------------------------------------------------------------------- Wed Apr 6 15:12:09 UTC 2022 - Michael Gorse - Drop webkit2gtk3-gcc12.patch. It isn't needed anymore, since the relevant gcc change has been reverted for now. - Update some minimum version requirements to match cmake checks. - Remove build requirements on geoclue and libbrotlidec: they are no longer build-time dependencies. Add geoclue2 to Recommends. ------------------------------------------------------------------- Wed Mar 30 18:04:39 UTC 2022 - Michael Gorse - Add webkit2gtk3-gcc12.patch: fix the build with gcc 12. ------------------------------------------------------------------- Tue Mar 29 11:48:56 UTC 2022 - Bjørn Lie - Disabled usage of gold linker for all targets via existing define. ------------------------------------------------------------------- Mon Mar 21 19:45:49 UTC 2022 - Bjørn Lie - Update to version 2.36.0: + Add new accessibility implementation using ATSPI DBus interfaces instead of ATK. + Add support for requestVideoFrameCallback. + Change hardware-acceleration-policy setting default value to always. + Add support for media session. + Add new API to set HTTP response information to custom uri schemes. + Make user interactive threads (event handler, scrolling, …) real time in linux. ------------------------------------------------------------------- Mon Feb 28 01:29:27 UTC 2022 - Bjørn Lie - Update to version 2.35.90: + Fix scrolling with the mouse wheel on sites using overscroll-behavior. + Suspend web processes after some time in the process cache. + Fix renderning of horizontal scrollbars with themes enabling steppers. + Ensure EGL displays are terminated before web process exits. + Deinitialize gstreamer before web process exits. + Make fonts under XDG_DATA_DIRS available in web process sanbox. + Canonicalize paths passed to bubblewrap launcher. + Fix several crashes and rendering issues. + Updated translations. ------------------------------------------------------------------- Thu Feb 17 16:14:43 UTC 2022 - Bjørn Lie - Update to version 2.35.3: + Fix a crash at startup when bubblewrap sandbox is enabled. + Fix a crash when starting a drag an drop on touchscreen. + Fix several crashes and rendering issues. - Changes from version 2.35.2: + Add new accessibility implementation using ATSPI DBus interfaces instead of ATK. + Use native GtkWidgets for form validation popups. + Add support for requestVideoFrameCallback. + Add support for accent colors. + Fix pinch zooming from a link to not activate the link. + Fix kinetic scrolling via touch screen. + Fix several crashes and rendering issues. - Changes from version 2.35.1: + Make user interactive threads (event handler, scrolling, …) real time in linux. + Add new API to set HTTP response information to custom uri schemes. + Add support for media session. + Change hardware-acceleration-policy setting default value to always. + Fix jsc_value_object_define_property_accessor() to work with objects not having a wrapped instance. + Fix several crashes and rendering issues. - Add gstreamer-plugins-good, gstreamer-plugins-bad and xdg-desktop-portal-gtk Recommends: Needed for mediaplayback and features in the mandatory sandbox. - Add flex BuildRequires: Optional dependency. - Rebase no-forced-sse.patch: Not sure this makes sense anymore, we are building for i686, and the number of cpu of that class not supporting SSE2 can probably be counted on one hand. - Drop patches fixed upstream: + fix-warnings.patch + webkit2gtk3-link-fix.patch ------------------------------------------------------------------- Thu Feb 17 16:14:42 UTC 2022 - Michael Gorse - Update to version 2.34.6 (boo#1196133): + Fix accessibility not working when the Bubblewrap sandbox is enabled. + Fix rendering of scrollbars when overlay scrollbars are disabled. + Fix the build when the X11 support is disabled. + Fix the build in a number of situations where the main OpenGL library is not called libGL or libgl, as is the case on systems that use libglvnd. + Fix several crashes and rendering issues. + Security fixes: CVE-2022-22620. ------------------------------------------------------------------- Wed Feb 9 18:14:24 UTC 2022 - Michael Gorse - Update to version 2.34.5 (boo#1195735): + Improve VP8 codec selection when using GStreamer 1.20. + Fix connecting to the accessiblity bus when using the Bubblewrap sandbox. + Fix links being incorrectly activated when starting a pinch zoom gesture. + Fix touch-based scrolling. + Fix the build with recent toolchains based on GCC 12 and on older ones as included e.g. in Ubuntu 18.04. + Fix the build with ICU 60, version 61 is no longer required. + Fix several crashes and rendering issues. + Security fixes: CVE-2022-22589, CVE-2022-22590, CVE-2022-22592,. + Drop webkit2gtk3-gcc12.patch: fixed upstream. ------------------------------------------------------------------- Mon Jan 31 22:42:06 UTC 2022 - Bjørn Lie - Update constraints for disk space even more, now at 20 gig. ------------------------------------------------------------------- Mon Jan 24 21:54:31 UTC 2022 - Michael Gorse - Add webkit2gtk3-gcc12.patch: fix the build with gcc 12. - Require glib2 2.44 to match source. ------------------------------------------------------------------- Fri Jan 21 12:58:32 UTC 2022 - Bjørn Lie - Update to version 2.34.4 (boo#1195064): + Fix several crashes and rendering issues. + This release fixes numerous security issues, including an especially severe issue that allowed websites to read the names of IndexedDB databases created by other websites. + Security fixes: CVE-2021-30934, CVE-2021-30936, CVE-2021-30951, CVE-2021-30952, CVE-2021-30953, CVE-2021-30954, CVE-2021-30984, CVE-2022-22594. ------------------------------------------------------------------- Wed Jan 19 15:12:02 UTC 2022 - Frederic Crozat - Update _constraints, needs more disk space to build. ------------------------------------------------------------------- Tue Dec 21 15:03:42 UTC 2021 - Michael Gorse - Update to version 2.34.3 (boo#1194019): + Make audio tools (like mixers) display the actual name of the application producing sound, instead of a generic one. + Fix several crashes and rendering issues. + Security fixes: CVE-2021-30887, CVE-2021-30890. ------------------------------------------------------------------- Tue Dec 14 13:30:29 UTC 2021 - Yifan Jiang - Typo fix for %define usegcc10. ------------------------------------------------------------------- Tue Dec 14 10:38:41 UTC 2021 - Dominique Leuenberger - Introduce usegcc10 %define in order to have the condition (0%{?sle_version} && 0%{?sle_version} <= 150400) only at one point. - Correct a very old "Obsoletes: webkit2gtk3-plugin-process-gtk2" to be a versioned obsoletes. ------------------------------------------------------------------- Tue Dec 14 01:05:29 UTC 2021 - Yifan Jiang - Make the earlier Obsoletes: libwebkit2gtk3-lang compliant with: https://en.opensuse.org/openSUSE:Upgrade_dependencies_explanation#Renaming_a_package ------------------------------------------------------------------- Wed Dec 8 08:07:59 UTC 2021 - Yifan Jiang - Add Obsoletes of the old-name -lang package to be ready for updating from it. This change is necessary for the gtk3-soup2 flavor. ------------------------------------------------------------------- Sat Nov 27 15:20:11 UTC 2021 - Michael Gorse - Update to version 2.34.2: + Fix scrolling issues when pressing Home and PgDown keys. + Update effective appearance after web process switch on navigation. + Fix the build with video disabled. ------------------------------------------------------------------- Mon Nov 1 18:14:10 UTC 2021 - Bjørn Lie - Add pkgconfig(libavif) BuildRequires and pass USE_AVIF=ON to cmake, build avif decoding support. ------------------------------------------------------------------- Mon Nov 1 17:54:51 UTC 2021 - Michael Gorse - Add wayland-protocols to BuildRequires. ------------------------------------------------------------------- Tue Oct 26 22:10:23 UTC 2021 - Michael Gorse - Add webkit2gtk3-link-fix.patch: taken from upstream, fixes the build on SLE-15-SP4. - Use gcc10 package on SLE <= 15-SP4. Gcc 7 is currently the default there. - Update gcc-c++ version requirement to match the cmake check. ------------------------------------------------------------------- Thu Oct 21 20:07:32 UTC 2021 - Michael Gorse - Update to version 2.34.1 (boo#1191937): + Update user agent browser versions. + Fix a crash with GTK >= 3.24.30. + Fix a crash when loading videos on reddit. + Fix file type detection when application calls g_desktop_app_info_set_as_default_for_extension() passing html. + Security fixes: CVE-2021-42762. ------------------------------------------------------------------- Wed Sep 29 10:16:33 UTC 2021 - Dominique Leuenberger - Add libjavascriptcoregtk-4_0-18 and llibwebkit2gtk-4_0-37 to baselibs.conf: provide those libraries as multilib version. ------------------------------------------------------------------- Wed Sep 29 06:47:28 UTC 2021 - Dominique Leuenberger - Rename -lang packages to WebKit2GTK-%{_apiver}, making the translations between the three flavors co-exist. ------------------------------------------------------------------- Wed Sep 22 16:18:00 UTC 2021 - Dominique Leuenberger - Update to version 2.34.0 (boo#1192063): + Fix another regression in JavaScriptCore on 32bit systems. + Security fixes: CVE-2021-30846, CVE-2021-30851, CVE-2021-30818, CVE-2021-30823, CVE-2021-30884, CVE-2021-30888, CVE-2021-30889, CVE-2021-30897, CVE-2021-45481, CVE-2021-45483. ------------------------------------------------------------------- Mon Sep 20 02:33:51 UTC 2021 - Michael Gorse - Update to version 2.33.91: + Use the right display refresh monitor for animations in accelerated compositng mode. + Fix several issues in JavaScriptCore on 32bit systems. + Prefer python3 over python2 in CMake. ------------------------------------------------------------------- Mon Sep 20 02:33:50 UTC 2021 - Michael Gorse - Update to version 2.33.90: + Show TLS protocol version and ciphersuite name in the inspector when building with libsoup3. + Add multi-track support to media backend. + Avoid strong alias computations in font fallback code. + Fix deadlock tearing down pipeline when using fallback sink. + Fix the build with gtk-doc enabled. + Fix several crashes and rendering issues. - Add fix-warnings.patch: silence return-type warnings. ------------------------------------------------------------------- Mon Sep 20 02:33:05 UTC 2021 - Dominique Leuenberger - Add a 3rd flavor: gtk3 with libsoup2 (which retains compatibility to the olderversions, identified as API version 4.0). ------------------------------------------------------------------- Mon Sep 20 02:33:04 UTC 2021 - Dominique Leuenberger - Add _multibuild file and enable build of webkit2gtk4. ------------------------------------------------------------------- Mon Sep 20 02:33:03 UTC 2021 - Dominique Leuenberger - Update to version 2.33.3: + Add support for display capture. + Add new API to access/modify capture devices states. + Add new API to configure the memory pressure handler. + Add support for client side certifiates authentication. + Add support color-schemes CSS property. + Add support for dark scrollbars. + Keep GtkSettings used by web processes in sync with the settings set in the UI process. + Add support for drawing the scrollbars corner. + Allow to opt-out of GL rendering at runtime for media player. + Add support for A420 compositing in media player. + Improve pinch to zoom gesture in accerlerated compositing mode. + Fix cookies configuration after a network process crash. + Fix touchscreen navigation swipe when the page scrolls horizontally. + Fix rendering of elliptic radial gradients. + Fix several crashes and rendering issues. + Updated translations. - Drop fix-lto.patch: fixed upstream. - Add pkgconfig(lcms2) BuildRequires: new dependency. - Replace pkgconfig(libsoup-2.4) BuildRequires with pkgconfig(libsoup-3.0): Follow upstreams port to Libsoup 3.0. ------------------------------------------------------------------- Sun Sep 19 19:00:09 UTC 2021 - Michael Gorse - Update to version 2.32.4 (boo#1190701): + Do not append .asc extension to downloaded text/plain files. + Fix several crashes and rendering issues. + Security fixes: CVE-2021-30848, CVE-2021-30849, CVE-2021-30858, CVE-2021-30809, CVE-2021-30836, CVE-2021-45482. - Drop fix-lto.patch: fixed upstream. ------------------------------------------------------------------- Tue Aug 10 12:10:02 UTC 2021 - Martin Liška - Enable LTO by using upstream patch fix-lto.patch. ------------------------------------------------------------------- Thu Aug 5 08:27:25 UTC 2021 - Yifan Jiang - Drop unneeded patch on Leap and SLE by now: webkit2gtk3-restore-npapi.patch (bsc#1189105). ------------------------------------------------------------------- Thu Jul 29 02:29:40 UTC 2021 - Yifan Jiang - Add BuildRequires pkgconfig(glproto) for SLE and Leap which have not included the new packaging of the relevant headers. ------------------------------------------------------------------- Mon Jul 26 15:38:26 UTC 2021 - Michael Gorse - Update to version 2.32.3 (boo#1188697): + Properly set the cookies settings after a network process crash. + Fix accessibility tree after a cross site navigation with PSON enabled. + Ensure WebKitScriptWorld::window-object-cleared signal is always emitted. + Fix several crashes and rendering issues. + Security fixes: CVE-2021-21775, CVE-2021-21779, CVE-2021-30663, CVE-2021-30665, CVE-2021-30689, CVE-2021-30720, CVE-2021-30734, CVE-2021-30744, CVE-2021-30749, CVE-2021-30795, CVE-2021-30797, CVE-2021-30799. - Fix webkit2gtk3-restore-npapi.patch to install the plugin process. - Disable WPE renderer: our FDO backend is now too old. ------------------------------------------------------------------- Mon Jul 19 18:36:42 UTC 2021 - Michael Gorse - Update to version 2.32.2: + Improve calculation of initial WebKitWebView size. + Fix kinetic scrolling on touchpad with async scrolling off. + Fix a crash on empty drag operation in X11. + Fix rendering on HiDPI /4k screen and scaling. + Handle null native surface for for surfaceless rendering. + Fix JavaScriptCore crash on 32-bit big endian systems. + Fix several crashes and rendering issues. + Security fixes: CVE-2021-30758. ------------------------------------------------------------------- Wed May 19 01:10:34 UTC 2021 - Michael Gorse - Update to version 2.32.1: + Support building against the Musl C library. + Support building against ICU version 69 or newer. + Improve handling of Media Capture devices. + Improve WebAudio playback. + Improve video orientation handling. + Improve seeking support for MSE playback. + Improve flush support in EME decryptors. + Fix HTTP status codes for requests done through a custom URI handler. + Fix the Bubblewrap sandbox in certain 32-bit systems. + Fix inconsistencies between the WebKitWebView.is-muted property state and values returned by webkit_web_view_is_playing_audio(). + Fix the build with ENABLE_VIDEO=OFF. + Fix wrong timestamps for long-lived cookies. + Fix UI process crash when failing to load favicons. + Fix several crashes and rendering issues. + Updated translations. - Drop webkit2gtk3-icu69.patch: fixed upstream. ------------------------------------------------------------------- Wed Apr 28 06:41:41 UTC 2021 - Dominique Leuenberger - Add webkit2gtk3-icu69.patch: Fix build with ICU 69: + ICU 69 deprecates ubrk_safeClone in favor of ubrk_clone. ------------------------------------------------------------------- Mon Apr 12 17:44:57 UTC 2021 - Michael Gorse - Per discussion with maintenance, let's not remove features that customers could possibly be using: - Add webkit2gtk3-restore-npapi.patch: restore NPAPI plugin support. Reverts webkit#215503. ------------------------------------------------------------------- Tue Apr 6 18:25:11 UTC 2021 - Michael Gorse - Update to version 2.32.0 (boo#1184155): + Fix the authentication request port when URL omits the port. + Fix iframe scrolling when main frame is scrolled in async scrolling mode. + Stop using g_memdup. + Show a warning message when overriding signal handler for threading suspension. - Fix the build on RISC-V with GCC 11. - Fix several crashes and rendering issues. + Security fixes: CVE-2021-1788, CVE-2021-1844, CVE-2021-1871 + Changes in version 2.30.6 (boo#1184262): + Update user agent quirks again for Google Docs and Google Drive. + Fix several crashes and rendering issues. + Security fixes: CVE-2020-27918, CVE-2020-29623, CVE-2021-1765, CVE-2021-1789, CVE-2021-1799, CVE-2021-1801, CVE-2021-1870. - Remove webkit-font-scaling.patch: contained in upstream - Drop original SLE 15 support from the spec. Drop webkit-process.patch and old-wayland-scanner.patch; they are not needed for SP2. - Pass ENABLE_GAMEPAD=OFF to cmake, since we don't have manette. - Add glproto-devel to BuildRequires: now needed for the build on SLE 15. ------------------------------------------------------------------- Fri Apr 2 17:34:41 UTC 2021 - Michael Gorse - Update to version 2.32.0 (boo#1184155): + Fix the authentication request port when URL omits the port. + Fix iframe scrolling when main frame is scrolled in async scrolling mode. + Stop using g_memdup. + Show a warning message when overriding signal handler for threading suspension. - Fix the build on RISC-V with GCC 11. - Fix several crashes and rendering issues. + Security fixes: CVE-2021-1788, CVE-2021-1844, CVE-2021-1871, CVE-2021-30682. - Drop old-wayland-scanner.patch and webkit-process.patch, and also drop support for Leap 15.0 and 15.1, since they are no longer supported. ------------------------------------------------------------------- Tue Mar 23 02:31:51 UTC 2021 - Michael Gorse - Update to version 2.31.91: + Make WebKitSecurityOrigin a simple data store for and deprecate webkit_security_origin_is_opaque(). + Fix user agent again to work on several google websites. + Fix web view url on web process terminate signals. + Fix preferred language overrides sent to the web process. + Fix the build in i386. + Translation updates: Simplified Chinese. - Drop webkitgtk-i586-build-fix.patch: fixed upstream. - Disable webkit-process.patch: needs to be rebased or dropped. ------------------------------------------------------------------- Mon Mar 22 02:31:51 UTC 2021 - Michael Gorse - Add webkitgtk-i586-build-fix.patch: fix build on i586 (webkit#222480). ------------------------------------------------------------------- Mon Mar 22 02:31:50 UTC 2021 - Michael Gorse - Update to version 2.31.90: + Add permission request API for MediaKeySystem access. + Fix rendering when using opacity filters on hardware accelerated layers. + Fix flatpak-spawn subsandbox to not clear environment variables. + Ensure a URI scheme handler can't be registered multiple times. + Fix several crashes and rendering issues. + The minimum required GStreamer version is now 1.14. + CEA-608 closed captions support (requires WEBKIT_GST_USE_PLAYBIN3=1 environment variable). - Advertise CBCS decryption and VP9 support in Thunder. - Advertise DASH as supported in the media player. - Improved support for playbin3. - Translation updates: Ukrainian. - Up required gstreamer and gtk3 versions. ------------------------------------------------------------------- Mon Mar 22 02:31:01 UTC 2021 - Callum Farmer - Update to version 2.31.1: + Remove support for NPAPI plugins. + Enable the web process cache when PSON is enabled too. + TLS errors and proxy settings APIs have been moved from WebKitContext to WebKitWebsiteDataManager. + Add new API to remove individual scripts/stylesheets using WebKitUserContentManager. + Correctly apply the system font scaling factor. + Show main loop frames information in the web inspector. - Remove webkit-font-scaling.patch: contained in upstream - New build requirement: pkgconfig(manette-0.2). ------------------------------------------------------------------- Sun Mar 21 20:33:09 UTC 2021 - Michael Gorse - Update to version 2.30.6 (boo#1184262): + Update user agent quirks again for Google Docs and Google Drive. + Fix several crashes and rendering issues. + Security fixes: CVE-2020-27918, CVE-2020-29623, CVE-2021-1765 CVE-2021-1789, CVE-2021-1799, CVE-2021-1801, CVE-2021-1870, CVE-2021-21806. ------------------------------------------------------------------- Fri Feb 19 07:45:12 UTC 2021 - Guillaume GARDET - Update _constraints for armv6/armv7 (bsc#1182719) ------------------------------------------------------------------- Sat Feb 13 18:06:17 UTC 2021 - Michael Gorse - Update to version 2.30.5 (boo#1182286): + Bring back the WebKitPluginProcess installation that was removed by mistake. + Fix RunLoop objects leaked in worker threads. + Fix aarch64 llint build with JIT disabled. + Use Internet Explorer quirk for Google Docs. + Security fixes: CVE-2020-13558. - Drop gir-multilib.patch: fixed upstream. ------------------------------------------------------------------- Wed Jan 20 10:47:33 UTC 2021 - Bjørn Lie - Add gir-multilib.patch: Fix multilib conflict in gir files. - Disable gold linker for ppc64le ------------------------------------------------------------------- Tue Jan 19 19:12:53 UTC 2021 - Atri Bhattacharya - Add webkit-font-scaling.patch: Fix system font scaling not applied to 'font-size: XXXpt'; patch taken from upstream and rebased to apply cleanly (https://bugs.webkit.org/show_bug.cgi?id=218450). - Pass `-q` to setup to disable printing long list of files extracted from source tarball. ------------------------------------------------------------------- Tue Dec 15 14:06:42 UTC 2020 - Dominique Leuenberger - Update to version 2.30.4: + Fix text data sent with WebSockets when using libsoup < 2.68. + Fix the rendering on Raspberry Pi 3 using the proprietary video driver. + Fix clipping of descedant layers of a mask layer. + Fix the build with ICU 68.1. - Drop upstream merged patch: + 0001-ICU-68.1-no-longer-exposes-FALSE-and-TRUE-macros-by-.patch ------------------------------------------------------------------- Thu Dec 3 22:23:20 UTC 2020 - Michael Gorse - Add old-wayland-scanner.patch for 15.0/15.1: support older wayland-scanner. Also renumber patches to group 15.0/15.1-specific patches together. - Have the libwebkit2gtk package require libjavascriptcoregtk of the same version (boo#1171531). ------------------------------------------------------------------- Wed Dec 2 13:36:15 UTC 2020 - Dominique Leuenberger - 0001-ICU-68.1-no-longer-exposes-FALSE-and-TRUE-macros-by-.patch: ICU 68.1 no longer exposes FALSE and TRUE macros by default. ------------------------------------------------------------------- Sun Nov 22 16:37:46 UTC 2020 - Michael Gorse - Update to version 2.30.3 (boo#1179122 boo#1179451): + Add new build option USE(64KB_PAGE_BLOCK). + Fix backdrop filters with rounded borders. + Fix scrolling iframes when async scrolling is enabled. + Allow applications to handle drag and drop on the web view again. + Update Outlook user agent quirk. + Fix the build with video support disabled. + Fix several crashes and rendering issues. + Security fixes: CVE-2020-13584, CVE-2020-9983, CVE-2020-13543. - Drop webkit2gtk3-fdo-soname.patch: fixed upstream. - Rebase webkit-process.patch. ------------------------------------------------------------------- Fri Oct 23 09:35:30 UTC 2020 - Dominique Leuenberger - Update to version 2.30.2: + Fix scrolling when smooth scrolling is enabled in async scrolling mode. + Fix WebSocket requests with same-site cookies. + Fix TLS certificate information for service workers. + Handle chassis type when its value is quoted. + Fix the build with ENABLE_MEDIA_STREAM enabled and ENABLE_WEB_RTC_DISABLED. + Fix the build with ENABLE_GAMEPAD enabled. + Fix several crashes and rendering issues. ------------------------------------------------------------------- Wed Sep 30 19:03:18 UTC 2020 - Michael Gorse - Enable c_loop on aarch64: currently needed for compilation to succeed with JIT disabled. Also disable sampling profiler, since it conflicts with c_loop (boo#1177087). ------------------------------------------------------------------- Tue Sep 22 01:34:43 UTC 2020 - Michael Gorse - Update to version 2.30.1: + Bring back the environment variable to force single process mode when PSON is disabled. + Fix downloads started by an ephemeral web context. + Updated translations. ------------------------------------------------------------------- Mon Sep 14 23:28:52 UTC 2020 - Michael Gorse - Update to version 2.30.0: + Fix NTLM authentication. + Don't try to use SHM on wayland with older wpebackend-fdo. + Fix the build due to seccomp.h header not found. + Security fixes: CVE-2020-9947, CVE-2020-9948, CVE-2020-9951, CVE-2021-1817, CVE-2021-1820, CVE-2021-1825, CVE-2021-1826, CVE-2021-30661. - Drop seccomp-build-fix.patch and wpe-shm-check.patch: fixed upstream. ------------------------------------------------------------------- Mon Sep 7 22:24:27 UTC 2020 - Michael Gorse - Add wpe-shm-check.patch: make SHM initialization fail for wpebackend-fdo < 1.7.0. ------------------------------------------------------------------- Sun Sep 6 16:36:23 UTC 2020 - Michael Gorse - Add seccomp-build-fix.patch: pass seccomp include directory to g++. - Re-enable bubblewrap sandbox for SLE-15-SP2 and Tumbleweed. ------------------------------------------------------------------- Sat Sep 5 15:26:46 UTC 2020 - Dominique Leuenberger - Update to version 2.29.92: + Fix user agent header after a redirect when a new quirk is required. + Stop using firefox user agent quirk for google docs. + Fix rendering frames timeline panel in web inspector. + Fix per-thread cpu usage in web inspector. + Fix several crashes and rendering issues. - Changes from version 2.29.91: + Fix a web process crash introduced in 2.29.90. - Changes from version 2.29.90: + Fix font variation settings when font smoothing setting is also present. + Fix HTML drag and drop operations. + Fix argument order for clone syscall seccomp filter on s390x. + Fix a crash when selecting text. + Fix several crashes and rendering issues. - Changes from version 2.29.4: + Add support for backdrop filters. + Add support for text-underline-offset and text-decoration-thickness. + Add OpenCDM and AV1 support to media backend. + Add new API to get ITP data summary. + Use mobile user-agent on tablets. + Fix several crashes and rendering issues. - Changes from version 2.29.3: + Add webkit_authentication_request_get_security_origin. + Change the cookies accept policy to always when no-third-party is set and ITP is enabled. + Fix web process hangs on large GitHub pages. + Bubblewrap sandbox should not attempt to bind empty paths. + Add support for sndio to bubblewrap sandbox. + Also handle dark themes when the name ends with -Dark. + Fix a race condition causing a crash in media player. + Fix several crashes and rendering issues. - Changes from version 2.29.2: + Add Intelligent Tracking Prevention (ITP) support. + Add support for video formats in img elements. + Add API to handle video autoplay policy that now defaults to disallow autoplay videos with audio. + Add API to mute a web view. + Add API to allow applications to handle the HTTP authentication credential storage. + Add a WebKitSetting to set the media content types requiring hardware support. + Fix a crash during drag an drop due to a bug introduced in 2.29.1. + Do not start page load during animation in back/forward gesture. + Fix several crashes and rendering issues. - Changes from version 2.29.1: + Stop using GTK theming to render form controls. + Add API to disable GTK theming for scrollbars too. + Fix several race conditions and threading issues in the media player. + Add USER_AGENT_BRANDING build option. + Add paste as plain text option to the context menu for rich editable content. + Fix several crashes and rendering issues. + Updated translations. - Rebase webkit2gtk3-fdo-soname.patch. - Add pkgconfig(libsystemd) BuildRequires: new dependency. ------------------------------------------------------------------- Thu Aug 6 08:22:08 UTC 2020 - Jan Engelhardt - Add no-forced-sse.patch, cure execution of illegal instruction in i586 firefox. ------------------------------------------------------------------- Wed Jul 29 15:18:24 UTC 2020 - Michael Gorse - Update to version 2.28.4 (boo#1174662): + Fix several crashes and rendering issues. + Security fixes: CVE-2020-9862, CVE-2020-9893, CVE-2020-9894, CVE-2020-9895, CVE-2020-9915, CVE-2020-9925. ------------------------------------------------------------------- Fri Jul 10 12:08:05 UTC 2020 - Bjørn Lie - Update to version 2.28.3 (boo#1173998): + Enable kinetic scrolling with async scrolling. + Fix web process hangs on large GitHub pages. + Bubblewrap sandbox should not attempt to bind empty paths. + Fix threading issues in the media player. + Fix several crashes and rendering issues. + Security fixes: CVE-2020-9802, CVE-2020-9803, CVE-2020-9805, CVE-2020-9806, CVE-2020-9807, CVE-2020-9843, CVE-2020-9850, CVE-2020-13753, CVE-2020-9952. ------------------------------------------------------------------- Mon Apr 27 15:27:49 UTC 2020 - Bjørn Lie - Update to version 2.28.2 (boo#1170643): + Fix excessive CPU usage due to GdkFrameClock not being stopped. + Fix UI process crash when EGL_WL_bind_wayland_display extension is not available. + Fix position of select popup menus in X11. + Fix playing of Youtube 'live stream'/H264 URLs. + Fix a crash under X11 when cairo uses xcb. + Fix the build in MIPS64. + Fix several crashes and rendering issues. + Security fixes: CVE-2020-3899. ------------------------------------------------------------------- Wed Apr 15 05:39:04 UTC 2020 - Bjørn Lie - Update to version 2.28.1 (boo#1169658): + Fix position of default option element popup windows under Wayland. + Fix rendering after a cross site navigation with PSON enabled and hardware acceleration forced. + Fix a crash in nested wayland compositor when closing a tab with PSON enabled. + Update Chrome and Firefox versions in user agent quirks. + Fix a crash with bubblewrap sandbox enabled. + Fix a crash in JavaScriptCore in ppc64el. + Fix the build with GStreamer 1.12. + Fix several crashes and rendering issues. + Security fixes: CVE-2020-11793. - Drop webkit2gtk3-gstreamer-build-fix.patch: Fixed upstream. ------------------------------------------------------------------- Thu Apr 2 19:53:27 UTC 2020 - Michael Gorse - Add webkit2gtk3-gstreamer-build-fix.patch: fix build with gstreamer 1.12 (webkit#209296). - Rebase webkit-process.patch. - Use WebKit defaults for ENABLE_JIT and USE_SYSTEM_MALLOC, except for aarch64. WebKit now sets reasonable defaults based on architecture. Disable on aarch64 in case a user is still using the kernel-64kb package. - Use bubblewrap, xdg-dbus-proxy, wpe, and wpebackend-fdo on 15.2; they had been unintentionally excluded. - Increase mem_per_process; otherwise fails on SLE/Leap. ------------------------------------------------------------------- Thu Mar 12 12:10:03 UTC 2020 - Bjørn Lie - Update to version 2.28.0 (boo#1165528): + Add API to enable Process Swap on (Cross-site) Navigation. + Add user messages API for the communication with the web extension. + Add support for same-site cookies. + Service workers are enabled by default. + Add support for Pointer Lock API. + Add flatpak sandbox support. + Make ondemand hardware acceleration policy never leave accelerated compositing mode. + Always use a light theme for rendering form controls. + Add about:gpu to show information about the graphics stack. + Security fixes: CVE-2020-10018, CVE-2020-3885, CVE-2020-3894, CVE-2020-3895, CVE-2020-3897, CVE-2020-3900, CVE-2020-3901, CVE-2020-3902, CVE-2021-30762. - Drop webkit2gtk3-ppc-build-fix.patch: Fixed upstream. ------------------------------------------------------------------- Fri Feb 28 09:19:47 UTC 2020 - Bjørn Lie - Disable webkit-process.patch: Needs rebase, and furthermore it should not be applied for Leap 15.2 as it is today. ------------------------------------------------------------------- Thu Feb 27 19:14:05 UTC 2020 - Bjørn Lie - Update to version 2.27.91: + Update user agent quirks to fix the unsupported browser message in several google services. + Fix several compile warnings with GCC 10. + Fix the build with GCC 10. + Fix several crashes and rendering issues. + Updated translations. ------------------------------------------------------------------- Tue Feb 18 21:31:17 UTC 2020 - Michael Gorse - Add webkit2gtk3-ppc-build-fix.patch: fix ppc64le build failure on SLE 15. ------------------------------------------------------------------- Fri Feb 14 11:10:04 UTC 2020 - Bjørn Lie - Update to version 2.27.90: + Add support for same-site cookies. + Add flatpak sandbox support. + Enable WebAudio and WebGL by default in WebKitSettings. + Add a setting to disallow top level navigation to a data URI. + Add support for the -webkit-font-smoothing CSS property. + Always use a light theme for rendering form controls. + Stop making the Web Inspector windows transient. + Ensure mouse cursor is hidden during fullscreen video playback. + Add support for inspecting service workers to the remote inspector. + Fix several crashes and rendering issues. - Changes from version 2.27.4: + Add API for input methods. + Add API to serialize/deserialize a JSCValue to/from a JSON string. + Add support for strict secure cookies. + Add support for saving data from remote inspector. + Make ondemand hardware acceleration policy never leave accelerated compositing mode. + Fix rendering of conic gradients in high resolution displays. + Fix special combination characters not respecting the keystroke order when high CPU load. + Honor the IndexedDB directory set in WebsiteDataManager. + Fix rendering of text when there’s an initial advance in the text run. + Fix web process crash when displaying a KaTeX formula. + Fix network process crash with PSON enabled. + Fix several crashes and rendering issues. - Changes from version 2.27.3: + Add support for Pointer Lock API. + Improve performance when falling back to system fonts. + Stop using DBus for the remote inspector implementation to improve the performance of both WebDriver and remote inspector. + Implement support for new ARIA roles: code, strong, emphasis, generic. + Fix handling of content type with new custom protocols implementation. + Make image decoders fully thread safe. + Add support for get page source command in WebDriver. + Add support for network proxy capabilities in WebDriver. + Add support for new window command in WebDriver. + Fix several crashes and rendering issues. + Updated translations. - Changes from version 2.27.2: + Add user messages API for the communication with the web extension. + Enable service workers by default. + Add support for saving data in Web Inspector. + More navigation gesture improvement. + Fix the build with WebDriver disabled. + Show also client EGL extensions in about:gpu. + Disable accelerated compositing when we fail to initialize the EGL dispaly under Wayland. + Fix several crashes and rendering issues. - Changes from version 2.27.1: + Enable async scrolling when accelerating compositing policy is ‘always’. + Add about:gpu to show information about the graphics stack. + Add API to enable Process Swap on (Cross-site) Navigation, that is now disabled by default. + Add WebKitWebView:page-id property. + Improve swipe navigation gesture style. + Fix several crashes and rendering issues. - Rebase webkit2gtk3-fdo-soname.patch. ------------------------------------------------------------------- Fri Feb 14 11:10:03 UTC 2020 - Bjørn Lie - Update to version 2.26.4 (boo#1163809): + Always use a light theme for rendering form controls. + Fix the build with WPE renderer disabled. + Fix the build with OpenGL disabled. + Fix the build with GCC 10. + Fix several crashes and rendering issues. + Security fixes: CVE-2020-3862, CVE-2020-3864, CVE-2020-3865, CVE-2020-3867, CVE-2020-3868. ------------------------------------------------------------------- Sat Jan 25 14:21:01 UTC 2020 - Dominique Leuenberger - No longer recommend -lang: supplements are in use ------------------------------------------------------------------- Wed Jan 22 11:44:30 UTC 2020 - Bjørn Lie - Update to version 2.26.3 (boo#1161719): + Fix issues while trying to play a video on NextCloud. + Make sure the GL video sink uses a valid WebKit shared GL context. + Fix vertical alignment of text containing arabic diacritics. + Fix build with icu 65.1. + Fix page loading errors with websites using HSTS. + Fix web process crash when displaying a KaTeX formula. + Fix several crashes and rendering issues. + Security fixes: CVE-2019-8835, CVE-2019-8844, CVE-2019-8846. - Drop webkit2gtk3-icu-build-fix.patch: Fixed upstream. ------------------------------------------------------------------- Thu Dec 19 21:50:10 UTC 2019 - Bjørn Lie - Start using webkitgtk default gigacage malloc via passing USE_SYSTEM_MALLOC=OFF to cmake. ------------------------------------------------------------------- Thu Dec 19 15:36:37 UTC 2019 - Michael Gorse - Add webkit-process.patch: use single web process for evolution and geary on 15.0 (boo#1159329 glgo#GNOME/evolution#587). ------------------------------------------------------------------- Mon Nov 11 22:31:54 UTC 2019 - Michael Gorse - Add webkit2gtk3-icu-build-fix.patch: fix build with icu 65.1. ------------------------------------------------------------------- Thu Nov 7 16:38:56 UTC 2019 - Michael Gorse - Only use wpe and xdg-dbus-proxy/bubblewrap for TW and SLE-15-SP2 / leap 15.2. - Don't pass -DENABLE_BUBBLEWRAP_SANDBOX=ON; it is on by default. - Remove conditionals for EOL versions of openSUSE. - Always build with python3; remove the conditional. ------------------------------------------------------------------- Wed Nov 6 16:26:43 UTC 2019 - Bjørn Lie - Update to version 2.26.2 (boo#1156318): + Improve performance of querying system fallback fonts. + Don't use prgname in dbus-proxy socket path. + Fix thread-safety issues in image decoders. + Fix the build with WebDriver disabled. + Disable accelerated compositing when we fail to initialize the EGL dispaly under Wayland. + Fill the objects category in emoji picker. + Fix several crashes and rendering issues. + Security fixes: CVE-2019-8812, CVE-2019-8814. ------------------------------------------------------------------- Thu Sep 26 10:03:59 UTC 2019 - Bjørn Lie - Enable sandbox again (pass -DENABLE_BUBBLEWRAP_SANDBOX=ON to cmake). - Move bubblewrap and xdg-dbus-proxy Requires from main package to main library package libwebkit2gtk-4_0-37, they are needed at runtime, and there is no webkit2gtk3 package that we can install. ------------------------------------------------------------------- Mon Sep 23 15:24:34 UTC 2019 - Bjørn Lie - Update to version 2.26.1: + Fix MSE media player with GStreamer 1.14. + Fix HTML alternate loads never finishing. + Fix web view initialization delay on fisrt load. + Validate user agent string set via API. + Fix a crash when a web view is destroyed with accelerated compositing mode enabled. + Fix EGL initialization with newer versions of Mesa. + Do not enable the sandbox inside docker. + Fix several crashes and rendering issues. + Security fixes: CVE-2019-8783, CVE-2019-8811, CVE-2019-8813, CVE-2019-8816, CVE-2019-8819, CVE-2019-8820, CVE-2019-8823. ------------------------------------------------------------------- Thu Sep 19 16:44:45 UTC 2019 - Michael Gorse - Add webkit2gtk3-fdo-soname.patch: don't try to open WPE backend with an unversioned soname. ------------------------------------------------------------------- Tue Sep 17 14:42:14 UTC 2019 - Michael Gorse - Enable pkgconfig(wpe-1.0) and pkgconfig(wpebackend-fdo-1.0) BuildRequires and stop passing DUSE_WPE_RENDERER=OFF to cmake. ------------------------------------------------------------------- Thu Sep 12 21:09:23 UTC 2019 - Bjørn Lie - Test disable sandbox, does this fix epiphany? (pass -DENABLE_BUBBLEWRAP_SANDBOX=OFF to cmake). ------------------------------------------------------------------- Mon Sep 9 09:59:58 UTC 2019 - Bjørn Lie - Update to version 2.26.0 (boo#1155321): + Add support for subprocess sandboxing. + Add support for HSTS (HTTP Strict Transport Security). + Use libwpe with fdo backend to implement accelerated compositing under wayland. + Remove support for GTK2 NPAPI plugins. + Add support for datalist element in text input fields. + Show the emoji chooser popover for editable content. + Improve rendering of form controls when GTK theme is dark. + Fix rendering artifacts in youtube volume button and github comment box. + Single process model has been deprecated for security reasons. + Security fixes: CVE-2019-8625, CVE-2019-8720, CVE-2019-8769, CVE-2019-8771, CVE-2019-8710, CVE-2019-8743, CVE-2019-8764, CVE-2019-8766, CVE-2019-8782, CVE-2019-8808, CVE-2019-8815, CVE-2021-30666, CVE-2021-30761. ------------------------------------------------------------------- Tue Sep 3 12:11:49 UTC 2019 - Bjørn Lie - Update to version 2.25.92: + Add WEBKIT_USE_SINGLE_WEB_PROCESS environment variable to force single process model in all WebKitWebContext. This is a temporary solution for applications still depending on the single process mode behavior. It will be only available in 2.26 series. + Add new API to remove a filter from an user content manager given its identifier. + Add support for HSTS. + Several improvements and bug fixes in MSE media player. + Fix building without unified sources. + Fix several crashes and rendering issues. + Updated translations. ------------------------------------------------------------------- Fri Aug 30 11:25:04 UTC 2019 - Bjørn Lie - Disable pkgconfig(wpe-1.0) and pkgconfig(wpebackend-fdo-1.0) BuildRequires and pass DUSE_WPE_RENDERER=OFF to cmake. Needs more work upstream. ------------------------------------------------------------------- Fri Aug 30 02:25:04 UTC 2019 - Bjørn Lie - Update to version 2.25.4: + Switch to use libsoup WebSockets API. + Add support for permessage-deflate WebSocket extension. + Add support for datalist element in text input fields. + Fix a crash with empty video source. + Fix several crashes and rendering issues. ------------------------------------------------------------------- Fri Aug 30 02:25:03 UTC 2019 - Bjørn Lie - Update to version 2.25.3: + Remove support for GTK2 NPAPI plugins. + Fix web view updates after swapping web process if accelerated compositing mode is forced. + Make kinetic scrolling work again. + Fix position of emoji chooser when page is scrolled. + Fix web process deadlock when scrolling twitter timeline which contains HLS videos. + Make navigation gesture use dark fallback background color color on dark themes. + Make Previous/Next gesture work in RTL mode. + Support cancelling touchscreen back/forward gesture. + Add user agent quirk to make github work in FreeBSD. + Fix content disappearing when using CSS transforms. + Fix some radio streams that could not be played. + Fix video pause that sometimes caused to skip to finish. + Fix volume level changes when playing a video. + Fix several crashes and rendering issues. - Changes from version 2.25.2: + Enable process switch on cross site navigation. + Use libwpe with fdo backend to implement accelerated compositing under wayland. + Fix rendering artifacts in youtube volume button. + Fix trapezoid artifact in github comment box. + Ensure web extensions directory is readable when sandbox is enabled. + Fix the executable name of WebDriver process, renamed by mistake in 2.25.1. + Enable hyperlink auditing setting by default. + Remove the option to build without using the redirected XComposite window. + Fix HLS streams being slow to start. + Make accessibility work when sandbox is enabled. + Fix several crashes and rendering issues. - Changes from version 2.25.1: + Add support for subprocess sandboxing. + Add API to get the web process unique identifier of a WebKitFrame. + Add WebKitWebPage::did-associate-form-controls-for-frame signal and deprecate did-associate-form-controls. + Implement AtkComponentIface scroll_to methods. + Improve rendering of form controls when GTK theme is dark and enable prefers-color-scheme media query. + Show the emoji chooser popover for editable content. + Fix touch capabilities detection for websites checking touch events properties present in window or pointer media queries. + Fix several crashes and rendering issues. - Drop webkit2gtk3-bwo197558-hang.patch: Fixed upstream. - Add pkgconfig(wpe-1.0) and pkgconfig(wpebackend-fdo-1.0) BuildRequires: New dependencies. - Enable bubblewrap, xdg-dbus-proxy and pkgconfig(libseccomp) BuildRequires as well as bubblewrap and xdg-dbus-proxy Requires: Sandbox feature is enabled again. - Drop conditional pkgconfig(gtk+-2.0) BuildRequires and webkit2gtk3-plugin-process-gtk2 sub-package, support for gtk2 plugins are now dropped upstream. Add Obsoletes in libwebkit2gtk. ------------------------------------------------------------------- Wed Aug 28 12:40:21 UTC 2019 - Bjørn Lie - Update to version 2.24.4 (boo#1148931): + Updated the user agent string to make happy certain websites which would claim that the browser being used was unsupported. + Improve loading of multimedia streams to avoid memory exhaustion due to excessive caching. + Fix display of documents with MIME type application/xml in the Web Inspector, when loaded using XmlHttpRequest. + Fix a hang while scrolling certain websites which include HLS video content (Twitter, for example). + Fix rounding artifacts in volume levels for media playback. + Fix several crashes and rendering issues. + Fix the build with video track support disabled. + Fix the build with OpenGL support disabled. + Fix build issue which would cause media controls to disappear when Python 3.x was used during the build process. + Security fixes: CVE-2019-8644, CVE-2019-8649, CVE-2019-8658, CVE-2019-8669, CVE-2019-8678, CVE-2019-8680, CVE-2019-8683, CVE-2019-8684, CVE-2019-8688, CVE-2019-8674, CVE-2019-8707, CVE-2019-8719, CVE-2019-8733, CVE-2019-8763, CVE-2019-8765, CVE-2019-8821, CVE-2019-8822. - Drop webkit2gtk3-bwo197558-hang.patch: Fixed upstream. ------------------------------------------------------------------- Sun Jul 14 14:21:58 UTC 2019 - Rich Coe - Add webkit2gtk3-bwo197558-hang.patch for hang (bwo#197558) ------------------------------------------------------------------- Mon Jul 8 16:50:58 UTC 2019 - mgorse@suse.com - Drop webkit2gtk3-boo1088932-a11y-state-set.patch: fixed upstream. ------------------------------------------------------------------- Tue Jul 2 11:17:11 UTC 2019 - Bjørn Lie - Update to version 2.24.3: + Deprecate WebSQL APIs. + Make Previous/Next gesture work in RTL mode. + Fix content disappearing when using CSS transforms. + Fix rendering artifacts in youtube volume button. + Fix trapezoid artifact in github comment box. + Fix video pause that sometimes caused to skip to finish. + Fix volume level changes when playing a video. + Fix HLS streams being slow to start. + Fix some radio streams that could not be played. + Fix the build with older versions of GStreamer. + Fix the build with video and audio disabled. + Fix several crashes and rendering issues. + Security fixes: CVE-2019-8666, CVE-2019-8673, CVE-2019-8676, CVE-2019-8681, CVE-2019-8687, CVE-2019-8689, CVE-2019-8690, CVE-2019-8726. + Updated translations. - Drop upstream fixed patches: + webkit2gtk3-bug196440-build-fix.patch. + webkit2gtk3-bug198080-build-fix.patch. ------------------------------------------------------------------- Sat Jun 22 18:34:57 UTC 2019 - mgorse@suse.com - Add webkit2gtk3-bug196440-build-fix.patch and webkit2gtk3-bug198080-build-fix.patch: fix build failures on SLE/Leap 15 and SLE 12. ------------------------------------------------------------------- Fri May 24 08:00:33 UTC 2019 - Bjørn Lie - Update to version 2.24.2 (boo#1135715): + Fix rendering of emojis copy-pasted from GTK emoji chooser. + Fix space characters not being rendered with some CJK fonts. + Fix adaptive streaming playback with older GStreamer versions. + Set a maximum zoom level for pinch zooming gesture. + Fix navigation gesture to not interfere with scrolling. + Fix SSE2 detection at compile time, ensuring the right flags are passed to the compiler. + Fix several crashes and rendering issues. + Security fixes: CVE-2019-8595, CVE-2019-8607, CVE-2019-8615, CVE-2019-8671, CVE-2019-8672, CVE-2019-8677, CVE-2019-8679, CVE-2019-8686, CVE-2019-8735. + Updated translations. - Drop webkit2gtk3-fix-i586-build.patch: Fixed upstream. ------------------------------------------------------------------- Wed Apr 24 17:45:53 UTC 2019 - Martin Liška - Disable LTO (boo#1133291). ------------------------------------------------------------------- Mon Apr 15 11:06:10 UTC 2019 - Dominique Leuenberger - Add webkit2gtk3-fix-i586-build.patch: Fix build on i586. ------------------------------------------------------------------- Wed Apr 10 21:50:50 UTC 2019 - Bjørn Lie - Update to version 2.24.1 (boo#1132256): + Do not allow changes in active URI before provisional load starts for non-API requests. + Stop the threaded compositor when the page is not visible or layer tree state is frozen. + Use WebKit HTTP source element again for adaptive streaming fragments downloading. + Properly handle empty resources in webkit_web_resource_get_data(). + Add quirk to ensure outlook.live.com uses the modern UI. + Fix methods returing GObject or boxed types in JavaScriptCore GLib API. + Ensure callback data is passed to functions and constructors with no parameters in JavaScriptCore GLib API. + Fix rendering of complex text when the font uses x,y origins. + Fix sound loop with Google Hangouts and WhatsApp notifications. + Fix the build with GStreamer 1.12.5 and GST GL enabled. + Detect SSE2 at compile time. + Fix several crashes and rendering issues. + Security fixes: CVE-2019-6251, CVE-2019-11070. - Drop webkitgtk-gstreamer-gl-build-fix.patch: Fixed upstream. ------------------------------------------------------------------- Tue Mar 26 22:39:18 UTC 2019 - mgorse@suse.com - Add webkitgtk-gstreamer-gl-build-fix.patch: fix build on SLE/Leap 15 (webkit#196178). ------------------------------------------------------------------- Tue Mar 19 19:52:23 UTC 2019 - mgorse@suse.com - Disable openjpeg on SLE 12. Our version isn't new enough. ------------------------------------------------------------------- Wed Mar 13 13:40:11 UTC 2019 - Bjørn Lie - Update to version 2.24.0: + Added support fot content filtering. + Variation fonts support. + Fully emoji rendering support. + Added navigation and pinch zoom gestures for touchpads. + Support for JPEG2000 images. + Script dialogs are now modal to the current web view only. + New API to convert URI to format for display. + Security fixes: CVE-2019-8375 (boo#1126768), CVE-2019-8506, CVE-2019-8524, CVE-2019-8535, CVE-2019-8536, CVE-2019-8544, CVE-2019-8551, CVE-2019-8558, CVE-2019-8559, CVE-2019-8563, CVE-2019-8768. ------------------------------------------------------------------- Wed Mar 6 16:25:48 UTC 2019 - Bjørn Lie - Update to version 2.23.92: + Fix constructors returning a GObject in JSC GLib API. + Do not scan NPAPI plugins when plugins are disabled in settings. + Add WebKitUserContentFilterStore to the API docs. + Fix several crashes and rendering issues. + Updated translations. ------------------------------------------------------------------- Sun Mar 3 18:37:51 UTC 2019 - bjorn.lie@gmail.com - Update to version 2.23.91: + Add new API to handle user content filters. + Fix a UI process crash while filling selection data during drag and drop. + Fix deadlock on Linux/x64 between SamplingProfiler and VMTraps. + Fix several crashes and rendering issues. + Updated translations. ------------------------------------------------------------------- Sun Mar 3 16:05:51 UTC 2019 - bjorn.lie@gmail.com - Update to version 2.23.90: + Add a new setting to disable JavaScript elments from documents during parsing. + Add new API to expose JavaScriptCore options. + Add support for JPEG2000 images. + Add support for back/forward touchpad gesture. + Add support for pinch zoom on touchpad. + Use a scrolled window in alert dialogs to handle long contents. + Sleep disabler now inhibits idle when a "System" sleep disabler is requested. + Remove experimental sandboxing support, it's not yet ready for stable release. + Fix a web process deadlock when starting the remote inspector. + Fix a crash when browsing inspector:// URI without port set. + Fix several crashes and rendering issues. - Add openjpeg2 and openjpeg2-devel BuildRequires: New dependencies. - Drop webkit2gtk3-python3.patch: Not needed anymore. - Disable bubblewrap, xdg-dbus-proxy and pkgconfig(libseccomp) BuildRequires and bubblewrap, xdg-dbus-proxy Requires: Sandbox support was disabled by upstream again. - Stop passing -DENABLE_ACCELERATED_2D_CANVAS=ON to cmake, follow upstream default. ------------------------------------------------------------------- Sun Mar 3 16:05:50 UTC 2019 - bjorn.lie@gmail.com - Update to version 2.23.3: + Fix rendering of emoji sequences containing zero with joiner. + Fallback to a colored font when rendering emojis. + Fix rendering artifacts on Youtube while scrolling under X11. + Remove DConf permissions from sandbox. + Fix build from release tarball with gtkdoc enabled. + Fix several crashes and rendering issues. + Updated translations. ------------------------------------------------------------------- Sun Mar 3 16:05:49 UTC 2019 - bjorn.lie@gmail.com - Update to version 2.23.2: + Fix rendering artifacts in some websites with accelerated compositing enabled. + Add initial support for variation fonts. + Add new API to convert a URI to a format for display. + Make scrollbars follow gtk-primary-button-warps-slider setting. + Fix crashes when closing the WebDriver session. + Fix the build with OpenGL disabled. + Fix several crashes and rendering issues. - Changes from version 2.23.1: + Add initial support for subprocess sandboxing in Linux. + Add new permission request type for media device information. + Make scrollbars follow gtk-primary-button-warps-slider setting. + Script dialogs are now modal to the current web view only. + Fix several crashes and rendering issues. - Add bubblewrap, xdg-dbus-proxy and pkgconfig(libseccomp) BuildRequires: New dependencies for subprocess sandboxing. - Add bubblewrap and xdg-dbus-proxy Requires: They are needed at runtime. - Disable webkit2gtk3-python3.patch: Needs rebase or possibly outright dropping as fixed, as some parts of them are checked in upstream. ------------------------------------------------------------------- Sat Mar 2 16:34:27 UTC 2019 - Bjørn Lie - Update to version 2.22.7: + Fix rendering of glyphs in Hebrew (and possibly other languages) when Unicode NFC normalization is used. + Fix several crashes and race conditions. + Security fixes: CVE-2019-8518, CVE-2019-8523. ------------------------------------------------------------------- Wed Feb 13 17:16:52 UTC 2019 - mgorse@suse.com - Replace webkit2gtk3-boo1088932-a11y-state-set.patch with a patch proposed for webkit#188599. The original patch didn't always prevent crashes. ------------------------------------------------------------------- Sat Feb 9 15:44:38 UTC 2019 - bjorn.lie@gmail.com - Update to version 2.22.6 (boo#1124937): + Make kinetic scrolling slow down smoothly when reaching the ends of pages, instead of abruptly, to better match the GTK+ behaviour. + Fix Web inspector magnifier under Wayland. + Fix garbled rendering of some websites (e.g. YouTube) while scrolling under X11. + Fix several crashes, race conditions, and rendering issues. - CVE identifiers fixed: CVE-2019-6212, CVE-2019-6215, CVE-2019-6216, CVE-2019-6217, CVE-2019-6226, CVE-2019-6227, CVE-2019-6229, CVE-2019-6233, CVE-2019-6234, CVE-2019-6201, CVE-2019-7285, CVE-2019-7292, CVE-2019-8503, CVE-2019-8515. ------------------------------------------------------------------- Wed Dec 26 19:21:01 UTC 2018 - bjorn.lie@gmail.com - Pass DENABLE_ACCELERATED_2D_CANVAS=ON to cmake, build accelerated 2d canvas support, we already build the needed support in cairo. - Switch to Ninja build, add ninja BuildRequires and pass GNinja to cmake and use ninja_build and ninja_make macros. ------------------------------------------------------------------- Wed Dec 26 16:54:29 UTC 2018 - schwab@suse.de - Don't use gold on ppc. ------------------------------------------------------------------- Mon Dec 17 10:12:07 UTC 2018 - bjorn.lie@gmail.com - Update to version 2.22.5: + Improved the logic to determine for which architectures to enable the JIT compiler support and USE_SYSTEM_MALLOC at build time. + Fix the build with ENABLE_VIDEO=OFF and ENABLE_OPENGL=OFF. + Fix several crashes. + Security fixes: CVE-2018-4437 (boo#1119553), CVE-2018-4438 (boo#1119554), CVE-2018-4441 (boo#1119555), CVE-2018-4442 (boo#1119556), CVE-2018-4443 (boo#1119557), CVE-2018-4464 (boo#1119558). ------------------------------------------------------------------- Fri Dec 7 22:34:19 UTC 2018 - mgorse@suse.com - Disable media source extension on SLE/Leap 15 and earlier, since it requires gstreamer 1.14.0. ------------------------------------------------------------------- Wed Nov 28 10:47:03 UTC 2018 - schwab@suse.de - Reduce memory constraints for riscv64 ------------------------------------------------------------------- Thu Nov 22 12:02:43 UTC 2018 - bjorn.lie@gmail.com - Update to version 2.22.4 (boo#1116998): + Expose ENABLE_MEDIA_SOURCE as a public build option. + Fix a crash when using Cairo versions between 1.15 and 1.16.0 + Fix the build with -DLOG_DISABLED=0. + Fix the build with ENABLE_VIDEO=OFF and ENABLE_WEB_AUDIO=OFF. + Fix debug builds of JavaScriptCore. + Fix several crashes and rendering issues. + Security fixes: CVE-2018-4372. ------------------------------------------------------------------- Mon Nov 12 10:32:01 UTC 2018 - Guillaume GARDET - Update _constraints to latest values to avoid OOM erros ------------------------------------------------------------------- Mon Oct 29 11:04:26 UTC 2018 - bjorn.lie@gmail.com - Update to version 2.22.3: + Many improvements and fixes for video playback with media source extensions (MSE), which improve the user experience across the board, and in particular for playback of WebM videos. + Fix a memory leak during media playback when using playbin3. + Fix portions of Web views not being rendered after resizing. + Fix Resource Timing reporting for