summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMart Raudsepp <leio@gentoo.org>2018-08-17 00:15:32 +0300
committerMart Raudsepp <leio@gentoo.org>2018-08-17 00:32:30 +0300
commitd9aaff9f75c2d90539b4891c3de7619f8f3891a0 (patch)
treeaf2f923cb44a81951565476dc2c7c0ff20ab483b
parentnet-libs/webkit-gtk: roll ~amd64-fbsd keyword forward for security (diff)
downloadgentoo-d9aaff9f75c2d90539b4891c3de7619f8f3891a0.tar.gz
gentoo-d9aaff9f75c2d90539b4891c3de7619f8f3891a0.tar.bz2
gentoo-d9aaff9f75c2d90539b4891c3de7619f8f3891a0.zip
net-libs/webkit-gtk: security cleanup
Bug: https://bugs.gentoo.org/658168 Package-Manager: Portage-2.3.46, Repoman-2.3.10
-rw-r--r--net-libs/webkit-gtk/Manifest1
-rw-r--r--net-libs/webkit-gtk/files/2.20.3-jsc-build-fixes.patch14
-rw-r--r--net-libs/webkit-gtk/files/webkit-gtk-2.8.5-fix-ia64-build.patch21
-rw-r--r--net-libs/webkit-gtk/webkit-gtk-2.18.6.ebuild284
4 files changed, 0 insertions, 320 deletions
diff --git a/net-libs/webkit-gtk/Manifest b/net-libs/webkit-gtk/Manifest
index 23ab85c6a44..c83bb09b3e1 100644
--- a/net-libs/webkit-gtk/Manifest
+++ b/net-libs/webkit-gtk/Manifest
@@ -1,3 +1,2 @@
-DIST webkitgtk-2.18.6.tar.xz 14829316 BLAKE2B 4c0140c17d513f064efe09aaefff434e3cbf2a88691c7916ed393bf9bd25a3cb5a1d4ea8699eb7e0d678d807293b66c4629e46df9088df9b4d122c554b280ead SHA512 375907d4c84e27aaa4b5df9a71424488c1b2ba0cf1d63e107d678c0f55f677996a80e9d9a9d4a412b40d1d0dde77b88464c54246cbafe70751042ec8a7bbe029
DIST webkitgtk-2.20.4.tar.xz 16625400 BLAKE2B e2a07bbf38f059424738c69ecab7a1eee205cede2bbed4dedd0899e3d38c4b0b6b8f4fc52f5af6d65c0a0c8111c6c73d8765e55452a89022c476e90fb2ff8275 SHA512 3e6a370823d9a3521862fea0e7ae9f2455101afee247fda7b6d23ea609a0d1db3aeb86c41f903a89776550c190a2cf0baa903883671eca7222249849adc49090
DIST webkitgtk-2.20.5.tar.xz 16625200 BLAKE2B 1fd803d81df1659fd87a93821413326eb798fe9c21af86deeb92f16b3f8eab14350851db499e79745457b708305d013032769416877660db3d5bc7c6058b13cc SHA512 d92fd079ec2826b2880ae5b2d90795ee3071a331bd7a576230b77b9f67a829ab27f09a9b0241a780f612f4f78ea5cc849e4b3d09285d4903eb600a7a7729c1e7
diff --git a/net-libs/webkit-gtk/files/2.20.3-jsc-build-fixes.patch b/net-libs/webkit-gtk/files/2.20.3-jsc-build-fixes.patch
deleted file mode 100644
index 32ff3a52844..00000000000
--- a/net-libs/webkit-gtk/files/2.20.3-jsc-build-fixes.patch
+++ /dev/null
@@ -1,14 +0,0 @@
-https://bugs.gentoo.org/662002
-https://bugs.webkit.org/show_bug.cgi?id=183788
-https://trac.webkit.org/changeset/229282/webkit
-
-Index: /trunk/Source/JavaScriptCore/CMakeLists.txt
-===================================================================
---- a/Source/JavaScriptCore/CMakeLists.txt (revision 229281)
-+++ b/Source/JavaScriptCore/CMakeLists.txt (revision 229282)
-@@ -248,4 +248,5 @@
- )
- target_link_libraries(LLIntOffsetsExtractor WTF)
-+add_dependencies(LLIntOffsetsExtractor JavaScriptCoreForwardingHeaders)
-
- # The build system will execute asm.rb every time LLIntOffsetsExtractor's mtime is newer than
diff --git a/net-libs/webkit-gtk/files/webkit-gtk-2.8.5-fix-ia64-build.patch b/net-libs/webkit-gtk/files/webkit-gtk-2.8.5-fix-ia64-build.patch
deleted file mode 100644
index 6c88c49d8b9..00000000000
--- a/net-libs/webkit-gtk/files/webkit-gtk-2.8.5-fix-ia64-build.patch
+++ /dev/null
@@ -1,21 +0,0 @@
---- a/CMakeLists.txt
-+++ b/CMakeLists.txt
-@@ -98,6 +98,8 @@
- set(WTF_CPU_PPC64LE 1)
- elseif (LOWERCASE_CMAKE_SYSTEM_PROCESSOR MATCHES "parisc*")
- set(WTF_CPU_HPPA 1)
-+elseif (LOWERCASE_CMAKE_SYSTEM_PROCESSOR MATCHES "ia64")
-+ set(WTF_CPU_IA64 1)
- elseif (LOWERCASE_CMAKE_SYSTEM_PROCESSOR MATCHES "s390")
- set(WTF_CPU_S390 1)
- elseif (LOWERCASE_CMAKE_SYSTEM_PROCESSOR MATCHES "s390x")
---- a/Source/JavaScriptCore/CMakeLists.txt
-+++ b/Source/JavaScriptCore/CMakeLists.txt
-@@ -1147,6 +1147,7 @@
- endif ()
- elseif (WTF_CPU_ARM64)
- elseif (WTF_CPU_HPPA)
-+elseif (WTF_CPU_IA64)
- elseif (WTF_CPU_PPC)
- elseif (WTF_CPU_PPC64)
- elseif (WTF_CPU_PPC64LE)
diff --git a/net-libs/webkit-gtk/webkit-gtk-2.18.6.ebuild b/net-libs/webkit-gtk/webkit-gtk-2.18.6.ebuild
deleted file mode 100644
index 42553a11032..00000000000
--- a/net-libs/webkit-gtk/webkit-gtk-2.18.6.ebuild
+++ /dev/null
@@ -1,284 +0,0 @@
-# Copyright 1999-2018 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=6
-CMAKE_MAKEFILE_GENERATOR="ninja"
-PYTHON_COMPAT=( python2_7 )
-USE_RUBY="ruby22 ruby23 ruby24"
-
-inherit check-reqs cmake-utils eutils flag-o-matic gnome2 pax-utils python-any-r1 ruby-single toolchain-funcs versionator virtualx
-
-MY_P="webkitgtk-${PV}"
-DESCRIPTION="Open source web browser engine"
-HOMEPAGE="https://www.webkitgtk.org"
-SRC_URI="https://www.webkitgtk.org/releases/${MY_P}.tar.xz"
-
-LICENSE="LGPL-2+ BSD"
-SLOT="4/37" # soname version of libwebkit2gtk-4.0
-KEYWORDS="~x86-fbsd ~amd64-linux ~x86-linux ~x86-macos"
-
-IUSE="aqua coverage doc +egl +geolocation gles2 gnome-keyring +gstreamer +introspection +jit libnotify nsplugin +opengl spell wayland +webgl +X"
-
-# webgl needs gstreamer, bug #560612
-REQUIRED_USE="
- geolocation? ( introspection )
- gles2? ( egl )
- introspection? ( gstreamer )
- nsplugin? ( X )
- webgl? ( ^^ ( gles2 opengl ) )
- !webgl? ( ?? ( gles2 opengl ) )
- webgl? ( gstreamer )
- wayland? ( egl )
- || ( aqua wayland X )
-"
-
-# Tests fail to link for inexplicable reasons
-# https://bugs.webkit.org/show_bug.cgi?id=148210
-RESTRICT="test"
-
-# Aqua support in gtk3 is untested
-# Dependencies found at Source/cmake/OptionsGTK.cmake
-# Various compile-time optionals for gtk+-3.22.0 - ensure it
-# Missing OpenWebRTC checks and conditionals, but ENABLE_MEDIA_STREAM/ENABLE_WEB_RTC is experimental upstream (PRIVATE OFF)
-RDEPEND="
- >=x11-libs/cairo-1.10.2:=
- >=media-libs/fontconfig-2.8.0:1.0
- >=media-libs/freetype-2.4.2:2
- >=dev-libs/libgcrypt-1.6.0:0=
- >=x11-libs/gtk+-3.22:3[aqua?,introspection?,wayland?,X?]
- >=media-libs/harfbuzz-1.3.3:=[icu(+)]
- >=dev-libs/icu-3.8.1-r1:=
- virtual/jpeg:0=
- >=net-libs/libsoup-2.48:2.4[introspection?]
- >=dev-libs/libxml2-2.8.0:2
- >=media-libs/libpng-1.4:0=
- dev-db/sqlite:3=
- sys-libs/zlib:0
- >=dev-libs/atk-2.8.0
- media-libs/libwebp:=
-
- >=dev-libs/glib-2.40:2
- >=dev-libs/libxslt-1.1.7
- gnome-keyring? ( app-crypt/libsecret )
- geolocation? ( >=app-misc/geoclue-2.1.5:2.0 )
- introspection? ( >=dev-libs/gobject-introspection-1.32.0:= )
- dev-libs/libtasn1:=
- >=dev-libs/libgcrypt-1.7.0:0=
- nsplugin? ( >=x11-libs/gtk+-2.24.10:2 )
- spell? ( >=app-text/enchant-0.22:= )
- gstreamer? (
- >=media-libs/gstreamer-1.2.3:1.0
- >=media-libs/gst-plugins-base-1.2.3:1.0
- >=media-libs/gst-plugins-bad-1.10:1.0[opengl?,egl?] )
-
- X? (
- x11-libs/cairo[X]
- x11-libs/libX11
- x11-libs/libXcomposite
- x11-libs/libXdamage
- x11-libs/libXrender
- x11-libs/libXt )
-
- libnotify? ( x11-libs/libnotify )
- dev-libs/hyphen
-
- egl? ( media-libs/mesa[egl] )
- gles2? ( media-libs/mesa[gles2] )
- opengl? ( virtual/opengl
- x11-libs/cairo[opengl] )
- webgl? (
- x11-libs/cairo[opengl]
- x11-libs/libXcomposite
- x11-libs/libXdamage )
-"
-
-# paxctl needed for bug #407085
-# Need real bison, not yacc
-DEPEND="${RDEPEND}
- ${PYTHON_DEPS}
- ${RUBY_DEPS}
- >=app-accessibility/at-spi2-core-2.5.3
- >=dev-lang/perl-5.10
- >=dev-util/gtk-doc-am-1.10
- >=dev-util/gperf-3.0.1
- >=sys-devel/bison-2.4.3
- || ( >=sys-devel/gcc-4.9 >=sys-devel/clang-3.3 )
- sys-devel/gettext
- virtual/pkgconfig
-
- dev-lang/perl
- virtual/perl-Data-Dumper
- virtual/perl-Carp
-
- doc? ( >=dev-util/gtk-doc-1.10 )
- geolocation? ( dev-util/gdbus-codegen )
- introspection? ( jit? ( sys-apps/paxctl ) )
- test? (
- dev-lang/python:2.7
- dev-python/pygobject:3[python_targets_python2_7]
- x11-themes/hicolor-icon-theme
- jit? ( sys-apps/paxctl ) )
-"
-
-S="${WORKDIR}/${MY_P}"
-
-CHECKREQS_DISK_BUILD="18G" # and even this might not be enough, bug #417307
-
-pkg_pretend() {
- if [[ ${MERGE_TYPE} != "binary" ]] ; then
- if is-flagq "-g*" && ! is-flagq "-g*0" ; then
- einfo "Checking for sufficient disk space to build ${PN} with debugging CFLAGS"
- check-reqs_pkg_pretend
- fi
-
- if ! test-flag-CXX -std=c++11 ; then
- die "You need at least GCC 4.9.x or Clang >= 3.3 for C++11-specific compiler flags"
- fi
-
- if tc-is-gcc && [[ $(gcc-version) < 4.9 ]] ; then
- die 'The active compiler needs to be gcc 4.9 (or newer)'
- fi
- fi
-}
-
-pkg_setup() {
- if [[ ${MERGE_TYPE} != "binary" ]] && is-flagq "-g*" && ! is-flagq "-g*0" ; then
- check-reqs_pkg_setup
- fi
-
- python-any-r1_pkg_setup
-}
-
-src_prepare() {
- # https://bugs.gentoo.org/show_bug.cgi?id=555504
- eapply "${FILESDIR}"/${PN}-2.8.5-fix-ia64-build.patch
- cmake-utils_src_prepare
- gnome2_src_prepare
-}
-
-src_configure() {
- # Respect CC, otherwise fails on prefix #395875
- tc-export CC
-
- # Arches without JIT support also need this to really disable it in all places
- use jit || append-cppflags -DENABLE_JIT=0 -DENABLE_YARR_JIT=0 -DENABLE_ASSEMBLER=0
-
- # It does not compile on alpha without this in LDFLAGS
- # https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=648761
- use alpha && append-ldflags "-Wl,--no-relax"
-
- # ld segfaults on ia64 with LDFLAGS --as-needed, bug #555504
- use ia64 && append-ldflags "-Wl,--no-as-needed"
-
- # Sigbuses on SPARC with mcpu and co., bug #???
- use sparc && filter-flags "-mvis"
-
- # https://bugs.webkit.org/show_bug.cgi?id=42070 , #301634
- use ppc64 && append-flags "-mminimal-toc"
-
- # Try to use less memory, bug #469942 (see Fedora .spec for reference)
- # --no-keep-memory doesn't work on ia64, bug #502492
- if ! use ia64; then
- append-ldflags "-Wl,--no-keep-memory"
- fi
-
- # We try to use gold when possible for this package
-# if ! tc-ld-is-gold ; then
-# append-ldflags "-Wl,--reduce-memory-overheads"
-# fi
-
- # Multiple rendering bugs on youtube, github, etc without this, bug #547224
- append-flags $(test-flags -fno-strict-aliasing)
-
- local ruby_interpreter=""
-
- if has_version "virtual/rubygems[ruby_targets_ruby24]"; then
- ruby_interpreter="-DRUBY_EXECUTABLE=$(type -P ruby24)"
- elif has_version "virtual/rubygems[ruby_targets_ruby23]"; then
- ruby_interpreter="-DRUBY_EXECUTABLE=$(type -P ruby23)"
- elif has_version "virtual/rubygems[ruby_targets_ruby22]"; then
- ruby_interpreter="-DRUBY_EXECUTABLE=$(type -P ruby22)"
- else
- ruby_interpreter="-DRUBY_EXECUTABLE=$(type -P ruby21)"
- fi
-
- # TODO: Check Web Audio support
- # should somehow let user select between them?
- #
- # FTL_JIT requires llvm
- #
- # opengl needs to be explicetly handled, bug #576634
-
- local opengl_enabled
- if use opengl || use gles2; then
- opengl_enabled=ON
- else
- opengl_enabled=OFF
- fi
-
- # support for webgl (aka 2d-canvas accelerating)
- local canvas_enabled
- if use webgl && ! use gles2 ; then
- canvas_enabled=ON
- else
- canvas_enabled=OFF
- fi
-
- local mycmakeargs=(
- -DENABLE_QUARTZ_TARGET=$(usex aqua)
- -DENABLE_API_TESTS=$(usex test)
- -DENABLE_GTKDOC=$(usex doc)
- -DENABLE_GEOLOCATION=$(usex geolocation)
- $(cmake-utils_use_find_package gles2 OpenGLES2)
- -DENABLE_GLES2=$(usex gles2)
- -DENABLE_VIDEO=$(usex gstreamer)
- -DENABLE_WEB_AUDIO=$(usex gstreamer)
- -DENABLE_INTROSPECTION=$(usex introspection)
- -DENABLE_JIT=$(usex jit)
- -DUSE_LIBNOTIFY=$(usex libnotify)
- -DUSE_LIBSECRET=$(usex gnome-keyring)
- -DENABLE_PLUGIN_PROCESS_GTK2=$(usex nsplugin)
- -DENABLE_SPELLCHECK=$(usex spell)
- -DENABLE_WAYLAND_TARGET=$(usex wayland)
- -DENABLE_WEBGL=$(usex webgl)
- $(cmake-utils_use_find_package egl EGL)
- $(cmake-utils_use_find_package opengl OpenGL)
- -DENABLE_X11_TARGET=$(usex X)
- -DENABLE_OPENGL=${opengl_enabled}
- -DENABLE_ACCELERATED_2D_CANVAS=${canvas_enabled}
- -DCMAKE_BUILD_TYPE=Release
- -DPORT=GTK
- ${ruby_interpreter}
- )
-
- # Allow it to use GOLD when possible as it has all the magic to
- # detect when to use it and using gold for this concrete package has
- # multiple advantages and is also the upstream default, bug #585788
-# if tc-ld-is-gold ; then
-# mycmakeargs+=( -DUSE_LD_GOLD=ON )
-# else
-# mycmakeargs+=( -DUSE_LD_GOLD=OFF )
-# fi
-
- cmake-utils_src_configure
-}
-
-src_compile() {
- cmake-utils_src_compile
-}
-
-src_test() {
- # Prevents test failures on PaX systems
- use jit && pax-mark m $(list-paxables Programs/*[Tt]ests/*) # Programs/unittests/.libs/test*
-
- cmake-utils_src_test
-}
-
-src_install() {
- cmake-utils_src_install
-
- # Prevents crashes on PaX systems, bug #522808
- use jit && pax-mark m "${ED}usr/libexec/webkit2gtk-4.0/jsc" "${ED}usr/libexec/webkit2gtk-4.0/WebKitWebProcess"
- pax-mark m "${ED}usr/libexec/webkit2gtk-4.0/WebKitPluginProcess"
- use nsplugin && pax-mark m "${ED}usr/libexec/webkit2gtk-4.0/WebKitPluginProcess"2
-}