diff --git a/epip-revert-gsb-storage-dont-hardcode-Linux-threat-lists.patch b/epip-revert-gsb-storage-dont-hardcode-Linux-threat-lists.patch new file mode 100644 index 0000000..2f750e2 --- /dev/null +++ b/epip-revert-gsb-storage-dont-hardcode-Linux-threat-lists.patch @@ -0,0 +1,254 @@ +From c0eea4014270cac6d32d24de2bd8338e2da39ffd Mon Sep 17 00:00:00 2001 +From: Gabriel Ivașcu +Date: Tue, 12 Jun 2018 12:39:50 +0300 +Subject: [PATCH] Revert "gsb-storage: Don't hardcode Linux threat lists" + +This reverts commit 3c8cd6387f85106051c9e674ee8b1e59fb40858c. + +Also, increment SCHEMA_VERSION in ephy-gsb-storage.c. +--- + lib/safe-browsing/ephy-gsb-service.c | 74 -------------------------------------------------------------------------- + lib/safe-browsing/ephy-gsb-storage.c | 99 +++++++++++++++++++++++++++++++++++++++++++++++++++------------------------------------------------ + lib/safe-browsing/ephy-gsb-storage.h | 2 -- + 3 files changed, 51 insertions(+), 124 deletions(-) + +diff --git a/lib/safe-browsing/ephy-gsb-service.c b/lib/safe-browsing/ephy-gsb-service.c +index b36592a..a99a6d2 100644 +--- a/lib/safe-browsing/ephy-gsb-service.c ++++ b/lib/safe-browsing/ephy-gsb-service.c +@@ -163,74 +163,6 @@ ephy_gsb_service_schedule_update (EphyGSBService *self) + LOG ("Next update scheduled in %ld seconds", interval); + } + +-static GList * +-ephy_gsb_service_fetch_threat_lists_sync (EphyGSBService *self) +-{ +- GList *retval = NULL; +- JsonNode *body_node = NULL; +- JsonObject *body_obj; +- JsonArray *threat_lists; +- JsonObject *descriptor; +- const char *threat_type; +- const char *platform_type; +- const char *threat_entry_type; +- SoupMessage *msg; +- char *url; +- +- g_assert (EPHY_IS_GSB_SERVICE (self)); +- +- url = g_strdup_printf ("%sthreatLists?key=%s", API_PREFIX, self->api_key); +- msg = soup_message_new (SOUP_METHOD_GET, url); +- soup_session_send_message (self->session, msg); +- +- if (msg->status_code != 200) { +- LOG ("Failed to fetch the threat lists from the server, got: %u, %s", +- msg->status_code, msg->response_body->data); +- goto out; +- } +- +- body_node = json_from_string (msg->response_body->data, NULL); +- if (!body_node || !JSON_NODE_HOLDS_OBJECT (body_node)) { +- g_warning ("Response is not a valid JSON object"); +- goto out; +- } +- +- body_obj = json_node_get_object (body_node); +- +- if (json_object_has_non_null_array_member (body_obj, "threatLists")) { +- threat_lists = json_object_get_array_member (body_obj, "threatLists"); +- for (guint i = 0; i < json_array_get_length (threat_lists); i++) { +- descriptor = json_array_get_object_element (threat_lists, i); +- threat_type = json_object_get_string_member (descriptor, "threatType"); +- platform_type = json_object_get_string_member (descriptor, "platformType"); +- +- /* Keep SOCIAL_ENGINEERING threats that are for any platform. +- * Keep MALWARE/UNWANTED_SOFTWARE threats that are for Linux only. +- */ +- if (g_strcmp0 (threat_type, "SOCIAL_ENGINEERING") == 0) { +- if (g_strcmp0 (platform_type, "ANY_PLATFORM") != 0) +- continue; +- } else if (g_strcmp0 (platform_type, "LINUX") != 0) { +- continue; +- } +- +- threat_entry_type = json_object_get_string_member (descriptor, "threatEntryType"); +- retval = g_list_prepend (retval, ephy_gsb_threat_list_new (threat_type, +- platform_type, +- threat_entry_type, +- NULL)); +- } +- } +- +-out: +- g_free (url); +- g_object_unref (msg); +- if (body_node) +- json_node_unref (body_node); +- +- return g_list_reverse (retval); +-} +- + static void + ephy_gsb_service_update_thread (GTask *task, + EphyGSBService *self, +@@ -255,12 +187,6 @@ ephy_gsb_service_update_thread (GTask *task, + + ephy_gsb_storage_delete_old_full_hashes (self->storage); + +- /* Fetch and store new threat lists, if any. */ +- threat_lists = ephy_gsb_service_fetch_threat_lists_sync (self); +- for (GList *l = threat_lists; l && l->data; l = l->next) +- ephy_gsb_storage_insert_threat_list (self->storage, l->data); +- g_list_free_full (threat_lists, (GDestroyNotify)ephy_gsb_threat_list_free); +- + threat_lists = ephy_gsb_storage_get_threat_lists (self->storage); + if (!threat_lists) { + LOG ("No threat lists to update"); +diff --git a/lib/safe-browsing/ephy-gsb-storage.c b/lib/safe-browsing/ephy-gsb-storage.c +index 374d98d..05d8f27 100644 +--- a/lib/safe-browsing/ephy-gsb-storage.c ++++ b/lib/safe-browsing/ephy-gsb-storage.c +@@ -34,8 +34,21 @@ + */ + #define BATCH_SIZE 199 + +-/* Increment schema version if you modify the database table structure. */ +-#define SCHEMA_VERSION 2 ++/* Increment schema version if you: ++ * 1) Modify the database table structure. ++ * 2) Modify the threat lists below. ++ */ ++#define SCHEMA_VERSION 3 ++ ++/* The available Linux threat lists of Google Safe Browsing API v4. ++ * The format is {THREAT_TYPE, PLATFORM_TYPE, THREAT_ENTRY_TYPE}. ++ */ ++static const char * const gsb_linux_threat_lists[][3] = { ++ {GSB_THREAT_TYPE_MALWARE, "LINUX", "URL"}, ++ {GSB_THREAT_TYPE_SOCIAL_ENGINEERING, "ANY_PLATFORM", "URL"}, ++ {GSB_THREAT_TYPE_UNWANTED_SOFTWARE, "LINUX", "URL"}, ++ {GSB_THREAT_TYPE_MALWARE, "LINUX", "IP_RANGE"}, ++}; + + struct _EphyGSBStorage { + GObject parent_instance; +@@ -195,7 +208,9 @@ ephy_gsb_storage_init_metadata_table (EphyGSBStorage *self) + static gboolean + ephy_gsb_storage_init_threats_table (EphyGSBStorage *self) + { ++ EphySQLiteStatement *statement; + GError *error = NULL; ++ GString *string; + const char *sql; + + g_assert (EPHY_IS_GSB_STORAGE (self)); +@@ -218,6 +233,40 @@ ephy_gsb_storage_init_threats_table (EphyGSBStorage *self) + return FALSE; + } + ++ sql = "INSERT INTO threats (threat_type, platform_type, threat_entry_type) VALUES "; ++ string = g_string_new (sql); ++ for (guint i = 0; i < G_N_ELEMENTS (gsb_linux_threat_lists); i++) ++ g_string_append (string, "(?, ?, ?),"); ++ /* Remove trailing comma character. */ ++ g_string_erase (string, string->len - 1, -1); ++ ++ statement = ephy_sqlite_connection_create_statement (self->db, string->str, &error); ++ g_string_free (string, TRUE); ++ ++ if (error) { ++ g_warning ("Failed to create threats table insert statement: %s", error->message); ++ g_error_free (error); ++ return FALSE; ++ } ++ ++ for (guint i = 0; i < G_N_ELEMENTS (gsb_linux_threat_lists); i++) { ++ EphyGSBThreatList *list = ephy_gsb_threat_list_new (gsb_linux_threat_lists[i][0], ++ gsb_linux_threat_lists[i][1], ++ gsb_linux_threat_lists[i][2], ++ NULL); ++ bind_threat_list_params (statement, list, i * 3, i * 3 + 1, i * 3 + 2, -1); ++ ephy_gsb_threat_list_free (list); ++ } ++ ++ ephy_sqlite_statement_step (statement, &error); ++ g_object_unref (statement); ++ ++ if (error) { ++ g_warning ("Failed to insert initial data into threats table: %s", error->message); ++ g_error_free (error); ++ return FALSE; ++ } ++ + return TRUE; + } + +@@ -600,52 +649,6 @@ ephy_gsb_storage_set_metadata (EphyGSBStorage *self, + } + + /** +- * ephy_gsb_storage_insert_threat_list: +- * @self: an #EphyGSBStorage +- * @list: an #EphyGSBThreatList +- * +- * Insert a threat lists into the local database. If the combination +- * THREAT_TYPE/PLATFORM_TYPE/THREAT_ENTRY_TYPE already exists in the +- * database, then this function does nothing. The client state is ignored. +- * Use ephy_gsb_storage_update_client_state() if you need to update the +- * client state. +- **/ +-void +-ephy_gsb_storage_insert_threat_list (EphyGSBStorage *self, +- EphyGSBThreatList *list) +-{ +- EphySQLiteStatement *statement; +- GError *error = NULL; +- const char *sql; +- +- g_assert (EPHY_IS_GSB_STORAGE (self)); +- g_assert (list); +- +- sql = "INSERT OR IGNORE INTO threats " +- "(threat_type, platform_type, threat_entry_type, client_state) " +- "VALUES (?, ?, ?, ?)"; +- statement = ephy_sqlite_connection_create_statement (self->db, sql, &error); +- if (error) { +- g_warning ("Failed to create insert threat list statement: %s", error->message); +- g_error_free (error); +- return; +- } +- +- if (!bind_threat_list_params (statement, list, 0, 1, 2, -1)) { +- g_object_unref (statement); +- return; +- } +- +- ephy_sqlite_statement_step (statement, &error); +- if (error) { +- g_warning ("Failed to execute insert threat list statement: %s", error->message); +- g_error_free (error); +- } +- +- g_object_unref (statement); +-} +- +-/** + * ephy_gsb_storage_get_threat_lists: + * @self: an #EphyGSBStorage + * +diff --git a/lib/safe-browsing/ephy-gsb-storage.h b/lib/safe-browsing/ephy-gsb-storage.h +index 056b4e7..ed41a7e 100644 +--- a/lib/safe-browsing/ephy-gsb-storage.h ++++ b/lib/safe-browsing/ephy-gsb-storage.h +@@ -38,8 +38,6 @@ gint64 ephy_gsb_storage_get_metadata (EphyGSBStorage + void ephy_gsb_storage_set_metadata (EphyGSBStorage *self, + const char *key, + gint64 value); +-void ephy_gsb_storage_insert_threat_list (EphyGSBStorage *self, +- EphyGSBThreatList *list); + GList *ephy_gsb_storage_get_threat_lists (EphyGSBStorage *self); + char *ephy_gsb_storage_compute_checksum (EphyGSBStorage *self, + EphyGSBThreatList *list); +-- +libgit2 0.27.1 + diff --git a/epiphany-3.28.2.1.tar.xz b/epiphany-3.28.2.1.tar.xz deleted file mode 100644 index 5af6376..0000000 --- a/epiphany-3.28.2.1.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:baa4e9f0ac0b1e95fa2027af796859114f448f0f274976c30c9b8db734c6402d -size 4470360 diff --git a/epiphany-3.28.3.1.tar.xz b/epiphany-3.28.3.1.tar.xz new file mode 100644 index 0000000..5d3978a --- /dev/null +++ b/epiphany-3.28.3.1.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:690546a701f046c5c2b3a092659589ea6e17cb0f9a81ec3fdb3046b00cede6f7 +size 4475124 diff --git a/epiphany-bring-back-tabs-webapp.patch b/epiphany-bring-back-tabs-webapp.patch deleted file mode 100644 index 8d53caa..0000000 --- a/epiphany-bring-back-tabs-webapp.patch +++ /dev/null @@ -1,56 +0,0 @@ -From c56294dd46db69c94f8238dd47f568ca57bc51c0 Mon Sep 17 00:00:00 2001 -From: Michael Catanzaro -Date: Thu, 5 Apr 2018 11:52:24 -0500 -Subject: Again disallow new tab action in app mode - -Tabs still work, but only when opening a link - -https://bugzilla.gnome.org/show_bug.cgi?id=795007 ---- - src/ephy-notebook.c | 7 +++++-- - src/ephy-window.c | 1 + - 2 files changed, 6 insertions(+), 2 deletions(-) - -diff --git a/src/ephy-notebook.c b/src/ephy-notebook.c -index 3833862..4a05b93 100644 ---- a/src/ephy-notebook.c -+++ b/src/ephy-notebook.c -@@ -344,10 +344,12 @@ static void - update_tabs_visibility (EphyNotebook *nb, - gboolean before_inserting) - { -+ EphyEmbedShellMode mode; - gboolean show_tabs = FALSE; - guint num; - EphyPrefsUITabsBarVisibilityPolicy policy; - -+ mode = ephy_embed_shell_get_mode (EPHY_EMBED_SHELL (ephy_shell_get_default ())); - num = gtk_notebook_get_n_pages (GTK_NOTEBOOK (nb)); - - if (before_inserting) -@@ -356,8 +358,9 @@ update_tabs_visibility (EphyNotebook *nb, - policy = g_settings_get_enum (EPHY_SETTINGS_UI, - EPHY_PREFS_UI_TABS_BAR_VISIBILITY_POLICY); - -- if (((policy == EPHY_PREFS_UI_TABS_BAR_VISIBILITY_POLICY_MORE_THAN_ONE && num > 1) || -- policy == EPHY_PREFS_UI_TABS_BAR_VISIBILITY_POLICY_ALWAYS)) -+ if (mode != EPHY_EMBED_SHELL_MODE_APPLICATION && -+ ((policy == EPHY_PREFS_UI_TABS_BAR_VISIBILITY_POLICY_MORE_THAN_ONE && num > 1) || -+ policy == EPHY_PREFS_UI_TABS_BAR_VISIBILITY_POLICY_ALWAYS)) - show_tabs = TRUE; - - /* Only show the tabs when the "tabs-allowed" property is TRUE. */ -diff --git a/src/ephy-window.c b/src/ephy-window.c -index e7aa10f..2bdf442 100644 ---- a/src/ephy-window.c -+++ b/src/ephy-window.c -@@ -2997,6 +2997,7 @@ static const char *disabled_actions_for_app_mode[] = { "open", - "save-as-application", - "encoding", - "bookmark-page", -+ "new-tab", - "home" }; - - static void --- -cgit v0.12 diff --git a/epiphany-fix-crash-CVE-2018-11396.patch b/epiphany-fix-crash-CVE-2018-11396.patch deleted file mode 100644 index 83c393c..0000000 --- a/epiphany-fix-crash-CVE-2018-11396.patch +++ /dev/null @@ -1,34 +0,0 @@ -From 8c434004c0c5937c948cec6cccd95f547a0c14df Mon Sep 17 00:00:00 2001 -From: Michael Catanzaro -Date: Tue, 22 May 2018 21:06:32 -0500 -Subject: [PATCH] session: Fix crash when JS opens an invalid URI - -https://bugzilla.gnome.org/show_bug.cgi?id=795740 ---- - src/ephy-session.c | 9 ++++++++- - 1 file changed, 8 insertions(+), 1 deletion(-) - -diff --git a/src/ephy-session.c b/src/ephy-session.c -index 8a86cea..532930e 100644 ---- a/src/ephy-session.c -+++ b/src/ephy-session.c -@@ -828,8 +828,15 @@ session_seems_sane (GList *windows) - SoupURI *uri; - gboolean sane = FALSE; - -+ /* NULL URLs are possible when an invalid URL is opened by JS. -+ * E.g. -+ */ -+ if (url == NULL) -+ continue; -+ - /* Blank URLs can occur in some situations. Just ignore these, as they -- * are harmless and not an indicator of a corrupted session. */ -+ * are harmless and not an indicator of a corrupted session. -+ */ - if (strcmp (url, "") == 0) - continue; - --- -libgit2 0.27.0 - diff --git a/epiphany-uri-tester-fixes.patch b/epiphany-uri-tester-fixes.patch new file mode 100644 index 0000000..eec68f3 --- /dev/null +++ b/epiphany-uri-tester-fixes.patch @@ -0,0 +1,88 @@ +From facfa80c2b36ca7479de4323b77019965363dc6e Mon Sep 17 00:00:00 2001 +From: Michael Catanzaro +Date: Wed, 13 Jun 2018 11:10:23 -0500 +Subject: [PATCH] uri-tester: Fix urlcache memory leak + +Something went wrong with the git history related to e17dc362, and we +wound up allocating a string here that will never be freed. Whoops. + +Then we pass it through GPOINTER_TO_INT() even though it is really a +random pointer and not going to be a meaningful integer value, and +return it as a gboolean. So we have a gboolean that is neither TRUE nor +FALSE, which is bad. But fortunately, it looks like it's never +explicitly compared to TRUE, so there should have been no behavioral +issue besides the leak. + +This is related to #37. +--- + embed/web-extension/ephy-uri-tester.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/embed/web-extension/ephy-uri-tester.c b/embed/web-extension/ephy-uri-tester.c +index 70f7cfd..a871f66 100644 +--- a/embed/web-extension/ephy-uri-tester.c ++++ b/embed/web-extension/ephy-uri-tester.c +@@ -189,7 +189,7 @@ ephy_uri_tester_is_matched (EphyUriTester *tester, + + /* Look for a match either by key or by pattern. */ + if (ephy_uri_tester_is_matched_by_key (tester, opts, req_uri, page_uri, whitelist)) { +- g_hash_table_insert (urlcache, g_strdup (req_uri), g_strdup ("1")); ++ g_hash_table_insert (urlcache, g_strdup (req_uri), GINT_TO_POINTER (TRUE)); + return TRUE; + } + +-- +libgit2 0.27.1 + +From d76a401971da4cecf746fa98cb94db6fa45fd88e Mon Sep 17 00:00:00 2001 +From: Michael Catanzaro +Date: Wed, 13 Jun 2018 11:32:53 -0500 +Subject: [PATCH] uri-tester: Fix cache lookups when URI is not matched + +This regressed in e17dc3627218aed60e2fa61486757b55dc804b6e. +g_hash_table_lookup() cannot distinguish between a missing value and a +NULL value. We are storing a NULL pointer (GINT_TO_POINTER (FALSE)) to +indicate that the URL is not a match, so the end result is that instead +of a cache hit indicating we should return FALSE, we instead get a cache +miss and then have to manually determine that we need to return FALSE. + +This should be a performance fix only, it should not affect correctness. + +Fixes #37 +--- + embed/web-extension/ephy-uri-tester.c | 7 ++++--- + 1 file changed, 4 insertions(+), 3 deletions(-) + +diff --git a/embed/web-extension/ephy-uri-tester.c b/embed/web-extension/ephy-uri-tester.c +index a871f66..5158dcb 100644 +--- a/embed/web-extension/ephy-uri-tester.c ++++ b/embed/web-extension/ephy-uri-tester.c +@@ -178,14 +178,14 @@ ephy_uri_tester_is_matched (EphyUriTester *tester, + const char *page_uri, + gboolean whitelist) + { +- char *value; ++ gpointer is_matched; + GHashTable *urlcache = tester->urlcache; + if (whitelist) + urlcache = tester->whitelisted_urlcache; + + /* Check cached URLs first. */ +- if ((value = g_hash_table_lookup (urlcache, req_uri))) +- return GPOINTER_TO_INT (value); ++ if (g_hash_table_lookup_extended (urlcache, req_uri, NULL, &is_matched)) ++ return GPOINTER_TO_INT (is_matched); + + /* Look for a match either by key or by pattern. */ + if (ephy_uri_tester_is_matched_by_key (tester, opts, req_uri, page_uri, whitelist)) { +@@ -199,6 +199,7 @@ ephy_uri_tester_is_matched (EphyUriTester *tester, + return TRUE; + } + ++ /* No match. */ + g_hash_table_insert (urlcache, g_strdup (req_uri), GINT_TO_POINTER (FALSE)); + return FALSE; + } +-- +libgit2 0.27.1 + diff --git a/epiphany.changes b/epiphany.changes index 02b761a..c34ae9a 100644 --- a/epiphany.changes +++ b/epiphany.changes @@ -1,3 +1,30 @@ +------------------------------------------------------------------- +Wed Jun 13 23:25:20 UTC 2018 - bjorn.lie@gmail.com + +- Add epiphany-uri-tester-fixes.patch: Fix urlcache memory leak and + fix cache lookups when URI is not matched + (glgo#GNOME/epiphany#37). +- Add + epip-revert-gsb-storage-dont-hardcode-Linux-threat-lists.patch: + Revert gsb-storage: Don't hardcode Linux threat lists. + +------------------------------------------------------------------- +Fri Jun 8 16:55:05 UTC 2018 - bjorn.lie@gmail.com + +- Update to version 3.28.3.1: + + Fix missing symbol in 3.28.3 (glgo#GNOME/epiphany#33). +- Changes from version 3.28.3: + + Fix CVE-2018-11396/CVE-2018-12016 (bgo#795740). + + Allow Ctrl+T in app mode again due to unintended consequences + (bgo#796204). + + Don't remember passwords when the setting is disabled + (bgo#796219). + + Fix password manager crash on chase.com + (glgo#GNOME/epiphany#11). +- Drop epiphany-fix-crash-CVE-2018-11396.patch: Fixed upstream. +- Drop epiphany-bring-back-tabs-webapp.patch: Upstream reverted the + change too, so patch no longer needed. + ------------------------------------------------------------------- Tue May 22 16:22:16 UTC 2018 - bjorn.lie@gmail.com diff --git a/epiphany.spec b/epiphany.spec index 4ff36a1..9841357 100644 --- a/epiphany.spec +++ b/epiphany.spec @@ -17,7 +17,7 @@ Name: epiphany -Version: 3.28.2.1 +Version: 3.28.3.1 Release: 0 Summary: GNOME Web Browser License: GPL-3.0-or-later @@ -25,11 +25,10 @@ Group: Productivity/Networking/Web/Browsers URL: https://wiki.gnome.org/Apps/Web Source0: http://download.gnome.org/sources/epiphany/3.28/%{name}-%{version}.tar.xz Source99: %{name}-rpmlintrc -# PATCH-FIX-UPSTREAM epiphany-bring-back-tabs-webapp.patch -- Revert the revert for tabs in webapps. -# FIXME Drop epiphany-bring-back-tabs-webapp.patch on versionbump to 3.29, fixed differently on master. -Patch0: epiphany-bring-back-tabs-webapp.patch -# PATCH-FIX-UPSTREAM epiphany-fix-crash-CVE-2018-11396.patch CVE-2018-11396 bgo#795740 boo#1094464 -- session: Fix crash when JS opens an invalid URI -Patch1: epiphany-fix-crash-CVE-2018-11396.patch +# PATCH-FIX-UPSTREAM epiphany-uri-tester-fixes.patch -- Fix urlcache memory leak and Fix cache lookups when URI is not matched +Patch0: epiphany-uri-tester-fixes.patch +# PATCH-FIX-UPSTREAM epip-revert-gsb-storage-dont-hardcode-Linux-threat-lists.patch -- Revert "gsb-storage: Don't hardcode Linux threat lists" +Patch1: epip-revert-gsb-storage-dont-hardcode-Linux-threat-lists.patch BuildRequires: fdupes BuildRequires: meson @@ -99,9 +98,7 @@ search results from Web (epiphany) %lang_package %prep -%autosetup -N -%patch0 -p1 -R -%patch1 -p1 +%autosetup -p1 translation-update-upstream %build