From a69f4899c6d691f6065f68c54b3ab1a9e2db40dbb5ff0d7248e75c09b5386308 Mon Sep 17 00:00:00 2001 From: Dominique Leuenberger Date: Thu, 28 Nov 2024 09:07:48 +0000 Subject: [PATCH] - Update to version 2.46.4 Also fix a typo in a CVE ref, and remove some mistakenly-added bugs/CVEs that don't affect Linux. OBS-URL: https://build.opensuse.org/package/show/GNOME:Factory/webkit2gtk3?expand=0&rev=498 --- .gitattributes | 23 + .gitignore | 1 + ...badbada070ebaadd318b2801818ecf7e7ea0.patch | 31 + ...44679af8f84036f1b800307e799bd7ab73ba.patch | 59 + ...a966373d3858668f6a29d8ba91a5807c8dd8.patch | 41 + _constraints | 45 + _multibuild | 6 + baselibs.conf | 2 + bug281492.patch | 94 + bug281495.patch | 84 + reproducibility.patch | 11 + revert-271175.patch | 47 + webkit2gtk3-CVE-2024-40776.patch | 165 + webkit2gtk3-CVE-2024-40779.patch | 88 + webkit2gtk3-CVE-2024-40780.patch | 102 + webkit2gtk3-CVE-2024-40782.patch | 84 + webkit2gtk3-CVE-2024-44308.patch | 60 + webkit2gtk3-CVE-2024-44309.patch | 321 ++ webkit2gtk3-disable-dmabuf-nvidia.patch | 65 + webkit2gtk3.changes | 4696 +++++++++++++++++ webkit2gtk3.keyring | Bin 0 -> 4178 bytes webkit2gtk3.spec | 628 +++ webkitgtk-2.44.2.tar.xz | 3 + webkitgtk-2.44.2.tar.xz.asc | 16 + webkitgtk-2.44.3.tar.xz | 3 + webkitgtk-2.44.3.tar.xz.asc | 16 + webkitgtk-2.44.4.tar.xz | 3 + webkitgtk-2.44.4.tar.xz.asc | 6 + webkitgtk-2.45.92.tar.xz | 3 + webkitgtk-2.45.92.tar.xz.asc | 16 + webkitgtk-2.46.1.tar.xz | 3 + webkitgtk-2.46.1.tar.xz.asc | 16 + webkitgtk-2.46.2.tar.xz | 3 + webkitgtk-2.46.2.tar.xz.asc | 16 + webkitgtk-2.46.3.tar.xz | 3 + webkitgtk-2.46.3.tar.xz.asc | 16 + webkitgtk-2.46.4.tar.xz | 3 + webkitgtk-2.46.4.tar.xz.asc | 16 + 38 files changed, 6795 insertions(+) create mode 100644 .gitattributes create mode 100644 .gitignore create mode 100644 63f7badbada070ebaadd318b2801818ecf7e7ea0.patch create mode 100644 9d5844679af8f84036f1b800307e799bd7ab73ba.patch create mode 100644 9e9ea966373d3858668f6a29d8ba91a5807c8dd8.patch create mode 100644 _constraints create mode 100644 _multibuild create mode 100644 baselibs.conf create mode 100644 bug281492.patch create mode 100644 bug281495.patch create mode 100644 reproducibility.patch create mode 100644 revert-271175.patch create mode 100644 webkit2gtk3-CVE-2024-40776.patch create mode 100644 webkit2gtk3-CVE-2024-40779.patch create mode 100644 webkit2gtk3-CVE-2024-40780.patch create mode 100644 webkit2gtk3-CVE-2024-40782.patch create mode 100644 webkit2gtk3-CVE-2024-44308.patch create mode 100644 webkit2gtk3-CVE-2024-44309.patch create mode 100644 webkit2gtk3-disable-dmabuf-nvidia.patch create mode 100644 webkit2gtk3.changes create mode 100644 webkit2gtk3.keyring create mode 100644 webkit2gtk3.spec create mode 100644 webkitgtk-2.44.2.tar.xz create mode 100644 webkitgtk-2.44.2.tar.xz.asc create mode 100644 webkitgtk-2.44.3.tar.xz create mode 100644 webkitgtk-2.44.3.tar.xz.asc create mode 100644 webkitgtk-2.44.4.tar.xz create mode 100644 webkitgtk-2.44.4.tar.xz.asc create mode 100644 webkitgtk-2.45.92.tar.xz create mode 100644 webkitgtk-2.45.92.tar.xz.asc create mode 100644 webkitgtk-2.46.1.tar.xz create mode 100644 webkitgtk-2.46.1.tar.xz.asc create mode 100644 webkitgtk-2.46.2.tar.xz create mode 100644 webkitgtk-2.46.2.tar.xz.asc create mode 100644 webkitgtk-2.46.3.tar.xz create mode 100644 webkitgtk-2.46.3.tar.xz.asc create mode 100644 webkitgtk-2.46.4.tar.xz create mode 100644 webkitgtk-2.46.4.tar.xz.asc diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..9b03811 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,23 @@ +## Default LFS +*.7z filter=lfs diff=lfs merge=lfs -text +*.bsp filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.gem filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.jar filter=lfs diff=lfs merge=lfs -text +*.lz filter=lfs diff=lfs merge=lfs -text +*.lzma filter=lfs diff=lfs merge=lfs -text +*.obscpio filter=lfs diff=lfs merge=lfs -text +*.oxt filter=lfs diff=lfs merge=lfs -text +*.pdf filter=lfs diff=lfs merge=lfs -text +*.png filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.tbz filter=lfs diff=lfs merge=lfs -text +*.tbz2 filter=lfs diff=lfs merge=lfs -text +*.tgz filter=lfs diff=lfs merge=lfs -text +*.ttf filter=lfs diff=lfs merge=lfs -text +*.txz filter=lfs diff=lfs merge=lfs -text +*.whl filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.zst filter=lfs diff=lfs merge=lfs -text diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..57affb6 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.osc diff --git a/63f7badbada070ebaadd318b2801818ecf7e7ea0.patch b/63f7badbada070ebaadd318b2801818ecf7e7ea0.patch new file mode 100644 index 0000000..13d469c --- /dev/null +++ b/63f7badbada070ebaadd318b2801818ecf7e7ea0.patch @@ -0,0 +1,31 @@ +From 63f7badbada070ebaadd318b2801818ecf7e7ea0 Mon Sep 17 00:00:00 2001 +From: Don Olmstead +Date: Sat, 26 Oct 2024 08:27:01 -0700 +Subject: [PATCH] Support ICU 76.1 build + https://bugs.webkit.org/show_bug.cgi?id=282120 + +Reviewed by Yusuke Suzuki. + +In ICU 76.1 an additional macro `U_SHOW_CPLUSPLUS_HEADER_API` was added to +control visibility of the C++ API within ICU. Set this value to `0` since WebKit +wants to only use the C API. + +* Source/WTF/wtf/Platform.h: + +Canonical link: https://commits.webkit.org/285727@main +--- + Source/WTF/wtf/Platform.h | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/Source/WTF/wtf/Platform.h b/Source/WTF/wtf/Platform.h +index 23070df2937ba..51a8dce97755e 100644 +--- a/Source/WTF/wtf/Platform.h ++++ b/Source/WTF/wtf/Platform.h +@@ -115,6 +115,7 @@ + /* ICU configuration. Some of these match ICU defaults on some platforms, but we would like them consistently set everywhere we build WebKit. */ + #define U_HIDE_DEPRECATED_API 1 + #define U_SHOW_CPLUSPLUS_API 0 ++#define U_SHOW_CPLUSPLUS_HEADER_API 0 + #ifdef __cplusplus + #define UCHAR_TYPE char16_t + #endif diff --git a/9d5844679af8f84036f1b800307e799bd7ab73ba.patch b/9d5844679af8f84036f1b800307e799bd7ab73ba.patch new file mode 100644 index 0000000..b919fcd --- /dev/null +++ b/9d5844679af8f84036f1b800307e799bd7ab73ba.patch @@ -0,0 +1,59 @@ +From 9d5844679af8f84036f1b800307e799bd7ab73ba Mon Sep 17 00:00:00 2001 +From: Philippe Normand +Date: Thu, 20 Jun 2024 12:39:27 -0700 +Subject: [PATCH] [GTK][GStreamer] VA+DMABuf videos flicker + https://bugs.webkit.org/show_bug.cgi?id=253807 + +Reviewed by Xabier Rodriguez-Calvar. + +By requesting a video frame allocation pool containing at least 3 frames, the risks of flickering +when rendering should be reduced. + +* Source/WebCore/platform/graphics/gstreamer/GStreamerVideoSinkCommon.cpp: +(WebKitVideoSinkProbe::doProbe): + +Canonical link: https://commits.webkit.org/280210@main +--- + .../gstreamer/GStreamerVideoSinkCommon.cpp | 29 +++++++++++++++++-- + 1 file changed, 27 insertions(+), 2 deletions(-) + +diff --git a/Source/WebCore/platform/graphics/gstreamer/GStreamerVideoSinkCommon.cpp b/Source/WebCore/platform/graphics/gstreamer/GStreamerVideoSinkCommon.cpp +index dc3f912e11d8..b2ddaad303e8 100644 +--- a/Source/WebCore/platform/graphics/gstreamer/GStreamerVideoSinkCommon.cpp ++++ b/Source/WebCore/platform/graphics/gstreamer/GStreamerVideoSinkCommon.cpp +@@ -73,8 +73,33 @@ class WebKitVideoSinkProbe { + player->updateVideoOrientation(tagList); + } + +- if (info->type & GST_PAD_PROBE_TYPE_QUERY_DOWNSTREAM && GST_QUERY_TYPE(GST_PAD_PROBE_INFO_QUERY(info)) == GST_QUERY_ALLOCATION) +- gst_query_add_allocation_meta(GST_PAD_PROBE_INFO_QUERY(info), GST_VIDEO_META_API_TYPE, nullptr); ++ if (info->type & GST_PAD_PROBE_TYPE_QUERY_DOWNSTREAM && GST_QUERY_TYPE(GST_PAD_PROBE_INFO_QUERY(info)) == GST_QUERY_ALLOCATION) { ++ auto query = GST_PAD_PROBE_INFO_QUERY(info); ++ gst_query_add_allocation_meta(query, GST_VIDEO_META_API_TYPE, nullptr); ++ ++ GstCaps* caps; ++ gboolean needPool; ++ gst_query_parse_allocation(query, &caps, &needPool); ++ if (UNLIKELY(!caps) || !needPool) ++ return GST_PAD_PROBE_OK; ++ ++ unsigned size; ++#if GST_CHECK_VERSION(1, 24, 0) ++ if (gst_video_is_dma_drm_caps(caps)) { ++ GstVideoInfoDmaDrm drmInfo; ++ if (!gst_video_info_dma_drm_from_caps(&drmInfo, caps)) ++ return GST_PAD_PROBE_OK; ++ size = GST_VIDEO_INFO_SIZE(&drmInfo.vinfo); ++ } else ++#endif ++ { ++ GstVideoInfo info; ++ if (!gst_video_info_from_caps(&info, caps)) ++ return GST_PAD_PROBE_OK; ++ size = GST_VIDEO_INFO_SIZE(&info); ++ } ++ gst_query_add_allocation_pool(query, nullptr, size, 3, 0); ++ } + + #if USE(GSTREAMER_GL) + // FIXME: Verify the following comment. Investigate what actually should be done here. diff --git a/9e9ea966373d3858668f6a29d8ba91a5807c8dd8.patch b/9e9ea966373d3858668f6a29d8ba91a5807c8dd8.patch new file mode 100644 index 0000000..14db3a5 --- /dev/null +++ b/9e9ea966373d3858668f6a29d8ba91a5807c8dd8.patch @@ -0,0 +1,41 @@ +From 9e9ea966373d3858668f6a29d8ba91a5807c8dd8 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Th=C3=A9o=20Maillart?= +Date: Fri, 8 Nov 2024 09:50:53 -0800 +Subject: [PATCH] [GStreamer] Video dimensions are wrong since GStreamer 1.24.9 + https://bugs.webkit.org/show_bug.cgi?id=282749 + +Reviewed by Philippe Normand. + +With the latest version of GStreamer, if the source is not selectable, +uridecodebin3 will drop the stream collection emitted from this element +As we only consider stream collection from the source element, we will +never set the stream collection internally, this will produce faulty +behaviour such as using wrong video dimensions +To avoid that, we reply true to the selectable query + +* Source/WebCore/platform/graphics/gstreamer/mse/WebKitMediaSourceGStreamer.cpp: +(webKitMediaSrcQuery): + +Canonical link: https://commits.webkit.org/286347@main +--- + .../graphics/gstreamer/mse/WebKitMediaSourceGStreamer.cpp | 7 +++++++ + 1 file changed, 7 insertions(+) + +diff --git a/Source/WebCore/platform/graphics/gstreamer/mse/WebKitMediaSourceGStreamer.cpp b/Source/WebCore/platform/graphics/gstreamer/mse/WebKitMediaSourceGStreamer.cpp +index c0a67c5f23f25..45b4f160e5630 100644 +--- a/Source/WebCore/platform/graphics/gstreamer/mse/WebKitMediaSourceGStreamer.cpp ++++ b/Source/WebCore/platform/graphics/gstreamer/mse/WebKitMediaSourceGStreamer.cpp +@@ -255,6 +255,13 @@ static const char* streamTypeToString(TrackPrivateBaseGStreamer::TrackType type) + + static gboolean webKitMediaSrcQuery(GstElement* element, GstQuery* query) + { ++#if GST_CHECK_VERSION(1, 22, 0) ++ if (GST_QUERY_TYPE(query) == GST_QUERY_SELECTABLE) { ++ gst_query_set_selectable(query, TRUE); ++ return TRUE; ++ } ++#endif ++ + gboolean result = GST_ELEMENT_CLASS(parent_class)->query(element, query); + + if (GST_QUERY_TYPE(query) != GST_QUERY_SCHEDULING) diff --git a/_constraints b/_constraints new file mode 100644 index 0000000..cd286ab --- /dev/null +++ b/_constraints @@ -0,0 +1,45 @@ + + + + 4 + + 26 + + + 15 + + + SLOW_CPU + + + aarch64 + webkit2gtk3:gtk3-soup2 + + + + asimdrdm + + + + + + armv6l + armv7l + + + + 5500 + + + + + + riscv64 + + + + 7250 + + + + diff --git a/_multibuild b/_multibuild new file mode 100644 index 0000000..3e5bd03 --- /dev/null +++ b/_multibuild @@ -0,0 +1,6 @@ + + gtk3 + gtk3-soup2 + gtk4 + + diff --git a/baselibs.conf b/baselibs.conf new file mode 100644 index 0000000..50f826f --- /dev/null +++ b/baselibs.conf @@ -0,0 +1,2 @@ +libjavascriptcoregtk-4_0-18 +libwebkit2gtk-4_0-37 diff --git a/bug281492.patch b/bug281492.patch new file mode 100644 index 0000000..bdfc0c5 --- /dev/null +++ b/bug281492.patch @@ -0,0 +1,94 @@ +From 984e2a6b7a92b8c144f2b4463f5904e449cb3cc1 Mon Sep 17 00:00:00 2001 +From: Georges Basile Stavracas Neto +Date: Tue, 15 Oct 2024 11:44:23 -0300 +Subject: [PATCH] AX: [GTK]: Fix crash in + AccessibilityObjectAtspi::textAttributes + https://bugs.webkit.org/show_bug.cgi?id=281492 + +Reviewed by NOBODY (OOPS!). + +In the AccessibilityObjectAtspi::textAttributes() method, the +accessibilityTextAttributes() function is called for various AXObjects. +These objects are retrived by querying the AXObjectCache of the +document. + +However, the cache can legitimately return nullptr when the AXObject is +not cached. The AccessibilityObjectAtspi::textAttributes() method did +not check for nullptr, and the accessibilityTextAttributes() function +is not nullptr safe. + +This crashes. + +Make AccessibilityObjectAtspi::textAttributes() check if the AXObject +is a nullptr before passing it down to accessibilityTextAttributes(). + +* Source/WebCore/accessibility/atspi/AccessibilityObjectTextAtspi.cpp: +(WebCore::AccessibilityObjectAtspi::textAttributes const): +--- + .../atspi/AccessibilityObjectTextAtspi.cpp | 21 ++++++++++++++++--- + 1 file changed, 18 insertions(+), 3 deletions(-) + +diff --git a/Source/WebCore/accessibility/atspi/AccessibilityObjectTextAtspi.cpp b/Source/WebCore/accessibility/atspi/AccessibilityObjectTextAtspi.cpp +index 50b4f58be2f3..a49bfd939716 100644 +--- a/Source/WebCore/accessibility/atspi/AccessibilityObjectTextAtspi.cpp ++++ b/Source/WebCore/accessibility/atspi/AccessibilityObjectTextAtspi.cpp +@@ -38,6 +38,7 @@ + #include "TextIterator.h" + #include "VisibleUnits.h" + #include ++#include + #include + + namespace WebCore { +@@ -763,6 +764,9 @@ AccessibilityObjectAtspi::TextAttributes AccessibilityObjectAtspi::textAttribute + + auto accessibilityTextAttributes = [this](AXCoreObject* axObject, const HashMap& defaultAttributes) -> HashMap { + HashMap attributes; ++ ++ RELEASE_ASSERT(axObject); ++ + auto& style = axObject->renderer()->style(); + + auto addAttributeIfNeeded = [&](const String& name, const String& value) { +@@ -838,8 +842,11 @@ AccessibilityObjectAtspi::TextAttributes AccessibilityObjectAtspi::textAttribute + return { WTFMove(defaultAttributes), -1, -1 }; + + if (!*utf16Offset && m_hasListMarkerAtStart) { ++ auto axObject = m_coreObject->children()[0].get(); ++ RELEASE_ASSERT(axObject); ++ + // Always consider list marker an independent run. +- auto attributes = accessibilityTextAttributes(m_coreObject->children()[0].get(), defaultAttributes); ++ auto attributes = accessibilityTextAttributes(axObject, defaultAttributes); + if (!includeDefault) + return { WTFMove(attributes), 0, 1 }; + +@@ -871,7 +878,11 @@ AccessibilityObjectAtspi::TextAttributes AccessibilityObjectAtspi::textAttribute + if (r->firstChildSlow()) + continue; + +- auto childAttributes = accessibilityTextAttributes(r->document().axObjectCache()->get(r), defaultAttributes); ++ auto axObject = r->document().axObjectCache()->get(r); ++ if (!axObject) ++ continue; ++ ++ auto childAttributes = accessibilityTextAttributes(axObject, defaultAttributes); + if (childAttributes != attributes) + break; + +@@ -885,7 +896,11 @@ AccessibilityObjectAtspi::TextAttributes AccessibilityObjectAtspi::textAttribute + if (r->firstChildSlow()) + continue; + +- auto childAttributes = accessibilityTextAttributes(r->document().axObjectCache()->get(r), defaultAttributes); ++ auto axObject = r->document().axObjectCache()->get(r); ++ if (!axObject) ++ continue; ++ ++ auto childAttributes = accessibilityTextAttributes(axObject, defaultAttributes); + if (childAttributes != attributes) + break; + +-- +2.46.1 + diff --git a/bug281495.patch b/bug281495.patch new file mode 100644 index 0000000..272fe94 --- /dev/null +++ b/bug281495.patch @@ -0,0 +1,84 @@ +From 8fd152326050b81559903682e0767d289adef9cb Mon Sep 17 00:00:00 2001 +From: Michael Catanzaro +Date: Wed, 16 Oct 2024 13:45:39 -0500 +Subject: [PATCH] REGRESSION(283414@main): [WPE][GTK] Crash in ProcessLauncher + socket monitor callback https://bugs.webkit.org/show_bug.cgi?id=281495 + +Reviewed by NOBODY (OOPS!). + +The socket monitor callback that I added in 283414@main accidentally +deletes itself by calling m_socketMonitor.stop(). This causes the lambda +capture to itself be deleted. We can change the socket monitor to wait +until the callback has finished before deleting it. + +* Source/WTF/wtf/glib/GSocketMonitor.cpp: +(WTF::GSocketMonitor::~GSocketMonitor): +(WTF::GSocketMonitor::socketSourceCallback): +(WTF::GSocketMonitor::stop): +--- + Source/WTF/wtf/glib/GSocketMonitor.cpp | 21 +++++++++++++++++++-- + Source/WTF/wtf/glib/GSocketMonitor.h | 2 ++ + 2 files changed, 21 insertions(+), 2 deletions(-) + +diff --git a/Source/WTF/wtf/glib/GSocketMonitor.cpp b/Source/WTF/wtf/glib/GSocketMonitor.cpp +index c88ea9f91ca4..f3e31efb5053 100644 +--- a/Source/WTF/wtf/glib/GSocketMonitor.cpp ++++ b/Source/WTF/wtf/glib/GSocketMonitor.cpp +@@ -33,6 +33,7 @@ namespace WTF { + + GSocketMonitor::~GSocketMonitor() + { ++ RELEASE_ASSERT(!m_isExecutingCallback); + stop(); + } + +@@ -40,7 +41,17 @@ gboolean GSocketMonitor::socketSourceCallback(GSocket*, GIOCondition condition, + { + if (g_cancellable_is_cancelled(monitor->m_cancellable.get())) + return G_SOURCE_REMOVE; +- return monitor->m_callback(condition); ++ ++ monitor->m_isExecutingCallback = true; ++ gboolean result = monitor->m_callback(condition); ++ monitor->m_isExecutingCallback = false; ++ ++ if (monitor->m_shouldDestroyCallback) { ++ monitor->m_callback = nullptr; ++ monitor->m_shouldDestroyCallback = false; ++ } ++ ++ return result; + } + + void GSocketMonitor::start(GSocket* socket, GIOCondition condition, RunLoop& runLoop, Function&& callback) +@@ -65,7 +76,13 @@ void GSocketMonitor::stop() + m_cancellable = nullptr; + g_source_destroy(m_source.get()); + m_source = nullptr; +- m_callback = nullptr; ++ ++ // It's normal to stop the socket monitor from inside its callback. ++ // Don't destroy the callback while it's still executing. ++ if (m_isExecutingCallback) ++ m_shouldDestroyCallback = true; ++ else ++ m_callback = nullptr; + } + + } // namespace WTF +diff --git a/Source/WTF/wtf/glib/GSocketMonitor.h b/Source/WTF/wtf/glib/GSocketMonitor.h +index 7ec383a6e37c..9393c546b593 100644 +--- a/Source/WTF/wtf/glib/GSocketMonitor.h ++++ b/Source/WTF/wtf/glib/GSocketMonitor.h +@@ -51,6 +51,8 @@ private: + GRefPtr m_source; + GRefPtr m_cancellable; + Function m_callback; ++ bool m_isExecutingCallback { false }; ++ bool m_shouldDestroyCallback { false }; + }; + + } // namespace WTF +-- +2.46.1 + diff --git a/reproducibility.patch b/reproducibility.patch new file mode 100644 index 0000000..4b47f85 --- /dev/null +++ b/reproducibility.patch @@ -0,0 +1,11 @@ +--- webkitgtk-2.40.0-orig/Source/JavaScriptCore/generator/GeneratedFile.rb 2023-02-20 10:22:05.321689800 +0100 ++++ webkitgtk-2.40.0/Source/JavaScriptCore/generator/GeneratedFile.rb 2023-03-28 10:29:49.754813443 +0200 +@@ -25,7 +25,7 @@ + require 'digest' + + $LICENSE = <<-EOF +-Copyright (C) #{Date.today.year} Apple Inc. All rights reserved. ++Copyright (C) 2023 Apple Inc. All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions diff --git a/revert-271175.patch b/revert-271175.patch new file mode 100644 index 0000000..4ceee18 --- /dev/null +++ b/revert-271175.patch @@ -0,0 +1,47 @@ +From 9140ce712aa87091613874d802787ab476be0e39 Mon Sep 17 00:00:00 2001 +From: Michael Catanzaro +Date: Wed, 14 Aug 2024 14:58:05 -0500 +Subject: [PATCH] Revert "Cherry-pick 272448.770@safari-7618-branch + (6d311cd7fefc). https://bugs.webkit.org/show_bug.cgi?id=271175" + https://bugs.webkit.org/show_bug.cgi?id=278113 + +This reverts commit 279c9d7963182cc35cf4e0bfebe87df2d83eaef8. + +This broke wasm, and I don't know how to fix it. + +Canonical link: https://commits.webkit.org/274313.373@webkitglib/2.44 +--- + .../stress/many-calls-results-on-stack.js | 39 ------------------- + Source/JavaScriptCore/wasm/WasmBBQJIT.cpp | 19 --------- + 2 files changed, 58 deletions(-) + delete mode 100644 JSTests/wasm/stress/many-calls-results-on-stack.js + +index 9049865e8ce7..3f142cf5e90f 100644 +--- a/Source/JavaScriptCore/wasm/WasmBBQJIT.cpp ++++ b/Source/JavaScriptCore/wasm/WasmBBQJIT.cpp +@@ -3958,25 +3958,6 @@ void BBQJIT::returnValuesFromCall(Vector& results, const FunctionSigna + ASSERT(m_validFPRs.contains(returnLocation.asFPR(), Width::Width128)); + m_fprSet.add(returnLocation.asFPR(), Width::Width128); + } +- } else { +- ASSERT(returnLocation.isStackArgument()); +- // FIXME: Ideally, we would leave these values where they are but a subsequent call could clobber them before they are used. +- // That said, stack results are very rare so this isn't too painful. +- // Even if we did leave them where they are, we'd need to flush them to their canonical location at the next branch otherwise +- // we could have something like (assume no result regs for simplicity): +- // call (result i32 i32) $foo +- // if (result i32) // Stack: i32(StackArgument:8) i32(StackArgument:0) +- // // Stack: i32(StackArgument:8) +- // else +- // call (result i32 i32) $bar // Stack: i32(StackArgument:8) we have to flush the stack argument to make room for the result of bar +- // drop // Stack: i32(Stack:X) i32(StackArgument:8) i32(StackArgument:0) +- // drop // Stack: i32(Stack:X) i32(StackArgument:8) +- // end +- // return // Stack i32(*Conflicting locations*) +- +- Location canonicalLocation = canonicalSlot(result); +- emitMoveMemory(result.type(), returnLocation, canonicalLocation); +- returnLocation = canonicalLocation; + } + } + bind(result, returnLocation); diff --git a/webkit2gtk3-CVE-2024-40776.patch b/webkit2gtk3-CVE-2024-40776.patch new file mode 100644 index 0000000..46f648a --- /dev/null +++ b/webkit2gtk3-CVE-2024-40776.patch @@ -0,0 +1,165 @@ +From b951404ea74ae432312a83138f5c8945a0d09e1b Mon Sep 17 00:00:00 2001 +From: Jean-Yves Avenard +Date: Wed, 24 Apr 2024 19:01:06 -0700 +Subject: [PATCH] Cherry-pick 272448.960@safari-7618-branch (b7ccdb65258e). + https://bugs.webkit.org/show_bug.cgi?id=273176 + +Always copy all audio channels to the AudioBus to guarantee data lifetime. +https://bugs.webkit.org/show_bug.cgi?id=273176 +rdar://125166710 + +Reviewed by Chris Dumez. + +Following 275262@main, a task is dispatched on the audio render thread. +This task dispatch takes a reference to the source and destination AudioBus +however when a MultiChannelResampler is in use, the source AudioBus may +contain a raw pointer to the resampled's AudioArray and the lifetime of +this object may be shorter than the AudioBus. + +In 232182@main, a speed and memory optimisation was added by passed-in buffer +as memory for the first channel in the AudioBus. +We revert this change for now and copy all channels' data to the AudioBus. + +Added test. + +* LayoutTests/webaudio/crashtest/audioworklet-concurrent-resampler-crash-expected.txt: Added. +* LayoutTests/webaudio/crashtest/audioworklet-concurrent-resampler-crash.html: Added. +* Source/WebCore/platform/audio/MultiChannelResampler.cpp: +(WebCore::MultiChannelResampler::MultiChannelResampler): +(WebCore::MultiChannelResampler::provideInputForChannel): +* Source/WebCore/platform/audio/MultiChannelResampler.h: + +Canonical link: https://commits.webkit.org/274313.332@webkitglib/2.44 +--- + ...et-concurrent-resampler-crash-expected.txt | 1 + + ...dioworklet-concurrent-resampler-crash.html | 44 +++++++++++++++++++ + .../platform/audio/MultiChannelResampler.cpp | 23 ++-------- + .../platform/audio/MultiChannelResampler.h | 2 - + 4 files changed, 48 insertions(+), 22 deletions(-) + create mode 100644 LayoutTests/webaudio/crashtest/audioworklet-concurrent-resampler-crash-expected.txt + create mode 100644 LayoutTests/webaudio/crashtest/audioworklet-concurrent-resampler-crash.html + +diff --git a/LayoutTests/webaudio/crashtest/audioworklet-concurrent-resampler-crash-expected.txt b/LayoutTests/webaudio/crashtest/audioworklet-concurrent-resampler-crash-expected.txt +new file mode 100644 +index 000000000000..654ddf7f17ef +--- /dev/null ++++ b/LayoutTests/webaudio/crashtest/audioworklet-concurrent-resampler-crash-expected.txt +@@ -0,0 +1 @@ ++This test passes if it does not crash. +diff --git a/LayoutTests/webaudio/crashtest/audioworklet-concurrent-resampler-crash.html b/LayoutTests/webaudio/crashtest/audioworklet-concurrent-resampler-crash.html +new file mode 100644 +index 000000000000..b3ab181d4787 +--- /dev/null ++++ b/LayoutTests/webaudio/crashtest/audioworklet-concurrent-resampler-crash.html +@@ -0,0 +1,44 @@ ++ ++ ++ ++ ++ ++

This test passes if it does not crash.

++ ++ ++ +diff --git a/Source/WebCore/platform/audio/MultiChannelResampler.cpp b/Source/WebCore/platform/audio/MultiChannelResampler.cpp +index e5a0cfc10caa..c44df274cbbc 100644 +--- a/Source/WebCore/platform/audio/MultiChannelResampler.cpp ++++ b/Source/WebCore/platform/audio/MultiChannelResampler.cpp +@@ -42,19 +42,8 @@ namespace WebCore { + MultiChannelResampler::MultiChannelResampler(double scaleFactor, unsigned numberOfChannels, unsigned requestFrames, Function&& provideInput) + : m_numberOfChannels(numberOfChannels) + , m_provideInput(WTFMove(provideInput)) +- , m_multiChannelBus(AudioBus::create(numberOfChannels, requestFrames, false)) ++ , m_multiChannelBus(AudioBus::create(numberOfChannels, requestFrames)) + { +- // As an optimization, we will use the buffer passed to provideInputForChannel() as channel memory for the first channel so we +- // only need to allocate memory if there is more than one channel. +- if (numberOfChannels > 1) { +- m_channelsMemory = Vector>(numberOfChannels - 1, [&](size_t i) { +- size_t channelIndex = i + 1; +- auto floatArray = makeUnique(requestFrames); +- m_multiChannelBus->setChannelMemory(channelIndex, floatArray->data(), requestFrames); +- return floatArray; +- }); +- } +- + // Create each channel's resampler. + m_kernels = Vector>(numberOfChannels, [&](size_t channelIndex) { + return makeUnique(scaleFactor, requestFrames, std::bind(&MultiChannelResampler::provideInputForChannel, this, std::placeholders::_1, std::placeholders::_2, channelIndex)); +@@ -93,16 +82,10 @@ void MultiChannelResampler::process(AudioBus* destination, size_t framesToProces + void MultiChannelResampler::provideInputForChannel(std::span buffer, size_t framesToProcess, unsigned channelIndex) + { + ASSERT(channelIndex < m_multiChannelBus->numberOfChannels()); +- ASSERT(framesToProcess == m_multiChannelBus->length()); ++ ASSERT(framesToProcess <= m_multiChannelBus->length()); + +- if (!channelIndex) { +- // As an optimization, we use the provided buffer as memory for the first channel in the AudioBus. This avoids +- // having to memcpy() for the first channel. +- RELEASE_ASSERT(framesToProcess <= buffer.size()); +- m_multiChannelBus->setChannelMemory(0, buffer.data(), framesToProcess); ++ if (!channelIndex) + m_provideInput(m_multiChannelBus.get(), framesToProcess); +- return; +- } + + // Copy the channel data from what we received from m_multiChannelProvider. + memcpySpan(buffer.subspan(0, framesToProcess), m_multiChannelBus->channel(channelIndex)->span().subspan(0, framesToProcess)); +diff --git a/Source/WebCore/platform/audio/MultiChannelResampler.h b/Source/WebCore/platform/audio/MultiChannelResampler.h +index 25d43100b71f..214ee06567ac 100644 +--- a/Source/WebCore/platform/audio/MultiChannelResampler.h ++++ b/Source/WebCore/platform/audio/MultiChannelResampler.h +@@ -29,7 +29,6 @@ + #ifndef MultiChannelResampler_h + #define MultiChannelResampler_h + +-#include "AudioArray.h" + #include + #include + #include +@@ -62,7 +61,6 @@ private: + size_t m_outputFramesReady { 0 }; + Function m_provideInput; + RefPtr m_multiChannelBus; +- Vector> m_channelsMemory; + }; + + } // namespace WebCore +-- +2.45.2 + diff --git a/webkit2gtk3-CVE-2024-40779.patch b/webkit2gtk3-CVE-2024-40779.patch new file mode 100644 index 0000000..9372ec2 --- /dev/null +++ b/webkit2gtk3-CVE-2024-40779.patch @@ -0,0 +1,88 @@ +From 2fe5ae29a5f6434ef456afe9673a4f400ec63848 Mon Sep 17 00:00:00 2001 +From: Jean-Yves Avenard +Date: Fri, 14 Jun 2024 16:08:19 -0700 +Subject: [PATCH] Cherry-pick 272448.1085@safari-7618.3.10-branch + (ff52ff7cb64e). https://bugs.webkit.org/show_bug.cgi?id=275431 + +HeapBufferOverflow in computeSampleUsingLinearInterpolation +https://bugs.webkit.org/show_bug.cgi?id=275431 +rdar://125617812 + +Reviewed by Youenn Fablet. + +Add boundary check. +This is a copy of blink code for that same function. +https://source.chromium.org/chromium/chromium/src/+/main:third_party/blink/renderer/modules/webaudio/audio_buffer_source_handler.cc;l=336-341 + +* LayoutTests/webaudio/crashtest/audiobuffer-sourcenode-resampler-crash-expected.txt: Added. +* LayoutTests/webaudio/crashtest/audiobuffer-sourcenode-resampler-crash.html: Added. +* Source/WebCore/Modules/webaudio/AudioBufferSourceNode.cpp: +(WebCore::AudioBufferSourceNode::renderFromBuffer): + +Canonical link: https://commits.webkit.org/274313.347@webkitglib/2.44 +--- + ...er-sourcenode-resampler-crash-expected.txt | 1 + + ...udiobuffer-sourcenode-resampler-crash.html | 25 +++++++++++++++++++ + .../webaudio/AudioBufferSourceNode.cpp | 6 +++++ + 3 files changed, 32 insertions(+) + create mode 100644 LayoutTests/webaudio/crashtest/audiobuffer-sourcenode-resampler-crash-expected.txt + create mode 100644 LayoutTests/webaudio/crashtest/audiobuffer-sourcenode-resampler-crash.html + +diff --git a/LayoutTests/webaudio/crashtest/audiobuffer-sourcenode-resampler-crash-expected.txt b/LayoutTests/webaudio/crashtest/audiobuffer-sourcenode-resampler-crash-expected.txt +new file mode 100644 +index 000000000000..654ddf7f17ef +--- /dev/null ++++ b/LayoutTests/webaudio/crashtest/audiobuffer-sourcenode-resampler-crash-expected.txt +@@ -0,0 +1 @@ ++This test passes if it does not crash. +diff --git a/LayoutTests/webaudio/crashtest/audiobuffer-sourcenode-resampler-crash.html b/LayoutTests/webaudio/crashtest/audiobuffer-sourcenode-resampler-crash.html +new file mode 100644 +index 000000000000..5fb2dd8c8a5f +--- /dev/null ++++ b/LayoutTests/webaudio/crashtest/audiobuffer-sourcenode-resampler-crash.html +@@ -0,0 +1,25 @@ ++ ++ ++ ++ ++ ++

This test passes if it does not crash.

++ ++ ++ +diff --git a/Source/WebCore/Modules/webaudio/AudioBufferSourceNode.cpp b/Source/WebCore/Modules/webaudio/AudioBufferSourceNode.cpp +index 298bd48cdff5..740b793e0ec5 100644 +--- a/Source/WebCore/Modules/webaudio/AudioBufferSourceNode.cpp ++++ b/Source/WebCore/Modules/webaudio/AudioBufferSourceNode.cpp +@@ -350,6 +350,12 @@ bool AudioBufferSourceNode::renderFromBuffer(AudioBus* bus, unsigned destination + if (readIndex2 >= maxFrame) + readIndex2 = m_isLooping ? minFrame : readIndex; + ++ // Final sanity check on buffer access. ++ // FIXME: as an optimization, try to get rid of this inner-loop check and ++ // put assertions and guards before the loop. ++ if (readIndex >= bufferLength || readIndex2 >= bufferLength) ++ break; ++ + // Linear interpolation. + for (unsigned i = 0; i < numberOfChannels; ++i) { + float* destination = destinationChannels[i]; +-- +2.45.2 + diff --git a/webkit2gtk3-CVE-2024-40780.patch b/webkit2gtk3-CVE-2024-40780.patch new file mode 100644 index 0000000..8db9d0a --- /dev/null +++ b/webkit2gtk3-CVE-2024-40780.patch @@ -0,0 +1,102 @@ +From e83e4c7460972898dc06a5f5ab36eed7c6b101b5 Mon Sep 17 00:00:00 2001 +From: Jer Noble +Date: Tue, 11 Jun 2024 11:54:06 -0700 +Subject: [PATCH] Cherry-pick 272448.1080@safari-7618.3.10-branch + (64c9479d6f29). https://bugs.webkit.org/show_bug.cgi?id=275273 + +Add check in AudioBufferSourceNode::renderFromBuffer() when detune is set to large negative value +https://bugs.webkit.org/show_bug.cgi?id=275273 +rdar://125617842 + +Reviewed by Eric Carlson. + +* LayoutTests/webaudio/audiobuffersourcenode-detune-crash-expected.txt: Added. +* LayoutTests/webaudio/audiobuffersourcenode-detune-crash.html: Added. +* Source/WebCore/Modules/webaudio/AudioBufferSourceNode.cpp: +(WebCore::AudioBufferSourceNode::renderFromBuffer): + +Canonical link: https://commits.webkit.org/274313.345@webkitglib/2.44 +--- + ...buffersourcenode-detune-crash-expected.txt | 10 +++++++ + .../audiobuffersourcenode-detune-crash.html | 30 +++++++++++++++++++ + .../webaudio/AudioBufferSourceNode.cpp | 7 +++++ + 3 files changed, 47 insertions(+) + create mode 100644 LayoutTests/webaudio/audiobuffersourcenode-detune-crash-expected.txt + create mode 100644 LayoutTests/webaudio/audiobuffersourcenode-detune-crash.html + +diff --git a/LayoutTests/webaudio/audiobuffersourcenode-detune-crash-expected.txt b/LayoutTests/webaudio/audiobuffersourcenode-detune-crash-expected.txt +new file mode 100644 +index 000000000000..914ba0b133c4 +--- /dev/null ++++ b/LayoutTests/webaudio/audiobuffersourcenode-detune-crash-expected.txt +@@ -0,0 +1,10 @@ ++Attempting to create a AudioBufferSourceNode with a large negative detune value should not crash. ++ ++On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE". ++ ++ ++PASS Test passed because it did not crash. ++PASS successfullyParsed is true ++ ++TEST COMPLETE ++ +diff --git a/LayoutTests/webaudio/audiobuffersourcenode-detune-crash.html b/LayoutTests/webaudio/audiobuffersourcenode-detune-crash.html +new file mode 100644 +index 000000000000..e8af579db9d2 +--- /dev/null ++++ b/LayoutTests/webaudio/audiobuffersourcenode-detune-crash.html +@@ -0,0 +1,30 @@ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ +diff --git a/Source/WebCore/Modules/webaudio/AudioBufferSourceNode.cpp b/Source/WebCore/Modules/webaudio/AudioBufferSourceNode.cpp +index f86bffb9b507..298bd48cdff5 100644 +--- a/Source/WebCore/Modules/webaudio/AudioBufferSourceNode.cpp ++++ b/Source/WebCore/Modules/webaudio/AudioBufferSourceNode.cpp +@@ -328,9 +328,16 @@ bool AudioBufferSourceNode::renderFromBuffer(AudioBus* bus, unsigned destination + virtualReadIndex = readIndex; + } else if (!pitchRate) { + unsigned readIndex = static_cast(virtualReadIndex); ++ int deltaFrames = static_cast(virtualDeltaFrames); ++ maxFrame = static_cast(virtualMaxFrame); ++ ++ if (readIndex >= maxFrame) ++ readIndex -= deltaFrames; + + for (unsigned i = 0; i < numberOfChannels; ++i) + std::fill_n(destinationChannels[i] + writeIndex, framesToProcess, sourceChannels[i][readIndex]); ++ ++ virtualReadIndex = readIndex; + } else if (reverse) { + unsigned maxFrame = static_cast(virtualMaxFrame); + unsigned minFrame = static_cast(floorf(virtualMinFrame)); +-- +2.45.2 + diff --git a/webkit2gtk3-CVE-2024-40782.patch b/webkit2gtk3-CVE-2024-40782.patch new file mode 100644 index 0000000..05160da --- /dev/null +++ b/webkit2gtk3-CVE-2024-40782.patch @@ -0,0 +1,84 @@ +From 617f1c4c9c7f1525abc47967d4c7734fed3ff525 Mon Sep 17 00:00:00 2001 +From: Antti Koivisto +Date: Mon, 20 May 2024 11:36:34 -0700 +Subject: [PATCH] Cherry-pick 279005@main (c2f9092d3a8e). + https://bugs.webkit.org/show_bug.cgi?id=268770 + + Nullptr crash due to `display:block ruby` and continuations + https://bugs.webkit.org/show_bug.cgi?id=268770 + rdar://121960530 + + Reviewed by Alan Baradlay. + + Continuations may end up splitting anonymous 'display:ruby' box inside block ruby. + + * LayoutTests/fast/ruby/ruby-block-continuation-crash-expected.txt: Added. + * LayoutTests/fast/ruby/ruby-block-continuation-crash.html: Added. + * Source/WebCore/rendering/updating/RenderTreeBuilderRuby.cpp: + (WebCore::RenderTreeBuilder::Ruby::findOrCreateParentForStyleBasedRubyChild): + + Find the correct anonymous box from nested continuation structure. + + Canonical link: https://commits.webkit.org/279005@main + +Canonical link: https://commits.webkit.org/274313.286@webkitglib/2.44 +--- + .../ruby/ruby-block-continuation-crash-expected.txt | 3 +++ + .../fast/ruby/ruby-block-continuation-crash.html | 9 +++++++++ + .../rendering/updating/RenderTreeBuilderRuby.cpp | 13 ++++++++++--- + 3 files changed, 22 insertions(+), 3 deletions(-) + create mode 100644 LayoutTests/fast/ruby/ruby-block-continuation-crash-expected.txt + create mode 100644 LayoutTests/fast/ruby/ruby-block-continuation-crash.html + +diff --git a/LayoutTests/fast/ruby/ruby-block-continuation-crash-expected.txt b/LayoutTests/fast/ruby/ruby-block-continuation-crash-expected.txt +new file mode 100644 +index 000000000000..f85a15505104 +--- /dev/null ++++ b/LayoutTests/fast/ruby/ruby-block-continuation-crash-expected.txt +@@ -0,0 +1,3 @@ ++base with ++forced ++line break annotation This test passes if it doesn't crash. +diff --git a/LayoutTests/fast/ruby/ruby-block-continuation-crash.html b/LayoutTests/fast/ruby/ruby-block-continuation-crash.html +new file mode 100644 +index 000000000000..3f762d4236ea +--- /dev/null ++++ b/LayoutTests/fast/ruby/ruby-block-continuation-crash.html +@@ -0,0 +1,9 @@ ++ ++ ++ base with
forced
line break ++ annotation ++ ++This test passes if it doesn't crash. +diff --git a/Source/WebCore/rendering/updating/RenderTreeBuilderRuby.cpp b/Source/WebCore/rendering/updating/RenderTreeBuilderRuby.cpp +index 62d8b6803323..9f7634612822 100644 +--- a/Source/WebCore/rendering/updating/RenderTreeBuilderRuby.cpp ++++ b/Source/WebCore/rendering/updating/RenderTreeBuilderRuby.cpp +@@ -271,10 +271,17 @@ RenderElement& RenderTreeBuilder::Ruby::findOrCreateParentForStyleBasedRubyChild + if (!child.isRenderText() && child.style().display() == DisplayType::Ruby && parent.style().display() == DisplayType::RubyBlock) + return parent; + +- if (parent.style().display() == DisplayType::RubyBlock && parent.firstChild()) { ++ if (parent.style().display() == DisplayType::RubyBlock) { + // See if we have an anonymous ruby box already. +- ASSERT(parent.firstChild()->style().display() == DisplayType::Ruby); +- return downcast(*parent.firstChild()); ++ // FIXME: It should be the immediate child but continuations can break this assumption. ++ for (CheckedPtr first = parent.firstChild(); first; first = first->firstChildSlow()) { ++ if (!first->isAnonymous()) { ++ ASSERT_NOT_REACHED(); ++ break; ++ } ++ if (first->style().display() == DisplayType::Ruby) ++ return downcast(*first); ++ } + } + + if (parent.style().display() != DisplayType::Ruby) { +-- +2.45.2 + diff --git a/webkit2gtk3-CVE-2024-44308.patch b/webkit2gtk3-CVE-2024-44308.patch new file mode 100644 index 0000000..3faeb84 --- /dev/null +++ b/webkit2gtk3-CVE-2024-44308.patch @@ -0,0 +1,60 @@ +From 53e7f27d262249310bd6b7ad452e7df334c92b7d Mon Sep 17 00:00:00 2001 +From: Daniel Liu +Date: Wed, 13 Nov 2024 12:27:15 -0800 +Subject: [PATCH] Cherry-pick ded4d02c0a93. + https://bugs.webkit.org/show_bug.cgi?id=283063 + +Don't allocate DFG register after a slow path +https://bugs.webkit.org/show_bug.cgi?id=283063 +rdar://139747120 + +Reviewed by Yusuke Suzuki. + +Allocating a DFG register after a slow path means that if the slow path +is taken, we end up with an incorrect global state. + +* Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp: +(JSC::DFG::SpeculativeJIT::compilePutByValForIntTypedArray): + +Canonical link: https://commits.webkit.org/282416.295@webkitglib/2.46 +--- + Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp | 16 ++++++++-------- + 1 file changed, 8 insertions(+), 8 deletions(-) + +diff --git a/Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp b/Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp +index 356d52b21a12..d041b63e8ba9 100644 +--- a/Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp ++++ b/Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp +@@ -3528,6 +3528,14 @@ void SpeculativeJIT::compilePutByValForIntTypedArray(Node* node, TypedArrayType + } + } + ++ GPRReg scratch2GPR = InvalidGPRReg; ++#if USE(JSVALUE64) ++ if (node->arrayMode().mayBeResizableOrGrowableSharedTypedArray()) { ++ scratch2.emplace(this); ++ scratch2GPR = scratch2->gpr(); ++ } ++#endif ++ + bool result = getIntTypedArrayStoreOperand( + value, propertyReg, + #if USE(JSVALUE32_64) +@@ -3539,14 +3547,6 @@ void SpeculativeJIT::compilePutByValForIntTypedArray(Node* node, TypedArrayType + return; + } + +- GPRReg scratch2GPR = InvalidGPRReg; +-#if USE(JSVALUE64) +- if (node->arrayMode().mayBeResizableOrGrowableSharedTypedArray()) { +- scratch2.emplace(this); +- scratch2GPR = scratch2->gpr(); +- } +-#endif +- + GPRReg valueGPR = value.gpr(); + GPRReg scratchGPR = scratch.gpr(); + #if USE(JSVALUE32_64) +-- +2.47.0 + diff --git a/webkit2gtk3-CVE-2024-44309.patch b/webkit2gtk3-CVE-2024-44309.patch new file mode 100644 index 0000000..fd15771 --- /dev/null +++ b/webkit2gtk3-CVE-2024-44309.patch @@ -0,0 +1,321 @@ +From c52da7c313795d61665253f23c9f298005549c73 Mon Sep 17 00:00:00 2001 +From: Charlie Wolfe +Date: Thu, 14 Nov 2024 13:56:35 -0800 +Subject: [PATCH] Cherry-pick 60c387845715. + https://bugs.webkit.org/show_bug.cgi?id=282197 + +Cherry-pick 2815b4e29829. rdar://139893250 + + Data Isolation bypass via attacker controlled firstPartyForCookies + https://bugs.webkit.org/show_bug.cgi?id=283095 + rdar://139818629 + + Reviewed by Matthew Finkel and Alex Christensen. + + `NetworkProcess::allowsFirstPartyForCookies` unconditionally allows cookie access for about:blank or + empty firstPartyForCookies URLs. We tried to remove this in rdar://105733798 and rdar://107270673, but + we needed to revert both because there were rare and subtle bugs where certain requests would incorrectly + have about:blank set as their firstPartyForCookies, causing us to kill the WCP. + + This patch is a lower risk change that removes the unconditional cookie access for requests that have an + empty firstPartyForCookies, but will not kill the WCP that is incorrectly sending an empty + firstPartyForCookies. + + * Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.cpp: + (WebKit::NetworkConnectionToWebProcess::createSocketChannel): + (WebKit::NetworkConnectionToWebProcess::scheduleResourceLoad): + (WebKit::NetworkConnectionToWebProcess::cookiesForDOM): + (WebKit::NetworkConnectionToWebProcess::setCookiesFromDOM): + (WebKit::NetworkConnectionToWebProcess::cookiesEnabled): + (WebKit::NetworkConnectionToWebProcess::cookieRequestHeaderFieldValue): + (WebKit::NetworkConnectionToWebProcess::getRawCookies): + (WebKit::NetworkConnectionToWebProcess::cookiesForDOMAsync): + (WebKit::NetworkConnectionToWebProcess::setCookieFromDOMAsync): + (WebKit::NetworkConnectionToWebProcess::domCookiesForHost): + (WebKit::NetworkConnectionToWebProcess::establishSWContextConnection): + * Source/WebKit/NetworkProcess/NetworkProcess.cpp: + (WebKit::NetworkProcess::allowsFirstPartyForCookies): + * Source/WebKit/NetworkProcess/NetworkProcess.h: + * Source/WebKit/NetworkProcess/NetworkSession.cpp: + (WebKit::NetworkSession::addAllowedFirstPartyForCookies): + * Source/WebKit/NetworkProcess/ServiceWorker/WebSWServerConnection.cpp: + (WebKit::WebSWServerConnection::scheduleJobInServer): + * Source/WebKit/NetworkProcess/SharedWorker/WebSharedWorkerServerConnection.cpp: + (WebKit::WebSharedWorkerServerConnection::requestSharedWorker): + * Tools/TestWebKitAPI/Tests/WebKitCocoa/IPCTestingAPI.mm: + (EmptyFirstPartyForCookiesCookieRequestHeaderFieldValue)): + + Canonical link: https://commits.webkit.org/283286.477@safari-7620-branch + +Canonical link: https://commits.webkit.org/282416.294@webkitglib/2.46 +--- + .../NetworkConnectionToWebProcess.cpp | 51 ++++++++++++++----- + .../WebKit/NetworkProcess/NetworkProcess.cpp | 37 +++++++------- + Source/WebKit/NetworkProcess/NetworkProcess.h | 5 +- + .../WebKit/NetworkProcess/NetworkSession.cpp | 2 +- + .../ServiceWorker/WebSWServerConnection.cpp | 2 +- + .../WebSharedWorkerServerConnection.cpp | 2 +- + .../Tests/WebKitCocoa/IPCTestingAPI.mm | 33 ++++++++++++ + 7 files changed, 96 insertions(+), 36 deletions(-) + +diff --git a/Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.cpp b/Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.cpp +index a0ad3c628ec3..c13a96f0e796 100644 +--- a/Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.cpp ++++ b/Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.cpp +@@ -502,7 +502,7 @@ void NetworkConnectionToWebProcess::didReceiveInvalidMessage(IPC::Connection&, I + + void NetworkConnectionToWebProcess::createSocketChannel(const ResourceRequest& request, const String& protocol, WebSocketIdentifier identifier, WebPageProxyIdentifier webPageProxyID, std::optional frameID, std::optional pageID, const ClientOrigin& clientOrigin, bool hadMainFrameMainResourcePrivateRelayed, bool allowPrivacyProxy, OptionSet advancedPrivacyProtections, ShouldRelaxThirdPartyCookieBlocking shouldRelaxThirdPartyCookieBlocking, WebCore::StoredCredentialsPolicy storedCredentialsPolicy) + { +- MESSAGE_CHECK(m_networkProcess->allowsFirstPartyForCookies(m_webProcessIdentifier, request.firstPartyForCookies())); ++ MESSAGE_CHECK(m_networkProcess->allowsFirstPartyForCookies(m_webProcessIdentifier, request.firstPartyForCookies()) != NetworkProcess::AllowCookieAccess::Terminate); + + ASSERT(!m_networkSocketChannels.contains(identifier)); + if (auto channel = NetworkSocketChannel::create(*this, m_sessionID, request, protocol, identifier, webPageProxyID, frameID, pageID, clientOrigin, hadMainFrameMainResourcePrivateRelayed, allowPrivacyProxy, advancedPrivacyProtections, shouldRelaxThirdPartyCookieBlocking, storedCredentialsPolicy)) +@@ -552,11 +552,11 @@ RefPtr NetworkConnectionToWebProcess::createFetchTask(Ne + + void NetworkConnectionToWebProcess::scheduleResourceLoad(NetworkResourceLoadParameters&& loadParameters, std::optional existingLoaderToResume) + { +- bool hasCookieAccess = m_networkProcess->allowsFirstPartyForCookies(m_webProcessIdentifier, loadParameters.request.firstPartyForCookies()); +- if (UNLIKELY(!hasCookieAccess)) ++ auto allowCookieAccess = m_networkProcess->allowsFirstPartyForCookies(m_webProcessIdentifier, loadParameters.request.firstPartyForCookies()); ++ if (UNLIKELY(allowCookieAccess != NetworkProcess::AllowCookieAccess::Allow)) + RELEASE_LOG_ERROR(Loading, "scheduleResourceLoad: Web process does not have cookie access to url %" SENSITIVE_LOG_STRING " for request %" SENSITIVE_LOG_STRING, loadParameters.request.firstPartyForCookies().string().utf8().data(), loadParameters.request.url().string().utf8().data()); + +- MESSAGE_CHECK(hasCookieAccess); ++ MESSAGE_CHECK(allowCookieAccess != NetworkProcess::AllowCookieAccess::Terminate); + + CONNECTION_RELEASE_LOG(Loading, "scheduleResourceLoad: (parentPID=%d, pageProxyID=%" PRIu64 ", webPageID=%" PRIu64 ", frameID=%" PRIu64 ", resourceID=%" PRIu64 ", existingLoaderToResume=%" PRIu64 ")", loadParameters.parentPID, loadParameters.webPageProxyID.toUInt64(), loadParameters.webPageID.toUInt64(), loadParameters.webFrameID.object().toUInt64(), loadParameters.identifier.toUInt64(), valueOrDefault(existingLoaderToResume).toUInt64()); + +@@ -785,7 +785,10 @@ void NetworkConnectionToWebProcess::registerURLSchemesAsCORSEnabled(Vector&& completionHandler) + { +- MESSAGE_CHECK_COMPLETION(m_networkProcess->allowsFirstPartyForCookies(m_webProcessIdentifier, firstParty), completionHandler({ }, false)); ++ auto allowCookieAccess = m_networkProcess->allowsFirstPartyForCookies(m_webProcessIdentifier, firstParty); ++ MESSAGE_CHECK_COMPLETION(allowCookieAccess != NetworkProcess::AllowCookieAccess::Terminate, completionHandler({ }, false)); ++ if (allowCookieAccess != NetworkProcess::AllowCookieAccess::Allow) ++ return completionHandler({ }, false); + + auto* networkStorageSession = storageSession(); + if (!networkStorageSession) +@@ -802,7 +805,10 @@ void NetworkConnectionToWebProcess::cookiesForDOM(const URL& firstParty, const S + + void NetworkConnectionToWebProcess::setCookiesFromDOM(const URL& firstParty, const SameSiteInfo& sameSiteInfo, const URL& url, WebCore::FrameIdentifier frameID, PageIdentifier pageID, ApplyTrackingPrevention applyTrackingPrevention, const String& cookieString, ShouldRelaxThirdPartyCookieBlocking shouldRelaxThirdPartyCookieBlocking) + { +- MESSAGE_CHECK(m_networkProcess->allowsFirstPartyForCookies(m_webProcessIdentifier, firstParty)); ++ auto allowCookieAccess = m_networkProcess->allowsFirstPartyForCookies(m_webProcessIdentifier, firstParty); ++ MESSAGE_CHECK(allowCookieAccess != NetworkProcess::AllowCookieAccess::Terminate); ++ if (allowCookieAccess != NetworkProcess::AllowCookieAccess::Allow) ++ return; + + auto* networkStorageSession = storageSession(); + if (!networkStorageSession) +@@ -823,7 +829,10 @@ void NetworkConnectionToWebProcess::cookiesEnabledSync(const URL& firstParty, co + + void NetworkConnectionToWebProcess::cookiesEnabled(const URL& firstParty, const URL& url, std::optional frameID, std::optional pageID, ShouldRelaxThirdPartyCookieBlocking shouldRelaxThirdPartyCookieBlocking, CompletionHandler&& completionHandler) + { +- MESSAGE_CHECK_COMPLETION(m_networkProcess->allowsFirstPartyForCookies(m_webProcessIdentifier, firstParty), completionHandler(false)); ++ auto allowCookieAccess = m_networkProcess->allowsFirstPartyForCookies(m_webProcessIdentifier, firstParty); ++ MESSAGE_CHECK_COMPLETION(allowCookieAccess != NetworkProcess::AllowCookieAccess::Terminate, completionHandler(false)); ++ if (allowCookieAccess != NetworkProcess::AllowCookieAccess::Allow) ++ return completionHandler(false); + + auto* networkStorageSession = storageSession(); + if (!networkStorageSession) { +@@ -837,7 +846,10 @@ void NetworkConnectionToWebProcess::cookiesEnabled(const URL& firstParty, const + + void NetworkConnectionToWebProcess::cookieRequestHeaderFieldValue(const URL& firstParty, const SameSiteInfo& sameSiteInfo, const URL& url, std::optional frameID, std::optional pageID, IncludeSecureCookies includeSecureCookies, ApplyTrackingPrevention applyTrackingPrevention, ShouldRelaxThirdPartyCookieBlocking shouldRelaxThirdPartyCookieBlocking, CompletionHandler&& completionHandler) + { +- MESSAGE_CHECK_COMPLETION(m_networkProcess->allowsFirstPartyForCookies(m_webProcessIdentifier, firstParty), completionHandler({ }, false)); ++ auto allowCookieAccess = m_networkProcess->allowsFirstPartyForCookies(m_webProcessIdentifier, firstParty); ++ MESSAGE_CHECK_COMPLETION(allowCookieAccess != NetworkProcess::AllowCookieAccess::Terminate, completionHandler({ }, false)); ++ if (allowCookieAccess != NetworkProcess::AllowCookieAccess::Allow) ++ return completionHandler({ }, false); + + auto* networkStorageSession = storageSession(); + if (!networkStorageSession) +@@ -848,7 +860,10 @@ void NetworkConnectionToWebProcess::cookieRequestHeaderFieldValue(const URL& fir + + void NetworkConnectionToWebProcess::getRawCookies(const URL& firstParty, const SameSiteInfo& sameSiteInfo, const URL& url, std::optional frameID, std::optional pageID, ApplyTrackingPrevention applyTrackingPrevention, ShouldRelaxThirdPartyCookieBlocking shouldRelaxThirdPartyCookieBlocking, CompletionHandler&&)>&& completionHandler) + { +- MESSAGE_CHECK_COMPLETION(m_networkProcess->allowsFirstPartyForCookies(m_webProcessIdentifier, firstParty), completionHandler({ })); ++ auto allowCookieAccess = m_networkProcess->allowsFirstPartyForCookies(m_webProcessIdentifier, firstParty); ++ MESSAGE_CHECK_COMPLETION(allowCookieAccess != NetworkProcess::AllowCookieAccess::Terminate, completionHandler({ })); ++ if (allowCookieAccess != NetworkProcess::AllowCookieAccess::Allow) ++ return completionHandler({ }); + + auto* networkStorageSession = storageSession(); + if (!networkStorageSession) +@@ -877,7 +892,10 @@ void NetworkConnectionToWebProcess::deleteCookie(const URL& url, const String& c + + void NetworkConnectionToWebProcess::cookiesForDOMAsync(const URL& firstParty, const SameSiteInfo& sameSiteInfo, const URL& url, std::optional frameID, std::optional pageID, IncludeSecureCookies includeSecureCookies, ApplyTrackingPrevention applyTrackingPrevention, ShouldRelaxThirdPartyCookieBlocking shouldRelaxThirdPartyCookieBlocking, WebCore::CookieStoreGetOptions&& options, CompletionHandler>&&)>&& completionHandler) + { +- MESSAGE_CHECK_COMPLETION(m_networkProcess->allowsFirstPartyForCookies(m_webProcessIdentifier, firstParty), completionHandler(std::nullopt)); ++ auto allowCookieAccess = m_networkProcess->allowsFirstPartyForCookies(m_webProcessIdentifier, firstParty); ++ MESSAGE_CHECK_COMPLETION(allowCookieAccess != NetworkProcess::AllowCookieAccess::Terminate, completionHandler(std::nullopt)); ++ if (allowCookieAccess != NetworkProcess::AllowCookieAccess::Allow) ++ return completionHandler(std::nullopt); + + auto* networkStorageSession = storageSession(); + if (!networkStorageSession) +@@ -894,7 +912,10 @@ void NetworkConnectionToWebProcess::cookiesForDOMAsync(const URL& firstParty, co + + void NetworkConnectionToWebProcess::setCookieFromDOMAsync(const URL& firstParty, const SameSiteInfo& sameSiteInfo, const URL& url, std::optional frameID, std::optional pageID, ApplyTrackingPrevention applyTrackingPrevention, WebCore::Cookie&& cookie, ShouldRelaxThirdPartyCookieBlocking shouldRelaxThirdPartyCookieBlocking, CompletionHandler&& completionHandler) + { +- MESSAGE_CHECK(m_networkProcess->allowsFirstPartyForCookies(m_webProcessIdentifier, firstParty)); ++ auto allowCookieAccess = m_networkProcess->allowsFirstPartyForCookies(m_webProcessIdentifier, firstParty); ++ MESSAGE_CHECK_COMPLETION(allowCookieAccess != NetworkProcess::AllowCookieAccess::Terminate, completionHandler(false)); ++ if (allowCookieAccess != NetworkProcess::AllowCookieAccess::Allow) ++ return completionHandler(false); + + auto* networkStorageSession = storageSession(); + if (!networkStorageSession) +@@ -914,7 +935,10 @@ void NetworkConnectionToWebProcess::domCookiesForHost(const URL& url, Completion + { + auto host = url.host().toString(); + MESSAGE_CHECK_COMPLETION(HashSet::isValidValue(host), completionHandler({ })); +- MESSAGE_CHECK_COMPLETION(m_networkProcess->allowsFirstPartyForCookies(m_webProcessIdentifier, url), completionHandler({ })); ++ auto allowCookieAccess = m_networkProcess->allowsFirstPartyForCookies(m_webProcessIdentifier, url); ++ MESSAGE_CHECK_COMPLETION(allowCookieAccess != NetworkProcess::AllowCookieAccess::Terminate, completionHandler({ })); ++ if (allowCookieAccess != NetworkProcess::AllowCookieAccess::Allow) ++ return completionHandler({ }); + + auto* networkStorageSession = storageSession(); + if (!networkStorageSession) +@@ -1423,7 +1447,8 @@ void NetworkConnectionToWebProcess::establishSWContextConnection(WebPageProxyIde + { + auto* session = networkSession(); + if (auto* swServer = session ? session->swServer() : nullptr) { +- MESSAGE_CHECK(session->networkProcess().allowsFirstPartyForCookies(webProcessIdentifier(), registrableDomain)); ++ auto allowCookieAccess = session->networkProcess().allowsFirstPartyForCookies(webProcessIdentifier(), registrableDomain); ++ MESSAGE_CHECK(allowCookieAccess != NetworkProcess::AllowCookieAccess::Terminate); + m_swContextConnection = makeUnique(*this, webPageProxyID, WTFMove(registrableDomain), serviceWorkerPageIdentifier, *swServer); + } + completionHandler(); +diff --git a/Source/WebKit/NetworkProcess/NetworkProcess.cpp b/Source/WebKit/NetworkProcess/NetworkProcess.cpp +index db0437d3b70a..8f637e6c85fd 100644 +--- a/Source/WebKit/NetworkProcess/NetworkProcess.cpp ++++ b/Source/WebKit/NetworkProcess/NetworkProcess.cpp +@@ -458,48 +458,49 @@ void NetworkProcess::webProcessWillLoadWebArchive(WebCore::ProcessIdentifier pro + }).iterator->value.first = LoadedWebArchive::Yes; + } + +-bool NetworkProcess::allowsFirstPartyForCookies(WebCore::ProcessIdentifier processIdentifier, const URL& firstParty) ++auto NetworkProcess::allowsFirstPartyForCookies(WebCore::ProcessIdentifier processIdentifier, const URL& firstParty) -> AllowCookieAccess + { +- // FIXME: This should probably not be necessary. If about:blank is the first party for cookies, +- // we should set it to be the inherited origin then remove this exception. +- if (firstParty.isAboutBlank()) +- return true; ++ auto allowCookieAccess = allowsFirstPartyForCookies(processIdentifier, RegistrableDomain { firstParty }); ++ if (allowCookieAccess == NetworkProcess::AllowCookieAccess::Terminate) { ++ // FIXME: This should probably not be necessary. If about:blank is the first party for cookies, ++ // we should set it to be the inherited origin then remove this exception. ++ if (firstParty.isAboutBlank()) ++ return AllowCookieAccess::Disallow; + +- if (firstParty.isNull()) +- return true; // FIXME: This shouldn't be allowed. ++ if (firstParty.isNull()) ++ return AllowCookieAccess::Disallow; // FIXME: This shouldn't be allowed. ++ } + +- return allowsFirstPartyForCookies(processIdentifier, RegistrableDomain { firstParty }); ++ return allowCookieAccess; + } + +-bool NetworkProcess::allowsFirstPartyForCookies(WebCore::ProcessIdentifier processIdentifier, const RegistrableDomain& firstPartyDomain) ++auto NetworkProcess::allowsFirstPartyForCookies(WebCore::ProcessIdentifier processIdentifier, const RegistrableDomain& firstPartyDomain) -> AllowCookieAccess + { + // FIXME: This shouldn't be needed but it is hit sometimes at least with PDFs. +- if (firstPartyDomain.isEmpty()) +- return true; +- ++ auto terminateOrDisallow = firstPartyDomain.isEmpty() ? AllowCookieAccess::Disallow : AllowCookieAccess::Terminate; + if (!decltype(m_allowedFirstPartiesForCookies)::isValidKey(processIdentifier)) { + ASSERT_NOT_REACHED(); +- return false; ++ return terminateOrDisallow; + } + + auto iterator = m_allowedFirstPartiesForCookies.find(processIdentifier); + if (iterator == m_allowedFirstPartiesForCookies.end()) { + ASSERT_NOT_REACHED(); +- return false; ++ return terminateOrDisallow; + } + + if (iterator->value.first == LoadedWebArchive::Yes) +- return true; ++ return AllowCookieAccess::Allow; + + auto& set = iterator->value.second; + if (!std::remove_reference_t::isValidValue(firstPartyDomain)) { + ASSERT_NOT_REACHED(); +- return false; ++ return terminateOrDisallow; + } + + auto result = set.contains(firstPartyDomain); +- ASSERT(result); +- return result; ++ ASSERT(result || terminateOrDisallow == AllowCookieAccess::Disallow); ++ return result ? AllowCookieAccess::Allow : terminateOrDisallow; + } + + void NetworkProcess::addStorageSession(PAL::SessionID sessionID, const WebsiteDataStoreParameters& parameters) +diff --git a/Source/WebKit/NetworkProcess/NetworkProcess.h b/Source/WebKit/NetworkProcess/NetworkProcess.h +index 0897537e5847..54f19ab96ce4 100644 +--- a/Source/WebKit/NetworkProcess/NetworkProcess.h ++++ b/Source/WebKit/NetworkProcess/NetworkProcess.h +@@ -417,8 +417,9 @@ public: + void deleteWebsiteDataForOrigin(PAL::SessionID, OptionSet, const WebCore::ClientOrigin&, CompletionHandler&&); + void deleteWebsiteDataForOrigins(PAL::SessionID, OptionSet, const Vector& origins, const Vector& cookieHostNames, const Vector& HSTSCacheHostnames, const Vector&, CompletionHandler&&); + +- bool allowsFirstPartyForCookies(WebCore::ProcessIdentifier, const URL&); +- bool allowsFirstPartyForCookies(WebCore::ProcessIdentifier, const RegistrableDomain&); ++ enum class AllowCookieAccess : uint8_t { Disallow, Allow, Terminate }; ++ AllowCookieAccess allowsFirstPartyForCookies(WebCore::ProcessIdentifier, const URL&); ++ AllowCookieAccess allowsFirstPartyForCookies(WebCore::ProcessIdentifier, const RegistrableDomain&); + void addAllowedFirstPartyForCookies(WebCore::ProcessIdentifier, WebCore::RegistrableDomain&&, LoadedWebArchive, CompletionHandler&&); + void webProcessWillLoadWebArchive(WebCore::ProcessIdentifier); + +diff --git a/Source/WebKit/NetworkProcess/NetworkSession.cpp b/Source/WebKit/NetworkProcess/NetworkSession.cpp +index d3e9e8b4b64b..2c5fb9ad6765 100644 +--- a/Source/WebKit/NetworkProcess/NetworkSession.cpp ++++ b/Source/WebKit/NetworkProcess/NetworkSession.cpp +@@ -728,7 +728,7 @@ void NetworkSession::appBoundDomains(CompletionHandler requestingProcessIdentifier, WebCore::RegistrableDomain&& firstPartyForCookies) + { +- if (requestingProcessIdentifier && (requestingProcessIdentifier != webProcessIdentifier) && !m_networkProcess->allowsFirstPartyForCookies(requestingProcessIdentifier.value(), firstPartyForCookies)) { ++ if (requestingProcessIdentifier && (requestingProcessIdentifier != webProcessIdentifier) && m_networkProcess->allowsFirstPartyForCookies(requestingProcessIdentifier.value(), firstPartyForCookies) != NetworkProcess::AllowCookieAccess::Allow) { + ASSERT_NOT_REACHED(); + return; + } +diff --git a/Source/WebKit/NetworkProcess/ServiceWorker/WebSWServerConnection.cpp b/Source/WebKit/NetworkProcess/ServiceWorker/WebSWServerConnection.cpp +index 72d67d9f98a2..515f4597cf33 100644 +--- a/Source/WebKit/NetworkProcess/ServiceWorker/WebSWServerConnection.cpp ++++ b/Source/WebKit/NetworkProcess/ServiceWorker/WebSWServerConnection.cpp +@@ -344,7 +344,7 @@ void WebSWServerConnection::postMessageToServiceWorker(ServiceWorkerIdentifier d + + void WebSWServerConnection::scheduleJobInServer(ServiceWorkerJobData&& jobData) + { +- MESSAGE_CHECK(networkProcess().allowsFirstPartyForCookies(identifier(), WebCore::RegistrableDomain::uncheckedCreateFromHost(jobData.topOrigin.host()))); ++ MESSAGE_CHECK(networkProcess().allowsFirstPartyForCookies(identifier(), WebCore::RegistrableDomain::uncheckedCreateFromHost(jobData.topOrigin.host())) != NetworkProcess::AllowCookieAccess::Terminate); + + ASSERT(!jobData.scopeURL.isNull()); + if (jobData.scopeURL.isNull()) { +diff --git a/Source/WebKit/NetworkProcess/SharedWorker/WebSharedWorkerServerConnection.cpp b/Source/WebKit/NetworkProcess/SharedWorker/WebSharedWorkerServerConnection.cpp +index 83affaaded38..084bbdf8f8c5 100644 +--- a/Source/WebKit/NetworkProcess/SharedWorker/WebSharedWorkerServerConnection.cpp ++++ b/Source/WebKit/NetworkProcess/SharedWorker/WebSharedWorkerServerConnection.cpp +@@ -79,7 +79,7 @@ NetworkSession* WebSharedWorkerServerConnection::session() + + void WebSharedWorkerServerConnection::requestSharedWorker(WebCore::SharedWorkerKey&& sharedWorkerKey, WebCore::SharedWorkerObjectIdentifier sharedWorkerObjectIdentifier, WebCore::TransferredMessagePort&& port, WebCore::WorkerOptions&& workerOptions) + { +- MESSAGE_CHECK(m_networkProcess->allowsFirstPartyForCookies(m_webProcessIdentifier, WebCore::RegistrableDomain::uncheckedCreateFromHost(sharedWorkerKey.origin.topOrigin.host()))); ++ MESSAGE_CHECK(m_networkProcess->allowsFirstPartyForCookies(m_webProcessIdentifier, WebCore::RegistrableDomain::uncheckedCreateFromHost(sharedWorkerKey.origin.topOrigin.host())) != NetworkProcess::AllowCookieAccess::Terminate); + MESSAGE_CHECK(sharedWorkerObjectIdentifier.processIdentifier() == m_webProcessIdentifier); + MESSAGE_CHECK(sharedWorkerKey.name == workerOptions.name); + CONNECTION_RELEASE_LOG("requestSharedWorker: sharedWorkerObjectIdentifier=%" PUBLIC_LOG_STRING, sharedWorkerObjectIdentifier.toString().utf8().data()); diff --git a/webkit2gtk3-disable-dmabuf-nvidia.patch b/webkit2gtk3-disable-dmabuf-nvidia.patch new file mode 100644 index 0000000..68d3d12 --- /dev/null +++ b/webkit2gtk3-disable-dmabuf-nvidia.patch @@ -0,0 +1,65 @@ +From: Carlos Garcia Campos +Subject: Disable DMABuf renderer for NVIDIA proprietary drivers +Bug: https://bugs.webkit.org/show_bug.cgi?id=262607 +Bug-Debian: https://bugs.debian.org/1039720 +Origin: https://github.com/WebKit/WebKit/pull/18614 +Index: webkitgtk-2.44.0/Source/WebKit/UIProcess/gtk/AcceleratedBackingStoreDMABuf.cpp +=================================================================== +--- webkitgtk-2.44.0.orig/Source/WebKit/UIProcess/gtk/AcceleratedBackingStoreDMABuf.cpp ++++ webkitgtk-2.44.0/Source/WebKit/UIProcess/gtk/AcceleratedBackingStoreDMABuf.cpp +@@ -37,6 +37,7 @@ + #include + #include + #include ++#include + #include + #include + #include +@@ -45,6 +46,7 @@ + + #if USE(GBM) + #include ++#include + #include + + static constexpr uint64_t s_dmabufInvalidModifier = DRM_FORMAT_MOD_INVALID; +@@ -58,6 +60,29 @@ static constexpr uint64_t s_dmabufInvali + + namespace WebKit { + ++static bool isNVIDIA() ++{ ++ const char* forceDMABuf = getenv("WEBKIT_FORCE_DMABUF_RENDERER"); ++ if (forceDMABuf && strcmp(forceDMABuf, "0")) ++ return false; ++ ++ std::unique_ptr platformDisplay; ++#if USE(GBM) ++ const char* disableGBM = getenv("WEBKIT_DMABUF_RENDERER_DISABLE_GBM"); ++ if (!disableGBM || !strcmp(disableGBM, "0")) { ++ if (auto* device = WebCore::PlatformDisplay::sharedDisplay().gbmDevice()) ++ platformDisplay = WebCore::PlatformDisplayGBM::create(device); ++ } ++#endif ++ if (!platformDisplay) ++ platformDisplay = WebCore::PlatformDisplaySurfaceless::create(); ++ ++ WebCore::GLContext::ScopedGLContext glContext(WebCore::GLContext::createOffscreen(platformDisplay ? *platformDisplay : WebCore::PlatformDisplay::sharedDisplay())); ++ if (strstr(reinterpret_cast(glGetString(GL_VENDOR)), "NVIDIA")) ++ return true; ++ return false; ++} ++ + OptionSet AcceleratedBackingStoreDMABuf::rendererBufferMode() + { + static OptionSet mode; +@@ -73,6 +98,9 @@ OptionSet Acce + return; + } + ++ if (isNVIDIA()) ++ return; ++ + mode.add(DMABufRendererBufferMode::SharedMemory); + + const char* forceSHM = getenv("WEBKIT_DMABUF_RENDERER_FORCE_SHM"); diff --git a/webkit2gtk3.changes b/webkit2gtk3.changes new file mode 100644 index 0000000..bc59935 --- /dev/null +++ b/webkit2gtk3.changes @@ -0,0 +1,4696 @@ +------------------------------------------------------------------- +Wed Nov 27 21:34:14 UTC 2024 - Michael Gorse + +- Update to version 2.46.4: + + Improve memory consumption and performance of Canvas + getImageData. + + Fix preserve-3D intersection rendering. + + Fix video dimensions since GStreamer 1.24.9. + + Fix the HTTP-based remote Web Inspector not loading in + Chromium. + + Fix content filters not working on about:blank iframes. + + Fix several crashes and rendering issues. + + Security fixes: CVE-2024-44308, CVE-2024-44309. +- Drop patches fixed upstream: + + 9e9ea966373d3858668f6a29d8ba91a5807c8dd8.patch + + webkit2gtk3-CVE-2024-44308.patch + + webkit2gtk3-CVE-2024-44309.patch + +------------------------------------------------------------------- +Mon Nov 25 19:25:44 UTC 2024 - Michael Gorse + +- Add webkit2gtk3-CVE-2024-44308.patch: don't allocate DFG register + after a slow path (boo#1233631 CVE-2024-44308). +- Add webkit2gtk3-CVE-2024-44309.patch: fix a cookie management + issue (boo#1233632 CVE-2024-44309). + +------------------------------------------------------------------- +Thu Nov 14 10:18:18 UTC 2024 - Dominique Leuenberger + +- Add 63f7badbada070ebaadd318b2801818ecf7e7ea0.patch: Fix build + using ICU 76.1. + +------------------------------------------------------------------- +Tue Nov 12 17:24:48 UTC 2024 - Bjørn Lie + +- Add 9e9ea966373d3858668f6a29d8ba91a5807c8dd8.patch: Fix aspect + ratio in videos with gststreamer-1.24.9. + +------------------------------------------------------------------- +Mon Nov 4 16:08:38 UTC 2024 - Michael Gorse + +- Update to version 2.46.3 (boo#1232747): + + Flatten layers to a plane when preseve-3d style is set. + + Fix DuckDuckGo links by adding a user agent quirk. + + Fix several crashes and rendering issues. + + Security fixes: CVE-2044-44244, CVE-2024-44296. +- Drop bug281492.patch: fixed upstream. + +------------------------------------------------------------------- +Mon Oct 21 15:09:18 UTC 2024 - Michael Gorse + +- Update to version 2.46.2: + + Own well-known bus name on a11y bus. + + Improve memory consumption when putImageData is used repeatedly + on accelerated canvas. + + Disable cached web process suspension for now to prevent leaks. + + Improve text kerning with different combinations of antialias + and hinting settings. + + Destroy all network sessions on process exit. + + Fix visible rectangle calculation when there are animations. + + Fix the build with ENABLE_NOTIFICATIONS=OFF. + + Fix the build with ENABLE_FULLSCREEN_API=OFF. + + Fix the build with ENABLE_WEB_AUDIO=OFF. + + Fix the build on ppc64le. + + Fix several crashes and rendering issues. +- Drop bug281495.patch: fixed upstream. + +------------------------------------------------------------------- +Wed Oct 16 21:49:23 UTC 2024 - Michael Gorse + +- Add bug281492.patch: fix crash in + AccessibilityAtspi::textAttributes. +- Add bug281495.patch: fix crash in ProcessLauncher socket + monitor callback. + +------------------------------------------------------------------- +Fri Oct 4 11:19:52 UTC 2024 - Dominique Leuenberger + +- Update to version 2.46.1: + + Fix login QR code not shown in WhatsApp web. + + Disable PSON by default again in GTK 3 API versions. + + Disable DMABuf video sink by default to prevent file descriptor + leaks. + + Fix the build with GCC 13. + + Fix several crashes and rendering issues. + +------------------------------------------------------------------- +Tue Sep 17 19:04:26 UTC 2024 - Bjørn Lie + +- Update to version 2.46.0 (boo#1231039): + + Use Skia instead of cairo for 2D rendering and enable GPU + rendering by default. + + Enable offscreen canvas by default. + + Add support for system tracing with Sysprof. + + Implement printing using the Print portal. + + Add new API to load settings from a config file. + + Add a new setting to enable or disable the 2D canvas + acceleration (enabled by default). + + Undeprecate console messages API and make it available in 6.0 + API. + + Security fixes: CVE-2024-40866, CVE-2024-44187, CVE-2044-44185. + +------------------------------------------------------------------- +Wed Sep 11 16:53:03 UTC 2024 - Michael Gorse + +- Update to version 2.45.92: + + Add webkit://gpu/stdout to dump the information from + webkit://gpu to stdout. + + Undeprecate injected bundle frame access interfaces. + + Fix drag and drop. + + Fix connection to a11y bus under flatpak. + + Fix the build with Wayland and GBM disabled. + + Fix linker relocation errors on Debug/RelWithDebInfo builds. + + Fix several crashes and rendering issues. + +------------------------------------------------------------------- +Tue Sep 10 21:35:51 UTC 2024 - Michael Gorse + +- Up gcc requirement to match cmake check. + Remove wpe and wpebackend-fdo from BuildRequires: no longer used. + +------------------------------------------------------------------- +Mon Sep 9 21:12:42 UTC 2024 - Bjørn Lie + +- Update to version 2.45.91: + + Add new API to WebKitAutomationSession to be notified when the + session is about to be closed. + + Fix WebGL with accelerated compositing disabled. + + Fix image filtering not being applied in some cases. + + Fix the build on 32 bits systems. + + Fix the build with -DUSE_TEXTURE_MAPPER_DMABUF=OFF + + Fix several crashes and rendering issues. + + Updated translations. +- Rebase patch with quilt. +- Drop webkit2gtk3-disable-dmabuf-nvidia.patch: Should not be + needed anymore. +- Pass USE_SYSTEM_SYSPROF_CAPTURE=NO to cmake, avoid building + sysprof capture for now. +- Disable LTO on x86 and ppc64le. + +------------------------------------------------------------------- +Mon Sep 9 20:12:42 UTC 2024 - Bjørn Lie + +- Update to version 2.44.4: + + Add quirk to allow totale.rosettastone.com to load properly. + + Fix webkit_web_resource_get_data() not working properly in some + sites. + + Fix not being able to jump-to-source in Web Inspector canvas + traces. + + Fix not being able to scroll list of WebGL shader programs in + the Web Inspector. + + Fix linker relocation errors on Debug/RelWithDebInfo builds. + + Fix crashes when built with Clang with Link-Time Optimization + (LTO). + + Fix several crashes and rendering issues. +- Drop revert-271175.patch: Fixed upstream. +- Enable LTO again, pass define _lto_cflags for only select targets + +------------------------------------------------------------------- +Sun Sep 1 16:30:22 UTC 2024 - Bjørn Lie + +- Add revert-271175.patch: This reverts commit 279c9d7, it broke + wasm. + +------------------------------------------------------------------- +Tue Aug 13 16:48:56 UTC 2024 - Michael Gorse + +- Update to version 2.44.3 (boo#1228697): + + Fix web process cache suspend/resume when sandbox is enabled. + + Fix accelerated images dissapearing after scrolling. + + Fix video flickering with DMA-BUF sink. + + Fix pointer lock on X11. + + Fix movement delta on mouse events in GTK3. + + Undeprecate console message API and make it available in 2022 + API. + + Fix several crashes and rendering issues. + + Security fixes: CVE-2024-40776, CVE-2024-40779, CVE-2024-40780, + CVE-2024-40782, CVE-2024-40789, CVE-2024-4558, CVE-2024-27838, + CVE-2024-27851. +- Drop patches now upstream: + 9d5844679af8f84036f1b800307e799bd7ab73ba.patch + webkit2gtk3-CVE-2024-40776.patch + webkit2gtk3-CVE-2024-40779.patch + webkit2gtk3-CVE-2024-40780.patch + webkit2gtk3-CVE-2024-40782.patch + +------------------------------------------------------------------- +Thu Aug 1 20:25:14 UTC 2024 - Michael Gorse + +- Add CVE fixes: + + webkit2gtk3-CVE-2024-40776.patch (boo#1228613 CVE-2024-40776) + + webkit2gtk3-CVE-2024-40779.patch (boo#1228693 CVE-2024-40779) + + webkit2gtk3-CVE-2024-40780.patch (boo#1228694 CVE-2024-40780) + + webkit2gtk3-CVE-2024-40782.patch (boo#1228695 CVE-2024-40782) + +------------------------------------------------------------------- +Tue Jul 2 21:39:04 UTC 2024 - Bjørn Lie + +- Add 9d5844679af8f84036f1b800307e799bd7ab73ba.patch VA+DMABuf + videos flicker + +------------------------------------------------------------------- +Fri May 17 20:40:00 UTC 2024 - Michael Gorse + +- Update to version 2.44.2 (boo#1225071): + + Make gamepads visible on axis movements, and not only on + button presses. + + Disable the gst-libav AAC decoder. + + Make user scripts and style sheets visible in the Web + Inspector. + + Use the geolocation portal where available, with the existing + geoclue as fallback if the portal is not usable. + + Use the printing portal when running sandboxed. + + Use the file transfer portal for drag and drop when running + sandboxed. + + Avoid notifying an empty cursor rectangle to input methods. + + Remove empty bar shown in detached inspector windows. + + Consider keycode when activating application accelerators. + + Fix the build with ENABLE_WEBAUDIO disabled. + + Fix several crashes and rendering issues. + + Security fixes: CVE-2024-27834, CVE-2024-27808, CVE-2024-27820, + CVE-2024-27833. +- Update keyring (taken from rawhide). + +------------------------------------------------------------------- +Tue Apr 16 16:42:31 UTC 2024 - Michael Gorse + +- Update to version 2.44.1: + + Fix handling of lifetime of web view child dialogs in GTK4. + + Do not schedule layer flushes when drawing area size is empty. + + Fix videos with alpha when using the DMA-BUF sink. + + Fix the build with USE_GBM=OFF. + + Fix the build in 32bit platforms + + Fix several crashes and rendering issues. +- Drop webkit2gtk3-271108.patch: fixed upstream. + +------------------------------------------------------------------- +Wed Mar 20 12:19:12 UTC 2024 - Michael Gorse + +- Use WebAssembly on aarch64. It is the upstream default and no + longer makes the build fail. Stop passing -DENABLE_C_LOOP=ON, + -DENABLE_WEBASSEMBLY=OFF and -DENABLE_SAMPLING_PROFILER=OFF for + the same reason. +- Drop webkit2gtk3-llint-build-fix.patch: no longer needed. +- Update some version requirements to match cmake checks. + +------------------------------------------------------------------- +Mon Mar 18 12:15:24 UTC 2024 - Dominique Leuenberger + +- Add webkit2gtk3-271108.patch: Fix build on 32bit archs + (https://bugs.webkit.org/show_bug.cgi?id=271108). + +------------------------------------------------------------------- +Sat Mar 16 09:36:58 UTC 2024 - Dominique Leuenberger + +- Update to version 2.44.0 (boo#1222010): + + Make the DOM accessibility tree reachable from UI process with + GTK4. + + Removed the X11 and WPE renderers in favor of DMA-BUF. + + Improved vblank synchronization when rendering. + + Removed key event reinjection in GTK4 to make keyboard + shortcuts work in web sites. + + Fix gamepads detection by correctly handling focused window in + GTK4. ++ Security fixes: CVE-2024-23252, CVE-2024-23254, CVE-2024-23263, + CVE-2024-23280, CVE-2024-23284, CVE-2023-42950, CVE-2023-42956, + CVE-2023-42843. +- Rebase webkit2gtk3-disable-dmabuf-nvidia.patch. + +------------------------------------------------------------------- +Tue Mar 5 16:20:56 UTC 2024 - Dominique Leuenberger + +- baselibs.conf: Do not build libjavascriptcoregtk-4_1-0-32bit and + libwebkit2gtk-4_1-0-32bit: they are not used, and in fact not + built in Factory (build excluded). + +------------------------------------------------------------------- +Thu Feb 29 13:15:27 UTC 2024 - Dominique Leuenberger + +- Update to version 2.43.4: + + Remove key event reinjection in GTK4 to make keyboard shortcuts + work in web sites. + + Use the new GTK API to create a GdkTexture from a DMA-BUF + buffer when available. + + Fix rendering when GTK is using the vulkan renderer. + + Fix gamepads detection by correctly handling focused window in + GTK4. + + Fix rendering after history navigation. + + Write bwrapinfo.json to disk for xdg-desktop-portal. + + Fixed several memory leaks in media backend. + + Fix several crashes and rendering issues. +- Changes from version 2.43.3: + + Show vblank monitor information in webkit://gpu. + + Fallback to timer based vblank monitor if drmWaitVBlank fails. + + Fix several memory leaks in media backend. + + Fix several crashes and rendering issues. +- Changes from version 2.43.2? + + Remove the X11 and WPE renderers. + + Release unused buffers when the view is hidden. + + Fix flickering while playing videos with DMA-BUF sink. + + Do not special case the "sans" font family name. + + Fix webkit_web_context_allow_tls_certificate_for_host() for + IPv6 URIs produced by SoupURI. + + Fix several crashes and rendering issues. +- Changes from version WebKitGTK 2.43.1? + + Improve vblank synchronization when rendering. + + Improve DMA-BUF buffers handling for video frames. + + Use the buffer format preferred by the driver in DMA-BUF + renderer. + + Do not block the compositing thread waiting for rendering + threads. + + Improve performance when scaling images in a canvas. + + Fix several crashes and rendering issues. + + Updated translations. +- Drop webkit2gtk3-create-destroy-egl-image.patch: fixed upstream. +- Add libbacktrace-devel BuildRequires (for gtk4 flavor). + +------------------------------------------------------------------- +Fri Feb 16 15:33:11 UTC 2024 - Michael Gorse + +- Increase mem_per_process again to match what is in SLE. The build + was sporadically failing there (bsc#1198743). +- Require libwaylandclient0 >= 1.20. 15.4 originally had 1.19.0, + but webkitgtk uses a function added in 1.20.0, so we need to + ensure that the wayland update is pulled in (bsc#1215072). + +------------------------------------------------------------------- +Thu Feb 15 04:03:27 UTC 2024 - Michael Gorse + +- Fix package names for v6, and obsolete old packages. + +------------------------------------------------------------------- +Wed Feb 14 17:44:28 UTC 2024 - Michael Gorse + +- Use gcc 11 on SLE, to match what is currently used on SP4, and + adjust version check to include SP6. Also, use system malloc + there; the build currently fails without this (webkit#243535). +- Require gcc >= 10.2 to match the current cmake test. +- Disable jpegxl on SLE; it isn't currently available there. + +------------------------------------------------------------------- +Mon Feb 5 16:58:41 UTC 2024 - Michael Gorse + +- Update to version 2.42.5 (boo#1219604): + + Fix webkit_web_context_allow_tls_certificate_for_host to + handle IPv6 URIs produced by SoupURI. + + Ignore stops with offset zero before last one when rendering + gradients with cairo. + + Write bwrapinfo.json to disk for xdg-desktop-portal. + + Fix gamepads detection by correctly handling focused window in + GTK4. + + Fix several crashes and rendering issues. + + Security fixes: CVE-2024-23222, CVE-2024-23206, CVE-2024-23213, + CVE-2024-23271. +- Drop webkit2gtk3-CVE-2024-23222.patch: fixed upstream. +- Add webkit2gtk3-llint-build-fix.patch: fix the build for non-x86 + architectures. + +------------------------------------------------------------------- +Wed Jan 24 19:33:03 UTC 2024 - Michael Gorse + +- Add webkit2gtk3-CVE-2024-23222.patch: fix a type confusion issue + (bsc#1219113 CVE-2024-23222). + +------------------------------------------------------------------- +Sat Dec 16 13:51:42 UTC 2023 - Michael Gorse + +- Update to version 2.42.4 (boo#1218032): + + Fix incorrect random images incorrectly displayed as + backgrounds of
elements. + + Fix videos displayed aliased after being resized e.g. in + YouTube. + + Fix several crashes and rendering issues. + + Security fixes: CVE-2023-42883. + +------------------------------------------------------------------- +Wed Dec 6 17:03:18 UTC 2023 - Michael Gorse + +- Update to version 2.42.3 (boo#1217844): + + Fix flickering while playing videos with DMA-BUF sink. + + Fix color picker being triggered in the inspector when typing + "tan". + + Do not special case the "sans" font family name. + + Fix build failure with libxml2 version 2.12.0 due to an API + change. + + Fix several crashes and rendering issues. + + Security fixes: CVE-2023-42916, CVE-2023-42917. + +------------------------------------------------------------------- +Tue Nov 28 09:52:05 UTC 2023 - Dominique Leuenberger + +- Adjust path to (openSUSE renamed) gst-plugin-scanner in the code + using sed. + +------------------------------------------------------------------- +Tue Nov 21 12:20:53 UTC 2023 - Dominique Leuenberger + +- Ensure max_link_jobs and max_compile_jobs have valid values even + when %{jobs} is not defined (like when building outside of OBS). + +------------------------------------------------------------------- +Thu Nov 16 15:47:38 UTC 2023 - Michael Gorse + +- Update to version 2.42.2 (boo#1217210): + + Bump Safari version in user agent header. + + Fix CSP regression that broke Unity WebGL applications. + + Fix the build with GBM disabled. + + Fix several crashes and rendering issues. + + Security fixes: CVE-2023-41983, CVE-2023-42852. + +------------------------------------------------------------------- +Wed Nov 1 19:52:33 UTC 2023 - Mike Gorse + +- Add webkit2gtk3-disable-dmabuf-nvidia.patch: disable DMABuf + renderer for NVIDIA proprietary drivers (boo#1216778). + +------------------------------------------------------------------- +Mon Oct 23 18:48:15 UTC 2023 - Mike Gorse + +- Add webkit2gtk3-create-destroy-egl-image.patch: fix "No provider + of EglDestroyImage Found" (boo#1216483). + +------------------------------------------------------------------- +Fri Sep 29 18:10:40 UTC 2023 - Bjørn Lie + +- Update to version 2.42.1 (boo#1215661 boo#1215866 boo#1215867 + boo#1215868 boo#1215869 boo#1215870): + + Fix enable-html5-database setting to properly enable/disable + IndexedDB API. + + Fix the build with GBM disabled. + + Fix several crashes and rendering issues. + + Security fixes: CVE-2023-41993, CVE-2023-40414. + +------------------------------------------------------------------- +Thu Sep 28 08:47:58 UTC 2023 - Marcus Meissner + +- switch to pkgconfig(icu-i18n) instead of libicu-devel, to allow + switching to a different libicu*-devel (jsc#PED-6193) + +------------------------------------------------------------------- +Fri Sep 15 19:04:16 UTC 2023 - Bjørn Lie + +- Update to version 2.42.0 (boo#1218033 boo#1222905): + + New renderer based on DMA-BUF shared buffers. + + Add new permission request to handle DOM paste access requests. + + Add API to configure experimental features at runtime. + + Add API to set the percentage of volume space that can be used + for data storage. + + GBM is no longer required for WebGL implementation. + + Security fixes: CVE-2023-39928, CVE-2023-41074, CVE-2023-32359, + CVE-2023-42890, CVE-2014-1745, CVE-2024-23226. + +------------------------------------------------------------------- +Mon Sep 11 15:02:19 UTC 2023 - Bjørn Lie + +- Update to version 2.41.92: + + Fix render updates after cross origin history navigation with + GTK4. + + Fix flickering in non accelerated compositing mode. + + Fix pixelated accelerated blur filter. + + Fix web process launching when xdg-dbus-proxy is not installed. + + Pass GBM_BO_USE_RENDERING to gbm_bo_create. + + Fix several crashes and rendering issues. + +------------------------------------------------------------------- +Fri Sep 1 19:57:17 UTC 2023 - Luciano Santos + +- Expand lang sub-package in spec file unconditionally to handle + previous name change from WebKit2GTK-lang to WebKitGTK-lang. This + change affected the automatic generated Requires tag on + WebKit2GTK-%{_apiver}, then getting out of sync of what's being + required and what's being provided. Now, any sub-package that was + providing WebKit2GTK-%{_apiver} will provide WebKitGTK-%{_apiver} + instead (boo#1214835, boo#1214640, boo#1214093). + +------------------------------------------------------------------- +Thu Aug 31 18:53:42 UTC 2023 - Bjørn Lie + +- Add explicit pkgconfig(epoxy) and pkgconfig(xdamage) + BuildRequires: meson setup checks for them, so we should list + them. + +------------------------------------------------------------------- +Mon Aug 21 21:34:34 UTC 2023 - Michael Gorse + +- Update to version 2.41.91: + + Properly handle toplevel window state changes in GTK4. + + Do not keep processing frames while the view is unrealized + when using DMA-BUF renderer. + + Fallback to first render node returned by DRM when failing to + get using EGLDevice. + + Fix the build with libjxl < 0.7.0. + + Fix several crashes and rendering issues. + +------------------------------------------------------------------- +Sun Aug 13 09:33:40 UTC 2023 - Bjørn Lie + +- Update to version 2.41.90: + + Fix the popup menu always shown in github when logged in. + + Add API to replace and retrieve the entire cookie jar. + + Apply the device scale factor when changed after web view is + created. + + Do not expose media devices that can’t be used in + enumerateDevices. + + Add support for P010 video format. + + Fix non-accelerated rendering that broke web inspector. + + Fix several crashes and rendering issue + +------------------------------------------------------------------- +Wed Aug 2 18:25:13 UTC 2023 - Bjørn Lie + +- Update to version 2.41.6: + + Add API to set the percentage of volume space that can be used + for data storage. + + Do not use GBM and DMA-BUF for WebGL implementation. + + Use EGL_MESA_image_dma_buf_export if available when GBM is + disabled. + + Fix AV1 video with the dav1d decoder when using the DMA-BUF + sink. + + Use three buffers for DMA-BUF renderer. + + Fix several crashes and rendering issues. +- Changes from version 2.41.5: + + Include key modifiers in wheel events. + + Remove support for OpenGL API in the web process. + + Native DASH support is now opt-in, like HLS. + + Fix scrollbar jumping to top when drag released outside window + in GTK4. + + Fix contents not rendered in new web view when realized after + configure and frame with DMA-BUF renderer. + + Fix several crashes and rendering issues. +- Changes from version 2.41.4: + + Add new API to configure experimental features at runtime. + + Add support for prefers-reduced-motion media query. + + Split hardware acceleration information in webkit://gpu. + + Fix CPU usage on autoplaying videos. + + Fix video rendering when GL is disabled. + + Choose amount of painting threads depending on available CPU + cores on GTK4. + + Add memory usage of images in web inspector memory timeline. + + Fix the build with X11 target disabled. + + Fix several crashes and rendering issues. +- Changes from version 2.41.3: + + Ensure the same GPU device is used by GBM in all processes. + + Fix memory corruption causing glitches in several web sites. + + Use more reliable generated application ID. + + Show DRM device and render node files when available in + webkit://gpu. + + Fix the build on i386. + + Fix several crashes and rendering issues. +- Changes from version 2.41.2: + + Properly handle the modifier value when exporting/importing + DMA-BUF buffers. + + Don’t require GApplication for bubblewrap sandbox. + + Fix cap height calculation in font metrics. + + Fix the build on i386. + + Fix the build with libgbm disabled. + + Fix several crashes and rendering issues. + + Updated translations. +- Changes from version 2.41.1: + + Use DMABuf and WebKit IPC for rendering instead of wpe/x11. + + Calculate scroll step depending on scrollable area size when + scrolling with the mouse wheel or arrow keys. + + Add WebKitClipboardPermissionRequest to handle DOM paste access + requests. + + Remove support for rendering with GLX in the web process. + + Fix several crashes and rendering issues. +- Add pkgconfig(libjxl) BuildRequires: New dependency. + +------------------------------------------------------------------- +Wed Aug 2 18:25:12 UTC 2023 - Michael Gorse + +- Update to version 2.40.5 (boo#1213905 boo#1215230): + + Fix several crashes and rendering issues. + + Security fixes: CVE-2023-38133, CVE-2023-38572, CVE-2023-38592, + CVE-2023-38594, CVE-2023-38595, CVE-2023-38597, CVE-2023-38599, + CVE-2023-38600, CVE-2023-38611, CVE-2023-40397, CVE-2023-39434, + CVE-2023-40451. + +------------------------------------------------------------------- +Fri Jul 21 20:49:06 UTC 2023 - Michael Gorse + +- Update to version 2.40.4 (boo#1213379): + + Fix a bug in JavaScript reading variable arguments in a call. + + Security fixes: CVE-2023-37450. + +------------------------------------------------------------------- +Wed Jun 28 16:41:25 UTC 2023 - Michael Gorse + +- Update to version 2.40.3 (boo#1212863): + + Make memory pressure monitor honor memory.memsw.usage_in_bytes + if exists. + + Include key modifiers in wheel events. + + Apply cookie blocking policy to WebSocket handshakes. + + Remove accidental dependency on GLib 2.70. + + Fix the build with BUBBLEWRAP_SANDBOX disabled. + + Fix several crashes and rendering issues. + + Security fixes: CVE-2023-32439. + +------------------------------------------------------------------- +Wed May 31 16:05:38 UTC 2023 - Michael Gorse + +- Update to version 2.40.2 (boo#1211846): + + Fix scrollbar jumping to top when drag released outside window + in GTK4. + + Fix video rendering when GL is disabled. + + Fix flickering on looped videos when starting again. + + Fix CPU usage on autoplaying videos. + + Choose amount of painting threads depending on available CPU + cores on GTK4. + + Fix several crashes and rendering issues. + + Security fixes: CVE-2023-28204, CVE-2023-32373 (boo#1211658 + boo#1211659). +- Drop gcc13-fix.patch: fixed upstream. + +------------------------------------------------------------------- +Thu Apr 20 14:21:35 UTC 2023 - Michael Gorse + +- Update to version 2.40.1 (boo#1210295 boo#1210731): + + The Bubblewrap sandbox no longer requires setting an + application identifier via GApplication to operate correctly. + Using GApplication is still recommended, but optional. + + Adjust the scrolling speed for mouse wheels to make it feel + more natural. + + Allow pasting content using the Asynchronous Clipboard API when + the origin is the same as the clipboard contents. + + Improvements to the GStreamer multimedia playback, in + particular around MSE, WebRTC, and seeking. + + Make all supported image types appear in the Accept HTTP + header. + + Fix text caret blinking when blinking is disabled in the GTK + settings. + + Fix default database quota size definition. + + Fix application of all caps tags listed in the + font-feature-settings CSS property. + + Fix the build with journald support enabled when using elogind + instead of the systemd libraries. + + Fix the build when libgcrypt provides a libgcrypt-config script + instead of a pkg-config module file. + + Fix font height calculations for the font-size-adjust CSS + property. + + Fix the build when ccache is used in certain setups. + + Fix the build for RISC-V 64-bit targets. + + Fix the build with GCC 13. + + Fix several crashes and rendering issues. + + Security fixes: CVE-2022-0108, CVE-2023-28205, CVE-2022-32885, + CVE-2023-27932, CVE-2023-27954, CVE-2023-28198, CVE-2023-32370. +- Drop regression-fix.patch and fix-gst-crash.patch: fixed + upstream. +- Rebase gcc13-fix.patch. + +------------------------------------------------------------------- +Tue Mar 28 08:22:05 UTC 2023 - Bjørn Lie + +- Add fix-gst-crash.patch: Fix crash in + webkit_media_stream_src_class_init(). + https://bugs.webkit.org/show_bug.cgi?id=254025 +- Add reproducibility.patch: Make build more reproducible. Still + not there yet though. Inject fixed year in file. + +------------------------------------------------------------------- +Fri Mar 24 19:23:02 UTC 2023 - Bjørn Lie + +- Tweak constraints. + +------------------------------------------------------------------- +Fri Mar 24 09:14:45 UTC 2023 - Martin Liška + +- Add gcc13-fix.patch fix that handles invalid code as reported here: + https://github.com/WebKit/WebKit/pull/11910. + +------------------------------------------------------------------- +Tue Mar 21 08:17:44 UTC 2023 - Dominique Leuenberger + +- Fix provides of libwebkit2gtk-4.[01]: Provide WebKitGTK-4.x. This + symbol is only needed by the lang packages and those have been + renamed from WebKit2GTK to WebKitGTK. + +------------------------------------------------------------------- +Fri Mar 17 19:06:13 UTC 2023 - Bjørn Lie + +- Update to version 2.40.0 (boo#1213581): + + New GTK4 API is now stable. + + Use ANGLE for WebGL implementation and enable WebGL2. + + Prefer EGL over X11, intead of GLX, where available. + + Add support for speech synthesis using Flite. + + Enable the async clipboard API. + + Add API to query the permission state of web features. + + Add API to support asynchronously returning values from user + script messages. + + Make it possible to handle WebKitDownload::decide-destination + signal asynchronously. + + Add new JavaScript execution APIs. + + Make webkit://gpu output exportable as JSON. + + Fix large memory allocation when uploading content. +- Add regression-fix.patch: [GLib] Broke + WebKitUserContentManager::script-message-received + + Security fixes: CVE-2023-32393, CVE-2023-32435, CVE-2023-35074. + +------------------------------------------------------------------- +Wed Mar 8 16:18:06 UTC 2023 - Bjørn Lie + +- Update to version 2.39.91: + + Rename WebKitWebExtension to WebKitWebProcessExtension in GTK4 + API. + + Remove WebKitJavascriptResult in favor of using JSCValue + directly in GTK4 API. + + Add new API to get the request body of WebKitURISchemeRequest. + + Make it possible to handle WebKitDownload::decide-destination + signal asynchronously. + + Allow WebKitDownload destination to be a path instead of a URI. + + Make webkit://gpu output exportable as JSON. + + Improve scrolling performance in accelerated compositing mode. + + Implement KeyboardEvent.repeat. + + Fix a crash in MiniBrowser when the favicon is updated. + + Fix the build in Ubuntu 20.04 and Debian Stable. + + Fix several crashes and rendering issues. + + Updated translations. +- Drop no-forced-sse.patch: Due to changes in the code, trying to + build without SSE2 support fails even with this patch. We are + forced to give up on this, SSE2 support is now mandatory for all + build targets. +- Add new defines and sub-packages in conditional ways, upstream + did a lot of changes for new gtk4 variant. + +------------------------------------------------------------------- +Sun Feb 26 17:23:07 UTC 2023 - Bjørn Lie + +- Update to version 2.39.90: + + Add new JavaScript execution APIs. + + Merge functions of registering and unregistering script message + handler in GTK4 API. + + Mark non-derivable types as final and make instance and class + struct declarations private in GTK4 API. + + Make favicon and snapshot API use GdkTexture instead of cairo + surfaces in GTK4 API. + + Fix scrolling after a history navigation with PSON enabled. + + Fix criticals from webkitOptionMenuSetEvent when opening any + combo box. + + Fix large memory allocation when uploading content. + + Always update the active uri of WebKitFrame. + + Fix several crashes and rendering issues. + + Updated translations. +- Drop webkit2gtk3-missing-include.patch: Fixed upstream + +------------------------------------------------------------------- +Wed Feb 15 14:39:07 UTC 2023 - Bjørn Lie + +- Update to version 2.39.7: + + Fix the webkit.h public header causing applications to fail to + build. + + Fix several crashes and rendering issues. +- Changes from version 2.39.6: + + Add support for speech synthesis using Flite. + + Bring back WebKitConsoleMessage API implementation. + + Fix async scroll event propagation for GTK4. + + Add network session API when building with GTK4. + + Make most public types final when building with GTK4. + + Remove WebKitPrintCustomWidget when building with GTK4. + + Remove most of the webkit_web_view_new_with_*() constructors + when building with GTK4. + + Remove webkit_web_context_get/set_process_model when building + with GTK4. + + Do not allow the sandbox to mount the entire home directory. + + Fix several crashes and rendering issues. +- Add pkgconfig(gstreamer-transcoder-1.0) and pkgconfig(openssl) + BuildRequires: New dependencies. +- Pass conditional ENABLE_WEBDRIVER=ON/OFF to cmake, enable/disable + build of webdriver where apropiate. + +------------------------------------------------------------------- +Wed Feb 15 14:39:05 UTC 2023 - Bjørn Lie + +- Update to version 2.39.5: + + Enable WebGL2 by default again that was disabled by mistake. + + Fix the build with WebGL disabled. + + Fix the webkit.h public header causing applications to fail to + build. +- Changes from version 2.39.4: + + Fix WebGL when sandbox is enabled. + + Fix loading of media documents. + + Add new API disable web security. + + Disable support for HLS in media backend by default. + + Fix several crashes and rendering issues. + + Updated translations. +- Changes from version 2.39.3: + + Add new API to query the permission state of web features. + + Deprecate all web extension DOM APIs (WebKitDOMDocument, + WebKitDOMElement, WebKitDOMNode). + + Add webkit_web_hit_test_result_get_js_node() to get the + JSCValue for the node. + + Add WebKitWebFormManager and deprecate WebKitWebPage form + related signals. + + Don’t perform position queries on video sink when the player is + for audio only. + + Fix gibberish text when loading alternate data. + + Fix several crashes and rendering issues. +- Changes from version 2.39.2: + + Add API to support asynchronously returning values from user + script messages. + + Deprecate WebKitConsoleMessage API. + + Deprecate event parameter of WebKitWebView::context-menu and + WebKitWebView::show-option-menu signals in favor of a getter in + WebKitConextMenu and WebKitOptionMenu. + + Do not emit context-menu signals for media settings popup menu. + + Use async scrolling also for keyboard scrolling. + + Add support for client side certificates on WebSocket + connections. + + Fix first party for cookies set on every media request. + + Fix a crash on authentication dialog with GTK4. + + Fix web process leak when webkit_download_set_destination is + called with empty destination. + + Fix several warnings when building for ARMv7 (32-bits). + + Fix several crashes and rendering issues. +- Changes from version 2.39.1: + + Use ANGLE for WebGL implementation and enable WebGL2. + + Remove internal nested wayland compositor making libwpe + mandatory when building with wayland enabled. + + Prefer EGL over X11, intead of GLX, where available. + + Add support for background-repeat: space. + + Add API to check if a response policy decision is for the main + resource. + + Fix rendering of checkbox and radio buttons in black + backgrounds. + + Make checkbox, radio and inner spin button scale along by page + zoom. + + Add support for get computed label and get computed role + WebDriver commands. + + Fix several crashes and rendering issues. +- Rebase patches with quilt. +- Add unifdef BuildRequires: New dependency. + +------------------------------------------------------------------- +Wed Feb 15 14:30:47 UTC 2023 - Bjørn Lie + +- Update to version 2.38.5 (boo#1208328): + + Fix large memory allocation when uploading content. + + Fix scrolling after a history navigation with PSON enabled. + + Always update the active uri of WebKitFrame. + + Fix the build on Ubuntu 20.04. + + Fix several crashes and rendering issues. + + Security fixes: CVE-2023-23529. + +------------------------------------------------------------------- +Thu Feb 2 15:51:06 UTC 2023 - Michael Gorse + +- Update to version 2.38.4 (boo#1207997): + + Improve GStreamer multimedia playback across the board with + improved codec selection logic, better handling of latency, and + improving frame discard to avoid audio/video + desynchronizationg, among other fixes. + + Disable HLS media playback by default, which makes web sites + use MSE instead. If needed WEBKIT_GST_ENABLE_HLS_SUPPORT=1 can + be set in the environment to enable it back. + + Disable threaded rendering in GTK4 builds by default, as it was + causing crashes. + + Fix MediaSession API not showing artwork images. + + Fix MediaSession MPRIS usage when running inside a Flatpak + sandbox. + + Fix input element controls to correctly scale when applying a + zoom factor different than the default. + + Fix leakage of Web processes in certain situations. + + Fix the injected bundle not being found when running inside a + sandbox. + + Fix the build with ENABLE_INTROSPECTION when cross-compiling. + + FIx the build with ENABLE_WEBGL disabled. + + Fix the build with GStreamer-based WebRTC enabled. + + Fix the build with USE_GTK4 enabled. + + Fix several crashes and rendering issues. + + Security fixes: CVE-2023-23517, CVE-2023-23518, CVE-2022-42826, + CVE-2022-32919, CVE-2022-46705, CVE-2022-46725. + +------------------------------------------------------------------- +Fri Jan 27 15:09:41 UTC 2023 - Michael Gorse + +- Add webkit2gtk3-missing-include.patch: fix the build with gcc 13. + +------------------------------------------------------------------- +Thu Dec 22 14:54:41 UTC 2022 - Michael Gorse + +- Update to version 2.38.3 (boo#1206474 boo#1206750): + + Fix runtime critical warnings from media player. + + Fix network process crash when fetching website data on + ephemeral session. + + Fix the build with Ruby 3.2. + + Fix several crashes and rendering issues. + + Security fixes: CVE-2022-42852, CVE-2022-42856, CVE-2022-42867, + CVE-2022-46692, CVE-2022-46698, CVE-2022-46699, CVE-2022-46700. +- Drop b7ac5d0c.patch: fixed upstream. + +------------------------------------------------------------------- +Wed Dec 14 16:45:15 UTC 2022 - Dominique Leuenberger + +- Add upstream patch b7ac5d0c.patch: Fix build with Ruby 3.2. + +------------------------------------------------------------------- +Thu Nov 17 13:29:15 UTC 2022 - Guillaume GARDET + +- Update _constraints for webkit2gtk3:gtk3-soup2 on aarch64 to + avoid slow workers and OOM + +------------------------------------------------------------------- +Mon Nov 7 15:20:15 UTC 2022 - Michael Gorse + +- Update to version 2.38.2 (boo#1205120 boo#1205123 boo#1205124): + + Fix scrolling issues in some sites having fixed background. + + Fix prolonged buffering during progressive live playback. + + Fix the build with accessibility disabled. + + Fix several crashes and rendering issues. + + Security fixes: CVE-2022-42799, CVE-2022-42823, CVE-2022-42824. + +------------------------------------------------------------------- +Mon Oct 24 17:47:17 UTC 2022 - Michael Gorse + +- Update to version 2.38.1: + + Make xdg-dbus-proxy work if host session bus address is an + abstract socket. + + Use a single xdg-dbus-proxy process when sandbox is enabled. + + Fix high resolution video playback due to unimplemented + changeType operation. + + Ensure GSubprocess uses posix_spawn() again and inherit file + descriptors. + + Fix player stucking in buffering (paused) state for progressive + streaming. + + Do not try to preconnect on link click when link preconnect + setting is disabled. + + Fix close status code returned when the client closes a + WebSocket in some cases. + + Fix media player duration calculation. + + Fix several crashes and rendering issues. + + Security fixes: CVE-2022-46691. + +------------------------------------------------------------------- +Fri Sep 16 22:44:55 UTC 2022 - Bjørn Lie + +- Update to version 2.38.0 (boo#1203530 boo#1205121 boo#1205122): + + New media controls UI style. + + Add new API to set WebView’s Content-Security-Policy for web + extensions support. + + Make it possible to use the remote inspector from other + browsers using WEBKIT_INSPECTOR_HTTP_SERVER env var. + + MediaSession is enabled by default, allowing remote media + control using MPRIS. + + Add support for PDF documents using PDF.js. + + Security fixes: CVE-2022-32886, CVE-2022-32888, CVE-2022-32912, + CVE-2022-32923, CVE-2022-42863, CVE-2023-25358, CVE-2023-25360, + CVE-2023-25361, CVE-2023-25362, CVE-2023-25363, CVE-2022-48503, + CVE-2022-32933, CVE-2023-42833. + +------------------------------------------------------------------- +Mon Sep 5 06:25:57 UTC 2022 - Bjørn Lie + +- Update to version 2.37.91: + + Cache and reuse image-based backing stores to improve memory + consumption. + + Fix printing with bubblewrap sandbox enabled. + + Deprecate enable-frame-flattening setting because the + functionality will be removed for 2.40. + + Fix deadlock when disposing player while handling rotation tag. + + Fix several crashes and rendering issues. + + Updated translations. + +------------------------------------------------------------------- +Fri Aug 26 13:40:09 UTC 2022 - Bjørn Lie + +- Update to version 2.37.90: + + Remove libnotify dependency. + + Add support for service worker notifications. + + Add support for loading the notification icon. + + Add support for pac proxy type in WebDriver. + + Fix several crashes and rendering issues. + + Updated translations. +- Changes from version 2.37.1: + + Add initial implementation of WebRTC using GstWebRTC if + GStreamer 1.20 is available, disabled by default via web view + settings. + + Add new API to set WebView’s Content-Security-Policy for web + extensions support. + + Add new API to run async JavaScript functions. + + Expose typed arrays in JavaScriptCore GLib API. + + Add support for PDF documents using PDF.js. + + Show font name and font variant settings in the inspector. + + MediaSession is enabled by default, allowing remote media + control using MPRIS. + + Modernized media controls UI. + + Add Support Google Dynamic Ad Insertion (DAI). + + Add support for capturing encoded video streams from a webcam. + + Make it possible to use the remote inspector from other + browsers using WEBKIT_INSPECTOR_HTTP_SERVER env var. + + Add support for IPv6 in the remote inspector. + + Update form elements style to match libadwaita. + + Fix canvas animations and images with threaded rendering + enabled. + + Switch to use gi-docgen for API documentation instead of + gtk-doc. + + Remove the ATK a11y implementation that has been replaced by + AT-SPI DBus interfaces. + + Fix several crashes and rendering issues. +- Update no-forced-sse.patch with quilt. +- Pass -DENABLE_DOCUMENTATION=OFF to configure, we did not build + the API docs in the past, and I see no reason to start now. +- Drop pkgconfig(libnotify) BuildRequires: No longer needed, nor + used if available. + +------------------------------------------------------------------- +Fri Aug 26 13:40:08 UTC 2022 - Michael Gorse + +- Update to version 2.36.7 (boo#1202807): + - Fix several crashes and rendering issues. + + Security fixes: CVE-2022-32893. + +------------------------------------------------------------------- +Sun Aug 7 14:40:05 UTC 2022 - Andreas Stieger + +- Update to version 2.36.6 + + Fix handling of touchpad scrolling on GTK4 builds + + Fix WebKitGTK not allowing to be used from non-main threads + (boo#1202169) + + Fix several crashes and rendering issues + +------------------------------------------------------------------- +Fri Jul 29 15:09:20 UTC 2022 - Michael Gorse + +- Update to version 2.36.5 (boo#1201980): + + Add support for PAC proxy in the WebDriver implementation. + + Fix video playback when loaded through custom URIs, this fixes + video playback in the Yelp documentation browser. + - Fix WebKitWebView::context-menu when using GTK4. + - Fix LTO builds with GCC. + - Fix several crashes and rendering issues. + + Security fixes: CVE-2022-32792, CVE-2022-32816, CVE-2022-32891. +- Drop webkit2gtk3-fix-build.patch: fixed upstream. + +------------------------------------------------------------------- +Tue Jul 5 15:16:48 UTC 2022 - Michael Gorse + +- Update to version 2.36.4 (boo#1201221): + + Fix the new ATSPI accessibility implementation to add the + missing Collection interface for the loaded document. + + Fix the MediaSession implementation to make the MPRIS object + names more sandbox friendly, which plays better with Flatpak + and WebKit's own Bubblwrap-based sandboxing. + + Fix leaked Web Processes in some particular situations. + + Fix the build with media capture support enabled. + + Fix cross-compilation when targeting 64-bit ARM. + + Fix several crashes and rendering issues. + + Security fixes: CVE-2022-22677, CVE-2022-26710. +- Add webkit2gtk3-fix-build.patch: fix the build. + +------------------------------------------------------------------- +Sun May 29 19:07:38 UTC 2022 - Michael Gorse + +- Update to version 2.36.3 (boo#1200106): + + Support capturing already encoded video streams, which takes + advantage of encoding done in hardware by devices which support + this feature. + + Avoid using experimental GStreamer elements for video demuxing. + + Avoid using the legacy GStreamer VA-API decoding plug-ins, + which often cause rendering issues and are not much maintained. + Their usage can be re-enabled setting + WEBKIT_GST_ENABLE_LEGACY_VAAPI=1 in the environment. + + Fix playback of YouTube streams which use dynamic ad insertion. + + Fix display capture with Pipewire. + + Fix the build without the X11 target when X11 headers are not + present. + + Fix several crashes and rendering issues. + + Security fixes: CVE-2022-26700, CVE-2022-26709, CVE-2022-26716, + CVE-2022-26717, CVE-2022-26719. + +------------------------------------------------------------------- +Fri May 20 16:02:05 UTC 2022 - Michael Gorse + +- Update to version 2.36.2: + + Fix some pages showing empty content boxes when using GTK4. + + Fix the build with accessibility disabled. + + Fix the build with newer Ruby versions. + + Fix several crashes and rendering issues. + +------------------------------------------------------------------- +Mon May 2 08:24:28 UTC 2022 - Martin Liška + +- Remove dependency on binutils-gold as the package will be removed + in the future. Gold linker is unmaintained by the upstream + project. + +------------------------------------------------------------------- +Thu Apr 21 19:05:39 UTC 2022 - Michael Gorse + +- Update to version 2.36.1 (boo#1199287): + + Fix the build with accessibility disabled. + + Fix several crashes and rendering issues. + + Security fixes: CVE-2022-30293. + +------------------------------------------------------------------- +Wed Apr 6 15:12:09 UTC 2022 - Michael Gorse + +- Drop webkit2gtk3-gcc12.patch. It isn't needed anymore, since the + relevant gcc change has been reverted for now. +- Update some minimum version requirements to match cmake checks. +- Remove build requirements on geoclue and libbrotlidec: they are + no longer build-time dependencies. Add geoclue2 to Recommends. + +------------------------------------------------------------------- +Wed Mar 30 18:04:39 UTC 2022 - Michael Gorse + +- Add webkit2gtk3-gcc12.patch: fix the build with gcc 12. + +------------------------------------------------------------------- +Tue Mar 29 11:48:56 UTC 2022 - Bjørn Lie + +- Disabled usage of gold linker for all targets via existing + define. + +------------------------------------------------------------------- +Mon Mar 21 19:45:49 UTC 2022 - Bjørn Lie + +- Update to version 2.36.0 (boo#1198290): + + Add new accessibility implementation using ATSPI DBus + interfaces instead of ATK. + + Add support for requestVideoFrameCallback. + + Change hardware-acceleration-policy setting default value to + always. + + Add support for media session. + + Add new API to set HTTP response information to custom uri + schemes. + + Make user interactive threads (event handler, scrolling, …) + real time in linux. + + Security fixes: CVE-2022-22624, CVE-2022-22628, CVE-2022-22629, + CVE-2022-22662. + +------------------------------------------------------------------- +Mon Feb 28 01:29:27 UTC 2022 - Bjørn Lie + +- Update to version 2.35.90: + + Fix scrolling with the mouse wheel on sites using + overscroll-behavior. + + Suspend web processes after some time in the process cache. + + Fix renderning of horizontal scrollbars with themes enabling + steppers. + + Ensure EGL displays are terminated before web process exits. + + Deinitialize gstreamer before web process exits. + + Make fonts under XDG_DATA_DIRS available in web process sanbox. + + Canonicalize paths passed to bubblewrap launcher. + + Fix several crashes and rendering issues. + + Updated translations. + +------------------------------------------------------------------- +Thu Feb 17 16:14:43 UTC 2022 - Bjørn Lie + +- Update to version 2.35.3: + + Fix a crash at startup when bubblewrap sandbox is enabled. + + Fix a crash when starting a drag an drop on touchscreen. + + Fix several crashes and rendering issues. +- Changes from version 2.35.2: + + Add new accessibility implementation using ATSPI DBus + interfaces instead of ATK. + + Use native GtkWidgets for form validation popups. + + Add support for requestVideoFrameCallback. + + Add support for accent colors. + + Fix pinch zooming from a link to not activate the link. + + Fix kinetic scrolling via touch screen. + + Fix several crashes and rendering issues. +- Changes from version 2.35.1: + + Make user interactive threads (event handler, scrolling, …) + real time in linux. + + Add new API to set HTTP response information to custom uri + schemes. + + Add support for media session. + + Change hardware-acceleration-policy setting default value to + always. + + Fix jsc_value_object_define_property_accessor() to work with + objects not having a wrapped instance. + + Fix several crashes and rendering issues. +- Add gstreamer-plugins-good, gstreamer-plugins-bad and + xdg-desktop-portal-gtk Recommends: Needed for mediaplayback and + features in the mandatory sandbox. +- Add flex BuildRequires: Optional dependency. +- Rebase no-forced-sse.patch: Not sure this makes sense anymore, + we are building for i686, and the number of cpu of that class not + supporting SSE2 can probably be counted on one hand. +- Drop patches fixed upstream: + + fix-warnings.patch + + webkit2gtk3-link-fix.patch + +------------------------------------------------------------------- +Thu Feb 17 16:14:42 UTC 2022 - Michael Gorse + +- Update to version 2.34.6 (boo#1196133): + + Fix accessibility not working when the Bubblewrap sandbox is + enabled. + + Fix rendering of scrollbars when overlay scrollbars are + disabled. + + Fix the build when the X11 support is disabled. + + Fix the build in a number of situations where the main OpenGL + library is not called libGL or libgl, as is the case on + systems that use libglvnd. + + Fix several crashes and rendering issues. + + Security fixes: CVE-2022-22620. + +------------------------------------------------------------------- +Wed Feb 9 18:14:24 UTC 2022 - Michael Gorse + +- Update to version 2.34.5 (boo#1195735): + + Improve VP8 codec selection when using GStreamer 1.20. + + Fix connecting to the accessiblity bus when using the + Bubblewrap sandbox. + + Fix links being incorrectly activated when starting a pinch + zoom gesture. + + Fix touch-based scrolling. + + Fix the build with recent toolchains based on GCC 12 and on + older ones as included e.g. in Ubuntu 18.04. + + Fix the build with ICU 60, version 61 is no longer required. + + Fix several crashes and rendering issues. + + Security fixes: CVE-2022-22589, CVE-2022-22590, CVE-2022-22592. + + Drop webkit2gtk3-gcc12.patch: fixed upstream. + +------------------------------------------------------------------- +Mon Jan 31 22:42:06 UTC 2022 - Bjørn Lie + +- Update constraints for disk space even more, now at 20 gig. + +------------------------------------------------------------------- +Mon Jan 24 21:54:31 UTC 2022 - Michael Gorse + +- Add webkit2gtk3-gcc12.patch: fix the build with gcc 12. +- Require glib2 2.44 to match source. + +------------------------------------------------------------------- +Fri Jan 21 12:58:32 UTC 2022 - Bjørn Lie + +- Update to version 2.34.4 (boo#1195064): + + Fix several crashes and rendering issues. + + This release fixes numerous security issues, including an + especially severe issue that allowed websites to read the names + of IndexedDB databases created by other websites. + + Security fixes: CVE-2021-30934, CVE-2021-30936, CVE-2021-30951, + CVE-2021-30952, CVE-2021-30953, CVE-2021-30954, CVE-2021-30984, + CVE-2022-22594, CVE-2022-22637. + +------------------------------------------------------------------- +Wed Jan 19 15:12:02 UTC 2022 - Frederic Crozat + +- Update _constraints, needs more disk space to build. + +------------------------------------------------------------------- +Tue Dec 21 15:03:42 UTC 2021 - Michael Gorse + +- Update to version 2.34.3 (boo#1194019): + + Make audio tools (like mixers) display the actual name of the + application producing sound, instead of a generic one. + + Fix several crashes and rendering issues. + + Security fixes: CVE-2021-30887, CVE-2021-30890. + +------------------------------------------------------------------- +Tue Dec 14 13:30:29 UTC 2021 - Yifan Jiang + +- Typo fix for %define usegcc10. + +------------------------------------------------------------------- +Tue Dec 14 10:38:41 UTC 2021 - Dominique Leuenberger + +- Introduce usegcc10 %define in order to have the condition + (0%{?sle_version} && 0%{?sle_version} <= 150400) only at one + point. +- Correct a very old "Obsoletes: webkit2gtk3-plugin-process-gtk2" + to be a versioned obsoletes. + +------------------------------------------------------------------- +Tue Dec 14 01:05:29 UTC 2021 - Yifan Jiang + +- Make the earlier Obsoletes: libwebkit2gtk3-lang compliant with: + + https://en.opensuse.org/openSUSE:Upgrade_dependencies_explanation#Renaming_a_package + +------------------------------------------------------------------- +Wed Dec 8 08:07:59 UTC 2021 - Yifan Jiang + +- Add Obsoletes of the old-name -lang package to be ready for + updating from it. This change is necessary for the gtk3-soup2 + flavor. + +------------------------------------------------------------------- +Sat Nov 27 15:20:11 UTC 2021 - Michael Gorse + +- Update to version 2.34.2: + + Fix scrolling issues when pressing Home and PgDown keys. + + Update effective appearance after web process switch on + navigation. + + Fix the build with video disabled. + +------------------------------------------------------------------- +Mon Nov 1 18:14:10 UTC 2021 - Bjørn Lie + +- Add pkgconfig(libavif) BuildRequires and pass USE_AVIF=ON to + cmake, build avif decoding support. + +------------------------------------------------------------------- +Mon Nov 1 17:54:51 UTC 2021 - Michael Gorse + +- Add wayland-protocols to BuildRequires. + +------------------------------------------------------------------- +Tue Oct 26 22:10:23 UTC 2021 - Michael Gorse + +- Add webkit2gtk3-link-fix.patch: taken from upstream, fixes the + build on SLE-15-SP4. +- Use gcc10 package on SLE <= 15-SP4. Gcc 7 is currently the + default there. +- Update gcc-c++ version requirement to match the cmake check. + +------------------------------------------------------------------- +Thu Oct 21 20:07:32 UTC 2021 - Michael Gorse + +- Update to version 2.34.1 (boo#1191937): + + Update user agent browser versions. + + Fix a crash with GTK >= 3.24.30. + + Fix a crash when loading videos on reddit. + + Fix file type detection when application calls + g_desktop_app_info_set_as_default_for_extension() passing html. + + Security fixes: CVE-2021-42762. + +------------------------------------------------------------------- +Wed Sep 29 10:16:33 UTC 2021 - Dominique Leuenberger + +- Add libjavascriptcoregtk-4_0-18 and llibwebkit2gtk-4_0-37 to + baselibs.conf: provide those libraries as multilib version. + +------------------------------------------------------------------- +Wed Sep 29 06:47:28 UTC 2021 - Dominique Leuenberger + +- Rename -lang packages to WebKit2GTK-%{_apiver}, making the + translations between the three flavors co-exist. + +------------------------------------------------------------------- +Wed Sep 22 16:18:00 UTC 2021 - Dominique Leuenberger + +- Update to version 2.34.0 (boo#1192063): + + Fix another regression in JavaScriptCore on 32bit systems. + + Security fixes: CVE-2021-30846, CVE-2021-30851, CVE-2021-30818, + CVE-2021-30823, CVE-2021-30884, CVE-2021-30888, CVE-2021-30889, + CVE-2021-30897, CVE-2021-45481, CVE-2021-45483. + +------------------------------------------------------------------- +Mon Sep 20 02:33:51 UTC 2021 - Michael Gorse + +- Update to version 2.33.91: + + Use the right display refresh monitor for animations in + accelerated compositng mode. + + Fix several issues in JavaScriptCore on 32bit systems. + + Prefer python3 over python2 in CMake. + +------------------------------------------------------------------- +Mon Sep 20 02:33:50 UTC 2021 - Michael Gorse + +- Update to version 2.33.90: + + Show TLS protocol version and ciphersuite name in the + inspector when building with libsoup3. + + Add multi-track support to media backend. + + Avoid strong alias computations in font fallback code. + + Fix deadlock tearing down pipeline when using fallback sink. + + Fix the build with gtk-doc enabled. + + Fix several crashes and rendering issues. +- Add fix-warnings.patch: silence return-type warnings. + +------------------------------------------------------------------- +Mon Sep 20 02:33:05 UTC 2021 - Dominique Leuenberger + +- Add a 3rd flavor: gtk3 with libsoup2 (which retains compatibility + to the olderversions, identified as API version 4.0). + +------------------------------------------------------------------- +Mon Sep 20 02:33:04 UTC 2021 - Dominique Leuenberger + +- Add _multibuild file and enable build of webkit2gtk4. + +------------------------------------------------------------------- +Mon Sep 20 02:33:03 UTC 2021 - Dominique Leuenberger + +- Update to version 2.33.3: + + Add support for display capture. + + Add new API to access/modify capture devices states. + + Add new API to configure the memory pressure handler. + + Add support for client side certifiates authentication. + + Add support color-schemes CSS property. + + Add support for dark scrollbars. + + Keep GtkSettings used by web processes in sync with the + settings set in the UI process. + + Add support for drawing the scrollbars corner. + + Allow to opt-out of GL rendering at runtime for media player. + + Add support for A420 compositing in media player. + + Improve pinch to zoom gesture in accerlerated compositing mode. + + Fix cookies configuration after a network process crash. + + Fix touchscreen navigation swipe when the page scrolls + horizontally. + + Fix rendering of elliptic radial gradients. + + Fix several crashes and rendering issues. + + Updated translations. +- Drop fix-lto.patch: fixed upstream. +- Add pkgconfig(lcms2) BuildRequires: new dependency. +- Replace pkgconfig(libsoup-2.4) BuildRequires with + pkgconfig(libsoup-3.0): Follow upstreams port to Libsoup 3.0. + +------------------------------------------------------------------- +Sun Sep 19 19:00:09 UTC 2021 - Michael Gorse + +- Update to version 2.32.4 (boo#1190701): + + Do not append .asc extension to downloaded text/plain files. + + Fix several crashes and rendering issues. + + Security fixes: CVE-2021-30848, CVE-2021-30849, CVE-2021-30858, + CVE-2021-30809, CVE-2021-30836, CVE-2021-45482. +- Drop fix-lto.patch: fixed upstream. + +------------------------------------------------------------------- +Tue Aug 10 12:10:02 UTC 2021 - Martin Liška + +- Enable LTO by using upstream patch fix-lto.patch. + +------------------------------------------------------------------- +Thu Aug 5 08:27:25 UTC 2021 - Yifan Jiang + +- Drop unneeded patch on Leap and SLE by now: + webkit2gtk3-restore-npapi.patch (bsc#1189105). + +------------------------------------------------------------------- +Thu Jul 29 02:29:40 UTC 2021 - Yifan Jiang + +- Add BuildRequires pkgconfig(glproto) for SLE and Leap which have + not included the new packaging of the relevant headers. + +------------------------------------------------------------------- +Mon Jul 26 15:38:26 UTC 2021 - Michael Gorse + +- Update to version 2.32.3 (boo#1188697): + + Properly set the cookies settings after a network process + crash. + + Fix accessibility tree after a cross site navigation with PSON + enabled. + + Ensure WebKitScriptWorld::window-object-cleared signal is + always emitted. + + Fix several crashes and rendering issues. + + Security fixes: CVE-2021-21775, CVE-2021-21779, CVE-2021-30663, + CVE-2021-30665, CVE-2021-30689, CVE-2021-30720, CVE-2021-30734, + CVE-2021-30744, CVE-2021-30749, CVE-2021-30795, CVE-2021-30797, + CVE-2021-30799. +- Fix webkit2gtk3-restore-npapi.patch to install the plugin + process. +- Disable WPE renderer: our FDO backend is now too old. + +------------------------------------------------------------------- +Mon Jul 19 18:36:42 UTC 2021 - Michael Gorse + +- Update to version 2.32.2: + + Improve calculation of initial WebKitWebView size. + + Fix kinetic scrolling on touchpad with async scrolling off. + + Fix a crash on empty drag operation in X11. + + Fix rendering on HiDPI /4k screen and scaling. + + Handle null native surface for for surfaceless rendering. + + Fix JavaScriptCore crash on 32-bit big endian systems. + + Fix several crashes and rendering issues. + + Security fixes: CVE-2021-30758. + +------------------------------------------------------------------- +Wed May 19 01:10:34 UTC 2021 - Michael Gorse + +- Update to version 2.32.1: + + Support building against the Musl C library. + + Support building against ICU version 69 or newer. + + Improve handling of Media Capture devices. + + Improve WebAudio playback. + + Improve video orientation handling. + + Improve seeking support for MSE playback. + + Improve flush support in EME decryptors. + + Fix HTTP status codes for requests done through a custom URI + handler. + + Fix the Bubblewrap sandbox in certain 32-bit systems. + + Fix inconsistencies between the WebKitWebView.is-muted property + state and values returned by + webkit_web_view_is_playing_audio(). + + Fix the build with ENABLE_VIDEO=OFF. + + Fix wrong timestamps for long-lived cookies. + + Fix UI process crash when failing to load favicons. + + Fix several crashes and rendering issues. + + Updated translations. +- Drop webkit2gtk3-icu69.patch: fixed upstream. + +------------------------------------------------------------------- +Wed Apr 28 06:41:41 UTC 2021 - Dominique Leuenberger + +- Add webkit2gtk3-icu69.patch: Fix build with ICU 69: + + ICU 69 deprecates ubrk_safeClone in favor of ubrk_clone. + +------------------------------------------------------------------- +Mon Apr 12 17:44:57 UTC 2021 - Michael Gorse + +- Per discussion with maintenance, let's not remove features that + customers could possibly be using: +- Add webkit2gtk3-restore-npapi.patch: restore NPAPI plugin + support. Reverts webkit#215503. + +------------------------------------------------------------------- +Tue Apr 6 18:25:11 UTC 2021 - Michael Gorse + +- Update to version 2.32.0 (boo#1184155): + + Fix the authentication request port when URL omits the port. + + Fix iframe scrolling when main frame is scrolled in async + scrolling mode. + + Stop using g_memdup. + + Show a warning message when overriding signal handler for + threading suspension. + - Fix the build on RISC-V with GCC 11. + - Fix several crashes and rendering issues. + + Security fixes: CVE-2021-1788, CVE-2021-1844, CVE-2021-1871 + + Changes in version 2.30.6 (boo#1184262): + + Update user agent quirks again for Google Docs and Google Drive. + + Fix several crashes and rendering issues. + + Security fixes: CVE-2020-27918, CVE-2020-29623, CVE-2021-1765, + CVE-2021-1789, CVE-2021-1799, CVE-2021-1801, CVE-2021-1870. +- Remove webkit-font-scaling.patch: contained in upstream +- Drop original SLE 15 support from the spec. Drop + webkit-process.patch and old-wayland-scanner.patch; they are not + needed for SP2. +- Pass ENABLE_GAMEPAD=OFF to cmake, since we don't have manette. +- Add glproto-devel to BuildRequires: now needed for the build on + SLE 15. + +------------------------------------------------------------------- +Fri Apr 2 17:34:41 UTC 2021 - Michael Gorse + +- Update to version 2.32.0 (boo#1184155): + + Fix the authentication request port when URL omits the port. + + Fix iframe scrolling when main frame is scrolled in async + scrolling mode. + + Stop using g_memdup. + + Show a warning message when overriding signal handler for + threading suspension. + - Fix the build on RISC-V with GCC 11. + - Fix several crashes and rendering issues. + + Security fixes: CVE-2021-1788, CVE-2021-1844, CVE-2021-1871, + CVE-2021-30682. +- Drop old-wayland-scanner.patch and webkit-process.patch, and also + drop support for Leap 15.0 and 15.1, since they are no longer + supported. + +------------------------------------------------------------------- +Tue Mar 23 02:31:51 UTC 2021 - Michael Gorse + +- Update to version 2.31.91: + + Make WebKitSecurityOrigin a simple data store for and deprecate webkit_security_origin_is_opaque(). + + Fix user agent again to work on several google websites. + + Fix web view url on web process terminate signals. + + Fix preferred language overrides sent to the web process. + + Fix the build in i386. + + Translation updates: Simplified Chinese. +- Drop webkitgtk-i586-build-fix.patch: fixed upstream. +- Disable webkit-process.patch: needs to be rebased or dropped. + +------------------------------------------------------------------- +Mon Mar 22 02:31:51 UTC 2021 - Michael Gorse + +- Add webkitgtk-i586-build-fix.patch: fix build on i586 + (webkit#222480). + +------------------------------------------------------------------- +Mon Mar 22 02:31:50 UTC 2021 - Michael Gorse + +- Update to version 2.31.90: + + Add permission request API for MediaKeySystem access. + + Fix rendering when using opacity filters on hardware + accelerated layers. + + Fix flatpak-spawn subsandbox to not clear environment + variables. + + Ensure a URI scheme handler can't be registered multiple times. + + Fix several crashes and rendering issues. + + The minimum required GStreamer version is now 1.14. + + CEA-608 closed captions support (requires + WEBKIT_GST_USE_PLAYBIN3=1 environment variable). + - Advertise CBCS decryption and VP9 support in Thunder. + - Advertise DASH as supported in the media player. + - Improved support for playbin3. + - Translation updates: Ukrainian. +- Up required gstreamer and gtk3 versions. + +------------------------------------------------------------------- +Mon Mar 22 02:31:01 UTC 2021 - Callum Farmer + +- Update to version 2.31.1: + + Remove support for NPAPI plugins. + + Enable the web process cache when PSON is enabled too. + + TLS errors and proxy settings APIs have been moved from + WebKitContext to WebKitWebsiteDataManager. + + Add new API to remove individual scripts/stylesheets using + WebKitUserContentManager. + + Correctly apply the system font scaling factor. + + Show main loop frames information in the web inspector. +- Remove webkit-font-scaling.patch: contained in upstream +- New build requirement: pkgconfig(manette-0.2). + +------------------------------------------------------------------- +Sun Mar 21 20:33:09 UTC 2021 - Michael Gorse + +- Update to version 2.30.6 (boo#1184262): + + Update user agent quirks again for Google Docs and Google Drive. + + Fix several crashes and rendering issues. + + Security fixes: CVE-2020-27918, CVE-2020-29623, CVE-2021-1765 + CVE-2021-1789, CVE-2021-1799, CVE-2021-1801, CVE-2021-1870, + CVE-2021-21806. + +------------------------------------------------------------------- +Fri Feb 19 07:45:12 UTC 2021 - Guillaume GARDET + +- Update _constraints for armv6/armv7 (bsc#1182719) + +------------------------------------------------------------------- +Sat Feb 13 18:06:17 UTC 2021 - Michael Gorse + +- Update to version 2.30.5 (boo#1182286): + + Bring back the WebKitPluginProcess installation that was + removed by mistake. + + Fix RunLoop objects leaked in worker threads. + + Fix aarch64 llint build with JIT disabled. + + Use Internet Explorer quirk for Google Docs. + + Security fixes: CVE-2020-13558. +- Drop gir-multilib.patch: fixed upstream. + +------------------------------------------------------------------- +Wed Jan 20 10:47:33 UTC 2021 - Bjørn Lie + +- Add gir-multilib.patch: Fix multilib conflict in gir files. +- Disable gold linker for ppc64le + +------------------------------------------------------------------- +Tue Jan 19 19:12:53 UTC 2021 - Atri Bhattacharya + +- Add webkit-font-scaling.patch: Fix system font scaling not + applied to 'font-size: XXXpt'; patch taken from upstream and + rebased to apply cleanly + (https://bugs.webkit.org/show_bug.cgi?id=218450). +- Pass `-q` to setup to disable printing long list of files + extracted from source tarball. + +------------------------------------------------------------------- +Tue Dec 15 14:06:42 UTC 2020 - Dominique Leuenberger + +- Update to version 2.30.4: + + Fix text data sent with WebSockets when using libsoup < 2.68. + + Fix the rendering on Raspberry Pi 3 using the proprietary video + driver. + + Fix clipping of descedant layers of a mask layer. + + Fix the build with ICU 68.1. +- Drop upstream merged patch: + + 0001-ICU-68.1-no-longer-exposes-FALSE-and-TRUE-macros-by-.patch + +------------------------------------------------------------------- +Thu Dec 3 22:23:20 UTC 2020 - Michael Gorse + +- Add old-wayland-scanner.patch for 15.0/15.1: support older + wayland-scanner. Also renumber patches to group + 15.0/15.1-specific patches together. +- Have the libwebkit2gtk package require libjavascriptcoregtk of + the same version (boo#1171531). + +------------------------------------------------------------------- +Wed Dec 2 13:36:15 UTC 2020 - Dominique Leuenberger + +- 0001-ICU-68.1-no-longer-exposes-FALSE-and-TRUE-macros-by-.patch: + ICU 68.1 no longer exposes FALSE and TRUE macros by default. + +------------------------------------------------------------------- +Sun Nov 22 16:37:46 UTC 2020 - Michael Gorse + +- Update to version 2.30.3 (boo#1179122 boo#1179451): + + Add new build option USE(64KB_PAGE_BLOCK). + + Fix backdrop filters with rounded borders. + + Fix scrolling iframes when async scrolling is enabled. + + Allow applications to handle drag and drop on the web view + again. + + Update Outlook user agent quirk. + + Fix the build with video support disabled. + + Fix several crashes and rendering issues. + + Security fixes: CVE-2020-13584, CVE-2020-9983, CVE-2020-13543. +- Drop webkit2gtk3-fdo-soname.patch: fixed upstream. +- Rebase webkit-process.patch. + +------------------------------------------------------------------- +Fri Oct 23 09:35:30 UTC 2020 - Dominique Leuenberger + +- Update to version 2.30.2: + + Fix scrolling when smooth scrolling is enabled in async + scrolling mode. + + Fix WebSocket requests with same-site cookies. + + Fix TLS certificate information for service workers. + + Handle chassis type when its value is quoted. + + Fix the build with ENABLE_MEDIA_STREAM enabled and + ENABLE_WEB_RTC_DISABLED. + + Fix the build with ENABLE_GAMEPAD enabled. + + Fix several crashes and rendering issues. + +------------------------------------------------------------------- +Wed Sep 30 19:03:18 UTC 2020 - Michael Gorse + +- Enable c_loop on aarch64: currently needed for compilation to + succeed with JIT disabled. Also disable sampling profiler, since + it conflicts with c_loop (boo#1177087). + +------------------------------------------------------------------- +Tue Sep 22 01:34:43 UTC 2020 - Michael Gorse + +- Update to version 2.30.1: + + Bring back the environment variable to force single process + mode when PSON is disabled. + + Fix downloads started by an ephemeral web context. + + Updated translations. + +------------------------------------------------------------------- +Mon Sep 14 23:28:52 UTC 2020 - Michael Gorse + +- Update to version 2.30.0: + + Fix NTLM authentication. + + Don't try to use SHM on wayland with older wpebackend-fdo. + + Fix the build due to seccomp.h header not found. + + Security fixes: CVE-2020-9947, CVE-2020-9948, CVE-2020-9951, + CVE-2021-1817, CVE-2021-1820, CVE-2021-1825, CVE-2021-1826, + CVE-2021-30661. +- Drop seccomp-build-fix.patch and wpe-shm-check.patch: fixed + upstream. + +------------------------------------------------------------------- +Mon Sep 7 22:24:27 UTC 2020 - Michael Gorse + +- Add wpe-shm-check.patch: make SHM initialization fail for + wpebackend-fdo < 1.7.0. + +------------------------------------------------------------------- +Sun Sep 6 16:36:23 UTC 2020 - Michael Gorse + +- Add seccomp-build-fix.patch: pass seccomp include directory to + g++. +- Re-enable bubblewrap sandbox for SLE-15-SP2 and Tumbleweed. + +------------------------------------------------------------------- +Sat Sep 5 15:26:46 UTC 2020 - Dominique Leuenberger + +- Update to version 2.29.92: + + Fix user agent header after a redirect when a new quirk is + required. + + Stop using firefox user agent quirk for google docs. + + Fix rendering frames timeline panel in web inspector. + + Fix per-thread cpu usage in web inspector. + + Fix several crashes and rendering issues. +- Changes from version 2.29.91: + + Fix a web process crash introduced in 2.29.90. +- Changes from version 2.29.90: + + Fix font variation settings when font smoothing setting is also + present. + + Fix HTML drag and drop operations. + + Fix argument order for clone syscall seccomp filter on s390x. + + Fix a crash when selecting text. + + Fix several crashes and rendering issues. +- Changes from version 2.29.4: + + Add support for backdrop filters. + + Add support for text-underline-offset and + text-decoration-thickness. + + Add OpenCDM and AV1 support to media backend. + + Add new API to get ITP data summary. + + Use mobile user-agent on tablets. + + Fix several crashes and rendering issues. +- Changes from version 2.29.3: + + Add webkit_authentication_request_get_security_origin. + + Change the cookies accept policy to always when no-third-party + is set and ITP is enabled. + + Fix web process hangs on large GitHub pages. + + Bubblewrap sandbox should not attempt to bind empty paths. + + Add support for sndio to bubblewrap sandbox. + + Also handle dark themes when the name ends with -Dark. + + Fix a race condition causing a crash in media player. + + Fix several crashes and rendering issues. +- Changes from version 2.29.2: + + Add Intelligent Tracking Prevention (ITP) support. + + Add support for video formats in img elements. + + Add API to handle video autoplay policy that now defaults to + disallow autoplay videos with audio. + + Add API to mute a web view. + + Add API to allow applications to handle the HTTP authentication + credential storage. + + Add a WebKitSetting to set the media content types requiring + hardware support. + + Fix a crash during drag an drop due to a bug introduced in + 2.29.1. + + Do not start page load during animation in back/forward + gesture. + + Fix several crashes and rendering issues. +- Changes from version 2.29.1: + + Stop using GTK theming to render form controls. + + Add API to disable GTK theming for scrollbars too. + + Fix several race conditions and threading issues in the media + player. + + Add USER_AGENT_BRANDING build option. + + Add paste as plain text option to the context menu for rich + editable content. + + Fix several crashes and rendering issues. + + Updated translations. +- Rebase webkit2gtk3-fdo-soname.patch. +- Add pkgconfig(libsystemd) BuildRequires: new dependency. + +------------------------------------------------------------------- +Thu Aug 6 08:22:08 UTC 2020 - Jan Engelhardt + +- Add no-forced-sse.patch, cure execution of illegal instruction + in i586 firefox. + +------------------------------------------------------------------- +Wed Jul 29 15:18:24 UTC 2020 - Michael Gorse + +- Update to version 2.28.4 (boo#1174662): + + Fix several crashes and rendering issues. + + Security fixes: CVE-2020-9862, CVE-2020-9893, CVE-2020-9894, + CVE-2020-9895, CVE-2020-9915, CVE-2020-9925. + +------------------------------------------------------------------- +Fri Jul 10 12:08:05 UTC 2020 - Bjørn Lie + +- Update to version 2.28.3 (boo#1173998): + + Enable kinetic scrolling with async scrolling. + + Fix web process hangs on large GitHub pages. + + Bubblewrap sandbox should not attempt to bind empty paths. + + Fix threading issues in the media player. + + Fix several crashes and rendering issues. + + Security fixes: CVE-2020-9802, CVE-2020-9803, CVE-2020-9805, + CVE-2020-9806, CVE-2020-9807, CVE-2020-9843, CVE-2020-9850, + CVE-2020-13753, CVE-2020-9952. + +------------------------------------------------------------------- +Mon Apr 27 15:27:49 UTC 2020 - Bjørn Lie + +- Update to version 2.28.2 (boo#1170643): + + Fix excessive CPU usage due to GdkFrameClock not being stopped. + + Fix UI process crash when EGL_WL_bind_wayland_display extension + is not available. + + Fix position of select popup menus in X11. + + Fix playing of Youtube 'live stream'/H264 URLs. + + Fix a crash under X11 when cairo uses xcb. + + Fix the build in MIPS64. + + Fix several crashes and rendering issues. + + Security fixes: CVE-2020-3899. + +------------------------------------------------------------------- +Wed Apr 15 05:39:04 UTC 2020 - Bjørn Lie + +- Update to version 2.28.1 (boo#1169658): + + Fix position of default option element popup windows under + Wayland. + + Fix rendering after a cross site navigation with PSON enabled + and hardware acceleration forced. + + Fix a crash in nested wayland compositor when closing a tab + with PSON enabled. + + Update Chrome and Firefox versions in user agent quirks. + + Fix a crash with bubblewrap sandbox enabled. + + Fix a crash in JavaScriptCore in ppc64el. + + Fix the build with GStreamer 1.12. + + Fix several crashes and rendering issues. + + Security fixes: CVE-2020-11793. +- Drop webkit2gtk3-gstreamer-build-fix.patch: Fixed upstream. + +------------------------------------------------------------------- +Thu Apr 2 19:53:27 UTC 2020 - Michael Gorse + +- Add webkit2gtk3-gstreamer-build-fix.patch: fix build with + gstreamer 1.12 (webkit#209296). +- Rebase webkit-process.patch. +- Use WebKit defaults for ENABLE_JIT and USE_SYSTEM_MALLOC, except + for aarch64. WebKit now sets reasonable defaults based on + architecture. Disable on aarch64 in case a user is still using + the kernel-64kb package. +- Use bubblewrap, xdg-dbus-proxy, wpe, and wpebackend-fdo on 15.2; + they had been unintentionally excluded. +- Increase mem_per_process; otherwise fails on SLE/Leap. + +------------------------------------------------------------------- +Thu Mar 12 12:10:03 UTC 2020 - Bjørn Lie + +- Update to version 2.28.0 (boo#1165528): + + Add API to enable Process Swap on (Cross-site) Navigation. + + Add user messages API for the communication with the web + extension. + + Add support for same-site cookies. + + Service workers are enabled by default. + + Add support for Pointer Lock API. + + Add flatpak sandbox support. + + Make ondemand hardware acceleration policy never leave + accelerated compositing mode. + + Always use a light theme for rendering form controls. + + Add about:gpu to show information about the graphics stack. + + Security fixes: CVE-2020-10018, CVE-2020-3885, CVE-2020-3894, + CVE-2020-3895, CVE-2020-3897, CVE-2020-3900, CVE-2020-3901, + CVE-2020-3902, CVE-2021-30762. +- Drop webkit2gtk3-ppc-build-fix.patch: Fixed upstream. + +------------------------------------------------------------------- +Fri Feb 28 09:19:47 UTC 2020 - Bjørn Lie + +- Disable webkit-process.patch: Needs rebase, and furthermore it + should not be applied for Leap 15.2 as it is today. + +------------------------------------------------------------------- +Thu Feb 27 19:14:05 UTC 2020 - Bjørn Lie + +- Update to version 2.27.91: + + Update user agent quirks to fix the unsupported browser message + in several google services. + + Fix several compile warnings with GCC 10. + + Fix the build with GCC 10. + + Fix several crashes and rendering issues. + + Updated translations. + +------------------------------------------------------------------- +Tue Feb 18 21:31:17 UTC 2020 - Michael Gorse + +- Add webkit2gtk3-ppc-build-fix.patch: fix ppc64le build failure on + SLE 15. + +------------------------------------------------------------------- +Fri Feb 14 11:10:04 UTC 2020 - Bjørn Lie + +- Update to version 2.27.90: + + Add support for same-site cookies. + + Add flatpak sandbox support. + + Enable WebAudio and WebGL by default in WebKitSettings. + + Add a setting to disallow top level navigation to a data URI. + + Add support for the -webkit-font-smoothing CSS property. + + Always use a light theme for rendering form controls. + + Stop making the Web Inspector windows transient. + + Ensure mouse cursor is hidden during fullscreen video playback. + + Add support for inspecting service workers to the remote + inspector. + + Fix several crashes and rendering issues. +- Changes from version 2.27.4: + + Add API for input methods. + + Add API to serialize/deserialize a JSCValue to/from a JSON + string. + + Add support for strict secure cookies. + + Add support for saving data from remote inspector. + + Make ondemand hardware acceleration policy never leave + accelerated compositing mode. + + Fix rendering of conic gradients in high resolution displays. + + Fix special combination characters not respecting the keystroke + order when high CPU load. + + Honor the IndexedDB directory set in WebsiteDataManager. + + Fix rendering of text when there’s an initial advance in the + text run. + + Fix web process crash when displaying a KaTeX formula. + + Fix network process crash with PSON enabled. + + Fix several crashes and rendering issues. +- Changes from version 2.27.3: + + Add support for Pointer Lock API. + + Improve performance when falling back to system fonts. + + Stop using DBus for the remote inspector implementation to + improve the performance of both WebDriver and remote inspector. + + Implement support for new ARIA roles: code, strong, emphasis, + generic. + + Fix handling of content type with new custom protocols + implementation. + + Make image decoders fully thread safe. + + Add support for get page source command in WebDriver. + + Add support for network proxy capabilities in WebDriver. + + Add support for new window command in WebDriver. + + Fix several crashes and rendering issues. + + Updated translations. +- Changes from version 2.27.2: + + Add user messages API for the communication with the web + extension. + + Enable service workers by default. + + Add support for saving data in Web Inspector. + + More navigation gesture improvement. + + Fix the build with WebDriver disabled. + + Show also client EGL extensions in about:gpu. + + Disable accelerated compositing when we fail to initialize the + EGL dispaly under Wayland. + + Fix several crashes and rendering issues. +- Changes from version 2.27.1: + + Enable async scrolling when accelerating compositing policy is + ‘always’. + + Add about:gpu to show information about the graphics stack. + + Add API to enable Process Swap on (Cross-site) Navigation, that + is now disabled by default. + + Add WebKitWebView:page-id property. + + Improve swipe navigation gesture style. + + Fix several crashes and rendering issues. +- Rebase webkit2gtk3-fdo-soname.patch. + +------------------------------------------------------------------- +Fri Feb 14 11:10:03 UTC 2020 - Bjørn Lie + +- Update to version 2.26.4 (boo#1163809): + + Always use a light theme for rendering form controls. + + Fix the build with WPE renderer disabled. + + Fix the build with OpenGL disabled. + + Fix the build with GCC 10. + + Fix several crashes and rendering issues. + + Security fixes: CVE-2020-3862, CVE-2020-3864, CVE-2020-3865, + CVE-2020-3867, CVE-2020-3868. + +------------------------------------------------------------------- +Sat Jan 25 14:21:01 UTC 2020 - Dominique Leuenberger + +- No longer recommend -lang: supplements are in use + +------------------------------------------------------------------- +Wed Jan 22 11:44:30 UTC 2020 - Bjørn Lie + +- Update to version 2.26.3 (boo#1161719): + + Fix issues while trying to play a video on NextCloud. + + Make sure the GL video sink uses a valid WebKit shared GL + context. + + Fix vertical alignment of text containing arabic diacritics. + + Fix build with icu 65.1. + + Fix page loading errors with websites using HSTS. + + Fix web process crash when displaying a KaTeX formula. + + Fix several crashes and rendering issues. + + Security fixes: CVE-2019-8835, CVE-2019-8844, CVE-2019-8846. +- Drop webkit2gtk3-icu-build-fix.patch: Fixed upstream. + +------------------------------------------------------------------- +Thu Dec 19 21:50:10 UTC 2019 - Bjørn Lie + +- Start using webkitgtk default gigacage malloc via passing + USE_SYSTEM_MALLOC=OFF to cmake. + +------------------------------------------------------------------- +Thu Dec 19 15:36:37 UTC 2019 - Michael Gorse + +- Add webkit-process.patch: use single web process for evolution + and geary on 15.0 (boo#1159329 glgo#GNOME/evolution#587). + +------------------------------------------------------------------- +Mon Nov 11 22:31:54 UTC 2019 - Michael Gorse + +- Add webkit2gtk3-icu-build-fix.patch: fix build with icu 65.1. + +------------------------------------------------------------------- +Thu Nov 7 16:38:56 UTC 2019 - Michael Gorse + +- Only use wpe and xdg-dbus-proxy/bubblewrap for TW and + SLE-15-SP2 / leap 15.2. +- Don't pass -DENABLE_BUBBLEWRAP_SANDBOX=ON; it is on by default. +- Remove conditionals for EOL versions of openSUSE. +- Always build with python3; remove the conditional. + +------------------------------------------------------------------- +Wed Nov 6 16:26:43 UTC 2019 - Bjørn Lie + +- Update to version 2.26.2 (boo#1156318): + + Improve performance of querying system fallback fonts. + + Don't use prgname in dbus-proxy socket path. + + Fix thread-safety issues in image decoders. + + Fix the build with WebDriver disabled. + + Disable accelerated compositing when we fail to initialize the + EGL dispaly under Wayland. + + Fill the objects category in emoji picker. + + Fix several crashes and rendering issues. + + Security fixes: CVE-2019-8812, CVE-2019-8814. + +------------------------------------------------------------------- +Thu Sep 26 10:03:59 UTC 2019 - Bjørn Lie + +- Enable sandbox again (pass -DENABLE_BUBBLEWRAP_SANDBOX=ON to + cmake). +- Move bubblewrap and xdg-dbus-proxy Requires from main package to + main library package libwebkit2gtk-4_0-37, they are needed at + runtime, and there is no webkit2gtk3 package that we can install. + +------------------------------------------------------------------- +Mon Sep 23 15:24:34 UTC 2019 - Bjørn Lie + +- Update to version 2.26.1: + + Fix MSE media player with GStreamer 1.14. + + Fix HTML alternate loads never finishing. + + Fix web view initialization delay on fisrt load. + + Validate user agent string set via API. + + Fix a crash when a web view is destroyed with accelerated + compositing mode enabled. + + Fix EGL initialization with newer versions of Mesa. + + Do not enable the sandbox inside docker. + + Fix several crashes and rendering issues. + + Security fixes: CVE-2019-8783, CVE-2019-8811, CVE-2019-8813, + CVE-2019-8816, CVE-2019-8819, CVE-2019-8820, CVE-2019-8823. + +------------------------------------------------------------------- +Thu Sep 19 16:44:45 UTC 2019 - Michael Gorse + +- Add webkit2gtk3-fdo-soname.patch: don't try to open WPE backend + with an unversioned soname. + +------------------------------------------------------------------- +Tue Sep 17 14:42:14 UTC 2019 - Michael Gorse + +- Enable pkgconfig(wpe-1.0) and pkgconfig(wpebackend-fdo-1.0) + BuildRequires and stop passing DUSE_WPE_RENDERER=OFF to cmake. + +------------------------------------------------------------------- +Thu Sep 12 21:09:23 UTC 2019 - Bjørn Lie + +- Test disable sandbox, does this fix epiphany? + (pass -DENABLE_BUBBLEWRAP_SANDBOX=OFF to cmake). + +------------------------------------------------------------------- +Mon Sep 9 09:59:58 UTC 2019 - Bjørn Lie + +- Update to version 2.26.0 (boo#1155321): + + Add support for subprocess sandboxing. + + Add support for HSTS (HTTP Strict Transport Security). + + Use libwpe with fdo backend to implement accelerated + compositing under wayland. + + Remove support for GTK2 NPAPI plugins. + + Add support for datalist element in text input fields. + + Show the emoji chooser popover for editable content. + + Improve rendering of form controls when GTK theme is dark. + + Fix rendering artifacts in youtube volume button and github + comment box. + + Single process model has been deprecated for security reasons. + + Security fixes: CVE-2019-8625, CVE-2019-8720, CVE-2019-8769, + CVE-2019-8771, CVE-2019-8710, CVE-2019-8743, CVE-2019-8764, + CVE-2019-8766, CVE-2019-8782, CVE-2019-8808, CVE-2019-8815, + CVE-2021-30666, CVE-2021-30761. + +------------------------------------------------------------------- +Tue Sep 3 12:11:49 UTC 2019 - Bjørn Lie + +- Update to version 2.25.92: + + Add WEBKIT_USE_SINGLE_WEB_PROCESS environment variable to force + single process model in all WebKitWebContext. This is a + temporary solution for applications still depending on the + single process mode behavior. It will be only available in 2.26 + series. + + Add new API to remove a filter from an user content manager + given its identifier. + + Add support for HSTS. + + Several improvements and bug fixes in MSE media player. + + Fix building without unified sources. + + Fix several crashes and rendering issues. + + Updated translations. + +------------------------------------------------------------------- +Fri Aug 30 11:25:04 UTC 2019 - Bjørn Lie + +- Disable pkgconfig(wpe-1.0) and pkgconfig(wpebackend-fdo-1.0) + BuildRequires and pass DUSE_WPE_RENDERER=OFF to cmake. Needs more + work upstream. + +------------------------------------------------------------------- +Fri Aug 30 02:25:04 UTC 2019 - Bjørn Lie + +- Update to version 2.25.4: + + Switch to use libsoup WebSockets API. + + Add support for permessage-deflate WebSocket extension. + + Add support for datalist element in text input fields. + + Fix a crash with empty video source. + + Fix several crashes and rendering issues. + +------------------------------------------------------------------- +Fri Aug 30 02:25:03 UTC 2019 - Bjørn Lie + +- Update to version 2.25.3: + + Remove support for GTK2 NPAPI plugins. + + Fix web view updates after swapping web process if accelerated + compositing mode is forced. + + Make kinetic scrolling work again. + + Fix position of emoji chooser when page is scrolled. + + Fix web process deadlock when scrolling twitter timeline which + contains HLS videos. + + Make navigation gesture use dark fallback background color + color on dark themes. + + Make Previous/Next gesture work in RTL mode. + + Support cancelling touchscreen back/forward gesture. + + Add user agent quirk to make github work in FreeBSD. + + Fix content disappearing when using CSS transforms. + + Fix some radio streams that could not be played. + + Fix video pause that sometimes caused to skip to finish. + + Fix volume level changes when playing a video. + + Fix several crashes and rendering issues. +- Changes from version 2.25.2: + + Enable process switch on cross site navigation. + + Use libwpe with fdo backend to implement accelerated + compositing under wayland. + + Fix rendering artifacts in youtube volume button. + + Fix trapezoid artifact in github comment box. + + Ensure web extensions directory is readable when sandbox is + enabled. + + Fix the executable name of WebDriver process, renamed by + mistake in 2.25.1. + + Enable hyperlink auditing setting by default. + + Remove the option to build without using the redirected + XComposite window. + + Fix HLS streams being slow to start. + + Make accessibility work when sandbox is enabled. + + Fix several crashes and rendering issues. +- Changes from version 2.25.1: + + Add support for subprocess sandboxing. + + Add API to get the web process unique identifier of a + WebKitFrame. + + Add WebKitWebPage::did-associate-form-controls-for-frame signal + and deprecate did-associate-form-controls. + + Implement AtkComponentIface scroll_to methods. + + Improve rendering of form controls when GTK theme is dark and + enable prefers-color-scheme media query. + + Show the emoji chooser popover for editable content. + + Fix touch capabilities detection for websites checking touch + events properties present in window or pointer media queries. + + Fix several crashes and rendering issues. +- Drop webkit2gtk3-bwo197558-hang.patch: Fixed upstream. +- Add pkgconfig(wpe-1.0) and pkgconfig(wpebackend-fdo-1.0) + BuildRequires: New dependencies. +- Enable bubblewrap, xdg-dbus-proxy and pkgconfig(libseccomp) + BuildRequires as well as bubblewrap and xdg-dbus-proxy Requires: + Sandbox feature is enabled again. +- Drop conditional pkgconfig(gtk+-2.0) BuildRequires and + webkit2gtk3-plugin-process-gtk2 sub-package, support for gtk2 + plugins are now dropped upstream. Add Obsoletes in libwebkit2gtk. + +------------------------------------------------------------------- +Wed Aug 28 12:40:21 UTC 2019 - Bjørn Lie + +- Update to version 2.24.4 (boo#1148931): + + Updated the user agent string to make happy certain websites + which would claim that the browser being used was unsupported. + + Improve loading of multimedia streams to avoid memory + exhaustion due to excessive caching. + + Fix display of documents with MIME type application/xml in the + Web Inspector, when loaded using XmlHttpRequest. + + Fix a hang while scrolling certain websites which include HLS + video content (Twitter, for example). + + Fix rounding artifacts in volume levels for media playback. + + Fix several crashes and rendering issues. + + Fix the build with video track support disabled. + + Fix the build with OpenGL support disabled. + + Fix build issue which would cause media controls to disappear + when Python 3.x was used during the build process. + + Security fixes: CVE-2019-8644, CVE-2019-8649, CVE-2019-8658, + CVE-2019-8669, CVE-2019-8678, CVE-2019-8680, CVE-2019-8683, + CVE-2019-8684, CVE-2019-8688, CVE-2019-8674, CVE-2019-8707, + CVE-2019-8719, CVE-2019-8733, CVE-2019-8763, CVE-2019-8765, + CVE-2019-8821, CVE-2019-8822. +- Drop webkit2gtk3-bwo197558-hang.patch: Fixed upstream. + +------------------------------------------------------------------- +Sun Jul 14 14:21:58 UTC 2019 - Rich Coe + +- Add webkit2gtk3-bwo197558-hang.patch for hang (bwo#197558) + +------------------------------------------------------------------- +Mon Jul 8 16:50:58 UTC 2019 - mgorse@suse.com + +- Drop webkit2gtk3-boo1088932-a11y-state-set.patch: fixed upstream. + +------------------------------------------------------------------- +Tue Jul 2 11:17:11 UTC 2019 - Bjørn Lie + +- Update to version 2.24.3: + + Deprecate WebSQL APIs. + + Make Previous/Next gesture work in RTL mode. + + Fix content disappearing when using CSS transforms. + + Fix rendering artifacts in youtube volume button. + + Fix trapezoid artifact in github comment box. + + Fix video pause that sometimes caused to skip to finish. + + Fix volume level changes when playing a video. + + Fix HLS streams being slow to start. + + Fix some radio streams that could not be played. + + Fix the build with older versions of GStreamer. + + Fix the build with video and audio disabled. + + Fix several crashes and rendering issues. + + Security fixes: CVE-2019-8666, CVE-2019-8673, CVE-2019-8676, + CVE-2019-8681, CVE-2019-8687, CVE-2019-8689, CVE-2019-8690, + CVE-2019-8726. + + Updated translations. +- Drop upstream fixed patches: + + webkit2gtk3-bug196440-build-fix.patch. + + webkit2gtk3-bug198080-build-fix.patch. + +------------------------------------------------------------------- +Sat Jun 22 18:34:57 UTC 2019 - mgorse@suse.com + +- Add webkit2gtk3-bug196440-build-fix.patch and + webkit2gtk3-bug198080-build-fix.patch: fix build failures on + SLE/Leap 15 and SLE 12. + +------------------------------------------------------------------- +Fri May 24 08:00:33 UTC 2019 - Bjørn Lie + +- Update to version 2.24.2 (boo#1135715): + + Fix rendering of emojis copy-pasted from GTK emoji chooser. + + Fix space characters not being rendered with some CJK fonts. + + Fix adaptive streaming playback with older GStreamer versions. + + Set a maximum zoom level for pinch zooming gesture. + + Fix navigation gesture to not interfere with scrolling. + + Fix SSE2 detection at compile time, ensuring the right flags + are passed to the compiler. + + Fix several crashes and rendering issues. + + Security fixes: CVE-2019-8595, CVE-2019-8607, CVE-2019-8615, + CVE-2019-8671, CVE-2019-8672, CVE-2019-8677, CVE-2019-8679, + CVE-2019-8686, CVE-2019-8735. + + Updated translations. +- Drop webkit2gtk3-fix-i586-build.patch: Fixed upstream. + +------------------------------------------------------------------- +Wed Apr 24 17:45:53 UTC 2019 - Martin Liška + +- Disable LTO (boo#1133291). + +------------------------------------------------------------------- +Mon Apr 15 11:06:10 UTC 2019 - Dominique Leuenberger + +- Add webkit2gtk3-fix-i586-build.patch: Fix build on i586. + +------------------------------------------------------------------- +Wed Apr 10 21:50:50 UTC 2019 - Bjørn Lie + +- Update to version 2.24.1 (boo#1132256): + + Do not allow changes in active URI before provisional load + starts for non-API requests. + + Stop the threaded compositor when the page is not visible or + layer tree state is frozen. + + Use WebKit HTTP source element again for adaptive streaming + fragments downloading. + + Properly handle empty resources in + webkit_web_resource_get_data(). + + Add quirk to ensure outlook.live.com uses the modern UI. + + Fix methods returing GObject or boxed types in JavaScriptCore + GLib API. + + Ensure callback data is passed to functions and constructors + with no parameters in JavaScriptCore GLib API. + + Fix rendering of complex text when the font uses x,y origins. + + Fix sound loop with Google Hangouts and WhatsApp notifications. + + Fix the build with GStreamer 1.12.5 and GST GL enabled. + + Detect SSE2 at compile time. + + Fix several crashes and rendering issues. + + Security fixes: CVE-2019-6251, CVE-2019-11070. +- Drop webkitgtk-gstreamer-gl-build-fix.patch: Fixed upstream. + +------------------------------------------------------------------- +Tue Mar 26 22:39:18 UTC 2019 - mgorse@suse.com + +- Add webkitgtk-gstreamer-gl-build-fix.patch: fix build on + SLE/Leap 15 (webkit#196178). + +------------------------------------------------------------------- +Tue Mar 19 19:52:23 UTC 2019 - mgorse@suse.com + +- Disable openjpeg on SLE 12. Our version isn't new enough. + +------------------------------------------------------------------- +Wed Mar 13 13:40:11 UTC 2019 - Bjørn Lie + +- Update to version 2.24.0: + + Added support fot content filtering. + + Variation fonts support. + + Fully emoji rendering support. + + Added navigation and pinch zoom gestures for touchpads. + + Support for JPEG2000 images. + + Script dialogs are now modal to the current web view only. + + New API to convert URI to format for display. + + Security fixes: CVE-2019-8375 (boo#1126768), CVE-2019-8506, + CVE-2019-8524, CVE-2019-8535, CVE-2019-8536, CVE-2019-8544, + CVE-2019-8551, CVE-2019-8558, CVE-2019-8559, CVE-2019-8563, + CVE-2019-8768. + +------------------------------------------------------------------- +Wed Mar 6 16:25:48 UTC 2019 - Bjørn Lie + +- Update to version 2.23.92: + + Fix constructors returning a GObject in JSC GLib API. + + Do not scan NPAPI plugins when plugins are disabled in + settings. + + Add WebKitUserContentFilterStore to the API docs. + + Fix several crashes and rendering issues. + + Updated translations. + +------------------------------------------------------------------- +Sun Mar 3 18:37:51 UTC 2019 - bjorn.lie@gmail.com + +- Update to version 2.23.91: + + Add new API to handle user content filters. + + Fix a UI process crash while filling selection data during drag + and drop. + + Fix deadlock on Linux/x64 between SamplingProfiler and VMTraps. + + Fix several crashes and rendering issues. + + Updated translations. + +------------------------------------------------------------------- +Sun Mar 3 16:05:51 UTC 2019 - bjorn.lie@gmail.com + +- Update to version 2.23.90: + + Add a new setting to disable JavaScript elments from documents + during parsing. + + Add new API to expose JavaScriptCore options. + + Add support for JPEG2000 images. + + Add support for back/forward touchpad gesture. + + Add support for pinch zoom on touchpad. + + Use a scrolled window in alert dialogs to handle long contents. + + Sleep disabler now inhibits idle when a "System" sleep disabler + is requested. + + Remove experimental sandboxing support, it's not yet ready for + stable release. + + Fix a web process deadlock when starting the remote inspector. + + Fix a crash when browsing inspector:// URI without port set. + + Fix several crashes and rendering issues. +- Add openjpeg2 and openjpeg2-devel BuildRequires: New + dependencies. +- Drop webkit2gtk3-python3.patch: Not needed anymore. +- Disable bubblewrap, xdg-dbus-proxy and pkgconfig(libseccomp) + BuildRequires and bubblewrap, xdg-dbus-proxy Requires: Sandbox + support was disabled by upstream again. +- Stop passing -DENABLE_ACCELERATED_2D_CANVAS=ON to cmake, follow + upstream default. + +------------------------------------------------------------------- +Sun Mar 3 16:05:50 UTC 2019 - bjorn.lie@gmail.com + +- Update to version 2.23.3: + + Fix rendering of emoji sequences containing zero with joiner. + + Fallback to a colored font when rendering emojis. + + Fix rendering artifacts on Youtube while scrolling under X11. + + Remove DConf permissions from sandbox. + + Fix build from release tarball with gtkdoc enabled. + + Fix several crashes and rendering issues. + + Updated translations. + +------------------------------------------------------------------- +Sun Mar 3 16:05:49 UTC 2019 - bjorn.lie@gmail.com + +- Update to version 2.23.2: + + Fix rendering artifacts in some websites with accelerated + compositing enabled. + + Add initial support for variation fonts. + + Add new API to convert a URI to a format for display. + + Make scrollbars follow gtk-primary-button-warps-slider setting. + + Fix crashes when closing the WebDriver session. + + Fix the build with OpenGL disabled. + + Fix several crashes and rendering issues. +- Changes from version 2.23.1: + + Add initial support for subprocess sandboxing in Linux. + + Add new permission request type for media device information. + + Make scrollbars follow gtk-primary-button-warps-slider setting. + + Script dialogs are now modal to the current web view only. + + Fix several crashes and rendering issues. +- Add bubblewrap, xdg-dbus-proxy and pkgconfig(libseccomp) + BuildRequires: New dependencies for subprocess sandboxing. +- Add bubblewrap and xdg-dbus-proxy Requires: They are needed at + runtime. +- Disable webkit2gtk3-python3.patch: Needs rebase or possibly + outright dropping as fixed, as some parts of them are checked in + upstream. + +------------------------------------------------------------------- +Sat Mar 2 16:34:27 UTC 2019 - Bjørn Lie + +- Update to version 2.22.7: + + Fix rendering of glyphs in Hebrew (and possibly other + languages) when Unicode NFC normalization is used. + + Fix several crashes and race conditions. + + Security fixes: CVE-2019-8518, CVE-2019-8523. + +------------------------------------------------------------------- +Wed Feb 13 17:16:52 UTC 2019 - mgorse@suse.com + +- Replace webkit2gtk3-boo1088932-a11y-state-set.patch with a patch + proposed for webkit#188599. The original patch didn't always + prevent crashes. + +------------------------------------------------------------------- +Sat Feb 9 15:44:38 UTC 2019 - bjorn.lie@gmail.com + +- Update to version 2.22.6 (boo#1124937): + + Make kinetic scrolling slow down smoothly when reaching the + ends of pages, instead of abruptly, to better match the GTK+ + behaviour. + + Fix Web inspector magnifier under Wayland. + + Fix garbled rendering of some websites (e.g. YouTube) while + scrolling under X11. + + Fix several crashes, race conditions, and rendering issues. +- CVE identifiers fixed: CVE-2019-6212, CVE-2019-6215, + CVE-2019-6216, CVE-2019-6217, CVE-2019-6226, CVE-2019-6227, + CVE-2019-6229, CVE-2019-6233, CVE-2019-6234, CVE-2019-6201, + CVE-2019-7285, CVE-2019-7292, CVE-2019-8503, CVE-2019-8515. + +------------------------------------------------------------------- +Wed Dec 26 19:21:01 UTC 2018 - bjorn.lie@gmail.com + +- Pass DENABLE_ACCELERATED_2D_CANVAS=ON to cmake, build accelerated + 2d canvas support, we already build the needed support in cairo. +- Switch to Ninja build, add ninja BuildRequires and pass GNinja to + cmake and use ninja_build and ninja_make macros. + +------------------------------------------------------------------- +Wed Dec 26 16:54:29 UTC 2018 - schwab@suse.de + +- Don't use gold on ppc. + +------------------------------------------------------------------- +Mon Dec 17 10:12:07 UTC 2018 - bjorn.lie@gmail.com + +- Update to version 2.22.5: + + Improved the logic to determine for which architectures to + enable the JIT compiler support and USE_SYSTEM_MALLOC at build + time. + + Fix the build with ENABLE_VIDEO=OFF and ENABLE_OPENGL=OFF. + + Fix several crashes. + + Security fixes: CVE-2018-4437 (boo#1119553), CVE-2018-4438 + (boo#1119554), CVE-2018-4441 (boo#1119555), CVE-2018-4442 + (boo#1119556), CVE-2018-4443 (boo#1119557), CVE-2018-4464 + (boo#1119558). + +------------------------------------------------------------------- +Fri Dec 7 22:34:19 UTC 2018 - mgorse@suse.com + +- Disable media source extension on SLE/Leap 15 and earlier, since + it requires gstreamer 1.14.0. + +------------------------------------------------------------------- +Wed Nov 28 10:47:03 UTC 2018 - schwab@suse.de + +- Reduce memory constraints for riscv64 + +------------------------------------------------------------------- +Thu Nov 22 12:02:43 UTC 2018 - bjorn.lie@gmail.com + +- Update to version 2.22.4 (boo#1116998): + + Expose ENABLE_MEDIA_SOURCE as a public build option. + + Fix a crash when using Cairo versions between 1.15 and 1.16.0 + + Fix the build with -DLOG_DISABLED=0. + + Fix the build with ENABLE_VIDEO=OFF and ENABLE_WEB_AUDIO=OFF. + + Fix debug builds of JavaScriptCore. + + Fix several crashes and rendering issues. + + Security fixes: CVE-2018-4372. + +------------------------------------------------------------------- +Mon Nov 12 10:32:01 UTC 2018 - Guillaume GARDET + +- Update _constraints to latest values to avoid OOM erros + +------------------------------------------------------------------- +Mon Oct 29 11:04:26 UTC 2018 - bjorn.lie@gmail.com + +- Update to version 2.22.3: + + Many improvements and fixes for video playback with media + source extensions (MSE), which improve the user experience + across the board, and in particular for playback of WebM + videos. + + Fix a memory leak during media playback when using playbin3. + + Fix portions of Web views not being rendered after resizing. + + Fix Resource Timing reporting for