./www/webkit-gtk, GTK port of the WebKit browser engine

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: pkgsrc-2018Q4, Version: 2.22.6nb1, Package name: webkit-gtk-2.22.6nb1, Maintainer: pkgsrc-users

WebKit is an open source web browser engine. WebKit is also the name of
the Mac OS X system framework version of the engine that's used by
Safari, Dashboard, Mail, and many other OS X applications. WebKit's HTML
and JavaScript code began as a branch of the KHTML and KJS libraries
from KDE.

This is the GTK port of the engine.


Required to run:
[devel/glib2] [devel/pango] [multimedia/gst-plugins1-base] [multimedia/gstreamer1] [net/libsoup] [fonts/woff2] [graphics/png] [graphics/jpeg] [graphics/libwebp] [graphics/cairo-gobject] [graphics/freetype2] [security/gnutls] [security/libsecret] [textproc/enchant2] [textproc/icu] [textproc/libxslt] [sysutils/libnotify] [x11/libXdamage] [x11/gtk2] [x11/gtk3]

Required to build:
[devel/gobject-introspection] [devel/gperf] [lang/python27] [lang/gcc6] [pkgtools/cwrappers] [pkgtools/x11-links] [x11/xcb-proto] [x11/xorgproto] [x11/fixesproto4]

Package options: enchant, introspection, opengl, webkit-jit

Master sites:

SHA1: 26a8f8951da03aa4dfc2c25257b6899ea3c2558f
RMD160: 4ddd00a0eed1e8122a71e070f1f6f5f49f59ca75
Filesize: 16380.563 KB

Version history: (Expand)

CVS history: (Expand)


   2019-03-06 14:43:24 by Benny Siegert | Files touched by this commit (4) 
Log message:
Pullup ticket #5916 - requested by maya
www/webkit-gtk: security fix (remote code execution)

Revisions pulled up:
- www/webkit-gtk/Makefile                                       1.156-1.157
- www/webkit-gtk/PLIST                                          1.46
- www/webkit-gtk/distinfo                                       1.115-1.116
- www/webkit-gtk/patches/patch-Source_JavaScriptCore_dfg_DFGDoesGC.cpp 1.1

---
   Module Name:    pkgsrc
   Committed By:   leot
   Date:           Sat Feb  9 11:29:45 UTC 2019

   Modified Files:
           pkgsrc/www/webkit-gtk: Makefile PLIST distinfo

   Log message:
   webkit-gtk: Update to 2.22.6

   pkgsrc changes:
    - Set USE_GCC_RUNTIME to depends on gcc6-libs when pkgsrc gcc is used
      (XXX: Not tested and not clear if currently mk/compiler/gcc.mk DTRT
       XXX: regarding (if not, that's probably why firefox/mozilla-common.mk
       XXX: abuses USE_PKGSRC_GCC_RUNTIME!))

   Changes:
   WebKitGTK+ 2.22.6
   =================
    - Make kinetic scrolling slow down smoothly when reaching the ends of
      pages, instead of abruptly, to better match the GTK+ behaviour.
    - Fix Web inspector magnifier under Wayland.
    - Fix garbled rendering of some websites (e.g. YouTube) while scrolling
      under X11.
    - Fix several crashes, race conditions, and rendering issues.

---
   Module Name:	pkgsrc
   Committed By:	maya
   Date:		Thu Feb 21 18:52:15 UTC 2019

   Modified Files:
   	pkgsrc/www/webkit-gtk: Makefile distinfo
   Added Files:
   	pkgsrc/www/webkit-gtk/patches:
   	    patch-Source_JavaScriptCore_dfg_DFGDoesGC.cpp

   Log message:
   webkit-gtk: backport upstream patch. security fix.

   Subject: [PATCH] Fix DFG doesGC() for CompareEq/Less/LessEq/Greater/GreaterEq
    and CompareStrictEq nodes. https://bugs.webkit.org/show_bug.cgi?id=194800
    <rdar://problem/48183773>

   Reviewed by Yusuke Suzuki.

   Fix doesGC() for the following nodes:

       CompareEq:
       CompareLess:
       CompareLessEq:
       CompareGreater:
       CompareGreaterEq:
       CompareStrictEq:
           Only return false (i.e. does not GC) for child node use kinds that have
           been vetted to not do anything that can GC.  For all other use kinds
           (including StringUse and BigIntUse), we return true (i.e. does GC).

   * dfg/DFGDoesGC.cpp:
   (JSC::DFG::doesGC):

   This was published alongside with exploit code claiming it is remote
   code execution, but I don't understand what the exploit is doing.

   bump PKGREVISION