Skip to content

Commit

Permalink
webkitgtk: 2.30.2 -> 2.30.3
Browse files Browse the repository at this point in the history 
Fixes processing of malicousliy crafted web content which could lead to
- CVE-2020-13584: arbitrary code execution due to a use after free issue
- CVE-2020-9983: code execution due to an out-of-bounds write issue

Advisory at https://webkitgtk.org/security/WSA-2020-0008.html

Fixes: CVE-2090-13584, CVE-2020-9983
  • Loading branch information
@mweinelt
mweinelt committed Nov 23, 2020
1 parent fa6abb2 commit 48ba279
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions pkgs/development/libraries/webkitgtk/default.nix
View file
Expand Up @@ -59,15 +59,15 @@ with stdenv.lib;

stdenv.mkDerivation rec {
pname = "webkitgtk";
version = "2.30.2";
version = "2.30.3";

outputs = [ "out" "dev" ];

separateDebugInfo = stdenv.isLinux;

src = fetchurl {
url = "https://webkitgtk.org/releases/${pname}-${version}.tar.xz";
sha256 = "0ak8slddg7gpk6m096xzkiqw9bfsrrizvqr815bw44665fyf0ry4";
sha256 = "0zsy3say94d9bhaan0l6mfr59z03a5x4kngyy8b2i20n77q19skd";
};

patches = optionals stdenv.isLinux [
Expand Down

0 comments on commit 48ba279

Please sign in to comment.