Hello community, here is the log from the commit of package chromium for openSUSE:Factory checked in at 2017-10-28 14:22:11 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/chromium (Old) and /work/SRC/openSUSE:Factory/.chromium.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "chromium" Sat Oct 28 14:22:11 2017 rev:167 rq:537047 version:62.0.3202.75 Changes: -------- --- /work/SRC/openSUSE:Factory/chromium/chromium.changes 2017-09-23 21:37:57.122886183 +0200 +++ /work/SRC/openSUSE:Factory/.chromium.new/chromium.changes 2017-10-28 14:23:00.400651550 +0200 @@ -1,0 +2,59 @@ +Fri Oct 27 09:17:02 UTC 2017 - [email protected] + +- Version update to 62.0.3202.75 bsc#1065405 CVE-2017-15396 + * CVE-2017-15396: Stack overflow in V8 + +------------------------------------------------------------------- +Thu Oct 26 12:09:53 UTC 2017 - [email protected] + +- BuildRequire nodejs6 required for polymer-bundler.js + +------------------------------------------------------------------- +Thu Oct 26 09:19:09 UTC 2017 - [email protected] + +- Try to export properly CXX/CC variable to fix leap builds + +------------------------------------------------------------------- +Wed Oct 25 17:52:44 UTC 2017 - [email protected] + +- Apply patch to fix building crc32 with gcc7: + * chromium-62.0.3202.62-correct-cplusplus-check.patch + +------------------------------------------------------------------- +Thu Oct 19 03:29:56 UTC 2017 - [email protected] + +- Update to 62.0.3202.62 bsc#1064066: + * CVE-2017-5124: UXSS with MHTML. + * CVE-2017-5125: Heap overflow in Skia. + * CVE-2017-5126: Use after free in PDFium. + * CVE-2017-5127: Use after free in PDFium. + * CVE-2017-5128: Heap overflow in WebGL. + * CVE-2017-5129: Use after free in WebAudio. + * CVE-2017-5132: Incorrect stack manipulation in WebAssembly. + * CVE-2017-5130: Heap overflow in libxml2. + * CVE-2017-5131: Out of bounds write in Skia. + * CVE-2017-5133: Out of bounds write in Skia. + * CVE-2017-15386: UI spoofing in Blink. + * CVE-2017-15387: Content security bypass. + * CVE-2017-15388: Out of bounds read in Skia. + * CVE-2017-15389: URL spoofing in OmniBox. + * CVE-2017-15390: URL spoofing in OmniBox. + * CVE-2017-15391: Extension limitation bypass in Extensions. + * CVE-2017-15392: Incorrect registry key handling in PlatformIntegration. + * CVE-2017-15393: Referrer leak in Devtools. + * CVE-2017-15394: URL spoofing in extensions UI. + * CVE-2017-15395: Null pointer dereference in ImageCapture. +- Drop unused patches: + * arm-webrtc-fix.patch + * arm_use_right_compiler.patch + * chromium-46.0.2490.71-fix-missing-i18n_process_css_test.patch + * chromium-atk.patch + * chromium-mojo-dep.patch + * gcc60-fixes.diff +- Refresh patches: + * chromium-gcc5.patch + * chromium-prop-codecs.patch + * exclude_ymp.diff + * fix-gn-bootstrap.diff + +------------------------------------------------------------------- Old: ---- arm-webrtc-fix.patch arm_use_right_compiler.patch chromium-46.0.2490.71-fix-missing-i18n_process_css_test.patch chromium-61.0.3163.100.tar.xz chromium-atk.patch chromium-mojo-dep.patch gcc60-fixes.diff New: ---- chromium-62.0.3202.62-correct-cplusplus-check.patch chromium-62.0.3202.75.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ chromium.spec ++++++ --- /var/tmp/diff_new_pack.TEwvVh/_old 2017-10-28 14:23:15.080114926 +0200 +++ /var/tmp/diff_new_pack.TEwvVh/_new 2017-10-28 14:23:15.084114780 +0200 @@ -30,12 +30,16 @@ %else %bcond_without sle_bundles %endif -%bcond_with system_icu +%if 0%{?suse_version} >= 1330 +%bcond_without system_libxml +%else %bcond_with system_libxml +%endif +%bcond_with system_icu %bcond_with system_vpx %bcond_with clang Name: chromium -Version: 61.0.3163.100 +Version: 62.0.3202.75 Release: 0 Summary: Google's open source browser project License: BSD-3-Clause AND LGPL-2.1+ @@ -58,23 +62,15 @@ Patch2: chromium-master-prefs-path.patch # PATCH-FIX-OPENSUSE Compile the sandbox with -fPIE settings Patch4: chromium-sandbox-pie.patch -# PATCH-FIX-OPENSUSE chromium-46.0.2490.71-fix-missing-i18n_process_css_test.patch - file was removed -Patch5: chromium-46.0.2490.71-fix-missing-i18n_process_css_test.patch # PATCH-FIX-OPENSUSE fix_building_widevinecdm_with_chromium.patch - Enable WideVine plugin Patch6: fix_building_widevinecdm_with_chromium.patch # PATCH-FIX-OPENSUSE fix_network_api_crash.patch - Fix crash in network API, e.g. when using chromecast extension Patch7: fix_network_api_crash.patch -# Gcc fix -Patch10: gcc60-fixes.diff Patch12: chromium-dma-buf.patch Patch14: chromium-buildname.patch -Patch15: chromium-mojo-dep.patch -Patch16: chromium-atk.patch -Patch17: chromium-60.0.3112.113-breakpad-ucontext.patch -Patch18: chromium-gcc5.patch -# archlinux arm enhancement patches -Patch100: arm-webrtc-fix.patch -Patch101: arm_use_right_compiler.patch +Patch15: chromium-gcc5.patch +Patch16: chromium-60.0.3112.113-breakpad-ucontext.patch +Patch17: chromium-62.0.3202.62-correct-cplusplus-check.patch # GN buildsystem related patches Patch200: chromium-last-commit-position-r0.patch Patch201: fix-gn-bootstrap.diff @@ -100,7 +96,7 @@ BuildRequires: libva-devel BuildRequires: ncurses-devel BuildRequires: ninja >= 1.7.2 -BuildRequires: nodejs >= 4.6.1 +BuildRequires: nodejs6 BuildRequires: pam-devel BuildRequires: pkgconfig BuildRequires: procps @@ -199,7 +195,7 @@ # while it would build for %arm, we exclude it as it takes forever to build ExcludeArch: %{arm} aarch64 i586 ppc ppc64 ppc64le %if %{with system_libxml} -BuildRequires: pkgconfig(libxml-2.0) +BuildRequires: pkgconfig(libxml-2.0) >= 2.9.5 %endif %if !%{with sle_bundles} BuildRequires: python-beautifulsoup4 @@ -227,8 +223,6 @@ BuildRequires: gcc >= 6.0 BuildRequires: gcc-c++ >= 6.0 %else -BuildRequires: gcc -BuildRequires: gcc-c++ BuildRequires: gcc6 BuildRequires: gcc6-c++ %endif @@ -241,7 +235,6 @@ Summary: WebDriver for Google Chrome/Chromium License: BSD-3-Clause Group: Development/Tools/Other -Url: http://code.google.com/p/chromedriver/ Requires: %{name} = %{version} %description -n chromedriver @@ -259,22 +252,13 @@ %patch1 %patch2 %patch4 -%patch5 -p1 %patch6 -p1 %patch7 -%if !%{with clang} -%patch10 -p1 -%endif %patch12 -p1 %patch14 -p1 %patch15 -p1 %patch16 -p1 %patch17 -p1 -%patch18 -p1 - -# archlinux arm enhancements -%patch100 -%patch101 # Copy the toolchain settings mkdir toolchain @@ -324,6 +308,7 @@ third_party/ced third_party/cld_2 third_party/cld_3 + third_party/crc32c third_party/cros_system_api third_party/devscripts third_party/dom_distiller_js @@ -362,7 +347,7 @@ third_party/modp_b64 third_party/mt19937ar third_party/node - third_party/node/node_modules/vulcanize/third_party/UglifyJS2 + third_party/node/node_modules/polymer-bundler/lib/third_party/UglifyJS2 third_party/openh264 third_party/openmax_dl third_party/ots @@ -372,7 +357,7 @@ third_party/pdfium/third_party/build third_party/pdfium/third_party/bigint third_party/pdfium/third_party/freetype - third_party/pdfium/third_party/lcms2-2.6 + third_party/pdfium/third_party/lcms third_party/pdfium/third_party/libopenjpeg20 third_party/pdfium/third_party/libpng16 third_party/pdfium/third_party/libtiff @@ -383,6 +368,7 @@ third_party/qcms third_party/sfntly third_party/skia + third_party/skia/third_party/gif third_party/skia/third_party/vulkan third_party/smhasher third_party/spirv-headers @@ -404,7 +390,6 @@ url/third_party/mozilla v8/src/third_party/valgrind v8/third_party/inspector_protocol - third_party/libva ) %if %{with sle_bundles} keeplibs+=( @@ -458,6 +443,11 @@ %if 0%{?suse_version} < 1330 export CC=gcc-6 export CXX=g++-6 +# some still call gcc/g++ +mkdir "$HOME/bin/" +ln -s /usr/bin/$CC $HOME/bin/gcc +ln -s /usr/bin/$CXX $HOME/bin/g++ +export PATH="$HOME/bin/:$PATH" %endif %endif # do not eat all memory @@ -565,13 +555,7 @@ myconf_gn+=" google_default_client_id=\"${google_default_client_id}\"" myconf_gn+=" google_default_client_secret=\"${google_default_client_secret}\"" -third_party/libaddressinput/chromium/tools/update-strings.py - -if [ ! -f chrome/test/data/webui/i18n_process_css_test.html ]; then - touch chrome/test/data/webui/i18n_process_css_test.html -fi - -tools/gn/bootstrap/bootstrap.py -v --gn-gen-args "${myconf_gn}" +tools/gn/bootstrap/bootstrap.py -s -v --gn-gen-args "${myconf_gn}" # GN does not support passing cflags: # https://bugs.chromium.org/p/chromium/issues/detail?id=642016 out/Release/gn gen --args="${myconf_gn}" out/Release @@ -662,7 +646,6 @@ /sbin/ldconfig %{_libdir}/chromium %files -%defattr(-,root,root,-) %verify(not mode) %{_libexecdir}/chrome_sandbox %doc AUTHORS LICENSE %config %{_sysconfdir}/chromium @@ -681,7 +664,6 @@ %{_bindir}/chromium %files -n chromedriver -%defattr(-,root,root,-) %{_libdir}/chromium/chromedriver %changelog ++++++ chromium-62.0.3202.62-correct-cplusplus-check.patch ++++++ diff -up chromium-62.0.3202.62/third_party/crc32c/src/include/crc32c/crc32c.h.fix-cplusplus-conditional chromium-62.0.3202.62/third_party/crc32c/src/include/crc32c/crc32c.h --- chromium-62.0.3202.62/third_party/crc32c/src/include/crc32c/crc32c.h.fix-cplusplus-conditional 2017-10-17 15:12:35.000000000 -0400 +++ chromium-62.0.3202.62/third_party/crc32c/src/include/crc32c/crc32c.h 2017-10-19 11:41:45.860279576 -0400 @@ -38,6 +38,8 @@ inline uint32_t Crc32c(const std::string // Visual Studio provides a <string_view> header even in C++11 mode. When // included, the header issues an #error. (C1189) #if !defined(_MSC_VER) || __cplusplus >= 201703L +// GCC issues an #error if __cplusplus <= 201402L +#if defined(__GNUC__) && __cplusplus > 201402L #include <string_view> // Comptues the CRC32C of the bytes in the string_view. @@ -46,6 +48,7 @@ inline uint32_t Crc32c(const std::string string_view.size()); } +#endif // defined(__GNUC__) && __cplusplus > 201402L #endif // !defined(_MSC_VER) || __cplusplus >= 201703L #endif // __has_include(<string_view>) #endif // defined(__has_include) ++++++ chromium-61.0.3163.100.tar.xz -> chromium-62.0.3202.75.tar.xz ++++++ /work/SRC/openSUSE:Factory/chromium/chromium-61.0.3163.100.tar.xz /work/SRC/openSUSE:Factory/.chromium.new/chromium-62.0.3202.75.tar.xz differ: char 27, line 1 ++++++ chromium-gcc5.patch ++++++ --- /var/tmp/diff_new_pack.TEwvVh/_old 2017-10-28 14:23:15.204110393 +0200 +++ /var/tmp/diff_new_pack.TEwvVh/_new 2017-10-28 14:23:15.208110247 +0200 @@ -1,37 +1,5 @@ -Index: chromium-61.0.3163.79/chrome/browser/devtools/devtools_file_system_indexer.cc -=================================================================== ---- chromium-61.0.3163.79.orig/chrome/browser/devtools/devtools_file_system_indexer.cc -+++ chromium-61.0.3163.79/chrome/browser/devtools/devtools_file_system_indexer.cc -@@ -34,7 +34,6 @@ using base::TimeDelta; - using base::TimeTicks; - using content::BrowserThread; - using std::map; --using std::set; - using std::string; - using std::vector; - -@@ -191,7 +190,7 @@ vector<FilePath> Index::Search(const str - if (trigram != kUndefinedTrigram) - trigrams.push_back(trigram); - } -- set<FileId> file_ids; -+ std::set<FileId> file_ids; - bool first = true; - vector<Trigram>::const_iterator it = trigrams.begin(); - for (; it != trigrams.end(); ++it) { -@@ -203,7 +202,7 @@ vector<FilePath> Index::Search(const str - first = false; - continue; - } -- set<FileId> intersection = base::STLSetIntersection<set<FileId> >( -+ std::set<FileId> intersection = base::STLSetIntersection<std::set<FileId> >( - file_ids, index_[trigram]); - file_ids.swap(intersection); - } -Index: chromium-61.0.3163.79/third_party/WebKit/Source/platform/wtf/typed_arrays/ArrayBufferContents.h -=================================================================== ---- chromium-61.0.3163.79.orig/third_party/WebKit/Source/platform/wtf/typed_arrays/ArrayBufferContents.h -+++ chromium-61.0.3163.79/third_party/WebKit/Source/platform/wtf/typed_arrays/ArrayBufferContents.h +--- a/third_party/WebKit/Source/platform/wtf/typed_arrays/ArrayBufferContents.h ++++ b/third_party/WebKit/Source/platform/wtf/typed_arrays/ArrayBufferContents.h @@ -63,7 +63,7 @@ class WTF_EXPORT ArrayBufferContents { allocation_length_(0), data_(data), @@ -55,10 +23,8 @@ ReleaseReservedMemory(allocation_base_, allocation_length_); return; } -Index: chromium-61.0.3163.79/third_party/webrtc/modules/audio_processing/aec3/aec_state.cc -=================================================================== ---- chromium-61.0.3163.79.orig/third_party/webrtc/modules/audio_processing/aec3/aec_state.cc -+++ chromium-61.0.3163.79/third_party/webrtc/modules/audio_processing/aec3/aec_state.cc +--- a/third_party/webrtc/modules/audio_processing/aec3/aec_state.cc.orig 2017-08-15 12:45:59.433532111 +0000 ++++ b/third_party/webrtc/modules/audio_processing/aec3/aec_state.cc 2017-08-15 17:52:59.691328825 +0000 @@ -10,7 +10,7 @@ #include "webrtc/modules/audio_processing/aec3/aec_state.h" @@ -68,16 +34,3 @@ #include <numeric> #include <vector> -Index: chromium-61.0.3163.79/cc/paint/paint_op_buffer.cc -=================================================================== ---- chromium-61.0.3163.79.orig/cc/paint/paint_op_buffer.cc -+++ chromium-61.0.3163.79/cc/paint/paint_op_buffer.cc -@@ -207,7 +207,7 @@ TYPES(M); - #undef TYPES - - SkRect PaintOp::kUnsetRect = {SK_ScalarInfinity, 0, 0, 0}; --const size_t PaintOp::kMaxSkip; -+constexpr size_t PaintOp::kMaxSkip; - - std::string PaintOpTypeToString(PaintOpType type) { - switch (type) { ++++++ chromium-prop-codecs.patch ++++++ --- /var/tmp/diff_new_pack.TEwvVh/_old 2017-10-28 14:23:15.228109516 +0200 +++ /var/tmp/diff_new_pack.TEwvVh/_new 2017-10-28 14:23:15.228109516 +0200 @@ -1,9 +1,7 @@ -reverted: -Index: chromium-56.0.2914.3/media/BUILD.gn -=================================================================== ---- chromium-56.0.2914.3.orig/media/BUILD.gn -+++ chromium-56.0.2914.3/media/BUILD.gn -@@ -25,12 +24,6 @@ buildflag_header("media_features") { +diff -urN chromium-62.0.3192.0.orig/media/BUILD.gn chromium-62.0.3192.0/media/BUILD.gn +--- chromium-62.0.3192.0.orig/media/BUILD.gn 2017-08-25 11:22:39.294487172 +0200 ++++ chromium-62.0.3192.0/media/BUILD.gn 2017-08-25 11:25:41.674488175 +0200 +@@ -33,12 +33,6 @@ ] } @@ -13,6 +11,6 @@ - "proprietary codecs and ffmpeg_branding set to Chromium are incompatible") -} - - # Common configuration for targets in the media directory. - # NOT for exporting. - config("media_config") { + # Common configuration for targets in the media directory; these must not be + # exported since things like USE_NEON and USE_CRAS have different meanings + # elsewhere in the code base. ++++++ exclude_ymp.diff ++++++ --- /var/tmp/diff_new_pack.TEwvVh/_old 2017-10-28 14:23:15.256108492 +0200 +++ /var/tmp/diff_new_pack.TEwvVh/_new 2017-10-28 14:23:15.260108346 +0200 @@ -1,5 +1,5 @@ ---- components/mime_util/mime_util.cc 2013-08-25 10:12:05.428599992 +0200 -+++ components/mime_util/mime_util.cc 2013-08-25 10:12:05.428599992 +0200 +--- third_party/WebKit/common/mime_util/mime_util.cc 2013-08-25 10:12:05.428599992 +0200 ++++ third_party/WebKit/common/mime_util/mime_util.cc 2013-08-25 10:12:05.428599992 +0200 @@ -79,6 +79,7 @@ "text/x-csv", "text/x-vcf", ++++++ fix-gn-bootstrap.diff ++++++ --- /var/tmp/diff_new_pack.TEwvVh/_old 2017-10-28 14:23:15.272107907 +0200 +++ /var/tmp/diff_new_pack.TEwvVh/_new 2017-10-28 14:23:15.272107907 +0200 @@ -1,27 +1,68 @@ -commit 96c271f8ab2be7ea4199078ea65ac50c6ada4685 -Author: Pawel Hajdan, Jr <[email protected]> -Date: Wed Jul 26 21:51:54 2017 +0000 - - wip - -diff --git a/tools/gn/bootstrap/bootstrap.py b/tools/gn/bootstrap/bootstrap.py -index 1390560f8e37..ff2ae57c46b0 100755 --- a/tools/gn/bootstrap/bootstrap.py +++ b/tools/gn/bootstrap/bootstrap.py -@@ -449,6 +449,7 @@ def write_gn_ninja(path, root_gen_dir, options): +@@ -179,6 +179,7 @@ def build_gn_with_ninja_manually(tempdir, options): + + write_buildflag_header_manually(root_gen_dir, 'base/debug/debugging_flags.h', + { ++ 'ENABLE_LOCATION_SOURCE': 'false', + 'ENABLE_PROFILING': 'false', + 'CAN_UNWIND_WITH_FRAME_POINTERS': 'false' + }) +@@ -204,7 +205,7 @@ def build_gn_with_ninja_manually(tempdir, options): + + write_gn_ninja(os.path.join(tempdir, 'build.ninja'), + root_gen_dir, options) +- cmd = ['ninja', '-C', tempdir] ++ cmd = ['ninja', '-C', tempdir, '-w', 'dupbuild=err'] + if options.verbose: + cmd.append('-v') + +@@ -458,6 +459,7 @@ def write_gn_ninja(path, root_gen_dir, options): + 'base/metrics/bucket_ranges.cc', + 'base/metrics/field_trial.cc', + 'base/metrics/field_trial_param_associator.cc', ++ 'base/metrics/field_trial_params.cc', + 'base/metrics/histogram.cc', 'base/metrics/histogram_base.cc', 'base/metrics/histogram_functions.cc', - 'base/metrics/histogram_samples.cc', -+ 'base/metrics/histogram_snapshot_manager.cc', - 'base/metrics/metrics_hashes.cc', - 'base/metrics/persistent_histogram_allocator.cc', - 'base/metrics/persistent_memory_allocator.cc', -@@ -534,7 +535,7 @@ def write_gn_ninja(path, root_gen_dir, options): - 'base/trace_event/heap_profiler_allocation_context_tracker.cc', - 'base/trace_event/heap_profiler_allocation_register.cc', - 'base/trace_event/heap_profiler_event_filter.cc', -- 'base/trace_event/heap_profiler_event_writer.cc', -+ 'base/trace_event/heap_profiler_heap_dump_writer.cc', - 'base/trace_event/heap_profiler_serialization_state.cc', - 'base/trace_event/heap_profiler_stack_frame_deduplicator.cc', - 'base/trace_event/heap_profiler_type_name_deduplicator.cc', +@@ -507,6 +509,7 @@ def write_gn_ninja(path, root_gen_dir, options): + 'base/task_scheduler/scheduler_lock_impl.cc', + 'base/task_scheduler/scheduler_single_thread_task_runner_manager.cc', + 'base/task_scheduler/scheduler_worker.cc', ++ 'base/task_scheduler/scheduler_worker_pool.cc', + 'base/task_scheduler/scheduler_worker_pool_impl.cc', + 'base/task_scheduler/scheduler_worker_pool_params.cc', + 'base/task_scheduler/scheduler_worker_stack.cc', +@@ -523,6 +526,7 @@ def write_gn_ninja(path, root_gen_dir, options): + 'base/third_party/icu/icu_utf.cc', + 'base/third_party/nspr/prtime.cc', + 'base/threading/post_task_and_reply_impl.cc', ++ 'base/threading/scoped_blocking_call.cc', + 'base/threading/sequence_local_storage_map.cc', + 'base/threading/sequenced_task_runner_handle.cc', + 'base/threading/sequenced_worker_pool.cc', +@@ -579,7 +583,6 @@ def write_gn_ninja(path, root_gen_dir, options): + 'base/unguessable_token.cc', + 'base/value_iterators.cc', + 'base/values.cc', +- 'base/value_iterators.cc', + 'base/vlog.cc', + ]) + +@@ -652,7 +655,6 @@ def write_gn_ninja(path, root_gen_dir, options): + static_libraries['base']['sources'].extend([ + 'base/memory/shared_memory_handle_posix.cc', + 'base/memory/shared_memory_posix.cc', +- 'base/memory/shared_memory_tracker.cc', + 'base/nix/xdg_util.cc', + 'base/process/internal_linux.cc', + 'base/process/memory_linux.cc', +@@ -827,7 +829,7 @@ def build_gn_with_gn(temp_gn, build_dir, options): + cmd = [temp_gn, 'gen', build_dir, '--args=%s' % gn_gen_args] + check_call(cmd) + +- cmd = ['ninja', '-C', build_dir] ++ cmd = ['ninja', '-C', build_dir, '-w', 'dupbuild=err'] + if options.verbose: + cmd.append('-v') + cmd.append('gn')
