buildroot

Go to file

Peter Korsgaard d87a2dea29 package/webkitgtk: security bump to version 2.48.2

Fixes the following security issues:

CVE-2025-24223
    Versions affected: WebKitGTK and WPE WebKit before 2.48.2.
    Credit to rheza (@ginggilBesel) and an anonymous researcher.
    Impact: Processing maliciously crafted web content may lead to
    memory corruption. Description: The issue was addressed with
    improved memory handling.
    WebKit Bugzilla: 287577

CVE-2025-31204
    Versions affected: WebKitGTK and WPE WebKit before 2.48.2.
    Credit to Nan Wang (@eternalsakura13).
    Impact: Processing maliciously crafted web content may lead to
    memory corruption. Description: The issue was addressed with
    improved memory handling.
    WebKit Bugzilla: 291506

CVE-2025-31205
    Versions affected: WebKitGTK and WPE WebKit before 2.48.2.
    Credit to Ivan Fratric of Google Project Zero.
    Impact: A malicious website may exfiltrate data cross-origin.
    Description: The issue was addressed with improved checks.
    WebKit Bugzilla: 290992

CVE-2025-31206
    Versions affected: WebKitGTK and WPE WebKit before 2.48.2.
    Credit to an anonymous researcher.
    Impact: Processing maliciously crafted web content may lead to an
    unexpected Safari crash. Description: A type confusion issue was
    addressed with improved state handling.
    WebKit Bugzilla: 290834

CVE-2025-31215
    Versions affected: WebKitGTK and WPE WebKit before 2.48.2.
    Credit to Jiming Wang and Jikai Ren.
    Impact: Processing maliciously crafted web content may lead to an
    unexpected process crash. Description: The issue was addressed with
    improved checks.
    WebKit Bugzilla: 288814

CVE-2025-31257
    Versions affected: WebKitGTK and WPE WebKit before 2.48.2.
    Credit to Juergen Schmied of Lynck GmbH.
    Impact: Processing maliciously crafted web content may lead to an
    unexpected Safari crash. Description: This issue was addressed with
    improved memory handling.
    WebKit Bugzilla: 290985

https://webkitgtk.org/security/WSA-2025-0004.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Acked-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 7a09fcf7c6)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>

2025-05-26 10:11:33 +02:00

.github

.github: add github action to automate PR handling

2024-07-09 11:43:02 +02:00

.gitlab/issue_templates

gitlab: fix issue template

2024-09-11 21:24:40 +02:00

arch

arch/arm: add the Cortex-A710 core

2025-02-05 11:43:43 +01:00

board

configs/qemu_ppc*: backport a patch for GCC 15.x compatibility

2025-05-15 17:06:42 +02:00

boot

boot/edk2: drop dependency on tf-a for macchiatobin

2025-05-02 12:10:44 +02:00

configs

configs: rock4se: bump Linux versions

2025-05-15 17:06:15 +02:00

docs

support/dependencies/dependencies.sh: awk is needed by Buildroot

2025-05-15 17:05:49 +02:00

fs/erofs: unbreak custom compression handling

2025-05-18 15:02:52 +02:00

linux

{linux, linux-headers}: bump 5.{4, 10, 15}.x / 6.{1, 6, 12}.x series

2025-05-15 17:06:11 +02:00

package

package/webkitgtk: security bump to version 2.48.2

2025-05-26 10:11:33 +02:00

support

support/dependencies/dependencies.sh: awk is needed by Buildroot

2025-05-15 17:05:49 +02:00

system

package/tinyinit: new package

2024-09-14 11:20:06 +02:00

toolchain

support/scripts/gen-bootlin-toolchains: allows armv8-a CPU to use armv7-a toolchains

2025-05-02 12:11:48 +02:00

utils

utils/generate-cyclonedx: use indent 2 by default

2025-03-06 21:49:53 +01:00

.b4-config

.b4-config: check patches with ./utils/check-package

2025-02-04 18:44:39 +01:00

.checkpackageignore

package/gdb: bump 15.x series to 15.2

2025-05-15 17:05:45 +02:00

.clang-format

.clang-format: initial import from Linux 5.15.6

2022-01-01 15:01:13 +01:00

.defconfig

arch: disable nios2

2025-01-15 21:30:31 +01:00

.editorconfig

editorconfig: leave patch files alone wrt trainling spaces

2024-06-11 21:55:21 +02:00

.flake8

Revert ".flake8: fix check for 80/132 columns"

2021-01-02 17:38:20 +01:00

.gitignore

gitignore: ignore multiple output directories

2024-07-26 09:31:56 +02:00

.gitlab-ci.yml

.gitlab-ci.yml: use Debian 12-based container with fixed 32bit support

2025-02-20 20:15:54 +01:00

.shellcheckrc

utils/check-package: improve shellcheck reproducibility

2022-07-25 23:52:47 +02:00

CHANGES

CHANGES: Update for 2025.02.3

2025-05-19 09:29:33 +02:00

Config.in

Config.in: introduce BR2_HOST_GCC_AT_LEAST_{12..15}

2025-05-15 17:06:23 +02:00

Config.in.legacy

package/sqlite: json extension enabled by default

2025-03-12 11:01:30 +01:00

COPYING

…

DEVELOPERS

DEVELOPERS: add Dario Binacchi for inih

2025-05-18 15:40:40 +02:00

Makefile

Makefile: update for 2025.02.3

2025-05-19 09:31:22 +02:00

Makefile.legacy

…

README

docs: move the IRC channel away from Freenode

2021-05-29 22:16:23 +02:00

README

Buildroot is a simple, efficient and easy-to-use tool to generate embedded
Linux systems through cross-compilation.

The documentation can be found in docs/manual. You can generate a text
document with 'make manual-text' and read output/docs/manual/manual.text.
Online documentation can be found at http://buildroot.org/docs.html

To build and use the buildroot stuff, do the following:

1) run 'make menuconfig'
2) select the target architecture and the packages you wish to compile
3) run 'make'
4) wait while it compiles
5) find the kernel, bootloader, root filesystem, etc. in output/images

You do not need to be root to build or run buildroot.  Have fun!

Buildroot comes with a basic configuration for a number of boards. Run
'make list-defconfigs' to view the list of provided configurations.

Please feed suggestions, bug reports, insults, and bribes back to the
buildroot mailing list: buildroot@buildroot.org
You can also find us on #buildroot on OFTC IRC.

If you would like to contribute patches, please read
https://buildroot.org/manual.html#submitting-patches

Languages

Makefile 62.9%

Python 18.3%

C 8.6%

Shell 6.2%

PHP 1.4%

Other 2.2%