Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package chromium for openSUSE:Factory checked in at 2026-04-02 17:40:46 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/chromium (Old) and /work/SRC/openSUSE:Factory/.chromium.new.21863 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "chromium" Thu Apr 2 17:40:46 2026 rev:511 rq:1344023 version:146.0.7680.177 Changes: -------- --- /work/SRC/openSUSE:Factory/chromium/chromium.changes 2026-03-27 06:37:34.440469030 +0100 +++ /work/SRC/openSUSE:Factory/.chromium.new.21863/chromium.changes 2026-04-02 17:41:42.552700895 +0200 @@ -1,0 +2,28 @@ +Tue Mar 31 19:58:37 UTC 2026 - Andreas Stieger <[email protected]> + +- Chromium 146.0.7680.177 (boo#1261249) + * CVE-2026-5273: Use after free in CSS + * CVE-2026-5272: Heap buffer overflow in GPU + * CVE-2026-5274: Integer overflow in Codecs + * CVE-2026-5275: Heap buffer overflow in ANGLE + * CVE-2026-5276: Insufficient policy enforcement in WebUSB + * CVE-2026-5277: Integer overflow in ANGLE + * CVE-2026-5278: Use after free in Web MIDI + * CVE-2026-5279: Object corruption in V8 + * CVE-2026-5280: Use after free in WebCodecs + * CVE-2026-5281: Use after free in Dawn + * CVE-2026-5282: Out of bounds read in WebCodecs + * CVE-2026-5283: Inappropriate implementation in ANGLE + * CVE-2026-5284: Use after free in Dawn + * CVE-2026-5285: Use after free in WebGL + * CVE-2026-5286: Use after free in Dawn + * CVE-2026-5287: Use after free in PDF + * CVE-2026-5288: Use after free in WebView + * CVE-2026-5289: Use after free in Navigation + * CVE-2026-5290: Use after free in Compositing + * CVE-2026-5291: Inappropriate implementation in WebGL + * CVE-2026-5292: Out of bounds read in WebCodecs +- drop chromium-3bccbdead3efa7e91f7c9d4078106dedaed84fb8.patch + (included) + +------------------------------------------------------------------- Old: ---- chromium-146.0.7680.164-linux.tar.xz chromium-3bccbdead3efa7e91f7c9d4078106dedaed84fb8.patch New: ---- chromium-146.0.7680.177-linux.tar.xz ----------(Old B)---------- Old: * CVE-2026-5292: Out of bounds read in WebCodecs - drop chromium-3bccbdead3efa7e91f7c9d4078106dedaed84fb8.patch (included) ----------(Old E)---------- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ chromium.spec ++++++ --- /var/tmp/diff_new_pack.aP3Pdt/_old 2026-04-02 17:41:49.616993887 +0200 +++ /var/tmp/diff_new_pack.aP3Pdt/_new 2026-04-02 17:41:49.620994053 +0200 @@ -132,7 +132,7 @@ %global official_build 1 Name: chromium%{n_suffix} -Version: 146.0.7680.164 +Version: 146.0.7680.177 Release: 0 Summary: Google's open source browser project License: BSD-3-Clause AND LGPL-2.1-or-later @@ -265,8 +265,6 @@ Patch550: ppc-chromium-136-clang-config.patch # from debian Patch551: ppc-debian-0003-third_party-ffmpeg-Add-ppc64-generated-config.patch -# local -Patch580: chromium-3bccbdead3efa7e91f7c9d4078106dedaed84fb8.patch # conditionally applied patches # patch where libxml < 2.12 Patch1010: chromium-124-system-libxml.patch ++++++ _scmsync.obsinfo ++++++ --- /var/tmp/diff_new_pack.aP3Pdt/_old 2026-04-02 17:41:49.789001021 +0200 +++ /var/tmp/diff_new_pack.aP3Pdt/_new 2026-04-02 17:41:49.793001187 +0200 @@ -1,6 +1,6 @@ -mtime: 1774348447 -commit: ce6ce4bd7cb9a10d04c9151daa62a3a852cf125a6ed8d0694a816e05a1c3ce18 +mtime: 1775022080 +commit: a80bccc15d7f61dcc896e9632a9cc5a841b67f39bb7c38eae641af468c5f1f0a url: https://src.opensuse.org/chromium/chromium.git -revision: ce6ce4bd7cb9a10d04c9151daa62a3a852cf125a6ed8d0694a816e05a1c3ce18 +revision: a80bccc15d7f61dcc896e9632a9cc5a841b67f39bb7c38eae641af468c5f1f0a projectscmsync: https://src.opensuse.org/chromium/_ObsPrj.git ++++++ build.specials.obscpio ++++++ ++++++ build.specials.obscpio ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/.gitignore new/.gitignore --- old/.gitignore 1970-01-01 01:00:00.000000000 +0100 +++ new/.gitignore 2026-04-01 07:41:47.000000000 +0200 @@ -0,0 +1,4 @@ +.osc +*.patch~ +*-build/ +.*.swp ++++++ chromium-146.0.7680.164-linux.tar.xz -> chromium-146.0.7680.177-linux.tar.xz ++++++ /work/SRC/openSUSE:Factory/chromium/chromium-146.0.7680.164-linux.tar.xz /work/SRC/openSUSE:Factory/.chromium.new.21863/chromium-146.0.7680.177-linux.tar.xz differ: char 15, line 1
