- Rebase to webkitgtk 2.52.3 to address WebKitGTK security advisories WSA-2026-0001 and WSA-2026-0002 (matches RHSA-2026:9692). - Drop all CVE-2025-* backport patches (Patch100..Patch112); the fixes are included in 2.52.3 upstream. - Drop fix-missing-typename.patch: target source file was removed upstream. - Adapt fix-compositemode-init.patch, fix-renderelement-binding.patch, and fix-renderflexbox-typename.patch to 2.52.3 line offsets (same semantic clang15 / libstdc++ compat fix). - Refresh all CentOS Stream 9-derived patches to the versions that ship with c9s webkit2gtk3-2.52.3 (glib-2-68, libsoup2, icu-67, g-ir-scanner-nonfatal, evolution-sandbox-warning, aarch64-build) and reorder them to match c9s so they apply with rpm's --fuzz=0 --strict mode. Our previously-carried versions targeted the 2.50.1 source tree and broke when applied against 2.52.3. - Switch build toolchain from Clang 15 to gcc-toolset-12 (GCC 12). AlmaLinux 9.2 ESU ships Clang 15 as its system compiler, but Clang 15 does not implement C++20 P0634R3 ("implicit typename") nor the `requires`-clause name-lookup fix needed to compile WebKit 2.52+. GCC 12 implements both and is fully supported upstream. %global toolchain is now gcc; BuildRequires updated accordingly; gcc-toolset-12 is enabled in %build via /opt/rh/gcc-toolset-12/enable. - Drop tarball signature/hash verification from %prep. Upstream's 2.52.3 .asc was signed with an expired DSA key (key expired 2026-04-14, signature made 2026-04-16), so gpgv 2.3.x refuses it. The tarball lives in Gerrit under change control, so the per-build verify step is redundant. Source1 (.asc) and Source2 (keyring) are removed along with their files. - CVEs resolved by this rebase (30 total): WSA-2026-0001 (fixed upstream in 2.50.5 / 2.50.6): CVE-2025-43433, CVE-2025-43438, CVE-2025-43441, CVE-2025-43457, CVE-2025-43511, CVE-2025-46299, CVE-2026-20608, CVE-2026-20635, CVE-2026-20636, CVE-2026-20644, CVE-2026-20652, CVE-2026-20676 WSA-2026-0002 (fixed in 2.52.1): CVE-2026-20643, CVE-2026-20664, CVE-2026-20665, CVE-2026-20691, CVE-2026-28857, CVE-2026-28859, CVE-2026-28871 Older Apple waves superseded by this rebase (from WSA-2025-0008/0009/0010, previously tracked by WIP Gerrit change 245288): CVE-2025-13947, CVE-2025-14174, CVE-2025-43431, CVE-2025-43443, CVE-2025-43458, CVE-2025-43501, CVE-2025-43529, CVE-2025-43531, CVE-2025-43535, CVE-2025-43536, CVE-2025-43541 CVEs from these advisories that were already fixed in 2.50.1 (no action needed): CVE-2023-43010 (2.44.0), CVE-2025-31223 / CVE-2025-31277 (2.50.0), CVE-2025-43213 / CVE-2025-43214 (cherry-picked onto the webkitglib/2.50 branch before the 2.50.0 tag).