From f6f8e11255b2adb2b093f247e4aaab4dcc30134d Mon Sep 17 00:00:00 2001
From: omni <omni+alpine@hack.org>
Date: Mon, 7 Nov 2022 23:02:55 +0000
Subject: [PATCH] community/qt5-qtwebengine: chromium security upgrade

Offload invent.kde.org by fetching the tarballs from the official
mirrors at github.
---
 community/qt5-qtwebengine/APKBUILD | 24 +++++++++++++++++++-----
 1 file changed, 19 insertions(+), 5 deletions(-)

diff --git a/community/qt5-qtwebengine/APKBUILD b/community/qt5-qtwebengine/APKBUILD
index 6f735528c2dc..766a6150c749 100644
--- a/community/qt5-qtwebengine/APKBUILD
+++ b/community/qt5-qtwebengine/APKBUILD
@@ -3,11 +3,11 @@
 # Maintainer: Bart Ribbers <bribbers@disroot.org>
 pkgname=qt5-qtwebengine
 pkgver=5.15.3_git20220505
-pkgrel=3
+pkgrel=4
 # latest commit of 5.15 branch at pkgver date
 _commit="a90f994c5d1e3edeafa8dc8048fe7c6a74aead1a"
 # latest commit of 87-based branch of qtwebengine-chromium
-_chromium_commit="9d42f3a5802d427c0e9358b2a0469f18285558c0"
+_chromium_commit="44210c493538985203b8c2fa92c3d71c91362c37"
 # commit of catapult version with python3 support
 _catapult_commit="5eedfe23148a234211ba477f76fc2ea2e8529189"
 pkgdesc="Qt5 - QtWebEngine components"
@@ -73,8 +73,8 @@ makedepends="$depends_dev
 	"
 subpackages="$pkgname-dbg $pkgname-dev"
 
-source="$pkgname-$pkgver.tar.gz::https://invent.kde.org/qt/qt/qtwebengine/-/archive/$_commit.tar.gz
-	qtwebengine-chromium-$_chromium_commit.tar.gz::https://invent.kde.org/qt/qt/qtwebengine-chromium/-/archive/$_chromium_commit.tar.gz
+source="$pkgname-$pkgver.tar.gz::https://github.com/qt/qtwebengine/archive/$_commit.tar.gz
+	qtwebengine-chromium-$_chromium_commit.tar.gz::https://github.com/qt/qtwebengine-chromium/archive/$_chromium_commit.tar.gz
 	qtwebengine-catapult-$_catapult_commit.tar.gz::https://dev.alpinelinux.org/archive/qt5-qtwebengine/catapult-$_catapult_commit.tar.gz
 	0001-pretend-to-stay-at-5.15.3.patch
 	0010-chromium-musl-Match-syscalls-to-match-musl.patch
@@ -106,6 +106,20 @@ source="$pkgname-$pkgver.tar.gz::https://invent.kde.org/qt/qt/qtwebengine/-/arch
 builddir="$srcdir/qtwebengine-$_commit"
 
 # secfixes:
+#   5.15.3_git20220505-r4:
+#     - CVE-2022-3038
+#     - CVE-2022-3040
+#     - CVE-2022-3041
+#     - CVE-2022-3075
+#     - CVE-2022-3196
+#     - CVE-2022-3197
+#     - CVE-2022-3198
+#     - CVE-2022-3199
+#     - CVE-2022-3201
+#     - CVE-2022-3304
+#     - CVE-2022-3370
+#     - CVE-2022-3446
+#     - CVE-2022-35737
 #   5.15.3_git20220505-r3:
 #     - CVE-2022-2477
 #     - CVE-2022-2610
@@ -365,7 +379,7 @@ package() {
 
 sha512sums="
 9add735a317e1a8e516022364fe52ee0a530b5f9b582ccd01fc7ae195f9fc383579c78e7941aa6b1225d7ec1987eb11a470869438e8a9dbc59d3e2f6ae91f641  qt5-qtwebengine-5.15.3_git20220505.tar.gz
-673e94fdaa736386094ca90e97fb89a618144caddf90a662a59979d5e86d6cad73dc2cc112380ec0f64955f8defddba3939612ab46df9b9eab3b1d37cca39e07  qtwebengine-chromium-9d42f3a5802d427c0e9358b2a0469f18285558c0.tar.gz
+48afc05f4be31004e233e005d527f82f3f1b6438f9d5d34dfde434055b0751550eaaff66b4d6eef95c8933bb87466fc41871f8be1a0be3e163cf3e614500ea78  qtwebengine-chromium-44210c493538985203b8c2fa92c3d71c91362c37.tar.gz
 dae82398defd89bb664d73849cb2e3bfa17f309dabb8187efeb324c83fe657eb51dee034b7733cdc80cbd28e9fe600e3befa4c6b18572175dcc17621a56c119f  qtwebengine-catapult-5eedfe23148a234211ba477f76fc2ea2e8529189.tar.gz
 f06358455850907f975fd79ebd63c6795e7fbe95c90a3777282469b6b93cd1a789583e2f661746979a87d6ce9311f2445ee06842a1277792e9a708fd3adfd064  0001-pretend-to-stay-at-5.15.3.patch
 2438ac56b1c819d1f6634814b148919e15d7d4e41a64fedab38358d794e8286a1eebaaa8579661e8e75fbc321f4d16c47b1838219cb0aadc307c4c8dd97e91b1  0010-chromium-musl-Match-syscalls-to-match-musl.patch
-- 
GitLab