Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package chromium for openSUSE:Factory checked in at 2022-01-22 08:18:08 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/chromium (Old) and /work/SRC/openSUSE:Factory/.chromium.new.1938 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "chromium" Sat Jan 22 08:18:08 2022 rev:320 rq:947860 version:97.0.4692.99 Changes: -------- --- /work/SRC/openSUSE:Factory/chromium/chromium.changes 2022-01-21 01:26:07.786295313 +0100 +++ /work/SRC/openSUSE:Factory/.chromium.new.1938/chromium.changes 2022-01-22 08:18:59.102579943 +0100 @@ -1,0 +2,31 @@ +Fri Jan 21 06:43:25 UTC 2022 - Andreas Stieger <andreas.stie...@gmx.de> + +- Chromium 97.0.4692.99 (boo#1194919): + * CVE-2022-0289: Use after free in Safe browsing + * CVE-2022-0290: Use after free in Site isolation + * CVE-2022-0291: Inappropriate implementation in Storage + * CVE-2022-0292: Inappropriate implementation in Fenced Frames + * CVE-2022-0293: Use after free in Web packaging + * CVE-2022-0294: Inappropriate implementation in Push messaging + * CVE-2022-0295: Use after free in Omnibox + * CVE-2022-0296: Use after free in Printing + * CVE-2022-0297: Use after free in Vulkan + * CVE-2022-0298: Use after free in Scheduling + * CVE-2022-0300: Use after free in Text Input Method Editor + * CVE-2022-0301: Heap buffer overflow in DevTools + * CVE-2022-0302: Use after free in Omnibox + * CVE-2022-0303: Race in GPU Watchdog + * CVE-2022-0304: Use after free in Bookmarks + * CVE-2022-0305: Inappropriate implementation in Service Worker API + * CVE-2022-0306: Heap buffer overflow in PDFium + * CVE-2022-0307: Use after free in Optimization Guide + * CVE-2022-0308: Use after free in Data Transfer + * CVE-2022-0309: Inappropriate implementation in Autofill + * CVE-2022-0310: Heap buffer overflow in Task Manager + * CVE-2022-0311: Heap buffer overflow in Task Manager + * Various fixes from internal audits, fuzzing and other initiatives +- drop upstreamed patches: + * fix-tag-dragging-in-Mutter.patch + * fix-tag-dragging-in-KWin.patch + +------------------------------------------------------------------- Old: ---- chromium-97.0.4692.71.tar.xz fix-tag-dragging-in-KWin.patch fix-tag-dragging-in-Mutter.patch New: ---- chromium-97.0.4692.99.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ chromium.spec ++++++ --- /var/tmp/diff_new_pack.h2riSB/_old 2022-01-22 08:19:04.318544794 +0100 +++ /var/tmp/diff_new_pack.h2riSB/_new 2022-01-22 08:19:04.326544740 +0100 @@ -49,7 +49,7 @@ # Chromium built with GCC 11 and LTO enabled crashes (boo#1194055) %bcond_with lto Name: chromium -Version: 97.0.4692.71 +Version: 97.0.4692.99 Release: 0 Summary: Google's open source browser project License: BSD-3-Clause AND LGPL-2.1-or-later @@ -103,8 +103,6 @@ Patch79: chromium-97-Point-constexpr.patch Patch80: chromium-97-ScrollView-reference.patch Patch81: chromium-95-libyuv-arm.patch -Patch82: fix-tag-dragging-in-Mutter.patch -Patch83: fix-tag-dragging-in-KWin.patch Patch101: chromium-86-fix-vaapi-on-intel.patch # PATCH-FIX-SUSE: allow prop codecs to be set with chromium branding Patch102: chromium-prop-codecs.patch ++++++ chromium-97.0.4692.71.tar.xz -> chromium-97.0.4692.99.tar.xz ++++++ /work/SRC/openSUSE:Factory/chromium/chromium-97.0.4692.71.tar.xz /work/SRC/openSUSE:Factory/.chromium.new.1938/chromium-97.0.4692.99.tar.xz differ: char 27, line 1