Bug#876940: boinc: Depends on libwxgtk-webview3.0-0v5 which depends on webkit1

Olly Betts Tue, 26 Sep 2017 18:09:25 -0700

Package: boinc
Version: 7.8.2+dfsg-3
Severity: serious
Tags: sid buster patch
User: pkg-webkit-maintain...@lists.alioth.debian.org
Usertags: oldlibs libwebkitgtk-1.0-0 webkit1
Control: block 790222 by -1


boinc-manager depends on libwxgtk-webview3.0-0v5 which
depends on libwxgtk-webview3.0-0v5 which depends on
libwebkitgtk-1.0-0. libwebkitgtk-1.0-0 is the old webkitgtk library
that suffers from many reported CVEs that have been fixed in
libwebkit2gtk-4.0-37 (src: webkit2gtk ).  The pkg-webkit maintainers
do not intend to release Debian 10 "Buster" with libwebkitgtk-1.0-0.

boinc-manager is the only reverse dependency of libwxgtk-webview3.0-0v5,
and apparently will soon be the only package blocking removal of webkit1.

I've attached a patch which changes boinc-manager to use wxHtmlWindow
instead of wxWebView.  I can build the package with this patch applied,
but I don't know boinc well enough to usefully test its functionality.
wxHtmlWindow is not a full-featured web browser, but hopefully this
gives a usable application - please test it out.

Cheers,
    Olly

diff -Nru boinc-7.8.2+dfsg/debian/changelog boinc-7.8.2+dfsg/debian/changelog
--- boinc-7.8.2+dfsg/debian/changelog	2017-09-07 19:41:28.000000000 +1200
+++ boinc-7.8.2+dfsg/debian/changelog	2017-09-27 11:13:58.000000000 +1300
@@ -1,3 +1,10 @@
+boinc (7.8.2+dfsg-3exp1.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Switch to use wxHtmlWindow instead of wxWebView.
+
+ -- Olly Betts <o...@survex.com>  Wed, 27 Sep 2017 11:13:58 +1300
+
 boinc (7.8.2+dfsg-3exp1) experimental; urgency=medium
 
   * Upload to experimental again, with the boinc-server-* packages.
diff -Nru boinc-7.8.2+dfsg/debian/control boinc-7.8.2+dfsg/debian/control
--- boinc-7.8.2+dfsg/debian/control	2017-09-07 19:41:28.000000000 +1200
+++ boinc-7.8.2+dfsg/debian/control	2017-09-27 11:13:58.000000000 +1300
@@ -26,7 +26,6 @@
                libsqlite3-dev,
                libssl-dev,
                libtool,
-               libwxgtk-webview3.0-dev,
                libwxgtk3.0-dev,
                libxcb-util0-dev,
                libxi-dev,
diff -Nru boinc-7.8.2+dfsg/debian/control.in boinc-7.8.2+dfsg/debian/control.in
--- boinc-7.8.2+dfsg/debian/control.in	2017-09-06 18:23:42.000000000 +1200
+++ boinc-7.8.2+dfsg/debian/control.in	2017-09-27 11:07:10.000000000 +1300
@@ -26,7 +26,6 @@
                libsqlite3-dev,
                libssl-dev,
                libtool,
-               libwxgtk-webview3.0-dev,
                libwxgtk3.0-dev,
                libxcb-util0-dev,
                libxi-dev,
diff -Nru boinc-7.8.2+dfsg/debian/patches/series boinc-7.8.2+dfsg/debian/patches/series
--- boinc-7.8.2+dfsg/debian/patches/series	2017-09-07 19:36:02.000000000 +1200
+++ boinc-7.8.2+dfsg/debian/patches/series	2017-09-27 11:13:58.000000000 +1300
@@ -30,3 +30,4 @@
 fix-underlinking.patch
 static_scientific_apps.patch
 0001-Fix-build-with-new-glibc-2.26.patch
+use-wxhtmlwindow-instead-of-wxwebview.patch
diff -Nru boinc-7.8.2+dfsg/debian/patches/use-wxhtmlwindow-instead-of-wxwebview.patch boinc-7.8.2+dfsg/debian/patches/use-wxhtmlwindow-instead-of-wxwebview.patch
--- boinc-7.8.2+dfsg/debian/patches/use-wxhtmlwindow-instead-of-wxwebview.patch	1970-01-01 12:00:00.000000000 +1200
+++ boinc-7.8.2+dfsg/debian/patches/use-wxhtmlwindow-instead-of-wxwebview.patch	2017-09-27 11:13:58.000000000 +1300
@@ -0,0 +1,104 @@
+Description: Use wxHtmlWindow instead of wxWebView
+Author: Olly Betts <o...@survex.com>
+Forwarded: no
+Last-Update: 2017-09-26
+
+--- a/clientgui/NoticeListCtrl.cpp
++++ b/clientgui/NoticeListCtrl.cpp
+@@ -50,8 +50,8 @@
+ BEGIN_EVENT_TABLE( CNoticeListCtrl, wxWindow )
+ 
+ ////@begin CNoticeListCtrl event table entries
+-    EVT_WEBVIEW_NAVIGATING(ID_LIST_NOTIFICATIONSVIEW, CNoticeListCtrl::OnLinkClicked)
+-    EVT_WEBVIEW_ERROR(ID_LIST_NOTIFICATIONSVIEW, CNoticeListCtrl::OnWebViewError)
++    EVT_HTML_LINK_CLICKED(ID_LIST_NOTIFICATIONSVIEW, CNoticeListCtrl::OnLinkClicked)
++//    EVT_WEBVIEW_ERROR(ID_LIST_NOTIFICATIONSVIEW, CNoticeListCtrl::OnWebViewError)
+ ////@end CNoticeListCtrl event table entries
+  
+ END_EVENT_TABLE()
+@@ -84,7 +84,7 @@
+     wxWindow::Create( parent, ID_LIST_NOTIFICATIONSVIEW, wxDefaultPosition, wxDefaultSize,
+         wxSUNKEN_BORDER | wxTAB_TRAVERSAL );
+ 
+-    m_browser = wxWebView::New( this, ID_LIST_NOTIFICATIONSVIEW );
++    m_browser = new wxHtmlWindow( this, ID_LIST_NOTIFICATIONSVIEW );
+ ////@end CNoticeListCtrl creation
+ 
+     wxBoxSizer *topsizer;
+@@ -238,7 +238,7 @@
+     m_noticesBody += wxT("</font></body></html>");
+     // baseURL is not needed here (see comments above) and it
+     // must be an empty string for this to work under OS 10.12.4
+-    m_browser->SetPage(m_noticesBody, wxEmptyString);
++    m_browser->SetPage(m_noticesBody);
+ }
+ 
+ 
+@@ -248,22 +248,27 @@
+ }
+ 
+ 
+-void CNoticeListCtrl::OnLinkClicked( wxWebViewEvent& event ) {
+-    if (event.GetURL().StartsWith(wxT("http://";)) || event.GetURL().StartsWith(wxT("https://";))) {
+-        event.Veto();   // Tell wxWebView not to follow link
+-		wxLaunchDefaultBrowser(event.GetURL());
++void CNoticeListCtrl::OnLinkClicked( wxHtmlLinkEvent& event ) {
++    wxString url = event.GetLinkInfo().GetHref();
++    if (url.StartsWith(wxT("http://";)) || url.StartsWith(wxT("https://";))) {
++	// wxHtmlLinkEvent doesn't have Veto(), but only loads the page if you
++	// call Skip().
++        // event.Veto();   // Tell wxWebView not to follow link
++		wxLaunchDefaultBrowser(url);
+     } else {
+         event.Skip();
+     }
+ }
+ 
+ 
++#if 0
+ void CNoticeListCtrl::OnWebViewError( wxWebViewEvent& event ) {
+    fprintf(stderr, "wxWebView error: target=%s, URL=%s\n", 
+             (event.GetTarget().ToStdString()).c_str(), (event.GetURL().ToStdString()).c_str());
+ 
+     event.Skip();
+ }
++#endif
+ 
+ 
+ /*!
+--- a/clientgui/NoticeListCtrl.h
++++ b/clientgui/NoticeListCtrl.h
+@@ -45,8 +45,8 @@
+     
+ ////@begin CNoticeListCtrl event handler declarations
+ 
+-    void OnLinkClicked( wxWebViewEvent& event );
+-    void OnWebViewError( wxWebViewEvent& event );
++    void OnLinkClicked( wxHtmlLinkEvent& event );
++//    void OnWebViewError( wxWebViewEvent& event );
+ 
+ ////@end CNoticeListCtrl event handler declarations
+ 
+@@ -56,7 +56,7 @@
+     bool        m_bDisplayFetchingNotices;
+     bool        m_bDisplayEmptyNotice;
+ private:
+-    wxWebView*  m_browser;
++    wxHtmlWindow*  m_browser;
+     bool        m_bNeedsReloading;
+     int         m_itemCount;
+     wxString    m_noticesBody;
+--- a/clientgui/stdwx.h
++++ b/clientgui/stdwx.h
+@@ -117,8 +117,11 @@
+ #include <wx/mstream.h>
+ #include <wx/hash.h>
+ #include <wx/selstore.h>
++#if 0
+ #include <wx/webview.h>
+ #include <wx/webviewfshandler.h>
++#endif
++#include <wx/html/htmlwin.h>
+ #include <wx/snglinst.h>
+ #include <wx/bmpcbox.h>
+ #include <wx/evtloop.h>

Bug#876940: boinc: Depends on libwxgtk-webview3.0-0v5 which depends on webkit1

Reply via email to