webkitgtk (2.4.11-0ubuntu0.1) xenial; urgency=medium

  * New upstream version:
    - "Fix a crash when changing elment attributes with DOM bindings"
      which impacts the evolution composer for example (lp: #1570110)
  * debian/patches/fix-arm64-build.patch:
    - remove, this has been fixed upstream.

 -- Sebastien Bacher <seb128@ubuntu.com>  Fri, 13 May 2016 10:52:06 +0200

webkitgtk (2.4.10-0ubuntu2) yakkety; urgency=medium

  * No-change rebuild for libpng soname change.

 -- Matthias Klose <doko@ubuntu.com>  Sat, 23 Apr 2016 00:31:45 +0000

webkitgtk (2.4.10-0ubuntu1) xenial; urgency=medium

  * SECURITY UPDATE: Updated to 2.4.10 to fix multiple security issues
    (LP: #1556964)
    - CVE-2015-1120, CVE-2015-1076, CVE-2015-1071, CVE-2015-1081,
      CVE-2015-1122, CVE-2015-1155, CVE-2014-1748, CVE-2015-3752,
      CVE-2015-5809, CVE-2015-5928, CVE-2015-3749, CVE-2015-3659,
      CVE-2015-3748, CVE-2015-3743, CVE-2015-3731, CVE-2015-3745,
      CVE-2015-5822, CVE-2015-3658, CVE-2015-3741, CVE-2015-3727,
      CVE-2015-5801, CVE-2015-5788, CVE-2015-3747, CVE-2015-5794,
      CVE-2015-1127, CVE-2015-1153, CVE-2015-1083
  * Dropped upstreamed patches:
    - fix-gtkdoc-error.patch, atomic_build_fix.patch, ppc64-align.patch,
      fix-cloop.patch, use-abi64-for-mips64el.patch.

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Wed, 16 Mar 2016 07:47:51 -0400

webkitgtk (2.4.9-2ubuntu2) wily; urgency=medium

  * Merge with Debian, remaining changes:
    - bugzilla_clear_surface.patch: Take patch to fix upstream bug#123480
      which was a crash affecting software-center in Ubuntu.
    - Stick on geoclue 1 for now, the new version isn't in main and a
      transition plan needs to be worked out, for example for how to integrate
      the Ubuntu GeoIP service.
    - still build libwebkit2gtk-3.0 in Ubuntu

 -- Sebastien Bacher <seb128@ubuntu.com>  Wed, 12 Aug 2015 19:07:31 +0200

webkitgtk (2.4.9-2) unstable; urgency=medium

  [ Emilio Pozuelo Monfort ]
  * Disable libwebkit2gtk-3.0 packages. They have no rdeps anymore
    and are superseded by src:webkit2gtk.

  [ Alberto Garcia ]
  * debian/patches/use-abi64-for-mips64el.patch:
    + Use ABI64 instead of _MIPS_SIM_ABI64 for mips64el (Closes: #789261).

 -- Alberto Garcia <berto@igalia.com>  Wed, 24 Jun 2015 17:12:27 +0300

webkitgtk (2.4.9-1) unstable; urgency=high

  * New upstream release.
    + This fixes CVE-2015-2330.
  * debian/patches/ax-focus-events.patch,
    debian/patches/fix-ftbfs-pluginpackage.patch,
    debian/patches/fix-mips64-build.patch,
    debian/patches/fix-textrel-x86.patch,
    debian/patches/g-closure-unref.diff,
    debian/patches/nullptr-accessibilitymenulistoption.patch,
    debian/patches/nullptr-frameprogresstracker.patch,
    debian/patches/render-text-control.patch:
    + Remove.
  * debian/patches/02_notebook_scroll.patch,
    debian/patches/fix-arm64-build.patch,
    debian/patches/restore_sparc_code.patch,
    debian/patches/x32_support.patch:
    + Refresh.

 -- Alberto Garcia <berto@igalia.com>  Wed, 20 May 2015 19:23:49 +0300

webkitgtk (2.4.8-2) unstable; urgency=medium

  * debian/patches/g-closure-unref.diff:
    + Fix use-after-free warning when loading page into WebView
     (Closes: #780444).
  * debian/patches/fix-cloop.patch:
    + Fix crash on powerpc (Closes: #771841).

 -- Alberto Garcia <berto@igalia.com>  Thu, 26 Mar 2015 23:49:21 +0200

webkitgtk (2.4.8-1) unstable; urgency=medium

  * New upstream release, which includes some of the patches already
    available in Debian plus security fixes for CVE-2014-1344,
    CVE-2014-1384, CVE-2014-1385, CVE-2014-1386, CVE-2014-1387,
    CVE-2014-1388, CVE-2014-1389 and CVE-2014-1390.
  * debian/patches/dfg-jit.patch,
    debian/patches/enable_llint.patch,
    debian/patches/flash-crash.patch,
    debian/patches/local-label-string-hurd.patch,
    debian/patches/no-ssl-record-version.patch,
    debian/patches/nullptr-applystylecommand.patch,
    debian/patches/protect-document.patch,
    debian/patches/touch-event.patch:
     + Remove.
  * debian/patches/fix-ftbfs-pluginpackage.patch:
    + Fix FTBFS.

 -- Alberto Garcia <berto@igalia.com>  Sat, 17 Jan 2015 14:19:43 +0200

webkitgtk (2.4.7-3) unstable; urgency=medium

  * debian/patches/ppc64-align.patch:
    + Fix crash in ppc64el (Closes: #762670).
  * debian/patches/no-ssl-record-version.patch:
    + Don't use a SSL3.0 record version in client hello.
  * debian/patches/protect-document.patch:
    + Protect Document in ProcessingInstruction::setXSLStyleSheet(). This
      is a security fix, see https://codereview.chromium.org/579133004.
  * debian/patches/nullptr-accessibilitymenulistoption.patch:
    + Check for NULL pointers in AccessibilityMenuListOption.
  * debian/patches/nullptr-applystylecommand.patch:
    + Check for NULL pointer in ApplyStyleCommand.
  * debian/patches/nullptr-frameprogresstracker.patch:
    + Check for NULL pointer in FrameProgressTracker.
  * debian/patches/render-text-control.patch:
    + Check for NULL pointer in SearchInputType.
  * debian/patches/ax-focus-events.patch:
    + Fix accessible focus events in non-focused combo boxes.

 -- Alberto Garcia <berto@igalia.com>  Mon, 08 Dec 2014 13:26:23 +0100

webkitgtk (2.4.7-2) unstable; urgency=medium

  * debian/patches/touch-event.patch:
    + Fix crash in EventPath::updateTouchLists() (Closes: #761492).
  * debian/patches/flash-crash.patch:
    + Fix crash in the Flash player (Closes: #768929).

 -- Alberto Garcia <berto@igalia.com>  Tue, 11 Nov 2014 12:43:45 +0200

# For older changelog entries, run 'apt-get changelog gir1.2-javascriptcoregtk-3.0'