commit libqt5-qtwebengine for openSUSE:Factory
Hello community, here is the log from the commit of package libqt5-qtwebengine for openSUSE:Factory checked in at 2018-03-24 16:13:06 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libqt5-qtwebengine (Old) and /work/SRC/openSUSE:Factory/.libqt5-qtwebengine.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "libqt5-qtwebengine" Sat Mar 24 16:13:06 2018 rev:31 rq:590634 version:5.10.1 Changes: -------- --- /work/SRC/openSUSE:Factory/libqt5-qtwebengine/libqt5-qtwebengine.changes 2018-02-06 16:41:22.365915627 +0100 +++ /work/SRC/openSUSE:Factory/.libqt5-qtwebengine.new/libqt5-qtwebengine.changes 2018-03-24 16:13:07.780364956 +0100 @@ -1,0 +2,26 @@ +Fri Mar 23 08:14:18 UTC 2018 - wbauer@tmo.at + +- Also adjust the minimum versions of the private-headers-devel + subpackage's requirements + +------------------------------------------------------------------- +Thu Mar 22 22:40:32 UTC 2018 - kamikazow@opensuse.org + +- Apply a fix to make QtWE-using applications actually compile against it + +------------------------------------------------------------------- +Sun Mar 18 22:57:09 UTC 2018 - kamikazow@opensuse.org + +- Forward-port security backports from 5.9.5 LTS (up to Chromium 65.0.3325.146) + * qtwebengine-everywhere-src-5.10.1-security-5.9.5.patch from Fedora + * qtwebengine-everywhere-src-5.10.1-CVE-2018-6033.patch from Fedora + +------------------------------------------------------------------- +Wed Feb 14 15:47:56 CET 2018 - fabian@ritter-vogt.de + +- Update to 5.10.1 + * New bugfix release + * For more details please see: + * http://code.qt.io/cgit/qt/qtwebengine.git/plain/dist/changes-5.10.1/?h=v5.10... + +------------------------------------------------------------------- Old: ---- qtwebengine-everywhere-src-5.10.0.tar.xz New: ---- qtwebengine-everywhere-src-5.10.1-CVE-2018-6033.patch qtwebengine-everywhere-src-5.10.1-security-5.9.5.patch qtwebengine-everywhere-src-5.10.1.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libqt5-qtwebengine.spec ++++++ --- /var/tmp/diff_new_pack.5ZwVeq/_old 2018-03-24 16:13:35.295373093 +0100 +++ /var/tmp/diff_new_pack.5ZwVeq/_new 2018-03-24 16:13:35.295373093 +0100 @@ -50,22 +50,27 @@ %endif Name: libqt5-qtwebengine -Version: 5.10.0 +Version: 5.10.1 Release: 0 Summary: Qt 5 WebEngine Library License: LGPL-2.1-with-Qt-Company-Qt-exception-1.1 or LGPL-3.0-with-Qt-Company-Qt-exception-1.1 Group: Development/Libraries/X11 Url: https://www.qt.io %define base_name libqt5 -%define real_version 5.10.0 -%define so_version 5.10.0 -%define tar_version qtwebengine-everywhere-src-5.10.0 +%define real_version 5.10.1 +%define so_version 5.10.1 +%define tar_version qtwebengine-everywhere-src-5.10.1 Source: https://download.qt.io/official_releases/qt/5.10/%{real_version}/submodules/%{tar_version}.tar.xz Source1: baselibs.conf # PATCH-FIX-UPSTREAM armv6-ffmpeg-no-thumb.patch - Fix ffmpeg configuration for armv6 Patch1: armv6-ffmpeg-no-thumb.patch # PATCH-FIX-UPSTREAM disable-gpu-when-using-nouveau-boo-1005323.diff Patch2: disable-gpu-when-using-nouveau-boo-1005323.diff +# PATCH-FIX-UPSTREAM qtwebengine-everywhere-src-5.10.1-security-5.9.5.patch +# - forward-port security backports from 5.9.5 LTS (up to Chromium 65.0.3325.146) +# see the patch metadata for the list of fixed CVEs and Chromium bug IDs +Patch3: qtwebengine-everywhere-src-5.10.1-security-5.9.5.patch +Patch4: qtwebengine-everywhere-src-5.10.1-CVE-2018-6033.patch # PATCH-FIX-UPSTREAM harmony-fix.diff -- Show the patent-free LCD rendering. Without this patch, only grayscale rendering is used. (for freetype-2.8.1) boo#1061344 Patch5: harmony-fix.diff # http://www.chromium.org/blink not ported to PowerPC @@ -87,12 +92,12 @@ BuildRequires: libicu-devel BuildRequires: libjpeg-devel BuildRequires: libpng-devel -BuildRequires: libqt5-qtbase-private-headers-devel >= %{version} -BuildRequires: libqt5-qtdeclarative-private-headers-devel >= %{version} -BuildRequires: libqt5-qttools-private-headers-devel >= %{version} -BuildRequires: libqt5-qtlocation-private-headers-devel >= %{version} -BuildRequires: libqt5-qtwebchannel-private-headers-devel >= %{version} -BuildRequires: libqt5-qtxmlpatterns-private-headers-devel >= %{version} +BuildRequires: libqt5-qtbase-private-headers-devel >= 5.9 +BuildRequires: libqt5-qtdeclarative-private-headers-devel >= 5.9 +BuildRequires: libqt5-qttools-private-headers-devel >= 5.9 +BuildRequires: libqt5-qtlocation-private-headers-devel >= 5.9 +BuildRequires: libqt5-qtwebchannel-private-headers-devel >= 5.9 +BuildRequires: libqt5-qtxmlpatterns-private-headers-devel >= 5.9 BuildRequires: libQt5QuickControls2-devel BuildRequires: pam-devel BuildRequires: pciutils-devel @@ -103,6 +108,7 @@ BuildRequires: python-xml BuildRequires: re2c BuildRequires: re2-devel +BuildRequires: sed BuildRequires: snappy-devel BuildRequires: sqlite3-devel BuildRequires: update-desktop-files @@ -219,8 +225,8 @@ Group: Development/Libraries/C and C++ BuildArch: noarch Requires: %{name}-devel = %{version} -Requires: libqt5-qtbase-private-headers-devel >= %{version} -Requires: libqt5-qtdeclarative-private-headers-devel >= %{version} +%requires_ge libqt5-qtbase-private-headers-devel +%requires_ge libqt5-qtdeclarative-private-headers-devel %description private-headers-devel This package provides private headers of libqt5-qtwebengine that are normally @@ -242,6 +248,8 @@ sed -i 's|$(STRIP)|strip|g' src/core/core_module.pro %patch1 -p1 %patch2 -p1 +%patch3 -p1 +%patch4 -p1 %patch5 -p1 # QTBUG-61128 sed -i -e '/toolprefix = /d' -e 's/\${toolprefix}//g' \ @@ -310,6 +318,15 @@ # webenginecore expects icudatl.dat at this location # ln -sf %{_datadir}/icu/*/icudt*l.dat %{buildroot}%{_datadir}/qt5/icudtl.dat +# ---------- Workarounds for older Qt versions --------- +## adjust cmake dep(s) to allow for using the same Qt5 that was used to build it +sed -i -r '/ EXACT\)/d' \ + %{buildroot}%{_libqt5_libdir}/cmake/Qt5WebEngine*/Qt5WebEngine*Config.cmake + +sed -i '/find_package/!b;n;s/'%{version}/$(rpm -q --qf %%{version} libQt5Core5)/ \ + %{buildroot}%{_libqt5_libdir}/cmake/Qt5WebEngine*/Qt5WebEngine*Config.cmake +# ------------------------------------------------------ + %post -p /sbin/ldconfig %postun -p /sbin/ldconfig ++++++ qtwebengine-everywhere-src-5.10.1-CVE-2018-6033.patch ++++++
From 1fd21185614dcae0c7a6e5647ba56cff0120f563 Mon Sep 17 00:00:00 2001 Message-Id: <1fd21185614dcae0c7a6e5647ba56cff0120f563.1521386919.git.kevin.kofler@chello.at> From: Michal Klocek <michal.klocek@qt.io> Date: Wed, 7 Mar 2018 18:36:25 +0100 Subject: [PATCH] Implement IsMostRecentDownloadItemAtFilePath call
Implement IsMostRecentDownloadItemAtFilePath for download_manager_delegate_qt. This is required for CVE-2018-6033. Change-Id: I9f48dfa159d684f0fda894e68b81ff622aceaae2 Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io> --- src/core/download_manager_delegate_qt.cpp | 20 ++++++++++++++++++++ src/core/download_manager_delegate_qt.h | 2 ++ 2 files changed, 22 insertions(+) diff --git a/src/core/download_manager_delegate_qt.cpp b/src/core/download_manager_delegate_qt.cpp index 40df9b3a..487a831e 100644 --- a/src/core/download_manager_delegate_qt.cpp +++ b/src/core/download_manager_delegate_qt.cpp @@ -293,6 +293,26 @@ void DownloadManagerDelegateQt::ChooseSavePath(content::WebContents *web_content m_weakPtrFactory.GetWeakPtr())); } +bool DownloadManagerDelegateQt::IsMostRecentDownloadItemAtFilePath(content::DownloadItem *download) +{ + content::BrowserContext *context = download->GetBrowserContext(); + std::vector<content::DownloadItem*> all_downloads; + + content::DownloadManager* manager = + content::BrowserContext::GetDownloadManager(context); + if (manager) + manager->GetAllDownloads(&all_downloads); + + for (const auto* item : all_downloads) { + if (item->GetGuid() == download->GetGuid() || + item->GetTargetFilePath() != download->GetTargetFilePath()) + continue; + if (item->GetState() == content::DownloadItem::IN_PROGRESS) + return false; + } + return true; +} + void DownloadManagerDelegateQt::savePackageDownloadCreated(content::DownloadItem *item) { OnDownloadUpdated(item); diff --git a/src/core/download_manager_delegate_qt.h b/src/core/download_manager_delegate_qt.h index df43211e..7563d5d3 100644 --- a/src/core/download_manager_delegate_qt.h +++ b/src/core/download_manager_delegate_qt.h @@ -81,6 +81,8 @@ public: const base::FilePath::StringType &default_extension, bool can_save_as_complete, const content::SavePackagePathPickedCallback &callback) override; + bool IsMostRecentDownloadItemAtFilePath(content::DownloadItem* download) override; + void cancelDownload(quint32 downloadId); void pauseDownload(quint32 downloadId); -- 2.14.3 ++++++ qtwebengine-everywhere-src-5.10.1-security-5.9.5.patch ++++++ ++++ 1245 lines (skipped) ++++++ qtwebengine-everywhere-src-5.10.0.tar.xz -> qtwebengine-everywhere-src-5.10.1.tar.xz ++++++ /work/SRC/openSUSE:Factory/libqt5-qtwebengine/qtwebengine-everywhere-src-5.10.0.tar.xz /work/SRC/openSUSE:Factory/.libqt5-qtwebengine.new/qtwebengine-everywhere-src-5.10.1.tar.xz differ: char 26, line 1
participants (1)
-
root@hilbert.suse.de