SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for webkit2gtk-4_0-injected-bundles-2.44.3-lp154.1.1.x86_64.rpm :

* Mon Aug 19 2024 Michael Gorse - Update to version 2.44.3 (boo#1228696 boo#1228697 boo#1228698): + Fix web process cache suspend/resume when sandbox is enabled. + Fix accelerated images dissapearing after scrolling. + Fix video flickering with DMA-BUF sink. + Fix pointer lock on X11. + Fix movement delta on mouse events in GTK3. + Undeprecate console message API and make it available in 2022 API. + Fix several crashes and rendering issues. + Security fixes: CVE-2024-40776, CVE-2024-40779, CVE-2024-40780, CVE-2023-40782, CVE-2024-40785, CVE-2024-40789, CVE-2024-40794, CVE-2024-4558.- Drop patches now upstream: webkit2gtk3-CVE-2024-40776.patch webkit2gtk3-CVE-2024-40779.patch webkit2gtk3-CVE-2024-40780.patch webkit2gtk3-CVE-2024-40782.patch
* Thu Aug 08 2024 Michael Gorse - Add CVE fixes: + webkit2gtk3-CVE-2024-40776.patch (boo#1228613 CVE-2024-40776) + webkit2gtk3-CVE-2024-40779.patch (boo#1228693 CVE-2024-40779) + webkit2gtk3-CVE-2024-40780.patch (boo#1228694 CVE-2024-40780) + webkit2gtk3-CVE-2024-40782.patch (boo#1228695 CVE-2024-40782)
* Fri May 24 2024 Michael Gorse - Update to version 2.44.2 (boo#1225071): + Make gamepads visible on axis movements, and not only on button presses. + Disable the gst-libav AAC decoder. + Make user scripts and style sheets visible in the Web Inspector. + Use the geolocation portal where available, with the existing geoclue as fallback if the portal is not usable. + Use the printing portal when running sandboxed. + Use the file transfer portal for drag and drop when running sandboxed. + Avoid notifying an empty cursor rectangle to input methods. + Remove empty bar shown in detached inspector windows. + Consider keycode when activating application accelerators. + Fix the build with ENABLE_WEBAUDIO disabled. + Fix several crashes and rendering issues. + Security fixes: CVE-2024-27834.- Changes in version 2.44.1: + Fix handling of lifetime of web view child dialogs in GTK4. + Do not schedule layer flushes when drawing area size is empty. + Fix videos with alpha when using the DMA-BUF sink. + Fix the build with USE_GBM=OFF. + Fix the build in 32bit platforms + Fix several crashes and rendering issues.- Update keyring (taken from rawhide).- Drop webkit2gtk3-271108.patch: fixed upstream.
* Wed Mar 27 2024 Michael Gorse - Update to version 2.44.0 (boo#1222010): + Make the DOM accessibility tree reachable from UI process with GTK4. + Removed the X11 and WPE renderers in favor of DMA-BUF. + Improved vblank synchronization when rendering. + Removed key event reinjection in GTK4 to make keyboard shortcuts work in web sites. + Fix gamepads detection by correctly handling focused window in GTK4. + Security fixes: CVE-2024-23252, CVE-2024-23254, CVE-2024-23263, CVE-2024-23280, CVE-2024-23284, CVE-2023-42950, CVE-2023-42956, CVE-2023-42843.- Drop webkit2gtk3-create-destroy-egl-image.patch: fixed upstream.- Drop webkit2gtk3-gtk4-build-fix.patch: no longer needed.- Rebase webkit2gtk3-disable-dmabuf-nvidia.patch.- Add webkit2gtk3-271108.patch: Fix build on 32bit arches (https://bugs.webkit.org/show_bug.cgi?id=271108).- Disable libbacktrace: we don\'t have it in SLE.- Use WebAssembly on aarch64. It is the upstream default and no longer makes the build fail. Stop passing -DENABLE_C_LOOP=ON, - DENABLE_WEBASSEMBLY=OFF and -DENABLE_SAMPLING_PROFILER=OFF for the same reason.- Adjust spec for gtk4 now being enabled by default.
* Tue Feb 06 2024 Michael Gorse - Update to version 2.42.5 (boo#1219604): + Fix webkit_web_context_allow_tls_certificate_for_host to handle IPv6 URIs produced by SoupURI. + Ignore stops with offset zero before last one when rendering gradients with cairo. + Write bwrapinfo.json to disk for xdg-desktop-portal. + Fix gamepads detection by correctly handling focused window in GTK4. + Fix several crashes and rendering issues. + Security fixes: CVE-2024-23222, CVE-2024-23206, CVE-2024-23213.- Drop webkit2gtk3-CVE-2024-23222.patch and webkit2gtk3-gstreamer-build-fix.patch: fixed upstream.- Add webkit2gtk3-llint-build-fix.patch: fix the build for non-x86 architectures.
* Wed Jan 24 2024 Michael Gorse - Add webkit2gtk3-CVE-2024-23222.patch: fix a type confusion issue (bsc#1219113 CVE-2024-23222).
* Fri Jan 05 2024 Stefan Brüns - Remove explicit build dependency on libicu-devel. This will pull in the original ICU 65.1 from SLE, while harfbuzz will typically link to to a newer version, i.e. the library will be linked with two different ICU versions at runtime. As harfbuzz already depends on pkgconfig(icu-uc), another explicit dependency is unneeded.
* Sat Dec 16 2023 Michael Gorse - Update to version 2.42.4 (boo#1218032): + Fix incorrect random images incorrectly displayed as backgrounds of
elements. + Fix videos displayed aliased after being resized e.g. in YouTube. + Fix several crashes and rendering issues. + Security fixes: CVE-2023-42883.
* Wed Dec 06 2023 Michael Gorse - Update to version 2.42.3 (boo#1217844): + Fix flickering while playing videos with DMA-BUF sink. + Fix color picker being triggered in the inspector when typing \"tan\". + Do not special case the \"sans\" font family name. + Fix build failure with libxml2 version 2.12.0 due to an API change. + Fix several crashes and rendering issues. + Security fixes: CVE-2023-42916, CVE-2023-42917.
* Fri Nov 17 2023 Michael Gorse - Update to version 2.42.2 (boo#1217210): + Bump Safari version in user agent header. + Fix CSP regression that broke Unity WebGL applications. + Fix the build with GBM disabled. + Fix several crashes and rendering issues. + Security fixes: CVE-2023-41983, CVE-2023-42852.- Add webkit2gtk3-gstreamer-build-fix.patch: fix the build with !ENABLE(MEDIA_STREAM).
* Wed Nov 01 2023 Mike Gorse - Add webkit2gtk3-disable-dmabuf-nvidia.patch: disable DMABuf renderer for NVIDIA proprietary drivers (boo#1216778).
* Mon Oct 23 2023 Mike Gorse - Add webkit2gtk3-create-destroy-egl-image.patch: fix \"No provider of EglDestroyImage Found\" (boo#1216483).
* Mon Oct 09 2023 Michael Gorse - Update to version 2.42.1 (boo#1215661 boo#1215866 boo#1215867 boo#1215868 boo#1215869 boo#1215870 boo#1218033 boo#1222905): + Fix enable-html5-database setting to properly enable/disable IndexedDB API. + Fix the build with GBM disabled. + Fix several crashes and rendering issues. + Security fixes: CVE-2023-41993, CVE-2023-40414. + Changes in version 2.42.0: + New renderer based on DMA-BUF shared buffers. + Add new permission request to handle DOM paste access requests. + Add API to configure experimental features at runtime. + Add API to set the percentage of volume space that can be used for data storage. + GBM is no longer required for WebGL implementation. + Security fixes: CVE-2023-39928, CVE-2023-41074, CVE-2023-32359, CVE-2023-42890, CVE-2014-1745, CVE-2024-23226.- Disable JPEGXL.
* Mon Sep 11 2023 Michael Gorse - Expand lang sub-package in spec file unconditionally to handle previous name change from WebKit2GTK-lang to WebKitGTK-lang. This change affected the automatic generated Requires tag on WebKit2GTK-%{_apiver}, then getting out of sync of what\'s being required and what\'s being provided. Now, any sub-package that was providing WebKit2GTK-%{_apiver} will provide WebKitGTK-%{_apiver} instead (boo#1214835, boo#1214640, boo#1214093).- Require libwaylandclient0 >= 1.20. 15.4 originally had 1.19.0, but webkitgtk uses a function added in 1.20.0, so we need to ensure that the wayland update is pulled in (bsc#1215072).
* Mon Aug 28 2023 Michael Gorse - Provide/obsolete WebKit2GTK-%{_apiver}-lang (bsc#1214093)
* Fri Aug 11 2023 Michael Gorse - Have the lang package provide libwebkit2gtk3-lang (bsc#1214093)
* Fri Aug 04 2023 Michael Gorse - Update to version 2.40.5 (boo#1213905 boo#1213379 boo#1213581 boo#1215230): + Fix several crashes and rendering issues. + Security fixes: CVE-2023-38133, CVE-2023-38572, CVE-2023-38592, CVE-2023-38594, CVE-2023-38595, CVE-2023-38597, CVE-2023-38599,, CVE-2023-38600, CVE-2023-38611, CVE-2023-40397, CVE-2023-39434, CVE-2023-40451. + Changes in version 2.40.3 (boo#1212863): + Make memory pressure monitor honor memory.memsw.usage_in_bytes if exists. + Include key modifiers in wheel events. + Apply cookie blocking policy to WebSocket handshakes. + Remove accidental dependency on GLib 2.70. + Fix the build with BUBBLEWRAP_SANDBOX disabled. + Fix several crashes and rendering issues. + Security fixes: CVE-2023-32439, CVE-2023-32435, CVE-2023-32393, CVE-2023-37450, CVE-2023-28198, CVE-2023-32370, CVE-2023-35074.- Add unifdef BuildRequires: New dependency.- Remove libbrotlidec from BuildRequires. No longer needed.- Drop no-forced-sse.patch: Due to changes in the code, trying to build without SSE2 support fails even with this patch. We are forced to give up on this, SSE2 support is now mandatory for all build targets.- Drop webkit2gtk3-CVE-2023-28204.patch and webkit2gtk3-CVE-2023-32373.patch: fixed upstream.- Disable MEDIA_STREAM. It has been disabled until now, and it\'s better to minimize the amount of gstreamer code that we need to- The gtk 4 api version is now 6.0. The previous 5.0 version was considered by upstream to be an unreleased work in progress and is not used by anything that we ship in SP4.
* Thu Jun 08 2023 Michael Gorse - Add security patches (boo#1211846): + webkit2gtk3-CVE-2023-28204.patch (boo#1211659 CVE-2023-28204) + webkit2gtk3-CVE-2023-32373.patch (boo#1211658 CVE-2023-32373)
* Fri Apr 21 2023 Michael Gorse - Update to version 2.38.6 (boo#1210295 boo#1210731): + Enable the Asynchronous Clipboard API to make certain pages work (e.g. GithHub started recently requiring it). + Support :has() CSS selectors in content filters. + Apply basic font properties as font variation settings. + The Bubblewrap sandbox no longer requires setting an application identifier via GApplication to operate correctly. Using GApplication is still recommended, but optional. + Improvements to the GStreamer multimedia playback, in particular around MSE, WebRTC, and seeking. + Fix the build with journald support enabled when using elogind instead of the systemd libraries. + Fix the build with Link-Time Optimization enabled (-flto=auto). + Fix context menus not working in the remote Web Inspector. + Fix usage of the remote Web Inspector over HTTP. + Fix debug logs not being emitted in release builds. + Fix several crashes and rendering issues. + Security fixes: CVE-2022-0108, CVE-2023-28205, CVE-2022-32885, CVE-2023-27932, CVE-2023-27954.
* Thu Feb 16 2023 Michael Gorse - Update to version 2.38.5 (boo#1208328): + Fix large memory allocation when uploading content. + Fix scrolling after a history navigation with PSON enabled. + Always update the active uri of WebKitFrame. + Fix the build on Ubuntu 20.04. + Fix several crashes and rendering issues. + Security fixes: CVE-2023-23529.- Add webkit2gtk3-gtk4-build-fix.patch: fix the build with gtk 4.6.0.
* Tue Feb 07 2023 Michael Gorse - Update to version 2.38.4 (boo#1207997): + Improve GStreamer multimedia playback across the board with improved codec selection logic, better handling of latency, and improving frame discard to avoid audio/video desynchronizationg, among other fixes. + Disable HLS media playback by default, which makes web sites use MSE instead. If needed WEBKIT_GST_ENABLE_HLS_SUPPORT=1 can be set in the environment to enable it back. + Disable threaded rendering in GTK4 builds by default, as it was causing crashes. + Fix MediaSession API not showing artwork images. + Fix MediaSession MPRIS usage when running inside a Flatpak sandbox. + Fix input element controls to correctly scale when applying a zoom factor different than the default. + Fix leakage of Web processes in certain situations. + Fix the injected bundle not being found when running inside a sandbox. + Fix the build with ENABLE_INTROSPECTION when cross-compiling. + FIx the build with ENABLE_WEBGL disabled. + Fix the build with GStreamer-based WebRTC enabled. + Fix the build with USE_GTK4 enabled. + Fix several crashes and rendering issues. + Security fixes: CVE-2023-23517, CVE-2023-23518, CVE-2022-42826, CVE-2022-32919, CVE-2022-46705, CVE-2022-46725.
* Thu Dec 22 2022 Michael Gorse - Update to version 2.38.3 (boo#1206474 boo#1206750): + Fix runtime critical warnings from media player. + Fix network process crash when fetching website data on ephemeral session. + Fix the build with Ruby 3.2. + Fix several crashes and rendering issues. + Security fixes: CVE-2022-42852, CVE-2022-42856, CVE-2022-42867, CVE-2022-46692, CVE-2022-46698, CVE-2022-46699, CVE-2022-46700.
* Tue Nov 08 2022 Michael Gorse - Update to version 2.38.2 (boo#1205120 boo#1205123 boo#1205124): + Fix scrolling issues in some sites having fixed background. + Fix prolonged buffering during progressive live playback. + Fix the build with accessibility disabled. + Fix several crashes and rendering issues. + Security fixes: CVE-2022-42799, CVE-2022-42823, CVE-2022-42824.- Update no-forced-sse.patch with quilt.- Pass -DENABLE_DOCUMENTATION=OFF to configure, we did not build the API docs in the past, and I see no reason to start now.- Drop pkgconfig(libnotify) BuildRequires: No longer needed, nor used if available.- Pass -DUSE_SYSTEM_MALLOC=ON on all architectures, to work around webkit#243535.
* Tue Nov 08 2022 Michael Gorse - Update to version 2.38.1: + Make xdg-dbus-proxy work if host session bus address is an abstract socket. + Use a single xdg-dbus-proxy process when sandbox is enabled. + Fix high resolution video playback due to unimplemented changeType operation. + Ensure GSubprocess uses posix_spawn() again and inherit file descriptors. + Fix player stucking in buffering (paused) state for progressive streaming. + Do not try to preconnect on link click when link preconnect setting is disabled. + Fix close status code returned when the client closes a WebSocket in some cases. + Fix media player duration calculation. + Fix several crashes and rendering issues. + Security fixes: CVE-2022-46691.
* Tue Nov 08 2022 Michael Gorse - Update to version 2.38.0 boo#1205121 boo#1205122): + New media controls UI style. + Add new API to set WebView’s Content-Security-Policy for web extensions support. + Make it possible to use the remote inspector from other browsers using WEBKIT_INSPECTOR_HTTP_SERVER env var. + MediaSession is enabled by default, allowing remote media control using MPRIS. + Add support for PDF documents using PDF.js. + Security fixes: CVE-2022-32888, CVE-2022-32923, CVE-2022-42863, CVE-2022-48503, CVE-2022-32933, CVE-2023-42833.
* Mon Sep 19 2022 Michael Gorse - Update to version 2.36.8 (boo#1203530): + Fix jumpy elements when scrolling GitLab and other web sites. + Fix WebKitWebView:web-process-terminated signal not being emitted for the first web view when sandboxing is enabled. + Fix hang when opening HTML
 
ICM