group.of.nepali.translators team mailing list archive

[Launchpad Bug Tracker <1761289@xxxxxxxxxxxxxxxxxx>]

This bug was fixed in the package webkit2gtk - 2.20.1-0ubuntu0.16.04.1

---------------
webkit2gtk (2.20.1-0ubuntu0.16.04.1) xenial-security; urgency=medium

  * Updated to 2.20.1 to fix multiple security issues. (LP: #1761289)
    - CVE-2018-4101, CVE-2018-4113, CVE-2018-4114, CVE-2018-4117,
      CVE-2018-4118, CVE-2018-4119, CVE-2018-4120, CVE-2018-4122,
      CVE-2018-4125, CVE-2018-4127, CVE-2018-4128, CVE-2018-4129,
      CVE-2018-4133, CVE-2018-4146, CVE-2018-4161, CVE-2018-4162,
      CVE-2018-4163, CVE-2018-4165
  * debian/patches/*.patch: refreshed.
  * debian/rules: disable WOFF2, disabe GEOLOCATION.
  * debian/libwebkit2gtk-4.0-37.symbols: updated for new version.

 -- Marc Deslauriers <marc.deslauriers@xxxxxxxxxx>  Fri, 27 Apr 2018
12:29:15 -0400

** Changed in: webkit2gtk (Ubuntu Xenial)
       Status: Confirmed => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-4101

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-4113

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-4114

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-4117

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-4118

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-4119

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-4120

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-4122

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-4125

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-4127

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-4128

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-4129

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-4133

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-4146

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-4161

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-4162

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-4163

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-4165

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1761289

Title:
  WSA-2018-0003 security update

Status in webkit2gtk package in Ubuntu:
  Fix Released
Status in webkit2gtk source package in Xenial:
  Fix Released
Status in webkit2gtk source package in Artful:
  Confirmed
Status in webkit2gtk source package in Bionic:
  Fix Released

Bug description:
  https://webkitgtk.org/security/WSA-2018-0003.html

  We need to update webkit2gtk to 2.20.

  1. We need to do a deja dup update (to -security probably) LP:
  #1751460

  2. Once the brotli (LP: #1737053) and woff2 (LP: #1742743) MIRs are
  approved, let's backport those to xenial-security and artful-security.
  Until that's done we'll have a regression in supporting that font.

  3. Update the useragent configure flag (this time it should work!)
  (LP: #1751484)

  https://anonscm.debian.org/git/pkg-
  webkit/webkit.git/tree/debian/rules#n57

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/webkit2gtk/+bug/1761289/+subscriptions