rpms/webkit2gtk3
6
0
Fork 0
Code Issues Pull Requests Releases Activity

Import from CS git

Browse Source
This commit is contained in:
eabdullin 2025-03-17 07:36:58 +00:00
parent 9180abfcdf
commit 06eb2ef4db
2 changed files with 65 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

54
SOURCES/CVE-2025-24201.patch Normal file
View File

@ -0,0 +1,54 @@
From 541280709a62351643fa7b456bc1f6d652fd9d0b Mon Sep 17 00:00:00 2001
From: Kimmo Kinnunen <kkinnunen@apple.com>
Date: Wed, 5 Mar 2025 16:49:53 -0800
Subject: [PATCH] Cherry-pick b48791700366. rdar://146337054
WebGL context primitive restart can be toggled from WebContent process
https://bugs.webkit.org/show_bug.cgi?id=285858
rdar://142693598
Reviewed by Cameron McCormack.
Primitive restart is enabled for WebGL2 and disabled for WebGL 1
contexts by default. There is no use-case for toggling it from
WCP. Do not pass enable/disable to ANGLE.
* Source/WebCore/platform/graphics/angle/GraphicsContextGLANGLE.cpp:
(WebCore::GraphicsContextGLANGLE::disable):
(WebCore::GraphicsContextGLANGLE::enable):
Canonical link: https://commits.webkit.org/289651.23@safari-7621-branch
---
.../graphics/angle/GraphicsContextGLANGLE.cpp | 12 ++++++++++--
1 file changed, 10 insertions(+), 2 deletions(-)
diff --git a/Source/WebCore/platform/graphics/angle/GraphicsContextGLANGLE.cpp b/Source/WebCore/platform/graphics/angle/GraphicsContextGLANGLE.cpp
index 39d148172b4f..81c9dff2fb89 100644
--- a/Source/WebCore/platform/graphics/angle/GraphicsContextGLANGLE.cpp
+++ b/Source/WebCore/platform/graphics/angle/GraphicsContextGLANGLE.cpp
@@ -1169,7 +1169,11 @@ void GraphicsContextGLANGLE::disable(GCGLenum cap)
{
if (!makeContextCurrent())
return;
-
+ if (cap == PRIMITIVE_RESTART_FIXED_INDEX) {
+ if (m_isForWebGL2)
+ addError(GCGLErrorCode::InvalidOperation);
+ return;
+ }
GL_Disable(cap);
}
@@ -1203,7 +1207,11 @@ void GraphicsContextGLANGLE::enable(GCGLenum cap)
{
if (!makeContextCurrent())
return;
-
+ if (cap == PRIMITIVE_RESTART_FIXED_INDEX) {
+ if (!m_isForWebGL2)
+ addError(GCGLErrorCode::InvalidOperation);
+ return;
+ }
GL_Enable(cap);
}

12
SPECS/webkit2gtk3.spec
View File

@ -10,7 +10,7 @@
Name: webkit2gtk3 Name: webkit2gtk3
Version: 2.46.6 Version: 2.46.6
Release: 1%{?dist} Release: 2%{?dist}
Summary: GTK Web content engine library Summary: GTK Web content engine library
License: LGPLv2 License: LGPLv2
@ -46,6 +46,13 @@ Patch204: icu60.patch
Patch300: evolution-shared-secondary-process.patch Patch300: evolution-shared-secondary-process.patch
Patch301: evolution-sandbox-warning.patch Patch301: evolution-sandbox-warning.patch
##
## Upstream patches to remove after next update
##
# https://bugs.webkit.org/show_bug.cgi?id=285858
Patch400: CVE-2025-24201.patch
BuildRequires: bison BuildRequires: bison
BuildRequires: cmake BuildRequires: cmake
BuildRequires: flex BuildRequires: flex
@ -315,6 +322,9 @@ export NINJA_STATUS="[%f/%t][%e] "
%{_datadir}/gir-1.0/JavaScriptCore-4.0.gir %{_datadir}/gir-1.0/JavaScriptCore-4.0.gir
%changelog %changelog
* Thu Mar 13 2025 Michael Catanzaro <mcatanzaro@redhat.com> - 2.46.6-2
- Add patch for CVE-2025-24201
* Tue Feb 25 2025 Michael Catanzaro <mcatanzaro@redhat.com> - 2.46.6-1 * Tue Feb 25 2025 Michael Catanzaro <mcatanzaro@redhat.com> - 2.46.6-1
- Update to 2.46.6 - Update to 2.46.6