- Update to 75.0.3770.142 bsc#1141649:

* CVE-2019-5847: V8 sealed/frozen elements cause crash
  * CVE-2019-5848: Font sizes may expose sensitive information
- Add patch chromium-renderprocess-crash.patch to hopefully fix
  bsc#1141102

OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1274

chromium-75.0.3770.100.tar.xz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:9e1360101b6d9f9635e540db77626e3e15b452f413d8750518244ac37b73fca0
-size 708247700

chromium-renderprocess-crash.patch

@@ -0,0 +1,34 @@
+diff -up chromium-75.0.3770.100/chrome/browser/performance_manager/chrome_content_browser_client_performance_manager_part.cc.git00281713 chromium-75.0.3770.100/chrome/browser/performance_manager/chrome_content_browser_client_performance_manager_part.cc
+--- chromium-75.0.3770.100/chrome/browser/performance_manager/chrome_content_browser_client_performance_manager_part.cc.git00281713	2019-07-02 09:10:38.951369854 -0400
++++ chromium-75.0.3770.100/chrome/browser/performance_manager/chrome_content_browser_client_performance_manager_part.cc	2019-07-02 09:11:59.864642942 -0400
+@@ -12,13 +12,19 @@
+ #include "chrome/browser/performance_manager/graph/process_node_impl.h"
+ #include "chrome/browser/performance_manager/performance_manager.h"
+ #include "chrome/browser/performance_manager/render_process_user_data.h"
++#include "content/public/browser/render_process_host.h"
+ #include "services/resource_coordinator/public/mojom/coordination_unit.mojom.h"
+ 
+ namespace {
+ 
+ void BindProcessNode(
+-    content::RenderProcessHost* render_process_host,
++    int render_process_host_id,
+     resource_coordinator::mojom::ProcessCoordinationUnitRequest request) {
++  content::RenderProcessHost* render_process_host =
++      content::RenderProcessHost::FromID(render_process_host_id);
++  if (!render_process_host)
++    return;
++
+   performance_manager::RenderProcessUserData* user_data =
+       performance_manager::RenderProcessUserData::GetForRenderProcessHost(
+           render_process_host);
+@@ -47,8 +53,7 @@ void ChromeContentBrowserClientPerforman
+         blink::AssociatedInterfaceRegistry* associated_registry,
+         content::RenderProcessHost* render_process_host) {
+   registry->AddInterface(
+-      base::BindRepeating(&BindProcessNode,
+-                          base::Unretained(render_process_host)),
++      base::BindRepeating(&BindProcessNode, render_process_host->GetID()),
+       base::SequencedTaskRunnerHandle::Get());
+ 
+   // Ideally this would strictly be a "CreateForRenderProcess", but when a

chromium.changes

@@ -1,3 +1,12 @@
+-------------------------------------------------------------------
+Tue Jul 16 14:26:18 UTC 2019 - Tomáš Chvátal <tchvatal@suse.com>
+
+- Update to 75.0.3770.142 bsc#1141649:
+  * CVE-2019-5847: V8 sealed/frozen elements cause crash
+  * CVE-2019-5848: Font sizes may expose sensitive information
+- Add patch chromium-renderprocess-crash.patch to hopefully fix
+  bsc#1141102
+
 -------------------------------------------------------------------
 Tue Jul  2 08:55:22 UTC 2019 - Martin Liška <mliska@suse.cz>
 

chromium.spec

@@ -57,7 +57,7 @@
 %bcond_with lto
 %endif
 Name:           chromium
-Version:        75.0.3770.100
+Version:        75.0.3770.142
 Release:        0
 Summary:        Google's open source browser project
 License:        BSD-3-Clause AND LGPL-2.1-or-later
@@ -95,6 +95,7 @@ Patch14:        chromium-75.0.3770.80-SIOCGSTAMP.patch
 Patch15:        chromium-75.0.3770.80-pure-virtual-crash-fix.patch
 Patch16:        gcc-lto-rsp-clobber.patch
 Patch17:        gcc-enable-lto.patch
+Patch18:        chromium-renderprocess-crash.patch
 # Google seem not too keen on merging this but GPU accel is quite important
 #  https://chromium-review.googlesource.com/c/chromium/src/+/532294
 #  https://github.com/saiarcot895/chromium-ubuntu-build/tree/master/debian/patches