Changeset fb6d1550


Ignore:
Timestamp:
04/09/2021 11:06:48 PM (4 months ago)
Author:
Ken Moffat <ken@…>
Branches:
trunk, xry111/git-date, xry111/git-date-for-trunk, xry111/git-date-test
Children:
3ed1498
Parents:
223a2fa
Message:

Update QtWebEngine to a snapshot from 2021-04-01
(security update).

git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@24457 af4574ff-66df-0310-9fd7-8a98e5e911e0

Files:
4 edited

Legend:

Unmodified
Added
Removed
  • general.ent

    r223a2fa rfb6d1550  
    11<!-- $LastChangedBy$ $Date$ -->
    22
    3 <!ENTITY day          "08">                   <!-- Always 2 digits -->
     3<!ENTITY day          "09">                   <!-- Always 2 digits -->
    44<!ENTITY month        "04">                   <!-- Always 2 digits -->
    55<!ENTITY year         "2021">
     
    77<!ENTITY copyholder   "The BLFS Development Team">
    88<!ENTITY version      "&year;-&month;-&day;">
    9 <!ENTITY releasedate  "April 8th, &year;">
     9<!ENTITY releasedate  "April 9th, &year;">
    1010<!ENTITY pubdate      "&year;-&month;-&day;"> <!-- metadata req. by TLDP -->
    1111<!ENTITY blfs-version "svn">                  <!-- svn|[release #] -->
  • introduction/welcome/changelog.xml

    r223a2fa rfb6d1550  
    4343    -->
    4444    <listitem>
     45      <para>April 9th, 2021</para>
     46      <itemizedlist>
     47        <listitem>
     48          <para>[ken] - Update to a qtwebengine snapshot from 2021-04-01
     49          (Security Update). Fixes
     50          <ulink url="&blfs-ticket-root;14863">#14863</ulink>.</para>
     51        </listitem>
     52      </itemizedlist>
     53    </listitem>
     54
     55    <listitem>
    4556      <para>April 8th, 2021</para>
    4657      <itemizedlist>
  • packages.ent

    r223a2fa rfb6d1550  
    765765<!ENTITY pangomm-version              "2.46.0">
    766766<!ENTITY qt5-version                  "5.15.2">
    767 <!ENTITY qtwebengine-version          "5.15.3">
     767<!ENTITY qtwebengine-version          "20210401">
    768768<!ENTITY qtwebkit-version             "5.9.0">
    769769<!ENTITY qscintilla-version           "2.10.4">
  • x/lib/qtwebengine.xml

    r223a2fa rfb6d1550  
    1111  <!ENTITY qtwebengine-download-http "&sources-anduin-http;/qtwebengine/qtwebengine-&qtwebengine-version;.tar.xz">
    1212  <!ENTITY qtwebengine-download-ftp  " ">
    13   <!ENTITY qtwebengine-md5sum        "838d5d4ef9d1e5b82a41bff6f830e4a4">
     13  <!ENTITY qtwebengine-md5sum        "97ee413dccf03d2fc09a7718f39367f7">
    1414  <!ENTITY qtwebengine-size          "306 MB">
    1515  <!ENTITY qtwebengine-buildsize     "5.1 GB (154 MB installed)">
     
    7373      <para>
    7474        It seems likely that future 5.15-series versions will also be released
    75         long after the chromium vulnerabilities are known.
     75        long after the chromium vulnerabilities are known, but fixes for
     76        QtWebEngine can be found in git and the editors take the view that
     77        known vulnerabilities in browsers should be fixed.
    7678      </para>
    7779
    7880      <para> <!-- for git versions -->
    7981        The tarball linked to below was created from the 5.15 git branch
    80         at https://code.qt.io/cgit/qt/qtwebengine.git commit 029771bcd254
    81         just before the version there was rolled on for 5.15.4,
    82         <!-- the DTS doesn't let me put a url in a para -->
    83         <!--ulink url="https://code.qt.io/cgit/qt/qtwebengine.git/commit/?h=5.15&amp;id=029771bcd254"/>code.qt.io/cgit/qt/qtwebengine.git</ulink>-->
    84         with the chromium submodule using the 87-branch at revision 7c8217b36a95.
     82        and the 87-branch of the chromium submodule (which is forked from
     83        chromium). See the GIT-VERSIONS file in the tarball for details of
     84        the latest commits.
    8585      </para>
    8686    </warning>
     
    102102      git branch -r
    103103       The required branch is likely to be 87-branch unless there is a newer one
     104      mentioned in the 5.15 cgit web page (below).
    104105      git checkout origin/87-branch (or whatever)
    105106       Use git log or git tk to look at its HEAD and check it seems appropriate.
     107
     108      To decide when it might be worth creating a new tarball, periodically keep
     109      an eye on https://code.qt.io/cgit/qt/qtwebengine.git/ (currently, the 5.15
     110      branch, 5.15.4 might get used later). The interesting items are CVE fixes
     111      for known chromium vulnerabilities, as well as numbered Security bugs -
     112      again, these relate to chromium.
     113
     114      When I noticed some updates in late March I was searching for one of the
     115      CVEs mentioned, and google found a link to a review page for Michael Brüning
     116      at https://codereview.qt.nokia.com/q/owner:michael.bruning%2540qt.io. At that
     117      time I could see various unmerged items, so I waited. The items for the
     118      69-based chromium module are not relevant to 5.15 (possibly they will
     119      eventually update 5.12). Review queues for other Qt employees might be found
     120      in a similar way, but remember that everythng EXCEPT qtwebengine and chromium
     121      is private to Qt until they choose to release it.
     122
     123      After merging the contents of the qtwebengine and src/3rdparty git extracts,
     124      in the top level please create a GIT-VERSIONS file summarising the HEAD
     125      commits of both parts, as a reminder of where we are up to.
    106126
    107127      Now create tarballs - 'git archive' does not work across submodule boundaries,
     
    111131      tarball, go down to src/3rdparty and untar the submodule tarball.
    112132      Decide on what to call the result and create a full xz tarball using tar -cJf.
    113      -->
     133         end of note for editors -->
    114134
    115135    &lfs101_checked;
     
    177197               that the tarball names names differ
    178198          <ulink url="&patch-root;/qtwebengine-everywhere-src-&qtwebengine-version;-ICU68-2.patch"/> -->
    179           <ulink url="&patch-root;/qtwebengine-&qtwebengine-version;-build_fixes-2.patch"/>
     199          <ulink url="&patch-root;/qtwebengine-&qtwebengine-version;-build_fixes-1.patch"/>
    180200        </para>
    181201      </listitem>
     
    253273    </para>
    254274
    255 <screen><userinput remap="pre">patch -Np1 -i ../qtwebengine-&qtwebengine-version;-build_fixes-2.patch</userinput></screen>
     275<screen><userinput remap="pre">patch -Np1 -i ../qtwebengine-&qtwebengine-version;-build_fixes-1.patch</userinput></screen>
    256276
    257277<!-- start of commands for git versions only -->
Note: See TracChangeset for help on using the changeset viewer.