Accepting request 1074298 from devel:languages:nodejs

OBS-URL: https://build.opensuse.org/request/show/1074298 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nodejs-electron?expand=0&rev=60
2023-03-25 17:55:59 +00:00
parent 820e507eaf efd35844fa
commit c0c29ae089
5 changed files with 43 additions and 4 deletions
--- a/electron-22.3.3.tar.zst
+++ b/electron-22.3.3.tar.zst
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:558d72861d0de224b65a6015e91144061373a4820774109257e1e34757550d49
-size 591501727
--- a/electron-22.3.4.tar.zst
+++ b/electron-22.3.4.tar.zst
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:1b9f2856040cd4046fc42b08af75888cdd7cc6729a25da7caddf061150e1317a
+size 591817879
--- a/nodejs-electron.changes
+++ b/nodejs-electron.changes
@@ -1,3 +1,12 @@
+-------------------------------------------------------------------
+Fri Mar 24 13:42:44 UTC 2023 - Bruno Pitrus <brunopitrus@hotmail.com>
+- New upstream release 22.3.4
+  * Improved error messages on session.cookies.set failure.
+  * Vulkan: Don't close render pass if rebind to same fbo (CVE-2023-1213)
+  * CSS: In Typed CSSOM, reject adding to something that is not a list. (CVE-2023-1215)
+  * Fix potential out of bounds write in base::SampleVectorBase (CVE-2023-1220)
+- Add services-network-optional-explicit-constructor.patch
+
 -------------------------------------------------------------------
 Sat Mar 18 18:48:36 UTC 2023 - Bruno Pitrus <brunopitrus@hotmail.com>
 - ANGLE: Link libvulkan.so and libGL.so instead of dlopening it
--- a/nodejs-electron.spec
+++ b/nodejs-electron.spec
@@ -201,7 +201,7 @@ BuildArch:      i686


 Name:           nodejs-electron
-Version:        22.3.3
+Version:        22.3.4
 Release:        0
 Summary:        Build cross platform desktop apps with JavaScript, HTML, and CSS
 License:        AFL-2.0 AND Apache-2.0 AND blessing AND BSD-2-Clause AND BSD-3-Clause AND BSD-Protection AND BSD-Source-Code AND bzip2-1.0.6 AND IJG AND ISC AND LGPL-2.0-or-later AND LGPL-2.1-or-later AND MIT AND MIT-CMU AND MIT-open-group AND (MPL-1.1 OR GPL-2.0-or-later OR LGPL-2.1-or-later) AND MPL-2.0 AND OpenSSL AND SGI-B-2.0 AND SUSE-Public-Domain AND X11
@@ -375,6 +375,7 @@ Patch3117:      target_property-missing-uint32_t.patch
 Patch3118:      gpu_feature_info-missing-uint32_t.patch
 Patch3119:      blink-gcc13-missing-headers.patch
 Patch3120:      effect_paint_property_node-Wchanges-meaning.patch
+Patch3121:      services-network-optional-explicit-constructor.patch

 %if %{with clang}
 BuildRequires:  clang
--- a/services-network-optional-explicit-constructor.patch
+++ b/services-network-optional-explicit-constructor.patch
@@ -0,0 +1,29 @@
+[ 2542s] ../../services/network/cookie_access_delegate_impl.cc: In member function 'virtual std::optional<base::flat_map<net::SchemefulSite, net::FirstPartySetEntry> > network::CookieAccessDelegateImpl::FindFirstPartySetEntries(base::flat_set<net::SchemefulSite>&, base::OnceCallback<void(base::flat_map<net::SchemefulSite, net::FirstPartySetEntry>)>) const':
+[ 2542s] ../../services/network/cookie_access_delegate_impl.cc:81:15: error: converting to 'std::optional<base::flat_map<net::SchemefulSite, net::FirstPartySetEntry> >' from initializer list would use explicit constructor 'constexpr std::optional<_Tp>::optional(std::in_place_t, _Args&& ...) [with _Args = {}; typename std::enable_if<__and_v<std::is_constructible<_Tp, _Args ...> >, bool>::type <anonymous> = false; _Tp = base::flat_map<net::SchemefulSite, net::FirstPartySetEntry>]'
+[ 2542s]    81 |     return {{}};
+[ 2542s]       |               ^
+[ 2542s] ../../services/network/cookie_access_delegate_impl.cc:81:15: error: converting to 'std::in_place_t' from initializer list would use explicit constructor 'constexpr std::in_place_t::in_place_t()'
+
+
+--- src/services/network/cookie_access_delegate_impl.cc.old	2023-03-24 11:21:23.446841775 +0100
+++ src/services/network/cookie_access_delegate_impl.cc	2023-03-24 13:08:04.591526417 +0100
+@@ -78,7 +78,7 @@
+     base::OnceCallback<void(FirstPartySetsAccessDelegate::EntriesResult)>
+         callback) const {
+   if (!first_party_sets_access_delegate_)
+-    return {{}};
+    return {FirstPartySetsAccessDelegate::EntriesResult()};
+   return first_party_sets_access_delegate_->FindEntries(sites,
+                                                         std::move(callback));
+ }
+--- src/services/network/first_party_sets/first_party_sets_access_delegate.cc.old	2023-03-24 11:21:23.454841767 +0100
+++ src/services/network/first_party_sets/first_party_sets_access_delegate.cc	2023-03-24 14:41:19.809786588 +0100
+@@ -95,7 +95,7 @@
+   DCHECK_CALLED_ON_VALID_SEQUENCE(sequence_checker_);
+ 
+   if (!enabled_)
+-    return {{}};
+    return {FirstPartySetsAccessDelegate::EntriesResult()};
+ 
+   if (!ready_event_.has_value()) {
+     // base::Unretained() is safe because `this` owns `pending_queries_` and