Пакет yandex-browser-stable: Specfile

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
#------------------------------------------------------------------------------
#   browser.spec
#------------------------------------------------------------------------------

#------------------------------------------------------------------------------
#   Prologue information
#------------------------------------------------------------------------------
Summary: Yandex Browser
License: ALT-YANDEX-BROWSER
Name: yandex-browser-stable
Version: 23.1.2.1033
Release: alt1
Group: Networking/WWW
Vendor: YANDEX LLC
Url: http://browser.yandex.ru/

ExclusiveArch: x86_64
Source0: x86_64-linux.tar.gz
Source1: common.tar.gz
Patch0: yandex-browser-stable-proxy-from-environment.patch
Provides: yandex-browser = %{version}
Buildrequires: at-spi2-atk, libalsa, libat-spi2-core, libatk, libcairo, libcups
Buildrequires: libdbus, libdrm, libexpat, libgbm, libgio, libnspr, libnss
Buildrequires: libpango, libX11, libXcomposite, libXdamage, libXext, libXfixes
Buildrequires: libXrandr, libxcb, libxkbcommon
Buildrequires: libwayland-client
Buildrequires: libqt5-core, libqt5-widgets, libqt5-gui
Requires: ca-certificates,ffmpeg-plugin-browser, xdg-utils, fonts-ttf-google-noto-emoji-color
Requires(post): %{_sbindir}/update-alternatives
Requires(preun): %{_sbindir}/update-alternatives


# The prefix is pretty important; RPM uses this to figure out
# how to make a package relocatable

# =============== END Prologue ===============

#------------------------------------------------------------------------------
#   Description
#------------------------------------------------------------------------------
%Description
The web browser from Yandex

Yandex Browser is a browser that combines a minimal design with sophisticated technology to make the web faster, safer, and easier.

#------------------------------------------------------------------------------
#   Prep rule - Prepare sources before build
#------------------------------------------------------------------------------
%prep
%setup -c
%setup -T -D -a 1
%patch0 -p0

#------------------------------------------------------------------------------
#   Build rule - How to make the package
#------------------------------------------------------------------------------
%build

# =============== END build ===============

#------------------------------------------------------------------------------
#       Installation rule - how to install it (note that it
#   gets installed into a temp directory given by %buildroot)
#------------------------------------------------------------------------------
%install
# TODO(palar): remove it when libabt-bindings.so is fixed
%set_verify_elf_method textrel=relaxed
%add_findreq_skiplist %_libdir/yandex/browser/xdg-*

if [ -z "%{_builddir}/%{name}-%{version}" -o ! \
     -d "%{_builddir}/%{name}-%{version}" ] ; then
    exit 1
fi

if [ -z "%{_builddir}/%{name}-%{version}" -o ! \
     -d "%{_builddir}/%{name}-%{version}/%{_libdir}/yandex/browser" ] ; then
    exit 1
fi

install -m 755 -d \
  "%buildroot/usr"
# This is hard coded for now
cp -a "%{_builddir}/%{name}-%{version}/usr/" "%buildroot/"

if [ -d "%{_builddir}/%{name}-%{version}%{_sysconfdir}/" ]; then
  install -m 755 -d \
    "%buildroot%{_sysconfdir}"
  cp -a "%{_builddir}/%{name}-%{version}%{_sysconfdir}/" "%buildroot/"
fi

#partner config
maybe_create_dir() {
  if [ ! -d "$1" ]; then
    mkdir -p "$1"
  fi
}
store_partner_file() {
  if [ -z "$1" ]; then
    local source_file="%{_builddir}/%{name}-%{version}/%{_libdir}/yandex/browser/$2"
  else
    local source_file="%{_builddir}/%{name}-%{version}/%{_libdir}/yandex/browser/$1/$2"
  fi
  local destination_dir="%buildroot%{_localstatedir}/yandex/browser/$1"
  if [ -f "${source_file}" ]; then
    maybe_create_dir "${destination_dir}"
    cp -f "${source_file}" "${destination_dir}"
  fi
}
remove_partner_storage() {
  local partner_storage_dir="%{_localstatedir}/yandex/browser"
  if [ -d "${partner_storage_dir}" ]; then
    rm -rf "${partner_storage_dir}"
  fi
}
store_partner_files() {
  local source_dir="%{_builddir}/%{name}-%{version}/%{_libdir}/yandex/browser/$1"
  local destination_dir="%buildroot%{_localstatedir}/yandex/browser/$1"
  maybe_create_dir "${destination_dir}"
  find "${source_dir}" -maxdepth 1 -type f -name "$2" -exec cp -f {} "${destination_dir}" \;
}
store_partner_data() {
  local partner_config="%{_builddir}/%{name}-%{version}/%{_libdir}/yandex/browser/partner_config"
  if [ -f "${partner_config}" ]; then
    remove_partner_storage
    store_partner_file "" "partner_config"
    store_partner_file "" "distrib_info"
    store_partner_file "" "initial_preferences"
    store_partner_file "" "master_preferences"
    store_partner_file "Extensions" "external_extensions.json"
    store_partner_files "resources" "tablo*"
    store_partner_files "resources" "*.png"
    store_partner_files "resources" "*.svg"
    store_partner_files "resources/wallpapers" "*"
  fi
}
store_partner_data

# install icons
for size in 16 24 32 48 64 128 256; do
  install -Dm644 "%{_builddir}/%{name}-%{version}/%{_libdir}/yandex/browser/product_logo_$size.png" \
    "%buildroot/%_iconsdir/hicolor/${size}x${size}/apps/yandex-browser.png"
done

# Set alternative to xbrowser
mkdir -p -- %buildroot%_altdir
cat >%buildroot%_altdir/%name <<EOF
%_bindir/xbrowser       %_bindir/%name  150
%_bindir/x-www-browser  %_bindir/%name  150
EOF

# =============== END install ===============

#------------------------------------------------------------------------------
#   Rule to clean up a build
#------------------------------------------------------------------------------
%clean

# =============== END clean ===============

#------------------------------------------------------------------------------
#   Files listing.
#------------------------------------------------------------------------------
%files
%defattr(-,root,root)
#%doc README

# We cheat and just let RPM figure it out for us; everything we install
# should go under this prefix anyways.
%{_libdir}/yandex/browser
%attr(4711,root,root) %{_libdir}/yandex/browser/yandex_browser-sandbox

%{_sysconfdir}/xdg/autostart/yandex-browser_user_setup.desktop
%{_bindir}/yandex-browser-stable
%{_datadir}/appdata/yandex-browser.appdata.xml
%{_datadir}/applications/yandex-browser.desktop
%{_datadir}/gnome-control-center/default-apps/yandex-browser.xml
%_altdir/%name
%_iconsdir/hicolor/*/apps/*.png
%docdir %{_mandir}/man1
%{_mandir}/man1/yandex-browser.1.xz
%{_mandir}/man1/yandex-browser-stable.1.xz

# =============== END files ===============

#------------------------------------------------------------------------------
#   Pre uninstallation script
#------------------------------------------------------------------------------
%preun

remove_partner_storage() {
  local partner_storage_dir="%{_localstatedir}/yandex/browser"
  if [ -d "${partner_storage_dir}" ]; then
    rm -rf "${partner_storage_dir}"
  fi
}
if [ "$1" -eq "0" ]; then
  remove_partner_storage
fi
exit 0
# =============== END preun ===============

%changelog
* Mon Mar 20 2023 yabro <yabro@altlinux.org> 23.1.2.1033-alt1
 - browser updated to 23.1.2
 - High CVE-2022-4436: Use after free in Blink Media.
 - High CVE-2022-4437: Use after free in Mojo IPC.
 - High CVE-2022-4438: Use after free in Blink Frames.
 - High CVE-2022-4439: Use after free in Aura.
 - Medium CVE-2022-4440: Use after free in Profiles.
 - High CVE-2022-4262: Type Confusion in V8.
 - High CVE-2022-4174: Type Confusion in V8.
 - High CVE-2022-4175: Use after free in Camera Capture.
 - High CVE-2022-4176: Out of bounds write in Lacros Graphics.
 - High CVE-2022-4177: Use after free in Extensions.
 - High CVE-2022-4178: Use after free in Mojo.
 - High CVE-2022-4179: Use after free in Audio.
 - High CVE-2022-4180: Use after free in Mojo.
 - High CVE-2022-4181: Use after free in Forms.
 - Medium CVE-2022-4182: Inappropriate implementation in Fenced Frames.
 - Medium CVE-2022-4183: Insufficient policy enforcement in Popup Blocker.
 - Medium CVE-2022-4184: Insufficient policy enforcement in Autofill.
 - Medium CVE-2022-4185: Inappropriate implementation in Navigation.
 - Medium CVE-2022-4186: Insufficient validation of untrusted input in Downloads.
 - Medium CVE-2022-4187: Insufficient policy enforcement in DevTools.
 - Medium CVE-2022-4188: Insufficient validation of untrusted input in CORS.
 - Medium CVE-2022-4189: Insufficient policy enforcement in DevTools.
 - Medium CVE-2022-4190: Insufficient data validation in Directory.
 - Medium CVE-2022-4191: Use after free in Sign-In.
 - Medium CVE-2022-4192: Use after free in Live Caption.
 - Medium CVE-2022-4193: Insufficient policy enforcement in File System API.
 - Medium CVE-2022-4194: Use after free in Accessibility.
 - Medium CVE-2022-4195: Insufficient policy enforcement in Safe Browsing.
 - High CVE-2022-4135: Heap buffer overflow in GPU.
 - High CVE-2022-3885: Use after free in V8.
 - High CVE-2022-3886: Use after free in Speech Recognition.
 - High CVE-2022-3887: Use after free in Web Workers.
 - High CVE-2022-3888: Use after free in WebCodecs.
 - High CVE-2022-3889: Type Confusion in V8.
 - High CVE-2022-3890: Heap buffer overflow in Crashpad.
 - High CVE-2022-3723: Type Confusion in V8.
 - High CVE-2022-3652: Type Confusion in V8.
 - High CVE-2022-3653: Heap buffer overflow in Vulkan.
 - High CVE-2022-3654: Use after free in Layout.
 - Medium CVE-2022-3655: Heap buffer overflow in Media Galleries.
 - Medium CVE-2022-3656: Insufficient data validation in File System.
 - Medium CVE-2022-3657: Use after free in Extensions.
 - Medium CVE-2022-3658: Use after free in Feedback service on Chrome OS.
 - Medium CVE-2022-3659: Use after free in Accessibility.
 - Medium CVE-2022-3660: Inappropriate implementation in Full screen mode.
 - Low CVE-2022-3661: Insufficient data validation in Extensions.

* Mon Jan 23 2023 Andrey Cherepanov <cas@altlinux.org> 22.11.0.2485-alt1.1
- NMU: supported proxy settings from environment variables (ALT #44983) 
- NMU: FTBFS fix: required libwayland-client

* Wed Nov 23 2022 Vasiliy Tsukanov <palar@altlinux.org> 22.11.0.2485-alt1
- browser updated to 22.11.0

* Wed Nov 2 2022 Vasiliy Tsukanov <palar@altlinux.org> 22.9.3.920-alt1
- browser updated to 22.9.3

* Mon Sep 5 2022 Vasiliy Tsukanov <palar@altlinux.org> 22.7.3.817-alt3
- removed comment at yandex-browser.appdata.xml (closes: 43673)

* Thu Aug 18 2022 Vasiliy Tsukanov <palar@altlinux.org> 22.7.3.817-alt2
- removed built-in xdg-utils deps from the package
- added font with emoji support dependency

* Thu Aug 11 2022 Vasiliy Tsukanov <palar@altlinux.org> 22.7.3.817-alt1
- initial build for ALT
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Версия: v24.5.3
Наверх