Your message dated Tue, 24 May 2016 10:57:34 +0000
with message-id <[email protected]>
and subject line Bug#821228: fixed in webkit2gtk 2.12.3-1
has caused the Debian Bug report #821228,
regarding libjavascriptcoregtk: segfault when opening a page
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
821228: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=821228
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: libjavascriptcoregtk-4.0-18
Version: 2.12.1-1
Severity: normal
File: libjavascriptcoregtk
Hi,
when opening http://gexpertise.fr/activites/metiers/stockage
with MiniBrowser, this did not happen with version 2.10:
Program received signal SIGSEGV, Segmentation fault.
JSC::StackVisitor::readFrame (this=0x7ffdf68ef990,
callFrame=0xffff000000000002) at
/build/webkit2gtk-ea7lQt/webkit2gtk-2.12.1/Source/JavaScriptCore/interpreter/StackVisitor.cpp:100
100
/build/webkit2gtk-ea7lQt/webkit2gtk-2.12.1/Source/JavaScriptCore/interpreter/StackVisitor.cpp:
Aucun fichier ou dossier de ce type.
(gdb) bt
#0 JSC::StackVisitor::readFrame (this=0x7ffdf68ef990,
callFrame=0xffff000000000002) at
/build/webkit2gtk-ea7lQt/webkit2gtk-2.12.1/Source/JavaScriptCore/interpreter/StackVisitor.cpp:100
#1 0x00007f0d72f5a0c6 in JSC::StackVisitor::visit<JSC::RecursionCheckFunctor>
(functor=<synthetic pointer>, startFrame=<optimized out>) at
/build/webkit2gtk-ea7lQt/webkit2gtk-2.12.1/Source/JavaScriptCore/interpreter/StackVisitor.h:128
#2 JSC::ExecState::iterate<JSC::RecursionCheckFunctor> (functor=<synthetic
pointer>, this=<optimized out>) at
/build/webkit2gtk-ea7lQt/webkit2gtk-2.12.1/Source/JavaScriptCore/interpreter/CallFrame.h:252
#3 JSC::CodeBlock::noticeIncomingCall (this=this@entry=0x7f0d02505200,
callerFrame=0x7ffdf68efc00) at
/build/webkit2gtk-ea7lQt/webkit2gtk-2.12.1/Source/JavaScriptCore/bytecode/CodeBlock.cpp:3472
#4 0x00007f0d72f5a1f1 in JSC::CodeBlock::linkIncomingCall
(this=this@entry=0x7f0d02505200, callerFrame=<optimized out>,
incoming=incoming@entry=0x7f0d0217a100) at
/build/webkit2gtk-ea7lQt/webkit2gtk-2.12.1/Source/JavaScriptCore/bytecode/CodeBlock.cpp:3173
#5 0x00007f0d732e680e in JSC::linkFor (exec=exec@entry=0x7ffdf68efb40,
callLinkInfo=..., calleeCodeBlock=calleeCodeBlock@entry=0x7f0d02505200,
callee=callee@entry=0x7f0d02443d00, codePtr=..., codePtr@entry=...)
at
/build/webkit2gtk-ea7lQt/webkit2gtk-2.12.1/Source/JavaScriptCore/jit/Repatch.cpp:571
#6 0x00007f0d732cd998 in JSC::operationLinkCall (execCallee=0x7ffdf68efb40,
callLinkInfo=0x7f0d0217a100) at
/build/webkit2gtk-ea7lQt/webkit2gtk-2.12.1/Source/JavaScriptCore/jit/JITOperations.cpp:819
#7 0x00007f0d53ffee64 in ?? ()
#8 0x00007ffdf68efc00 in ?? ()
#9 0x00007f0d140841ae in ?? ()
#10 0x0000000000000000 in ?? ()
Regards,
Jérémy.
-- System Information:
Debian Release: stretch/sid
APT prefers unstable
APT policy: (690, 'unstable'), (650, 'testing'), (630, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 4.4.6 (SMP w/4 CPU cores)
Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages libjavascriptcoregtk-4.0-18:amd64 depends on:
ii libc6 2.22-6
ii libglib2.0-0 2.48.0-1
ii libicu55 55.1-7
ii libstdc++6 5.3.1-14
libjavascriptcoregtk-4.0-18:amd64 recommends no packages.
libjavascriptcoregtk-4.0-18:amd64 suggests no packages.
-- no debconf information
--- End Message ---
--- Begin Message ---
Source: webkit2gtk
Source-Version: 2.12.3-1
We believe that the bug you reported is fixed in the latest version of
webkit2gtk, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Alberto Garcia <[email protected]> (supplier of updated webkit2gtk package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Tue, 24 May 2016 11:17:40 +0200
Source: webkit2gtk
Binary: libjavascriptcoregtk-4.0-18 libjavascriptcoregtk-4.0-dev
libjavascriptcoregtk-4.0-bin gir1.2-javascriptcoregtk-4.0 libwebkit2gtk-4.0-37
libwebkit2gtk-4.0-dev libwebkit2gtk-4.0-doc gir1.2-webkit2-4.0
libwebkit2gtk-4.0-37-gtk2
Architecture: source
Version: 2.12.3-1
Distribution: unstable
Urgency: high
Maintainer: Debian WebKit Maintainers
<[email protected]>
Changed-By: Alberto Garcia <[email protected]>
Description:
gir1.2-javascriptcoregtk-4.0 - JavaScript engine library from WebKitGTK+ -
GObject introspection
gir1.2-webkit2-4.0 - Web content engine library for GTK+ - GObject
introspection data
libjavascriptcoregtk-4.0-18 - JavaScript engine library from WebKitGTK+
libjavascriptcoregtk-4.0-bin - JavaScript engine library from WebKitGTK+ -
command-line interpre
libjavascriptcoregtk-4.0-dev - JavaScript engine library from WebKitGTK+ -
development files
libwebkit2gtk-4.0-37 - Web content engine library for GTK+
libwebkit2gtk-4.0-37-gtk2 - Web content engine library for GTK+ - GTK+2 plugin
process
libwebkit2gtk-4.0-dev - Web content engine library for GTK+ - development files
libwebkit2gtk-4.0-doc - Web content engine library for GTK+ - documentation
Closes: 821228
Changes:
webkit2gtk (2.12.3-1) unstable; urgency=high
.
* New upstream release (Closes: #821228).
+ This fixes CVE-2016-1856 and CVE-2016-1857.
* debian/control:
+ Now that the GTK+ transition to 3.20 is done, we can revert the
build dependency on gtk+3 back to >= 3.10.
* debian/rules:
+ Pass '--with gir' to dh instead of overriding dh_shlibdeps.
Checksums-Sha1:
6ab1dafbcf17e9d764eb96d25f44623c0c85ac5d 3546 webkit2gtk_2.12.3-1.dsc
d6a0d598c09d2d56ba0862f8d9206e89d75317cb 11706664 webkit2gtk_2.12.3.orig.tar.xz
3eae2865bfbe384d4fc2a29efb5e5676ff57a86f 55052
webkit2gtk_2.12.3-1.debian.tar.xz
Checksums-Sha256:
ce0a3efda605209f4caac770c9b8bf1aedfe854296d938e858b70c5b903efcf7 3546
webkit2gtk_2.12.3-1.dsc
173cbb9a2eca23eee52e99965483ab25aa9c0569ef5b57041fc0c129cc26c307 11706664
webkit2gtk_2.12.3.orig.tar.xz
4e2504d0352ffd718014ef859548a22b55e19316f9f9bcab7e39b235dd99b9aa 55052
webkit2gtk_2.12.3-1.debian.tar.xz
Files:
9e083dd54fb7e9b79c3fe948bf1fb98b 3546 web optional webkit2gtk_2.12.3-1.dsc
aebb4029c09dd81664aa830e4a584c85 11706664 web optional
webkit2gtk_2.12.3.orig.tar.xz
091d36b3b60768013916a973d6be3ef6 55052 web optional
webkit2gtk_2.12.3-1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBV0QrjL4yGa8+1BNBAQijOw//VbTJUJNDUU3hIU/Tlqd9KAwJQUOrxj+7
qu+mTjgEejr5a1bUsYwnW3hatQ6OhRlBLD3hnkP3v+nWE0ZogZf/4uox4Dh7FX7L
cObJz4ZDNYxc+t30vFIHSAAg1fXY8fl1Zj2M931YfHHYVcTrwqRA4borPOVrXfjN
5+5Efo4L3uKLYWnXmMkHYzfIRhQ0SkOW3blBzp1iqqKVc2d7DDpjdvpapoWQBTaG
9UKm9B/SR1imdiO5uvVJKdo06V9L94AykJ3wiMjVZJJLtl15MMj0o+LHocsLi1l6
2hoVtbn8XTFD8OUOWepRctatTZWR9mX0YBKX55H1uvZUy7w6wOj10Qm0Z9c7n4Pu
lIISRHwFqvsUxvYilPRLQZAS6dBuxWryo8d/2g/husFKFssfX5nw1Ugbz2zaDAxo
bo8eyP0IA135kcZtky7yCcZbwzjukMFKJrDUtWC6jZ2CcDONNU5ZwnYm7x2ctMzP
u/s6zGcNl85+KXNad8Cdej/qtrntH4fpFZR+Iiw7nNmbi4WmBTG3FZhC1a3Ny7z6
fTedRvfFkfJpt/Ru6kXvl9AjZRXxKPJoja3OjOvMMALotF8qqIuIeYXa4mZ23Xw4
q9sNGANgxfOSrbmmozh9Aw+efMULx1PfaDzq7xoQFN8SdimHN5OFQcCaWkk1b7z7
BMxLpCQpqo8=
=fDIC
-----END PGP SIGNATURE-----
--- End Message ---
