Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package chromium for openSUSE:Factory checked in at 2026-05-13 22:33:10 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/chromium (Old) and /work/SRC/openSUSE:Factory/.chromium.new.1966 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "chromium" Wed May 13 22:33:10 2026 rev:518 rq:1352906 version:148.0.7778.167 Changes: -------- --- /work/SRC/openSUSE:Factory/chromium/chromium.changes 2026-05-04 12:51:07.915587490 +0200 +++ /work/SRC/openSUSE:Factory/.chromium.new.1966/chromium.changes 2026-05-13 22:34:16.631077805 +0200 @@ -2 +2 @@ -Sun May 3 14:15:05 UTC 2026 - Andreas Stieger <[email protected]> +Tue May 12 22:37:03 UTC 2026 - Andreas Stieger <[email protected]> @@ -4,2 +4 @@ -- Fix build failure in seccomp_bpf sandbox - add chromium-fix-sandbox-with-glibc-2.43.patch +- Chromium 148.0.7778.167 (boo#1265159) @@ -8 +7 @@ -Thu Apr 30 06:20:24 UTC 2026 - Andreas Stieger <[email protected]> +Mon May 11 14:12:51 UTC 2026 - Ruediger Oertel <[email protected]> @@ -10,3 +9,5 @@ -- Chromium 148.0.7778.96 (earyly stable release 2026-04-29): - * no explicit changelog, includes security fixes from - 147.0.7727.137 (boo#1263158) +- added patches: + * disable-ai.patch + (do not attempt to download AI code behind the users back) +- changed patch ranges, global patches up to 449, + ppc patches from 450-599 now @@ -15 +16 @@ -Wed Apr 29 09:24:58 UTC 2026 - Andreas Stieger <[email protected]> +Wed May 6 06:13:04 UTC 2026 - Andreas Stieger <[email protected]> @@ -17 +18,131 @@ -- Chromium 148.0.7778.56 (early stable released 2026-04-23) +- Chromium 148 (148.0.7778.96) promoted to stable (boo#1264175) + * CVE-2026-7896: Integer overflow in Blink + * CVE-2026-7897: Use after free in Mobile + * CVE-2026-7898: Use after free in Chromoting + * CVE-2026-7899: Out of bounds read and write in V8 + * CVE-2026-7900: Heap buffer overflow in ANGLE + * CVE-2026-7901: Use after free in ANGLE + * CVE-2026-7902: Out of bounds memory access in V8 + * CVE-2026-7903: Integer overflow in ANGLE + * CVE-2026-7904: Out of bounds read in Fonts + * CVE-2026-7905: Insufficient validation of untrusted input in Media + * CVE-2026-7906: Use after free in SVG + * CVE-2026-7907: Use after free in DOM + * CVE-2026-7908: Use after free in Fullscreen + * CVE-2026-7909: Inappropriate implementation in ServiceWorker + * CVE-2026-7910: Use after free in Views + * CVE-2026-7911: Use after free in Aura + * CVE-2026-7912: Integer overflow in GPU + * CVE-2026-7913: Insufficient policy enforcement in DevTools + * CVE-2026-7914: Type Confusion in Accessibility + * CVE-2026-7915: Insufficient data validation in DevTools + * CVE-2026-7916: Insufficient data validation in InterestGroups + * CVE-2026-7917: Use after free in Fullscreen + * CVE-2026-7918: Use after free in GPU + * CVE-2026-7919: Use after free in Aura + * CVE-2026-7920: Use after free in Skia + * CVE-2026-7921: Use after free in Passwords + * CVE-2026-7922: Use after free in ServiceWorker + * CVE-2026-7923: Out of bounds write in Skia + * CVE-2026-7924: Uninitialized Use in Dawn + * CVE-2026-7925: Use after free in Chromoting + * CVE-2026-7926: Use after free in PresentationAPI + * CVE-2026-7927: Type Confusion in Runtime + * CVE-2026-7928: Use after free in WebRTC + * CVE-2026-7929: Use after free in MediaRecording + * CVE-2026-7930: Insufficient validation of untrusted input in Cookies + * CVE-2026-7931: Insufficient validation of untrusted input in iOS + * CVE-2026-7932: Insufficient policy enforcement in Downloads + * CVE-2026-7933: Out of bounds read in WebCodecs + * CVE-2026-7934: Insufficient validation of untrusted input in Popup Blocker + * CVE-2026-7935: Inappropriate implementation in Speech + * CVE-2026-7936: Object lifecycle issue in V8 + * CVE-2026-7937: Insufficient policy enforcement in DevTools + * CVE-2026-7938: Use after free in CSS + * CVE-2026-7939: Inappropriate implementation in SanitizerAPI + * CVE-2026-7940: Use after free in V8 + * CVE-2026-7941: Insufficient validation of untrusted input in Mobile + * CVE-2026-7942: Integer overflow in ANGLE + * CVE-2026-7943: Insufficient validation of untrusted input in ANGLE + * CVE-2026-7944: Insufficient validation of untrusted input in Persistent Cache + * CVE-2026-7945: Insufficient validation of untrusted input in COOP + * CVE-2026-7946: Insufficient policy enforcement in WebUI + * CVE-2026-7947: Insufficient validation of untrusted input in Network + * CVE-2026-7948: Race in Chromoting + * CVE-2026-7949: Out of bounds read in Skia + * CVE-2026-7950: Out of bounds read and write in GFX + * CVE-2026-7951: Out of bounds write in WebRTC + * CVE-2026-7952: Insufficient policy enforcement in Extensions + * CVE-2026-7953: Insufficient validation of untrusted input in Omnibox + * CVE-2026-7954: Race in Shared Storage + * CVE-2026-7955: Uninitialized Use in GPU + * CVE-2026-7956: Use after free in Navigation + * CVE-2026-7957: Out of bounds write in Media + * CVE-2026-7958: Inappropriate implementation in ServiceWorker + * CVE-2026-7959: Inappropriate implementation in Navigation + * CVE-2026-7960: Race in Speech + * CVE-2026-7961: Insufficient validation of untrusted input in Permissions + * CVE-2026-7962: Insufficient policy enforcement in DirectSockets + * CVE-2026-7963: Inappropriate implementation in ServiceWorker + * CVE-2026-7964: Insufficient validation of untrusted input in FileSystem + * CVE-2026-7965: Insufficient validation of untrusted input in DevTools + * CVE-2026-7966: Insufficient validation of untrusted input in SiteIsolation + * CVE-2026-7967: Insufficient validation of untrusted input in Navigation + * CVE-2026-7968: Insufficient validation of untrusted input in CORS + * CVE-2026-7969: Integer overflow in Network + * CVE-2026-7970: Use after free in TopChrome + * CVE-2026-7971: Inappropriate implementation in ORB + * CVE-2026-7972: Uninitialized Use in GPU + * CVE-2026-7973: Integer overflow in Dawn + * CVE-2026-7974: Use after free in Blink + * CVE-2026-7975: Use after free in DevTools + * CVE-2026-7976: Use after free in Views + * CVE-2026-7977: Inappropriate implementation in Canvas + * CVE-2026-7978: Inappropriate implementation in Companion + * CVE-2026-7979: Inappropriate implementation in Media + * CVE-2026-7980: Use after free in WebAudio + * CVE-2026-7981: Out of bounds read in Codecs + * CVE-2026-7982: Uninitialized Use in WebCodecs + * CVE-2026-7983: Out of bounds read in Dawn + * CVE-2026-7984: Use after free in ReadingMode + * CVE-2026-7985: Use after free in GPU + * CVE-2026-7986: Insufficient policy enforcement in Autofill + * CVE-2026-7987: Use after free in WebRTC + * CVE-2026-7988: Type Confusion in WebRTC + * CVE-2026-7989: Insufficient data validation in DataTransfer + * CVE-2026-7990: Insufficient validation of untrusted input in Updater + * CVE-2026-7991: Use after free in UI + * CVE-2026-7992: Insufficient validation of untrusted input in UI + * CVE-2026-7993: Insufficient validation of untrusted input in Payments + * CVE-2026-7994: Inappropriate implementation in Chromoting + * CVE-2026-7995: Out of bounds read in AdFilter + * CVE-2026-7996: Insufficient validation of untrusted input in SSL + * CVE-2026-7997: Insufficient validation of untrusted input in Updater + * CVE-2026-7998: Insufficient validation of untrusted input in Dialog + * CVE-2026-7999: Inappropriate implementation in V8 + * CVE-2026-8000: Insufficient validation of untrusted input in ChromeDriver + * CVE-2026-8001: Use after free in Printing + * CVE-2026-8002: Use after free in Audio + * CVE-2026-8003: Insufficient validation of untrusted input in TabGroups + * CVE-2026-8004: Insufficient policy enforcement in DevTools + * CVE-2026-8005: Insufficient validation of untrusted input in Cast + * CVE-2026-8006: Insufficient policy enforcement in DevTools + * CVE-2026-8007: Insufficient validation of untrusted input in Cast + * CVE-2026-8008: Inappropriate implementation in DevTools + * CVE-2026-8009: Inappropriate implementation in Cast + * CVE-2026-8010: Insufficient validation of untrusted input in SiteIsolation + * CVE-2026-8011: Insufficient policy enforcement in Search + * CVE-2026-8012: Inappropriate implementation in MHTML + * CVE-2026-8013: Insufficient validation of untrusted input in FedCM + * CVE-2026-8014: Inappropriate implementation in Preload + * CVE-2026-8015: Inappropriate implementation in Media + * CVE-2026-8016: Use after free in WebRTC + * CVE-2026-8017: Side-channel information leakage in Media + * CVE-2026-8018: Insufficient policy enforcement in DevTools + * CVE-2026-8019: Insufficient policy enforcement in WebApp + * CVE-2026-8020: Uninitialized Use in GPU + * CVE-2026-8021: Script injection in UI + * CVE-2026-8022: Inappropriate implementation in MHTML +- Fix build failure in seccomp_bpf sandbox + previously chromium-fix-sandbox-with-glibc-2.43.patch + add chromium-148-sandbox-glibc-2.43.patch Old: ---- chromium-148.0.7778.96-linux.tar.xz New: ---- chromium-148-sandbox-glibc-2.43.patch chromium-148.0.7778.167-linux.tar.xz disable-ai.patch ----------(New B)---------- New: previously chromium-fix-sandbox-with-glibc-2.43.patch add chromium-148-sandbox-glibc-2.43.patch - bump version in buildrequires for gn (0.20260331) New:- added patches: * disable-ai.patch (do not attempt to download AI code behind the users back) ----------(New E)---------- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ chromium.spec ++++++ --- /var/tmp/diff_new_pack.0KOx9i/_old 2026-05-13 22:34:30.963668562 +0200 +++ /var/tmp/diff_new_pack.0KOx9i/_new 2026-05-13 22:34:30.963668562 +0200 @@ -132,7 +132,7 @@ %global official_build 1 Name: chromium%{n_suffix} -Version: 148.0.7778.96 +Version: 148.0.7778.167 Release: 0 Summary: Google's open source browser project License: BSD-3-Clause AND LGPL-2.1-or-later @@ -169,7 +169,7 @@ # gentoo/fedora/arch patchset Patch15: chromium-125-compiler.patch Patch98: chromium-102-regex_pattern-array.patch -Patch99: chromium-fix-sandbox-with-glibc-2.43.patch +Patch99: chromium-148-sandbox-glibc-2.43.patch # PATCH-FIX-SUSE: allow prop codecs to be set with chromium branding Patch202: chromium-prop-codecs.patch Patch240: chromium-117-string-convert.patch @@ -202,13 +202,14 @@ Patch397: chromium-146-has_no_clone.patch Patch398: chromium-147-comment_safe_assert.patch Patch399: chromium-148-no_dep_on_intree_rustc_binary.patch +Patch400: disable-ai.patch # conditionally applied patches ppc64le only # where applicable patch numbers from fedora specfile + 100 -Patch400: chromium-141-glibc-2.42-SYS_SECCOMP.patch -Patch402: ppc-fedora-memory-allocator-dcheck-assert-fix.patch +Patch451: chromium-141-glibc-2.42-SYS_SECCOMP.patch +Patch452: ppc-fedora-memory-allocator-dcheck-assert-fix.patch # similar to patch 483 but in llvm-10 tree # so we do not use chromium-143-swiftshader-llvm-16.0.patch -Patch403: 0001-swiftshader-fix-build-llvm10.patch +Patch453: 0001-swiftshader-fix-build-llvm10.patch # Patch459: ppc-fedora-add-ppc64-architecture-string.patch Patch461: ppc-fedora-0001-sandbox-Enable-seccomp_bpf-for-ppc64.patch @@ -549,10 +550,10 @@ %prep %setup -q -n %{rname}-%{version} # apply all patches up to 399 -%autopatch -p1 -M 399 +%autopatch -p1 -M 449 %ifarch ppc64le -%autopatch -p1 -m 400 -M 599 +%autopatch -p1 -m 450 -M 599 %endif %if %{without libxml2_2_12} ++++++ _scmsync.obsinfo ++++++ --- /var/tmp/diff_new_pack.0KOx9i/_old 2026-05-13 22:34:31.179677465 +0200 +++ /var/tmp/diff_new_pack.0KOx9i/_new 2026-05-13 22:34:31.183677630 +0200 @@ -1,6 +1,6 @@ -mtime: 1777817800 -commit: 1ce3f077d8e4479a33a87274719bd04334b52ea715fe3ae10e0d8b4e6c4eb1df +mtime: 1778625659 +commit: b61713213222fc7e16af45c06ee820116df72c0c1934da783e3bc2c4dfa8d2e9 url: https://src.opensuse.org/chromium/chromium -revision: 1ce3f077d8e4479a33a87274719bd04334b52ea715fe3ae10e0d8b4e6c4eb1df +revision: b61713213222fc7e16af45c06ee820116df72c0c1934da783e3bc2c4dfa8d2e9 projectscmsync: https://src.opensuse.org/chromium/_ObsPrj.git ++++++ build.specials.obscpio ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/chromium-fix-sandbox-with-glibc-2.43.patch new/chromium-fix-sandbox-with-glibc-2.43.patch --- old/chromium-fix-sandbox-with-glibc-2.43.patch 2026-05-03 16:16:40.000000000 +0200 +++ new/chromium-fix-sandbox-with-glibc-2.43.patch 1970-01-01 01:00:00.000000000 +0100 @@ -1,12 +0,0 @@ -Source: Gentoo, https://github.com/gentoo/gentoo/blob/master/www-client/chromium/files/cr144-glibc-2.43.patch -Upstream: Reported, https://crbug.com/456218403 -Reason: Fix build with glibc 2.43 - ---- a/sandbox/linux/system_headers/linux_seccomp.h -+++ b/sandbox/linux/system_headers/linux_seccomp.h -@@ -7,4 +7,5 @@ - - #include <stdint.h> -+#include <signal.h> - #include <sys/ioctl.h> - ++++++ build.specials.obscpio ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/.gitignore new/.gitignore --- old/.gitignore 1970-01-01 01:00:00.000000000 +0100 +++ new/.gitignore 2026-05-13 00:40:59.000000000 +0200 @@ -0,0 +1,4 @@ +.osc +*.patch~ +*-build/ +.*.swp ++++++ chromium-148-sandbox-glibc-2.43.patch ++++++ Source: Gentoo, https://github.com/gentoo/gentoo/blob/master/www-client/chromium/files/cr144-glibc-2.43.patch Upstream: Reported, https://crbug.com/456218403 Reason: Fix build with glibc 2.43 --- a/sandbox/linux/system_headers/linux_seccomp.h +++ b/sandbox/linux/system_headers/linux_seccomp.h @@ -7,4 +7,5 @@ #include <stdint.h> +#include <signal.h> #include <sys/ioctl.h> ++++++ chromium-148.0.7778.96-linux.tar.xz -> chromium-148.0.7778.167-linux.tar.xz ++++++ /work/SRC/openSUSE:Factory/chromium/chromium-148.0.7778.96-linux.tar.xz /work/SRC/openSUSE:Factory/.chromium.new.1966/chromium-148.0.7778.167-linux.tar.xz differ: char 15, line 1 ++++++ disable-ai.patch ++++++ ++++ 1308 lines (skipped)
