Message ID | 20220217230908.1532564-1-aperez@igalia.com |
---|---|
State | Accepted |
Headers | show |
Series | [1/2] package/webkitgtk: security bump to 2.34.6 | expand |
>>>>> "Adrian" == Adrian Perez de Castro <aperez@igalia.com> writes: > Update to a new major release which brings in improvements, a number of > new features, and security fixes. Release notes: > https://webkitgtk.org/2021/09/22/webkitgtk2.34.0-released.html > https://webkitgtk.org/2021/10/21/webkitgtk2.34.1-released.html > https://webkitgtk.org/2021/11/24/webkitgtk2.34.2-released.html > https://webkitgtk.org/2021/12/20/webkitgtk2.34.3-released.html > https://webkitgtk.org/2022/01/21/webkitgtk2.34.4-released.html > https://webkitgtk.org/2022/02/09/webkitgtk2.34.5-released.html > https://webkitgtk.org/2022/02/17/webkitgtk2.34.6-released.html > Security advisories: > https://webkitgtk.org/security/WSA-2021-0007.html > https://webkitgtk.org/security/WSA-2022-0001.html > https://webkitgtk.org/security/WSA-2022-0002.html > https://webkitgtk.org/security/WSA-2022-0003.html > Some of the new features require additional dependencies: HTTP/2 > requires libsoup3, which is not yet packaged in Buildroot, and > disabled at the moment (with -DUSE_SOUP2=ON, to keep using libsoup2); > and the color management support needs LCMS2 (which will be enabled > in a follow-up patch.) > Options SILENCE_CROSS_COMPILATION_NOTICES and ENABLE_GRAPHICS_CONTEXT_GL > do not exist anymore, and their usage is dropped. > Signed-off-by: Adrian Perez de Castro <aperez@igalia.com> > --- > package/webkitgtk/webkitgtk.hash | 8 ++++---- > package/webkitgtk/webkitgtk.mk | 14 +++++--------- > 2 files changed, 9 insertions(+), 13 deletions(-) > diff --git a/package/webkitgtk/webkitgtk.hash b/package/webkitgtk/webkitgtk.hash > index 7cb6c90b21..82c210c8f9 100644 > --- a/package/webkitgtk/webkitgtk.hash > +++ b/package/webkitgtk/webkitgtk.hash > @@ -1,7 +1,7 @@ > -# From https://webkitgtk.org/releases/webkitgtk-2.32.4.tar.xz.sums > -md5 51a167e5d03bacf30c5c588e6aa23143 webkitgtk-2.32.4.tar.xz > -sha1 f7255ffb488e727e9e250e0dae9f192266f50f01 webkitgtk-2.32.4.tar.xz > -sha256 00ce2d3f798d7bc5e9039d9059f0c3c974d51de38c8b716f00e94452a177d3fd webkitgtk-2.32.4.tar.xz > +# From https://webkitgtk.org/releases/webkitgtk-2.34.6.tar.xz.sums > +md5 a5eeedd02f5b4bba8bd891b92dc743d4 webkitgtk-2.34.6.tar.xz > +sha1 bb82517289baf9c858fa406d1d845274f81e25cb webkitgtk-2.34.6.tar.xz > +sha256 6bc8fd034aad0432a2459ce4fc7ee25ad65a4924c618bf8d93b52b0c1a84c1f6 webkitgtk-2.34.6.tar.xz > # Hashes for license files: > sha256 0b5d3a7cc325942567373b0ecd757d07c132e0ebd7c97bfc63f7e1a76094edb4 Source/WebCore/LICENSE-APPLE > diff --git a/package/webkitgtk/webkitgtk.mk b/package/webkitgtk/webkitgtk.mk > index 16b925fe71..f4fc1e7838 100644 > --- a/package/webkitgtk/webkitgtk.mk > +++ b/package/webkitgtk/webkitgtk.mk > @@ -4,7 +4,7 @@ > # > ################################################################################ > -WEBKITGTK_VERSION = 2.32.4 > +WEBKITGTK_VERSION = 2.34.6 > WEBKITGTK_SITE = https://www.webkitgtk.org/releases > WEBKITGTK_SOURCE = webkitgtk-$(WEBKITGTK_VERSION).tar.xz > WEBKITGTK_INSTALL_STAGING = YES > @@ -24,10 +24,11 @@ WEBKITGTK_CONF_OPTS = \ > -DENABLE_MINIBROWSER=ON \ > -DENABLE_SPELLCHECK=ON \ > -DPORT=GTK \ > - -DSILENCE_CROSS_COMPILATION_NOTICES=ON \ > + -DUSE_LCMS=OFF \ > -DUSE_LIBNOTIFY=OFF \ > -DUSE_LIBHYPHEN=OFF \ > -DUSE_OPENJPEG=ON \ > + -DUSE_SOUP2=ON \ > -DUSE_WOFF2=ON This is apparently not against master, as master has -DUSE_WPE_RENDERER=OFF here since your commit 38b740ec6f44b4 (package/webkitgtk: bump to version 2.26.0)? Please send patches against current git. Committed to master after fixing that up, thanks.
Hi Peter, all, On Sun, 20 Feb 2022 21:32:24 +0100 Peter Korsgaard <peter@korsgaard.com> wrote: > >>>>> "Adrian" == Adrian Perez de Castro <aperez@igalia.com> writes: > > > Update to a new major release which brings in improvements, a number of > > new features, and security fixes. Release notes: > > > https://webkitgtk.org/2021/09/22/webkitgtk2.34.0-released.html > > https://webkitgtk.org/2021/10/21/webkitgtk2.34.1-released.html > > https://webkitgtk.org/2021/11/24/webkitgtk2.34.2-released.html > > https://webkitgtk.org/2021/12/20/webkitgtk2.34.3-released.html > > https://webkitgtk.org/2022/01/21/webkitgtk2.34.4-released.html > > https://webkitgtk.org/2022/02/09/webkitgtk2.34.5-released.html > > https://webkitgtk.org/2022/02/17/webkitgtk2.34.6-released.html > > > Security advisories: > > > https://webkitgtk.org/security/WSA-2021-0007.html > > https://webkitgtk.org/security/WSA-2022-0001.html > > https://webkitgtk.org/security/WSA-2022-0002.html > > https://webkitgtk.org/security/WSA-2022-0003.html > > > Some of the new features require additional dependencies: HTTP/2 > > requires libsoup3, which is not yet packaged in Buildroot, and > > disabled at the moment (with -DUSE_SOUP2=ON, to keep using libsoup2); > > and the color management support needs LCMS2 (which will be enabled > > in a follow-up patch.) > > > Options SILENCE_CROSS_COMPILATION_NOTICES and ENABLE_GRAPHICS_CONTEXT_GL > > do not exist anymore, and their usage is dropped. > > > Signed-off-by: Adrian Perez de Castro <aperez@igalia.com> > > --- > > package/webkitgtk/webkitgtk.hash | 8 ++++---- > > package/webkitgtk/webkitgtk.mk | 14 +++++--------- > > 2 files changed, 9 insertions(+), 13 deletions(-) > > > diff --git a/package/webkitgtk/webkitgtk.hash b/package/webkitgtk/webkitgtk.hash > > index 7cb6c90b21..82c210c8f9 100644 > > --- a/package/webkitgtk/webkitgtk.hash > > +++ b/package/webkitgtk/webkitgtk.hash > > @@ -1,7 +1,7 @@ > > -# From https://webkitgtk.org/releases/webkitgtk-2.32.4.tar.xz.sums > > -md5 51a167e5d03bacf30c5c588e6aa23143 webkitgtk-2.32.4.tar.xz > > -sha1 f7255ffb488e727e9e250e0dae9f192266f50f01 webkitgtk-2.32.4.tar.xz > > -sha256 00ce2d3f798d7bc5e9039d9059f0c3c974d51de38c8b716f00e94452a177d3fd webkitgtk-2.32.4.tar.xz > > +# From https://webkitgtk.org/releases/webkitgtk-2.34.6.tar.xz.sums > > +md5 a5eeedd02f5b4bba8bd891b92dc743d4 webkitgtk-2.34.6.tar.xz > > +sha1 bb82517289baf9c858fa406d1d845274f81e25cb webkitgtk-2.34.6.tar.xz > > +sha256 6bc8fd034aad0432a2459ce4fc7ee25ad65a4924c618bf8d93b52b0c1a84c1f6 webkitgtk-2.34.6.tar.xz > > > # Hashes for license files: > > sha256 0b5d3a7cc325942567373b0ecd757d07c132e0ebd7c97bfc63f7e1a76094edb4 Source/WebCore/LICENSE-APPLE > > diff --git a/package/webkitgtk/webkitgtk.mk b/package/webkitgtk/webkitgtk.mk > > index 16b925fe71..f4fc1e7838 100644 > > --- a/package/webkitgtk/webkitgtk.mk > > +++ b/package/webkitgtk/webkitgtk.mk > > @@ -4,7 +4,7 @@ > > # > > ################################################################################ > > > -WEBKITGTK_VERSION = 2.32.4 > > +WEBKITGTK_VERSION = 2.34.6 > > WEBKITGTK_SITE = https://www.webkitgtk.org/releases > > WEBKITGTK_SOURCE = webkitgtk-$(WEBKITGTK_VERSION).tar.xz > > WEBKITGTK_INSTALL_STAGING = YES > > @@ -24,10 +24,11 @@ WEBKITGTK_CONF_OPTS = \ > > -DENABLE_MINIBROWSER=ON \ > > -DENABLE_SPELLCHECK=ON \ > > -DPORT=GTK \ > > - -DSILENCE_CROSS_COMPILATION_NOTICES=ON \ > > + -DUSE_LCMS=OFF \ > > -DUSE_LIBNOTIFY=OFF \ > > -DUSE_LIBHYPHEN=OFF \ > > -DUSE_OPENJPEG=ON \ > > + -DUSE_SOUP2=ON \ > > -DUSE_WOFF2=ON > > > This is apparently not against master, as master has > -DUSE_WPE_RENDERER=OFF here since your commit 38b740ec6f44b4 > (package/webkitgtk: bump to version 2.26.0)? > > Please send patches against current git. > > Committed to master after fixing that up, thanks. Ah, sorry about this, and thanks for fixing up my mistake -- I did have an additional commit in local work branch, which I planned to submit separately and I should have reordered my commits beforehand to make the two patches needed for the 2.34 update apply cleanly 🤦 Cheers, —Adrián
diff --git a/package/webkitgtk/webkitgtk.hash b/package/webkitgtk/webkitgtk.hash index 7cb6c90b21..82c210c8f9 100644 --- a/package/webkitgtk/webkitgtk.hash +++ b/package/webkitgtk/webkitgtk.hash @@ -1,7 +1,7 @@ -# From https://webkitgtk.org/releases/webkitgtk-2.32.4.tar.xz.sums -md5 51a167e5d03bacf30c5c588e6aa23143 webkitgtk-2.32.4.tar.xz -sha1 f7255ffb488e727e9e250e0dae9f192266f50f01 webkitgtk-2.32.4.tar.xz -sha256 00ce2d3f798d7bc5e9039d9059f0c3c974d51de38c8b716f00e94452a177d3fd webkitgtk-2.32.4.tar.xz +# From https://webkitgtk.org/releases/webkitgtk-2.34.6.tar.xz.sums +md5 a5eeedd02f5b4bba8bd891b92dc743d4 webkitgtk-2.34.6.tar.xz +sha1 bb82517289baf9c858fa406d1d845274f81e25cb webkitgtk-2.34.6.tar.xz +sha256 6bc8fd034aad0432a2459ce4fc7ee25ad65a4924c618bf8d93b52b0c1a84c1f6 webkitgtk-2.34.6.tar.xz # Hashes for license files: sha256 0b5d3a7cc325942567373b0ecd757d07c132e0ebd7c97bfc63f7e1a76094edb4 Source/WebCore/LICENSE-APPLE diff --git a/package/webkitgtk/webkitgtk.mk b/package/webkitgtk/webkitgtk.mk index 16b925fe71..f4fc1e7838 100644 --- a/package/webkitgtk/webkitgtk.mk +++ b/package/webkitgtk/webkitgtk.mk @@ -4,7 +4,7 @@ # ################################################################################ -WEBKITGTK_VERSION = 2.32.4 +WEBKITGTK_VERSION = 2.34.6 WEBKITGTK_SITE = https://www.webkitgtk.org/releases WEBKITGTK_SOURCE = webkitgtk-$(WEBKITGTK_VERSION).tar.xz WEBKITGTK_INSTALL_STAGING = YES @@ -24,10 +24,11 @@ WEBKITGTK_CONF_OPTS = \ -DENABLE_MINIBROWSER=ON \ -DENABLE_SPELLCHECK=ON \ -DPORT=GTK \ - -DSILENCE_CROSS_COMPILATION_NOTICES=ON \ + -DUSE_LCMS=OFF \ -DUSE_LIBNOTIFY=OFF \ -DUSE_LIBHYPHEN=OFF \ -DUSE_OPENJPEG=ON \ + -DUSE_SOUP2=ON \ -DUSE_WOFF2=ON ifeq ($(BR2_PACKAGE_WEBKITGTK_SANDBOX),y) @@ -73,7 +74,6 @@ ifeq ($(BR2_PACKAGE_LIBGTK3_X11),y) WEBKITGTK_CONF_OPTS += \ -DENABLE_ACCELERATED_2D_CANVAS=ON \ -DENABLE_GLES2=OFF \ - -DENABLE_GRAPHICS_CONTEXT_GL=ON \ -DENABLE_X11_TARGET=ON WEBKITGTK_DEPENDENCIES += libgl \ xlib_libXcomposite xlib_libXdamage xlib_libXrender xlib_libXt @@ -89,15 +89,11 @@ else # !X11 WEBKITGTK_DEPENDENCIES += libegl # GLESv2 support is optional though ifeq ($(BR2_PACKAGE_HAS_LIBGLES),y) -WEBKITGTK_CONF_OPTS += \ - -DENABLE_GLES2=ON \ - -DENABLE_GRAPHICS_CONTEXT_GL=ON +WEBKITGTK_CONF_OPTS += -DENABLE_GLES2=ON WEBKITGTK_DEPENDENCIES += libgles else # Disable general OpenGL (shading) if there's no GLESv2 -WEBKITGTK_CONF_OPTS += \ - -DENABLE_GLES2=OFF \ - -DENABLE_GRAPHICS_CONTEXT_GL=OFF +WEBKITGTK_CONF_OPTS += -DENABLE_GLES2=OFF endif # We must explicitly state the wayland target ifeq ($(BR2_PACKAGE_LIBGTK3_WAYLAND),y)
Update to a new major release which brings in improvements, a number of new features, and security fixes. Release notes: https://webkitgtk.org/2021/09/22/webkitgtk2.34.0-released.html https://webkitgtk.org/2021/10/21/webkitgtk2.34.1-released.html https://webkitgtk.org/2021/11/24/webkitgtk2.34.2-released.html https://webkitgtk.org/2021/12/20/webkitgtk2.34.3-released.html https://webkitgtk.org/2022/01/21/webkitgtk2.34.4-released.html https://webkitgtk.org/2022/02/09/webkitgtk2.34.5-released.html https://webkitgtk.org/2022/02/17/webkitgtk2.34.6-released.html Security advisories: https://webkitgtk.org/security/WSA-2021-0007.html https://webkitgtk.org/security/WSA-2022-0001.html https://webkitgtk.org/security/WSA-2022-0002.html https://webkitgtk.org/security/WSA-2022-0003.html Some of the new features require additional dependencies: HTTP/2 requires libsoup3, which is not yet packaged in Buildroot, and disabled at the moment (with -DUSE_SOUP2=ON, to keep using libsoup2); and the color management support needs LCMS2 (which will be enabled in a follow-up patch.) Options SILENCE_CROSS_COMPILATION_NOTICES and ENABLE_GRAPHICS_CONTEXT_GL do not exist anymore, and their usage is dropped. Signed-off-by: Adrian Perez de Castro <aperez@igalia.com> --- package/webkitgtk/webkitgtk.hash | 8 ++++---- package/webkitgtk/webkitgtk.mk | 14 +++++--------- 2 files changed, 9 insertions(+), 13 deletions(-)