743858ad7d72aeed7ecc64ac1ec01c17 16.0.880.0 lrupp Resubmission of Chromium. This build currently has the sandbox disabled, so that there is no need for the SETUID bit. This will be changed based on the bugreport for the security validation (bnc#718016). All other issues should be resolved 82427 0cc8d95dc3fb8a7f1de1027a06f73dd1 16.0.880.0 lrupp Autobuild autoformatter for 82427 e92e06ce60fd15b1f6b95e330a331d03 16.0.891.0 oertel Update to Chromium version 16.0.891. This update contains the newer version, but also some updates in the spec-file related to the chromium setuid sandbox. bnc#718016 was filed to get the approval of the security team on the setuid bit on the chrome_sandbox. This was approved, but the spec-file needed some work to make it also happen on older releases. The method used now is the one confirmed by Ludwig (stated in the bugreport). At this moment the chromium package in 11.3:Contrib and 11.4:Contrib are links to the package in Factory, therefore the necessity to have it build for older versions. 84818 cd231734d83683111c02534492d81491 16.0.891.0 oertel Autobuild autoformatter for 84818 f99849f8efa5a81057e99fb1ad1500d6 16.0.898.0 oertel Update to chromium 16.0.898 86254 12f7ca7d94833a8f40237d83cab78cf7 16.0.904.0 lrupp Update to 16.0.904. With this version it is now easy to synchronize bookmarks, settings, passwords, etc with your google/gmail account. This time there is no v8 update 87190 6f44b0f5dc6912ab3ff6fa80f7a54f0b 16.0.910.0 saschpe Update to 16.0.910 88109 6f44b0f5dc6912ab3ff6fa80f7a54f0b 16.0.910.0 adrianSuSE ec9030feda36003cf7da8a03ab97f05e 17.0.922.0 coolo Regular update of V8 and Chromium 89830 31f4b0cb1cbe9b4ed07b6c0e0679253d 17.0.945.0 coolo Update to 17.0.945 92751 438f8e6d27d42bd95e78514437f4bd2c 18.0.975.0 coolo Nothing provides libudev - the proper library name is libudev0, chromium is uninstallable otherwise. (forwarded request 97162 from zawel1) 97163 4898055c14bd0ad860b21fa9cb170ab3 18.0.1022.0 coolo Update for Chromium. Resolves the following bugs: bunc#735629, bnc#739126, bnc#740493, bnc#743319, bnc#743158 102128 a62edd862859875d8194679b969d3f85 19.0.1031.0 coolo Update to newer version. Security fixes. New icon-set. 103219 445df642f63dee9214ede1857b0112ac 19.0.1046.0 coolo Update for Chromium. Security and other fixes 106940 bdac4c82ca492e6ba56fce5ac444572b 19.0.1060.0 coolo Update to a newer version 108214 15f0b442a195ca6e40eb498dcde9094d 19.0.1066.0 coolo Update of v8. Required for Chromium (bnc#750407 and bnc#751466) 108842 9435bc77c5dbe9937a67690338cd4cf0 20.0.1096.0 coolo Added libgnome as requires for desktop-gnome subpackage to solve bnc#756222 (forwarded request 113006 from simontol) 113007 dedbdf7fee403017ed4424adc734ff27 20.0.1106.0 coolo Update of chromium to a newer version. Introduces also a new package that contains the ChromeDriver standalone server 114569 29772d0487546aaae9eb251089f0487d 20.0.1119.0 coolo Update to a newer version 115816 fbb35a3fbe23e1bc85305992ad047a04 21.0.1137.0 coolo Update to a newer snapshot 120974 2a0d822a8919a0e50c0eec010658d98c 21.0.1145.0 coolo Automatic submission by obs-autosubmit 122682 f92055ecce36025a7cd117e073e04f9f 21.0.1158.0 coolo Update to a newer version 123158 c048235142ce244295f7cc0875824410 21.0.1158.0 coolo fix build without the version update c048235142ce244295f7cc0875824410 21.0.1158.0 adrianSuSE branched from openSUSE:Factory ac39d3190b9b519b56098b6f71d7b8ca 21.0.1158.0 coolo manual merge the build fix 78f489f1841c445d514314264f03372f 22.0.1190.0 coolo Update to a newer version 126677 781c535addc8f2c03552f68d07ad5a26 22.0.1221.0 coolo Fix build with glibc 2.16 (struct siginfo is not exported anymore). (forwarded request 129328 from a_jaeger) 129341 552ef7c47ee50f1f1189b69ca17a9ccc 22.0.1226.0 namtrac Forwarding because titti seems to be away. 131024 e3d3da9fc521ddf295d113046b6130bd 23.0.1255.0 coolo Update to newer version. V8 is no longer a dependency as that Chromium is now build with the full scale of internal libraries. 132633 289b4fea45c880b031b87b8646f175fb 23.0.1269.0 coolo Automatic submission by obs-autosubmit 135582 8f8e2df1ec58382efcc5afaea4e4ae17 24.0.1290.0 coolo Update to newer version 24.0.1290. Includes security fixes (bnc#782257) 137559 01cc2cbc2642621daf3baaa7fe69b718 24.0.1290.0 coolo - add explicit buildrequire on libbz2-devel (forwarded request 138367 from coolo) 138376 84e4524eb6c34a32fc96e62a666dcee1 24.0.1308.0 coolo Automatic submission by obs-autosubmit 140007 6706e71921090d46c23aa3d0b76931f5 25.0.1329.0 coolo Update to 25.0.1329. This build is now building the libffmpegsumo.so library based on the included ffmpeg codecs. The buildflags are set in such a way that only the Chromium codecs are build and not the ones for Chrome (like e.g. H.264 is only included with the Chrome build). This in accordance with the discussion with lnussel, coolo and cartman 142223 ca88926f3d529bde6607ffe9d144061e 25.0.1343.0 coolo Update to a newer version. Also resolves the issue around the functionality regarding the chromium-ffmpeg package from packman to support proprietary codecs 143750 6b0537d996afe93a325b8a0881e3c065 25.0.1352.0 namtrac Update to newer version 144602 bb8b795d3d2557068633f0328978d257 25.0.1362.0 coolo Security fixes. 145653 e7271a2688a003890df8f0113eb95d5b 26.0.1371.0 namtrac Update to newer version 146773 e7271a2688a003890df8f0113eb95d5b 26.0.1371.0 adrianSuSE Split 12.3 from Factory 72b64b037a54cde4cb339970fc92ee09 26.0.1393.0 coolo Update of chromium which fixes some strange bug which affected bugs.kde.org (example). Also we are building now against a number of system libraries. 150249 47254bf9d5ad1312188a8e84f39ed625 26.0.1411.0 coolo Update 155627 56395be63500e2d71ccb9ff3bb5f0a45 27.0.1425.0 coolo Bugfixes and security Updates 157073 9f163800128a2b3bd384a7fd528aaa6f 27.0.1447.0 coolo Automatic submission by obs-autosubmit 161289 b8587cd973ff9533dc7b8f46eee351e5 27.0.1452.0 coolo Update to 27.0.1452 161501 bbbe4a81b336cef8fb7c51f38d806f3e 28.0.1468.0 coolo Update to 28.0.1468. Bugfixes 163375 bbbe4a81b336cef8fb7c51f38d806f3e 28.0.1468.0 coolo Update to 28.0.1468. Bugfixes 163375 daeb0be9aa77267e3adacac7364d308f 28.0.1493.0 coolo Update to a newer version 173706 4764e2cfc5683063d33d8bf26758c419 28.0.1500.0 coolo Automatic submission by obs-autosubmit 175204 55ae3765c60f0b331334e008fa5065dd 29.0.1521.0 coolo Automatic submission by obs-autosubmit 177300 a3c4e39de6ac16caebb4ae2bbfd21d04 29.0.1530.0 coolo Automatic submission by obs-autosubmit 178825 c6b021ad194f604a67801922b7e9f3a5 29.0.1541.0 coolo Update to 29.0.1541. Fixes also the build issue with the latest nss libraries 179237 c0a02ce1e4a154e77d5ae2b715e3a18c 29.0.1548.0 coolo Update to 29.0.1548 181396 9197795280482113a64558fb4e1a1b12 30.0.1553.0 coolo Automatic submission by obs-autosubmit 182558 b3403852b467841e18ef6f5815918031 30.0.1567.0 coolo Automatic submission by obs-autosubmit 184128 456af99ab59af47b09e03f58fbd8edac 30.0.1575.0 coolo Automatic submission by obs-autosubmit 185558 d44a63d5877adea57fa867d267b1d01a 31.0.1601.0 scarabeus_factory Update to chromium 31.0.1604 188227 9ec2a8cce66e36068a6df90147b17320 31.0.1611.0 coolo require mozilla-nss-devel >= 3.14 and mozilla-nspr-devel >= 4.10 update patch tagging for [bnc#836059] (forwarded request 196484 from AndreasStieger) 196502 9ec2a8cce66e36068a6df90147b17320 31.0.1611.0 adrianSuSE Split 13.1 from Factory 39797fe7923882c5ec60b10e0f81507a 31.0.1640.0 coolo Two major changes are incorporated. First is that I am no longer using a svn snapshot to build chromium, but an official released tarball. This would allow us to start tracking Beta or Dev channel. Another change is that the same package is used to build the chromium-ffmpeg on packman. This means everything is merged into a single spec-file and based on its location it will build either chromium or chromium-ffmpeg. This would ensure that we always have correct versions. Furthermore I have added a _constraints file to reduce the number of failed builds due to build host issues. 201256 ec7a3f9696dcb9bb7d6893ff8990947d 31.0.1650.8 scarabeus_factory Update Chromium to an official Chrome Beta channel tarball. With this SR the conversion from SVN snapshot to following the Beta channel is completed. Changelog updated based on comments from mvyskocil 202156 604c21093bd51f29deb013e43bbf8571 31.0.1650.11 scarabeus_factory Automatic submission by obs-autosubmit 203873 039ae428c5e47e4ae297b4a4b1fb869b 31.0.1650.57 coolo Update of Chromium and removing not-allowed codecs 208773 c390a7040db8b39835de14bee602d489 31.0.1650.63 coolo Update of the Chromium stable channel. Includes the requested changes for the excludearch 210470 8531283f860b2d5a8aed7c4fa1563e0d 32.0.1700.77 coolo New Stable channel release 214642 4c40fe03331b386de345f32e18c9761f 32.0.1700.102 coolo Automatic submission by obs-autosubmit 220897 1f9fcfa4ea59b082a3d84d59d5281c34 33.0.1750.117 coolo Stable channel update 223512 99fbfa40c4d984a7042909f8746490fd 33.0.1750.152 coolo Automatic submission by obs-autosubmit 228037 23648aaec497278b21c14c006bd02fb9 33.0.1750.152 coolo No more fixed required versipn for the ffmpegsumo package. This is what the users want (bnc#872271) 229186 852ea5186d8e0cf85b2dd21ca57e2a58 34.0.1847.116 coolo Update to chromium stable channel 34.0.1847.116 (bnc#872805) 229746 46713fc88cae13559a16da65da950ef5 34.0.1847.116 coolo Automatic submission by obs-autosubmit 230840 c41de99619069a2780c7f6b846ca14fb 34.0.1847.132 coolo Automatic submission by obs-autosubmit 232665 c48b1d9ab868529e2077d10b94e6bad8 35.0.1916.114 coolo Update to Chromium 35 Stable 235121 5784d4244661f1d38b68dd5d65364e9a 35.0.1916.114 coolo Automatic submission by obs-autosubmit 235819 c3113f7c6dba5daceb7fa4d7eee6774c 35.0.1916.153 coolo Automatic submission by obs-autosubmit 237973 41555ad042dc7a162c9fa57d29c54664 36.0.1985.125 coolo Update to latest stable release. 242213 33233ef81967599444c13d7584aed524 36.0.1985.125 lnussel Automatic submission by obs-autosubmit 244491 56a892c89e985109d325e50c1830b649 36.0.1985.143 lnussel Automatic submission by obs-autosubmit 245486 56a892c89e985109d325e50c1830b649 36.0.1985.143 adrianSuSE Split 13.2 from Factory 4257e1c151aae473c88734c18d469591 37.0.2062.94 coolo - Update to Chromium 37.0.2062.94 - Security Fixes (bnc#893720). Also enable ARM build again as that we switched to shared libraries which should reduce the memory required for final linking 247427 1123773ab5a28e314d4bfac5da0b2907 37.0.2062.120 coolo Automatic submission by obs-autosubmit 250020 6bf5a217ebca9ef1dbcd58017ad263be 38.0.2125.104 coolo Update to 38.0.2125.104 257508 7d1c744216dc2031364116a6bb0f02fd 38.0.2125.111 coolo Automatic submission by obs-autosubmit 259662 9f05544b03a87375a324eb459594cca9 39.0.2171.65 dimstar_suse Update of Chromium Stable channel 262439 92c511013976b4b85668626dcde5db64 39.0.2171.71 dimstar_suse 1 263568 8f967637a86156daa9a9ab4a0f695604 39.0.2171.95 dimstar_suse Automatic submission by obs-autosubmit 265532 70355aa19e5c688ad1e937d396073aa3 39.0.2171.99 dimstar_suse Automatic submission by obs-autosubmit 282347 bb200e9e6e332653648cc29f6ea49485 40.0.2214.94 dimstar_suse Automatic submission by obs-autosubmit 284687 af4e4850134a9411e1566c3697ca5ff6 40.0.2214.111 coolo Automatic submission by obs-autosubmit 286265 072464a56b2b3289b293d6f7611bb83f 40.0.2214.115 dimstar_suse Update 287689 402ab44d80d68e1041c6c3a4f5f96949 40.0.2214.115 dimstar_suse 1 288339 ef1b30ab701ededfcd77c0b1c71f00f1 41.0.2272.76 dimstar_suse update to Chromium 41.0.2272.76 (bnc#920825) 289538 e01088a17f7d56fc627792925f634080 41.0.2272.89 dimstar_suse Automatic submission by obs-autosubmit 291589 3aba36876c43238bc910f3d621601429 41.0.2272.101 dimstar_suse Automatic submission by obs-autosubmit 293527 035da71b21392584ca77890d9438b82f 41.0.2272.118 dimstar_suse Chromium Stable update (boo#925713,boo#925714) 294257 bcaf960c4382d1cd20a457d4807fd7f4 42.0.2311.90 dimstar_suse Update to the latest stable release 298136 79c46a8226ea193443e8ac6efc3eaeb6 42.0.2311.135 coolo Automatic submission by obs-autosubmit 305554 3da420804def603c185d96a786fe3867 43.0.2357.65 coolo Update Stable Chromium (boo#931660, boo#931661, boo#931663, boo#931664, boo#931659, boo#931665, boo#931666, boo#931667, boo#931668, boo#931669, boo#931670, boo#931671, boo#931672, boo#931673, boo#931674) 308153 9623e974e1277a4835d389b1a042298c 43.0.2357.81 dimstar_suse Automatic submission by obs-autosubmit 310138 41acfa266532e22adff72b22a3bb1d2d 43.0.2357.125 dimstar_suse Fixes the Gcc5 failing build and prevents downloading a binary blob when the users starts chromiume 312454 96ec12f77c0ed88e85d113d8d23eb62d 43.0.2357.130 dimstar_suse Update to a newer version of Chromium Stable channel 313377 b84544970a7e9e128c2501e8c2c7dce1 44.0.2403.89 dimstar_suse Update to a new stable release 317945 c154a7e09adbe1524b6bf82c37d1b23a 44.0.2403.130 dimstar_suse Automatic submission by obs-autosubmit 322072 a63b73f7c791b5ebb9be4fac1ce419d9 45.0.2454.85 dimstar_suse Update of chromium stable channel. boo#944144 330707 5db09a6c7037a404f891991a7974f6dc 45.0.2454.99 coolo Automatic submission by obs-autosubmit 334765 09989744b0f72e396712b248993a08ab 45.0.2454.101 coolo 1 337847 2248bc4870245a0f16c011ff7162ac67 46.0.2490.71 dimstar_suse New Stable release 339508 31dc991f02c0f7bde5f7dfdaf325f86d 46.0.2490.71 dimstar_suse Make use of the new homepage 340146 55f38cc1f311d77f5f0049ef6662d1b3 46.0.2490.86 dimstar_suse 1 344210 800c5762896053f466de7991768e50fb 47.0.2526.80 coolo Update for Chromium 348492 4e479c4de452610df90e527923cfe045 47.0.2526.80 dimstar_suse 1 348838 7bccebbdebc5c8c89a89c5e9754aac4f 47.0.2526.106 dimstar_suse 1 349881 4bec3bbe81490419b767e206a4279619 47.0.2526.106 dimstar_suse 1 351270 bf274d2856bea87c6c32772c73e3e59a 48.0.2564.82 dimstar_suse Update of Chromium 355575 625a4acf8782041659fa3bef22025f3c 48.0.2564.103 dimstar_suse New Stable release 358254 2b6546b4595e704e40185229c6c078cb 48.0.2564.103 dimstar_suse Correct version number and disable building against certain system libraries. This could cause potentially issues. 358717 6f84a549f799d9d13592ca5d5db597e6 48.0.2564.109 dimstar_suse Update to a new chromium release (boo#965999) 359504 395c2add9bfd5751a1eb3b52198ef961 48.0.2564.116 dimstar_suse 1 360443 15a2d2f472ebd87601154f549ad0085b 49.0.2623.75 dimstar_suse Update to Chromium 49 Stable 366543 4fdca8a3296812bccb00b8cdbff22c51 49.0.2623.87 dimstar_suse Automatic submission by obs-autosubmit 373626 41d6857964ef24ecf89c121340c7e919 49.0.2623.87 dimstar_suse 1 374664 aa0b4065f02ce367dd3fed3758943a40 49.0.2623.110 dimstar_suse 1 382365 7d47fe6599e310b8deae627d5a2975bc 49.0.2623.112 dimstar_suse 1 386253 a1538005221103c1a485e2d0d332df9b 50.0.2661.75 dimstar_suse 1 390205 894c24ed6779590ff64dde9469b2e25f 50.0.2661.75 dimstar_suse 1 391920 e05f319b8e6840a135d4787ed0873618 50.0.2661.94 dimstar_suse 1 393394 446dd876373e22b662e4d5ff8a2216df 50.0.2661.102 dimstar_suse 1 396556 decdd6f1a0178c2af82cdb9bdfe7fe84 51.0.2704.63 dimstar_suse 1 398297 0819e88c52c26f853dca8c5ed61f2b3b 51.0.2704.79 dimstar_suse 1 399649 468b973c961ea24cbf93a52def4882d9 51.0.2704.103 dimstar_suse Update to newer version 403396 3dcb23f5b577f000e4d3c89fef965f41 51.0.2704.103 dimstar_suse Add. GCC6 fixes that should resolve the crashes experienced in Factory/Tumbleweed 404250 b10cdb2152f125a6fa24c1f651045132 51.0.2704.106 dimstar_suse 1 408119 0d3668f34583d64cff65391f8635e8c3 52.0.2743.116 dimstar_suse This is with the new build system and moving back to a static binary. The number of ninja processes for the main build have been reduced to 4, which should help controlling the memory. I hope that this would resolve the issues in staging. The build is failing for 13.2 and arm, but hopefully I get that resolved or through a newer version 421190 5737270bdc9b5f0d5f95d7ba29f1efb9 52.0.2743.116 dimstar_suse We are one step closer to get it build on ARM, but this should also resolve the main issue reported in b00#996061. Main issue was the gcc60-fixes patch that changed the wrong file. 423721 2a295ac8948efe654024602f72d9050f 53.0.2785.89 dimstar_suse 1 424144 05c10313a0331b171b64c12f8d05e803 53.0.2785.92 dimstar_suse 1 425342 cdb165a20661a5b9b56e906fcd30fd63 53.0.2785.101 dimstar_suse - Reenable widevine build again bnc#998328 - Stable channel update to 53.0.2785.101 * SPDY crasher fixes * Disable NV12 DXGI video on AMD * Forward --password-store switch to os_crypt * Tell the kernel to discard USB requests when they time out. 426963 818f979903c41697e6dc153c764ea32b 53.0.2785.116 dimstar_suse - Version update stable channel 53.0.2785.116 * Just smal bugfixes around - Version update to 53.0.2785.113 bnc#998743: * CVE-2016-5170 Use after free in Blink * CVE-2016-5171 Use after free in Blink * CVE-2016-5172 Arbitrary Memory Read in v8 * CVE-2016-5173 Extension resource access * CVE-2016-5174 Popup not correctly suppressed * CVE-2016-5175 Various fixes from internal audits 427938 8d4db9b5dc10818a29a5123c17454039 53.0.2785.116 dimstar_suse - Apply sandbox patch to fix crashers on tumbleweed bnc#999091 * chromium-sandbox.patch 428376 b6214fa418671b86626de7c2b752b957 53.0.2785.143 dimstar_suse - Version update to 53.0.2785.143 bnc#1002140: * CVE-2016-5177: Use after free in V8 * CVE-2016-5178: Various fixes from internal audits - Export GDK_BACKEND=x11 before starting chromium, ensuring that it's started as an Xwayland client (boo#1001135). 431468 97bb8819a1f71beef380f3cc55b54d4f 54.0.2840.59 dimstar_suse (forwarded request 435104 from scarabeus_iv) 435110 a99ad68c8ba7e14bc2acf1d9c2500a57 54.0.2840.71 dimstar_suse - Update to 54.0.2840.71: * Few fixes around 436672 6bbe34bcb646da995a8e101598d1a92f 55.0.2883.75 dimstar_suse - Chromium 55.0.2883.75 bnc#1013236: CVE-2016-9651 CVE-2016-5208 CVE-2016-5207 CVE-2016-5206 CVE-2016-5205 CVE-2016-5204 CVE-2016-5209 CVE-2016-5203 CVE-2016-5210 CVE-2016-5212 CVE-2016-5211 CVE-2016-5213 CVE-2016-5214 CVE-2016-5216 CVE-2016-5215 CVE-2016-5217 CVE-2016-5218 CVE-2016-5219 CVE-2016-5221 CVE-2016-5220 CVE-2016-5222 CVE-2016-9650 CVE-2016-5223 CVE-2016-5226 CVE-2016-5225 CVE-2016-5224 CVE-2016-9652 - Switch to system libraries: harfbuzz, zlib, ffmpeg, ... - Refreshed patches: * chromium-system-ffmpeg-r3.patch * chromium-system-jinja-r13.patch - Use system ffmpeg unless on 13.2 that didn't include it * chromium-54-ffmpeg2compat.patch * Remove upstreamed chromium-more-codec-aliases.patch - Chromium 54.0.2840.100: * CVE-2016-5199: Heap corruption in FFmpeg (boo#1009892) * CVE-2016-5200: out of bounds memory access in v8 (boo#1009893) * CVE-2016-5201: info leak in extensions (boo#1009894) * CVE-2016-5202: various fixes from internal audits (boo#1009895) - Add patch chromium-prop-codecs.patch and set properly the codecs variable in main scope to allow ffmpeg passthrough bnc#1008725 - Update to 54.0.2840.90: * Few fixes and tweaks * Fixes CVE-2016-5198 bsc#1008274 443536 a4a1b911842602c3ee20456030abf4dd 55.0.2883.75 dimstar_suse - record minimum version for harfbuzz, incuding runtime Chromium will crash with harfbuzz < 1.3.0 444341 2cf37271249d4e3d6403ed31b2f609aa 55.0.2883.75 dimstar_suse - Obsolete ffmpeg and ffmpegsumo package in addition to conflict - Remove bookmarks override as discussed with artwork simply just set homepage to our openSUSE one and that is all 445393 b11145b577935d4c9e6687037082d78d 55.0.2883.87 lnussel_factory 1 447332 e3b2f99264773ddb81df3b5887825eb4 56.0.2924.76 dimstar_suse - Version update to 56.0.2924.76: - CVE-2017-5007: Universal XSS in Blink - CVE-2017-5006: Universal XSS in Blink - CVE-2017-5008: Universal XSS in Blink - CVE-2017-5010: Universal XSS in Blink - CVE-2017-5011: Unauthorised file access in Devtools - CVE-2017-5009: Out of bounds memory access in WebRTC - CVE-2017-5012: Heap overflow in V8 - CVE-2017-5013: Address spoofing in Omnibox - CVE-2017-5014: Heap overflow in Skia - CVE-2017-5015: Address spoofing in Omnibox - CVE-2017-5019: Use after free in Renderer - CVE-2017-5016: UI spoofing in Blink - CVE-2017-5017: Uninitialised memory access in webm video - CVE-2017-5018: Universal XSS in chrome://apps - CVE-2017-5020: Universal XSS in chrome://downloads - CVE-2017-5021: Use after free in Extensions - CVE-2017-5022: Bypass of Content Security Policy in Blink - CVE-2017-5023: Type confusion in metrics - CVE-2017-5024: Heap overflow in FFmpeg - CVE-2017-5025: Heap overflow in FFmpeg - CVE-2017-5026: UI spoofing. Credit to Ronni Skansing - Add conditional to switch between system and bundled icu - Raise dependency on harfbuzz to 1.3.1 - Also refresh patches: chromium-prop-codecs.patch chromium-linker-memory.patch - Added patch chromium-enable-vaapi-on-suse.patch to enable VAAPI hardware accelerated video decoding. 453619 ed72f0383b94f55db864e09c5c3270e5 56.0.2924.76 dimstar_suse 1 453776 94f39bee76c80ae8c0bd1387fb42afa4 56.0.2924.87 dimstar_suse - Version update to 56.0.2924.87: * Various small fixes * Disabled option to enable/disable plugins in the chrome://plugins 454415 aef0c410c8d5c5556cd500a75445f9dd 56.0.2924.87 dimstar_suse Automatic submission by obs-autosubmit 460037 41ecc6bbb0942d4cd597a3b6ff5580ff 57.0.2987.98 dimstar_suse - Version update to 57.0.2987.98 bsc#1028848: CVE-2017-5030 CVE-2017-5031 CVE-2017-5032 CVE-2017-5029 CVE-2017-5034 CVE-2017-5035 CVE-2017-5036 CVE-2017-5037 CVE-2017-5039 CVE-2017-5040 CVE-2017-5041 CVE-2017-5033 CVE-2017-5042 CVE-2017-5038 CVE-2017-5043 CVE-2017-5044 CVE-2017-5045 CVE-2017-5046 - Refresh patches * fix-gn-bootstrap.diff * chromium-linker-memory.patch - Remove obsolete patches: * chromium-sandbox.patch * chromium-54-ffmpeg2compat.patch - Remove vaapi patch which broke rendering on non-intel cards: * chromium-enable-vaapi-on-suse.patch - From this release onwards i586 build is disabled 478469 3ef949cf8fc384a7ca63378bef7ebe1c 57.0.2987.110 dimstar_suse - Do not use gcc5 and newer as the compat was fixed again - Update to 57.0.2987.110 with various other small tweaks 481049 ae9271d2b66674dc6f3bfaea46cf4324 57.0.2987.133 lnussel_factory - Version update to 57.0.2987.133 bsc#1031677: * Critical CVE-2017-5055: Use after free in printing. Credit to Wadih Matar * High CVE-2017-5054: Heap buffer overflow in V8. Credit to Nicolas Trippar of Zimperium zLabs * High CVE-2017-5052: Bad cast in Blink. Credit to JeongHoon Shin * High CVE-2017-5056: Use after free in Blink. Credit to anonymous * High CVE-2017-5053: Out of bounds memory access in V8. Credit to Team Sniper (Keen Lab and PC Mgr) reported through ZDI (ZDI-CAN-4587) - Drop the browser(npapi) provide which is not true - Add patch to build with gcc4 * chromium-57-gcc4.patch 483829 dc45d05d773b2a75d354023583ebae8b 58.0.3029.81 dimstar_suse - Use bundled jinja2, system one changed in 2.9 too much to work * It is at least used only during build - Version update to 58.0.3029.81 bsc#1035103: * High CVE-2017-5057: Type confusion in PDFium. Credit to Guang Gong of Alpha Team, Qihoo 360 * High CVE-2017-5058: Heap use after free in Print Preview. Credit to Khalil Zhani * High CVE-2017-5059: Type confusion in Blink. Credit to SkyLined working with Trend Micro's Zero Day Initiative * Medium CVE-2017-5060: URL spoofing in Omnibox. Credit to Xudong Zheng * Medium CVE-2017-5061: URL spoofing in Omnibox. Credit to Haosheng Wang (@gnehsoah) * Medium CVE-2017-5062: Use after free in Chrome Apps. Credit to anonymous * Medium CVE-2017-5063: Heap overflow in Skia. Credit to Sweetchip * Medium CVE-2017-5064: Use after free in Blink. Credit to Wadih Matar * Medium CVE-2017-5065: Incorrect UI in Blink. Credit to Khalil Zhani * Medium CVE-2017-5066: Incorrect signature handing in Networking. Credit to chenchu * Medium CVE-2017-5067: URL spoofing in Omnibox. Credit to Khalil Zhani * Low CVE-2017-5069: Cross-origin bypass in Blink. Credit to Michael Reizelman - Refresh patch fix-gn-bootstrap.diff - Refresh patch chromium-system-jinja-r13.patch - Remove obsolete patch chromium-57-gcc4.patch 491735 381bdc0b36b6a6829c45b495aa0d3c9a 58.0.3029.96 dimstar_suse - Version update to 58.0.3029.96: * Fixes bsc#1037594 CVE-2017-5068 492857 24bae21f5dafbca3dfdbf17a7a6e7501 58.0.3029.110 dimstar_suse - Version update to 58.0.3029.110: * Various small bugfixes 494234 25614164fd2ae90e2faaccac69b76337 59.0.3071.86 dimstar_suse - Update to 59.0.3071.86 bsc#1042833: * CVE-2017-5070: Type confusion in V8. Reported by Zhao Qixun(@S0rryMybad) of Qihoo 360 Vulcan Team on 2017-05-16 * CVE-2017-5071: Out of bounds read in V8. Reported by Choongwoo Han on 2017-04-26 * CVE-2017-5072: Address spoofing in Omnibox. Reported by Rayyan Bijoora on 2017-04-07 * CVE-2017-5073: Use after free in print preview. Reported by Khalil Zhani on 2017-04-28 * CVE-2017-5074: Use after free in Apps Bluetooth. Reported by anonymous on 2017-03-09 * CVE-2017-5075: Information leak in CSP reporting. Reported by Emmanuel Gil Peyrot on 2017-01-05 * CVE-2017-5086: Address spoofing in Omnibox. Reported by Rayyan Bijoora on 2017-05-16 * CVE-2017-5076: Address spoofing in Omnibox. Reported by Samuel Erb on 2017-05-06 * CVE-2017-5077: Heap buffer overflow in Skia. Reported by Sweetchip on 2017-04-28 * CVE-2017-5078: Possible command injection in mailto handling. Reported by Jose Carlos Exposito Bueno on 2017-04-12 * CVE-2017-5079: UI spoofing in Blink. Reported by Khalil Zhani on 2017-04-20 * CVE-2017-5080: Use after free in credit card autofill. Reported by Khalil Zhani on 2017-04-05 * CVE-2017-5081: Extension verification bypass. Reported by Andrey Kovalev (@L1kvID) Yandex Security Team on 2016-12-07 * CVE-2017-5082: Insufficient hardening in credit card editor. Reported by Nightwatch Cybersecurity Research on 2017-05-11 * CVE-2017-5083: UI spoofing in Blink. Reported by Khalil Zhani on 2017-04-24 * CVE-2017-5085: Inappropriate javascript execution on WebUI pages. Reported by Zhiyang Zeng of Tencent security platform department on 2017-02-15 - Add patch to fix build with system dma: * chromium-dma-buf.patch - Drop no longer needed patches: * chromium-linker-memory.patch * chromium-system-jinja-r13.patch - Refresh patches: * chromium-gcc7.patch * chromium-system-ffmpeg-r3.patch * fix-gn-bootstrap.diff - Use bundled libxml * Upstream unfortunately uses git snapshot that is not api/abi compatible - Add patch to build with gcc7: 501295 8ad9f0d3950a11b850ae479b89d9c15a 59.0.3071.86 dimstar_suse Automatic submission by obs-autosubmit 503976 253ab537041d578ced32bd1a1b42f79e 59.0.3071.104 dimstar_suse 1 504207 6d75d1693be9bab14a7dd67dea746f8b 59.0.3071.109 dimstar_suse 1 505970 70bfa787401b672b72b759d0f7cba383 60.0.3112.78 dimstar_suse - Version update to 60.0.3112.78 bsc#1050537: * CVE-2017-5091: Use after free in IndexedDB * CVE-2017-5092: Use after free in PPAPI * CVE-2017-5093: UI spoofing in Blink * CVE-2017-5094: Type confusion in extensions * CVE-2017-5095: Out-of-bounds write in PDFium * CVE-2017-5096: User information leak via Android intents * CVE-2017-5097: Out-of-bounds read in Skia * CVE-2017-5098: Use after free in V8 * CVE-2017-5099: Out-of-bounds write in PPAPI * CVE-2017-5100: Use after free in Chrome Apps * CVE-2017-5101: URL spoofing in OmniBox * CVE-2017-5102: Uninitialized use in Skia * CVE-2017-5103: Uninitialized use in Skia * CVE-2017-5104: UI spoofing in browser * CVE-2017-7000: Pointer disclosure in SQLite * CVE-2017-5105: URL spoofing in OmniBox * CVE-2017-5106: URL spoofing in OmniBox * CVE-2017-5107: User information leak via SVG * CVE-2017-5108: Type confusion in PDFium * CVE-2017-5109: UI spoofing in browser * CVE-2017-5110: UI spoofing in payments dialog * Various fixes from internal audits, fuzzing and other initiatives - Add patch chromium-override.patch - Remove patches chromium-fpermissive.patch chromium-system-ffmpeg-r3.patch - Rebase patches: * chromium-dma-buf.patch * chromium-gcc7.patch * chromium-last-commit-position-r0.patch * fix-gn-bootstrap.diff 512664 966dfc8916714bbc7d233fdbf8554980 60.0.3112.90 maxlin_factory - Version update to 60.0.3112.90: * Various usability bugfixes 514222 69d2a43a8521fb82c0259927a1f22157 60.0.3112.101 dimstar_suse - Version update to 60.0.3112.101: * various usability bugfixes 517025 feed13ce431bb183d04516902ec7bfb0 60.0.3112.113 dimstar_suse 1 519269 86adfc0b1072cf5d9289a6498bf7ca4d 61.0.3163.79 dimstar_suse - Update to 61.0.3163.79 bsc#1057364: * CVE-2017-5111: Use after free in PDFium. * CVE-2017-5112: Heap buffer overflow in WebGL. * CVE-2017-5113: Heap buffer overflow in Skia. * CVE-2017-5114: Memory lifecycle issue in PDFium. * CVE-2017-5115: Type confusion in V8. * CVE-2017-5116: Type confusion in V8. * CVE-2017-5117: Use of uninitialized value in Skia. * CVE-2017-5118: Bypass of Content Security Policy in Blink. * CVE-2017-5119: Use of uninitialized value in Skia. * CVE-2017-5120: Potential HTTPS downgrade during redirect navigation. - Rebase patch: * fix-gn-bootstrap.diff - Remove patches: * chromium-gcc7.patch * chromium-override.patch - Add new patches: * chromium-atk.patch * chromium-gcc5.patch * chromium-mojo-dep.patch - Gtk3 is hard required from now on - Version some of the required dependencies 522997 484a6cb06edee4c4b120597669591cfd 61.0.3163.91 dimstar_suse - Update to 61.0.3163.91: * Various bugfixes 526505 37cff5aad9d5ed63c72f450db051af27 61.0.3163.100 dimstar_suse 1 528321 6343dfed6d80bc2dbf991232c4502192 62.0.3202.75 dimstar_suse - Version update to 62.0.3202.75 bsc#1065405 CVE-2017-15396 * CVE-2017-15396: Stack overflow in V8 - BuildRequire nodejs6 required for polymer-bundler.js - Try to export properly CXX/CC variable to fix leap builds - Apply patch to fix building crc32 with gcc7: * chromium-62.0.3202.62-correct-cplusplus-check.patch - Update to 62.0.3202.62 bsc#1064066: * CVE-2017-5124: UXSS with MHTML. * CVE-2017-5125: Heap overflow in Skia. * CVE-2017-5126: Use after free in PDFium. * CVE-2017-5127: Use after free in PDFium. * CVE-2017-5128: Heap overflow in WebGL. * CVE-2017-5129: Use after free in WebAudio. * CVE-2017-5132: Incorrect stack manipulation in WebAssembly. * CVE-2017-5130: Heap overflow in libxml2. * CVE-2017-5131: Out of bounds write in Skia. * CVE-2017-5133: Out of bounds write in Skia. * CVE-2017-15386: UI spoofing in Blink. * CVE-2017-15387: Content security bypass. * CVE-2017-15388: Out of bounds read in Skia. * CVE-2017-15389: URL spoofing in OmniBox. * CVE-2017-15390: URL spoofing in OmniBox. * CVE-2017-15391: Extension limitation bypass in Extensions. * CVE-2017-15392: Incorrect registry key handling in PlatformIntegration. * CVE-2017-15393: Referrer leak in Devtools. * CVE-2017-15394: URL spoofing in extensions UI. 537047 89116ca28a19709e832ab9c11e024375 62.0.3202.75 dimstar_suse - Add patch to fix sandbox crashes wrt bsc#1064298 * chromium-sandbox.patch 537391 8af45ef5ae3e06b38da5512ced251838 62.0.3202.89 dimstar_suse - Version update to 62.0.3202.89 bsc#1066851: * CVE-2017-15398: Stack buffer overflow in QUIC * CVE-2017-15399: Use after free in V8 - Drop upstream merged chromium-sandbox.patch - Restrict the version on jpeg to not waste build power * CVE-2017-5126: Use after free in PDFium. * CVE-2017-5127: Use after free in PDFium. 539479 33f9a0143bb30ddb3f7e8e191aa0c737 62.0.3202.94 dimstar_suse 542084 77cd90c3f90f1c4f30973953036f4a5f 62.0.3202.94 dimstar_suse - BuildRequire nodejs8 instead of nodejs6 for suse_version >= 1330 544382 34dbede01639d61986dd7657fd3ddc87 63.0.3239.84 dimstar_suse - Version update to 63.0.3239.84 bsc#1071691: * Critical CVE-2017-15407: Out of bounds write in QUIC. * High CVE-2017-15408: Heap buffer overflow in PDFium. * High CVE-2017-15409: Out of bounds write in Skia. * High CVE-2017-15410: Use after free in PDFium. * High CVE-2017-15411: Use after free in PDFium. * High CVE-2017-15412: Use after free in libXML. * High CVE-2017-15413: Type confusion in WebAssembly. * Medium CVE-2017-15415: Pointer information disclosure in IPC call. * Medium CVE-2017-15416: Out of bounds read in Blink. * Medium CVE-2017-15417: Cross origin information disclosure in Skia. * Medium CVE-2017-15418: Use of uninitialized value in Skia. * Medium CVE-2017-15419: Cross origin leak of redirect URL in Blink. * Medium CVE-2017-15420: URL spoofing in Omnibox. * Medium CVE-2017-15422: Integer overflow in ICU. * Low CVE-2017-15423: Issue with SPAKE implementation in BoringSSL. * Low CVE-2017-15424: URL Spoof in Omnibox. * Low CVE-2017-15425: URL Spoof in Omnibox. * Low CVE-2017-15426: URL Spoof in Omnibox. * Low CVE-2017-15427: Insufficient blocking of JavaScript in Omnibox. - Rebase fix-gn-bootstrap.diff - Drop merged patches: * chromium-gcc5.patch * chromium-60.0.3112.113-breakpad-ucontext.patch * chromium-62.0.3202.62-correct-cplusplus-check.patch - Add new patches: * chromium-non-void-return.patch * chromium-gcc.patch 554957 e88da57f254ee991c06ad0f89163d82f 63.0.3239.108 dimstar_suse - Version update to 63.0.3239.108 bsc#1072976: * CVE-2017-15429: UXSS in V8 * Various fuzzing fixes 557288 d4f5c12620875823b71ba7db07aaa70c 63.0.3239.132 dimstar_suse 561799 040f18a7f9584cf13371d113701dd208 64.0.3282.119 dimstar_suse - Disable ozone stuff conditions for now as the headless mode breaks up runtime bsc#1077722 - Switch to gcc7 on Leap builds - Version update to 64.0.3282.119 bsc#1077571: * High CVE-2018-6031: Use after free in PDFium. Reported by Anonymous on 2017-11-01 * High CVE-2018-6032: Same origin bypass in Shared Worker. Reported by Jun Kokatsu (@shhnjk) on 2017-11-20 * High CVE-2018-6033: Race when opening downloaded files. Reported by Juho Nurminen on 2017-12-09 * Medium CVE-2018-6034: Integer overflow in Blink. Reported by Tobias Klein (www.trapkit.de) on 2017-11-12 * Medium CVE-2018-6035: Insufficient isolation of devtools from extensions. Reported by Rob Wu on 2017-12-23 * Medium CVE-2018-6036: Integer underflow in WebAssembly. Reported by The UK's National Cyber Security Centre (NCSC) on 2017-11-30 * Medium CVE-2018-6037: Insufficient user gesture requirements in autofill. Reported by Paul Stone of Context Information Security on 2017-08-09 * Medium CVE-2018-6038: Heap buffer overflow in WebGL. Reported by cloudfuzzer on 2017-10-12 * Medium CVE-2018-6039: XSS in DevTools. Reported by Juho Nurminen on 2017-10-17 * Medium CVE-2018-6040: Content security policy bypass. Reported by WenXu Wu of Tencent's Xuanwu Lab on 2017-10-26 * Medium CVE-2018-6041: URL spoof in Navigation. Reported by Luan Herrera on 2017-08-29 * Medium CVE-2018-6042: URL spoof in OmniBox. Reported by Khalil Zhani on 2017-10-12 * Medium CVE-2018-6043: Insufficient escaping with external URL handlers. Reported by 0x09AL on 2017-11-16 * Medium CVE-2018-6045: Insufficient isolation of devtools from extensions. Reported by Rob Wu on 2017-12-23 * Medium CVE-2018-6046: Insufficient isolation of devtools from extensions. Reported by Rob Wu on 2017-12-31 * Medium CVE-2018-6047: Cross origin URL leak in WebGL. Reported by Masato Kinugawa on 2018-01-08 * Low CVE-2018-6048: Referrer policy bypass in Blink. Reported by Jun Kokatsu (@shhnjk) on 2017-09-08 * Low CVE-2017-15420: URL spoofing in Omnibox. Reported by Drew Springall (@_aaspring_) on 2017-10-05 * Low CVE-2018-6049: UI spoof in Permissions. Reported by WenXu Wu of Tencent's Xuanwu Lab on 2017-10-13 * Low CVE-2018-6050: URL spoof in OmniBox. Reported by Jonathan Kew on 2017-10-15 * Low CVE-2018-6051: Referrer leak in XSS Auditor. Reported by Antonio Sanso (@asanso) on 2014-12-11 * Low CVE-2018-6052: Incomplete no-referrer policy implementation. Reported by Tanner Emek on 2016-05-28 * Low CVE-2018-6053: Leak of page thumbnails in New Tab Page. Reported by Asset Kabdenov on 2017-08-23 * Low CVE-2018-6054: Use after free in WebUI. Reported by Rob Wu on 2017-12-24 569875 a67bbe6ac6322ce40421a1de96fcfc72 64.0.3282.119 dimstar_suse - Fix default page to not point to 404 - Install swiftshader objects too as they are needed 570606 0bf165e14591f6eddee568dcd746ea94 64.0.3282.140 dimstar_suse - Version update to 64.0.3282.140 bsc#1079021: * Various asan fixes bsc#1078463 CVE-2018-6406 - Eliminate build dependency on procps: we only used it to run 'free', in order to find out how much RAM we have available. We can get this information directly from the kernel, from /proc/meminfo. 571997 6d468c364de3b4af6ca04c586cecbd65 64.0.3282.167 dimstar_suse 576498 5d75e815160f72ef1381d5a44f942976 64.0.3282.186 dimstar_suse 579832 4a069b44ff2a91f1ade6a3c6324c5807 65.0.3325.146 dimstar_suse - Version update to 65.0.3325.146 bsc#1084296: * High CVE-2017-11215: Use after free in Flash. * High CVE-2017-11225: Use after free in Flash. * High CVE-2018-6060: Use after free in Blink. * High CVE-2018-6061: Race condition in V8. * High CVE-2018-6062: Heap buffer overflow in Skia. * High CVE-2018-6057: Incorrect permissions on shared memory. * High CVE-2018-6063: Incorrect permissions on shared memory. * High CVE-2018-6064: Type confusion in V8. * High CVE-2018-6065: Integer overflow in V8. * Medium CVE-2018-6066: Same Origin Bypass via canvas. * Medium CVE-2018-6067: Buffer overflow in Skia. * Medium CVE-2018-6068: Object lifecycle issues in Chrome Custom Tab. * Medium CVE-2018-6069: Stack buffer overflow in Skia. * Medium CVE-2018-6070: CSP bypass through extensions. * Medium CVE-2018-6071: Heap bufffer overflow in Skia. * Medium CVE-2018-6072: Integer overflow in PDFium. * Medium CVE-2018-6073: Heap bufffer overflow in WebGL. * Medium CVE-2018-6074: Mark-of-the-Web bypass. * Medium CVE-2018-6075: Overly permissive cross origin downloads. * Medium CVE-2018-6076: Incorrect handling of URL fragment identifiers in Blink. * Medium CVE-2018-6077: Timing attack using SVG filters. * Medium CVE-2018-6078: URL Spoof in OmniBox. * Medium CVE-2018-6079: Information disclosure via texture data in WebGL. * Medium CVE-2018-6080: Information disclosure in IPC call. * Low CVE-2018-6081: XSS in interstitials. * Low CVE-2018-6082: Circumvention of port blocking. * Low CVE-2018-6083: Incorrect processing of AppManifests. - Add new patches: * chromium-compiler.patch 584220 6a4c29ae8d0614a2683eb32d476b25bd 65.0.3325.162 dimstar_suse - Version update to 65.0.3325.162: * Various stability fixes only - Bundle the harfbuzz on < 15.0 release as we would have to use requires_ge for the library itself later on otherwise - Make sure to require gcc7 - Add patch chromium-drm.patch to make sure to build with Leap 42.3 variant of libdrm 586972 3e88b8204eb9b5c16e0a779ffb0ec388 65.0.3325.181 dimstar_suse 589657 c2ae1d2665de52e47417aa89b999b6c2 65.0.3325.181 maxlin_factory - Add vaapi patches: * chromium-vaapi-init.patch * chromium-vaapi.patch - Use memory-constraints package to limit threads as needed 594640 5fb36ae406fcfc7fd9c32b640b6f7711 66.0.3359.117 dimstar_suse 598009 0d7ad0cc3ddc8d1c45670bc3be1b6e8a 66.0.3359.139 dimstar_suse - chromium 66.0.3359.139: * CVE-2018-6118: Use after free in Media Cache (bsc#1091288) * drop add-missing-blink-tools.patch, now in tarball again 602242 71f20c158358ef536f74183543655686 66.0.3359.139 dimstar_suse - Add patch chromium-skia-system-fontconfig.patch to fix bsc#1092272 - Enable build on AArch64 - Fix build on AArch64: * set target_cpu to arm64 * disable tcmalloc and swiftshader for aarch64 * Add new patches: - chromium-65.0.3325.162-skia-aarch64-buildfix.patch - chromium-skia-neon.patch 605680 fb7193a3f4a5f8213e151c90e3357026 66.0.3359.170 dimstar_suse 606437 cfbe64058d44df4e5d10b63d5bc3d619 66.0.3359.181 dimstar_suse 609024 e55e8e9bc93244ceb45686e73f5ff2f3 66.0.3359.181 dimstar_suse 612440 94e30c950fac49711b3cbdb2dc766c4f 67.0.3396.87 dimstar_suse - Add patch to build under gcc8: * chromium-gcc8.patch - Chromium 67.0.3396.87: * CVE-2018-6149: Out of bounds write in V8 (boo#1097452) - Chromium 67.0.3396.79: * CVE-2018-6148: Incorrect handling of CSP header (boo#1096508) - Require ffmpeg >= 4.0 bsc#1095545 - Update to 67.0.3396.62 bsc#1095163 * CVE-2018-6123: Use after free in Blink. * CVE-2018-6124: Type confusion in Blink. * CVE-2018-6125: Overly permissive policy in WebUSB. * CVE-2018-6126: Heap buffer overflow in Skia. * CVE-2018-6127: Use after free in indexedDB. * CVE-2018-6128: uXSS in Chrome on iOS. * CVE-2018-6129: Out of bounds memory access in WebRTC. * CVE-2018-6130: Out of bounds memory access in WebRTC. * CVE-2018-6131: Incorrect mutability protection in WebAssembly. * CVE-2018-6132: Use of uninitialized memory in WebRTC. * CVE-2018-6133: URL spoof in Omnibox. * CVE-2018-6134: Referrer Policy bypass in Blink. * CVE-2018-6135: UI spoofing in Blink. * CVE-2018-6136: Out of bounds memory access in V8. * CVE-2018-6137: Leak of visited status of page in Blink. * CVE-2018-6138: Overly permissive policy in Extensions. * CVE-2018-6139: Restrictions bypass in the debugger extension API. * CVE-2018-6140: Restrictions bypass in the debugger extension API. 619743 7ebc9739bc229b44309639d9b17bf8e4 67.0.3396.99 dimstar_suse - Version update to 67.0.3396.99: * Various small feature fixes, no security 621880 b1de9759bf6261d2e9e6a26852b676de 68.0.3440.75 dimstar_suse 625371 bd4b7080f85ea7c8d282698c68f318d5 68.0.3440.84 dimstar_suse - Version update to 68.0.3440.84: * Various small feature fixes only 626880 f25756718e440d7072295a6f42d299f8 68.0.3440.106 dimstar_suse Automatic submission by obs-autosubmit 631186 0ad9266081c77f21dee6779c08096e44 69.0.3497.81 dimstar_suse - Add patch to fix mojo build on 32bit: * chromium-gcc8-alignof.patch - Split out the gn from this package, obsoletes patches: * fix-gn-bootstrap.patch * chromium-last-commit-position-r0.patch - Version update to 69.0.3497.81 bsc#1107235: * CVE-2018-16065: Out of bounds write in V8 * CVE-2018-16066:Out of bounds read in Blink * CVE-2018-16067: Out of bounds read in WebAudio * CVE-2018-16068: Out of bounds write in Mojo * CVE-2018-16069:Out of bounds read in SwiftShader * CVE-2018-16070: Integer overflow in Skia * CVE-2018-16071: Use after free in WebRTC * CVE-2018-16073: Site Isolation bypass after tab restore * CVE-2018-16074: Site Isolation bypass using Blob URLS * Out of bounds read in Little-CMS * CVE-2018-16075: Local file access in Blink * CVE-2018-16076: Out of bounds read in PDFium * CVE-2018-16077: Content security policy bypass in Blink * CVE-2018-16078: Credit card information leak in Autofill * CVE-2018-16079: URL spoof in permission dialogs * CVE-2018-16080: URL spoof in full screen mode * CVE-2018-16081: Local file access in DevTools * CVE-2018-16082: Stack buffer overflow in SwiftShader * CVE-2018-16083: Out of bounds read in WebRTC * CVE-2018-16084: User confirmation bypass in external protocol handling * CVE-2018-16085: Use after free in Memory Instrumentation - Added patches: 633746 54b6f1419820f921ebb59b676a2028ae 69.0.3497.92 maxlin_factory 635349 3b9fdae4b56d6b6b8f37434487e1eeeb 69.0.3497.100 maxlin_factory - Keep blank line after autopatch to make SLE12 rpm macros happy - Update to 69.0.3497.100 bsc#1108774 * Fixes from internal audits, fuzzing and other initiatives 636344 68cb3db917eb1da51c04f0b4b698577a 70.0.3538.67 dimstar_suse - Add patch trying to get the pkg to build with libva 1.x releases: * chromium-libva1.patch - Update chromium-old-glibc.patch to contain more tweaked locations - Add back chromium-old-glibc.patch to make sure we build on 42.3 - Reduce the merge number on jumbo files to reduce memory usage bit - remove trigger word from spec that trips up legal-auto - Update to 70.0.3538.67 bsc#1112111: * CVE-2018-17462: Sandbox escape in AppCache * CVE-2018-17463: Remote code execution in V8 * CVE to be assigned: Heap buffer overflow in Little CMS in PDFium * CVE-2018-17464: URL spoof in Omnibox * CVE-2018-17465: Use after free in V8 * CVE-2018-17466: Memory corruption in Angle * CVE-2018-17467: URL spoof in Omnibox * CVE-2018-17468: Cross-origin URL disclosure in Blink * CVE-2018-17469: Heap buffer overflow in PDFium * CVE-2018-17470: Memory corruption in GPU Internals * CVE-2018-17471: Security UI occlusion in full screen mode * CVE-2018-17472: iframe sandbox escape on iOS * CVE-2018-17473: URL spoof in Omnibox * CVE-2018-17474: Use after free in Blink * CVE-2018-17475: URL spoof in Omnibox * CVE-2018-17476: Security UI occlusion in full screen mode * CVE-2018-5179: Lack of limits on update() in ServiceWorker * CVE-2018-17477: UI spoof in Extensions - Added patches: * chromium-gcc8-constexpr.patch 643766 74ef16ac6173d5e0bc4af1d82e9f684d 70.0.3538.77 dimstar_suse - Update to 70.0.3538.77: * Few feature fixes only - Do not meintion armv6 and armv7 in the constraints - Update patch chromium-non-void-return.patch 645243 19b93c62872ffa916dea77ab85e24be6 70.0.3538.77 dimstar_suse 646249 7c21e01d499ba88c4275b428d3ae5815 70.0.3538.102 dimstar_suse - Version update to 70.0.3538.102 bsc#1115537 CVE-2018-17478 * CVE-2018-17478: Out of bounds memory access in V8 648895 0eaff0562a0289aa0f30f2856110cecd 70.0.3538.110 dimstar_suse - Version update to 70.0.3538.110 bsc#1116608: * CVE-2018-17479: Use-after-free in GPU 650585 5db1a5360e6c41dc3963989b3b72d606 71.0.3578.80 dimstar_suse - Version update to 71.0.3578.80 bsc#1118529: - CVE-2018-17480: Out of bounds write in V8 - CVE-2018-17481: Use after frees in PDFium - CVE-2018-18335: Heap buffer overflow in Skia - CVE-2018-18336: Use after free in PDFium - CVE-2018-18337: Use after free in Blink - CVE-2018-18338: Heap buffer overflow in Canvas - CVE-2018-18339: Use after free in WebAudio - CVE-2018-18340: Use after free in MediaRecorder - CVE-2018-18341: Heap buffer overflow in Blink - CVE-2018-18342: Out of bounds write in V8 - CVE-2018-18343: Use after free in Skia - CVE-2018-18344: Inappropriate implementation in Extensions - Multiple issues in SQLite via WebSQL - CVE-2018-18345: Inappropriate implementation in Site Isolation - CVE-2018-18346: Incorrect security UI in Blink - CVE-2018-18347: Inappropriate implementation in Navigation - CVE-2018-18348: Inappropriate implementation in Omnibox - CVE-2018-18349: Insufficient policy enforcement in Blink - CVE-2018-18350: Insufficient policy enforcement in Blink - CVE-2018-18351: Insufficient policy enforcement in Navigation - CVE-2018-18352: Inappropriate implementation in Media - CVE-2018-18353: Inappropriate implementation in Network Authentication - CVE-2018-18354: Insufficient data validation in Shell Integration - CVE-2018-18355: Insufficient policy enforcement in URL Formatter - CVE-2018-18356: Use after free in Skia - CVE-2018-18357: Insufficient policy enforcement in URL Formatter - CVE-2018-18358: Insufficient policy enforcement in Proxy. - CVE-2018-18359: Out of bounds read in V8 - Inappropriate implementation in PDFium 655692 caf87f231cf1e26ea840f2a9e8ebd5ba 71.0.3578.80 dimstar_suse 657329 ab489981fc2393bdac1d31438d580779 71.0.3578.98 dimstar_suse - Version update to 71.0.3578.98 bsc#1119364: * CVE-2018-17481: Use after free in PDFium - Redo chromium-old-libva.patch 657844 c3f4b34f728153ab92179af0123b0f18 71.0.3578.98 dimstar_suse 659336 3aa9064660e94409ed726968251cea9f 71.0.3578.98 dimstar_suse - Tweak fix_building_widevinecdm_with_chromium.patch to make it work again bsc#1120429 662377 f127ffa7669e462cd9c9f4272650fc01 72.0.3626.81 coolo - Update to 72.0.3626.81 bsc#1123641: * CVE-2019-5754: Inappropriate implementation in QUIC Networking. Reported by Klzgrad on 2018-12-12 * CVE-2019-5782: Inappropriate implementation in V8. Reported by Qixun Zhao of Qihoo 360 Vulcan Team via Tianfu Cup on 2018-11-16 * CVE-2019-5755: Inappropriate implementation in V8. Reported by Jay Bosamiya on 2018-12-10 * CVE-2019-5756: Use after free in PDFium. Reported by Anonymous on 2018-10-14 * CVE-2019-5757: Type Confusion in SVG. Reported by Alexandru Pitis, Microsoft Browser Vulnerability Research on 2018-12-15 * CVE-2019-5758: Use after free in Blink. Reported by Zhe Jin金ć“ČLuyao Liu(ćˆ˜è·Żé„) from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd on 2018-12-11 * CVE-2019-5759: Use after free in HTML select elements. Reported by Almog Benin on 2018-12-05 * CVE-2019-5760: Use after free in WebRTC. Reported by Zhe Jin金ć“ČLuyao Liu(ćˆ˜è·Żé„) from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd on 2018-12-05 * CVE-2019-5761: Use after free in SwiftShader. Reported by Zhe Jin金ć“ČLuyao Liu(ćˆ˜è·Żé„) from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd on 2018-11-13 * CVE-2019-5762: Use after free in PDFium. Reported by Anonymous on 2018-10-31 * CVE-2019-5763: Insufficient validation of untrusted input in V8. Reported by Guang Gong of Alpha Team, Qihoo 360 on 2018-12-13 * CVE-2019-5764: Use after free in WebRTC. Reported by Eyal Itkin from Check Point Software Technologies on 2018-12-09 * CVE-2019-5765: Insufficient policy enforcement in the browser. Reported by Sergey Toshin (@bagipro) on 2019-01-16 * CVE-2019-5766: Insufficient policy enforcement in Canvas. Reported by David Erceg on 2018-11-20 * CVE-2019-5767: Incorrect security UI in WebAPKs. Reported by Haoran Lu, Yifan Zhang, Luyi Xing, and Xiaojing Liao from Indiana University Bloomington on 2018-11-06 * CVE-2019-5768: Insufficient policy enforcement in DevTools. Reported by Rob Wu on 2018-01-24 * CVE-2019-5769: Insufficient validation of untrusted input in Blink. Reported by Guy Eshel on 2018-12-11 * CVE-2019-5770: Heap buffer overflow in WebGL. Reported by hemidallt@ on 2018-11-27 * CVE-2019-5771: Heap buffer overflow in SwiftShader. Reported by Zhe Jin金ć“ČLuyao Liu(ćˆ˜è·Żé„) from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd on 2018-11-12 * CVE-2019-5772: Use after free in PDFium. Reported by Zhen Zhou of NSFOCUS Security Team on 2018-11-26 * CVE-2019-5773: Insufficient data validation in IndexedDB. Reported by Yongke Wang of Tencent's Xuanwu Lab (xlab.tencent.com) on 2018-12-24 * CVE-2019-5774: Insufficient validation of untrusted input in SafeBrowsing. Reported by Junghwan Kang (ultract) and Juno Im on 2018-11-11 * CVE-2019-5775: Insufficient policy enforcement in Omnibox. Reported by evi1m0 of Bilibili Security Team on 2018-10-18 * CVE-2019-5776: Insufficient policy enforcement in Omnibox. Reported by Lnyas Zhang on 2018-07-14 * CVE-2019-5777: Insufficient policy enforcement in Omnibox. Reported by Khalil Zhani on 2018-06-04 * CVE-2019-5778: Insufficient policy enforcement in Extensions. Reported by David Erceg on 2019-01-02 * CVE-2019-5779: Insufficient policy enforcement in ServiceWorker. Reported by David Erceg on 2018-11-11 * CVE-2019-5780: Insufficient policy enforcement. Reported by Andreas Hegenberg (folivora.AI GmbH) on 2018-10-03 * CVE-2019-5781: Insufficient policy enforcement in Omnibox. Reported by evi1m0 of Bilibili Security Team on 2018-10-18 670076 139de31bfbd19394b1ed799b0ecea72a 72.0.3626.96 dimstar_suse - Update to 72.0.3626.96 bsc#1124936: * CVE-2019-5784: Inappropriate implementation in V8 - Provide web_browser so chromium can be installed instead of firefox. 673252 b990d052c6066a9692349312f7917bd8 72.0.3626.109 coolo - Update to 72.0.3626.109: * This is just feature fixes update 677755 5860bf737a2c2d9c63d169a48aacade6 72.0.3626.119 dimstar_suse - Update to 72.0.3626.119: * Feature fixes update only 678887 192f1f714872805e1168182489d7d094 72.0.3626.121 dimstar_suse - Drop direct dependency on libgsm, we just need the devel - Update to 72.0.3626.121: * fixes bsc#1127602 CVE-2019-5786 681244 2b9e50b5dee469c6d373fd82aa7fdd12 73.0.3683.75 dimstar_suse - Update to 73.0.3683.75 bsc#1129059: * CVE-2019-5787: Use after free in Canvas. * CVE-2019-5788: Use after free in FileAPI. * CVE-2019-5789: Use after free in WebMIDI. * CVE-2019-5790: Heap buffer overflow in V8. * CVE-2019-5791: Type confusion in V8. * CVE-2019-5792: Integer overflow in PDFium. * CVE-2019-5793: Excessive permissions for private API in Extensions. * CVE-2019-5794: Security UI spoofing. * CVE-2019-5795: Integer overflow in PDFium. * CVE-2019-5796: Race condition in Extensions. * CVE-2019-5797: Race condition in DOMStorage. * CVE-2019-5798: Out of bounds read in Skia. * CVE-2019-5799: CSP bypass with blob URL. * CVE-2019-5800: CSP bypass with blob URL. * CVE-2019-5801: Incorrect Omnibox display on iOS. * CVE-2019-5802: Security UI spoofing. * CVE-2019-5803: CSP bypass with Javascript URLs'. * CVE-2019-5804: Command line command injection on Windows. - Update patches: * chromium-buildname.patch * chromium-non-void-return.patch * chromium-old-glibc.patch * chromium-old-libva.patch * chromium-vaapi.patch - Removed patches: * chromium-crashpad-fix_aarch64.patch * chromium-webrtc-includes.patch - Added patches: * chromium-gcc.patch 684661 81270d08ea6309156f5f9f0534fc4ab8 73.0.3683.86 dimstar_suse - Add patch for pipewire build: * chromium-73.0.3683.75-pipewire-cstring-fix.patch - Update to 73.0.3683.86: * Just feature fixes around - Refresh patch: * chromium-non-void-return.patch - Update conditions to use system harfbuzz on TW+ - Require java during build - Enable using pipewire when available - Rebase chromium-vaapi.patch to match up the Fedora one 688615 1827e1b149df09d0624000a433b442d9 73.0.3683.103 dimstar_suse - Update to 73.0.3686.103: * Various feature fixes 691759 c25f1c9aad2dd95d55bbe999ef8bb653 74.0.3729.108 dimstar_suse - Update to 74.0.3729.108 bsc#1133313: * CVE-2019-5805: Use after free in PDFium * CVE-2019-5806: Integer overflow in Angle * CVE-2019-5807: Memory corruption in V8 * CVE-2019-5808: Use after free in Blink * CVE-2019-5809: Use after free in Blink * CVE-2019-5810: User information disclosure in Autofill * CVE-2019-5811: CORS bypass in Blink * CVE-2019-5813: Out of bounds read in V8 * CVE-2019-5814: CORS bypass in Blink * CVE-2019-5815: Heap buffer overflow in Blink * CVE-2019-5818: Uninitialized value in media reader * CVE-2019-5819: Incorrect escaping in developer tools * CVE-2019-5820: Integer overflow in PDFium * CVE-2019-5821: Integer overflow in PDFium * CVE-2019-5822: CORS bypass in download manager * CVE-2019-5823: Forced navigation from service worker * CVE-2019-5812: URL spoof in Omnibox on iOS * CVE-2019-5816: Exploit persistence extension on Android * CVE-2019-5817: Heap buffer overflow in Angle on Windows - Add patches: * 00-basevalue.patch * 01-basevalue.patch * 02-basevalue.patch * 03-basevalue.patch * 04-basevalue.patch * 05-basevalue.patch * 06-basevalue.patch * old-libva.patch * quic.patch 699638 8383e8463eb5c20402c866b56d9a8585 74.0.3729.108 dimstar_suse - Add patch to fix build on aarch64: * chromium-fix-crc32-for-aarch64.patch 701987 49feaba8e912d1556f35bed598eddee2 74.0.3729.157 dimstar_suse 704156 6dfcd7d995ae40d73438cd630fc0eb13 74.0.3729.169 dimstar_suse Automatic submission by obs-autosubmit 707415 9e55b2f435a9c31af48d33baf62382df 75.0.3770.80 dimstar_suse - Fix build with kernel 5.2 and avoid runtime crash due to pure virtual declaration: * chromium-75.0.3770.80-SIOCGSTAMP.patch * chromium-75.0.3770.80-pure-virtual-crash-fix.patch - Update old-libva.patch to make sure we build on Leap 42.3 - Update to 75.0.3770.80 bsc#1137332: * CVE-2019-5828: Use after free in ServiceWorker * CVE-2019-5829: Use after free in Download Manager * CVE-2019-5830: Incorrectly credentialed requests in CORS * CVE-2019-5831: Incorrect map processing in V8 * CVE-2019-5832: Incorrect CORS handling in XHR * CVE-2019-5833: Inconsistent security UI placemen * CVE-2019-5835: Out of bounds read in Swiftshader * CVE-2019-5836: Heap buffer overflow in Angle * CVE-2019-5837: Cross-origin resources size disclosure in Appcache * CVE-2019-5838: Overly permissive tab access in Extensions * CVE-2019-5839: Incorrect handling of certain code points in Blink * CVE-2019-5840: Popup blocker bypass * Various fixes from internal audits, fuzzing and other initiatives * CVE-2019-5834: URL spoof in Omnibox on iOS - Remove merged patchsets: * 00-basevalue.patch * 01-basevalue.patch * 02-basevalue.patch * 03-basevalue.patch * 04-basevalue.patch * 05-basevalue.patch * 06-basevalue.patch 709055 705c839c845a26ae38854af38d3a3963 75.0.3770.90 dimstar_suse - Update to 75.0.3770.90 bsc#1137332 bsc#1138287: * CVE-2019-5842: Use-after-free in Blink. 709956 48a7b6aff7ce568db5c3d1473f05f589 75.0.3770.100 dimstar_suse - Update to 75.0.3770.100: * This is just feature fixes update 710898 b4f52c1b97e689ae1e23a11dac7dab88 75.0.3770.142 dimstar_suse - Do not use lto flags from prjconf, we need to set them using gn buildsystem - Drop patch chromium-non-void-return.patch and just pass a cxxflags disabler for the check - Update gcc-enable-lto.patch to work on systems without the lto - Update to 75.0.3770.142 bsc#1141649: * CVE-2019-5847: V8 sealed/frozen elements cause crash * CVE-2019-5848: Font sizes may expose sensitive information - Add patch chromium-renderprocess-crash.patch to hopefully fix bsc#1141102 - Enable LTO for x86_64 - add gcc-enable-lto.patch and gcc-lto-rsp-clobber.patch patches. - Install manpage - Update to 72.0.3626.109 bsc#1120892 CVE-2018-20073: 719830 58810a67ebba2eff28a6f435fd4d9c22 76.0.3809.87 dimstar_suse - Update to 76.0.3809.87: * CVE-2019-5850: Use-after-free in offline page fetcher * CVE-2019-5860: Use-after-free in PDFium * CVE-2019-5853: Memory corruption in regexp length check * CVE-2019-5851: Use-after-poison in offline audio context * CVE-2019-5859: res: URIs can load alternative browsers * CVE-2019-5856: Insufficient checks on filesystem: URI permissions * CVE-2019-5855: Integer overflow in PDFium * CVE-2019-5865: Site isolation bypass from compromised renderer * CVE-2019-5858: Insufficient filtering of Open URL service parameters * CVE-2019-5864: Insufficient port filtering in CORS for extensions * CVE-2019-5862: AppCache not robust to compromised renderers * CVE-2019-5861: Click location incorrectly checked * CVE-2019-5857: Comparison of -0 and null yields crash * CVE-2019-5854: Integer overflow in PDFium text rendering * CVE-2019-5852: Object leak of utility functions * Various fixes from internal audits, fuzzing and other initiatives * Not affected: + CVE-2019-5863: Use-after-free in WebUSB on Windows - Added patches: * chromium-76-gcc-ambiguous-nodestructor.patch * chromium-76-gcc-blink-constexpr.patch * chromium-76-gcc-blink-namespace1.patch * chromium-76-gcc-blink-namespace2.patch * chromium-76-gcc-gl-init.patch * chromium-76-gcc-include.patch * chromium-76-gcc-noexcept.patch * chromium-76-gcc-private.patch * chromium-76-gcc-pure-virtual.patch * chromium-76-gcc-uint32.patch 720561 8aae4f552f00f7f72c77a3cc67d8eb0b 76.0.3809.87 dimstar_suse - Add patches to fix few compilation issues: * chromium-angle-inline.patch * chromium-fix-char_traits.patch bsc#1144625 - Remove not properly applying old-glibc patch: * chromium-old-glibc.patch - Disable various gcc warnings as upstream does not care and it just bloats the buildlog (from debian) - Update to 76.0.3809.87 bsc#1143492: 721717 94343e08b77acfb25b9ded544e24c523 76.0.3809.100 dimstar_suse - Update to 76.0.3809.100 bsc#1145242: * CVE-2019-5868: Use-after-free in PDFium ExecuteFieldAction * CVE-2019-5867: Out-of-bounds read in V8 722784 71872b01e6414cd3d6ed38c4fe7ed770 76.0.3809.100 dimstar_suse 725085 4bc10097f2a88fea0144fe27927ca558 76.0.3809.132 dimstar_suse - Update to 76.0.3809.132 bsc#1149143 CVE-2019-5869: * CVE-2019-5869: Use-after-free in Blink * Various fixes from internal audits, fuzzing and other initiatives - Refresh patch chromium-76-gcc-ambiguous-nodestructor.patch 728057 debc794fa2f84ad0f4d0c33ab2ade373 77.0.3865.75 lnussel_factory - Update to chromium 77.0.3865.75 bsc#1150425: * CVE-2019-5870: Use-after-free in media * CVE-2019-5871: Heap overflow in Skia * CVE-2019-5872: Use-after-free in Mojo * CVE-2019-5874: External URIs may trigger other browsers * CVE-2019-5875: URL bar spoof via download redirect * CVE-2019-5876: Use-after-free in media * CVE-2019-5877: Out-of-bounds access in V8 * CVE-2019-5878: Use-after-free in V8 * CVE-2019-5879: Extension can bypass same origin policy * CVE-2019-5880: SameSite cookie bypass * CVE-2019-5881: Arbitrary read in SwiftShader * CVE-2019-13659: URL spoof * CVE-2019-13660: Full screen notification overlap * CVE-2019-13661: Full screen notification spoof * CVE-2019-13662: CSP bypass * CVE-2019-13663: IDN spoof * CVE-2019-13664: CSRF bypass * CVE-2019-13665: Multiple file download protection bypass * CVE-2019-13666: Side channel using storage size estimate * CVE-2019-13667: URI bar spoof when using external app URIs * CVE-2019-13668: Global window leak via console * CVE-2019-13669: HTTP authentication spoof * CVE-2019-13670: V8 memory corruption in regex * CVE-2019-13671: Dialog box fails to show origin * CVE-2019-13673: Cross-origin information leak using devtools * CVE-2019-13674: IDN spoofing * CVE-2019-13675: Extensions can be disabled by trailing slash * CVE-2019-13676: Google URI shown for certificate warning * CVE-2019-13677: Chrome web store origin needs to be isolated 730345 cc950f28afae9b26092f48b832dcc6d4 77.0.3865.75 maxlin_factory - Add patch from Fedora for cert transparency: * chromium-77.0.3865.75-certificate-transparency.patch - Add patches from gentoo: * chromium-77-clang.patch * chromium-77-gcc-no-opt-safe-math.patch * chromium-77-no-cups.patch * chromium-77-std-string.patch - Update patch old-libva.patch to build on openSUSE Leap 15.0 731231 39e2a27e8be53dc2c308b17caf3088ab 77.0.3865.90 maxlin_factory 731870 4f8244dac02e39b92898247553a52bbc 77.0.3865.90 dimstar_suse 732044 4f7a50aa748b395895d4a00a3557038c 78.0.3904.70 dimstar_suse - Disable LTO for now as it consumes ~20GB of RAM, we will reenable the feature later when some memory consumption fixes land in GCC - Adjust LDFLAGS settings for LTO to take memory-constraints into consideration - Update to 78.0.3904.70 bsc#1154806: * CVE-2019-13699: Use-after-free in media * CVE-2019-13700: Buffer overrun in Blink * CVE-2019-13701: URL spoof in navigation * CVE-2019-13702: Privilege elevation in Installer * CVE-2019-13703: URL bar spoofing * CVE-2019-13704: CSP bypass * CVE-2019-13705: Extension permission bypass * CVE-2019-13706: Out-of-bounds read in PDFium * CVE-2019-13707: File storage disclosure * CVE-2019-13708: HTTP authentication spoof * CVE-2019-13709: File download protection bypass * CVE-2019-13710: File download protection bypass * CVE-2019-13711: Cross-context information leak * CVE-2019-15903: Buffer overflow in expat * CVE-2019-13713: Cross-origin data leak * CVE-2019-13714: CSS injection * CVE-2019-13715: Address bar spoofing * CVE-2019-13716: Service worker state error * CVE-2019-13717: Notification obscured * CVE-2019-13718: IDN spoof * CVE-2019-13719: Notification obscured * Various fixes from internal audits, fuzzing and other initiatives 743815 3dbe02d48289964871c706ccabfeb0d3 78.0.3904.70 dimstar_suse 744368 2dcfc5ba69ef6fe2eaa9ce712f58c8f4 78.0.3904.87 dimstar_suse - Update to 78.0.3904.87 bsc#1155643: * CVE-2019-13721: Use-after-free in PDFium * CVE-2019-13720: Use-after-free in audio 744734 ca65950bb0f4d583dc691d6272112537 78.0.3904.87 dimstar_suse - Keep just one conditional for vaapi enablement - Add more magic for zlib handling for SLE12 build - Add patch trying to build on SLE12: * chromium-old-glibc-noexcept.patch 745998 efa97e4b681c891a0dba8a63d8742d9f 78.0.3904.97 dimstar_suse Automatic submission by obs-autosubmit 748909 083ac3995edbad6bbb9c8f79922478ba 78.0.3904.97 dimstar_suse 749199 8f2eab0adda5c3f1fe45a010bf36ca92 78.0.3904.108 dimstar_suse - Update to 78.0.3904.108 bsc#1157269: * CVE-2019-13723: Use-after-free in Bluetooth * CVE-2019-13724: Out-of-bounds access in Bluetooth * Various fixes from internal audits, fuzzing and other initiatives 749862 603c5a322be96729c96da2ecb7d3aa49 79.0.3945.88 dimstar_suse 758715 d4363f2ddf9aadb5a3cb32eada030e2a 79.0.3945.88 dimstar_suse 760141 08928a79c781ceec499beaa9a59efc30 79.0.3945.117 dimstar_suse - Update to 79.0.3945.117 bsc#1160337: * CVE-2020-6377: Use after free in audio * Various fixes from internal audits, fuzzing and other initiatives * CVE-2019-5844 CVE-2019-5845 CVE-2019-5846 762203 1713826b0b10533328aa58fd35a4cabb 79.0.3945.130 dimstar_suse 765585 ebaacc49f2285c043af116b5258cf39c 80.0.3987.100 okurz-factory - Update to 80.0.3987.100 bsc#1163484: * feature fixes only - Update to 80.0.3987.87 bsc#1162833: * CVE-2020-6381: Integer overflow in JavaScript * CVE-2020-6382: Type Confusion in JavaScript * CVE-2019-18197: Multiple vulnerabilities in XML * CVE-2019-19926: Inappropriate implementation in SQLite * CVE-2020-6385: Insufficient policy enforcement in storage * CVE-2019-19880, CVE-2019-19925: Multiple vulnerabilities in SQLite * CVE-2020-6387: Out of bounds write in WebRTC * CVE-2020-6388: Out of bounds memory access in WebAudio * CVE-2020-6389: Out of bounds write in WebRTC * CVE-2020-6390: Out of bounds memory access in streams * CVE-2020-6391: Insufficient validation of untrusted input in Blink * CVE-2020-6392: Insufficient policy enforcement in extensions * CVE-2020-6393: Insufficient policy enforcement in Blink * CVE-2020-6394: Insufficient policy enforcement in Blink * CVE-2020-6395: Out of bounds read in JavaScript * CVE-2020-6396: Inappropriate implementation in Skia * CVE-2020-6397: Incorrect security UI in sharing * CVE-2020-6398: Uninitialized use in PDFium * CVE-2020-6399: Insufficient policy enforcement in AppCache * CVE-2020-6400: Inappropriate implementation in CORS * CVE-2020-6401: Insufficient validation of untrusted input in Omnibox * CVE-2020-6402: Insufficient policy enforcement in downloads * CVE-2020-6403: Incorrect security UI in Omnibox * CVE-2020-6404: Inappropriate implementation in Blink * CVE-2020-6405: Out of bounds read in SQLite * CVE-2020-6406: Use after free in audio 773714 63607ae31a24c7dfeb0b9bf0b81dba6c 80.0.3987.100 dimstar_suse - Add chromedriver binary to bindir - Drop sandbox binary as it should not be needed really bsc#1163588 - Remove unused patch: * chromium-sandbox-pie.patch 777696 e9d01d64098412d86f9bf7378d808138 80.0.3987.122 dimstar_suse - Update to 80.0.3987.122 bsc#1164828: * CVE-2020-6418: Type confusion in V8 * CVE-2020-6407: Out of bounds memory access in streams. * Integer overflow in ICU 779107 3d6e9dcc65336e579d673ec23b7d5e74 80.0.3987.132 dimstar_suse - Update to 80.0.3987.132 bsc#1165826: * CVE-2020-6420: Insufficient policy enforcement in media. * Various fixes from internal audits, fuzzing and other initiatives [2]. - Add patch trying to fix pulse audio issues with webrtc: * webrtc-pulse.patch 781924 a9c48fa44dbc85d5d27d1bf160207eb5 80.0.3987.132 dimstar_suse - Do not pull in python deps except interpreter, the bundles are patched anwyays 784928 9f7374529b91b51604fc4b003e342ce6 80.0.3987.149 dimstar_suse - Update to 80.0.3987.149: * High CVE-2020-6422: Use after free in WebGL. * High CVE-2020-6424: Use after free in media. * High CVE-2020-6425: Insufficient policy enforcement in extensions. * High CVE-2020-6426: Inappropriate implementation in V8. * High CVE-2020-6427: Use after free in audio. * High CVE-2020-6428: Use after free in audio. * High CVE-2020-6429: Use after free in audio. * High CVE-2019-20503: Out of bounds read in usersctplib. * High CVE-2020-6449: Use after free in audio. * Various fixes from internal audits, fuzzing and other initiatives 786439 d9cc867ae25f3a5b0f94c5bc01408520 80.0.3987.149 dimstar_suse - Add patch to allow building with pipewire 0.3: * build-with-pipewire-0.3.patch - Use pipewire in Leap 15.2 788109 7385aec4aaa2071854d5d273c115e2af 80.0.3987.162 dimstar_suse - Update to 80.0.3987.162 bsc#1168421: * CVE-2020-6450: Use after free in WebAudio. * CVE-2020-6451: Use after free in WebAudio. * CVE-2020-6452: Heap buffer overflow in media. - Rebase build-with-pipewire-0.3.patch in order to fix patch collision. - Add chromium-missing-cstdint-header.patch, chromium-missing-cstring-header.patch, chromium-missing-cstring-header2.patch and chromium-missing-cstddef-header.patch in order to fix boo#1167465. - Use a symbolic icon for GNOME 790832 1b4910b130e85a20629a188e13564edd 81.0.4044.92 dimstar_suse - Update to 81.0.4044.92 bsc#1168911: * CVE-2020-6454: Use after free in extensions * CVE-2020-6423: Use after free in audio * CVE-2020-6455: Out of bounds read in WebSQL * CVE-2020-6430: Type Confusion in V8 * CVE-2020-6456: Insufficient validation of untrusted input in clipboard * CVE-2020-6431: Insufficient policy enforcement in full screen * CVE-2020-6432: Insufficient policy enforcement in navigations * CVE-2020-6433: Insufficient policy enforcement in extensions * CVE-2020-6434: Use after free in devtools * CVE-2020-6435: Insufficient policy enforcement in extensions * CVE-2020-6436: Use after free in window management * CVE-2020-6437: Inappropriate implementation in WebView * CVE-2020-6438: Insufficient policy enforcement in extensions * CVE-2020-6439: Insufficient policy enforcement in navigations * CVE-2020-6440: Inappropriate implementation in extensions * CVE-2020-6441: Insufficient policy enforcement in omnibox * CVE-2020-6442: Inappropriate implementation in cache * CVE-2020-6443: Insufficient data validation in developer tools * CVE-2020-6444: Uninitialized Use in WebRTC * CVE-2020-6445: Insufficient policy enforcement in trusted types * CVE-2020-6446: Insufficient policy enforcement in trusted types * CVE-2020-6447: Inappropriate implementation in developer tools * CVE-2020-6448: Use after free in V8 - Add new patches: * chromium-81-gcc-constexpr.patch * chromium-81-gcc-noexcept.patch * fix-vaapi-with-glx.patch - Remove no longer needed patches: * chromium-80-gcc-abstract.patch 792388 4533ba1850392f7c92bc2ffe008b46d7 81.0.4044.92 dimstar_suse - Try to use system version of xdg-utils 794067 17ced56ab2c8b9bb841597e0dcd4e071 81.0.4044.122 dimstar_suse 796194 3d6ffde6e34b7895c7f08448e7008fed 81.0.4044.129 dimstar_suse - update to 81.0.4044.129 (boo#1170707): * CVE-2020-0561: Use after free in storage * CVE-2020-6462: Use after free in task scheduling (forwarded request 798873 from AndreasStieger) 798898 0eb2c01d7b06c433daf19bbbc9e4182c 81.0.4044.138 dimstar_suse - update to 81.0.4044.138 bsc#1171247: * CVE-2020-6831: Stack buffer overflow in SCTP * CVE-2020-6464: Type Confusion in Blink. - Add icu-v67.patch from upstream to fix build with icu v67 800599 d80fd963a5676876cab794aabcd66279 83.0.4103.61 maxlin_factory - Add patch to fix building with new re2: * chromium-81-re2-0.2020.05.01.patch - Update _constraints to avoid very slow builds seen on obs-arm-4 (probably due to swap) - Update to 83.0.4103.61 bsc#1171910: * CVE-2020-6465: Use after free in reader mode. Reported by Woojin Oh(@pwn_expoit) of STEALIEN on 2020-04-21 * CVE-2020-6466: Use after free in media. Reported by Zhe Jin from cdsrc of Qihoo 360 on 2020-04-26 * CVE-2020-6467: Use after free in WebRTC. Reported by ZhanJia Song on 2020-04-06 * CVE-2020-6468: Type Confusion in V8. Reported by Chris Salls and Jake Corina of Seaside Security, Chani Jindal of Shellphish on 2020-04-30 * CVE-2020-6469: Insufficient policy enforcement in developer tools. Reported by David Erceg on 2020-04-02 * CVE-2020-6470: Insufficient validation of untrusted input in clipboard. Reported by MichaƂ Bentkowski of Securitum on 2020-03-30 * CVE-2020-6471: Insufficient policy enforcement in developer tools. Reported by David Erceg on 2020-03-08 * CVE-2020-6472: Insufficient policy enforcement in developer tools. Reported by David Erceg on 2020-03-25 * CVE-2020-6473: Insufficient policy enforcement in Blink. Reported by Soroush Karami and Panagiotis Ilia on 2020-02-06 * CVE-2020-6474: Use after free in Blink. Reported by Zhe Jin from cdsrc of Qihoo 360 on 2020-03-07 * CVE-2020-6475: Incorrect security UI in full screen. Reported by Khalil Zhani on 2019-10-31 * CVE-2020-6476: Insufficient policy enforcement in tab strip. Reported by Alexandre Le Borgne on 2019-12-18 * CVE-2020-6477: Inappropriate implementation in installer. Reported by RACK911 Labs on 2019-03-26 * CVE-2020-6478: Inappropriate implementation in full screen. Reported by Khalil Zhani on 2019-12-24 * CVE-2020-6479: Inappropriate implementation in sharing. Reported by Zhong Zhaochen of andsecurity.cn on 2020-01-14 * CVE-2020-6480: Insufficient policy enforcement in enterprise. Reported by Marvin Witt on 2020-02-21 * CVE-2020-6481: Insufficient policy enforcement in URL formatting. Reported by Rayyan Bijoora on 2020-04-07 * CVE-2020-6482: Insufficient policy enforcement in developer tools. Reported by Abdulrahman Alqabandi (@qab) on 2017-12-17 * CVE-2020-6483: Insufficient policy enforcement in payments. Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research on 2019-05-23 * CVE-2020-6484: Insufficient data validation in ChromeDriver. Reported by Artem Zinenko on 2020-01-26 * CVE-2020-6485: Insufficient data validation in media router. Reported by Sergei Glazunov of Google Project Zero on 2020-01-30 * CVE-2020-6486: Insufficient policy enforcement in navigations. Reported by David Erceg on 2020-02-24 * CVE-2020-6487: Insufficient policy enforcement in downloads. Reported by Jun Kokatsu (@shhnjk) on 2015-10-06 808194 b9f2896ac778f8bb1439e324ae03e22d 83.0.4103.97 dimstar_suse up 811311 b73429b28e014285196d10e4f64798e3 83.0.4103.116 dimstar_suse - Disable the LTO again as it still OOMs quite often - Add patch to work with new ffmpeg wrt bsc#1173292: * chromium-84-mediaalloc.patch - Add multimedia fix for disabled location and also try one additional patch from Debian on the same issue bsc#1173107 Update patch: * no-location-leap151.patch - Add patch from Fedora to avoid attribute overrides in skia: * chromium-83.0.4103.97-skia-gcc-no_sanitize-fixes.patch - Add patch to hopefully fix bsc#1173107: * chromium-dev-shm.patch - Update to 83.0.4103.116 bsc#1173251: * CVE-2020-6509: Use after free in extensions - Reduce constraints to say 20 GB disk space is enough - Disable wayland integration on 15.x bsc#1173187 bsc#1173188 bsc#1173254 - Enforce to not use system borders bsc#1173063 - Update to 83.0.4103.106 bsc#1173029: * CVE-2020-6505: Use after free in speech * CVE-2020-6506: Insufficient policy enforcement in WebView * CVE-2020-6507: Out of bounds write in V8 816970 9891fde67b22b15fbb52957c5fe6a71f 83.0.4103.116 dimstar_suse 817775 76b9aff7a39af962ec617fea21649538 84.0.4147.89 dimstar_suse - Try to fix non-wayland build for Leap builds - Update to 84.0.4147.89 bsc#1174189: * Critical CVE-2020-6510: Heap buffer overflow in background fetch. * High CVE-2020-6511: Side-channel information leakage in content security policy. * High CVE-2020-6512: Type Confusion in V8. * High CVE-2020-6513: Heap buffer overflow in PDFium. * High CVE-2020-6514: Inappropriate implementation in WebRTC. * High CVE-2020-6515: Use after free in tab strip. * High CVE-2020-6516: Policy bypass in CORS. * High CVE-2020-6517: Heap buffer overflow in history. * Medium CVE-2020-6518: Use after free in developer tools. * Medium CVE-2020-6519: Policy bypass in CSP. * Medium CVE-2020-6520: Heap buffer overflow in Skia. * Medium CVE-2020-6521: Side-channel information leakage in autofill. * Medium CVE-2020-6522: Inappropriate implementation in external protocol handlers. * Medium CVE-2020-6523: Out of bounds write in Skia. * Medium CVE-2020-6524: Heap buffer overflow in WebAudio. * Medium CVE-2020-6525: Heap buffer overflow in Skia. * Low CVE-2020-6526: Inappropriate implementation in iframe sandbox. * Low CVE-2020-6527: Insufficient policy enforcement in CSP. * Low CVE-2020-6528: Incorrect security UI in basic auth. * Low CVE-2020-6529: Inappropriate implementation in WebRTC. * Low CVE-2020-6530: Out of bounds memory access in developer tools. * Low CVE-2020-6531: Side-channel information leakage in scroll to text. * Low CVE-2020-6533: Type Confusion in V8. * Low CVE-2020-6534: Heap buffer overflow in WebRTC. * Low CVE-2020-6535: Insufficient data validation in WebUI. * Low CVE-2020-6536: Incorrect security UI in PWAs. - Use bundled xcb-proto as we need to generate py2 bindings 821455 76f835615021065eac4beba99cfd2b58 84.0.4147.125 dimstar_suse 826031 642a5e72d00922cfac55ff85e8e2928e 84.0.4147.135 dimstar_suse - Do not use libexec as we use /usr/lib as a target folder - Fix the build by removing expectation of llvm-7.0 - Update to 84.0.4147.135 (bsc#1175505): * CVE-2020-6556: Heap buffer overflow in SwiftShader - Use new _constraint memoryperjob. 829898 04ea68697e8b8eb543551fc89d498b92 84.0.4147.135 dimstar_suse Revert back to old constraint: allows more workers 7684f0301047324977df84da70b98b7f 84.0.4147.135 dimstar_suse Fixup last change c42b9d3646d9d357c95f2451a28612af 85.0.4183.83 dimstar_suse - Really update to .83 we accidentally included .69 beta release - Add patch trying to compile with old libdrm on Leap 15.1: * chromium-lp151-old-drm.patch - Version update to 85.0.4183.83 bsc#1175757 * CVE-2020-6558: Insufficient policy enforcement in iOS * CVE-2020-6559: Use after free in presentation API * CVE-2020-6560: Insufficient policy enforcement in autofill * CVE-2020-6561: Inappropriate implementation in Content Security Policy * CVE-2020-6562: Insufficient policy enforcement in Blink * CVE-2020-6563: Insufficient policy enforcement in intent handling. * CVE-2020-6564: Incorrect security UI in permissions * CVE-2020-6565: Incorrect security UI in Omnibox. * CVE-2020-6566: Insufficient policy enforcement in media. * CVE-2020-6567: Insufficient validation of untrusted input in command line handling. * CVE-2020-6568: Insufficient policy enforcement in intent handling. * CVE-2020-6569: Integer overflow in WebUSB. * CVE-2020-6570: Side-channel information leakage in WebRTC. * CVE-2020-6571: Incorrect security UI in Omnibox. - Use bundled vpx everywhere again as it fails to compile against system version - Added patches: * chromium-85-DelayNode-cast.patch * chromium-85-FrameWidget-namespace.patch * chromium-85-NearbyConnection-abstract.patch * chromium-85-NearbyShareEncryptedMetadataKey-include.patch * chromium-85-oscillator_node-cast.patch * chromium-85-ostream-operator.patch * chromium-85-ozone-include.patch * chromium-85-sim_hash-include.patch - Removed patches: * chromium-82-gcc-template.patch * chromium-84-AXObject-stl-iterator.patch * chromium-84-FilePath-add-noexcept.patch * chromium-84-base-has_bultin.patch * chromium-84-fix-decltype.patch * chromium-84-gcc-DOMRect-constexpr.patch * chromium-84-gcc-noexcept.patch * chromium-84-gcc-template.patch * chromium-84-gcc-unique_ptr.patch * chromium-84-gcc-use-brace-initializer.patch * chromium-84-nss-include.patch * chromium-84-ozone-include.patch * chromium-84-revert-manage-ManifestManagerHost-per-document.patch * chromium-84-std-vector-const.patch * chromium-clang_lto_visibility_public.patch - Updated patches: * chromium-83-gcc-10.patch * chromium-84-gcc-include.patch * chromium-prop-codecs.patch * gcc-enable-lto.patch 831606 18714c5ffbefd0c4955b70dc2b39c820 85.0.4183.83 dimstar_suse - Move swiftshader stuff to chromium folder directly bsc#1176207 832903 6fb9536890c6620c6e35a89618d41929 85.0.4183.102 dimstar_suse - Add back the swiftshader folder wrt bsc#1176450 - Update 85.0.4183.102 bsc#1176306: * CVE-2020-6573: Use after free in video. * CVE-2020-6574: Insufficient policy enforcement in installer. * CVE-2020-6575: Race in Mojo. * CVE-2020-6576: Use after free in offscreen canvas. * CVE-2020-15959: Insufficient policy enforcement in networking. 834011 ea6c5f033eb6b68666289de513159f47 85.0.4183.102 dimstar_suse - The egl stuff is from angle not swiftshader, thanks Fedora bsc#1176450 834860 0cb951e204a6dc0079b4a133ca12456a 85.0.4183.121 dimstar_suse - Remove TOC files to avoid warning in post and fix angle conditional - Update to 85.0.4183.121 bsc#1176791: * CVE-2020-15960: Out of bounds read in storage * CVE-2020-15961: Insufficient policy enforcement in extensions * CVE-2020-15962: Insufficient policy enforcement in serial * CVE-2020-15963: Insufficient policy enforcement in extensions * CVE-2020-15965: Out of bounds write in V8 * CVE-2020-15966: Insufficient policy enforcement in extensions * CVE-2020-15964: Insufficient data validation in media 836361 7c327b8886c59cec14e45dc4e1d18a59 86.0.4240.75 dimstar_suse - Remove vdpau->vaapi bridge as it breaks a lot: (fixes welcome by someone else than me) * chromium-vaapi-fix.patch - Fix cookiemonster: * fix-invalid-end-iterator-usage-in-CookieMonster.patch - Update to 86.0.4240.75 bsc#1177408: * CVE-2020-15967: Use after free in payments. * CVE-2020-15968: Use after free in Blink. * CVE-2020-15969: Use after free in WebRTC. * CVE-2020-15970: Use after free in NFC. * CVE-2020-15971: Use after free in printing. * CVE-2020-15972: Use after free in audio. * CVE-2020-15990: Use after free in autofill. * CVE-2020-15991: Use after free in password manager. * CVE-2020-15973: Insufficient policy enforcement in extensions. * CVE-2020-15974: Integer overflow in Blink. * CVE-2020-15975: Integer overflow in SwiftShader. * CVE-2020-15976: Use after free in WebXR. * CVE-2020-6557: Inappropriate implementation in networking. * CVE-2020-15977: Insufficient data validation in dialogs. * CVE-2020-15978: Insufficient data validation in navigation. * CVE-2020-15979: Inappropriate implementation in V8. * CVE-2020-15980: Insufficient policy enforcement in Intents. * CVE-2020-15981: Out of bounds read in audio. * CVE-2020-15982: Side-channel information leakage in cache. * CVE-2020-15983: Insufficient data validation in webUI. * CVE-2020-15984: Insufficient policy enforcement in Omnibox. * CVE-2020-15985: Inappropriate implementation in Blink. * CVE-2020-15986: Integer overflow in media. * CVE-2020-15987: Use after free in WebRTC. * CVE-2020-15992: Insufficient policy enforcement in networking. * CVE-2020-15988: Insufficient policy enforcement in downloads. * CVE-2020-15989: Uninitialized Use in PDFium. - Add patches: * chromium-78-protobuf-RepeatedPtrField-export.patch * chromium-79-gcc-protobuf-alignas.patch * chromium-80-QuicStreamSendBuffer-deleted-move-constructor.patch * chromium-86-ConsumeDurationNumber-constexpr.patch * chromium-86-ImageMemoryBarrierData-init.patch * chromium-86-ServiceWorkerRunningInfo-noexcept.patch * chromium-86-compiler.patch * chromium-86-nearby-explicit.patch * chromium-86-nearby-include.patch - Remove patches: * chromium-79-gcc-alignas.patch * chromium-80-gcc-quiche.patch * chromium-82-gcc-constexpr.patch * chromium-83-gcc-10.patch * chromium-84-gcc-include.patch * chromium-84-mediaalloc.patch * chromium-85-DelayNode-cast.patch * chromium-85-FrameWidget-namespace.patch * chromium-85-NearbyConnection-abstract.patch * chromium-85-NearbyShareEncryptedMetadataKey-include.patch * chromium-85-oscillator_node-cast.patch * chromium-85-ostream-operator.patch * chromium-85-ozone-include.patch * chromium-85-sim_hash-include.patch * chromium-blink-gcc-diagnostic-pragma.patch * chromium-dma-buf.patch * chromium-drm.patch * chromium-quiche-invalid-offsetof.patch - build with system libevent, the gn bug is no longer present 841866 3a59d339fbb7ef86bed109fb4ea83689 86.0.4240.111 dimstar_suse - Update to 86.0.4240.111 bsc#1177936 - CVE-2020-16000: Inappropriate implementation in Blink. - CVE-2020-16001: Use after free in media. - CVE-2020-16002: Use after free in PDFium. - CVE-2020-15999: Heap buffer overflow in Freetype. - CVE-2020-16003: Use after free in printing. (forwarded request 843351 from msmeissn) 843389 e62a3ef7d1913d287795aecf183483d3 86.0.4240.183 dimstar_suse - Update to 86.0.4240.183 bsc#1178375 - CVE-2020-16004: Use after free in user interface. - CVE-2020-16005: Insufficient policy enforcement in ANGLE. - CVE-2020-16006: Inappropriate implementation in V8 - CVE-2020-16007: Insufficient data validation in installer. - CVE-2020-16008: Stack buffer overflow in WebRTC. - CVE-2020-16009: Inappropriate implementation in V8. - CVE-2020-16011: Heap buffer overflow in UI on Windows. 845666 2d9e81ba96aeb9209d01f522653537b8 86.0.4240.198 dimstar_suse - Update to 86.0.4240.198 bsc#1178703 - CVE-2020-16013: Inappropriate implementation in V8 - CVE-2020-16017: Use after free in site isolation (forwarded request 848026 from gmbr3) 848027 90c394cb112bcbdba8082f6ae6640e0a 87.0.4280.66 dimstar_suse - Added patches: - chromium-gcc11.patch - chromium-86-fix-vaapi-on-intel.patch - chromium-87-compiler.patch - chromium-87-CursorFactory-include.patch - chromium-87-openscreen-include.patch - chromium-87-ozone-deps.patch - chromium-87-ServiceWorkerContainerHost-crash.patch - chromium-87-webcodecs-deps.patch - chromium-88-vaapi-attribute.patch - chromium-lp152-missing-includes.patch - Removed patches: - chromium-86-ServiceWorkerRunningInfo-noexcept.patch - chromium-86-compiler.patch - fix-invalid-end-iterator-usage-in-CookieMonster.patch - old-libva.patch - Update to 87.0.4280.66 bsc#1178923 - Wayland support by default - CVE-2020-16018: Use after free in payments. - CVE-2020-16019: Inappropriate implementation in filesystem. - CVE-2020-16020: Inappropriate implementation in cryptohome. - CVE-2020-16021: Race in ImageBurner. - CVE-2020-16022: Insufficient policy enforcement in networking. - CVE-2020-16015: Insufficient data validation in WASM. R - CVE-2020-16014: Use after free in PPAPI. - CVE-2020-16023: Use after free in WebCodecs. - CVE-2020-16024: Heap buffer overflow in UI. - CVE-2020-16025: Heap buffer overflow in clipboard. - CVE-2020-16026: Use after free in WebRTC. - CVE-2020-16027: Insufficient policy enforcement in developer tools. R - CVE-2020-16028: Heap buffer overflow in WebRTC. - CVE-2020-16029: Inappropriate implementation in PDFium. - CVE-2020-16030: Insufficient data validation in Blink. - CVE-2019-8075: Insufficient data validation in Flash. - CVE-2020-16031: Incorrect security UI in tab preview. - CVE-2020-16032: Incorrect security UI in sharing. - CVE-2020-16033: Incorrect security UI in WebUSB. - CVE-2020-16034: Inappropriate implementation in WebRTC. - CVE-2020-16035: Insufficient data validation in cros-disks. - CVE-2020-16012: Side-channel information leakage in graphics. - CVE-2020-16036: Inappropriate implementation in cookies. (forwarded request 849506 from gmbr3) 849507 10fca1de8de79c872043fa5769971a42 87.0.4280.66 dimstar_suse - Remove erroneous call to ldconfig which causes Firefox crashes (boo#1179298) (forwarded request 851547 from gmbr3) 851548 1ea6953673ab189d251029dc3207960e 87.0.4280.88 dimstar_suse - Added patches: - chromium-87-icu68.patch - chromium-87-v8-icu68.patch - Update to 87.0.4280.88 bsc#1179576 - CVE-2020-16037: Use after free in clipboard - CVE-2020-16038: Use after free in media - CVE-2020-16039: Use after free in extensions - CVE-2020-16040: Insufficient data validation in V8 - CVE-2020-16041: Out of bounds read in networking - CVE-2020-16042: Uninitialized Use in V8 (forwarded request 853182 from gmbr3) 853253 976c1b0b342aea8a18cf0ce7687844c9 87.0.4280.88 dimstar_suse 857747 7e30d6ee8901699fb70ea881bb7fb554 87.0.4280.141 dimstar_suse - Update to 87.0.4280.141 bsc#1180645 - CVE-2021-21106: Use after free in autofill - CVE-2021-21107: Use after free in drag and drop - CVE-2021-21108: Use after free in media - CVE-2021-21109: Use after free in payments - CVE-2021-21110: Use after free in safe browsing - CVE-2021-21111: Insufficient policy enforcement in WebUI - CVE-2021-21112: Use after free in Blink - CVE-2021-21113: Heap buffer overflow in Skia - CVE-2020-16043: Insufficient data validation in networking - CVE-2021-21114: Use after free in audio - CVE-2020-15995: Out of bounds write in V8 - CVE-2021-21115: Use after free in safe browsing - CVE-2021-21116: Heap buffer overflow in audio (forwarded request 860986 from gmbr3) 860987 a05f75a2ef86afc16c1008192d1d580c 87.0.4280.141 dimstar_suse 863624 71e143cffc9aca4b37658108b272f996 88.0.4324.96 dimstar_suse 866254 21fae0673bfb723277b3bad1ab96980d 88.0.4324.150 dimstar_suse - Update to 88.0.4324.150 bsc#1181827 - CVE-2021-21148: Heap buffer overflow in V8 (forwarded request 869981 from gmbr3) 869982 28ebbea855c19f5f6bc1a720e50c6233 88.0.4324.150 dimstar_suse - Add chromium-glibc-2.33.patch: fix Sandbox with glibc 2.33 (bsc#1182233) 872345 c385ad46cb61190e0ea8effae67b6161 88.0.4324.182 dimstar_suse bsc#1182358 (forwarded request 873107 from gmbr3) 873109 082065d6169611b792adba50d80ed6e3 89.0.4389.72 dimstar_suse - Update to 89.0.4389.72 bsc#1182960 - CVE-2021-21159: Heap buffer overflow in TabStrip. - CVE-2021-21160: Heap buffer overflow in WebAudio. - CVE-2021-21161: Heap buffer overflow in TabStrip. - CVE-2021-21162: Use after free in WebRTC. - CVE-2021-21163: Insufficient data validation in Reader Mode. - CVE-2021-21164: Insufficient data validation in Chrome for iOS. - CVE-2021-21165: Object lifecycle issue in audio. - CVE-2021-21166: Object lifecycle issue in audio. - CVE-2021-21167: Use after free in bookmarks. - CVE-2021-21168: Insufficient policy enforcement in appcache. - CVE-2021-21169: Out of bounds memory access in V8. - CVE-2021-21170: Incorrect security UI in Loader. - CVE-2021-21171: Incorrect security UI in TabStrip and Navigation. - CVE-2021-21172: Insufficient policy enforcement in File System API. - CVE-2021-21173: Side-channel information leakage in Network Internals. - CVE-2021-21174: Inappropriate implementation in Referrer. - CVE-2021-21175: Inappropriate implementation in Site isolation. - CVE-2021-21176: Inappropriate implementation in full screen mode. - CVE-2021-21177: Insufficient policy enforcement in Autofill. - CVE-2021-21178: Inappropriate implementation in Compositing. - CVE-2021-21179: Use after free in Network Internals. - CVE-2021-21180: Use after free in tab search. - CVE-2020-27844: Heap buffer overflow in OpenJPEG. - CVE-2021-21181: Side-channel information leakage in autofill. - CVE-2021-21182: Insufficient policy enforcement in navigations. - CVE-2021-21183: Inappropriate implementation in performance APIs. - CVE-2021-21184: Inappropriate implementation in performance APIs. - CVE-2021-21185: Insufficient policy enforcement in extensions. - CVE-2021-21186: Insufficient policy enforcement in QR scanning. 877004 df2a197de75cc6e633e9eac40343ff0c 89.0.4389.90 RBrownSUSE - Update to 89.0.4389.90 bsc#1183515 - CVE-2021-21191: Use after free in WebRTC. - CVE-2021-21192: Heap buffer overflow in tab groups. - CVE-2021-21193: Use after free in Blink. - Update to 89.0.4389.82 - Add x11-ozone-fix-two-edge-cases.patch to fix tab drag errors 879173 d110c095fda9052aaefa9dfae3fa5d6b 89.0.4389.114 RBrownSUSE bsc#1184256 882838 c0b9988bfeb7f981cc71665dfd3dd3df 89.0.4389.128 dimstar_suse 885475 c646ce9414179cb08aba2c6df0e3821a 90.0.4430.93 dimstar_suse - Chromium 90.0.4430.93 (boo#1185398): - CVE-2021-21227: Insufficient data validation in V8. - CVE-2021-21232: Use after free in Dev Tools. - CVE-2021-21233: Heap buffer overflow in ANGLE. - CVE-2021-21228: Insufficient policy enforcement in extensions. - CVE-2021-21229: Incorrect security UI in downloads. - CVE-2021-21230: Type Confusion in V8. - CVE-2021-21231: Insufficient data validation in V8. - Reference: https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop_26.html - Chromium 90.0.4430.85 (boo#1185047): * CVE-2021-21222: Heap buffer overflow in V8 * CVE-2021-21223: Integer overflow in Mojo * CVE-2021-21224: Type Confusion in V8 * CVE-2021-21225: Out of bounds memory access in V8 * CVE-2021-21226: Use after free in navigation - Chromium 90.0.4430.72 (boo#1184764): * CVE-2021-21201: Use after free in permissions * CVE-2021-21202: Use after free in extensions * CVE-2021-21203: Use after free in Blink * CVE-2021-21204: Use after free in Blink * CVE-2021-21205: Insufficient policy enforcement in navigation * CVE-2021-21221: Insufficient validation of untrusted input in Mojo * CVE-2021-21207: Use after free in IndexedDB * CVE-2021-21208: Insufficient data validation in QR scanner * CVE-2021-21209: Inappropriate implementation in storage * CVE-2021-21210: Inappropriate implementation in Network * CVE-2021-21211: Inappropriate implementation in Navigatio * CVE-2021-21212: Incorrect security UI in Network Config UI * CVE-2021-21213: Use after free in WebMIDI * CVE-2021-21214: Use after free in Network API * CVE-2021-21215: Inappropriate implementation in Autofill * CVE-2021-21216: Inappropriate implementation in Autofill * CVE-2021-21217: Uninitialized Use in PDFium * CVE-2021-21218: Uninitialized Use in PDFium * CVE-2021-21219: Uninitialized Use in PDFiu * drop chromium-89-quiche-private.patch * drop chromium-89-quiche-dcheck.patch * drop chromium-89-skia-CropRect.patch * drop chromium-89-dawn-include.patch * drop chromium-89-webcodecs-deps.patch * drop chromium-89-AXTreeSerializer-include.patch * drop libva-2.11.patch * drop libva-2.11-nolegacy.patch * drop chromium-84-blink-disable-clang-format.patch - chromium-90-gslang-linkage-fixup.patch: fixed a weird static/nonpic error - chromium-90-cstdint.patch: some cstd includes added - chromium-90-fseal.patch: F_SEAL defines added 889077 24c944727fd067664ef5180b4bddd269 90.0.4430.93 dimstar_suse * Patch change * - Fix build with GCC 11 again (bsc#1185716) - Remove chromium-88-compiler.patch - Remove chromium-90-cstdint.patch - Remove chromium-90-gslang-linkage-fixup.patch - Added chromium-90-compiler.patch - Added chromium-90-angle-constexpr.patch - Added chromium-90-TokenizedOutput-include.patch - Added chromium-90-ruy-include.patch - Added chromium-90-CrossThreadCopier-qualification.patch - Added chromium-90-quantization_utils-include.patch 891089 de7a1300896cb40b8772a3139ef5cba8 90.0.4430.212 dimstar_suse 892292 8088f37ec68f6e833fd8bd1396b1cfb7 90.0.4430.212 dimstar_suse - use asimdrdm CPU flag for aarch64 to select only more powerful buildhosts. 893793 019f326c6408c618f359993b67625bcc 91.0.4472.77 dimstar_suse - Chromium 91.0.4472.77 (boo#1186458): * Support Managed configuration API for Web Applications * WebOTP API: cross-origin iframe support * CSS custom counter styles * Support JSON Modules * Clipboard: read-only files support * Remove webkitBeforeTextInserted & webkitEditableCOntentChanged JS events * Honor media HTML attribute for link icon * Import Assertions * Class static initializer blocks * Ergonomic brand checks for private fields * Expose WebAssembly SIMD * New Feature: WebTransport * ES Modules for service workers ('module' type option) * Suggested file name and location for the File System Access API * adaptivePTime property for RTCRtpEncodingParameters * Block HTTP port 10080 - mitigation for NAT Slipstream 2.0 attack * Support WebSockets over HTTP/2 * Support 103 Early Hints for Navigation * CVE-2021-30521: Heap buffer overflow in Autofill * CVE-2021-30522: Use after free in WebAudio * CVE-2021-30523: Use after free in WebRTC * CVE-2021-30524: Use after free in TabStrip * CVE-2021-30525: Use after free in TabGroups * CVE-2021-30526: Out of bounds write in TabStrip * CVE-2021-30527: Use after free in WebUI * CVE-2021-30528: Use after free in WebAuthentication * CVE-2021-30529: Use after free in Bookmarks * CVE-2021-30530: Out of bounds memory access in WebAudio * CVE-2021-30531: Insufficient policy enforcement in Content Security Policy * CVE-2021-30532: Insufficient policy enforcement in Content Security Policy * CVE-2021-30533: Insufficient policy enforcement in PopupBlocker * CVE-2021-30534: Insufficient policy enforcement in iFrameSandbox * CVE-2021-30535: Double free in ICU * CVE-2021-21212: Insufficient data validation in networking * CVE-2021-30536: Out of bounds read in V8 * CVE-2021-30537: Insufficient policy enforcement in cookies * CVE-2021-30538: Insufficient policy enforcement in content security policy * CVE-2021-30539: Insufficient policy enforcement in content security policy * CVE-2021-30540: Incorrect security UI in payments * Various fixes from internal audits, fuzzing and other initiatives * drop chromium-90-TokenizedOutput-include.patch * drop chromium-90-CrossThreadCopier-qualification.patch * drop chromium-90-quantization_utils-include.patch * drop chromium-90-angle-constexpr.patch * add chromium-91-java-only-allowed-in-android-builds.patch * add chromium-91-GCC_fix_vector_types_in_pcscan.patch * add chromium-91-system-icu.patch 895838 9ec9b13795734a81b684c4b7f5ad59ac 91.0.4472.77 dimstar_suse - Add README.SUSE - Fix aarch64 build: * chromium-91-libyuv-aarch64.patch * Update highway to 0.12.2 (arm only) - Add -flax-vector-conversions to build flags 897189 81e3405a2d9656e3e9460fea75f749c3 91.0.4472.101 dimstar_suse chromium 91.0.4472.101 (boo#1187141) 899022 262887cdd862a5d3f4f059554b3fd87d 91.0.4472.114 dimstar_suse Chromium 91.0.4472.114 (boo#1187481) 900774 c57033ce67541f1509be82271f7e482e 91.0.4472.114 dimstar_suse fix crash upon exit boo#1186948 901249 a7aa8dab4aa10b58ce98966b247c3b1e 91.0.4472.114 dimstar_suse - Add chromium-91-sql-standard-layout-type.patch: to fix SQL being incorrect with libstdc++ 11 904064 2b2db13faf23a09f699ee4831a50a736 91.0.4472.164 dimstar_suse - chromium 91.0.4472.164 (boo#1188373) * CVE-2021-30559: Out of bounds write in ANGLE * CVE-2021-30541: Use after free in V8 * CVE-2021-30560: Use after free in Blink XSLT * CVE-2021-30561: Type Confusion in V8 * CVE-2021-30562: Use after free in WebSerial * CVE-2021-30563: Type Confusion in V8 * CVE-2021-30564: Heap buffer overflow in WebXR * Various fixes from internal audits, fuzzing and other initiatives 906869 f45677f59a33f9f436fa6ff3af45dd96 92.0.4515.107 dimstar_suse 92.0.4515.107 909629 34324fa6d76c7c27e42122c132dc36b7 92.0.4515.131 RBrownSUSE 92.0.4515.131 910522 c062c6f1dffe21264f191e3168311432 92.0.4515.159 RBrownSUSE - Chromium 92.0.4515.159 (boo#1189490): * CVE-2021-30598: Type Confusion in V8 * CVE-2021-30599: Type Confusion in V8 * CVE-2021-30600: Use after free in Printing * CVE-2021-30601: Use after free in Extensions API * CVE-2021-30602: Use after free in WebRTC * CVE-2021-30603: Race in WebAudio * CVE-2021-30604: Use after free in ANGLE * Various fixes from internal audits, fuzzing and other initiatives - Add missing crashpad_handler (boo#1189254) 912804 a643c27cdea40543bb7f1413beae5080 92.0.4515.159 dimstar_suse 1 914861 27597d5f1041c62290c952b144a6898d 93.0.4577.82 dimstar_suse update 919574 19707e89086982fa596096530712a8cc 94.0.4606.71 dimstar_suse M94 922845 9e483e76ac55a501868936a6d7e38f11 94.0.4606.81 dimstar_suse update 924488 8dad24c0e1e2bd26862339905ffe8f80 95.0.4638.54 dimstar_suse M95 927179 f87e3e564cd7347401fc6e5186075a61 95.0.4638.69 dimstar_suse chromium 95.0.4638.69 (boo#1192184) 928391 33600494b8015d429946bb8bfdd99704 95.0.4638.69 dimstar_suse - Explicitly BuildRequire python3-six. 931936 434303f49198fd7e5553d48a715b9bb7 95.0.4638.69 dimstar_suse - Ensure newer libs and LLVM is used on Leap (boo#1192310) 933159 f774cb005c6078622547afe7d96121b9 96.0.4664.110 dimstar_suse fix 940698 23b37bdf900bcc39bb159dc3cfe24b27 96.0.4664.110 dimstar_suse - Added patches: * chromium-96-freetype-unbundle.patch * chromium-96-EnumTable-crash.patch - Unbundle freetype on TW - Unbundle icu on 15.4 - Disable lto and update _constraints on aarch64 - Remove MEIPreload: it gets installed through component updater 942340 6fb318afab625f3e0f6f33f215934ab3 96.0.4664.110 dimstar_suse fseal 942656 d87bdb7e0ed74bce6276acd46a73bd51 96.0.4664.110 dimstar_suse wayland 943058 4937cb14897db41b9123fed48d61c511 96.0.4664.110 dimstar_suse https://bugzilla.opensuse.org/show_bug.cgi?id=1194182 415d504e0fff53d3248d3057d5a2ed62 96.0.4664.110 dimstar_suse - Revert wayland fixes because it doesn't handle GPU correctly (boo#1194182) - Use GCC 11, but disable LTO (boo#1194055). - Use our own copy of the wrapper so that we can use the fixes for Wayland 943312 0417057e2b69894cff7a4eb4c838ff17 96.0.4664.110 dimstar_suse https://bugzilla.opensuse.org/show_bug.cgi?id=1194182 34d05e45da82e2c787e301bcd1804853 97.0.4692.71 dimstar_suse Cr97 945924 0b1f5395e9ffb29f3925d5ca199d05c5 97.0.4692.71 dimstar_suse ffmpeg 947640 af4daf4075e61d34977a14df39954b0a 97.0.4692.99 dimstar_suse chromium 97.0.4692.99 (boo#1194919) 947860 8e5024fb342cfa38fb071264adf0790c 98.0.4758.80 dimstar_suse Chromium 98.0.4758.80 (boo#1195420) 951665 abab21a9548736aa29fff78bb341dd63 98.0.4758.102 dimstar_suse 955128 fbc42eac4c800286393edbb667bf52fd 99.0.4844.51 dimstar_suse Cr99 959453 936a612f02b2e7861c6374a699225873 99.0.4844.74 dimstar_suse Chromium 99.0.4844.74 (boo#1197163) 962131 17fac86000265c33f2f70a3e1e88d22a 99.0.4844.82 dimstar_suse 963477 f071b15c1ce40e146e453caf68f48317 99.0.4844.84 dimstar_suse - Chromium 99.0.4844.84: * CVE-2022-1096: Type Confusion in V8 (boo#1197552) 965046 5f151d8301f52f6b63684b4be249eb8c 99.0.4844.84 dimstar_suse - Update disk constraints 965591 eca65df473fba28f2e7141cb002341de 100.0.4896.60 dimstar_suse - Chromium 100.0.4896.60 (boo#1197680) * CVE-2022-1125: Use after free in Portals * CVE-2022-1127: Use after free in QR Code Generator * CVE-2022-1128: Inappropriate implementation in Web Share API * CVE-2022-1129: Inappropriate implementation in Full Screen Mode * CVE-2022-1130: Insufficient validation of untrusted input in WebOTP * CVE-2022-1131: Use after free in Cast UI * CVE-2022-1132: Inappropriate implementation in Virtual Keyboard * CVE-2022-1133: Use after free in WebRTC * CVE-2022-1134: Type Confusion in V8 * CVE-2022-1135: Use after free in Shopping Cart * CVE-2022-1136: Use after free in Tab Strip * CVE-2022-1137: Inappropriate implementation in Extensions * CVE-2022-1138: Inappropriate implementation in Web Cursor * CVE-2022-1139: Inappropriate implementation in Background Fetch API * CVE-2022-1141: Use after free in File Manager * CVE-2022-1142: Heap buffer overflow in WebUI * CVE-2022-1143: Heap buffer overflow in WebUI * CVE-2022-1144: Use after free in WebUI * CVE-2022-1145: Use after free in Extensions * CVE-2022-1146: Inappropriate implementation in Resource Timing - Added patches: * chromium-100-compiler.patch * chromium-100-GLImplementationParts-constexpr.patch * chromium-100-InMilliseconds-constexpr.patch * chromium-100-SCTHashdanceMetadata-move.patch * chromium-100-macro-typo.patch - Removed patches: * chromium-98-compiler.patch * chromium-86-nearby-explicit.patch * chromium-glibc-2.34.patch * chromium-v8-missing-utility-include.patch * chromium-99-AutofillAssistantModelExecutor-NoDestructor.patch 966432 8654ad3799a3fac2455d363502637300 100.0.4896.75 dimstar_suse - Chromium 100.0.4896.75: * CVE-2022-1232: Type Confusion in V8 (boo#1198053) 967113 befbd016eeea4504afe9de58b087bb2e 100.0.4896.75 dimstar_suse - Patches for GCC 12: * chromium-fix-swiftshader-template.patch * chromium-missing-include-tuple.patch * chromium-webrtc-stats-missing-vector.patch 968256 d65f4e9813ee24a5240bb439d0518245 100.0.4896.88 dimstar_suse - Chromium 100.0.4896.88 (boo#1198361) * CVE-2022-1305: Use after free in storage * CVE-2022-1306: Inappropriate implementation in compositing * CVE-2022-1307: Inappropriate implementation in full screen * CVE-2022-1308: Use after free in BFCache * CVE-2022-1309: Insufficient policy enforcement in developer tools * CVE-2022-1310: Use after free in regular expressions * CVE-2022-1311: Use after free in Chrome OS shell * CVE-2022-1312: Use after free in storage * CVE-2022-1313: Use after free in tab groups * CVE-2022-1314: Type Confusion in V8 * Various fixes from internal audits, fuzzing and other initiatives 969302 520e7c1df5e4952e7dd639ef3134f5bd 100.0.4896.127 dimstar_suse - Chromium 100.0.4896.127 (boo#1198509) * CVE-2022-1364: Type Confusion in V8 * Various fixes from internal audits, fuzzing and other initiatives 970306 831f94719ab70b5c094f9bb6e0bbc500 100.0.4896.127 dimstar_suse - Fixes for go 1.18 971372 ed7597bf8df7a4f67cadbdf17543c993 101.0.4951.54 dimstar_suse 101 974874 5b694f7c221ac53e700d06b84cb936eb 101.0.4951.64 dimstar_suse chromium 101.0.4951.64 (boo#1199409) 976204 2e0880a46aff837d9970f05c3ff124db 101.0.4951.67 dimstar_suse 977313 343e0832183b989a3a19e6999e730b0c 102.0.5005.61 dimstar_suse 102 979532 402e6c396d56c7fae27973c93edb2f5e 102.0.5005.61 dimstar_suse disable arm cfi 980324 aa501598e2f954014ccddfbfac63f34a 102.0.5005.61 dimstar_suse GTK4 981322 c6ef4431f20365ccd58a694d6e7a63cb 102.0.5005.115 dimstar_suse - Chromium 102.0.5005.115 (boo#1200423) * CVE-2022-2007: Use after free in WebGPU * CVE-2022-2008: Out of bounds memory access in WebGL * CVE-2022-2010: Out of bounds read in compositing * CVE-2022-2011: Use after free in ANGLE 982060 b32a0090b9fd2d92ebb5b878fee00e2d 103.0.5060.53 dimstar_suse 103 985033 fc73c2b8205e2044c23d93483407fddc 103.0.5060.66 dimstar_suse 987738 673e3e5bf5fac4930aad5bbe97c74202 103.0.5060.114 dimstar_suse - Chromium 103.0.5060.114 (boo#1201216) * CVE-2022-2294: Heap buffer overflow in WebRTC * CVE-2022-2295: Type Confusion in V8 * CVE-2022-2296: Use after free in Chrome OS Shell (forwarded request 988023 from AndreasStieger) 988024 79daec3be81e68f2dcd711a259d89f39 103.0.5060.134 RBrownFactory - Chromium 103.0.5060.134 (boo#1201679): * CVE-2022-2477 : Use after free in Guest View * CVE-2022-2478 : Use after free in PDF * CVE-2022-2479 : Insufficient validation of untrusted input in File * CVE-2022-2480 : Use after free in Service Worker API * CVE-2022-2481: Use after free in Views * CVE-2022-2163: Use after free in Cast UI and Toolbar * Various fixes from internal audits, fuzzing and other initiatives 990359 1c5df3498ec5e8221b669b11785c143e 103.0.5060.134 RBrownFactory - Switch back to Clang so that we can use BTI on aarch64 * Gold is too old - doesn't understand BTI * LD crashes on aarch64 - Re-enable LTO - Prepare move to FFmpeg 5 for new channel layout (requires 5.1+) 991005 7cdb677eea6349f368754c78c8114eae 104.0.5112.79 dimstar_suse boo#1202075 994138 f4c722e9b0991d82759c0eb3f6b79e77 104.0.5112.79 dimstar_suse - Re-enable our version of chrome-wrapper - Set no sandbox if root is being used (https://crbug.com/638180) 997378 ac8344dabd66f2697ea0768791e621ba 104.0.5112.101 dimstar_suse - Chromium 104.0.5112.101 (boo#1202509): * CVE-2022-2852: Use after free in FedCM * CVE-2022-2854: Use after free in SwiftShader * CVE-2022-2855: Use after free in ANGLE * CVE-2022-2857: Use after free in Blink * CVE-2022-2858: Use after free in Sign-In Flow * CVE-2022-2853: Heap buffer overflow in Downloads * CVE-2022-2856: Insufficient validation of untrusted input in Intents * CVE-2022-2859: Use after free in Chrome OS Shell * CVE-2022-2860: Insufficient policy enforcement in Cookies * CVE-2022-2861: Inappropriate implementation in Extensions API 998184 5cea097143a343a5ced7c3540b3002dd 104.0.5112.101 dimstar_suse 998611 c61269beb086444e352b98f9e3186970 104.0.5112.101 dimstar_suse 1000605 7042c6c18f8f9c0ed61f477903af8406 105.0.5195.102 dimstar_suse boo#1203102 boo#1202964 1001897 433be3fa3966f6e1744269a8a388da74 105.0.5195.127 dimstar_suse chromium 105.0.5195.127 (boo#1203419) 1003596 286e94c88c835b9fee580494ea2a6303 106.0.5249.91 dimstar_suse Chromium 106.0.5249.91 (boo#1203808) 1007437 acc7f4cfd87a4be36b0d3c91c65863b2 106.0.5249.103 RBrownFactory 1008596 c2a42ec73b044cd0056bba5f951cdedd 106.0.5249.119 dimstar_suse - Chromium 106.0.5249.119 (boo#1204223) * CVE-2022-3445: Use after free in Skia * CVE-2022-3446: Heap buffer overflow in WebSQL * CVE-2022-3447: Inappropriate implementation in Custom Tabs * CVE-2022-3448: Use after free in Permissions API * CVE-2022-3449: Use after free in Safe Browsing * CVE-2022-3450: Use after free in Peer Connection 1010169 5c01cef9f7ec3ef325b9dab359b8c96b 107.0.5304.87 dimstar_suse - Chromium 107.0.5304.87 (boo#1204819) - Chromium 107.0.5304.68 (boo#1204732) 1031906 ef002e6dc139acd62fdb9f6416564d12 107.0.5304.110 dimstar_suse - Chromium 107.0.5304.110 (boo#1205221) * CVE-2022-3885: Use after free in V8 * CVE-2022-3886: Use after free in Speech Recognition * CVE-2022-3887: Use after free in Web Workers * CVE-2022-3888: Use after free in WebCodecs * CVE-2022-3889: Type Confusion in V8 * CVE-2022-3890: Heap buffer overflow in Crashpad 1034894 a7c8b81f4e80e55cf54b79bcc8cb2dcd 107.0.5304.110 dimstar_suse - Build with llvm15 on openSUSE:Backports:SLE-15-SP5 and up 1036557 cfc73be04f69fad46be4af0a7c4d9204 107.0.5304.121 dimstar_suse - Chromium 107.0.5304.121 (boo#1205736) * CVE-2022-4135: Heap buffer overflow in GPU 1037993 0dc80803349fa089a31f68670201d015 108.0.5359.71 dimstar_suse Chromium 108.0.5359.71 (boo#1205871) 1039204 b7badb8413ba0686411e5aeb3cf39c86 108.0.5359.94 dimstar_suse - Chromium 108.0.5359.94: * CVE-2022-4262: Type Confusion in V8 (boo#1205999) 1039766 06bc597b3f38788379b97de12d694fab 108.0.5359.98 dimstar_suse - Chromium 108.0.5359.98 * Fix regression in computing <select> visibility 1041228 0df4e8b176385581187b748a4ca6d991 108.0.5359.124 dimstar_suse - Chromium 108.0.5359.124: * CVE-2022-4436: Use after free in Blink Media * CVE-2022-4437: Use after free in Mojo IPC * CVE-2022-4438: Use after free in Blink Frames * CVE-2022-4439: Use after free in Aura * CVE-2022-4440: Use after free in Profiles 1042847 2904d524b3de0cd833e44604c72491b0 108.0.5359.124 dimstar_suse - Add chromium-disable-GlobalMediaControlsCastStartStop.patch: disable GlobalMediaControlsCastStartStop to fix crashes occurring when interacting with the Media UI (bsc#1198124) 1044094 2a2d7e5c6d561e86cc946b5d2d582162 109.0.5414.74 dimstar_suse chromium 109.0.5414.74 boo#1207018 1057677 fb094065d8c458d610dc56111ee118e9 109.0.5414.74 dimstar_suse bsc#1207147 1059161 c3b2bdddcb8c2a3beafe355e213af9cc 109.0.5414.119 dimstar_suse Chromium 109.0.5414.119 (boo#1207512) 1060793 83a6bcd3eb36884960ada13af071b09d 110.0.5481.77 dimstar_suse Chromium 110.0.5481.77 (boo#1208029) 1064085 4d5660ad265f512b0ced80708d94f47f 110.0.5481.100 dimstar_suse 1066266 cac1d474aa6c3ad6e11eace6d2ad7977 110.0.5481.177 dimstar_suse - Chromium 110.0.5481.177 (boo#1208589) * CVE-2023-0927: Use after free in Web Payments API * CVE-2023-0928: Use after free in SwiftShader * CVE-2023-0929: Use after free in Vulkan * CVE-2023-0930: Heap buffer overflow in Video * CVE-2023-0931: Use after free in Video * CVE-2023-0932: Use after free in WebRTC * CVE-2023-0933: Integer overflow in PDF * CVE-2023-0941: Use after free in Prompts * Various fixes from internal audits, fuzzing and other initiatives 1067322 23829a5ec3164a6c087af903e79486a4 111.0.5563.64 dimstar_suse bsc#1203040 1070459 dd8aaa4d0ba10eed97e3cdcbfec24275 111.0.5563.64 dimstar_suse - Revert back to GCC 11 on 15.4 as Clang 13 doesn't support GCC 12 1070574 19133324cd16485b77a3818f0fc116cf 111.0.5563.110 dimstar_suse - Chromium 111.0.5563.110 (boo#1209598) * CVE-2023-1528: Use after free in Passwords * CVE-2023-1529: Out of bounds memory access in WebHID * CVE-2023-1530: Use after free in PDF * CVE-2023-1531: Use after free in ANGLE * CVE-2023-1532: Out of bounds read in GPU Video * CVE-2023-1533: Use after free in WebProtect * CVE-2023-1534: Out of bounds read in ANGLE - Add gcc13-fix.patch in order to support GCC 13. 1073738