From patchwork Fri Nov 22 18:00:13 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Adrian Perez de Castro <aperez@igalia.com>
X-Patchwork-Id: 1199576
Return-Path: <buildroot-bounces@busybox.net>
X-Original-To: incoming-buildroot@patchwork.ozlabs.org
Delivered-To: patchwork-incoming-buildroot@bilbo.ozlabs.org
Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized)
	smtp.mailfrom=busybox.net (client-ip=140.211.166.137;
	helo=fraxinus.osuosl.org;
	envelope-from=buildroot-bounces@busybox.net;
	receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org;
	dmarc=none (p=none dis=none) header.from=igalia.com
Authentication-Results: ozlabs.org;
	dkim=fail reason="signature verification failed" (2048-bit key;
	unprotected) header.d=igalia.com header.i=@igalia.com
	header.b="IlIgdRFq"; dkim-atps=neutral
Received: from fraxinus.osuosl.org (smtp4.osuosl.org [140.211.166.137])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256
	bits)) (No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 47KPNj53xXz9sPW
	for <incoming-buildroot@patchwork.ozlabs.org>;
	Sat, 23 Nov 2019 05:00:36 +1100 (AEDT)
Received: from localhost (localhost [127.0.0.1])
	by fraxinus.osuosl.org (Postfix) with ESMTP id 946F287465;
	Fri, 22 Nov 2019 18:00:34 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from fraxinus.osuosl.org ([127.0.0.1])
	by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id t6fV2qAcpnbZ; Fri, 22 Nov 2019 18:00:33 +0000 (UTC)
Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34])
	by fraxinus.osuosl.org (Postfix) with ESMTP id 148C7874C1;
	Fri, 22 Nov 2019 18:00:33 +0000 (UTC)
X-Original-To: buildroot@lists.busybox.net
Delivered-To: buildroot@osuosl.org
Received: from whitealder.osuosl.org (smtp1.osuosl.org [140.211.166.138])
	by ash.osuosl.org (Postfix) with ESMTP id DAB7D1BF2A4
	for <buildroot@lists.busybox.net>;
	Fri, 22 Nov 2019 18:00:30 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
	by whitealder.osuosl.org (Postfix) with ESMTP id D3ED088374
	for <buildroot@lists.busybox.net>;
	Fri, 22 Nov 2019 18:00:30 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from whitealder.osuosl.org ([127.0.0.1])
	by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id ztn-f+npDV3c for <buildroot@lists.busybox.net>;
	Fri, 22 Nov 2019 18:00:29 +0000 (UTC)
X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6
Received: from fanzine.igalia.com (fanzine.igalia.com [178.60.130.6])
	by whitealder.osuosl.org (Postfix) with ESMTPS id C1A9A882BC
	for <buildroot@buildroot.org>; Fri, 22 Nov 2019 18:00:27 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=igalia.com;
	s=20170329;
	h=Content-Transfer-Encoding:MIME-Version:Message-Id:Date:Subject:Cc:To:From;
	bh=y1B4ndvFjlNLyAmcQIWjbe+Hxii4Q18Qwudtb5PeXVA=;
	b=IlIgdRFqzHdCwxo93F7roUT+mvi9eu46C7/m0RUpGgONm32kKmUAHUVTqD1gjFfH1SXxvDstCSWlN3coSOfRc47Hm8JZ4yQVCNhAHfi0zpnj14oGxpR5aRKcQ3fkKy86TNGsv9IM952bQJ6Fh9c8Ho/K223+3+GEPmirYaaJ0uH8TOHfoZLjBKUPpcXTcX/L58HrtGPGpUiw8Ul+GxUzdZe4P19q35A3X88WFaOTsTX1HTlUH/ttjB/IKSldVuT41v7dX1rDbz3TiP4x/d1I3oyQ49xJza8p8KvgDQhuNIhk3Sa2R0Sw7e/wzy3xkU2a1QoqGt2/p6niUSx5QAitHA==;
Received: from 82-181-115-92.bb.dnainternet.fi ([82.181.115.92] helo=kodama)
	by fanzine.igalia.com with esmtpsa
	(Cipher TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim)
	id 1iYDEG-0005ig-5A; Fri, 22 Nov 2019 19:00:24 +0100
Received: from localhost (kodama [local])
	by kodama (OpenSMTPD) with ESMTPA id 5cf9d640;
	Fri, 22 Nov 2019 18:00:13 +0000 (UTC)
From: Adrian Perez de Castro <aperez@igalia.com>
To: buildroot@buildroot.org
Date: Fri, 22 Nov 2019 20:00:13 +0200
Message-Id: <20191122180013.2887730-1-aperez@igalia.com>
X-Mailer: git-send-email 2.24.0
MIME-Version: 1.0
Subject: [Buildroot] [PATCH 1/1] package/webkitgtk: security bump to version
	2.26.2
X-BeenThere: buildroot@busybox.net
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussion and development of buildroot <buildroot.busybox.net>
List-Unsubscribe: <http://lists.busybox.net/mailman/options/buildroot>,
	<mailto:buildroot-request@busybox.net?subject=unsubscribe>
List-Archive: <http://lists.busybox.net/pipermail/buildroot/>
List-Post: <mailto:buildroot@busybox.net>
List-Help: <mailto:buildroot-request@busybox.net?subject=help>
List-Subscribe: <http://lists.busybox.net/mailman/listinfo/buildroot>,
	<mailto:buildroot-request@busybox.net?subject=subscribe>
Cc: Adrian Perez de Castro <aperez@igalia.com>
Errors-To: buildroot-bounces@busybox.net
Sender: "buildroot" <buildroot-bounces@busybox.net>

This is a minor release which includes fixes for CVE-2019-8812 and
CVE-2019-8814.

This release also fixes the build with WebDriver disabled and without
X11, so "0001-GTK-ANGLE-s-eglplatform.h-is-build-broken-with-DENAB.patch"
and "0002-WPE-GTK-Build-fails-with-ENABLE_WEBDRIVER-OFF.patch" are not
needed anymore (and therefore removed). There is also a performance
improvement for a regression related to fallback font selection, and a
couple of small fixes. The full release notes are available at:

  https://webkitgtk.org/2019/11/06/webkitgtk2.26.2-released.html

The detailed security advisory can be found at:

  https://webkitgtk.org/security/WSA-2019-0006.html

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
---
 ...latform.h-is-build-broken-with-DENAB.patch | 40 --------------
 ...uild-fails-with-ENABLE_WEBDRIVER-OFF.patch | 55 -------------------
 package/webkitgtk/webkitgtk.hash              |  8 +--
 package/webkitgtk/webkitgtk.mk                |  2 +-
 4 files changed, 5 insertions(+), 100 deletions(-)
 delete mode 100644 package/webkitgtk/0001-GTK-ANGLE-s-eglplatform.h-is-build-broken-with-DENAB.patch
 delete mode 100644 package/webkitgtk/0002-WPE-GTK-Build-fails-with-ENABLE_WEBDRIVER-OFF.patch

diff --git a/package/webkitgtk/0001-GTK-ANGLE-s-eglplatform.h-is-build-broken-with-DENAB.patch b/package/webkitgtk/0001-GTK-ANGLE-s-eglplatform.h-is-build-broken-with-DENAB.patch
deleted file mode 100644
index 1da78f2bf9..0000000000
--- a/package/webkitgtk/0001-GTK-ANGLE-s-eglplatform.h-is-build-broken-with-DENAB.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-From d1697f868e047f1355fed7b44dbcd6dda897c234 Mon Sep 17 00:00:00 2001
-From: Adrian Perez de Castro <aperez@igalia.com>
-Date: Thu, 19 Sep 2019 17:13:19 +0300
-Subject: [PATCH xserver 1/1] [GTK] ANGLE's eglplatform.h is build broken with
- -DENABLE_X11_PLATFORM=OFF https://bugs.webkit.org/show_bug.cgi?id=198621
-
-Reviewed by NOBODY (OOPS!).
-
-* PlatformGTK.cmake: Use WL_EGL_PLATFORM to prefer Wayland type
-definitions with ENABLE_WAYLAND_TARGET, and USE_SYSTEM_EGL otherwise
-when ENABLE_X11_TARGET is not enabled.
-
-Fetch from: https://bugs.webkit.org/show_bug.cgi?id=198621
-Upstream-Status: Pending
-Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
-
----
- Source/ThirdParty/ANGLE/ChangeLog         | 11 +++++++++++
- Source/ThirdParty/ANGLE/PlatformGTK.cmake |  9 +++++++++
- 2 files changed, 20 insertions(+)
-
-diff --git a/Source/ThirdParty/ANGLE/PlatformGTK.cmake b/Source/ThirdParty/ANGLE/PlatformGTK.cmake
-index 74f35e29234..7229b0e09cc 100644
---- a/Source/ThirdParty/ANGLE/PlatformGTK.cmake
-+++ b/Source/ThirdParty/ANGLE/PlatformGTK.cmake
-@@ -1,2 +1,11 @@
- # Enable GLSL compiler output.
- list(APPEND ANGLE_DEFINITIONS ANGLE_ENABLE_GLSL)
-+
-+if (ENABLE_WAYLAND_TARGET)
-+    # Explicitly prefer the Wayland platform, otherwise if we are building
-+    # in a system without X11 ANGLE will still try to use the X11 headers.
-+    list(APPEND ANGLE_DEFINITIONS WL_EGL_PLATFORM)
-+elseif (NOT ENABLE_X11_TARGET)
-+    # Allow building ANGLE on platforms which may not provide X11 headers.
-+    list(APPEND ANGLE_DEFINITIONS USE_SYSTEM_EGL)
-+endif ()
--- 
-2.23.0
-
diff --git a/package/webkitgtk/0002-WPE-GTK-Build-fails-with-ENABLE_WEBDRIVER-OFF.patch b/package/webkitgtk/0002-WPE-GTK-Build-fails-with-ENABLE_WEBDRIVER-OFF.patch
deleted file mode 100644
index b084ec9eb3..0000000000
--- a/package/webkitgtk/0002-WPE-GTK-Build-fails-with-ENABLE_WEBDRIVER-OFF.patch
+++ /dev/null
@@ -1,55 +0,0 @@
-From fb0f978af0dd3923a1d3bcb6dccf610861e284d3 Mon Sep 17 00:00:00 2001
-From: Adrian Perez de Castro <aperez@igalia.com>
-Date: Tue, 8 Oct 2019 11:06:56 +0300
-Subject: [PATCH xserver 2/2] [WPE][GTK] Build fails with ENABLE_WEBDRIVER=OFF
- https://bugs.webkit.org/show_bug.cgi?id=202658
-
-Reviewed by NOBODY (OOPS!).
-
-* UIProcess/Automation/gtk/WebAutomationSessionGtk.cpp: Add missing
-ENABLE(WEBDRIVER_MOUSE_INTERACTIONS) and ENABLE(WEBDRIVER_KEYBOARD_INTERACTIONS)
-preprocessor guards.
-* UIProcess/Automation/wpe/WebAutomationSessionWPE.cpp: Ditto.
-
-Fetch (and adapted) from: https://bugs.webkit.org/show_bug.cgi?id=202658
-Upstream-Status: Pending
-Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
-
----
- Source/WebKit/ChangeLog                              | 12 ++++++++++++
- .../Automation/gtk/WebAutomationSessionGtk.cpp       |  4 ++++
- .../Automation/wpe/WebAutomationSessionWPE.cpp       |  4 ++++
- 3 files changed, 20 insertions(+)
-
-diff --git a/Source/WebKit/UIProcess/Automation/gtk/WebAutomationSessionGtk.cpp b/Source/WebKit/UIProcess/Automation/gtk/WebAutomationSessionGtk.cpp
-index dd81d1d55ea..ee665c2e346 100644
---- a/Source/WebKit/UIProcess/Automation/gtk/WebAutomationSessionGtk.cpp
-+++ b/Source/WebKit/UIProcess/Automation/gtk/WebAutomationSessionGtk.cpp
-@@ -34,6 +34,7 @@
- namespace WebKit {
- using namespace WebCore;
- 
-+#if ENABLE(WEBDRIVER_MOUSE_INTERACTIONS)
- static unsigned modifiersToEventState(OptionSet<WebEvent::Modifier> modifiers)
- {
-     unsigned state = 0;
-@@ -131,7 +132,9 @@ void WebAutomationSession::platformSimulateMouseInteraction(WebPageProxy& page,
-         break;
-     }
- }
-+#endif // ENABLE(WEBDRIVER_MOUSE_INTERACTIONS)
- 
-+#if ENABLE(WEBDRIVER_KEYBOARD_INTERACTIONS)
- static void doKeyStrokeEvent(GdkEventType type, GtkWidget* widget, unsigned keyVal, unsigned state, bool doReleaseAfterPress = false)
- {
-     ASSERT(type == GDK_KEY_PRESS || type == GDK_KEY_RELEASE);
-@@ -331,5 +334,6 @@ void WebAutomationSession::platformSimulateKeySequence(WebPageProxy& page, const
-         p = g_utf8_next_char(p);
-     } while (*p);
- }
-+#endif // ENABLE(WEBDRIVER_KEYBOARD_INTERACTIONS)
- 
- } // namespace WebKit
--- 
-2.23.0
-
diff --git a/package/webkitgtk/webkitgtk.hash b/package/webkitgtk/webkitgtk.hash
index 0cf0080e6e..71642ad144 100644
--- a/package/webkitgtk/webkitgtk.hash
+++ b/package/webkitgtk/webkitgtk.hash
@@ -1,7 +1,7 @@
-# From https://webkitgtk.org/releases/webkitgtk-2.26.0.tar.xz.sums
-md5 08145bd6c1587230f135921c142bc150 webkitgtk-2.26.1.tar.xz
-sha1 bd0432281c0463147ec06587c25f226a67acbb2d webkitgtk-2.26.1.tar.xz
-sha256 6b4b21801d2b1008422a1075dbd6fb4ae8b5127503faf657cf9671289d9cd155 webkitgtk-2.26.1.tar.xz
+# From https://webkitgtk.org/releases/webkitgtk-2.26.2.tar.xz.sums
+md5 65e06fe73ee166447894aaea95038e3b webkitgtk-2.26.2.tar.xz
+sha1 5bd1ccb436c76fd1edb83afd5bec377de5655d45 webkitgtk-2.26.2.tar.xz
+sha256 6b80f0637a80818559ac8fd50db3b394f41cb61904fb9b3ed65fa51635806512 webkitgtk-2.26.2.tar.xz
 
 # Hashes for license files:
 sha256 0b5d3a7cc325942567373b0ecd757d07c132e0ebd7c97bfc63f7e1a76094edb4 Source/WebCore/LICENSE-APPLE
diff --git a/package/webkitgtk/webkitgtk.mk b/package/webkitgtk/webkitgtk.mk
index 6f72cdb528..1273c1afe8 100644
--- a/package/webkitgtk/webkitgtk.mk
+++ b/package/webkitgtk/webkitgtk.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-WEBKITGTK_VERSION = 2.26.1
+WEBKITGTK_VERSION = 2.26.2
 WEBKITGTK_SITE = https://www.webkitgtk.org/releases
 WEBKITGTK_SOURCE = webkitgtk-$(WEBKITGTK_VERSION).tar.xz
 WEBKITGTK_INSTALL_STAGING = YES