types as supported by
310
the media player (Closes: #559420)
312
- updated libsoup build requirement (>= 2.28.2)
313
* debian/libwebkit-1.0-2.symbols:
314
- updated with new symbols
316
- updated information since 1.1.17
317
* Imported patch from https://bugs.webkit.org/show_bug.cgi?id=30623
318
- I am shipping this patch because I believe it is correct, it is the
319
way to go, it fixes a race, and it needs testing.
321
-- Gustavo Noronha Silva <kov@debian.org> Wed, 06 Jan 2010 21:25:06 -0200
323
webkit (1.1.17-2) unstable; urgency=low
326
- bump Standards-Version to 3.8.3
9
* debian/control, debian/rules:
10
- build without geoclue, it's in universe
12
-- Sebastien Bacher <seb128@ubuntu.com> Thu, 20 Jan 2011 18:37:41 +0100
14
webkit (1.3.10-1) experimental; urgency=low
16
* New development release
18
- Build-Depend on GTK+3 >= 2.99.1 to avoid problems with the multiple
21
- adapt for source layout changes
23
-- Gustavo Noronha Silva <kov@debian.org> Thu, 13 Jan 2011 10:37:55 -0200
25
webkit (1.3.9-1) experimental; urgency=low
27
* New development release
28
- fixes build with newest GTK+
30
- build-depend on GTK+ >= 2.91.7 for the GTK+3-based version
31
- build-depend on gir1.2-{gtk-2.0,soup-2.4}
32
- rename introspection packages to gir1.2-*
33
- updated Build-Depends on gobject-introspection
34
- tighten dependency of -dev packages on library packages
35
- add missing ${misc:Depends}
36
- update Standards-Version to 3.9.1
38
- add dh_girepository calls to actually do something to ${gir:Depends}
39
- run dh_makeshlibs targetting the appropriate packages (library ones,
41
- remove rpath from the installed binaries
43
-- Gustavo Noronha Silva <kov@debian.org> Mon, 27 Dec 2010 14:06:08 -0200
45
webkit (1.3.8-1) experimental; urgency=low
47
* New upstream development release
327
48
* debian/debian/gir1.0-webkit-1.0.install, debian/control,
328
49
debian/rules, debian/libwebkit-dev.install:
329
50
- add gir1.0-webkit-1.0 package, and enable introspection support
330
- make libwebkit-dev Replace gir-repository-dev
51
- rename packages to accomodate soname change
52
- add new packages for gtk3-based webkitgtk
53
* debian/control, debian/rules:
54
- enable building geolocation support
332
-- Gustavo Noronha Silva <kov@debian.org> Thu, 03 Dec 2009 12:16:27 -0200
56
-- Gustavo Noronha Silva <kov@debian.org> Wed, 11 Aug 2010 11:10:28 -0300
334
58
webkit (1.1.17-1) unstable; urgency=low