webkit2gtk (2.20.5-0ubuntu0.16.04.1) xenial-security; urgency=medium

  * Updated to 2.20.5 to fix security issues.
    - CVE-2018-4246, CVE-2018-4261, CVE-2018-4262, CVE-2018-4263,
      CVE-2018-4264, CVE-2018-4265, CVE-2018-4266, CVE-2018-4267,
      CVE-2018-4270, CVE-2018-4272, CVE-2018-4273, CVE-2018-4278,
      CVE-2018-4284, CVE-2018-12911
  * debian/patches/fix-ftbfs-m68k.patch: refreshed with new version.

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Wed, 15 Aug 2018 07:49:35 -0400

webkit2gtk (2.20.3-0ubuntu0.16.04.1) xenial-security; urgency=medium

  * Updated to 2.20.3 to fix security issues.
    - CVE-2018-4190, CVE-2018-4199, CVE-2018-4218, CVE-2018-4222,
      CVE-2018-4232, CVE-2018-4233, CVE-2018-12293
  * debian/patches/fix-atomics-build.patch: refreshed with new version.
  * debian/{rules,compat}: Show Ubuntu in user agent (LP: #1770868)
    - Thanks to Jeremy Bicha for the patch!

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Thu, 14 Jun 2018 13:06:02 -0400

webkit2gtk (2.20.2-0ubuntu0.16.04.1) xenial-security; urgency=medium

  * Updated to 2.20.2 to fix security issue.
    - CVE-2018-4200

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Mon, 07 May 2018 14:58:07 -0400

webkit2gtk (2.20.1-0ubuntu0.16.04.1) xenial-security; urgency=medium

  * Updated to 2.20.1 to fix multiple security issues. (LP: #1761289)
    - CVE-2018-4101, CVE-2018-4113, CVE-2018-4114, CVE-2018-4117,
      CVE-2018-4118, CVE-2018-4119, CVE-2018-4120, CVE-2018-4122,
      CVE-2018-4125, CVE-2018-4127, CVE-2018-4128, CVE-2018-4129,
      CVE-2018-4133, CVE-2018-4146, CVE-2018-4161, CVE-2018-4162,
      CVE-2018-4163, CVE-2018-4165
  * debian/patches/*.patch: refreshed.
  * debian/rules: disable WOFF2, disabe GEOLOCATION.
  * debian/libwebkit2gtk-4.0-37.symbols: updated for new version.

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Fri, 27 Apr 2018 12:29:15 -0400

webkit2gtk (2.18.6-0ubuntu0.16.04.1) xenial-security; urgency=medium

  * Updated to 2.18.6 to fix multiple security issues.
    - CVE-2017-7153, CVE-2017-7160, CVE-2017-7161, CVE-2017-7165,
      CVE-2017-13884, CVE-2017-13885, CVE-2018-4088, CVE-2018-4096

 -- Chris Coulson <chris.coulson@canonical.com>  Mon, 29 Jan 2018 20:44:08 +0000

webkit2gtk (2.18.5-0ubuntu0.16.04.1) xenial-security; urgency=medium

  * Updated to 2.18.5 to add Spectre mitigations.
    - CVE-2017-5715, CVE-2017-5753

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Wed, 10 Jan 2018 11:49:35 -0500

webkit2gtk (2.18.4-0ubuntu0.16.04.1) xenial-security; urgency=medium

  * Updated to 2.18.4 to fix multiple security issues.
    - CVE-2017-7156, CVE-2017-13856, CVE-2017-13866, CVE-2017-13870.
  * debian/patches/*.patch: refreshed.
  * Set distributor name in User Agent string.
    - debian/patches/user-agent-branding.patch: add optional distributor
      string to user agent.
    - debian/rules: set -DUSER_AGENT_GTK_DISTRIBUTOR_NAME.

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Wed, 20 Dec 2017 09:27:01 -0500

webkit2gtk (2.18.3-0ubuntu0.16.04.1) xenial-security; urgency=medium

  * Updated to 2.18.3 to fix multiple security issues.
    - CVE-2017-13783, CVE-2017-13784, CVE-2017-13785, CVE-2017-13788,
      CVE-2017-13791, CVE-2017-13792, CVE-2017-13793, CVE-2017-13794,
      CVE-2017-13795, CVE-2017-13796, CVE-2017-13798, CVE-2017-13802,
      CVE-2017-13803
  * debian/patches/*.patch: refreshed.

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Tue, 14 Nov 2017 09:10:35 -0500

webkit2gtk (2.18.0-0ubuntu0.16.04.2) xenial-security; urgency=medium

  * Updated to 2.18.0 to fix multiple security issues.
    - CVE-2017-7087, CVE-2017-7089, CVE-2017-7090, CVE-2017-7091,
      CVE-2017-7092, CVE-2017-7093, CVE-2017-7095, CVE-2017-7096,
      CVE-2017-7098, CVE-2017-7100, CVE-2017-7102, CVE-2017-7104,
      CVE-2017-7107, CVE-2017-7109, CVE-2017-7111, CVE-2017-7117,
      CVE-2017-7120
  * debian/control: add libtasn1-6-dev to BuildDepends.
  * debian/rules: use USE_GSTREAMER_GL=OFF.
  * debian/rules: use ENABLE_WEB_CRYPTO=OFF since libgcrypt is too old.
  * debian/rules: don't use ENABLE_ASSEMBLER=0.
  * debian/libwebkit2gtk-4.0-37.symbols: updated for new version.

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Thu, 19 Oct 2017 12:42:09 -0400

webkit2gtk (2.16.6-0ubuntu0.16.04.1) xenial-security; urgency=medium

  * Updated to 2.16.6 to fix multiple security issues.
    - CVE-2017-2538, CVE-2017-7018, CVE-2017-7030, CVE-2017-7034,
      CVE-2017-7037, CVE-2017-7039, CVE-2017-7046, CVE-2017-7048,
      CVE-2017-7052, CVE-2017-7055, CVE-2017-7056, CVE-2017-7061,
      CVE-2017-7064

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Mon, 31 Jul 2017 14:54:24 -0400

# For older changelog entries, run 'apt-get changelog gir1.2-javascriptcoregtk-4.0'