[packages/midori] - add fixes from Debian - rel 1 (works now)
baggins
baggins at pld-linux.org
Sat Apr 15 10:44:45 CEST 2017
commit b7f0bb0b41b15a040a23152c539d755074e599c6
Author: Jan Rękorajski <baggins at pld-linux.org>
Date: Sat Apr 15 10:44:28 2017 +0200
- add fixes from Debian
- rel 1 (works now)
...e-version-of-Chromium-s-User-Agent-string.patch | 26 +++++++++++++++++++
...or-message-when-Trust-this-website-doesn-.patch | 28 ++++++++++++++++++++
...urity-by-making-sure-that-we-use-a-safe-s.patch | 30 ++++++++++++++++++++++
...-NULL-string-sourceURL-to-JSEvaluateScrip.patch | 23 +++++++++++++++++
midori.spec | 10 +++++++-
5 files changed, 116 insertions(+), 1 deletion(-)
---
diff --git a/midori.spec b/midori.spec
index 4cc74eb..696fb39 100644
--- a/midori.spec
+++ b/midori.spec
@@ -4,7 +4,7 @@ Summary(hu.UTF-8): GTK+ WebCore alapú web-böngésző
Summary(pl.UTF-8): Przeglądarka WWW oparta na GTK+ WebCore
Name: midori
Version: 0.5.11
-Release: 0.1
+Release: 1
License: LGPL v2+
Group: X11/Applications/Networking
Source0: http://midori-browser.org/downloads/%{name}_%{version}_all_.tar.bz2
@@ -14,6 +14,10 @@ Patch1: gtk-doc-path.patch
Patch2: soversion.patch
Patch3: vala-0.35.patch
Patch4: vala-0.36.patch
+Patch5: 0002-Update-version-of-Chromium-s-User-Agent-string.patch
+Patch6: 0003-Improve-error-message-when-Trust-this-website-doesn-.patch
+Patch7: 0004-Improve-security-by-making-sure-that-we-use-a-safe-s.patch
+Patch8: 0005-Passing-non-NULL-string-sourceURL-to-JSEvaluateScrip.patch
URL: http://midori-browser.org/
BuildRequires: cmake >= 2.6.0
BuildRequires: gcr-devel
@@ -87,6 +91,10 @@ Dokumentacja API midori.
%patch2 -p1
%patch3 -p0
%patch4 -p1
+%patch5 -p1
+%patch6 -p1
+%patch7 -p1
+%patch8 -p1
%build
install -d build
diff --git a/0002-Update-version-of-Chromium-s-User-Agent-string.patch b/0002-Update-version-of-Chromium-s-User-Agent-string.patch
new file mode 100644
index 0000000..e2068cf
--- /dev/null
+++ b/0002-Update-version-of-Chromium-s-User-Agent-string.patch
@@ -0,0 +1,26 @@
+From: Sergio Durigan Junior <sergiodj at sergiodj.net>
+Date: Sun, 27 Dec 2015 01:07:54 -0500
+Subject: Update version of Chromium's User-Agent string
+
+We identify ourselves as Chromium to other websites, but the version
+we use in the User-Agent string is pretty old. This commit updates it
+to a newer version (49.0.2571.2, from Nov 22 2015). The positive
+side-effect from doing this is that Google does not bother the user
+asking her to upgrade to a "newer Chrome".
+---
+ midori/midori-websettings.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/midori/midori-websettings.c b/midori/midori-websettings.c
+index dbdb27f..fcec10f 100644
+--- a/midori/midori-websettings.c
++++ b/midori/midori-websettings.c
+@@ -837,7 +837,7 @@ generate_ident_string (MidoriWebSettings* web_settings,
+ case MIDORI_IDENT_MIDORI:
+ case MIDORI_IDENT_CHROME:
+ return g_strdup_printf ("Mozilla/5.0 (%s %s) AppleWebKit/%d.%d "
+- "(KHTML, like Gecko) Chrome/18.0.1025.133 Safari/%d.%d %s",
++ "(KHTML, like Gecko) Chrome/46.0.2490.86 Safari/%d.%d %s",
+ platform, os, webcore_major, webcore_minor, webcore_major, webcore_minor, appname);
+ case MIDORI_IDENT_SAFARI:
+ return g_strdup_printf ("Mozilla/5.0 (Macintosh; U; Intel Mac OS X; %s) "
diff --git a/0003-Improve-error-message-when-Trust-this-website-doesn-.patch b/0003-Improve-error-message-when-Trust-this-website-doesn-.patch
new file mode 100644
index 0000000..975cd7f
--- /dev/null
+++ b/0003-Improve-error-message-when-Trust-this-website-doesn-.patch
@@ -0,0 +1,28 @@
+From: Sergio Durigan Junior <sergiodj at sergiodj.net>
+Date: Sun, 27 Dec 2015 01:15:54 -0500
+Subject: Improve error message when "Trust this website" doesn't work
+
+Sometimes the user will not be able to use the "Trust this website"
+button, probably because she does not have gcr/gnome-keyring
+installed. This patch makes the warning/erro message displayed in
+such cases more user-friendly.
+---
+ midori/midori-view.c | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/midori/midori-view.c b/midori/midori-view.c
+index fbcb01c..00ea20a 100644
+--- a/midori/midori-view.c
++++ b/midori/midori-view.c
+@@ -623,7 +623,10 @@ midori_view_web_view_navigation_decision_cb (WebKitWebView* web_view
+ gchar* slots = g_strjoinv (" , ", (gchar**)gcr_pkcs11_get_trust_lookup_uris ());
+ gchar* title = g_strdup_printf ("Error granting trust: %s", error->message);
+ midori_tab_stop_loading (MIDORI_TAB (view));
+- midori_view_display_error (view, NULL, NULL, NULL, title, slots, NULL,
++ midori_view_display_error (view, NULL, NULL, NULL, title, slots, _("Please look at our "
++ "<a href=\"http://midori-browser.org/faqs/\" target=\"_blank\">FAQ</a>, section "
++ "\"<a href=\"http://midori-browser.org/faqs/#security_features\" target=\"_blank\">"
++ "Security Features</a>\", to understand how you can solve this problem."),
+ _("Trust this website"), NULL);
+ g_free (title);
+ g_free (slots);
diff --git a/0004-Improve-security-by-making-sure-that-we-use-a-safe-s.patch b/0004-Improve-security-by-making-sure-that-we-use-a-safe-s.patch
new file mode 100644
index 0000000..2068336
--- /dev/null
+++ b/0004-Improve-security-by-making-sure-that-we-use-a-safe-s.patch
@@ -0,0 +1,30 @@
+From: Sergio Durigan Junior <sergiodj at sergiodj.net>
+Date: Sun, 27 Dec 2015 01:34:55 -0500
+Subject: Improve security by making sure that we use a safe set of ciphers.
+
+This comes from Debian bug #804196 (LP Bug #1517265). When Midori
+uses libwebkitgtk, it inherits the default value of the
+G_TLS_GNUTLS_PRIORITY environment variable. Unfortunately this value
+is not safe enough because it still lets GnuTLS to enable to unsafe
+ciphers. Therefore, we need to set this variable ourselves and make
+sure that Midori is using safe ciphers for TLS operations.
+---
+ midori/main.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/midori/main.c b/midori/main.c
+index 00bc3b4..8954e42 100644
+--- a/midori/main.c
++++ b/midori/main.c
+@@ -143,6 +143,11 @@ main (int argc,
+ /* Versioned prgname to override menuproxy blacklist */
+ g_set_prgname (PACKAGE_NAME "4");
+
++ /* Make sure we are using a sane set of ciphers. */
++ g_setenv ("G_TLS_GNUTLS_PRIORITY",
++ "NORMAL:%COMPAT:%LATEST_RECORD_VERSION:!VERS-SSL3.0:!ARCFOUR-128",
++ 1);
++
+ if (version)
+ {
+ GString* versions = g_string_new ("");
diff --git a/0005-Passing-non-NULL-string-sourceURL-to-JSEvaluateScrip.patch b/0005-Passing-non-NULL-string-sourceURL-to-JSEvaluateScrip.patch
new file mode 100644
index 0000000..48d7c61
--- /dev/null
+++ b/0005-Passing-non-NULL-string-sourceURL-to-JSEvaluateScrip.patch
@@ -0,0 +1,23 @@
+From: Sergio Durigan Junior <sergiodj at sergiodj.net>
+Date: Sat, 13 Aug 2016 12:51:50 -0400
+Subject: Passing non-NULL string (sourceURL) to JSEvaluateScript
+
+This fixes #834236, and is actually a regression introduced by the
+last webkitgtk update.
+---
+ midori/sokoke.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/midori/sokoke.c b/midori/sokoke.c
+index 2e31655..d0d34b0 100644
+--- a/midori/sokoke.c
++++ b/midori/sokoke.c
+@@ -73,7 +73,7 @@ sokoke_js_script_eval (JSContextRef js_context,
+
+ js_script = JSStringCreateWithUTF8CString (script);
+ js_value = JSEvaluateScript (js_context, js_script,
+- JSContextGetGlobalObject (js_context), NULL, 0, &js_exception);
++ JSContextGetGlobalObject (js_context), JSStringCreateWithUTF8CString(""), 0, &js_exception);
+ JSStringRelease (js_script);
+
+ if (!js_value)
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/midori.git/commitdiff/b7f0bb0b41b15a040a23152c539d755074e599c6
More information about the pld-cvs-commit
mailing list