3
0
Fork 0
forked from mirrors/nixpkgs

webkitgtk: 2.30.2 -> 2.30.3

Fixes processing of malicousliy crafted web content which could lead to
- CVE-2020-13584: arbitrary code execution due to a use after free issue
- CVE-2020-9983: code execution due to an out-of-bounds write issue

Advisory at https://webkitgtk.org/security/WSA-2020-0008.html

Fixes: CVE-2090-13584, CVE-2020-9983
This commit is contained in:
Martin Weinelt 2020-11-23 18:46:04 +01:00
parent fa6abb2b61
commit 48ba279287
No known key found for this signature in database
GPG key ID: 87C1E9888F856759

View file

@ -59,7 +59,7 @@ with stdenv.lib;
stdenv.mkDerivation rec {
pname = "webkitgtk";
version = "2.30.2";
version = "2.30.3";
outputs = [ "out" "dev" ];
@ -67,7 +67,7 @@ stdenv.mkDerivation rec {
src = fetchurl {
url = "https://webkitgtk.org/releases/${pname}-${version}.tar.xz";
sha256 = "0ak8slddg7gpk6m096xzkiqw9bfsrrizvqr815bw44665fyf0ry4";
sha256 = "0zsy3say94d9bhaan0l6mfr59z03a5x4kngyy8b2i20n77q19skd";
};
patches = optionals stdenv.isLinux [