Hello community, here is the log from the commit of package chromium for openSUSE:Factory checked in at 2017-12-08 13:00:10 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/chromium (Old) and /work/SRC/openSUSE:Factory/.chromium.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "chromium" Fri Dec 8 13:00:10 2017 rev:172 rq:554957 version:63.0.3239.84 Changes: -------- --- /work/SRC/openSUSE:Factory/chromium/chromium.changes 2017-11-23 09:44:07.333153277 +0100 +++ /work/SRC/openSUSE:Factory/.chromium.new/chromium.changes 2017-12-08 13:00:43.762444679 +0100 @@ -1,0 +2,32 @@ +Thu Dec 7 09:41:13 UTC 2017 - [email protected] + +- Version update to 63.0.3239.84 bsc#1071691: + * Critical CVE-2017-15407: Out of bounds write in QUIC. + * High CVE-2017-15408: Heap buffer overflow in PDFium. + * High CVE-2017-15409: Out of bounds write in Skia. + * High CVE-2017-15410: Use after free in PDFium. + * High CVE-2017-15411: Use after free in PDFium. + * High CVE-2017-15412: Use after free in libXML. + * High CVE-2017-15413: Type confusion in WebAssembly. + * Medium CVE-2017-15415: Pointer information disclosure in IPC call. + * Medium CVE-2017-15416: Out of bounds read in Blink. + * Medium CVE-2017-15417: Cross origin information disclosure in Skia. + * Medium CVE-2017-15418: Use of uninitialized value in Skia. + * Medium CVE-2017-15419: Cross origin leak of redirect URL in Blink. + * Medium CVE-2017-15420: URL spoofing in Omnibox. + * Medium CVE-2017-15422: Integer overflow in ICU. + * Low CVE-2017-15423: Issue with SPAKE implementation in BoringSSL. + * Low CVE-2017-15424: URL Spoof in Omnibox. + * Low CVE-2017-15425: URL Spoof in Omnibox. + * Low CVE-2017-15426: URL Spoof in Omnibox. + * Low CVE-2017-15427: Insufficient blocking of JavaScript in Omnibox. +- Rebase fix-gn-bootstrap.diff +- Drop merged patches: + * chromium-gcc5.patch + * chromium-60.0.3112.113-breakpad-ucontext.patch + * chromium-62.0.3202.62-correct-cplusplus-check.patch +- Add new patches: + * chromium-non-void-return.patch + * chromium-gcc.patch + +------------------------------------------------------------------- Old: ---- chromium-60.0.3112.113-breakpad-ucontext.patch chromium-62.0.3202.62-correct-cplusplus-check.patch chromium-62.0.3202.94.tar.xz chromium-gcc5.patch New: ---- chromium-63.0.3239.84.tar.xz chromium-gcc.patch chromium-non-void-return.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ chromium.spec ++++++ --- /var/tmp/diff_new_pack.BdwT3o/_old 2017-12-08 13:01:08.317557860 +0100 +++ /var/tmp/diff_new_pack.BdwT3o/_new 2017-12-08 13:01:08.321557716 +0100 @@ -19,7 +19,8 @@ %define rname chromium %if %{?suse_version} >= 1320 || (%{?suse_version} == 1315 && 0%{?leap_version} >= 420200) %bcond_without system_minizip -%bcond_without system_harfbuzz +# Disable harfbuzz as it needs to be build with the same freetype... atm bundle +%bcond_with system_harfbuzz %else %bcond_with system_minizip %bcond_with system_harfbuzz @@ -39,7 +40,7 @@ %bcond_with system_vpx %bcond_with clang Name: chromium -Version: 62.0.3202.94 +Version: 63.0.3239.84 Release: 0 Summary: Google's open source browser project License: BSD-3-Clause AND LGPL-2.1+ @@ -68,9 +69,8 @@ Patch7: fix_network_api_crash.patch Patch12: chromium-dma-buf.patch Patch14: chromium-buildname.patch -Patch15: chromium-gcc5.patch -Patch16: chromium-60.0.3112.113-breakpad-ucontext.patch -Patch17: chromium-62.0.3202.62-correct-cplusplus-check.patch +Patch15: chromium-gcc.patch +Patch16: chromium-non-void-return.patch # GN buildsystem related patches Patch200: chromium-last-commit-position-r0.patch Patch201: fix-gn-bootstrap.diff @@ -212,7 +212,7 @@ BuildRequires: pkgconfig(minizip) %endif %if %{with system_harfbuzz} -BuildRequires: pkgconfig(harfbuzz) >= 1.4.0 +BuildRequires: pkgconfig(harfbuzz) >= 1.5.0 %endif %if %{with system_icu} BuildRequires: pkgconfig(icu-i18n) >= 58.0 @@ -262,7 +262,6 @@ %patch14 -p1 %patch15 -p1 %patch16 -p1 -%patch17 -p1 # Copy the toolchain settings mkdir toolchain @@ -283,7 +282,6 @@ base/third_party/valgrind base/third_party/xdg_mime base/third_party/xdg_user_dirs - breakpad/src/third_party/curl chrome/third_party/mozilla_security_manager courgette/third_party net/third_party/mozilla_security_manager @@ -292,23 +290,26 @@ third_party/analytics third_party/angle third_party/angle/src/common/third_party/base - third_party/angle/src/common/third_party/murmurhash + third_party/angle/src/common/third_party/smhasher third_party/angle/src/third_party/compiler third_party/angle/src/third_party/libXNVCtrl third_party/angle/src/third_party/trace_event + third_party/blink third_party/boringssl + third_party/breakpad + third_party/breakpad/breakpad/src/third_party/curl third_party/brotli third_party/cacheinvalidation third_party/catapult third_party/catapult/third_party/polymer - third_party/catapult/third_party/py_vulcanize - third_party/catapult/third_party/py_vulcanize/third_party/rcssmin - third_party/catapult/third_party/py_vulcanize/third_party/rjsmin + third_party/catapult/common/py_vulcanize/third_party/rcssmin + third_party/catapult/common/py_vulcanize/third_party/rjsmin third_party/catapult/tracing/third_party/d3 third_party/catapult/tracing/third_party/gl-matrix third_party/catapult/tracing/third_party/jszip third_party/catapult/tracing/third_party/mannwhitneyu third_party/catapult/tracing/third_party/oboe + third_party/catapult/tracing/third_party/pako third_party/ced third_party/cld_2 third_party/cld_3 @@ -601,10 +602,6 @@ cp -a resources.pak %{buildroot}%{_libdir}/chromium/ cp -a chrome %{buildroot}%{_libdir}/chromium/chromium -cp -a chrome.1 %{buildroot}%{_mandir}/man1/chrome.1 -cp -a chrome.1 %{buildroot}%{_mandir}/man1/chromium.1 -%fdupes %{buildroot}%{_mandir}/man1/ - popd mkdir -p %{buildroot}%{_datadir}/icons/ @@ -657,7 +654,6 @@ %dir %{_datadir}/gnome-control-center %dir %{_datadir}/gnome-control-center/default-apps %{_libdir}/chromium/ -%{_mandir}/man1/chrom* %{_datadir}/applications/*.desktop %dir %{_datadir}/appdata/ %{_datadir}/appdata/chromium-browser.appdata.xml ++++++ chromium-62.0.3202.94.tar.xz -> chromium-63.0.3239.84.tar.xz ++++++ /work/SRC/openSUSE:Factory/chromium/chromium-62.0.3202.94.tar.xz /work/SRC/openSUSE:Factory/.chromium.new/chromium-63.0.3239.84.tar.xz differ: char 26, line 1 ++++++ chromium-gcc5.patch -> chromium-gcc.patch ++++++ --- /work/SRC/openSUSE:Factory/chromium/chromium-gcc5.patch 2017-10-28 14:23:00.372652574 +0200 +++ /work/SRC/openSUSE:Factory/.chromium.new/chromium-gcc.patch 2017-12-08 13:00:43.710446557 +0100 @@ -1,36 +1,65 @@ ---- a/third_party/WebKit/Source/platform/wtf/typed_arrays/ArrayBufferContents.h -+++ b/third_party/WebKit/Source/platform/wtf/typed_arrays/ArrayBufferContents.h -@@ -63,7 +63,7 @@ class WTF_EXPORT ArrayBufferContents { - allocation_length_(0), - data_(data), - data_length_(0), -- kind_(AllocationKind::kNormal), -+ kind_(WTF::ArrayBufferContents::AllocationKind::kNormal), - deleter_(deleter) {} - DataHandle(void* allocation_base, - size_t allocation_length, -@@ -94,11 +94,11 @@ class WTF_EXPORT ArrayBufferContents { - reinterpret_cast<uintptr_t>(allocation_base_) + - allocation_length_); - switch (kind_) { -- case AllocationKind::kNormal: -+ case WTF::ArrayBufferContents::AllocationKind::kNormal: - DCHECK(deleter_); - deleter_(data_); - return; -- case AllocationKind::kReservation: -+ case WTF::ArrayBufferContents::AllocationKind::kReservation: - ReleaseReservedMemory(allocation_base_, allocation_length_); - return; - } ---- a/third_party/webrtc/modules/audio_processing/aec3/aec_state.cc.orig 2017-08-15 12:45:59.433532111 +0000 -+++ b/third_party/webrtc/modules/audio_processing/aec3/aec_state.cc 2017-08-15 17:52:59.691328825 +0000 +Index: chromium-63.0.3239.30/third_party/webrtc/modules/audio_processing/aec3/aec_state.cc +=================================================================== +--- chromium-63.0.3239.30.orig/third_party/webrtc/modules/audio_processing/aec3/aec_state.cc ++++ chromium-63.0.3239.30/third_party/webrtc/modules/audio_processing/aec3/aec_state.cc @@ -10,7 +10,7 @@ - #include "webrtc/modules/audio_processing/aec3/aec_state.h" + #include "modules/audio_processing/aec3/aec_state.h" -#include <math.h> +#include <cmath> #include <numeric> #include <vector> +Index: chromium-63.0.3239.30/gpu/ipc/common/mailbox_struct_traits.h +=================================================================== +--- chromium-63.0.3239.30.orig/gpu/ipc/common/mailbox_struct_traits.h ++++ chromium-63.0.3239.30/gpu/ipc/common/mailbox_struct_traits.h +@@ -15,7 +15,7 @@ namespace mojo { + template <> + struct StructTraits<gpu::mojom::MailboxDataView, gpu::Mailbox> { + static base::span<const int8_t> name(const gpu::Mailbox& mailbox) { +- return mailbox.name; ++ return base::make_span(mailbox.name); + } + static bool Read(gpu::mojom::MailboxDataView data, gpu::Mailbox* out); + }; +Index: chromium-63.0.3239.30/services/viz/public/cpp/compositing/filter_operation_struct_traits.h +=================================================================== +--- chromium-63.0.3239.30.orig/services/viz/public/cpp/compositing/filter_operation_struct_traits.h ++++ chromium-63.0.3239.30/services/viz/public/cpp/compositing/filter_operation_struct_traits.h +@@ -134,7 +134,7 @@ struct StructTraits<viz::mojom::FilterOp + static base::span<const float> matrix(const cc::FilterOperation& operation) { + if (operation.type() != cc::FilterOperation::COLOR_MATRIX) + return base::span<const float>(); +- return operation.matrix(); ++ return base::make_span(operation.matrix()); + } + + static base::span<const gfx::Rect> shape( +Index: chromium-63.0.3239.30/services/viz/public/cpp/compositing/quads_struct_traits.h +=================================================================== +--- chromium-63.0.3239.30.orig/services/viz/public/cpp/compositing/quads_struct_traits.h ++++ chromium-63.0.3239.30/services/viz/public/cpp/compositing/quads_struct_traits.h +@@ -309,7 +309,7 @@ struct StructTraits<viz::mojom::TextureQ + static base::span<const float> vertex_opacity(const viz::DrawQuad& input) { + const viz::TextureDrawQuad* quad = + viz::TextureDrawQuad::MaterialCast(&input); +- return quad->vertex_opacity; ++ return base::make_span(quad->vertex_opacity); + } + + static bool y_flipped(const viz::DrawQuad& input) { +Index: chromium-63.0.3239.30/third_party/webrtc/p2p/base/port.cc +=================================================================== +--- chromium-63.0.3239.30.orig/third_party/webrtc/p2p/base/port.cc ++++ chromium-63.0.3239.30/third_party/webrtc/p2p/base/port.cc +@@ -12,6 +12,8 @@ + + #include <algorithm> + #include <vector> ++#include <math.h> ++#include <cmath> + + #include "p2p/base/common.h" + #include "p2p/base/portallocator.h" ++++++ chromium-non-void-return.patch ++++++ Index: chromium-63.0.3239.30/chrome/browser/ui/libgtkui/app_indicator_icon.cc =================================================================== --- chromium-63.0.3239.30.orig/chrome/browser/ui/libgtkui/app_indicator_icon.cc +++ chromium-63.0.3239.30/chrome/browser/ui/libgtkui/app_indicator_icon.cc @@ -97,6 +97,8 @@ bool ShouldUseLibAppIndicator() { case base::nix::DESKTOP_ENVIRONMENT_OTHER: case base::nix::DESKTOP_ENVIRONMENT_XFCE: return false; + default: + return false; } } ++++++ fix-gn-bootstrap.diff ++++++ --- /var/tmp/diff_new_pack.BdwT3o/_old 2017-12-08 13:01:08.445553238 +0100 +++ /var/tmp/diff_new_pack.BdwT3o/_new 2017-12-08 13:01:08.445553238 +0100 @@ -1,68 +0,0 @@ ---- a/tools/gn/bootstrap/bootstrap.py -+++ b/tools/gn/bootstrap/bootstrap.py -@@ -179,6 +179,7 @@ def build_gn_with_ninja_manually(tempdir, options): - - write_buildflag_header_manually(root_gen_dir, 'base/debug/debugging_flags.h', - { -+ 'ENABLE_LOCATION_SOURCE': 'false', - 'ENABLE_PROFILING': 'false', - 'CAN_UNWIND_WITH_FRAME_POINTERS': 'false' - }) -@@ -204,7 +205,7 @@ def build_gn_with_ninja_manually(tempdir, options): - - write_gn_ninja(os.path.join(tempdir, 'build.ninja'), - root_gen_dir, options) -- cmd = ['ninja', '-C', tempdir] -+ cmd = ['ninja', '-C', tempdir, '-w', 'dupbuild=err'] - if options.verbose: - cmd.append('-v') - -@@ -458,6 +459,7 @@ def write_gn_ninja(path, root_gen_dir, options): - 'base/metrics/bucket_ranges.cc', - 'base/metrics/field_trial.cc', - 'base/metrics/field_trial_param_associator.cc', -+ 'base/metrics/field_trial_params.cc', - 'base/metrics/histogram.cc', - 'base/metrics/histogram_base.cc', - 'base/metrics/histogram_functions.cc', -@@ -507,6 +509,7 @@ def write_gn_ninja(path, root_gen_dir, options): - 'base/task_scheduler/scheduler_lock_impl.cc', - 'base/task_scheduler/scheduler_single_thread_task_runner_manager.cc', - 'base/task_scheduler/scheduler_worker.cc', -+ 'base/task_scheduler/scheduler_worker_pool.cc', - 'base/task_scheduler/scheduler_worker_pool_impl.cc', - 'base/task_scheduler/scheduler_worker_pool_params.cc', - 'base/task_scheduler/scheduler_worker_stack.cc', -@@ -523,6 +526,7 @@ def write_gn_ninja(path, root_gen_dir, options): - 'base/third_party/icu/icu_utf.cc', - 'base/third_party/nspr/prtime.cc', - 'base/threading/post_task_and_reply_impl.cc', -+ 'base/threading/scoped_blocking_call.cc', - 'base/threading/sequence_local_storage_map.cc', - 'base/threading/sequenced_task_runner_handle.cc', - 'base/threading/sequenced_worker_pool.cc', -@@ -579,7 +583,6 @@ def write_gn_ninja(path, root_gen_dir, options): - 'base/unguessable_token.cc', - 'base/value_iterators.cc', - 'base/values.cc', -- 'base/value_iterators.cc', - 'base/vlog.cc', - ]) - -@@ -652,7 +655,6 @@ def write_gn_ninja(path, root_gen_dir, options): - static_libraries['base']['sources'].extend([ - 'base/memory/shared_memory_handle_posix.cc', - 'base/memory/shared_memory_posix.cc', -- 'base/memory/shared_memory_tracker.cc', - 'base/nix/xdg_util.cc', - 'base/process/internal_linux.cc', - 'base/process/memory_linux.cc', -@@ -827,7 +829,7 @@ def build_gn_with_gn(temp_gn, build_dir, options): - cmd = [temp_gn, 'gen', build_dir, '--args=%s' % gn_gen_args] - check_call(cmd) - -- cmd = ['ninja', '-C', build_dir] -+ cmd = ['ninja', '-C', build_dir, '-w', 'dupbuild=err'] - if options.verbose: - cmd.append('-v') - cmd.append('gn')
