Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&version=15.0&buil... https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Distribution&qu... When you reply to discuss some issues, make sure to change the subject. Please use the test plan at https://docs.google.com/spreadsheets/d/1AGKijKpKiJCB616-bHVoNQuhWHpQLHPWCb3m... to record your testing efforts and use bugzilla to report bugs. Packages changed: adobe-sourceserifpro-fonts (1.014 -> 2.000) fprintd (0.7.0 -> 0.8.0) kdeconnect-kde (1.2.1 -> 1.3.0) libsoup (2.60.3 -> 2.62.0) listres (1.0.3 -> 1.0.4) webkit2gtk3 (2.18.6 -> 2.20.0) === Details === ==== adobe-sourceserifpro-fonts ==== Version update (1.014 -> 2.000) - Update to 2.000 * Changes 1.017: + Add ExtraLight, Light and Black weights. + Semibold and Bold were made heavier. + Lcommaaccent and lcommaaccent were added (missing in first release). * Changes 2.000: + Increase character set to Adobe Latin 4. + Add Greek (AG-1) & Cyrillic (AC-2) writing systems. + Add Small Caps for all of the above. + Add superiors for Latin capitals. - Update url to github.com ==== fprintd ==== Version update (0.7.0 -> 0.8.0) Subpackages: fprintd-lang fprintd-pam - Update to version 0.8.0 * Lockdown the daemon to minimise potential security issues * Don't wake up readers when there's no enrolled fingerprints ==== kdeconnect-kde ==== Version update (1.2.1 -> 1.3.0) Subpackages: kdeconnect-kde-lang - Update to 1.3.0 * Fixed frequent crash when receiving notifications * Fixed MPRIS player entries never being deleted * Added a Gnome Files (Nautilus) extension to send files from the context menu * Added handling of "tel:" links with KDE Connect * Support sending album art in MPRIS plugin * Allow sharing more than one file from the CI (eg: --share *.mp3) - Remove patches, now upstream: * 0001-Fix-null-dereference.patch - Modified wording in Description to match that KDE Connect runs under any Linux desktop (see upstream README.md file) ==== libsoup ==== Version update (2.60.3 -> 2.62.0) Subpackages: libsoup-2_4-1 libsoup-lang typelib-1_0-Soup-2_4 - Unconditionally enable translation-update-upstream: on Tumbleweed, this results in a NOP and for Leap in SLE paid translations being used (boo#1086036). - Update to version 2.62.0: + Updated translations. - Update to version 2.61.91: + Add limit to header length to avoid DOS attacks (bgo#792173). + Update the public-suffix list. + Revert "cookie-jar: use base domain to decide if cookie is third party" (bgo#792130). - Modernize spec-file by calling spec-cleaner - Update to version 2.61.90: + Various improvements to the WebSocket implementation (bgo#792113). + cookie-jar: use base domain to decide if cookie is third party (bgo#792130). + Add new API to create a new connection from a SoupSession (bgo#792212). + soup-headers: accept any 3 digit number as message status code (bgo#792124). - Remove unneeded %clean section: RPM does this kind of work itself already. - Adopt the use of %make_build macro rather than raw make command, following the best practices. - Update to version 2.61.2: + Session: don't request Keep-Alive for upgraded connections (bgo#788723). - Update to version 2.61.1: + tld-parser: use Python 3 (bgo#785735). + Fix heap-buffer-overflow in soup_ntlm_parse_challenge() (bgo#788037). + Fix possibly uninitialized value in ssl-test. + SoupCache: fix the timestamp for responses (bgo#791031). - Drop libsoup-tld-parser-py3.patch: fixed upstream. - Update to version 2.60.3: + heap-buffer-overflow in soup_ntlm_parse_challenge() (bgo#788037). + session: don't request Keep-Alive for upgraded connections (bgo#788723). + soup-headers: accept any 3 digit number as message status code (bgo#792124). - Use python3 during build: + Add libsoup-tld-parser-py3.patch: Use python3 for tld-parser. + Add python3-base BuildRequires. - Update to version 2.60.2: + Fix documentation typos (bgo#788920). + format-zero-length warning triggered in soup-logger.c (bgo#789096). + Warnings while generating inrospection files (bgo#789099). + Updated translations. - Add conditional use for translation-update-upstream: suse-only requirement. - Update Url to https://wiki.gnome.org/Projects/libsoup: current libsoup's project web page. - Run spec-cleaner -p to get respectives pkgconfig(*): gio-2.0, gobject-2.0, gobject-introspection-1.0, gtk-doc and libxml-2.0. - Update to version 2.60.1: + Fallback to another authentication type if the current failed (bgo#788238). + Fix unbalanced G_GNUC_BEGIN_IGNORE_DEPRECATIONS use in soup-session.c (bgo#787166). + SoupCache: fix setting default value for cache dir (bgo#788452). + Updated translations. - Update Url to https://wiki.gnome.org/LibSoup: current LibSoup's web page. - Update to version 2.60.0: + Updated translations. - Update to version 2.59.90.1: + Fixed a chunked decoding buffer overrun that could be exploited against either clients or servers (bgo#785774, CVE-2017-2885). - Changes from version 2.59.90: + Several SoupAuthNegotiate compatibility fixes (bgo#783780, bgo#783781). + Include a payload in SoupWebsocketConnection's "ping" messages (to avoid problems with certain buggy server implementations), and emit a signal when receiving a "pong" (to allow apps to notice when the remote peer has disconnected them) (bgo#785660). + Fix the interpretation of wss:// URIs, which previously mostly didn't work (bgo#784766). + Fixed SoupContentSniffer behavior on XML files with no Content-Type (webkit#173923). + Fixed a bug with cancelling async requests (bgo#773257). + Reverted the (undocumented) change in 2.58.0 to call soup_session_abort() after changing SoupSession:proxy-resolver; while this made its behavior more consistent with :proxy-uri, it ended up breaking things (bgo#781590). + Allow HTTP responses that have no trailing CRLF after the response headers (and no body) (bgo#780352). + Fixed an out-of-bounds read in SoupURI parsing (bgo#785042). + Fixed a spurious (debug-level) error message in SoupWebsocketConnection (bgo#784935). + Fixed introspection annotations on soup_message_headers_get_content_range(). + Fixed a flake in tests/header-parsing (bgo#777258). + Update tests/test-cert.pem to use stronger algorithms to avoid problems with newer gnutls (bgo#784949). + Fixed examples/get to not accidentally break https certificate validation (bgo#784259). + Misc updates to apache/php stuff in unit tests. - Update to version 2.58.2 (CVE-2017-2885, boo#1052916): + Fixed a chunked decoding buffer overrun that could be exploited against either clients or servers (bgo#785774, CVE-2017-2885). - Replace krb5-devel BuildRequires with pkgconfig(krb5): This does not exactly reproduce what configure is looking for (it ignores the .pc file) but it helps OBS in chosing between krb5 and krb5-mini, shortening build cycles. - Update to version 2.58.1: + Reverts a change to SoupSession to close all open connections when the :proxy-resolver property is changed (bgo#777326). This change was made in 2.58.0 but accidentally left out of the NEWS for that release; although that behavior made :proxy-resolver more consistent with :proxy-uri, it ended up breaking Evolution EWS (bgo#781590). + Fixed undefined behavior in tests/header-parsing that could make the test spuriously fail (bgo#777258). + Updates to the configure tests for Apache for use in tests/: - Dropped support for Apache 2.2. - Changed PHP support from PHP 5 to PHP 7. - mod_unixd can now be either built-in or dynamically loaded (bgo#776478). + Updated translations. - Update to version 2.58.0: + Fix authentication issues when the SOUP_MESSAGE_DO_NOT_USE_AUTH_CACHE flag is used (bgo#778497, bgo#777936). + MSVC build improvements. + Updated translations. - Update to version 2.57.1: + Added SoupWebsocketConnection:keepalive-interval, to make a connection send regular pings (bgo#773253). + Added soup_auth_manager_clear_cached_credentials() and SOUP_MESSAGE_DO_NOT_USE_AUTH_CACHE, to allow greater control over the use of cached HTTP auth credentials (bgo#774031, bgo#774033). + Fixed the use of SoupSession:proxy-uri values containing passwords (bgo#772932). + Various minor WebSocket fixes: - Avoid sending data after we start closing the connection (bgo#774957). - Do not log a critical if the peer sends an invalid close status code. - Log a debug message when a "pong" is received. + Fix introspection of soup_message_headers_get_content_range(). + Replaced Vala [Deprecated] annotations with [Version] to avoid build warnings (bgo#773177). + MSVC build improvements. + Updated error/message strings to use Unicode punctuation (bgo#772217). + Updated translations. - Update to version 2.56.0: + Added SoupWebsocketConnection:max-incoming-payload-size property, to override the default maximum incoming payload size (bgo#770022). + Added soup-version.h symbols (in particular soup_check_version()) to introspection (bgo#771439). + Updated the copy of the public suffix list used by SoupTLD (bgo#769650). + Updated translations. - Update to version 2.55.90: + Removed support for SSLv3 fallback; sites that reject TLS 1.x handshakes will now just fail with an error (Firefox and Chrome have both already switched to this behavior) (bgo#765940). + Fixed the parsing of <double>s in the new GVariant-based XMLRPC code (bgo#767707). + Fixed soup_server_set_ssl_cert_file(), which was added in 2.48 but didn't actually work. + Added GObject properties to SoupLogger to make it bindings-friendly (bgo#768053). + Fixed build error on FreeBSD (bgo#765376). + Fixed build with certain new versions of glibc that define "EOF" as a macro (bgo#768731). + Updated m4/ax_code_coverage.m4 with support for lcov 1.12. + Updated po files for future gettext versions. + Updated translations. - Drop libsoup-Prefix-signal-ID.patch: fixed upstream. - Add libsoup-Prefix-signal-ID.patch: Buildfix commit from upstream git. - Update to version 2.54.1: + Fixed an ABI break in 2.54.0 caused by adding a member to SoupAuthClass; 2.54.1 is ABI-compatible with 2.53.92 and earlier, but NOT with the anomalous 2.54.0. If you built packages against 2.54.0, you will need to rebuild them against 2.54.1. + Fixed NTLM authentication when ntlm_auth from the latest version of Samba is present (bgo#765106). + Updates to MSVC build, including for GSS-API support. + Updated translations. - Drop libsoup-auth-ntlm-fix.patch: Fixed upstream. - Add libsoup-auth-ntlm-fix.patch: Fix NTLM auth failure with latest samba (bgo#765106, boo#976110). - Update to version 2.54.0.1: + Fix a build problem with the 2.54.0 tarball, which would not build if you configured with "--without-gnome". - Update to version 2.54.0: + Fixed examples/simple-httpd on Windows (bgo758759). - Update to version 2.53.92: + libsoup now supports HTTP "Negotiate"/GSSAPI/Kerberos authentication. It must be enabled specifically by the application and is also subject to certain other restrictions, some of which are not yet controllable through the API (bgo#587145). + Added support for building under MSVC (bgo#758759). + Fixed a problem with the 2.53.90 tarball that caused translations to be mis-installed. + Updated translations. - Remove intltoolize call: the tarball has been corrected. - Add krb5-devel BuildRequires: new dependency for krb5 support. - Pass --with-krb5-config=%{_libexecdir}/mit/bin/krb5-config and - -with-gssapi to configure in order to enable krb5 support. - Update to version 2.53.90: + NUL bytes in headers are now ignored (bgo#760832). + Fixed transfer annotation of soup_form_decode* functions (bgo#743966). + Updated translations. - Call intltoolize before configure in order to fix up the tarball to work with recent versions of intltool. - Update to version 2.53.2: + Fixed up symbol visibility handling for mingw by copying GLib's system (bgo#757146). + Finally marked the old SoupSessionAsync and SoupSessionSync methods as deprecated (bgo#757146). + Added libsoup-2.4.deps for valac. + Make it possible to build from git without gtk-doc being installed. + Updated translations. - Update to version 2.53.1: + Really fixed build under MinGW for sure this time. + Fixed SoupServer Web Sockets code so that the SoupClientContext passed to a SoupServerWebsocketCallback is fully usable (rather than crashing when you try to do most things). - Update to version 2.52.2: + Fixed build under MinGW. + Fix SoupServerWebsocketCallback handling so that the SoupClientContext passed to it is still valid. + Added a .deps file to define dependencies for valac. - Update to version 2.52.1: + Fixed build under MinGW. + Fixed build with --disable-introspection (bgo#755389). + Fixed HTTP authentication protection space handling for files directly under the root directory (bgo#755617). + Fixed a warning when loading data from SoupCache while using an authenticated proxy (bgo#756076). + Updated translations. - Update to version 2.52.0: + Removed duplicate test paths from tests/date so it will pass with glib 2.46.0. - Update to version 2.51.92: + Added g_autoptr() support for all libsoup types (bgo#754721). + Added a missing (allow-none) annotation to soup_uri_normalize() (bgo#754776). + Updated translations. - Update to version 2.51.90: + Added a new GVariant-based XMLRPC API, and deprecated the old GValue-based API (along with the associated GValue-manipulating utilities) (bgo#746495). + Multiple build fixes for Visual Studio (bgo#752952). + Added VAPI generation (bgo#750679). + Fixed the mode bits on soup-cookie.c, which was previously marked executable for some reason (rh#1247285). + Updated translations. - Add pkgconfig(vapigen) BuildRequires: New dependency. - Update to version 2.51.3: + Fixed "make check" in non-English locales (rh#1224989, bgo#749397). + Fixed some compiler warnings (bgo#748514). + Updated translations. - Update to version 2.50.0: + Updated translations. - Update to version 2.49.92: + Fixed an NTLM problem that caused spurious "Authentication Failed" errors in evolution-ews (bgo#735197). + Updated translations. - Update to version 2.49.91.1: + websockets: minor optimization. + websockets: fix 32-bit build. + docs: fix build. + tests: fix when building without glib-networking available. - Update to version 2.49.91: + Libsoup now has support for WebSockets in both SoupSession and SoupServer (bgo#627738). + Added support for NTLMv2 Session Security to SoupAuthNTLM. (This is transparent to the app/user; if the server supports it, it will be used) (bgo#739192). + Added soup_server_accept_iostream() to allow feeding a non-GSocketConnection GIOStream to SoupServer (eg, when accepting HTTP requests on some other sort of connection) (bgo#744186). + Added soup_session_steal_connection() and soup_client_context_steal_connection(), to allow you to steal a GIOStream from a SoupSession or SoupServer and then use it for non-HTTP purposes (bgo#721343). + Added soup_server_add_early_handler(), for adding SoupServer handlers to run at :got-headers time rather than :got-body (eg, to set up a streaming read of the request body) (bgo#625645). + Added a new SOUP_MESSAGE_IGNORE_CONNECTION_LIMITS flag, which can be used to bypass SoupSession:max-conns and SoupSession:max-conns-per-host on a per-message basis (bgo#744720). + Multiple SoupCache fixes: - Leaked resources are now cleaned up when opening the cache (bgo#667682). - The "Age" header is no longer added to cached responses (bgo#741108). - Fixed the interpretation of the "must-revalidate" directive to not be stricter than required (bgo#744468). - Messages retrieved from cache now behave slightly more like non-cache messages in terms of SoupSession signals and timing (bgo#744788). Additionally, there is a new SoupMessage::starting signal, which is like SoupSession::request-started, but emitted for cached resources as well (bgo#731153). + Fixed soup_session_cancel_message() to work reliably on paused messages (bgo#745094). + Added code-coverage support to the build (bgo#744744). + Fixed the library symbol check in "make check" to work when building with linker options that result in slightly different organization (bgo#741348). + Added a hack to SoupSessionFeature so that people will stop re-reporting an old Eclipse bug against libsoup (bgo#710242). + Miscellaneous bug and leak fixes in the test programs, leak fixes in libsoup, and documentation updates. + Updated translations. - Update to version 2.49.1: + Fixed a bug in the SoupMessage:event signal that broke evolution's ability to connect to https hosts with "bad" certificates (bgo#739951). + Fixed a case where the async codepaths could potentially block on a synchronous write (bgo#727138). + Fixed the symbol soup_server_set_ssl_cert_file() to get exported, and added soup_server_get_uris() to the documentation. + Improved a bunch of introspection annotations (bgo#729987). + Clarified some documentation. + Fixed Windows build, twice (bgo#738003, bgo#738551). + Updated translations. - Update to version 2.48.1: + Fixed a bug in the SoupMessage:event signal that broke evolution's ability to connect to https hosts with "bad" certificates (bgo#739951). + Fixed a case where the async codepaths could potentially block on a synchronous write (bgo#727138). + Fixed the symbol soup_server_set_ssl_cert_file() to get exported, and added soup_server_get_uris() to the documentation. + Improved a bunch of introspection annotations (bgo#729987). + Clarified some documentation. + Fixed Windows build, twice (bgo#738003, bgo#738551). + Updated translations. - Update to version 2.48.0: + Updated translations. - Update to version 2.47.92: + Fixed a crash in SoupCache when receiving certain invalid Cache-Control headers (bgo#733587). + Updated translations. - Update to version 2.47.4: + Fixed two crashes that could occur in multithreaded use (in particular, with the latest git gvfs) (bgo#732783, bgo#732925). + Fixed the handling of data: URIs with base64-encoded data but no explicit MIME type (bgo#732112). + Fixed a bug in SoupAuthNTLM that affected 28-character-long passwords (bgo#732087). + Fixed tests to pass with GLib git master (which warns if you use deprecated GObject properties, and which also caught a mutex-handling bug in test-utils.c). + Updated translations. - Update to version 2.47.3: + Added new-and-improved SoupServer API, and deprecated much of the existing API. + SoupSession now has a :tls-interaction property, which can be used to add a GTlsInteraction to a session, allowing it to provide a client-side certificate if the server requests one (bgo#334021). + soup_session_abort() no longer tries to close active connections, which was causing crashes in evolution (rh#1093314). + Fixed a GMainContext-handling bug that could cause crashes in gstreamer's souphttpsrc (bgo#729737). + Fixed a memory leak when requesting to delete a cookie that didn't exist. + Updated translations. - Update to version 2.46.0: + No changes, just a version bump. - Update to version 2.45.92: + Fixed problems with using an http proxy on port 80. + Plugged a small per-connection leak. + Belatedly bumped up the glib requirement to 2.38, which is required for the TAP driver. + Fixed up some leftover issues from the test porting to gtestutils. - Update to version 2.45.90: + Fixed a problem where libsoup would use the "http" proxy settings for "https" requests (bgo#724316). + Updated SoupContentSniffer to match the current version of the MIME sniffing specification (bgo#648849, bgo#715126). + Updated the soup-tld APIs to accept ASCII-encoded hostnames in addition to UTF-8 ones. + Ported the test programs to the gtestutils framework, added support for installed tests, and made the tests use the TAP driver. + Some tests still need to be split up into more pieces, and the debug output is now somewhat less useful in some cases. + Fixed the test programs to not depend on local proxy settings. + Added some more checks to header-tests (bgo#722341). + Fixed the "simple-proxy" example program, which had been broken for a while. + Updated translations. - Update to version 2.45.3: + The documentation has finally been updated to reflect the new APIs added in 2.42. + Added GBytes-valued :request-body-data and :response-body-data properties to SoupMessage, which should help some bindings. + We now set TCP_NODELAY on sockets, improving throughput a bit. In particular, this avoids an unnecessary extra round trip in the TLS handshake. + The SoupSession APIs that return GErrors now return the actual underlying gio errors in the event of connection failures and the like. + Updated the copy of the Public Suffix list used by soup-tld. + Updated the soup_server_pause_message() / soup_server_unpause_message() documentation to clarify when you can and can't call them (bgo#710602). + soup_message_set_request() and soup_message_set_response() now g_warn_if_fail() if you pass an invalid Content-Type (And they also have better introspection annotations) (bgo#686766). + session-test now passes when run against the dummy TLS backend (ie, if you don't have glib-networking installed), as long as you have the latest glib. + Fixed build with -Werror=format-nonliteral (bgo#720082). + Fix build with --without-ntlm (bgo#710267). + Fixed a few warnings. + Updated translations. - Update to version 2.44.2 (bnc#849913): + Fixed a hang with internet radio streams in Rhythmbox (and some other places) (bgo#710494). + Fixed a connection leak when cancelling the close of a message GInputStream (bgo#711260). + Plugged a few memory leaks (bgo#711085) + Fix build with --without-ntlm (bgo#710267) + Fixed a few warnings. + Fixed connection-test to pass with current glib (bgo#711361). + Tests are now more verbose by default under "make check", since current automake just redirects all the output to a log file anyway. - Update to version 2.44.1: + Fixed a sporadic failure in tests/connection-test. + Bugs fixed: bgo#695652, bgo#707711, bgo#708621, bgo#708696, bgo#709647. + Updated translations. - Update to version 2.44.0: + Updated translations. - Update to version 2.43.92: + Fixed a bug in the connection-pool code, which would in certain cases accidentally keep using a connection after a message was cancelled while in progress (bgo#708006). + Fixed some problems when falling back from samba single-sign-on-based NTLM to ordinary ask-for-a-password NTLM. (bgo#703186). + When sending a conditional GET request, SoupCache now preserves the original message's list of disabled features, ensure that it gets back the same kind of response the original message would have (bgo#706338). + Fixed a warning when the remote host closes the connection while we are writing something using chunked encoding (bgo#703297). + Added SoupServer:http-aliases and :https-aliases properties, to specify URI schemes that should be treated as though they were http (bgo#703694). + Fixed race conditions in cache-test and timeout-test that could cause spurious failures (bgo#698305). - Update to version 2.43.90: + Fixed the handling of unsatisfiable range requests in SoupServer. + Fixed the handling of IPv6 address literals with scope IDs (bgo#669724). - Update to version 2.43.5: + SoupProxyURIResolver is now deprecated in favor of the SoupSession:proxy-resolver property (bgo#680273). + The SoupKnownStatusCode enum is now called SoupStatus (bgo#684409). + Fixed the parsing of URI schemes in SoupURI (bgo#703776). + Fixed SoupLogger to print a message's response headers even if the message gets cancelled before the complete response body is received (bgo#703200). + Fixed a build problem in non-UTF-8 locales (bgo#702534). + SoupSession now warns if you use soup_session_pause_message() or soup_session_unpause_message() on a synchronous message (bgo#703461). - Update to version 2.43.4: + Fixed a bug that could cause synchronous sessions to get stuck in a state where no new messages would ever get processed (bgo#703463). + Fixed another memory leak in SoupSocket (found while added a test case for bgo#700472). + Switched to using g_cclosure_marshal_generic() rather than using glib-genmarshal (bgo#686042). + Changed SoupServer to call unref() on the query hash table after calling the handler, rather than destroy(), so that the handler can keep a copy of the query data if it wants (bgo#702793). + Fixed a few introspection annotations. + Updated examples/get to use SoupLogger and to allow redirecting the output to a file (bgo#703231, bgo#703229). - Update to version 2.43.2: + Fixed an authentication error when using NTLM when connecting to an https site over a proxy; the code was getting confused and thinking that the 200 OK response to the CONNECT meant that NTLM auth had succeeded (bgo#698728). + Fixed a memory leak in SoupSocket (bg0#700472). + Fixed a missing include error on some platforms (bgo#700003). + Fixed warnings when running against the "dummy" TLS backend (bgo#700518). - Update to version 2.43.1: + Including <libsoup/soup.h> no longer pulls in the system networking headers. This may cause some packages to no longer compile, if they were accidentally depending on this. Adding "#include <gio/gnetworking.h>" will fix them (bgo#692134). + Fixed SoupSession:proxy-resolver (bgo#698163). + Added soup_message_set_priority(), to mark messages as being high, low, or normal priority, and update the message queue to prioritize them accordingly (bgo#696277). + Fixed several test programs to still work if glib-networking isn't installed and fixed another to still work if the kernel has no IPv6 support (bgo#698220). - Update to version 2.42.1: + Fixed SoupProxyResolverDefault (bgo#697028). + Fixed a gigantic memory leak when using SoupCache (bgo#696594). + Fixed a build problem on Windows (bgo#696354). + Fixed ntlm-test to pass whether or not Samba ntlm_auth support was compiled in (bgo#697510). + Updated translations. - Update to version 2.42.0: + Fixed a compiler warning on 32bit in a test program. + Updated translations. - Added support for translation-update-upstream. - Update to version 2.41.92: + Fixed a bug that caused libsoup to retry an incorrect password repeatedly, forever, in a certain case that affected Google calendars in evolution in particuar (rh##916224). + Also added code to make such infinite retry loops impossible in the future. + Fixed SoupRequestData's handling of URIs with "%00" in them (bgo##695246). + Added the SoupSession:proxy-resolver property (bgo#680273). + Added missing G_BEGIN_DECLS/G_END_DECLS to soup-message-headers.h, so that its functions can be called from C++. + Updated translations. - Update to version 2.41.91: + Fixed a crash that showed up with XMLRPC requests in WebKitGTK (bgo#694920). + Fixed SoupCache to update the cached headers when it receives a 304 Not Modified response, and added a test for this (bgo#695121). + libsoup now builds under automake 1.13 (and "make check" works under the parallel test harness which is the default in 1.13) (bgo#694135). + The tests/ directory now contains only actual test programs that are run by "make check", and the programs that are intended more as example code are under examples/. + Updated translations. - Update to version 2.41.90: + Added SoupSession:local-address property, which allows you to force connections to bind to a particular local address (bgo#693215). + Fixed SoupCache to properly handle messages that get cancelled, and added tests for this (bgo#692310). + Fixed a reference leak in SoupCache that resulted in epiphany hanging for several seconds on exit and then eventually printing "Cache flush finished despite X pending requests". And added more tests (bgo#682527). + Fixed SoupAuthNTLM so that SoupSession:authenticate gets emitted with retrying=TRUE if the first attempt fails (bgo#693222). + Fixed the SoupSession:add-feature-by-type property to accept non-SoupSessionFeature features as well. + Fixed a build bug that would break all the apache-based tests if you didn't have PHP installed (bgo#693311). + Updated translations. - Update to version 2.41.5: + Reverted the change to SoupURI's password handling from 2.41.4, since it turns out to have broken some things (bgo#692149). + Avoid a g_return_if_fail() when loading SoupSession:ssl-ca-file fails (bgo#691930). + Fixed a bug in SoupBodyInputStream that caused redirects in WebKitGTK to hang. (bgo#692026). + Updated translations. - Update to version 2.41.4: + Lots of docs fixes. + The plain SoupSession type now supports soup_session_queue_message(), soup_session_send_message() and there are now soup_session_new() and soup_session_new_with_options(). + The mirroring of the SoupMessage API onto SoupRequestHTTP, added in 2.41.3, has been reverted. However, new APIs soup_session_send() and soup_session_send_async() have been added that let you use the GInputStream-based API with SoupMessages rather than SoupRequest, so if you're doing HTTP-specific stuff, you can just use that instead. + soup_message_get_https_status() now returns the certificate and flags for unsuccessful https connections as well as successful ones (bgo#690176). + Fixed a deadlock when calling soup_session_abort() on a SoupSessionSync in some cases (bgo#691399). + Internal SoupCache rewrites/improvements (bgo#682112). + Plugged a memory leak in SoupCache (bgo#690382) and in SoupAuthDigest (bgo#690142). + LIBSOUP_DISABLE_DEPRECATED has been renamed to SOUP_DISABLE_DEPRECATED. + Fixed the samba-windbind-based NTLM support. + SoupAuthManager is now a public class. + SoupURI now treats "http://user@example.com" as having a password of "" rather than NULL. + build: libsoup now uses autoreconf instead of gnome-autogen.sh, and no longer uses AM_GLIB_GNU_GETTEXT. + Updated translations. - Update to version 2.41.3: + SoupRequest is now stable API. SoupRequester, however, is deprecated. Instead you can now call soup_session_request() or soup_session_request_uri() to create a SoupRequest. + SoupRequestHTTP now has a number of fields and methods that mirror the SoupMessage data, so you don't have to use soup_request_http_get_message() in many cases. On the flip side, there is also now soup_message_get_request(). And you can create a SoupRequestHTTP directly (and override its request method) by using soup_session_request_http() or soup_session_request_http_uri()). + soup_message_set_chunk_allocator() is now deprecated; apps that want to do streaming reads should just use SoupRequest, which is vastly more sane. + SoupPasswordManager is now deprecated, and SoupPasswordManagerGNOME is now a no-op (and libsoup-gnome no longer links against libgnome-keyring) (bgo#594377, bgo#679866) + SoupCookieJarSqlite is now deprecated in favor of SoupCookieJarDB, which is exactly the same thing except that it's in libsoup itself rather than being in libsoup-gnome + SoupProxyResolverGNOME is now deprecated; there hasn't been any real reason to use it since SoupProxyResolverDefault was added. + SoupSession is no longer an abstract class, and you can create a plain SoupSession, which behaves in a more traditionally-gio-like way. + Usernames and passwords passed into SoupSession a URI will now be cleared after they're used, so that if they are wrong, the authenticate signal will be emitted on the next round (bgo#689673) + SoupURI now leaves "%00" in URIs as-is, rather than decoding it to "\0", which was not intended and is never useful. + Fixed a bug in SoupBodyOutputStream that could cause libsoup to sometimes use blocking I/O rather than non-blocking when writing chunked message bodies (bgo#688974) + Fixed a bug in SoupFilterInputStream that could cause some non-blocking reads to suck up CPU while waiting for the network + tests: misc small fixes + Updated translations. - Replace sqlite3-devel BuildRequires with pkgconfig(sqlite3). - Drop libgnome-keyring-devel BuildRequires: no longer needed. - Update to version 2.41.2: + libsoup-2.4.so and libsoup-gnome-2.4.so now only export the symbols that are part of the public API. (bgo#595176) + Added SOUP_VERSION_MIN_REQUIRED / SOUP_VERSION_MAX_ALLOWED macros like the corresponding glib ones, to allow libsoup users to request per-version deprecation/availability warnings. + Fixed a crash caused by a race condition in SoupSessionSync, and reorganized some code to avoid other possible similar race conditions. (bgo#684238) + Fixed a crash when a DNS resolution failed, caused by a bug in the GTask porting in 2.41.1. (bgo#688330) + Fixed a problem that would cause g_warning()s in epiphany when browsing sites that (incorrectly) returned empty Cache-Control headers. (bgo#683433) + We now add a Host header to HTTP/1.0 requests as well as HTTP/1.1 ones. + Fixed a bug in the printing of IPv6 address literals in the Host header in SoupLogger. + Belatedly added soup-multipart-input-stream.h to soup.h. + Removed an evil hack in the long-deprecated SoupProxyResolver code (not to be confused with SoupProxyURIResolver) (bgo#687659) + Fixed a few race conditions in the test programs that could cause "make check" to fail on slow or heavily-loaded machines. + Further cleaned up and reorganized the internal HTTP I/O codepaths, in preparation for an improved SoupCache. (bgo#682112). + Updated translations. - Update to version 2.41.1: + Changed the behavior of NTLM authentication to be more like what other apps apparently do (bgo#624613) + Fixed a crash caused by a race condition in SoupSessionSync. (bgo#684238) + SoupRequest now supports resource:// URIs, for reading from gresource (bgo#682721) + Added new compile-time and runtime APIs for checking the libsoup version (bgo#684514) + Updated to take advantage of (and require) glib 2.35: removed all g_type_init() calls and ported to GTask. + Added support for Apache 2.4 to the unit tests. + Updated translations. - Update to version 2.40.3: + soup_message_get_https_status() now returns the certificate and flags for unsuccessful https connections as well as successful ones (bgo#690176) + Fixed a deadlock when calling soup_session_abort() on a SoupSessionSync in some cases. (bgo#691399) + Fixed a bug in SoupFilterInputStream that could cause some non-blocking reads to suck up CPU while waiting for the network. + SoupURI now leaves "%00" in URIs as-is, rather than decoding it to "\0", which was not intended and is never useful. + A few minor docs fixes. + Updated translations. - Update to version 2.40.2: + Fixed a crash caused by a race condition in SoupSessionSync (bgo#684238) + Fixed a problem that would cause g_warning()s in epiphany when browsing sites that (incorrectly) returned empty Cache-Control headers (bgo#683433) + Belatedly added soup-multipart-input-stream.h to soup.h. + Added support for Apache 2.4 to the unit tests. Also fixed a few race conditions that could cause "make check" to fail on slow or heavily-loaded machines. + Updated translations. - Update to version 2.40.1: + Improved the parsing of multipart/x-mixed-replace responses (bgo#685752). + Fixed handling of IPv6 address literals (bgo#684990). + Updated translations. - Update to version 2.40.0: + Updated translations. - Update to version 2.39.92: + Fixed some g_warnings (and a possible crash) with the soup_request_send_async() (bgo#683404). + Fixed a hang with SoupSessionSync (bgo#682923). + Handle empty "Cache-Control" headers. + Updated translations. - Update to version 2.39.91: + Added missing annotations. + Fixed a crash (bgo#682569) + Fixed the SoupMessage:network-event signal + Bugs fixed: bgo#683200 + Updated translations. - Update to version 2.39.90: + Added SoupMultipartInputStream, for handling multipart responses (particularly multipart/x-mixed-replace) (bgo#656684) + Fixed a potential crash in SoupSessionAsync after the session is finalized + Fixed a regression in soup_tls_is_public_suffix() (bgo#681085) + Added a SOUP_MESSAGE_IDEMPOTENT flag, so that apps can bypass the "POSTs must be sent on new connections" check, which was causing evolution-ews to have to create a new connection for every request (bgo#681493) + Changed SoupSession so that pending SoupMessages now hold a ref on the session. It is possible that this will break code that was depending on the old, dumb, behavior (where unreffing the session with messages pending would cause those messages to be cancelled), in which case this will be reverted before 2.40. + Fixed memory leaks found by valgrind + Cleaned up some code in SoupCache (bgo#681509) + Updated translations. - Update to version 2.39.5: + Fixed several bugs in the soup-message-io updates that could cause hangs or I/O errors (bgo#679527) + Fixed SoupServer:async-context to work properly again + Further fixes to soup_uri_normalize() when using the "unescape_extra" parameter. (bgo#680018) + Fixed soup_xmlrpc_parse_method_call() to handle the case where there is no <params> element (which is legal) (bgo#671661) + Fixed the deprecation warning on soup_message_headers_get() (bgo#680143) + Added warnings to some erroneous SoupSocket usages rather than returning bogus data (bgo#673083) + Fixed build under Windows/MinGW + SoupSocket no longer emits the "readable" signal when a socket is disconnected if that socket is non-blocking + Updated public suffix list to the current version + Updated translations. - Update to version 2.39.4.1: + Fixed indentation problems in tld-parser.py so it will work under python 3 (bgo#680089) + Actually fixed cookies in non-suffixed/private domains, which still didn't work after the last fix (bgo#679230) + Updated translations. - Update to version 2.39.4: + Fixed the SoupRequest codepaths to properly retry in the case where the server closes a persistent connection when we try to use it (bgo#679527) + Fixed the content-type and content-length of requests retrieved from SoupCache (bgo#680029) + Fixed the handling of cookies in non-suffixed and private domains ("localhost", "foo.local", etc., bgo#679230) + Fixed cookie parsing to allow attribute values on "secure" and "HttpOnly" (bgo#678753) + Fixed a (rare) crash when closing the stream returned from SoupRequestHTTP. + Bugs fixed: bgo#671770, bgo#678909, bgo#680055, bgo#680018. + Updated translations. - Update to version 2.39.3: + Added new functions for comparing domains against the "public suffix" list, and in particular fixed SoupCookieJar to not allow setting cookies in "public" domains (eg, ".co.uk"). [bgo#673802] + Added two new SoupCookieJar APIs (soup_cookie_jar_get_cookies() and soup_cookie_jar_set_cookie_with_first_party()) as part of fixing the handling of HttpOnly cookies in WebKitGTK. [bgo#677922] + Fixed g-i annotation of soup_message_headers_get_content_type() [bgo#677002] + Updated translations. - Update to version 2.39.2: + Fixed several bugs that resulted from the I/O code rewrite in 2.39.1, and added more test cases to exercise the new code paths: - Problems with cancelling messages from the got-headers signal (bgo#674747) - Persistent connections were not always being closed properly after a message was cancelled mid-response. - Cancelling a SoupRequest before it started I/O didn't work. - Asynchronous HTTP authentication via the SoupRequest API (bgo#675306) - Memory leak (bgo#676038) - Refcounting bug that manifested as a crash in rygel (bgo#676038) - Handling failed CONNECT requests via SoupRequest (bgo#675865) - Messages with trailing junk following a compressed message body (bgo#676477) + Fixed three cache-related bugs that affect some sites + Fixed a bug in the /usr/bin/ntlm_auth integration when you don't already have credentials cached, and avoid printing warning messages when ntlm_auth is present but not usable. + Fixed some g-ir-scanner warnings, and included SoupRequester/SoupRequest in the introspected API (bgo#676742) + Added soup_buffer_get_as_bytes() (bgo#676776) + Updated translations. - Update to version 2.39.1: + Major rewrite of the I/O code to use gio streams more directly. + Libsoup now finally supports SOCKS proxies again (bgo#553269) + Certain error messages returned from the streaming API are now localized + Added a SoupCookieJar:is-persistent property, to distinguish memory-only jars from SoupCookieJarText and SoupCookieJarSqlite (bgo#672838) + Updated translations. - Add intltool BuildRequires: new dependency. - Create a lang package, which is recommended by the library. - Update to version 2.38.1: + Fixed a situation where soup_connection_disconnect() could end up calling g_object_unref(NULL) when an idle connection was closed. [bgo#672178] + Fixed two warnings when cancelling an in-progress soup_socket_connect_async(). + Fixed a crash when disposing a SoupServer with open connections. [bgo#673468] + Fixed the SoupSession:ssl-use-system-ca-file property to get turned off (rather than on) when you set it to FALSE... Also fixed up the property notifications around the various certificate-verification properties (ssl-ca-file, ssl-use-system-ca-file, and tls-database). + Fixed SoupSession to not leak paused SoupMessages that were still in progress when it was unreffed. [bgo#673905] + Updated the win32 file: URI code again, to fix regressions in the WebKit tests. [webkit#82484] - Update to version 2.38.0: + Minor documentation fixes - Update to version 2.37.92: + Added soup_session_prefetch_dns() and deprecated soup_session_prepare_for_uri(). The new method takes a completion callback, allowing you to know how many DNS resolutions are currently outstanding, so you don't spam the resolver. [webkit#41630] - Update to version 2.37.91: + Fixed an out-of-bounds memory read that could occur when parsing malformed requests/responses. + Fixed a build-related bug in Makefile.glib that affected locales such as Estonian where "Z" is not the last (ASCII) letter of the alphabet. [bgo#654395] + Fixed the handling of file: URIs with query components, which got broken in 2.37.90. + Fixed SoupAuthManagerNTLM to not fall back to allowing Basic auth when NTLM failed. + Further tweaked the warnings/fallback in SoupURI, so that soup_uri_to_string() on an http URI with a NULL path would translate that to "/" like it used to. [bgo#670431] + Fixed a warning when cancelling the load of a page with many subresources. [bgo#667245] + Use G_GNUC_BEGIN/END_IGNORE_DEPRECATIONS if GLib is new enough, to avoid getting warned about the use of GValueArray. - Update to version 2.37.90: + Added various return-if-fails and other sanity checks to various functions. [bgo#669479] + Updated docs/annotation of soup_form_decode_multipart() to note that all of the out parameters are (allow-none). Fixed the file_control_name parameter to actually allow NULL like the docs already claimed. [bgo#669479] + Fixed a minor URI parsing bug. (It was allowing URI schemes to contain numbers.) + Fixed a few memory leaks introduced in the 2.37 cycle. + Fixed SoupServer to be able to correctly respond to HTTP/1.0 requests over IPv6 (which previously would always have returned "400 Bad Request"). [bgo#666399] + Changed SoupSessionAsync to make it possible to finalize it from the "wrong" thread. [bgo#667364] + Fixed SoupCache to not cache resources whose URIs have query components (unless they have explicit cache headers); to not generate broken conditional requests for resources that cannot be conditionally validated; and to not spew warnings when receiving invalid Cache-Control headers. [bgo#668865] - Update to version 2.37.5.1: + Replace some of the newly-added SoupURI g_return_if_fail()s with g_warn_if_fail()s. Although it had always been documented that SoupURIs must have a non-NULL path, most functions treated NULL the same as "", and various apps (eg, rhythmbox, midori) were accidentally relying on this. - Update to version 2.37.5: + Fixed a bug in SoupSession:use-thread-context. + Fixed the case of cancelling a message from SoupSession::request-started [bgo#668098] + Fixed a crash in epiphany when loading a page with more than 1000 or so images. [bgo#668508] + Fixed a bunch of cases involving invalid URLs found while testing SoupServer against an HTTP protocol fuzzer. Also fixed up some documentation/annotations and added some new test cases. [bgo#667637] + Fixed SoupRequestFile to work on Windows. - Remove xz BuildRequires now that it comes for free in the build system. - Update to version 2.37.4: + SoupMessage now has a "network-event" signal that can be monitored for information about DNS, proxy lookup, TCP connections, and TLS handshakes. + The HTTP header parsing code now avoids hitting g_return_if_fails() (and returns an error instead) in a few cases of seriously-invalid headers. [bgo#666316] + POSTs and other non-idempotent requests are now always sent on newly-created connections. You can also force this behavior on other messages by setting the SOUP_MESSAGE_NEW_CONNECTION flag. [bgo#578990] + Server-closed idle connections are now detected ahead of time on Windows, preventing occasional spurious "Connection terminated unexpectedly" errors. (This had been fixed on UNIX since 2.28, but the earlier fix didn't work with WinSock.) [bgo#578990] + Plugged a leak in SoupRequestHTTP. [bgo#667099] - Update to version 2.37.3: + Simplified SoupHTTPInputStream and SoupRequestHTTP, allowing related simplifications in WebKit's ResourceHandleSoup. This is an ABI-incompatible change, but SoupHTTPInputStream is an unstable API. [bgo#663451] + Fixed a bug that caused the SOUP_MESSAGE_CERTIFICATE_TRUSTED flag to always be cleared, causing epiphany to claim all https pages were untrusted. [bgo#665182] + Fixed some bugs in the handling of SoupSession:http-aliases and SoupSession:https-aliases. + Fixed SoupContentDecoder's "ignore Content-Encoding: gzip because the server didn't actually mean it" hack to handle x-gzip too. + Clarified the documentation on SoupSession:ssl-strict [bgo#666280] + Fixed handling of ACLOCAL_FLAGS [bgo#641470] - Add xz BuildRequires because we can't build a package for a xz-compressed tarball without explicitly specifying that... See bnc#697467 for more details. - Remove explicit Requires for glib2-devel, libgnutls-devel, libgcrypt-devel, libgpg-error-devel, libxml2-devel in devel subpackage: the needed ones will automatically be added the pkgconfig() way. - Split typelib files into typelib-1_0-Soup-2_4 subpackage. - Add typelib-1_0-Soup-2_4 Requires to devel subpackage. - Update to version 2.37.2: + Fixed up the output of SoupDirectoryInputStream, thus improving the display of local directories in WebKit-based browsers. [bgo#662266] + Fixed a bug introduced in 2.37.1 that caused some cancelled SoupMessages to be leaked. [bgo#662847] + Added new SoupSession properties "http-aliases" and "https-aliases" that allow you to configure more explicitly what URL protocols are treated as aliases for http (eg, "dav:", "webcal:", etc), and which should be recognized as meaning something else, (eg, "ftp:") + Added soup_session_would_redirect() and soup_session_redirect_message(), to help users that want to handle some or all redirects themselves. Added soup_message_set_redirect() to make it easier to return redirection responses from a SoupServer. + Added the SoupSession "use-thread-context" property, which tells it to use GMainContexts in a gio-compliant way (and in particular, allows having different messages running in different GMainContexts on the same SoupSession, though only to a limited extent since SoupSessionAsync is still not thread-safe). In particular, this was added in order to address webkit#68238. + Made SoupURI %-encode non-ASCII characters when parsing URIs, in particular to fix a problem with certain servers sending syntactically invalid redirects that they would then only interpret correctly if you fixed the syntax for them. [bgo#662806] + Fixed a connection-handling bug that could cause problems with servers that requested authentication and then timed out the connection while the application was waiting for the user to enter a password. [bgo#660057] + Made NTLM and Basic authentication handle some non-ASCII usernames and passwords. (NTLM should handle most. It's impossible to fix Basic in the general case.) [bgo#576838] + Added support for "deflate" Content-Encoding, so that we can work with broken servers that insisted on using it even though we explicitly indicated in the request headers that we didn't support it. [bgo#661682] - Update to version 2.37.1: + Fixed a problem with connections being assigned to multiple requests at once after a redirection [bgo#651146]. + Ported SoupSession to use GTlsDatabase internally, and added two new properties, SoupSession:use-system-ca-file (to specify that the session should use the default system tlsdb) and SoupSession:tlsdb (to specify a specific tlsdb to use) + Likewise, added SoupServer:tls-certificate, for specifying a certificate/key for an https server to use. + Made SoupHTTPInputStream more memory efficient [bgo#659255] + Fixed soup_message_get_https_status() to return information more reliably (with latest glib-networking). - Update to version 2.36.1: + Fixed a problem with connections being assigned to multiple requests at once after a redirection [bgo#651146] - Update to version 2.36.0: + Improvements to gtk-doc documentation. - Update to version 2.35.92: + Fixed a problem where SoupHTTPRequest response bodies could be truncated. [bgo#659256] + Fixed a bug in copying TLS information from SoupSocket to SoupMessage, causing all https connections to be reported as "untrusted" in epiphany. + Made SoupSession remove items from its host cache after a while, so that if a host changes IP address, it will eventually try to re-resolve it. [bgo#646959] - Update to version 2.35.90: + Added SOUP_MESSAGE_CAN_REBUILD flag, to use with soup_message_body_set_accumulate(FALSE) on a request body, to indicate that the caller will recreate the request body after it has been discarded if the message needs to be re-sent. [bgo#656650] + Fixed the build on mingw-w64 by not using "interface" as variable name. [bgo#656402] + (The multihosted https server regression mentioned in the 2.35.5 NEWS turned out to be a glib-networking bug, which is fixed as of 2.29.18.) - Add samba-winbind Suggests to libsoup-2_4-1: the NTLM single sign on feature works with /usr/bin/ntlm_auth (but can fallback to the old method if this is not present). - Remove Requires for libsoup-2_4-1 and Obsoletes for libsoup-64bit from main package since there is no such main package anymore. - Update to version 2.35.5: + bgo#650940: Support NTLM single sign on via samba's /usr/bin/ntlm_auth. + bgo#581342: Default to TLS+extensions for https connections, falling back to SSLv3-without-extensions only if the server fails to negotiate TLS. + bgo#631368: Fixed a problem with https pages sometimes not loading when using a proxy. + bgo#648848: SoupContentSniffer: don't use gio's sniffing rules, since the spec now recommends that browsers not do any additional sniffing beyond what's in the spec. + bgo#653707: Fixed SoupRequestHTTP to work properly with alternate GMainContexts. + bgo#655397: Added some annotations from Vala's vapi files. - Update to version 2.35.4: + CVE-2011-2054: Fixed a security hole that caused some SoupServer users to unintentionally allow accessing the entire local filesystem when they thought they were only providing access to a single directory. [bgo#653258] + Plugged another SoupCache memory leak. + Simplified SoupCache keys, and handle collisions. [bgo#649963] + Annotate SoupSession:add-feature, etc, as (skip), so they don't conflict with the methods of the same name. [bgo#655150] - Update to version 2.35.3: + Always send the "Keep-Alive" header. + Deal with broken apache Content-Encoding for .gz files, that was leading to decompressing the files. + Various cache improvements, including: - Do not store hop-by-hop headers in cache. - Store the HTTP status code in the cache. - Add versioning support to SoupCache. + Fix integer overflow on 32bit. + Fix memory leaks. + Build fixes. - Update to version 2.34.2: + Two SoupCache-related leak fixes + bgo#648948: Minor build fix for Debian/Ubuntu + Fixed a docs typo. - Update to version 2.34.1: + Two multipart forms/Content-Disposition fixes: . UTF-8-encoded header encoding/decoding rules updated to match RFC 5987. In particular, a UTF-8-encoded filename parameter in Content-Disposition will now override an ASCII one. . When not using UTF-8-encoded filenames in Content-Disposition, always quote the filename, since some servers erroneously fail to handle non-quoted ones. (bgo#641280) + Fixed several memory leaks + Fixed decoding base64 data: URLs (bgo#646896) + Fixed a bug in soup_uri_to_string() in which (invalid) port numbers could be output as negative numbers (tripping up a WebKit "sanity checking" test) (bgo#647767) + Fixed a cache corruption bug in SoupCache (bgo#648285) + Fixed a crash in SoupSessionSync when using soup_session_abort(). - Update to version 2.34.0: + Fixed the GMainContext handling of the new SoupProxyResolverDefault (which among other things fixes gstreamer usage inside epiphany). bgo#646201 + Tweaked the introspection Makefile rules to fix a problem building on Debian/Ubuntu. bgo#645505 + Belated bumped the shared library versioning to reflect the API additions since 2.32.0 - Update to version 2.33.92: + LIBSOUP NO LONGER DEPENDS ON GCONF OR LIBPROXY. (see below). + Added SoupProxyResolverDefault, which uses uses gio's GProxyResolver to resolve proxies [bgo#642982] Despite the "default" in the name, it is not used by default, for compatibility reasons, but it is available in plain libsoup, not libsoup-gnome. (Of course, it depends on having glib-networking installed.) + Updated SoupProxyResolverGNOME to be based on SoupProxyResolverDefault, but explicitly requesting the "gnome" GProxyResolver if it is available [bgo#625898], and removed the old code that used GConf and libproxy directly. + Added soup_server_disconnect(), to explicitly disconnect a SoupServer, since it is not possible to g_object_unref() it from memory-managed language bindings. [bgo#638576] + SoupDate now parses month names case-insensitively [bgo#644048] + Avoid a g_return_if_fail() when using SOUP_COOKIE_JAR_ACCEPT_NO_THIRD_PARTY with non-http URIs (file:, data:, etc). [bgo#643226] + SoupCookieJar now catches overflows when parsing very distant dates [bgo#643462] + Fixed a buggy interaction between request body streaming and restarted requests. Added some new tests to tests/chunk-test.c to make sure that a specific (unsupported!) way of using those methods would not get broken in the future. + Fixed soup_socket_get_remote_address(), which had been broken since 2.33.4 (and which in turn caused soup_client_context_get_address/_get_host to be broken). [bgo#645227] - Drop gconf2-devel and libproxy-devel BuildRequires. - Update to version 2.33.90: + glib-networking is a compile and runtime dependency now. + bgo#642075: fixed a bug in talking to servers with virtual hosts with Unicode names (IDNs). + bgo#640414: added a "Connection: Keep-Alive" header when talking to HTTP/1.0 hosts, to improve performance. + bgo#642028: changed SoupCache to not cache multipart/x-mixed-replace content. - Changes from version 2.33.6: + bgo#639768: made SoupSessionAsync do idle-connection cleanup more sanely, resulting in faster load times for pages with lots of subresources. + bgo#639783: fixed soup_form_decode()'s behavior (and by extension, SoupServer query string handling) with datasets that contain multiple values for the same key, and added a test case. + bgo#640556: fixed warnings pointed out by gcc 4.6, including a bug in SoupCache that would cause unnecessary revalidations. + bgo#641022: belated copied a fix from the WebKit copy of soup-cache.c into ours, and fixed a bug in the local copy of soup-request-data.c, in preparation for making WebKit use the libsoup versions. - Changes from version 2.33.5: + bgo#637741: fixed certain cases of soup_session_cancel_message() with SoupSessionSync that could previously cause warnings or crashes. - Changes from version 2.33.4: + SoupSocket now uses GSocketConnection and GTlsConnection internally rather than making socket calls directly and using GIOStream, and TLS is handled via glib's APIs rather than using gnutls directly. + The gzip Content-Encoding handler is now implemented using GZlibDecompressor + As a result of the above two changes, libsoup no longer directly depends on gnutls, libgcrypt, or zlib, though it still indirectly depends on zlib via glib and libxml2. Also, although libsoup does not depend on glib-networking as a build-time dependency, some "make check" tests will be skipped if it is not installed. + bgo#523100: the SoupRequest/SoupCache code from WebKit has been imported, but it is not yet recommended for general use, and is not necessarily API stable. + Added SoupMessage:tls-certificate and SoupMessage:tls-errors, which give more information about the certificate used to authenticate a TLS connection. + It is now possible to disable Basic or Digest auth in a session by using soup_session_remove_feature_by_type() with SOUP_TYPE_AUTH_BASIC or SOUP_TYPE_AUTH_DIGEST. Likewise, the right way to enable NTLM support now is to call soup_session_add_feature_by_type() with SOUP_TYPE_AUTH_NTLM; SOUP_SESSION_USE_NTLM is now deprecated. + bgo#603825: allow setting cookies on file:// URIs, since other browsers do, and WebKit has a test for it. + bgo#635395: .gir/.typelib files now include C header/library information (needed by vala and some other bindings) + Added annotations on soup_message_headers_get_content_type() and SoupHTTPVersion + bgo#636741: fixed a Set-Cookie processing leak. - Add glib-networking BuildRequires, and explicit Requires in libsoup-2_4-1 since we need the gio module for TLS support. - Remove now unneeded gnutls-devel BuildRequires. - Drop libsoup-gnutls-allow-tls.patch: the TLS handling is now done in glib-networking. - Update to version 2.32.2: + bgo#634422: Fixed a regression in 2.32.0 that caused evolution-exchange to get stuck and stop updating. + bgo#635101: Fixed a regression in 2.32.0 with apps using asynchronous sessions from multiple threads. + Fixed the regression tests. - Update to version 2.32.1: + bgo#631525: Fixed a regression in 2.32.0 with the use of persistent connections that caused spurious "Connection terminated unexpectedly" errors. + Fixed a regression in 2.32.0 that caused proxy-related DNS errors to return SOUP_STATUS_CANT_RESOLVE rather than SOUP_STATUS_CANT_RESOLVE_PROXY. + bgo#631679: Usernames/passwords specified explicitly in request URIs now override existing cached auth info. + bgo#630540: Changed soup_uri_decode() and soup_uri_normalize() to just ignore malformed %-encoding rather than returning NULL, for consistency with soup_uri_new(). + bgo#620220: Fixed soup_form_decode() to ignore invalid parameters, and soup_form_encode_hash() to just g_return_if_fail() rather than crashing if there are NULL values in the hash. + bgo#629160: Added another workaround for stupid servers that close the connection before returning the full response + bgo#631641: Fixed a bug in SoupCookieJarText that deleted excess cookies whenever any cookie expired. + Fixed a small leak in SoupContentDecoder + bgo#631679: Added regression tests for passwords-in-URIs - Update to version 2.32.0: + No changes, just a version bump. - Add libsoup-gnutls-allow-tls.patch: let gnutls try to use TLS, instead of being SSL 3.0-only. This might lead to some websites not being accessible with libsoup, and upstream does not want this behavior; a proper fix needs a lot of work. See discussion in bnc#634040. - Update to version 2.31.92: + Updated for gobject-introspection 0.9.5. Also added some new annotations and removed a bunch of private headers from the scanning process. + bgo#628728: Percent-encoded characters in URIs are no longer automatically normalized to uppercase, since apparently some servers are stupid. + bgo#629449: Fixed a crash when resolving a URI containing both spaces and non-UTF8 8bit characters. - Update to version 2.31.90: + bgo#526321: libsoup now tries to connect to each IP address associated with a hostname, if the first one fails. + Fixed Accept-Language header generation in locales where "," is used as the decimal point. - Update to version 2.31.6: + Disabled TLS 1.2 in addition to the already-disabled 1.1 and 1.0, thus making libsoup usable with gnutls 2.10. [bgo#622857] + When using libproxy 0.3 or newer, libsoup no longer leaks proxy-related environment variables into child processes [bgo#603285] + Changed the way message/connection binding works in SoupSession so that (among other things), when there are multiple requests queued to a host, and one of them gets a network error, the other requests are still allowed to try to succeed, rather than all failing immediately. [bgo#619633] + SoupSession now limits the number of times a message can be redirected, to avoid infinite loops [bgo#604383] + Fixed handling of certain messages where the response headers included "Connection: close" but the server did not actually close the connection at the end. [bgo#611481] + Fixed some incorrect g-i annotations [bgo#621021] + Fixed an out-of-bounds memory access when processing certain Set-Cookie headers [bgo#620288] + Improved msg->reason_phrase on network errors [bgo#623274] + Fixed gir file disting [bgo#621727] - Update to version 2.31.2: + bgo#576595: gobject-introspection has now been merged in + bgo#617216: Marked SoupSession abstract + bgo#618641: Fixed a problem with SoupSessionAsync that would cause messages to get lost if you aborted a previous message while it was still looking up the hostname + bgo#615535: Fixed another connecting-to-lame-http-server problem. - Add gobject-introspection-devel BuildRequires and pass - -enable-introspection to %configure. - Update to version 2.30.1: + bgo#611663 - Fix for https through proxies that close the connection when returning a "407 Proxy Authentication Required" response, and add a regression test for that case. + bgo#614176 - Don't quote the multipart boundary string if it's not needed, since RFC 2616 recommends that you don't, and some servers don't handle quotes there correctly + bgo#614183 - Don't put an extra blank line before the first multipart part, since it's unnecessary and some servers don't handle a multipart preamble correctly. + bgo#614198 - Don't put Content-Transfer-Encoding headers in the multipart/form-data parts, even though the HTML 4 spec says you must, since no other browsers do, and some servers don't handle them correctly. + bgo#615711 - Changed SoupCookieJarSqlite to actually erase deleted cookies from the database. + bgo#611663 - Fixed SoupLogger to be more robust against getting passed bad data by the session. + Fixed SoupAuthDomain to ignore paths when doing proxy auth + bgo#613442 - Fixed a g_warning when hovering over a javascript link in WebKit. + Updated translations. - Update to version 2.30.0: + Fixed a crash in the whitespace-stripping code in soup_uri_new() [bgo#612644] + Update content-sniffing algorithm to match Chrome and the soon-to-be-updated sniffing spec. [bgo#611502] + We now handle "Content-Encoding: x-gzip" as well as "gzip" (even though "x-gzip" has been deprecated for more than 10 years). [bgo#611476] + Fixed leaks found by valgrind + Make the "make check" programs only bind to 127.0.0.1, not any public network interfaces. [bgo#609489] + Add a test to sniffing-test to make sure that Content-Type parameters are preserved correctly. - Update to version 2.29.91: + Added SOUP_SESSION_SSL_STRICT and SOUP_MESSAGE_CERTIFICATE_TRUSTED, to allow callers to determine if an https response comes from a server with a recognized/valid or unrecognized/invalid certificate. [bgo#610374] + Fixed handling of certain badly-formatted URIs [bgo#590524] - Update to version 2.29.90: + Added soup_cookie_jar_set_accept_policy() and related API for implementing cookie acceptance policies. [bgo#608353] + Fixed the "request-read" signal in SoupServer to actually be emitted. - Update to version 2.29.6: + Fixed SoupContentDecoder to ignore trailing junk after the encoded message body (as other browsers do), rather than getting stuck in an infinite loop. [bgo#606352] + Fixed an invalid read in soup_cookie_applies_to_uri() [bgo#607024] + Fixed linking on OS X [bgo#606959] + Removed a harmless warning in SoupServer. [bgo#606645] - Update to version 2.29.5: + Added SoupContentDecoder, providing support for Content-Encoding: gzip for WebKitGTK. [bgo#522772] + Added "accept-language" and "accept-language-auto" properties to SoupSession, to support the Accept-Language header. [bgo#597004] + Fixed a bug in SoupPasswordManagerGNOME that could cause crashes if you typed the wrong password once and then tried again. [bgo#595554] + Fixed a crash in SoupAuthDigest if the server claims support for both qop=auth and qop=auth-int. (This was not noticed sooner because no one actually supports qop=auth-int, and the server in question here was probably confused. :) + Updated cookie parsing/output to more closely match draft-ietf-httpstate-cookie-00. [Also fixes bgo#603496 (WebKit unit test), and bgo#604794 (hang parsing malformed Set-Cookie header)] + Fixed https-via-proxy to not hang if there is an error communicating with the proxy immediately after the TLS negotiation. [bgo#587528] + Fixed a bug that broke gobject-introspection's introspection of libsoup. [bgo#603696] + Handle spurious CR/LFs between responses. [bgo#602863] + Fixed soup-message-client-io to not erroneously include URI fragments on the Request-Line when sending via a proxy. + Fixed Digest authentication against certain (buggy?) clients/servers that require you to use quotes in exactly the same places where the spec uses them. [bgo#582219] + Fix ugly gtype-related hack to work with the latest unstable glib - Remove libsoup-gir-repository-build.patch. Fixed upstream - Package baselibs.conf - Change gnome-keyring-devel BuildRequires to libgnome-keyring-devel, following the module split upstream. - Add libsoup-gir-repository-build.patch to fix the gir-repository build. - Update to version 2.29.3: + Fixed a crash in SoupCookieJarSqlite when using cookie databases not created by libsoup (eg, upgraded epiphany installations). + Fixed SoupCookieJar to handle non-http URIs properly (so that, eg, JavaScript bookmarklets that try to set/read cookies won't cause crashes). [bgo#602498] + HEAD requests that receive a "303 See Other" response will now do a HEAD, not a GET, on the redirected-to resource. Fixes gvfs access to some sites, including certain youtube.com URIs. [bgo#600830] + Fixed a g_warning that would always trigger in the server-side SoupCookie code. [bgo#602389] + Fixed the server-side SoupMultipart code to be able to parse multiparts containing binary attachments, rather than rejecting them as malformed. [bgo#601640] + Fixed the Request-Line format in the https-over-proxy case. Among other things, this fixes access to bugzilla.gnome.org from WebKitGTK-based browsers. [bgo#598277, bgo#600826] + Fixed a leak in SoupSession if a message was cancelled while the initial socket connection was in progress. [bgo#596074] + Fixed server-side parsing of Digest auth. [bgo#602898] + Fixed WinSock initialization on Windows. [bgo#600689] + Fixed a sporadic crash in the SSL code on Windows. [bgo#600748] + Fixed handling of https connections with timeouts on Windows. [bgo#600749] + Added soup_session_prepare_for_uri(), to allow DNS prefetching for faster browsing. [bgo#598948] + SoupSession now avoids redundant DNS lookups again when first connecting to a new site, resulting in (probably imperceptibly) faster loads. + Added some debugging APIs to SoupConnection and SoupSession for use by, eg, epiphany's soup-fly extension. [bgo#589163] - Update to version 2.28.1: + libsoup will now attempt to make multiple connections to a server at once when there are multiple messages queued to that server. The previous behavior (only allowing a single pending connection to each server) resulted in slow load times on pages with lots of subresources (images, css, js, etc) on servers that disallow persistent connections. [bgo#594768] + There should now be fewer (no?) "Connection terminated unexpectedly" errors in WebKitGTK. + Fixed a crash in SoupCookieJarSqlite [bgo#596859] + Fixed soup_address_get_physical() and address-to-name resolution of SoupAddress? + Fixed a bug in SoupContentSniffer that could cause false negatives [bgo#597545]. + Fixed the configure error if you have gnutls-devel but not gcrypt-devel installed [bgo#587709]. - Update to version 2.28.0: + Fixed a handful of leaks found with valgrind, including a large one in SoupContentSniffer + bgo#584522 - Changed the behavior of SoupCookieJarSqlite to improve performance. + bgo#59495 - Fixed a crash in SoupSocket that affected gupnp + bgo#594508 - Fixed the type of the SOUP_METHOD_* and SOUP_URI_SCHEME_* macros to be const char * rather than gpointer. - Update to version 2.27.92: + Removed SoupPasswordManager from the public API until its problems can be addressed. Although it is still present, you need to #define a special symbol for it to be visible in the header files; see bgo#594377 for details. + Fixed a bug where empty query components were dropped from URIs. [bgo#594405] + Fixed "make check" to work (but warn) when building with - -disable-ssl. + Fixed some small documentation bugs. - Update to version 2.27.91: + Added SoupPasswordManager, an interface for managing persistent password storage, and SoupPasswordManagerGNOME (in libsoup-gnome), which implements it using gnome-keyring. + libsoup should now notice when the server closes a persistent connection, and close its side of the connection sooner. This should hopefully fix the spurious "Connection terminated unexpectedly" errors in WebKitGTK. [bgo#578990] + Fixed some problems with connection management in SoupSession that could cause a session to eventually "stall" and be unable to process new requests. [bgo#592084] + Fixed an infinite loop that caused 100% CPU usage if the network went down at exactly the right time while there were unsent messages in the queue. [bgo#592492] + Fixed a crash in SoupLogger. [bgo#591857] + Fixed the definition of soup_message_is_keepalive() for HTTP/1.0 messages, to fix a problem introduced in 2.27.90 where some messages would load completely but never emit "finished". + Fixed a crash in SoupServer introduced in 2.27.90 when processing a request with no "Host" header. - Add gnome-keyring-devel BuildRequires. - Update to version 2.27.90: + libsoup now uses glib's GResolver rather than its own DNS code. For 2.27.90, the only visible change should be that internationalized domain names are now supported. [bgo#548287] + Added soup_message_disable_feature(), which allows you to disable particular features (eg, cookies, proxy, content-sniffing, etc) on a per-message basis. [bgo#574773] + It is now possible to implement "OPTIONS *" in a SoupServer; you must explicitly register a handler for "*" in order to do this. [bgo#590751] + Ignore Content-Length on EOF-terminated responses, to match other browsers and therefore cope with broken servers that send the wrong length. + Fixed the status code when trying to fetch an https URI with a non-gnutls build of libsoup. [bgo#590464] + Fixed strict-aliasing warnings introduced in 2.27.4 [bgo#588771] + Fixed some warnings noted by fortify [bgo#591226] and -Wextra + libsoup now uses automake 1.11's silent-rules support by default (if you are building with automake 1.11). Use "./configure --disable-silent-rules" or "make V=1" to disable - Update to version 2.27.5: + Fixed a crash when a web server redirected a request to a non-http URI (eg, "about:blank"). [bgo#528882] + Fixed a hang when trying to create an attachment on certain bugzilla installations from epiphany. [bgo#584645] + Fixed verification of V1 TLS certificates [bgo#589323] + Fixed compile problems on Windows (in the ssl code), and on Linux (when the most recent version of gtk-doc was installed). - Update to version 2.27.4: + Added SoupContentSniffer and the "content-sniffed" signal on SoupMessage, to do Content-Type sniffing per the HTML5 / draft-abarth-mime-sniff algorithm. [bgo#572589] + Updated the earlier SoupSession timeout fixes ([bgo#574414], [bgo#578928]) so that async connect() also times out [bgo#588177] and SSL works on Windows again [bgo#587910]. + Fixed the behavior on a 301 response to a POST to match real-world usage rather than what the spec says. (We were doing the right thing on 302 and 303, but had missed 301.) [bgo#586692] + Changed configure so that if GNUTLS isn't found then it errors out, rather than silently building an SSL-less libsoup. Configure with --disable-ssl if you actually don't want SSL. [bgo#584955] - Update to version 2.27.2: + Replaced SoupProxyResolver with SoupProxyURIResolver, which is a bit simpler, works with non-HTTP URIs (and so could be used by gvfsd-ftp) and supports proxy auth correctly. [bgo#580051] + Fixed SoupSession to not try to resolve http server hostnames when it's just going to pass the hostname off to a proxy server anyway. This fixes things on hosts that use a proxy for everything and have no working DNS config [bgo#577532] and also makes WebKitGTK behave more like other browsers in terms of per-host connection limits (we now limit connections based on hostname rather than on IP address). + We also no longer set the AI_CANONNAME flag when calling getaddrinfo(), which saves us a little bit of unnecessary network traffic. + libsoup now always uses SSL 3.0 (not TLS 1.0 or 1.1) for https URIs, to work around problems with older servers that don't implement the (apparently quite confusing) TLS/SSL compatibility rules correctly. Makes a bunch of previously-inaccessible sites now accessible in WebKitGTK (notably PayPal) [bgo#581342]. Will eventually be revisited, to first try TLS 1.1 and fall back if that fails. + Fixed Digest auth to (recent) Apple CalDAV servers. [bgo#583091] + Changed the way the SoupSession "authenticate" signal works a bit. We now never emit "authenticate" before sending a request, even if we know for sure that it's going to fail, because this makes the semantics of the authenticate handler too complicated (and because we'll only get into this situation if a previous call to the authenticate handler failed anyway). Fixes problems in WebKitGTK when you cancel a password dialog, and then later try to load the page again. [bgo#583462] + Fixed a bug in the CRLF-vs-LF patch (bgo#571283) that caused libsoup to fail to parse the response headers (returning SOUP_STATUS_MALFORMED) if a CR LF got split across two read()s. [bgo#582002] + Allow using PUT in soup_form_request_for_data(), to work with certain broken web APIs. [bgo#581860]. Also, fixed a problem with empty POST bodies that made some parts of gmail not work in WebKitGTK. + Applied some minor bugfixes to configure.in and autogen.sh [bgo#583911, bgo#583942]. Fixed configure.in to not use gcc warning options that the installed version of gcc doesn't recognize [bgo#578851]. + Added G_GNUC_NULL_TERMINATED and G_GNUC_PRINTF to a few methods that should have had them. [bgo#581754] - Update to version 2.27.1: + SOUP_SESSION_TIMEOUT now works properly with SoupSessionAsync [bgo#574414] and SSL [bgo#578928]. Added tests/timeout-test to test this. + SoupDate fixes: - soup_date_to_string() now handles SOUP_DATE_RFC2822 [bgo#579055] - soup_date_new_from_string() now accepts 24:00 as a time in ISO8601 timestamps - soup_date_to_string() now coerces the date to UTC for HTTP and cookie dates, and outputs the UTC correct offset for the other date types. - Added regression tests to tests/date + soup_headers_parse() now completely ignores syntactically-incorrect headers, rather than passing them to soup_message_headers_append() and causing a g_warning. soup_message_headers_append() now also rejects 0-length header names. Updated tests/header-parsing to check this. [bgo#579318] + Fix a crash when cancelling a message from a "restarted" handler, and updated a regression test to notice the underlying cause. [bgo#380193] + Completing the API updates for bgo#576760 from 2.26.1, soup_message_headers_get() is now marked deprecated in favor of soup_message_headers_get_one() and _get_list(). - Do not package ChangeLog file: it's not distributed anymore. - Update to version 2.26.1: + Fix SoupProxyResolverGNOME bugs [bgo#578746, bgo#578809] + Fixed warnings when a message has a network problem when many other messages are queued. [bgo#578809] - Update to version 2.26.0.9: + libsoup uses libproxy for PAC and WPAD proxy resolution again. However, it arranges to do all communication with GConf itself, to ensure that libproxy doesn't call it in non-thread-safe ways. [bgo#571527] + Fixed a bug in SoupSessionSync when proxy resolution failed. [bgo#574957] + SoupURI now handles unencoded spaces in URIs. In particular, redirects via Location headers with spaces in them now work. [bgo#566530] + libsoup can now deal with servers (and clients) that erroneously use LF LF instead of CR LF CR LF to separate the headers and body. [bgo#571283] + Added soup_message_headers_get_one() and soup_message_headers_get_list(), which will eventually deprecate soup_message_headers_get(). This lets applications deal correctly with implementations that erroneously send multiple copies of single-valued headers. [bgo#576760] + In particular, soup_message_headers_get_content_type() now ignores duplicate Content-Type headers [bgo#576760] and also ignores syntactically-incorrect Content-Type headers. [bgo#577630] + SoupCookieJar can now store multiple cookies with the same domain and name, but different paths. [bgo#577360] + Abnormal SSL connection closes are now treated as ordinary EOFs, for compatibility with certain sites. [bgo#577386] + soup_header_g_string_append_param() now allows NULL values. [bgo#577728] + soup_message_headers_append() now rejects header names and values with newlines or certain other illegal data in them, rather than generating syntactically invalid headers. + Fixed a small bug in soup_date_new_from_string's ISO 8601 handling [bgo578369 for g_time_val_from_iso8601]. + The regression tests now work correctly on machines where "localhost" resolves to "::1" instead of "127.0.0.1". [bgo#576583] + Miscellaneous documentation fixes/clarifications. - Update to version 2.26.0: + Temporarily disable libproxy support to work around a bug in its gnome plugin that causes gvfsd-http (and probably eventually other apps) to crash. (bgo#571527) + Fixed a bug that showed up in WebKit, where if many messages were queued all at once to a server that doesn't support persistent connections, some of the requests will get lost. (bgo#574365) + Fixed SoupServer to support using SOUP_ENCODING_EOF, so you can stream responses of unknown length to HTTP/1.0 clients. (bgo#572153) + Fixed several bugs that prevented SoupCookieJarSqlite from working. (bgo#572409) + Added G_{BEGIN,END}_DECLS guards to public headers that were missing it. + Misc gtk-doc improvements. - Remove AutoReqProv: it's default now. - Remove -fno-strict-aliasing from CFLAGS. - Do not create an empty libsoup package. Have libsoup2_4-1 provide/obsolete it. - Merge the doc with the devel package since it only contained gtk-doc. - Add gconf2-devel BuildRequires since it's needed again (see first item in upstream changes). ==== listres ==== Version update (1.0.3 -> 1.0.4) - Update to version 1.0.4 * config: Add missing AC_CONFIG_SRCDIR * configure: Drop AM_MAINTAINER_MODE * autogen.sh: Honor NOCONFIGURE=1 * autogen.sh: use quoted string variables * autogen: add default patch prefix * autogen.sh: use exec instead of waiting for configure to finish ==== webkit2gtk3 ==== Version update (2.18.6 -> 2.20.0) Subpackages: libjavascriptcoregtk-4_0-18 libwebkit2gtk-4_0-37 libwebkit2gtk3-lang typelib-1_0-JavaScriptCore-4_0 typelib-1_0-WebKit2-4_0 webkit2gtk-4_0-injected-bundles - Update to version 2.20.0 (boo#1088182): + New API to retrieve and delete cookies with WebKitCookieManager. + New web process API to detect when form is submitted via JavaScript. + Several improvements and fixes in the touch/gestures support. + Support for the ?system? CSS font family. + Complex text rendering improvements and fixes. + Added a low power mode. + More complete and spec compliant WebDriver implementation. + Security fixes: CVE-2018-4101, CVE-2018-4113, CVE-2018-4114, CVE-2018-4117, CVE-2018-4118, CVE-2018-4119, CVE-2018-4120, CVE-2018-4122, CVE-2018-4125, CVE-2018-4127, CVE-2018-4128, CVE-2018-4129, CVE-2018-4133, CVE-2018-4146, CVE-2018-4161, CVE-2018-4162, CVE-2018-4163, CVE-2018-4165. - Add webkit2gtk3-python3.patch: port to python 3 (bsc#1079812, webkit#156674). - Add conditional to optionally require python3, rather than python2 + python-xml, and adjust %build to use python3. - Update to version 2.19.92: + Ensure DNS prefetching cannot be re-enabled if disabled by settings. + Fix seek sometimes not working. + Fix rendering of emojis that were using the wrong scale factor in some cases. + Fix rendering of combining enclosed keycap. + Fix rendering scale of some layers in HiDPI. + Fix a crash in Wayland when closing the web view. + Fix crashes upower crashes when running inside a chroot or on systems with broken dbus/upower. + Fix memory leaks in GStreamer media backend when using GStreamer 1.14. + Fix the build with Enchant 2.x. + Fix several crashes and rendering issues. + Updated translations. - Replace pkgconfig(enchant) with enchant-devel BuildRequires: Allow webkit2gtk3 to build with whatever enchant is available in target distro. - Modernize spec-file by calling spec-cleaner - Update to version 2.19.91: + Add ENABLE_ADDRESS_SANITIZER to make it easier to build with asan support. + Fix a crash a under Wayland when using mesa software rasterization. + Make fullscreen video work again. + Fix handling of missing GStreamer elements. + Fix rendering when webm video is played twice. + Fix kinetic scrolling sometimes jumping around. + Fix build with ICU configured without collation support. + Fix several crashes and rendering issues. + Updated translations. - Do a minor spec cleanup. - Update to version 2.19.90: + WebSockets use system proxy settings now (requires libsoup 2.61.90). + Show the context menu on long-press gesture. + Add support for Shift + mouse scroll to scroll horizontally. + Fix zoom gesture to actually zoom instead of changing the page scale. + Implement support for Graphics ARIA roles. + Make sleep inhibitors work under Flatpak. + Add get element CSS value command to WebDriver. + Fix a crash aftter a swipe gesture. + Fix several crashes and rendering issues. - Drop webkit2gtk3-fix-wayland-crash.patch: fixed upstream. - Update to version 2.19.6: + Fix crashes due to duplicated symbols in libjavascriptcoregtk and libwebkit2gtk. + Fix parsing of timeout values in WebDriver. + Implement get timeouts command in WebDriver. + Fix deadlock in GStreamer video sink during shutdown when accelerated compositing is disabled. + Fix several crashes and rendering issues. - Update to version 2.19.5: + This is a follow up release to export webkit_dom_dom_window_webkit_message_handlers_post_message() symbol that was hidden in 2.19.4 by mistake. - Changes from version 2.19.4: + Add web process API to detect when form is submitted via JavaScript. + Add new API to replace webkit_form_submission_request_get_text_fields() that is now deprecated. + Add WebKitWebView::web-process-terminated signal and deprecate web-process-crashed. + Fix rendering issues when editing text areas. + Use FastMalloc based GstAllocator for GStreamer. + Fix several crashes and rendering issues. + Updated translations. - Apply -DUSE_SYSTEM_MALLOC=ON unconditionally in all builds (bmalloc seems to be exhausting memory on run time). - Update to version 2.19.3: + Fix web process crash at startup in bmalloc. + Fix several memory leaks in GStreamer media backend. + WebKitWebDriver process no longer links to libjavascriptcoregtk. - Fix several crashes and rendering issues. - Changes from version 2.19.2: + Add new API to add, retrieve and delete cookies via WebKitCookieManager. + Add functions to WebSettings to convert font sizes between points and pixels. + Ensure cookie operations take effect when they happen before a web process has been spawned. + Automatically adjust font size when GtkSettings:gtk-xft-dpi changes. + Fix several crashes and rendering issues. - Allow OBS service to verify the tarball signature: + Add webkit2gtk3.keyring: Carlos Garcia Campos' public key. - Update to version 2.19.1: + Add initial resource load statistics support. + Add API to expose availability of certain editing commands in WebKitEditorState. + Add API to query whether a WebKitNavigationAction is a redirect or not. + Improve complex text rendering. + Add support for the "system" CSS font family. + Implement low power mode. + Fix several crashes and rendering issues. - Drop webkit2gtk3-no-return-in-nonvoid.patch: fixed upstream. - Add pkgconfig(libbrotlidec) and pkgconfig(upower-glib) BuildRequires: new dependencies. - Add webkit2gtk3-fix-wayland-crash.patch: fix crash when using Wayland with QXL/virtio (bsc#1079512, webkit#182490). - Add missing dependencies from the -devel package to the build typelib-1_0-*: just like libraries, a consumer of the devel package can assume the typelibs to be present: + typelib-1_0-WebKit2-%{_sonameverpkg}. + typelib-1_0-WebKit2WebExtension-%{_sonameverpkg}. - even on recent codestreams there is no binutils gold on s390 only on s390x. - Update to version 2.18.6: + Fix deadlock in GStreamer video sink during shutdown when accelerated compositing is disabled. + Several fixes and improvements in WebDriver. + Security fixes: CVE-2018-4088, CVE-2017-13885, CVE-2017-7165, CVE-2017-13884, CVE-2017-7160, CVE-2017-7153, CVE-2017-7153, CVE-2017-7161, CVE-2018-4096. - Update to version 2.18.5: + Disable SharedArrayBuffers from Web API. + Reduce the precision of ?high? resolution time to 1ms. + Fix API documentation generation with newer gtk-doc. + bsc#1075419 - Security fixes: includes improvements to mitigate the effects of Spectre (CVE-2017-5753 and CVE-2017-5715). - Update package descriptions. - Update to version 2.18.4: + Make WebDriver implementation more spec compliant. + Fix a bug when trying to remove cookies before a web process is spawned. + WebKitWebDriver process no longer links to libjavascriptcoregtk. + Fix several memory leaks in GStreamer media backend. + bsc#1073654 - Security fixes: CVE-2017-13866, CVE-2017-13870, CVE-2017-7156, CVE-2017-13856. - Explicitly buildrequire python2-xml: the build system is (for now) hard locked on python2 and relies on the presence of python2-xml (used to be pulled in by glib2-devel in the past). - Update to version 2.18.3: + Improve calculation of font metrics to prevent scrollbars from being shown unnecessarily in some cases. + Fix handling of null capabilities in WebDriver implementation. + bsc#1069925 - Security fixes: CVE-2017-13798, CVE-2017-13788, CVE-2017-13803. - Update to version 2.18.2: + Fix rendering of arabic text. + Fix a crash in the web process when decoding GIF images. + Fix rendering of wind in Windy.com. + Fix several crashes and rendering issues. - Update to version 2.18.1: + Improve performance of GIF animations. + Fix garbled display in GMail. + Fix rendering of several material design icons when using the web font. + Fix flickering when resizing the window in Wayland. + Prevent default kerberos authentication credentials from being used in ephemeral sessions. + Fix a crash when webkit_web_resource_get_data() is cancelled. + Correctly handle touchmove and touchend events in WebKitWebView. + Fix the build with enchant 2.1.1. + Fix the build in HPPA and Alpha. + Fix several crashes and rendering issues. + bsc#1066892 - Security fixes: CVE-2017-7081, CVE-2017-7087, CVE-2017-7089, CVE-2017-7090, CVE-2017-7091, CVE-2017-7092, CVE-2017-7093, CVE-2017-7094, CVE-2017-7095, CVE-2017-7096, CVE-2017-7098, CVE-2017-7099, CVE-2017-7100, CVE-2017-7102, CVE-2017-7104, CVE-2017-7107, CVE-2017-7109, CVE-2017-7111, CVE-2017-7117, CVE-2017-7120, CVE-2017-7142. + bsc#1073654 - Security fixes: CVE-2017-7157. - Enable gold linker on s390/s390x on SLE15/Tumbleweed. - Drop gcc6-c++ build conditionals for SLE12 / Leap42. - Update to version 2.18.0: + Initial WebDriver support. + New remote inspector infrastructure. + WebCrypto API support is now enabled by default. + GStreamerGL is enabled by default when building with GStreamer >= 1.10. + Kinetic scrolling support. + New API to create a WebKitContextMenuItem from a GAction. + New API to allow overriding the popup menu of select elements. - Add webkit2gtk3-no-return-in-nonvoid.patch: Fix brp error based on "warning: control reaches end of non-void function". - Update to version 2.17.92: + Improve CPU usage when rendering under Wayland in accelerated compositing mode. + Improve the memory consumption of the UI process under Wayland. + Fix rendering issues in some web sites with accelerated compositing enabled. + Fix a web process crash when closing the WebView. + Initialize libgcrypt in the network process too. + Show controls if a video element isn?t allowed to play inline. + Add support for cookies and screenshots commands in WebDriver. + Fix several crashes and rendering issues. + Updated translations. - Update to version 2.17.91: + Fix proxy HTTP authentication for HTTPS requests. + Stop kinetic scrolling when a zero movement is reached. + Fix UI process crash when selecting text. + Fix UI process crash when loading a favicon. + Properly handle WebDriver click command on option elements. + Fix web process crash when resizing the window with accelerated compositing enabled. + Fix crashes in 32 bit systems due to incorrect use of GVariant. + Fix several crashes and rendering issues. - Update to version 2.17.90: + WebCrypto API support is now enabled by default. + Add API to provide browser information required by automation. + Fix the expiration date of manually added cookies. + Add support for alerts in WebDriver. + WebKitDatabaseProcess binary has been renamed to WebKitStorageProcess. + Fix several crashes and rendering issues. - Update to version 2.17.5: + Add initial implementation of WebDriver. + Enable GStreamerGL by default when building with GStreamer >= 1.10. + Fix position of context menu in Wayland. + Properly close cookies database at network process exit. + Fix several crashes and rendering issues. + Updated translations. - Drop webkit2gtk3-gcc7.patch and webkit2gtk3-machine-context.patch: Fixed upstream. - Add pkgconfig(gstreamer-gl-1.0) BuildRequires: New dependency. - Add explicit Mesa-libEGL-devel, Mesa-libGL-devel, Mesa-libGLESv1_CM-devel, Mesa-libGLESv2-devel and Mesa-libGLESv3-devel BuildRequires. - Update to version 2.17.4: + Add API to allow overriding popup menus. + Add kinetic scrolling support. + Improve theme rendering performance when using GTK+ >= 3.20. + Improve error message when webkit_web_view_run_javascript() fails due to a JavaScript exception. + Fix artifacts when rendering large images. + Fix blob downloads. + Fix web process deadlock when seeking youtube videos. + Fix alpha premultiplying when using cairo to draw the video frames. + Fix web process deadlock when closing the remote inspector frontend. + Update several web inspector icons. + Fix several crashes and rendering issues. + Updated translations. - Changes from version 2.17.3: + Add new API to create a WebKitContextMenuItem from a GAction. + Fix graphics repaint hungs in accelerated compositing mode after a resize. + Fix rendering glitches in HiDPI in long GitHub Gist pages when focusing the comments textarea. + Remove Firefox user agent quirk for Google domains. + Remove LATEST_RECORD_VERSION from GnuTLS priority string. + Improve colors of inspector SVG icons. + Fix several crashes and rendering issues. + Updated translations. - Changes from version 2.17.2: + Update user agent quirks to make Youtube and new Google login page work. + Fix URL shown in the title of beforeunload dialogs. + Focus first input field of HTTP authentication dialog. + Fix rendering of PNG images when decoded in more than one chunk. + Update several web inspector icons. + Fix the build with OpenGL disabled. + Fix several crashes and rendering issues. - Changes from version 2.17.1: + Switch to use new remote inspector infraestructure instead of legacy Web Sockets based one. + Add API to enable and handle Web Automation. + Load large images asynchronously off the main theead. + Use GtkFileChooserNative for open/save dialogs when available. + Make file chooser run as modal by default if possible. + Fix position of dropdown menus in Wayland. + Keep URI fragments after a server redirection. + Implement support for aria-haspopup and aria-autocomplete. + Implement aria-value support for focusable separators. + Fix playing of some live streams. - Add webkit2gtk3-gcc7.patch: Fix build with gcc7 (webkit#173544). - Add webkit2gtk3-machine-context.patch: Fix build for ppc64le (webkit#173590). - Update to version 2.16.6: + Fix rendering of spin buttons with GTK+ >= 3.20 when the entry width is too short. + Fix the build when Wayland target is enabled and X11 disabled. + Fix several crashes and rendering issues. + bsc#1050469 - Security fixes: CVE-2017-7039, CVE-2017-7018, CVE-2017-7030, CVE-2017-7037, CVE-2017-7034, CVE-2017-7055, CVE-2017-7056, CVE-2017-7064, CVE-2017-7061, CVE-2017-7048, CVE-2017-7046. - Update to version 2.16.5: + Fix a web process crash when page finishes loading in several web sites. + Fix the menu of select elements not showing in some cases under Wayland. - Update to version 2.16.4 (CVE-2017-2538): + Fix web process deadlock when seeking youtube videos. + Fix blob downloads. + Improve theme rendering performance when using GTK+ >= 3.20. + Fix positioning of popup menus in Wayland. + Fix several crashes and rendering issues. + Security fixes: CVE-2017-2538. + bsc#1050469 - Security fixes: CVE-2017-7052. - Add conditional gcc6-c++ BuildRequires and #!BuildIgnore: libgcc_s1 and also and pass -DCMAKE_C_COMPILER=gcc-6 and - DCMAKE_CXX_COMPILER=g++-6 to cmake for SLE/Leap, so we can fully build Webkit2gtk3 without disabling features. - Drop webkitgtk-disable-gcc-version-checks.patch, no longer needed following above changes. - Remove the compilation flag to disable FTL JIT, no longer needed following above changes. - Update to version 2.16.3: + Fix URL shown in the title of beforeunload dialogs. + Focus first input field of HTTP authentication dialog. + Fix rendering glitches in HiDPI in long GitHub Gist pages when focusing the comments textarea. + Remove Firefox user agent quirk for Google domains. + Remove LATEST_RECORD_VERSION from GnuTLS priority string. + Fix several crashes and rendering issues. + bsc#1050469 - Security fixes: CVE-2017-2496, CVE-2017-2539, CVE-2017-2510, CVE-2017-7011, CVE-2017-7040, CVE-2017-7059. - Drop ncurses-devel BuildRequires: this is no longer required. - Update to version 2.16.2: + Update user agent quirks to make Youtube and new Google login page work. + Fix rendering of animated PNGs. + Fix playing of some live streams. + Update several web inspector icons. + Fix the build with NPAPI plugins enabled but X11 disabled. + Fix the build with OpenGL disabled. + Fix several crashes and rendering issues. + bsc#1050469 - Security fixes: CVE-2017-7006, CVE-2017-7012, CVE-2017-7019, CVE-2017-7038, CVE-2017-7041, CVE-2017-7042, CVE-2017-7043, CVE-2017-7049. - Update to version 2.16.1: + Fix no-third-party cookies policy in case of redirections. + Keep URL fragments after server redirections. + Honor GTK+ font settings. + Ensure depth and stencil renderbuffers are created on GLESv2. + Prevent new navigations from onbeforeunload handler and document unload. + Disallow beforeunload alerts from web pages users have never interacted with. + Fix several crashes and rendering issues. + bsc#1050469 - Security fixes: CVE-2017-7020. - Update to version 2.16.0: + Add missing types to WebKitAutocleanups. + Updated translations. - Update to version 2.15.92: + Show the context menu when triggered by the keyboard. + Fix web process deadlocks when destroying the media player. + Fix web process crashes when loading animated GIFs. + Fix several crashes and rendering issues. + Updated translations. - Update to version 2.15.91: + Fix rendering artifacts when resizing the window in accelerated compositing mode. + Remove flickering when leaving accelerated compositing mode. + Fix a web process crash when loading duck duck go. + Properly handle copy drag and drop operations. + Fix a hang when sending an IPC messages fails because socket read buffers are full. + Ensure we never try to load GTK2 plugins in Wayland. + Fix several crashes and rendering issues. - Update to version 2.15.90: + Add an API to add a custom tab into the print dialog. + Update cookie manager API to properly work with ephemeral sessions. + Fix rendering issues in long documents with transparent background. + Handle extended colors in cairo and texture mapper backends. + Release unused UpdateAtlas and reduce the tile coverage on memory pressure. + The media backend now stores preloaded media in /var/tmp instead of user cache dir. + Fix a deadlock when the media player is destroyed. + Fast replay on video hide/unhide on platforms with limited video buffer pools. + Fix network process crashes when loading custom URI schemes. + Fix video rendering when switching to accelerated compositing mode. + Fix several crashes and rendering issues. + Updated translations. - Drop upstream fixed patches: - webkit2gtk3-167785.patch - webkit2gtk3-167876.patch - webkit2gtk3-167890.patch - webkit2gtk3-167929.patch - Add webkit2gtk3-167785.patch: Fix build with disabled JIT (such as on ppc564le). - Add webkit2gtk3-167876.patch, webkit2gtk3-167890.patch and webkit2gtk3-167929.patch: fix webkit stalling on loading resources over the network. - Update to version 2.15.4: + Make accelerating compositing mode on-demand again. By default it will only be used for websites that require it, saving a lot of memory on websites that don?t need it. + Add API to manage hardware acceleration policy. + Enable CSS Grid Layout by default. + Add API to create ephemeral WebViews to replace the legacy private browsing setting that is now deprecated. + Handle HTTP authentication for downloads having a WebView associated. + Add API to WebKitWebsiteDataManager to handle websites data. + Fix BadDamage X errors happening when resizing the WebView. + Fix several crashes and rendering issues. - Changes from version 2.15.3: + Add API to set network proxy settings. + Add API to set initial notification permissions. + Add WebKitSecurityOrigin to the API. + Add tag property to WebKitNotification. + Create GLX OpenGL contexts using version 3.2 (core profile) when available to reduce the memory consumption on Mesa based drivers. + Improve memory pressure handler to reduce the CPU usage on memory pressure situations. + Add support for key and code properties on keyboard events. + More user agent string improvements to improve compatibility with several websites. + Fix network process crashes when loading custom URI schemes. + Fix web process crash when closing the web view in X11. + Fix several crashes and rendering issues. + Updated translations. - Update to version 2.15.2: + Add new API to notify about dynamically added forms to Web Extensions. + Implement selection interface and states for elements supporting aria-selected and for menu roles. + Expose STATE_SINGLE_LINE and STATE_MULTI_LINE for ARIA searchbox role. + Enable WebMemorySampler. + Downloads started by context menu actions now have a web view associated. + Fix a network process crash when main resource load is converted into a download. + Fix several crashes and rendering issues. - Changes from version 2.15.1: + GObject DOM bindings API marked as unstable has been removed. + Switch to use GMenu internally in the context menu implementation. + The network backend now always sniff contents for Downloads. - Update to version 2.14.5: + Fix rendering of non-accelerated contents with HiDPI. + Revert the fix for rendering issues in long documents with transparent background because it caused issues in HiDPI. - Update to version 2.14.4: + Make accelerating compositing mode on-demand again. By default it will only be used for websites that require it, saving a lot of memory on websites that don?t need it. + Fix rendering issues in long documents with transparent background. + Release unused UpdateAtlas and reduce the tile coverage on memory pressure. + The media backend now stores preloaded media in /var/tmp instead of user cache dir. + Make inspector work again when accelerated compositing support is disabled. + Fix a deadlock when the media player is destroyed. + Fix network process crashes when loading custom URI schemes. + Fix overlay scrollbars that are over a subframe. + Fix a crash in GraphicsContext3D::drawArrays when using OpenGL 3.2 core profile. + Fix BadDamage X errors happening when resizing the WebView. + Fix several crashes and rendering issues. + bsc#1024749 - Security fixes: CVE-2017-2365, CVE-2017-2366, CVE-2017-2373, CVE-2017-2363, CVE-2017-2362, CVE-2017-2350, CVE-2017-2350, CVE-2017-2354, CVE-2017-2355, CVE-2017-2356, CVE-2017-2371, CVE-2017-2364, CVE-2017-2369. - Update to version 2.14.3: + Create GLX OpenGL contexts using version 3.2 (core profile) when available to reduce the memory consumption on Mesa based drivers. + Improve memory pressure handler to reduce the CPU usage on memory pressure situations. + Fix a regression in WebKitWebView title notify signal emission that caused the signal to be emitted multiple times. + Fix high CPU usage in the web process loading hyphenation dictionaries. + More user agent string improvements to improve compatibility with several websites. + Fix web process crash when closing the web view in X11. + Fix the build with OpenGL ES2 enabled. + Fix several crashes and rendering issues. + bsc#1020950 - Security fixes: CVE-2016-7656, CVE-2016-7635, CVE-2016-7654, CVE-2016-7639, CVE-2016-7645, CVE-2016-7652, CVE-2016-7641, CVE-2016-7632, CVE-2016-7599, CVE-2016-7592, CVE-2016-7589, CVE-2016-7623, CVE-2016-7586. + Updated translations. - Do not recommend the -lang package with a version: it has close to no effect anyway, as the solver could simply ignore it to find a solution. - Update to version 2.14.2: + Expose WebKitDOMHTMLInputElement APIs for form autofill in unstable DOM API. + Properly update WebKitWebView and WebKitWebPage URI properties when request is modified by WebKitWebPage:send-request signal. + Restore user agent quirk for Yahoo. + Dot not leak the default WebKitWebsiteDataManager in WebKitWebContext. + Use eglGetPlatformDisplay when available instead of eglGetDisplay. + Avoid strstr() when checking (E)GL extensions. + Fix several crashes and rendering issues. + Fix the build with ENABLE_OPENGL=OFF and allow to build on Wayland without OpenGL again. + Updated translations. - Disable JIT on armv6 (webkit#141288). - Update to version 2.14.1: + MiniBrowser and jsc binaries are now installed in pkglibexecdir instead of bindir. + Improve performance when resizing a window with multiple web views in X11. + Check whether GDK can use GL before using gdk_cairo_draw_from_gl() in Wayland. + Updated default UserAgent string for better compatibility. + Fix a crash on github.com in IntlDateTimeFormat::resolvedOptions when using the C locale. + Fix BadDamage X errors when closing the web view in X11. + Fix UIProcess crash when using Japanese input method. + Fix build with clang due to missing header includes. + Fix the build with USE_REDIRECTED_XCOMPOSITE_WINDOW disabled. + Fix several crashes and rendering issues. + Updated translations. + bsc#1020950 - Security fixes: CVE-2016-4692, CVE-2016-7610. - Update to version 2.14.0: + Use gdk_cairo_draw_from_gl() when possible in Wayland to render directly using the GPU in the UI process. + Ensure we don't send an empty referrer header after session restore. + Fix a web process crash in pages using filter animations. + Fix main frame scrolling jumps when scrolling acclerated subframes. + Fix the size of the cairo surface created in the UI process on Wayland. + Fix memory leak in JavaScriptCore. + Fix the build when '.' is not in @INC by default in perl. + Updated translations. + bsc#1020950 - Security fixes: CVE-2016-4743, CVE-2016-7587, CVE-2016-7598. - Rebase webkitgtk-disable-gcc-version-checks.patch. - Reintroduce support for Gtk2 plugins like Flash. + Add pkgconfig(gtk+-2.0) BuildRequires. + No longer pass -DENABLE_PLUGIN_PROCESS_GTK2=OFF to configure. + Split the built plugin to it's own sub-package, webkit2gtk3-plugin-process-gtk2, and make sure it's excluded from the main package. + Only apply these changes to openSUSE via conditional. - Update to version 2.13.92: + Add clipboard support in Wayland. + Improve rendering of scrollbars with themes setting a minimum width for the scrollbar CSS gadget. + Fix another WebProcess crash when the last WebView is destroyed. + Fix the build with GCC 6. - Drop webkitgtk-fix-clipboard.patch: Fixed upstream. - Add webkitgtk-fix-clipboard.patch: Fix clipboard support in wayland (webkit#146574). - Update to version 2.13.91: + Improve the performance when resizing the WebView with the threaded compositor. + Do not try to use GL_PACK_ROW_LENGTH when compiling with GLES2, since it's not available. + Use a different plugins cache file in Wayland and X11. + Fix UI process crash visiting sites protected with HTTP auth when using GTK+ < 3.14. + Fix a WebProcess crash when the last WebView is destroyed. + Fix build configure without Wayland support. + Fix the build when compiling with Clang. + Fix several crashes and rendering issues. + Updated translations. - Update to version 2.13.90: + Add initial implementation of accelerating compositing support under Wayland. + Fix performance with the modesetting intel driver and DRI3 enabled. + Improved performance when resizing the web view on X11. + Fix several crashes and rendering issues. + Updated translations. - Update to version 2.13.4: + Switched to use the threaded compositor. Accelerated compositing mode is now always enabled by default and happens in a separate thread in the web process. + Make web view background colors work in accelerated compositing mode. + Fix several crashes and rendering issues. - Update to version 2.13.3: + Fix Web Process deadlocks when loading HLS videos. + Make videos work when painted into a canvas when accelerated compositing is enabled. + Fix flickering with animated GIFs. + Fix a Web Process crash when video repaint is requested with GStreamer GL enabled. + Reduce the amount of file descriptors that the Web Process keeps open. + Make memory pressure handler work when cgroups are not available. + Fix several crashes and rendering issues. - Update to version 2.13.2: + Properly redraw the web view when reparented in force compositing mode. + Flip the volume control layout in media controls on RTL. + Add support for video orientation to the GStreamer media backend. + Fix several crashes and rendering issues. - Update to version 2.13.1: + CSS Grid Layout has been unprefixed and can be enabled as an experimental feature at runtime. + The HTTP disk cache implements speculative resources revalidation. + Add a new WebKitSetting to allow universal access from file URLs. + Fix several crashes and rendering issues. - Rebase webkitgtk-typelib-sharelib-link.patch. - Add pkgconfig(gnutls) BuildRequires: New dependency. - Rebase webkitgtk-disable-gcc-version-checks.patch for 2.12.5 - Update to version 2.12.5: + Fix a regression introduced in 2.12.4 that caused a hang in the network process after a load failure. + Fix several crashes and rendering issues. - Rebase webkitgtk-disable-gcc-version-checks.patch for 2.12.4 - Update to version 2.12.4: + Security fixes: CVE-2016-4622, CVE-2016-4624, CVE-2016-4591, CVE-2016-4590. + Fix performance in accelerated compositing mode with the modesetting intel driver and DRI3 enabled. + Reduce the amount of file descriptors that the Web Process keeps open. + Fix Web Process deadlocks when loading HLS videos. + Make CSS and SVG animations run at 60fps. + Make meter elements accessible. + Improve accessibility name and description of elements to make it more compatible with W3C specs and fix several bugs in which the accessible name of objects was missing or broken. + Fix a crash when running windowed plugins under Wayland. + Fix a crash at process exit under Wayland. + Fix several crashes and rendering issues. + Updated translations. - Update _constraints memory requirements. - Refresh webkitgtk-disable-gcc-version-checks.patch for latest version. - Update to version 2.12.3: + Security fixes: CVE-2016-1857, CVE-2016-1856. + Improved the detection of supported MIME types supported by the media player. + Fix web process crash when playing adaptive streaming media. + Change the volume while thumb slider is dragged, not only when released. + Fix leaked thread in network process. + Fix several crashes and rendering issues. + Updated translations. - Also apply webkitgtk-disable-gcc-version-checks.patch on Leap and use GCC 4.8. - Change condition to pass -DENABLE_DATABASE_PROCESS=OFF, - DENABLE_INDEXED_DATABASE=OFF and -DENABLE_FTL_JIT=OFF to cmake: newly on all SLE12 based systems (incl. Leap). - Update to GNOME 3.20.2 FATE#318572 - add -DUSE_SYSTEM_MALLOC=ON as in factory on ppc/s390 - handle s390 like s390x to fix build - Refresh webkitgtk-disable-gcc-version-checks.patch for latest version. - Update to version 2.12.2: + Fix rendering of scrollbars with GTK themes using stepper buttons. + Fix compatibility issue with 2.12.1 regarding local storage access from file URLs. + Make menu list buttons use the text color from the theme. + Do not show resize grip in non-resizable text fields. + Fix accessibility events causing Orca to echo key presses instead of speaking the inserted characters in password fields. + Fix an off by one error in hyphenation. + Fix several crashes and rendering issues. + Fix the build with libjpeg v9. + Updated translations. - Drop pkgconfig(gtk+-2.0) BuildRequires and pass - DENABLE_PLUGIN_PROCESS_GTK2=OFF to configure. We do no longer ship the flash-plugin in openSUSE, and it were the last consumer of this functionality. This also have the added bonus of freeing zenity and dependant packages of gtk2 dependencies. - Update to version 2.12.1: + Fix spotify player. + Improve themed control elements rendering to better match GTK+ widgets. + Make remote web inspector work again. + Fix several crashes and rendering issues. + Fix several memory leaks. + Fix the build in Linux / PowerPC. + Fix detection of S390X and PPC64 architectures. + Fix the build in glibc-based BSD systems. + Updated translations. - Add -DUSE_SYSTEM_MALLOC=ON to configure for ppc ppc64 ppc64le and s390x, needed now for build to complete. - Refresh webkitgtk-disable-gcc-version-checks.patch for latest version. - Update to version 2.12.0: + Enable GSS-Negotiate support when available in libsoup. + Fix overlay scrollbar indicator position. + Fix smooth scrolling behavior that was not fixed in all cases in 2.11.92. + Fix the build with newer versions of GCC and clang. - Update webkitgtk-disable-gcc-version-checks.patch (partially merged). - Update to version 2.11.92: + Revert the patch to limit the number of tiles according to the visible area introduced in 2.11.90, because it caused rendering issues in several popular websites. + Fix scrollbars rendering again with GTK+ >= 3.19.11. + Fix rendering of slider input elements. + Fix rendering artifacts when using a web view background color. + Make webkit_web_context_clear_cache() work again. + Fix smooth scrolling behavior that was changed by mistake. + Don?t force ENABLE_INTROSPECTION=OFF on Mac. + Install WebProcess and NetworkProcess on OSX when not building the Mac port. - Update webkitgtk-disable-gcc-version-checks.patch to properly disable terminateDatabaseProcess method when it is disabled at compilation time. - Refresh webkitgtk-disable-gcc-version-checks.patch for latest webkitgtk. - Update to version 2.11.91: + Do not show stale contents after session restore. + Fix flickering and rendering artifacts when entering accelerated compositing mode before the web view is realized. + Fix several rendering issues and crashes. + Fix build with FTL enabled in FreeBSD. + Updated translations. - Update webkitgtk-disable-gcc-version-checks.patch to fix building with gcc 4.8 (fix from Mike Gorse). - Update to version 2.11.90: + Switch to use overlay scrollbars like all other GTK+ widgets and ensure the behavior is consistent with GTK+ too. + Limit the number of tiles according to the visible area. This was causing a huge memory consumption with some websites. + Fix toggle buttons rendering with GTK+ 3.19. + Fix HTTP authentication dialog rendering when accelerated compositing mode is enabled. + Use G_TYPE_ERROR instead of G_TYPE_POINTER for GError parameters of signals. + Fix several memory leaks. - Rebase webkitgtk-disable-gcc-version-checks.patch. - Do not use binutils-gold on s390x and try to minimize memory used there at linking time. - Ensure JIT is also disabled on s390x. - Refresh webkitgtk-disable-gcc-version-checks.patch for latest webkitgtk. - Update to version 2.11.5: + Switch FTL to use B3 backend instead of LLVM. + Add support for windowless NPAPI plugins with no UI in non X11 platforms. + Fix a deadlock in the Web Process when JavaScript garbage collector was running for a web worker thread that made google maps to hang. + Fix a Web Process crash when quickly attempting many DnD operations. + Fix scrollbars rendering with older versions of GTK+. + Fix a crash when creating a WebKitWebView without providing a WebKitWebContext. - Drop llvm-devel BuildRequires as upstream now supports B3 instead of LLVM. - Refresh webkitgtk-disable-gcc-version-checks.patch for latest webkitgtk. - Update to version 2.11.4: + Prefer to link to LLVM shared libraries when building with FTL enabled. + Fix runtime errors when serializing/deserializing session state. + Fix critical warnings when loading a URL after a session restore. + Fix the build with GTK+ < 3.14. + Fix the build with video support disabled. - Drop webkitgtk-llvm-shared-libs.patch: Fixed upstream. - Refresh webkitgtk-disable-gcc-version-checks.patch for latest webkitgtk. - Update to version 2.11.3: - NetworkProcess is now used unconditionally. The shared secondary process model is now the same as using the multiple process model and setting a process limit of 1. - Disable DNS prefetch when a proxy is configured. - Reduce the maximum simultaneous network connections to match other browsers. - Extend notifications API to notify WebKit when a notification is clicked by the user. - Add new API to save and restore a WebView session. - Add Web Extensions API to be notified about console messages. - Add WebKitURIRequest API to get the HTTP method. - Add API to handle beforeunload events. - Make WebKitWebView always propagate motion-notify-event signal. - Add a way to force accelerating compositing mode at runtime using an environment variable. - Fix input elements and scrollbars rendering with GTK+ 3.19. - Fix a crash in the UI process when the WebView is destroyed while the screensaver DBus proxy is being created. - Fix a WebProcess crash when loading large contents with custom URI schemes API. - Fix UI process crashes related to not having a main resource response when the load is committed for pages restored from the history cache. - Reenable JIT on SLE, except for the fourth tier (FTL) which requires LLVM 3.7. - Add webkitgtk-llvm-shared-libs.patch to replace llvm-config wrapper script. - Disable database support on SLE, which is requiring gcc >= 4.9: Add patch webkitgtk-disable-gcc-version-checks.patch to allow building with gcc 4.8, change BuildRequires to gcc-c++ / libedit-devel on SLE, instead of gcc-c++ >= 4.9 and llvm-devel, disable database and indexed database on SLE and disable JIT support on all platforms on SLE, which requires llvm >= 3.7. - Miscellaneous cleanups. - Stop setting ENABLE_YARR_JIT=OFF on secondary arches. Nowadays ENABLE_YARR_JIT is a private option, and setting ENABLE_JIT=OFF is sufficient to do the right thing. - Fix build: + Add llvm-devel and ncurses-devel BuildRequires. + Inject a llvm-config wrapper script into ~/bin, which replaces the original's output of static libs with dynamic shared objects. This is supposedly going to be corrected with LLVM 3.8. - Update to version 2.11.2: + Enable FTL by default in JavaScriptCore for x86_64. + Improved media backend performance by better handling glib main loop sources. + Fix rendering of lines when using solid colors. + Fix web process crashes due to BadDrawable X errors in accelerated compositing mode. + Updated translations. - Update to version 2.10.7: + Fix the build with GTK+ < 3.16. - Update to version 2.10.6: + Fix a deadlock in the Web Process when JavaScript garbage collector was running for a web worker thread that made google maps to hang. + Fix media controls displaying without controls attribute. + Fix a Web Process crash when quickly attempting many DnD operations. - Add binutils-gold BuildRequires: Use the gold linker for build and remove --reduce-memory-overheads from RPMOPT flags since gold-linker does not know it. - Update to version 2.11.1: + Improved general performance by better handling glib main loop sources. + Add autocleanups support to GObjects exposed in public API. + Upload the accelerated canvas as a texture by copying via GPU directly. + Popup menus no longer use a nested main loop. - Update to version 2.10.4: + Fixed dashed and dotted border painting. + Properly cancel navigation policy checks. + Several crashes fixed when running editor commands. + Fix several crashes due to assertions in Debug builds. + Fix the build on Mac OSX and bring back the Quartz target. + Fix the build on glibc-based BSD systems. - Update to version 2.10.3: + Fix graphics artifacts when entering/leaving Accelerated Compositing mode. + Honour 'forwards' fill-mode in Multiple-keyframe and delayed instantaneous animations. + Fix runtime warning when the inspector is closed. + Fix the build with GTK+2 plugin process disabled. + Gracefully handle errors when sending/receiving IPC messages data on connection close. + Fix several crashes and rendering issues. - Update to version 2.10.2: + Fix a regression introduced in 2.10.1 that disabled accelerated compositing. + Fix build with cmake 3.4. - Update to version 2.10.1: + Fix rendering of accelerated content in HiDPI screens. + Fix several media controls rendering issues. + Fix rendering of progress element with recent versions of GTK+. + Add and update some web inspector icons. + Correctly handle websites sending an invalid auth header. + Fix a crash when creating the UI process backing store in Wayland. + Fix the build with spellchecker disabled. + Fix the build with touch events disabled. + Fix the build with OpenGL disabled. + Several build fixes on Mac OSX. + Fix several crashes and rendering issues. - Update to version 2.10.0: + New HTTP disk cache for the Network Process. + IndexedDB support. + New Web Inspector UI. + Automatic ScreenServer inhibition when playing fullscreen videos. + Improved font matching algorithm. + Initial Editor API. + Performance improvements. - Update to version 2.9.92: + Data URLs are now decoded in the Web Process instead of the Network Process. + Fix Web Process crash recovery. + Fix a crash when sqlite3_initialize() is called from multiple threads. + Fix the volume bar in media controls. + Fix JavaScriptCore build with GCC 5. + Fix the build when accelerated 2D canvas is enabled but cairo was built without GLX. + Fix everal memory leaks. + Updated translations. - Drop webkitgtk-gcc5-buildfix.patch: Fixed upstream. - Update to version 2.9.91: + Fix performance regression introduced in previous release when scaling images. + Fix runtime critical warning when there are missing media plugins. + Fix the build on systems with GTK+ compiled with an old version of wayland. - Update to version 2.9.90: + Add API to request permission before showing PackageKit codec installation notifications. + Fix a crash closing a page when a context menu is open. + Fix DNS prefetch when using the network process. + Improve image quality when using newer versions of cairo/pixman. + Fix a crash when the web view is destroyed while the screensaver DBus proxy is being created. - Update to version 2.9.5: + Add API to set the maximum number of web processes per WebKitWebContext. + Add API to allow executing editing commands that require an argument. + Prevent clipboard contents from being lost when web process finishes. + Always allow font matching for strong aliases. + Move GStreamer missing plugins installer to the UI process. + Fix empty space in popup menus when first item is selected. + Fix a crash when SoupSession is destroyed in exit handler. + Disable NPAPI plugins when running on Wayland. + Updated translations. - Update to version 2.9.4: + Fix the window size reported when the web view isn't realized yet. This fixes the layout of some websites when opening new tabs in the browser and anchor links when opened in new tabs too. + Add API to be notified about editor state changes. + Add selection-changed signal to the Web Extensions API. + Add initial WebKitWebsiteDataManager API for process configuration options. + Make WebSQL work by using a default quota instead of always failing in openDatabase with DOM Exception 18. + Correctly restore accelerated compositing after a WebProcess crash. + Only enable the input methods filter when there's an editable element focused. + Fix a crash on memory allocation using bmalloc on 32bit systems. + Allow to build with X11 and Wayland targets at the same time. + Fix a crash when spell checker returns no guesses. + Update and optimize some of the web inspector icons. + Updated translations. - Update to version 2.9.3: + Inhibit screen saver when playing full screen video. + Fix DOCUMENT_VIEWER cache model to actually disable the memory cache. + Fix a regression that prevented the WebKitWebView::context-menu signal from being emitted. + Update web inspector icon so Rendering Frames timeline distinguish between layout and painting. + Ensure fragment identifier part of URI is not removed for custom URI scheme requests. + Improve performance of keyboard events handling. + Expose element tag name as an object attribute to accessibility. + Fix the build with Wayland target enabled. - Update to version 2.9.2: + Add IndexedDB support using a dedicated database process. + Add construct property to WebKitWebContext to set the IndexedDB database directory. + Add allow-file-access-from-file-urls to WebKitSettings. + Improve network process disk cache performance by mapping cached resources in the web process instead of sending the resources data via IPC. + Prevent WorkQueue objects from being leaked and ensure its worker thread always exits. + webkit_dom_html_element_get_children() has been deprecated in favor of webkit_dom_element_get_children() to match the DOM spec. + ARIA menu items no longer have anonymous block children. + Map pre element to ATK_ROLE_SECTION instead of ATK_ROLE_PANEL. + Always include rows in the tree of accessible tables. + Fix the build with Netscape plugins disabled. + Fix XPixmaps leaked by GLContext when using EGL on X11. + Updated translations. - Update to version 2.9.1: + New disk cache implementation when using the network process. + Web inspector UI has been redesigned. + Add support for automatic hyphenation using libhyphen when it's available. + Fix network redirection to a non HTTP destination. - Add hyphen-devel BuildRequires: New dependency. - Update to version 2.8.5: + Fix the window size reported when the web view isn't realized yet. This fixes the layout of some websites when opening new tabs in the browser and anchor links when opened in new tabs too. + Prevent clipboard contents from being lost when web process finishes. + Always allow font matching for strong aliases. + Move GStreamer missing plugins installer to the UI process. + Fix a crash when spell checker returns no guesses. + Fix a crash when SoupSession is destroyed in exit handler. + Fix a crash closing a page when default context menu is open. + Several crashes and rendering issues fixed. + Updated translations. - Modify _constraints file for armv6l/armv7l arches to sizes so low that in practice it's disabled. - Update to version 2.8.4: + Make WebSQL work by using a default quota instead of always failing in openDatabase with DOM Exception 18. + Improve detection and usage of GL/GLES/EGL libraries. + Fix a crash on memory allocation using bmalloc on 32bit systems. + Fix DOCUMENT_VIEWER cache model to actually disable the memory cache. + Fix a WebProcess crash after too many redirect error when there's an active NPAPI plugin. + Fix a WebProcess crash when gtk-font-name setting is empty. + Ensure Math.abs() doesn't return negative. + Correctly restore accelerated compositing after a WebProcess crash. + Respect X-Frame-Options headers when loading from application cache. + Several crashes and rendering issues fixed. + Fix the MIPS N64 detection. + Fix several memory leaks. + Updated translations. - Update to version 2.8.3: + Fixed a regression introduced in 2.8.2 that broke downloads when using the network process. + Fix the build with Netscape plugins disabled. + Fix XPixamps leaked by GLContext when using EGL on X11. - Changes from version 2.8.2: + Fix network redirection to a non HTTP destination. - Use a webkit subdirectory for the disk cache to avoid conflicts with other files in the cache directory when the disk cache is cleaned up. - Do not preserve the Origin header on on cross-origin redirects. - Prevent WorkQueue objects from being leaked and ensure its worker thread always exits. - Update to version 2.8.1: + Handle keep-alive connections in GStreamer HTTP source element. + Fix a crash in DOMObjectCache when a wrapped object owned by. the cache is unreffed by the user. + Fix rendering of drag and drop icon. + Fix the build with REDIRECTED_XCOMPOSITE_WINDOW disabled in X11 platform. + Fix the build with Wayland target enabled. + Fix the build for HPPA. - Add webkitgtk-gcc5-buildfix.patch: Fix build with gcc5. - Add BuildRequires pkgconfig(libnotify) to build with support for HTML5 notifications (bnc#926482). - Change webkit2gtk-4_0-injected-bundles Recommends to Requires: apps fail to load webkit if the bunldes are not available. - Update to version 2.8.0: + Initial gestures support. + HTML5 notifications. + User script messages. + HTML5 color input. + APNG support. + Performance improvements. + Playing audio notification signal. + Web view background colors. - Update to version 2.7.92: + Add APNG support. + Disable RC4 support in networking backend. + Add a configure option to build with OpenGL ES 2. + Add an option to enable MiniBrowser for non developer builds and always install it. + Check TLS errors as soon as they are set in the SoupMessage to prevent any data from being sent to the server in case of invalid certificate. + Make WebKitWebView always hold a reference on WebKitWebContext now that it?s possible to create new web contexts. + Fix a crash when entering accelerated compositing mode before the WebView is realized. + Fix some transfer annotations used in GObject DOM bindings. + Fix GObject DOM objects leaked when the web view contents are updated. + Fix a crash viewing http://www.last.fm/. + Fix an infinite loop in ARM Linux when parallel GC is enabled it again. + Fix the build with older versions of GStreamer. + Fix the build when NEON_INTRINSICS is enabled. + Fix the build with video enabled but WebAudio disabled. - Changes from version 2.7.91: + Enable concurrent JIT. + Add support for ARIA 1.1 ?switch? and ?searchbox? roles. + Fix synchronous loads when maximum connection limits are reached. + Fix web timing calculations when loading resources from the disk cache. + Fix a crash when loading a local file with webkit_web_view_load_alternate_html. + Fix a WebProcess crash when entering accelerating compositing mode before the WebView is realized. + Improve the appearance of fonts loaded via @font-face. + Fix undefined symbol issue when loading web extensions. + Build bmalloc as a static library. + Fix the build with CMake 3.2. + Fix the C-Loop LLInt build. + Updated translations. - Drop webkitgtk-bmalloc-as-static.patch: fixed upstream. - Add webkitgtk-bmalloc-as-static.patch: Build libbmalloc as static library. Only webkitgtk depends on it. - Update to version 2.7.90: + Use the new memory allocator bmalloc instead of TCMalloc which drastically improves the overall performance. + Remove WebKitWebView::close-notification signal and add WebKitNotification::closed instead. + Implement support for new AtkRole types for MathML. + Add support for input color type. + Add API to allow overriding the default color chooser implementation. + Resize the accelerating compositing window to a minimum size again after leaving accelerated compositing mode to save memory. + Ensure WebKitFrame objects are released when the frame is destroyed. + Clear the GObject DOM bindings internal cache when frames are destroyed. + Implement page overlays to bring back the inspector element highlighting. + Fix startup runtime critical warnings when using the network process. + Fix the build with recent versions of GLib that have GMutexLocker. + Fix the gtk-doc generation to appear in DevHelp. - Update to version 2.7.4: + Add API to change the WebKitWebView background color. + Add an option to create WebKitWebView snapshots with transparent background. + Add API to make the WebKitWebView editable. + Add is-playing-audio property to WebKitWebView. + Do not resize the accelerating compositing window to the web size until accelerated compositing mode is activated. - Update to version 2.7.3: + Add API to support HTML5 notifications. + Add UserMedia Permission Request API. + GObject DOM bindings API now correctly returns NULL intead of empty strings to be able to differentiate between not present and present but empty. + Add support for text-decoration-skip. + Improve the HTTP authentication dialog. + Expose the ID attribute of Meter and Option elements to accessibility. + Use latin1 instead of UTF-8 for HTTP header values. + Update NavigationItemProbes inspector icon. + Add video/mp2t as alternative mimetype for MPEG TS. + Add application/x-mpegurl and video/flv to the list of supported mimetypes. + Add SCHEDULING query support to HTTP media source element. + Fix deadlock when shutting down AudioDestination. + Updated translations. - Changes from version 2.7.2: + Fix SSL connection issues with some websites after the POODLE vulnerability fix. + Add API to handle user script messages. + Add context menu API to Web Process Extensions. + Add API to create a WebKitWebContext. + Add API to override the default local storage directory. + Add WebKitWebResource::failed-with-tls-errors signal to notify about load failures due to TLS errors also in sub-resources. + Fix several crashes in accessibility implementation. + Fix XMLHttpRequest with a timeout when using the network process. + Fix XMLHttpRequest with cookies disabled when using the network process. + Fix a crash in the network process when a synchronous load redirects to a new url in a different security origin. + Fix a crash in TextureMapper when video resolution changes. + Correctly report the memory used by the media player to the garbage collector to make sure it?s freed when the video element is removed from the DOM. + Fix documentation of webkit_print_operation_get_page_setup(). - Update to version 2.6.5: + Fix issue that caused some text to be inserted when trying to delete a word from the Twitter message box. + GObject DOM bindings API now correctly returns NULL intead of empty strings to be able to differentiate between not present and present but empty. + Do not resize the accelerating compositing window to the web size until accelerated compositing mode is activated. + Use latin1 instead of UTF-8 for HTTP header values. + Add SCHEDULING query support to HTTP media source element. + Add application/x-mpegurl and video/flv to the list of supported mimetypes. + Update NavigationItemProbes inspector icon. + Fix the build with recent GStreamer. + Fix the build on FreeBSD. + Fix build on OS X. + Fix the build on powerpc 32 bits. + Fixed several crashes in WebCore and JavaScriptCore. + Updated translations. - Drop webkitgtk-libatomic.patch: Fixed upstream. - Add webkitgtk-libatomic.patch: Check if libatomic is needed in order to use std::atomic; fixes build on ppc. - Update to version 2.6.4: + Fix SSL connection issues with some websites after the POODLE vulnerability fix. + Fix several crashes in accessibility implementation. + Fix XMLHttpRequest with a timeout when using the network process. + Fix XMLHttpRequest with cookies disabled when using the network process. + Fix a crash in the network process when a synchronous load redirects to a new url in a different security origin. + Fix documentation of webkit_print_operation_get_page_setup(). + Allow to build with GObject introspection disabled. + Fix the remote inspector when settings don't change after page initialization. - Update to version 2.6.3: + Fix a crash when loading flash plugins. + Correctly report the memory used by the media player to the garbage collector to make sure it's freed when the video element is removed from the DOM. + Fix a crash in TextureMapper when video resolution changes. + Ensure that CSS-generated text content is exposed to assistive technologies. + Enable CSS_IMAGE_SET on production builds to fix some icons that are not rendered in the web inspector. + Fix the build on FreeBSD and GNU Hurd. + Fix the build with video disabled. - Update to version 2.6.2: + SSLv3 is now disabled to protect us against POODLE vulnerability. + TLS errors are no longer ignored by default. + Fix the remote web inspector. + Fix rendering of buttons, selections and lists with recent GTK+ versions. + Improve performance of timers scheduled after a delay in microseconds. + Fix WebKitSettings:enable-smooth-scrolling to actually enable smooth scrolling. + Fix the build with drag and drop support disabled. - Update to version 2.6.1: + Ensure WebKitWebView:is-loading is TRUE right after a new load starts. + Fix a crash in the plugin process with some windowed flash plugins. + Allow to dock the inspector again once undocked when building with GTK+ >= 3.10. + TLS errors now take precedence over the HTTP authentication dialog. + Do not shrink on-disk cache to its default size on startup. + Improve the proportion and visibility of some web inspector icons. + Fix GTK+2 plugins not working after being updated. + Don?t include full path names in WebKitEnumTypes.h to ensure the generated headers are always identical. + Updated transations. - Disable JIT on Power architectures (-DEANBLE_JIT=OFF -DENABLE_YARR_JIT=0) - Update to version 2.6.0: + Make vimeo videos work again with the GStreamer media backend. + Add more free icons for the web inspector. + Fix a WebSocket crash when a connection is closed from server side. + Fixed a memory leak in JavaScriptCore. + Fix the build with video support disabled. + Fix CLoop on the 32-bit Big-Endians. + Updated translations. - Update to version 2.5.90: + Use free icons for the web inspector. + Change WebKitWebView::load-failed-with-tls-errors signal to pass the failing URI as signal argument instead of the host. + Add new API to allow overwrite existing files when downloading a file. + Add webkit_uri_response_get_http_headers() API. + Improve the UI of the HTTP authentication dialog. + Fix a crash when navigating away from a web page containing an ogg video. + Fix race condition when downloading a file due to the intermediate temporary file. + Fix toggle buttons rendering with recent GTK+ versions. + Fix selection rendering when unfocused with recent GTK+ versions. + Mak e the GStreamer media backend not send the transferMode HTTP header. - Setup environment to prefer GOLD linker (softlink /usr/bin/ld.gold to ~/bin/ld). - Pass -DCMAKE_{EXE,MODULE,SHARED}_LINKER_FLAGS="-Wl,--as-needed - Wl,-z,now" to cmake call: cmake changed the default to not accept libraries to have undefined symbols (-Wl,--no-undefined). In this case though, it is understood and expected, so we remove - -no-undefined from the FLAGS. - Initial package, version 2.5.3; based on webkitgtk3.spec. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org