Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package webkit2gtk3 for openSUSE:Factory checked in at 2025-12-20 21:45:33 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/webkit2gtk3 (Old) and /work/SRC/openSUSE:Factory/.webkit2gtk3.new.1928 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "webkit2gtk3" Sat Dec 20 21:45:33 2025 rev:234 rq:1323659 version:2.50.4 Changes: -------- --- /work/SRC/openSUSE:Factory/webkit2gtk3/webkit2gtk3.changes 2025-12-08 11:53:23.872088900 +0100 +++ /work/SRC/openSUSE:Factory/.webkit2gtk3.new.1928/webkit2gtk3.changes 2025-12-20 21:46:18.834748009 +0100 @@ -1,0 +2,13 @@ +Wed Dec 17 15:35:08 UTC 2025 - Michael Gorse <[email protected]> + +- Update to version 2.50.4 (bsc#1255183 bsc#1255191 bsc#1255194 + bsc#1255195 bsc#1255198 bsc#1255200): + + Correctly handle the program name passed to the sleep disabler. + + Ensure GStreamer is initialized before using the Quirks. + + Fix several crashes and rendering issues. + + Security fixes: CVE-2025-14174, CVE-2025-43501, CVE-2025-43529, + CVE-2025-43531, CVE-2025-43535, CVE-2025-43536, CVE-2025-43541. +- Add webkit2gtk3-a11y-fix-role-mapping.patch: fix a11y regression + where AT-SPI roles were mapped incorrectly. + +------------------------------------------------------------------- Old: ---- webkitgtk-2.50.3.tar.xz webkitgtk-2.50.3.tar.xz.asc New: ---- webkit2gtk3-a11y-fix-role-mapping.patch webkitgtk-2.50.4.tar.xz webkitgtk-2.50.4.tar.xz.asc ----------(New B)---------- New: CVE-2025-43531, CVE-2025-43535, CVE-2025-43536, CVE-2025-43541. - Add webkit2gtk3-a11y-fix-role-mapping.patch: fix a11y regression where AT-SPI roles were mapped incorrectly. ----------(New E)---------- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ webkit2gtk3.spec ++++++ --- /var/tmp/diff_new_pack.6I7swg/_old 2025-12-20 21:46:20.310808680 +0100 +++ /var/tmp/diff_new_pack.6I7swg/_new 2025-12-20 21:46:20.314808843 +0100 @@ -76,7 +76,7 @@ %endif Name: webkit2%{_gtknamesuffix} -Version: 2.50.3 +Version: 2.50.4 Release: 0 Summary: Library for rendering web content, GTK+ Port License: BSD-3-Clause AND LGPL-2.0-or-later @@ -88,6 +88,8 @@ # PATCH-FEATURE-OPENSUSE reproducibility.patch -- Make build reproducible Patch0: reproducibility.patch +# PATCH-FIX-UPSTREAM webkit2gtk3-a11y-fix-role-mapping.patch webkit#300090 [email protected] -- fix a11y regression where AT-SPI roles were mapped incorrectly. +Patch1: webkit2gtk3-a11y-fix-role-mapping.patch BuildRequires: Mesa-libEGL-devel BuildRequires: Mesa-libGL-devel @@ -117,7 +119,7 @@ BuildRequires: ruby >= 2.5 BuildRequires: unifdef BuildRequires: xdg-dbus-proxy -BuildRequires: pkgconfig(atspi-2) >= 2.5.3 +BuildRequires: pkgconfig(atspi-2) >= 2.5.4 BuildRequires: pkgconfig(cairo) >= 1.16.0 BuildRequires: pkgconfig(epoxy) BuildRequires: pkgconfig(fontconfig) >= 2.13.0 ++++++ webkit2gtk3-a11y-fix-role-mapping.patch ++++++ >From 802faad87e283f257ab5ac22cd55bd5eaa0e610c Mon Sep 17 00:00:00 2001 From: Mike Gorse <[email protected]> Date: Fri, 12 Dec 2025 19:15:51 -0600 Subject: [PATCH] AX: Adjust Atspi::Role to match the enum defined in at-spi2-core https://bugs.webkit.org/show_bug.cgi?id=300090 Reviewed by NOBODY (OOPS!). R296017 removed the Footer member from Atspi::Role and also added SectionHeader and SectionFooter, which do not currently exist in AT-SPI, leading to the wrong Role values being reported. This commit adjusts the enum to correspond with the current AT-SPI specification and also adds a couple of newer AT-SPI roles. * Source/WebCore/accessibility/atspi/AccessibilityAtspiEnums.h: * Source/WebCore/accessibility/atspi/AccessibilityObjectAtspi.cpp: (WebCore::atspiRole): --- .../accessibility/atspi/AccessibilityAtspiEnums.h | 14 ++++++++++++-- .../atspi/AccessibilityObjectAtspi.cpp | 4 ++-- 2 files changed, 14 insertions(+), 4 deletions(-) diff --git a/Source/WebCore/accessibility/atspi/AccessibilityAtspiEnums.h b/Source/WebCore/accessibility/atspi/AccessibilityAtspiEnums.h index f62d8f97836d..65e624bfe17a 100644 --- a/Source/WebCore/accessibility/atspi/AccessibilityAtspiEnums.h +++ b/Source/WebCore/accessibility/atspi/AccessibilityAtspiEnums.h @@ -23,6 +23,11 @@ namespace WebCore { namespace Atspi { +// These enum values are passed over DBus as integers and must correspond +// to the definitions in at-spi2-core +// (https://gitlab.gnome.org/GNOME/at-spi2-core). Do not modify them without +// a corresponding change in at-spi2-core. + enum class Role { InvalidRole, AcceleratorLabel, @@ -96,6 +101,7 @@ enum class Role { Window, Extended, Header, + Footer, Paragraph, Ruler, Application, @@ -139,8 +145,6 @@ enum class Role { Math, Rating, Timer, - SectionFooter, - SectionHeader, Static, MathFraction, MathRoot, @@ -154,8 +158,14 @@ enum class Role { ContentInsertion, Mark, Suggestion, + PushButtonMenu, + Switch, }; +static_assert((int)Atspi::Role::Paragraph == 73); +static_assert((int)Atspi::Role::Section == 85); +static_assert((int)Atspi::Role::Switch == 130); + enum class State : uint64_t { InvalidState = 1LLU << 0, Active = 1LLU << 1, diff --git a/Source/WebCore/accessibility/atspi/AccessibilityObjectAtspi.cpp b/Source/WebCore/accessibility/atspi/AccessibilityObjectAtspi.cpp index 34e3ac0e2cff..005bc9aa8f3b 100644 --- a/Source/WebCore/accessibility/atspi/AccessibilityObjectAtspi.cpp +++ b/Source/WebCore/accessibility/atspi/AccessibilityObjectAtspi.cpp @@ -323,9 +323,9 @@ static Atspi::Role atspiRole(AccessibilityRole role) case AccessibilityRole::LandmarkSearch: return Atspi::Role::Landmark; case AccessibilityRole::SectionFooter: - return Atspi::Role::SectionFooter; + return Atspi::Role::Footer; case AccessibilityRole::SectionHeader: - return Atspi::Role::SectionHeader; + return Atspi::Role::Header; case AccessibilityRole::DescriptionList: return Atspi::Role::DescriptionList; case AccessibilityRole::Term: -- 2.52.0 ++++++ webkitgtk-2.50.3.tar.xz -> webkitgtk-2.50.4.tar.xz ++++++ /work/SRC/openSUSE:Factory/webkit2gtk3/webkitgtk-2.50.3.tar.xz /work/SRC/openSUSE:Factory/.webkit2gtk3.new.1928/webkitgtk-2.50.4.tar.xz differ: char 13, line 1
