Changelog for
webkit2gtk-4_0-injected-bundles-2.44.3-150400.1.1.x86_64.rpm :
* Mon Aug 19 2024 mgorseAATTsuse.com- Update to version 2.44.3 (boo#1228696 boo#1228697 boo#1228698): + Fix web process cache suspend/resume when sandbox is enabled. + Fix accelerated images dissapearing after scrolling. + Fix video flickering with DMA-BUF sink. + Fix pointer lock on X11. + Fix movement delta on mouse events in GTK3. + Undeprecate console message API and make it available in 2022 API. + Fix several crashes and rendering issues. + Security fixes: CVE-2024-40776, CVE-2024-40779, CVE-2024-40780, CVE-2023-40782, CVE-2024-40785, CVE-2024-40789, CVE-2024-40794, CVE-2024-4558.- Drop patches now upstream: webkit2gtk3-CVE-2024-40776.patch webkit2gtk3-CVE-2024-40779.patch webkit2gtk3-CVE-2024-40780.patch webkit2gtk3-CVE-2024-40782.patch
* Thu Aug 08 2024 mgorseAATTsuse.com- Add CVE fixes: + webkit2gtk3-CVE-2024-40776.patch (boo#1228613 CVE-2024-40776) + webkit2gtk3-CVE-2024-40779.patch (boo#1228693 CVE-2024-40779) + webkit2gtk3-CVE-2024-40780.patch (boo#1228694 CVE-2024-40780) + webkit2gtk3-CVE-2024-40782.patch (boo#1228695 CVE-2024-40782)
* Fri May 24 2024 mgorseAATTsuse.com- Update to version 2.44.2 (boo#1225071): + Make gamepads visible on axis movements, and not only on button presses. + Disable the gst-libav AAC decoder. + Make user scripts and style sheets visible in the Web Inspector. + Use the geolocation portal where available, with the existing geoclue as fallback if the portal is not usable. + Use the printing portal when running sandboxed. + Use the file transfer portal for drag and drop when running sandboxed. + Avoid notifying an empty cursor rectangle to input methods. + Remove empty bar shown in detached inspector windows. + Consider keycode when activating application accelerators. + Fix the build with ENABLE_WEBAUDIO disabled. + Fix several crashes and rendering issues. + Security fixes: CVE-2024-27834.- Changes in version 2.44.1: + Fix handling of lifetime of web view child dialogs in GTK4. + Do not schedule layer flushes when drawing area size is empty. + Fix videos with alpha when using the DMA-BUF sink. + Fix the build with USE_GBM=OFF. + Fix the build in 32bit platforms + Fix several crashes and rendering issues.- Update keyring (taken from rawhide).- Drop webkit2gtk3-271108.patch: fixed upstream.
* Wed Mar 27 2024 mgorseAATTsuse.com- Update to version 2.44.0 (boo#1222010): + Make the DOM accessibility tree reachable from UI process with GTK4. + Removed the X11 and WPE renderers in favor of DMA-BUF. + Improved vblank synchronization when rendering. + Removed key event reinjection in GTK4 to make keyboard shortcuts work in web sites. + Fix gamepads detection by correctly handling focused window in GTK4. + Security fixes: CVE-2024-23252, CVE-2024-23254, CVE-2024-23263, CVE-2024-23280, CVE-2024-23284, CVE-2023-42950, CVE-2023-42956, CVE-2023-42843.- Drop webkit2gtk3-create-destroy-egl-image.patch: fixed upstream.- Drop webkit2gtk3-gtk4-build-fix.patch: no longer needed.- Rebase webkit2gtk3-disable-dmabuf-nvidia.patch.- Add webkit2gtk3-271108.patch: Fix build on 32bit arches (https://bugs.webkit.org/show_bug.cgi?id=271108).- Disable libbacktrace: we don\'t have it in SLE.- Use WebAssembly on aarch64. It is the upstream default and no longer makes the build fail. Stop passing -DENABLE_C_LOOP=ON, - DENABLE_WEBASSEMBLY=OFF and -DENABLE_SAMPLING_PROFILER=OFF for the same reason.- Adjust spec for gtk4 now being enabled by default.
* Tue Feb 06 2024 mgorseAATTsuse.com- Update to version 2.42.5 (boo#1219604): + Fix webkit_web_context_allow_tls_certificate_for_host to handle IPv6 URIs produced by SoupURI. + Ignore stops with offset zero before last one when rendering gradients with cairo. + Write bwrapinfo.json to disk for xdg-desktop-portal. + Fix gamepads detection by correctly handling focused window in GTK4. + Fix several crashes and rendering issues. + Security fixes: CVE-2024-23222, CVE-2024-23206, CVE-2024-23213.- Drop webkit2gtk3-CVE-2024-23222.patch and webkit2gtk3-gstreamer-build-fix.patch: fixed upstream.- Add webkit2gtk3-llint-build-fix.patch: fix the build for non-x86 architectures.
* Wed Jan 24 2024 mgorseAATTsuse.com- Add webkit2gtk3-CVE-2024-23222.patch: fix a type confusion issue (bsc#1219113 CVE-2024-23222).
* Fri Jan 05 2024 stefan.bruensAATTrwth-aachen.de- Remove explicit build dependency on libicu-devel. This will pull in the original ICU 65.1 from SLE, while harfbuzz will typically link to to a newer version, i.e. the library will be linked with two different ICU versions at runtime. As harfbuzz already depends on pkgconfig(icu-uc), another explicit dependency is unneeded.
* Sat Dec 16 2023 mgorseAATTsuse.com- Update to version 2.42.4 (boo#1218032): + Fix incorrect random images incorrectly displayed as backgrounds of
elements. + Fix videos displayed aliased after being resized e.g. in YouTube. + Fix several crashes and rendering issues. + Security fixes: CVE-2023-42883.
* Wed Dec 06 2023 mgorseAATTsuse.com- Update to version 2.42.3 (boo#1217844): + Fix flickering while playing videos with DMA-BUF sink. + Fix color picker being triggered in the inspector when typing \"tan\". + Do not special case the \"sans\" font family name. + Fix build failure with libxml2 version 2.12.0 due to an API change. + Fix several crashes and rendering issues. + Security fixes: CVE-2023-42916, CVE-2023-42917.
* Fri Nov 17 2023 mgorseAATTsuse.com- Update to version 2.42.2 (boo#1217210): + Bump Safari version in user agent header. + Fix CSP regression that broke Unity WebGL applications. + Fix the build with GBM disabled. + Fix several crashes and rendering issues. + Security fixes: CVE-2023-41983, CVE-2023-42852.- Add webkit2gtk3-gstreamer-build-fix.patch: fix the build with !ENABLE(MEDIA_STREAM).
* Wed Nov 01 2023 mgorseAATTsuse.com- Add webkit2gtk3-disable-dmabuf-nvidia.patch: disable DMABuf renderer for NVIDIA proprietary drivers (boo#1216778).
* Mon Oct 23 2023 mgorseAATTsuse.com- Add webkit2gtk3-create-destroy-egl-image.patch: fix \"No provider of EglDestroyImage Found\" (boo#1216483).
* Mon Oct 09 2023 mgorseAATTsuse.com- Update to version 2.42.1 (boo#1215661 boo#1215866 boo#1215867 boo#1215868 boo#1215869 boo#1215870 boo#1218033 boo#1222905): + Fix enable-html5-database setting to properly enable/disable IndexedDB API. + Fix the build with GBM disabled. + Fix several crashes and rendering issues. + Security fixes: CVE-2023-41993, CVE-2023-40414. + Changes in version 2.42.0: + New renderer based on DMA-BUF shared buffers. + Add new permission request to handle DOM paste access requests. + Add API to configure experimental features at runtime. + Add API to set the percentage of volume space that can be used for data storage. + GBM is no longer required for WebGL implementation. + Security fixes: CVE-2023-39928, CVE-2023-41074, CVE-2023-32359, CVE-2023-42890, CVE-2014-1745, CVE-2024-23226.- Disable JPEGXL.
* Mon Sep 11 2023 mgorseAATTsuse.com- Expand lang sub-package in spec file unconditionally to handle previous name change from WebKit2GTK-lang to WebKitGTK-lang. This change affected the automatic generated Requires tag on WebKit2GTK-%{_apiver}, then getting out of sync of what\'s being required and what\'s being provided. Now, any sub-package that was providing WebKit2GTK-%{_apiver} will provide WebKitGTK-%{_apiver} instead (boo#1214835, boo#1214640, boo#1214093).- Require libwaylandclient0 >= 1.20. 15.4 originally had 1.19.0, but webkitgtk uses a function added in 1.20.0, so we need to ensure that the wayland update is pulled in (bsc#1215072).
* Mon Aug 28 2023 mgorseAATTsuse.com- Provide/obsolete WebKit2GTK-%{_apiver}-lang (bsc#1214093)
* Fri Aug 11 2023 mgorseAATTsuse.com- Have the lang package provide libwebkit2gtk3-lang (bsc#1214093)
* Fri Aug 04 2023 mgorseAATTsuse.com- Update to version 2.40.5 (boo#1213905 boo#1213379 boo#1213581 boo#1215230): + Fix several crashes and rendering issues. + Security fixes: CVE-2023-38133, CVE-2023-38572, CVE-2023-38592, CVE-2023-38594, CVE-2023-38595, CVE-2023-38597, CVE-2023-38599,, CVE-2023-38600, CVE-2023-38611, CVE-2023-40397, CVE-2023-39434, CVE-2023-40451. + Changes in version 2.40.3 (boo#1212863): + Make memory pressure monitor honor memory.memsw.usage_in_bytes if exists. + Include key modifiers in wheel events. + Apply cookie blocking policy to WebSocket handshakes. + Remove accidental dependency on GLib 2.70. + Fix the build with BUBBLEWRAP_SANDBOX disabled. + Fix several crashes and rendering issues. + Security fixes: CVE-2023-32439, CVE-2023-32435, CVE-2023-32393, CVE-2023-37450, CVE-2023-28198, CVE-2023-32370, CVE-2023-35074.- Add unifdef BuildRequires: New dependency.- Remove libbrotlidec from BuildRequires. No longer needed.- Drop no-forced-sse.patch: Due to changes in the code, trying to build without SSE2 support fails even with this patch. We are forced to give up on this, SSE2 support is now mandatory for all build targets.- Drop webkit2gtk3-CVE-2023-28204.patch and webkit2gtk3-CVE-2023-32373.patch: fixed upstream.- Disable MEDIA_STREAM. It has been disabled until now, and it\'s better to minimize the amount of gstreamer code that we need to- The gtk 4 api version is now 6.0. The previous 5.0 version was considered by upstream to be an unreleased work in progress and is not used by anything that we ship in SP4.
* Thu Jun 08 2023 mgorseAATTsuse.com- Add security patches (boo#1211846): + webkit2gtk3-CVE-2023-28204.patch (boo#1211659 CVE-2023-28204) + webkit2gtk3-CVE-2023-32373.patch (boo#1211658 CVE-2023-32373)
* Fri Apr 21 2023 mgorseAATTsuse.com- Update to version 2.38.6 (boo#1210295 boo#1210731): + Enable the Asynchronous Clipboard API to make certain pages work (e.g. GithHub started recently requiring it). + Support :has() CSS selectors in content filters. + Apply basic font properties as font variation settings. + The Bubblewrap sandbox no longer requires setting an application identifier via GApplication to operate correctly. Using GApplication is still recommended, but optional. + Improvements to the GStreamer multimedia playback, in particular around MSE, WebRTC, and seeking. + Fix the build with journald support enabled when using elogind instead of the systemd libraries. + Fix the build with Link-Time Optimization enabled (-flto=auto). + Fix context menus not working in the remote Web Inspector. + Fix usage of the remote Web Inspector over HTTP. + Fix debug logs not being emitted in release builds. + Fix several crashes and rendering issues. + Security fixes: CVE-2022-0108, CVE-2023-28205, CVE-2022-32885, CVE-2023-27932, CVE-2023-27954.
* Thu Feb 16 2023 mgorseAATTsuse.com- Update to version 2.38.5 (boo#1208328): + Fix large memory allocation when uploading content. + Fix scrolling after a history navigation with PSON enabled. + Always update the active uri of WebKitFrame. + Fix the build on Ubuntu 20.04. + Fix several crashes and rendering issues. + Security fixes: CVE-2023-23529.- Add webkit2gtk3-gtk4-build-fix.patch: fix the build with gtk 4.6.0.
* Tue Feb 07 2023 mgorseAATTsuse.com- Update to version 2.38.4 (boo#1207997): + Improve GStreamer multimedia playback across the board with improved codec selection logic, better handling of latency, and improving frame discard to avoid audio/video desynchronizationg, among other fixes. + Disable HLS media playback by default, which makes web sites use MSE instead. If needed WEBKIT_GST_ENABLE_HLS_SUPPORT=1 can be set in the environment to enable it back. + Disable threaded rendering in GTK4 builds by default, as it was causing crashes. + Fix MediaSession API not showing artwork images. + Fix MediaSession MPRIS usage when running inside a Flatpak sandbox. + Fix input element controls to correctly scale when applying a zoom factor different than the default. + Fix leakage of Web processes in certain situations. + Fix the injected bundle not being found when running inside a sandbox. + Fix the build with ENABLE_INTROSPECTION when cross-compiling. + FIx the build with ENABLE_WEBGL disabled. + Fix the build with GStreamer-based WebRTC enabled. + Fix the build with USE_GTK4 enabled. + Fix several crashes and rendering issues. + Security fixes: CVE-2023-23517, CVE-2023-23518, CVE-2022-42826, CVE-2022-32919, CVE-2022-46705, CVE-2022-46725.
* Thu Dec 22 2022 mgorseAATTsuse.com- Update to version 2.38.3 (boo#1206474 boo#1206750): + Fix runtime critical warnings from media player. + Fix network process crash when fetching website data on ephemeral session. + Fix the build with Ruby 3.2. + Fix several crashes and rendering issues. + Security fixes: CVE-2022-42852, CVE-2022-42856, CVE-2022-42867, CVE-2022-46692, CVE-2022-46698, CVE-2022-46699, CVE-2022-46700.
* Tue Nov 08 2022 mgorseAATTsuse.com- Update to version 2.38.2 (boo#1205120 boo#1205123 boo#1205124): + Fix scrolling issues in some sites having fixed background. + Fix prolonged buffering during progressive live playback. + Fix the build with accessibility disabled. + Fix several crashes and rendering issues. + Security fixes: CVE-2022-42799, CVE-2022-42823, CVE-2022-42824.- Update no-forced-sse.patch with quilt.- Pass -DENABLE_DOCUMENTATION=OFF to configure, we did not build the API docs in the past, and I see no reason to start now.- Drop pkgconfig(libnotify) BuildRequires: No longer needed, nor used if available.- Pass -DUSE_SYSTEM_MALLOC=ON on all architectures, to work around webkit#243535.
* Tue Nov 08 2022 mgorseAATTsuse.com- Update to version 2.38.1: + Make xdg-dbus-proxy work if host session bus address is an abstract socket. + Use a single xdg-dbus-proxy process when sandbox is enabled. + Fix high resolution video playback due to unimplemented changeType operation. + Ensure GSubprocess uses posix_spawn() again and inherit file descriptors. + Fix player stucking in buffering (paused) state for progressive streaming. + Do not try to preconnect on link click when link preconnect setting is disabled. + Fix close status code returned when the client closes a WebSocket in some cases. + Fix media player duration calculation. + Fix several crashes and rendering issues. + Security fixes: CVE-2022-46691.
* Tue Nov 08 2022 mgorseAATTsuse.com- Update to version 2.38.0 boo#1205121 boo#1205122): + New media controls UI style. + Add new API to set WebView’s Content-Security-Policy for web extensions support. + Make it possible to use the remote inspector from other browsers using WEBKIT_INSPECTOR_HTTP_SERVER env var. + MediaSession is enabled by default, allowing remote media control using MPRIS. + Add support for PDF documents using PDF.js. + Security fixes: CVE-2022-32888, CVE-2022-32923, CVE-2022-42863, CVE-2022-48503, CVE-2022-32933, CVE-2023-42833.
* Mon Sep 19 2022 mgorseAATTsuse.com- Update to version 2.36.8 (boo#1203530): + Fix jumpy elements when scrolling GitLab and other web sites. + Fix WebKitWebView:web-process-terminated signal not being emitted for the first web view when sandboxing is enabled. + Fix hang when opening HTML
elements in GTK4 builds. + Fix kinetic scrolling with elements that use overflow scrolling. + Fix several crashes and rendering issues. + Security fixes: CVE-2022-32886, CVE-2022-32912, CVE-2023-25358, CVE-2023-25360, CVE-2023-25361, CVE-2023-25362, CVE-2023-25363. * Fri Aug 26 2022 mgorseAATTsuse.com- Update to version 2.36.7 (boo#1202807): - Fix several crashes and rendering issues. + Security fixes: CVE-2022-32893. * Wed Aug 24 2022 mgorseAATTsuse.com- Update to version 2.36.6 + Fix handling of touchpad scrolling on GTK4 builds + Fix WebKitGTK not allowing to be used from non-main threads (boo#1202169) + Fix several crashes and rendering issues * Fri Jul 29 2022 mgorseAATTsuse.com- Update to version 2.36.5 (boo#1201980): + Add support for PAC proxy in the WebDriver implementation. + Fix video playback when loaded through custom URIs, this fixes video playback in the Yelp documentation browser. - Fix WebKitWebView::context-menu when using GTK4. - Fix LTO builds with GCC. - Fix several crashes and rendering issues. + Security fixes: CVE-2022-32792, CVE-2022-32816.- Drop webkit2gtk3-fix-build.patch: fixed upstream. * Tue Jul 05 2022 mgorseAATTsuse.com- Update to version 2.36.4 (boo#1201221): + Fix the new ATSPI accessibility implementation to add the missing Collection interface for the loaded document. + Fix the MediaSession implementation to make the MPRIS object names more sandbox friendly, which plays better with Flatpak and WebKit\'s own Bubblwrap-based sandboxing. + Fix leaked Web Processes in some particular situations. + Fix the build with media capture support enabled. + Fix cross-compilation when targeting 64-bit ARM. + Fix several crashes and rendering issues. + Security fixes: CVE-2022-22677, CVE-2022-26710.- Add webkit2gtk3-fix-build.patch: fix the build. * Wed Jun 01 2022 mgorseAATTsuse.com- Update to version 2.36.3 (boo#1200106): + Support capturing already encoded video streams, which takes advantage of encoding done in hardware by devices which support this feature. + Avoid using experimental GStreamer elements for video demuxing. + Avoid using the legacy GStreamer VA-API decoding plug-ins, which often cause rendering issues and are not much maintained. Their usage can be re-enabled setting WEBKIT_GST_ENABLE_LEGACY_VAAPI=1 in the environment. + Fix playback of YouTube streams which use dynamic ad insertion. + Fix display capture with Pipewire. + Fix the build without the X11 target when X11 headers are not present. + Fix several crashes and rendering issues. + Security fixes: CVE-2022-26700, CVE-2022-26709, CVE-2022-26716, CVE-2022-26717, CVE-2022-26719.- Drop webkit2gtk3-old-ruby.patch: fixed upstream. * Wed Jun 01 2022 mgorseAATTsuse.com- Update to version 2.36.2: + Fix some pages showing empty content boxes when using GTK4. + Fix the build with accessibility disabled. + Fix the build with newer Ruby versions. + Fix several crashes and rendering issues. * Wed Jun 01 2022 mgorseAATTsuse.com- Update to version 2.36.1 (boo#1199287): + Fix the build with accessibility disabled. + Fix several crashes and rendering issues. + Security fixes: CVE-2022-30293. * Fri Apr 22 2022 mgorseAATTsuse.com- Disable gold linker. It is unmaintained and now disabled on factory.- Switch to gcc 11.- Increase mem_per_process. Attempt to fix sporadic bild failure (bsc#1198743). * Tue Apr 12 2022 mgorseAATTsuse.com- Update to version 2.36.0 (boo#1198290): + Add new accessibility implementation using ATSPI DBus interfaces instead of ATK. + Add support for requestVideoFrameCallback. + Change hardware-acceleration-policy setting default value to always. + Add support for media session. + Add new API to set HTTP response information to custom uri schemes. + Make user interactive threads (event handler, scrolling, …) real time in linux. + Security fixes: CVE-2022-22624, CVE-2022-22628, CVE-2022-22629, CVE-2022-22662.- Rebase no-forced-sse.patch.- Drop fix-warnings.patch and webkit2gtk3-link-fix.patch: fixed upstream.- Add webkit2gtk3-old-ruby.patch: fix a build failure. * Thu Feb 17 2022 mgorseAATTsuse.com- Update to version 2.34.6 (boo#1196133): + Fix accessibility not working when the Bubblewrap sandbox is enabled. + Fix rendering of scrollbars when overlay scrollbars are disabled. + Fix the build when the X11 support is disabled. + Fix the build in a number of situations where the main OpenGL library is not called libGL or libgl, as is the case on systems that use libglvnd. + Fix several crashes and rendering issues. + Security fixes: CVE-2022-22620. * Wed Feb 09 2022 mgorseAATTsuse.com- Update to version 2.34.5 (boo#1195735): + Improve VP8 codec selection when using GStreamer 1.20. + Fix connecting to the accessiblity bus when using the Bubblewrap sandbox. + Fix links being incorrectly activated when starting a pinch zoom gesture. + Fix touch-based scrolling. + Fix the build with recent toolchains based on GCC 12 and on older ones as included e.g. in Ubuntu 18.04. + Fix the build with ICU 60, version 61 is no longer required. + Fix several crashes and rendering issues. + Security fixes: CVE-2022-22589, CVE-2022-22590, CVE-2022-22592,. + Drop webkit2gtk3-gcc12.patch: fixed upstream. * Mon Jan 31 2022 bjorn.lieAATTgmail.com- Update constraints for disk space even more, now at 20 gig. * Mon Jan 24 2022 mgorseAATTsuse.com- Add webkit2gtk3-gcc12.patch: fix the build with gcc 12.- Require glib2 2.44 to match source. * Fri Jan 21 2022 bjorn.lieAATTgmail.com- Update to version 2.34.4 (boo#1195064): + Fix several crashes and rendering issues. + This release fixes numerous security issues, including an especially severe issue that allowed websites to read the names of IndexedDB databases created by other websites. + Security fixes: CVE-2021-30934, CVE-2021-30936, CVE-2021-30951, CVE-2021-30952, CVE-2021-30953, CVE-2021-30954, CVE-2021-30984, CVE-2022-22594, CVE-2022-22637. * Wed Jan 19 2022 fcrozatAATTsuse.com- Update _constraints, needs more disk space to build. * Tue Dec 21 2021 mgorseAATTsuse.com- Update to version 2.34.3 (boo#1194019): + Make audio tools (like mixers) display the actual name of the application producing sound, instead of a generic one. + Fix several crashes and rendering issues. + Security fixes: CVE-2021-30887, CVE-2021-30890. * Tue Dec 14 2021 yfjiangAATTsuse.com- Typo fix for %define usegcc10. * Tue Dec 14 2021 dimstarAATTopensuse.org- Introduce usegcc10 %define in order to have the condition (0%{?sle_version} && 0%{?sle_version} <= 150400) only at one point.- Correct a very old \"Obsoletes: webkit2gtk3-plugin-process-gtk2\" to be a versioned obsoletes. * Tue Dec 14 2021 yfjiangAATTsuse.com- Make the earlier Obsoletes: libwebkit2gtk3-lang compliant with: https://en.opensuse.org/openSUSE:Upgrade_dependencies_explanation#Renaming_a_package * Wed Dec 08 2021 yfjiangAATTsuse.com- Add Obsoletes of the old-name -lang package to be ready for updating from it. This change is necessary for the gtk3-soup2 flavor. * Sat Nov 27 2021 mgorseAATTsuse.com- Update to version 2.34.2: + Fix scrolling issues when pressing Home and PgDown keys. + Update effective appearance after web process switch on navigation. + Fix the build with video disabled. * Mon Nov 01 2021 bjorn.lieAATTgmail.com- Add pkgconfig(libavif) BuildRequires and pass USE_AVIF=ON to cmake, build avif decoding support. * Mon Nov 01 2021 mgorseAATTsuse.com- Add wayland-protocols to BuildRequires. * Tue Oct 26 2021 mgorseAATTsuse.com- Add webkit2gtk3-link-fix.patch: taken from upstream, fixes the build on SLE-15-SP4.- Use gcc10 package on SLE <= 15-SP4. Gcc 7 is currently the default there.- Update gcc-c++ version requirement to match the cmake check. * Thu Oct 21 2021 mgorseAATTsuse.com- Update to version 2.34.1 (boo#1191937): + Update user agent browser versions. + Fix a crash with GTK >= 3.24.30. + Fix a crash when loading videos on reddit. + Fix file type detection when application calls g_desktop_app_info_set_as_default_for_extension() passing html. + Security fixes: CVE-2021-42762. * Wed Sep 29 2021 dimstarAATTopensuse.org- Add libjavascriptcoregtk-4_0-18 and llibwebkit2gtk-4_0-37 to baselibs.conf: provide those libraries as multilib version. * Wed Sep 29 2021 dimstarAATTopensuse.org- Rename -lang packages to WebKit2GTK-%{_apiver}, making the translations between the three flavors co-exist. * Wed Sep 22 2021 dimstarAATTopensuse.org- Update to version 2.34.0 (boo#1192063): + Fix another regression in JavaScriptCore on 32bit systems. + Security fixes: CVE-2021-30846, CVE-2021-30851, CVE-2021-30818, CVE-2021-30823, CVE-2021-30884, CVE-2021-30888, CVE-2021-30889, CVE-2021-30897, CVE-2021-45481, CVE-2021-45483. * Mon Sep 20 2021 mgorseAATTsuse.com- Update to version 2.33.91: + Use the right display refresh monitor for animations in accelerated compositng mode. + Fix several issues in JavaScriptCore on 32bit systems. + Prefer python3 over python2 in CMake. * Mon Sep 20 2021 mgorseAATTsuse.com- Update to version 2.33.90: + Show TLS protocol version and ciphersuite name in the inspector when building with libsoup3. + Add multi-track support to media backend. + Avoid strong alias computations in font fallback code. + Fix deadlock tearing down pipeline when using fallback sink. + Fix the build with gtk-doc enabled. + Fix several crashes and rendering issues.- Add fix-warnings.patch: silence return-type warnings. * Mon Sep 20 2021 dimstarAATTopensuse.org- Add a 3rd flavor: gtk3 with libsoup2 (which retains compatibility to the olderversions, identified as API version 4.0). * Mon Sep 20 2021 dimstarAATTopensuse.org- Add _multibuild file and enable build of webkit2gtk4. * Mon Sep 20 2021 dimstarAATTopensuse.org- Update to version 2.33.3: + Add support for display capture. + Add new API to access/modify capture devices states. + Add new API to configure the memory pressure handler. + Add support for client side certifiates authentication. + Add support color-schemes CSS property. + Add support for dark scrollbars. + Keep GtkSettings used by web processes in sync with the settings set in the UI process. + Add support for drawing the scrollbars corner. + Allow to opt-out of GL rendering at runtime for media player. + Add support for A420 compositing in media player. + Improve pinch to zoom gesture in accerlerated compositing mode. + Fix cookies configuration after a network process crash. + Fix touchscreen navigation swipe when the page scrolls horizontally. + Fix rendering of elliptic radial gradients. + Fix several crashes and rendering issues. + Updated translations.- Drop fix-lto.patch: fixed upstream.- Add pkgconfig(lcms2) BuildRequires: new dependency.- Replace pkgconfig(libsoup-2.4) BuildRequires with pkgconfig(libsoup-3.0): Follow upstreams port to Libsoup 3.0. * Sun Sep 19 2021 mgorseAATTsuse.com- Update to version 2.32.4 (boo#1190701): + Do not append .asc extension to downloaded text/plain files. + Fix several crashes and rendering issues. + Security fixes: CVE-2021-30848, CVE-2021-30849, CVE-2021-30858, CVE-2021-30809, CVE-2021-30836, CVE-2021-45482.- Drop fix-lto.patch: fixed upstream. * Tue Aug 10 2021 mliskaAATTsuse.cz- Enable LTO by using upstream patch fix-lto.patch. * Thu Aug 05 2021 yfjiangAATTsuse.com- Drop unneeded patch on Leap and SLE by now: webkit2gtk3-restore-npapi.patch (bsc#1189105). * Thu Jul 29 2021 yfjiangAATTsuse.com- Add BuildRequires pkgconfig(glproto) for SLE and Leap which have not included the new packaging of the relevant headers. * Mon Jul 26 2021 mgorseAATTsuse.com- Update to version 2.32.3 (boo#1188697): + Properly set the cookies settings after a network process crash. + Fix accessibility tree after a cross site navigation with PSON enabled. + Ensure WebKitScriptWorld::window-object-cleared signal is always emitted. + Fix several crashes and rendering issues. + Security fixes: CVE-2021-21775, CVE-2021-21779, CVE-2021-30663, CVE-2021-30665, CVE-2021-30689, CVE-2021-30720, CVE-2021-30734, CVE-2021-30744, CVE-2021-30749, CVE-2021-30795, CVE-2021-30797, CVE-2021-30799.- Fix webkit2gtk3-restore-npapi.patch to install the plugin process.- Disable WPE renderer: our FDO backend is now too old. * Mon Jul 19 2021 mgorseAATTsuse.com- Update to version 2.32.2: + Improve calculation of initial WebKitWebView size. + Fix kinetic scrolling on touchpad with async scrolling off. + Fix a crash on empty drag operation in X11. + Fix rendering on HiDPI /4k screen and scaling. + Handle null native surface for for surfaceless rendering. + Fix JavaScriptCore crash on 32-bit big endian systems. + Fix several crashes and rendering issues. + Security fixes: CVE-2021-30758. * Wed May 19 2021 mgorseAATTsuse.com- Update to version 2.32.1: + Support building against the Musl C library. + Support building against ICU version 69 or newer. + Improve handling of Media Capture devices. + Improve WebAudio playback. + Improve video orientation handling. + Improve seeking support for MSE playback. + Improve flush support in EME decryptors. + Fix HTTP status codes for requests done through a custom URI handler. + Fix the Bubblewrap sandbox in certain 32-bit systems. + Fix inconsistencies between the WebKitWebView.is-muted property state and values returned by webkit_web_view_is_playing_audio(). + Fix the build with ENABLE_VIDEO=OFF. + Fix wrong timestamps for long-lived cookies. + Fix UI process crash when failing to load favicons. + Fix several crashes and rendering issues. + Updated translations.- Drop webkit2gtk3-icu69.patch: fixed upstream. * Wed Apr 28 2021 dimstarAATTopensuse.org- Add webkit2gtk3-icu69.patch: Fix build with ICU 69: + ICU 69 deprecates ubrk_safeClone in favor of ubrk_clone. * Mon Apr 12 2021 mgorseAATTsuse.com- Per discussion with maintenance, let\'s not remove features that customers could possibly be using:- Add webkit2gtk3-restore-npapi.patch: restore NPAPI plugin support. Reverts webkit#215503. * Tue Apr 06 2021 mgorseAATTsuse.com- Update to version 2.32.0 (boo#1184155): + Fix the authentication request port when URL omits the port. + Fix iframe scrolling when main frame is scrolled in async scrolling mode. + Stop using g_memdup. + Show a warning message when overriding signal handler for threading suspension. - Fix the build on RISC-V with GCC 11. - Fix several crashes and rendering issues. + Security fixes: CVE-2021-1788, CVE-2021-1844, CVE-2021-1871 + Changes in version 2.30.6 (boo#1184262): + Update user agent quirks again for Google Docs and Google Drive. + Fix several crashes and rendering issues. + Security fixes: CVE-2020-27918, CVE-2020-29623, CVE-2021-1765, CVE-2021-1789, CVE-2021-1799, CVE-2021-1801, CVE-2021-1870.- Remove webkit-font-scaling.patch: contained in upstream- Drop original SLE 15 support from the spec. Drop webkit-process.patch and old-wayland-scanner.patch; they are not needed for SP2.- Pass ENABLE_GAMEPAD=OFF to cmake, since we don\'t have manette.- Add glproto-devel to BuildRequires: now needed for the build on SLE 15. * Fri Apr 02 2021 mgorseAATTsuse.com- Update to version 2.32.0 (boo#1184155): + Fix the authentication request port when URL omits the port. + Fix iframe scrolling when main frame is scrolled in async scrolling mode. + Stop using g_memdup. + Show a warning message when overriding signal handler for threading suspension. - Fix the build on RISC-V with GCC 11. - Fix several crashes and rendering issues. + Security fixes: CVE-2021-1788, CVE-2021-1844, CVE-2021-1871, CVE-2021-30682.- Drop old-wayland-scanner.patch and webkit-process.patch, and also drop support for Leap 15.0 and 15.1, since they are no longer supported. * Tue Mar 23 2021 mgorseAATTsuse.com- Update to version 2.31.91: + Make WebKitSecurityOrigin a simple data store for and deprecate webkit_security_origin_is_opaque(). + Fix user agent again to work on several google websites. + Fix web view url on web process terminate signals. + Fix preferred language overrides sent to the web process. + Fix the build in i386. + Translation updates: Simplified Chinese.- Drop webkitgtk-i586-build-fix.patch: fixed upstream.- Disable webkit-process.patch: needs to be rebased or dropped. * Mon Mar 22 2021 mgorseAATTsuse.com- Add webkitgtk-i586-build-fix.patch: fix build on i586 (webkit#222480). * Mon Mar 22 2021 mgorseAATTsuse.com- Update to version 2.31.90: + Add permission request API for MediaKeySystem access. + Fix rendering when using opacity filters on hardware accelerated layers. + Fix flatpak-spawn subsandbox to not clear environment variables. + Ensure a URI scheme handler can\'t be registered multiple times. + Fix several crashes and rendering issues. + The minimum required GStreamer version is now 1.14. + CEA-608 closed captions support (requires WEBKIT_GST_USE_PLAYBIN3=1 environment variable). - Advertise CBCS decryption and VP9 support in Thunder. - Advertise DASH as supported in the media player. - Improved support for playbin3. - Translation updates: Ukrainian.- Up required gstreamer and gtk3 versions. * Mon Mar 22 2021 gmbr3AATTopensuse.org- Update to version 2.31.1: + Remove support for NPAPI plugins. + Enable the web process cache when PSON is enabled too. + TLS errors and proxy settings APIs have been moved from WebKitContext to WebKitWebsiteDataManager. + Add new API to remove individual scripts/stylesheets using WebKitUserContentManager. + Correctly apply the system font scaling factor. + Show main loop frames information in the web inspector.- Remove webkit-font-scaling.patch: contained in upstream- New build requirement: pkgconfig(manette-0.2). * Sun Mar 21 2021 mgorseAATTsuse.com- Update to version 2.30.6 (boo#1184262): + Update user agent quirks again for Google Docs and Google Drive. + Fix several crashes and rendering issues. + Security fixes: CVE-2020-27918, CVE-2020-29623, CVE-2021-1765 CVE-2021-1789, CVE-2021-1799, CVE-2021-1801, CVE-2021-1870, CVE-2021-21806. * Fri Feb 19 2021 guillaume.gardetAATTopensuse.org- Update _constraints for armv6/armv7 (bsc#1182719) * Sat Feb 13 2021 mgorseAATTsuse.com- Update to version 2.30.5 (boo#1182286): + Bring back the WebKitPluginProcess installation that was removed by mistake. + Fix RunLoop objects leaked in worker threads. + Fix aarch64 llint build with JIT disabled. + Use Internet Explorer quirk for Google Docs. + Security fixes: CVE-2020-13558.- Drop gir-multilib.patch: fixed upstream. * Wed Jan 20 2021 bjorn.lieAATTgmail.com- Add gir-multilib.patch: Fix multilib conflict in gir files.- Disable gold linker for ppc64le * Tue Jan 19 2021 badshah400AATTgmail.com- Add webkit-font-scaling.patch: Fix system font scaling not applied to \'font-size: XXXpt\'; patch taken from upstream and rebased to apply cleanly (https://bugs.webkit.org/show_bug.cgi?id=218450).- Pass `-q` to setup to disable printing long list of files extracted from source tarball. * Tue Dec 15 2020 dimstarAATTopensuse.org- Update to version 2.30.4: + Fix text data sent with WebSockets when using libsoup < 2.68. + Fix the rendering on Raspberry Pi 3 using the proprietary video driver. + Fix clipping of descedant layers of a mask layer. + Fix the build with ICU 68.1.- Drop upstream merged patch: + 0001-ICU-68.1-no-longer-exposes-FALSE-and-TRUE-macros-by-.patch * Thu Dec 03 2020 mgorseAATTsuse.com- Add old-wayland-scanner.patch for 15.0/15.1: support older wayland-scanner. Also renumber patches to group 15.0/15.1-specific patches together.- Have the libwebkit2gtk package require libjavascriptcoregtk of the same version (boo#1171531). * Wed Dec 02 2020 dimstarAATTopensuse.org- 0001-ICU-68.1-no-longer-exposes-FALSE-and-TRUE-macros-by-.patch: ICU 68.1 no longer exposes FALSE and TRUE macros by default. * Sun Nov 22 2020 mgorseAATTsuse.com- Update to version 2.30.3 (boo#1179122 boo#1179451): + Add new build option USE(64KB_PAGE_BLOCK). + Fix backdrop filters with rounded borders. + Fix scrolling iframes when async scrolling is enabled. + Allow applications to handle drag and drop on the web view again. + Update Outlook user agent quirk. + Fix the build with video support disabled. + Fix several crashes and rendering issues. + Security fixes: CVE-2020-13584, CVE-2020-9983, CVE-2020-13543.- Drop webkit2gtk3-fdo-soname.patch: fixed upstream.- Rebase webkit-process.patch. * Fri Oct 23 2020 dimstarAATTopensuse.org- Update to version 2.30.2: + Fix scrolling when smooth scrolling is enabled in async scrolling mode. + Fix WebSocket requests with same-site cookies. + Fix TLS certificate information for service workers. + Handle chassis type when its value is quoted. + Fix the build with ENABLE_MEDIA_STREAM enabled and ENABLE_WEB_RTC_DISABLED. + Fix the build with ENABLE_GAMEPAD enabled. + Fix several crashes and rendering issues. * Wed Sep 30 2020 mgorseAATTsuse.com- Enable c_loop on aarch64: currently needed for compilation to succeed with JIT disabled. Also disable sampling profiler, since it conflicts with c_loop (boo#1177087). * Tue Sep 22 2020 mgorseAATTsuse.com- Update to version 2.30.1: + Bring back the environment variable to force single process mode when PSON is disabled. + Fix downloads started by an ephemeral web context. + Updated translations. * Mon Sep 14 2020 mgorseAATTsuse.com- Update to version 2.30.0: + Fix NTLM authentication. + Don\'t try to use SHM on wayland with older wpebackend-fdo. + Fix the build due to seccomp.h header not found. + Security fixes: CVE-2020-9947, CVE-2020-9948, CVE-2020-9951, CVE-2021-1817, CVE-2021-1820, CVE-2021-1825, CVE-2021-1826, CVE-2021-30661.- Drop seccomp-build-fix.patch and wpe-shm-check.patch: fixed upstream. * Mon Sep 07 2020 mgorseAATTsuse.com- Add wpe-shm-check.patch: make SHM initialization fail for wpebackend-fdo < 1.7.0. * Sun Sep 06 2020 mgorseAATTsuse.com- Add seccomp-build-fix.patch: pass seccomp include directory to g++.- Re-enable bubblewrap sandbox for SLE-15-SP2 and Tumbleweed. * Sat Sep 05 2020 dimstarAATTopensuse.org- Update to version 2.29.92: + Fix user agent header after a redirect when a new quirk is required. + Stop using firefox user agent quirk for google docs. + Fix rendering frames timeline panel in web inspector. + Fix per-thread cpu usage in web inspector. + Fix several crashes and rendering issues.- Changes from version 2.29.91: + Fix a web process crash introduced in 2.29.90.- Changes from version 2.29.90: + Fix font variation settings when font smoothing setting is also present. + Fix HTML drag and drop operations. + Fix argument order for clone syscall seccomp filter on s390x. + Fix a crash when selecting text. + Fix several crashes and rendering issues.- Changes from version 2.29.4: + Add support for backdrop filters. + Add support for text-underline-offset and text-decoration-thickness. + Add OpenCDM and AV1 support to media backend. + Add new API to get ITP data summary. + Use mobile user-agent on tablets. + Fix several crashes and rendering issues.- Changes from version 2.29.3: + Add webkit_authentication_request_get_security_origin. + Change the cookies accept policy to always when no-third-party is set and ITP is enabled. + Fix web process hangs on large GitHub pages. + Bubblewrap sandbox should not attempt to bind empty paths. + Add support for sndio to bubblewrap sandbox. + Also handle dark themes when the name ends with -Dark. + Fix a race condition causing a crash in media player. + Fix several crashes and rendering issues.- Changes from version 2.29.2: + Add Intelligent Tracking Prevention (ITP) support. + Add support for video formats in img elements. + Add API to handle video autoplay policy that now defaults to disallow autoplay videos with audio. + Add API to mute a web view. + Add API to allow applications to handle the HTTP authentication credential storage. + Add a WebKitSetting to set the media content types requiring hardware support. + Fix a crash during drag an drop due to a bug introduced in 2.29.1. + Do not start page load during animation in back/forward gesture. + Fix several crashes and rendering issues.- Changes from version 2.29.1: + Stop using GTK theming to render form controls. + Add API to disable GTK theming for scrollbars too. + Fix several race conditions and threading issues in the media player. + Add USER_AGENT_BRANDING build option. + Add paste as plain text option to the context menu for rich editable content. + Fix several crashes and rendering issues. + Updated translations.- Rebase webkit2gtk3-fdo-soname.patch.- Add pkgconfig(libsystemd) BuildRequires: new dependency. * Thu Aug 06 2020 jengelhAATTinai.de- Add no-forced-sse.patch, cure execution of illegal instruction in i586 firefox. * Wed Jul 29 2020 mgorseAATTsuse.com- Update to version 2.28.4 (boo#1174662): + Fix several crashes and rendering issues. + Security fixes: CVE-2020-9862, CVE-2020-9893, CVE-2020-9894, CVE-2020-9895, CVE-2020-9915, CVE-2020-9925. * Fri Jul 10 2020 bjorn.lieAATTgmail.com- Update to version 2.28.3 (boo#1173998): + Enable kinetic scrolling with async scrolling. + Fix web process hangs on large GitHub pages. + Bubblewrap sandbox should not attempt to bind empty paths. + Fix threading issues in the media player. + Fix several crashes and rendering issues. + Security fixes: CVE-2020-9802, CVE-2020-9803, CVE-2020-9805, CVE-2020-9806, CVE-2020-9807, CVE-2020-9843, CVE-2020-9850, CVE-2020-13753, CVE-2020-9952. * Mon Apr 27 2020 bjorn.lieAATTgmail.com- Update to version 2.28.2 (boo#1170643): + Fix excessive CPU usage due to GdkFrameClock not being stopped. + Fix UI process crash when EGL_WL_bind_wayland_display extension is not available. + Fix position of select popup menus in X11. + Fix playing of Youtube \'live stream\'/H264 URLs. + Fix a crash under X11 when cairo uses xcb. + Fix the build in MIPS64. + Fix several crashes and rendering issues. + Security fixes: CVE-2020-3899. * Wed Apr 15 2020 bjorn.lieAATTgmail.com- Update to version 2.28.1 (boo#1169658): + Fix position of default option element popup windows under Wayland. + Fix rendering after a cross site navigation with PSON enabled and hardware acceleration forced. + Fix a crash in nested wayland compositor when closing a tab with PSON enabled. + Update Chrome and Firefox versions in user agent quirks. + Fix a crash with bubblewrap sandbox enabled. + Fix a crash in JavaScriptCore in ppc64el. + Fix the build with GStreamer 1.12. + Fix several crashes and rendering issues. + Security fixes: CVE-2020-11793.- Drop webkit2gtk3-gstreamer-build-fix.patch: Fixed upstream. * Thu Apr 02 2020 mgorseAATTsuse.com- Add webkit2gtk3-gstreamer-build-fix.patch: fix build with gstreamer 1.12 (webkit#209296).- Rebase webkit-process.patch.- Use WebKit defaults for ENABLE_JIT and USE_SYSTEM_MALLOC, except for aarch64. WebKit now sets reasonable defaults based on architecture. Disable on aarch64 in case a user is still using the kernel-64kb package.- Use bubblewrap, xdg-dbus-proxy, wpe, and wpebackend-fdo on 15.2; they had been unintentionally excluded.- Increase mem_per_process; otherwise fails on SLE/Leap. * Thu Mar 12 2020 bjorn.lieAATTgmail.com- Update to version 2.28.0 (boo#1165528): + Add API to enable Process Swap on (Cross-site) Navigation. + Add user messages API for the communication with the web extension. + Add support for same-site cookies. + Service workers are enabled by default. + Add support for Pointer Lock API. + Add flatpak sandbox support. + Make ondemand hardware acceleration policy never leave accelerated compositing mode. + Always use a light theme for rendering form controls. + Add about:gpu to show information about the graphics stack. + Security fixes: CVE-2020-10018, CVE-2020-3885, CVE-2020-3894, CVE-2020-3895, CVE-2020-3897, CVE-2020-3900, CVE-2020-3901, CVE-2020-3902, CVE-2021-30762.- Drop webkit2gtk3-ppc-build-fix.patch: Fixed upstream. * Fri Feb 28 2020 bjorn.lieAATTgmail.com- Disable webkit-process.patch: Needs rebase, and furthermore it should not be applied for Leap 15.2 as it is today. * Thu Feb 27 2020 bjorn.lieAATTgmail.com- Update to version 2.27.91: + Update user agent quirks to fix the unsupported browser message in several google services. + Fix several compile warnings with GCC 10. + Fix the build with GCC 10. + Fix several crashes and rendering issues. + Updated translations. * Tue Feb 18 2020 mgorseAATTsuse.com- Add webkit2gtk3-ppc-build-fix.patch: fix ppc64le build failure on SLE 15. * Fri Feb 14 2020 bjorn.lieAATTgmail.com- Update to version 2.27.90: + Add support for same-site cookies. + Add flatpak sandbox support. + Enable WebAudio and WebGL by default in WebKitSettings. + Add a setting to disallow top level navigation to a data URI. + Add support for the -webkit-font-smoothing CSS property. + Always use a light theme for rendering form controls. + Stop making the Web Inspector windows transient. + Ensure mouse cursor is hidden during fullscreen video playback. + Add support for inspecting service workers to the remote inspector. + Fix several crashes and rendering issues.- Changes from version 2.27.4: + Add API for input methods. + Add API to serialize/deserialize a JSCValue to/from a JSON string. + Add support for strict secure cookies. + Add support for saving data from remote inspector. + Make ondemand hardware acceleration policy never leave accelerated compositing mode. + Fix rendering of conic gradients in high resolution displays. + Fix special combination characters not respecting the keystroke order when high CPU load. + Honor the IndexedDB directory set in WebsiteDataManager. + Fix rendering of text when there’s an initial advance in the text run. + Fix web process crash when displaying a KaTeX formula. + Fix network process crash with PSON enabled. + Fix several crashes and rendering issues.- Changes from version 2.27.3: + Add support for Pointer Lock API. + Improve performance when falling back to system fonts. + Stop using DBus for the remote inspector implementation to improve the performance of both WebDriver and remote inspector. + Implement support for new ARIA roles: code, strong, emphasis, generic. + Fix handling of content type with new custom protocols implementation. + Make image decoders fully thread safe. + Add support for get page source command in WebDriver. + Add support for network proxy capabilities in WebDriver. + Add support for new window command in WebDriver. + Fix several crashes and rendering issues. + Updated translations.- Changes from version 2.27.2: + Add user messages API for the communication with the web extension. + Enable service workers by default. + Add support for saving data in Web Inspector. + More navigation gesture improvement. + Fix the build with WebDriver disabled. + Show also client EGL extensions in about:gpu. + Disable accelerated compositing when we fail to initialize the EGL dispaly under Wayland. + Fix several crashes and rendering issues.- Changes from version 2.27.1: + Enable async scrolling when accelerating compositing policy is ‘always’. + Add about:gpu to show information about the graphics stack. + Add API to enable Process Swap on (Cross-site) Navigation, that is now disabled by default. + Add WebKitWebView:page-id property. + Improve swipe navigation gesture style. + Fix several crashes and rendering issues.- Rebase webkit2gtk3-fdo-soname.patch. * Fri Feb 14 2020 bjorn.lieAATTgmail.com- Update to version 2.26.4 (boo#1163809): + Always use a light theme for rendering form controls. + Fix the build with WPE renderer disabled. + Fix the build with OpenGL disabled. + Fix the build with GCC 10. + Fix several crashes and rendering issues. + Security fixes: CVE-2020-3862, CVE-2020-3864, CVE-2020-3865, CVE-2020-3867, CVE-2020-3868. * Sat Jan 25 2020 dimstarAATTopensuse.org- No longer recommend -lang: supplements are in use * Wed Jan 22 2020 bjorn.lieAATTgmail.com- Update to version 2.26.3 (boo#1161719): + Fix issues while trying to play a video on NextCloud. + Make sure the GL video sink uses a valid WebKit shared GL context. + Fix vertical alignment of text containing arabic diacritics. + Fix build with icu 65.1. + Fix page loading errors with websites using HSTS. + Fix web process crash when displaying a KaTeX formula. + Fix several crashes and rendering issues. + Security fixes: CVE-2019-8835, CVE-2019-8844, CVE-2019-8846.- Drop webkit2gtk3-icu-build-fix.patch: Fixed upstream. * Thu Dec 19 2019 bjorn.lieAATTgmail.com- Start using webkitgtk default gigacage malloc via passing USE_SYSTEM_MALLOC=OFF to cmake. * Thu Dec 19 2019 mgorseAATTsuse.com- Add webkit-process.patch: use single web process for evolution and geary on 15.0 (boo#1159329 glgo#GNOME/evolution#587). * Mon Nov 11 2019 mgorseAATTsuse.com- Add webkit2gtk3-icu-build-fix.patch: fix build with icu 65.1. * Thu Nov 07 2019 mgorseAATTsuse.com- Only use wpe and xdg-dbus-proxy/bubblewrap for TW and SLE-15-SP2 / leap 15.2.- Don\'t pass -DENABLE_BUBBLEWRAP_SANDBOX=ON; it is on by default.- Remove conditionals for EOL versions of openSUSE.- Always build with python3; remove the conditional. * Wed Nov 06 2019 bjorn.lieAATTgmail.com- Update to version 2.26.2 (boo#1156318): + Improve performance of querying system fallback fonts. + Don\'t use prgname in dbus-proxy socket path. + Fix thread-safety issues in image decoders. + Fix the build with WebDriver disabled. + Disable accelerated compositing when we fail to initialize the EGL dispaly under Wayland. + Fill the objects category in emoji picker. + Fix several crashes and rendering issues. + Security fixes: CVE-2019-8812, CVE-2019-8814. * Thu Sep 26 2019 bjorn.lieAATTgmail.com- Enable sandbox again (pass -DENABLE_BUBBLEWRAP_SANDBOX=ON to cmake).- Move bubblewrap and xdg-dbus-proxy Requires from main package to main library package libwebkit2gtk-4_0-37, they are needed at runtime, and there is no webkit2gtk3 package that we can install. * Mon Sep 23 2019 bjorn.lieAATTgmail.com- Update to version 2.26.1: + Fix MSE media player with GStreamer 1.14. + Fix HTML alternate loads never finishing. + Fix web view initialization delay on fisrt load. + Validate user agent string set via API. + Fix a crash when a web view is destroyed with accelerated compositing mode enabled. + Fix EGL initialization with newer versions of Mesa. + Do not enable the sandbox inside docker. + Fix several crashes and rendering issues. + Security fixes: CVE-2019-8783, CVE-2019-8811, CVE-2019-8813, CVE-2019-8816, CVE-2019-8819, CVE-2019-8820, CVE-2019-8823. * Thu Sep 19 2019 mgorseAATTsuse.com- Add webkit2gtk3-fdo-soname.patch: don\'t try to open WPE backend with an unversioned soname. * Tue Sep 17 2019 mgorseAATTsuse.com- Enable pkgconfig(wpe-1.0) and pkgconfig(wpebackend-fdo-1.0) BuildRequires and stop passing DUSE_WPE_RENDERER=OFF to cmake. * Thu Sep 12 2019 bjorn.lieAATTgmail.com- Test disable sandbox, does this fix epiphany? (pass -DENABLE_BUBBLEWRAP_SANDBOX=OFF to cmake). * Mon Sep 09 2019 bjorn.lieAATTgmail.com- Update to version 2.26.0 (boo#1155321): + Add support for subprocess sandboxing. + Add support for HSTS (HTTP Strict Transport Security). + Use libwpe with fdo backend to implement accelerated compositing under wayland. + Remove support for GTK2 NPAPI plugins. + Add support for datalist element in text input fields. + Show the emoji chooser popover for editable content. + Improve rendering of form controls when GTK theme is dark. + Fix rendering artifacts in youtube volume button and github comment box. + Single process model has been deprecated for security reasons. + Security fixes: CVE-2019-8625, CVE-2019-8720, CVE-2019-8769, CVE-2019-8771, CVE-2019-8710, CVE-2019-8743, CVE-2019-8764, CVE-2019-8766, CVE-2019-8782, CVE-2019-8808, CVE-2019-8815, CVE-2021-30666, CVE-2021-30761. * Tue Sep 03 2019 bjorn.lieAATTgmail.com- Update to version 2.25.92: + Add WEBKIT_USE_SINGLE_WEB_PROCESS environment variable to force single process model in all WebKitWebContext. This is a temporary solution for applications still depending on the single process mode behavior. It will be only available in 2.26 series. + Add new API to remove a filter from an user content manager given its identifier. + Add support for HSTS. + Several improvements and bug fixes in MSE media player. + Fix building without unified sources. + Fix several crashes and rendering issues. + Updated translations. * Fri Aug 30 2019 bjorn.lieAATTgmail.com- Disable pkgconfig(wpe-1.0) and pkgconfig(wpebackend-fdo-1.0) BuildRequires and pass DUSE_WPE_RENDERER=OFF to cmake. Needs more work upstream. * Fri Aug 30 2019 bjorn.lieAATTgmail.com- Update to version 2.25.4: + Switch to use libsoup WebSockets API. + Add support for permessage-deflate WebSocket extension. + Add support for datalist element in text input fields. + Fix a crash with empty video source. + Fix several crashes and rendering issues. * Fri Aug 30 2019 bjorn.lieAATTgmail.com- Update to version 2.25.3: + Remove support for GTK2 NPAPI plugins. + Fix web view updates after swapping web process if accelerated compositing mode is forced. + Make kinetic scrolling work again. + Fix position of emoji chooser when page is scrolled. + Fix web process deadlock when scrolling twitter timeline which contains HLS videos. + Make navigation gesture use dark fallback background color color on dark themes. + Make Previous/Next gesture work in RTL mode. + Support cancelling touchscreen back/forward gesture. + Add user agent quirk to make github work in FreeBSD. + Fix content disappearing when using CSS transforms. + Fix some radio streams that could not be played. + Fix video pause that sometimes caused to skip to finish. + Fix volume level changes when playing a video. + Fix several crashes and rendering issues.- Changes from version 2.25.2: + Enable process switch on cross site navigation. + Use libwpe with fdo backend to implement accelerated compositing under wayland. + Fix rendering artifacts in youtube volume button. + Fix trapezoid artifact in github comment box. + Ensure web extensions directory is readable when sandbox is enabled. + Fix the executable name of WebDriver process, renamed by mistake in 2.25.1. + Enable hyperlink auditing setting by default. + Remove the option to build without using the redirected XComposite window. + Fix HLS streams being slow to start. + Make accessibility work when sandbox is enabled. + Fix several crashes and rendering issues.- Changes from version 2.25.1: + Add support for subprocess sandboxing. + Add API to get the web process unique identifier of a WebKitFrame. + Add WebKitWebPage::did-associate-form-controls-for-frame signal and deprecate did-associate-form-controls. + Implement AtkComponentIface scroll_to methods. + Improve rendering of form controls when GTK theme is dark and enable prefers-color-scheme media query. + Show the emoji chooser popover for editable content. + Fix touch capabilities detection for websites checking touch events properties present in window or pointer media queries. + Fix several crashes and rendering issues.- Drop webkit2gtk3-bwo197558-hang.patch: Fixed upstream.- Add pkgconfig(wpe-1.0) and pkgconfig(wpebackend-fdo-1.0) BuildRequires: New dependencies.- Enable bubblewrap, xdg-dbus-proxy and pkgconfig(libseccomp) BuildRequires as well as bubblewrap and xdg-dbus-proxy Requires: Sandbox feature is enabled again.- Drop conditional pkgconfig(gtk+-2.0) BuildRequires and webkit2gtk3-plugin-process-gtk2 sub-package, support for gtk2 plugins are now dropped upstream. Add Obsoletes in libwebkit2gtk. * Wed Aug 28 2019 bjorn.lieAATTgmail.com- Update to version 2.24.4 (boo#1148931): + Updated the user agent string to make happy certain websites which would claim that the browser being used was unsupported. + Improve loading of multimedia streams to avoid memory exhaustion due to excessive caching. + Fix display of documents with MIME type application/xml in the Web Inspector, when loaded using XmlHttpRequest. + Fix a hang while scrolling certain websites which include HLS video content (Twitter, for example). + Fix rounding artifacts in volume levels for media playback. + Fix several crashes and rendering issues. + Fix the build with video track support disabled. + Fix the build with OpenGL support disabled. + Fix build issue which would cause media controls to disappear when Python 3.x was used during the build process. + Security fixes: CVE-2019-8644, CVE-2019-8649, CVE-2019-8658, CVE-2019-8669, CVE-2019-8678, CVE-2019-8680, CVE-2019-8683, CVE-2019-8684, CVE-2019-8688, CVE-2019-8674, CVE-2019-8707, CVE-2019-8719, CVE-2019-8733, CVE-2019-8763, CVE-2019-8765, CVE-2019-8821, CVE-2019-8822.- Drop webkit2gtk3-bwo197558-hang.patch: Fixed upstream. * Sun Jul 14 2019 rcoeAATTwi.rr.com- Add webkit2gtk3-bwo197558-hang.patch for hang (bwo#197558) * Mon Jul 08 2019 mgorseAATTsuse.com- Drop webkit2gtk3-boo1088932-a11y-state-set.patch: fixed upstream. * Tue Jul 02 2019 bjorn.lieAATTgmail.com- Update to version 2.24.3: + Deprecate WebSQL APIs. + Make Previous/Next gesture work in RTL mode. + Fix content disappearing when using CSS transforms. + Fix rendering artifacts in youtube volume button. + Fix trapezoid artifact in github comment box. + Fix video pause that sometimes caused to skip to finish. + Fix volume level changes when playing a video. + Fix HLS streams being slow to start. + Fix some radio streams that could not be played. + Fix the build with older versions of GStreamer. + Fix the build with video and audio disabled. + Fix several crashes and rendering issues. + Security fixes: CVE-2019-8666, CVE-2019-8673, CVE-2019-8676, CVE-2019-8681, CVE-2019-8687, CVE-2019-8689, CVE-2019-8690, CVE-2019-8726. + Updated translations.- Drop upstream fixed patches: + webkit2gtk3-bug196440-build-fix.patch. + webkit2gtk3-bug198080-build-fix.patch. * Sat Jun 22 2019 mgorseAATTsuse.com- Add webkit2gtk3-bug196440-build-fix.patch and webkit2gtk3-bug198080-build-fix.patch: fix build failures on SLE/Leap 15 and SLE 12. * Fri May 24 2019 bjorn.lieAATTgmail.com- Update to version 2.24.2 (boo#1135715): + Fix rendering of emojis copy-pasted from GTK emoji chooser. + Fix space characters not being rendered with some CJK fonts. + Fix adaptive streaming playback with older GStreamer versions. + Set a maximum zoom level for pinch zooming gesture. + Fix navigation gesture to not interfere with scrolling. + Fix SSE2 detection at compile time, ensuring the right flags are passed to the compiler. + Fix several crashes and rendering issues. + Security fixes: CVE-2019-8595, CVE-2019-8607, CVE-2019-8615, CVE-2019-8671, CVE-2019-8672, CVE-2019-8677, CVE-2019-8679, CVE-2019-8686, CVE-2019-8735. + Updated translations.- Drop webkit2gtk3-fix-i586-build.patch: Fixed upstream. * Wed Apr 24 2019 mliskaAATTsuse.cz- Disable LTO (boo#1133291). * Mon Apr 15 2019 dimstarAATTopensuse.org- Add webkit2gtk3-fix-i586-build.patch: Fix build on i586. * Wed Apr 10 2019 bjorn.lieAATTgmail.com- Update to version 2.24.1 (boo#1132256): + Do not allow changes in active URI before provisional load starts for non-API requests. + Stop the threaded compositor when the page is not visible or layer tree state is frozen. + Use WebKit HTTP source element again for adaptive streaming fragments downloading. + Properly handle empty resources in webkit_web_resource_get_data(). + Add quirk to ensure outlook.live.com uses the modern UI. + Fix methods returing GObject or boxed types in JavaScriptCore GLib API. + Ensure callback data is passed to functions and constructors with no parameters in JavaScriptCore GLib API. + Fix rendering of complex text when the font uses x,y origins. + Fix sound loop with Google Hangouts and WhatsApp notifications. + Fix the build with GStreamer 1.12.5 and GST GL enabled. + Detect SSE2 at compile time. + Fix several crashes and rendering issues. + Security fixes: CVE-2019-6251, CVE-2019-11070.- Drop webkitgtk-gstreamer-gl-build-fix.patch: Fixed upstream. * Tue Mar 26 2019 mgorseAATTsuse.com- Add webkitgtk-gstreamer-gl-build-fix.patch: fix build on SLE/Leap 15 (webkit#196178). * Tue Mar 19 2019 mgorseAATTsuse.com- Disable openjpeg on SLE 12. Our version isn\'t new enough. * Wed Mar 13 2019 bjorn.lieAATTgmail.com- Update to version 2.24.0: + Added support fot content filtering. + Variation fonts support. + Fully emoji rendering support. + Added navigation and pinch zoom gestures for touchpads. + Support for JPEG2000 images. + Script dialogs are now modal to the current web view only. + New API to convert URI to format for display. + Security fixes: CVE-2019-8375 (boo#1126768), CVE-2019-8506, CVE-2019-8524, CVE-2019-8535, CVE-2019-8536, CVE-2019-8544, CVE-2019-8551, CVE-2019-8558, CVE-2019-8559, CVE-2019-8563, CVE-2019-8768. * Wed Mar 06 2019 bjorn.lieAATTgmail.com- Update to version 2.23.92: + Fix constructors returning a GObject in JSC GLib API. + Do not scan NPAPI plugins when plugins are disabled in settings. + Add WebKitUserContentFilterStore to the API docs. + Fix several crashes and rendering issues. + Updated translations. * Sun Mar 03 2019 bjorn.lieAATTgmail.com- Update to version 2.23.91: + Add new API to handle user content filters. + Fix a UI process crash while filling selection data during drag and drop. + Fix deadlock on Linux/x64 between SamplingProfiler and VMTraps. + Fix several crashes and rendering issues. + Updated translations. * Sun Mar 03 2019 bjorn.lieAATTgmail.com- Update to version 2.23.90: + Add a new setting to disable JavaScript elments from documents during parsing. + Add new API to expose JavaScriptCore options. + Add support for JPEG2000 images. + Add support for back/forward touchpad gesture. + Add support for pinch zoom on touchpad. + Use a scrolled window in alert dialogs to handle long contents. + Sleep disabler now inhibits idle when a \"System\" sleep disabler is requested. + Remove experimental sandboxing support, it\'s not yet ready for stable release. + Fix a web process deadlock when starting the remote inspector. + Fix a crash when browsing inspector:// URI without port set. + Fix several crashes and rendering issues.- Add openjpeg2 and openjpeg2-devel BuildRequires: New dependencies.- Drop webkit2gtk3-python3.patch: Not needed anymore.- Disable bubblewrap, xdg-dbus-proxy and pkgconfig(libseccomp) BuildRequires and bubblewrap, xdg-dbus-proxy Requires: Sandbox support was disabled by upstream again.- Stop passing -DENABLE_ACCELERATED_2D_CANVAS=ON to cmake, follow upstream default. * Sun Mar 03 2019 bjorn.lieAATTgmail.com- Update to version 2.23.3: + Fix rendering of emoji sequences containing zero with joiner. + Fallback to a colored font when rendering emojis. + Fix rendering artifacts on Youtube while scrolling under X11. + Remove DConf permissions from sandbox. + Fix build from release tarball with gtkdoc enabled. + Fix several crashes and rendering issues. + Updated translations. * Sun Mar 03 2019 bjorn.lieAATTgmail.com- Update to version 2.23.2: + Fix rendering artifacts in some websites with accelerated compositing enabled. + Add initial support for variation fonts. + Add new API to convert a URI to a format for display. + Make scrollbars follow gtk-primary-button-warps-slider setting. + Fix crashes when closing the WebDriver session. + Fix the build with OpenGL disabled. + Fix several crashes and rendering issues.- Changes from version 2.23.1: + Add initial support for subprocess sandboxing in Linux. + Add new permission request type for media device information. + Make scrollbars follow gtk-primary-button-warps-slider setting. + Script dialogs are now modal to the current web view only. + Fix several crashes and rendering issues.- Add bubblewrap, xdg-dbus-proxy and pkgconfig(libseccomp) BuildRequires: New dependencies for subprocess sandboxing.- Add bubblewrap and xdg-dbus-proxy Requires: They are needed at runtime.- Disable webkit2gtk3-python3.patch: Needs rebase or possibly outright dropping as fixed, as some parts of them are checked in upstream. * Sat Mar 02 2019 bjorn.lieAATTgmail.com- Update to version 2.22.7: + Fix rendering of glyphs in Hebrew (and possibly other languages) when Unicode NFC normalization is used. + Fix several crashes and race conditions. + Security fixes: CVE-2019-8518, CVE-2019-8523. * Wed Feb 13 2019 mgorseAATTsuse.com- Replace webkit2gtk3-boo1088932-a11y-state-set.patch with a patch proposed for webkit#188599. The original patch didn\'t always prevent crashes. * Sat Feb 09 2019 bjorn.lieAATTgmail.com- Update to version 2.22.6 (boo#1124937): + Make kinetic scrolling slow down smoothly when reaching the ends of pages, instead of abruptly, to better match the GTK+ behaviour. + Fix Web inspector magnifier under Wayland. + Fix garbled rendering of some websites (e.g. YouTube) while scrolling under X11. + Fix several crashes, race conditions, and rendering issues.- CVE identifiers fixed: CVE-2019-6212, CVE-2019-6215, CVE-2019-6216, CVE-2019-6217, CVE-2019-6226, CVE-2019-6227, CVE-2019-6229, CVE-2019-6233, CVE-2019-6234, CVE-2019-6201, CVE-2019-7285, CVE-2019-7292, CVE-2019-8503, CVE-2019-8515. * Wed Dec 26 2018 bjorn.lieAATTgmail.com- Pass DENABLE_ACCELERATED_2D_CANVAS=ON to cmake, build accelerated 2d canvas support, we already build the needed support in cairo.- Switch to Ninja build, add ninja BuildRequires and pass GNinja to cmake and use ninja_build and ninja_make macros. * Wed Dec 26 2018 schwabAATTsuse.de- Don\'t use gold on ppc. * Mon Dec 17 2018 bjorn.lieAATTgmail.com- Update to version 2.22.5: + Improved the logic to determine for which architectures to enable the JIT compiler support and USE_SYSTEM_MALLOC at build time. + Fix the build with ENABLE_VIDEO=OFF and ENABLE_OPENGL=OFF. + Fix several crashes. + Security fixes: CVE-2018-4437 (boo#1119553), CVE-2018-4438 (boo#1119554), CVE-2018-4441 (boo#1119555), CVE-2018-4442 (boo#1119556), CVE-2018-4443 (boo#1119557), CVE-2018-4464 (boo#1119558). * Fri Dec 07 2018 mgorseAATTsuse.com- Disable media source extension on SLE/Leap 15 and earlier, since it requires gstreamer 1.14.0. * Wed Nov 28 2018 schwabAATTsuse.de- Reduce memory constraints for riscv64 * Thu Nov 22 2018 bjorn.lieAATTgmail.com- Update to version 2.22.4 (boo#1116998): + Expose ENABLE_MEDIA_SOURCE as a public build option. + Fix a crash when using Cairo versions between 1.15 and 1.16.0 + Fix the build with -DLOG_DISABLED=0. + Fix the build with ENABLE_VIDEO=OFF and ENABLE_WEB_AUDIO=OFF. + Fix debug builds of JavaScriptCore. + Fix several crashes and rendering issues. + Security fixes: CVE-2018-4372. * Mon Nov 12 2018 guillaume.gardetAATTopensuse.org- Update _constraints to latest values to avoid OOM erros * Mon Oct 29 2018 bjorn.lieAATTgmail.com- Update to version 2.22.3: + Many improvements and fixes for video playback with media source extensions (MSE), which improve the user experience across the board, and in particular for playback of WebM videos. + Fix a memory leak during media playback when using playbin3. + Fix portions of Web views not being rendered after resizing. + Fix Resource Timing reporting for