1 |
commit: 699d560d397993025482777d1ddd3e403859d437 |
2 |
Author: Mart Raudsepp <leio <AT> gentoo <DOT> org> |
3 |
AuthorDate: Fri May 26 21:40:39 2017 +0000 |
4 |
Commit: Mart Raudsepp <leio <AT> gentoo <DOT> org> |
5 |
CommitDate: Fri May 26 21:41:26 2017 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=699d560d |
7 |
|
8 |
net-libs/webkit-gtk: bump to 2.16.3; includes 3 security bug fixes |
9 |
|
10 |
Security fixes: CVE-2017-2496, CVE-2017-2539, CVE-2017-2510. |
11 |
Also other bug fixes. |
12 |
|
13 |
net-libs/webkit-gtk/Manifest | 1 + |
14 |
net-libs/webkit-gtk/webkit-gtk-2.16.3.ebuild | 287 +++++++++++++++++++++++++++ |
15 |
2 files changed, 288 insertions(+) |
16 |
|
17 |
diff --git a/net-libs/webkit-gtk/Manifest b/net-libs/webkit-gtk/Manifest |
18 |
index 78070c61914..50f03771242 100644 |
19 |
--- a/net-libs/webkit-gtk/Manifest |
20 |
+++ b/net-libs/webkit-gtk/Manifest |
21 |
@@ -1,2 +1,3 @@ |
22 |
DIST webkitgtk-2.16.2.tar.xz 14650116 SHA256 5ef689a202eb2b71141efbe8b7b53288adced90790f9f08df6e0a2ec1809f252 SHA512 0bd16f663dffd41d713a53e2186576c4a7c42e7f872605a1688c80e8b55408b5f96f1274a1fe24624b4974240e901df5b11d1ff27a03fa2d9950575f1260abc8 WHIRLPOOL 7268820bdee088eb639e4453c683e8f6b13e7cc7093f8d4148b3911aa7ea7807291ca443b18c885de4a9a838cd80ba9247f728d1cd8106b373b4c568a918a16b |
23 |
+DIST webkitgtk-2.16.3.tar.xz 14652068 SHA256 204e9131da0101b9bc8765716e70a897121af04b964d9827cd9f20816a77b512 SHA512 551367551ed1bceaf9c70269f229e97972706820c6ae2d4444bc6d8b0992d6de34a156f9c245813c1f1701ce54f5476a44512590acfa6cfd6e67663d94caa91e WHIRLPOOL bac846be9d5f7b0a4c08b201d338bed6b84e65bdb105f2689350e02e0f0011944f5e23961e9411f712040c26a5313ef9bb4e30dda2cb19216c8e8d665ab0550f |
24 |
DIST webkitgtk-2.4.11.tar.xz 9869100 SHA256 588aea051bfbacced27fdfe0335a957dca839ebe36aa548df39c7bbafdb65bf7 SHA512 2e2cf01a52b8593765a0a3c2d7f0ad306121660019eb402226bd2826c7d4666dab4e91ca6ccbd29abe0ad3993549f256ed1ab88de22e9c8516d5f40a4edd6bfb WHIRLPOOL de86c4abfb22aacbf62163d0398158931c9cf6ab628547d3b30e613f0505d67c85c3200f7db96500e7c2b35f640cdaa7f501346fc13f492c9439dff4056849a3 |
25 |
|
26 |
diff --git a/net-libs/webkit-gtk/webkit-gtk-2.16.3.ebuild b/net-libs/webkit-gtk/webkit-gtk-2.16.3.ebuild |
27 |
new file mode 100644 |
28 |
index 00000000000..0822ac55bab |
29 |
--- /dev/null |
30 |
+++ b/net-libs/webkit-gtk/webkit-gtk-2.16.3.ebuild |
31 |
@@ -0,0 +1,287 @@ |
32 |
+# Copyright 1999-2017 Gentoo Foundation |
33 |
+# Distributed under the terms of the GNU General Public License v2 |
34 |
+ |
35 |
+EAPI=6 |
36 |
+CMAKE_MAKEFILE_GENERATOR="ninja" |
37 |
+PYTHON_COMPAT=( python2_7 ) |
38 |
+USE_RUBY="ruby21 ruby22 ruby23 ruby24" |
39 |
+ |
40 |
+inherit check-reqs cmake-utils eutils flag-o-matic gnome2 pax-utils python-any-r1 ruby-single toolchain-funcs versionator virtualx |
41 |
+ |
42 |
+MY_P="webkitgtk-${PV}" |
43 |
+DESCRIPTION="Open source web browser engine" |
44 |
+HOMEPAGE="http://www.webkitgtk.org/" |
45 |
+SRC_URI="http://www.webkitgtk.org/releases/${MY_P}.tar.xz" |
46 |
+ |
47 |
+LICENSE="LGPL-2+ BSD" |
48 |
+SLOT="4/37" # soname version of libwebkit2gtk-4.0 |
49 |
+KEYWORDS="~alpha ~amd64 ~arm ~ia64 ~ppc ~ppc64 ~sparc ~x86 ~amd64-fbsd ~x86-fbsd ~amd64-linux ~x86-linux ~x86-macos" |
50 |
+ |
51 |
+IUSE="aqua coverage doc +egl +geolocation gles2 gnome-keyring +gstreamer +introspection +jit libnotify nsplugin +opengl spell wayland +webgl X" |
52 |
+ |
53 |
+# webgl needs gstreamer, bug #560612 |
54 |
+REQUIRED_USE=" |
55 |
+ geolocation? ( introspection ) |
56 |
+ gles2? ( egl ) |
57 |
+ introspection? ( gstreamer ) |
58 |
+ nsplugin? ( X ) |
59 |
+ webgl? ( ^^ ( gles2 opengl ) ) |
60 |
+ !webgl? ( ?? ( gles2 opengl ) ) |
61 |
+ webgl? ( gstreamer ) |
62 |
+ wayland? ( egl ) |
63 |
+ || ( aqua wayland X ) |
64 |
+" |
65 |
+ |
66 |
+# Tests fail to link for inexplicable reasons |
67 |
+# https://bugs.webkit.org/show_bug.cgi?id=148210 |
68 |
+RESTRICT="test" |
69 |
+ |
70 |
+# use sqlite, svg by default |
71 |
+# Aqua support in gtk3 is untested |
72 |
+# Dependencies found at Source/cmake/OptionsGTK.cmake |
73 |
+RDEPEND=" |
74 |
+ dev-db/sqlite:3= |
75 |
+ >=dev-libs/glib-2.36:2 |
76 |
+ dev-libs/hyphen |
77 |
+ >=dev-libs/icu-3.8.1-r1:= |
78 |
+ >=dev-libs/libxml2-2.8:2 |
79 |
+ >=dev-libs/libxslt-1.1.7 |
80 |
+ >=media-libs/fontconfig-2.8:1.0 |
81 |
+ >=media-libs/freetype-2.4.2:2 |
82 |
+ >=media-libs/harfbuzz-1.3.3:=[icu(+)] |
83 |
+ >=media-libs/libpng-1.4:0= |
84 |
+ media-libs/libwebp:= |
85 |
+ dev-libs/libgcrypt:0= |
86 |
+ >=net-libs/libsoup-2.42:2.4[introspection?] |
87 |
+ >=x11-libs/cairo-1.10.2:= |
88 |
+ >=x11-libs/gtk+-3.14:3[introspection?] |
89 |
+ >=x11-libs/pango-1.30.0 |
90 |
+ virtual/jpeg:0= |
91 |
+ |
92 |
+ aqua? ( >=x11-libs/gtk+-3.14:3[aqua] ) |
93 |
+ egl? ( media-libs/mesa[egl] ) |
94 |
+ geolocation? ( >=app-misc/geoclue-2.1.5:2.0 ) |
95 |
+ gles2? ( media-libs/mesa[gles2] ) |
96 |
+ gnome-keyring? ( app-crypt/libsecret ) |
97 |
+ gstreamer? ( |
98 |
+ >=media-libs/gstreamer-1.2.3:1.0 |
99 |
+ >=media-libs/gst-plugins-base-1.2.3:1.0 |
100 |
+ >=media-libs/gst-plugins-bad-1.8:1.0[opengl?] ) |
101 |
+ introspection? ( >=dev-libs/gobject-introspection-1.32.0:= ) |
102 |
+ libnotify? ( x11-libs/libnotify ) |
103 |
+ nsplugin? ( >=x11-libs/gtk+-2.24.10:2 ) |
104 |
+ opengl? ( virtual/opengl |
105 |
+ x11-libs/cairo[opengl] ) |
106 |
+ spell? ( >=app-text/enchant-0.22:= ) |
107 |
+ wayland? ( >=x11-libs/gtk+-3.14:3[wayland] ) |
108 |
+ webgl? ( |
109 |
+ x11-libs/cairo[opengl] |
110 |
+ x11-libs/libXcomposite |
111 |
+ x11-libs/libXdamage ) |
112 |
+ X? ( |
113 |
+ x11-libs/cairo[X] |
114 |
+ >=x11-libs/gtk+-3.14:3[X] |
115 |
+ x11-libs/libX11 |
116 |
+ x11-libs/libXcomposite |
117 |
+ x11-libs/libXrender |
118 |
+ x11-libs/libXt ) |
119 |
+" |
120 |
+ |
121 |
+# paxctl needed for bug #407085 |
122 |
+# Need real bison, not yacc |
123 |
+DEPEND="${RDEPEND} |
124 |
+ ${PYTHON_DEPS} |
125 |
+ ${RUBY_DEPS} |
126 |
+ >=dev-lang/perl-5.10 |
127 |
+ >=app-accessibility/at-spi2-core-2.5.3 |
128 |
+ >=dev-libs/atk-2.8.0 |
129 |
+ >=dev-util/gtk-doc-am-1.10 |
130 |
+ >=dev-util/gperf-3.0.1 |
131 |
+ >=sys-devel/bison-2.4.3 |
132 |
+ || ( >=sys-devel/gcc-4.9 >=sys-devel/clang-3.3 ) |
133 |
+ sys-devel/gettext |
134 |
+ virtual/pkgconfig |
135 |
+ |
136 |
+ dev-lang/perl |
137 |
+ virtual/perl-Data-Dumper |
138 |
+ virtual/perl-Carp |
139 |
+ |
140 |
+ doc? ( >=dev-util/gtk-doc-1.10 ) |
141 |
+ geolocation? ( dev-util/gdbus-codegen ) |
142 |
+ introspection? ( jit? ( sys-apps/paxctl ) ) |
143 |
+ test? ( |
144 |
+ dev-lang/python:2.7 |
145 |
+ dev-python/pygobject:3[python_targets_python2_7] |
146 |
+ x11-themes/hicolor-icon-theme |
147 |
+ jit? ( sys-apps/paxctl ) ) |
148 |
+" |
149 |
+ |
150 |
+S="${WORKDIR}/${MY_P}" |
151 |
+ |
152 |
+CHECKREQS_DISK_BUILD="18G" # and even this might not be enough, bug #417307 |
153 |
+ |
154 |
+PATCHES=( |
155 |
+ # https://bugs.gentoo.org/show_bug.cgi?id=555504 |
156 |
+ "${FILESDIR}"/${PN}-2.8.5-fix-ia64-build.patch |
157 |
+ |
158 |
+ # https://bugs.gentoo.org/show_bug.cgi?id=564352 |
159 |
+ # https://bugs.webkit.org/show_bug.cgi?id=167283 |
160 |
+ "${FILESDIR}"/${PN}-2.8.5-fix-alpha-build.patch |
161 |
+) |
162 |
+ |
163 |
+pkg_pretend() { |
164 |
+ if [[ ${MERGE_TYPE} != "binary" ]] ; then |
165 |
+ if is-flagq "-g*" && ! is-flagq "-g*0" ; then |
166 |
+ einfo "Checking for sufficient disk space to build ${PN} with debugging CFLAGS" |
167 |
+ check-reqs_pkg_pretend |
168 |
+ fi |
169 |
+ |
170 |
+ if ! test-flag-CXX -std=c++11 ; then |
171 |
+ die "You need at least GCC 4.9.x or Clang >= 3.3 for C++11-specific compiler flags" |
172 |
+ fi |
173 |
+ |
174 |
+ if tc-is-gcc && [[ $(gcc-version) < 4.9 ]] ; then |
175 |
+ die 'The active compiler needs to be gcc 4.9 (or newer)' |
176 |
+ fi |
177 |
+ fi |
178 |
+} |
179 |
+ |
180 |
+pkg_setup() { |
181 |
+ if [[ ${MERGE_TYPE} != "binary" ]] && is-flagq "-g*" && ! is-flagq "-g*0" ; then |
182 |
+ check-reqs_pkg_setup |
183 |
+ fi |
184 |
+ |
185 |
+ python-any-r1_pkg_setup |
186 |
+} |
187 |
+ |
188 |
+src_configure() { |
189 |
+ # Respect CC, otherwise fails on prefix #395875 |
190 |
+ tc-export CC |
191 |
+ |
192 |
+ # Arches without JIT support also need this to really disable it in all places |
193 |
+ use jit || append-cppflags -DENABLE_JIT=0 -DENABLE_YARR_JIT=0 -DENABLE_ASSEMBLER=0 |
194 |
+ |
195 |
+ # It does not compile on alpha without this in LDFLAGS |
196 |
+ # https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=648761 |
197 |
+ use alpha && append-ldflags "-Wl,--no-relax" |
198 |
+ |
199 |
+ # ld segfaults on ia64 with LDFLAGS --as-needed, bug #555504 |
200 |
+ use ia64 && append-ldflags "-Wl,--no-as-needed" |
201 |
+ |
202 |
+ # Sigbuses on SPARC with mcpu and co., bug #??? |
203 |
+ use sparc && filter-flags "-mvis" |
204 |
+ |
205 |
+ # https://bugs.webkit.org/show_bug.cgi?id=42070 , #301634 |
206 |
+ use ppc64 && append-flags "-mminimal-toc" |
207 |
+ |
208 |
+ # Try to use less memory, bug #469942 (see Fedora .spec for reference) |
209 |
+ # --no-keep-memory doesn't work on ia64, bug #502492 |
210 |
+ if ! use ia64; then |
211 |
+ append-ldflags "-Wl,--no-keep-memory" |
212 |
+ fi |
213 |
+ |
214 |
+ # We try to use gold when possible for this package |
215 |
+# if ! tc-ld-is-gold ; then |
216 |
+# append-ldflags "-Wl,--reduce-memory-overheads" |
217 |
+# fi |
218 |
+ |
219 |
+ # older glibc needs this for INTPTR_MAX, bug #533976 |
220 |
+ if has_version "<sys-libs/glibc-2.18" ; then |
221 |
+ append-cppflags "-D__STDC_LIMIT_MACROS" |
222 |
+ fi |
223 |
+ |
224 |
+ # Multiple rendering bugs on youtube, github, etc without this, bug #547224 |
225 |
+ append-flags $(test-flags -fno-strict-aliasing) |
226 |
+ |
227 |
+ local ruby_interpreter="" |
228 |
+ |
229 |
+ if has_version "virtual/rubygems[ruby_targets_ruby24]"; then |
230 |
+ ruby_interpreter="-DRUBY_EXECUTABLE=$(type -P ruby24)" |
231 |
+ elif has_version "virtual/rubygems[ruby_targets_ruby23]"; then |
232 |
+ ruby_interpreter="-DRUBY_EXECUTABLE=$(type -P ruby23)" |
233 |
+ elif has_version "virtual/rubygems[ruby_targets_ruby22]"; then |
234 |
+ ruby_interpreter="-DRUBY_EXECUTABLE=$(type -P ruby22)" |
235 |
+ else |
236 |
+ ruby_interpreter="-DRUBY_EXECUTABLE=$(type -P ruby21)" |
237 |
+ fi |
238 |
+ |
239 |
+ # TODO: Check Web Audio support |
240 |
+ # should somehow let user select between them? |
241 |
+ # |
242 |
+ # FTL_JIT requires llvm |
243 |
+ # |
244 |
+ # opengl needs to be explicetly handled, bug #576634 |
245 |
+ |
246 |
+ local opengl_enabled |
247 |
+ if use opengl || use gles2; then |
248 |
+ opengl_enabled=ON |
249 |
+ else |
250 |
+ opengl_enabled=OFF |
251 |
+ fi |
252 |
+ |
253 |
+ # support for webgl (aka 2d-canvas accelerating) |
254 |
+ local canvas_enabled |
255 |
+ if use webgl && ! use gles2 ; then |
256 |
+ canvas_enabled=ON |
257 |
+ else |
258 |
+ canvas_enabled=OFF |
259 |
+ fi |
260 |
+ |
261 |
+ local mycmakeargs=( |
262 |
+ -DENABLE_QUARTZ_TARGET=$(usex aqua) |
263 |
+ -DENABLE_API_TESTS=$(usex test) |
264 |
+ -DENABLE_GTKDOC=$(usex doc) |
265 |
+ -DENABLE_GEOLOCATION=$(usex geolocation) |
266 |
+ $(cmake-utils_use_find_package gles2 OpenGLES2) |
267 |
+ -DENABLE_GLES2=$(usex gles2) |
268 |
+ -DENABLE_VIDEO=$(usex gstreamer) |
269 |
+ -DENABLE_WEB_AUDIO=$(usex gstreamer) |
270 |
+ -DENABLE_INTROSPECTION=$(usex introspection) |
271 |
+ -DENABLE_JIT=$(usex jit) |
272 |
+ -DUSE_LIBNOTIFY=$(usex libnotify) |
273 |
+ -DUSE_LIBSECRET=$(usex gnome-keyring) |
274 |
+ -DENABLE_PLUGIN_PROCESS_GTK2=$(usex nsplugin) |
275 |
+ -DENABLE_SPELLCHECK=$(usex spell) |
276 |
+ -DENABLE_WAYLAND_TARGET=$(usex wayland) |
277 |
+ -DENABLE_WEBGL=$(usex webgl) |
278 |
+ $(cmake-utils_use_find_package egl EGL) |
279 |
+ $(cmake-utils_use_find_package opengl OpenGL) |
280 |
+ -DENABLE_X11_TARGET=$(usex X) |
281 |
+ -DENABLE_OPENGL=${opengl_enabled} |
282 |
+ -DENABLE_ACCELERATED_2D_CANVAS=${canvas_enabled} |
283 |
+ -DCMAKE_BUILD_TYPE=Release |
284 |
+ -DPORT=GTK |
285 |
+ ${ruby_interpreter} |
286 |
+ ) |
287 |
+ |
288 |
+ # Allow it to use GOLD when possible as it has all the magic to |
289 |
+ # detect when to use it and using gold for this concrete package has |
290 |
+ # multiple advantages and is also the upstream default, bug #585788 |
291 |
+# if tc-ld-is-gold ; then |
292 |
+# mycmakeargs+=( -DUSE_LD_GOLD=ON ) |
293 |
+# else |
294 |
+# mycmakeargs+=( -DUSE_LD_GOLD=OFF ) |
295 |
+# fi |
296 |
+ |
297 |
+ cmake-utils_src_configure |
298 |
+} |
299 |
+ |
300 |
+src_compile() { |
301 |
+ cmake-utils_src_compile |
302 |
+} |
303 |
+ |
304 |
+src_test() { |
305 |
+ # Prevents test failures on PaX systems |
306 |
+ use jit && pax-mark m $(list-paxables Programs/*[Tt]ests/*) # Programs/unittests/.libs/test* |
307 |
+ |
308 |
+ cmake-utils_src_test |
309 |
+} |
310 |
+ |
311 |
+src_install() { |
312 |
+ cmake-utils_src_install |
313 |
+ |
314 |
+ # Prevents crashes on PaX systems, bug #522808 |
315 |
+ use jit && pax-mark m "${ED}usr/bin/jsc" "${ED}usr/libexec/webkit2gtk-4.0/WebKitWebProcess" |
316 |
+ pax-mark m "${ED}usr/libexec/webkit2gtk-4.0/WebKitPluginProcess" |
317 |
+ use nsplugin && pax-mark m "${ED}usr/libexec/webkit2gtk-4.0/WebKitPluginProcess"2 |
318 |
+} |