Accepting request 917830 from home:cgiboudeaux:qtwebengine-lts

Qt WebEngine 5.15.6 OBS-URL: https://build.opensuse.org/request/show/917830 OBS-URL: https://build.opensuse.org/package/show/KDE:Qt:5.15/libqt5-qtwebengine?expand=0&rev=32
2021-09-10 06:42:46 +00:00 · 2021-09-10 06:42:46 +00:00 · 39d334cf82
commit 39d334cf82
parent df60f6c0f9
9 changed files with 132 additions and 44 deletions
--- a/0001-Fix-build-with-glibc-2.34.patch
+++ b/0001-Fix-build-with-glibc-2.34.patch
@ -8,8 +8,23 @@ Subject: [PATCH] Fix build with glibc 2.34
 .../breakpad/src/client/linux/handler/exception_handler.cc     | 2 +-
 2 files changed, 3 insertions(+), 2 deletions(-)

+diff --git a/src/3rdparty/chromium/sandbox/linux/services/credentials.cc b/src/3rdparty/chromium/sandbox/linux/services/credentials.cc
+index d7b5d8c4413..a62cb21bd7a 100644
+--- a/src/3rdparty/chromium/sandbox/linux/services/credentials.cc
+++ b/src/3rdparty/chromium/sandbox/linux/services/credentials.cc
+@@ -98,7 +98,9 @@ bool ChrootToSafeEmptyDir() {
+   // attempt this optimization.
+   clone_flags |= CLONE_VM | CLONE_VFORK | CLONE_SETTLS;
+ 
+-  char tls_buf[PTHREAD_STACK_MIN] = {0};
+  const std::size_t pthread_stack_min = PTHREAD_STACK_MIN;
+  char tls_buf[pthread_stack_min];
+  memset(tls_buf, 0, pthread_stack_min);
+   tls = tls_buf;
+ #endif
+ 
 diff --git a/src/3rdparty/chromium/third_party/abseil-cpp/absl/debugging/failure_signal_handler.cc b/src/3rdparty/chromium/third_party/abseil-cpp/absl/debugging/failure_signal_handler.cc
-index 5d13bdbbb..2ed137b58 100644
+index 5d13bdbbbd1..2ed137b58f1 100644
 --- a/src/3rdparty/chromium/third_party/abseil-cpp/absl/debugging/failure_signal_handler.cc
 +++ b/src/3rdparty/chromium/third_party/abseil-cpp/absl/debugging/failure_signal_handler.cc
@@ -135,7 +135,8 @@ static bool SetupAlternateStackOnce() {
@ -23,7 +38,7 @@ index 5d13bdbbb..2ed137b58 100644
     defined(ABSL_HAVE_MEMORY_SANITIZER) || defined(ABSL_HAVE_THREAD_SANITIZER)
   // Account for sanitizer instrumentation requiring additional stack space.
 diff --git a/src/3rdparty/chromium/third_party/breakpad/breakpad/src/client/linux/handler/exception_handler.cc b/src/3rdparty/chromium/third_party/breakpad/breakpad/src/client/linux/handler/exception_handler.cc
-index ca353c409..2e43ba6fc 100644
+index ca353c40997..2e43ba6fc04 100644
 --- a/src/3rdparty/chromium/third_party/breakpad/breakpad/src/client/linux/handler/exception_handler.cc
 +++ b/src/3rdparty/chromium/third_party/breakpad/breakpad/src/client/linux/handler/exception_handler.cc
@@ -138,7 +138,7 @@ void InstallAlternateStackLocked() {
@ -35,6 +50,5 @@ index ca353c409..2e43ba6fc 100644
 
   // Only set an alternative stack if there isn't already one, or if the current
   // one is too small.
-- 
+--
 2.32.0
-
--- a/0001-return-ENOSYS-for-clone3.patch
+++ b/0001-return-ENOSYS-for-clone3.patch
@ -0,0 +1,42 @@
+From 218438259dd795456f0a48f67cbe5b4e520db88b Mon Sep 17 00:00:00 2001
+From: Matthew Denton <mpdenton@chromium.org>
+Date: Thu, 3 Jun 2021 20:06:13 +0000
+Subject: [PATCH] Linux sandbox: return ENOSYS for clone3
+
+Because clone3 uses a pointer argument rather than a flags argument, we
+cannot examine the contents with seccomp, which is essential to
+preventing sandboxed processes from starting other processes. So, we
+won't be able to support clone3 in Chromium. This CL modifies the
+BPF policy to return ENOSYS for clone3 so glibc always uses the fallback
+to clone.
+
+Bug: 1213452
+Change-Id: I7c7c585a319e0264eac5b1ebee1a45be2d782303
+Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2936184
+Reviewed-by: Robert Sesek <rsesek@chromium.org>
+Commit-Queue: Matthew Denton <mpdenton@chromium.org>
+Cr-Commit-Position: refs/heads/master@{#888980}
+---
+ .../sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc  | 8 ++++++++
+
+diff --git a/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc b/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
+index 3c67b124786..81cb25e139e 100644
+--- a/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
+++ b/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
+@@ -165,6 +165,14 @@ ResultExpr EvaluateSyscallImpl(int fs_denied_errno,
+     return RestrictCloneToThreadsAndEPERMFork();
+   }
+
+  // clone3 takes a pointer argument which we cannot examine, so return ENOSYS
+  // to force the libc to use clone. See https://crbug.com/1213452.
+ #if defined(__NR_clone3)
+  if (sysno == __NR_clone3) {
+        return Error(ENOSYS);
+  }
+ #endif
+
+   if (sysno == __NR_fcntl)
+     return RestrictFcntlCommands();
+
+--
+2.32.0
--- a/4
+++ b/4
@ -1,11 +1,11 @@
 <services>
  <service name="tar_scm" mode="disabled">
   <param name="changesgenerate">enable</param>
-   <param name="version">5.15.5</param>
+   <param name="version">5.15.6</param>
   <param name="url">git://code.qt.io/qt/qtwebengine.git</param>
   <param name="scm">git</param>
   <param name="filename">qtwebengine-everywhere-src</param>
-   <param name="revision">v5.15.5-lts</param>
+   <param name="revision">v5.15.6-lts</param>
  </service>
  <service name="recompress" mode="disabled">
   <param name="file">*.tar</param>
--- a/2
+++ b/2
@ -1,4 +1,4 @@
 <servicedata>
 <service name="tar_scm">
                <param name="url">git://code.qt.io/qt/qtwebengine.git</param>
-              <param name="changesrevision">9711f64c5082040cb76f6da5ef4a16037dbda08f</param></service></servicedata>
+              <param name="changesrevision">2acbba86362ac3a1c2d8c20390dc263875f8f09c</param></service></servicedata>
--- a/libqt5-qtwebengine.changes
+++ b/libqt5-qtwebengine.changes
@ -1,3 +1,57 @@
+-------------------------------------------------------------------
+Thu Sep 09 07:19:58 UTC 2021 - christophe@krop.fr
+
+- Update to version 5.15.6:
+  * Update Chromium:
+    + [Backport] CVE-2021-30560: Use after free in Blink XSLT
+    + [Backport] CVE-2021-30566: Stack buffer overflow in Printing
+    + [Backport] CVE-2021-30585: Use after free in sensor handling
+    + Bump V8_PATCH_LEVEL
+    + [Backport] Security bug 1228036
+    + [Backport] CVE-2021-30604: Use after free in ANGLE
+    + [Backport] CVE-2021-30603: Race in WebAudio
+    + [Backport] CVE-2021-30602: Use after free in WebRTC
+    + [Backport] CVE-2021-30599: Type Confusion in V8
+    + [Backport] CVE-2021-30598: Type Confusion in V8
+    + [Backport] Security bug 1227933
+    + [Backport] Security bug 1205059
+    + [Backport] Security bug 1184294
+    + [Backport] Security bug 1198385
+    + [Backport] CVE-2021-30588: Type Confusion in V8
+    + [Backport] CVE-2021-30587: Inappropriate implementation in Compositing on Windows
+    + [Backport] CVE-2021-30573: Use after free in GPU
+    + [Backport] CVE-2021-30569, security bugs 1198216 and 1204814
+    + [Backport] CVE-2021-30568: Heap buffer overflow in WebGL
+    + [Backport] CVE-2021-30541: Use after free in V8
+    + [Backport] Security bugs 1197786 and 1194330
+    + [Backport] Security bug 1194689
+    + [Backport] CVE-2021-30563: Type Confusion in V8
+    + [Backport] Security bug 1211215
+    + [Backport] Security bug 1209558
+    + [Backport] CVE-2021-30553: Use after free in Network service
+    + [Backport] CVE-2021-30548: Use after free in Loader
+    + [Backport] CVE-2021-30547: Out of bounds write in ANGLE
+    + [Backport] CVE-2021-30556: Use after free in WebAudio
+    + [Backport] CVE-2021-30559: Out of bounds write in ANGLE
+    + [Backport] CVE-2021-30533: Insufficient policy enforcement in PopupBlocker
+    + [Backport] Security bug 1202534
+    + [Backport] CVE-2021-30536: Out of bounds read in V8
+    + [Backport] CVE-2021-30522: Use after free in WebAudio
+    + [Backport] CVE-2021-30554 Use after free in WebGL
+    + [Backport] CVE-2021-30551: Type Confusion in V8
+    + [Backport] CVE-2021-30544: Use after free in BFCache
+    + [Backport] CVE-2021-30535: Double free in ICU
+    + [Backport] CVE-2021-30534: Insufficient policy enforcement in iFrameSandbox
+    + [Backport] CVE-2021-30530: Out of bounds memory access in WebAudio
+    + [Backport] CVE-2021-30523: Use after free in WebRTC
+    + Generate mojo bindings before compiling extension API registration
+  * Bump version from 5.15.5 to 5.15.6
+  * Always send phased wheel events beginning with Began
+- Import patch from the chromium package:
+  * 0001-return-ENOSYS-for-clone3.patch
+- Add changes from the chromium package to
+  0001-Fix-build-with-glibc-2.34.patch
+
 -------------------------------------------------------------------
 Wed Aug  4 15:23:24 UTC 2021 - Christophe Giboudeaux <christophe@krop.fr>

--- a/libqt5-qtwebengine.spec
+++ b/libqt5-qtwebengine.spec
@ -29,19 +29,17 @@
 %global _qtwebengine_dictionaries_dir %{_libqt5_datadir}/qtwebengine_dictionaries

 Name:           libqt5-qtwebengine
-Version:        5.15.5
+Version:        5.15.6
 Release:        0
 Summary:        Qt 5 WebEngine Library
 License:        LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only
 Group:          Development/Libraries/X11
 URL:            https://www.qt.io
 %define base_name libqt5
-%define real_version 5.15.5
-%define so_version 5.15.5
+%define real_version 5.15.6
+%define so_version 5.15.6
 %define tar_version qtwebengine-everywhere-src-%{version}
 Source:         %{tar_version}.tar.xz
-# Generated from a local build
-Source1:        sync.profile
 # PATCH-FIX-UPSTREAM armv6-ffmpeg-no-thumb.patch - Fix ffmpeg configuration for armv6
 Patch0:         armv6-ffmpeg-no-thumb.patch
 # PATCH-FIX-OPENSUSE disable-gpu-when-using-nouveau-boo-1005323.diff
@ -54,7 +52,9 @@ Patch4:         rtc-dont-use-h264.patch
 Patch5:         chromium-glibc-2.33.patch
 # PATCH-FIX-UPSTREAM
 Patch6:         0001-Fix-build-with-glibc-2.34.patch
-# http://www.chromium.org/blink not ported to PowerPC
+# PATCH-FIX-UPSTREAM
+Patch7:         0001-return-ENOSYS-for-clone3.patch
+# http://www.chromium.org/blink is not ported to PowerPC & s390
 ExcludeArch:    ppc ppc64 ppc64le s390 s390x
 # Try to fix i586 MemoryErrors with rpmlint
 #!BuildIgnore: rpmlint
@ -68,7 +68,7 @@ BuildRequires:  git-core
 BuildRequires:  krb5
 BuildRequires:  krb5-devel
 BuildRequires:  libQt5QuickControls2-devel
-# For building pdf exmples...
+# For building pdf examples...
 BuildRequires:  libqt5-qtsvg-devel
 BuildRequires:  libcap-devel
 BuildRequires:  libgcrypt-devel
@ -82,7 +82,7 @@ BuildRequires:  libqt5-qtwebchannel-private-headers-devel >= 5.12
 BuildRequires:  libqt5-qtxmlpatterns-private-headers-devel >= 5.12
 BuildRequires:  memory-constraints
 BuildRequires:  ninja
-# nodejs-default doesn't exist on Leap 15.2 and nodejs/nodejs-common is confused on TW/i586
+# nodejs-default doesn't exist on Leap 15.2
 %if 0%{?suse_version} == 1500 && 0%{?sle_version} == 150200
 BuildRequires:  nodejs-common
 %else
@ -278,9 +278,11 @@ Recommends:     libqt5-qtpdf-devel
 Examples for the libqt5-qtpdf module.

 %prep
-%setup -q -n %{tar_version}
+%autosetup -p1 -n %{tar_version}
 sed -i 's|$(STRIP)|strip|g' src/core/core_module.pro
-%autopatch -p1
+
+#force the configure script to generate the forwarding headers (it checks whether .git directory exists)
+mkdir .git

 # QTBUG-61128
 sed -i -e '/toolprefix = /d' -e 's/\${toolprefix}//g' \
@ -318,12 +320,6 @@ export RPM_OPT_FLAGS="${RPM_OPT_FLAGS} -Wno-return-type"
        -webengine-proprietary-codecs \
 %endif

-# For an unknown reason, syncqt isn't executed when building the package on the build service
-cp %{SOURCE1} .
-for i in QtWebEngine QtWebEngineCore QtWebEngineWidgets QtPdf QtPdfWidgets ; do
-  perl -w %{_libqt5_bindir}/syncqt.pl -module $i -version %{version} -outdir $PWD -builddir $PWD $PWD
-done
-
 # Determine the right number of parallel processes based on the available memory
 %limit_build -m 2750

@ -344,9 +340,6 @@ sed -i '/^Libs.private/d' %{buildroot}%{_libdir}/pkgconfig/Qt*Web*.pc
 # kill .la files
 rm -f %{buildroot}%{_libqt5_libdir}/*.la

-# webenginecore expects icudatl.dat at this location
-# ln -sf %{_datadir}/icu/*/icudt*l.dat %{buildroot}%{_datadir}/qt5/icudtl.dat
-
 # Workaround to allow using QtWE with older Qt versions
 %global qtcore_version %(printf %{pkg_version libQt5Core5} | cut -d + -f 1)
 # NOTE the space after '%%{version}' is important to only match '5.15.X ${_Qt5XXX_FIND_VERSION_EXACT}'
--- a/qtwebengine-everywhere-src-5.15.5.tar.xz
+++ b/qtwebengine-everywhere-src-5.15.5.tar.xz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:b67e42862d312827173984fbc736aa92a6b1facb3c8024d5dab979c0ad10644b
-size 319589504
--- a/qtwebengine-everywhere-src-5.15.6.tar.xz
+++ b/qtwebengine-everywhere-src-5.15.6.tar.xz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:0acc53400520e0c60c32065b914ed53660788051e826b49de45137833002bb75
+size 319566384
--- a/sync.profile
+++ b/sync.profile
@ -1,15 +0,0 @@
-%modules = ( # path to module name map
-    "QtWebEngine" => "$basedir/src/webengine",
-    "QtWebEngineWidgets" => "$basedir/src/webenginewidgets",
-    "QtWebEngineCore" => "$basedir/src/core",
-    "QtPdf" => "$basedir/src/pdf",
-    "QtPdfWidgets" => "$basedir/src/pdfwidgets",
-);
-%moduleheaders = ( # restrict the module headers to those found in relative path
-    "QtWebEngine" => "api",
-    "QtWebEngineWidgets" => "api",
-    "QtWebEngineCore" => "api",
-    "QtPdf" => "api"
-);
-%classnames = (
-);