From 1139623c96a396091583e0dede23b660a164e6f483bf68f77c59865cdcbf7fba Mon Sep 17 00:00:00 2001 From: Christophe Giboudeaux <christophe@krop.fr> Date: Thu, 6 Oct 2022 06:18:47 +0000 Subject: [PATCH] Accepting request 1008306 from home:cgiboudeaux:qtwebengine-lts Update to 5.15.11 OBS-URL: https://build.opensuse.org/request/show/1008306 OBS-URL: https://build.opensuse.org/package/show/KDE:Qt:5.15/libqt5-qtwebengine?expand=0&rev=46 --- _service | 4 +- _servicedata | 2 +- libqt5-qtwebengine.changes | 49 +++++++++++++++++++++ libqt5-qtwebengine.spec | 18 ++++---- qtwebengine-everywhere-src-5.15.10.tar.xz | 3 -- qtwebengine-everywhere-src-5.15.11.tar.xz | 3 ++ sandbox-statx-futex_time64.patch | 39 ----------------- sandbox_futex_time64.patch | 53 +++++++++++++++++++++++ 8 files changed, 118 insertions(+), 53 deletions(-) delete mode 100644 qtwebengine-everywhere-src-5.15.10.tar.xz create mode 100644 qtwebengine-everywhere-src-5.15.11.tar.xz delete mode 100644 sandbox-statx-futex_time64.patch create mode 100644 sandbox_futex_time64.patch diff --git a/_service b/_service index 828a66b..ff3a674 100644 --- a/_service +++ b/_service @@ -1,11 +1,11 @@ <services> <service name="tar_scm" mode="disabled"> <param name="changesgenerate">enable</param> - <param name="version">5.15.10</param> + <param name="version">5.15.11</param> <param name="url">git://code.qt.io/qt/qtwebengine.git</param> <param name="scm">git</param> <param name="filename">qtwebengine-everywhere-src</param> - <param name="revision">v5.15.10-lts</param> + <param name="revision">v5.15.11-lts</param> </service> <service name="tar_scm" mode="disabled"> <param name="changesgenerate">disable</param> diff --git a/_servicedata b/_servicedata index f6cf123..59bd0f1 100644 --- a/_servicedata +++ b/_servicedata @@ -1,4 +1,4 @@ <servicedata> <service name="tar_scm"> <param name="url">git://code.qt.io/qt/qtwebengine.git</param> - <param name="changesrevision">c7e716ef1ffd63a8ab1f4dbf879230849eb3b505</param></service></servicedata> \ No newline at end of file + <param name="changesrevision">3d23b379a7c0a87922f9f5d9600fde8c4e58f1fd</param></service></servicedata> \ No newline at end of file diff --git a/libqt5-qtwebengine.changes b/libqt5-qtwebengine.changes index 8367077..45a0b24 100644 --- a/libqt5-qtwebengine.changes +++ b/libqt5-qtwebengine.changes @@ -1,3 +1,52 @@ +------------------------------------------------------------------- +Wed Oct 05 17:28:40 UTC 2022 - christophe@krop.fr + +- Update to version 5.15.11: + * Work-around GNOME bug misidentifying HTML content + * Fix busy waiting on streaming QIODevice's + * Add workaround for un-minimizing QWebEngineView under Gnome + * Build the QtDesigner plugin in all configurations + * Bump version to 5.15.11 + * Fix method check + * Do not use the native dialog to show the color picker on macOS + * FIXUP: Add workaround for unstable gn on macOS in ci + * Fix top level build with no widget + * Fix touch input for widget's delegate for html popup + * Keep page's zoom level on loading new urls + * Fix leak if loader error is seen first + * Add workaround for unstable gn on macOS in ci + * Pass archiver to gn build + * Fix read-after-free on EGL extensions + * Update Chromium: + * FIXUP: Fix url_utils for QtWebEngine + * FIXUP: Workaround MSVC2022 ICE in constexpr functions + * Fixup: CVE-2022-0796: Use after free in Media + * [Backport] CVE-2022-0796: Use after free in Media + * [Backport] CVE-2022-1855: Use after free in Messaging + * [Backport] CVE-2022-1857: Insufficient policy enforcement in + File System API + * [Backport] CVE-2022-2008: Out of bounds memory access in WebGL + * [Backport] CVE-2022-2010: Out of bounds read in compositing + * [Backport] CVE-2022-2158: Type Confusion in V8 + * [Backport] CVE-2022-2160: Insufficient policy enforcement + in DevTools + * [Backport] CVE-2022-2162: Insufficient policy enforcement in + File System API + * [Backport] CVE-2022-2294: Heap buffer overflow in WebRTC + * [Backport] CVE-2022-2295: Type Confusion in V8 + * [Backport] CVE-2022-2477 : Use after free in Guest View + * [Backport] CVE-2022-2610: Insufficient policy enforcement + in Background Fetch + * [Backport] CVE-2022-27404 + * [Backport] CVE-2022-27405 + * [Backport] CVE-2022-27406 + * [Backport] Linux sandbox: ENOSYS for some statx syscalls + * [Backport] Security bug 1287804 + * [Backport] Security bug 1316578 + * [Backport] Security bug 1343889 +- Replace sandbox-statx-futex_time64.patch with upstream change: + * sandbox_futex_time64.patch + ------------------------------------------------------------------- Mon Sep 26 14:35:08 UTC 2022 - Christophe Giboudeaux <christophe@krop.fr> diff --git a/libqt5-qtwebengine.spec b/libqt5-qtwebengine.spec index d4bee87..eafd3ee 100644 --- a/libqt5-qtwebengine.spec +++ b/libqt5-qtwebengine.spec @@ -35,15 +35,15 @@ %global _qtwebengine_dictionaries_dir %{_libqt5_datadir}/qtwebengine_dictionaries Name: libqt5-qtwebengine -Version: 5.15.10 +Version: 5.15.11 Release: 0 Summary: Qt 5 WebEngine Library License: LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only Group: Development/Libraries/X11 URL: https://www.qt.io %define base_name libqt5 -%define real_version 5.15.10 -%define so_version 5.15.10 +%define real_version 5.15.11 +%define so_version 5.15.11 %define tar_version qtwebengine-everywhere-src-%{version} Source: %{tar_version}.tar.xz # Use a git snapshot for catapult to build with python3 (git rev: b7e9d5899) @@ -53,15 +53,16 @@ Source99: libqt5-qtwebengine-rpmlintrc Patch0: armv6-ffmpeg-no-thumb.patch # PATCH-FIX-OPENSUSE disable-gpu-when-using-nouveau-boo-1005323.diff Patch1: disable-gpu-when-using-nouveau-boo-1005323.diff -Patch2: sandbox-statx-futex_time64.patch # PATCH-FIX-OPENSUSE -Patch3: rtc-dont-use-h264.patch +Patch2: rtc-dont-use-h264.patch # PATCH-FIX-UPSTREAM -Patch4: 0001-skia-Some-includes-to-fix-build-with-GCC-12.patch +Patch3: 0001-skia-Some-includes-to-fix-build-with-GCC-12.patch # PATCH-FIX-UPSTREAM -- build with pipewire 0.3 -Patch5: qtwebengine-pipewire-0.3.patch +Patch4: qtwebengine-pipewire-0.3.patch # PATCH-FIX-OPENSUSE -- build with python 3 -Patch6: qtwebengine-python3.patch +Patch5: qtwebengine-python3.patch +# PATCH-FIX-UPSTREAM -- handle futex_time64 +Patch6: sandbox_futex_time64.patch ### Patch 50-99 are applied conditionally # PATCH-FIX-OPENSUSE -- allow building qtwebengine with ffmpeg5 Patch50: qtwebengine-ffmpeg5.patch @@ -304,6 +305,7 @@ Examples for the libqt5-qtpdf module. %patch4 -p1 %patch5 -p1 %patch6 -p1 + # Replace the whole catapult folder rather than picking individual changes pushd src/3rdparty/chromium/third_party rm -r catapult diff --git a/qtwebengine-everywhere-src-5.15.10.tar.xz b/qtwebengine-everywhere-src-5.15.10.tar.xz deleted file mode 100644 index 71e9d4e..0000000 --- a/qtwebengine-everywhere-src-5.15.10.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:51e4e3b1b51f33297897b3c8ebf0ee12a3f8c46805891460bb1a3d9990ba74cc -size 319349412 diff --git a/qtwebengine-everywhere-src-5.15.11.tar.xz b/qtwebengine-everywhere-src-5.15.11.tar.xz new file mode 100644 index 0000000..204bd9e --- /dev/null +++ b/qtwebengine-everywhere-src-5.15.11.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:d54a8eaf41ea3a47183b6a291c12b910abdd5c819880dddedd969b803ebf7ed0 +size 319327024 diff --git a/sandbox-statx-futex_time64.patch b/sandbox-statx-futex_time64.patch deleted file mode 100644 index 006c684..0000000 --- a/sandbox-statx-futex_time64.patch +++ /dev/null @@ -1,39 +0,0 @@ -From: Fabian Vogt <fabian@ritter-vogt.de> -Subject: Sandbox: Handle statx and futex_time64 - -glibc uses statx in some more places now (e.g stat64 -> __fstatat64_time64), -but it's caught by the sandbox, which doesn't handle it and breaks. -Return -ENOSYS instead to trigger the fallback in glibc. - -futex_time64 is also used internally in glibc, so handle that as well. -The signature is identical where it matters. - -diff --git a/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc b/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc -index 6f7768f7d..b3335e2bf 100644 ---- a/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc -+++ b/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc -@@ -203,6 +203,11 @@ ResultExpr EvaluateSyscallImpl(int fs_denied_errno, - if (sysno == __NR_futex) - return RestrictFutex(); - -+#if defined(__NR_futex_time64) -+ if (sysno == __NR_futex_time64) -+ return RestrictFutex(); -+#endif -+ - if (sysno == __NR_set_robust_list) - return Error(EPERM); - -@@ -283,6 +288,12 @@ ResultExpr EvaluateSyscallImpl(int fs_denied_errno, - return RewriteFstatatSIGSYS(fs_denied_errno); - } - -+#if defined(__NR_statx) -+ if (sysno == __NR_statx) { -+ return Error(ENOSYS); -+ } -+#endif -+ - if (SyscallSets::IsFileSystem(sysno) || - SyscallSets::IsCurrentDirectory(sysno)) { - return Error(fs_denied_errno); diff --git a/sandbox_futex_time64.patch b/sandbox_futex_time64.patch new file mode 100644 index 0000000..5858f1c --- /dev/null +++ b/sandbox_futex_time64.patch @@ -0,0 +1,53 @@ +From 6abdfb1d7638c787081d16bb90022cde7a86309f Mon Sep 17 00:00:00 2001 +From: Matthew Denton <mpdenton@chromium.org> +Date: Tue, 16 Mar 2021 06:38:05 +0000 +Subject: [PATCH] Linux sandbox: support futex_time64 on 32-bit platforms + +This updates futex-related syscall sets to include futex_time64, which +is a version of the futex syscall which uses 64 bit time on 32-bit +systems, to prepare for the Y2038 problem. + +Change-Id: Ie933d9fec221233bf837f00c08eb7daee204081d +Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2753571 +Commit-Queue: Matthew Denton <mpdenton@chromium.org> +Reviewed-by: Robert Sesek <rsesek@chromium.org> +Cr-Commit-Position: refs/heads/master@{#863166} +--- + sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc | 7 ++++++- + sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc | 3 +++ + 2 files changed, 9 insertions(+), 1 deletion(-) + + +diff --git a/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc b/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc +index 5e650d93c4b..b37f082dd69 100644 +--- a/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc ++++ b/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc +@@ -198,8 +198,13 @@ ResultExpr EvaluateSyscallImpl(int fs_denied_errno, + } + #endif + +- if (sysno == __NR_futex) ++ if (sysno == __NR_futex ++#if defined(__NR_futex_time64) ++ || sysno == __NR_futex_time64 ++#endif ++ ) { + return RestrictFutex(); ++ } + + if (sysno == __NR_set_robust_list) + return Error(EPERM); +diff --git a/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc b/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc +index d1ea8e99a1c..3a8a924cc0a 100644 +--- a/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc ++++ b/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc +@@ -427,6 +427,9 @@ bool SyscallSets::IsAllowedFutex(int sysno) { + case __NR_get_robust_list: + case __NR_set_robust_list: + case __NR_futex: ++#if defined(__NR_futex_time64) ++ case __NR_futex_time64: ++#endif + default: + return false; + }