Package: epiphany-browser | Debian Sources

Package: epiphany-browser / 3.38.2-1+deb11u3

Metadata

Package	Version	Patches format
epiphany-browser	3.38.2-1+deb11u3	3.0 (quilt)

Patch series

view the series file

Patch	File delta	Description
00_epiphany browser.patch \| (download)	meson.build \| 6 3 + 3 - 0 ! 1 file changed, 3 insertions(+), 3 deletions(-)	install as epiphany-browser not epiphany
07_bookmarks.patch \| (download)	data/default-bookmarks.rdf.in \| 17 17 + 0 - 0 ! 1 file changed, 17 insertions(+)	add default bookmarks for debian
dont make compulsory.patch \| (download)	data/org.gnome.Epiphany.appdata.xml.in.in \| 1 0 + 1 - 0 ! 1 file changed, 1 deletion(-)	appdata: don't mark as compulsory for gnome Upstream mark it as a system application that cannot be removed, because it's GNOME's default web browser, but our default in Debian is Firefox. Allow users to uninstall this app if they wish.
build Allow libportal support to be disabled.patch \| (download)	lib/ephy-flatpak-utils.c \| 9 9 + 0 - 0 ! meson.build \| 26 14 + 12 - 0 ! meson_options.txt \| 6 6 + 0 - 0 ! 3 files changed, 29 insertions(+), 12 deletions(-)	build: allow libportal support to be disabled It isn't clear whether the API/ABI of libportal are entirely stable yet (https://github.com/flatpak/libportal/issues/33) so it is not necessarily appropriate for longer-term-supported OS distributions to include it. When building a version of epiphany for a distribution package, which is only intended to be packaged in a format other than as a Flatpak app, libportal isn't necessary anyway. libportal is also Linux-specific, so non-Linux OSs will likely want to disable it (even if it might compile successfully). Signed-off-by: Simon McVittie <smcv@debian.org>
encode untrusted data.patch \| (download)	embed/ephy-about-handler.c \| 39 32 + 7 - 0 ! embed/ephy-pdf-handler.c \| 14 8 + 6 - 0 ! embed/ephy-reader-handler.c \| 34 28 + 6 - 0 ! embed/ephy-view-source-handler.c \| 18 13 + 5 - 0 ! embed/ephy-web-view.c \| 114 51 + 63 - 0 ! lib/ephy-output-encoding.c \| 117 117 + 0 - 0 ! lib/ephy-output-encoding.h \| 38 38 + 0 - 0 ! lib/meson.build \| 1 1 + 0 - 0 ! 8 files changed, 288 insertions(+), 87 deletions(-)	properly encode untrusted data when injecting into trusted pages
glib bug workaround.patch \| (download)	src/ephy-session.c \| 8 7 + 1 - 0 ! 1 file changed, 7 insertions(+), 1 deletion(-)	remove user data from task to workaround glib bug
CVE 2022 29536.patch \| (download)	lib/ephy-string.c \| 5 2 + 3 - 0 ! 1 file changed, 2 insertions(+), 3 deletions(-)	[patch] fix memory corruption in ephy_string_shorten() This fixes a regression that I introduced in 232c613472b38ff0d0d97338f366024ddb9cd228. I got my browser stuck in a crash loop today while visiting a website with a page title greater than ephy-embed.c's MAX_TITLE_LENGTH, the only condition in which ephy_string_shorten() is ever used. Turns out this commit is wrong: an ellipses is a multibyte character (three bytes in UTF-8) and so we're writing past the end of the buffer when calling strcat() here. Ooops. Shame it took nearly four years to notice and correct this. Part-of: <https://gitlab.gnome.org/GNOME/epiphany/-/merge_requests/1106>

1