Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package chromium for openSUSE:Factory
checked in at 2022-08-10 17:13:32
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/chromium (Old)
and /work/SRC/openSUSE:Factory/.chromium.new.1521 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "chromium"
Wed Aug 10 17:13:32 2022 rev:346 rq:994138 version:104.0.5112.79
Changes:
--------
--- /work/SRC/openSUSE:Factory/chromium/chromium.changes 2022-07-26
19:44:50.627916704 +0200
+++ /work/SRC/openSUSE:Factory/.chromium.new.1521/chromium.changes
2022-08-10 17:15:20.562027894 +0200
@@ -1,0 +2,36 @@
+Tue Aug 9 12:29:06 UTC 2022 - Callum Farmer <gm...@opensuse.org>
+
+- Chromium 104.0.5112.79 (boo#1202075)
+ * CVE-2022-2603: Use after free in Omnibox
+ * CVE-2022-2604: Use after free in Safe Browsing
+ * CVE-2022-2605: Out of bounds read in Dawn
+ * CVE-2022-2606: Use after free in Managed devices API
+ * CVE-2022-2607: Use after free in Tab Strip
+ * CVE-2022-2608: Use after free in Overview Mode
+ * CVE-2022-2609: Use after free in Nearby Share
+ * CVE-2022-2610: Insufficient policy enforcement in Background Fetch
+ * CVE-2022-2611: Inappropriate implementation in Fullscreen API
+ * CVE-2022-2612: Side-channel information leakage in Keyboard input
+ * CVE-2022-2613: Use after free in Input
+ * CVE-2022-2614: Use after free in Sign-In Flow
+ * CVE-2022-2615: Insufficient policy enforcement in Cookies
+ * CVE-2022-2616: Inappropriate implementation in Extensions API
+ * CVE-2022-2617: Use after free in Extensions API
+ * CVE-2022-2618: Insufficient validation of untrusted input in Internals
+ * CVE-2022-2619: Insufficient validation of untrusted input in Settings
+ * CVE-2022-2620: Use after free in WebUI
+ * CVE-2022-2621: Use after free in Extensions
+ * CVE-2022-2622: Insufficient validation of untrusted input in Safe Browsing
+ * CVE-2022-2623: Use after free in Offline
+ * CVE-2022-2624: Heap buffer overflow in PDF
+- Added patches:
+ * chromium-104-compiler.patch
+ * chromium-104-ContentRendererClient-type.patch
+ * chromium-104-tflite-system-zlib.patch
+- Removed patches:
+ * chromium-103-SubstringSetMatcher-packed.patch
+ * chromium-103-FrameLoadRequest-type.patch
+ * chromium-103-compiler.patch
+- Use FFmpeg 5.1 on TW
+
+-------------------------------------------------------------------
Old:
----
chromium-103-FrameLoadRequest-type.patch
chromium-103-SubstringSetMatcher-packed.patch
chromium-103-compiler.patch
chromium-103.0.5060.134.tar.xz
New:
----
chromium-104-ContentRendererClient-type.patch
chromium-104-compiler.patch
chromium-104-tflite-system-zlib.patch
chromium-104.0.5112.79.tar.xz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ chromium.spec ++++++
--- /var/tmp/diff_new_pack.3cmZ4l/_old 2022-08-10 17:15:31.310055948 +0200
+++ /var/tmp/diff_new_pack.3cmZ4l/_new 2022-08-10 17:15:31.310055948 +0200
@@ -39,17 +39,18 @@
%bcond_without system_freetype
%bcond_without arm_bti
%bcond_without system_icu
+%bcond_without ffmpeg_51
%else
%bcond_with system_harfbuzz
%bcond_with system_freetype
%bcond_with arm_bti
%bcond_with system_icu
+%bcond_with ffmpeg_51
%endif
%bcond_without pipewire
%bcond_without system_ffmpeg
%bcond_without system_zlib
%bcond_with system_vpx
-%bcond_with ffmpeg_51
# FFmpeg version
%if %{with ffmpeg_51}
@@ -66,7 +67,7 @@
%endif
Name: chromium
-Version: 103.0.5060.134
+Version: 104.0.5112.79
Release: 0
Summary: Google's open source browser project
License: BSD-3-Clause AND LGPL-2.1-or-later
@@ -101,7 +102,7 @@
Patch11: chromium-lp151-old-drm.patch
# gentoo/fedora/arch patchset
Patch12: chromium-78-protobuf-RepeatedPtrField-export.patch
-Patch15: chromium-103-compiler.patch
+Patch15: chromium-104-compiler.patch
Patch17: chromium-86-ImageMemoryBarrierData-init.patch
Patch21: chromium-gcc11.patch
Patch40: chromium-91-java-only-allowed-in-android-builds.patch
@@ -115,9 +116,9 @@
Patch87: chromium-98-gtk4-build.patch
Patch90: chromium-100-InMilliseconds-constexpr.patch
Patch98: chromium-102-regex_pattern-array.patch
-Patch101: chromium-103-FrameLoadRequest-type.patch
-Patch102: chromium-103-SubstringSetMatcher-packed.patch
Patch103: chromium-103-VirtualCursor-std-layout.patch
+Patch104: chromium-104-ContentRendererClient-type.patch
+Patch105: chromium-104-tflite-system-zlib.patch
Patch201: chromium-86-fix-vaapi-on-intel.patch
# PATCH-FIX-SUSE: allow prop codecs to be set with chromium branding
Patch202: chromium-prop-codecs.patch
@@ -151,6 +152,7 @@
BuildRequires: python3
BuildRequires: python3-setuptools
BuildRequires: python3-six
+BuildRequires: (python3-importlib-metadata if python3-base < 3.8)
BuildRequires: snappy-devel
BuildRequires: update-desktop-files
BuildRequires: util-linux
@@ -784,6 +786,8 @@
%if %{with system_freetype}
myconf_gn+=" use_system_freetype=true"
%endif
+myconf_gn+=" use_system_libwayland=true"
+myconf_gn+=" use_system_wayland_scanner=true"
myconf_gn+=" enable_hangout_services_extension=true"
myconf_gn+=" enable_vulkan=true"
%if %{with pipewire}
++++++ chromium-104-ContentRendererClient-type.patch ++++++
>From a61a70605f9efc81fead5bf6984bc5ce39f1569d Mon Sep 17 00:00:00 2001
From: Stephan Hartmann <sth...@googlemail.com>
Date: Fri, 27 May 2022 18:11:52 +0000
Subject: [PATCH] libstdc++: fix incomplete type of
content::ContentRendererClient
Destructor of std::unique_ptr in libstdc++ uses sizeof() which
requires full definition of media::AudioEncoder for return type of
cast_streaming::ResourceProvider.
---
content/public/renderer/content_renderer_client.cc | 1 +
1 file changed, 1 insertion(+)
diff --git a/content/public/renderer/content_renderer_client.cc
b/content/public/renderer/content_renderer_client.cc
index 63456aa..637a2a7 100644
--- a/content/public/renderer/content_renderer_client.cc
+++ b/content/public/renderer/content_renderer_client.cc
@@ -6,6 +6,7 @@
#include "base/command_line.h"
#include "build/build_config.h"
+#include "components/cast_streaming/renderer/public/resource_provider.h"
#include "content/public/common/content_switches.h"
#include "media/base/demuxer.h"
#include "media/base/renderer_factory.h"
--
2.35.1
++++++ chromium-103-compiler.patch -> chromium-104-compiler.patch ++++++
--- /work/SRC/openSUSE:Factory/chromium/chromium-103-compiler.patch
2022-06-26 11:58:46.432310774 +0200
+++ /work/SRC/openSUSE:Factory/.chromium.new.1521/chromium-104-compiler.patch
2022-08-10 17:14:46.817939819 +0200
@@ -1,6 +1,6 @@
From 307a0f63dd9b118f4b8470ed3d7567e81fdb7a6d Mon Sep 17 00:00:00 2001
From: Mike Gilbert <flop...@gentoo.org>
-Date: Tue, 3 May 2022 10:51:55 +0000
+Date: Fri, 27 May 2022 11:06:49 +0000
Subject: [PATCH] Disable various compiler configs
---
@@ -8,7 +8,7 @@
1 file changed, 17 insertions(+), 97 deletions(-)
diff --git a/build/config/compiler/BUILD.gn b/build/config/compiler/BUILD.gn
-index f378b95..cb2aeb3 100644
+index c90821e..dcb8b87 100644
--- a/build/config/compiler/BUILD.gn
+++ b/build/config/compiler/BUILD.gn
@@ -286,9 +286,7 @@ config("compiler") {
@@ -105,7 +105,7 @@
- if (!is_nacl && !(is_chromeos ||
- default_toolchain ==
"//build/toolchain/cros:target")) {
-- # TODO(https://crbug.com/1316298): Re-enable once test failure is
figured out
+- # TODO(https://crbug.com/1322823): Remove flags once potential
miscompile is investigated.
- cflags += [
- "-Xclang",
- "-no-opaque-pointers",
@@ -211,7 +211,7 @@
if (is_win) {
if (is_clang) {
cflags = [ "/Z7" ] # Debug information in the .obj files.
-@@ -2415,7 +2333,8 @@ config("symbols") {
+@@ -2413,7 +2331,8 @@ config("symbols") {
# Minimal symbols.
# This config guarantees to hold symbol for stack trace which are shown to
user
# when crash happens in unittests running on buildbot.
@@ -221,7 +221,7 @@
if (is_win) {
# Functions, files, and line tables only.
cflags = []
-@@ -2488,7 +2407,8 @@ config("minimal_symbols") {
+@@ -2486,7 +2405,8 @@ config("minimal_symbols") {
# This configuration contains function names only. That is, the compiler is
# told to not generate debug information and the linker then just puts
function
# names in the final debug information.
@@ -233,3 +233,4 @@
--
2.35.1
+
++++++ chromium-104-tflite-system-zlib.patch ++++++
---
a/third_party/tflite_support/src/tensorflow_lite_support/metadata/cc/metadata_extractor.cc
+++
b/third_party/tflite_support/src/tensorflow_lite_support/metadata/cc/metadata_extractor.cc
@@ -21,8 +21,8 @@ limitations under the License.
#include "absl/status/status.h" // from @com_google_absl
#include "absl/strings/str_format.h" // from @com_google_absl
#include "absl/strings/string_view.h" // from @com_google_absl
-#include "contrib/minizip/ioapi.h"
-#include "contrib/minizip/unzip.h"
+#include "third_party/zlib/contrib/minizip/ioapi.h"
+#include "third_party/zlib/contrib/minizip/unzip.h"
#include "flatbuffers/flatbuffers.h" // from @flatbuffers
#include "tensorflow/lite/schema/schema_generated.h"
#include "tensorflow_lite_support/cc/common.h"
---
a/third_party/tflite_support/src/tensorflow_lite_support/metadata/cc/metadata_populator.cc
+++
b/third_party/tflite_support/src/tensorflow_lite_support/metadata/cc/metadata_populator.cc
@@ -19,8 +19,8 @@ limitations under the License.
#include <cstring>
#include <functional>
-#include "contrib/minizip/ioapi.h"
-#include "contrib/minizip/zip.h"
+#include "third_party/zlib/contrib/minizip/ioapi.h"
+#include "third_party/zlib/contrib/minizip/zip.h"
#include "flatbuffers/flatbuffers.h" // from @flatbuffers
#include "tensorflow/lite/schema/schema_generated.h"
#include "tensorflow_lite_support/cc/common.h"
---
a/third_party/tflite_support/src/tensorflow_lite_support/metadata/cc/utils/zip_readonly_mem_file.cc
+++
b/third_party/tflite_support/src/tensorflow_lite_support/metadata/cc/utils/zip_readonly_mem_file.cc
@@ -19,7 +19,7 @@ limitations under the License.
#include <cstdio>
#include "absl/strings/string_view.h" // from @com_google_absl
-#include "contrib/minizip/ioapi.h"
+#include "third_party/zlib/contrib/minizip/ioapi.h"
namespace tflite {
namespace metadata {
---
a/third_party/tflite_support/src/tensorflow_lite_support/metadata/cc/utils/zip_readonly_mem_file.h
+++
b/third_party/tflite_support/src/tensorflow_lite_support/metadata/cc/utils/zip_readonly_mem_file.h
@@ -19,7 +19,7 @@ limitations under the License.
#include <cstdlib>
#include "absl/strings/string_view.h" // from @com_google_absl
-#include "contrib/minizip/ioapi.h"
+#include "third_party/zlib/contrib/minizip/ioapi.h"
namespace tflite {
namespace metadata {
---
a/third_party/tflite_support/src/tensorflow_lite_support/metadata/cc/utils/zip_writable_mem_file.cc
+++
b/third_party/tflite_support/src/tensorflow_lite_support/metadata/cc/utils/zip_writable_mem_file.cc
@@ -19,7 +19,7 @@ limitations under the License.
#include <cstdio>
#include "absl/strings/string_view.h" // from @com_google_absl
-#include "contrib/minizip/ioapi.h"
+#include "third_party/zlib/contrib/minizip/ioapi.h"
namespace tflite {
namespace metadata {
---
a/third_party/tflite_support/src/tensorflow_lite_support/metadata/cc/utils/zip_writable_mem_file.h
+++
b/third_party/tflite_support/src/tensorflow_lite_support/metadata/cc/utils/zip_writable_mem_file.h
@@ -19,7 +19,7 @@ limitations under the License.
#include <cstdlib>
#include "absl/strings/string_view.h" // from @com_google_absl
-#include "contrib/minizip/ioapi.h"
+#include "third_party/zlib/contrib/minizip/ioapi.h"
namespace tflite {
namespace metadata {
++++++ chromium-103.0.5060.134.tar.xz -> chromium-104.0.5112.79.tar.xz ++++++
/work/SRC/openSUSE:Factory/chromium/chromium-103.0.5060.134.tar.xz
/work/SRC/openSUSE:Factory/.chromium.new.1521/chromium-104.0.5112.79.tar.xz
differ: char 15, line 1
