commit chromium for openSUSE:Leap:15.2:Update
Hello community, here is the log from the commit of package chromium for openSUSE:Leap:15.2:Update checked in at 2020-11-05 14:12:57 Comparing /work/SRC/openSUSE:Leap:15.2:Update/chromium (Old) and /work/SRC/openSUSE:Leap:15.2:Update/.chromium.new.11331 (New) Package is "chromium" Thu Nov 5 14:12:57 2020 rev:11 rq:846131 version:unknown Changes: New Changes file: NO CHANGES FILE!!! Other differences: -- ++ _link ++ --- /var/tmp/diff_new_pack.btNZoD/_old 2020-11-05 14:12:59.183841702 +0100 +++ /var/tmp/diff_new_pack.btNZoD/_new 2020-11-05 14:12:59.187841693 +0100 @@ -1 +1 @@ - +
commit chromium for openSUSE:Leap:15.2:Update
Hello community, here is the log from the commit of package chromium for openSUSE:Leap:15.2:Update checked in at 2020-10-25 19:34:09 Comparing /work/SRC/openSUSE:Leap:15.2:Update/chromium (Old) and /work/SRC/openSUSE:Leap:15.2:Update/.chromium.new.3463 (New) Package is "chromium" Sun Oct 25 19:34:09 2020 rev:10 rq:843650 version:unknown Changes: New Changes file: NO CHANGES FILE!!! Other differences: -- ++ _link ++ --- /var/tmp/diff_new_pack.yJnoeO/_old 2020-10-25 19:34:10.591088385 +0100 +++ /var/tmp/diff_new_pack.yJnoeO/_new 2020-10-25 19:34:10.591088385 +0100 @@ -1 +1 @@ - +
commit chromium for openSUSE:Leap:15.2:Update
Hello community, here is the log from the commit of package chromium for openSUSE:Leap:15.2:Update checked in at 2020-10-22 07:51:25 Comparing /work/SRC/openSUSE:Leap:15.2:Update/chromium (Old) and /work/SRC/openSUSE:Leap:15.2:Update/.chromium.new.3463 (New) Package is "chromium" Thu Oct 22 07:51:25 2020 rev:9 rq:843148 version:unknown Changes: New Changes file: NO CHANGES FILE!!! Other differences: -- ++ _link ++ --- /var/tmp/diff_new_pack.teaU8l/_old 2020-10-22 07:51:28.517981528 +0200 +++ /var/tmp/diff_new_pack.teaU8l/_new 2020-10-22 07:51:28.517981528 +0200 @@ -1 +1 @@ - +
commit chromium for openSUSE:Leap:15.2:Update
Hello community, here is the log from the commit of package chromium for openSUSE:Leap:15.2:Update checked in at 2020-09-25 10:42:56 Comparing /work/SRC/openSUSE:Leap:15.2:Update/chromium (Old) and /work/SRC/openSUSE:Leap:15.2:Update/.chromium.new.4249 (New) Package is "chromium" Fri Sep 25 10:42:56 2020 rev:8 rq:836467 version:unknown Changes: New Changes file: NO CHANGES FILE!!! Other differences: -- ++ _link ++ --- /var/tmp/diff_new_pack.wiIK4J/_old 2020-09-25 10:43:05.04946 +0200 +++ /var/tmp/diff_new_pack.wiIK4J/_new 2020-09-25 10:43:05.04946 +0200 @@ -1 +1 @@ - +
commit chromium for openSUSE:Leap:15.2:Update
Hello community, here is the log from the commit of package chromium for openSUSE:Leap:15.2:Update checked in at 2020-09-22 10:22:40 Comparing /work/SRC/openSUSE:Leap:15.2:Update/chromium (Old) and /work/SRC/openSUSE:Leap:15.2:Update/.chromium.new.4249 (New) Package is "chromium" Tue Sep 22 10:22:40 2020 rev:7 rq:835655 version:unknown Changes: New Changes file: NO CHANGES FILE!!! Other differences: -- ++ _link ++ --- /var/tmp/diff_new_pack.cngpPD/_old 2020-09-22 10:22:46.730891462 +0200 +++ /var/tmp/diff_new_pack.cngpPD/_new 2020-09-22 10:22:46.734891466 +0200 @@ -1 +1 @@ - +
commit chromium for openSUSE:Leap:15.2:Update
Hello community, here is the log from the commit of package chromium for openSUSE:Leap:15.2:Update checked in at 2020-08-31 18:22:59 Comparing /work/SRC/openSUSE:Leap:15.2:Update/chromium (Old) and /work/SRC/openSUSE:Leap:15.2:Update/.chromium.new.3399 (New) Package is "chromium" Mon Aug 31 18:22:59 2020 rev:6 rq:830437 version:unknown Changes: New Changes file: NO CHANGES FILE!!! Other differences: -- ++ _link ++ --- /var/tmp/diff_new_pack.8kidTZ/_old 2020-08-31 18:23:06.022811459 +0200 +++ /var/tmp/diff_new_pack.8kidTZ/_new 2020-08-31 18:23:06.022811459 +0200 @@ -1 +1 @@ - +
commit chromium for openSUSE:Leap:15.2:Update
Hello community, here is the log from the commit of package chromium for openSUSE:Leap:15.2:Update checked in at 2020-08-26 20:22:08 Comparing /work/SRC/openSUSE:Leap:15.2:Update/chromium (Old) and /work/SRC/openSUSE:Leap:15.2:Update/.chromium.new.3399 (New) Package is "chromium" Wed Aug 26 20:22:08 2020 rev:5 rq:829684 version:unknown Changes: New Changes file: NO CHANGES FILE!!! Other differences: -- ++ _link ++ --- /var/tmp/diff_new_pack.pUF1pT/_old 2020-08-26 20:22:09.089799089 +0200 +++ /var/tmp/diff_new_pack.pUF1pT/_new 2020-08-26 20:22:09.089799089 +0200 @@ -1 +1 @@ - +
commit chromium for openSUSE:Leap:15.2:Update
Hello community, here is the log from the commit of package chromium for openSUSE:Leap:15.2:Update checked in at 2020-08-14 17:29:43 Comparing /work/SRC/openSUSE:Leap:15.2:Update/chromium (Old) and /work/SRC/openSUSE:Leap:15.2:Update/.chromium.new.3399 (New) Package is "chromium" Fri Aug 14 17:29:43 2020 rev:4 rq:826575 version:unknown Changes: New Changes file: NO CHANGES FILE!!! Other differences: -- ++ _link ++ --- /var/tmp/diff_new_pack.aRsuWY/_old 2020-08-14 17:29:55.712066021 +0200 +++ /var/tmp/diff_new_pack.aRsuWY/_new 2020-08-14 17:29:55.712066021 +0200 @@ -1 +1 @@ - +
commit chromium for openSUSE:Leap:15.2:Update
Hello community, here is the log from the commit of package chromium for openSUSE:Leap:15.2:Update checked in at 2020-08-06 16:34:02 Comparing /work/SRC/openSUSE:Leap:15.2:Update/chromium (Old) and /work/SRC/openSUSE:Leap:15.2:Update/.chromium.new.3399 (New) Package is "chromium" Thu Aug 6 16:34:02 2020 rev:3 rq:824626 version:unknown Changes: New Changes file: NO CHANGES FILE!!! Other differences: -- ++ _link ++ --- /var/tmp/diff_new_pack.knjqtk/_old 2020-08-06 16:34:09.787000625 +0200 +++ /var/tmp/diff_new_pack.knjqtk/_new 2020-08-06 16:34:09.787000625 +0200 @@ -1 +1 @@ - +
commit chromium for openSUSE:Leap:15.2:Update
Hello community, here is the log from the commit of package chromium for openSUSE:Leap:15.2:Update checked in at 2020-07-20 16:26:25 Comparing /work/SRC/openSUSE:Leap:15.2:Update/chromium (Old) and /work/SRC/openSUSE:Leap:15.2:Update/.chromium.new.3592 (New) Package is "chromium" Mon Jul 20 16:26:25 2020 rev:2 rq:821707 version:unknown Changes: New Changes file: NO CHANGES FILE!!! Other differences: -- ++ _link ++ --- /var/tmp/diff_new_pack.tuBhgM/_old 2020-07-20 16:26:31.208268415 +0200 +++ /var/tmp/diff_new_pack.tuBhgM/_new 2020-07-20 16:26:31.212268419 +0200 @@ -1 +1 @@ - +
commit chromium for openSUSE:Leap:15.2
Hello community, here is the log from the commit of package chromium for openSUSE:Leap:15.2 checked in at 2020-06-19 02:51:00 Comparing /work/SRC/openSUSE:Leap:15.2/chromium (Old) and /work/SRC/openSUSE:Leap:15.2/.chromium.new.3606 (New) Package is "chromium" Fri Jun 19 02:51:00 2020 rev:107 rq:815571 version:83.0.4103.97 Changes: --- /work/SRC/openSUSE:Leap:15.2/chromium/chromium.changes 2020-05-11 08:39:25.923035326 +0200 +++ /work/SRC/openSUSE:Leap:15.2/.chromium.new.3606/chromium.changes 2020-06-19 02:51:14.823000254 +0200 @@ -1,0 +2,130 @@ +Mon Jun 15 14:05:36 UTC 2020 - Tomáš Chvátal + +- Another attempt on the location handling for Leap 15.1: + * no-location-leap151.patch + +--- +Thu Jun 11 16:31:50 UTC 2020 - Tomáš Chvátal + +- Attempt to build with wayland/ozone enabled + +--- +Thu Jun 11 12:14:32 UTC 2020 - Tomáš Chvátal + +- Enable more system libs on 15.2+ +- Remove the chromium-83-gcc-location-revert.patch as it is wrong + approach to fix the problem + +--- +Thu Jun 11 09:05:00 UTC 2020 - Tomáš Chvátal + +- Update _constraints to match up LTO enablement + +--- +Wed Jun 10 12:20:57 UTC 2020 - Tomáš Chvátal + +- With GCC 10 released we should be able to enable LTO again + +--- +Thu Jun 4 06:28:45 UTC 2020 - Tomáš Chvátal + +- Update to 83.0.4103.97 bsc#1172496: + * CVE-2020-6493: Use after free in WebAuthentication. + * CVE-2020-6494: Incorrect security UI in payments. + * CVE-2020-6495: Insufficient policy enforcement in developer tools. + * CVE-2020-6496: Use after free in payments. + +--- +Thu May 28 09:18:05 UTC 2020 - Tomáš Chvátal + +- Add patch to not use bundled unrar: + * chromium-norar.patch + +--- +Thu May 28 08:59:02 UTC 2020 - Fabian Vogt + +- Amend chromium-prop-codecs.patch to allow proprietary_codecs + without building third_party/openh264 + +--- +Wed May 27 12:03:31 UTC 2020 - Tomáš Chvátal + +- Add revert of location setting commit that broke build on + openSUSE Leap 15.1: + * chromium-83-gcc-location-revert.patch + +--- +Mon May 25 09:16:54 UTC 2020 - Tomáš Chvátal + +- Swtich to GCC 9.x on Leaps to avoid gcc bug exposed in gcc8 + +--- +Fri May 22 09:44:37 UTC 2020 - Tomáš Chvátal + +- Add patch to fix building with new re2: + * chromium-81-re2-0.2020.05.01.patch + +--- +Wed May 20 16:35:28 UTC 2020 - Guillaume GARDET + +- Update _constraints to avoid very slow builds seen on obs-arm-4 + (probably due to swap) + +--- +Wed May 20 09:35:32 UTC 2020 - Tomáš Chvátal + +- Update to 83.0.4103.61 bsc#1171910: + * CVE-2020-6465: Use after free in reader mode. Reported by Woojin Oh(@pwn_expoit) of STEALIEN on 2020-04-21 + * CVE-2020-6466: Use after free in media. Reported by Zhe Jin from cdsrc of Qihoo 360 on 2020-04-26 + * CVE-2020-6467: Use after free in WebRTC. Reported by ZhanJia Song on 2020-04-06 + * CVE-2020-6468: Type Confusion in V8. Reported by Chris Salls and Jake Corina of Seaside Security, Chani Jindal of Shellphish on 2020-04-30 + * CVE-2020-6469: Insufficient policy enforcement in developer tools. Reported by David Erceg on 2020-04-02 + * CVE-2020-6470: Insufficient validation of untrusted input in clipboard. Reported by Michał Bentkowski of Securitum on 2020-03-30 + * CVE-2020-6471: Insufficient policy enforcement in developer tools. Reported by David Erceg on 2020-03-08 + * CVE-2020-6472: Insufficient policy enforcement in developer tools. Reported by David Erceg on 2020-03-25 + * CVE-2020-6473: Insufficient policy enforcement in Blink. Reported by Soroush Karami and Panagiotis Ilia on 2020-02-06 + * CVE-2020-6474: Use after free in Blink. Reported by Zhe Jin from cdsrc of Qihoo 360 on 2020-03-07 + * CVE-2020-6475: Incorrect security UI in full screen. Reported by Khalil Zhani on 2019-10-31 + * CVE-2020-6476: Insufficient policy enforcement in tab strip. Reported by Alexandre Le Borgne on 2019-12-18 + * CVE-2020-6477: Inappropriate implementation in installer. Reported by RACK911 Labs on 2019-03-26 + * CVE-2020-6478: Inappropriate implementation in full screen. Reported by Khalil Zhani on
commit chromium for openSUSE:Leap:15.2
Hello community,
here is the log from the commit of package chromium for openSUSE:Leap:15.2
checked in at 2020-05-11 08:39:00
Comparing /work/SRC/openSUSE:Leap:15.2/chromium (Old)
and /work/SRC/openSUSE:Leap:15.2/.chromium.new.2738 (New)
Package is "chromium"
Mon May 11 08:39:00 2020 rev:106 rq:801761 version:81.0.4044.138
Changes:
--- /work/SRC/openSUSE:Leap:15.2/chromium/chromium.changes 2020-05-03
14:30:53.704712776 +0200
+++ /work/SRC/openSUSE:Leap:15.2/.chromium.new.2738/chromium.changes
2020-05-11 08:39:25.923035326 +0200
@@ -1,0 +2,12 @@
+Wed May 6 07:53:39 UTC 2020 - Tomáš Chvátal
+
+- update to 81.0.4044.138 bsc#1171247:
+ * CVE-2020-6831: Stack buffer overflow in SCTP
+ * CVE-2020-6464: Type Confusion in Blink.
+
+---
+Tue May 5 07:39:22 UTC 2020 - Ismail Dönmez
+
+- Add icu-v67.patch from upstream to fix build with icu v67
+
+---
Old:
chromium-81.0.4044.129.tar.xz
New:
chromium-81.0.4044.138.tar.xz
icu-v67.patch
Other differences:
--
++ chromium.spec ++
--- /var/tmp/diff_new_pack.DaB0AB/_old 2020-05-11 08:39:31.951048373 +0200
+++ /var/tmp/diff_new_pack.DaB0AB/_new 2020-05-11 08:39:31.955048381 +0200
@@ -57,7 +57,7 @@
%bcond_with clang
%bcond_with wayland
Name: chromium
-Version:81.0.4044.129
+Version:81.0.4044.138
Release:0
Summary:Google's open source browser project
License:BSD-3-Clause AND LGPL-2.1-or-later
@@ -95,6 +95,7 @@
Patch21:chromium-80.0.3987.87-missing-string-header.patch
Patch22:chromium-80.0.3987.106-missing-cstddef-header.patch
Patch23:chromium-80.0.3987.87-missing-cstdint-header.patch
+Patch24:icu-v67.patch
# Google seem not too keen on merging this but GPU accel is quite important
# https://chromium-review.googlesource.com/c/chromium/src/+/532294
#
https://github.com/saiarcot895/chromium-ubuntu-build/tree/master/debian/patches
++ chromium-81.0.4044.129.tar.xz -> chromium-81.0.4044.138.tar.xz ++
/work/SRC/openSUSE:Leap:15.2/chromium/chromium-81.0.4044.129.tar.xz
/work/SRC/openSUSE:Leap:15.2/.chromium.new.2738/chromium-81.0.4044.138.tar.xz
differ: char 26, line 1
++ icu-v67.patch ++
>From 3f8dc4b2e5baf77b463334c769af85b79d8c1463 Mon Sep 17 00:00:00 2001
From: Frank Tang
Date: Fri, 3 Apr 2020 23:13:54 -0700
Subject: [PATCH] [intl] Remove soon-to-be removed getAllFieldPositions
Needed to land ICU67.1 soon.
Bug: v8:10393
Change-Id: I3c7737ca600d6ccfdc46ffaddfb318ce60bc7618
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2136489
Reviewed-by: Jakob Kummerow
Commit-Queue: Frank Tang
Cr-Commit-Position: refs/heads/master@{#67027}
Index: chromium-81.0.4044.129/v8/src/objects/js-number-format.cc
===
--- chromium-81.0.4044.129.orig/v8/src/objects/js-number-format.cc
+++ chromium-81.0.4044.129/v8/src/objects/js-number-format.cc
@@ -1197,42 +1197,31 @@ MaybeHandle JSNumberForm
}
namespace {
-Maybe IcuFormatNumber(
+Maybe IcuFormatNumber(
Isolate* isolate,
const icu::number::LocalizedNumberFormatter& number_format,
-Handle numeric_obj, icu::FieldPositionIterator* fp_iter) {
+Handle numeric_obj, icu::number::FormattedNumber* formatted) {
// If it is BigInt, handle it differently.
UErrorCode status = U_ZERO_ERROR;
- icu::number::FormattedNumber formatted;
if (numeric_obj->IsBigInt()) {
Handle big_int = Handle::cast(numeric_obj);
Handle big_int_string;
ASSIGN_RETURN_ON_EXCEPTION_VALUE(isolate, big_int_string,
BigInt::ToString(isolate, big_int),
- Nothing());
-formatted = number_format.formatDecimal(
+ Nothing());
+*formatted = number_format.formatDecimal(
{big_int_string->ToCString().get(), big_int_string->length()}, status);
} else {
double number = numeric_obj->Number();
-formatted = number_format.formatDouble(number, status);
+*formatted = number_format.formatDouble(number, status);
}
if (U_FAILURE(status)) {
// This happen because of icu data trimming trim out "unit".
// See https://bugs.chromium.org/p/v8/issues/detail?id=8641
-THROW_NEW_ERROR_RETURN_VALUE(isolate,
- NewTypeError(MessageTemplate::kIcuError),
- Nothing());
- }
- if (fp_iter) {
-formatted.getAllFieldPositions(*fp_iter, status);
+THROW_NEW_ERROR_RETURN_VALUE(
+isolate, NewTypeError(MessageTemplate::kIcuError),
commit chromium for openSUSE:Leap:15.2
Hello community, here is the log from the commit of package chromium for openSUSE:Leap:15.2 checked in at 2020-05-03 14:29:42 Comparing /work/SRC/openSUSE:Leap:15.2/chromium (Old) and /work/SRC/openSUSE:Leap:15.2/.chromium.new.2738 (New) Package is "chromium" Sun May 3 14:29:42 2020 rev:105 rq:799742 version:81.0.4044.129 Changes: --- /work/SRC/openSUSE:Leap:15.2/chromium/chromium.changes 2020-04-20 12:56:11.872795252 +0200 +++ /work/SRC/openSUSE:Leap:15.2/.chromium.new.2738/chromium.changes 2020-05-03 14:30:53.704712776 +0200 @@ -1,0 +2,23 @@ +Wed Apr 29 06:53:20 UTC 2020 - Andreas Stieger + +- update to 81.0.4044.129 (boo#1170707): + * CVE-2020-0561: Use after free in storage + * CVE-2020-6462: Use after free in task scheduling + +--- +Tue Apr 28 09:05:34 UTC 2020 - Martin Liška + +- Add chromium-80.0.3987.87-missing-cstdint-header.patch, + chromium-80.0.3987.87-missing-string-header.patch and + chromium-80.0.3987.106-missing-cstddef-header.patch + in order to fix build with GCC 10. + +--- +Tue Apr 21 23:24:11 UTC 2020 - Andreas Stieger + +- Update to 81.0.4044.122 (boo#1170107): + * CVE-2020-6459: Use after free in payments + * CVE-2020-6460: Insufficient data validation in URL formatting + * CVE-2020-6458: Out of bounds read and write in PDFium + +--- Old: chromium-81.0.4044.113.tar.xz New: chromium-80.0.3987.106-missing-cstddef-header.patch chromium-80.0.3987.87-missing-cstdint-header.patch chromium-80.0.3987.87-missing-string-header.patch chromium-81.0.4044.129.tar.xz Other differences: -- ++ chromium.spec ++ --- /var/tmp/diff_new_pack.UNcdME/_old 2020-05-03 14:30:59.292724690 +0200 +++ /var/tmp/diff_new_pack.UNcdME/_new 2020-05-03 14:30:59.296724699 +0200 @@ -57,7 +57,7 @@ %bcond_with clang %bcond_with wayland Name: chromium -Version:81.0.4044.113 +Version:81.0.4044.129 Release:0 Summary:Google's open source browser project License:BSD-3-Clause AND LGPL-2.1-or-later @@ -92,6 +92,9 @@ Patch18:chromium-81-gcc-noexcept.patch Patch19:build-with-pipewire-0.3.patch Patch20:fix-vaapi-with-glx.patch +Patch21:chromium-80.0.3987.87-missing-string-header.patch +Patch22:chromium-80.0.3987.106-missing-cstddef-header.patch +Patch23:chromium-80.0.3987.87-missing-cstdint-header.patch # Google seem not too keen on merging this but GPU accel is quite important # https://chromium-review.googlesource.com/c/chromium/src/+/532294 # https://github.com/saiarcot895/chromium-ubuntu-build/tree/master/debian/patches ++ chromium-80.0.3987.106-missing-cstddef-header.patch ++ diff -up chromium-80.0.3987.106/chrome/browser/search/background/ntp_backgrounds.h.missing-cstddef chromium-80.0.3987.106/chrome/browser/search/background/ntp_backgrounds.h --- chromium-80.0.3987.106/chrome/browser/search/background/ntp_backgrounds.h.missing-cstddef 2020-02-18 08:42:38.088243182 -0500 +++ chromium-80.0.3987.106/chrome/browser/search/background/ntp_backgrounds.h 2020-02-18 08:42:59.679782858 -0500 @@ -6,6 +6,7 @@ #define CHROME_BROWSER_SEARCH_BACKGROUND_NTP_BACKGROUNDS_H_ #include +#include class GURL; diff -up chromium-80.0.3987.106/media/cdm/supported_cdm_versions.h.missing-cstddef chromium-80.0.3987.106/media/cdm/supported_cdm_versions.h --- chromium-80.0.3987.106/media/cdm/supported_cdm_versions.h.missing-cstddef 2020-02-17 16:26:51.661246220 -0500 +++ chromium-80.0.3987.106/media/cdm/supported_cdm_versions.h 2020-02-17 16:26:51.662246200 -0500 @@ -6,6 +6,7 @@ #define MEDIA_CDM_SUPPORTED_CDM_VERSIONS_H_ #include +#include #include "media/base/media_export.h" #include "media/cdm/api/content_decryption_module.h" diff -up chromium-80.0.3987.106/third_party/angle/include/platform/Platform.h.missing-cstddef chromium-80.0.3987.106/third_party/angle/include/platform/Platform.h --- chromium-80.0.3987.106/third_party/angle/include/platform/Platform.h.missing-cstddef 2020-02-17 16:26:07.433130572 -0500 +++ chromium-80.0.3987.106/third_party/angle/include/platform/Platform.h 2020-02-17 16:26:07.434130552 -0500 @@ -11,6 +11,7 @@ #include #include +#include #define EGL_PLATFORM_ANGLE_PLATFORM_METHODS_ANGLEX 0x3482 diff -up chromium-80.0.3987.106/third_party/webrtc/modules/audio_processing/aec3/clockdrift_detector.h.missing-cstddef chromium-80.0.3987.106/third_party/webrtc/modules/audio_processing/aec3/clockdrift_detector.h ---
commit chromium for openSUSE:Leap:15.2
Hello community,
here is the log from the commit of package chromium for openSUSE:Leap:15.2
checked in at 2020-04-20 12:55:51
Comparing /work/SRC/openSUSE:Leap:15.2/chromium (Old)
and /work/SRC/openSUSE:Leap:15.2/.chromium.new.2738 (New)
Package is "chromium"
Mon Apr 20 12:55:51 2020 rev:104 rq:795617 version:81.0.4044.113
Changes:
--- /work/SRC/openSUSE:Leap:15.2/chromium/chromium.changes 2020-04-17
13:37:53.148235336 +0200
+++ /work/SRC/openSUSE:Leap:15.2/.chromium.new.2738/chromium.changes
2020-04-20 12:56:11.872795252 +0200
@@ -1,0 +2,11 @@
+Fri Apr 17 08:12:35 UTC 2020 - Tomáš Chvátal
+
+- Update to 81.0.4044.113 bsc#1169729:
+ * CVE-2020-6457: Use after free in speech recognizer
+
+---
+Tue Apr 14 13:38:06 UTC 2020 - Tomáš Chvátal
+
+- Try to use system version of xdg-utils
+
+---
Old:
chromium-81.0.4044.92.tar.xz
New:
chromium-81.0.4044.113.tar.xz
Other differences:
--
++ chromium.spec ++
--- /var/tmp/diff_new_pack.7Xr58x/_old 2020-04-20 12:56:18.360805433 +0200
+++ /var/tmp/diff_new_pack.7Xr58x/_new 2020-04-20 12:56:18.364805439 +0200
@@ -57,7 +57,7 @@
%bcond_with clang
%bcond_with wayland
Name: chromium
-Version:81.0.4044.92
+Version:81.0.4044.113
Release:0
Summary:Google's open source browser project
License:BSD-3-Clause AND LGPL-2.1-or-later
@@ -649,7 +649,6 @@
%endif
myconf_gn+=" enable_hangout_services_extension=true"
myconf_gn+=" enable_vulkan=true"
-myconf_gn+=" enable_hevc_demuxing=true"
%if %{with pipewire}
myconf_gn+=" rtc_use_pipewire=true rtc_link_pipewire=true"
myconf_gn+=" rtc_use_pipewire_version=\"0.3\""
@@ -738,7 +737,7 @@
mkdir -p %{buildroot}%{_sysconfdir}/default
install -m 644 %{SOURCE103} %{buildroot}%{_sysconfdir}/default/chromium
-cp -a *.bin *.pak locales xdg-mime %{buildroot}%{_libdir}/chromium/
+cp -a *.bin *.pak locales %{buildroot}%{_libdir}/chromium/
%if !%{with system_icu}
cp -a icudtl.dat %{buildroot}%{_libdir}/chromium/
%endif
@@ -752,9 +751,6 @@
cp -a chromedriver %{buildroot}%{_libdir}/chromium/
ln -s %{_libdir}/chromium/chromedriver %{buildroot}%{_bindir}/chromedriver
-# Patch xdg-settings to use the chromium version of xdg-mime as that the
system one is not KDE4 compatible
-sed "s|xdg-mime|%{_libdir}/chromium/xdg-mime|g" xdg-settings >
%{buildroot}%{_libdir}/chromium/xdg-settings
-
cp -a resources.pak %{buildroot}%{_libdir}/chromium/
cp -a chrome %{buildroot}%{_libdir}/chromium/chromium
popd
@@ -784,10 +780,6 @@
mkdir -p %{buildroot}%{_sysconfdir}/chromium
install -m 0644 %{SOURCE30} %{buildroot}%{_sysconfdir}/chromium
-# Set the right attributes
-chmod 755 %{buildroot}%{_libdir}/chromium/xdg-settings
-chmod 755 %{buildroot}%{_libdir}/chromium/xdg-mime
-
# install manpages
mkdir -p %{buildroot}%{_mandir}/man1/
cp -a chrome/app/resources/manpage.1.in %{buildroot}%{_mandir}/man1/chromium.1
++ chromium-81.0.4044.92.tar.xz -> chromium-81.0.4044.113.tar.xz ++
/work/SRC/openSUSE:Leap:15.2/chromium/chromium-81.0.4044.92.tar.xz
/work/SRC/openSUSE:Leap:15.2/.chromium.new.2738/chromium-81.0.4044.113.tar.xz
differ: char 27, line 1
commit chromium for openSUSE:Leap:15.2
Hello community, here is the log from the commit of package chromium for openSUSE:Leap:15.2 checked in at 2020-04-17 13:37:38 Comparing /work/SRC/openSUSE:Leap:15.2/chromium (Old) and /work/SRC/openSUSE:Leap:15.2/.chromium.new.2738 (New) Package is "chromium" Fri Apr 17 13:37:38 2020 rev:103 rq:794006 version:81.0.4044.92 Changes: --- /work/SRC/openSUSE:Leap:15.2/chromium/chromium.changes 2020-03-23 07:14:41.318527185 +0100 +++ /work/SRC/openSUSE:Leap:15.2/.chromium.new.2738/chromium.changes 2020-04-17 13:37:53.148235336 +0200 @@ -1,0 +2,85 @@ +Wed Apr 8 08:41:17 UTC 2020 - Tomáš Chvátal + +- Update to 81.0.4044.92 bsc#1168911: + * CVE-2020-6454: Use after free in extensions + * CVE-2020-6423: Use after free in audio + * CVE-2020-6455: Out of bounds read in WebSQL + * CVE-2020-6430: Type Confusion in V8 + * CVE-2020-6456: Insufficient validation of untrusted input in clipboard + * CVE-2020-6431: Insufficient policy enforcement in full screen + * CVE-2020-6432: Insufficient policy enforcement in navigations + * CVE-2020-6433: Insufficient policy enforcement in extensions + * CVE-2020-6434: Use after free in devtools + * CVE-2020-6435: Insufficient policy enforcement in extensions + * CVE-2020-6436: Use after free in window management + * CVE-2020-6437: Inappropriate implementation in WebView + * CVE-2020-6438: Insufficient policy enforcement in extensions + * CVE-2020-6439: Insufficient policy enforcement in navigations + * CVE-2020-6440: Inappropriate implementation in extensions + * CVE-2020-6441: Insufficient policy enforcement in omnibox + * CVE-2020-6442: Inappropriate implementation in cache + * CVE-2020-6443: Insufficient data validation in developer tools + * CVE-2020-6444: Uninitialized Use in WebRTC + * CVE-2020-6445: Insufficient policy enforcement in trusted types + * CVE-2020-6446: Insufficient policy enforcement in trusted types + * CVE-2020-6447: Inappropriate implementation in developer tools + * CVE-2020-6448: Use after free in V8 +- Add new patches: + * chromium-81-gcc-constexpr.patch + * chromium-81-gcc-noexcept.patch + * fix-vaapi-with-glx.patch +- Remove no longer needed patches: + * chromium-80-gcc-abstract.patch + * chromium-80-gcc-incomplete-type.patch + * chromium-80-gcc-permissive.patch + * chromium-80-include.patch + * chromium-80-unbundle-libxml.patch + * chromium-missing-cstddef-header.patch + * chromium-missing-cstdint-header.patch + * chromium-missing-cstring-header.patch + * chromium-missing-cstring-header2.patch + * chromium-system-icu.patch + * chromium-unbundle-zlib.patch + * webrtc-pulse.patch +- Rebase patches: + * build-with-pipewire-0.3.patch + * chromium-vaapi-fix.patch + * chromium-vaapi.patch + * gpu-timeout.patch + * old-libva.patch + +--- +Thu Apr 2 09:21:02 UTC 2020 - Tomáš Chvátal + +- Update to 80.0.3987.162 bsc#1168421: + * CVE-2020-6450: Use after free in WebAudio. + * CVE-2020-6451: Use after free in WebAudio. + * CVE-2020-6452: Heap buffer overflow in media. + +--- +Sun Mar 29 08:29:41 UTC 2020 - Martin Liška + +- Rebase build-with-pipewire-0.3.patch in order to fix + patch collision. + +--- +Sat Mar 28 18:41:02 UTC 2020 - Martin Liška + +- Add chromium-missing-cstdint-header.patch, + chromium-missing-cstring-header.patch, + chromium-missing-cstring-header2.patch and + chromium-missing-cstddef-header.patch in order to fix boo#1167465. + +--- +Fri Mar 27 11:48:36 UTC 2020 - Stasiek Michalski + +- Use a symbolic icon for GNOME + +--- +Mon Mar 23 16:49:16 UTC 2020 - Antonio Larrosa + +- Add patch to allow building with pipewire 0.3: + * build-with-pipewire-0.3.patch +- Use pipewire in Leap 15.2 + +--- @@ -4 +89 @@ -- Update to 80.0.3987.149 (bsc#1167090): +- Update to 80.0.3987.149: Old: chromium-80-gcc-abstract.patch chromium-80-gcc-incomplete-type.patch chromium-80-gcc-permissive.patch chromium-80-include.patch chromium-80-unbundle-libxml.patch chromium-80.0.3987.149.tar.xz chromium-system-icu.patch chromium-unbundle-zlib.patch webrtc-pulse.patch New: build-with-pipewire-0.3.patch chromium-81-gcc-constexpr.patch chromium-81-gcc-noexcept.patch chromium-81.0.4044.92.tar.xz chromium-symbolic.svg fix-vaapi-with-glx.patch Other differences: -- ++ chromium.spec ++ --- /var/tmp/diff_new_pack.TSX4yf/_old 2020-04-17
commit chromium for openSUSE:Leap:15.2
Hello community,
here is the log from the commit of package chromium for openSUSE:Leap:15.2
checked in at 2020-03-23 07:13:52
Comparing /work/SRC/openSUSE:Leap:15.2/chromium (Old)
and /work/SRC/openSUSE:Leap:15.2/.chromium.new.3160 (New)
Package is "chromium"
Mon Mar 23 07:13:52 2020 rev:102 rq:787230 version:80.0.3987.149
Changes:
--- /work/SRC/openSUSE:Leap:15.2/chromium/chromium.changes 2020-03-09
18:15:38.117448268 +0100
+++ /work/SRC/openSUSE:Leap:15.2/.chromium.new.3160/chromium.changes
2020-03-23 07:14:41.318527185 +0100
@@ -1,0 +2,21 @@
+Thu Mar 19 11:13:24 UTC 2020 - Tomáš Chvátal
+
+- Update to 80.0.3987.149 (bsc#1167090):
+ * High CVE-2020-6422: Use after free in WebGL.
+ * High CVE-2020-6424: Use after free in media.
+ * High CVE-2020-6425: Insufficient policy enforcement in extensions.
+ * High CVE-2020-6426: Inappropriate implementation in V8.
+ * High CVE-2020-6427: Use after free in audio.
+ * High CVE-2020-6428: Use after free in audio.
+ * High CVE-2020-6429: Use after free in audio.
+ * High CVE-2019-20503: Out of bounds read in usersctplib.
+ * High CVE-2020-6449: Use after free in audio.
+ * Various fixes from internal audits, fuzzing and other initiatives
+
+---
+Sat Mar 14 09:18:06 UTC 2020 - Tomáš Chvátal
+
+- Do not pull in python deps except interpreter, the bundles
+ are patched anwyays
+
+---
Old:
chromium-80.0.3987.132.tar.xz
New:
chromium-80.0.3987.149.tar.xz
Other differences:
--
++ chromium.spec ++
--- /var/tmp/diff_new_pack.bMunx6/_old 2020-03-23 07:14:50.502532701 +0100
+++ /var/tmp/diff_new_pack.bMunx6/_new 2020-03-23 07:14:50.506532703 +0100
@@ -57,7 +57,7 @@
%bcond_with clang
%bcond_with wayland
Name: chromium
-Version:80.0.3987.132
+Version:80.0.3987.149
Release:0
Summary:Google's open source browser project
License:BSD-3-Clause AND LGPL-2.1-or-later
@@ -131,6 +131,7 @@
BuildRequires: pam-devel
BuildRequires: pkgconfig
BuildRequires: python
+BuildRequires: python-xml
BuildRequires: snappy-devel
BuildRequires: update-desktop-files
BuildRequires: util-linux
@@ -241,10 +242,6 @@
BuildRequires: pkgconfig(libxml-2.0) >= 2.9.5
%endif
%if !%{with sle_bundles}
-BuildRequires: python-beautifulsoup4
-BuildRequires: python-html5lib
-BuildRequires: python-simplejson
-BuildRequires: python-xml
BuildRequires: yasm-devel
BuildRequires: pkgconfig(libwebp)
BuildRequires: pkgconfig(opus) >= 1.3.1
@@ -342,8 +339,6 @@
third_party/catapult/common/py_vulcanize/third_party/rjsmin
third_party/catapult/third_party/beautifulsoup4
third_party/catapult/third_party/html5lib-python
-third_party/catapult/third_party/beautifulsoup4
-third_party/catapult/third_party/html5lib-python
third_party/catapult/third_party/polymer
third_party/catapult/third_party/six
third_party/catapult/tracing/third_party/d3
@@ -488,9 +483,6 @@
third_party/opus
third_party/yasm
third_party/simplejson
-third_party/catapult/third_party/beautifulsoup4
-third_party/catapult/third_party/html5lib-python
-third_party/catapult/third_party/six
third_party/zlib
)
%endif
++ chromium-80.0.3987.132.tar.xz -> chromium-80.0.3987.149.tar.xz ++
/work/SRC/openSUSE:Leap:15.2/chromium/chromium-80.0.3987.132.tar.xz
/work/SRC/openSUSE:Leap:15.2/.chromium.new.3160/chromium-80.0.3987.149.tar.xz
differ: char 27, line 1
commit chromium for openSUSE:Leap:15.2
Hello community,
here is the log from the commit of package chromium for openSUSE:Leap:15.2
checked in at 2020-03-09 18:14:49
Comparing /work/SRC/openSUSE:Leap:15.2/chromium (Old)
and /work/SRC/openSUSE:Leap:15.2/.chromium.new.26092 (New)
Package is "chromium"
Mon Mar 9 18:14:49 2020 rev:101 rq:782748 version:80.0.3987.132
Changes:
--- /work/SRC/openSUSE:Leap:15.2/chromium/chromium.changes 2020-02-29
17:16:01.184989996 +0100
+++ /work/SRC/openSUSE:Leap:15.2/.chromium.new.26092/chromium.changes
2020-03-09 18:15:38.117448268 +0100
@@ -1,0 +2,13 @@
+Thu Mar 5 18:15:45 UTC 2020 - Tomáš Chvátal
+
+- Update to 80.0.3987.132 bsc#1165826:
+ * CVE-2020-6420: Insufficient policy enforcement in media.
+ * Various fixes from internal audits, fuzzing and other initiatives [2].
+
+---
+Tue Mar 3 16:45:10 UTC 2020 - Tomáš Chvátal
+
+- Add patch trying to fix pulse audio issues with webrtc:
+ * webrtc-pulse.patch
+
+---
Old:
chromium-80.0.3987.122.tar.xz
New:
chromium-80.0.3987.132.tar.xz
webrtc-pulse.patch
Other differences:
--
++ chromium.spec ++
--- /var/tmp/diff_new_pack.FUD8vt/_old 2020-03-09 18:15:46.297452235 +0100
+++ /var/tmp/diff_new_pack.FUD8vt/_new 2020-03-09 18:15:46.297452235 +0100
@@ -57,7 +57,7 @@
%bcond_with clang
%bcond_with wayland
Name: chromium
-Version:80.0.3987.122
+Version:80.0.3987.132
Release:0
Summary:Google's open source browser project
License:BSD-3-Clause AND LGPL-2.1-or-later
@@ -94,6 +94,7 @@
Patch20:chromium-80-unbundle-libxml.patch
Patch21:chromium-fix-char_traits.patch
Patch22:gpu-timeout.patch
+Patch23:webrtc-pulse.patch
# Google seem not too keen on merging this but GPU accel is quite important
# https://chromium-review.googlesource.com/c/chromium/src/+/532294
#
https://github.com/saiarcot895/chromium-ubuntu-build/tree/master/debian/patches
++ chromium-80.0.3987.122.tar.xz -> chromium-80.0.3987.132.tar.xz ++
/work/SRC/openSUSE:Leap:15.2/chromium/chromium-80.0.3987.122.tar.xz
/work/SRC/openSUSE:Leap:15.2/.chromium.new.26092/chromium-80.0.3987.132.tar.xz
differ: char 25, line 1
++ webrtc-pulse.patch ++
>From 704dc99bd05a94eb61202e6127df94ddfd571e85 Mon Sep 17 00:00:00 2001
From: Dale Curtis
Date: Mon, 02 Mar 2020 22:12:22 +
Subject: [PATCH] Hold PulseAudio mainloop lock while querying input device info.
a22cc23955cb3d58b7525c5103314226b3ce0137 moved this section out of
UpdateNativeAudioHardwareInfo(), but forgot to bring the lock along.
R=guidou
Bug: 1043040
Change-Id: I5b17a2cf0ad55d61c0811db1dae7045af4a91370
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2083814
Commit-Queue: Dale Curtis
Commit-Queue: Guido Urdaneta
Reviewed-by: Guido Urdaneta
Auto-Submit: Dale Curtis
Cr-Commit-Position: refs/heads/master@{#746115}
---
diff --git a/media/audio/pulse/audio_manager_pulse.cc
b/media/audio/pulse/audio_manager_pulse.cc
index 90e9317..829846f 100644
--- a/media/audio/pulse/audio_manager_pulse.cc
+++ b/media/audio/pulse/audio_manager_pulse.cc
@@ -104,22 +104,27 @@
AudioParameters AudioManagerPulse::GetInputStreamParameters(
const std::string& device_id) {
- int user_buffer_size = GetUserBufferSize();
- int buffer_size =
- user_buffer_size ? user_buffer_size : kDefaultInputBufferSize;
-
UpdateNativeAudioHardwareInfo();
- auto* operation = pa_context_get_source_info_by_name(
- input_context_, default_source_name_.c_str(), DefaultSourceInfoCallback,
- this);
- WaitForOperationCompletion(input_mainloop_, operation, input_context_);
+
+ {
+AutoPulseLock auto_lock(input_mainloop_);
+auto* operation = pa_context_get_source_info_by_name(
+input_context_, default_source_name_.c_str(),
DefaultSourceInfoCallback,
+this);
+WaitForOperationCompletion(input_mainloop_, operation, input_context_);
+ }
// We don't want to accidentally open a monitor device, so return invalid
- // parameters for those.
+ // parameters for those. Note: The value of |default_source_is_monitor_|
+ // depends on the the call to pa_context_get_source_info_by_name() above.
if (device_id == AudioDeviceDescription::kDefaultDeviceId &&
default_source_is_monitor_) {
return AudioParameters();
}
+
+ const int user_buffer_size = GetUserBufferSize();
+ const int buffer_size =
+ user_buffer_size ? user_buffer_size : kDefaultInputBufferSize;
return AudioParameters(AudioParameters::AUDIO_PCM_LOW_LATENCY,
CHANNEL_LAYOUT_STEREO,
commit chromium for openSUSE:Leap:15.2
Hello community,
here is the log from the commit of package chromium for openSUSE:Leap:15.2
checked in at 2020-02-29 17:15:34
Comparing /work/SRC/openSUSE:Leap:15.2/chromium (Old)
and /work/SRC/openSUSE:Leap:15.2/.chromium.new.26092 (New)
Package is "chromium"
Sat Feb 29 17:15:34 2020 rev:100 rq:779922 version:80.0.3987.122
Changes:
--- /work/SRC/openSUSE:Leap:15.2/chromium/chromium.changes 2020-02-17
17:35:38.820384140 +0100
+++ /work/SRC/openSUSE:Leap:15.2/.chromium.new.26092/chromium.changes
2020-02-29 17:16:01.184989996 +0100
@@ -1,0 +2,26 @@
+Tue Feb 25 12:25:51 UTC 2020 - Tomáš Chvátal
+
+- Update to 80.0.3987.122 bsc#1164828:
+ * CVE-2020-6418: Type confusion in V8
+ * CVE-2020-6407: Out of bounds memory access in streams.
+ * Integer overflow in ICU
+
+---
+Mon Feb 17 12:18:23 UTC 2020 - Tomáš Chvátal
+
+- Add chromedriver binary to bindir
+
+---
+Thu Feb 13 14:51:34 UTC 2020 - Tomáš Chvátal
+
+- Drop sandbox binary as it should not be needed really bsc#1163588
+- Remove unused patch:
+ * chromium-sandbox-pie.patch
+
+---
+Wed Feb 12 13:16:28 UTC 2020 - Tomáš Chvátal
+
+- Update to 80.0.3987.100 bsc#1163484:
+ * feature fixes only
+
+---
Old:
chromium-80.0.3987.87.tar.xz
chromium-sandbox-pie.patch
New:
chromium-80.0.3987.122.tar.xz
Other differences:
--
++ chromium.spec ++
--- /var/tmp/diff_new_pack.XQiF60/_old 2020-02-29 17:16:08.229004514 +0100
+++ /var/tmp/diff_new_pack.XQiF60/_new 2020-02-29 17:16:08.233004522 +0100
@@ -57,7 +57,7 @@
%bcond_with clang
%bcond_with wayland
Name: chromium
-Version:80.0.3987.87
+Version:80.0.3987.122
Release:0
Summary:Google's open source browser project
License:BSD-3-Clause AND LGPL-2.1-or-later
@@ -79,7 +79,6 @@
Patch4: chromium-dma-buf.patch
Patch5: chromium-buildname.patch
Patch6: chromium-drm.patch
-Patch7: chromium-sandbox-pie.patch
Patch8: chromium-system-icu.patch
Patch9: chromium-system-libusb.patch
Patch10:gcc-enable-lto.patch
@@ -726,7 +725,7 @@
# https://bugs.chromium.org/p/chromium/issues/detail?id=642016
gn gen --args="${myconf_gn}" out/Release
-ninja -v %{?_smp_mflags} -C out/Release chrome chrome_sandbox chromedriver
+ninja -v %{?_smp_mflags} -C out/Release chrome chromedriver
%install
mkdir -p %{buildroot}%{_libdir}/chromium
@@ -744,10 +743,6 @@
mkdir -p %{buildroot}%{_sysconfdir}/default
install -m 644 %{SOURCE103} %{buildroot}%{_sysconfdir}/default/chromium
-# Recent Chromium builds now wants to have the sandbox in the same directory.
So let's create a symlink to the one in %{_prefix}/lib
-cp -a chrome_sandbox %{buildroot}%{_libexecdir}/
-ln -s -f %{_libexecdir}/chrome_sandbox
%{buildroot}/%{_libdir}/chromium/chrome-sandbox
-
cp -a *.bin *.pak locales xdg-mime %{buildroot}%{_libdir}/chromium/
%if !%{with system_icu}
cp -a icudtl.dat %{buildroot}%{_libdir}/chromium/
@@ -760,6 +755,7 @@
# chromedriver
cp -a chromedriver %{buildroot}%{_libdir}/chromium/
+ln -s %{_libdir}/chromium/chromedriver %{buildroot}%{_bindir}/chromedriver
# Patch xdg-settings to use the chromium version of xdg-mime as that the
system one is not KDE4 compatible
sed "s|xdg-mime|%{_libdir}/chromium/xdg-mime|g" xdg-settings >
%{buildroot}%{_libdir}/chromium/xdg-settings
@@ -809,13 +805,9 @@
%fdupes %{buildroot}
-%verifyscript
-%verify_permissions -e %{_libexecdir}/chrome_sandbox
-
%post
%icon_theme_cache_post
%desktop_database_post
-%set_permissions %{_libexecdir}/chrome_sandbox
/sbin/ldconfig %{_libdir}/chromium
%postun
@@ -824,7 +816,6 @@
/sbin/ldconfig %{_libdir}/chromium
%files
-%verify(not mode) %{_libexecdir}/chrome_sandbox
%license LICENSE
%doc AUTHORS
%config %{_sysconfdir}/chromium
@@ -841,12 +832,12 @@
%{_datadir}/metainfo/chromium-browser.appdata.xml
%{_datadir}/gnome-control-center/default-apps/chromium-browser.xml
%{_datadir}/icons/hicolor/
-%{_libexecdir}/chrome_sandbox
%exclude %{_libdir}/chromium/chromedriver
%{_bindir}/chromium
%{_mandir}/man1/chromium.1%{?ext_man}
%files -n chromedriver
%{_libdir}/chromium/chromedriver
+%{_bindir}/chromedriver
%changelog
++ chromium-80.0.3987.87.tar.xz -> chromium-80.0.3987.122.tar.xz ++
/work/SRC/openSUSE:Leap:15.2/chromium/chromium-80.0.3987.87.tar.xz
/work/SRC/openSUSE:Leap:15.2/.chromium.new.26092/chromium-80.0.3987.122.tar.xz
differ: char 27, line 1
commit chromium for openSUSE:Leap:15.2
Hello community,
here is the log from the commit of package chromium for openSUSE:Leap:15.2
checked in at 2020-02-17 17:35:04
Comparing /work/SRC/openSUSE:Leap:15.2/chromium (Old)
and /work/SRC/openSUSE:Leap:15.2/.chromium.new.26092 (New)
Package is "chromium"
Mon Feb 17 17:35:04 2020 rev:99 rq:772411 version:80.0.3987.87
Changes:
--- /work/SRC/openSUSE:Leap:15.2/chromium/chromium.changes 2020-01-30
06:08:02.850452557 +0100
+++ /work/SRC/openSUSE:Leap:15.2/.chromium.new.26092/chromium.changes
2020-02-17 17:35:38.820384140 +0100
@@ -1,0 +2,65 @@
+Wed Feb 5 13:04:03 UTC 2020 - Tomáš Chvátal
+
+- Update to 80.0.3987.87 bsc#1162833:
+ * CVE-2020-6381: Integer overflow in JavaScript
+ * CVE-2020-6382: Type Confusion in JavaScript
+ * CVE-2019-18197: Multiple vulnerabilities in XML
+ * CVE-2019-19926: Inappropriate implementation in SQLite
+ * CVE-2020-6385: Insufficient policy enforcement in storage
+ * CVE-2019-19880, CVE-2019-19925: Multiple vulnerabilities in SQLite
+ * CVE-2020-6387: Out of bounds write in WebRTC
+ * CVE-2020-6388: Out of bounds memory access in WebAudio
+ * CVE-2020-6389: Out of bounds write in WebRTC
+ * CVE-2020-6390: Out of bounds memory access in streams
+ * CVE-2020-6391: Insufficient validation of untrusted input in Blink
+ * CVE-2020-6392: Insufficient policy enforcement in extensions
+ * CVE-2020-6393: Insufficient policy enforcement in Blink
+ * CVE-2020-6394: Insufficient policy enforcement in Blink
+ * CVE-2020-6395: Out of bounds read in JavaScript
+ * CVE-2020-6396: Inappropriate implementation in Skia
+ * CVE-2020-6397: Incorrect security UI in sharing
+ * CVE-2020-6398: Uninitialized use in PDFium
+ * CVE-2020-6399: Insufficient policy enforcement in AppCache
+ * CVE-2020-6400: Inappropriate implementation in CORS
+ * CVE-2020-6401: Insufficient validation of untrusted input in Omnibox
+ * CVE-2020-6402: Insufficient policy enforcement in downloads
+ * CVE-2020-6403: Incorrect security UI in Omnibox
+ * CVE-2020-6404: Inappropriate implementation in Blink
+ * CVE-2020-6405: Out of bounds read in SQLite
+ * CVE-2020-6406: Use after free in audio
+ * CVE-2019-19923: Out of bounds memory access in SQLite
+ * CVE-2020-6408: Insufficient policy enforcement in CORS
+ * CVE-2020-6409: Inappropriate implementation in Omnibox
+ * CVE-2020-6410: Insufficient policy enforcement in navigation
+ * CVE-2020-6411: Insufficient validation of untrusted input in Omnibox
+ * CVE-2020-6412: Insufficient validation of untrusted input in Omnibox
+ * CVE-2020-6413: Inappropriate implementation in Blink
+ * CVE-2020-6414: Insufficient policy enforcement in Safe Browsing
+ * CVE-2020-6415: Inappropriate implementation in JavaScript
+ * CVE-2020-6416: Insufficient data validation in streams
+ * CVE-2020-6417: Inappropriate implementation in installer
+- Disable lto for now as it consumes >16GB ram
+- Added patches:
+ * chromium-80-gcc-abstract.patch
+ * chromium-80-gcc-blink.patch
+ * chromium-80-gcc-incomplete-type.patch
+ * chromium-80-gcc-permissive.patch
+ * chromium-80-gcc-quiche.patch
+ * chromium-80-include.patch
+ * chromium-80-unbundle-libxml.patch
+ * chromium-80.0.3987.87.tar.xz
+ * chromium-fix-char_traits.patch
+ * gpu-timeout.patch
+- Removed patches:
+ * chromium-79-gcc-ambiguous-nodestructor.patch
+ * chromium-79-gcc-name-clash.patch
+ * chromium-79-gcc-permissive.patch
+ * chromium-79-icu-65.patch
+ * chromium-79-include.patch
+ * chromium-79-system-hb.patch
+- Rebased patches:
+ * chromium-old-glibc-noexcept.patch
+ * chromium-vaapi-fix.patch
+ * chromium-vaapi.patch
+
+---
Old:
chromium-79-gcc-ambiguous-nodestructor.patch
chromium-79-gcc-name-clash.patch
chromium-79-gcc-permissive.patch
chromium-79-icu-65.patch
chromium-79-include.patch
chromium-79-system-hb.patch
chromium-79.0.3945.130.tar.xz
New:
chromium-80-gcc-abstract.patch
chromium-80-gcc-blink.patch
chromium-80-gcc-incomplete-type.patch
chromium-80-gcc-permissive.patch
chromium-80-gcc-quiche.patch
chromium-80-include.patch
chromium-80-unbundle-libxml.patch
chromium-80.0.3987.87.tar.xz
chromium-fix-char_traits.patch
gpu-timeout.patch
Other differences:
--
++ chromium.spec ++
--- /var/tmp/diff_new_pack.G5YGuL/_old 2020-02-17 17:35:49.124407514 +0100
+++ /var/tmp/diff_new_pack.G5YGuL/_new 2020-02-17 17:35:49.128407523 +0100
@@ -46,7 +46,7 @@
%endif
%ifarch x86_64
%if %{?suse_version} > 1500
-%bcond_without lto
+%bcond_with lto
%else
%bcond_with lto
%endif
@@ -57,7 +57,7 @@
%bcond_with clang
%bcond_with wayland
Name: chromium
-Version:79.0.3945.130
+Version:
commit chromium for openSUSE:Leap:15.2
Hello community, here is the log from the commit of package chromium for openSUSE:Leap:15.2 checked in at 2020-01-30 06:07:46 Comparing /work/SRC/openSUSE:Leap:15.2/chromium (Old) and /work/SRC/openSUSE:Leap:15.2/.chromium.new.26092 (New) Package is "chromium" Thu Jan 30 06:07:46 2020 rev:98 rq:766310 version:79.0.3945.130 Changes: --- /work/SRC/openSUSE:Leap:15.2/chromium/chromium.changes 2020-01-15 14:50:08.509405097 +0100 +++ /work/SRC/openSUSE:Leap:15.2/.chromium.new.26092/chromium.changes 2020-01-30 06:08:02.850452557 +0100 @@ -1,0 +2,9 @@ +Sat Jan 18 20:04:05 UTC 2020 - Andreas Stieger + +- Update to 79.0.3945.130 boo#1161252: + * CVE-2020-6378: Use-after-free in speech recognizer + * CVE-2020-6379: Use-after-free in speech recognizer + * CVE-2020-6380: Extension message verification error + * Various fixes from internal audits, fuzzing and other initiatives + +--- @@ -5 +14 @@ - * CVE-TBD: Use after free in audio + * CVE-2020-6377: Use after free in audio Old: chromium-79.0.3945.117.tar.xz New: chromium-79.0.3945.130.tar.xz Other differences: -- ++ chromium.spec ++ --- /var/tmp/diff_new_pack.2juaoy/_old 2020-01-30 06:08:12.622458019 +0100 +++ /var/tmp/diff_new_pack.2juaoy/_new 2020-01-30 06:08:12.626458021 +0100 @@ -57,7 +57,7 @@ %bcond_with clang %bcond_with wayland Name: chromium -Version:79.0.3945.117 +Version:79.0.3945.130 Release:0 Summary:Google's open source browser project License:BSD-3-Clause AND LGPL-2.1-or-later ++ chromium-79.0.3945.117.tar.xz -> chromium-79.0.3945.130.tar.xz ++ /work/SRC/openSUSE:Leap:15.2/chromium/chromium-79.0.3945.117.tar.xz /work/SRC/openSUSE:Leap:15.2/.chromium.new.26092/chromium-79.0.3945.130.tar.xz differ: char 27, line 1
