Ubuntu
qtwebkit-opensource-src package

[MIR] qt5webkit

Bug #1192567 reported by Ken VanDine
12
This bug affects 1 person
Affects Status Importance Assigned to Milestone
qt3d-opensource-src (Ubuntu)
Fix Released
Undecided
Unassigned
qtlocation-opensource-src (Ubuntu)
Fix Released
Undecided
Unassigned
qtscript-opensource-src (Ubuntu)
Fix Released
Undecided
Unassigned
qtsensors-opensource-src (Ubuntu)
Fix Released
Undecided
Unassigned
qtwebkit-opensource-src (Ubuntu)
Fix Released
Undecided
Unassigned

Bug Description

Availability: in universe: amd64, i386, armhf

Rationale: signon-ui uses qtwebkit for login to online accounts, to work on the ubuntu touch devices we need the qt5 port of that.

Security: it's webkit...
Dependencies: qtsensors5-dev, qtlocation5-dev and qt3d-opensource-src in universe

Maintenance: The maintainers of the Qt5 packages for ubuntu have been preparing the packages for debian as well, ensuring they are compatible. Hopefully, in the future well be able to just sync from debian.

See original description
Ken VanDine (ken-vandine)
Changed in qtwebkit-opensource-src (Ubuntu):
assignee: nobody → Jamie Strandboge (jdstrand)
description: updated
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

Webkit maintenance is a major problem and we have a blueprint (https://blueprints.launchpad.net/ubuntu/+spec/client-1303-webkit-maintenance) for trying to come up with a supportable version of webkit, and qtwebkit-opensource-src is *not* it. The current plan is to provide a different, Canonical-supported library for the SDK and any other applications that want to use it. Applications that want to be Canonical-supported will be required to use this library instead of qtwebkit-opensource-src.

That said, this new library is not available now, so we shouldn't block online accounts and the SDK on this work. However, we should not be promoting things that use qtwebkit-opensource-src to main unless we plan to move them over to the new library in the future. In an ideal world, this library will exist for 13.10, but more realistically, it will be in place for 14.04. Once this new library is available, everything Canonical-supported should move to the new library so we can demote qt5webkit and qt4webkit.

Temporary security team ACK.

Changed in qtwebkit-opensource-src (Ubuntu):
assignee: Jamie Strandboge (jdstrand) → nobody
Revision history for this message
Didier Roche-Tolomelli (didrocks) wrote :

+1 to unblock from me if needed, I reviewed and helped fixing before uploads in universe, but I would appreciate a second MIR reviewer since I worked on those.

The only thing that needs clear double checking is that all build-deps/deps are in main (seb and I will do that shortly).

Revision history for this message
Sebastien Bacher (seb128) wrote :

(I checked the build-depends/depend and added qtscript-opensource-src to the list, we should be good with it)

Revision history for this message
Michael Terry (mterry) wrote :

qtwebkit-opensource-src itself seems mostly fine. Good packaging, has a bug subscriber (though it would be nice to see a team one), has been reviewed by security,

However, I'd like to see bug 1171553 fixed. That seems to make it difficult to actually use the library, right?

Can you talk about tests? I see that there are several test-looking directories in Tools/, but dh_auto_test during build doesn't seem to run anything interesting.

Changed in qtwebkit-opensource-src (Ubuntu):
status: New → Incomplete
Revision history for this message
Didier Roche-Tolomelli (didrocks) wrote :

@Michael: uploaded qtwebkit-opensource-src 5.0.1-0ubuntu3 which is fixing the issue on bug #1171553 (trying to pull Qt4). For the tests, I prefer we don't block on that (especially as it's a temporary solution) and wait for the Qt5 expert, Timo, to be back to look at it.

Revision history for this message
Michael Terry (mterry) wrote :

In the interests of not blocking, I'll approve without the tests, but I've filed bug 1193370 about it. I'd really like to see that fixed this cycle.

Changed in qtwebkit-opensource-src (Ubuntu):
status: Incomplete → Fix Committed
Revision history for this message
Michael Terry (mterry) wrote :

As for qtsensors, it has the same test problem. That tests aren't being run. I've added a task to bug 1193370.

Besides that, it's fine.

Changed in qtsensors-opensource-src (Ubuntu):
status: New → Fix Committed
Revision history for this message
Michael Terry (mterry) wrote :

Same deals with qtscript-opensource-src (added to bug about tests). Additionally, it's got a built-in parser, so should probably have a quick security audit.

Changed in qtscript-opensource-src (Ubuntu):
assignee: nobody → Ubuntu Security Team (ubuntu-security)
status: New → Incomplete
Revision history for this message
Michael Terry (mterry) wrote :

qtlocation-opensource-src should drop powerpc. It also seems to be ftbfs in saucy? "Project ERROR: Module does not define version."

In debian/control, it has a Description that says "Qt 5 3d examples". Bad copy/paste. No big deal, just noticed.

It also doesn't seem to run its tests. Added to that other bug. Could use a subscriber in Ubuntu too.

Changed in qtlocation-opensource-src (Ubuntu):
status: New → Incomplete
Revision history for this message
Michael Terry (mterry) wrote :

qt3d-opensource-src also could stand to drop the powerpc architecture, enable tests, add a bug subscriber, and ftbfs with the same "Project ERROR: Module does not define version." message.

Only blocker is the ftbfs. I've added the package to the other bug about tests.

Changed in qt3d-opensource-src (Ubuntu):
status: New → Incomplete
Revision history for this message
Didier Roche-Tolomelli (didrocks) wrote :

@Michael:
-> we don't drop powerpc, it seems that the release team prefers it to build-dep wait in case v8 starts to be available on it.
-> FTBFS and typo: Just fixed in 5.0~git20130117-0ubuntu2 (uploaded)
-> bug subscription: asked Timo to subscribe once he's back
-> tests: as for the other pieces, asked to look at it once Timo will be around :)

Michael Terry (mterry)
Changed in qtlocation-opensource-src (Ubuntu):
status: Incomplete → Fix Committed
Revision history for this message
Didier Roche-Tolomelli (didrocks) wrote :

qt3d-opensource-src (quite simlar than previous one):
-> we don't drop powerpc, it seems that the release team prefers it to build-dep wait in case v8 starts to be available on it.
-> ftbfs fixed in 5.0~git20130109-0ubuntu3
-> bug subscription: asked Timo to subscribe once he's back
-> tests: as for the other pieces, asked to look at it once Timo will be around :)

Revision history for this message
Didier Roche-Tolomelli (didrocks) wrote :

$ ./change-override -S -c main qtlocation-opensource-src
Override component to main
qtlocation-opensource-src 5.0~git20130117-0ubuntu1 in saucy: universe/libs -> main
libqt5location5 5.0~git20130117-0ubuntu1 in saucy amd64: universe/libs/optional/100% -> main
libqt5location5 5.0~git20130117-0ubuntu1 in saucy armhf: universe/libs/optional/100% -> main
libqt5location5 5.0~git20130117-0ubuntu1 in saucy i386: universe/libs/optional/100% -> main
qtdeclarative5-qtlocation-plugin 5.0~git20130117-0ubuntu1 in saucy amd64: universe/libs/optional/100% -> main
qtdeclarative5-qtlocation-plugin 5.0~git20130117-0ubuntu1 in saucy armhf: universe/libs/optional/100% -> main
qtdeclarative5-qtlocation-plugin 5.0~git20130117-0ubuntu1 in saucy i386: universe/libs/optional/100% -> main
qtlocation5-dbg 5.0~git20130117-0ubuntu1 in saucy amd64: universe/debug/extra/100% -> main
qtlocation5-dbg 5.0~git20130117-0ubuntu1 in saucy armhf: universe/debug/extra/100% -> main
qtlocation5-dbg 5.0~git20130117-0ubuntu1 in saucy i386: universe/debug/extra/100% -> main
qtlocation5-dev 5.0~git20130117-0ubuntu1 in saucy amd64: universe/libdevel/optional/100% -> main
qtlocation5-dev 5.0~git20130117-0ubuntu1 in saucy armhf: universe/libdevel/optional/100% -> main
qtlocation5-dev 5.0~git20130117-0ubuntu1 in saucy i386: universe/libdevel/optional/100% -> main
qtlocation5-examples 5.0~git20130117-0ubuntu1 in saucy amd64: universe/x11/optional/100% -> main
qtlocation5-examples 5.0~git20130117-0ubuntu1 in saucy armhf: universe/x11/optional/100% -> main
qtlocation5-examples 5.0~git20130117-0ubuntu1 in saucy i386: universe/x11/optional/100% -> main
qtlocation5-private-dev 5.0~git20130117-0ubuntu1 in saucy amd64: universe/libdevel/optional/100% -> main
qtlocation5-private-dev 5.0~git20130117-0ubuntu1 in saucy armhf: universe/libdevel/optional/100% -> main
qtlocation5-private-dev 5.0~git20130117-0ubuntu1 in saucy i386: universe/libdevel/optional/100% -> main

Changed in qtlocation-opensource-src (Ubuntu):
status: Fix Committed → Fix Released
Revision history for this message
Didier Roche-Tolomelli (didrocks) wrote :

$ ./change-override -S -c main qtsensors-opensource-src
Override component to main
qtsensors-opensource-src 5.0~git20130507-0ubuntu2 in saucy: universe/libs -> main
libqt5sensors5 5.0~git20130507-0ubuntu2 in saucy amd64: universe/libs/optional/100% -> main
libqt5sensors5 5.0~git20130507-0ubuntu2 in saucy armhf: universe/libs/optional/100% -> main
libqt5sensors5 5.0~git20130507-0ubuntu2 in saucy i386: universe/libs/optional/100% -> main
qtdeclarative5-qtsensors-plugin 5.0~git20130507-0ubuntu2 in saucy amd64: universe/libs/optional/100% -> main
qtdeclarative5-qtsensors-plugin 5.0~git20130507-0ubuntu2 in saucy armhf: universe/libs/optional/100% -> main
qtdeclarative5-qtsensors-plugin 5.0~git20130507-0ubuntu2 in saucy i386: universe/libs/optional/100% -> main
qtsensors5-dbg 5.0~git20130507-0ubuntu2 in saucy amd64: universe/debug/extra/100% -> main
qtsensors5-dbg 5.0~git20130507-0ubuntu2 in saucy armhf: universe/debug/extra/100% -> main
qtsensors5-dbg 5.0~git20130507-0ubuntu2 in saucy i386: universe/debug/extra/100% -> main
qtsensors5-dev 5.0~git20130507-0ubuntu2 in saucy amd64: universe/libdevel/optional/100% -> main
qtsensors5-dev 5.0~git20130507-0ubuntu2 in saucy armhf: universe/libdevel/optional/100% -> main
qtsensors5-dev 5.0~git20130507-0ubuntu2 in saucy i386: universe/libdevel/optional/100% -> main
qtsensors5-examples 5.0~git20130507-0ubuntu2 in saucy amd64: universe/x11/optional/100% -> main
qtsensors5-examples 5.0~git20130507-0ubuntu2 in saucy armhf: universe/x11/optional/100% -> main
qtsensors5-examples 5.0~git20130507-0ubuntu2 in saucy i386: universe/x11/optional/100% -> main
qtsensors5-private-dev 5.0~git20130507-0ubuntu2 in saucy amd64: universe/libdevel/optional/100% -> main
qtsensors5-private-dev 5.0~git20130507-0ubuntu2 in saucy armhf: universe/libdevel/optional/100% -> main
qtsensors5-private-dev 5.0~git20130507-0ubuntu2 in saucy i386: universe/libdevel/optional/100% -> main

Changed in qtsensors-opensource-src (Ubuntu):
status: Fix Committed → Fix Released
Revision history for this message
Didier Roche-Tolomelli (didrocks) wrote :

$ ./change-override -S -c main qt3d-opensource-src
Override component to main
qt3d-opensource-src 5.0~git20130109-0ubuntu2 in saucy: universe/libs -> main
libqt53d5 5.0~git20130109-0ubuntu2 in saucy amd64: universe/libs/optional/100% -> main
libqt53d5 5.0~git20130109-0ubuntu2 in saucy armhf: universe/libs/optional/100% -> main
libqt53d5 5.0~git20130109-0ubuntu2 in saucy i386: universe/libs/optional/100% -> main
qt3d5-dbg 5.0~git20130109-0ubuntu2 in saucy amd64: universe/debug/extra/100% -> main
qt3d5-dbg 5.0~git20130109-0ubuntu2 in saucy armhf: universe/debug/extra/100% -> main
qt3d5-dbg 5.0~git20130109-0ubuntu2 in saucy i386: universe/debug/extra/100% -> main
qt3d5-dev 5.0~git20130109-0ubuntu2 in saucy amd64: universe/libdevel/optional/100% -> main
qt3d5-dev 5.0~git20130109-0ubuntu2 in saucy armhf: universe/libdevel/optional/100% -> main
qt3d5-dev 5.0~git20130109-0ubuntu2 in saucy i386: universe/libdevel/optional/100% -> main
qt3d5-examples 5.0~git20130109-0ubuntu2 in saucy amd64: universe/x11/optional/100% -> main
qt3d5-examples 5.0~git20130109-0ubuntu2 in saucy armhf: universe/x11/optional/100% -> main
qt3d5-examples 5.0~git20130109-0ubuntu2 in saucy i386: universe/x11/optional/100% -> main
qt3d5-private-dev 5.0~git20130109-0ubuntu2 in saucy amd64: universe/libdevel/optional/100% -> main
qt3d5-private-dev 5.0~git20130109-0ubuntu2 in saucy armhf: universe/libdevel/optional/100% -> main
qt3d5-private-dev 5.0~git20130109-0ubuntu2 in saucy i386: universe/libdevel/optional/100% -> main
qtdeclarative5-qt3d-plugin 5.0~git20130109-0ubuntu2 in saucy amd64: universe/libs/optional/100% -> main
qtdeclarative5-qt3d-plugin 5.0~git20130109-0ubuntu2 in saucy armhf: universe/libs/optional/100% -> main
qtdeclarative5-qt3d-plugin 5.0~git20130109-0ubuntu2 in saucy i386: universe/libs/optional/100% -> main

Changed in qt3d-opensource-src (Ubuntu):
status: Incomplete → Fix Released
Michael Terry (mterry)
Changed in qt3d-opensource-src (Ubuntu):
status: Fix Released → Fix Committed
Revision history for this message
Didier Roche-Tolomelli (didrocks) wrote :

as per: http://irclogs.ubuntu.com/2013/06/21/%23ubuntu-devel.html#t16:01, prepromoting:
$ ./change-override -S -c main qtscript-opensource-src
Override component to main
qtscript-opensource-src 5.0.2+dfsg-2fakesync1 in saucy: universe/libs -> main
libqt5script5 5.0.2+dfsg-2fakesync1 in saucy amd64: universe/libs/optional/100% -> main
libqt5script5 5.0.2+dfsg-2fakesync1 in saucy armhf: universe/libs/optional/100% -> main
libqt5script5 5.0.2+dfsg-2fakesync1 in saucy i386: universe/libs/optional/100% -> main
libqt5script5 5.0.2+dfsg-2fakesync1 in saucy powerpc: universe/libs/optional/100% -> main
libqt5scripttools5 5.0.2+dfsg-2fakesync1 in saucy amd64: universe/libs/optional/100% -> main
libqt5scripttools5 5.0.2+dfsg-2fakesync1 in saucy armhf: universe/libs/optional/100% -> main
libqt5scripttools5 5.0.2+dfsg-2fakesync1 in saucy i386: universe/libs/optional/100% -> main
libqt5scripttools5 5.0.2+dfsg-2fakesync1 in saucy powerpc: universe/libs/optional/100% -> main
qtscript5-dbg 5.0.2+dfsg-2fakesync1 in saucy amd64: universe/debug/extra/100% -> main
qtscript5-dbg 5.0.2+dfsg-2fakesync1 in saucy armhf: universe/debug/extra/100% -> main
qtscript5-dbg 5.0.2+dfsg-2fakesync1 in saucy i386: universe/debug/extra/100% -> main
qtscript5-dbg 5.0.2+dfsg-2fakesync1 in saucy powerpc: universe/debug/extra/100% -> main
qtscript5-dev 5.0.2+dfsg-2fakesync1 in saucy amd64: universe/libdevel/optional/100% -> main
qtscript5-dev 5.0.2+dfsg-2fakesync1 in saucy armhf: universe/libdevel/optional/100% -> main
qtscript5-dev 5.0.2+dfsg-2fakesync1 in saucy i386: universe/libdevel/optional/100% -> main
qtscript5-dev 5.0.2+dfsg-2fakesync1 in saucy powerpc: universe/libdevel/optional/100% -> main
qtscript5-examples 5.0.2+dfsg-2fakesync1 in saucy amd64: universe/x11/optional/100% -> main
qtscript5-examples 5.0.2+dfsg-2fakesync1 in saucy armhf: universe/x11/optional/100% -> main
qtscript5-examples 5.0.2+dfsg-2fakesync1 in saucy i386: universe/x11/optional/100% -> main
qtscript5-examples 5.0.2+dfsg-2fakesync1 in saucy powerpc: universe/x11/optional/100% -> main
qtscript5-private-dev 5.0.2+dfsg-2fakesync1 in saucy amd64: universe/libdevel/optional/100% -> main
qtscript5-private-dev 5.0.2+dfsg-2fakesync1 in saucy armhf: universe/libdevel/optional/100% -> main
qtscript5-private-dev 5.0.2+dfsg-2fakesync1 in saucy i386: universe/libdevel/optional/100% -> main
qtscript5-private-dev 5.0.2+dfsg-2fakesync1 in saucy powerpc: universe/libdevel/optional/100% -> main

Changed in qtscript-opensource-src (Ubuntu):
status: Incomplete → New
Revision history for this message
Didier Roche-Tolomelli (didrocks) wrote :

$ ./change-override -S -c main qtwebkit-opensource-src
Override component to main
qtwebkit-opensource-src 5.0.1-0ubuntu2 in saucy: universe/libs -> main
libqt5webkit5 5.0.1-0ubuntu2 in saucy amd64: universe/libs/optional/100% -> main
libqt5webkit5 5.0.1-0ubuntu2 in saucy armhf: universe/libs/optional/100% -> main
libqt5webkit5 5.0.1-0ubuntu2 in saucy i386: universe/libs/optional/100% -> main
libqt5webkit5-dbg 5.0.1-0ubuntu2 in saucy amd64: universe/debug/extra/100% -> main
libqt5webkit5-dbg 5.0.1-0ubuntu2 in saucy armhf: universe/debug/extra/100% -> main
libqt5webkit5-dbg 5.0.1-0ubuntu2 in saucy i386: universe/debug/extra/100% -> main
libqt5webkit5-dev 5.0.1-0ubuntu2 in saucy amd64: universe/libdevel/optional/100% -> main
libqt5webkit5-dev 5.0.1-0ubuntu2 in saucy armhf: universe/libdevel/optional/100% -> main
libqt5webkit5-dev 5.0.1-0ubuntu2 in saucy i386: universe/libdevel/optional/100% -> main
libqt5webkit5-qmlwebkitplugin 5.0.1-0ubuntu2 in saucy amd64: universe/libs/optional/100% -> main
libqt5webkit5-qmlwebkitplugin 5.0.1-0ubuntu2 in saucy armhf: universe/libs/optional/100% -> main
libqt5webkit5-qmlwebkitplugin 5.0.1-0ubuntu2 in saucy i386: universe/libs/optional/100% -> main

Changed in qtwebkit-opensource-src (Ubuntu):
status: Fix Committed → Fix Released
Michael Terry (mterry)
Changed in qt3d-opensource-src (Ubuntu):
status: Fix Committed → Fix Released
Revision history for this message
Dmitry Shachnev (mitya57) wrote :

We now also need a main inclusion for qttools-opensource-src. While I tried to avoid pulling it in via qtwebkit, it's now pulled by qtscript (it was added to the list relatively late, so I didn't know it's blocking anything). Filed as bug 1193566.

Revision history for this message
Jamie Strandboge (jdstrand) wrote :

Temporary ACK like with qtwebkit-opensource-src. We will be moving to Oxide (the chromium content api) for supported apps in the future. JSC was in qt4 so lets not block it for qt5 since Oxide isn't available yet.

Changed in qtscript-opensource-src (Ubuntu):
assignee: Ubuntu Security Team (ubuntu-security) → nobody
status: New → Fix Released
Timo Jyrinki (timo-jyrinki)
no longer affects: libwebp (Ubuntu)
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.