- Chromium 122.0.6261.128 (boo#1221335)
  *  CVE-2024-2400: Use after free in Performance Manager

• Files Changed
• Browse Source

- Chromium 122.0.6261.111 (boo#1220131,boo#1220604,boo#1221105)
  * New upstream security release.
  * CVE-2024-2173: Out of bounds memory access in V8.
  * CVE-2024-2174: Inappropriate implementation in V8.
  * CVE-2024-2176: Use after free in FedCM.
- Chromium 122.0.6261.94
  * CVE-2024-1669: Out of bounds memory access in Blink.
  * CVE-2024-1670: Use after free in Mojo.
  * CVE-2024-1671: Inappropriate implementation in Site Isolation.
  * CVE-2024-1672: Inappropriate implementation in Content Security Policy.
  * CVE-2024-1673: Use after free in Accessibility.
  * CVE-2024-1674: Inappropriate implementation in Navigation.
  * CVE-2024-1675: Insufficient policy enforcement in Download.
  * CVE-2024-1676: Inappropriate implementation in Navigation.
  * Type Confusion in V8
  * rediff chromium-disable-GlobalMediaControlsCastStartStop.patch
  * drop chromium-114-lld-argument.patch
    replaced by chromium-122-clang16-disable-auto-upgrade-debug-info.patch
  * drop chromium-121-no_matching_constructor.patch
    replaced by chromium-122-no_matching_constructor.patch
  * drop chromium-113-webview-namespace.patch (obsolete)
  * reduce chromium-norar.patch
    by the hunks in chromium-122-norar.patch
  * drop chromium-114-revert-av1enc-lp154.patch
    replaced by chromium-122-revert-av1enc-el9.patch
  * drop chromium-115-lp155-typename.patch
         chromium-116-lp155-typenames.patch
         chromium-117-lp155-typename.patch
         chromium-120-lp155-typename.patch
    replaced by chromium-122-typename.patch
  * drop chromium-121-missing-header-files.patch
    replaced by chromium-122-missing-header-files.patch
  * drop chromium-121-workaround_clang_bug-structured_binding.patch
    replaced by chromium-122-workaround_clang_bug-structured_binding.patch
  * drop chromium-121-no_matching_constructor.patch
    replaced by chromium-122-no_matching_constructor.patch
  * drop chromium-121-python3-invalid-escape-sequence.patch (upstream)
  * drop chromium-disable-FFmpegAllowLists.patch
    replaced by chromium-122-disable-FFmpegAllowLists.patch
  * drop chromium-121-avoid-SFINAE-TypeConverter.patch
    replaced by chromium-122-avoid-SFINAE-TypeConverter.patch
  * add buildrequires for rust
  * add patches from fedora package for 121 and 122
  * chromium-121-el7-clang-version-warning.patch
  * chromium-121-v8-c++20-p1.patch
  * chromium-121-v8-c++20.patch
  * chromium-122-arm64-memory_tagging.patch
  * chromium-122-clang16-buildflags.patch
  * chromium-122-clang16-disable-auto-upgrade-debug-info.patch
  * chromium-122-clang-build-flags.patch
  * chromium-122-constexpr.patch
  * chromium-122-disable-FFmpegAllowLists.patch
  * chromium-122-el7-default-constructor-involving-anonymous-union.patch
  * chromium-122-el7-extra-operator.patch
  * chromium-122-el7-inline-function.patch
  * chromium-122-el8-support-64kpage.patch
  * chromium-122-missing-header-files.patch
  * chromium-122-no_matching_constructor.patch
  * chromium-122-norar.patch
  * chromium-122-python3-assignment-expressions.patch
  * chromium-122-revert-av1enc-el9.patch
  * chromium-122-static-assert.patch
  * chromium-122-typename.patch
  * chromium-122-unique_ptr.patch
  * chromium-122-workaround_clang_bug-structured_binding.patch
  * from debian add
  * chromium-122-undo-internal-alloc.patch
  * chromium-122-debian-upstream-bitset.patch
  * chromium-122-debian-upstream-mojo.patch
  * chromium-122-debian-upstream-optional.patch
  * chromium-122-debian-upstream-uniqptr.patch
  * chromium-122-debian-fixes-optional.patch
  * added compile fix needed on code15
    chromium-122-skip_bubble_contents_wrapper_static_assert.patch
    to prevent "static assertion expression is not an integral constant expression"
    "in call to 'operator+(&"."[0], ShoppingInsightsSidePanelUI::GetWebUIName())'"
    in bubble_contents_wrapper.h:153
- replace Cr121-ffmpeg-new-channel-layout.patch by
  Cr122-ffmpeg-new-channel-layout.patch (rediff against 122)
- drop chromium-121-system-old-ffmpeg.patch

• Files Changed
• Browse Source

- Add Cr121-ffmpeg-new-channel-layout.patch to rollback more FFmpeg
  changes so that FFmpeg 4 will work on Leap
- Prepare for libxml 2.12

• Files Changed
• Browse Source

- Chromium 121.0.6167.184 (boo#1219118, boo#1219387, boo#1219661)
  * CVE-2024-1284: Use after free in Mojo
  * CVE-2024-1283: Heap buffer overflow in Skia
  * CVE-2024-1060: Use after free in Canvas
  * CVE-2024-1059: Use after free in WebRTC
  * CVE-2024-1077: Use after free in Network
  * CVE-2024-0807: Use after free in WebAudio
  * CVE-2024-0812: Inappropriate implementation in Accessibility
  * CVE-2024-0808: Integer underflow in WebUI
  * CVE-2024-0810: Insufficient policy enforcement in DevTools
  * CVE-2024-0814: Incorrect security UI in Payments
  * CVE-2024-0813: Use after free in Reading Mode
  * CVE-2024-0806: Use after free in Passwords
  * CVE-2024-0805: Inappropriate implementation in Downloads
  * CVE-2024-0804: Insufficient policy enforcement in iOS Security UI
  * CVE-2024-0811: Inappropriate implementation in Extensions API
  * CVE-2024-0809: Inappropriate implementation in Autofill
- Removed patches:
  * chromium-117-includes.patch
  * chromium-118-includes.patch
  * chromium-119-dont-redefine-ATSPI-version-macros.patch
  * chromium-120-missing-header-files.patch
  * chromium-120-no_matching_constructor.patch
  * chromium-120-nullptr_t-without-namespace-std.patch
  * chromium-120-workaround_clang_bug-structured_binding.patch
  * gcc13-fix.patch
  * chromium-113-webauth-include-variant.patch
  * chromium-110-system-libffi.patch
- Added patches:
  * chromium-121-no_matching_constructor.patch

• Files Changed
• Browse Source

- Chromium 120.0.6099.224 (boo#1218892)
  * CVE-2024-0517: Out of bounds write in V8
  * CVE-2024-0518: Type Confusion in V8
  * CVE-2024-0519: Out of bounds memory access in V8
  * Various fixes from internal audits, fuzzing and other initiatives

• Files Changed
• Browse Source

- Replace chromium-120-lp155-revert-clang-build-failure.patch
  with chromium-120-make_unique-struct.patch - which avoids
  reverting changes and instead provides a stub constructor to fix
  build on Leap

  * chromium-117-workaround_clang_bug-structured_binding.patch
  * chromium-120-workaround_clang_bug-structured_binding.patch

• Files Changed
• Browse Source

- Chromium 120.0.6099.216 (boo#1217839, boo#1218048, boo#1218302,
  boo#1218533, boo#1218719)
  * CVE-2024-0333: Insufficient data validation in Extensions
  * CVE-2024-0222: Use after free in ANGLE
  * CVE-2024-0223: Heap buffer overflow in ANGLE
  * CVE-2024-0224: Use after free in WebAudio
  * CVE-2024-0225: Use after free in WebGPU
  * CVE-2023-7024: Heap buffer overflow in WebRTC
  * CVE-2023-6702: Type Confusion in V8
  * CVE-2023-6703: Use after free in Blink
  * CVE-2023-6704: Use after free in libavif (boo#1218303)
  * CVE-2023-6705: Use after free in WebRTC
  * CVE-2023-6706: Use after free in FedCM
  * CVE-2023-6707: Use after free in CSS
  * CVE-2023-6508: Use after free in Media Stream
  * CVE-2023-6509: Use after free in Side Panel Search
  * CVE-2023-6510: Use after free in Media Capture
  * CVE-2023-6511: Inappropriate implementation in Autofill
  * CVE-2023-6512: Inappropriate implementation in Web Browser UI
- drop patches:
  * chromium-system-libusb.patch
  * chromium-119-nullptr_t-without-namespace-std.patch
  * chromium-119-no_matching_constructor.patch
- add patches: 
  * chromium-120-nullptr_t-without-namespace-std.patch
  * chromium-120-emplace.patch
  * chromium-120-lp155-typename.patch
  * chromium-120-no_matching_constructor.patch
  * chromium-120-missing-header-files.patch
  * chromium-120-emplace-struct.patch

• Files Changed
• Browse Source

- Chromium 119.0.6045.199 (boo#1217616)
  * CVE-2023-6348: Type Confusion in Spellcheck
  * CVE-2023-6347: Use after free in Mojo
  * CVE-2023-6346: Use after free in WebAudio
  * CVE-2023-6350: Out of bounds memory access in libavif (boo#1217614)
  * CVE-2023-6351: Use after free in libavif (boo#1217615)
  * CVE-2023-6345: Integer overflow in Skia
  * Various fixes from internal audits, fuzzing and other initiatives

• Files Changed
• Browse Source

- Chromium 119.0.6045.159 (boo#1217142)
  * CVE-2023-5997: Use after free in Garbage Collection
  * CVE-2023-6112: Use after free in Navigation
  * Various fixes from internal audits, fuzzing and other initiatives

• Files Changed
• Browse Source

- Chromium 119.0.6045.123 (boo#1216978)
  * CVE-2023-5996: Use after free in WebAudio
- Chromium 119.0.6045.105 (boo#1216783)
  * CVE-2023-5480: Inappropriate implementation in Payments
  * CVE-2023-5482: Insufficient data validation in USB
  * CVE-2023-5849: Integer overflow in USB
  * CVE-2023-5850: Incorrect security UI in Downloads
  * CVE-2023-5851: Inappropriate implementation in Downloads
  * CVE-2023-5852: Use after free in Printing
  * CVE-2023-5853: Incorrect security UI in Downloads
  * CVE-2023-5854: Use after free in Profiles
  * CVE-2023-5855: Use after free in Reading Mode
  * CVE-2023-5856: Use after free in Side Panel
  * CVE-2023-5857: Inappropriate implementation in Downloads
  * CVE-2023-5858: Inappropriate implementation in WebApp Provider
  * CVE-2023-5859: Incorrect security UI in Picture In Picture
- dropped patches:
  * chromium-98-gtk4-build.patch
  * chromium-118-system-freetype.patch
  * chromium-118-no_matching_constructor.patch
- added patches:
  * chromium-119-no_matching_constructor.patch 
  * chromium-119-dont-redefine-ATSPI-version-macros.patch
  * chromium-119-nullptr_t-without-namespace-std.patch
  * chromium-119-assert.patch

• Files Changed
• Browse Source

- Chromium 118.0.5993.117 (boo#1216549)
  * CVE-2023-5472: Use after free in Profiles
  * Various fixes from internal audits, fuzzing and other initiatives

• Files Changed
• Browse Source

- Chromium 118.0.5993.88: 
  * unspecified security fix (boo#1216392)

• Files Changed
• Browse Source

- refresh chromium-117-emplace_back_on_vector-c++20.patch and
  chromium-117-lp155-constructors.patch to
  chromium-118-no_matching_constructor.patch

- Chromium 118.0.5993.70 (boo#1216111)
  * CVE-2023-5218: Use after free in Site Isolation
  * CVE-2023-5487: Inappropriate implementation in Fullscreen
  * CVE-2023-5484: Inappropriate implementation in Navigation
  * CVE-2023-5475: Inappropriate implementation in DevTools
  * CVE-2023-5483: Inappropriate implementation in Intents
  * CVE-2023-5481: Inappropriate implementation in Downloads
  * CVE-2023-5476: Use after free in Blink History
  * CVE-2023-5474: Heap buffer overflow in PDF
  * CVE-2023-5479: Inappropriate implementation in Extensions API
  * CVE-2023-5485: Inappropriate implementation in Autofill
  * CVE-2023-5478: Inappropriate implementation in Autofill
  * CVE-2023-5477: Inappropriate implementation in Installer
  * CVE-2023-5486: Inappropriate implementation in Input
  * CVE-2023-5473: Use after free in Cast
- Build with system freetype (again), and zstd
- add patches:
  * chromium-118-system-freetype.patch
  * chromium-117-system-zstd.patch

- Chromium 118.0.5993.54
- add patches:
  * chromium-118-includes.patch

- Chromium 117.0.5938.149:
  * CVE-2023-5346: Type Confusion in V8 (boo#1215924)

• Files Changed
• Browse Source

Unset link revision

• Files Changed
• Browse Source

- Chromium 117.0.5938.132 (boo#1215776):
  * CVE-2023-5217: Heap buffer overflow in vp8 encoding in libvpx (boo#1215778)
  * CVE-2023-5186: Use after free in Passwords
  * CVE-2023-5187: Use after free in Extensions

• Files Changed
• Browse Source

this was already deleted but merge is retarded

• Files Changed
• Browse Source

trigger service run

• Files Changed
• Browse Source

- Chromium 117.0.5938.92:
  * stability improvements

• Files Changed
• Browse Source

clean merge cruft

• Files Changed
• Browse Source

- Chromium 117.0.5938.88 (boo#1215279)
  * CVE-2023-4900: Inappropriate implementation in Custom Tabs
  * CVE-2023-4901: Inappropriate implementation in Prompts
  * CVE-2023-4902: Inappropriate implementation in Input
  * CVE-2023-4903: Inappropriate implementation in Custom Mobile Tabs
  * CVE-2023-4904: Insufficient policy enforcement in Downloads
  * CVE-2023-4905: Inappropriate implementation in Prompts
  * CVE-2023-4906: Insufficient policy enforcement in Autofill
  * CVE-2023-4907: Inappropriate implementation in Intents
  * CVE-2023-4908: Inappropriate implementation in Picture in Picture
  * CVE-2023-4909: Inappropriate implementation in Interstitials
- drop patches:
  * chromium-100-InMilliseconds-constexpr.patch
  * chromium-115-Qt-moc-version.patch
  * chromium-116-profile-view-utils-vector-include.patch
  * chromium-116-blink-variant-include.patch
  * chromium-116-abseil-limits-include.patch
  * chromium-116-lp155-constuctors.patch
  * chromium-115-workaround_clang_bug-structured_binding.patch
  * chromium-115-emplace_back_on_vector-c++20.patch
- add patches:
  * chromium-117-blink-BUILD-mnemonic.patch
  * chromium-117-includes.patch
  * chromium-117-lp155-constructors.patch
  * chromium-117-string-convert.patch
  * chromium-117-lp155-typename.patch
  * chromium-117-workaround_clang_bug-structured_binding.patch
  * chromium-117-emplace_back_on_vector-c++20.patch

- CVE-2023-4863: build with the bundled library on Leap (boo#1215231)

• Files Changed
• Browse Source