diff --git a/webkit2gtk3-icu-build-fix.patch b/webkit2gtk3-icu-build-fix.patch new file mode 100644 index 0000000..a07c589 --- /dev/null +++ b/webkit2gtk3-icu-build-fix.patch @@ -0,0 +1,73 @@ +From 730b80e691a4b9dd0e9727cfcd9806dfa542397b Mon Sep 17 00:00:00 2001 +From: "commit-queue@webkit.org" + +Date: Fri, 4 Oct 2019 21:51:37 +0000 +Subject: [PATCH] Fix build with icu 65.1 + https://bugs.webkit.org/show_bug.cgi?id=202600 + +Patch by Heiko Becker on 2019-10-04 +Reviewed by Konstantin Tokarev. + +Source/WebCore: + +* dom/Document.cpp: +(WebCore::isValidNameNonASCII): +(WebCore::Document::parseQualifiedName): + +Source/WTF: + +* wtf/URLHelpers.cpp: +(WTF::URLHelpers::allCharactersInIDNScriptWhiteList): + +git-svn-id: http://svn.webkit.org/repository/webkit/trunk@250747 268f45cc-cd09-0410-ab3c-d52691b4dbfc +--- + Source/WTF/ChangeLog | 10 ++++++++++ + Source/WTF/wtf/URLHelpers.cpp | 2 +- + Source/WebCore/ChangeLog | 11 +++++++++++ + Source/WebCore/dom/Document.cpp | 6 +++--- + 4 files changed, 25 insertions(+), 4 deletions(-) + +diff --git a/Source/WTF/wtf/URLHelpers.cpp b/Source/WTF/wtf/URLHelpers.cpp +index 18e7f13cd61..c584f1a0cb7 100644 +--- a/Source/WTF/wtf/URLHelpers.cpp ++++ b/Source/WTF/wtf/URLHelpers.cpp +@@ -301,7 +301,7 @@ static bool allCharactersInIDNScriptWhiteList(const UChar* buffer, int32_t lengt + Optional previousCodePoint; + while (i < length) { + UChar32 c; +- U16_NEXT(buffer, i, length, c) ++ U16_NEXT(buffer, i, length, c); + UErrorCode error = U_ZERO_ERROR; + UScriptCode script = uscript_getScript(c, &error); + if (error != U_ZERO_ERROR) { +diff --git a/Source/WebCore/dom/Document.cpp b/Source/WebCore/dom/Document.cpp +index 2443e24c9bc..1fbb3a71600 100644 +--- a/Source/WebCore/dom/Document.cpp ++++ b/Source/WebCore/dom/Document.cpp +@@ -4954,12 +4954,12 @@ static bool isValidNameNonASCII(const UChar* characters, unsigned length) + unsigned i = 0; + + UChar32 c; +- U16_NEXT(characters, i, length, c) ++ U16_NEXT(characters, i, length, c); + if (!isValidNameStart(c)) + return false; + + while (i < length) { +- U16_NEXT(characters, i, length, c) ++ U16_NEXT(characters, i, length, c); + if (!isValidNamePart(c)) + return false; + } +@@ -5019,7 +5019,7 @@ ExceptionOr> Document::parseQualifiedName(cons + + for (unsigned i = 0; i < length; ) { + UChar32 c; +- U16_NEXT(qualifiedName, i, length, c) ++ U16_NEXT(qualifiedName, i, length, c); + if (c == ':') { + if (sawColon) + return Exception { InvalidCharacterError }; +-- +2.23.0 + diff --git a/webkit2gtk3.changes b/webkit2gtk3.changes index f584629..7f91993 100644 --- a/webkit2gtk3.changes +++ b/webkit2gtk3.changes @@ -1,7 +1,21 @@ +------------------------------------------------------------------- +Mon Nov 11 22:31:54 UTC 2019 - Michael Gorse + +- Add webkit2gtk3-icu-build-fix.patch: fix build with icu 65.1. + +------------------------------------------------------------------- +Thu Nov 7 16:38:56 UTC 2019 - Michael Gorse + +- Only use wpe and xdg-dbus-proxy/bubblewrap for TW and + SLE-15-SP2 / leap 15.2. +- Don't pass -DENABLE_BUBBLEWRAP_SANDBOX=ON; it is on by default. +- Remove conditionals for EOL versions of openSUSE. +- Always build with python3; remove the conditional. + ------------------------------------------------------------------- Wed Nov 6 16:26:43 UTC 2019 - Bjørn Lie -- Update to version 2.26.2: +- Update to version 2.26.2 (boo#1156318): + Improve performance of querying system fallback fonts. + Don't use prgname in dbus-proxy socket path. + Fix thread-safety issues in image decoders. @@ -10,6 +24,7 @@ Wed Nov 6 16:26:43 UTC 2019 - Bjørn Lie EGL dispaly under Wayland. + Fill the objects category in emoji picker. + Fix several crashes and rendering issues. + + Security fixes: CVE-2019-8812, CVE-2019-8814. ------------------------------------------------------------------- Thu Sep 26 10:03:59 UTC 2019 - Bjørn Lie @@ -33,6 +48,8 @@ Mon Sep 23 15:24:34 UTC 2019 - Bjørn Lie + Fix EGL initialization with newer versions of Mesa. + Do not enable the sandbox inside docker. + Fix several crashes and rendering issues. + ++ Security fixes: CVE-2019-8783, CVE-2019-8811, CVE-2019-8813, + CVE-2019-8816, CVE-2019-8819, CVE-2019-8820, CVE-2019-8823. ------------------------------------------------------------------- Thu Sep 19 16:44:45 UTC 2019 - Michael Gorse @@ -55,7 +72,7 @@ Thu Sep 12 21:09:23 UTC 2019 - Bjørn Lie ------------------------------------------------------------------- Mon Sep 9 09:59:58 UTC 2019 - Bjørn Lie -- Update to version 2.26.0: +- Update to version 2.26.0 (boo#1155321): + Add support for subprocess sandboxing. + Add support for HSTS (HTTP Strict Transport Security). + Use libwpe with fdo backend to implement accelerated @@ -67,6 +84,9 @@ Mon Sep 9 09:59:58 UTC 2019 - Bjørn Lie + Fix rendering artifacts in youtube volume button and github comment box. + Single process model has been deprecated for security reasons. + + Security fixes: CVE-2019-8625, CVE-2019-8720, CVE-2019-8769, + CVE-2019-8771, CVE-2019-8710, CVE-2019-8743, CVE-2019-8764, + CVE-2019-8766, CVE-2019-8782, CVE-2019-8808, CVE-2019-8815. ------------------------------------------------------------------- Tue Sep 3 12:11:49 UTC 2019 - Bjørn Lie @@ -182,7 +202,9 @@ Wed Aug 28 12:40:21 UTC 2019 - Bjørn Lie when Python 3.x was used during the build process. + Security fixes: CVE-2019-8644, CVE-2019-8649, CVE-2019-8658, CVE-2019-8669, CVE-2019-8678, CVE-2019-8680, CVE-2019-8683, - CVE-2019-8684, CVE-2019-8688. + CVE-2019-8684, CVE-2019-8688, CVE-2019-8674, CVE-2019-8707, + CVE-2019-8719, CVE-2019-8733, CVE-2019-8763, CVE-2019-8765, + CVE-2019-8821, CVE-2019-8822. - Drop webkit2gtk3-bwo197558-hang.patch: Fixed upstream. ------------------------------------------------------------------- @@ -212,7 +234,8 @@ Tue Jul 2 11:17:11 UTC 2019 - Bjørn Lie + Fix the build with video and audio disabled. + Fix several crashes and rendering issues. + Security fixes: CVE-2019-8666, CVE-2019-8673, CVE-2019-8676, - CVE-2019-8681, CVE-2019-8687, CVE-2019-8689, CVE-2019-8690. + CVE-2019-8681, CVE-2019-8687, CVE-2019-8689, CVE-2019-8690, + CVE-2019-8726. + Updated translations. - Drop upstream fixed patches: + webkit2gtk3-bug196440-build-fix.patch. @@ -239,7 +262,7 @@ Fri May 24 08:00:33 UTC 2019 - Bjørn Lie + Fix several crashes and rendering issues. + Security fixes: CVE-2019-8595, CVE-2019-8607, CVE-2019-8615, CVE-2019-8671, CVE-2019-8672, CVE-2019-8677, CVE-2019-8679, - CVE-2019-8686. + CVE-2019-8686, CVE-2019-8735. + Updated translations. - Drop webkit2gtk3-fix-i586-build.patch: Fixed upstream. @@ -302,7 +325,8 @@ Wed Mar 13 13:40:11 UTC 2019 - Bjørn Lie + New API to convert URI to format for display. + Security fixes: CVE-2019-8375 (boo#1126768), CVE-2019-8506, CVE-2019-8524, CVE-2019-8535, CVE-2019-8536, CVE-2019-8544, - CVE-2019-8551, CVE-2019-8558, CVE-2019-8559, CVE-2019-8563. + CVE-2019-8551, CVE-2019-8558, CVE-2019-8559, CVE-2019-8563, + CVE-2019-8768. ------------------------------------------------------------------- Wed Mar 6 16:25:48 UTC 2019 - Bjørn Lie diff --git a/webkit2gtk3.spec b/webkit2gtk3.spec index a2279ef..b128f7d 100644 --- a/webkit2gtk3.spec +++ b/webkit2gtk3.spec @@ -27,20 +27,9 @@ %define _name webkitgtk # gold linker not available on old s390/s390x %define _gold_linker 1 -%if 0%{?suse_version} < 1320 -%ifarch s390 s390x -%define _gold_linker 0 -%endif -%else %ifarch ppc s390 %define _gold_linker 0 %endif -%endif -%if 0%{?suse_version} >= 1500 -%bcond_without python3 -%else -%bcond_with python3 -%endif Name: webkit2gtk3 Version: 2.26.2 Release: 0 @@ -54,6 +43,8 @@ Source98: baselibs.conf Source99: webkit2gtk3.keyring # PATCH-FIX-OPENSUSE webkit2gtk3-fdo-soname.patch mgorse@suse.com -- don't call dlopen with an unversioned soname. Patch0: webkit2gtk3-fdo-soname.patch +# PATCh-FIX-UPSTREAM webkit2gtk3-icu-build-fix.patch mgorse@suse.com -- fix build with icu 65.1. +Patch1: webkit2gtk3-icu-build-fix.patch BuildRequires: Mesa-libEGL-devel BuildRequires: Mesa-libGL-devel @@ -61,7 +52,9 @@ BuildRequires: Mesa-libGLESv1_CM-devel BuildRequires: Mesa-libGLESv2-devel BuildRequires: Mesa-libGLESv3-devel BuildRequires: bison >= 2.3 +%if 0%{?suse_version} > 1510 BuildRequires: bubblewrap +%endif BuildRequires: cmake BuildRequires: enchant-devel BuildRequires: gobject-introspection-devel @@ -73,7 +66,9 @@ BuildRequires: ninja BuildRequires: perl >= 5.10.0 BuildRequires: pkgconfig BuildRequires: ruby >= 1.8.7 +%if 0%{?suse_version} > 1510 BuildRequires: xdg-dbus-proxy +%endif BuildRequires: pkgconfig(atk) BuildRequires: pkgconfig(atspi-2) >= 2.5.3 BuildRequires: pkgconfig(cairo) >= 1.10.2 @@ -107,15 +102,13 @@ BuildRequires: pkgconfig(libxml-2.0) >= 2.8.0 BuildRequires: pkgconfig(libxslt) >= 1.1.7 BuildRequires: pkgconfig(sqlite3) BuildRequires: pkgconfig(upower-glib) +%if 0%{?suse_version} > 1510 BuildRequires: pkgconfig(wpe-1.0) >= 1.3.0 BuildRequires: pkgconfig(wpebackend-fdo-1.0) >= 1.3.0 +%endif +BuildRequires: gcc-c++ >= 4.9 BuildRequires: pkgconfig(xt) BuildRequires: pkgconfig(zlib) -%if 0%{?suse_version} == 1315 -BuildRequires: gcc7-c++ -%else -BuildRequires: gcc-c++ >= 4.9 -%endif %if 0%{?suse_version} >= 1500 BuildRequires: openjpeg2 BuildRequires: openjpeg2-devel @@ -123,12 +116,7 @@ BuildRequires: openjpeg2-devel %if 0%{?suse_version} > 1500 BuildRequires: pkgconfig(libwoff2dec) %endif -%if %{with python3} BuildRequires: python3 -%else -BuildRequires: python >= 2.6.0 -BuildRequires: python2-xml -%endif %if %{_gold_linker} BuildRequires: binutils-gold %endif @@ -146,9 +134,13 @@ more. Summary: Library for rendering web content, GTK+ Port # Require the injected bundles. The bundles are dlopen()ed Group: System/Libraries +%if 0%{?suse_version} > 1510 Requires: bubblewrap +%endif Requires: webkit2gtk-4_0-injected-bundles +%if 0%{?suse_version} > 1510 Requires: xdg-dbus-proxy +%endif Recommends: %{_pkgname_no_slpp}-lang Provides: %{_pkgname_no_slpp} = %{version} Obsoletes: webkit2gtk3-plugin-process-gtk2 @@ -297,9 +289,7 @@ if test -n "$max_link_jobs" -a "$max_link_jobs" -gt 1 ; then test "$max_link_jobs" -le 0 && max_link_jobs=1 && echo "Warning: Not linking in parallel at all becuse of memory limits" fi -%if %{with python3} export PYTHON=%{_bindir}/python3 -%endif # Use linker flags to reduce memory consumption %if %{_gold_linker} %global optflags %(echo %{optflags} -Wl,--no-keep-memory | sed 's/-g /-g1 /') @@ -315,25 +305,19 @@ export PYTHON=%{_bindir}/python3 -DCMAKE_EXE_LINKER_FLAGS="-Wl,--as-needed -Wl,-z,now -pthread" \ -DCMAKE_MODULE_LINKER_FLAGS="-Wl,--as-needed -Wl,-z,now -pthread" \ -DCMAKE_SHARED_LINKER_FLAGS="-Wl,--as-needed -Wl,-z,now -pthread" \ -%if 0%{?suse_version} == 1315 - -DCMAKE_C_COMPILER=gcc-7 \ - -DCMAKE_CXX_COMPILER=g++-7 \ - -DENABLE_WEB_CRYPTO=OFF \ - -DUSE_GSTREAMER_GL=false \ - -DUSE_OPENJPEG=false \ -%endif %if 0%{?suse_version} <= 1500 -DUSE_WOFF2=false \ -DENABLE_MEDIA_SOURCE=OFF \ %endif -%if %{with python3} - -DPYTHON_EXECUTABLE=%{_bindir}/python3 \ +%if 0%{?suse_version} <= 1510 + -DUSE_WPE_RENDERER=OFF \ + -DENABLE_BUBBLEWRAP_SANDBOX=OFF \ %endif + -DPYTHON_EXECUTABLE=%{_bindir}/python3 \ %ifarch armv6hl ppc ppc64 ppc64le riscv64 s390 s390x -DENABLE_JIT=OFF \ %endif -DUSE_SYSTEM_MALLOC=ON \ - -DENABLE_BUBBLEWRAP_SANDBOX=ON \ %ninja_build -j $max_link_jobs