Package Release Info

libqt5-qtwebengine-5.9.7-bp151.1.5

Update Info: Base Release
Available in Package Hub : 15 SP1

platforms

AArch64
ppc64le
s390x
x86-64

subpackages

libqt5-qtwebengine
libqt5-qtwebengine-64bit
libqt5-qtwebengine-devel
libqt5-qtwebengine-devel-64bit
libqt5-qtwebengine-examples
libqt5-qtwebengine-private-headers-devel

Change Logs

* Tue Oct 30 2018 Antonio Larrosa <alarrosa@suse.com>
- Add 0001-Fix-gcc-optimization-breaking-chromium.patch to fix
  a gcc optimization that breaks chromium.
- Add 0002-Do-not-show-compiler-comments.patch to remove compiler comments.
- Add 0003-Silence-most-of-the-GCC-warnings.patch from upstream to
  silence the class-memaccess and other warnings that make obs fail
  to build the package due to excessive log output.
- Use %autopatch
* Mon Oct 29 2018 Antonio Larrosa <alarrosa@suse.com>
- Add 0001-chromium-Fix-build-with-gcc8.patch to fix a wrong assert
  for i586 builds.
- Add fix-missing-return.patch to fix an error due to a non-void returning
  function not having a return at the end (it had an assert, so
  return is actually not needed, but this way checkers don't get
  confused).
- Modify BuildRequires to specify that we want to link against ffmpeg-3
* Tue Oct 23 2018 fabian@ritter-vogt.de
- Update to 5.9.7:
  * New bugfix release
  * http://code.qt.io/cgit/qt/qtwebengine.git/plain/dist/changes-5.9.7/?h=v5.9.7
* Tue Aug 14 2018 wbauer@tmo.at
- Use pkgconfig() notation for the libav* BuildRequires
* Wed Jun 06 2018 fabian@ritter-vogt.de
- Update to 5.9.6
  * New bugfix release
  * For more details please see:
  * http://code.qt.io/cgit/qt/qtwebengine.git/plain/dist/changes-5.9.6/?h=v5.9.6
* Mon Apr 23 2018 fabian@ritter-vogt.de
- Update to 5.9.5
  * New bugfix release
  * For more details please see:
  * http://code.qt.io/cgit/qt/qtwebengine.git/plain/dist/changes-5.9.5/?h=v5.9.5
* Fri Feb 16 2018 fabian@ritter-vogt.de
- Switch to new build configuration system (boo#1043375)
- Use better mechanism for limiting concurrent build jobs
* Thu Jan 25 2018 fabian@ritter-vogt.de
- Update to 5.9.4:
  * New bugfix release
  * For more details, see
    http://code.qt.io/cgit/qt/qtwebengine.git/tree/dist/changes-5.9.4/?h=v5.9.4
* Tue Jan 16 2018 fabian@ritter-vogt.de
- Also work around crashes on wayland by disabling the GPU by default (boo#1060990):
  * disable-gpu-when-using-nouveau-boo-1005323.diff
* Sat Nov 25 2017 fabian@ritter-vogt.de
- Update to 5.9.3
  * New bugfix release
  * For more details, see:
    http://code.qt.io/cgit/qt/qtwebengine.git/tree/dist/changes-5.9.3/?h=v5.9.3
- Add patch to fix build on armv6:
  spinlock-armv6.patch
* Tue Oct 31 2017 fabian@ritter-vogt.de
- Restore working version of
  disable-gpu-when-using-nouveau-boo-1005323.diff
* Sun Oct 08 2017 lbeltrame@kde.org
- Update to 5.9.2
  * For more details please see:
    https://blog.qt.io/blog/2017/10/06/qt-5-9-2-released/
- Dropped patches, now upstream:
  * clip-ft-glyph.diff
* Tue Oct 03 2017 t.zell@gmx.de
- Fixes to make fonts readable again with FreeType 2.8.1 (boo#1061344):
  * clip-ft-glyph.diff
  * harmony-fix.diff
* Tue Sep 26 2017 fabian@ritter-vogt.de
- Unbundle ffmpeg if possible, only support proprietary codecs
  if the system ffmpeg does
* Mon Jul 10 2017 mlin@suse.com
- Raise memory size to 9G and drop overwrite part of s390z build,
  we didn't have build s390x at all. (bsc#1047896)
- Make it -j4 for all archtectures: do not run too many parallel that
  would costs more memory.
* Sat Jul 01 2017 lbeltrame@kde.org
- Update to 5.9.1
  * For more details please see:
    http://blog.qt.io/blog/2017/06/30/qt-5-9-1-released/
- Drop upstreamed patches:
  * arm64-linux.patch
  * arm64-toolchain.patch
* Tue Jun 13 2017 fvogt@suse.com
- Backport patches to fix build on AArch64 and add workaround
  (QTBUG-61128):
  * arm64-linux.patch
  * arm64-toolchain.patch
- Use proprietary codecs if supported by system ffmpeg (boo#1043375)
* Thu Jun 01 2017 fabian@ritter-vogt.de
- Remove patch that is apparently not enough for aarch64:
  * gn-add-aarch64.patch
* Thu Jun 01 2017 jengelh@inai.de
- Update descriptions.
- Use find -exec's "+" strategy.
* Wed May 31 2017 fabian@ritter-vogt.de
- Update to 5.9.0 final
Version: 5.10.1-bp150.2.9
* Mon May 07 2018 guillaume.gardet@opensuse.org
- Fix armv6 by removing unneeded additionnal RPM_OPT_FLAGS
* Wed Apr 11 2018 mliska@suse.cz
- Add no-return-in-nonvoid-function.diff in order to fix boo#1087068.
* Thu Mar 29 2018 kamikazow@opensuse.org
- Changed license header back to original template
  * LGPL-2.1-or-later was wrong
- Package license is LGPL-3.0-only, GPL-2.0-only, GPL-3.0-only
  * incorporates 3rd party code (Chromium, WebKit, even some dating
    back to KHTML), therefore no "with-Qt-Company-Qt-exception-1.1"
    because those 3rd parties never granted them.
* Tue Mar 27 2018 wbauer@tmo.at
- Only automatically convert dictionaries on Leap 15 or higher,
  %filetriggerin is not supported in Leap 42.3 which caused the
  build to fail
* Sun Mar 25 2018 kamikazow@opensuse.org
- Enable spell checking:
  * Ported script snippet from Fedora package by Kevin Kofler
  * Converts available Hunspell dictionaries locally during installation
- Changed specfile header to reflect code coming from K. Kofler
* Fri Mar 23 2018 wbauer@tmo.at
- Also adjust the minimum versions of the private-headers-devel
  subpackage's requirements
* Thu Mar 22 2018 kamikazow@opensuse.org
- Apply a fix to make QtWE-using applications actually compile against it
* Sun Mar 18 2018 kamikazow@opensuse.org
- Forward-port security backports from 5.9.5 LTS (up to Chromium 65.0.3325.146)
  * qtwebengine-everywhere-src-5.10.1-security-5.9.5.patch from Fedora
  * qtwebengine-everywhere-src-5.10.1-CVE-2018-6033.patch from Fedora
* Wed Feb 14 2018 fabian@ritter-vogt.de
- Update to 5.10.1
  * New bugfix release
  * For more details please see:
  * http://code.qt.io/cgit/qt/qtwebengine.git/plain/dist/changes-5.10.1/?h=v5.10.1
* Fri Feb 02 2018 dimstar@opensuse.org
- Eliminate build dependency on procps: we only used it to run
  'free', in order to find out how much RAM we have available. We
  can get this information directly from the kernel, from
  /proc/meminfo.
* Fri Jan 12 2018 fabian@ritter-vogt.de
- Also work around crashes on wayland by disabling the GPU by default (boo#1060990):
  * disable-gpu-when-using-nouveau-boo-1005323.diff
* Fri Dec 08 2017 christophe@krop.fr
- Update the license tag (boo#967696)
* Thu Dec 07 2017 fabian@ritter-vogt.de
- Update to 5.10.0 final
  * New bugfix release
* Sun Dec 03 2017 fabian@ritter-vogt.de
- Update to 5.10.0 RC 2
  * New bugfix release
* Thu Nov 30 2017 fabian@ritter-vogt.de
- Update to 5.10.0 RC 1
  * New bugfix release
* Wed Nov 15 2017 fabian@ritter-vogt.de
- Update to 5.10 Beta 4
- Contains bugfixes
* Thu Nov 02 2017 tittiatcoke@gmail.com
- Add some feature from the Chromium builds to determine the maximum
  allowed parallel processes based on the available memory. Also
  ensure that the ninja build follows this maximum
* Thu Nov 02 2017 fabian@ritter-vogt.de
- Update to 5.10 Beta 3
- Contains bugfixes
- Refresh patches:
  * armv6-ffmpeg-no-thumb.patch
  * disable-gpu-when-using-nouveau-boo-1005323.diff
  * harmony-fix.diff
Version: 5.10.1-bp150.3.3.3
* Tue Feb 26 2019 Fabian Vogt <fvogt@suse.com>
- Fix comment in %postun (boo#1127039)
Version: 5.12.7-bp152.2.12
* Thu Mar 12 2020 Wolfgang Bauer <wbauer@tmo.at>
- Fix an issue with selections breaking replying in KMail:
  * QTBUG-81574.patch
* Fri Jan 31 2020 Fabian Vogt <fabian@ritter-vogt.de>
- Update to 5.12.7:
  * New bugfix release
  * For more details please see:
    http://code.qt.io/cgit/qt/qtwebengine.git/plain/dist/changes-5.12.7/?h=v5.12.7
- Refresh chromium-non-void-return.patch
* Thu Nov 14 2019 Fabian Vogt <fabian@ritter-vogt.de>
- Update to 5.12.6:
  * New bugfix release
  * For more details please see:
  * http://code.qt.io/cgit/qt/qtwebengine.git/plain/dist/changes-5.12.6/?h=v5.12.6
* Wed Oct 02 2019 Fabian Vogt <fabian@ritter-vogt.de>
- Use bundled libvpx on Leap 15.2 (for now) as well
* Tue Sep 24 2019 Fabian Vogt <fabian@ritter-vogt.de>
- Add gn_args+=link_pulseaudio=true to work around incompatibility
  with PA 13 headers (QTBUG-77037)
* Thu Sep 12 2019 Christophe Giboudeaux <christophe@krop.fr>
- Update to 5.12.5:
  * New bugfix release
  * For more details please see:
  * http://code.qt.io/cgit/qt/qtwebengine.git/plain/dist/changes-5.12.5/?h=5.12.5
* Fri Jun 14 2019 fabian@ritter-vogt.de
- Update to 5.12.4:
  * New bugfix release
  * For more details please see:
  * http://code.qt.io/cgit/qt/qtwebengine.git/plain/dist/changes-5.12.4/?h=5.12.4
* Tue Apr 30 2019 Fabian Vogt <fabian@ritter-vogt.de>
- Fix system_vpx bcond
* Thu Apr 18 2019 fabian@ritter-vogt.de
- Update to 5.12.3:
  * New bugfix release
  * For more details please see:
  * http://code.qt.io/cgit/qt/qtwebengine.git/plain/dist/changes-5.12.3/?h=v5.12.3
- Refresh chromium-non-void-return.patch
* Thu Mar 14 2019 fabian@ritter-vogt.de
- Update to 5.12.2:
  * New bugfix release
  * For more details please see:
  * http://code.qt.io/cgit/qt/qtwebengine.git/plain/dist/changes-5.12.2/?h=5.12.2
- Remove patches, now upstream:
  * cve-2019-5786.patch
* Mon Mar 11 2019 Martin Herkt <9+suse@cirno.systems>
- Add cve-2019-5786.patch
  Backport fix for CVE-2019-5786
  https://bugreports.qt.io/browse/QTBUG-74254
* Mon Feb 04 2019 wbauer@tmo.at
- Fix build on Leap 42.3 by adding c++14 to QT_CONFIG
* Fri Feb 01 2019 fabian@ritter-vogt.de
- Update to 5.12.1:
  * New bugfix release
  * For more details please see:
  * http://code.qt.io/cgit/qt/qtwebengine.git/plain/dist/changes-5.12.1/?h=v5.12.1
- Refresh disable-gpu-when-using-nouveau-boo-1005323.diff
- Remove patches, now upstream:
  * gn-fix_arm.patch
  * chromium-66.0.3359.170-gcc8-alignof.patch
* Mon Jan 21 2019 Bernhard Wiedemann <bwiedemann@suse.com>
- Add reproducible.patch to override chromium build date
  to make package build reproducible (boo#1047218)
- Use openSUSE's ninja for the build so that we can apply fixes there
  that are used by everyone (boo#1118619)
* Fri Dec 21 2018 Guillaume GARDET <guillaume.gardet@opensuse.org>
- Backport patch to fix %arm builds:
  * gn-fix_arm.patch
* Thu Dec 06 2018 fabian@ritter-vogt.de
- Update to 5.12.0:
  * New feature release
  * For more details please see:
  * http://code.qt.io/cgit/qt/qtwebengine.git/plain/dist/changes-5.12.0/?h=v5.12.0
* Mon Dec 03 2018 fabian@ritter-vogt.de
- Update to 5.12.0-rc2:
  * New bugfix release
  * Only important bugfixes
- Changelog for Qt 5.12.0:
  * http://code.qt.io/cgit/qt/qtwebengine.git/plain/dist/changes-5.12.0/?h=5.12.0
* Thu Nov 22 2018 fabian@ritter-vogt.de
- Update to 5.12.0-rc:
  * New bugfix release
  * No changelog available
* Thu Nov 08 2018 fabian@ritter-vogt.de
- Update to 5.12.0-beta4:
  * New bugfix release
  * No changelog available
- Add yet another hunk to chromium-non-void-return.patch
* Fri Oct 26 2018 fabian@ritter-vogt.de
- Update to 5.12.0-beta3:
  * New bugfix release
  * No changelog available
Version: 5.15.3-bp152.3.3.1
* Wed Mar 24 2021 christophe@krop.fr
- Update to version 5.15.3:
  * Fix spelling and coding style
  * Fix new view request handling (QTBUG-87378)
  * Fix getDefaultScreenId on X11
  * Fix flaky tst_QWebEngineView::textSelectionOutOfInputField test
  * Move touch input tests to separate testcase
  * Add touch input tests for scrolling and pinch zooming
  * Fix rare duplicate ids forming in touch point id's mapping
  * Use the module's version number for QtWebEngineProcess
  * Touch handling: provide id mapping without modifying TouchPoint instance
    (QTBUG-88001)
  * Touch handling: fix mapped ids cleanup for TouchCancel event
  * et custom headers from QWebEngineUrlRequestInfo before triggering redirect
    (QTBUG-88861)
  * Forward modifier flags for lock keys (QTBUG-89001)
  * Fix handling of more than one finger for touch event (QTBUG-86389)
  * Stabilize load signals emitting (QTBUG-65223, QTBUG-87089)
  * Fix building against 5.12 on most CIs
  * Update minimum HarfBuzz version to 2.4.0 (QTBUG-88976)
  * Fix building against Qt 5.14
  * Migrate user script IPC to mojo
  * Fix crashes in user resource controller when single process
  * Minor. Fix namespace for user resource controller
  * Minor. RenderThreadObserverQt is really a RenderConfiguration
  * Remove RenderViewObserverHelper from UserResourceController
  * Cache mojo interface bindings to UserResourceControllerRenderFrame
  * Cache mojo interface bindings for WebChannelIPCTransport
  * Migrate render_view_observer_qt to mojo
  * Fix crash on linkedin.com (QTBUG-89740)
  * Suppress error pages also for http errors if they are disabled
  * Fix leak in QQuickWebEngineViewPrivate::contextMenuRequested
  * Register PerformanceNode early enough
  * Quiet log on webrtc usage
  * Remove configure option that doesn't work
  * Remove Java build dependency
  * Fix blank popups in qml (QTBUG-86034)
  * Fix position of popup on qml (QTBUG-86034, QTBUG-89358)
  * Enable hangout services extension (QTBUG-85731)
  * Allow to fallback to default locale for non existent data packs (QTBUG-90490)
  * Support devtools close button
  * Do not extract download file names from certain url schemes (QTBUG-90355)
  * Leave room for the null-termination byte when checking remote drive path
    (QTBUG-90347)
  * Do not set open files limit for linking if not necessary
  * Remove even more remains of non network service code
  * Add back prefers-color-scheme support (QTBUG-89753)
  * Start supporting chrome.resourcesPrivate API (QTBUG-90035)
  * Enable chrome://user-actions WebUI
  * Remove remains of chrome://flash
  * Fix loadFinished signal if page has content but server sends HTTP error
    (QTBUG-90517)
  * Fix devtools page resource loading as raw data instead of html string
  * Remove frame metadata observer (RenderWidgetHostViewQt) on destroy
  * Resolve installed interceptors right before interception point (QTBUG-86286)
  * Update searches faster
  * Remove more leftovers of the old compositor
  * Enable webrtc logging and the corresponding WebUI
  * Support mips64el platform CPU(loongson 3A4000)
  * Add tracing UI resources
  * Fix crash on meet.google.com
  * Fix mad popup qquickwindows on wayland
  * Fix crashes on BrowserContext destruction
  * Fix crash on exit in quicknanobrowser when popup
  * Remove QtPdf dependency on nss at build-time
  * Avoid accessing profileAdapter when profile is shutting down (QTBUG-91187)
  * Do not flush messages form profile destructor
  * Ignore QQuickWebEngineNewViewRequest if it is unhandled
  * Fix ScopedGLContextChecker with QTWEBENGINE_DISABLE_GPU_THREAD=1
  * Don't send duplicate load progress values
  * Fix neon support in libpng
  * Do not call deprecated profile interceptor on ui thread (QTBUG-86267)
  * Add certificate error message for ERR_SSL_OBSOLETE_VERSION
  * Fix assert in WebContentsAdapter::devToolsFrontendDestroyed
  * Avoid to reject a certificate error twice in Quick
  * Fix PDF viewer plugin
  * FIXUP: Fix swap condition in DisplayGLOutputSurface::updatePaintNode
    (QTBUG-86599)
  * Fix favicon engine under device pixel scaling
  * Do not pass a native keycode matching the menu key when it is remapped
    (QTBUG-86672)
  * Optimize WebEngineSettings::testAttribute
  * Warn about QtWebengineProcess launching from network share (QTBUG-84632)
  * Handle non-ascii names for pulseaudio (QTBUG-85363)
  * Do not set audio device for desktop capture if audio loopback is unsupported
  * Fix new view request handling (QTBUG-87378)
  * Fix getDefaultScreenId on X11
  * Touch handling: provide id mapping without modifying TouchPoint instance
    (QTBUG-88001)
  * Set custom headers from QWebEngineUrlRequestInfo before triggering redirect
    (QTBUG-88861)
  * Stabilize load signals emitting (QTBUG-65223)
- CVE fixes backported in chromium updates:
  * CVE-2020-16044: Use after free in WebRTC
  * CVE-2021-21118: Heap buffer overflow in Blink
  * CVE-2021-21119: Use after free in Media
  * CVE-2021-21120: Use after free in WebSQL
  * CVE-2021-21121: Use after free in Omnibox
  * CVE-2021-21122: Use after free in Blink
  * CVE-2021-21123: Insufficient data validation in File System API
  * CVE-2021-21125: Insufficient policy enforcement in File System API
  * CVE-2021-21126: Insufficient policy enforcement in extensions
  * CVE-2021-21127: Insufficient policy enforcement in extensions
  * CVE-2021-21128: Heap buffer overflow in Blink
  * CVE-2021-21129: Insufficient policy enforcement in File System API
  * CVE-2021-21130: Insufficient policy enforcement in File System API
  * CVE-2021-21131: Insufficient policy enforcement in File System API
  * CVE-2021-21132: Inappropriate implementation in DevTools
  * CVE-2021-21135: Inappropriate implementation in Performance API
  * CVE-2021-21137: Inappropriate implementation in DevTools
  * CVE-2021-21140: Uninitialized Use in USB
  * CVE-2021-21141: Insufficient policy enforcement in File System API
  * CVE-2021-21145: Use after free in Fonts
  * CVE-2021-21146: Use after free in Navigation
  * CVE-2021-21147: Inappropriate implementation in Skia
  * CVE-2021-21148: Heap buffer overflow in V8
  * CVE-2021-21149: Stack overflow in Data Transfer
  * CVE-2021-21150: Use after free in Downloads
  * CVE-2021-21152: Heap buffer overflow in Media
  * CVE-2021-21153: Stack overflow in GPU Process
  * CVE-2021-21156: Heap buffer overflow in V8
  * CVE-2021-21157: Use after free in Web Sockets
- Drop obsolete patches:
  * icu-68.patch
  * icu-68-2.patch
- Rebase patches:
  * fix1163766.patch
  * sandbox-statx-futex_time64.patch
  * rtc-dont-use-h264.patch
  * chromium-glibc-2.33.patch
- Add patch to fix crash with certain locales:
  * 0001-Fix-normalization-of-app-locales.patch
- Clean the spec file a bit
* Wed Mar 10 2021 Fabian Vogt <fabian@ritter-vogt.de>
- Can't use system_vpx on Leap 15.3
* Wed Feb 17 2021 Fabian Vogt <fabian@ritter-vogt.de>
- Add patch to fix sandbox with glibc 2.33 on 32bit:
  * sandbox-statx-futex_time64.patch
* Tue Feb 16 2021 Guillaume GARDET <guillaume.gardet@opensuse.org>
- Relax constraints for armv6 and armv7
* Mon Feb 15 2021 Fabian Vogt <fabian@ritter-vogt.de>
- Add patch to fix sandbox with glibc 2.33 (boo#1182233):
  * chromium-glibc-2.33.patch
* Fri Jan 29 2021 Fabian Vogt <fabian@ritter-vogt.de>
- Bump _constraints and %limit_build, hopefully avoid occasional
  OOM and make the build quicker
- Drop obsolete conditions
* Fri Jan 08 2021 Fabian Vogt <fabian@ritter-vogt.de>
- Drop baselibs.conf, not needed after libksysguard5 got adjusted
* Tue Dec 15 2020 Callum Farmer <gmbr3@opensuse.org>
- Fix build with ICU 68:
  * Added icu-68.patch
  * Added icu-68-2.patch
* Fri Nov 20 2020 Fabian Vogt <fabian@ritter-vogt.de>
- Update to 5.15.2:
  * New bugfix release
  * For more details please see:
    http://code.qt.io/cgit/qt/qtwebengine.git/plain/dist/changes-5.15.2/?h=5.15.2
* Thu Sep 10 2020 Fabian Vogt <fabian@ritter-vogt.de>
- Update to 5.15.1:
  * New bugfix release
  * For more details please see:
    http://code.qt.io/cgit/qt/qtwebengine.git/plain/dist/changes-5.15.1/?h=5.15.1
- Drop patches, now upstream:
  * icu-v67.patch
  * 0001-fix-build-after-y2038-changes-in-glibc.patch
- Refresh disable-gpu-when-using-nouveau-boo-1005323.diff
- Update rtc-dont-use-h264.patch
* Thu May 28 2020 Fabian Vogt <fvogt@suse.com>
- Add patch to not require openh264 and don't build the bundled version:
  * rtc-dont-use-h264.patch
* Wed May 27 2020 Fabian Vogt <fvogt@suse.com>
- Can't use system VPX on Leap 15.2
* Tue May 26 2020 Callum Farmer <callumjfarmer13@gmail.com>
- Update to version 5.15.0:
  * No changelog available
* Thu May 21 2020 Callum Farmer <callumjfarmer13@gmail.com>
- Update to version 5.15.0-rc2:
  * No changelog available
  * Removed some-more-includes-gcc10.patch: contained in upstream
* Wed May 06 2020 Fabian Vogt <fabian@ritter-vogt.de>
- Update to 5.15.0-rc:
  * New bugfix release
  * For the changes between 5.14.2 and 5.15.0 please see:
    http://code.qt.io/cgit/qt/qtwebengine.git/plain/dist/changes-5.15.0/?h=5.15.0
- Drop patches, now upstream:
  * QTBUG-82186.patch
* Fri Apr 24 2020 Ismail Dönmez <idonmez@suse.com>
- Add icu-v67.patch to fix compilation with icu v67, this is a backport
  of https://github.com/v8/v8/commit/3f8dc4b2e5baf77b463334c769af85b79d8c1463
- Rebase icu-v67.patch on 5.15.0-beta4
* Fri Apr 24 2020 Fabian Vogt <fabian@ritter-vogt.de>
- Update to 5.15.0-beta4:
  * New bugfix release
  * No changelog available
- Refresh QTBUG-82186.patch
* Tue Apr 14 2020 Fabian Vogt <fabian@ritter-vogt.de>
- Update to 5.15.0-beta3:
  * New bugfix release
  * No changelog available
- Refresh fix1163766.patch
* Thu Apr 09 2020 Bernhard Wiedemann <bwiedemann@suse.com>
- Add fix1163766.patch to fix opensuse-welcome on i686 (boo#1163766)
* Mon Mar 30 2020 Fabian Vogt <fvogt@suse.com>
- Add patch to fix build with GCC 10 (boo#1158516):
  * some-more-includes-gcc10.patch
Version: 5.15.9-bp154.1.32
* Wed Apr 06 2022 christophe@krop.fr
- Update to version 5.15.9:
  * QPdfView: scale page rendering according to devicePixelRatio
  * Update documented Chromium version
  * Use IsSameDocument() rather than IsLoadingToDifferentDocument()
  * Update module-split for installer
  * Fix printing PDF files
  * Do not override signal handlers
  * Avoid using xkbcommon in non-X11 builds
  * Update documentation
  * Update Chromium:
  * Bump V8_PATCH_LEVEL
  * Do not overwrite signal handlers in the browser process.
  * Replace base::ranges::set_union with std::set_union to fix
    MSVC2017 build
  * [Backport] CVE-2022-0100: Heap buffer overflow in Media
    streams API
  * [Backport] CVE-2022-0102: Type Confusion in V8
  * [Backport] CVE-2022-0103: Use after free in SwiftShader
  * [Backport] CVE-2022-0104: Heap buffer overflow in ANGLE
  * [Backport] CVE-2022-0108: Inappropriate implementation
    in Navigation
  * [Backport] CVE-2022-0109: Inappropriate implementation
    in Autofill
  * [Backport] CVE-2022-0111 and CVE-2022-0117
  * [Backport] CVE-2022-0113: Inappropriate implementatio
    n in Blink
  * [Backport] CVE-2022-0116: Inappropriate implementation
    in Compositing
  * [Backport] CVE-2022-0289: Use after free in Safe browsing
  * [Backport] CVE-2022-0291: Inappropriate implementation
    in Storage
  * [Backport] CVE-2022-0293: Use after free in Web packaging
  * [Backport] CVE-2022-0298: Use after free in Scheduling
  * [Backport] CVE-2022-0305: Inappropriate implementation in
    Service Worker API
  * [Backport] CVE-2022-0306: Heap buffer overflow in PDFium
  * [Backport] CVE-2022-0310 and CVE-0311: Heap buffer overflow
    in Task Manager
  * [Backport] CVE-2022-0456: Use after free in Web Search
  * [Backport] CVE-2022-0459: Use after free in Screen Capture
  * [Backport] CVE-2022-0460: Use after free in Window Dialog
  * [Backport] CVE-2022-0461: Policy bypass in COOP
  * [Backport] CVE-2022-0606: Use after free in ANGLE
  * [Backport] CVE-2022-0607: Use after free in GPU
  * [Backport] CVE-2022-0608: Integer overflow in Mojo
  * [Backport] CVE-2022-0609: Use after free in Animation
  * [Backport] CVE-2022-0610: Inappropriate implementation
    in Gamepad API
  * [Backport] CVE-2022-0971 (boo#1197163)
  * [Backport] CVE-2022-1096 (boo#1197552)
  * [Backport] CVE-2022-23852
  * [Backport] Copy 'name_' member during StyleRuleProperty::Copy
  * [Backport] Security bug 1256885
  * [Backport] Security bug 1258603
  * [Backport] Security bug 1259557
  * [Backport] Security bug 1261415
  * [Backport] Security bug 1265570
  * [Backport] Security bug 1268448
  * [Backport] Security bug 1270014
  * [Backport] Security bug 1274113
  * [Backport] Security bug 1276331
  * [Backport] Security bug 1280743
  * [Backport] Security bug 1289394
  * [Backport] Security bug 1292537
  * [Backport] sandbox: build if glibc 2.34+ dynamic stack size
    is enabled
- Drop patches, now upstream:
  * CVE-2022-0971-qtwebengine-5.15.patch
  * CVE-2022-1096-qtwebengine-5.15.patch
* Mon Apr 04 2022 Christophe Giboudeaux <christophe@krop.fr>
- Add security fixes:
  * CVE-2022-0971-qtwebengine-5.15.patch (CVE-2022-0971, boo#1197163)
  * CVE-2022-1096-qtwebengine-5.15.patch (CVE-2022-1096, boo#1197552)
* Fri Mar 25 2022 Fabian Vogt <fvogt@suse.com>
- Add patch to fix build with GCC 12:
  * 0001-skia-Some-includes-to-fix-build-with-GCC-12.patch
* Tue Jan 04 2022 christophe@krop.fr
- Update to version 5.15.8:
  * Update Chromium:
    [Backport] CVE-2021-3517: libxml2: Heap-based buffer overflow
    in xmlEncodeEntitiesInternal() in entities.c
    [Backport] CVE-2021-3541 libxml2: Exponential entity expansion
    attack bypasses all existing protection mechanisms
    [Backport] CVE-2021-37984 : Heap buffer overflow in PDFium
    [Backport] CVE-2021-37987 : Use after free in Network APIs
    [Backport] CVE-2021-37989 : Inappropriate implementation in Blink
    [Backport] CVE-2021-37992 : Out of bounds read in WebAudio
    [Backport] CVE-2021-37993 : Use after free in PDF Accessibility
    [Backport] CVE-2021-37996 : Insufficient validation of untrusted
    input in Downloads
    [Backport] CVE-2021-38001 : Type Confusion in V8
    [Backport] CVE-2021-38003 : Inappropriate implementation in V8
    [Backport] CVE-2021-38005: Use after free in loader (1/3)
    [Backport] CVE-2021-38005: Use after free in loader (2/3)
    [Backport] CVE-2021-38005: Use after free in loader (3/3)
    [Backport] CVE-2021-38007: Type Confusion in V8
    [Backport] CVE-2021-38009: Inappropriate implementation in cache
    [Backport] CVE-2021-38010: Inappropriate implementation in serviceworkers
    [Backport] CVE-2021-38012: Type Confusion in V8
    [Backport] CVE-2021-38015: Inappropriate implementation in input
    [Backport] CVE-2021-38017: Insufficient policy enforcement in iframe
    sandbox
    [Backport] CVE-2021-38018: Inappropriate implementation in navigation
    [Backport] CVE-2021-38019: Insufficient policy enforcement in CORS
    [Backport] CVE-2021-38021: Inappropriate implementation in referrer
    [Backport] CVE-2021-38022: Inappropriate implementation in WebAuthentication
    [Backport] CVE-2021-4057: Use after free in file API
    [Backport] CVE-2021-4058: Heap buffer overflow in ANGLE (1/2)
    [Backport] CVE-2021-4058: Heap buffer overflow in ANGLE (2/2)
    [Backport] CVE-2021-4059: Insufficient data validation in loader
    [Backport] CVE-2021-4062: Heap buffer overflow in BFCache
    [Backport] CVE-2021-4078: Type confusion in V8
    [Backport] CVE-2021-4079: Out of bounds write in WebRTC
    [Backport] CVE-2021-4098: Insufficient data validation in Mojo
    [Backport] CVE-2021-4099: Use after free in Swiftshader
    [Backport] CVE-2021-4101: Heap buffer overflow in Swiftshader.
    [Backport] CVE-2021-4102: Use after free in V8
    [Backport] Dependency for CVE-2021-37989
    [Backport] Dependency for CVE-2021-38009
    [Backport] Security bug 1245870
    [Backport] Security bug 1252858
    [Backport] Security bug 1259899
    Bump V8_PATCH_LEVEL
    Compile with GCC 11 -std=c++20
    Fix stack overflow on gpu channel recreate with an error
    Use wglSetPixelFormat directly only if in software mode
    [Backport] Handle long SIGSTKSZ in glibc > 2.33
    [Backport] abseil-cpp: Fixes build with latest glibc
  * Handle qtpdf compilation with static runtime
  * Add bitcode support for qtpdf on ios
  * Do not access accessibility from qt post routines
  * Blacklist javascriptClipboard test on ubuntu 20.04
  * Re-enable network-service-in-process
  * Bump version from 5.15.7 to 5.15.8
  * Update patch level
  * Fix pinch gesture
  * Fix leak of properties after XkbRF_GetNamesProp
  * Fix leak on getDefaultScreeenId
- Drop patch:
  * 0001-Fix-build-with-glibc-2.34.patch
* Fri Oct 29 2021 christophe@krop.fr
- Update to version 5.15.7:
  * Update Chromium:
    [Backport] Linux sandbox: update syscalls numbers on 32-bit platforms
    [Backport] sandbox: linux: allow clock_nanosleep & gettime64
    [Backport] Linux sandbox: update syscall numbers for all platforms.
    [Backport] Ease HarfBuzz API change with feature detection
    [Backport] Security bug 1248665
    [Backport] CVE-2021-37975 : Use after free in V8
    [Backport] CVE-2021-37980 : Inappropriate implementation in Sandbox
    [Backport] CVE-2021-37979 : Heap buffer overflow in WebRTC (2/2)
    [Backport] CVE-2021-37979 : Heap buffer overflow in WebRTC (1/2)
    [Backport] CVE-2021-37978 : Heap buffer overflow in Blink
    [Backport] CVE-2021-30616: Use after free in Media.
    [Backport] CVE-2021-37962 : Use after free in Performance Manager (2/2)
    [Backport] CVE-2021-37962 : Use after free in Performance Manager (1/2)
    [Backport] CVE-2021-37973 : Use after free in Portals
    [Backport] CVE-2021-37971 : Incorrect security UI in Web Browser UI.
    [Backport] CVE-2021-37968 : Inappropriate implementation in Background Fetch API
    [Backport] CVE-2021-37967 : Inappropriate implementation in Background Fetch API
    [Backport] Linux sandbox: return ENOSYS for clone3
    [Backport] Linux sandbox: fix fstatat() crash
    [Backport] Reland "Reland "Linux sandbox syscall broker: use struct kernel_stat""
    [Backport] Security bug 1238178 (2/2)
    [Backport] Security bug 1238178 (1/2)
    [Backport] CVE-2021-30633: Use after free in Indexed DB API (2/2)
    [Backport] CVE-2021-30633: Use after free in Indexed DB API (1/2)
    [Backport] CVE-2021-30630: Inappropriate implementation in Blink
    [Backport] CVE-2021-30629: Use after free in Permissions
    [Backport] CVE-2021-30628: Stack buffer overflow in ANGLE
    [Backport] CVE-2021-30627: Type Confusion in Blink layout
    [Backport] CVE-2021-30626: Out of bounds memory access in ANGLE
    [Backport] CVE-2021-30625: Use after free in Selection API
    [Backport] Security bug 1206289
    [Backport] CVE-2021-30613: Use after free in Base internals
    [Backport] Security bug 1227228
    [Backport] CVE-2021-30618: Inappropriate implementation in DevTools
  * Update patch level
  * Blacklist certificate test until certicates have been renewed
  * Block CORS from local URLs when remote access is not enabled
  * Do not wait on weak_pointer for termination errors
  * Support MSVC_VER 16.8
  * Fix wrong save file filter for Markdown Editor example
  * Add Chromium version source documentation
  * Bump version from 5.15.6 to 5.15.7
  * Fix crash when clicking on a link in PDF
- Drop openSUSE patches:
  * fix1163766.patch. Should be addressed with:
    https://github.com/qt/qtwebengine-chromium/commit/652f834de
    https://github.com/qt/qtwebengine-chromium/commit/faae106ed
    https://github.com/qt/qtwebengine-chromium/commit/6b7b3f1bf
  * chromium-glibc-2.33.patch. Should be addressed with the
    [Backport] Linux sandbox: fix fstatat() crash and
    Reland "Reland "Linux sandbox syscall broker: use struct kernel_stat""
    changes.
  * chromium-older-harfbuzz.patch
- Drop upstream changes:
  * 0001-return-ENOSYS-for-clone3.patch
  * chromium-harfbuzz-3.0.0.patch
  * skia-harfbuzz-3.0.0.patch
- Rebase patches:
  * sandbox-statx-futex_time64.patch
* Tue Sep 21 2021 Fabian Vogt <fvogt@suse.com>
- Add patches from Arch to fix build with HarfBuzz 3.0.0:
  * chromium-harfbuzz-3.0.0.patch
  * skia-harfbuzz-3.0.0.patch
- ... but don't break with < 2.9.0:
  * chromium-older-harfbuzz.patch
* Thu Sep 09 2021 christophe@krop.fr
- Update to version 5.15.6:
  * Update Chromium:
    + [Backport] CVE-2021-30560: Use after free in Blink XSLT
    + [Backport] CVE-2021-30566: Stack buffer overflow in Printing
    + [Backport] CVE-2021-30585: Use after free in sensor handling
    + Bump V8_PATCH_LEVEL
    + [Backport] Security bug 1228036
    + [Backport] CVE-2021-30604: Use after free in ANGLE
    + [Backport] CVE-2021-30603: Race in WebAudio
    + [Backport] CVE-2021-30602: Use after free in WebRTC
    + [Backport] CVE-2021-30599: Type Confusion in V8
    + [Backport] CVE-2021-30598: Type Confusion in V8
    + [Backport] Security bug 1227933
    + [Backport] Security bug 1205059
    + [Backport] Security bug 1184294
    + [Backport] Security bug 1198385
    + [Backport] CVE-2021-30588: Type Confusion in V8
    + [Backport] CVE-2021-30587: Inappropriate implementation in Compositing on Windows
    + [Backport] CVE-2021-30573: Use after free in GPU
    + [Backport] CVE-2021-30569, security bugs 1198216 and 1204814
    + [Backport] CVE-2021-30568: Heap buffer overflow in WebGL
    + [Backport] CVE-2021-30541: Use after free in V8
    + [Backport] Security bugs 1197786 and 1194330
    + [Backport] Security bug 1194689
    + [Backport] CVE-2021-30563: Type Confusion in V8
    + [Backport] Security bug 1211215
    + [Backport] Security bug 1209558
    + [Backport] CVE-2021-30553: Use after free in Network service
    + [Backport] CVE-2021-30548: Use after free in Loader
    + [Backport] CVE-2021-30547: Out of bounds write in ANGLE
    + [Backport] CVE-2021-30556: Use after free in WebAudio
    + [Backport] CVE-2021-30559: Out of bounds write in ANGLE
    + [Backport] CVE-2021-30533: Insufficient policy enforcement in PopupBlocker
    + [Backport] Security bug 1202534
    + [Backport] CVE-2021-30536: Out of bounds read in V8
    + [Backport] CVE-2021-30522: Use after free in WebAudio
    + [Backport] CVE-2021-30554 Use after free in WebGL
    + [Backport] CVE-2021-30551: Type Confusion in V8
    + [Backport] CVE-2021-30544: Use after free in BFCache
    + [Backport] CVE-2021-30535: Double free in ICU
    + [Backport] CVE-2021-30534: Insufficient policy enforcement in iFrameSandbox
    + [Backport] CVE-2021-30530: Out of bounds memory access in WebAudio
    + [Backport] CVE-2021-30523: Use after free in WebRTC
    + Generate mojo bindings before compiling extension API registration
  * Bump version from 5.15.5 to 5.15.6
  * Always send phased wheel events beginning with Began
- Import patch from the chromium package:
  * 0001-return-ENOSYS-for-clone3.patch
- Add changes from the chromium package to
  0001-Fix-build-with-glibc-2.34.patch
* Wed Aug 04 2021 Christophe Giboudeaux <christophe@krop.fr>
- Add patch to fix build with glibc 2.34 (boo#1189095)
  * 0001-Fix-build-with-glibc-2.34.patch
* Thu Jun 24 2021 Christophe Giboudeaux <christophe@krop.fr>
- Update the CMake version workaround to get qtbase's real version
* Tue Jun 22 2021 christophe@krop.fr
- Update to version 5.15.5:
  * Abort findText also right on explicit navigation request
  * Adapt to new Connections syntax
  * Add devtools eyedropper support
  * Add more tests to tst_loadsignals
  * Add support for Keyboard.getLayoutMap()
  * Add web-ui chrome://net-internals
  * Allow leaving OCSP off
  * Always send phased wheel events beginning with Began
  * Avoid accessing profileAdapter when profile is shutting down
  * Avoid unknownFunc messages in qmltests
  * Blacklist CertificateError::test_error for macOS
  * Blacklist NewViewRequest::test_loadNewViewRequest on macOS
  * Blacklist handleError on macos until we merge the fix
  * Blacklist numberOfStartedAndFinishedSignalsIsSame on b2q CIs
  * Depend on QCoreApplication::startingUp() for checking
    existence of app
  * Do not allow WebBluetooth to continue
  * Do not hide virtual keyboard if the focused node is editable
  * Doc: Add a note about navigation within a page to a fragment
  * Docs: Suggest to use higher DPI for printing
  * Fix FilePickerController's path validation for windows and
    corresponding tests
  * Fix application locales again
  * Fix embedded PDFs when plugins are disabled
  * Fix first party url for cookie filter
  * Fix inconsistent number of load signals and their order
  * Fix normalization of app locales
  * Fix not working certificates on mac > 10.14
  * Fix prl files on ios
  * Fix qmltests::WebEngineViewNavigationHistory auto tests
  * Fix qtpdf static builds on windows
  * Fix static build of qml qtpdf
  * Follow InProcessGpuThread::Init() on thread priority
  * Generate mojo bindings before compiling extension API
    registration
  * Implement PluginServiceFilterQt
  * Load signals test: use focusProxy for link clicking test
  * Make able to override disabled features from command line
  * Notify canGoBack/canGoForward changes based on web actions
  * Only disconnect QWebEnginePage signals that QWebEngineView
    connected
  * Package devtools inspector overlay
  * Remove ResourceTypeSubFrame check after website update
  * Remove obsolete loadSignals test
    secondLoadForError_WhenErrorPageEnabled
  * Remove qquickwebengineprofile test
  * Remove tracking of frame which load error page
  * Remove ui/snapshot overrides for aura
  * Report server directs in navigation type
  * Return to using the default devtools page
  * Set enumaration root directory for File.webkitRelativePath API
  * Set more Display properties
  * Show PDF viewer in a guest view
  * Support devtools close button in QuickNanoBrowser
  * Support zoom-in, zoom-out and cell web cursors on macOS
  * Unblacklist and fix load signals test for file download
  * Update Chromium and adapt PermissionManagerQt
  * Update platform notes
  * View: test signal for deletion of external page set to view
- Drop patches:
  * 0001-Fix-normalization-of-app-locales.patch
  * 0001-Fix-build-with-GCC-11.patch
  * 0001-Fix-build-with-system-ICU-69.patch
* Thu May 06 2021 Fabian Vogt <fvogt@suse.com>
- Add patch to fix build with ICU 69:
  * 0001-Fix-build-with-system-ICU-69.patch
* Wed Apr 14 2021 Christophe Giboudeaux <christophe@krop.fr>
- Add patch to fix build with GCC 11:
  * 0001-Fix-build-with-GCC-11.patch
* Wed Apr 14 2021 Guillaume GARDET <guillaume.gardet@opensuse.org>
- Update _constraints to avoid OOM
* Tue Apr 13 2021 Fabian Vogt <fabian@ritter-vogt.de>
- Add back missing part in fix1163766.patch (boo#1184610)