Changeset fb6d1550
- Timestamp:
- 04/09/2021 11:06:48 PM (3 years ago)
- Branches:
- 11.0, 11.1, 11.2, 11.3, 12.0, kea, ken/inkscape-core-mods, ken/tuningfonts, lazarus, lxqt, plabs/python-mods, qt5new, renodr/vulkan-addition, trunk, upgradedb, xry111/intltool, xry111/soup3, xry111/test-20220226, xry111/xf86-video-removal
- Children:
- 3ed1498c
- Parents:
- 223a2fa
- Files:
-
- 4 edited
-
general.ent (modified) (2 diffs)
-
introduction/welcome/changelog.xml (modified) (1 diff)
-
packages.ent (modified) (1 diff)
-
x/lib/qtwebengine.xml (modified) (6 diffs)
Legend:
- Unmodified
- Added
- Removed
-
general.ent
r223a2fa rfb6d1550 1 1 <!-- $LastChangedBy$ $Date$ --> 2 2 3 <!ENTITY day "0 8"> <!-- Always 2 digits -->3 <!ENTITY day "09"> <!-- Always 2 digits --> 4 4 <!ENTITY month "04"> <!-- Always 2 digits --> 5 5 <!ENTITY year "2021"> … … 7 7 <!ENTITY copyholder "The BLFS Development Team"> 8 8 <!ENTITY version "&year;-&month;-&day;"> 9 <!ENTITY releasedate "April 8th, &year;">9 <!ENTITY releasedate "April 9th, &year;"> 10 10 <!ENTITY pubdate "&year;-&month;-&day;"> <!-- metadata req. by TLDP --> 11 11 <!ENTITY blfs-version "svn"> <!-- svn|[release #] --> -
introduction/welcome/changelog.xml
r223a2fa rfb6d1550 43 43 --> 44 44 <listitem> 45 <para>April 9th, 2021</para> 46 <itemizedlist> 47 <listitem> 48 <para>[ken] - Update to a qtwebengine snapshot from 2021-04-01 49 (Security Update). Fixes 50 <ulink url="&blfs-ticket-root;14863">#14863</ulink>.</para> 51 </listitem> 52 </itemizedlist> 53 </listitem> 54 55 <listitem> 45 56 <para>April 8th, 2021</para> 46 57 <itemizedlist> -
packages.ent
r223a2fa rfb6d1550 765 765 <!ENTITY pangomm-version "2.46.0"> 766 766 <!ENTITY qt5-version "5.15.2"> 767 <!ENTITY qtwebengine-version " 5.15.3">767 <!ENTITY qtwebengine-version "20210401"> 768 768 <!ENTITY qtwebkit-version "5.9.0"> 769 769 <!ENTITY qscintilla-version "2.10.4"> -
x/lib/qtwebengine.xml
r223a2fa rfb6d1550 11 11 <!ENTITY qtwebengine-download-http "&sources-anduin-http;/qtwebengine/qtwebengine-&qtwebengine-version;.tar.xz"> 12 12 <!ENTITY qtwebengine-download-ftp " "> 13 <!ENTITY qtwebengine-md5sum " 838d5d4ef9d1e5b82a41bff6f830e4a4">13 <!ENTITY qtwebengine-md5sum "97ee413dccf03d2fc09a7718f39367f7"> 14 14 <!ENTITY qtwebengine-size "306 MB"> 15 15 <!ENTITY qtwebengine-buildsize "5.1 GB (154 MB installed)"> … … 73 73 <para> 74 74 It seems likely that future 5.15-series versions will also be released 75 long after the chromium vulnerabilities are known. 75 long after the chromium vulnerabilities are known, but fixes for 76 QtWebEngine can be found in git and the editors take the view that 77 known vulnerabilities in browsers should be fixed. 76 78 </para> 77 79 78 80 <para> <!-- for git versions --> 79 81 The tarball linked to below was created from the 5.15 git branch 80 at https://code.qt.io/cgit/qt/qtwebengine.git commit 029771bcd254 81 just before the version there was rolled on for 5.15.4, 82 <!-- the DTS doesn't let me put a url in a para --> 83 <!--ulink url="https://code.qt.io/cgit/qt/qtwebengine.git/commit/?h=5.15&id=029771bcd254"/>code.qt.io/cgit/qt/qtwebengine.git</ulink>--> 84 with the chromium submodule using the 87-branch at revision 7c8217b36a95. 82 and the 87-branch of the chromium submodule (which is forked from 83 chromium). See the GIT-VERSIONS file in the tarball for details of 84 the latest commits. 85 85 </para> 86 86 </warning> … … 102 102 git branch -r 103 103 The required branch is likely to be 87-branch unless there is a newer one 104 mentioned in the 5.15 cgit web page (below). 104 105 git checkout origin/87-branch (or whatever) 105 106 Use git log or git tk to look at its HEAD and check it seems appropriate. 107 108 To decide when it might be worth creating a new tarball, periodically keep 109 an eye on https://code.qt.io/cgit/qt/qtwebengine.git/ (currently, the 5.15 110 branch, 5.15.4 might get used later). The interesting items are CVE fixes 111 for known chromium vulnerabilities, as well as numbered Security bugs - 112 again, these relate to chromium. 113 114 When I noticed some updates in late March I was searching for one of the 115 CVEs mentioned, and google found a link to a review page for Michael Brüning 116 at https://codereview.qt.nokia.com/q/owner:michael.bruning%2540qt.io. At that 117 time I could see various unmerged items, so I waited. The items for the 118 69-based chromium module are not relevant to 5.15 (possibly they will 119 eventually update 5.12). Review queues for other Qt employees might be found 120 in a similar way, but remember that everythng EXCEPT qtwebengine and chromium 121 is private to Qt until they choose to release it. 122 123 After merging the contents of the qtwebengine and src/3rdparty git extracts, 124 in the top level please create a GIT-VERSIONS file summarising the HEAD 125 commits of both parts, as a reminder of where we are up to. 106 126 107 127 Now create tarballs - 'git archive' does not work across submodule boundaries, … … 111 131 tarball, go down to src/3rdparty and untar the submodule tarball. 112 132 Decide on what to call the result and create a full xz tarball using tar -cJf. 113 -->133 end of note for editors --> 114 134 115 135 &lfs101_checked; … … 177 197 that the tarball names names differ 178 198 <ulink url="&patch-root;/qtwebengine-everywhere-src-&qtwebengine-version;-ICU68-2.patch"/> --> 179 <ulink url="&patch-root;/qtwebengine-&qtwebengine-version;-build_fixes- 2.patch"/>199 <ulink url="&patch-root;/qtwebengine-&qtwebengine-version;-build_fixes-1.patch"/> 180 200 </para> 181 201 </listitem> … … 253 273 </para> 254 274 255 <screen><userinput remap="pre">patch -Np1 -i ../qtwebengine-&qtwebengine-version;-build_fixes- 2.patch</userinput></screen>275 <screen><userinput remap="pre">patch -Np1 -i ../qtwebengine-&qtwebengine-version;-build_fixes-1.patch</userinput></screen> 256 276 257 277 <!-- start of commands for git versions only -->
Note:
See TracChangeset
for help on using the changeset viewer.
