| AArch64 | |
| ppc64le | |
| s390x | |
| x86-64 |
- Chromium 104.0.5112.101 (boo#1202509): * CVE-2022-2852: Use after free in FedCM * CVE-2022-2854: Use after free in SwiftShader * CVE-2022-2855: Use after free in ANGLE * CVE-2022-2857: Use after free in Blink * CVE-2022-2858: Use after free in Sign-In Flow * CVE-2022-2853: Heap buffer overflow in Downloads * CVE-2022-2856: Insufficient validation of untrusted input in Intents * CVE-2022-2859: Use after free in Chrome OS Shell * CVE-2022-2860: Insufficient policy enforcement in Cookies * CVE-2022-2861: Inappropriate implementation in Extensions API
- Re-enable our version of chrome-wrapper - Set no sandbox if root is being used (https://crbug.com/638180)
- Chromium 103.0.5060.53 (boo#1200783) * CVE-2022-2156: Use after free in Base * CVE-2022-2157: Use after free in Interest groups * CVE-2022-2158: Type Confusion in V8 * CVE-2022-2160: Insufficient policy enforcement in DevTools * CVE-2022-2161: Use after free in WebApp Provider * CVE-2022-2162: Insufficient policy enforcement in File System API * CVE-2022-2163: Use after free in Cast UI and Toolbar * CVE-2022-2164: Inappropriate implementation in Extensions API * CVE-2022-2165: Insufficient data validation in URL formatting - Added patches: * chromium-103-FrameLoadRequest-type.patch * chromium-103-SubstringSetMatcher-packed.patch * chromium-103-VirtualCursor-std-layout.patch * chromium-103-compiler.patch - Removed patches: * chromium-102-compiler.patch * chromium-91-sql-standard-layout-type.patch * chromium-101-libxml-unbundle.patch * chromium-102-fenced_frame_utils-include.patch * chromium-102-swiftshader-template-instantiation.patch * chromium-102-symbolize-include.patch * chromium-97-arm-tflite-cast.patch * chromium-97-ScrollView-reference.patch
- Chromium 103.0.5060.134 (boo#1201679): * CVE-2022-2477 : Use after free in Guest View * CVE-2022-2478 : Use after free in PDF * CVE-2022-2479 : Insufficient validation of untrusted input in File * CVE-2022-2480 : Use after free in Service Worker API * CVE-2022-2481: Use after free in Views * CVE-2022-2163: Use after free in Cast UI and Toolbar * Various fixes from internal audits, fuzzing and other initiatives
- Chromium 103.0.5060.114 (boo#1201216) * CVE-2022-2294: Heap buffer overflow in WebRTC * CVE-2022-2295: Type Confusion in V8 * CVE-2022-2296: Use after free in Chrome OS Shell
- Chromium 103.0.5060.66 * no upstream release notes
- Disable ARM control flow integrity, it causes build issues at the moment - Try a different SVG (black logo on GNOME) - Removed patches: * chromium-third_party-symbolize-missing-include.patch (replaced by chromium-102-symbolize-include.patch)
- Chromium 102.0.5001.61 (boo#1199893) * CVE-2022-1853: Use after free in Indexed DB * CVE-2022-1854: Use after free in ANGLE * CVE-2022-1855: Use after free in Messaging * CVE-2022-1856: Use after free in User Education * CVE-2022-1857: Insufficient policy enforcement in File System API * CVE-2022-1858: Out of bounds read in DevTools * CVE-2022-1859: Use after free in Performance Manager * CVE-2022-1860: Use after free in UI Foundations * CVE-2022-1861: Use after free in Sharing * CVE-2022-1862: Inappropriate implementation in Extensions * CVE-2022-1863: Use after free in Tab Groups * CVE-2022-1864: Use after free in WebApp Installs * CVE-2022-1865: Use after free in Bookmarks * CVE-2022-1866: Use after free in Tablet Mode * CVE-2022-1867: Insufficient validation of untrusted input in Data Transfer * CVE-2022-1868: Inappropriate implementation in Extensions API * CVE-2022-1869: Type Confusion in V8 * CVE-2022-1870: Use after free in App Service * CVE-2022-1871: Insufficient policy enforcement in File System API * CVE-2022-1872: Insufficient policy enforcement in Extensions API * CVE-2022-1873: Insufficient policy enforcement in COOP * CVE-2022-1874: Insufficient policy enforcement in Safe Browsing * CVE-2022-1875: Inappropriate implementation in PDF * CVE-2022-1876: Heap buffer overflow in DevTools - Added patches: * chromium-102-compiler.patch * chromium-102-fenced_frame_utils-include.patch * chromium-102-regex_pattern-array.patch * chromium-102-swiftshader-template-instantiation.patch * chromium-102-symbolize-include.patch * ffmpeg-new-channel-layout.patch - Removed patches: * chromium-100-compiler.patch * chromium-80-QuicStreamSendBuffer-deleted-move-constructor.patch * chromium-95-quiche-include.patch * chromium-fix-swiftshader-template.patch * chromium-missing-include-tuple.patch * chromium-webrtc-stats-missing-vector.patch * chromium-101-segmentation_platform-type.patch
- Chromium 102.0.5005.115 (boo#1200423) * CVE-2022-2007: Use after free in WebGPU * CVE-2022-2008: Out of bounds memory access in WebGL * CVE-2022-2010: Out of bounds read in compositing * CVE-2022-2011: Use after free in ANGLE
- Switch to GTK4 on TW and Leap 15.4+ (boo#1200139)
- Chromium 101.0.4951.67 * fixes for other platforms
- Revert wayland fixes because it doesn't handle GPU correctly (boo#1194182)
- Chromium 101.0.4951.64 (boo#1199409) * CVE-2022-1633: Use after free in Sharesheet * CVE-2022-1634: Use after free in Browser UI * CVE-2022-1635: Use after free in Permission Prompts * CVE-2022-1636: Use after free in Performance APIs * CVE-2022-1637: Inappropriate implementation in Web Contents * CVE-2022-1638: Heap buffer overflow in V8 Internationalization * CVE-2022-1639: Use after free in ANGLE * CVE-2022-1640: Use after free in Sharing * CVE-2022-1641: Use after free in Web UI Diagnostics
- Chromium 101.0.4951.54 (boo#1199118) - Chromium 101.0.4951.41 (boo#1198917) * CVE-2022-1477: Use after free in Vulkan * CVE-2022-1478: Use after free in SwiftShader * CVE-2022-1479: Use after free in ANGLE * CVE-2022-1480: Use after free in Device API * CVE-2022-1481: Use after free in Sharing * CVE-2022-1482: Inappropriate implementation in WebGL * CVE-2022-1483: Heap buffer overflow in WebGPU * CVE-2022-1484: Heap buffer overflow in Web UI Settings * CVE-2022-1485: Use after free in File System API * CVE-2022-1486: Type Confusion in V8 * CVE-2022-1487: Use after free in Ozone * CVE-2022-1488: Inappropriate implementation in Extensions API * CVE-2022-1489: Out of bounds memory access in UI Shelf * CVE-2022-1490: Use after free in Browser Switcher * CVE-2022-1491: Use after free in Bookmarks * CVE-2022-1492: Insufficient data validation in Blink Editing * CVE-2022-1493: Use after free in Dev Tools * CVE-2022-1494: Insufficient data validation in Trusted Types * CVE-2022-1495: Incorrect security UI in Downloads * CVE-2022-1496: Use after free in File Manager * CVE-2022-1497: Inappropriate implementation in Input * CVE-2022-1498: Inappropriate implementation in HTML Parser * CVE-2022-1499: Inappropriate implementation in WebAuthentication * CVE-2022-1500: Insufficient data validation in Dev Tools * CVE-2022-1501: Inappropriate implementation in iframe - Added patches: * chromium-101-libxml-unbundle.patch * chromium-101-segmentation_platform-type.patch - Removed patches: * chromium-100-SCTHashdanceMetadata-move.patch * chromium-100-GLImplementationParts-constexpr.patch * chromium-100-macro-typo.patch
- Fixes for go 1.18
- Chromium 100.0.4896.88 (boo#1198361) * CVE-2022-1305: Use after free in storage * CVE-2022-1306: Inappropriate implementation in compositing * CVE-2022-1307: Inappropriate implementation in full screen * CVE-2022-1308: Use after free in BFCache * CVE-2022-1309: Insufficient policy enforcement in developer tools * CVE-2022-1310: Use after free in regular expressions * CVE-2022-1311: Use after free in Chrome OS shell * CVE-2022-1312: Use after free in storage * CVE-2022-1313: Use after free in tab groups * CVE-2022-1314: Type Confusion in V8 * Various fixes from internal audits, fuzzing and other initiatives
- Patches for GCC 12: * chromium-fix-swiftshader-template.patch * chromium-missing-include-tuple.patch * chromium-webrtc-stats-missing-vector.patch
- Chromium 100.0.4896.75: * CVE-2022-1232: Type Confusion in V8 (boo#1198053)
- Chromium 100.0.4896.60 (boo#1197680) * CVE-2022-1125: Use after free in Portals * CVE-2022-1127: Use after free in QR Code Generator * CVE-2022-1128: Inappropriate implementation in Web Share API * CVE-2022-1129: Inappropriate implementation in Full Screen Mode * CVE-2022-1130: Insufficient validation of untrusted input in WebOTP * CVE-2022-1131: Use after free in Cast UI * CVE-2022-1132: Inappropriate implementation in Virtual Keyboard * CVE-2022-1133: Use after free in WebRTC * CVE-2022-1134: Type Confusion in V8 * CVE-2022-1135: Use after free in Shopping Cart * CVE-2022-1136: Use after free in Tab Strip * CVE-2022-1137: Inappropriate implementation in Extensions * CVE-2022-1138: Inappropriate implementation in Web Cursor * CVE-2022-1139: Inappropriate implementation in Background Fetch API * CVE-2022-1141: Use after free in File Manager * CVE-2022-1142: Heap buffer overflow in WebUI * CVE-2022-1143: Heap buffer overflow in WebUI * CVE-2022-1144: Use after free in WebUI * CVE-2022-1145: Use after free in Extensions * CVE-2022-1146: Inappropriate implementation in Resource Timing - Added patches: * chromium-100-compiler.patch * chromium-100-GLImplementationParts-constexpr.patch * chromium-100-InMilliseconds-constexpr.patch * chromium-100-SCTHashdanceMetadata-move.patch * chromium-100-macro-typo.patch - Removed patches: * chromium-98-compiler.patch * chromium-86-nearby-explicit.patch * chromium-glibc-2.34.patch * chromium-v8-missing-utility-include.patch * chromium-99-AutofillAssistantModelExecutor-NoDestructor.patch
- Update disk constraints
- Chromium 100.0.4896.127 (boo#1198509) * CVE-2022-1364: Type Confusion in V8 * Various fixes from internal audits, fuzzing and other initiatives