chromium/chromium-dev
SHA256
11
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update

Browse Source 
OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1610
This commit is contained in:
Callum Farmer
2021-10-08 19:36:41 +00:00
committed by Git OBS Bridge
parent 194866bc3f
commit 0cd7680adb
5 changed files with 40 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
chromium-93-InkDropHost-crash.patch Normal file
View File

@@ -0,0 +1,24 @@
diff -up chromium-94.0.4606.71/ui/views/animation/ink_drop_host_view.h.InkDropHost-crash chromium-94.0.4606.71/ui/views/animation/ink_drop_host_view.h
--- chromium-94.0.4606.71/ui/views/animation/ink_drop_host_view.h.InkDropHost-crash 2021-10-05 16:04:46.313586509 -0400
+++ chromium-94.0.4606.71/ui/views/animation/ink_drop_host_view.h 2021-10-05 16:05:12.213732558 -0400
@@ -228,6 +228,11 @@ class VIEWS_EXPORT InkDropHost {
// Used to observe View and inform the InkDrop of host-transform changes.
ViewLayerTransformObserver host_view_transform_observer_;
+ // Declared before |ink_drop_|, because InkDropImpl may call
+ // RemoveInkDropLayer on partly destructed InkDropHost. In
+ // that case |ink_drop_mask_| must be still valid.
+ std::unique_ptr<views::InkDropMask> ink_drop_mask_;
+
// Should not be accessed directly. Use GetInkDrop() instead.
std::unique_ptr<InkDrop> ink_drop_;
@@ -249,8 +254,6 @@ class VIEWS_EXPORT InkDropHost {
int ink_drop_small_corner_radius_ = 2;
int ink_drop_large_corner_radius_ = 4;
- std::unique_ptr<views::InkDropMask> ink_drop_mask_;
-
base::RepeatingCallback<std::unique_ptr<InkDrop>()> create_ink_drop_callback_;
base::RepeatingCallback<std::unique_ptr<InkDropRipple>()>
create_ink_drop_ripple_callback_;

3
chromium-94.0.4606.71.tar.xz
View File

@@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:cabbba2e608c5ec110850b14ee5fead2608c44447a52edb80e2ba8261be3dc5b
size 1039867644

3
chromium-94.0.4606.81.tar.xz Normal file
View File

@@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:7071aa2b2caf48094c2ae816395948b4daec940606f4982ad5bbf68e5d2de598
size 1039841108

11
chromium.changes
View File

@@ -1,3 +1,14 @@
-------------------------------------------------------------------
Fri Oct 8 19:33:03 UTC 2021 - Callum Farmer <gmbr3@opensuse.org>
- Chromium 94.0.4606.81 (boo#1191463):
* CVE-2021-37977: Use after free in Garbage Collection
* CVE-2021-37978: Heap buffer overflow in Blink
* CVE-2021-37979: Heap buffer overflow in WebRTC
* CVE-2021-37980: Inappropriate implementation in Sandbox
- Re-add after accidental deletion:
* chromium-93-InkDropHost-crash.patch
-------------------------------------------------------------------
Sun Oct 3 09:38:33 UTC 2021 - Callum Farmer <gmbr3@opensuse.org>

3
chromium.spec
View File

@@ -43,7 +43,7 @@
%bcond_with lto
%bcond_without clang
Name: chromium
Version: 94.0.4606.71
Version: 94.0.4606.81
Release: 0
Summary: Google's open source browser project
License: BSD-3-Clause AND LGPL-2.1-or-later
@@ -98,6 +98,7 @@ Patch64: chromium-94-CustomSpaces-include.patch
Patch65: chromium-94-sql-no-assert.patch
Patch67: chromium-older-harfbuzz.patch
Patch68: chromium-94-ffmpeg-roll.patch
Patch69: chromium-93-InkDropHost-crash.patch
# Google seem not too keen on merging this but GPU accel is quite important
# https://chromium-review.googlesource.com/c/chromium/src/+/532294
# https://github.com/saiarcot895/chromium-ubuntu-build/tree/master/debian/patches