de3684f57d
Fixes the following security issues: https://webkitgtk.org/security/WSA-2024-0001.html - CVE-2024-23222: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited. Description: A type confusion issue was addressed with improved checks. - CVE-2024-23206: A maliciously crafted webpage may be able to fingerprint the user. Description: An access issue was addressed with improved access restrictions. - CVE-2024-23213: Processing web content may lead to arbitrary code execution. Description: The issue was addressed with improved memory handling. - CVE-2023-40414: Processing web content may lead to arbitrary code execution. Description: A use-after-free issue was addressed with improved memory management. - CVE-2023-42833: Processing web content may lead to arbitrary code execution. Description: A correctness issue was addressed with improved checks. - CVE-2014-1745: Processing a file may lead to a denial-of-service or potentially disclose memory contents. Description: The issue was addressed with improved checks. https://webkitgtk.org/security/WSA-2023-0012.html - CVE-2023-42883: Processing a SVG image may lead to a denial-of-service. Description: The issue was addressed with improved memory handling. - CVE-2023-42890: Processing web content may lead to arbitrary code execution. Description: The issue was addressed with improved memory handling. https://webkitgtk.org/security/WSA-2023-0011.html - CVE-2023-42916: Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been actively exploited. Description: An out-of-bounds read was addressed with improved input validation. - CVE-2023-42917: Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. Description: A memory corruption vulnerability was addressed with improved locking. Add an upstream post-2.42.5 patch to fix an issue with an invalid backport causing a build issue. Signed-off-by: Peter Korsgaard <peter@korsgaard.com> Acked-by: Adrian Perez de Castro <aperez@igalia.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
40 lines
1.5 KiB
Diff
40 lines
1.5 KiB
Diff
From 3d5373575695b293b8559155431d0079a6153aff Mon Sep 17 00:00:00 2001
|
|
From: Michael Catanzaro <mcatanzaro@redhat.com>
|
|
Date: Mon, 5 Feb 2024 11:00:49 -0600
|
|
Subject: [PATCH] =?UTF-8?q?[GTK]=20[2.42.5]=20LowLevelInterpreter.cpp:339:?=
|
|
=?UTF-8?q?21:=20error:=20=E2=80=98t6=E2=80=99=20was=20not=20declared=20in?=
|
|
=?UTF-8?q?=20this=20scope=20https://bugs.webkit.org/show=5Fbug.cgi=3Fid?=
|
|
=?UTF-8?q?=3D268739?=
|
|
MIME-Version: 1.0
|
|
Content-Type: text/plain; charset=UTF-8
|
|
Content-Transfer-Encoding: 8bit
|
|
|
|
Unreviewed build fix. Seems a backport went badly, and we didn't notice
|
|
because the code is architecture-specific.
|
|
|
|
* Source/JavaScriptCore/llint/LowLevelInterpreter.cpp:
|
|
(JSC::CLoop::execute):
|
|
|
|
Upstream: https://github.com/WebKit/WebKit/commit/3d5373575695b293b8559155431d0079a6153aff
|
|
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
|
---
|
|
Source/JavaScriptCore/llint/LowLevelInterpreter.cpp | 2 --
|
|
1 file changed, 2 deletions(-)
|
|
|
|
diff --git a/Source/JavaScriptCore/llint/LowLevelInterpreter.cpp b/Source/JavaScriptCore/llint/LowLevelInterpreter.cpp
|
|
index 5064ead6cd2e..9a2e2653b121 100644
|
|
--- a/Source/JavaScriptCore/llint/LowLevelInterpreter.cpp
|
|
+++ b/Source/JavaScriptCore/llint/LowLevelInterpreter.cpp
|
|
@@ -336,8 +336,6 @@ JSValue CLoop::execute(OpcodeID entryOpcodeID, void* executableAddress, VM* vm,
|
|
UNUSED_VARIABLE(t2);
|
|
UNUSED_VARIABLE(t3);
|
|
UNUSED_VARIABLE(t5);
|
|
- UNUSED_VARIABLE(t6);
|
|
- UNUSED_VARIABLE(t7);
|
|
|
|
struct StackPointerScope {
|
|
StackPointerScope(CLoopStack& stack)
|
|
--
|
|
2.39.2
|
|
|