webkitgtk-2.44.2

[Douglas R. Reno]

New point version

[Xi Ruoyao]

What's new in WebKitGTK 2.44.2?

• Make gamepads visible on axis movements, and not only on button presses.
• Disable the gst-libav AAC decoder.
• Make user scripts and style sheets visible in the Web Inspector.
• Use the geolocation portal where available, with the existing geoclue as fallback if the portal is not usable.
• Use the printing portal when running sandboxed.
• Use the file transfer portal for drag and drop when running sandboxed.
• Avoid notifying an empty cursor rectangle to input methods.
• Remove empty bar shown in detached inspector windows.
• Consider keycode when activating application accelerators.
• Fix the build with ENABLE_WEBAUDIO disabled.
• Fix several crashes and rendering issues.

[Rahul Chandra]

I can't get it to build with gcc 14

[Rahul Chandra]

Using CC=clang CXX=clang++ seems to have fixed it

[Douglas R. Reno]

------------------------------------------------------------------------
WebKitGTK and WPE WebKit Security Advisory                 WSA-2024-0003
------------------------------------------------------------------------

Date reported           : May 21, 2024
Advisory ID             : WSA-2024-0003
WebKitGTK Advisory URL  : https://webkitgtk.org/security/WSA-2024-0003.html
WPE WebKit Advisory URL : https://wpewebkit.org/security/WSA-2024-0003.html
CVE identifiers         : CVE-2024-27834.

Several vulnerabilities were discovered in WebKitGTK and WPE WebKit.

CVE-2024-27834
    Versions affected: WebKitGTK and WPE WebKit before 2.44.2.
    Manfred Paul working with Trend Micro's Zero Day Initiative.
    Impact: An attacker with arbitrary read and write capability may be
    able to bypass Pointer Authentication. Description: The issue was
    addressed with improved checks.
    WebKit Bugzilla: 272750

[Douglas R. Reno]

SA-12.1-050 issued

Fixed at fe468141213d4446d471e6e79fe246c3410ea177