Version: 139.0.7258.66-bp156.2.152.1
* Thu Aug 07 2025 ro@suse.de
- really install libffmpeg.so if using the bundled one
and block the extra dependency
* Wed Aug 06 2025 ro@suse.de
- add patch:
chromium-139-pdfium-openjpeg-CVE-2025-54874.patch
(CVE-2025-54874 bsc#1247661) fix missing error check in openjpeg
* Wed Aug 06 2025 ro@suse.de
- re-add updated patch:
ppc-fedora-0002-regenerate-xnn-buildgn.patch
from https://src.fedoraproject.org/rpms/chromium/blob/
rawhide/f/0002-regenerate-xnn-buildgn.patch
* Tue Aug 05 2025 Andreas Stieger <andreas.stieger@gmx.de>
- Chromium 139.0.7258.66 (boo#1247664):
* CVE-2025-8576: Use after free in Extensions
* CVE-2025-8577: Inappropriate implementation in Picture In Picture
* CVE-2025-8578: Use after free in Cast
* CVE-2025-8579: Inappropriate implementation in Gemini Live in Chrome
* CVE-2025-8580: Inappropriate implementation in Filesystems
* CVE-2025-8581: Inappropriate implementation in Extensions
* CVE-2025-8582: Insufficient validation of untrusted input in DOM
* CVE-2025-8583: Inappropriate implementation in Permissions
- modified patches:
gcc-enable-lto.patch
ppc-fedora-0001-sandbox-linux-Update-syscall-helpers-lists-for-ppc64.patch
ppc-fedora-skia-vsx-instructions.patch
ppc-fedora-fix-partition-alloc-compile.patch
ppc-fedora-0001-add-xnn-ppc64el-support.patch
- dropped patches:
chromium-warning-suppression-mappings.patch (using cmdline switch)
chromium-93-ffmpeg-4.4.patch
- dropped the ffmpeg revert patches that were only applied for 15:
chromium-125-ffmpeg-5.x-reordered_opaque.patch
Cr122-ffmpeg-new-channel-layout.patch
ffmpeg-new-channel-layout.patch
chromium-106-ffmpeg-duration.patch
chromium-93-ffmpeg-4.4-rest.patch
chromium-138-revert_ffmpeg_FF_AV.patch
- added patches:
ppc-debian-0003-third_party-ffmpeg-Add-ppc64-generated-config.patch
- keeplibs:
removed chrome/third_party/mozilla_security_manager
removed third_party/mesa
added third_party/ml_dtypes (needed in tflite/xla)
added third_party/readability (needed in tools/grit/grit)
added third_party/ffmpeg (gave up on reverting all recent
commits in the code using ffmpeg, need at least ffmpeg-7)
- remove disabled ppc-fedora-0002-regenerate-xnn-buildgn.patch
to please factory-auto
Version: 138.0.7204.183-bp156.2.147.1
* Wed Jul 30 2025 ro@suse.de
- Chromium 138.0.7204.183 (boo#1247365):
* CVE-2025-8292: Use after free in Media Stream
- try to switch to smaller linux tarball from
https://github.com/chromium-linux-tarballs)
- disable chromium-91-java-only-allowed-in-android-builds.patch
(not part of reduced tarball)
* Tue Jul 29 2025 ro@suse.de
- set official_build to true (like other distributions)
"official builds have less debugging and go faster..."
- added patches:
chromium-139-deterministic.patch
(undefine __DATE__,__TIME__ like without official-build set
to keep the build reproducible)
* Thu Jul 24 2025 ro@suse.de
- modified patches:
ppc-fedora-0001-sandbox-linux-Update-syscall-helpers-lists-for-ppc64.patch
(update context to apply)
Version: 138.0.7204.157-bp156.2.141.1
* Tue Jul 15 2025 Andreas Stieger <andreas.stieger@gmx.de>
- Chromium 138.0.7204.157 (boo#1246558):
* CVE-2025-7656: Integer overflow in V8
* CVE-2025-6558: Incorrect validation of untrusted input in ANGLE
and GPU
* CVE-2025-7657: Use after free in WebRTC
* Wed Jul 09 2025 Andreas Stieger <andreas.stieger@gmx.de>
- Chromium 138.0.7204.100:
* tweaks to the Google services settings page
* Tue Jul 01 2025 ro@suse.de
- update from debian:
ppc-fedora-skia-vsx-instructions.patch
- dropped patches:
ppc-skia-revert-1.patch
ppc-skia-revert-2.patch
ppc-skia-revert-3.patch
* Thu May 29 2025 ro@suse.de
- added patches:
ppc-fedora-0001-add-xnn-ppc64el-support.patch
ppc-fedora-0002-regenerate-xnn-buildgn.patch
* Tue May 27 2025 ro@suse.de
- Chromium 137.0.7151.55
(stable release 2025-05-27) (boo#1243741)
* CVE-2025-5063: Use after free in Compositing
* CVE-2025-5280: Out of bounds write in V8
* CVE-2025-5064: Inappropriate implementation in Background Fetch API
* CVE-2025-5065: Inappropriate implementation in FileSystemAccess API
* CVE-2025-5066: Inappropriate implementation in Messages
* CVE-2025-5281: Inappropriate implementation in BFCache
* CVE-2025-5283: Use after free in libvpx
* CVE-2025-5067: Inappropriate implementation in Tab Strip
- dropped patches:
chromium-135-gperf-output.patch (upstream)
- modified patches:
chromium-125-compiler.patch (context)
chromium-127-rust-clanglib.patch (context)
ffmpeg-new-channel-layout.patch
(drop one hunk where upstream dropped the code)
system-libdrm.patch (context)
ppc-fedora-fix-partition-alloc-compile.patch (context)
ppc-fedora-0002-third_party-libvpx-Remove-bad-ppc64-config.patch (context)
ppc-fedora-0001-sandbox-Enable-seccomp_bpf-for-ppc64.patch (context)
- added patches:
chromium-137-pdfium_fix_pattribute.patch
(fix typo in pAttribute attributes)
chromium-137-heuristics_missing_includes.patch
(upstream patch 4c736420952f355f18bdc4f4ea2d16e4514fa034)
chromium-137-disruptive_notification_permissions_manager-missing_include.patch
(missing include)
- revert last skia patches for gather_unaligned until we have a port for ppc64le
ppc-skia-revert-1.patch
ppc-skia-revert-2.patch
ppc-skia-revert-3.patch
- keeplibs:
added third_party/compiler-rt
* Wed May 14 2025 ro@suse.de
- Chromium 136.0.7103.113
(stable release 2025-05-14) (boo#1243205)
* CVE-2025-4664: Insufficient policy enforcement in Loader
* CVE-2025-4609: Incorrect handle provided in unspecified
circumstances in Mojo
* Wed Apr 23 2025 ro@suse.de
- Chromium 135.0.7049.114
(stable release 2025-04-22)
* stability fixes
* Tue Apr 08 2025 ro@suse.de
- Chromium 135.0.7049.84
(stable release 2025-04-08) (boo#1240968)
* CVE-2025-3066: Use after free in Site Isolation
Version: 70.0.3538.67-bp150.2.14.1
* Fri Oct 19 2018 Tomá? Chvátal <tchvatal@suse.com>
- Add back chromium-old-glibc.patch to make sure we build on 42.3
- Reduce the merge number on jumbo files to reduce memory usage bit
* Fri Oct 19 2018 astieger@suse.com
- remove trigger word from spec that trips up legal-auto
* Wed Oct 17 2018 Tomá? Chvátal <tchvatal@suse.com>
- Update to 70.0.3538.67 bsc#1112111:
* CVE-2018-17462: Sandbox escape in AppCache
* CVE-2018-17463: Remote code execution in V8
* CVE to be assigned: Heap buffer overflow in Little CMS in PDFium
* CVE-2018-17464: URL spoof in Omnibox
* CVE-2018-17465: Use after free in V8
* CVE-2018-17466: Memory corruption in Angle
* CVE-2018-17467: URL spoof in Omnibox
* CVE-2018-17468: Cross-origin URL disclosure in Blink
* CVE-2018-17469: Heap buffer overflow in PDFium
* CVE-2018-17470: Memory corruption in GPU Internals
* CVE-2018-17471: Security UI occlusion in full screen mode
* CVE-2018-17472: iframe sandbox escape on iOS
* CVE-2018-17473: URL spoof in Omnibox
* CVE-2018-17474: Use after free in Blink
* CVE-2018-17475: URL spoof in Omnibox
* CVE-2018-17476: Security UI occlusion in full screen mode
* CVE-2018-5179: Lack of limits on update() in ServiceWorker
* CVE-2018-17477: UI spoof in Extensions
- Added patches:
* chromium-gcc8-constexpr.patch
* chromium-libusb_interrupt_event_handler.patch
* chromium-pdfium-include.patch
* chromium-system-libusb.patch
- Removed patches:
* chromium-old-glibc.patch
* chromium-vpx-aarch64.patch
- Updated patches:
* chromium-gcc8-alignof.patch
* chromium-non-void-return.patch
* chromium-prop-codecs.patch
* chromium-sandbox-pie.patch
* chromium-skia-system-fontconfig.patch
* chromium-vaapi.patch
- Redo the vaapi patch to be default on as there are no reports of
issues with it
- Use system libusb-1.0
- Use jumbo build to speed things up
- Use bundled harfbuzz because we need newer than latest release
- Disable gnome-keyring as it crashes the chromium quite often
Version: 128.0.6613.84-bp155.2.105.1
* Wed Aug 21 2024 Andreas Stieger <andreas.stieger@gmx.de>
- Chromium 128.0.6613.84 (boo#1229591)
* CVE-2024-7964: Use after free in Passwords
* CVE-2024-7965: Inappropriate implementation in V8
* CVE-2024-7966: Out of bounds memory access in Skia
* CVE-2024-7967: Heap buffer overflow in Fonts
* CVE-2024-7968: Use after free in Autofill
* CVE-2024-7969: Type Confusion in V8
* CVE-2024-7971: Type confusion in V8
* CVE-2024-7972: Inappropriate implementation in V8
* CVE-2024-7973: Heap buffer overflow in PDFium
* CVE-2024-7974: Insufficient data validation in V8 API
* CVE-2024-7975: Inappropriate implementation in Permissions
* CVE-2024-7976: Inappropriate implementation in FedCM
* CVE-2024-7977: Insufficient data validation in Installer
* CVE-2024-7978: Insufficient policy enforcement in Data Transfer
* CVE-2024-7979: Insufficient data validation in Installer
* CVE-2024-7980: Insufficient data validation in Installer
* CVE-2024-7981: Inappropriate implementation in Views
* CVE-2024-8033: Inappropriate implementation in WebApp Installs
* CVE-2024-8034: Inappropriate implementation in Custom Tabs
* CVE-2024-8035: Inappropriate implementation in Extensions
* Various fixes from internal audits, fuzzing and other initiatives
* Sun Aug 18 2024 ro@suse.de
- Chromium 128.0.6613.36 (boo#1229426)
- modified patches:
* chromium-norar.patch drop most hunks,
upstream has a config for this now
* gcc-enable-lto.patch update context
* chromium-125-compiler.patch update context
* chromium-127-constexpr.patch update context
- drop patches: (should be obsolete with llvm>17 and libc++)
chromium-120-emplace.patch
chromium-125-emplace-struct.patch
- drop patches: (upstream)
* chromium-121-nullptr_t-without-namespace-std.patch
* chromium-123-stats-collector.patch
* chromium-127-paint-layer-header.patch
* chromium-127-ninja-1.21.1-deps-part0.patch
* chromium-127-ninja-1.21.1-deps-part1.patch
* chromium-127-ninja-1.21.1-deps-part2.patch
* chromium-127-ninja-1.21.1-deps-part3.patch
- disable rpmlint only for factory/tw where it is broken because
of the large archive size of the source here
- keeplibs add
third_party/devtools-frontend/src/front_end/third_party/
puppeteer/package/lib/esm/third_party/parsel-js
third_party/tflite/src/third_party/xla/xla/tsl/framework
- buildflags add
safe_browsing_use_unrar=false
Version: 127.0.6533.119-bp155.2.102.1
* Thu Aug 15 2024 ro@suse.de
- Chromium 127.0.6533.119 (boo#1228941)
* CVE-2024-7532: Out of bounds memory access in ANGLE
* CVE-2024-7533: Use after free in Sharing
* CVE-2024-7550: Type Confusion in V8
* CVE-2024-7534: Heap buffer overflow in Layout
* CVE-2024-7535: Inappropriate implementation in V8
* CVE-2024-7536: Use after free in WebAudio
* Thu Aug 01 2024 ro@suse.de
- Chromium 127.0.6533.88 (boo#1228628, boo#1228940, boo#1228942)
* CVE-2024-6988: Use after free in Downloads
* CVE-2024-6989: Use after free in Loader
* CVE-2024-6991: Use after free in Dawn
* CVE-2024-6992: Out of bounds memory access in ANGLE
* CVE-2024-6993: Inappropriate implementation in Canvas
* CVE-2024-6994: Heap buffer overflow in Layout
* CVE-2024-6995: Inappropriate implementation in Fullscreen
* CVE-2024-6996: Race in Frames
* CVE-2024-6997: Use after free in Tabs
* CVE-2024-6998: Use after free in User Education
* CVE-2024-6999: Inappropriate implementation in FedCM
* CVE-2024-7000: Use after free in CSS. Reported by Anonymous
* CVE-2024-7001: Inappropriate implementation in HTML
* CVE-2024-7003: Inappropriate implementation in FedCM
* CVE-2024-7004: Insufficient validation of untrusted input
in Safe Browsing
* CVE-2024-7005: Insufficient validation of untrusted input
in Safe Browsing
* CVE-2024-6990: Uninitialized Use in Dawn
* CVE-2024-7255: Out of bounds read in WebTransport
* CVE-2024-7256: Insufficient data validation in Dawn
- drop patches:
* chromium-115-compiler-SkColor4f.patch only for llvm < 16
* chromium-117-system-zstd.patch upstreamed
* chromium-122-workaround_clang_bug-structured_binding.patch
* chromium-125-tabstrip-include.patch upstreamed
* chromium-126-missing-header-files.patch
* chromium-126-RealTimeReportingBindings-missing-decl.patch
upstreamed
* chromium-126-no_matching_constructor.patch
* chromium-126-no-format.patch upstreamed
- switch from libstdc++ to libc++
- drop patches obsolete when using libc++
* chromium-126-debian-bad-font-gc00000.patch
* chromium-126-debian-bad-font-gc2.patch
* chromium-126-debian-bad-font-gc1.patch
* chromium-126-debian-bad-font-gc00.patch
* chromium-126-debian-bad-font-gc000.patch
* chromium-126-debian-bad-font-gc11.patch
* chromium-126-debian-bad-font-gc0.patch
* chromium-126-debian-bad-font-gc0000.patch
* chromium-126-debian-bad-font-gc3.patch
- modify patches:
* chromium-125-lp155-typename.patch
- drop hunk in model_execution_util.h
- drop hunk in model_quality_log_entry.h
- dropping from keeplibs: (does not exist)
base/third_party/valgrind
third_party/maldoca
third_party/maldoca/src/third_party
- requires updated gn to build (newer than Feb 14 2024)
- add patches:
* chromium-127-bindgen.patch (from debian/patches/fixes))
* chromium-127-rust-clanglib.patch (just first hunk from fedora)
* chromium-127-clang17-traitors.patch
workaround for clang < 18 from debiana (only used on 15.6)
* chromium-127-constexpr.patch (from debian/patches/bookworm)
* chromium-127-paint-layer-header.patch (from debian/patches/upstream)
* chromium-127-ninja-1.21.1-deps-part0.patch (from fedora)
* chromium-127-ninja-1.21.1-deps-part1.patch (from fedora)
* chromium-127-ninja-1.21.1-deps-part2.patch (from fedora)
* chromium-127-ninja-1.21.1-deps-part3.patch (from fedora)
- buildrequire rust-bindgen to get proper binaries per arch
- use qt5 for factory as well, qt6 fails with:
ld.lld: error: undefined symbol: QByteArray::toStdString() const
referenced by qt_shim.cc
obj/ui/qt/qt6_shim/libqt6_shim.so.lto.qt_shim.o:(qt::QtShim::GetFontDescription() const)
- drop patches:
* chromium-125-debian-bad-font-gc11.patch
* chromium-125-debian-bad-font-gc0000.patch
* chromium-125-debian-bad-font-gc00.patch
* chromium-125-debian-bad-font-gc0.patch
* chromium-125-debian-bad-font-gc000.patch
* chromium-125-debian-bad-font-gc1.patch
Version: 126.0.6478.126-bp155.2.94.1
* Tue Jul 09 2024 Callum Farmer <gmbr3@opensuse.org>
- Finalize 126
- Removed patches:
* chromium-125-debian-bad-font-gc2.patch
* chromium-125-debian-bad-font-gc3.patch
- Added patches:
* chromium-126-RealTimeReportingBindings-missing-decl.patch
* chromium-126-no-format.patch
* Mon Jul 01 2024 Andreas Stieger <andreas.stieger@gmx.de>
- Chromium 126.0.6478.126 (boo#1226504, boo#1226205, boo#1226933)
* CVE-2024-6290: Use after free in Dawn
* CVE-2024-6291: Use after free in Swiftshader
* CVE-2024-6292: Use after free in Dawn
* CVE-2024-6293: Use after free in Dawn
* CVE-2024-6100: Type Confusion in V8
* CVE-2024-6101: Inappropriate implementation in WebAssembly
* CVE-2024-6102: Out of bounds memory access in Dawn
* CVE-2024-6103: Use after free in Dawn
* CVE-2024-5830: Type Confusion in V8
* CVE-2024-5831: Use after free in Dawn
* CVE-2024-5832: Use after free in Dawn
* CVE-2024-5833: Type Confusion in V8
* CVE-2024-5834: Inappropriate implementation in Dawn
* CVE-2024-5835: Heap buffer overflow in Tab Groups
* CVE-2024-5836: Inappropriate Implementation in DevTools
* CVE-2024-5837: Type Confusion in V8
* CVE-2024-5838: Type Confusion in V8
* CVE-2024-5839: Inappropriate Implementation in Memory Allocator
* CVE-2024-5840: Policy Bypass in CORS
* CVE-2024-5841: Use after free in V8
* CVE-2024-5842: Use after free in Browser UI
* CVE-2024-5843: Inappropriate implementation in Downloads
* CVE-2024-5844: Heap buffer overflow in Tab Strip
* CVE-2024-5845: Use after free in Audio
* CVE-2024-5846: Use after free in PDFium
* CVE-2024-5847: Use after free in PDFium
- drop patches:
* chromium-disable-parallel-gold.patch
* chromium-125-appservice-include.patch
* chromium-125-lens-include.patch
* chromium-125-mojo-bindings-include.patch
* chromium-125-no-vector-consts.patch
* chromium-125-vulkan-include.patch
* chromium-125-ninja.patch
* chromium-125-no_matching_constructor.patch
* chromium-125-missing-header-files.patch
- add patches:
* chromium-126-missing-header-files.patch
* chromium-126-quiche-interator.patch
* chromium-126-no_matching_constructor.patch
* Wed Jun 12 2024 Callum Farmer <gmbr3@opensuse.org>
- Amend fix_building_widevinecdm_with_chromium.patch to allow
Widevine on ARM64 (bsc#1226170)
Version: 124.0.6367.201-bp155.2.78.1
* Fri May 10 2024 Andreas Stieger <andreas.stieger@gmx.de>
- Chromium 124.0.6367.201 (boo#1224208)
* CVE-2024-4671: Use after free in Visuals
- Chromium 124.0.6367.155 (boo#1224045)
* CVE-2024-4558: Use after free in ANGLE
* CVE-2024-4559: Heap buffer overflow in WebAudio
* Fri May 03 2024 ro@suse.de
- drop patches:
* chromium-123-WebUI-static_assert.patch
* Thu May 02 2024 Andreas Stieger <andreas.stieger@gmx.de>
- Chromium 124.0.6367.118 (boo#1223846)
* CVE-2024-4331: Use after free in Picture In Picture
* CVE-2024-4368: Use after free in Dawn
* Wed May 01 2024 Callum Farmer <gmbr3@opensuse.org>
- Add patches:
* chromium-123-missing-QtGui.patch
- Restore libxml 2.12 check for chromium-124-system-libxml.patch
which replaced chromium-121-blink-libxml-const.patch
* Fri Apr 26 2024 ro@suse.de
- Chromium 124.0.6367.78 (boo#1223845)
* CVE-2024-4058: Type Confusion in ANGLE
* CVE-2024-4059: Out of bounds read in V8 API
* CVE-2024-4060: Use after free in Dawn
* Wed Apr 17 2024 ro@suse.de
- Chromium 124.0.6367.60 (boo#1222958)
* CVE-2024-3832: Object corruption in V8.
* CVE-2024-3833: Object corruption in WebAssembly.
* CVE-2024-3834: Use after free in Downloads. Reported by ChaobinZhang
* CVE-2024-3837: Use after free in QUIC.
* CVE-2024-3838: Inappropriate implementation in Autofill.
* CVE-2024-3839: Out of bounds read in Fonts.
* CVE-2024-3840: Insufficient policy enforcement in Site Isolation.
* CVE-2024-3841: Insufficient data validation in Browser Switcher.
* CVE-2024-3843: Insufficient data validation in Downloads.
* CVE-2024-3844: Inappropriate implementation in Extensions.
* CVE-2024-3845: Inappropriate implementation in Network.
* CVE-2024-3846: Inappropriate implementation in Prompts.
* CVE-2024-3847: Insufficient policy enforcement in WebUI.
- drop patches:
* chromium-123-optional2.patch
* chromium-122-avoid-SFINAE-TypeConverter.patch
* chromium-123-PA-InternalAllocator.patch
- rediff patches:
* chromium-110-compiler.patch
* chromium-120-emplace.patch
* chromium-122-no_matching_constructor.patch
* chromium-122-lp155-typename.patch
- add patches: from debian/fixes
* chromium-123-stats-collector.patch
- add patches: from debian/upstream
* chromium-124-angle-powf.patch
* chromium-124-atomic.patch
* chromium-124-extractor-bitset.patch
* chromium-124-fps-optional.patch
* chromium-124-span-optional.patch
* chromium-124-uint-includes.patch
* chromium-124-webgpu-optional.patch
- add patches:
* chromium-123-WebUI-static_assert.patch
workaround for compile issue in webui_contents_wrapper.h
* chromium-124-system-libxml.patch (from fedora)
* Sun Apr 14 2024 Andreas Stieger <andreas.stieger@gmx.de>
- Chromium 123.0.6312.122 (boo#1222707)
* CVE-2024-3157: Out of bounds write in Compositing
* CVE-2024-3516: Heap buffer overflow in ANGLE
* CVE-2024-3515: Use after free in Dawn
- Chromium 123.0.6312.105 (boo#1222260)
* CVE-2024-3156: Inappropriate implementation in V8
* CVE-2024-3158: Use after free in Bookmarks
* CVE-2024-3159: Out of bounds memory access in V8
- Chromium 123.0.6312.86 (boo#1222035)
* CVE-2024-2883: Use after free in ANGLE
* CVE-2024-2885: Use after free in Dawn
* CVE-2024-2886: Use after free in WebCodecs
* CVE-2024-2887: Type Confusion in WebAssembly
- Chromium 123.0.6312.58 (boo#1221732)
* CVE-2024-2625: Object lifecycle issue in V8
* CVE-2024-2626: Out of bounds read in Swiftshader
* CVE-2024-2627: Use after free in Canvas
* CVE-2024-2628: Inappropriate implementation in Downloads
- drop patches:
* chromium-117-blink-BUILD-mnemonic.patch
* chromium-121-blink-libxml-const.patch
* chromium-122-BookmarkNode-missing-operator.patch
* chromium-122-WebUI-static_assert.patch
* chromium-122-PA-undo-internal-alloc.patch
* Mon Mar 18 2024 Callum Farmer <gmbr3@opensuse.org>
- Use Python 3.11 on Leap
- Rename chromium-122-skip_bubble_contents_wrapper_static_assert.patch
to chromium-122-WebUI-static_assert.patch
- Rename chromium-122-disable-FFmpegAllowLists.patch to
chromium-disable-FFmpegAllowLists.patch
- Rename chromium-122-static-assert.patch to
chromium-122-BookmarkNode-missing-operator.patch
- Rename chromium-122-undo-internal-alloc.patch to
chromium-122-PA-undo-internal-alloc.patch
- Rename chromium-122-typename.patch to
chromium-122-lp155-typename.patch
- Removed patches:
* chromium-121-v8-c++20-p1.patch
* chromium-121-v8-c++20.patch
* chromium-122-unique_ptr.patch
* chromium-122-python3-assignment-expressions.patch
* chromium-122-el8-support-64kpage.patch
* chromium-122-el7-inline-function.patch
* chromium-122-el7-extra-operator.patch
* chromium-122-el7-default-constructor-involving-anonymous-union.patch
* chromium-122-constexpr.patch
* chromium-122-clang-build-flags.patch
* chromium-122-clang16-disable-auto-upgrade-debug-info.patch
* chromium-122-clang16-buildflags.patch
* chromium-122-arm64-memory_tagging.patch
* chromium-121-el7-clang-version-warning.patch
* chromium-116-lp155-url_load_stats-size-t.patch
* chromium-icu72-2.patch
* chromium-122-debian-upstream-mojo.patch
- Patches merged into other patches:
* chromium-122-debian-upstream-bitset.patch
* chromium-122-debian-upstream-optional.patch
* chromium-122-debian-upstream-uniqptr.patch
* chromium-122-debian-fixes-optional.patch
* chromium-122-norar.patch
- Restore time clamper change to
chromium-122-missing-header-files.patch
- Fix missing/invalid casting in
chromium-122-no_matching_constructor.patch
Version: 122.0.6261.128-bp155.2.75.1
* Wed Mar 13 2024 Andreas Stieger <andreas.stieger@gmx.de>
- Chromium 122.0.6261.128 (boo#1221335)
* CVE-2024-2400: Use after free in Performance Manager
* Fri Mar 08 2024 ro@suse.de
- Chromium 122.0.6261.111 (boo#1220131,boo#1220604,boo#1221105)
* New upstream security release.
* CVE-2024-2173: Out of bounds memory access in V8.
* CVE-2024-2174: Inappropriate implementation in V8.
* CVE-2024-2176: Use after free in FedCM.
- Chromium 122.0.6261.94
* CVE-2024-1669: Out of bounds memory access in Blink.
* CVE-2024-1670: Use after free in Mojo.
* CVE-2024-1671: Inappropriate implementation in Site Isolation.
* CVE-2024-1672: Inappropriate implementation in Content Security Policy.
* CVE-2024-1673: Use after free in Accessibility.
* CVE-2024-1674: Inappropriate implementation in Navigation.
* CVE-2024-1675: Insufficient policy enforcement in Download.
* CVE-2024-1676: Inappropriate implementation in Navigation.
* Type Confusion in V8
* rediff chromium-disable-GlobalMediaControlsCastStartStop.patch
* drop chromium-114-lld-argument.patch
replaced by chromium-122-clang16-disable-auto-upgrade-debug-info.patch
* drop chromium-121-no_matching_constructor.patch
replaced by chromium-122-no_matching_constructor.patch
* drop chromium-113-webview-namespace.patch (obsolete)
* reduce chromium-norar.patch
by the hunks in chromium-122-norar.patch
* drop chromium-114-revert-av1enc-lp154.patch
replaced by chromium-122-revert-av1enc-el9.patch
* drop chromium-115-lp155-typename.patch
chromium-116-lp155-typenames.patch
chromium-117-lp155-typename.patch
chromium-120-lp155-typename.patch
replaced by chromium-122-typename.patch
* drop chromium-121-missing-header-files.patch
replaced by chromium-122-missing-header-files.patch
* drop chromium-121-workaround_clang_bug-structured_binding.patch
replaced by chromium-122-workaround_clang_bug-structured_binding.patch
* drop chromium-121-no_matching_constructor.patch
replaced by chromium-122-no_matching_constructor.patch
* drop chromium-121-python3-invalid-escape-sequence.patch (upstream)
* drop chromium-disable-FFmpegAllowLists.patch
replaced by chromium-122-disable-FFmpegAllowLists.patch
* drop chromium-121-avoid-SFINAE-TypeConverter.patch
replaced by chromium-122-avoid-SFINAE-TypeConverter.patch
* add buildrequires for rust
* add patches from fedora package for 121 and 122
* chromium-121-el7-clang-version-warning.patch
* chromium-121-v8-c++20-p1.patch
* chromium-121-v8-c++20.patch
* chromium-122-arm64-memory_tagging.patch
* chromium-122-clang16-buildflags.patch
* chromium-122-clang16-disable-auto-upgrade-debug-info.patch
* chromium-122-clang-build-flags.patch
* chromium-122-constexpr.patch
* chromium-122-disable-FFmpegAllowLists.patch
* chromium-122-el7-default-constructor-involving-anonymous-union.patch
* chromium-122-el7-extra-operator.patch
* chromium-122-el7-inline-function.patch
* chromium-122-el8-support-64kpage.patch
* chromium-122-missing-header-files.patch
* chromium-122-no_matching_constructor.patch
* chromium-122-norar.patch
* chromium-122-python3-assignment-expressions.patch
* chromium-122-revert-av1enc-el9.patch
* chromium-122-static-assert.patch
* chromium-122-typename.patch
* chromium-122-unique_ptr.patch
* chromium-122-workaround_clang_bug-structured_binding.patch
* from debian add
* chromium-122-undo-internal-alloc.patch
* chromium-122-debian-upstream-bitset.patch
* chromium-122-debian-upstream-mojo.patch
* chromium-122-debian-upstream-optional.patch
* chromium-122-debian-upstream-uniqptr.patch
* chromium-122-debian-fixes-optional.patch
* added compile fix needed on code15
chromium-122-skip_bubble_contents_wrapper_static_assert.patch
to prevent "static assertion expression is not an integral constant expression"
"in call to 'operator+(&"."[0], ShoppingInsightsSidePanelUI::GetWebUIName())'"
in bubble_contents_wrapper.h:153
- replace Cr121-ffmpeg-new-channel-layout.patch by
Cr122-ffmpeg-new-channel-layout.patch (rediff against 122)
- drop chromium-121-system-old-ffmpeg.patch
* Fri Mar 08 2024 Callum Farmer <gmbr3@opensuse.org>
- Add Cr121-ffmpeg-new-channel-layout.patch to rollback more FFmpeg
changes so that FFmpeg 4 will work on Leap
- Prepare for libxml 2.12
* Sat Mar 02 2024 Callum Farmer <gmbr3@opensuse.org>
- Chromium 121.0.6167.184 (boo#1219118, boo#1219387, boo#1219661)
* CVE-2024-1284: Use after free in Mojo
* CVE-2024-1283: Heap buffer overflow in Skia
* CVE-2024-1060: Use after free in Canvas
* CVE-2024-1059: Use after free in WebRTC
* CVE-2024-1077: Use after free in Network
* CVE-2024-0807: Use after free in WebAudio
* CVE-2024-0812: Inappropriate implementation in Accessibility
* CVE-2024-0808: Integer underflow in WebUI
* CVE-2024-0810: Insufficient policy enforcement in DevTools
* CVE-2024-0814: Incorrect security UI in Payments
* CVE-2024-0813: Use after free in Reading Mode
* CVE-2024-0806: Use after free in Passwords
* CVE-2024-0805: Inappropriate implementation in Downloads
* CVE-2024-0804: Insufficient policy enforcement in iOS Security UI
* CVE-2024-0811: Inappropriate implementation in Extensions API
* CVE-2024-0809: Inappropriate implementation in Autofill
- Removed patches:
* chromium-117-includes.patch
* chromium-118-includes.patch
* chromium-119-dont-redefine-ATSPI-version-macros.patch
* chromium-120-missing-header-files.patch
* chromium-120-no_matching_constructor.patch
* chromium-120-nullptr_t-without-namespace-std.patch
* chromium-120-workaround_clang_bug-structured_binding.patch
* gcc13-fix.patch
* chromium-113-webauth-include-variant.patch
* chromium-110-system-libffi.patch
- Added patches:
* chromium-121-no_matching_constructor.patch
* chromium-121-nullptr_t-without-namespace-std.patch
* chromium-121-workaround_clang_bug-structured_binding.patch
* chromium-121-missing-header-files.patch
* chromium-121-rust-clang_lib.patch
* chromium-121-python3-invalid-escape-sequence.patch
* chromium-121-rust-clang_lib.patch
* chromium-121-avoid-SFINAE-TypeConverter.patch
* chromium-121-blink-libxml-const.patch
- Add patch chromium-disable-FFmpegAllowLists.patch:
disable codec checker this will always fail (bsc#1219070)
Version: 120.0.6099.216-bp155.2.64.1
* Sun Jan 14 2024 Callum Farmer <gmbr3@opensuse.org>
- Replace chromium-120-lp155-revert-clang-build-failure.patch
with chromium-120-make_unique-struct.patch - which avoids
reverting changes and instead provides a stub constructor to fix
build on Leap
* Sat Jan 13 2024 Andreas Stieger <andreas.stieger@gmx.de>
- Chromium 120.0.6099.216 (boo#1217839, boo#1218048, boo#1218302,
boo#1218533, boo#1218719)
* CVE-2024-0333: Insufficient data validation in Extensions
* CVE-2024-0222: Use after free in ANGLE
* CVE-2024-0223: Heap buffer overflow in ANGLE
* CVE-2024-0224: Use after free in WebAudio
* CVE-2024-0225: Use after free in WebGPU
* CVE-2023-7024: Heap buffer overflow in WebRTC
* CVE-2023-6702: Type Confusion in V8
* CVE-2023-6703: Use after free in Blink
* CVE-2023-6704: Use after free in libavif (boo#1218303)
* CVE-2023-6705: Use after free in WebRTC
* CVE-2023-6706: Use after free in FedCM
* CVE-2023-6707: Use after free in CSS
* CVE-2023-6508: Use after free in Media Stream
* CVE-2023-6509: Use after free in Side Panel Search
* CVE-2023-6510: Use after free in Media Capture
* CVE-2023-6511: Inappropriate implementation in Autofill
* CVE-2023-6512: Inappropriate implementation in Web Browser UI
- drop patches:
* chromium-system-libusb.patch
* chromium-119-nullptr_t-without-namespace-std.patch
* chromium-119-no_matching_constructor.patch
* chromium-117-workaround_clang_bug-structured_binding.patch
- add patches:
* chromium-120-nullptr_t-without-namespace-std.patch
* chromium-120-emplace.patch
* chromium-120-lp155-typename.patch
* chromium-120-no_matching_constructor.patch
* chromium-120-missing-header-files.patch
* chromium-120-emplace-struct.patch
* chromium-120-workaround_clang_bug-structured_binding.patch
- add patches for Leap that revert braking changes:
* chromium-120-lp155-revert-clang-build-failure.patch
Version: 118.0.5993.70-bp154.2.132.1
* Wed Oct 11 2023 Andreas Stieger <andreas.stieger@gmx.de>
- refresh chromium-117-emplace_back_on_vector-c++20.patch and
chromium-117-lp155-constructors.patch to
chromium-118-no_matching_constructor.patch
* Tue Oct 10 2023 Andreas Stieger <andreas.stieger@gmx.de>
- Chromium 118.0.5993.70 (boo#1216111)
* CVE-2023-5218: Use after free in Site Isolation
* CVE-2023-5487: Inappropriate implementation in Fullscreen
* CVE-2023-5484: Inappropriate implementation in Navigation
* CVE-2023-5475: Inappropriate implementation in DevTools
* CVE-2023-5483: Inappropriate implementation in Intents
* CVE-2023-5481: Inappropriate implementation in Downloads
* CVE-2023-5476: Use after free in Blink History
* CVE-2023-5474: Heap buffer overflow in PDF
* CVE-2023-5479: Inappropriate implementation in Extensions API
* CVE-2023-5485: Inappropriate implementation in Autofill
* CVE-2023-5478: Inappropriate implementation in Autofill
* CVE-2023-5477: Inappropriate implementation in Installer
* CVE-2023-5486: Inappropriate implementation in Input
* CVE-2023-5473: Use after free in Cast
- Build with system freetype (again), and zstd
- add patches:
* chromium-118-system-freetype.patch
* chromium-117-system-zstd.patch
* Sat Oct 07 2023 Andreas Stieger <andreas.stieger@gmx.de>
- Chromium 118.0.5993.54
- add patches:
* chromium-118-includes.patch
Version: 116.0.5845.96-bp154.2.105.1
* Mon Aug 14 2023 Andreas Stieger <andreas.stieger@gmx.de>
- Chromium 116.0.5845.96
* New CSS features: Motion Path, and "display" and
"content-visibility" animations
* Web APIs: AbortSignal.any(), BYOB support for Fetch, Back/
forward cache NotRestoredReason API, Document Picture-in-
Picture, Expanded Wildcards in Permissions Policy Origins,
FedCM bundle: Login Hint API, User Info API, and RP Context API,
Non-composed Mouse and Pointer enter/leave events,
Remove document.open sandbox inheritance,
Report Critical-CH caused restart in NavigationTiming
- fix a number of security issues (boo#1214301):
* CVE-2023-2312: Use after free in Offline
* CVE-2023-4349: Use after free in Device Trust Connectors
* CVE-2023-4350: Inappropriate implementation in Fullscreen
* CVE-2023-4351: Use after free in Network
* CVE-2023-4352: Type Confusion in V8
* CVE-2023-4353: Heap buffer overflow in ANGLE
* CVE-2023-4354: Heap buffer overflow in Skia
* CVE-2023-4355: Out of bounds memory access in V8
* CVE-2023-4356: Use after free in Audio
* CVE-2023-4357: Insufficient validation of untrusted input in XML
* CVE-2023-4358: Use after free in DNS
* CVE-2023-4359: Inappropriate implementation in App Launcher
* CVE-2023-4360: Inappropriate implementation in Color
* CVE-2023-4361: Inappropriate implementation in Autofill
* CVE-2023-4362: Heap buffer overflow in Mojom IDL
* CVE-2023-4363: Inappropriate implementation in WebShare
* CVE-2023-4364: Inappropriate implementation in Permission Prompts
* CVE-2023-4365: Inappropriate implementation in Fullscreen
* CVE-2023-4366: Use after free in Extensions
* CVE-2023-4367: Insufficient policy enforcement in Extensions API
* CVE-2023-4368: Insufficient policy enforcement in Extensions API
- drop patches:
* chromium-115-add_BoundSessionRefreshCookieFetcher::Result.patch
* chromium-115-verify_name_match-include.patch
* chromium-86-fix-vaapi-on-intel.patch
* chromium-115-skia-include.patch
* chromium-115-dont-pass-nullptr-to-construct-re2-StringPiece.patch
- add patches:
* chromium-116-profile-view-utils-vector-include.patch
* chromium-116-blink-variant-include.patch
* chromium-116-lp155-url_load_stats-size-t.patch
* chromium-116-abseil-limits-include.patch
* chromium-116-lp155-typenames.patch
* chromium-116-lp155-constuctors.patch
- Build with bundled re2 on Leap
* Wed Aug 09 2023 Andreas Stieger <andreas.stieger@gmx.de>
- Fix crash with extensions (boo#1214003)
chromium-115-dont-pass-nullptr-to-construct-re2-StringPiece.patch
Version: 115.0.5790.102-bp154.2.99.1
* Sun Jul 23 2023 Andreas Stieger <andreas.stieger@gmx.de>
- Chromium 115.0.5790.102:
* stability fix
- Add build fixes on Leap:
* chromium-115-emplace_back_on_vector-c++20.patch
* chromium-115-compiler-SkColor4f.patch
* chromium-115-workaround_clang_bug-structured_binding.patch
* chromium-115-add_BoundSessionRefreshCookieFetcher::Result.patch
- adjust chromium-115-lp155-typename.patch
- drop chromium-114-workaround_clang_bug-structured_binding.patch
* Wed Jul 19 2023 Andreas Stieger <andreas.stieger@gmx.de>
- Chromium 115.0.5790.98
* Security: The Storage, Service Worker, and Communication APIs
are now partitioned in third-party contexts to prevent certain
types of side-channel cross-site tracking
* HTTPS: Automatically and optimistically upgrade all main-frame
navigations to HTTPS, with fast fallback to HTTP.
* CSS: accept multiple values of the display property
* CSS: support boolean context style container queries
* CSS: support scroll-driven animations
* Increase the maximum size of a WebAssembly.Module() on the main
thread to 8 MB
* FedCM: Support credential management mediation requirements for
auto re-authentication
* Deprecate the document.domain setter
* Deprecate mutation events
* Security fixes (boo#1213462):
CVE-2023-3727: Use after free in WebRTC
CVE-2023-3728: Use after free in WebRTC
CVE-2023-3730: Use after free in Tab Groups
CVE-2023-3732: Out of bounds memory access in Mojo
CVE-2023-3733: Inappropriate implementation in WebApp Installs
CVE-2023-3734: Inappropriate implementation in Picture In Picture
CVE-2023-3735: Inappropriate implementation in Web API Permission Prompts
CVE-2023-3736: Inappropriate implementation in Custom Tabs
CVE-2023-3737: Inappropriate implementation in Notifications
CVE-2023-3738: Inappropriate implementation in Autofill
CVE-2023-3740: Insufficient validation of untrusted input in Themes
Various fixes from internal audits, fuzzing and other initiatives
- drop chromium-113-typename.patch
- add chromium-115-skia-include.patch
- add chromium-115-verify_name_match-include.patch
- add chromium-115-lp155-typename.patch
- Add chromium-115-Qt-moc-version.patch: support Qt5 & Qt6 without
built-in copy of shim
Version: 114.0.5735.106-bp154.2.90.1
* Tue Jun 06 2023 Andreas Stieger <andreas.stieger@gmx.de>
- Fix Leap 15.4 build - chromium-114-revert-av1enc-lp154.patch
* Tue Jun 06 2023 Andreas Stieger <andreas.stieger@gmx.de>
- Chromium 114.0.5735.106 (boo#1212044):
* CVE-2023-3079: Type Confusion in V8
* Sun Jun 04 2023 Callum Farmer <gmbr3@opensuse.org>
- Chromium 114.0.5735.90 (boo#1211843):
* CSS text-wrap: balance is available
* Cookies partitioned by top level site (CHIPS)
* New Popover API
- Security fixes:
* CVE-2023-2929: Out of bounds write in Swiftshader
* CVE-2023-2930: Use after free in Extensions
* CVE-2023-2931: Use after free in PDF
* CVE-2023-2932: Use after free in PDF
* CVE-2023-2933: Use after free in PDF
* CVE-2023-2934: Out of bounds memory access in Mojo
* CVE-2023-2935: Type Confusion in V8
* CVE-2023-2936: Type Confusion in V8
* CVE-2023-2937: Inappropriate implementation in Picture In Picture
* CVE-2023-2938: Inappropriate implementation in Picture In Picture
* CVE-2023-2939: Insufficient data validation in Installer
* CVE-2023-2940: Inappropriate implementation in Downloads
* CVE-2023-2941: Inappropriate implementation in Extensions API
- Drop patches:
* chromium-103-VirtualCursor-std-layout.patch
* chromium-113-system-zlib.patch
* chromium-113-workaround_clang_bug-structured_binding.patch
- Add patches
* chromium-114-workaround_clang_bug-structured_binding.patch
* chromium-114-lld-argument.patch
* Tue May 30 2023 Callum Farmer <gmbr3@opensuse.org>
- Un-bundle zlib again
- Remove un-needed patches:
* chromium-112-default-comparison-operators.patch
* chromium-109-clang-lp154.patch
* chromium-clang-nomerge.patch
* chromium-ffmpeg-lp152.patch
* chromium-lp151-old-drm.patch
- Added patches:
* chromium-113-system-zlib.patch
Version: 113.0.5672.126-bp154.2.87.1
* Sun May 28 2023 Andreas Stieger <andreas.stieger@gmx.de>
- build with llvm15 on Leap
* Tue May 16 2023 Andreas Stieger <Andreas.Stieger@gmx.de>
- Chromium 113.0.5672.126 (boo#1211442):
* CVE-2023-2721: Use after free in Navigation
* CVE-2023-2722: Use after free in Autofill UI
* CVE-2023-2723: Use after free in DevTools
* CVE-2023-2724: Type Confusion in V8
* CVE-2023-2725: Use after free in Guest View
* CVE-2023-2726: Inappropriate implementation in WebApp Installs
* Various fixes from internal audits, fuzzing and other initiatives
* Tue May 09 2023 Andreas Stieger <Andreas.Stieger@gmx.de>
- Chromium 113.0.5672.92 (boo#1211211)
- Multiple security fixes (boo#1211036):
* CVE-2023-2459: Inappropriate implementation in Prompts
* CVE-2023-2460: Insufficient validation of untrusted input in Extensions
* CVE-2023-2461: Use after free in OS Inputs
* CVE-2023-2462: Inappropriate implementation in Prompts
* CVE-2023-2463: Inappropriate implementation in Full Screen Mode
* CVE-2023-2464: Inappropriate implementation in PictureInPicture
* CVE-2023-2465: Inappropriate implementation in CORS
* CVE-2023-2466: Inappropriate implementation in Prompts
* CVE-2023-2467: Inappropriate implementation in Prompts
* CVE-2023-2468: Inappropriate implementation in PictureInPicture
- drop chromium-94-sql-no-assert.patch
- drop no-location-leap151.patch
- add chromium-113-webview-namespace.patch
- add chromium-113-webauth-include-variant.patch
- add chromium-113-typename.patch
- add chromium-113-workaround_clang_bug-structured_binding.patch
Version: 112.0.5615.121-bp154.2.79.1
* Sun Apr 16 2023 Andreas Stieger <andreas.stieger@gmx.de>
- Fix Leap 15.4 build failures from default comparison operators
defined outside of the class definition, a C++20 feature
adding chromium-112-default-comparison-operators.patch
* Sat Apr 15 2023 Andreas Stieger <andreas.stieger@gmx.de>
- Chromium 112.0.5615.121:
* CVE-2023-2033: Type Confusion in V8 (boo#1210478)
* Fri Apr 07 2023 Andreas Stieger <andreas.stieger@gmx.de>
- Revert a breaking change with chromium-112-feed_protos.patch
* Tue Apr 04 2023 Andreas Stieger <andreas.stieger@gmx.de>
- Chromium 112.0.5615.49
* CSS now supports nesting rules.
* The algorithm to set the initial focus on <dialog> elements was updated.
* No-op fetch() handlers on service workers are skipped from now on to make navigations faster
* The setter for document.domain is now deprecated.
* The recorder in devtools can now record with pierce selectors.
* Security fixes (boo#1210126):
* CVE-2023-1810: Heap buffer overflow in Visuals
* CVE-2023-1811: Use after free in Frames
* CVE-2023-1812: Out of bounds memory access in DOM Bindings
* CVE-2023-1813: Inappropriate implementation in Extensions
* CVE-2023-1814: Insufficient validation of untrusted input in Safe Browsing
* CVE-2023-1815: Use after free in Networking APIs
* CVE-2023-1816: Incorrect security UI in Picture In Picture
* CVE-2023-1817: Insufficient policy enforcement in Intents
* CVE-2023-1818: Use after free in Vulkan
* CVE-2023-1819: Out of bounds read in Accessibility
* CVE-2023-1820: Heap buffer overflow in Browser History
* CVE-2023-1821: Inappropriate implementation in WebShare
* CVE-2023-1822: Incorrect security UI in Navigation
* CVE-2023-1823: Inappropriate implementation in FedCM
* Mon Mar 27 2023 Andreas Stieger <andreas.stieger@gmx.de>
- Chromium 111.0.5563.147:
* nth-child() validation performance regression for SAP apps
* Thu Mar 23 2023 Guillaume GARDET <guillaume.gardet@opensuse.org>
- Update gcc13-fix.patch with few fixes required for aarch64,
borrowed from Fedora's gcc13 patch
Version: 111.0.5563.110-bp154.2.76.1
* Wed Mar 22 2023 Andreas Stieger <andreas.stieger@gmx.de>
- Chromium 111.0.5563.110 (boo#1209598)
* CVE-2023-1528: Use after free in Passwords
* CVE-2023-1529: Out of bounds memory access in WebHID
* CVE-2023-1530: Use after free in PDF
* CVE-2023-1531: Use after free in ANGLE
* CVE-2023-1532: Out of bounds read in GPU Video
* CVE-2023-1533: Use after free in WebProtect
* CVE-2023-1534: Out of bounds read in ANGLE
* Mon Mar 20 2023 Martin Liška <mliska@suse.cz>
- Add gcc13-fix.patch in order to support GCC 13.
* Thu Mar 09 2023 Callum Farmer <gmbr3@opensuse.org>
- Revert back to GCC 11 on 15.4 as Clang 13 doesn't support GCC 12
* Thu Mar 09 2023 Callum Farmer <gmbr3@opensuse.org>
- Bump Leap's GCC to 12 as Chromium really likes newer standards
Version: 109.0.5414.74-bp154.2.58.1
* Tue Jan 10 2023 Andreas Stieger <andreas.stieger@gmx.de>
- Chromium 109.0.5414.74:
* Add support for MathML Core
* CSS: Auto range support for font descriptors inside @font-face
rule
* CSS: Add lh length unit
* CSS: Add hyphenate-limit-chars property
* CSS: Snap border, outline and column-rule widths before layout
* API: Improved screen sharing and web conferencing: hints for
suppressing local audio playback, and Conditional Focus
* API: HTTP response status code in the Resource Timing API
* API: Same-site cross-origin prerendering triggered by the
speculation rules API
* Remove Event.path API
* CVE-2023-0128: Use after free in Overview Mode
* CVE-2023-0129: Heap buffer overflow in Network Service
* CVE-2023-0130: Inappropriate implementation in Fullscreen API
* CVE-2023-0131: Inappropriate implementation in iframe Sandbox
* CVE-2023-0132: Inappropriate implementation in Permission prompts
* CVE-2023-0133: Inappropriate implementation in Permission prompts
* CVE-2023-0134: Use after free in Cart
* CVE-2023-0135: Use after free in Cart
* CVE-2023-0136: Inappropriate implementation in Fullscreen API
* CVE-2023-0137: Heap buffer overflow in Platform Apps
* CVE-2023-0138: Heap buffer overflow in libphonenumber
* CVE-2023-0139: Insufficient validation of untrusted input in Downloads
* CVE-2023-0140: Inappropriate implementation in File System API
* CVE-2023-0141: Insufficient policy enforcement in CORS
* Various fixes from internal audits, fuzzing and other initiatives
- drop patches:
* chromium-gcc11.patch - not needed
* chromium-107-system-zlib.patch - upstream
* chromium-108-compiler.patch
- add patches:
* chromium-109-compiler.patch
* chromium-109-clang-lp154.patch
* Sun Dec 18 2022 Callum Farmer <gmbr3@opensuse.org>
- Add chromium-disable-GlobalMediaControlsCastStartStop.patch:
disable GlobalMediaControlsCastStartStop to fix crashes
occurring when interacting with the Media UI (bsc#1198124)
Version: 71.0.3578.98-bp150.2.29.1
* Wed Jan 02 2019 Tomá? Chvátal <tchvatal@suse.com>
- Tweak fix_building_widevinecdm_with_chromium.patch to make it
work again bsc#1120429
* Fri Dec 14 2018 Guillaume GARDET <guillaume.gardet@opensuse.org>
- Update %arm build, but keep it disabled for now, as ld requires
lots of RAM
* Thu Sep 06 2018 tchvatal@suse.com
- Add patch to fix mojo build on 32bit:
* chromium-gcc8-alignof.patch
Version: 71.0.3578.80-bp150.2.23.1
* Thu Dec 06 2018 Tomá? Chvátal <tchvatal@suse.com>
- Add patch to build on Leap 42.x:
* chromium-old-libva.patch
* Thu Dec 06 2018 Tomá? Chvátal <tchvatal@suse.com>
- Version update to 71.0.3578.80 bsc#1118529:
- CVE-2018-17480: Out of bounds write in V8
- CVE-2018-17481: Use after frees in PDFium
- CVE-2018-18335: Heap buffer overflow in Skia
- CVE-2018-18336: Use after free in PDFium
- CVE-2018-18337: Use after free in Blink
- CVE-2018-18338: Heap buffer overflow in Canvas
- CVE-2018-18339: Use after free in WebAudio
- CVE-2018-18340: Use after free in MediaRecorder
- CVE-2018-18341: Heap buffer overflow in Blink
- CVE-2018-18342: Out of bounds write in V8
- CVE-2018-18343: Use after free in Skia
- CVE-2018-18344: Inappropriate implementation in Extensions
- Multiple issues in SQLite via WebSQL
- CVE-2018-18345: Inappropriate implementation in Site Isolation
- CVE-2018-18346: Incorrect security UI in Blink
- CVE-2018-18347: Inappropriate implementation in Navigation
- CVE-2018-18348: Inappropriate implementation in Omnibox
- CVE-2018-18349: Insufficient policy enforcement in Blink
- CVE-2018-18350: Insufficient policy enforcement in Blink
- CVE-2018-18351: Insufficient policy enforcement in Navigation
- CVE-2018-18352: Inappropriate implementation in Media
- CVE-2018-18353: Inappropriate implementation in Network Authentication
- CVE-2018-18354: Insufficient data validation in Shell Integration
- CVE-2018-18355: Insufficient policy enforcement in URL Formatter
- CVE-2018-18356: Use after free in Skia
- CVE-2018-18357: Insufficient policy enforcement in URL Formatter
- CVE-2018-18358: Insufficient policy enforcement in Proxy.
- CVE-2018-18359: Out of bounds read in V8
- Inappropriate implementation in PDFium
- Use after free in Extensions
- Inappropriate implementation in Navigation
- Insufficient policy enforcement in Navigation
- Insufficient policy enforcement in URL Formatter
- Various fixes from internal audits, fuzzing and other initiatives
- Updated/refreshed patches:
* fix_building_widevinecdm_with_chromium.patch
* chromium-vaapi.patch
* chromium-skia-aarch64-buildfix.patch
* chromium-prop-codecs.patch
* chromium-non-void-return.patch
- Removed patches:
* chromium-gcc8-constexpr.patch
* chromium-libva1.patch
* chromium-pdfium-include.patch
* chromium-warnings.patch
- Added patches:
* chromium-initialize-list.patch
* Wed Jul 25 2018 guillaume.gardet@opensuse.org
- Add patch to fix aarch64 build:
* chromium-vpx-aarch64.patch
Version: 70.0.3538.102-bp150.2.17.1
* Wed Nov 14 2018 Tomá? Chvátal <tchvatal@suse.com>
- Version update to 70.0.3538.102 bsc#1115537 CVE-2018-17478
* CVE-2018-17478: Out of bounds memory access in V8
* Sat Nov 03 2018 Yunhe Guo <i@guoyunhe.me>
- Remove noto-emoji-fonts recommends. noto-emoji-fonts has been
inactive for a long time. noto-coloremoji-fonts is the current
recommended emoji fonts from noto. And noto-emoji-fonts (monochrome)
disables noto-coloremoji-fonts (colorful).
* Thu Oct 25 2018 Tomá? Chvátal <tchvatal@suse.com>
- Update to 70.0.3538.77:
* Few feature fixes only
- Do not meintion armv6 and armv7 in the constraints
- Update patch chromium-non-void-return.patch
* Mon Oct 22 2018 Tomá? Chvátal <tchvatal@suse.com>
- Add patch trying to get the pkg to build with libva 1.x releases:
* chromium-libva1.patch
- Update chromium-old-glibc.patch to contain more tweaked locations
Version: 69.0.3497.81-bp150.2.4.1
* Thu Sep 06 2018 tchvatal@suse.com
- Add patch to fix mojo build on 32bit:
* chromium-gcc8-alignof.patch
* Thu Sep 06 2018 Tomá? Chvátal <tchvatal@suse.com>
- Split out the gn from this package, obsoletes patches:
* fix-gn-bootstrap.patch
* chromium-last-commit-position-r0.patch
* Thu Sep 06 2018 Tomá? Chvátal <tchvatal@suse.com>
- Split out the gn from this package, obsoletes patches:
* fix-gn-bootstrap.patch
* chromium-last-commit-position-r0.patch
* Wed Aug 08 2018 tchvatal@suse.com
- Update to chromium-68.0.3440.106:
* Various feature fixes
* Wed Aug 01 2018 tchvatal@suse.com
- Version update to 68.0.3440.84:
* Various small feature fixes only
Version: 68.0.3440.75-bp150.1.1
* Wed Jul 25 2018 guillaume.gardet@opensuse.org
- Add patch to fix aarch64 build:
* chromium-vpx-aarch64.patch
* Wed Jul 25 2018 tchvatal@suse.com
- Add patch trying to build chromium on Leap 42.3:
* chromium-gcc7.patch
* Wed Jul 25 2018 tchvatal@suse.com
- Raise libvpx requirement to match what we really need
* Wed Jul 25 2018 tchvatal@suse.com
- Version update to 68.0.3440.75 bsc#1102530:
* CVE-2018-6153: Stack buffer overflow in Skia.
* CVE-2018-6154: Heap buffer overflow in WebGL.
* CVE-2018-6155: Use after free in WebRTC.
* CVE-2018-6156: Heap buffer overflow in WebRTC.
* CVE-2018-6157: Type confusion in WebRTC.
* CVE-2018-6158: Use after free in Blink.
* CVE-2018-6159: Same origin policy bypass in ServiceWorker.
* CVE-2018-6160: URL spoof in Chrome on iOS.
* CVE-2018-6161: Same origin policy bypass in WebAudio.
* CVE-2018-6162: Heap buffer overflow in WebGL.
* CVE-2018-6163: URL spoof in Omnibox.
* CVE-2018-6164: Same origin policy bypass in ServiceWorker.
* CVE-2018-6165: URL spoof in Omnibox.
* CVE-2018-6166: URL spoof in Omnibox.
* CVE-2018-6167: URL spoof in Omnibox.
* CVE-2018-6168: CORS bypass in Blink.
* CVE-2018-6169: Permissions bypass in extension installation.
* CVE-2018-6170: Type confusion in PDFium.
* CVE-2018-6171: Use after free in WebBluetooth.
* CVE-2018-6172: URL spoof in Omnibox.
* CVE-2018-6173: URL spoof in Omnibox.
* CVE-2018-6174: Integer overflow in SwiftShader.
* CVE-2018-6175: URL spoof in Omnibox.
* CVE-2018-6176: Local user privilege escalation in Extensions.
* CVE-2018-6177: Cross origin information leak in Blink.
* CVE-2018-6178: UI spoof in Extensions.
* CVE-2018-6179: Local file information leak in Extensions.
* CVE-2018-6044: Request privilege escalation in Extensions.
* CVE-2018-4117: Cross origin information leak in Blink.
- Rebase patches:
* chromium-master-prefs-path.patch
* chromium-non-void-return.patch
* chromium-vaapi.patch
- Add patches:
* chromium-cors-string.patch
* chromium-gcc.patch
* chromium-libjpeg.patch
* chromium-libwebp-shim.patch
- Remove patches:
* chromium-gcc8.patch
* Tue Jul 10 2018 tchvatal@suse.com
- Version update to 67.0.3396.99:
* Various small feature fixes, no security
* Fri Jun 15 2018 tchvatal@suse.com
- Add patch to build under gcc8:
* chromium-gcc8.patch
* Wed Jun 13 2018 security@suse.com
- Chromium 67.0.3396.87:
* CVE-2018-6149: Out of bounds write in V8 (boo#1097452)
* Thu Jun 07 2018 astieger@suse.com
- Chromium 67.0.3396.79:
* CVE-2018-6148: Incorrect handling of CSP header (boo#1096508)
* Fri Jun 01 2018 tchvatal@suse.com
- Require ffmpeg >= 4.0 bsc#1095545
* Wed May 30 2018 tchvatal@suse.com
- Update to 67.0.3396.62 bsc#1095163
* CVE-2018-6123: Use after free in Blink.
* CVE-2018-6124: Type confusion in Blink.
* CVE-2018-6125: Overly permissive policy in WebUSB.
* CVE-2018-6126: Heap buffer overflow in Skia.
* CVE-2018-6127: Use after free in indexedDB.
* CVE-2018-6128: uXSS in Chrome on iOS.
* CVE-2018-6129: Out of bounds memory access in WebRTC.
* CVE-2018-6130: Out of bounds memory access in WebRTC.
* CVE-2018-6131: Incorrect mutability protection in WebAssembly.
* CVE-2018-6132: Use of uninitialized memory in WebRTC.
* CVE-2018-6133: URL spoof in Omnibox.
* CVE-2018-6134: Referrer Policy bypass in Blink.
* CVE-2018-6135: UI spoofing in Blink.
* CVE-2018-6136: Out of bounds memory access in V8.
* CVE-2018-6137: Leak of visited status of page in Blink.
* CVE-2018-6138: Overly permissive policy in Extensions.
* CVE-2018-6139: Restrictions bypass in the debugger extension API.
* CVE-2018-6140: Restrictions bypass in the debugger extension API.
* CVE-2018-6141: Heap buffer overflow in Skia.
* CVE-2018-6142: Out of bounds memory access in V8.
* CVE-2018-6143: Out of bounds memory access in V8.
* CVE-2018-6144: Out of bounds memory access in PDFium.
* CVE-2018-6145: Incorrect escaping of MathML in Blink.
* CVE-2018-6147: Password fields not taking advantage of OS protections in Views.
- Add patches to build on aarch and remove obsolete one:
* chromium-crashpad-aarch64-fix.patch
* chromium-skia-aarch64-buildfix.patch
* chromium-65.0.3325.162-skia-aarch64-buildfix.patch
* chromium-skia-neon.patch
- Remove no longer needed gcc patch:
* chromium-gcc7.patch
- Rebase patches:
* chromium-non-void-return.patch
* chromium-vaapi.patch
* exclude_ymp.patch
* fix_building_widevinecdm_with_chromium.patch
* Sat May 26 2018 astieger@suse.com
- on SLE 12 with SUSE PackageHub 12, do not require the SDK for
libwebpmux1 (bsc#1070421)
* Sat May 26 2018 astieger@suse.com
- Fix installation issue on SUSE PackageHub 12 with libminizip1
(bsc#1093031)
* Wed May 16 2018 astieger@suse.com
- Chromium 66.0.3359.181:
* Autoplay: Force enable on desktop for Web Audio
* Fri May 11 2018 astieger@suse.com
- Chromium 66.0.3359.170 (bsc#1092923):
* Chain leading to sandbox escape:
CVE-2018-6121: Privilege Escalation in extensions
CVE-2018-6122: Type confusion in V8
* CVE-2018-6120: Heap buffer overflow in PDFium
* Various fixes from internal audits, fuzzing and other
initiatives
* Wed May 09 2018 tchvatal@suse.com
- Add patch chromium-skia-system-fontconfig.patch to fix
bsc#1092272
* Fri May 04 2018 guillaume.gardet@opensuse.org
- Enable build on AArch64
- Fix build on AArch64:
* set target_cpu to arm64
* disable tcmalloc and swiftshader for aarch64
* Add new patches:
- chromium-65.0.3325.162-skia-aarch64-buildfix.patch
- chromium-skia-neon.patch
* Fri Apr 27 2018 tchvatal@suse.com
- chromium 66.0.3359.139:
* CVE-2018-6118: Use after free in Media Cache (bsc#1091288)
* drop add-missing-blink-tools.patch, now in tarball again
* Wed Apr 18 2018 tchvatal@suse.com
- Version bump to chromium 66.0.3359.117 bsc#1090000:
* CVE-2018-6085: Use after free in Disk Cache
* CVE-2018-6086: Use after free in Disk Cache
* CVE-2018-6087: Use after free in WebAssembly
* CVE-2018-6088: Use after free in PDFium
* CVE-2018-6089: Same origin policy bypass in Service Worker
* CVE-2018-6090: Heap buffer overflow in Skia
* CVE-2018-6091: Incorrect handling of plug-ins by Service Worker
* CVE-2018-6092: Integer overflow in WebAssembly
* CVE-2018-6093: Same origin bypass in Service Worker
* CVE-2018-6094: Exploit hardening regression in Oilpan
* CVE-2018-6095: Lack of meaningful user interaction requirement before file upload
* CVE-2018-6096: Fullscreen UI spoof
* CVE-2018-6097: Fullscreen UI spoof
* CVE-2018-6098: URL spoof in Omnibox
* CVE-2018-6099: CORS bypass in ServiceWorker
* CVE-2018-6100: URL spoof in Omnibox
* CVE-2018-6101: Insufficient protection of remote debugging prototol in DevTools
* CVE-2018-6102: URL spoof in Omnibox
* CVE-2018-6103: UI spoof in Permissions
* CVE-2018-6104: URL spoof in Omnibox
* CVE-2018-6105: URL spoof in Omnibox
* CVE-2018-6106: Incorrect handling of promises in V8
* CVE-2018-6107: URL spoof in Omnibox
* CVE-2018-6108: URL spoof in Omnibox
* CVE-2018-6109: Incorrect handling of files by FileAPI
* CVE-2018-6110: Incorrect handling of plaintext files via file://
* CVE-2018-6111: Heap-use-after-free in DevTools
* CVE-2018-6112: Incorrect URL handling in DevTools
* CVE-2018-6113: URL spoof in Navigation
* CVE-2018-6114: CSP bypass
* CVE-2018-6115: SmartScreen bypass in downloads
* CVE-2018-6116: Incorrect low memory handling in WebAssembly
* CVE-2018-6117: Confusing autofill settings
* Various fixes from internal audits, fuzzing and other initiatives
- Remove obsolete patches:
* chromium-compiler.patch
* chromium-glibc-2.27.patch
* chromium-vaapi-init.patch
* exclude_ymp.diff
* fix-gn-bootstrap.diff
* fix_network_api_crash.patch
* mojo.patch
- Add new patches:
* chromium-ffmpeg.patch
* chromium-gcc7.patch
* exclude_ymp.patch
* fix-gn-bootstrap.patch
- Rebase patches:
* chromium-master-prefs-path.patch
* chromium-non-void-return.patch
* chromium-sandbox-pie.patch
* chromium-vaapi.patch
- Add patch to fix missing folder from tarball:
* add-missing-blink-tools.patch
* Sun Apr 08 2018 tchvatal@suse.com
- Add vaapi patches:
* chromium-vaapi-init.patch
* chromium-vaapi.patch
* Fri Apr 06 2018 tchvatal@suse.com
- Use memory-constraints package to limit threads as needed
Version: 89.0.4389.72-bp152.2.62.1
* Fri Mar 05 2021 Callum Farmer <gmbr3@opensuse.org>
- Update to 89.0.4389.72 bsc#1182960
- CVE-2021-21159: Heap buffer overflow in TabStrip.
- CVE-2021-21160: Heap buffer overflow in WebAudio.
- CVE-2021-21161: Heap buffer overflow in TabStrip.
- CVE-2021-21162: Use after free in WebRTC.
- CVE-2021-21163: Insufficient data validation in Reader Mode.
- CVE-2021-21164: Insufficient data validation in Chrome for iOS.
- CVE-2021-21165: Object lifecycle issue in audio.
- CVE-2021-21166: Object lifecycle issue in audio.
- CVE-2021-21167: Use after free in bookmarks.
- CVE-2021-21168: Insufficient policy enforcement in appcache.
- CVE-2021-21169: Out of bounds memory access in V8.
- CVE-2021-21170: Incorrect security UI in Loader.
- CVE-2021-21171: Incorrect security UI in TabStrip and Navigation.
- CVE-2021-21172: Insufficient policy enforcement in File System API.
- CVE-2021-21173: Side-channel information leakage in Network Internals.
- CVE-2021-21174: Inappropriate implementation in Referrer.
- CVE-2021-21175: Inappropriate implementation in Site isolation.
- CVE-2021-21176: Inappropriate implementation in full screen mode.
- CVE-2021-21177: Insufficient policy enforcement in Autofill.
- CVE-2021-21178: Inappropriate implementation in Compositing.
- CVE-2021-21179: Use after free in Network Internals.
- CVE-2021-21180: Use after free in tab search.
- CVE-2020-27844: Heap buffer overflow in OpenJPEG.
- CVE-2021-21181: Side-channel information leakage in autofill.
- CVE-2021-21182: Insufficient policy enforcement in navigations.
- CVE-2021-21183: Inappropriate implementation in performance APIs.
- CVE-2021-21184: Inappropriate implementation in performance APIs.
- CVE-2021-21185: Insufficient policy enforcement in extensions.
- CVE-2021-21186: Insufficient policy enforcement in QR scanning.
- CVE-2021-21187: Insufficient data validation in URL formatting.
- CVE-2021-21188: Use after free in Blink.
- CVE-2021-21189: Insufficient policy enforcement in payments.
- CVE-2021-21190: Uninitialized Use in PDFium.
- Added patches:
- chromium-89-quiche-private.patch
- chromium-89-quiche-dcheck.patch
- chromium-89-skia-CropRect.patch
- chromium-89-dawn-include.patch
- chromium-89-webcodecs-deps.patch
- chromium-89-EnumTable-crash.patch
- chromium-shim_headers.patch
- chromium-89-missing-cstring-header.patch
- chromium-89-AXTreeSerializer-include.patch
- chromium-88-gcc-fix-swiftshader-libEGL-visibility.patch
(bsc#1182775)
- Removed patches:
- chromium-fix-char_traits.patch
- build-with-pipewire-0.3.patch
- chromium-79-gcc-protobuf-alignas.patch
- chromium-87-CursorFactory-include.patch
- chromium-87-openscreen-include.patch
- chromium-88-vaapi-attribute.patch
- chromium-88-ozone-deps.patch
- chromium-87-webcodecs-deps.patch
- chromium-88-ityp-include.patch
- chromium-88-AXTreeFormatter-include.patch
- chromium-88-BookmarkModelObserver-include.patch
- chromium-88-federated_learning-include.patch
- chromium-88-ideographicSpaceCharacter.patch
- chromium-88-StringPool-include.patch
- chromium-88-dawn-static.patch
- chromium-88-CompositorFrameReporter-dcheck.patch
* Wed Feb 17 2021 Callum Farmer <gmbr3@opensuse.org>
- Update to 88.0.4324.182 bsc#1182358
- CVE-2021-21149: Stack overflow in Data Transfer.
- CVE-2021-21150: Use after free in Downloads.
- CVE-2021-21151: Use after free in Payments.
- CVE-2021-21152: Heap buffer overflow in Media.
- CVE-2021-21153: Stack overflow in GPU Process.
- CVE-2021-21154: Heap buffer overflow in Tab Strip.
- CVE-2021-21155: Heap buffer overflow in Tab Strip.
- CVE-2021-21156: Heap buffer overflow in V8.
- CVE-2021-21157: Use after free in Web Sockets.
* Mon Feb 15 2021 Callum Farmer <gmbr3@opensuse.org>
- Add chromium-glibc-2.33.patch: fix Sandbox with glibc 2.33
(bsc#1182233)
Version: 86.0.4240.75-bp151.3.113.1
* Mon Oct 19 2020 Marcus Meissner <meissner@suse.com>
- chromium-86-f_seal.patch: F_SEAL* definitions added for leap 15.1 and 15.2
- replace one missed g++-9 by g++-10 for leap 15.1/15.2
* Wed Oct 14 2020 Tomá? Chvátal <tchvatal@suse.com>
- Remove vdpau->vaapi bridge as it breaks a lot:
(fixes welcome by someone else than me)
* chromium-vaapi-fix.patch
* Wed Oct 14 2020 Tomá? Chvátal <tchvatal@suse.com>
- Fix cookiemonster:
* fix-invalid-end-iterator-usage-in-CookieMonster.patch
* Wed Oct 14 2020 Tomá? Chvátal <tchvatal@suse.com>
- Remove vdpau->vaapi bridge as it breaks a lot:
(fixes welcome by someone else than me)
* chromium-vaapi-fix.patch
* Sat Oct 10 2020 Andreas Stieger <andreas.stieger@gmx.de>
- build with system libevent, the gn bug is no longer present
* Wed Sep 23 2020 Tomá? Chvátal <tchvatal@suse.com>
- Remove TOC files to avoid warning in post and fix angle conditional
Version: 85.0.4183.102-bp151.3.107.1
* Tue Sep 15 2020 Tomá? Chvátal <tchvatal@suse.com>
- The egl stuff is from angle not swiftshader, thanks Fedora
bsc#1176450
* Sat Sep 12 2020 Tomá? Chvátal <tchvatal@suse.com>
- Add back the swiftshader folder wrt bsc#1176450
* Wed Sep 09 2020 Tomá? Chvátal <tchvatal@suse.com>
- Update 85.0.4183.102 bsc#1176306:
* CVE-2020-6573: Use after free in video.
* CVE-2020-6574: Insufficient policy enforcement in installer.
* CVE-2020-6575: Race in Mojo.
* CVE-2020-6576: Use after free in offscreen canvas.
* CVE-2020-15959: Insufficient policy enforcement in networking.
* Tue Sep 08 2020 Tomá? Chvátal <tchvatal@suse.com>
- Move swiftshader stuff to chromium folder directly bsc#1176207
* Tue Sep 01 2020 Tomá? Chvátal <tchvatal@suse.com>
- Really update to .83 we accidentally included .69 beta release
Version: 85.0.4183.69-bp151.3.104.1
* Fri Aug 28 2020 Tomá? Chvátal <tchvatal@suse.com>
- Add patch trying to compile with old libdrm on Leap 15.1:
* chromium-lp151-old-drm.patch
* Thu Aug 27 2020 Tomá? Chvátal <tchvatal@suse.com>
- Version update to 85.0.4183.83 bsc#1175757
* CVE-2020-6558: Insufficient policy enforcement in iOS
* CVE-2020-6559: Use after free in presentation API
* CVE-2020-6560: Insufficient policy enforcement in autofill
* CVE-2020-6561: Inappropriate implementation in Content Security Policy
* CVE-2020-6562: Insufficient policy enforcement in Blink
* CVE-2020-6563: Insufficient policy enforcement in intent handling.
* CVE-2020-6564: Incorrect security UI in permissions
* CVE-2020-6565: Incorrect security UI in Omnibox.
* CVE-2020-6566: Insufficient policy enforcement in media.
* CVE-2020-6567: Insufficient validation of untrusted input in command line handling.
* CVE-2020-6568: Insufficient policy enforcement in intent handling.
* CVE-2020-6569: Integer overflow in WebUSB.
* CVE-2020-6570: Side-channel information leakage in WebRTC.
* CVE-2020-6571: Incorrect security UI in Omnibox.
- Use bundled vpx everywhere again as it fails to compile against
system version
- Added patches:
* chromium-85-DelayNode-cast.patch
* chromium-85-FrameWidget-namespace.patch
* chromium-85-NearbyConnection-abstract.patch
* chromium-85-NearbyShareEncryptedMetadataKey-include.patch
* chromium-85-oscillator_node-cast.patch
* chromium-85-ostream-operator.patch
* chromium-85-ozone-include.patch
* chromium-85-sim_hash-include.patch
- Removed patches:
* chromium-82-gcc-template.patch
* chromium-84-AXObject-stl-iterator.patch
* chromium-84-FilePath-add-noexcept.patch
* chromium-84-base-has_bultin.patch
* chromium-84-fix-decltype.patch
* chromium-84-gcc-DOMRect-constexpr.patch
* chromium-84-gcc-noexcept.patch
* chromium-84-gcc-template.patch
* chromium-84-gcc-unique_ptr.patch
* chromium-84-gcc-use-brace-initializer.patch
* chromium-84-nss-include.patch
* chromium-84-ozone-include.patch
* chromium-84-revert-manage-ManifestManagerHost-per-document.patch
* chromium-84-std-vector-const.patch
* chromium-clang_lto_visibility_public.patch
- Updated patches:
* chromium-83-gcc-10.patch
* chromium-84-gcc-include.patch
* chromium-prop-codecs.patch
* gcc-enable-lto.patch
* Thu Aug 27 2020 Tomá? Chvátal <tchvatal@suse.com>
- Version update to 85.0.4183.83 bsc#1175757
* CVE-2020-6558: Insufficient policy enforcement in iOS
* CVE-2020-6559: Use after free in presentation API
* CVE-2020-6560: Insufficient policy enforcement in autofill
* CVE-2020-6561: Inappropriate implementation in Content Security Policy
* CVE-2020-6562: Insufficient policy enforcement in Blink
* CVE-2020-6563: Insufficient policy enforcement in intent handling.
* CVE-2020-6564: Incorrect security UI in permissions
* CVE-2020-6565: Incorrect security UI in Omnibox.
* CVE-2020-6566: Insufficient policy enforcement in media.
* CVE-2020-6567: Insufficient validation of untrusted input in command line handling.
* CVE-2020-6568: Insufficient policy enforcement in intent handling.
* CVE-2020-6569: Integer overflow in WebUSB.
* CVE-2020-6570: Side-channel information leakage in WebRTC.
* CVE-2020-6571: Incorrect security UI in Omnibox.
- Use bundled vpx everywhere again as it fails to compile against
system version
- Added patches:
* chromium-85-DelayNode-cast.patch
* chromium-85-FrameWidget-namespace.patch
* chromium-85-NearbyConnection-abstract.patch
* chromium-85-NearbyShareEncryptedMetadataKey-include.patch
* chromium-85-oscillator_node-cast.patch
* chromium-85-ostream-operator.patch
* chromium-85-ozone-include.patch
* chromium-85-sim_hash-include.patch
- Removed patches:
* chromium-82-gcc-template.patch
* chromium-84-AXObject-stl-iterator.patch
* chromium-84-FilePath-add-noexcept.patch
* chromium-84-base-has_bultin.patch
* chromium-84-fix-decltype.patch
* chromium-84-gcc-DOMRect-constexpr.patch
* chromium-84-gcc-noexcept.patch
* chromium-84-gcc-template.patch
* chromium-84-gcc-unique_ptr.patch
* chromium-84-gcc-use-brace-initializer.patch
* chromium-84-nss-include.patch
* chromium-84-ozone-include.patch
* chromium-84-revert-manage-ManifestManagerHost-per-document.patch
* chromium-84-std-vector-const.patch
* chromium-clang_lto_visibility_public.patch
- Updated patches:
* chromium-83-gcc-10.patch
* chromium-84-gcc-include.patch
* chromium-prop-codecs.patch
* gcc-enable-lto.patch
* Fri Aug 21 2020 Tomá? Chvátal <tchvatal@suse.com>
- Fix the build by removing expectation of llvm-7.0
* Thu Aug 20 2020 Tomá? Chvátal <tchvatal@suse.com>
- Update to 84.0.4147.135 (bsc#1175505):
* CVE-2020-6556: Heap buffer overflow in SwiftShader
* Wed Aug 12 2020 Martin Li?ka <mliska@suse.cz>
- Add chromium-disable-parallel-gold.patch in order to disable
broken parallel ld.gold with LTO.
- Enable again LTO for x86_64 and increase memory constraints.
- Use parallel WPA streaming, we will easily fit into memory constraints.
- Remove memory_constrain hack for LTO.
Version: 84.0.4147.89-bp151.3.94.1
* Fri Jul 17 2020 Tomá? Chvátal <tchvatal@suse.com>
- Try to fix non-wayland build for Leap builds
* Thu Jul 16 2020 Tomá? Chvátal <tchvatal@suse.com>
- Update to 84.0.4147.89 bsc#1174189:
* Critical CVE-2020-6510: Heap buffer overflow in background fetch.
* High CVE-2020-6511: Side-channel information leakage in content security policy.
* High CVE-2020-6512: Type Confusion in V8.
* High CVE-2020-6513: Heap buffer overflow in PDFium.
* High CVE-2020-6514: Inappropriate implementation in WebRTC.
* High CVE-2020-6515: Use after free in tab strip.
* High CVE-2020-6516: Policy bypass in CORS.
* High CVE-2020-6517: Heap buffer overflow in history.
* Medium CVE-2020-6518: Use after free in developer tools.
* Medium CVE-2020-6519: Policy bypass in CSP.
* Medium CVE-2020-6520: Heap buffer overflow in Skia.
* Medium CVE-2020-6521: Side-channel information leakage in autofill.
* Medium CVE-2020-6522: Inappropriate implementation in external protocol handlers.
* Medium CVE-2020-6523: Out of bounds write in Skia.
* Medium CVE-2020-6524: Heap buffer overflow in WebAudio.
* Medium CVE-2020-6525: Heap buffer overflow in Skia.
* Low CVE-2020-6526: Inappropriate implementation in iframe sandbox.
* Low CVE-2020-6527: Insufficient policy enforcement in CSP.
* Low CVE-2020-6528: Incorrect security UI in basic auth.
* Low CVE-2020-6529: Inappropriate implementation in WebRTC.
* Low CVE-2020-6530: Out of bounds memory access in developer tools.
* Low CVE-2020-6531: Side-channel information leakage in scroll to text.
* Low CVE-2020-6533: Type Confusion in V8.
* Low CVE-2020-6534: Heap buffer overflow in WebRTC.
* Low CVE-2020-6535: Insufficient data validation in WebUI.
* Low CVE-2020-6536: Incorrect security UI in PWAs.
- Use bundled xcb-proto as we need to generate py2 bindings
- Add new patches:
* chromium-84-AXObject-stl-iterator.patch
* chromium-84-FilePath-add-noexcept.patch
* chromium-84-base-has_bultin.patch
* chromium-84-blink-disable-clang-format.patch
* chromium-84-fix-decltype.patch
* chromium-84-gcc-DOMRect-constexpr.patch
* chromium-84-gcc-include.patch
* chromium-84-gcc-noexcept.patch
* chromium-84-gcc-template.patch
* chromium-84-gcc-unique_ptr.patch
* chromium-84-gcc-use-brace-initializer.patch
* chromium-84-nss-include.patch
* chromium-84-ozone-include.patch
* chromium-84-revert-manage-ManifestManagerHost-per-document.patch
* chromium-84-std-vector-const.patch
* chromium-84.0.4147.89.tar.xz
* chromium-blink-gcc-diagnostic-pragma.patch
* chromium-clang_lto_visibility_public.patch
* chromium-quiche-invalid-offsetof.patch
* system-libdrm.patch
- Remove no longer needed patches:
* chromium-81-re2-0.2020.05.01.patch
* chromium-82-gcc-incomplete-type.patch
* chromium-82-gcc-iterator.patch
* chromium-82-gcc-noexcept.patch
* chromium-83-gcc-include.patch
* chromium-83-gcc-iterator.patch
* chromium-83-gcc-permissive.patch
* chromium-83-gcc-serviceworker.patch
* chromium-83-gcc-template.patch
* chromium-83-icu67.patch
* chromium-83.0.4103.97-skia-gcc-no_sanitize-fixes.patch
* chromium-dev-shm.patch
- Rebase and update patches:
* build-with-pipewire-0.3.patch
* chromium-83-gcc-10.patch
* chromium-84-mediaalloc.patch
* chromium-norar.patch
* chromium-vaapi-fix.patch
* Sun Jun 28 2020 Atri Bhattacharya <badshah400@gmail.com>
- Refresh build-with-pipewire-0.3.patch to mirror similar patch
by Fedora for Firefox; screen-capture wasn't actually working
with the previous version of the patch.
- Add BuildRequires: pkgconfig(libspa-2.0) when building with
pipewire support to guard against potential package splitting
off of pipewire-spa-devel from pipewire-devel.
* Thu Jun 25 2020 Tomá? Chvátal <tchvatal@suse.com>
- Disable the LTO again as it still OOMs quite often
* Thu May 28 2020 Tomá? Chvátal <tchvatal@suse.com>
- Add patch to not use bundled unrar:
* chromium-norar.patch
Version: 83.0.4103.116-bp151.3.91.1
* Wed Jun 24 2020 Tomá? Chvátal <tchvatal@suse.com>
- Add patch to work with new ffmpeg wrt bsc#1173292:
* chromium-84-mediaalloc.patch
* Tue Jun 23 2020 Tomá? Chvátal <tchvatal@suse.com>
- Add multimedia fix for disabled location and also try one
additional patch from Debian on the same issue bsc#1173107
Update patch:
* no-location-leap151.patch
* Tue Jun 23 2020 Tomá? Chvátal <tchvatal@suse.com>
- Add patch from Fedora to avoid attribute overrides in skia:
* chromium-83.0.4103.97-skia-gcc-no_sanitize-fixes.patch
* Tue Jun 23 2020 Tomá? Chvátal <tchvatal@suse.com>
- Add patch to hopefully fix bsc#1173107:
* chromium-dev-shm.patch
* Tue Jun 23 2020 Tomá? Chvátal <tchvatal@suse.com>
- Update to 83.0.4103.116 bsc#1173251:
* CVE-2020-6509: Use after free in extensions
* Fri Jun 19 2020 Tomá? Chvátal <tchvatal@suse.com>
- Reduce constraints to say 20 GB disk space is enough
* Fri Jun 19 2020 Tomá? Chvátal <tchvatal@suse.com>
- Disable wayland integration on 15.x bsc#1173187 bsc#1173188
bsc#1173254
Version: 83.0.4103.97-bp151.3.85.1
* Mon Jun 15 2020 Tomá? Chvátal <tchvatal@suse.com>
- Another attempt on the location handling for Leap 15.1:
* no-location-leap151.patch
* Thu Jun 11 2020 Tomá? Chvátal <tchvatal@suse.com>
- Attempt to build with wayland/ozone enabled
* Thu Jun 11 2020 Tomá? Chvátal <tchvatal@suse.com>
- Enable more system libs on 15.2+
- Remove the chromium-83-gcc-location-revert.patch as it is wrong
approach to fix the problem
* Thu Jun 11 2020 Tomá? Chvátal <tchvatal@suse.com>
- Update _constraints to match up LTO enablement
* Wed Jun 10 2020 Tomá? Chvátal <tchvatal@suse.com>
- With GCC 10 released we should be able to enable LTO again
* Thu Jun 04 2020 Tomá? Chvátal <tchvatal@suse.com>
- Update to 83.0.4103.97 bsc#1172496:
* CVE-2020-6493: Use after free in WebAuthentication.
* CVE-2020-6494: Incorrect security UI in payments.
* CVE-2020-6495: Insufficient policy enforcement in developer tools.
* CVE-2020-6496: Use after free in payments.
* Thu May 28 2020 Tomá? Chvátal <tchvatal@suse.com>
- Add patch to not use bundled unrar:
* chromium-norar.patch
* Thu May 28 2020 Fabian Vogt <fvogt@suse.com>
- Amend chromium-prop-codecs.patch to allow proprietary_codecs
without building third_party/openh264
* Wed May 27 2020 Tomá? Chvátal <tchvatal@suse.com>
- Add revert of location setting commit that broke build on
openSUSE Leap 15.1:
* chromium-83-gcc-location-revert.patch
* Mon May 25 2020 Tomá? Chvátal <tchvatal@suse.com>
- Swtich to GCC 9.x on Leaps to avoid gcc bug exposed in gcc8
* Fri May 22 2020 Tomá? Chvátal <tchvatal@suse.com>
- Add patch to fix building with new re2:
* chromium-81-re2-0.2020.05.01.patch
* Wed May 20 2020 Guillaume GARDET <guillaume.gardet@opensuse.org>
- Update _constraints to avoid very slow builds seen on obs-arm-4
(probably due to swap)
* Wed May 20 2020 Tomá? Chvátal <tchvatal@suse.com>
- Update to 83.0.4103.61 bsc#1171910:
* CVE-2020-6465: Use after free in reader mode. Reported by Woojin Oh(@pwn_expoit) of STEALIEN on 2020-04-21
* CVE-2020-6466: Use after free in media. Reported by Zhe Jin from cdsrc of Qihoo 360 on 2020-04-26
* CVE-2020-6467: Use after free in WebRTC. Reported by ZhanJia Song on 2020-04-06
* CVE-2020-6468: Type Confusion in V8. Reported by Chris Salls and Jake Corina of Seaside Security, Chani Jindal of Shellphish on 2020-04-30
* CVE-2020-6469: Insufficient policy enforcement in developer tools. Reported by David Erceg on 2020-04-02
* CVE-2020-6470: Insufficient validation of untrusted input in clipboard. Reported by Micha? Bentkowski of Securitum on 2020-03-30
* CVE-2020-6471: Insufficient policy enforcement in developer tools. Reported by David Erceg on 2020-03-08
* CVE-2020-6472: Insufficient policy enforcement in developer tools. Reported by David Erceg on 2020-03-25
* CVE-2020-6473: Insufficient policy enforcement in Blink. Reported by Soroush Karami and Panagiotis Ilia on 2020-02-06
* CVE-2020-6474: Use after free in Blink. Reported by Zhe Jin from cdsrc of Qihoo 360 on 2020-03-07
* CVE-2020-6475: Incorrect security UI in full screen. Reported by Khalil Zhani on 2019-10-31
* CVE-2020-6476: Insufficient policy enforcement in tab strip. Reported by Alexandre Le Borgne on 2019-12-18
* CVE-2020-6477: Inappropriate implementation in installer. Reported by RACK911 Labs on 2019-03-26
* CVE-2020-6478: Inappropriate implementation in full screen. Reported by Khalil Zhani on 2019-12-24
* CVE-2020-6479: Inappropriate implementation in sharing. Reported by Zhong Zhaochen of andsecurity.cn on 2020-01-14
* CVE-2020-6480: Insufficient policy enforcement in enterprise. Reported by Marvin Witt on 2020-02-21
* CVE-2020-6481: Insufficient policy enforcement in URL formatting. Reported by Rayyan Bijoora on 2020-04-07
* CVE-2020-6482: Insufficient policy enforcement in developer tools. Reported by Abdulrahman Alqabandi (@qab) on 2017-12-17
* CVE-2020-6483: Insufficient policy enforcement in payments. Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research on 2019-05-23
* CVE-2020-6484: Insufficient data validation in ChromeDriver. Reported by Artem Zinenko on 2020-01-26
* CVE-2020-6485: Insufficient data validation in media router. Reported by Sergei Glazunov of Google Project Zero on 2020-01-30
* CVE-2020-6486: Insufficient policy enforcement in navigations. Reported by David Erceg on 2020-02-24
* CVE-2020-6487: Insufficient policy enforcement in downloads. Reported by Jun Kokatsu (@shhnjk) on 2015-10-06
* CVE-2020-6488: Insufficient policy enforcement in downloads. Reported by David Erceg on 2020-01-21
* CVE-2020-6489: Inappropriate implementation in developer tools. Reported by @lovasoa (Ophir LOJKINE) on 2020-02-10
* CVE-2020-6490: Insufficient data validation in loader. Reported by Twitter on 2019-12-19
* CVE-2020-6491: Incorrect security UI in site information. Reported by Sultan Haikal M.A on 2020-02-07
- Rebase patch:
* chromium-vaapi.patch
- Remove merged patches:
* icu-v67.patch
* chromium-80-gcc-blink.patch
* chromium-80.0.3987.106-missing-cstddef-header.patch
* chromium-80.0.3987.87-missing-cstdint-header.patch
* chromium-80.0.3987.87-missing-string-header.patch
* chromium-81-gcc-constexpr.patch
* chromium-81-gcc-noexcept.patch
* chromium-old-glibc-noexcept.patch
* fix-vaapi-with-glx.patch
- Add new patches:
* chromium-82-gcc-constexpr.patch
* chromium-82-gcc-incomplete-type.patch
* chromium-82-gcc-iterator.patch
* chromium-82-gcc-noexcept.patch
* chromium-82-gcc-template.patch
* chromium-83-gcc-10.patch
* chromium-83-gcc-include.patch
* chromium-83-gcc-iterator.patch
* chromium-83-gcc-permissive.patch
* chromium-83-gcc-serviceworker.patch
* chromium-83-gcc-template.patch
* chromium-83-icu67.patch
Version: 81.0.4044.129-bp151.3.75.1
* Wed Apr 29 2020 Andreas Stieger <andreas.stieger@gmx.de>
- update to 81.0.4044.129 (boo#1170707):
* CVE-2020-0561: Use after free in storage
* CVE-2020-6462: Use after free in task scheduling
* Tue Apr 28 2020 Martin Li?ka <mliska@suse.cz>
- Add chromium-80.0.3987.87-missing-cstdint-header.patch,
chromium-80.0.3987.87-missing-string-header.patch and
chromium-80.0.3987.106-missing-cstddef-header.patch
in order to fix build with GCC 10.
* Tue Apr 21 2020 Andreas Stieger <andreas.stieger@gmx.de>
- Update to 81.0.4044.122 (boo#1170107 bsc#1171975):
* CVE-2020-6459: Use after free in payments
* CVE-2020-6460: Insufficient data validation in URL formatting
* CVE-2020-6458: Out of bounds read and write in PDFium
* CVE-2020-6463: Use after free in ANGLE
Version: 81.0.4044.92-bp151.3.66.1
* Wed Apr 08 2020 Tomá? Chvátal <tchvatal@suse.com>
- Update to 81.0.4044.92 bsc#1168911:
* CVE-2020-6454: Use after free in extensions
* CVE-2020-6423: Use after free in audio
* CVE-2020-6455: Out of bounds read in WebSQL
* CVE-2020-6430: Type Confusion in V8
* CVE-2020-6456: Insufficient validation of untrusted input in clipboard
* CVE-2020-6431: Insufficient policy enforcement in full screen
* CVE-2020-6432: Insufficient policy enforcement in navigations
* CVE-2020-6433: Insufficient policy enforcement in extensions
* CVE-2020-6434: Use after free in devtools
* CVE-2020-6435: Insufficient policy enforcement in extensions
* CVE-2020-6436: Use after free in window management
* CVE-2020-6437: Inappropriate implementation in WebView
* CVE-2020-6438: Insufficient policy enforcement in extensions
* CVE-2020-6439: Insufficient policy enforcement in navigations
* CVE-2020-6440: Inappropriate implementation in extensions
* CVE-2020-6441: Insufficient policy enforcement in omnibox
* CVE-2020-6442: Inappropriate implementation in cache
* CVE-2020-6443: Insufficient data validation in developer tools
* CVE-2020-6444: Uninitialized Use in WebRTC
* CVE-2020-6445: Insufficient policy enforcement in trusted types
* CVE-2020-6446: Insufficient policy enforcement in trusted types
* CVE-2020-6447: Inappropriate implementation in developer tools
* CVE-2020-6448: Use after free in V8
- Add new patches:
* chromium-81-gcc-constexpr.patch
* chromium-81-gcc-noexcept.patch
* fix-vaapi-with-glx.patch
- Remove no longer needed patches:
* chromium-80-gcc-abstract.patch
* chromium-80-gcc-incomplete-type.patch
* chromium-80-gcc-permissive.patch
* chromium-80-include.patch
* chromium-80-unbundle-libxml.patch
* chromium-missing-cstddef-header.patch
* chromium-missing-cstdint-header.patch
* chromium-missing-cstring-header.patch
* chromium-missing-cstring-header2.patch
* chromium-system-icu.patch
* chromium-unbundle-zlib.patch
* webrtc-pulse.patch
- Rebase patches:
* build-with-pipewire-0.3.patch
* chromium-vaapi-fix.patch
* chromium-vaapi.patch
* gpu-timeout.patch
* old-libva.patch
* Thu Apr 02 2020 Tomá? Chvátal <tchvatal@suse.com>
- Update to 80.0.3987.162 bsc#1168421:
* CVE-2020-6450: Use after free in WebAudio.
* CVE-2020-6451: Use after free in WebAudio.
* CVE-2020-6452: Heap buffer overflow in media.
* Sun Mar 29 2020 Martin Li?ka <mliska@suse.cz>
- Rebase build-with-pipewire-0.3.patch in order to fix
patch collision.
* Sat Mar 28 2020 Martin Li?ka <mliska@suse.cz>
- Add chromium-missing-cstdint-header.patch,
chromium-missing-cstring-header.patch,
chromium-missing-cstring-header2.patch and
chromium-missing-cstddef-header.patch in order to fix boo#1167465.
* Fri Mar 27 2020 Stasiek Michalski <stasiek@michalski.cc>
- Use a symbolic icon for GNOME
* Mon Mar 23 2020 Antonio Larrosa <alarrosa@suse.com>
- Add patch to allow building with pipewire 0.3:
* build-with-pipewire-0.3.patch
- Use pipewire in Leap 15.2
Version: 80.0.3987.149-bp151.3.63.3
* Thu Mar 19 2020 Tomá? Chvátal <tchvatal@suse.com>
- Update to 80.0.3987.149:
* High CVE-2020-6422: Use after free in WebGL.
* High CVE-2020-6424: Use after free in media.
* High CVE-2020-6425: Insufficient policy enforcement in extensions.
* High CVE-2020-6426: Inappropriate implementation in V8.
* High CVE-2020-6427: Use after free in audio.
* High CVE-2020-6428: Use after free in audio.
* High CVE-2020-6429: Use after free in audio.
* High CVE-2019-20503: Out of bounds read in usersctplib.
* High CVE-2020-6449: Use after free in audio.
* Various fixes from internal audits, fuzzing and other initiatives
* Sat Mar 14 2020 Tomá? Chvátal <tchvatal@suse.com>
- Do not pull in python deps except interpreter, the bundles
are patched anwyays
* Thu Mar 05 2020 Tomá? Chvátal <tchvatal@suse.com>
- Update to 80.0.3987.132 bsc#1165826:
* CVE-2020-6420: Insufficient policy enforcement in media.
* Various fixes from internal audits, fuzzing and other initiatives [2].
* Tue Mar 03 2020 Tomá? Chvátal <tchvatal@suse.com>
- Add patch trying to fix pulse audio issues with webrtc:
* webrtc-pulse.patch
* Tue Feb 25 2020 Tomá? Chvátal <tchvatal@suse.com>
- Update to 80.0.3987.122 bsc#1164828:
* CVE-2020-6418: Type confusion in V8
* CVE-2020-6407: Out of bounds memory access in streams.
* Integer overflow in ICU
* Mon Feb 17 2020 Tomá? Chvátal <tchvatal@suse.com>
- Add chromedriver binary to bindir
* Thu Feb 13 2020 Tomá? Chvátal <tchvatal@suse.com>
- Drop sandbox binary as it should not be needed really bsc#1163588
- Remove unused patch:
* chromium-sandbox-pie.patch
* Wed Feb 12 2020 Tomá? Chvátal <tchvatal@suse.com>
- Update to 80.0.3987.100 bsc#1163484:
* feature fixes only
Version: 78.0.3904.97-bp150.246.1
* Fri Nov 08 2019 Andreas Stieger <andreas.stieger@gmx.de>
- Update to 78.0.3904.97 boo#1156172:
* Various security fixes from internal audits, fuzzing and other
initiatives
* Wed Nov 06 2019 Tomá? Chvátal <tchvatal@suse.com>
- Keep just one conditional for vaapi enablement
* Mon Nov 04 2019 Tomá? Chvátal <tchvatal@suse.com>
- Add more magic for zlib handling for SLE12 build
* Mon Nov 04 2019 Tomá? Chvátal <tchvatal@suse.com>
- Add patch trying to build on SLE12:
* chromium-old-glibc-noexcept.patch
Version: 78.0.3904.70-bp150.240.1
* Fri Oct 25 2019 Tomá? Chvátal <tchvatal@suse.com>
- Disable LTO for now as it consumes ~20GB of RAM, we will reenable
the feature later when some memory consumption fixes land in
GCC
* Thu Oct 24 2019 Tomá? Chvátal <tchvatal@suse.com>
- Adjust LDFLAGS settings for LTO to take memory-constraints into
consideration
* Wed Oct 23 2019 Tomá? Chvátal <tchvatal@suse.com>
- Update to 78.0.3904.70 bsc#1154806:
* CVE-2019-13699: Use-after-free in media
* CVE-2019-13700: Buffer overrun in Blink
* CVE-2019-13701: URL spoof in navigation
* CVE-2019-13702: Privilege elevation in Installer
* CVE-2019-13703: URL bar spoofing
* CVE-2019-13704: CSP bypass
* CVE-2019-13705: Extension permission bypass
* CVE-2019-13706: Out-of-bounds read in PDFium
* CVE-2019-13707: File storage disclosure
* CVE-2019-13708: HTTP authentication spoof
* CVE-2019-13709: File download protection bypass
* CVE-2019-13710: File download protection bypass
* CVE-2019-13711: Cross-context information leak
* CVE-2019-15903: Buffer overflow in expat
* CVE-2019-13713: Cross-origin data leak
* CVE-2019-13714: CSS injection
* CVE-2019-13715: Address bar spoofing
* CVE-2019-13716: Service worker state error
* CVE-2019-13717: Notification obscured
* CVE-2019-13718: IDN spoof
* CVE-2019-13719: Notification obscured
* Various fixes from internal audits, fuzzing and other initiatives
- Add patches:
* chromium-78-gcc-enum-range.patch
* chromium-78-gcc-noexcept.patch
* chromium-78-gcc-std-vector.patch
* chromium-78-icon.patch
* chromium-78-include.patch
* chromium-78-noexcept.patch
* chromium-78-pm-crash.patch
* chromium-78-protobuf-export.patch
- Remove patches:
* chromium-77-blink-include.patch
* chromium-77-fix-gn-gen.patch
* chromium-77-gcc-abstract.patch
* chromium-77-gcc-include.patch
* chromium-77-gcc-no-opt-safe-math.patch
* chromium-77-no-cups.patch
* chromium-77-std-string.patch
* chromium-77-system-hb.patch
* chromium-77.0.3865.120.tar.xz
* chromium-77.0.3865.75-certificate-transparency.patch
- Rebase patches:
* chromium-system-icu.patch
* chromium-unbundle-zlib.patch
* chromium-vaapi-fix.patch
* chromium-vaapi.patch
* old-libva.patch
At revision 0ad55cb9e188d5926db26003b443eec9.
* Fri Oct 18 2019 Stasiek Michalski <hellcp@mailbox.org>
- Use internal resources for icon and appdata
Version: 77.0.3865.75-bp150.231.1
* Mon Sep 16 2019 Tomá? Chvátal <tchvatal@suse.com>
- Add patch from Fedora for cert transparency:
* chromium-77.0.3865.75-certificate-transparency.patch
* Mon Sep 16 2019 Tomá? Chvátal <tchvatal@suse.com>
- Add patches from gentoo:
* chromium-77-clang.patch
* chromium-77-gcc-no-opt-safe-math.patch
* chromium-77-no-cups.patch
* chromium-77-std-string.patch
* Thu Sep 12 2019 Tomá? Chvátal <tchvatal@suse.com>
- Update patch old-libva.patch to build on openSUSE Leap 15.0
* Thu Sep 12 2019 Tomá? Chvátal <tchvatal@suse.com>
- Update patch old-libva.patch to build on openSUSE Leap 15.0
Version: 76.0.3809.87-bp150.220.1
* Thu Aug 08 2019 Tomá? Chvátal <tchvatal@suse.com>
- Add patches to fix few compilation issues:
* chromium-angle-inline.patch
* chromium-fix-char_traits.patch bsc#1144625
- Remove not properly applying old-glibc patch:
* chromium-old-glibc.patch
- Disable various gcc warnings as upstream does not care and it
just bloats the buildlog (from debian)
* Fri Aug 02 2019 Tomá? Chvátal <tchvatal@suse.com>
- Update to 76.0.3809.87 bsc#1143492:
* CVE-2019-5850: Use-after-free in offline page fetcher
* CVE-2019-5860: Use-after-free in PDFium
* CVE-2019-5853: Memory corruption in regexp length check
* CVE-2019-5851: Use-after-poison in offline audio context
* CVE-2019-5859: res: URIs can load alternative browsers
* CVE-2019-5856: Insufficient checks on filesystem: URI permissions
* CVE-2019-5855: Integer overflow in PDFium
* CVE-2019-5865: Site isolation bypass from compromised renderer
* CVE-2019-5858: Insufficient filtering of Open URL service parameters
* CVE-2019-5864: Insufficient port filtering in CORS for extensions
* CVE-2019-5862: AppCache not robust to compromised renderers
* CVE-2019-5861: Click location incorrectly checked
* CVE-2019-5857: Comparison of -0 and null yields crash
* CVE-2019-5854: Integer overflow in PDFium text rendering
* CVE-2019-5852: Object leak of utility functions
* Various fixes from internal audits, fuzzing and other initiatives
* Not affected:
+ CVE-2019-5863: Use-after-free in WebUSB on Windows
- Added patches:
* chromium-76-gcc-ambiguous-nodestructor.patch
* chromium-76-gcc-blink-constexpr.patch
* chromium-76-gcc-blink-namespace1.patch
* chromium-76-gcc-blink-namespace2.patch
* chromium-76-gcc-gl-init.patch
* chromium-76-gcc-include.patch
* chromium-76-gcc-noexcept.patch
* chromium-76-gcc-private.patch
* chromium-76-gcc-pure-virtual.patch
* chromium-76-gcc-uint32.patch
* chromium-76-gcc-vulkan.patch
* chromium-76-quiche.patch
- Removed patches:
* chromium-non-void-return.patch
* chromium-75.0.3770.80-SIOCGSTAMP.patch
* chromium-75.0.3770.80-pure-virtual-crash-fix.patch
* chromium-gcc.patch
* chromium-renderprocess-crash.patch
* chromium-skia-system-fontconfig.patch
- Refreshed patches:
* chromium-dma-buf.patch
* chromium-drm.patch
* chromium-libusb_interrupt_event_handler.patch
* chromium-skia-aarch64-buildfix.patch
* chromium-system-icu.patch
* chromium-vaapi.patch
* old-libva.patch
* Tue Jul 30 2019 Tomá? Chvátal <tchvatal@suse.com>
- Do not use lto flags from prjconf, we need to set them using
gn buildsystem
* Tue Jul 30 2019 Tomá? Chvátal <tchvatal@suse.com>
- Drop patch chromium-non-void-return.patch and just pass
a cxxflags disabler for the check
Version: 75.0.3770.142-bp150.217.1
* Wed Jul 17 2019 Tomá? Chvátal <tchvatal@suse.com>
- Update gcc-enable-lto.patch to work on systems without the
lto
* Tue Jul 16 2019 Tomá? Chvátal <tchvatal@suse.com>
- Update to 75.0.3770.142 bsc#1141649:
* CVE-2019-5847: V8 sealed/frozen elements cause crash
* CVE-2019-5848: Font sizes may expose sensitive information
- Add patch chromium-renderprocess-crash.patch to hopefully fix
bsc#1141102
* Tue Jul 02 2019 Martin Li?ka <mliska@suse.cz>
- Enable LTO for x86_64 - add gcc-enable-lto.patch and
gcc-lto-rsp-clobber.patch patches.
* Tue Jul 02 2019 Tomá? Chvátal <tchvatal@suse.com>
- Install manpage
* Wed Jun 19 2019 Tomá? Chvátal <tchvatal@suse.com>
- Update to 75.0.3770.100:
* This is just feature fixes update
Version: 75.0.3770.90-bp150.213.3
* Fri Jun 14 2019 Tomá? Chvátal <tchvatal@suse.com>
- Update to 75.0.3770.90 bsc#1137332 bsc#1138287:
* CVE-2019-5842: Use-after-free in Blink.
* Tue Jun 11 2019 Tomá? Chvátal <tchvatal@suse.com>
- Fix build with kernel 5.2 and avoid runtime crash due to pure virtual
declaration:
* chromium-75.0.3770.80-SIOCGSTAMP.patch
* chromium-75.0.3770.80-pure-virtual-crash-fix.patch
* Sat Jun 08 2019 Tomá? Chvátal <tchvatal@suse.com>
- Update old-libva.patch to make sure we build on Leap 42.3
* Fri Jun 07 2019 Tomá? Chvátal <tchvatal@suse.com>
- Update to 75.0.3770.80 bsc#1137332:
* CVE-2019-5828: Use after free in ServiceWorker
* CVE-2019-5829: Use after free in Download Manager
* CVE-2019-5830: Incorrectly credentialed requests in CORS
* CVE-2019-5831: Incorrect map processing in V8
* CVE-2019-5832: Incorrect CORS handling in XHR
* CVE-2019-5833: Inconsistent security UI placemen
* CVE-2019-5835: Out of bounds read in Swiftshader
* CVE-2019-5836: Heap buffer overflow in Angle
* CVE-2019-5837: Cross-origin resources size disclosure in Appcache
* CVE-2019-5838: Overly permissive tab access in Extensions
* CVE-2019-5839: Incorrect handling of certain code points in Blink
* CVE-2019-5840: Popup blocker bypass
* Various fixes from internal audits, fuzzing and other initiatives
* CVE-2019-5834: URL spoof in Omnibox on iOS
- Remove merged patchsets:
* 00-basevalue.patch
* 01-basevalue.patch
* 02-basevalue.patch
* 03-basevalue.patch
* 04-basevalue.patch
* 05-basevalue.patch
* 06-basevalue.patch
* chromium-fix-crc32-for-aarch64.patch
* quic.patch
- Update patches:
* chromium-gcc.patch
* chromium-non-void-return.patch
* chromium-vaapi.patch
* old-libva.patch
* Tue May 28 2019 Tomá? Chvátal <tchvatal@suse.com>
- Update to 74.0.3729.169:
* Feature fixes update only
Version: 74.0.3729.108-bp150.207.1
* Tue Apr 30 2019 Tomá? Chvátal <tchvatal@suse.com>
- Update to 74.0.3729.108 bsc#1133313:
* CVE-2019-5805: Use after free in PDFium
* CVE-2019-5806: Integer overflow in Angle
* CVE-2019-5807: Memory corruption in V8
* CVE-2019-5808: Use after free in Blink
* CVE-2019-5809: Use after free in Blink
* CVE-2019-5810: User information disclosure in Autofill
* CVE-2019-5811: CORS bypass in Blink
* CVE-2019-5813: Out of bounds read in V8
* CVE-2019-5814: CORS bypass in Blink
* CVE-2019-5815: Heap buffer overflow in Blink
* CVE-2019-5818: Uninitialized value in media reader
* CVE-2019-5819: Incorrect escaping in developer tools
* CVE-2019-5820: Integer overflow in PDFium
* CVE-2019-5821: Integer overflow in PDFium
* CVE-2019-5822: CORS bypass in download manager
* CVE-2019-5823: Forced navigation from service worker
* CVE-2019-5812: URL spoof in Omnibox on iOS
* CVE-2019-5816: Exploit persistence extension on Android
* CVE-2019-5817: Heap buffer overflow in Angle on Windows
- Add patches:
* 00-basevalue.patch
* 01-basevalue.patch
* 02-basevalue.patch
* 03-basevalue.patch
* 04-basevalue.patch
* 05-basevalue.patch
* 06-basevalue.patch
* old-libva.patch
* quic.patch
- Remove patches:
* chromium-73.0.3683.75-pipewire-cstring-fix.patch
* chromium-fix_crashpad.patch
* chromium-fix_swiftshader.patch
* chromium-old-libva.patch
- Rebase patches:
* chromium-gcc.patch
* chromium-non-void-return.patch
* chromium-old-glibc.patch
* Fri Apr 05 2019 Tomá? Chvátal <tchvatal@suse.com>
- Update to 73.0.3686.103:
* Various feature fixes
* Mon Mar 25 2019 Tomá? Chvátal <tchvatal@suse.com>
- Add patch for pipewire build:
* chromium-73.0.3683.75-pipewire-cstring-fix.patch
* Mon Mar 25 2019 Tomá? Chvátal <tchvatal@suse.com>
- Update to 73.0.3683.86:
* Just feature fixes around
- Refresh patch:
* chromium-non-void-return.patch
* Thu Mar 21 2019 Tomá? Chvátal <tchvatal@suse.com>
- Update conditions to use system harfbuzz on TW+
- Require java during build
- Enable using pipewire when available
- Rebase chromium-vaapi.patch to match up the Fedora one
Version: 72.0.3626.121-bp150.2.37.1
* Mon Mar 04 2019 Tomá? Chvátal <tchvatal@suse.com>
- Drop direct dependency on libgsm, we just need the devel
* Sat Mar 02 2019 Tomá? Chvátal <tchvatal@suse.com>
- Update to 72.0.3626.121:
* fixes bsc#1127602 CVE-2019-5786
* Mon Feb 25 2019 Tomá? Chvátal <tchvatal@suse.com>
- Update to 72.0.3626.119:
* Feature fixes update only
* Wed Feb 20 2019 Tomá? Chvátal <tchvatal@suse.com>
- Update to 72.0.3626.109:
* This is just feature fixes update
Version: 72.0.3626.96-bp150.2.32.1
* Mon Feb 11 2019 Tomá? Chvátal <tchvatal@suse.com>
- Update to 72.0.3626.96 bsc#1124936:
* CVE-2019-5784: Inappropriate implementation in V8
* Mon Feb 11 2019 Simon Lees <sflees@suse.de>
- Provide web_browser so chromium can be installed instead of firefox.
* Wed Jan 30 2019 Tomá? Chvátal <tchvatal@suse.com>
- Update to 72.0.3626.81 bsc#1123641:
* CVE-2019-5754: Inappropriate implementation in QUIC Networking. Reported by Klzgrad on 2018-12-12
* CVE-2019-5782: Inappropriate implementation in V8. Reported by Qixun Zhao of Qihoo 360 Vulcan Team via Tianfu Cup on 2018-11-16
* CVE-2019-5755: Inappropriate implementation in V8. Reported by Jay Bosamiya on 2018-12-10
* CVE-2019-5756: Use after free in PDFium. Reported by Anonymous on 2018-10-14
* CVE-2019-5757: Type Confusion in SVG. Reported by Alexandru Pitis, Microsoft Browser Vulnerability Research on 2018-12-15
* CVE-2019-5758: Use after free in Blink. Reported by Zhe Jin?????Luyao Liu(???) from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd on 2018-12-11
* CVE-2019-5759: Use after free in HTML select elements. Reported by Almog Benin on 2018-12-05
* CVE-2019-5760: Use after free in WebRTC. Reported by Zhe Jin?????Luyao Liu(???) from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd on 2018-12-05
* CVE-2019-5761: Use after free in SwiftShader. Reported by Zhe Jin?????Luyao Liu(???) from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd on 2018-11-13
* CVE-2019-5762: Use after free in PDFium. Reported by Anonymous on 2018-10-31
* CVE-2019-5763: Insufficient validation of untrusted input in V8. Reported by Guang Gong of Alpha Team, Qihoo 360 on 2018-12-13
* CVE-2019-5764: Use after free in WebRTC. Reported by Eyal Itkin from Check Point Software Technologies on 2018-12-09
* CVE-2019-5765: Insufficient policy enforcement in the browser. Reported by Sergey Toshin (@bagipro) on 2019-01-16
* CVE-2019-5766: Insufficient policy enforcement in Canvas. Reported by David Erceg on 2018-11-20
* CVE-2019-5767: Incorrect security UI in WebAPKs. Reported by Haoran Lu, Yifan Zhang, Luyi Xing, and Xiaojing Liao from Indiana University Bloomington on 2018-11-06
* CVE-2019-5768: Insufficient policy enforcement in DevTools. Reported by Rob Wu on 2018-01-24
* CVE-2019-5769: Insufficient validation of untrusted input in Blink. Reported by Guy Eshel on 2018-12-11
* CVE-2019-5770: Heap buffer overflow in WebGL. Reported by hemidallt@ on 2018-11-27
* CVE-2019-5771: Heap buffer overflow in SwiftShader. Reported by Zhe Jin?????Luyao Liu(???) from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd on 2018-11-12
* CVE-2019-5772: Use after free in PDFium. Reported by Zhen Zhou of NSFOCUS Security Team on 2018-11-26
* CVE-2019-5773: Insufficient data validation in IndexedDB. Reported by Yongke Wang of Tencent's Xuanwu Lab (xlab.tencent.com) on 2018-12-24
* CVE-2019-5774: Insufficient validation of untrusted input in SafeBrowsing. Reported by Junghwan Kang (ultract) and Juno Im on 2018-11-11
* CVE-2019-5775: Insufficient policy enforcement in Omnibox. Reported by evi1m0 of Bilibili Security Team on 2018-10-18
* CVE-2019-5776: Insufficient policy enforcement in Omnibox. Reported by Lnyas Zhang on 2018-07-14
* CVE-2019-5777: Insufficient policy enforcement in Omnibox. Reported by Khalil Zhani on 2018-06-04
* CVE-2019-5778: Insufficient policy enforcement in Extensions. Reported by David Erceg on 2019-01-02
* CVE-2019-5779: Insufficient policy enforcement in ServiceWorker. Reported by David Erceg on 2018-11-11
* CVE-2019-5780: Insufficient policy enforcement. Reported by Andreas Hegenberg (folivora.AI GmbH) on 2018-10-03
* CVE-2019-5781: Insufficient policy enforcement in Omnibox. Reported by evi1m0 of Bilibili Security Team on 2018-10-18
- Added patches:
* chromium-crashpad-fix_aarch64.patch
* chromium-fix_swiftshader.patch
* chromium-webrtc-includes.patch
- Obsoleted patches:
* chromium-gcc8-alignof.patch
* chromium-initialize-list.patch
- Updated patches:
* chromium-dma-buf.patch
* chromium-non-void-return.patch
* chromium-skia-system-fontconfig.patch
* chromium-system-icu.patch
* chromium-vaapi.patch
- Try to reduce constraints to avoid being so much just in
scheduled state
Version: 105.0.5195.102-bp153.2.119.1
* Thu Sep 08 2022 Callum Farmer <gmbr3@opensuse.org>
- Chromium 105.0.5195.102 (boo#1203102):
* CVE-2022-3075: Insufficient data validation in Mojo
- Chromium 105.0.5195.52 (boo#1202964):
* CVE-2022-3038: Use after free in Network Service
* CVE-2022-3039: Use after free in WebSQL
* CVE-2022-3040: Use after free in Layout
* CVE-2022-3041: Use after free in WebSQL
* CVE-2022-3042: Use after free in PhoneHub
* CVE-2022-3043: Heap buffer overflow in Screen Capture
* CVE-2022-3044: Inappropriate implementation in Site Isolation
* CVE-2022-3045: Insufficient validation of untrusted input in V8
* CVE-2022-3046: Use after free in Browser Tag
* CVE-2022-3071: Use after free in Tab Strip
* CVE-2022-3047: Insufficient policy enforcement in Extensions API
* CVE-2022-3048: Inappropriate implementation in Chrome OS lockscreen
* CVE-2022-3049: Use after free in SplitScreen
* CVE-2022-3050: Heap buffer overflow in WebUI
* CVE-2022-3051: Heap buffer overflow in Exosphere
* CVE-2022-3052: Heap buffer overflow in Window Manager
* CVE-2022-3053: Inappropriate implementation in Pointer Lock
* CVE-2022-3054: Insufficient policy enforcement in DevTools
* CVE-2022-3055: Use after free in Passwords
* CVE-2022-3056: Insufficient policy enforcement in Content Security Policy
* CVE-2022-3057: Inappropriate implementation in iframe Sandbox
* CVE-2022-3058: Use after free in Sign-In Flow
- Added patches:
* chromium-105-AdjustMaskLayerGeometry-ceilf.patch
* chromium-105-Bitmap-include.patch
* chromium-105-browser_finder-include.patch
* chromium-105-raw_ptr-noexcept.patch
* chromium-105-Trap-raw_ptr.patch
* chromium-105-wayland-1.20.patch
* chromium-105-compiler.patch
- Removed patches:
* chromium-104-compiler.patch
* chromium-104-ContentRendererClient-type.patch
* chromium-78-protobuf-RepeatedPtrField-export.patch
* Thu Sep 01 2022 Paolo Stivanin <info@paolostivanin.com>
- Update chromium-symbolic.svg: this fixes bsc#1202403.
* Mon Aug 22 2022 Andreas Schwab <schwab@suse.de>
- Fix quoting in chrome-wrapper, don't put cwd on LD_LIBRARY_PATH
Version: 91.0.4472.114-bp153.2.13.1
* Mon Jun 21 2021 Andreas Stieger <andreas.stieger@gmx.de>
- fix crash upon exit boo#1186948
add chromium-91-1190561-boo1186948.patch
* Fri Jun 18 2021 Andreas Stieger <andreas.stieger@gmx.de>
- Chromium 91.0.4472.114 (boo#1187481)
* CVE-2021-30554: Use after free in WebGL
* CVE-2021-30555: Use after free in Sharing
* CVE-2021-30556: Use after free in WebAudio
* CVE-2021-30557: Use after free in TabGroups
* Wed Jun 16 2021 Andreas Stieger <andreas.stieger@gmx.de>
- Chromium 91.0.4472.106
* Fix use-after-free in SendTabToSelfSubMenuModel
* Destroy system-token NSSCertDatabase on the IO thread
* Wed Jun 09 2021 Andreas Stieger <andreas.stieger@gmx.de>
- Chromium 91.0.4472.101 (boo#1187141)
* CVE-2021-30544: Use after free in BFCache
* CVE-2021-30545: Use after free in Extensions
* CVE-2021-30546: Use after free in Autofill
* CVE-2021-30547: Out of bounds write in ANGLE
* CVE-2021-30548: Use after free in Loader
* CVE-2021-30549: Use after free in Spell check
* CVE-2021-30550: Use after free in Accessibility
* CVE-2021-30551: Type Confusion in V8
* CVE-2021-30552: Use after free in Extensions
* CVE-2021-30553: Use after free in Network service
* Various fixes from internal audits, fuzzing and other initiatives
Version: 100.0.4896.88-bp153.2.82.1
* Tue Apr 12 2022 Andreas Stieger <andreas.stieger@gmx.de>
- Chromium 100.0.4896.88 (boo#1198361)
* CVE-2022-1305: Use after free in storage
* CVE-2022-1306: Inappropriate implementation in compositing
* CVE-2022-1307: Inappropriate implementation in full screen
* CVE-2022-1308: Use after free in BFCache
* CVE-2022-1309: Insufficient policy enforcement in developer tools
* CVE-2022-1310: Use after free in regular expressions
* CVE-2022-1311: Use after free in Chrome OS shell
* CVE-2022-1312: Use after free in storage
* CVE-2022-1313: Use after free in tab groups
* CVE-2022-1314: Type Confusion in V8
* Various fixes from internal audits, fuzzing and other initiatives
* Sun Apr 10 2022 Callum Farmer <gmbr3@opensuse.org>
- Patches for GCC 12:
* chromium-fix-swiftshader-template.patch
* chromium-missing-include-tuple.patch
* chromium-webrtc-stats-missing-vector.patch
* Tue Apr 05 2022 Andreas Stieger <andreas.stieger@gmx.de>
- Chromium 100.0.4896.75:
* CVE-2022-1232: Type Confusion in V8 (boo#1198053)
* Wed Mar 30 2022 Callum Farmer <gmbr3@opensuse.org>
- Chromium 100.0.4896.60 (boo#1197680)
* CVE-2022-1125: Use after free in Portals
* CVE-2022-1127: Use after free in QR Code Generator
* CVE-2022-1128: Inappropriate implementation in Web Share API
* CVE-2022-1129: Inappropriate implementation in Full Screen Mode
* CVE-2022-1130: Insufficient validation of untrusted input in WebOTP
* CVE-2022-1131: Use after free in Cast UI
* CVE-2022-1132: Inappropriate implementation in Virtual Keyboard
* CVE-2022-1133: Use after free in WebRTC
* CVE-2022-1134: Type Confusion in V8
* CVE-2022-1135: Use after free in Shopping Cart
* CVE-2022-1136: Use after free in Tab Strip
* CVE-2022-1137: Inappropriate implementation in Extensions
* CVE-2022-1138: Inappropriate implementation in Web Cursor
* CVE-2022-1139: Inappropriate implementation in Background Fetch API
* CVE-2022-1141: Use after free in File Manager
* CVE-2022-1142: Heap buffer overflow in WebUI
* CVE-2022-1143: Heap buffer overflow in WebUI
* CVE-2022-1144: Use after free in WebUI
* CVE-2022-1145: Use after free in Extensions
* CVE-2022-1146: Inappropriate implementation in Resource Timing
- Added patches:
* chromium-100-compiler.patch
* chromium-100-GLImplementationParts-constexpr.patch
* chromium-100-InMilliseconds-constexpr.patch
* chromium-100-SCTHashdanceMetadata-move.patch
* chromium-100-macro-typo.patch
- Removed patches:
* chromium-98-compiler.patch
* chromium-86-nearby-explicit.patch
* chromium-glibc-2.34.patch
* chromium-v8-missing-utility-include.patch
* chromium-99-AutofillAssistantModelExecutor-NoDestructor.patch
* Tue Mar 29 2022 Andreas Schwab <schwab@suse.de>
- Update disk constraints
Version: 94.0.4606.81-bp153.2.34.1
* Sat Oct 09 2021 Callum Farmer <gmbr3@opensuse.org>
- Disable DCHECK(): that's for debug only
* Sat Oct 09 2021 Callum Farmer <gmbr3@opensuse.org>
- Disable DCHECK(): that's for debug only
* Fri Oct 08 2021 Callum Farmer <gmbr3@opensuse.org>
- Chromium 94.0.4606.81 (boo#1191463):
* CVE-2021-37977: Use after free in Garbage Collection
* CVE-2021-37978: Heap buffer overflow in Blink
* CVE-2021-37979: Heap buffer overflow in WebRTC
* CVE-2021-37980: Inappropriate implementation in Sandbox
- Re-add after accidental deletion:
* chromium-93-InkDropHost-crash.patch
Version: 90.0.4430.212-bp153.1.1
* Tue May 11 2021 Andreas Stieger <andreas.stieger@gmx.de>
- Chromium 90.0.4430.212 (boo#1185908)
* CVE-2021-30506: Incorrect security UI in Web App Installs
* CVE-2021-30507: Inappropriate implementation in Offline
* CVE-2021-30508: Heap buffer overflow in Media Feeds
* CVE-2021-30509: Out of bounds write in Tab Strip
* CVE-2021-30510: Race in Aura
* CVE-2021-30511: Out of bounds read in Tab Group
* CVE-2021-30512: Use after free in Notifications
* CVE-2021-30513: Type Confusion in V8
* CVE-2021-30514: Use after free in Autofill
* CVE-2021-30515: Use after free in File API
* CVE-2021-30516: Heap buffer overflow in History
* CVE-2021-30517: Type Confusion in V8
* CVE-2021-30518: Heap buffer overflow in Reader Mode
* CVE-2021-30519: Use after free in Payments
* CVE-2021-30520: Use after free in Tab Strip
- FTP support disabled at runtime by default since release 88.
Chromium 91 will remove support for ftp altogether
(boo#1185496)
* Thu May 06 2021 Callum Farmer <gmbr3@opensuse.org>
* Patch change *
- Fix build with GCC 11 again (bsc#1185716)
- Remove chromium-88-compiler.patch
- Remove chromium-90-cstdint.patch
- Remove chromium-90-gslang-linkage-fixup.patch
- Added chromium-90-compiler.patch
- Added chromium-90-angle-constexpr.patch
- Added chromium-90-TokenizedOutput-include.patch
- Added chromium-90-ruy-include.patch
- Added chromium-90-CrossThreadCopier-qualification.patch
- Added chromium-90-quantization_utils-include.patch
* Wed Apr 28 2021 Marcus Meissner <meissner@suse.com>
- Chromium 90.0.4430.93 (boo#1185398):
- CVE-2021-21227: Insufficient data validation in V8.
- CVE-2021-21232: Use after free in Dev Tools.
- CVE-2021-21233: Heap buffer overflow in ANGLE.
- CVE-2021-21228: Insufficient policy enforcement in extensions.
- CVE-2021-21229: Incorrect security UI in downloads.
- CVE-2021-21230: Type Confusion in V8.
- CVE-2021-21231: Insufficient data validation in V8.
- Reference: https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop_26.html
* Wed Apr 21 2021 Andreas Stieger <andreas.stieger@gmx.de>
- Chromium 90.0.4430.85 (boo#1185047):
* CVE-2021-21222: Heap buffer overflow in V8
* CVE-2021-21223: Integer overflow in Mojo
* CVE-2021-21224: Type Confusion in V8
* CVE-2021-21225: Out of bounds memory access in V8
* CVE-2021-21226: Use after free in navigation
- Chromium 90.0.4430.72 (boo#1184764):
* CVE-2021-21201: Use after free in permissions
* CVE-2021-21202: Use after free in extensions
* CVE-2021-21203: Use after free in Blink
* CVE-2021-21204: Use after free in Blink
* CVE-2021-21205: Insufficient policy enforcement in navigation
* CVE-2021-21221: Insufficient validation of untrusted input in Mojo
* CVE-2021-21207: Use after free in IndexedDB
* CVE-2021-21208: Insufficient data validation in QR scanner
* CVE-2021-21209: Inappropriate implementation in storage
* CVE-2021-21210: Inappropriate implementation in Network
* CVE-2021-21211: Inappropriate implementation in Navigatio
* CVE-2021-21212: Incorrect security UI in Network Config UI
* CVE-2021-21213: Use after free in WebMIDI
* CVE-2021-21214: Use after free in Network API
* CVE-2021-21215: Inappropriate implementation in Autofill
* CVE-2021-21216: Inappropriate implementation in Autofill
* CVE-2021-21217: Uninitialized Use in PDFium
* CVE-2021-21218: Uninitialized Use in PDFium
* CVE-2021-21219: Uninitialized Use in PDFiu
* drop chromium-89-quiche-private.patch
* drop chromium-89-quiche-dcheck.patch
* drop chromium-89-skia-CropRect.patch
* drop chromium-89-dawn-include.patch
* drop chromium-89-webcodecs-deps.patch
* drop chromium-89-AXTreeSerializer-include.patch
* drop libva-2.11.patch
* drop libva-2.11-nolegacy.patch
* drop chromium-84-blink-disable-clang-format.patch
- chromium-90-gslang-linkage-fixup.patch: fixed a weird static/nonpic error
- chromium-90-cstdint.patch: some cstd includes added
- chromium-90-fseal.patch: F_SEAL defines added
Version: 136.0.7103.59-bp156.2.113.2
* Fri May 02 2025 ro@suse.de
- Chromium 136.0.7103.48
(stable release 2025-04-29) (boo#1242153)
* CVE-2025-4096: Heap buffer overflow in HTML. Reported by Anonymous on 2025-04-11
* CVE-2025-4050: Out of bounds memory access in DevTools. Reported by Anonymous on 2025-04-09
* CVE-2025-4051: Insufficient data validation in DevTools. Reported by Daniel Fröjdendahl on 2025-03-1
* CVE-2025-4052: Inappropriate implementation in DevTools. Reported by vanillawebdev on 2025-03-10
- added patches:
chromium-warning-suppression-mappings.patch
(from upstream, revert for llvm < 20)
- dropped patches:
fix-build-with-pipewire-1.3.82.patch (upstream)
- modified patches:
chromium-125-compiler.patch (context)
gtk-414.patch (one more place with GSK_SUBSURFACE_NODE)
- bump esbuild from 0.24.0 to 0.25.1
* Fix incorrect paths in inline source maps (#4070, #4075, #4105)
* Fix invalid generated source maps (#4080, #4082, #4104, #4107)
* Fix a regression with non-file source map paths (#4078)
* Update Go from 1.23.5 to 1.23.7 (#4076, #4077)
* Thu Apr 24 2025 ro@suse.de
- Chromium 135.0.7049.114
(stable release 2025-04-22)
* stability fixes
* Tue Apr 22 2025 ro@suse.de
- add patch chromium-135-gperf-output.patch from upstream
to fix compilation when using gperp-3.2 and above
which resolved the issue with the FALLTHROUGH comment
Version: 133.0.6943.126-bp156.2.84.1
* Wed Feb 19 2025 Andreas Stieger <andreas.stieger@gmx.de>
- Chromium 133.0.6943.126 (boo#1237343)
* CVE-2025-0999: Heap buffer overflow in V8
* CVE-2025-1426: Heap buffer overflow in GPU
* CVE-2025-1006: Use after free in Network
* Tue Feb 18 2025 ro@suse.de
- replace "with qt" by "with qt5"
- add patch chromium-133-bring_back_and_disable_allowlist.patch
trying to fix issues with YT playback (bsc#1237071)
* Fri Feb 14 2025 Antonio Larrosa <alarrosa@suse.com>
- Fix patch to actually fix build with pipewire 1.3.82:
* fix-build-with-pipewire-1.3.82.patch
* Thu Feb 13 2025 Antonio Larrosa <alarrosa@suse.com>
- Add patch to fix build with pipewire 1.3.82:
* fix-build-with-pipewire-1.3.82.patch
Version: 133.0.6943.53-bp156.2.78.1
* Wed Feb 05 2025 ro@suse.de
- Chromium 133.0.6943.53
(stable released 2024-02-04) (bsc#1236806)
* CVE-2025-0444: Use after free in Skia
* CVE-2025-0445: Use after free in V8
* CVE-2025-0451: Inappropriate implementation in Extensions API
* Thu Jan 30 2025 ro@suse.de
- dropped patches: (obsolete with recent llvm)
chromium-130-no-hardware_destructive_interference_size.patch
* Thu Jan 30 2025 ro@suse.de
- dropped patches: (obsolete with recent llvm)
chromium-130-no-hardware_destructive_interference_size.patch
* Thu Jan 30 2025 ro@suse.de
- Chromium 133.0.6943.35
(beta released 2025-01-29)
- use llvm19 also on 15.6/SLE-15-SP6
- dropped patches:
chromium-125-disable-FFmpegAllowLists.patch
chromium-119-assert.patch
(code dropped upstream)
- modified patches
chromium-129-revert-AVFMT_FLAG_NOH264PARSE.patch
(rest of code is gone upstream, see commit
574c1e6678da435efb2ea9dba5dd890c2704b8af)
- update context in
chromium-102-regex_pattern-array.patch
chromium-125-ffmpeg-5.x-reordered_opaque.patch
- add to keeplibs:
third_party/simdutf
third_party/wasm_tts_engine (needed by tools/grit)
v8/third_party/siphash (moved inside of v8)
v8/third_party/utf8-decoder (moved inside of v8)
v8/third_party/valgrind (moved inside of v8)
- drop from keeplibs (gone in source):
third_party/jstemplate does not exist
third_party/qcms does not exist
- drop buildreq for libevent and libevent from system libs
as the lib was dropped upstream
- added patches (as revert for llvm17 in sp6):
chromium-add-atomicops.patch
(upstream commit d29b01737a841b5627249d50f007dcdc7e26462b)
(upstream commit 780efe38034cfdc1bdf4c74e82e7ca7c14e8ac5b
does not seem to be in 133 yet)
chromium-133-string_view.patch
(one more place to use string_view, also only llvm17)
- update INSTALL.sh to generate appdata.xml from template
Version: 132.0.6834.83-bp156.2.69.1
* Mon Jan 13 2025 ro@suse.de
- Chromium 132.0.6834.83
(stable released 2024-01-14) (bsc#1235892)
* CVE-2025-0434: Out of bounds memory access in V8
* CVE-2025-0435: Inappropriate implementation in Navigation
* CVE-2025-0436: Integer overflow in Skia
* CVE-2025-0437: Out of bounds read in Metrics
* CVE-2025-0438: Stack buffer overflow in Tracing
* CVE-2025-0439: Race in Frames
* CVE-2025-0440: Inappropriate implementation in Fullscreen
* CVE-2025-0441: Inappropriate implementation in Fenced Frames
* CVE-2025-0442: Inappropriate implementation in Payments
* CVE-2025-0443: Insufficient data validation in Extensions
* CVE-2025-0446: Inappropriate implementation in Extensions
* CVE-2025-0447: Inappropriate implementation in Navigation
* CVE-2025-0448: Inappropriate implementation in Compositing
- dropped patches:
* chromium-131-unbundle-enable-freetype.patch (upstream)
- added patches:
* chromium-8d882c289f17e3a67d6d67d5ff7e9d16ebb4f19a.patch
(apply git upstream reverse for 15.x with llvm17)
* chromium-93-ffmpeg-4.4-rest.patch
(split off to only apply after the reverse)
* chromium-132-old_libdrm.patch
(applied only on 15.5 with libdrm < 2.4.116)
* chromium-132-pdfium-explicit-template.patch
(error: alias template requires template arguments)
- update context in
* chromium-125-compiler.patch
* chromium-127-rust-clanglib.patch
* Cr122-ffmpeg-new-channel-layout.patch
* gcc-enable-lto.patch
* chromium-127-constexpr.patch
- update esbuild to 0.24.0
- drop old tarball
- use upstream release tarball for 0.24.0
- add vendor tarball for golang.org/x/sys
- add to keeplibs:
third_party/libtess2
third_party/devtools-frontend/src/node_modules/fast-glob
* Fri Jan 10 2025 ro@suse.de
- more work on 15.7/15-SP7 using recent llvm,rust,gcc
- cleanup use of suse_version macro
- cleanup use of conditionally applied patches, switch from
autoset to setup/autopatch which allows to specify a range
and apply remaining patches conditionally
* Wed Jan 08 2025 ro@suse.de
- Chromium 131.0.6778.264 (boo#1235422)
* CVE-2025-0291: Type Confusion in V8
* Various fixes from internal audits, fuzzing and other initiatives