743858ad7d72aeed7ecc64ac1ec01c1716.0.880.0lruppResubmission of Chromium. This build currently has the sandbox disabled, so that there is no need for the SETUID bit. This will be changed based on the bugreport for the security validation (bnc#718016). All other issues should be resolved824270cc8d95dc3fb8a7f1de1027a06f73dd116.0.880.0lruppAutobuild autoformatter for 82427
e92e06ce60fd15b1f6b95e330a331d0316.0.891.0oertelUpdate to Chromium version 16.0.891. This update contains the newer version, but also some updates in the spec-file related to the chromium setuid sandbox. bnc#718016 was filed to get the approval of the security team on the setuid bit on the chrome_sandbox. This was approved, but the spec-file needed some work to make it also happen on older releases. The method used now is the one confirmed by Ludwig (stated in the bugreport). At this moment the chromium package in 11.3:Contrib and 11.4:Contrib are links to the package in Factory, therefore the necessity to have it build for older versions.84818cd231734d83683111c02534492d8149116.0.891.0oertelAutobuild autoformatter for 84818
f99849f8efa5a81057e99fb1ad1500d616.0.898.0oertelUpdate to chromium 16.0.8988625412f7ca7d94833a8f40237d83cab78cf716.0.904.0lruppUpdate to 16.0.904. With this version it is now easy to synchronize bookmarks, settings, passwords, etc with your google/gmail account. This time there is no v8 update871906f44b0f5dc6912ab3ff6fa80f7a54f0b16.0.910.0saschpeUpdate to 16.0.910881096f44b0f5dc6912ab3ff6fa80f7a54f0b16.0.910.0adrianSuSEec9030feda36003cf7da8a03ab97f05e17.0.922.0cooloRegular update of V8 and Chromium8983031f4b0cb1cbe9b4ed07b6c0e0679253d17.0.945.0cooloUpdate to 17.0.94592751438f8e6d27d42bd95e78514437f4bd2c18.0.975.0cooloNothing provides libudev - the proper library name is libudev0, chromium is uninstallable otherwise. (forwarded request 97162 from zawel1)971634898055c14bd0ad860b21fa9cb170ab318.0.1022.0cooloUpdate for Chromium. Resolves the following bugs: bunc#735629, bnc#739126, bnc#740493, bnc#743319, bnc#743158102128a62edd862859875d8194679b969d3f8519.0.1031.0cooloUpdate to newer version. Security fixes. New icon-set.103219445df642f63dee9214ede1857b0112ac19.0.1046.0cooloUpdate for Chromium. Security and other fixes106940bdac4c82ca492e6ba56fce5ac444572b19.0.1060.0cooloUpdate to a newer version10821415f0b442a195ca6e40eb498dcde9094d19.0.1066.0cooloUpdate of v8. Required for Chromium (bnc#750407 and bnc#751466)1088429435bc77c5dbe9937a67690338cd4cf020.0.1096.0cooloAdded libgnome as requires for desktop-gnome subpackage to solve bnc#756222 (forwarded request 113006 from simontol)113007dedbdf7fee403017ed4424adc734ff2720.0.1106.0cooloUpdate of chromium to a newer version. Introduces also a new package that contains the ChromeDriver standalone server11456929772d0487546aaae9eb251089f0487d20.0.1119.0cooloUpdate to a newer version115816fbb35a3fbe23e1bc85305992ad047a0421.0.1137.0cooloUpdate to a newer snapshot1209742a0d822a8919a0e50c0eec010658d98c21.0.1145.0cooloAutomatic submission by obs-autosubmit122682f92055ecce36025a7cd117e073e04f9f21.0.1158.0cooloUpdate to a newer version123158c048235142ce244295f7cc087582441021.0.1158.0coolofix build without the version updatec048235142ce244295f7cc087582441021.0.1158.0adrianSuSEbranched from openSUSE:Factoryac39d3190b9b519b56098b6f71d7b8ca21.0.1158.0coolomanual merge the build fix78f489f1841c445d514314264f03372f22.0.1190.0cooloUpdate to a newer version126677781c535addc8f2c03552f68d07ad5a2622.0.1221.0cooloFix build with glibc 2.16 (struct siginfo is not exported anymore). (forwarded request 129328 from a_jaeger)129341552ef7c47ee50f1f1189b69ca17a9ccc22.0.1226.0namtracForwarding because titti seems to be away.131024e3d3da9fc521ddf295d113046b6130bd23.0.1255.0cooloUpdate to newer version. V8 is no longer a dependency as that Chromium is now build with the full scale of internal libraries. 132633289b4fea45c880b031b87b8646f175fb23.0.1269.0cooloAutomatic submission by obs-autosubmit1355828f8e2df1ec58382efcc5afaea4e4ae1724.0.1290.0cooloUpdate to newer version 24.0.1290. Includes security fixes (bnc#782257)13755901cc2cbc2642621daf3baaa7fe69b71824.0.1290.0coolo- add explicit buildrequire on libbz2-devel (forwarded request 138367 from coolo)13837684e4524eb6c34a32fc96e62a666dcee124.0.1308.0cooloAutomatic submission by obs-autosubmit1400076706e71921090d46c23aa3d0b76931f525.0.1329.0cooloUpdate to 25.0.1329. This build is now building the libffmpegsumo.so library based on the included ffmpeg codecs. The buildflags are set in such a way that only the Chromium codecs are build and not the ones for Chrome (like e.g. H.264 is only included with the Chrome build). This in accordance with the discussion with lnussel, coolo and cartman142223ca88926f3d529bde6607ffe9d144061e25.0.1343.0cooloUpdate to a newer version. Also resolves the issue around the functionality regarding the chromium-ffmpeg package from packman to support proprietary codecs1437506b0537d996afe93a325b8a0881e3c06525.0.1352.0namtracUpdate to newer version144602bb8b795d3d2557068633f0328978d25725.0.1362.0cooloSecurity fixes.145653e7271a2688a003890df8f0113eb95d5b26.0.1371.0namtracUpdate to newer version146773e7271a2688a003890df8f0113eb95d5b26.0.1371.0adrianSuSESplit 12.3 from Factory72b64b037a54cde4cb339970fc92ee0926.0.1393.0cooloUpdate of chromium which fixes some strange bug which affected bugs.kde.org (example). Also we are building now against a number of system libraries.15024947254bf9d5ad1312188a8e84f39ed62526.0.1411.0cooloUpdate15562756395be63500e2d71ccb9ff3bb5f0a4527.0.1425.0cooloBugfixes and security Updates1570739f163800128a2b3bd384a7fd528aaa6f27.0.1447.0cooloAutomatic submission by obs-autosubmit161289b8587cd973ff9533dc7b8f46eee351e527.0.1452.0cooloUpdate to 27.0.1452161501bbbe4a81b336cef8fb7c51f38d806f3e28.0.1468.0cooloUpdate to 28.0.1468. Bugfixes163375bbbe4a81b336cef8fb7c51f38d806f3e28.0.1468.0cooloUpdate to 28.0.1468. Bugfixes163375daeb0be9aa77267e3adacac7364d308f28.0.1493.0cooloUpdate to a newer version1737064764e2cfc5683063d33d8bf26758c41928.0.1500.0cooloAutomatic submission by obs-autosubmit17520455ae3765c60f0b331334e008fa5065dd29.0.1521.0cooloAutomatic submission by obs-autosubmit177300a3c4e39de6ac16caebb4ae2bbfd21d0429.0.1530.0cooloAutomatic submission by obs-autosubmit178825c6b021ad194f604a67801922b7e9f3a529.0.1541.0cooloUpdate to 29.0.1541. Fixes also the build issue with the latest nss libraries179237c0a02ce1e4a154e77d5ae2b715e3a18c29.0.1548.0cooloUpdate to 29.0.15481813969197795280482113a64558fb4e1a1b1230.0.1553.0cooloAutomatic submission by obs-autosubmit182558b3403852b467841e18ef6f581591803130.0.1567.0cooloAutomatic submission by obs-autosubmit184128456af99ab59af47b09e03f58fbd8edac30.0.1575.0cooloAutomatic submission by obs-autosubmit185558d44a63d5877adea57fa867d267b1d01a31.0.1601.0scarabeus_factoryUpdate to chromium 31.0.16041882279ec2a8cce66e36068a6df90147b1732031.0.1611.0coolorequire mozilla-nss-devel >= 3.14 and mozilla-nspr-devel >= 4.10
update patch tagging for [bnc#836059] (forwarded request 196484 from AndreasStieger)1965029ec2a8cce66e36068a6df90147b1732031.0.1611.0adrianSuSESplit 13.1 from Factory39797fe7923882c5ec60b10e0f81507a31.0.1640.0cooloTwo major changes are incorporated. First is that I am no longer using a svn snapshot to build chromium, but an official released tarball. This would allow us to start tracking Beta or Dev channel.
Another change is that the same package is used to build the chromium-ffmpeg on packman. This means everything is merged into a single spec-file and based on its location it will build either chromium or chromium-ffmpeg. This would ensure that we always have correct versions.
Furthermore I have added a _constraints file to reduce the number of failed builds due to build host issues. 201256ec7a3f9696dcb9bb7d6893ff8990947d31.0.1650.8scarabeus_factoryUpdate Chromium to an official Chrome Beta channel tarball. With this SR the conversion from SVN snapshot to following the Beta channel is completed. Changelog updated based on comments from mvyskocil202156604c21093bd51f29deb013e43bbf857131.0.1650.11scarabeus_factoryAutomatic submission by obs-autosubmit203873039ae428c5e47e4ae297b4a4b1fb869b31.0.1650.57cooloUpdate of Chromium and removing not-allowed codecs208773c390a7040db8b39835de14bee602d48931.0.1650.63cooloUpdate of the Chromium stable channel. Includes the requested changes for the excludearch2104708531283f860b2d5a8aed7c4fa1563e0d32.0.1700.77cooloNew Stable channel release2146424c40fe03331b386de345f32e18c9761f32.0.1700.102cooloAutomatic submission by obs-autosubmit2208971f9fcfa4ea59b082a3d84d59d5281c3433.0.1750.117cooloStable channel update22351299fbfa40c4d984a7042909f8746490fd33.0.1750.152cooloAutomatic submission by obs-autosubmit22803723648aaec497278b21c14c006bd02fb933.0.1750.152cooloNo more fixed required versipn for the ffmpegsumo package. This is what the users want (bnc#872271)229186852ea5186d8e0cf85b2dd21ca57e2a5834.0.1847.116cooloUpdate to chromium stable channel 34.0.1847.116 (bnc#872805)22974646713fc88cae13559a16da65da950ef534.0.1847.116cooloAutomatic submission by obs-autosubmit230840c41de99619069a2780c7f6b846ca14fb34.0.1847.132cooloAutomatic submission by obs-autosubmit232665c48b1d9ab868529e2077d10b94e6bad835.0.1916.114cooloUpdate to Chromium 35 Stable2351215784d4244661f1d38b68dd5d65364e9a35.0.1916.114cooloAutomatic submission by obs-autosubmit235819c3113f7c6dba5daceb7fa4d7eee6774c35.0.1916.153cooloAutomatic submission by obs-autosubmit23797341555ad042dc7a162c9fa57d29c5466436.0.1985.125cooloUpdate to latest stable release.24221333233ef81967599444c13d7584aed52436.0.1985.125lnusselAutomatic submission by obs-autosubmit24449156a892c89e985109d325e50c1830b64936.0.1985.143lnusselAutomatic submission by obs-autosubmit24548656a892c89e985109d325e50c1830b64936.0.1985.143adrianSuSESplit 13.2 from Factory4257e1c151aae473c88734c18d46959137.0.2062.94coolo- Update to Chromium 37.0.2062.94 - Security Fixes (bnc#893720). Also enable ARM build again as that we switched to shared libraries which should reduce the memory required for final linking2474271123773ab5a28e314d4bfac5da0b290737.0.2062.120cooloAutomatic submission by obs-autosubmit2500206bf5a217ebca9ef1dbcd58017ad263be38.0.2125.104cooloUpdate to 38.0.2125.1042575087d1c744216dc2031364116a6bb0f02fd38.0.2125.111cooloAutomatic submission by obs-autosubmit2596629f05544b03a87375a324eb459594cca939.0.2171.65dimstar_suseUpdate of Chromium Stable channel26243992c511013976b4b85668626dcde5db6439.0.2171.71dimstar_suse12635688f967637a86156daa9a9ab4a0f69560439.0.2171.95dimstar_suseAutomatic submission by obs-autosubmit26553270355aa19e5c688ad1e937d396073aa339.0.2171.99dimstar_suseAutomatic submission by obs-autosubmit282347bb200e9e6e332653648cc29f6ea4948540.0.2214.94dimstar_suseAutomatic submission by obs-autosubmit284687af4e4850134a9411e1566c3697ca5ff640.0.2214.111cooloAutomatic submission by obs-autosubmit286265072464a56b2b3289b293d6f7611bb83f40.0.2214.115dimstar_suseUpdate287689402ab44d80d68e1041c6c3a4f5f9694940.0.2214.115dimstar_suse1288339ef1b30ab701ededfcd77c0b1c71f00f141.0.2272.76dimstar_suseupdate to Chromium 41.0.2272.76 (bnc#920825)289538e01088a17f7d56fc627792925f63408041.0.2272.89dimstar_suseAutomatic submission by obs-autosubmit2915893aba36876c43238bc910f3d62160142941.0.2272.101dimstar_suseAutomatic submission by obs-autosubmit293527035da71b21392584ca77890d9438b82f41.0.2272.118dimstar_suseChromium Stable update (boo#925713,boo#925714)294257bcaf960c4382d1cd20a457d4807fd7f442.0.2311.90dimstar_suseUpdate to the latest stable release29813679c46a8226ea193443e8ac6efc3eaeb642.0.2311.135cooloAutomatic submission by obs-autosubmit3055543da420804def603c185d96a786fe386743.0.2357.65cooloUpdate Stable Chromium (boo#931660, boo#931661, boo#931663, boo#931664, boo#931659, boo#931665, boo#931666, boo#931667, boo#931668, boo#931669, boo#931670, boo#931671, boo#931672, boo#931673, boo#931674)3081539623e974e1277a4835d389b1a042298c43.0.2357.81dimstar_suseAutomatic submission by obs-autosubmit31013841acfa266532e22adff72b22a3bb1d2d43.0.2357.125dimstar_suseFixes the Gcc5 failing build and prevents downloading a binary blob when the users starts chromiume31245496ec12f77c0ed88e85d113d8d23eb62d43.0.2357.130dimstar_suseUpdate to a newer version of Chromium Stable channel313377b84544970a7e9e128c2501e8c2c7dce144.0.2403.89dimstar_suseUpdate to a new stable release317945c154a7e09adbe1524b6bf82c37d1b23a44.0.2403.130dimstar_suseAutomatic submission by obs-autosubmit322072a63b73f7c791b5ebb9be4fac1ce419d945.0.2454.85dimstar_suseUpdate of chromium stable channel. boo#9441443307075db09a6c7037a404f891991a7974f6dc45.0.2454.99cooloAutomatic submission by obs-autosubmit33476509989744b0f72e396712b248993a08ab45.0.2454.101coolo13378472248bc4870245a0f16c011ff7162ac6746.0.2490.71dimstar_suseNew Stable release33950831dc991f02c0f7bde5f7dfdaf325f86d46.0.2490.71dimstar_suseMake use of the new homepage34014655f38cc1f311d77f5f0049ef6662d1b346.0.2490.86dimstar_suse1344210800c5762896053f466de7991768e50fb47.0.2526.80cooloUpdate for Chromium3484924e479c4de452610df90e527923cfe04547.0.2526.80dimstar_suse13488387bccebbdebc5c8c89a89c5e9754aac4f47.0.2526.106dimstar_suse13498814bec3bbe81490419b767e206a427961947.0.2526.106dimstar_suse1351270bf274d2856bea87c6c32772c73e3e59a48.0.2564.82dimstar_suseUpdate of Chromium355575625a4acf8782041659fa3bef22025f3c48.0.2564.103dimstar_suseNew Stable release3582542b6546b4595e704e40185229c6c078cb48.0.2564.103dimstar_suseCorrect version number and disable building against certain system libraries. This could cause potentially issues. 3587176f84a549f799d9d13592ca5d5db597e648.0.2564.109dimstar_suseUpdate to a new chromium release (boo#965999)359504395c2add9bfd5751a1eb3b52198ef96148.0.2564.116dimstar_suse136044315a2d2f472ebd87601154f549ad0085b49.0.2623.75dimstar_suseUpdate to Chromium 49 Stable3665434fdca8a3296812bccb00b8cdbff22c5149.0.2623.87dimstar_suseAutomatic submission by obs-autosubmit37362641d6857964ef24ecf89c121340c7e91949.0.2623.87dimstar_suse1374664aa0b4065f02ce367dd3fed3758943a4049.0.2623.110dimstar_suse13823657d47fe6599e310b8deae627d5a2975bc49.0.2623.112dimstar_suse1386253a1538005221103c1a485e2d0d332df9b50.0.2661.75dimstar_suse1390205894c24ed6779590ff64dde9469b2e25f50.0.2661.75dimstar_suse1391920e05f319b8e6840a135d4787ed087361850.0.2661.94dimstar_suse1393394446dd876373e22b662e4d5ff8a2216df50.0.2661.102dimstar_suse1396556decdd6f1a0178c2af82cdb9bdfe7fe8451.0.2704.63dimstar_suse13982970819e88c52c26f853dca8c5ed61f2b3b51.0.2704.79dimstar_suse1399649468b973c961ea24cbf93a52def4882d951.0.2704.103dimstar_suseUpdate to newer version4033963dcb23f5b577f000e4d3c89fef965f4151.0.2704.103dimstar_suseAdd. GCC6 fixes that should resolve the crashes experienced in Factory/Tumbleweed404250b10cdb2152f125a6fa24c1f65104513251.0.2704.106dimstar_suse14081190d3668f34583d64cff65391f8635e8c352.0.2743.116dimstar_suseThis is with the new build system and moving back to a static binary. The number of ninja processes for the main build have been reduced to 4, which should help controlling the memory. I hope that this would resolve the issues in staging. The build is failing for 13.2 and arm, but hopefully I get that resolved or through a newer version 4211905737270bdc9b5f0d5f95d7ba29f1efb952.0.2743.116dimstar_suseWe are one step closer to get it build on ARM, but this should also resolve the main issue reported in b00#996061. Main issue was the gcc60-fixes patch that changed the wrong file. 4237212a295ac8948efe654024602f72d9050f53.0.2785.89dimstar_suse142414405c10313a0331b171b64c12f8d05e80353.0.2785.92dimstar_suse1425342cdb165a20661a5b9b56e906fcd30fd6353.0.2785.101dimstar_suse- Reenable widevine build again bnc#998328
- Stable channel update to 53.0.2785.101
* SPDY crasher fixes
* Disable NV12 DXGI video on AMD
* Forward --password-store switch to os_crypt
* Tell the kernel to discard USB requests when they time out.426963818f979903c41697e6dc153c764ea32b53.0.2785.116dimstar_suse- Version update stable channel 53.0.2785.116
* Just smal bugfixes around
- Version update to 53.0.2785.113 bnc#998743:
* CVE-2016-5170 Use after free in Blink
* CVE-2016-5171 Use after free in Blink
* CVE-2016-5172 Arbitrary Memory Read in v8
* CVE-2016-5173 Extension resource access
* CVE-2016-5174 Popup not correctly suppressed
* CVE-2016-5175 Various fixes from internal audits4279388d4db9b5dc10818a29a5123c1745403953.0.2785.116dimstar_suse- Apply sandbox patch to fix crashers on tumbleweed bnc#999091
* chromium-sandbox.patch428376b6214fa418671b86626de7c2b752b95753.0.2785.143dimstar_suse- Version update to 53.0.2785.143 bnc#1002140:
* CVE-2016-5177: Use after free in V8
* CVE-2016-5178: Various fixes from internal audits
- Export GDK_BACKEND=x11 before starting chromium, ensuring that
it's started as an Xwayland client (boo#1001135).43146897bb8819a1f71beef380f3cc55b54d4f54.0.2840.59dimstar_suse (forwarded request 435104 from scarabeus_iv)435110a99ad68c8ba7e14bc2acf1d9c2500a5754.0.2840.71dimstar_suse- Update to 54.0.2840.71:
* Few fixes around4366726bbe34bcb646da995a8e101598d1a92f55.0.2883.75dimstar_suse- Chromium 55.0.2883.75 bnc#1013236:
CVE-2016-9651 CVE-2016-5208 CVE-2016-5207 CVE-2016-5206 CVE-2016-5205
CVE-2016-5204 CVE-2016-5209 CVE-2016-5203 CVE-2016-5210 CVE-2016-5212
CVE-2016-5211 CVE-2016-5213 CVE-2016-5214 CVE-2016-5216 CVE-2016-5215
CVE-2016-5217 CVE-2016-5218 CVE-2016-5219 CVE-2016-5221 CVE-2016-5220
CVE-2016-5222 CVE-2016-9650 CVE-2016-5223 CVE-2016-5226 CVE-2016-5225
CVE-2016-5224 CVE-2016-9652
- Switch to system libraries: harfbuzz, zlib, ffmpeg, ...
- Refreshed patches:
* chromium-system-ffmpeg-r3.patch
* chromium-system-jinja-r13.patch
- Use system ffmpeg unless on 13.2 that didn't include it
* chromium-54-ffmpeg2compat.patch
* Remove upstreamed chromium-more-codec-aliases.patch
- Chromium 54.0.2840.100:
* CVE-2016-5199: Heap corruption in FFmpeg (boo#1009892)
* CVE-2016-5200: out of bounds memory access in v8 (boo#1009893)
* CVE-2016-5201: info leak in extensions (boo#1009894)
* CVE-2016-5202: various fixes from internal audits (boo#1009895)
- Add patch chromium-prop-codecs.patch and set properly the codecs
variable in main scope to allow ffmpeg passthrough
bnc#1008725
- Update to 54.0.2840.90:
* Few fixes and tweaks
* Fixes CVE-2016-5198 bsc#1008274443536a4a1b911842602c3ee20456030abf4dd55.0.2883.75dimstar_suse- record minimum version for harfbuzz, incuding runtime
Chromium will crash with harfbuzz < 1.3.04443412cf37271249d4e3d6403ed31b2f609aa55.0.2883.75dimstar_suse- Obsolete ffmpeg and ffmpegsumo package in addition to conflict
- Remove bookmarks override as discussed with artwork simply just set
homepage to our openSUSE one and that is all445393b11145b577935d4c9e6687037082d78d55.0.2883.87lnussel_factory1447332e3b2f99264773ddb81df3b5887825eb456.0.2924.76dimstar_suse- Version update to 56.0.2924.76:
- CVE-2017-5007: Universal XSS in Blink
- CVE-2017-5006: Universal XSS in Blink
- CVE-2017-5008: Universal XSS in Blink
- CVE-2017-5010: Universal XSS in Blink
- CVE-2017-5011: Unauthorised file access in Devtools
- CVE-2017-5009: Out of bounds memory access in WebRTC
- CVE-2017-5012: Heap overflow in V8
- CVE-2017-5013: Address spoofing in Omnibox
- CVE-2017-5014: Heap overflow in Skia
- CVE-2017-5015: Address spoofing in Omnibox
- CVE-2017-5019: Use after free in Renderer
- CVE-2017-5016: UI spoofing in Blink
- CVE-2017-5017: Uninitialised memory access in webm video
- CVE-2017-5018: Universal XSS in chrome://apps
- CVE-2017-5020: Universal XSS in chrome://downloads
- CVE-2017-5021: Use after free in Extensions
- CVE-2017-5022: Bypass of Content Security Policy in Blink
- CVE-2017-5023: Type confusion in metrics
- CVE-2017-5024: Heap overflow in FFmpeg
- CVE-2017-5025: Heap overflow in FFmpeg
- CVE-2017-5026: UI spoofing. Credit to Ronni Skansing
- Add conditional to switch between system and bundled icu
- Raise dependency on harfbuzz to 1.3.1
- Also refresh patches:
chromium-prop-codecs.patch chromium-linker-memory.patch
- Added patch chromium-enable-vaapi-on-suse.patch to enable
VAAPI hardware accelerated video decoding.453619ed72f0383b94f55db864e09c5c3270e556.0.2924.76dimstar_suse145377694f39bee76c80ae8c0bd1387fb42afa456.0.2924.87dimstar_suse- Version update to 56.0.2924.87:
* Various small fixes
* Disabled option to enable/disable plugins in the chrome://plugins454415aef0c410c8d5c5556cd500a75445f9dd56.0.2924.87dimstar_suseAutomatic submission by obs-autosubmit46003741ecc6bbb0942d4cd597a3b6ff5580ff57.0.2987.98dimstar_suse- Version update to 57.0.2987.98 bsc#1028848:
CVE-2017-5030 CVE-2017-5031 CVE-2017-5032 CVE-2017-5029 CVE-2017-5034
CVE-2017-5035 CVE-2017-5036 CVE-2017-5037 CVE-2017-5039 CVE-2017-5040
CVE-2017-5041 CVE-2017-5033 CVE-2017-5042 CVE-2017-5038 CVE-2017-5043
CVE-2017-5044 CVE-2017-5045 CVE-2017-5046
- Refresh patches
* fix-gn-bootstrap.diff
* chromium-linker-memory.patch
- Remove obsolete patches:
* chromium-sandbox.patch
* chromium-54-ffmpeg2compat.patch
- Remove vaapi patch which broke rendering on non-intel cards:
* chromium-enable-vaapi-on-suse.patch
- From this release onwards i586 build is disabled4784693ef949cf8fc384a7ca63378bef7ebe1c57.0.2987.110dimstar_suse- Do not use gcc5 and newer as the compat was fixed again
- Update to 57.0.2987.110 with various other small tweaks481049ae9271d2b66674dc6f3bfaea46cf432457.0.2987.133lnussel_factory- Version update to 57.0.2987.133 bsc#1031677:
* Critical CVE-2017-5055: Use after free in printing. Credit to Wadih Matar
* High CVE-2017-5054: Heap buffer overflow in V8. Credit to Nicolas Trippar of Zimperium zLabs
* High CVE-2017-5052: Bad cast in Blink. Credit to JeongHoon Shin
* High CVE-2017-5056: Use after free in Blink. Credit to anonymous
* High CVE-2017-5053: Out of bounds memory access in V8. Credit to Team Sniper (Keen Lab and PC Mgr) reported through ZDI (ZDI-CAN-4587)
- Drop the browser(npapi) provide which is not true
- Add patch to build with gcc4
* chromium-57-gcc4.patch483829dc45d05d773b2a75d354023583ebae8b58.0.3029.81dimstar_suse- Use bundled jinja2, system one changed in 2.9 too much to work
* It is at least used only during build
- Version update to 58.0.3029.81 bsc#1035103:
* High CVE-2017-5057: Type confusion in PDFium. Credit to Guang Gong of Alpha Team, Qihoo 360
* High CVE-2017-5058: Heap use after free in Print Preview. Credit to Khalil Zhani
* High CVE-2017-5059: Type confusion in Blink. Credit to SkyLined working with Trend Micro's Zero Day Initiative
* Medium CVE-2017-5060: URL spoofing in Omnibox. Credit to Xudong Zheng
* Medium CVE-2017-5061: URL spoofing in Omnibox. Credit to Haosheng Wang (@gnehsoah)
* Medium CVE-2017-5062: Use after free in Chrome Apps. Credit to anonymous
* Medium CVE-2017-5063: Heap overflow in Skia. Credit to Sweetchip
* Medium CVE-2017-5064: Use after free in Blink. Credit to Wadih Matar
* Medium CVE-2017-5065: Incorrect UI in Blink. Credit to Khalil Zhani
* Medium CVE-2017-5066: Incorrect signature handing in Networking. Credit to chenchu
* Medium CVE-2017-5067: URL spoofing in Omnibox. Credit to Khalil Zhani
* Low CVE-2017-5069: Cross-origin bypass in Blink. Credit to Michael Reizelman
- Refresh patch fix-gn-bootstrap.diff
- Refresh patch chromium-system-jinja-r13.patch
- Remove obsolete patch chromium-57-gcc4.patch491735381bdc0b36b6a6829c45b495aa0d3c9a58.0.3029.96dimstar_suse- Version update to 58.0.3029.96:
* Fixes bsc#1037594 CVE-2017-506849285724bae21f5dafbca3dfdbf17a7a6e750158.0.3029.110dimstar_suse- Version update to 58.0.3029.110:
* Various small bugfixes49423425614164fd2ae90e2faaccac69b7633759.0.3071.86dimstar_suse- Update to 59.0.3071.86 bsc#1042833:
* CVE-2017-5070: Type confusion in V8. Reported by Zhao Qixun(@S0rryMybad) of Qihoo 360 Vulcan Team on 2017-05-16
* CVE-2017-5071: Out of bounds read in V8. Reported by Choongwoo Han on 2017-04-26
* CVE-2017-5072: Address spoofing in Omnibox. Reported by Rayyan Bijoora on 2017-04-07
* CVE-2017-5073: Use after free in print preview. Reported by Khalil Zhani on 2017-04-28
* CVE-2017-5074: Use after free in Apps Bluetooth. Reported by anonymous on 2017-03-09
* CVE-2017-5075: Information leak in CSP reporting. Reported by Emmanuel Gil Peyrot on 2017-01-05
* CVE-2017-5086: Address spoofing in Omnibox. Reported by Rayyan Bijoora on 2017-05-16
* CVE-2017-5076: Address spoofing in Omnibox. Reported by Samuel Erb on 2017-05-06
* CVE-2017-5077: Heap buffer overflow in Skia. Reported by Sweetchip on 2017-04-28
* CVE-2017-5078: Possible command injection in mailto handling. Reported by Jose Carlos Exposito Bueno on 2017-04-12
* CVE-2017-5079: UI spoofing in Blink. Reported by Khalil Zhani on 2017-04-20
* CVE-2017-5080: Use after free in credit card autofill. Reported by Khalil Zhani on 2017-04-05
* CVE-2017-5081: Extension verification bypass. Reported by Andrey Kovalev (@L1kvID) Yandex Security Team on 2016-12-07
* CVE-2017-5082: Insufficient hardening in credit card editor. Reported by Nightwatch Cybersecurity Research on 2017-05-11
* CVE-2017-5083: UI spoofing in Blink. Reported by Khalil Zhani on 2017-04-24
* CVE-2017-5085: Inappropriate javascript execution on WebUI pages. Reported by Zhiyang Zeng of Tencent security platform department on 2017-02-15
- Add patch to fix build with system dma:
* chromium-dma-buf.patch
- Drop no longer needed patches:
* chromium-linker-memory.patch
* chromium-system-jinja-r13.patch
- Refresh patches:
* chromium-gcc7.patch
* chromium-system-ffmpeg-r3.patch
* fix-gn-bootstrap.diff
- Use bundled libxml
* Upstream unfortunately uses git snapshot that is not api/abi compatible
- Add patch to build with gcc7:5012958ad9f0d3950a11b850ae479b89d9c15a59.0.3071.86dimstar_suseAutomatic submission by obs-autosubmit503976253ab537041d578ced32bd1a1b42f79e59.0.3071.104dimstar_suse15042076d75d1693be9bab14a7dd67dea746f8b59.0.3071.109dimstar_suse150597070bfa787401b672b72b759d0f7cba38360.0.3112.78dimstar_suse- Version update to 60.0.3112.78 bsc#1050537:
* CVE-2017-5091: Use after free in IndexedDB
* CVE-2017-5092: Use after free in PPAPI
* CVE-2017-5093: UI spoofing in Blink
* CVE-2017-5094: Type confusion in extensions
* CVE-2017-5095: Out-of-bounds write in PDFium
* CVE-2017-5096: User information leak via Android intents
* CVE-2017-5097: Out-of-bounds read in Skia
* CVE-2017-5098: Use after free in V8
* CVE-2017-5099: Out-of-bounds write in PPAPI
* CVE-2017-5100: Use after free in Chrome Apps
* CVE-2017-5101: URL spoofing in OmniBox
* CVE-2017-5102: Uninitialized use in Skia
* CVE-2017-5103: Uninitialized use in Skia
* CVE-2017-5104: UI spoofing in browser
* CVE-2017-7000: Pointer disclosure in SQLite
* CVE-2017-5105: URL spoofing in OmniBox
* CVE-2017-5106: URL spoofing in OmniBox
* CVE-2017-5107: User information leak via SVG
* CVE-2017-5108: Type confusion in PDFium
* CVE-2017-5109: UI spoofing in browser
* CVE-2017-5110: UI spoofing in payments dialog
* Various fixes from internal audits, fuzzing and other initiatives
- Add patch chromium-override.patch
- Remove patches chromium-fpermissive.patch chromium-system-ffmpeg-r3.patch
- Rebase patches:
* chromium-dma-buf.patch
* chromium-gcc7.patch
* chromium-last-commit-position-r0.patch
* fix-gn-bootstrap.diff512664966dfc8916714bbc7d233fdbf855498060.0.3112.90maxlin_factory- Version update to 60.0.3112.90:
* Various usability bugfixes51422269d2a43a8521fb82c0259927a1f2215760.0.3112.101dimstar_suse- Version update to 60.0.3112.101:
* various usability bugfixes517025feed13ce431bb183d04516902ec7bfb060.0.3112.113dimstar_suse151926986adfc0b1072cf5d9289a6498bf7ca4d61.0.3163.79dimstar_suse- Update to 61.0.3163.79 bsc#1057364:
* CVE-2017-5111: Use after free in PDFium.
* CVE-2017-5112: Heap buffer overflow in WebGL.
* CVE-2017-5113: Heap buffer overflow in Skia.
* CVE-2017-5114: Memory lifecycle issue in PDFium.
* CVE-2017-5115: Type confusion in V8.
* CVE-2017-5116: Type confusion in V8.
* CVE-2017-5117: Use of uninitialized value in Skia.
* CVE-2017-5118: Bypass of Content Security Policy in Blink.
* CVE-2017-5119: Use of uninitialized value in Skia.
* CVE-2017-5120: Potential HTTPS downgrade during redirect navigation.
- Rebase patch:
* fix-gn-bootstrap.diff
- Remove patches:
* chromium-gcc7.patch
* chromium-override.patch
- Add new patches:
* chromium-atk.patch
* chromium-gcc5.patch
* chromium-mojo-dep.patch
- Gtk3 is hard required from now on
- Version some of the required dependencies522997484a6cb06edee4c4b120597669591cfd61.0.3163.91dimstar_suse- Update to 61.0.3163.91:
* Various bugfixes52650537cff5aad9d5ed63c72f450db051af2761.0.3163.100dimstar_suse15283216343dfed6d80bc2dbf991232c450219262.0.3202.75dimstar_suse- Version update to 62.0.3202.75 bsc#1065405 CVE-2017-15396
* CVE-2017-15396: Stack overflow in V8
- BuildRequire nodejs6 required for polymer-bundler.js
- Try to export properly CXX/CC variable to fix leap builds
- Apply patch to fix building crc32 with gcc7:
* chromium-62.0.3202.62-correct-cplusplus-check.patch
- Update to 62.0.3202.62 bsc#1064066:
* CVE-2017-5124: UXSS with MHTML.
* CVE-2017-5125: Heap overflow in Skia.
* CVE-2017-5126: Use after free in PDFium.
* CVE-2017-5127: Use after free in PDFium.
* CVE-2017-5128: Heap overflow in WebGL.
* CVE-2017-5129: Use after free in WebAudio.
* CVE-2017-5132: Incorrect stack manipulation in WebAssembly.
* CVE-2017-5130: Heap overflow in libxml2.
* CVE-2017-5131: Out of bounds write in Skia.
* CVE-2017-5133: Out of bounds write in Skia.
* CVE-2017-15386: UI spoofing in Blink.
* CVE-2017-15387: Content security bypass.
* CVE-2017-15388: Out of bounds read in Skia.
* CVE-2017-15389: URL spoofing in OmniBox.
* CVE-2017-15390: URL spoofing in OmniBox.
* CVE-2017-15391: Extension limitation bypass in Extensions.
* CVE-2017-15392: Incorrect registry key handling in PlatformIntegration.
* CVE-2017-15393: Referrer leak in Devtools.
* CVE-2017-15394: URL spoofing in extensions UI.53704789116ca28a19709e832ab9c11e02437562.0.3202.75dimstar_suse- Add patch to fix sandbox crashes wrt bsc#1064298
* chromium-sandbox.patch5373918af45ef5ae3e06b38da5512ced25183862.0.3202.89dimstar_suse- Version update to 62.0.3202.89 bsc#1066851:
* CVE-2017-15398: Stack buffer overflow in QUIC
* CVE-2017-15399: Use after free in V8
- Drop upstream merged chromium-sandbox.patch
- Restrict the version on jpeg to not waste build power
* CVE-2017-5126: Use after free in PDFium.
* CVE-2017-5127: Use after free in PDFium.53947933f9a0143bb30ddb3f7e8e191aa0c73762.0.3202.94dimstar_suse54208477cd90c3f90f1c4f30973953036f4a5f62.0.3202.94dimstar_suse- BuildRequire nodejs8 instead of nodejs6 for suse_version >= 133054438234dbede01639d61986dd7657fd3ddc8763.0.3239.84dimstar_suse- Version update to 63.0.3239.84 bsc#1071691:
* Critical CVE-2017-15407: Out of bounds write in QUIC.
* High CVE-2017-15408: Heap buffer overflow in PDFium.
* High CVE-2017-15409: Out of bounds write in Skia.
* High CVE-2017-15410: Use after free in PDFium.
* High CVE-2017-15411: Use after free in PDFium.
* High CVE-2017-15412: Use after free in libXML.
* High CVE-2017-15413: Type confusion in WebAssembly.
* Medium CVE-2017-15415: Pointer information disclosure in IPC call.
* Medium CVE-2017-15416: Out of bounds read in Blink.
* Medium CVE-2017-15417: Cross origin information disclosure in Skia.
* Medium CVE-2017-15418: Use of uninitialized value in Skia.
* Medium CVE-2017-15419: Cross origin leak of redirect URL in Blink.
* Medium CVE-2017-15420: URL spoofing in Omnibox.
* Medium CVE-2017-15422: Integer overflow in ICU.
* Low CVE-2017-15423: Issue with SPAKE implementation in BoringSSL.
* Low CVE-2017-15424: URL Spoof in Omnibox.
* Low CVE-2017-15425: URL Spoof in Omnibox.
* Low CVE-2017-15426: URL Spoof in Omnibox.
* Low CVE-2017-15427: Insufficient blocking of JavaScript in Omnibox.
- Rebase fix-gn-bootstrap.diff
- Drop merged patches:
* chromium-gcc5.patch
* chromium-60.0.3112.113-breakpad-ucontext.patch
* chromium-62.0.3202.62-correct-cplusplus-check.patch
- Add new patches:
* chromium-non-void-return.patch
* chromium-gcc.patch554957e88da57f254ee991c06ad0f89163d82f63.0.3239.108dimstar_suse- Version update to 63.0.3239.108 bsc#1072976:
* CVE-2017-15429: UXSS in V8
* Various fuzzing fixes557288d4f5c12620875823b71ba7db07aaa70c63.0.3239.132dimstar_suse561799040f18a7f9584cf13371d113701dd20864.0.3282.119dimstar_suse- Disable ozone stuff conditions for now as the headless mode
breaks up runtime bsc#1077722
- Switch to gcc7 on Leap builds
- Version update to 64.0.3282.119 bsc#1077571:
* High CVE-2018-6031: Use after free in PDFium. Reported by Anonymous on 2017-11-01
* High CVE-2018-6032: Same origin bypass in Shared Worker. Reported by Jun Kokatsu (@shhnjk) on 2017-11-20
* High CVE-2018-6033: Race when opening downloaded files. Reported by Juho Nurminen on 2017-12-09
* Medium CVE-2018-6034: Integer overflow in Blink. Reported by Tobias Klein (www.trapkit.de) on 2017-11-12
* Medium CVE-2018-6035: Insufficient isolation of devtools from extensions. Reported by Rob Wu on 2017-12-23
* Medium CVE-2018-6036: Integer underflow in WebAssembly. Reported by The UK's National Cyber Security Centre (NCSC) on 2017-11-30
* Medium CVE-2018-6037: Insufficient user gesture requirements in autofill. Reported by Paul Stone of Context Information Security on 2017-08-09
* Medium CVE-2018-6038: Heap buffer overflow in WebGL. Reported by cloudfuzzer on 2017-10-12
* Medium CVE-2018-6039: XSS in DevTools. Reported by Juho Nurminen on 2017-10-17
* Medium CVE-2018-6040: Content security policy bypass. Reported by WenXu Wu of Tencent's Xuanwu Lab on 2017-10-26
* Medium CVE-2018-6041: URL spoof in Navigation. Reported by Luan Herrera on 2017-08-29
* Medium CVE-2018-6042: URL spoof in OmniBox. Reported by Khalil Zhani on 2017-10-12
* Medium CVE-2018-6043: Insufficient escaping with external URL handlers. Reported by 0x09AL on 2017-11-16
* Medium CVE-2018-6045: Insufficient isolation of devtools from extensions. Reported by Rob Wu on 2017-12-23
* Medium CVE-2018-6046: Insufficient isolation of devtools from extensions. Reported by Rob Wu on 2017-12-31
* Medium CVE-2018-6047: Cross origin URL leak in WebGL. Reported by Masato Kinugawa on 2018-01-08
* Low CVE-2018-6048: Referrer policy bypass in Blink. Reported by Jun Kokatsu (@shhnjk) on 2017-09-08
* Low CVE-2017-15420: URL spoofing in Omnibox. Reported by Drew Springall (@_aaspring_) on 2017-10-05
* Low CVE-2018-6049: UI spoof in Permissions. Reported by WenXu Wu of Tencent's Xuanwu Lab on 2017-10-13
* Low CVE-2018-6050: URL spoof in OmniBox. Reported by Jonathan Kew on 2017-10-15
* Low CVE-2018-6051: Referrer leak in XSS Auditor. Reported by Antonio Sanso (@asanso) on 2014-12-11
* Low CVE-2018-6052: Incomplete no-referrer policy implementation. Reported by Tanner Emek on 2016-05-28
* Low CVE-2018-6053: Leak of page thumbnails in New Tab Page. Reported by Asset Kabdenov on 2017-08-23
* Low CVE-2018-6054: Use after free in WebUI. Reported by Rob Wu on 2017-12-24569875a67bbe6ac6322ce40421a1de96fcfc7264.0.3282.119dimstar_suse- Fix default page to not point to 404
- Install swiftshader objects too as they are needed5706060bf165e14591f6eddee568dcd746ea9464.0.3282.140dimstar_suse- Version update to 64.0.3282.140 bsc#1079021:
* Various asan fixes bsc#1078463 CVE-2018-6406
- Eliminate build dependency on procps: we only used it to run
'free', in order to find out how much RAM we have available. We
can get this information directly from the kernel, from
/proc/meminfo.5719976d468c364de3b4af6ca04c586cecbd6564.0.3282.167dimstar_suse5764985d75e815160f72ef1381d5a44f94297664.0.3282.186dimstar_suse5798324a069b44ff2a91f1ade6a3c6324c580765.0.3325.146dimstar_suse- Version update to 65.0.3325.146 bsc#1084296:
* High CVE-2017-11215: Use after free in Flash.
* High CVE-2017-11225: Use after free in Flash.
* High CVE-2018-6060: Use after free in Blink.
* High CVE-2018-6061: Race condition in V8.
* High CVE-2018-6062: Heap buffer overflow in Skia.
* High CVE-2018-6057: Incorrect permissions on shared memory.
* High CVE-2018-6063: Incorrect permissions on shared memory.
* High CVE-2018-6064: Type confusion in V8.
* High CVE-2018-6065: Integer overflow in V8.
* Medium CVE-2018-6066: Same Origin Bypass via canvas.
* Medium CVE-2018-6067: Buffer overflow in Skia.
* Medium CVE-2018-6068: Object lifecycle issues in Chrome Custom Tab.
* Medium CVE-2018-6069: Stack buffer overflow in Skia.
* Medium CVE-2018-6070: CSP bypass through extensions.
* Medium CVE-2018-6071: Heap bufffer overflow in Skia.
* Medium CVE-2018-6072: Integer overflow in PDFium.
* Medium CVE-2018-6073: Heap bufffer overflow in WebGL.
* Medium CVE-2018-6074: Mark-of-the-Web bypass.
* Medium CVE-2018-6075: Overly permissive cross origin downloads.
* Medium CVE-2018-6076: Incorrect handling of URL fragment identifiers in Blink.
* Medium CVE-2018-6077: Timing attack using SVG filters.
* Medium CVE-2018-6078: URL Spoof in OmniBox.
* Medium CVE-2018-6079: Information disclosure via texture data in WebGL.
* Medium CVE-2018-6080: Information disclosure in IPC call.
* Low CVE-2018-6081: XSS in interstitials.
* Low CVE-2018-6082: Circumvention of port blocking.
* Low CVE-2018-6083: Incorrect processing of AppManifests.
- Add new patches:
* chromium-compiler.patch5842206a4c29ae8d0614a2683eb32d476b25bd65.0.3325.162dimstar_suse- Version update to 65.0.3325.162:
* Various stability fixes only
- Bundle the harfbuzz on < 15.0 release as we would have to
use requires_ge for the library itself later on otherwise
- Make sure to require gcc7
- Add patch chromium-drm.patch to make sure to build with Leap 42.3
variant of libdrm5869723e88b8204eb9b5c16e0a779ffb0ec38865.0.3325.181dimstar_suse589657c2ae1d2665de52e47417aa89b999b6c265.0.3325.181maxlin_factory- Add vaapi patches:
* chromium-vaapi-init.patch
* chromium-vaapi.patch
- Use memory-constraints package to limit threads as needed5946405fb36ae406fcfc7fd9c32b640b6f771166.0.3359.117dimstar_suse5980090d7ad0cc3ddc8d1c45670bc3be1b6e8a66.0.3359.139dimstar_suse- chromium 66.0.3359.139:
* CVE-2018-6118: Use after free in Media Cache (bsc#1091288)
* drop add-missing-blink-tools.patch, now in tarball again
60224271f20c158358ef536f7418354365568666.0.3359.139dimstar_suse- Add patch chromium-skia-system-fontconfig.patch to fix
bsc#1092272
- Enable build on AArch64
- Fix build on AArch64:
* set target_cpu to arm64
* disable tcmalloc and swiftshader for aarch64
* Add new patches:
- chromium-65.0.3325.162-skia-aarch64-buildfix.patch
- chromium-skia-neon.patch605680fb7193a3f4a5f8213e151c90e335702666.0.3359.170dimstar_suse606437cfbe64058d44df4e5d10b63d5bc3d61966.0.3359.181dimstar_suse609024e55e8e9bc93244ceb45686e73f5ff2f366.0.3359.181dimstar_suse61244094e30c950fac49711b3cbdb2dc766c4f67.0.3396.87dimstar_suse- Add patch to build under gcc8:
* chromium-gcc8.patch
- Chromium 67.0.3396.87:
* CVE-2018-6149: Out of bounds write in V8 (boo#1097452)
- Chromium 67.0.3396.79:
* CVE-2018-6148: Incorrect handling of CSP header (boo#1096508)
- Require ffmpeg >= 4.0 bsc#1095545
- Update to 67.0.3396.62 bsc#1095163
* CVE-2018-6123: Use after free in Blink.
* CVE-2018-6124: Type confusion in Blink.
* CVE-2018-6125: Overly permissive policy in WebUSB.
* CVE-2018-6126: Heap buffer overflow in Skia.
* CVE-2018-6127: Use after free in indexedDB.
* CVE-2018-6128: uXSS in Chrome on iOS.
* CVE-2018-6129: Out of bounds memory access in WebRTC.
* CVE-2018-6130: Out of bounds memory access in WebRTC.
* CVE-2018-6131: Incorrect mutability protection in WebAssembly.
* CVE-2018-6132: Use of uninitialized memory in WebRTC.
* CVE-2018-6133: URL spoof in Omnibox.
* CVE-2018-6134: Referrer Policy bypass in Blink.
* CVE-2018-6135: UI spoofing in Blink.
* CVE-2018-6136: Out of bounds memory access in V8.
* CVE-2018-6137: Leak of visited status of page in Blink.
* CVE-2018-6138: Overly permissive policy in Extensions.
* CVE-2018-6139: Restrictions bypass in the debugger extension API.
* CVE-2018-6140: Restrictions bypass in the debugger extension API.6197437ebc9739bc229b44309639d9b17bf8e467.0.3396.99dimstar_suse- Version update to 67.0.3396.99:
* Various small feature fixes, no security621880b1de9759bf6261d2e9e6a26852b676de68.0.3440.75dimstar_suse625371bd4b7080f85ea7c8d282698c68f318d568.0.3440.84dimstar_suse- Version update to 68.0.3440.84:
* Various small feature fixes only626880f25756718e440d7072295a6f42d299f868.0.3440.106dimstar_suseAutomatic submission by obs-autosubmit6311860ad9266081c77f21dee6779c08096e4469.0.3497.81dimstar_suse- Add patch to fix mojo build on 32bit:
* chromium-gcc8-alignof.patch
- Split out the gn from this package, obsoletes patches:
* fix-gn-bootstrap.patch
* chromium-last-commit-position-r0.patch
- Version update to 69.0.3497.81 bsc#1107235:
* CVE-2018-16065: Out of bounds write in V8
* CVE-2018-16066:Out of bounds read in Blink
* CVE-2018-16067: Out of bounds read in WebAudio
* CVE-2018-16068: Out of bounds write in Mojo
* CVE-2018-16069:Out of bounds read in SwiftShader
* CVE-2018-16070: Integer overflow in Skia
* CVE-2018-16071: Use after free in WebRTC
* CVE-2018-16073: Site Isolation bypass after tab restore
* CVE-2018-16074: Site Isolation bypass using Blob URLS
* Out of bounds read in Little-CMS
* CVE-2018-16075: Local file access in Blink
* CVE-2018-16076: Out of bounds read in PDFium
* CVE-2018-16077: Content security policy bypass in Blink
* CVE-2018-16078: Credit card information leak in Autofill
* CVE-2018-16079: URL spoof in permission dialogs
* CVE-2018-16080: URL spoof in full screen mode
* CVE-2018-16081: Local file access in DevTools
* CVE-2018-16082: Stack buffer overflow in SwiftShader
* CVE-2018-16083: Out of bounds read in WebRTC
* CVE-2018-16084: User confirmation bypass in external protocol handling
* CVE-2018-16085: Use after free in Memory Instrumentation
- Added patches:63374654b6f1419820f921ebb59b676a2028ae69.0.3497.92maxlin_factory6353493b9fdae4b56d6b6b8f37434487e1eeeb69.0.3497.100maxlin_factory- Keep blank line after autopatch to make SLE12 rpm macros happy
- Update to 69.0.3497.100 bsc#1108774
* Fixes from internal audits, fuzzing and other initiatives63634468cb3db917eb1da51c04f0b4b698577a70.0.3538.67dimstar_suse- Add patch trying to get the pkg to build with libva 1.x releases:
* chromium-libva1.patch
- Update chromium-old-glibc.patch to contain more tweaked locations
- Add back chromium-old-glibc.patch to make sure we build on 42.3
- Reduce the merge number on jumbo files to reduce memory usage bit
- remove trigger word from spec that trips up legal-auto
- Update to 70.0.3538.67 bsc#1112111:
* CVE-2018-17462: Sandbox escape in AppCache
* CVE-2018-17463: Remote code execution in V8
* CVE to be assigned: Heap buffer overflow in Little CMS in PDFium
* CVE-2018-17464: URL spoof in Omnibox
* CVE-2018-17465: Use after free in V8
* CVE-2018-17466: Memory corruption in Angle
* CVE-2018-17467: URL spoof in Omnibox
* CVE-2018-17468: Cross-origin URL disclosure in Blink
* CVE-2018-17469: Heap buffer overflow in PDFium
* CVE-2018-17470: Memory corruption in GPU Internals
* CVE-2018-17471: Security UI occlusion in full screen mode
* CVE-2018-17472: iframe sandbox escape on iOS
* CVE-2018-17473: URL spoof in Omnibox
* CVE-2018-17474: Use after free in Blink
* CVE-2018-17475: URL spoof in Omnibox
* CVE-2018-17476: Security UI occlusion in full screen mode
* CVE-2018-5179: Lack of limits on update() in ServiceWorker
* CVE-2018-17477: UI spoof in Extensions
- Added patches:
* chromium-gcc8-constexpr.patch64376674ef16ac6173d5e0bc4af1d82e9f684d70.0.3538.77dimstar_suse- Update to 70.0.3538.77:
* Few feature fixes only
- Do not meintion armv6 and armv7 in the constraints
- Update patch chromium-non-void-return.patch64524319b93c62872ffa916dea77ab85e24be670.0.3538.77dimstar_suse6462497c21e01d499ba88c4275b428d3ae581570.0.3538.102dimstar_suse- Version update to 70.0.3538.102 bsc#1115537 CVE-2018-17478
* CVE-2018-17478: Out of bounds memory access in V86488950eaff0562a0289aa0f30f2856110cecd70.0.3538.110dimstar_suse- Version update to 70.0.3538.110 bsc#1116608:
* CVE-2018-17479: Use-after-free in GPU6505855db1a5360e6c41dc3963989b3b72d60671.0.3578.80dimstar_suse- Version update to 71.0.3578.80 bsc#1118529:
- CVE-2018-17480: Out of bounds write in V8
- CVE-2018-17481: Use after frees in PDFium
- CVE-2018-18335: Heap buffer overflow in Skia
- CVE-2018-18336: Use after free in PDFium
- CVE-2018-18337: Use after free in Blink
- CVE-2018-18338: Heap buffer overflow in Canvas
- CVE-2018-18339: Use after free in WebAudio
- CVE-2018-18340: Use after free in MediaRecorder
- CVE-2018-18341: Heap buffer overflow in Blink
- CVE-2018-18342: Out of bounds write in V8
- CVE-2018-18343: Use after free in Skia
- CVE-2018-18344: Inappropriate implementation in Extensions
- Multiple issues in SQLite via WebSQL
- CVE-2018-18345: Inappropriate implementation in Site Isolation
- CVE-2018-18346: Incorrect security UI in Blink
- CVE-2018-18347: Inappropriate implementation in Navigation
- CVE-2018-18348: Inappropriate implementation in Omnibox
- CVE-2018-18349: Insufficient policy enforcement in Blink
- CVE-2018-18350: Insufficient policy enforcement in Blink
- CVE-2018-18351: Insufficient policy enforcement in Navigation
- CVE-2018-18352: Inappropriate implementation in Media
- CVE-2018-18353: Inappropriate implementation in Network Authentication
- CVE-2018-18354: Insufficient data validation in Shell Integration
- CVE-2018-18355: Insufficient policy enforcement in URL Formatter
- CVE-2018-18356: Use after free in Skia
- CVE-2018-18357: Insufficient policy enforcement in URL Formatter
- CVE-2018-18358: Insufficient policy enforcement in Proxy.
- CVE-2018-18359: Out of bounds read in V8
- Inappropriate implementation in PDFium655692caf87f231cf1e26ea840f2a9e8ebd5ba71.0.3578.80dimstar_suse657329ab489981fc2393bdac1d31438d58077971.0.3578.98dimstar_suse- Version update to 71.0.3578.98 bsc#1119364:
* CVE-2018-17481: Use after free in PDFium
- Redo chromium-old-libva.patch657844c3f4b34f728153ab92179af0123b0f1871.0.3578.98dimstar_suse6593363aa9064660e94409ed726968251cea9f71.0.3578.98dimstar_suse- Tweak fix_building_widevinecdm_with_chromium.patch to make it
work again bsc#1120429662377f127ffa7669e462cd9c9f4272650fc0172.0.3626.81coolo- Update to 72.0.3626.81 bsc#1123641:
* CVE-2019-5754: Inappropriate implementation in QUIC Networking. Reported by Klzgrad on 2018-12-12
* CVE-2019-5782: Inappropriate implementation in V8. Reported by Qixun Zhao of Qihoo 360 Vulcan Team via Tianfu Cup on 2018-11-16
* CVE-2019-5755: Inappropriate implementation in V8. Reported by Jay Bosamiya on 2018-12-10
* CVE-2019-5756: Use after free in PDFium. Reported by Anonymous on 2018-10-14
* CVE-2019-5757: Type Confusion in SVG. Reported by Alexandru Pitis, Microsoft Browser Vulnerability Research on 2018-12-15
* CVE-2019-5758: Use after free in Blink. Reported by Zhe JinïŒéćČïŒïŒLuyao Liu(ćè·Żé„) from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd on 2018-12-11
* CVE-2019-5759: Use after free in HTML select elements. Reported by Almog Benin on 2018-12-05
* CVE-2019-5760: Use after free in WebRTC. Reported by Zhe JinïŒéćČïŒïŒLuyao Liu(ćè·Żé„) from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd on 2018-12-05
* CVE-2019-5761: Use after free in SwiftShader. Reported by Zhe JinïŒéćČïŒïŒLuyao Liu(ćè·Żé„) from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd on 2018-11-13
* CVE-2019-5762: Use after free in PDFium. Reported by Anonymous on 2018-10-31
* CVE-2019-5763: Insufficient validation of untrusted input in V8. Reported by Guang Gong of Alpha Team, Qihoo 360 on 2018-12-13
* CVE-2019-5764: Use after free in WebRTC. Reported by Eyal Itkin from Check Point Software Technologies on 2018-12-09
* CVE-2019-5765: Insufficient policy enforcement in the browser. Reported by Sergey Toshin (@bagipro) on 2019-01-16
* CVE-2019-5766: Insufficient policy enforcement in Canvas. Reported by David Erceg on 2018-11-20
* CVE-2019-5767: Incorrect security UI in WebAPKs. Reported by Haoran Lu, Yifan Zhang, Luyi Xing, and Xiaojing Liao from Indiana University Bloomington on 2018-11-06
* CVE-2019-5768: Insufficient policy enforcement in DevTools. Reported by Rob Wu on 2018-01-24
* CVE-2019-5769: Insufficient validation of untrusted input in Blink. Reported by Guy Eshel on 2018-12-11
* CVE-2019-5770: Heap buffer overflow in WebGL. Reported by hemidallt@ on 2018-11-27
* CVE-2019-5771: Heap buffer overflow in SwiftShader. Reported by Zhe JinïŒéćČïŒïŒLuyao Liu(ćè·Żé„) from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd on 2018-11-12
* CVE-2019-5772: Use after free in PDFium. Reported by Zhen Zhou of NSFOCUS Security Team on 2018-11-26
* CVE-2019-5773: Insufficient data validation in IndexedDB. Reported by Yongke Wang of Tencent's Xuanwu Lab (xlab.tencent.com) on 2018-12-24
* CVE-2019-5774: Insufficient validation of untrusted input in SafeBrowsing. Reported by Junghwan Kang (ultract) and Juno Im on 2018-11-11
* CVE-2019-5775: Insufficient policy enforcement in Omnibox. Reported by evi1m0 of Bilibili Security Team on 2018-10-18
* CVE-2019-5776: Insufficient policy enforcement in Omnibox. Reported by Lnyas Zhang on 2018-07-14
* CVE-2019-5777: Insufficient policy enforcement in Omnibox. Reported by Khalil Zhani on 2018-06-04
* CVE-2019-5778: Insufficient policy enforcement in Extensions. Reported by David Erceg on 2019-01-02
* CVE-2019-5779: Insufficient policy enforcement in ServiceWorker. Reported by David Erceg on 2018-11-11
* CVE-2019-5780: Insufficient policy enforcement. Reported by Andreas Hegenberg (folivora.AI GmbH) on 2018-10-03
* CVE-2019-5781: Insufficient policy enforcement in Omnibox. Reported by evi1m0 of Bilibili Security Team on 2018-10-18670076139de31bfbd19394b1ed799b0ecea72a72.0.3626.96dimstar_suse- Update to 72.0.3626.96 bsc#1124936:
* CVE-2019-5784: Inappropriate implementation in V8
- Provide web_browser so chromium can be installed instead of firefox.673252b990d052c6066a9692349312f7917bd872.0.3626.109coolo- Update to 72.0.3626.109:
* This is just feature fixes update6777555860bf737a2c2d9c63d169a48aacade672.0.3626.119dimstar_suse- Update to 72.0.3626.119:
* Feature fixes update only678887192f1f714872805e1168182489d7d09472.0.3626.121dimstar_suse- Drop direct dependency on libgsm, we just need the devel
- Update to 72.0.3626.121:
* fixes bsc#1127602 CVE-2019-57866812442b9e50b5dee469c6d373fd82aa7fdd1273.0.3683.75dimstar_suse- Update to 73.0.3683.75 bsc#1129059:
* CVE-2019-5787: Use after free in Canvas.
* CVE-2019-5788: Use after free in FileAPI.
* CVE-2019-5789: Use after free in WebMIDI.
* CVE-2019-5790: Heap buffer overflow in V8.
* CVE-2019-5791: Type confusion in V8.
* CVE-2019-5792: Integer overflow in PDFium.
* CVE-2019-5793: Excessive permissions for private API in Extensions.
* CVE-2019-5794: Security UI spoofing.
* CVE-2019-5795: Integer overflow in PDFium.
* CVE-2019-5796: Race condition in Extensions.
* CVE-2019-5797: Race condition in DOMStorage.
* CVE-2019-5798: Out of bounds read in Skia.
* CVE-2019-5799: CSP bypass with blob URL.
* CVE-2019-5800: CSP bypass with blob URL.
* CVE-2019-5801: Incorrect Omnibox display on iOS.
* CVE-2019-5802: Security UI spoofing.
* CVE-2019-5803: CSP bypass with Javascript URLs'.
* CVE-2019-5804: Command line command injection on Windows.
- Update patches:
* chromium-buildname.patch
* chromium-non-void-return.patch
* chromium-old-glibc.patch
* chromium-old-libva.patch
* chromium-vaapi.patch
- Removed patches:
* chromium-crashpad-fix_aarch64.patch
* chromium-webrtc-includes.patch
- Added patches:
* chromium-gcc.patch68466181270d08ea6309156f5f9f0534fc4ab873.0.3683.86dimstar_suse- Add patch for pipewire build:
* chromium-73.0.3683.75-pipewire-cstring-fix.patch
- Update to 73.0.3683.86:
* Just feature fixes around
- Refresh patch:
* chromium-non-void-return.patch
- Update conditions to use system harfbuzz on TW+
- Require java during build
- Enable using pipewire when available
- Rebase chromium-vaapi.patch to match up the Fedora one6886151827e1b149df09d0624000a433b442d973.0.3683.103dimstar_suse- Update to 73.0.3686.103:
* Various feature fixes691759c25f1c9aad2dd95d55bbe999ef8bb65374.0.3729.108dimstar_suse- Update to 74.0.3729.108 bsc#1133313:
* CVE-2019-5805: Use after free in PDFium
* CVE-2019-5806: Integer overflow in Angle
* CVE-2019-5807: Memory corruption in V8
* CVE-2019-5808: Use after free in Blink
* CVE-2019-5809: Use after free in Blink
* CVE-2019-5810: User information disclosure in Autofill
* CVE-2019-5811: CORS bypass in Blink
* CVE-2019-5813: Out of bounds read in V8
* CVE-2019-5814: CORS bypass in Blink
* CVE-2019-5815: Heap buffer overflow in Blink
* CVE-2019-5818: Uninitialized value in media reader
* CVE-2019-5819: Incorrect escaping in developer tools
* CVE-2019-5820: Integer overflow in PDFium
* CVE-2019-5821: Integer overflow in PDFium
* CVE-2019-5822: CORS bypass in download manager
* CVE-2019-5823: Forced navigation from service worker
* CVE-2019-5812: URL spoof in Omnibox on iOS
* CVE-2019-5816: Exploit persistence extension on Android
* CVE-2019-5817: Heap buffer overflow in Angle on Windows
- Add patches:
* 00-basevalue.patch
* 01-basevalue.patch
* 02-basevalue.patch
* 03-basevalue.patch
* 04-basevalue.patch
* 05-basevalue.patch
* 06-basevalue.patch
* old-libva.patch
* quic.patch6996388383e8463eb5c20402c866b56d9a858574.0.3729.108dimstar_suse- Add patch to fix build on aarch64:
* chromium-fix-crc32-for-aarch64.patch
70198749feaba8e912d1556f35bed598eddee274.0.3729.157dimstar_suse7041566dfcd7d995ae40d73438cd630fc0eb1374.0.3729.169dimstar_suseAutomatic submission by obs-autosubmit7074159e55b2f435a9c31af48d33baf62382df75.0.3770.80dimstar_suse- Fix build with kernel 5.2 and avoid runtime crash due to pure virtual
declaration:
* chromium-75.0.3770.80-SIOCGSTAMP.patch
* chromium-75.0.3770.80-pure-virtual-crash-fix.patch
- Update old-libva.patch to make sure we build on Leap 42.3
- Update to 75.0.3770.80 bsc#1137332:
* CVE-2019-5828: Use after free in ServiceWorker
* CVE-2019-5829: Use after free in Download Manager
* CVE-2019-5830: Incorrectly credentialed requests in CORS
* CVE-2019-5831: Incorrect map processing in V8
* CVE-2019-5832: Incorrect CORS handling in XHR
* CVE-2019-5833: Inconsistent security UI placemen
* CVE-2019-5835: Out of bounds read in Swiftshader
* CVE-2019-5836: Heap buffer overflow in Angle
* CVE-2019-5837: Cross-origin resources size disclosure in Appcache
* CVE-2019-5838: Overly permissive tab access in Extensions
* CVE-2019-5839: Incorrect handling of certain code points in Blink
* CVE-2019-5840: Popup blocker bypass
* Various fixes from internal audits, fuzzing and other initiatives
* CVE-2019-5834: URL spoof in Omnibox on iOS
- Remove merged patchsets:
* 00-basevalue.patch
* 01-basevalue.patch
* 02-basevalue.patch
* 03-basevalue.patch
* 04-basevalue.patch
* 05-basevalue.patch
* 06-basevalue.patch709055705c839c845a26ae38854af38d3a396375.0.3770.90dimstar_suse- Update to 75.0.3770.90 bsc#1137332 bsc#1138287:
* CVE-2019-5842: Use-after-free in Blink.70995648a7b6aff7ce568db5c3d1473f05f58975.0.3770.100dimstar_suse- Update to 75.0.3770.100:
* This is just feature fixes update710898b4f52c1b97e689ae1e23a11dac7dab8875.0.3770.142dimstar_suse- Do not use lto flags from prjconf, we need to set them using
gn buildsystem
- Drop patch chromium-non-void-return.patch and just pass
a cxxflags disabler for the check
- Update gcc-enable-lto.patch to work on systems without the
lto
- Update to 75.0.3770.142 bsc#1141649:
* CVE-2019-5847: V8 sealed/frozen elements cause crash
* CVE-2019-5848: Font sizes may expose sensitive information
- Add patch chromium-renderprocess-crash.patch to hopefully fix
bsc#1141102
- Enable LTO for x86_64 - add gcc-enable-lto.patch and
gcc-lto-rsp-clobber.patch patches.
- Install manpage
- Update to 72.0.3626.109 bsc#1120892 CVE-2018-20073:71983058810a67ebba2eff28a6f435fd4d9c2276.0.3809.87dimstar_suse- Update to 76.0.3809.87:
* CVE-2019-5850: Use-after-free in offline page fetcher
* CVE-2019-5860: Use-after-free in PDFium
* CVE-2019-5853: Memory corruption in regexp length check
* CVE-2019-5851: Use-after-poison in offline audio context
* CVE-2019-5859: res: URIs can load alternative browsers
* CVE-2019-5856: Insufficient checks on filesystem: URI permissions
* CVE-2019-5855: Integer overflow in PDFium
* CVE-2019-5865: Site isolation bypass from compromised renderer
* CVE-2019-5858: Insufficient filtering of Open URL service parameters
* CVE-2019-5864: Insufficient port filtering in CORS for extensions
* CVE-2019-5862: AppCache not robust to compromised renderers
* CVE-2019-5861: Click location incorrectly checked
* CVE-2019-5857: Comparison of -0 and null yields crash
* CVE-2019-5854: Integer overflow in PDFium text rendering
* CVE-2019-5852: Object leak of utility functions
* Various fixes from internal audits, fuzzing and other initiatives
* Not affected:
+ CVE-2019-5863: Use-after-free in WebUSB on Windows
- Added patches:
* chromium-76-gcc-ambiguous-nodestructor.patch
* chromium-76-gcc-blink-constexpr.patch
* chromium-76-gcc-blink-namespace1.patch
* chromium-76-gcc-blink-namespace2.patch
* chromium-76-gcc-gl-init.patch
* chromium-76-gcc-include.patch
* chromium-76-gcc-noexcept.patch
* chromium-76-gcc-private.patch
* chromium-76-gcc-pure-virtual.patch
* chromium-76-gcc-uint32.patch7205618aae4f552f00f7f72c77a3cc67d8eb0b76.0.3809.87dimstar_suse- Add patches to fix few compilation issues:
* chromium-angle-inline.patch
* chromium-fix-char_traits.patch bsc#1144625
- Remove not properly applying old-glibc patch:
* chromium-old-glibc.patch
- Disable various gcc warnings as upstream does not care and it
just bloats the buildlog (from debian)
- Update to 76.0.3809.87 bsc#1143492:72171794343e08b77acfb25b9ded544e24c52376.0.3809.100dimstar_suse- Update to 76.0.3809.100 bsc#1145242:
* CVE-2019-5868: Use-after-free in PDFium ExecuteFieldAction
* CVE-2019-5867: Out-of-bounds read in V872278471872b01e6414cd3d6ed38c4fe7ed77076.0.3809.100dimstar_suse7250854bc10097f2a88fea0144fe27927ca55876.0.3809.132dimstar_suse- Update to 76.0.3809.132 bsc#1149143 CVE-2019-5869:
* CVE-2019-5869: Use-after-free in Blink
* Various fixes from internal audits, fuzzing and other initiatives
- Refresh patch chromium-76-gcc-ambiguous-nodestructor.patch728057debc794fa2f84ad0f4d0c33ab2ade37377.0.3865.75lnussel_factory- Update to chromium 77.0.3865.75 bsc#1150425:
* CVE-2019-5870: Use-after-free in media
* CVE-2019-5871: Heap overflow in Skia
* CVE-2019-5872: Use-after-free in Mojo
* CVE-2019-5874: External URIs may trigger other browsers
* CVE-2019-5875: URL bar spoof via download redirect
* CVE-2019-5876: Use-after-free in media
* CVE-2019-5877: Out-of-bounds access in V8
* CVE-2019-5878: Use-after-free in V8
* CVE-2019-5879: Extension can bypass same origin policy
* CVE-2019-5880: SameSite cookie bypass
* CVE-2019-5881: Arbitrary read in SwiftShader
* CVE-2019-13659: URL spoof
* CVE-2019-13660: Full screen notification overlap
* CVE-2019-13661: Full screen notification spoof
* CVE-2019-13662: CSP bypass
* CVE-2019-13663: IDN spoof
* CVE-2019-13664: CSRF bypass
* CVE-2019-13665: Multiple file download protection bypass
* CVE-2019-13666: Side channel using storage size estimate
* CVE-2019-13667: URI bar spoof when using external app URIs
* CVE-2019-13668: Global window leak via console
* CVE-2019-13669: HTTP authentication spoof
* CVE-2019-13670: V8 memory corruption in regex
* CVE-2019-13671: Dialog box fails to show origin
* CVE-2019-13673: Cross-origin information leak using devtools
* CVE-2019-13674: IDN spoofing
* CVE-2019-13675: Extensions can be disabled by trailing slash
* CVE-2019-13676: Google URI shown for certificate warning
* CVE-2019-13677: Chrome web store origin needs to be isolated730345cc950f28afae9b26092f48b832dcc6d477.0.3865.75maxlin_factory- Add patch from Fedora for cert transparency:
* chromium-77.0.3865.75-certificate-transparency.patch
- Add patches from gentoo:
* chromium-77-clang.patch
* chromium-77-gcc-no-opt-safe-math.patch
* chromium-77-no-cups.patch
* chromium-77-std-string.patch
- Update patch old-libva.patch to build on openSUSE Leap 15.073123139e2a27e8be53dc2c308b17caf3088ab77.0.3865.90maxlin_factory7318704f8244dac02e39b92898247553a52bbc77.0.3865.90dimstar_suse7320444f7a50aa748b395895d4a00a3557038c78.0.3904.70dimstar_suse- Disable LTO for now as it consumes ~20GB of RAM, we will reenable
the feature later when some memory consumption fixes land in
GCC
- Adjust LDFLAGS settings for LTO to take memory-constraints into
consideration
- Update to 78.0.3904.70 bsc#1154806:
* CVE-2019-13699: Use-after-free in media
* CVE-2019-13700: Buffer overrun in Blink
* CVE-2019-13701: URL spoof in navigation
* CVE-2019-13702: Privilege elevation in Installer
* CVE-2019-13703: URL bar spoofing
* CVE-2019-13704: CSP bypass
* CVE-2019-13705: Extension permission bypass
* CVE-2019-13706: Out-of-bounds read in PDFium
* CVE-2019-13707: File storage disclosure
* CVE-2019-13708: HTTP authentication spoof
* CVE-2019-13709: File download protection bypass
* CVE-2019-13710: File download protection bypass
* CVE-2019-13711: Cross-context information leak
* CVE-2019-15903: Buffer overflow in expat
* CVE-2019-13713: Cross-origin data leak
* CVE-2019-13714: CSS injection
* CVE-2019-13715: Address bar spoofing
* CVE-2019-13716: Service worker state error
* CVE-2019-13717: Notification obscured
* CVE-2019-13718: IDN spoof
* CVE-2019-13719: Notification obscured
* Various fixes from internal audits, fuzzing and other initiatives7438153dbe02d48289964871c706ccabfeb0d378.0.3904.70dimstar_suse7443682dcfc5ba69ef6fe2eaa9ce712f58c8f478.0.3904.87dimstar_suse- Update to 78.0.3904.87 bsc#1155643:
* CVE-2019-13721: Use-after-free in PDFium
* CVE-2019-13720: Use-after-free in audio744734ca65950bb0f4d583dc691d627211253778.0.3904.87dimstar_suse- Keep just one conditional for vaapi enablement
- Add more magic for zlib handling for SLE12 build
- Add patch trying to build on SLE12:
* chromium-old-glibc-noexcept.patch745998efa97e4b681c891a0dba8a63d8742d9f78.0.3904.97dimstar_suseAutomatic submission by obs-autosubmit748909083ac3995edbad6bbb9c8f79922478ba78.0.3904.97dimstar_suse7491998f2eab0adda5c3f1fe45a010bf36ca9278.0.3904.108dimstar_suse- Update to 78.0.3904.108 bsc#1157269:
* CVE-2019-13723: Use-after-free in Bluetooth
* CVE-2019-13724: Out-of-bounds access in Bluetooth
* Various fixes from internal audits, fuzzing and other initiatives749862603c5a322be96729c96da2ecb7d3aa4979.0.3945.88dimstar_suse758715d4363f2ddf9aadb5a3cb32eada030e2a79.0.3945.88dimstar_suse76014108928a79c781ceec499beaa9a59efc3079.0.3945.117dimstar_suse- Update to 79.0.3945.117 bsc#1160337:
* CVE-2020-6377: Use after free in audio
* Various fixes from internal audits, fuzzing and other initiatives
* CVE-2019-5844 CVE-2019-5845 CVE-2019-58467622031713826b0b10533328aa58fd35a4cabb79.0.3945.130dimstar_suse765585ebaacc49f2285c043af116b5258cf39c80.0.3987.100okurz-factory- Update to 80.0.3987.100 bsc#1163484:
* feature fixes only
- Update to 80.0.3987.87 bsc#1162833:
* CVE-2020-6381: Integer overflow in JavaScript
* CVE-2020-6382: Type Confusion in JavaScript
* CVE-2019-18197: Multiple vulnerabilities in XML
* CVE-2019-19926: Inappropriate implementation in SQLite
* CVE-2020-6385: Insufficient policy enforcement in storage
* CVE-2019-19880, CVE-2019-19925: Multiple vulnerabilities in SQLite
* CVE-2020-6387: Out of bounds write in WebRTC
* CVE-2020-6388: Out of bounds memory access in WebAudio
* CVE-2020-6389: Out of bounds write in WebRTC
* CVE-2020-6390: Out of bounds memory access in streams
* CVE-2020-6391: Insufficient validation of untrusted input in Blink
* CVE-2020-6392: Insufficient policy enforcement in extensions
* CVE-2020-6393: Insufficient policy enforcement in Blink
* CVE-2020-6394: Insufficient policy enforcement in Blink
* CVE-2020-6395: Out of bounds read in JavaScript
* CVE-2020-6396: Inappropriate implementation in Skia
* CVE-2020-6397: Incorrect security UI in sharing
* CVE-2020-6398: Uninitialized use in PDFium
* CVE-2020-6399: Insufficient policy enforcement in AppCache
* CVE-2020-6400: Inappropriate implementation in CORS
* CVE-2020-6401: Insufficient validation of untrusted input in Omnibox
* CVE-2020-6402: Insufficient policy enforcement in downloads
* CVE-2020-6403: Incorrect security UI in Omnibox
* CVE-2020-6404: Inappropriate implementation in Blink
* CVE-2020-6405: Out of bounds read in SQLite
* CVE-2020-6406: Use after free in audio77371463607ae31a24c7dfeb0b9bf0b81dba6c80.0.3987.100dimstar_suse- Add chromedriver binary to bindir
- Drop sandbox binary as it should not be needed really bsc#1163588
- Remove unused patch:
* chromium-sandbox-pie.patch777696e9d01d64098412d86f9bf7378d80813880.0.3987.122dimstar_suse- Update to 80.0.3987.122 bsc#1164828:
* CVE-2020-6418: Type confusion in V8
* CVE-2020-6407: Out of bounds memory access in streams.
* Integer overflow in ICU7791073d6e9dcc65336e579d673ec23b7d5e7480.0.3987.132dimstar_suse- Update to 80.0.3987.132 bsc#1165826:
* CVE-2020-6420: Insufficient policy enforcement in media.
* Various fixes from internal audits, fuzzing and other initiatives [2].
- Add patch trying to fix pulse audio issues with webrtc:
* webrtc-pulse.patch781924a9c48fa44dbc85d5d27d1bf160207eb580.0.3987.132dimstar_suse- Do not pull in python deps except interpreter, the bundles
are patched anwyays7849289f7374529b91b51604fc4b003e342ce680.0.3987.149dimstar_suse- Update to 80.0.3987.149:
* High CVE-2020-6422: Use after free in WebGL.
* High CVE-2020-6424: Use after free in media.
* High CVE-2020-6425: Insufficient policy enforcement in extensions.
* High CVE-2020-6426: Inappropriate implementation in V8.
* High CVE-2020-6427: Use after free in audio.
* High CVE-2020-6428: Use after free in audio.
* High CVE-2020-6429: Use after free in audio.
* High CVE-2019-20503: Out of bounds read in usersctplib.
* High CVE-2020-6449: Use after free in audio.
* Various fixes from internal audits, fuzzing and other initiatives786439d9cc867ae25f3a5b0f94c5bc0140852080.0.3987.149dimstar_suse- Add patch to allow building with pipewire 0.3:
* build-with-pipewire-0.3.patch
- Use pipewire in Leap 15.27881097385aec4aaa2071854d5d273c115e2af80.0.3987.162dimstar_suse- Update to 80.0.3987.162 bsc#1168421:
* CVE-2020-6450: Use after free in WebAudio.
* CVE-2020-6451: Use after free in WebAudio.
* CVE-2020-6452: Heap buffer overflow in media.
- Rebase build-with-pipewire-0.3.patch in order to fix
patch collision.
- Add chromium-missing-cstdint-header.patch,
chromium-missing-cstring-header.patch,
chromium-missing-cstring-header2.patch and
chromium-missing-cstddef-header.patch in order to fix boo#1167465.
- Use a symbolic icon for GNOME7908321b4910b130e85a20629a188e13564edd81.0.4044.92dimstar_suse- Update to 81.0.4044.92 bsc#1168911:
* CVE-2020-6454: Use after free in extensions
* CVE-2020-6423: Use after free in audio
* CVE-2020-6455: Out of bounds read in WebSQL
* CVE-2020-6430: Type Confusion in V8
* CVE-2020-6456: Insufficient validation of untrusted input in clipboard
* CVE-2020-6431: Insufficient policy enforcement in full screen
* CVE-2020-6432: Insufficient policy enforcement in navigations
* CVE-2020-6433: Insufficient policy enforcement in extensions
* CVE-2020-6434: Use after free in devtools
* CVE-2020-6435: Insufficient policy enforcement in extensions
* CVE-2020-6436: Use after free in window management
* CVE-2020-6437: Inappropriate implementation in WebView
* CVE-2020-6438: Insufficient policy enforcement in extensions
* CVE-2020-6439: Insufficient policy enforcement in navigations
* CVE-2020-6440: Inappropriate implementation in extensions
* CVE-2020-6441: Insufficient policy enforcement in omnibox
* CVE-2020-6442: Inappropriate implementation in cache
* CVE-2020-6443: Insufficient data validation in developer tools
* CVE-2020-6444: Uninitialized Use in WebRTC
* CVE-2020-6445: Insufficient policy enforcement in trusted types
* CVE-2020-6446: Insufficient policy enforcement in trusted types
* CVE-2020-6447: Inappropriate implementation in developer tools
* CVE-2020-6448: Use after free in V8
- Add new patches:
* chromium-81-gcc-constexpr.patch
* chromium-81-gcc-noexcept.patch
* fix-vaapi-with-glx.patch
- Remove no longer needed patches:
* chromium-80-gcc-abstract.patch7923884533ba1850392f7c92bc2ffe008b46d781.0.4044.92dimstar_suse- Try to use system version of xdg-utils79406717ced56ab2c8b9bb841597e0dcd4e07181.0.4044.122dimstar_suse7961943d6ffde6e34b7895c7f08448e7008fed81.0.4044.129dimstar_suse- update to 81.0.4044.129 (boo#1170707):
* CVE-2020-0561: Use after free in storage
* CVE-2020-6462: Use after free in task scheduling (forwarded request 798873 from AndreasStieger)7988980eb2c01d7b06c433daf19bbbc9e4182c81.0.4044.138dimstar_suse- update to 81.0.4044.138 bsc#1171247:
* CVE-2020-6831: Stack buffer overflow in SCTP
* CVE-2020-6464: Type Confusion in Blink.
- Add icu-v67.patch from upstream to fix build with icu v67800599d80fd963a5676876cab794aabcd6627983.0.4103.61maxlin_factory- Add patch to fix building with new re2:
* chromium-81-re2-0.2020.05.01.patch
- Update _constraints to avoid very slow builds seen on obs-arm-4
(probably due to swap)
- Update to 83.0.4103.61 bsc#1171910:
* CVE-2020-6465: Use after free in reader mode. Reported by Woojin Oh(@pwn_expoit) of STEALIEN on 2020-04-21
* CVE-2020-6466: Use after free in media. Reported by Zhe Jin from cdsrc of Qihoo 360 on 2020-04-26
* CVE-2020-6467: Use after free in WebRTC. Reported by ZhanJia Song on 2020-04-06
* CVE-2020-6468: Type Confusion in V8. Reported by Chris Salls and Jake Corina of Seaside Security, Chani Jindal of Shellphish on 2020-04-30
* CVE-2020-6469: Insufficient policy enforcement in developer tools. Reported by David Erceg on 2020-04-02
* CVE-2020-6470: Insufficient validation of untrusted input in clipboard. Reported by MichaĆ Bentkowski of Securitum on 2020-03-30
* CVE-2020-6471: Insufficient policy enforcement in developer tools. Reported by David Erceg on 2020-03-08
* CVE-2020-6472: Insufficient policy enforcement in developer tools. Reported by David Erceg on 2020-03-25
* CVE-2020-6473: Insufficient policy enforcement in Blink. Reported by Soroush Karami and Panagiotis Ilia on 2020-02-06
* CVE-2020-6474: Use after free in Blink. Reported by Zhe Jin from cdsrc of Qihoo 360 on 2020-03-07
* CVE-2020-6475: Incorrect security UI in full screen. Reported by Khalil Zhani on 2019-10-31
* CVE-2020-6476: Insufficient policy enforcement in tab strip. Reported by Alexandre Le Borgne on 2019-12-18
* CVE-2020-6477: Inappropriate implementation in installer. Reported by RACK911 Labs on 2019-03-26
* CVE-2020-6478: Inappropriate implementation in full screen. Reported by Khalil Zhani on 2019-12-24
* CVE-2020-6479: Inappropriate implementation in sharing. Reported by Zhong Zhaochen of andsecurity.cn on 2020-01-14
* CVE-2020-6480: Insufficient policy enforcement in enterprise. Reported by Marvin Witt on 2020-02-21
* CVE-2020-6481: Insufficient policy enforcement in URL formatting. Reported by Rayyan Bijoora on 2020-04-07
* CVE-2020-6482: Insufficient policy enforcement in developer tools. Reported by Abdulrahman Alqabandi (@qab) on 2017-12-17
* CVE-2020-6483: Insufficient policy enforcement in payments. Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research on 2019-05-23
* CVE-2020-6484: Insufficient data validation in ChromeDriver. Reported by Artem Zinenko on 2020-01-26
* CVE-2020-6485: Insufficient data validation in media router. Reported by Sergei Glazunov of Google Project Zero on 2020-01-30
* CVE-2020-6486: Insufficient policy enforcement in navigations. Reported by David Erceg on 2020-02-24
* CVE-2020-6487: Insufficient policy enforcement in downloads. Reported by Jun Kokatsu (@shhnjk) on 2015-10-06808194b9f2896ac778f8bb1439e324ae03e22d83.0.4103.97dimstar_suseup811311b73429b28e014285196d10e4f64798e383.0.4103.116dimstar_suse- Disable the LTO again as it still OOMs quite often
- Add patch to work with new ffmpeg wrt bsc#1173292:
* chromium-84-mediaalloc.patch
- Add multimedia fix for disabled location and also try one
additional patch from Debian on the same issue bsc#1173107
Update patch:
* no-location-leap151.patch
- Add patch from Fedora to avoid attribute overrides in skia:
* chromium-83.0.4103.97-skia-gcc-no_sanitize-fixes.patch
- Add patch to hopefully fix bsc#1173107:
* chromium-dev-shm.patch
- Update to 83.0.4103.116 bsc#1173251:
* CVE-2020-6509: Use after free in extensions
- Reduce constraints to say 20 GB disk space is enough
- Disable wayland integration on 15.x bsc#1173187 bsc#1173188
bsc#1173254
- Enforce to not use system borders bsc#1173063
- Update to 83.0.4103.106 bsc#1173029:
* CVE-2020-6505: Use after free in speech
* CVE-2020-6506: Insufficient policy enforcement in WebView
* CVE-2020-6507: Out of bounds write in V88169709891fde67b22b15fbb52957c5fe6a71f83.0.4103.116dimstar_suse81777576b9aff7a39af962ec617fea2164953884.0.4147.89dimstar_suse- Try to fix non-wayland build for Leap builds
- Update to 84.0.4147.89 bsc#1174189:
* Critical CVE-2020-6510: Heap buffer overflow in background fetch.
* High CVE-2020-6511: Side-channel information leakage in content security policy.
* High CVE-2020-6512: Type Confusion in V8.
* High CVE-2020-6513: Heap buffer overflow in PDFium.
* High CVE-2020-6514: Inappropriate implementation in WebRTC.
* High CVE-2020-6515: Use after free in tab strip.
* High CVE-2020-6516: Policy bypass in CORS.
* High CVE-2020-6517: Heap buffer overflow in history.
* Medium CVE-2020-6518: Use after free in developer tools.
* Medium CVE-2020-6519: Policy bypass in CSP.
* Medium CVE-2020-6520: Heap buffer overflow in Skia.
* Medium CVE-2020-6521: Side-channel information leakage in autofill.
* Medium CVE-2020-6522: Inappropriate implementation in external protocol handlers.
* Medium CVE-2020-6523: Out of bounds write in Skia.
* Medium CVE-2020-6524: Heap buffer overflow in WebAudio.
* Medium CVE-2020-6525: Heap buffer overflow in Skia.
* Low CVE-2020-6526: Inappropriate implementation in iframe sandbox.
* Low CVE-2020-6527: Insufficient policy enforcement in CSP.
* Low CVE-2020-6528: Incorrect security UI in basic auth.
* Low CVE-2020-6529: Inappropriate implementation in WebRTC.
* Low CVE-2020-6530: Out of bounds memory access in developer tools.
* Low CVE-2020-6531: Side-channel information leakage in scroll to text.
* Low CVE-2020-6533: Type Confusion in V8.
* Low CVE-2020-6534: Heap buffer overflow in WebRTC.
* Low CVE-2020-6535: Insufficient data validation in WebUI.
* Low CVE-2020-6536: Incorrect security UI in PWAs.
- Use bundled xcb-proto as we need to generate py2 bindings82145576f835615021065eac4beba99cfd2b5884.0.4147.125dimstar_suse826031642a5e72d00922cfac55ff85e8e2928e84.0.4147.135dimstar_suse- Do not use libexec as we use /usr/lib as a target folder
- Fix the build by removing expectation of llvm-7.0
- Update to 84.0.4147.135 (bsc#1175505):
* CVE-2020-6556: Heap buffer overflow in SwiftShader
- Use new _constraint memoryperjob.82989804ea68697e8b8eb543551fc89d498b9284.0.4147.135dimstar_suseRevert back to old constraint: allows more workers7684f0301047324977df84da70b98b7f84.0.4147.135dimstar_suseFixup last changec42b9d3646d9d357c95f2451a28612af85.0.4183.83dimstar_suse- Really update to .83 we accidentally included .69 beta release
- Add patch trying to compile with old libdrm on Leap 15.1:
* chromium-lp151-old-drm.patch
- Version update to 85.0.4183.83 bsc#1175757
* CVE-2020-6558: Insufficient policy enforcement in iOS
* CVE-2020-6559: Use after free in presentation API
* CVE-2020-6560: Insufficient policy enforcement in autofill
* CVE-2020-6561: Inappropriate implementation in Content Security Policy
* CVE-2020-6562: Insufficient policy enforcement in Blink
* CVE-2020-6563: Insufficient policy enforcement in intent handling.
* CVE-2020-6564: Incorrect security UI in permissions
* CVE-2020-6565: Incorrect security UI in Omnibox.
* CVE-2020-6566: Insufficient policy enforcement in media.
* CVE-2020-6567: Insufficient validation of untrusted input in command line handling.
* CVE-2020-6568: Insufficient policy enforcement in intent handling.
* CVE-2020-6569: Integer overflow in WebUSB.
* CVE-2020-6570: Side-channel information leakage in WebRTC.
* CVE-2020-6571: Incorrect security UI in Omnibox.
- Use bundled vpx everywhere again as it fails to compile against
system version
- Added patches:
* chromium-85-DelayNode-cast.patch
* chromium-85-FrameWidget-namespace.patch
* chromium-85-NearbyConnection-abstract.patch
* chromium-85-NearbyShareEncryptedMetadataKey-include.patch
* chromium-85-oscillator_node-cast.patch
* chromium-85-ostream-operator.patch
* chromium-85-ozone-include.patch
* chromium-85-sim_hash-include.patch
- Removed patches:
* chromium-82-gcc-template.patch
* chromium-84-AXObject-stl-iterator.patch
* chromium-84-FilePath-add-noexcept.patch
* chromium-84-base-has_bultin.patch
* chromium-84-fix-decltype.patch
* chromium-84-gcc-DOMRect-constexpr.patch
* chromium-84-gcc-noexcept.patch
* chromium-84-gcc-template.patch
* chromium-84-gcc-unique_ptr.patch
* chromium-84-gcc-use-brace-initializer.patch
* chromium-84-nss-include.patch
* chromium-84-ozone-include.patch
* chromium-84-revert-manage-ManifestManagerHost-per-document.patch
* chromium-84-std-vector-const.patch
* chromium-clang_lto_visibility_public.patch
- Updated patches:
* chromium-83-gcc-10.patch
* chromium-84-gcc-include.patch
* chromium-prop-codecs.patch
* gcc-enable-lto.patch
83160618714c5ffbefd0c4955b70dc2b39c82085.0.4183.83dimstar_suse- Move swiftshader stuff to chromium folder directly bsc#11762078329036fb9536890c6620c6e35a89618d4192985.0.4183.102dimstar_suse- Add back the swiftshader folder wrt bsc#1176450
- Update 85.0.4183.102 bsc#1176306:
* CVE-2020-6573: Use after free in video.
* CVE-2020-6574: Insufficient policy enforcement in installer.
* CVE-2020-6575: Race in Mojo.
* CVE-2020-6576: Use after free in offscreen canvas.
* CVE-2020-15959: Insufficient policy enforcement in networking.834011ea6c5f033eb6b68666289de513159f4785.0.4183.102dimstar_suse- The egl stuff is from angle not swiftshader, thanks Fedora
bsc#11764508348600cb951e204a6dc0079b4a133ca12456a85.0.4183.121dimstar_suse- Remove TOC files to avoid warning in post and fix angle conditional
- Update to 85.0.4183.121 bsc#1176791:
* CVE-2020-15960: Out of bounds read in storage
* CVE-2020-15961: Insufficient policy enforcement in extensions
* CVE-2020-15962: Insufficient policy enforcement in serial
* CVE-2020-15963: Insufficient policy enforcement in extensions
* CVE-2020-15965: Out of bounds write in V8
* CVE-2020-15966: Insufficient policy enforcement in extensions
* CVE-2020-15964: Insufficient data validation in media8363617c327b8886c59cec14e45dc4e1d18a5986.0.4240.75dimstar_suse- Remove vdpau->vaapi bridge as it breaks a lot:
(fixes welcome by someone else than me)
* chromium-vaapi-fix.patch
- Fix cookiemonster:
* fix-invalid-end-iterator-usage-in-CookieMonster.patch
- Update to 86.0.4240.75 bsc#1177408:
* CVE-2020-15967: Use after free in payments.
* CVE-2020-15968: Use after free in Blink.
* CVE-2020-15969: Use after free in WebRTC.
* CVE-2020-15970: Use after free in NFC.
* CVE-2020-15971: Use after free in printing.
* CVE-2020-15972: Use after free in audio.
* CVE-2020-15990: Use after free in autofill.
* CVE-2020-15991: Use after free in password manager.
* CVE-2020-15973: Insufficient policy enforcement in extensions.
* CVE-2020-15974: Integer overflow in Blink.
* CVE-2020-15975: Integer overflow in SwiftShader.
* CVE-2020-15976: Use after free in WebXR.
* CVE-2020-6557: Inappropriate implementation in networking.
* CVE-2020-15977: Insufficient data validation in dialogs.
* CVE-2020-15978: Insufficient data validation in navigation.
* CVE-2020-15979: Inappropriate implementation in V8.
* CVE-2020-15980: Insufficient policy enforcement in Intents.
* CVE-2020-15981: Out of bounds read in audio.
* CVE-2020-15982: Side-channel information leakage in cache.
* CVE-2020-15983: Insufficient data validation in webUI.
* CVE-2020-15984: Insufficient policy enforcement in Omnibox.
* CVE-2020-15985: Inappropriate implementation in Blink.
* CVE-2020-15986: Integer overflow in media.
* CVE-2020-15987: Use after free in WebRTC.
* CVE-2020-15992: Insufficient policy enforcement in networking.
* CVE-2020-15988: Insufficient policy enforcement in downloads.
* CVE-2020-15989: Uninitialized Use in PDFium.
- Add patches:
* chromium-78-protobuf-RepeatedPtrField-export.patch
* chromium-79-gcc-protobuf-alignas.patch
* chromium-80-QuicStreamSendBuffer-deleted-move-constructor.patch
* chromium-86-ConsumeDurationNumber-constexpr.patch
* chromium-86-ImageMemoryBarrierData-init.patch
* chromium-86-ServiceWorkerRunningInfo-noexcept.patch
* chromium-86-compiler.patch
* chromium-86-nearby-explicit.patch
* chromium-86-nearby-include.patch
- Remove patches:
* chromium-79-gcc-alignas.patch
* chromium-80-gcc-quiche.patch
* chromium-82-gcc-constexpr.patch
* chromium-83-gcc-10.patch
* chromium-84-gcc-include.patch
* chromium-84-mediaalloc.patch
* chromium-85-DelayNode-cast.patch
* chromium-85-FrameWidget-namespace.patch
* chromium-85-NearbyConnection-abstract.patch
* chromium-85-NearbyShareEncryptedMetadataKey-include.patch
* chromium-85-oscillator_node-cast.patch
* chromium-85-ostream-operator.patch
* chromium-85-ozone-include.patch
* chromium-85-sim_hash-include.patch
* chromium-blink-gcc-diagnostic-pragma.patch
* chromium-dma-buf.patch
* chromium-drm.patch
* chromium-quiche-invalid-offsetof.patch
- build with system libevent, the gn bug is no longer present
8418663a59d339fbb7ef86bed109fb4ea8368986.0.4240.111dimstar_suse- Update to 86.0.4240.111 bsc#1177936
- CVE-2020-16000: Inappropriate implementation in Blink.
- CVE-2020-16001: Use after free in media.
- CVE-2020-16002: Use after free in PDFium.
- CVE-2020-15999: Heap buffer overflow in Freetype.
- CVE-2020-16003: Use after free in printing. (forwarded request 843351 from msmeissn)843389e62a3ef7d1913d287795aecf183483d386.0.4240.183dimstar_suse- Update to 86.0.4240.183 bsc#1178375
- CVE-2020-16004: Use after free in user interface.
- CVE-2020-16005: Insufficient policy enforcement in ANGLE.
- CVE-2020-16006: Inappropriate implementation in V8
- CVE-2020-16007: Insufficient data validation in installer.
- CVE-2020-16008: Stack buffer overflow in WebRTC.
- CVE-2020-16009: Inappropriate implementation in V8.
- CVE-2020-16011: Heap buffer overflow in UI on Windows.
8456662d9e81ba96aeb9209d01f522653537b886.0.4240.198dimstar_suse- Update to 86.0.4240.198 bsc#1178703
- CVE-2020-16013: Inappropriate implementation in V8
- CVE-2020-16017: Use after free in site isolation (forwarded request 848026 from gmbr3)84802790c394cb112bcbdba8082f6ae6640e0a87.0.4280.66dimstar_suse- Added patches:
- chromium-gcc11.patch
- chromium-86-fix-vaapi-on-intel.patch
- chromium-87-compiler.patch
- chromium-87-CursorFactory-include.patch
- chromium-87-openscreen-include.patch
- chromium-87-ozone-deps.patch
- chromium-87-ServiceWorkerContainerHost-crash.patch
- chromium-87-webcodecs-deps.patch
- chromium-88-vaapi-attribute.patch
- chromium-lp152-missing-includes.patch
- Removed patches:
- chromium-86-ServiceWorkerRunningInfo-noexcept.patch
- chromium-86-compiler.patch
- fix-invalid-end-iterator-usage-in-CookieMonster.patch
- old-libva.patch
- Update to 87.0.4280.66 bsc#1178923
- Wayland support by default
- CVE-2020-16018: Use after free in payments.
- CVE-2020-16019: Inappropriate implementation in filesystem.
- CVE-2020-16020: Inappropriate implementation in cryptohome.
- CVE-2020-16021: Race in ImageBurner.
- CVE-2020-16022: Insufficient policy enforcement in networking.
- CVE-2020-16015: Insufficient data validation in WASM. R
- CVE-2020-16014: Use after free in PPAPI.
- CVE-2020-16023: Use after free in WebCodecs.
- CVE-2020-16024: Heap buffer overflow in UI.
- CVE-2020-16025: Heap buffer overflow in clipboard.
- CVE-2020-16026: Use after free in WebRTC.
- CVE-2020-16027: Insufficient policy enforcement in developer tools. R
- CVE-2020-16028: Heap buffer overflow in WebRTC.
- CVE-2020-16029: Inappropriate implementation in PDFium.
- CVE-2020-16030: Insufficient data validation in Blink.
- CVE-2019-8075: Insufficient data validation in Flash.
- CVE-2020-16031: Incorrect security UI in tab preview.
- CVE-2020-16032: Incorrect security UI in sharing.
- CVE-2020-16033: Incorrect security UI in WebUSB.
- CVE-2020-16034: Inappropriate implementation in WebRTC.
- CVE-2020-16035: Insufficient data validation in cros-disks.
- CVE-2020-16012: Side-channel information leakage in graphics.
- CVE-2020-16036: Inappropriate implementation in cookies. (forwarded request 849506 from gmbr3)84950710fca1de8de79c872043fa5769971a4287.0.4280.66dimstar_suse- Remove erroneous call to ldconfig which causes Firefox crashes (boo#1179298) (forwarded request 851547 from gmbr3)8515481ea6953673ab189d251029dc3207960e87.0.4280.88dimstar_suse- Added patches:
- chromium-87-icu68.patch
- chromium-87-v8-icu68.patch
- Update to 87.0.4280.88 bsc#1179576
- CVE-2020-16037: Use after free in clipboard
- CVE-2020-16038: Use after free in media
- CVE-2020-16039: Use after free in extensions
- CVE-2020-16040: Insufficient data validation in V8
- CVE-2020-16041: Out of bounds read in networking
- CVE-2020-16042: Uninitialized Use in V8 (forwarded request 853182 from gmbr3)853253976c1b0b342aea8a18cf0ce7687844c987.0.4280.88dimstar_suse8577477e30d6ee8901699fb70ea881bb7fb55487.0.4280.141dimstar_suse- Update to 87.0.4280.141 bsc#1180645
- CVE-2021-21106: Use after free in autofill
- CVE-2021-21107: Use after free in drag and drop
- CVE-2021-21108: Use after free in media
- CVE-2021-21109: Use after free in payments
- CVE-2021-21110: Use after free in safe browsing
- CVE-2021-21111: Insufficient policy enforcement in WebUI
- CVE-2021-21112: Use after free in Blink
- CVE-2021-21113: Heap buffer overflow in Skia
- CVE-2020-16043: Insufficient data validation in networking
- CVE-2021-21114: Use after free in audio
- CVE-2020-15995: Out of bounds write in V8
- CVE-2021-21115: Use after free in safe browsing
- CVE-2021-21116: Heap buffer overflow in audio (forwarded request 860986 from gmbr3)860987a05f75a2ef86afc16c1008192d1d580c87.0.4280.141dimstar_suse86362471e143cffc9aca4b37658108b272f99688.0.4324.96dimstar_suse86625421fae0673bfb723277b3bad1ab96980d88.0.4324.150dimstar_suse- Update to 88.0.4324.150 bsc#1181827
- CVE-2021-21148: Heap buffer overflow in V8 (forwarded request 869981 from gmbr3)86998228ebbea855c19f5f6bc1a720e50c623388.0.4324.150dimstar_suse- Add chromium-glibc-2.33.patch: fix Sandbox with glibc 2.33
(bsc#1182233)
872345c385ad46cb61190e0ea8effae67b616188.0.4324.182dimstar_susebsc#1182358 (forwarded request 873107 from gmbr3)873109082065d6169611b792adba50d80ed6e389.0.4389.72dimstar_suse- Update to 89.0.4389.72 bsc#1182960
- CVE-2021-21159: Heap buffer overflow in TabStrip.
- CVE-2021-21160: Heap buffer overflow in WebAudio.
- CVE-2021-21161: Heap buffer overflow in TabStrip.
- CVE-2021-21162: Use after free in WebRTC.
- CVE-2021-21163: Insufficient data validation in Reader Mode.
- CVE-2021-21164: Insufficient data validation in Chrome for iOS.
- CVE-2021-21165: Object lifecycle issue in audio.
- CVE-2021-21166: Object lifecycle issue in audio.
- CVE-2021-21167: Use after free in bookmarks.
- CVE-2021-21168: Insufficient policy enforcement in appcache.
- CVE-2021-21169: Out of bounds memory access in V8.
- CVE-2021-21170: Incorrect security UI in Loader.
- CVE-2021-21171: Incorrect security UI in TabStrip and Navigation.
- CVE-2021-21172: Insufficient policy enforcement in File System API.
- CVE-2021-21173: Side-channel information leakage in Network Internals.
- CVE-2021-21174: Inappropriate implementation in Referrer.
- CVE-2021-21175: Inappropriate implementation in Site isolation.
- CVE-2021-21176: Inappropriate implementation in full screen mode.
- CVE-2021-21177: Insufficient policy enforcement in Autofill.
- CVE-2021-21178: Inappropriate implementation in Compositing.
- CVE-2021-21179: Use after free in Network Internals.
- CVE-2021-21180: Use after free in tab search.
- CVE-2020-27844: Heap buffer overflow in OpenJPEG.
- CVE-2021-21181: Side-channel information leakage in autofill.
- CVE-2021-21182: Insufficient policy enforcement in navigations.
- CVE-2021-21183: Inappropriate implementation in performance APIs.
- CVE-2021-21184: Inappropriate implementation in performance APIs.
- CVE-2021-21185: Insufficient policy enforcement in extensions.
- CVE-2021-21186: Insufficient policy enforcement in QR scanning.877004df2a197de75cc6e633e9eac40343ff0c89.0.4389.90RBrownSUSE- Update to 89.0.4389.90 bsc#1183515
- CVE-2021-21191: Use after free in WebRTC.
- CVE-2021-21192: Heap buffer overflow in tab groups.
- CVE-2021-21193: Use after free in Blink.
- Update to 89.0.4389.82
- Add x11-ozone-fix-two-edge-cases.patch to fix tab drag errors879173d110c095fda9052aaefa9dfae3fa5d6b89.0.4389.114RBrownSUSEbsc#1184256882838c0b9988bfeb7f981cc71665dfd3dd3df89.0.4389.128dimstar_suse885475c646ce9414179cb08aba2c6df0e3821a90.0.4430.93dimstar_suse- Chromium 90.0.4430.93 (boo#1185398):
- CVE-2021-21227: Insufficient data validation in V8.
- CVE-2021-21232: Use after free in Dev Tools.
- CVE-2021-21233: Heap buffer overflow in ANGLE.
- CVE-2021-21228: Insufficient policy enforcement in extensions.
- CVE-2021-21229: Incorrect security UI in downloads.
- CVE-2021-21230: Type Confusion in V8.
- CVE-2021-21231: Insufficient data validation in V8.
- Reference: https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop_26.html
- Chromium 90.0.4430.85 (boo#1185047):
* CVE-2021-21222: Heap buffer overflow in V8
* CVE-2021-21223: Integer overflow in Mojo
* CVE-2021-21224: Type Confusion in V8
* CVE-2021-21225: Out of bounds memory access in V8
* CVE-2021-21226: Use after free in navigation
- Chromium 90.0.4430.72 (boo#1184764):
* CVE-2021-21201: Use after free in permissions
* CVE-2021-21202: Use after free in extensions
* CVE-2021-21203: Use after free in Blink
* CVE-2021-21204: Use after free in Blink
* CVE-2021-21205: Insufficient policy enforcement in navigation
* CVE-2021-21221: Insufficient validation of untrusted input in Mojo
* CVE-2021-21207: Use after free in IndexedDB
* CVE-2021-21208: Insufficient data validation in QR scanner
* CVE-2021-21209: Inappropriate implementation in storage
* CVE-2021-21210: Inappropriate implementation in Network
* CVE-2021-21211: Inappropriate implementation in Navigatio
* CVE-2021-21212: Incorrect security UI in Network Config UI
* CVE-2021-21213: Use after free in WebMIDI
* CVE-2021-21214: Use after free in Network API
* CVE-2021-21215: Inappropriate implementation in Autofill
* CVE-2021-21216: Inappropriate implementation in Autofill
* CVE-2021-21217: Uninitialized Use in PDFium
* CVE-2021-21218: Uninitialized Use in PDFium
* CVE-2021-21219: Uninitialized Use in PDFiu
* drop chromium-89-quiche-private.patch
* drop chromium-89-quiche-dcheck.patch
* drop chromium-89-skia-CropRect.patch
* drop chromium-89-dawn-include.patch
* drop chromium-89-webcodecs-deps.patch
* drop chromium-89-AXTreeSerializer-include.patch
* drop libva-2.11.patch
* drop libva-2.11-nolegacy.patch
* drop chromium-84-blink-disable-clang-format.patch
- chromium-90-gslang-linkage-fixup.patch: fixed a weird static/nonpic error
- chromium-90-cstdint.patch: some cstd includes added
- chromium-90-fseal.patch: F_SEAL defines added
88907724c944727fd067664ef5180b4bddd26990.0.4430.93dimstar_suse * Patch change *
- Fix build with GCC 11 again (bsc#1185716)
- Remove chromium-88-compiler.patch
- Remove chromium-90-cstdint.patch
- Remove chromium-90-gslang-linkage-fixup.patch
- Added chromium-90-compiler.patch
- Added chromium-90-angle-constexpr.patch
- Added chromium-90-TokenizedOutput-include.patch
- Added chromium-90-ruy-include.patch
- Added chromium-90-CrossThreadCopier-qualification.patch
- Added chromium-90-quantization_utils-include.patch891089de7a1300896cb40b8772a3139ef5cba890.0.4430.212dimstar_suse8922928088f37ec68f6e833fd8bd1396b1cfb790.0.4430.212dimstar_suse- use asimdrdm CPU flag for aarch64 to select only more powerful buildhosts.
893793019f326c6408c618f359993b67625bcc91.0.4472.77dimstar_suse- Chromium 91.0.4472.77 (boo#1186458):
* Support Managed configuration API for Web Applications
* WebOTP API: cross-origin iframe support
* CSS custom counter styles
* Support JSON Modules
* Clipboard: read-only files support
* Remove webkitBeforeTextInserted & webkitEditableCOntentChanged
JS events
* Honor media HTML attribute for link icon
* Import Assertions
* Class static initializer blocks
* Ergonomic brand checks for private fields
* Expose WebAssembly SIMD
* New Feature: WebTransport
* ES Modules for service workers ('module' type option)
* Suggested file name and location for the File System Access API
* adaptivePTime property for RTCRtpEncodingParameters
* Block HTTP port 10080 - mitigation for NAT Slipstream 2.0 attack
* Support WebSockets over HTTP/2
* Support 103 Early Hints for Navigation
* CVE-2021-30521: Heap buffer overflow in Autofill
* CVE-2021-30522: Use after free in WebAudio
* CVE-2021-30523: Use after free in WebRTC
* CVE-2021-30524: Use after free in TabStrip
* CVE-2021-30525: Use after free in TabGroups
* CVE-2021-30526: Out of bounds write in TabStrip
* CVE-2021-30527: Use after free in WebUI
* CVE-2021-30528: Use after free in WebAuthentication
* CVE-2021-30529: Use after free in Bookmarks
* CVE-2021-30530: Out of bounds memory access in WebAudio
* CVE-2021-30531: Insufficient policy enforcement in Content Security Policy
* CVE-2021-30532: Insufficient policy enforcement in Content Security Policy
* CVE-2021-30533: Insufficient policy enforcement in PopupBlocker
* CVE-2021-30534: Insufficient policy enforcement in iFrameSandbox
* CVE-2021-30535: Double free in ICU
* CVE-2021-21212: Insufficient data validation in networking
* CVE-2021-30536: Out of bounds read in V8
* CVE-2021-30537: Insufficient policy enforcement in cookies
* CVE-2021-30538: Insufficient policy enforcement in content security policy
* CVE-2021-30539: Insufficient policy enforcement in content security policy
* CVE-2021-30540: Incorrect security UI in payments
* Various fixes from internal audits, fuzzing and other initiatives
* drop chromium-90-TokenizedOutput-include.patch
* drop chromium-90-CrossThreadCopier-qualification.patch
* drop chromium-90-quantization_utils-include.patch
* drop chromium-90-angle-constexpr.patch
* add chromium-91-java-only-allowed-in-android-builds.patch
* add chromium-91-GCC_fix_vector_types_in_pcscan.patch
* add chromium-91-system-icu.patch
8958389ec9b13795734a81b684c4b7f5ad59ac91.0.4472.77dimstar_suse- Add README.SUSE
- Fix aarch64 build:
* chromium-91-libyuv-aarch64.patch
* Update highway to 0.12.2 (arm only)
- Add -flax-vector-conversions to build flags
89718981e3405a2d9656e3e9460fea75f749c391.0.4472.101dimstar_susechromium 91.0.4472.101 (boo#1187141)899022262887cdd862a5d3f4f059554b3fd87d91.0.4472.114dimstar_suseChromium 91.0.4472.114 (boo#1187481)
900774c57033ce67541f1509be82271f7e482e91.0.4472.114dimstar_susefix crash upon exit boo#1186948
901249a7aa8dab4aa10b58ce98966b247c3b1e91.0.4472.114dimstar_suse- Add chromium-91-sql-standard-layout-type.patch: to fix SQL being
incorrect with libstdc++ 11
9040642b2db13faf23a09f699ee4831a50a73691.0.4472.164dimstar_suse- chromium 91.0.4472.164 (boo#1188373)
* CVE-2021-30559: Out of bounds write in ANGLE
* CVE-2021-30541: Use after free in V8
* CVE-2021-30560: Use after free in Blink XSLT
* CVE-2021-30561: Type Confusion in V8
* CVE-2021-30562: Use after free in WebSerial
* CVE-2021-30563: Type Confusion in V8
* CVE-2021-30564: Heap buffer overflow in WebXR
* Various fixes from internal audits, fuzzing and other initiatives
906869f45677f59a33f9f436fa6ff3af45dd9692.0.4515.107dimstar_suse92.0.4515.10790962934324fa6d76c7c27e42122c132dc36b792.0.4515.131RBrownSUSE92.0.4515.131910522c062c6f1dffe21264f191e316831143292.0.4515.159RBrownSUSE- Chromium 92.0.4515.159 (boo#1189490):
* CVE-2021-30598: Type Confusion in V8
* CVE-2021-30599: Type Confusion in V8
* CVE-2021-30600: Use after free in Printing
* CVE-2021-30601: Use after free in Extensions API
* CVE-2021-30602: Use after free in WebRTC
* CVE-2021-30603: Race in WebAudio
* CVE-2021-30604: Use after free in ANGLE
* Various fixes from internal audits, fuzzing and other initiatives
- Add missing crashpad_handler (boo#1189254)
912804a643c27cdea40543bb7f1413beae508092.0.4515.159dimstar_suse191486127597d5f1041c62290c952b144a6898d93.0.4577.82dimstar_suseupdate91957419707e89086982fa596096530712a8cc94.0.4606.71dimstar_suseM949228459e483e76ac55a501868936a6d7e38f1194.0.4606.81dimstar_suseupdate9244888dad24c0e1e2bd26862339905ffe8f8095.0.4638.54dimstar_suseM95927179f87e3e564cd7347401fc6e5186075a6195.0.4638.69dimstar_susechromium 95.0.4638.69 (boo#1192184)92839133600494b8015d429946bb8bfdd9970495.0.4638.69dimstar_suse- Explicitly BuildRequire python3-six.
931936434303f49198fd7e5553d48a715b9bb795.0.4638.69dimstar_suse- Ensure newer libs and LLVM is used on Leap (boo#1192310)
933159f774cb005c6078622547afe7d96121b996.0.4664.110dimstar_susefix94069823b37bdf900bcc39bb159dc3cfe24b2796.0.4664.110dimstar_suse- Added patches:
* chromium-96-freetype-unbundle.patch
* chromium-96-EnumTable-crash.patch
- Unbundle freetype on TW
- Unbundle icu on 15.4
- Disable lto and update _constraints on aarch64
- Remove MEIPreload: it gets installed through component updater
9423406fb318afab625f3e0f6f33f215934ab396.0.4664.110dimstar_susefseal942656d87bdb7e0ed74bce6276acd46a73bd5196.0.4664.110dimstar_susewayland9430584937cb14897db41b9123fed48d61c51196.0.4664.110dimstar_susehttps://bugzilla.opensuse.org/show_bug.cgi?id=1194182415d504e0fff53d3248d3057d5a2ed6296.0.4664.110dimstar_suse- Revert wayland fixes because it doesn't handle GPU correctly
(boo#1194182)
- Use GCC 11, but disable LTO (boo#1194055).
- Use our own copy of the wrapper so that we can use the fixes
for Wayland
9433120417057e2b69894cff7a4eb4c838ff1796.0.4664.110dimstar_susehttps://bugzilla.opensuse.org/show_bug.cgi?id=119418234d05e45da82e2c787e301bcd180485397.0.4692.71dimstar_suseCr979459240b1f5395e9ffb29f3925d5ca199d05c597.0.4692.71dimstar_suseffmpeg947640af4daf4075e61d34977a14df39954b0a97.0.4692.99dimstar_susechromium 97.0.4692.99 (boo#1194919)9478608e5024fb342cfa38fb071264adf0790c98.0.4758.80dimstar_suseChromium 98.0.4758.80 (boo#1195420)951665abab21a9548736aa29fff78bb341dd6398.0.4758.102dimstar_suse955128fbc42eac4c800286393edbb667bf52fd99.0.4844.51dimstar_suseCr99959453936a612f02b2e7861c6374a69922587399.0.4844.74dimstar_suseChromium 99.0.4844.74 (boo#1197163)96213117fac86000265c33f2f70a3e1e88d22a99.0.4844.82dimstar_suse963477f071b15c1ce40e146e453caf68f4831799.0.4844.84dimstar_suse- Chromium 99.0.4844.84:
* CVE-2022-1096: Type Confusion in V8 (boo#1197552)
9650465f151d8301f52f6b63684b4be249eb8c99.0.4844.84dimstar_suse- Update disk constraints
965591eca65df473fba28f2e7141cb002341de100.0.4896.60dimstar_suse- Chromium 100.0.4896.60 (boo#1197680)
* CVE-2022-1125: Use after free in Portals
* CVE-2022-1127: Use after free in QR Code Generator
* CVE-2022-1128: Inappropriate implementation in Web Share API
* CVE-2022-1129: Inappropriate implementation in Full Screen Mode
* CVE-2022-1130: Insufficient validation of untrusted input in WebOTP
* CVE-2022-1131: Use after free in Cast UI
* CVE-2022-1132: Inappropriate implementation in Virtual Keyboard
* CVE-2022-1133: Use after free in WebRTC
* CVE-2022-1134: Type Confusion in V8
* CVE-2022-1135: Use after free in Shopping Cart
* CVE-2022-1136: Use after free in Tab Strip
* CVE-2022-1137: Inappropriate implementation in Extensions
* CVE-2022-1138: Inappropriate implementation in Web Cursor
* CVE-2022-1139: Inappropriate implementation in Background Fetch API
* CVE-2022-1141: Use after free in File Manager
* CVE-2022-1142: Heap buffer overflow in WebUI
* CVE-2022-1143: Heap buffer overflow in WebUI
* CVE-2022-1144: Use after free in WebUI
* CVE-2022-1145: Use after free in Extensions
* CVE-2022-1146: Inappropriate implementation in Resource Timing
- Added patches:
* chromium-100-compiler.patch
* chromium-100-GLImplementationParts-constexpr.patch
* chromium-100-InMilliseconds-constexpr.patch
* chromium-100-SCTHashdanceMetadata-move.patch
* chromium-100-macro-typo.patch
- Removed patches:
* chromium-98-compiler.patch
* chromium-86-nearby-explicit.patch
* chromium-glibc-2.34.patch
* chromium-v8-missing-utility-include.patch
* chromium-99-AutofillAssistantModelExecutor-NoDestructor.patch
9664328654ad3799a3fac2455d363502637300100.0.4896.75dimstar_suse- Chromium 100.0.4896.75:
* CVE-2022-1232: Type Confusion in V8 (boo#1198053)
967113befbd016eeea4504afe9de58b087bb2e100.0.4896.75dimstar_suse- Patches for GCC 12:
* chromium-fix-swiftshader-template.patch
* chromium-missing-include-tuple.patch
* chromium-webrtc-stats-missing-vector.patch
968256d65f4e9813ee24a5240bb439d0518245100.0.4896.88dimstar_suse- Chromium 100.0.4896.88 (boo#1198361)
* CVE-2022-1305: Use after free in storage
* CVE-2022-1306: Inappropriate implementation in compositing
* CVE-2022-1307: Inappropriate implementation in full screen
* CVE-2022-1308: Use after free in BFCache
* CVE-2022-1309: Insufficient policy enforcement in developer tools
* CVE-2022-1310: Use after free in regular expressions
* CVE-2022-1311: Use after free in Chrome OS shell
* CVE-2022-1312: Use after free in storage
* CVE-2022-1313: Use after free in tab groups
* CVE-2022-1314: Type Confusion in V8
* Various fixes from internal audits, fuzzing and other initiatives
969302520e7c1df5e4952e7dd639ef3134f5bd100.0.4896.127dimstar_suse- Chromium 100.0.4896.127 (boo#1198509)
* CVE-2022-1364: Type Confusion in V8
* Various fixes from internal audits, fuzzing and other initiatives
970306831f94719ab70b5c094f9bb6e0bbc500100.0.4896.127dimstar_suse- Fixes for go 1.18
971372ed7597bf8df7a4f67cadbdf17543c993101.0.4951.54dimstar_suse1019748745b694f7c221ac53e700d06b84cb936eb101.0.4951.64dimstar_susechromium 101.0.4951.64 (boo#1199409)9762042e0880a46aff837d9970f05c3ff124db101.0.4951.67dimstar_suse977313343e0832183b989a3a19e6999e730b0c102.0.5005.61dimstar_suse102979532402e6c396d56c7fae27973c93edb2f5e102.0.5005.61dimstar_susedisable arm cfi980324aa501598e2f954014ccddfbfac63f34a102.0.5005.61dimstar_suseGTK4981322c6ef4431f20365ccd58a694d6e7a63cb102.0.5005.115dimstar_suse- Chromium 102.0.5005.115 (boo#1200423)
* CVE-2022-2007: Use after free in WebGPU
* CVE-2022-2008: Out of bounds memory access in WebGL
* CVE-2022-2010: Out of bounds read in compositing
* CVE-2022-2011: Use after free in ANGLE
982060b32a0090b9fd2d92ebb5b878fee00e2d103.0.5060.53dimstar_suse103985033fc73c2b8205e2044c23d93483407fddc103.0.5060.66dimstar_suse987738673e3e5bf5fac4930aad5bbe97c74202103.0.5060.114dimstar_suse- Chromium 103.0.5060.114 (boo#1201216)
* CVE-2022-2294: Heap buffer overflow in WebRTC
* CVE-2022-2295: Type Confusion in V8
* CVE-2022-2296: Use after free in Chrome OS Shell (forwarded request 988023 from AndreasStieger)98802479daec3be81e68f2dcd711a259d89f39103.0.5060.134RBrownFactory- Chromium 103.0.5060.134 (boo#1201679):
* CVE-2022-2477 : Use after free in Guest View
* CVE-2022-2478 : Use after free in PDF
* CVE-2022-2479 : Insufficient validation of untrusted input in File
* CVE-2022-2480 : Use after free in Service Worker API
* CVE-2022-2481: Use after free in Views
* CVE-2022-2163: Use after free in Cast UI and Toolbar
* Various fixes from internal audits, fuzzing and other initiatives
9903591c5df3498ec5e8221b669b11785c143e103.0.5060.134RBrownFactory- Switch back to Clang so that we can use BTI on aarch64
* Gold is too old - doesn't understand BTI
* LD crashes on aarch64
- Re-enable LTO
- Prepare move to FFmpeg 5 for new channel layout
(requires 5.1+)
9910057cdb677eea6349f368754c78c8114eae104.0.5112.79dimstar_suseboo#1202075994138f4c722e9b0991d82759c0eb3f6b79e77104.0.5112.79dimstar_suse- Re-enable our version of chrome-wrapper
- Set no sandbox if root is being used (https://crbug.com/638180)
997378ac8344dabd66f2697ea0768791e621ba104.0.5112.101dimstar_suse- Chromium 104.0.5112.101 (boo#1202509):
* CVE-2022-2852: Use after free in FedCM
* CVE-2022-2854: Use after free in SwiftShader
* CVE-2022-2855: Use after free in ANGLE
* CVE-2022-2857: Use after free in Blink
* CVE-2022-2858: Use after free in Sign-In Flow
* CVE-2022-2853: Heap buffer overflow in Downloads
* CVE-2022-2856: Insufficient validation of untrusted input in Intents
* CVE-2022-2859: Use after free in Chrome OS Shell
* CVE-2022-2860: Insufficient policy enforcement in Cookies
* CVE-2022-2861: Inappropriate implementation in Extensions API
9981845cea097143a343a5ced7c3540b3002dd104.0.5112.101dimstar_suse998611c61269beb086444e352b98f9e3186970104.0.5112.101dimstar_suse10006057042c6c18f8f9c0ed61f477903af8406105.0.5195.102dimstar_suseboo#1203102 boo#12029641001897433be3fa3966f6e1744269a8a388da74105.0.5195.127dimstar_susechromium 105.0.5195.127 (boo#1203419)1003596286e94c88c835b9fee580494ea2a6303106.0.5249.91dimstar_suseChromium 106.0.5249.91 (boo#1203808)1007437acc7f4cfd87a4be36b0d3c91c65863b2106.0.5249.103RBrownFactory1008596c2a42ec73b044cd0056bba5f951cdedd106.0.5249.119dimstar_suse- Chromium 106.0.5249.119 (boo#1204223)
* CVE-2022-3445: Use after free in Skia
* CVE-2022-3446: Heap buffer overflow in WebSQL
* CVE-2022-3447: Inappropriate implementation in Custom Tabs
* CVE-2022-3448: Use after free in Permissions API
* CVE-2022-3449: Use after free in Safe Browsing
* CVE-2022-3450: Use after free in Peer Connection
10101695c01cef9f7ec3ef325b9dab359b8c96b107.0.5304.87dimstar_suse- Chromium 107.0.5304.87 (boo#1204819)
- Chromium 107.0.5304.68 (boo#1204732)1031906ef002e6dc139acd62fdb9f6416564d12107.0.5304.110dimstar_suse- Chromium 107.0.5304.110 (boo#1205221)
* CVE-2022-3885: Use after free in V8
* CVE-2022-3886: Use after free in Speech Recognition
* CVE-2022-3887: Use after free in Web Workers
* CVE-2022-3888: Use after free in WebCodecs
* CVE-2022-3889: Type Confusion in V8
* CVE-2022-3890: Heap buffer overflow in Crashpad
1034894a7c8b81f4e80e55cf54b79bcc8cb2dcd107.0.5304.110dimstar_suse- Build with llvm15 on openSUSE:Backports:SLE-15-SP5 and up
1036557cfc73be04f69fad46be4af0a7c4d9204107.0.5304.121dimstar_suse- Chromium 107.0.5304.121 (boo#1205736)
* CVE-2022-4135: Heap buffer overflow in GPU
10379930dc80803349fa089a31f68670201d015108.0.5359.71dimstar_suseChromium 108.0.5359.71 (boo#1205871)
1039204b7badb8413ba0686411e5aeb3cf39c86108.0.5359.94dimstar_suse- Chromium 108.0.5359.94:
* CVE-2022-4262: Type Confusion in V8 (boo#1205999)
103976606bc597b3f38788379b97de12d694fab108.0.5359.98dimstar_suse- Chromium 108.0.5359.98
* Fix regression in computing <select> visibility
10412280df4e8b176385581187b748a4ca6d991108.0.5359.124dimstar_suse- Chromium 108.0.5359.124:
* CVE-2022-4436: Use after free in Blink Media
* CVE-2022-4437: Use after free in Mojo IPC
* CVE-2022-4438: Use after free in Blink Frames
* CVE-2022-4439: Use after free in Aura
* CVE-2022-4440: Use after free in Profiles
10428472904d524b3de0cd833e44604c72491b0108.0.5359.124dimstar_suse- Add chromium-disable-GlobalMediaControlsCastStartStop.patch:
disable GlobalMediaControlsCastStartStop to fix crashes
occurring when interacting with the Media UI (bsc#1198124)10440942a2d7e5c6d561e86cc946b5d2d582162109.0.5414.74dimstar_susechromium 109.0.5414.74 boo#1207018
1057677fb094065d8c458d610dc56111ee118e9109.0.5414.74dimstar_susebsc#12071471059161c3b2bdddcb8c2a3beafe355e213af9cc109.0.5414.119dimstar_suse Chromium 109.0.5414.119 (boo#1207512)106079383a6bcd3eb36884960ada13af071b09d110.0.5481.77dimstar_suseChromium 110.0.5481.77 (boo#1208029)10640854d5660ad265f512b0ced80708d94f47f110.0.5481.100dimstar_suse1066266cac1d474aa6c3ad6e11eace6d2ad7977110.0.5481.177dimstar_suse- Chromium 110.0.5481.177 (boo#1208589)
* CVE-2023-0927: Use after free in Web Payments API
* CVE-2023-0928: Use after free in SwiftShader
* CVE-2023-0929: Use after free in Vulkan
* CVE-2023-0930: Heap buffer overflow in Video
* CVE-2023-0931: Use after free in Video
* CVE-2023-0932: Use after free in WebRTC
* CVE-2023-0933: Integer overflow in PDF
* CVE-2023-0941: Use after free in Prompts
* Various fixes from internal audits, fuzzing and other initiatives
106732223829a5ec3164a6c087af903e79486a4111.0.5563.64dimstar_susebsc#12030401070459dd8aaa4d0ba10eed97e3cdcbfec24275111.0.5563.64dimstar_suse- Revert back to GCC 11 on 15.4 as Clang 13 doesn't support GCC 12
107057419133324cd16485b77a3818f0fc116cf111.0.5563.110dimstar_suse- Chromium 111.0.5563.110 (boo#1209598)
* CVE-2023-1528: Use after free in Passwords
* CVE-2023-1529: Out of bounds memory access in WebHID
* CVE-2023-1530: Use after free in PDF
* CVE-2023-1531: Use after free in ANGLE
* CVE-2023-1532: Out of bounds read in GPU Video
* CVE-2023-1533: Use after free in WebProtect
* CVE-2023-1534: Out of bounds read in ANGLE
- Add gcc13-fix.patch in order to support GCC 13.
1073738