The full gamut of security fixes for this release is unknown, but, at
minimum, CVE-2020-16042 is addressed. (A full change log seems elusive:
the package's README points to a broken link, Mozilla advisories about
"memory safety hazards" can point to bug reports that can't be viewed,
etc.) This is the most current version that Debian has integrated,
which is where our package points to.
Successful build tests on:
NetBSD amd64/9.2_STABLE (with both Rust 1.52.1 and 1.54)
NetBSD i386/9.2_STABLE
OmniOS r151036
Fedora Linux 34 was not testable, as our packaging of LLVM 12.0.1 fails
to build on it. The upstream configuration continues to cap macOS build
support at 10.15.4. I updated our existing patch to allow 10.15.7, but
have no ability to test that OS, and no idea if 11.x would work.
This is effectively a minor leaf package now, and may best be removed
in future. I've updated this just in case issues emerge with the polkit
switch to duktape, which will first appear in our 2021Q3 branch. (That
is, I'm not aware of any issues, and definitely prefer duktape from a
packaging perspective.)
18092e9154