Accepting request 1302714 from KDE:Qt:5.15

- Change the way we pin to ffmpeg-7: set maximum versions for the libav* buildrequires insteaf of hardcoding ffmpeg-7-*devel. This allows OBS to still shortcut through the mini packages. (forwarded request 1302712 from dimstar) OBS-URL: https://build.opensuse.org/request/show/1302714 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libqt5-qtwebengine?expand=0&rev=107
- Change the way we pin to ffmpeg-7: set maximum versions for the
2025-09-05 19:42:14 +00:00 · 2025-09-04 10:43:00 +00:00 · 2025-09-03 20:14:52 +00:00
9 changed files with 63 additions and 131 deletions
--- a/6
+++ b/6
@@ -1,12 +1,12 @@
 <services>
  <service name="tar_scm" mode="disabled">
   <param name="changesgenerate">enable</param>
-   <!-- submodule from fdfef5b3 to 85337c28b -->
+   <!-- submodule from 85337c28b to 6d29e9cfc -->
-   <param name="version">5.15.18</param>
+   <param name="version">5.15.19</param>
   <param name="url">git://code.qt.io/qt/qtwebengine.git</param>
   <param name="scm">git</param>
   <param name="filename">qtwebengine-everywhere-src</param>
-   <param name="revision">v5.15.18-lts</param>
+   <param name="revision">v5.15.19-lts</param>
  </service>
  <service name="recompress" mode="disabled">
   <param name="file">*.tar</param>
--- a/2
+++ b/2
@@ -1,4 +1,4 @@
 <servicedata>
 <service name="tar_scm">
                <param name="url">git://code.qt.io/qt/qtwebengine.git</param>
-              <param name="changesrevision">87ceb6a2ef5ee25d56f765dc533728c4ca4787e0</param></service></servicedata>
+              <param name="changesrevision">a5d11cd6f8c487443c15c7e3a6cd8090b65cb313</param></service></servicedata>
--- a/libqt5-qtwebengine.changes
+++ b/libqt5-qtwebengine.changes
@@ -1,3 +1,48 @@
 -------------------------------------------------------------------
 Thu Sep  4 09:03:35 UTC 2025 - Dominique Leuenberger <dimstar@opensuse.org>
 - Change the way we pin to ffmpeg-7: set maximum versions for the
  libav* buildrequires insteaf of hardcoding ffmpeg-7-*devel. This
  allows OBS to still shortcut through the mini packages.
 -------------------------------------------------------------------
 Tue Sep 02 07:23:24 UTC 2025 - Christophe Marin <christophe@krop.fr>
 - Update to version 5.15.19:
  * Bump version to 5.15.19
  * qmake: Fix qmake2cmake parsing issue for 5.15 SBOM
  * Update Chromium (patched with security updates up to
    135.0.7049.95):
  * [Backport] CVE-2024-10229: Inappropriate implementation in Extensions
  * [Backport] CVE-2024-10827: Use after free in Serial
  * [Backport] Security bug 378701682
  * [Backport] CVE-2024-12694: Use after free in Compositing
  * [Backport] Security bug 382135228
  * [Backport] Security bug 384565015
  * [Backport] CVE-2025-0436: Integer overflow in Skia
  * [Backport] CVE-2024-11477 / Security bug 383772517
  * [Backport] CVE-2025-0996: Inappropriate implementation in Browser UI
  * [Backport] CVE-2025-1426: Heap buffer overflow in GPU
  * [Backport] Security bug 396481096
  * [Backport] CVE-2025-0762: Use after free in DevTools
  * [Backport] CVE-2025-0999: Heap buffer overflow in V8
  * [Backport] CVE-2024-55549: Fix UAF related to excluded namespaces
  * [Backport] CVE-2025-24855 Fix use-after-free of XPath context node
  * [backport] CVE-2025-1919
  * [Backport] CVE-2025-2783: Incorrect handle provided in
    unspecified circumstances in Mojo on Windows
  * [backport] CVE-2025-24201
  * [backport] CVE-2025-2136
  * [Backport] Security bug 399002829
  * [Backport] Security bug 396460489
  * [Backport] CVE-2025-3619
  * Various python fixes
 - Drop patches:
  * python3.12-imp.patch
  * python3.12-six.patch
  * python3.13-pipes.patch
 - Don't try to build with ffmpeg >= 8 on factory
 -------------------------------------------------------------------
 Thu Apr 24 21:13:27 UTC 2025 - Friedrich Haubensak <hsk17@mail.de>
--- a/libqt5-qtwebengine.spec
+++ b/libqt5-qtwebengine.spec
@@ -1,7 +1,7 @@
 #
 # spec file for package libqt5-qtwebengine
 #
-# Copyright (c) 2024 SUSE LLC
+# Copyright (c) 2025 SUSE LLC and contributors
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -22,6 +22,7 @@
 %bcond_without system_ffmpeg
 %bcond_without system_minizip
 %bcond_without pipewire
 # The default python version is too old on Leap 15
 %{?sle15_python_module_pythons}
 %if 0%{?suse_version} == 1500
@@ -35,15 +36,15 @@
 %global _qtwebengine_dictionaries_dir %{_libqt5_datadir}/qtwebengine_dictionaries
 Name:           libqt5-qtwebengine
-Version:        5.15.18
+Version:        5.15.19
 Release:        0
 Summary:        Qt 5 WebEngine Library
 License:        LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only
 Group:          Development/Libraries/X11
 URL:            https://www.qt.io
 %define base_name libqt5
-%define real_version 5.15.18
+%define real_version 5.15.19
-%define so_version 5.15.18
+%define so_version 5.15.19
 %define tar_version qtwebengine-everywhere-src-%{version}
 Source:         %{tar_version}.tar.xz
 Source99:       libqt5-qtwebengine-rpmlintrc
@@ -64,16 +65,12 @@ Patch6:         Add-missing-dependencies.patch
 # PATCH-FIX-UPSTREAM -- ICU 75 compatibility
 Patch7:         qt5-webengine-icu-75.patch
 Patch8:         0001-Use-default-constructor-in-place-of-self-delegation-.patch
 # PATCH-FIX-UPSTREAM -- python >= 3.12 compat
 Patch9:         python3.12-imp.patch
 Patch10:        python3.12-six.patch
 Patch11:        python3.13-pipes.patch
 # PATCH-FIX-UPSTREAM https://bugreports.qt.io/browse/QTBUG-57709?focusedId=427082#comment-427082
-Patch12:        sandbox_recvmsg.patch
+Patch9:         sandbox_recvmsg.patch
 # PATCH-FIX-UPSTREAM -- selected backported upstream changes to support gcc-15
-Patch13:        qtwebengine-5.15.18-gcc15-cstdint.patch
+Patch10:        qtwebengine-5.15.18-gcc15-cstdint.patch
 ### Patch 50-99 are applied conditionally
-# PATCH-FIX-OPENSUSE -- allow building qtwebengine with ffmpeg5
+# PATCH-FIX-UPSTREAM -- allow building qtwebengine with ffmpeg 5
 Patch50:        qtwebengine-ffmpeg5.patch
 Patch51:        qt5-webengine-ffmpeg7.patch
 ###
@@ -154,9 +151,9 @@ BuildRequires:  pkgconfig(icu-uc) >= 65.0
 BuildRequires:  pkgconfig(jsoncpp)
 BuildRequires:  pkgconfig(lcms2)
 %if %{with system_ffmpeg}
-BuildRequires:  pkgconfig(libavcodec)
+BuildRequires:  pkgconfig(libavcodec) < 62
-BuildRequires:  pkgconfig(libavformat)
+BuildRequires:  pkgconfig(libavformat) < 62
-BuildRequires:  pkgconfig(libavutil)
+BuildRequires:  pkgconfig(libavutil) < 60
 %endif
 BuildRequires:  pkgconfig(libcrypto)
 BuildRequires:  pkgconfig(libdrm)
@@ -314,9 +311,6 @@ Examples for the libqt5-qtpdf module.
 %patch -P8 -p1
 %patch -P9 -p1
 %patch -P10 -p1
 %patch -P11 -p1
 %patch -P12 -p1
 %patch -P13 -p1
 # FFmpeg 5
 %if %{with system_ffmpeg}
--- a/python3.12-imp.patch
+++ b/python3.12-imp.patch
@@ -1,24 +0,0 @@
 Description: stop using imp module which was removed in Python 3.12
 Origin: upstream, https://chromium.googlesource.com/chromium/src/+/f5f6e361d037c316
 Last-Update: 2024-06-30
 --- a/src/3rdparty/chromium/mojo/public/tools/mojom/mojom/fileutil.py
 +++ b/src/3rdparty/chromium/mojo/public/tools/mojom/mojom/fileutil.py
@@ -3,7 +3,6 @@
 # found in the LICENSE file.
 import errno
 -import imp
 import os.path
 import sys
 --- a/src/3rdparty/chromium/mojo/public/tools/mojom/mojom/parse/lexer.py
 +++ b/src/3rdparty/chromium/mojo/public/tools/mojom/mojom/parse/lexer.py
@@ -2,7 +2,6 @@
 # Use of this source code is governed by a BSD-style license that can be
 # found in the LICENSE file.
 -import imp
 import os.path
 import sys
--- a/python3.12-six.patch
+++ b/python3.12-six.patch
@@ -1,56 +0,0 @@
 Description: implement find_spec() for _SixMetaPathImporter
 Origin: upstream, https://github.com/benjaminp/six/commit/25916292d96f5f09
 Last-Update: 2024-03-17
 --- a/src/3rdparty/chromium/third_party/protobuf/third_party/six/six.py
 +++ b/src/3rdparty/chromium/third_party/protobuf/third_party/six/six.py
@@ -71,6 +71,11 @@ else:
             MAXSIZE = int((1 << 63) - 1)
         del X
 +if PY34:
 +    from importlib.util import spec_from_loader
 +else:
 +    spec_from_loader = None
 +
 def _add_doc(func, doc):
     """Add documentation to a function."""
@@ -186,6 +191,11 @@ class _SixMetaPathImporter(object):
             return self
         return None
 +    def find_spec(self, fullname, path, target=None):
 +        if fullname in self.known_modules:
 +            return spec_from_loader(fullname, self)
 +        return None
 +
     def __get_module(self, fullname):
         try:
             return self.known_modules[fullname]
 --- a/src/3rdparty/chromium/tools/grit/third_party/six/__init__.py
 +++ b/src/3rdparty/chromium/tools/grit/third_party/six/__init__.py
@@ -71,6 +71,11 @@ else:
             MAXSIZE = int((1 << 63) - 1)
         del X
 +if PY34:
 +    from importlib.util import spec_from_loader
 +else:
 +    spec_from_loader = None
 +
 def _add_doc(func, doc):
     """Add documentation to a function."""
@@ -186,6 +191,11 @@ class _SixMetaPathImporter(object):
             return self
         return None
 +    def find_spec(self, fullname, path, target=None):
 +        if fullname in self.known_modules:
 +            return spec_from_loader(fullname, self)
 +        return None
 +
     def __get_module(self, fullname):
         try:
             return self.known_modules[fullname]
--- a/python3.13-pipes.patch
+++ b/python3.13-pipes.patch
@@ -1,27 +0,0 @@
 Description: replace removed pipes module with shlex
 Origin: upstream, https://chromium.googlesource.com/chromium/src/+/4c6fc1984970af4b
 Last-Update: 2025-01-08
 --- a/src/3rdparty/chromium/build/android/gyp/util/build_utils.py
 +++ b/src/3rdparty/chromium/build/android/gyp/util/build_utils.py
@@ -12,8 +12,8 @@ import fnmatch
 import json
 import logging
 import os
 -import pipes
 import re
 +import shlex
 import shutil
 import stat
 import subprocess
@@ -197,8 +197,9 @@ class CalledProcessError(Exception):
   def __str__(self):
     # A user should be able to simply copy and paste the command that failed
     # into their shell.
 +    printed_cmd = shlex.join(self.args)
     copyable_command = '( cd {}; {} )'.format(os.path.abspath(self.cwd),
 -        ' '.join(map(pipes.quote, self.args)))
 +                                              printed_cmd)
     return 'Command failed: {}\n{}'.format(copyable_command, self.output)
--- a/qtwebengine-everywhere-src-5.15.18.tar.xz
+++ b/qtwebengine-everywhere-src-5.15.18.tar.xz
--- a/qtwebengine-everywhere-src-5.15.19.tar.xz
+++ b/qtwebengine-everywhere-src-5.15.19.tar.xz
@@ -0,0 +1,3 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:c127bb77eeb25ce405749facbf9db5165bd8a8972d4bfafdbeee9a0235b04382
 size 322353208