Accepting request 1008339 from KDE:Qt:5.15

Update to 5.15.11 (forwarded request 1008306 from cgiboudeaux)

OBS-URL: https://build.opensuse.org/request/show/1008339
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libqt5-qtwebengine?expand=0&rev=85

_service

@@ -1,11 +1,11 @@
 <services>
   <service name="tar_scm" mode="disabled">
    <param name="changesgenerate">enable</param>
-   <param name="version">5.15.10</param>
+   <param name="version">5.15.11</param>
    <param name="url">git://code.qt.io/qt/qtwebengine.git</param>
    <param name="scm">git</param>
    <param name="filename">qtwebengine-everywhere-src</param>
-   <param name="revision">v5.15.10-lts</param>
+   <param name="revision">v5.15.11-lts</param>
   </service>
   <service name="tar_scm" mode="disabled">
    <param name="changesgenerate">disable</param>

_servicedata

@@ -1,4 +1,4 @@
 <servicedata>
 <service name="tar_scm">
                 <param name="url">git://code.qt.io/qt/qtwebengine.git</param>
-              <param name="changesrevision">c7e716ef1ffd63a8ab1f4dbf879230849eb3b505</param></service></servicedata>
+              <param name="changesrevision">3d23b379a7c0a87922f9f5d9600fde8c4e58f1fd</param></service></servicedata>

libqt5-qtwebengine.changes

@@ -1,3 +1,52 @@
+-------------------------------------------------------------------
+Wed Oct 05 17:28:40 UTC 2022 - christophe@krop.fr
+
+- Update to version 5.15.11:
+  * Work-around GNOME bug misidentifying HTML content
+  * Fix busy waiting on streaming QIODevice's
+  * Add workaround for un-minimizing QWebEngineView under Gnome
+  * Build the QtDesigner plugin in all configurations
+  * Bump version to 5.15.11
+  * Fix method check
+  * Do not use the native dialog to show the color picker on macOS
+  * FIXUP: Add workaround for unstable gn on macOS in ci
+  * Fix top level build with no widget
+  * Fix touch input for widget's delegate for html popup
+  * Keep page's zoom level on loading new urls
+  * Fix leak if loader error is seen first
+  * Add workaround for unstable gn on macOS in ci
+  * Pass archiver to gn build
+  * Fix read-after-free on EGL extensions
+  * Update Chromium:
+  * FIXUP: Fix url_utils for QtWebEngine
+  * FIXUP: Workaround MSVC2022 ICE in constexpr functions
+  * Fixup: CVE-2022-0796: Use after free in Media
+  * [Backport] CVE-2022-0796: Use after free in Media
+  * [Backport] CVE-2022-1855: Use after free in Messaging
+  * [Backport] CVE-2022-1857: Insufficient policy enforcement in
+    File System API
+  * [Backport] CVE-2022-2008: Out of bounds memory access in WebGL
+  * [Backport] CVE-2022-2010: Out of bounds read in compositing
+  * [Backport] CVE-2022-2158: Type Confusion in V8
+  * [Backport] CVE-2022-2160: Insufficient policy enforcement
+    in DevTools
+  * [Backport] CVE-2022-2162: Insufficient policy enforcement in
+    File System API
+  * [Backport] CVE-2022-2294: Heap buffer overflow in WebRTC
+  * [Backport] CVE-2022-2295: Type Confusion in V8
+  * [Backport] CVE-2022-2477 : Use after free in Guest View
+  * [Backport] CVE-2022-2610: Insufficient policy enforcement
+    in Background Fetch
+  * [Backport] CVE-2022-27404
+  * [Backport] CVE-2022-27405
+  * [Backport] CVE-2022-27406
+  * [Backport] Linux sandbox: ENOSYS for some statx syscalls
+  * [Backport] Security bug 1287804
+  * [Backport] Security bug 1316578
+  * [Backport] Security bug 1343889
+- Replace sandbox-statx-futex_time64.patch with upstream change:
+  * sandbox_futex_time64.patch
+
 -------------------------------------------------------------------
 Mon Sep 26 14:35:08 UTC 2022 - Christophe Giboudeaux <christophe@krop.fr>
 

libqt5-qtwebengine.spec

@@ -35,15 +35,15 @@
 %global _qtwebengine_dictionaries_dir %{_libqt5_datadir}/qtwebengine_dictionaries
 
 Name:           libqt5-qtwebengine
-Version:        5.15.10
+Version:        5.15.11
 Release:        0
 Summary:        Qt 5 WebEngine Library
 License:        LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only
 Group:          Development/Libraries/X11
 URL:            https://www.qt.io
 %define base_name libqt5
-%define real_version 5.15.10
-%define so_version 5.15.10
+%define real_version 5.15.11
+%define so_version 5.15.11
 %define tar_version qtwebengine-everywhere-src-%{version}
 Source:         %{tar_version}.tar.xz
 # Use a git snapshot for catapult to build with python3 (git rev: b7e9d5899)
@@ -53,15 +53,16 @@ Source99:       libqt5-qtwebengine-rpmlintrc
 Patch0:         armv6-ffmpeg-no-thumb.patch
 # PATCH-FIX-OPENSUSE disable-gpu-when-using-nouveau-boo-1005323.diff
 Patch1:         disable-gpu-when-using-nouveau-boo-1005323.diff
-Patch2:         sandbox-statx-futex_time64.patch
 # PATCH-FIX-OPENSUSE
-Patch3:         rtc-dont-use-h264.patch
+Patch2:         rtc-dont-use-h264.patch
 # PATCH-FIX-UPSTREAM
-Patch4:         0001-skia-Some-includes-to-fix-build-with-GCC-12.patch
+Patch3:         0001-skia-Some-includes-to-fix-build-with-GCC-12.patch
 # PATCH-FIX-UPSTREAM -- build with pipewire 0.3
-Patch5:         qtwebengine-pipewire-0.3.patch
+Patch4:         qtwebengine-pipewire-0.3.patch
 # PATCH-FIX-OPENSUSE -- build with python 3
-Patch6:        qtwebengine-python3.patch
+Patch5:         qtwebengine-python3.patch
+# PATCH-FIX-UPSTREAM -- handle futex_time64
+Patch6:         sandbox_futex_time64.patch
 ### Patch 50-99 are applied conditionally
 # PATCH-FIX-OPENSUSE -- allow building qtwebengine with ffmpeg5
 Patch50:        qtwebengine-ffmpeg5.patch
@@ -304,6 +305,7 @@ Examples for the libqt5-qtpdf module.
 %patch4 -p1
 %patch5 -p1
 %patch6 -p1
+
 # Replace the whole catapult folder rather than picking individual changes
 pushd src/3rdparty/chromium/third_party
 rm -r catapult

qtwebengine-everywhere-src-5.15.10.tar.xz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:51e4e3b1b51f33297897b3c8ebf0ee12a3f8c46805891460bb1a3d9990ba74cc
-size 319349412

qtwebengine-everywhere-src-5.15.11.tar.xz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:d54a8eaf41ea3a47183b6a291c12b910abdd5c819880dddedd969b803ebf7ed0
+size 319327024

sandbox-statx-futex_time64.patch

@@ -1,39 +0,0 @@
-From: Fabian Vogt <fabian@ritter-vogt.de>
-Subject: Sandbox: Handle statx and futex_time64
-
-glibc uses statx in some more places now (e.g stat64 -> __fstatat64_time64),
-but it's caught by the sandbox, which doesn't handle it and breaks.
-Return -ENOSYS instead to trigger the fallback in glibc.
-
-futex_time64 is also used internally in glibc, so handle that as well.
-The signature is identical where it matters.
-
-diff --git a/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc b/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
-index 6f7768f7d..b3335e2bf 100644
---- a/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
-+++ b/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
-@@ -203,6 +203,11 @@ ResultExpr EvaluateSyscallImpl(int fs_denied_errno,
-   if (sysno == __NR_futex)
-     return RestrictFutex();
- 
-+#if defined(__NR_futex_time64)
-+  if (sysno == __NR_futex_time64)
-+    return RestrictFutex();
-+#endif
-+
-   if (sysno == __NR_set_robust_list)
-     return Error(EPERM);
- 
-@@ -283,6 +288,12 @@ ResultExpr EvaluateSyscallImpl(int fs_denied_errno,
-     return RewriteFstatatSIGSYS(fs_denied_errno);
-   }
- 
-+#if defined(__NR_statx)
-+  if (sysno == __NR_statx) {
-+    return Error(ENOSYS);
-+  }
-+#endif
-+
-   if (SyscallSets::IsFileSystem(sysno) ||
-       SyscallSets::IsCurrentDirectory(sysno)) {
-     return Error(fs_denied_errno);

sandbox_futex_time64.patch

@@ -0,0 +1,53 @@
+From 6abdfb1d7638c787081d16bb90022cde7a86309f Mon Sep 17 00:00:00 2001
+From: Matthew Denton <mpdenton@chromium.org>
+Date: Tue, 16 Mar 2021 06:38:05 +0000
+Subject: [PATCH] Linux sandbox: support futex_time64 on 32-bit platforms
+
+This updates futex-related syscall sets to include futex_time64, which
+is a version of the futex syscall which uses 64 bit time on 32-bit
+systems, to prepare for the Y2038 problem.
+
+Change-Id: Ie933d9fec221233bf837f00c08eb7daee204081d
+Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2753571
+Commit-Queue: Matthew Denton <mpdenton@chromium.org>
+Reviewed-by: Robert Sesek <rsesek@chromium.org>
+Cr-Commit-Position: refs/heads/master@{#863166}
+---
+ sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc | 7 ++++++-
+ sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc    | 3 +++
+ 2 files changed, 9 insertions(+), 1 deletion(-)
+
+
+diff --git a/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc b/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
+index 5e650d93c4b..b37f082dd69 100644
+--- a/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
++++ b/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
+@@ -198,8 +198,13 @@ ResultExpr EvaluateSyscallImpl(int fs_denied_errno,
+   }
+ #endif
+ 
+-  if (sysno == __NR_futex)
++  if (sysno == __NR_futex
++#if defined(__NR_futex_time64)
++      || sysno == __NR_futex_time64
++#endif
++  ) {
+     return RestrictFutex();
++  }
+ 
+   if (sysno == __NR_set_robust_list)
+     return Error(EPERM);
+diff --git a/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc b/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc
+index d1ea8e99a1c..3a8a924cc0a 100644
+--- a/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc
++++ b/src/3rdparty/chromium/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc
+@@ -427,6 +427,9 @@ bool SyscallSets::IsAllowedFutex(int sysno) {
+     case __NR_get_robust_list:
+     case __NR_set_robust_list:
+     case __NR_futex:
++#if defined(__NR_futex_time64)
++    case __NR_futex_time64:
++#endif
+     default:
+       return false;
+   }