Accepting request 917890 from KDE:Qt:5.15

Qt WebEngine 5.15.6 (forwarded request 917830 from cgiboudeaux)

OBS-URL: https://build.opensuse.org/request/show/917890
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libqt5-qtwebengine?expand=0&rev=72
This commit is contained in:
Dominique Leuenberger 2021-09-13 14:24:25 +00:00 committed by Git OBS Bridge
commit 1815bc2f12
9 changed files with 132 additions and 44 deletions

View File

@ -8,8 +8,23 @@ Subject: [PATCH] Fix build with glibc 2.34
.../breakpad/src/client/linux/handler/exception_handler.cc | 2 +-
2 files changed, 3 insertions(+), 2 deletions(-)
diff --git a/src/3rdparty/chromium/sandbox/linux/services/credentials.cc b/src/3rdparty/chromium/sandbox/linux/services/credentials.cc
index d7b5d8c4413..a62cb21bd7a 100644
--- a/src/3rdparty/chromium/sandbox/linux/services/credentials.cc
+++ b/src/3rdparty/chromium/sandbox/linux/services/credentials.cc
@@ -98,7 +98,9 @@ bool ChrootToSafeEmptyDir() {
// attempt this optimization.
clone_flags |= CLONE_VM | CLONE_VFORK | CLONE_SETTLS;
- char tls_buf[PTHREAD_STACK_MIN] = {0};
+ const std::size_t pthread_stack_min = PTHREAD_STACK_MIN;
+ char tls_buf[pthread_stack_min];
+ memset(tls_buf, 0, pthread_stack_min);
tls = tls_buf;
#endif
diff --git a/src/3rdparty/chromium/third_party/abseil-cpp/absl/debugging/failure_signal_handler.cc b/src/3rdparty/chromium/third_party/abseil-cpp/absl/debugging/failure_signal_handler.cc
index 5d13bdbbb..2ed137b58 100644
index 5d13bdbbbd1..2ed137b58f1 100644
--- a/src/3rdparty/chromium/third_party/abseil-cpp/absl/debugging/failure_signal_handler.cc
+++ b/src/3rdparty/chromium/third_party/abseil-cpp/absl/debugging/failure_signal_handler.cc
@@ -135,7 +135,8 @@ static bool SetupAlternateStackOnce() {
@ -23,7 +38,7 @@ index 5d13bdbbb..2ed137b58 100644
defined(ABSL_HAVE_MEMORY_SANITIZER) || defined(ABSL_HAVE_THREAD_SANITIZER)
// Account for sanitizer instrumentation requiring additional stack space.
diff --git a/src/3rdparty/chromium/third_party/breakpad/breakpad/src/client/linux/handler/exception_handler.cc b/src/3rdparty/chromium/third_party/breakpad/breakpad/src/client/linux/handler/exception_handler.cc
index ca353c409..2e43ba6fc 100644
index ca353c40997..2e43ba6fc04 100644
--- a/src/3rdparty/chromium/third_party/breakpad/breakpad/src/client/linux/handler/exception_handler.cc
+++ b/src/3rdparty/chromium/third_party/breakpad/breakpad/src/client/linux/handler/exception_handler.cc
@@ -138,7 +138,7 @@ void InstallAlternateStackLocked() {
@ -35,6 +50,5 @@ index ca353c409..2e43ba6fc 100644
// Only set an alternative stack if there isn't already one, or if the current
// one is too small.
--
--
2.32.0

View File

@ -0,0 +1,42 @@
From 218438259dd795456f0a48f67cbe5b4e520db88b Mon Sep 17 00:00:00 2001
From: Matthew Denton <mpdenton@chromium.org>
Date: Thu, 3 Jun 2021 20:06:13 +0000
Subject: [PATCH] Linux sandbox: return ENOSYS for clone3
Because clone3 uses a pointer argument rather than a flags argument, we
cannot examine the contents with seccomp, which is essential to
preventing sandboxed processes from starting other processes. So, we
won't be able to support clone3 in Chromium. This CL modifies the
BPF policy to return ENOSYS for clone3 so glibc always uses the fallback
to clone.
Bug: 1213452
Change-Id: I7c7c585a319e0264eac5b1ebee1a45be2d782303
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2936184
Reviewed-by: Robert Sesek <rsesek@chromium.org>
Commit-Queue: Matthew Denton <mpdenton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#888980}
---
.../sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc | 8 ++++++++
diff --git a/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc b/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
index 3c67b124786..81cb25e139e 100644
--- a/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
+++ b/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
@@ -165,6 +165,14 @@ ResultExpr EvaluateSyscallImpl(int fs_denied_errno,
return RestrictCloneToThreadsAndEPERMFork();
}
+ // clone3 takes a pointer argument which we cannot examine, so return ENOSYS
+ // to force the libc to use clone. See https://crbug.com/1213452.
+ #if defined(__NR_clone3)
+ if (sysno == __NR_clone3) {
+ return Error(ENOSYS);
+ }
+ #endif
+
if (sysno == __NR_fcntl)
return RestrictFcntlCommands();
--
2.32.0

View File

@ -1,11 +1,11 @@
<services>
<service name="tar_scm" mode="disabled">
<param name="changesgenerate">enable</param>
<param name="version">5.15.5</param>
<param name="version">5.15.6</param>
<param name="url">git://code.qt.io/qt/qtwebengine.git</param>
<param name="scm">git</param>
<param name="filename">qtwebengine-everywhere-src</param>
<param name="revision">v5.15.5-lts</param>
<param name="revision">v5.15.6-lts</param>
</service>
<service name="recompress" mode="disabled">
<param name="file">*.tar</param>

View File

@ -1,4 +1,4 @@
<servicedata>
<service name="tar_scm">
<param name="url">git://code.qt.io/qt/qtwebengine.git</param>
<param name="changesrevision">9711f64c5082040cb76f6da5ef4a16037dbda08f</param></service></servicedata>
<param name="changesrevision">2acbba86362ac3a1c2d8c20390dc263875f8f09c</param></service></servicedata>

View File

@ -1,3 +1,57 @@
-------------------------------------------------------------------
Thu Sep 09 07:19:58 UTC 2021 - christophe@krop.fr
- Update to version 5.15.6:
* Update Chromium:
+ [Backport] CVE-2021-30560: Use after free in Blink XSLT
+ [Backport] CVE-2021-30566: Stack buffer overflow in Printing
+ [Backport] CVE-2021-30585: Use after free in sensor handling
+ Bump V8_PATCH_LEVEL
+ [Backport] Security bug 1228036
+ [Backport] CVE-2021-30604: Use after free in ANGLE
+ [Backport] CVE-2021-30603: Race in WebAudio
+ [Backport] CVE-2021-30602: Use after free in WebRTC
+ [Backport] CVE-2021-30599: Type Confusion in V8
+ [Backport] CVE-2021-30598: Type Confusion in V8
+ [Backport] Security bug 1227933
+ [Backport] Security bug 1205059
+ [Backport] Security bug 1184294
+ [Backport] Security bug 1198385
+ [Backport] CVE-2021-30588: Type Confusion in V8
+ [Backport] CVE-2021-30587: Inappropriate implementation in Compositing on Windows
+ [Backport] CVE-2021-30573: Use after free in GPU
+ [Backport] CVE-2021-30569, security bugs 1198216 and 1204814
+ [Backport] CVE-2021-30568: Heap buffer overflow in WebGL
+ [Backport] CVE-2021-30541: Use after free in V8
+ [Backport] Security bugs 1197786 and 1194330
+ [Backport] Security bug 1194689
+ [Backport] CVE-2021-30563: Type Confusion in V8
+ [Backport] Security bug 1211215
+ [Backport] Security bug 1209558
+ [Backport] CVE-2021-30553: Use after free in Network service
+ [Backport] CVE-2021-30548: Use after free in Loader
+ [Backport] CVE-2021-30547: Out of bounds write in ANGLE
+ [Backport] CVE-2021-30556: Use after free in WebAudio
+ [Backport] CVE-2021-30559: Out of bounds write in ANGLE
+ [Backport] CVE-2021-30533: Insufficient policy enforcement in PopupBlocker
+ [Backport] Security bug 1202534
+ [Backport] CVE-2021-30536: Out of bounds read in V8
+ [Backport] CVE-2021-30522: Use after free in WebAudio
+ [Backport] CVE-2021-30554 Use after free in WebGL
+ [Backport] CVE-2021-30551: Type Confusion in V8
+ [Backport] CVE-2021-30544: Use after free in BFCache
+ [Backport] CVE-2021-30535: Double free in ICU
+ [Backport] CVE-2021-30534: Insufficient policy enforcement in iFrameSandbox
+ [Backport] CVE-2021-30530: Out of bounds memory access in WebAudio
+ [Backport] CVE-2021-30523: Use after free in WebRTC
+ Generate mojo bindings before compiling extension API registration
* Bump version from 5.15.5 to 5.15.6
* Always send phased wheel events beginning with Began
- Import patch from the chromium package:
* 0001-return-ENOSYS-for-clone3.patch
- Add changes from the chromium package to
0001-Fix-build-with-glibc-2.34.patch
-------------------------------------------------------------------
Wed Aug 4 15:23:24 UTC 2021 - Christophe Giboudeaux <christophe@krop.fr>

View File

@ -29,19 +29,17 @@
%global _qtwebengine_dictionaries_dir %{_libqt5_datadir}/qtwebengine_dictionaries
Name: libqt5-qtwebengine
Version: 5.15.5
Version: 5.15.6
Release: 0
Summary: Qt 5 WebEngine Library
License: LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only
Group: Development/Libraries/X11
URL: https://www.qt.io
%define base_name libqt5
%define real_version 5.15.5
%define so_version 5.15.5
%define real_version 5.15.6
%define so_version 5.15.6
%define tar_version qtwebengine-everywhere-src-%{version}
Source: %{tar_version}.tar.xz
# Generated from a local build
Source1: sync.profile
# PATCH-FIX-UPSTREAM armv6-ffmpeg-no-thumb.patch - Fix ffmpeg configuration for armv6
Patch0: armv6-ffmpeg-no-thumb.patch
# PATCH-FIX-OPENSUSE disable-gpu-when-using-nouveau-boo-1005323.diff
@ -54,7 +52,9 @@ Patch4: rtc-dont-use-h264.patch
Patch5: chromium-glibc-2.33.patch
# PATCH-FIX-UPSTREAM
Patch6: 0001-Fix-build-with-glibc-2.34.patch
# http://www.chromium.org/blink not ported to PowerPC
# PATCH-FIX-UPSTREAM
Patch7: 0001-return-ENOSYS-for-clone3.patch
# http://www.chromium.org/blink is not ported to PowerPC & s390
ExcludeArch: ppc ppc64 ppc64le s390 s390x
# Try to fix i586 MemoryErrors with rpmlint
#!BuildIgnore: rpmlint
@ -68,7 +68,7 @@ BuildRequires: git-core
BuildRequires: krb5
BuildRequires: krb5-devel
BuildRequires: libQt5QuickControls2-devel
# For building pdf exmples...
# For building pdf examples...
BuildRequires: libqt5-qtsvg-devel
BuildRequires: libcap-devel
BuildRequires: libgcrypt-devel
@ -82,7 +82,7 @@ BuildRequires: libqt5-qtwebchannel-private-headers-devel >= 5.12
BuildRequires: libqt5-qtxmlpatterns-private-headers-devel >= 5.12
BuildRequires: memory-constraints
BuildRequires: ninja
# nodejs-default doesn't exist on Leap 15.2 and nodejs/nodejs-common is confused on TW/i586
# nodejs-default doesn't exist on Leap 15.2
%if 0%{?suse_version} == 1500 && 0%{?sle_version} == 150200
BuildRequires: nodejs-common
%else
@ -278,9 +278,11 @@ Recommends: libqt5-qtpdf-devel
Examples for the libqt5-qtpdf module.
%prep
%setup -q -n %{tar_version}
%autosetup -p1 -n %{tar_version}
sed -i 's|$(STRIP)|strip|g' src/core/core_module.pro
%autopatch -p1
#force the configure script to generate the forwarding headers (it checks whether .git directory exists)
mkdir .git
# QTBUG-61128
sed -i -e '/toolprefix = /d' -e 's/\${toolprefix}//g' \
@ -318,12 +320,6 @@ export RPM_OPT_FLAGS="${RPM_OPT_FLAGS} -Wno-return-type"
-webengine-proprietary-codecs \
%endif
# For an unknown reason, syncqt isn't executed when building the package on the build service
cp %{SOURCE1} .
for i in QtWebEngine QtWebEngineCore QtWebEngineWidgets QtPdf QtPdfWidgets ; do
perl -w %{_libqt5_bindir}/syncqt.pl -module $i -version %{version} -outdir $PWD -builddir $PWD $PWD
done
# Determine the right number of parallel processes based on the available memory
%limit_build -m 2750
@ -344,9 +340,6 @@ sed -i '/^Libs.private/d' %{buildroot}%{_libdir}/pkgconfig/Qt*Web*.pc
# kill .la files
rm -f %{buildroot}%{_libqt5_libdir}/*.la
# webenginecore expects icudatl.dat at this location
# ln -sf %{_datadir}/icu/*/icudt*l.dat %{buildroot}%{_datadir}/qt5/icudtl.dat
# Workaround to allow using QtWE with older Qt versions
%global qtcore_version %(printf %{pkg_version libQt5Core5} | cut -d + -f 1)
# NOTE the space after '%%{version}' is important to only match '5.15.X ${_Qt5XXX_FIND_VERSION_EXACT}'

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:b67e42862d312827173984fbc736aa92a6b1facb3c8024d5dab979c0ad10644b
size 319589504

View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:0acc53400520e0c60c32065b914ed53660788051e826b49de45137833002bb75
size 319566384

View File

@ -1,15 +0,0 @@
%modules = ( # path to module name map
"QtWebEngine" => "$basedir/src/webengine",
"QtWebEngineWidgets" => "$basedir/src/webenginewidgets",
"QtWebEngineCore" => "$basedir/src/core",
"QtPdf" => "$basedir/src/pdf",
"QtPdfWidgets" => "$basedir/src/pdfwidgets",
);
%moduleheaders = ( # restrict the module headers to those found in relative path
"QtWebEngine" => "api",
"QtWebEngineWidgets" => "api",
"QtWebEngineCore" => "api",
"QtPdf" => "api"
);
%classnames = (
);