From 68076b823fdf0ef9b05ce43bea39a97bcf877dacc9335274a9a388df4742e7c5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Fri, 9 Mar 2018 11:08:34 +0000 Subject: [PATCH 01/52] - Add patch chromium-drm.patch to make sure to build with Leap 42.3 variant of libdrm OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1101 --- _constraints | 2 +- chrome-wrapper | 34 + chromium-65.0.3325.146.tar.xz | 3 + chromium-69.0.3497.81.tar.xz | 3 - chromium-compiler.patch | 11 + chromium-gcc8-alignof.patch | 25 - chromium-glibc-2.27.patch | 50 ++ chromium-last-commit-position-r0.patch | 30 + chromium-master-prefs-path.patch | 12 +- chromium-non-void-return.patch | 515 +-------------- chromium-old-glibc.patch | 73 --- chromium-sandbox-pie.patch | 26 +- chromium-skia-aarch64-buildfix.patch | 20 - chromium-skia-system-fontconfig.patch | 77 --- chromium-system-icu.patch | 11 - chromium-vaapi.patch | 625 ------------------- chromium-vpx-aarch64.patch | 46 -- chromium-warnings.patch | 14 - chromium.changes | 397 ------------ chromium.spec | 192 +++--- exclude_ymp.diff | 10 + exclude_ymp.patch | 14 +- fix-gn-bootstrap.diff | 0 fix_building_widevinecdm_with_chromium.patch | 25 +- fix_network_api_crash.patch | 77 +++ mojo.patch | 62 ++ 26 files changed, 398 insertions(+), 1956 deletions(-) create mode 100644 chrome-wrapper create mode 100644 chromium-65.0.3325.146.tar.xz delete mode 100644 chromium-69.0.3497.81.tar.xz create mode 100644 chromium-compiler.patch delete mode 100644 chromium-gcc8-alignof.patch create mode 100644 chromium-glibc-2.27.patch create mode 100644 chromium-last-commit-position-r0.patch delete mode 100644 chromium-old-glibc.patch delete mode 100644 chromium-skia-aarch64-buildfix.patch delete mode 100644 chromium-skia-system-fontconfig.patch delete mode 100644 chromium-system-icu.patch delete mode 100644 chromium-vaapi.patch delete mode 100644 chromium-vpx-aarch64.patch delete mode 100644 chromium-warnings.patch create mode 100644 exclude_ymp.diff create mode 100644 fix-gn-bootstrap.diff create mode 100644 fix_network_api_crash.patch create mode 100644 mojo.patch diff --git a/_constraints b/_constraints index 05817d9..ebd3b8c 100644 --- a/_constraints +++ b/_constraints @@ -5,7 +5,7 @@ 20 - 8 + 6 diff --git a/chrome-wrapper b/chrome-wrapper new file mode 100644 index 0000000..22772d9 --- /dev/null +++ b/chrome-wrapper @@ -0,0 +1,34 @@ +#!/bin/bash +# +# Copyright (c) 2011 The Chromium Authors. All rights reserved. +# Use of this source code is governed by a BSD-style license that can be +# found in the LICENSE file. + +# Let the wrapped binary know that it has been run through the wrapper. +export CHROME_WRAPPER="`readlink -f "$0"`" + +HERE="`dirname "$CHROME_WRAPPER"`" + +# Always use our versions of ffmpeg libs. +# This also makes RPMs find the compatibly-named library symlinks. +export LD_LIBRARY_PATH="$HERE${LD_LIBRARY_PATH:+:$LD_LIBRARY_PATH}" + +export CHROME_VERSION_EXTRA="@@CHANNEL@@" + +# We don't want bug-buddy intercepting our crashes. http://crbug.com/24120 +export GNOME_DISABLE_CRASH_DIALOG=SET_BY_GOOGLE_CHROME + +# Allow root usage +no_sandbox= +if [ "`id -u`" == "0" ]; then + no_sandbox=--no-sandbox +fi + +# Sanitize std{in,out,err} because they'll be shared with untrusted child +# processes (http://crbug.com/376567). +exec < /dev/null +exec > >(exec cat) +exec 2> >(exec cat >&2) + +# Note: exec -a below is a bashism. +exec -a "$0" "$HERE/chrome" $no_sandbox "$@" diff --git a/chromium-65.0.3325.146.tar.xz b/chromium-65.0.3325.146.tar.xz new file mode 100644 index 0000000..be1e8b2 --- /dev/null +++ b/chromium-65.0.3325.146.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:cb4f2f3f5a3344f7c452b61f8086d4b4e56af6f5bc34309c3ede8be6b4ab81a3 +size 570305180 diff --git a/chromium-69.0.3497.81.tar.xz b/chromium-69.0.3497.81.tar.xz deleted file mode 100644 index af673ee..0000000 --- a/chromium-69.0.3497.81.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:165ac7d0d4588e6b4a16331e0a9906ed013f2d29a96b54f0ea78fa0298f97144 -size 617333008 diff --git a/chromium-compiler.patch b/chromium-compiler.patch new file mode 100644 index 0000000..83c54ef --- /dev/null +++ b/chromium-compiler.patch @@ -0,0 +1,11 @@ +--- a/device/u2f/u2f_ble_transaction.cc ++++ b/device/u2f/u2f_ble_transaction.cc +@@ -131,7 +131,7 @@ + + void U2fBleTransaction::OnError() { + request_frame_.reset(); +- request_cont_fragments_ = {}; ++ request_cont_fragments_ = base::queue(); + response_frame_assembler_.reset(); + std::move(callback_).Run(base::nullopt); + } diff --git a/chromium-gcc8-alignof.patch b/chromium-gcc8-alignof.patch deleted file mode 100644 index 746783e..0000000 --- a/chromium-gcc8-alignof.patch +++ /dev/null @@ -1,25 +0,0 @@ -From: Fedora -Subject: Fix build for 32-bit platforms - -Apparently not upstream, can't find this anywhere. So I assume Fedora is the actual source? -https://src.fedoraproject.org/cgit/rpms/chromium.git/tree/chromium-66.0.3359.170-gcc8-alignof.patch - -Index: chromium-69.0.3497.81/mojo/public/c/system/macros.h -=================================================================== ---- chromium-69.0.3497.81.orig/mojo/public/c/system/macros.h -+++ chromium-69.0.3497.81/mojo/public/c/system/macros.h -@@ -27,7 +27,13 @@ - (sizeof(void*) == 4 ? 32 : 0) - - // Like the C++11 |alignof| operator. --#if __cplusplus >= 201103L -+#if defined(__GNUC__) && __GNUC__ >= 8 -+// GCC 8 has changed the alignof operator to return the minimal alignment -+// required by the target ABI, instead of the preferred alignment. -+// This means that on 32-bit x86, it will return 4 instead of 8. -+// Use __alignof__ instead to avoid this. -+#define MOJO_ALIGNOF(type) __alignof__(type) -+#elif __cplusplus >= 201103L - #define MOJO_ALIGNOF(type) alignof(type) - #elif defined(__GNUC__) - #define MOJO_ALIGNOF(type) __alignof__(type) diff --git a/chromium-glibc-2.27.patch b/chromium-glibc-2.27.patch new file mode 100644 index 0000000..c211eee --- /dev/null +++ b/chromium-glibc-2.27.patch @@ -0,0 +1,50 @@ +From 9f63f94a11abc34d40ede8b8712fa15b5844a8c0 Mon Sep 17 00:00:00 2001 +From: Tom Anderson +Date: Sat, 27 Jan 2018 20:03:37 +0000 +Subject: [PATCH] Fix build with glibc 2.27 + +BUG=806340 +TBR=hamelphi@chromium.org + +Change-Id: Ib4e5091212d874d9ad88f3e9a1fdfee3ed7e0d5e +Reviewed-on: https://chromium-review.googlesource.com/890059 +Reviewed-by: Thomas Anderson +Reviewed-by: Philippe Hamel +Commit-Queue: Thomas Anderson +Cr-Commit-Position: refs/heads/master@{#532249} +--- + +diff --git a/components/assist_ranker/ranker_example_util.cc b/components/assist_ranker/ranker_example_util.cc +index 54d4dbd..ceedd8f 100644 +--- a/components/assist_ranker/ranker_example_util.cc ++++ b/components/assist_ranker/ranker_example_util.cc +@@ -2,6 +2,8 @@ + // Use of this source code is governed by a BSD-style license that can be + // found in the LICENSE file. + ++#include ++ + #include "components/assist_ranker/ranker_example_util.h" + #include "base/bit_cast.h" + #include "base/format_macros.h" +From 0235c2b657d936f3cdb09053776e5929fc84704b Mon Sep 17 00:00:00 2001 +From: Tomas Popela +Date: Wed, 31 Jan 2018 18:57:07 +0000 +Subject: [PATCH] Add missing stdint include + +diff --git a/chrome/browser/vr/sample_queue.cc b/chrome/browser/vr/sample_queue.cc +index c2ca777ce90c..53cb3aab1576 100644 +--- a/chrome/browser/vr/sample_queue.cc ++++ b/chrome/browser/vr/sample_queue.cc +@@ -2,6 +2,8 @@ + // Use of this source code is governed by a BSD-style license that can be + // found in the LICENSE file. + ++#include ++ + #include "chrome/browser/vr/sample_queue.h" + + namespace vr { +-- +2.16.2 + diff --git a/chromium-last-commit-position-r0.patch b/chromium-last-commit-position-r0.patch new file mode 100644 index 0000000..219e2fd --- /dev/null +++ b/chromium-last-commit-position-r0.patch @@ -0,0 +1,30 @@ +Index: chromium-60.0.3107.4/tools/gn/gn_main.cc +=================================================================== +--- chromium-60.0.3107.4.orig/tools/gn/gn_main.cc ++++ chromium-60.0.3107.4/tools/gn/gn_main.cc +@@ -12,13 +12,7 @@ + #include "tools/gn/standard_out.h" + #include "tools/gn/switches.h" + +-// Only the GN-generated build makes this header for now. +-// TODO(brettw) consider adding this if we need it in GYP. +-#if defined(GN_BUILD) +-#include "tools/gn/last_commit_position.h" +-#else + #define LAST_COMMIT_POSITION "UNKNOWN" +-#endif + + namespace { + +Index: chromium-60.0.3107.4/tools/gn/BUILD.gn +=================================================================== +--- chromium-60.0.3107.4.orig/tools/gn/BUILD.gn ++++ chromium-60.0.3107.4/tools/gn/BUILD.gn +@@ -268,7 +268,6 @@ executable("gn") { + + deps = [ + ":gn_lib", +- ":last_commit_position", + "//base", + "//build/config:exe_and_shlib_deps", + "//build/win:default_exe_manifest", diff --git a/chromium-master-prefs-path.patch b/chromium-master-prefs-path.patch index c4d0edb..12ddb72 100644 --- a/chromium-master-prefs-path.patch +++ b/chromium-master-prefs-path.patch @@ -1,14 +1,14 @@ -Index: chromium-68.0.3423.2/chrome/browser/first_run/first_run_internal_linux.cc +Index: chromium/src/chrome/browser/first_run/first_run_linux.cc =================================================================== ---- chromium-68.0.3423.2.orig/chrome/browser/first_run/first_run_internal_linux.cc -+++ chromium-68.0.3423.2/chrome/browser/first_run/first_run_internal_linux.cc -@@ -20,8 +20,7 @@ bool IsOrganicFirstRun() { +--- chrome/browser/first_run/first_run_internal_linux.cc ++++ chrome/browser/first_run/first_run_internal_linux.cc +@@ -22,8 +22,7 @@ base::FilePath MasterPrefsPath() { // The standard location of the master prefs is next to the chrome binary. base::FilePath master_prefs; -- if (!base::PathService::Get(base::DIR_EXE, &master_prefs)) +- if (!PathService::Get(base::DIR_EXE, &master_prefs)) - return base::FilePath(); + master_prefs = base::FilePath("/etc/chromium"); return master_prefs.AppendASCII(installer::kDefaultMasterPrefs); } - + diff --git a/chromium-non-void-return.patch b/chromium-non-void-return.patch index da37e66..cc18923 100644 --- a/chromium-non-void-return.patch +++ b/chromium-non-void-return.patch @@ -1,8 +1,21 @@ -Index: chromium-69.0.3497.57/media/gpu/vaapi/vaapi_wrapper.cc +Index: chromium-65.0.3325.146/chrome/browser/ui/libgtkui/app_indicator_icon.cc =================================================================== ---- chromium-69.0.3497.57.orig/media/gpu/vaapi/vaapi_wrapper.cc -+++ chromium-69.0.3497.57/media/gpu/vaapi/vaapi_wrapper.cc -@@ -400,6 +400,8 @@ static VAEntrypoint GetVaEntryPoint(Vaap +--- chromium-65.0.3325.146.orig/chrome/browser/ui/libgtkui/app_indicator_icon.cc ++++ chromium-65.0.3325.146/chrome/browser/ui/libgtkui/app_indicator_icon.cc +@@ -98,6 +98,8 @@ bool ShouldUseLibAppIndicator() { + case base::nix::DESKTOP_ENVIRONMENT_OTHER: + case base::nix::DESKTOP_ENVIRONMENT_XFCE: + return false; ++ default: ++ return false; + } + } + +Index: chromium-65.0.3325.146/media/gpu/vaapi/vaapi_wrapper.cc +=================================================================== +--- chromium-65.0.3325.146.orig/media/gpu/vaapi/vaapi_wrapper.cc ++++ chromium-65.0.3325.146/media/gpu/vaapi/vaapi_wrapper.cc +@@ -350,6 +350,8 @@ static VAEntrypoint GetVaEntryPoint(Vaap case VaapiWrapper::kCodecModeMax: NOTREACHED(); return VAEntrypointVLD; @@ -11,497 +24,3 @@ Index: chromium-69.0.3497.57/media/gpu/vaapi/vaapi_wrapper.cc } } -Index: chromium-69.0.3497.57/cc/input/snap_fling_controller.cc -=================================================================== ---- chromium-69.0.3497.57.orig/cc/input/snap_fling_controller.cc -+++ chromium-69.0.3497.57/cc/input/snap_fling_controller.cc -@@ -26,6 +26,8 @@ bool SnapFlingController::FilterEventFor - case GestureScrollType::kEnd: { - return state_ == State::kActive || state_ == State::kFinished; - } -+ default: -+ return false; - } - } - -Index: chromium-69.0.3497.57/chrome/browser/ui/webui/discards/discards_ui.cc -=================================================================== ---- chromium-69.0.3497.57.orig/chrome/browser/ui/webui/discards/discards_ui.cc -+++ chromium-69.0.3497.57/chrome/browser/ui/webui/discards/discards_ui.cc -@@ -48,6 +48,8 @@ mojom::LifecycleUnitVisibility GetLifecy - return mojom::LifecycleUnitVisibility::OCCLUDED; - case content::Visibility::VISIBLE: - return mojom::LifecycleUnitVisibility::VISIBLE; -+ default: -+ return mojom::LifecycleUnitVisibility::VISIBLE; - } - #if defined(COMPILER_MSVC) - NOTREACHED(); -Index: chromium-69.0.3497.57/components/autofill/core/browser/autofill_manager.cc -=================================================================== ---- chromium-69.0.3497.57.orig/components/autofill/core/browser/autofill_manager.cc -+++ chromium-69.0.3497.57/components/autofill/core/browser/autofill_manager.cc -@@ -285,6 +285,7 @@ PopupType AutofillManager::GetPopupType( - - default: - NOTREACHED(); -+ return PopupType::kUnspecified; - } - } - -Index: chromium-69.0.3497.57/components/cast_channel/cast_message_util.cc -=================================================================== ---- chromium-69.0.3497.57.orig/components/cast_channel/cast_message_util.cc -+++ chromium-69.0.3497.57/components/cast_channel/cast_message_util.cc -@@ -368,6 +368,8 @@ const char* GetAppAvailabilityResultToSt - return "unavailable"; - case GetAppAvailabilityResult::kUnknown: - return "unknown"; -+ default: -+ return "unknown"; - } - } - -Index: chromium-69.0.3497.57/components/data_reduction_proxy/core/browser/data_reduction_proxy_util.cc -=================================================================== ---- chromium-69.0.3497.57.orig/components/data_reduction_proxy/core/browser/data_reduction_proxy_util.cc -+++ chromium-69.0.3497.57/components/data_reduction_proxy/core/browser/data_reduction_proxy_util.cc -@@ -337,6 +337,8 @@ PageloadMetrics_ConnectionType ProtoConn - return PageloadMetrics_ConnectionType_CONNECTION_NONE; - case net::NetworkChangeNotifier::CONNECTION_BLUETOOTH: - return PageloadMetrics_ConnectionType_CONNECTION_BLUETOOTH; -+ default: -+ return PageloadMetrics_ConnectionType_CONNECTION_UNKNOWN; - } - } - -@@ -351,6 +353,8 @@ RequestInfo_Protocol ProtoRequestInfoPro - return RequestInfo_Protocol_QUIC; - case DataReductionProxyData::RequestInfo::Protocol::UNKNOWN: - return RequestInfo_Protocol_UNKNOWN; -+ default: -+ return RequestInfo_Protocol_UNKNOWN; - } - } - -Index: chromium-69.0.3497.57/content/browser/cache_storage/cache_storage_quota_client.cc -=================================================================== ---- chromium-69.0.3497.57.orig/content/browser/cache_storage/cache_storage_quota_client.cc -+++ chromium-69.0.3497.57/content/browser/cache_storage/cache_storage_quota_client.cc -@@ -98,6 +98,8 @@ storage::QuotaClient::ID CacheStorageQuo - return kServiceWorkerCache; - case CacheStorageOwner::kBackgroundFetch: - return kBackgroundFetch; -+ default: -+ return kBackgroundFetch; - } - } - -Index: chromium-69.0.3497.57/media/capture/video/video_capture_device_descriptor.cc -=================================================================== ---- chromium-69.0.3497.57.orig/media/capture/video/video_capture_device_descriptor.cc -+++ chromium-69.0.3497.57/media/capture/video/video_capture_device_descriptor.cc -@@ -94,6 +94,8 @@ const char* VideoCaptureDeviceDescriptor - return "Virtual Device"; - case VideoCaptureApi::UNKNOWN: - return "Unknown"; -+ default: -+ return "Unknown"; - } - } - -Index: chromium-69.0.3497.57/net/nqe/network_quality_estimator.cc -=================================================================== ---- chromium-69.0.3497.57.orig/net/nqe/network_quality_estimator.cc -+++ chromium-69.0.3497.57/net/nqe/network_quality_estimator.cc -@@ -1342,6 +1342,8 @@ base::TimeDelta NetworkQualityEstimator: - case nqe::internal::OBSERVATION_CATEGORY_COUNT: - NOTREACHED(); - return base::TimeDelta(); -+ default: -+ return base::TimeDelta(); - } - } - -Index: chromium-69.0.3497.57/services/audio/public/cpp/audio_system_to_service_adapter.cc -=================================================================== ---- chromium-69.0.3497.57.orig/services/audio/public/cpp/audio_system_to_service_adapter.cc -+++ chromium-69.0.3497.57/services/audio/public/cpp/audio_system_to_service_adapter.cc -@@ -66,6 +66,8 @@ const char* GetTraceEvent(Action action) - return "AudioSystemToServiceAdapter::GetAssociatedOutputDeviceID"; - case kGetInputDeviceInfo: - return "AudioSystemToServiceAdapter::GetInputDeviceInfo"; -+ default: -+ return "Unknown"; - } - NOTREACHED(); - } -Index: chromium-69.0.3497.57/services/network/cross_origin_read_blocking.cc -=================================================================== ---- chromium-69.0.3497.57.orig/services/network/cross_origin_read_blocking.cc -+++ chromium-69.0.3497.57/services/network/cross_origin_read_blocking.cc -@@ -800,6 +800,8 @@ bool CrossOriginReadBlocking::ResponseAn - return sniffers_.empty() && !found_blockable_content_; - case kBlock: - return false; -+ default: -+ return true; - } - } - -@@ -811,6 +813,8 @@ bool CrossOriginReadBlocking::ResponseAn - return sniffers_.empty() && found_blockable_content_; - case kBlock: - return true; -+ default: -+ return false; - } - } - -Index: chromium-69.0.3497.57/third_party/blink/renderer/modules/accessibility/ax_layout_object.cc -=================================================================== ---- chromium-69.0.3497.57.orig/third_party/blink/renderer/modules/accessibility/ax_layout_object.cc -+++ chromium-69.0.3497.57/third_party/blink/renderer/modules/accessibility/ax_layout_object.cc -@@ -1191,6 +1191,8 @@ AXTextPosition AXLayoutObject::GetTextPo - return kAXTextPositionSubscript; - case EVerticalAlign::kSuper: - return kAXTextPositionSuperscript; -+ default: -+ return AXNodeObject::GetTextPosition(); - } - } - -Index: chromium-69.0.3497.57/third_party/blink/renderer/modules/webaudio/audio_param.cc -=================================================================== ---- chromium-69.0.3497.57.orig/third_party/blink/renderer/modules/webaudio/audio_param.cc -+++ chromium-69.0.3497.57/third_party/blink/renderer/modules/webaudio/audio_param.cc -@@ -144,6 +144,7 @@ String AudioParamHandler::GetParamName() - return custom_param_name_; - default: - NOTREACHED(); -+ return "Unknown"; - } - } - -Index: chromium-69.0.3497.57/ui/accessibility/platform/ax_platform_node_auralinux.cc -=================================================================== ---- chromium-69.0.3497.57.orig/ui/accessibility/platform/ax_platform_node_auralinux.cc -+++ chromium-69.0.3497.57/ui/accessibility/platform/ax_platform_node_auralinux.cc -@@ -1291,6 +1291,8 @@ AtkRole AXPlatformNodeAuraLinux::GetAtkR - case ax::mojom::Role::kPresentational: - case ax::mojom::Role::kUnknown: - return ATK_ROLE_REDUNDANT_OBJECT; -+ default: -+ return ATK_ROLE_REDUNDANT_OBJECT; - } - } - -Index: chromium-69.0.3497.57/chrome/browser/chrome_browser_main.cc -=================================================================== ---- chromium-69.0.3497.57.orig/chrome/browser/chrome_browser_main.cc -+++ chromium-69.0.3497.57/chrome/browser/chrome_browser_main.cc -@@ -769,6 +769,8 @@ bool WaitUntilMachineLevelUserCloudPolic - case RegisterResult::kQuitDueToFailure: - chrome::AttemptExit(); - return false; -+ default: -+ return true; - } - #else - return true; -Index: chromium-69.0.3497.57/chrome/browser/resource_coordinator/tab_lifecycle_unit.cc -=================================================================== ---- chromium-69.0.3497.57.orig/chrome/browser/resource_coordinator/tab_lifecycle_unit.cc -+++ chromium-69.0.3497.57/chrome/browser/resource_coordinator/tab_lifecycle_unit.cc -@@ -161,6 +161,7 @@ bool IsValidStateChange(LifecycleUnitSta - default: { return false; } - } - } -+ default: { return false; } - } - } - -@@ -172,6 +173,8 @@ StateChangeReason DiscardReasonToStateCh - return StateChangeReason::BROWSER_INITIATED; - case DiscardReason::kUrgent: - return StateChangeReason::SYSTEM_MEMORY_PRESSURE; -+ default: -+ return StateChangeReason::BROWSER_INITIATED; - } - } - -Index: chromium-69.0.3497.57/chrome/browser/ui/views/harmony/material_refresh_layout_provider.cc -=================================================================== ---- chromium-69.0.3497.57.orig/chrome/browser/ui/views/harmony/material_refresh_layout_provider.cc -+++ chromium-69.0.3497.57/chrome/browser/ui/views/harmony/material_refresh_layout_provider.cc -@@ -43,6 +43,8 @@ int MaterialRefreshLayoutProvider::GetCo - return 8; - case views::EMPHASIS_MAXIMUM: - return std::min(size.width(), size.height()) / 2; -+ default: -+ return 0; - } - } - -@@ -60,6 +62,8 @@ int MaterialRefreshLayoutProvider::GetSh - return 3; - case views::EMPHASIS_MAXIMUM: - return 16; -+ default: -+ return 0; - } - } - -Index: chromium-69.0.3497.57/components/password_manager/core/browser/browser_save_password_progress_logger.cc -=================================================================== ---- chromium-69.0.3497.57.orig/components/password_manager/core/browser/browser_save_password_progress_logger.cc -+++ chromium-69.0.3497.57/components/password_manager/core/browser/browser_save_password_progress_logger.cc -@@ -86,6 +86,8 @@ std::string VoteTypeToString( - return "HTML classifier"; - case AutofillUploadContents::Field::FIRST_USE: - return "First use"; -+ default: -+ return "No information"; - } - } - -Index: chromium-69.0.3497.57/components/policy/core/common/policy_proto_decoders.cc -=================================================================== ---- chromium-69.0.3497.57.orig/components/policy/core/common/policy_proto_decoders.cc -+++ chromium-69.0.3497.57/components/policy/core/common/policy_proto_decoders.cc -@@ -42,6 +42,8 @@ bool GetPolicyLevel(const AnyPolicyProto - return true; - case em::PolicyOptions::UNSET: - return false; -+ default: -+ return false; - } - } - -@@ -186,4 +188,4 @@ void DecodeProtoFields( - } - } - --} // namespace policy -\ No newline at end of file -+} // namespace policy -Index: chromium-69.0.3497.57/components/previews/content/previews_hints.cc -=================================================================== ---- chromium-69.0.3497.57.orig/components/previews/content/previews_hints.cc -+++ chromium-69.0.3497.57/components/previews/content/previews_hints.cc -@@ -94,6 +94,8 @@ ConvertProtoOptimizationTypeToPreviewsOp - return PreviewsType::NOSCRIPT; - case optimization_guide::proto::RESOURCE_LOADING: - return PreviewsType::RESOURCE_LOADING_HINTS; -+ default: -+ return base::nullopt; - } - } - -Index: chromium-69.0.3497.57/components/previews/core/previews_black_list.cc -=================================================================== ---- chromium-69.0.3497.57.orig/components/previews/core/previews_black_list.cc -+++ chromium-69.0.3497.57/components/previews/core/previews_black_list.cc -@@ -33,6 +33,9 @@ PreviewsEligibilityReason BlacklistReaso - return PreviewsEligibilityReason::ALLOWED; - case blacklist::BlacklistReason::kAllowed: - return PreviewsEligibilityReason::ALLOWED; -+ default: -+ NOTREACHED() << "Previews does not support type-base blacklisting"; -+ return PreviewsEligibilityReason::ALLOWED; - } - } - -Index: chromium-69.0.3497.57/content/browser/frame_host/frame_tree_node.cc -=================================================================== ---- chromium-69.0.3497.57.orig/content/browser/frame_host/frame_tree_node.cc -+++ chromium-69.0.3497.57/content/browser/frame_host/frame_tree_node.cc -@@ -624,6 +624,7 @@ bool FrameTreeNode::UpdateUserActivation - return NotifyUserActivation(); - } - NOTREACHED() << "Invalid update_type."; -+ return false; - } - - void FrameTreeNode::OnSetHasReceivedUserGestureBeforeNavigation(bool value) { -Index: chromium-69.0.3497.57/content/renderer/input/input_event_prediction.cc -=================================================================== ---- chromium-69.0.3497.57.orig/content/renderer/input/input_event_prediction.cc -+++ chromium-69.0.3497.57/content/renderer/input/input_event_prediction.cc -@@ -76,6 +76,8 @@ std::unique_ptr Inpu - return std::make_unique(); - case PredictorType::kKalman: - return std::make_unique(); -+ default: -+ return std::make_unique(); - } - } - -Index: chromium-69.0.3497.57/content/renderer/media/webrtc/peer_connection_tracker.cc -=================================================================== ---- chromium-69.0.3497.57.orig/content/renderer/media/webrtc/peer_connection_tracker.cc -+++ chromium-69.0.3497.57/content/renderer/media/webrtc/peer_connection_tracker.cc -@@ -112,6 +112,8 @@ static const char* SerializeDirection( - return "'recvonly'"; - case webrtc::RtpTransceiverDirection::kInactive: - return "'inactive'"; -+ default: -+ return "'unknown'"; - } - } - -Index: chromium-69.0.3497.57/device/bluetooth/bluetooth_remote_gatt_characteristic.cc -=================================================================== ---- chromium-69.0.3497.57.orig/device/bluetooth/bluetooth_remote_gatt_characteristic.cc -+++ chromium-69.0.3497.57/device/bluetooth/bluetooth_remote_gatt_characteristic.cc -@@ -397,6 +397,8 @@ bool BluetoothRemoteGattCharacteristic:: - return hasNotify; - case NotificationType::kIndication: - return hasIndicate; -+ default: -+ return false; - } - } - -Index: chromium-69.0.3497.57/media/blink/watch_time_reporter.cc -=================================================================== ---- chromium-69.0.3497.57.orig/media/blink/watch_time_reporter.cc -+++ chromium-69.0.3497.57/media/blink/watch_time_reporter.cc -@@ -571,6 +571,8 @@ WatchTimeKey WatchTimeReporter::GetDispl - return DISPLAY_TYPE_KEY(DisplayFullscreen); - case DisplayType::kPictureInPicture: - return DISPLAY_TYPE_KEY(DisplayPictureInPicture); -+ default: -+ return DISPLAY_TYPE_KEY(DisplayInline); - } - } - -Index: chromium-69.0.3497.57/services/ui/public/cpp/gpu/command_buffer_metrics.cc -=================================================================== ---- chromium-69.0.3497.57.orig/services/ui/public/cpp/gpu/command_buffer_metrics.cc -+++ chromium-69.0.3497.57/services/ui/public/cpp/gpu/command_buffer_metrics.cc -@@ -86,6 +86,8 @@ std::string ContextTypeToString(ContextT - return "Unknown"; - case ContextType::FOR_TESTING: - return "ForTesting"; -+ default: -+ return "Unknown"; - } - } - -Index: chromium-69.0.3497.57/third_party/blink/renderer/core/css/style_environment_variables.cc -=================================================================== ---- chromium-69.0.3497.57.orig/third_party/blink/renderer/core/css/style_environment_variables.cc -+++ chromium-69.0.3497.57/third_party/blink/renderer/core/css/style_environment_variables.cc -@@ -67,6 +67,7 @@ const AtomicString StyleEnvironmentVaria - } - - NOTREACHED(); -+ return "unknown"; - } - - // static -Index: chromium-69.0.3497.57/third_party/blink/renderer/core/html/media/media_controls.cc -=================================================================== ---- chromium-69.0.3497.57.orig/third_party/blink/renderer/core/html/media/media_controls.cc -+++ chromium-69.0.3497.57/third_party/blink/renderer/core/html/media/media_controls.cc -@@ -36,6 +36,9 @@ AtomicString MediaControls::GetSizingCSS - return kMediaControlsSizingMediumCSSClass; - case MediaControlsSizingClass::kLarge: - return kMediaControlsSizingLargeCSSClass; -+ default: -+ NOTREACHED(); -+ return kMediaControlsSizingMediumCSSClass; - } - - NOTREACHED(); -Index: chromium-69.0.3497.57/third_party/blink/renderer/modules/cookie_store/cookie_change_event.cc -=================================================================== ---- chromium-69.0.3497.57.orig/third_party/blink/renderer/modules/cookie_store/cookie_change_event.cc -+++ chromium-69.0.3497.57/third_party/blink/renderer/modules/cookie_store/cookie_change_event.cc -@@ -53,6 +53,9 @@ String ToCookieListItemSameSite(network: - return "lax"; - case network::mojom::CookieSameSite::NO_RESTRICTION: - return "unrestricted"; -+ default: -+ NOTREACHED(); -+ return "unknown"; - } - - NOTREACHED(); -Index: chromium-69.0.3497.57/third_party/blink/renderer/modules/peerconnection/rtc_rtp_transceiver.cc -=================================================================== ---- chromium-69.0.3497.57.orig/third_party/blink/renderer/modules/peerconnection/rtc_rtp_transceiver.cc -+++ chromium-69.0.3497.57/third_party/blink/renderer/modules/peerconnection/rtc_rtp_transceiver.cc -@@ -28,6 +28,8 @@ String TransceiverDirectionToString( - return "recvonly"; - case webrtc::RtpTransceiverDirection::kInactive: - return "inactive"; -+ default: -+ return "unknown"; - } - } - -Index: chromium-69.0.3497.57/third_party/blink/renderer/platform/heap/heap_stats_collector.h -=================================================================== ---- chromium-69.0.3497.57.orig/third_party/blink/renderer/platform/heap/heap_stats_collector.h -+++ chromium-69.0.3497.57/third_party/blink/renderer/platform/heap/heap_stats_collector.h -@@ -94,6 +94,8 @@ class PLATFORM_EXPORT ThreadHeapStatsCol - return "BlinkGC.VisitPersistents"; - case Id::kVisitStackRoots: - return "BlinkGC.VisitStackRoots"; -+ default: -+ return "BlinkGC.Unknown"; - } - } - -Index: chromium-69.0.3497.57/third_party/blink/renderer/platform/scheduler/main_thread/page_scheduler_impl.cc -=================================================================== ---- chromium-69.0.3497.57.orig/third_party/blink/renderer/platform/scheduler/main_thread/page_scheduler_impl.cc -+++ chromium-69.0.3497.57/third_party/blink/renderer/platform/scheduler/main_thread/page_scheduler_impl.cc -@@ -670,6 +670,9 @@ PageSchedulerImpl::PageLifecycleStateTra - NOTREACHED(); - return base::nullopt; - } -+ default: -+ NOTREACHED(); -+ return base::nullopt; - } - } - -Index: chromium-69.0.3497.57/ui/base/mojo/clipboard_struct_traits.h -=================================================================== ---- chromium-69.0.3497.57.orig/ui/base/mojo/clipboard_struct_traits.h -+++ chromium-69.0.3497.57/ui/base/mojo/clipboard_struct_traits.h -@@ -20,6 +20,9 @@ struct EnumTraitsfTextSize = SkIntToScalar(1 << 14); - } - -- if (isLCD(*rec)) { -- // TODO: re-work so that FreeType is set-up and selected by the SkFontMgr. -- SkAutoMutexAcquire ama(gFTMutex); -- ref_ft_library(); -- if (!gFTLibrary->isLCDSupported()) { -- // If the runtime Freetype library doesn't support LCD, disable it here. -- rec->fMaskFormat = SkMask::kA8_Format; -- } -- unref_ft_library(); -- } -- - SkPaint::Hinting h = rec->getHinting(); - if (SkPaint::kFull_Hinting == h && !isLCD(*rec)) { - // collapse full->normal hinting if we're not doing LCD -@@ -1109,11 +1087,11 @@ - void SkScalerContext_FreeType::updateGlyphIfLCD(SkGlyph* glyph) { - if (isLCD(fRec)) { - if (fLCDIsVert) { -- glyph->fHeight += gFTLibrary->lcdExtra(); -- glyph->fTop -= gFTLibrary->lcdExtra() >> 1; -+ glyph->fHeight += 2; -+ glyph->fTop -= 1; - } else { -- glyph->fWidth += gFTLibrary->lcdExtra(); -- glyph->fLeft -= gFTLibrary->lcdExtra() >> 1; -+ glyph->fWidth += 2; -+ glyph->fLeft -= 1; - } - } - } diff --git a/chromium-system-icu.patch b/chromium-system-icu.patch deleted file mode 100644 index f562f21..0000000 --- a/chromium-system-icu.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- chromium-70.0.3521.2.old/third_party/blink/renderer/platform/text/character_property_data_generator.h 2018-08-15 12:41:21.091987662 +0200 -+++ chromium-70.0.3521.2/third_party/blink/renderer/platform/text/character_property_data_generator.h 2018-08-17 12:37:45.459538308 +0200 -@@ -247,7 +247,7 @@ - 0xFFA0, 0xFFDC, - }; - --static const UChar32 kIsHangulArray[] = {}; -+static const UChar32 kIsHangulArray[] = {0xFFDC,}; - - } // namespace blink - diff --git a/chromium-vaapi.patch b/chromium-vaapi.patch deleted file mode 100644 index c576c3e..0000000 --- a/chromium-vaapi.patch +++ /dev/null @@ -1,625 +0,0 @@ -From 53b93dfe87fd10cced5d2a2a63072dfc7a2af6e4 Mon Sep 17 00:00:00 2001 -From: Daniel Charles -Date: Fri, 28 Jul 2017 16:31:47 -0700 -Subject: [PATCH] Enable VAVDA, VAVEA and VAJDA on linux with VAAPI only - -This patch contains all the changes necessary to use VA-API along with -vaapi-driver to run all media use cases supported with hardware acceleration. - -It is intended to remain as experimental accessible from chrome://flags on linux. -It requires libva/intel-vaapi-driver to be installed on the system path where -chrome is executed. Other drivers could be tested if available. Flags are -kept independent for linux, where this feature has to be enabled before -actually using it. This should not change how other OSes use the flags -already, the new flags will show at the buttom on the section of unavailable -experiments - -The changes cover a range of compiler pre-processor flags to enable the stack. -It moves the presandbox operations to the vaapi_wrapper class as the hook function -is available there. vaInit will open driver on the correct installed folder. - -chrome flags consolidtation into only two flags for linux. Mjpeg and accelerated -video are used. The other flags are kept for ChromeOS and other OSes. - -Developer testing was made on skylake hardware, ChromeOS and Ubuntu. - -BUG=NONE -TEST="subjective testing with VAVDA,VAVEA and VAJDA, autotest for encoder" -TEST="and decoder hardware accelerated" -TEST="have libva/intel-vaapi-driver installed and not installed in the system" -TEST="repeat on different hardware families" -R=posciak@chromium.org -R=kcwu@chromium.org - -Cq-Include-Trybots: master.tryserver.chromium.android:android_optional_gpu_tests_rel;master.tryserver.chromium.linux:linux_optional_gpu_tests_rel;master.tryserver.chromium.mac:mac_optional_gpu_tests_rel;master.tryserver.chromium.win:win_optional_gpu_tests_rel -Change-Id: Ifbbf5c9e5221a8b5733fc6d4d0cf984a1f103171 -Signed-off-by: Daniel Charles ---- - -Index: dev/chrome/browser/about_flags.cc -=================================================================== ---- dev.orig/chrome/browser/about_flags.cc -+++ dev/chrome/browser/about_flags.cc -@@ -1612,6 +1612,13 @@ const FeatureEntry kFeatureEntries[] = { - flag_descriptions::kShowTouchHudDescription, kOsCrOS, - SINGLE_VALUE_TYPE(ash::switches::kAshTouchHud)}, - #endif // OS_CHROMEOS -+#if defined(OS_LINUX) && !defined(OS_CHROMEOS) && !defined(OS_ANDROID) -+ { -+ "enable-accelerated-video", flag_descriptions::kAcceleratedVideoName, -+ flag_descriptions::kAcceleratedVideoDescription, kOsLinux, -+ SINGLE_VALUE_TYPE(switches::kEnableAcceleratedVideo), -+ }, -+#else - { - "disable-accelerated-video-decode", - flag_descriptions::kAcceleratedVideoDecodeName, -@@ -1619,6 +1626,7 @@ const FeatureEntry kFeatureEntries[] = { - kOsMac | kOsWin | kOsCrOS | kOsAndroid, - SINGLE_DISABLE_VALUE_TYPE(switches::kDisableAcceleratedVideoDecode), - }, -+#endif - #if defined(OS_WIN) - {"enable-hdr", flag_descriptions::kEnableHDRName, - flag_descriptions::kEnableHDRDescription, kOsWin, -@@ -2291,12 +2299,17 @@ const FeatureEntry kFeatureEntries[] = { - FEATURE_VALUE_TYPE(features::kOpenVR)}, - #endif // ENABLE_OPENVR - #endif // ENABLE_VR --#if defined(OS_CHROMEOS) -+#if defined(OS_LINUX) && !defined(OS_CHROMEOS) && !defined(OS_ANDROID) -+ {"enable-accelerated-mjpeg-decode", -+ flag_descriptions::kAcceleratedMjpegDecodeName, -+ flag_descriptions::kAcceleratedMjpegDecodeDescription, kOsLinux, -+ SINGLE_VALUE_TYPE(switches::kEnableAcceleratedMjpegDecode)}, -+#elif defined(OS_CHROMEOS) - {"disable-accelerated-mjpeg-decode", - flag_descriptions::kAcceleratedMjpegDecodeName, - flag_descriptions::kAcceleratedMjpegDecodeDescription, kOsCrOS, - SINGLE_DISABLE_VALUE_TYPE(switches::kDisableAcceleratedMjpegDecode)}, --#endif // OS_CHROMEOS -+#endif - {"v8-cache-options", flag_descriptions::kV8CacheOptionsName, - flag_descriptions::kV8CacheOptionsDescription, kOsAll, - MULTI_VALUE_TYPE(kV8CacheOptionsChoices)}, -Index: dev/chrome/browser/chromeos/login/chrome_restart_request.cc -=================================================================== ---- dev.orig/chrome/browser/chromeos/login/chrome_restart_request.cc -+++ dev/chrome/browser/chromeos/login/chrome_restart_request.cc -@@ -19,6 +19,7 @@ - #include "base/sys_info.h" - #include "base/timer/timer.h" - #include "base/values.h" -+#include "build/build_config.h" - #include "cc/base/switches.h" - #include "chrome/browser/browser_process.h" - #include "chrome/browser/chromeos/boot_times_recorder.h" -@@ -84,8 +85,13 @@ void DeriveCommandLine(const GURL& start - ::switches::kDisable2dCanvasImageChromium, - ::switches::kDisableAccelerated2dCanvas, - ::switches::kDisableAcceleratedJpegDecoding, -+#if defined(OS_LINUX) && !defined(OS_CHROMEOS) && !defined(OS_ANDROID) -+ ::switches::kEnableAcceleratedMjpegDecode, -+ ::switches::kEnableAcceleratedVideo, -+#else - ::switches::kDisableAcceleratedMjpegDecode, - ::switches::kDisableAcceleratedVideoDecode, -+#endif - ::switches::kDisableAcceleratedVideoEncode, - ::switches::kDisableBlinkFeatures, - ::switches::kDisableCastStreamingHWEncoding, -Index: dev/chrome/browser/flag_descriptions.cc -=================================================================== ---- dev.orig/chrome/browser/flag_descriptions.cc -+++ dev/chrome/browser/flag_descriptions.cc -@@ -14,6 +14,13 @@ const char kAccelerated2dCanvasDescripti - "Enables the use of the GPU to perform 2d canvas rendering instead of " - "using software rendering."; - -+#if defined(OS_LINUX) && !defined(OS_CHROMEOS) -+const char kAcceleratedVideoName[] = "Hardware-accelerated video"; -+const char kAcceleratedVideoDescription[] = -+ "Hardware-accelerated video where VA-API driver is installed on the" -+ "system."; -+#endif -+ - const char kAcceleratedVideoDecodeName[] = "Hardware-accelerated video decode"; - const char kAcceleratedVideoDecodeDescription[] = - "Hardware-accelerated video decode where available."; -@@ -2892,7 +2899,7 @@ const char kTabStripKeyboardFocusDescrip - - // Chrome OS ------------------------------------------------------------------- - --#if defined(OS_CHROMEOS) -+#if defined(OS_CHROMEOS) || (defined(OS_LINUX) && !defined(OS_ANDROID)) - - const char kAcceleratedMjpegDecodeName[] = - "Hardware-accelerated mjpeg decode for captured frame"; -@@ -3407,7 +3414,7 @@ extern const char kEnableContinueReading - "seamlessly continue reading a web page when they switch devices from " - "phones or tablets to Chromebooks."; - --#endif // defined(OS_CHROMEOS) -+#endif // defined(OS_CHROMEOS) || BUILDFLAG(USE_VAAPI) - - // Random platform combinations ----------------------------------------------- - -Index: dev/chrome/browser/flag_descriptions.h -=================================================================== ---- dev.orig/chrome/browser/flag_descriptions.h -+++ dev/chrome/browser/flag_descriptions.h -@@ -37,6 +37,10 @@ namespace flag_descriptions { - extern const char kAccelerated2dCanvasName[]; - extern const char kAccelerated2dCanvasDescription[]; - -+#if defined(OS_LINUX) && !defined(OS_CHROMEOS) && !defined(OS_ANDROID) -+extern const char kAcceleratedVideoName[]; -+extern const char kAcceleratedVideoDescription[]; -+#endif - extern const char kAcceleratedVideoDecodeName[]; - extern const char kAcceleratedVideoDecodeDescription[]; - -@@ -1762,13 +1766,17 @@ extern const char kPermissionPromptPersi - - #endif // defined(OS_MACOSX) - --// Chrome OS ------------------------------------------------------------------ -- --#if defined(OS_CHROMEOS) -+#if defined(OS_CHROMEOS) || (defined(OS_LINUX) && !defined(OS_ANDROID)) - - extern const char kAcceleratedMjpegDecodeName[]; - extern const char kAcceleratedMjpegDecodeDescription[]; - -+#endif -+ -+// Chrome OS ------------------------------------------------------------------ -+ -+#if defined(OS_CHROMEOS) -+ - extern const char kAllowTouchpadThreeFingerClickName[]; - extern const char kAllowTouchpadThreeFingerClickDescription[]; - -Index: dev/content/browser/gpu/compositor_util.cc -=================================================================== ---- dev.orig/content/browser/gpu/compositor_util.cc -+++ dev/content/browser/gpu/compositor_util.cc -@@ -149,7 +149,11 @@ const GpuFeatureData GetGpuFeatureData( - {"video_decode", - SafeGetFeatureStatus(gpu_feature_info, - gpu::GPU_FEATURE_TYPE_ACCELERATED_VIDEO_DECODE), -+#if defined(OS_LINUX) && !defined(OS_CHROMEOS) && !defined(OS_ANDROID) -+ !command_line.HasSwitch(switches::kEnableAcceleratedVideo), -+#else - command_line.HasSwitch(switches::kDisableAcceleratedVideoDecode), -+#endif - "Accelerated video decode has been disabled, either via blacklist, " - "about:flags or the command line.", - true, true}, -Index: dev/content/browser/renderer_host/media/video_capture_browsertest.cc -=================================================================== ---- dev.orig/content/browser/renderer_host/media/video_capture_browsertest.cc -+++ dev/content/browser/renderer_host/media/video_capture_browsertest.cc -@@ -165,8 +165,13 @@ class VideoCaptureBrowserTest : public C - base::CommandLine::ForCurrentProcess()->AppendSwitch( - switches::kUseFakeJpegDecodeAccelerator); - } else { -+#if defined(OS_LINUX) && !defined(OS_CHROMEOS) && !defined(OS_ANDROID) -+ base::CommandLine::ForCurrentProcess()->AppendSwitch( -+ switches::kEnableAcceleratedMjpegDecode); -+#else - base::CommandLine::ForCurrentProcess()->AppendSwitch( - switches::kDisableAcceleratedMjpegDecode); -+#endif - } - } - -Index: dev/content/browser/renderer_host/render_process_host_impl.cc -=================================================================== ---- dev.orig/content/browser/renderer_host/render_process_host_impl.cc -+++ dev/content/browser/renderer_host/render_process_host_impl.cc -@@ -2724,7 +2724,11 @@ void RenderProcessHostImpl::PropagateBro - switches::kDefaultTileHeight, - switches::kDisable2dCanvasImageChromium, - switches::kDisableAcceleratedJpegDecoding, -+#if defined(OS_LINUX) && !defined(OS_CHROMEOS) -+ switches::kEnableAcceleratedVideo, -+#else - switches::kDisableAcceleratedVideoDecode, -+#endif - switches::kDisableBackgroundTasks, - switches::kDisableBackgroundTimerThrottling, - switches::kDisableBreakpad, -Index: dev/content/browser/webrtc/webrtc_media_recorder_browsertest.cc -=================================================================== ---- dev.orig/content/browser/webrtc/webrtc_media_recorder_browsertest.cc -+++ dev/content/browser/webrtc/webrtc_media_recorder_browsertest.cc -@@ -66,7 +66,12 @@ class MAYBE_WebRtcMediaRecorderTest - return; - // This flag is also used for encoding, https://crbug.com/616640. - base::CommandLine::ForCurrentProcess()->AppendSwitch( -- switches::kDisableAcceleratedVideoDecode); -+#if defined(OS_LINUX) && !defined(OS_CHROMEOS) -+ switches::kEnableAcceleratedVideo -+#else -+ switches::kDisableAcceleratedVideoDecode -+#endif -+ ); - } - - private: -Index: dev/content/gpu/BUILD.gn -=================================================================== ---- dev.orig/content/gpu/BUILD.gn -+++ dev/content/gpu/BUILD.gn -@@ -6,6 +6,7 @@ import("//build/config/jumbo.gni") - import("//build/config/ui.gni") - import("//gpu/vulkan/features.gni") - import("//media/media_options.gni") -+import("//media/gpu/args.gni") - import("//ui/ozone/ozone.gni") - - # See //content/BUILD.gn for how this works. -@@ -49,7 +50,6 @@ target(link_target_type, "gpu_sources") - ] - - configs += [ "//content:content_implementation" ] -- - deps = [ - "//base", - "//base/third_party/dynamic_annotations", -@@ -133,4 +133,8 @@ target(link_target_type, "gpu_sources") - (!is_chromecast || is_cast_desktop_build)) { - configs += [ "//build/config/linux/dri" ] - } -+ -+ if (is_desktop_linux && use_vaapi) { -+ public_configs = [ "//media/gpu:libva_config" ] -+ } - } -Index: dev/content/gpu/gpu_main.cc -=================================================================== ---- dev.orig/content/gpu/gpu_main.cc -+++ dev/content/gpu/gpu_main.cc -@@ -284,7 +284,7 @@ int GpuMain(const MainFunctionParams& pa - - base::PlatformThread::SetName("CrGpuMain"); - --#if defined(OS_ANDROID) || defined(OS_CHROMEOS) -+#if defined(OS_LINUX) - // Set thread priority before sandbox initialization. - base::PlatformThread::SetCurrentThreadPriority(base::ThreadPriority::DISPLAY); - #endif -@@ -317,7 +317,7 @@ int GpuMain(const MainFunctionParams& pa - GetContentClient()->SetGpuInfo(gpu_init->gpu_info()); - - base::ThreadPriority io_thread_priority = base::ThreadPriority::NORMAL; --#if defined(OS_ANDROID) || defined(OS_CHROMEOS) -+#if defined(OS_LINUX) - io_thread_priority = base::ThreadPriority::DISPLAY; - #endif - -Index: dev/content/public/browser/gpu_utils.cc -=================================================================== ---- dev.orig/content/public/browser/gpu_utils.cc -+++ dev/content/public/browser/gpu_utils.cc -@@ -57,9 +57,17 @@ const gpu::GpuPreferences GetGpuPreferen - gpu_preferences.in_process_gpu = - command_line->HasSwitch(switches::kInProcessGPU); - gpu_preferences.disable_accelerated_video_decode = -+#if defined(OS_LINUX) && !defined(OS_CHROMEOS) -+ !command_line->HasSwitch(switches::kEnableAcceleratedVideo); -+#else - command_line->HasSwitch(switches::kDisableAcceleratedVideoDecode); -+#endif - gpu_preferences.disable_accelerated_video_encode = -+#if defined(OS_LINUX) && !defined(OS_CHROMEOS) -+ !command_line->HasSwitch(switches::kEnableAcceleratedVideo); -+#else - command_line->HasSwitch(switches::kDisableAcceleratedVideoEncode); -+#endif - #if defined(OS_WIN) - uint32_t enable_accelerated_vpx_decode_val = - gpu::GpuPreferences::VPX_VENDOR_MICROSOFT; -Index: dev/content/public/common/content_switches.cc -=================================================================== ---- dev.orig/content/public/common/content_switches.cc -+++ dev/content/public/common/content_switches.cc -@@ -79,6 +79,11 @@ const char kDisable3DAPIs[] - // Disable gpu-accelerated 2d canvas. - const char kDisableAccelerated2dCanvas[] = "disable-accelerated-2d-canvas"; - -+#if defined(OS_LINUX) -+// Enables hardware acceleration of video for Linux only. VA-API driver -+// is required to be present on the system installation. -+const char kEnableAcceleratedVideo[] = "enable-accelerated-video"; -+#endif - // Disables hardware acceleration of video decode, where available. - const char kDisableAcceleratedVideoDecode[] = - "disable-accelerated-video-decode"; -Index: dev/content/public/common/content_switches.h -=================================================================== ---- dev.orig/content/public/common/content_switches.h -+++ dev/content/public/common/content_switches.h -@@ -104,6 +104,9 @@ CONTENT_EXPORT extern const char kDisabl - CONTENT_EXPORT extern const char kDomAutomationController[]; - extern const char kDisable2dCanvasClipAntialiasing[]; - CONTENT_EXPORT extern const char kDumpBlinkRuntimeCallStats[]; -+#if defined(OS_LINUX) && !defined(OS_CHROMEOS) && !defined(OS_ANDROID) -+CONTENT_EXPORT extern const char kEnableAcceleratedVideo[]; -+#endif - CONTENT_EXPORT extern const char kEnableAccessibilityObjectModel[]; - CONTENT_EXPORT extern const char kEnableAggressiveDOMStorageFlushing[]; - CONTENT_EXPORT extern const char kEnableAutomation[]; -Index: dev/content/renderer/media/webrtc/peer_connection_dependency_factory.cc -=================================================================== ---- dev.orig/content/renderer/media/webrtc/peer_connection_dependency_factory.cc -+++ dev/content/renderer/media/webrtc/peer_connection_dependency_factory.cc -@@ -276,10 +276,18 @@ void PeerConnectionDependencyFactory::In - - const base::CommandLine* cmd_line = base::CommandLine::ForCurrentProcess(); - if (gpu_factories && gpu_factories->IsGpuVideoAcceleratorEnabled()) { -+#if defined(OS_LINUX) && !defined(OS_CHROMEOS) -+ if (cmd_line->HasSwitch(switches::kEnableAcceleratedVideo)) -+#else - if (!cmd_line->HasSwitch(switches::kDisableWebRtcHWDecoding)) -+#endif - decoder_factory.reset(new RTCVideoDecoderFactory(gpu_factories)); - -+#if defined(OS_LINUX) && !defined(OS_CHROMEOS) -+ if (cmd_line->HasSwitch(switches::kEnableAcceleratedVideo)) -+#else - if (!cmd_line->HasSwitch(switches::kDisableWebRtcHWEncoding)) -+#endif - encoder_factory.reset(new RTCVideoEncoderFactory(gpu_factories)); - } - -Index: dev/content/renderer/render_thread_impl.cc -=================================================================== ---- dev.orig/content/renderer/render_thread_impl.cc -+++ dev/content/renderer/render_thread_impl.cc -@@ -1441,7 +1441,11 @@ media::GpuVideoAcceleratorFactories* Ren - kGpuStreamIdMedia, kGpuStreamPriorityMedia); - - const bool enable_video_accelerator = -+#if defined(OS_LINUX) && !defined(OS_CHROMEOS) -+ cmd_line->HasSwitch(switches::kEnableAcceleratedVideo) && -+#else - !cmd_line->HasSwitch(switches::kDisableAcceleratedVideoDecode) && -+#endif - (gpu_channel_host->gpu_feature_info() - .status_values[gpu::GPU_FEATURE_TYPE_ACCELERATED_VIDEO_DECODE] == - gpu::kGpuFeatureStatusEnabled); -Index: dev/gpu/config/software_rendering_list.json -=================================================================== ---- dev.orig/gpu/config/software_rendering_list.json -+++ dev/gpu/config/software_rendering_list.json -@@ -377,17 +377,6 @@ - ] - }, - { -- "id": 48, -- "description": "Accelerated video decode is unavailable on Linux", -- "cr_bugs": [137247], -- "os": { -- "type": "linux" -- }, -- "features": [ -- "accelerated_video_decode" -- ] -- }, -- { - "id": 50, - "description": "Disable VMware software renderer on older Mesa", - "cr_bugs": [145531, 332596, 571899, 629434], -Index: dev/media/filters/BUILD.gn -=================================================================== ---- dev.orig/media/filters/BUILD.gn -+++ dev/media/filters/BUILD.gn -@@ -4,6 +4,7 @@ - - import("//media/media_options.gni") - import("//third_party/libaom/options.gni") -+import("//media/gpu/args.gni") - - source_set("filters") { - # Do not expand the visibility here without double-checking with OWNERS, this -@@ -199,7 +200,7 @@ source_set("filters") { - deps += [ "//media/base/android" ] - } - -- if (current_cpu != "arm" && is_linux) { -+ if (use_vaapi) { - sources += [ - "h264_bitstream_buffer.cc", - "h264_bitstream_buffer.h", -Index: dev/media/gpu/BUILD.gn -=================================================================== ---- dev.orig/media/gpu/BUILD.gn -+++ dev/media/gpu/BUILD.gn -@@ -495,6 +495,12 @@ if (use_v4l2_codec || use_vaapi || is_ma - } - } - -+import("//build/config/linux/pkg_config.gni") -+ -+pkg_config("libva_config") { -+ packages = [ "libva" ] -+} -+ - if (use_vaapi) { - test("jpeg_encode_accelerator_unittest") { - deps = [ -@@ -559,6 +565,7 @@ if (use_v4l2_codec || use_vaapi) { - if (use_ozone) { - deps += [ "//ui/ozone" ] - } -+ public_configs = [ ":libva_config" ] - } - } - -Index: dev/media/gpu/gpu_video_decode_accelerator_factory.cc -=================================================================== ---- dev.orig/media/gpu/gpu_video_decode_accelerator_factory.cc -+++ dev/media/gpu/gpu_video_decode_accelerator_factory.cc -@@ -88,6 +88,7 @@ GpuVideoDecodeAcceleratorFactory::GetDec - // profile (instead of calculating a superset). - // TODO(posciak,henryhsu): improve this so that we choose a superset of - // resolutions and other supported profile parameters. -+ DVLOG(1) << "Get Supported profiles"; - #if defined(OS_WIN) - capabilities.supported_profiles = - DXVAVideoDecodeAccelerator::GetSupportedProfiles(gpu_preferences, -Index: dev/media/gpu/vaapi/vaapi_wrapper.cc -=================================================================== ---- dev.orig/media/gpu/vaapi/vaapi_wrapper.cc -+++ dev/media/gpu/vaapi/vaapi_wrapper.cc -@@ -332,7 +332,7 @@ bool VADisplayState::InitializeOnce() { - DVLOG(1) << "VAAPI version: " << major_version << "." << minor_version << " " - << va_vendor_string_; - -- if (major_version != VA_MAJOR_VERSION || minor_version != VA_MINOR_VERSION) { -+ if (major_version != VA_MAJOR_VERSION) { - LOG(ERROR) << "This build of Chromium requires VA-API version " - << VA_MAJOR_VERSION << "." << VA_MINOR_VERSION - << ", system version: " << major_version << "." << minor_version; -@@ -861,7 +861,11 @@ scoped_refptr VaapiWrapper::C - } - va_attrib_extbuf.num_planes = num_planes; - -+#if VA_CHECK_VERSION(1, 0, 0) -+ std::vector fds(num_fds); -+#else - std::vector fds(num_fds); -+#endif - for (size_t i = 0; i < num_fds; ++i) { - int dmabuf_fd = pixmap->GetDmaBufFd(i); - if (dmabuf_fd < 0) { -Index: dev/components/viz/service/main/viz_main_impl.cc -=================================================================== ---- dev.orig/components/viz/service/main/viz_main_impl.cc -+++ dev/components/viz/service/main/viz_main_impl.cc -@@ -62,7 +62,7 @@ std::unique_ptrStartWithOptions(thread_options)); -@@ -75,7 +75,7 @@ std::unique_ptr CreateAndS - // It should be possible to use |main_task_runner_| for doing IO tasks. - base::Thread::Options thread_options(base::MessageLoop::TYPE_IO, 0); - thread_options.priority = base::ThreadPriority::NORMAL; --#if defined(OS_ANDROID) || defined(OS_CHROMEOS) -+#if defined(OS_LINUX) - // TODO(reveman): Remove this in favor of setting it explicitly for each - // type of process. - thread_options.priority = base::ThreadPriority::DISPLAY; -Index: dev/content/browser/renderer_host/render_view_host_impl.cc -=================================================================== ---- dev.orig/content/browser/renderer_host/render_view_host_impl.cc -+++ dev/content/browser/renderer_host/render_view_host_impl.cc -@@ -463,7 +463,11 @@ WebPreferences RenderViewHostImpl::Compu - prefs.save_previous_document_resources = GetSavePreviousDocumentResources(); - - prefs.accelerated_video_decode_enabled = -+#if defined(OS_LINUX) && !defined(OS_CHROMEOS) && !defined(OS_ANDROID) -+ command_line.HasSwitch(switches::kEnableAcceleratedVideo); -+#else - !command_line.HasSwitch(switches::kDisableAcceleratedVideoDecode); -+#endif - - std::string autoplay_policy = media::GetEffectiveAutoplayPolicy(command_line); - if (autoplay_policy == switches::autoplay::kNoUserGestureRequiredPolicy) { -Index: dev/media/base/media_switches.cc -=================================================================== ---- dev.orig/media/base/media_switches.cc -+++ dev/media/base/media_switches.cc -@@ -117,10 +117,16 @@ const char kUseFileForFakeAudioCapture[] - // accelerator hardware to be present. - const char kUseFakeJpegDecodeAccelerator[] = "use-fake-jpeg-decode-accelerator"; - -+#if defined(OS_LINUX) && !defined(OS_CHROMEOS) && !defined(OS_ANDROID) -+// Enable hardware acceleration of mjpeg decode on Linux -+const char kEnableAcceleratedMjpegDecode[] = -+ "enable-accelerated-mjpeg-decode"; -+#else - // Disable hardware acceleration of mjpeg decode for captured frame, where - // available. - const char kDisableAcceleratedMjpegDecode[] = - "disable-accelerated-mjpeg-decode"; -+#endif - - // When running tests on a system without the required hardware or libraries, - // this flag will cause the tests to fail. Otherwise, they silently succeed. -@@ -462,15 +468,22 @@ const base::Feature kPreloadMediaEngagem - #endif - - bool IsVideoCaptureAcceleratedJpegDecodingEnabled() { -+#if defined(OS_LINUX) && !defined(OS_CHROMEOS) && !defined(OS_ANDROID) -+ if (!base::CommandLine::ForCurrentProcess()->HasSwitch( -+ switches::kEnableAcceleratedMjpegDecode)) { -+ return false; -+ } -+#else - if (base::CommandLine::ForCurrentProcess()->HasSwitch( - switches::kDisableAcceleratedMjpegDecode)) { - return false; - } -+#endif - if (base::CommandLine::ForCurrentProcess()->HasSwitch( - switches::kUseFakeJpegDecodeAccelerator)) { - return true; - } --#if defined(OS_CHROMEOS) -+#if defined(OS_LINUX) - return true; - #endif - return false; -Index: dev/media/base/media_switches.h -=================================================================== ---- dev.orig/media/base/media_switches.h -+++ dev/media/base/media_switches.h -@@ -66,7 +66,11 @@ MEDIA_EXPORT extern const char kUseFakeD - MEDIA_EXPORT extern const char kUseFileForFakeVideoCapture[]; - MEDIA_EXPORT extern const char kUseFileForFakeAudioCapture[]; - MEDIA_EXPORT extern const char kUseFakeJpegDecodeAccelerator[]; -+#if defined(OS_LINUX) && !defined(OS_CHROMEOS) && !defined(OS_ANDROID) -+MEDIA_EXPORT extern const char kEnableAcceleratedMjpegDecode[]; -+#else - MEDIA_EXPORT extern const char kDisableAcceleratedMjpegDecode[]; -+#endif - - MEDIA_EXPORT extern const char kRequireAudioHardwareForTesting[]; - MEDIA_EXPORT extern const char kMuteAudio[]; -Index: dev/content/browser/utility_process_host.cc -=================================================================== ---- dev.orig/content/browser/utility_process_host.cc -+++ dev/content/browser/utility_process_host.cc -@@ -296,7 +296,11 @@ bool UtilityProcessHost::StartProcess() - switches::kOverrideUseSoftwareGLForTests, - switches::kOverrideEnabledCdmInterfaceVersion, - switches::kProxyServer, -+#if defined(OS_LINUX) && !defined(OS_CHROMEOS) && !defined(OS_ANDROID) -+ switches::kEnableAcceleratedMjpegDecode, -+#else - switches::kDisableAcceleratedMjpegDecode, -+#endif - switches::kUseFakeDeviceForMediaStream, - switches::kUseFakeJpegDecodeAccelerator, - switches::kUseFileForFakeVideoCapture, -Index: dev/media/gpu/vaapi/vaapi_jpeg_decode_accelerator.cc -=================================================================== ---- dev.orig/media/gpu/vaapi/vaapi_jpeg_decode_accelerator.cc -+++ dev/media/gpu/vaapi/vaapi_jpeg_decode_accelerator.cc -@@ -174,7 +174,7 @@ bool VaapiJpegDecodeAccelerator::OutputP - - VAImage image = {}; - VAImageFormat format = {}; -- format.fourcc = VA_FOURCC_I420; -+ format.fourcc = libyuv::FOURCC_I420; - format.byte_order = VA_LSB_FIRST; - format.bits_per_pixel = 12; // 12 for I420 - diff --git a/chromium-vpx-aarch64.patch b/chromium-vpx-aarch64.patch deleted file mode 100644 index 9424b6e..0000000 --- a/chromium-vpx-aarch64.patch +++ /dev/null @@ -1,46 +0,0 @@ -From bc30e6e39c8bde9a31e1c314e6d1003ff47f2f7f Mon Sep 17 00:00:00 2001 -From: Raphael Kubo da Costa -Date: Fri, 13 Jul 2018 14:29:09 +0200 -Subject: [PATCH] vpx_sum_squares_2d_i16_neon(): Make |s2| a uint64x1_t. - -=> PATCH EDITED BY GUILLAUME TO MATCH CHROMIUM PATH - -This fixes the build with at least GCC 7.3, where it was previously failing -with: - -sum_squares_neon.c: In function 'vpx_sum_squares_2d_i16_neon': -sum_squares_neon.c: note: use -flax-vector-conversions to permit conversions between vectors with differing element types or numbers of subparts - s2 = vpaddl_u32(s1); - ^~ -sum_squares_neon.c: incompatible types when assigning to type 'int64x1_t' from type 'uint64x1_t' - s2 = vpaddl_u32(s1); - ^ -sum_squares_neon.c: incompatible types when assigning to type 'int64x1_t' from type 'uint64x1_t' - s2 = vadd_u64(vget_low_u64(s1), vget_high_u64(s1)); - ^ -sum_squares_neon.c: incompatible type for argument 1 of 'vget_lane_u64' - return vget_lane_u64(s2, 0); - ^~ - -The generated assembly was verified to remain identical with both GCC and -LLVM. - -Bug: chromium:819249 -Change-Id: I2778428ee1fee0a674d0d4910347c2a717de21ac ---- - vpx_dsp/arm/sum_squares_neon.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/third_party/libvpx/source/libvpx/vpx_dsp/arm/sum_squares_neon.c b/third_party/libvpx/source/libvpx/vpx_dsp/arm/sum_squares_neon.c -index 8942ba83bc..cfefad9938 100644 ---- a/third_party/libvpx/source/libvpx/vpx_dsp/arm/sum_squares_neon.c -+++ b/third_party/libvpx/source/libvpx/vpx_dsp/arm/sum_squares_neon.c -@@ -14,7 +14,7 @@ - #include "./vpx_dsp_rtcd.h" - - uint64_t vpx_sum_squares_2d_i16_neon(const int16_t *src, int stride, int size) { -- int64x1_t s2; -+ uint64x1_t s2; - - if (size == 4) { - int16x4_t s[4]; diff --git a/chromium-warnings.patch b/chromium-warnings.patch deleted file mode 100644 index 04d637f..0000000 --- a/chromium-warnings.patch +++ /dev/null @@ -1,14 +0,0 @@ ---- chromium-67.0.3396.87/build/config/compiler/BUILD.gn.orig 2018-06-16 13:57:27.583106343 +0200 -+++ chromium-67.0.3396.87/build/config/compiler/BUILD.gn 2018-06-16 14:24:26.713631391 +0200 -@@ -1325,6 +1325,11 @@ - # comments - # https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61638 - cflags += [ "-Wno-comments" ] -+ -+ # too many warnings -+ cflags += [ "-Wno-class-memaccess" ] -+ cflags += [ "-Wno-packed-not-aligned" ] -+ cflags += [ "-Wno-int-in-bool-context" ] - } - } - diff --git a/chromium.changes b/chromium.changes index e03d8dc..6ce7683 100644 --- a/chromium.changes +++ b/chromium.changes @@ -1,399 +1,3 @@ -------------------------------------------------------------------- -Thu Sep 6 13:27:18 UTC 2018 - tchvatal@suse.com - -- Add patch to fix mojo build on 32bit: - * chromium-gcc8-alignof.patch - -------------------------------------------------------------------- -Thu Sep 6 09:13:49 UTC 2018 - Tomáš Chvátal - -- Split out the gn from this package, obsoletes patches: - * fix-gn-bootstrap.patch - * chromium-last-commit-position-r0.patch - -------------------------------------------------------------------- -Thu Sep 6 09:09:57 UTC 2018 - Tomáš Chvátal - -- Version update to 69.0.3497.81 bsc#1107235: - * CVE-2018-16065: Out of bounds write in V8 - * CVE-2018-16066:Out of bounds read in Blink - * CVE-2018-16067: Out of bounds read in WebAudio - * CVE-2018-16068: Out of bounds write in Mojo - * CVE-2018-16069:Out of bounds read in SwiftShader - * CVE-2018-16070: Integer overflow in Skia - * CVE-2018-16071: Use after free in WebRTC - * CVE-2018-16073: Site Isolation bypass after tab restore - * CVE-2018-16074: Site Isolation bypass using Blob URLS - * Out of bounds read in Little-CMS - * CVE-2018-16075: Local file access in Blink - * CVE-2018-16076: Out of bounds read in PDFium - * CVE-2018-16077: Content security policy bypass in Blink - * CVE-2018-16078: Credit card information leak in Autofill - * CVE-2018-16079: URL spoof in permission dialogs - * CVE-2018-16080: URL spoof in full screen mode - * CVE-2018-16081: Local file access in DevTools - * CVE-2018-16082: Stack buffer overflow in SwiftShader - * CVE-2018-16083: Out of bounds read in WebRTC - * CVE-2018-16084: User confirmation bypass in external protocol handling - * CVE-2018-16085: Use after free in Memory Instrumentation -- Added patches: - * chromium-old-glibc.patch - * chromium-system-icu.patch - * chromium-warnings.patch -- Removed patches: - * chromium-cors-string.patch - * chromium-crashpad-aarch64-fix.patch - * chromium-ffmpeg.patch - * chromium-gcc.patch - * chromium-gcc7.patch - * chromium-libjpeg.patch - * chromium-libwebp-shim.patch -- Rebased patches: - * chromium-last-commit-position-r0.patch - * chromium-non-void-return.patch - * chromium-sandbox-pie.patch - * chromium-skia-system-fontconfig.patch - * chromium-vaapi.patch - -------------------------------------------------------------------- -Thu Sep 6 09:09:57 UTC 2018 - Tomáš Chvátal - -- Version update to 69.0.3497.81 bsc#1107235: - * CVE-2018-16065: Out of bounds write in V8 - * CVE-2018-16066:Out of bounds read in Blink - * CVE-2018-16067: Out of bounds read in WebAudio - * CVE-2018-16068: Out of bounds write in Mojo - * CVE-2018-16069:Out of bounds read in SwiftShader - * CVE-2018-16070: Integer overflow in Skia - * CVE-2018-16071: Use after free in WebRTC - * CVE-2018-16073: Site Isolation bypass after tab restore - * CVE-2018-16074: Site Isolation bypass using Blob URLS - * Out of bounds read in Little-CMS - * CVE-2018-16075: Local file access in Blink - * CVE-2018-16076: Out of bounds read in PDFium - * CVE-2018-16077: Content security policy bypass in Blink - * CVE-2018-16078: Credit card information leak in Autofill - * CVE-2018-16079: URL spoof in permission dialogs - * CVE-2018-16080: URL spoof in full screen mode - * CVE-2018-16081: Local file access in DevTools - * CVE-2018-16082: Stack buffer overflow in SwiftShader - * CVE-2018-16083: Out of bounds read in WebRTC - * CVE-2018-16084: User confirmation bypass in external protocol handling - * CVE-2018-16085: Use after free in Memory Instrumentation - * CVE-2018-16086: Script injection in New Tab Page. - * CVE-2018-16087: Multiple download restriction bypass. - * CVE-2018-16088: User gesture requirement bypass. -- Added patches: - * chromium-old-glibc.patch - * chromium-system-icu.patch - * chromium-warnings.patch -- Removed patches: - * chromium-cors-string.patch - * chromium-crashpad-aarch64-fix.patch - * chromium-ffmpeg.patch - * chromium-gcc.patch - * chromium-gcc7.patch - * chromium-libjpeg.patch - * chromium-libwebp-shim.patch -- Rebased patches: - * chromium-last-commit-position-r0.patch - * chromium-non-void-return.patch - * chromium-sandbox-pie.patch - * chromium-skia-system-fontconfig.patch - * chromium-vaapi.patch - -------------------------------------------------------------------- -Wed Aug 8 21:14:43 UTC 2018 - tchvatal@suse.com - -- Update to chromium-68.0.3440.106: - * Various feature fixes - -------------------------------------------------------------------- -Wed Aug 1 10:12:25 UTC 2018 - tchvatal@suse.com - -- Version update to 68.0.3440.84: - * Various small feature fixes only - -------------------------------------------------------------------- -Wed Jul 25 15:56:24 UTC 2018 - guillaume.gardet@opensuse.org - -- Add patch to fix aarch64 build: - * chromium-vpx-aarch64.patch - -------------------------------------------------------------------- -Wed Jul 25 14:29:16 UTC 2018 - tchvatal@suse.com - -- Add patch trying to build chromium on Leap 42.3: - * chromium-gcc7.patch - -------------------------------------------------------------------- -Wed Jul 25 13:08:17 UTC 2018 - tchvatal@suse.com - -- Raise libvpx requirement to match what we really need - -------------------------------------------------------------------- -Wed Jul 25 09:53:23 UTC 2018 - tchvatal@suse.com - -- Version update to 68.0.3440.75 bsc#1102530: - * CVE-2018-6153: Stack buffer overflow in Skia. - * CVE-2018-6154: Heap buffer overflow in WebGL. - * CVE-2018-6155: Use after free in WebRTC. - * CVE-2018-6156: Heap buffer overflow in WebRTC. - * CVE-2018-6157: Type confusion in WebRTC. - * CVE-2018-6158: Use after free in Blink. - * CVE-2018-6159: Same origin policy bypass in ServiceWorker. - * CVE-2018-6160: URL spoof in Chrome on iOS. - * CVE-2018-6161: Same origin policy bypass in WebAudio. - * CVE-2018-6162: Heap buffer overflow in WebGL. - * CVE-2018-6163: URL spoof in Omnibox. - * CVE-2018-6164: Same origin policy bypass in ServiceWorker. - * CVE-2018-6165: URL spoof in Omnibox. - * CVE-2018-6166: URL spoof in Omnibox. - * CVE-2018-6167: URL spoof in Omnibox. - * CVE-2018-6168: CORS bypass in Blink. - * CVE-2018-6169: Permissions bypass in extension installation. - * CVE-2018-6170: Type confusion in PDFium. - * CVE-2018-6171: Use after free in WebBluetooth. - * CVE-2018-6172: URL spoof in Omnibox. - * CVE-2018-6173: URL spoof in Omnibox. - * CVE-2018-6174: Integer overflow in SwiftShader. - * CVE-2018-6175: URL spoof in Omnibox. - * CVE-2018-6176: Local user privilege escalation in Extensions. - * CVE-2018-6177: Cross origin information leak in Blink. - * CVE-2018-6178: UI spoof in Extensions. - * CVE-2018-6179: Local file information leak in Extensions. - * CVE-2018-6044: Request privilege escalation in Extensions. - * CVE-2018-4117: Cross origin information leak in Blink. -- Rebase patches: - * chromium-master-prefs-path.patch - * chromium-non-void-return.patch - * chromium-vaapi.patch -- Add patches: - * chromium-cors-string.patch - * chromium-gcc.patch - * chromium-libjpeg.patch - * chromium-libwebp-shim.patch -- Remove patches: - * chromium-gcc8.patch - -------------------------------------------------------------------- -Tue Jul 10 11:40:21 UTC 2018 - tchvatal@suse.com - -- Version update to 67.0.3396.99: - * Various small feature fixes, no security - -------------------------------------------------------------------- -Fri Jun 15 19:51:32 UTC 2018 - tchvatal@suse.com - -- Add patch to build under gcc8: - * chromium-gcc8.patch - -------------------------------------------------------------------- -Wed Jun 13 09:26:43 UTC 2018 - security@suse.com - -- Chromium 67.0.3396.87: - * CVE-2018-6149: Out of bounds write in V8 (boo#1097452) - -------------------------------------------------------------------- -Thu Jun 7 12:23:26 UTC 2018 - astieger@suse.com - -- Chromium 67.0.3396.79: - * CVE-2018-6148: Incorrect handling of CSP header (boo#1096508) - -------------------------------------------------------------------- -Fri Jun 1 17:45:46 UTC 2018 - tchvatal@suse.com - -- Require ffmpeg >= 4.0 bsc#1095545 - -------------------------------------------------------------------- -Wed May 30 11:18:13 UTC 2018 - tchvatal@suse.com - -- Update to 67.0.3396.62 bsc#1095163 - * CVE-2018-6123: Use after free in Blink. - * CVE-2018-6124: Type confusion in Blink. - * CVE-2018-6125: Overly permissive policy in WebUSB. - * CVE-2018-6126: Heap buffer overflow in Skia. - * CVE-2018-6127: Use after free in indexedDB. - * CVE-2018-6128: uXSS in Chrome on iOS. - * CVE-2018-6129: Out of bounds memory access in WebRTC. - * CVE-2018-6130: Out of bounds memory access in WebRTC. - * CVE-2018-6131: Incorrect mutability protection in WebAssembly. - * CVE-2018-6132: Use of uninitialized memory in WebRTC. - * CVE-2018-6133: URL spoof in Omnibox. - * CVE-2018-6134: Referrer Policy bypass in Blink. - * CVE-2018-6135: UI spoofing in Blink. - * CVE-2018-6136: Out of bounds memory access in V8. - * CVE-2018-6137: Leak of visited status of page in Blink. - * CVE-2018-6138: Overly permissive policy in Extensions. - * CVE-2018-6139: Restrictions bypass in the debugger extension API. - * CVE-2018-6140: Restrictions bypass in the debugger extension API. - * CVE-2018-6141: Heap buffer overflow in Skia. - * CVE-2018-6142: Out of bounds memory access in V8. - * CVE-2018-6143: Out of bounds memory access in V8. - * CVE-2018-6144: Out of bounds memory access in PDFium. - * CVE-2018-6145: Incorrect escaping of MathML in Blink. - * CVE-2018-6147: Password fields not taking advantage of OS protections in Views. -- Add patches to build on aarch and remove obsolete one: - * chromium-crashpad-aarch64-fix.patch - * chromium-skia-aarch64-buildfix.patch - * chromium-65.0.3325.162-skia-aarch64-buildfix.patch - * chromium-skia-neon.patch -- Remove no longer needed gcc patch: - * chromium-gcc7.patch -- Rebase patches: - * chromium-non-void-return.patch - * chromium-vaapi.patch - * exclude_ymp.patch - * fix_building_widevinecdm_with_chromium.patch - -------------------------------------------------------------------- -Sat May 26 23:01:20 UTC 2018 - astieger@suse.com - -- on SLE 12 with SUSE PackageHub 12, do not require the SDK for - libwebpmux1 (bsc#1070421) - -------------------------------------------------------------------- -Sat May 26 07:08:04 UTC 2018 - astieger@suse.com - -- Fix installation issue on SUSE PackageHub 12 with libminizip1 - (bsc#1093031) - -------------------------------------------------------------------- -Wed May 16 07:05:32 UTC 2018 - astieger@suse.com - -- Chromium 66.0.3359.181: - * Autoplay: Force enable on desktop for Web Audio - -------------------------------------------------------------------- -Fri May 11 12:10:44 UTC 2018 - astieger@suse.com - -- Chromium 66.0.3359.170 (bsc#1092923): - * Chain leading to sandbox escape: - CVE-2018-6121: Privilege Escalation in extensions - CVE-2018-6122: Type confusion in V8 - * CVE-2018-6120: Heap buffer overflow in PDFium - * Various fixes from internal audits, fuzzing and other - initiatives - -------------------------------------------------------------------- -Wed May 9 08:36:30 UTC 2018 - tchvatal@suse.com - -- Add patch chromium-skia-system-fontconfig.patch to fix - bsc#1092272 - -------------------------------------------------------------------- -Fri May 4 06:53:49 UTC 2018 - guillaume.gardet@opensuse.org - -- Enable build on AArch64 -- Fix build on AArch64: - * set target_cpu to arm64 - * disable tcmalloc and swiftshader for aarch64 - * Add new patches: - - chromium-65.0.3325.162-skia-aarch64-buildfix.patch - - chromium-skia-neon.patch - -------------------------------------------------------------------- -Fri Apr 27 08:22:18 UTC 2018 - tchvatal@suse.com - -- chromium 66.0.3359.139: - * CVE-2018-6118: Use after free in Media Cache (bsc#1091288) - * drop add-missing-blink-tools.patch, now in tarball again - -------------------------------------------------------------------- -Wed Apr 18 09:14:21 UTC 2018 - tchvatal@suse.com - -- Version bump to chromium 66.0.3359.117 bsc#1090000: - * CVE-2018-6085: Use after free in Disk Cache - * CVE-2018-6086: Use after free in Disk Cache - * CVE-2018-6087: Use after free in WebAssembly - * CVE-2018-6088: Use after free in PDFium - * CVE-2018-6089: Same origin policy bypass in Service Worker - * CVE-2018-6090: Heap buffer overflow in Skia - * CVE-2018-6091: Incorrect handling of plug-ins by Service Worker - * CVE-2018-6092: Integer overflow in WebAssembly - * CVE-2018-6093: Same origin bypass in Service Worker - * CVE-2018-6094: Exploit hardening regression in Oilpan - * CVE-2018-6095: Lack of meaningful user interaction requirement before file upload - * CVE-2018-6096: Fullscreen UI spoof - * CVE-2018-6097: Fullscreen UI spoof - * CVE-2018-6098: URL spoof in Omnibox - * CVE-2018-6099: CORS bypass in ServiceWorker - * CVE-2018-6100: URL spoof in Omnibox - * CVE-2018-6101: Insufficient protection of remote debugging prototol in DevTools - * CVE-2018-6102: URL spoof in Omnibox - * CVE-2018-6103: UI spoof in Permissions - * CVE-2018-6104: URL spoof in Omnibox - * CVE-2018-6105: URL spoof in Omnibox - * CVE-2018-6106: Incorrect handling of promises in V8 - * CVE-2018-6107: URL spoof in Omnibox - * CVE-2018-6108: URL spoof in Omnibox - * CVE-2018-6109: Incorrect handling of files by FileAPI - * CVE-2018-6110: Incorrect handling of plaintext files via file:// - * CVE-2018-6111: Heap-use-after-free in DevTools - * CVE-2018-6112: Incorrect URL handling in DevTools - * CVE-2018-6113: URL spoof in Navigation - * CVE-2018-6114: CSP bypass - * CVE-2018-6115: SmartScreen bypass in downloads - * CVE-2018-6116: Incorrect low memory handling in WebAssembly - * CVE-2018-6117: Confusing autofill settings - * Various fixes from internal audits, fuzzing and other initiatives -- Remove obsolete patches: - * chromium-compiler.patch - * chromium-glibc-2.27.patch - * chromium-vaapi-init.patch - * exclude_ymp.diff - * fix-gn-bootstrap.diff - * fix_network_api_crash.patch - * mojo.patch -- Add new patches: - * chromium-ffmpeg.patch - * chromium-gcc7.patch - * exclude_ymp.patch - * fix-gn-bootstrap.patch -- Rebase patches: - * chromium-master-prefs-path.patch - * chromium-non-void-return.patch - * chromium-sandbox-pie.patch - * chromium-vaapi.patch -- Add patch to fix missing folder from tarball: - * add-missing-blink-tools.patch - -------------------------------------------------------------------- -Sun Apr 8 10:49:06 UTC 2018 - tchvatal@suse.com - -- Add vaapi patches: - * chromium-vaapi-init.patch - * chromium-vaapi.patch - -------------------------------------------------------------------- -Fri Apr 6 12:54:24 UTC 2018 - tchvatal@suse.com - -- Use memory-constraints package to limit threads as needed - -------------------------------------------------------------------- -Wed Mar 21 06:31:27 UTC 2018 - astieger@suse.com - -- Update to Chromium 65.0.3325.181: - * Various security relevant fixes from internal audits, fuzzing - and other initiatives (boo#1086124) - -------------------------------------------------------------------- -Tue Mar 20 12:33:53 UTC 2018 - tchvatal@suse.com - -- Use both freetype and harfbuzz either bundled or system - -------------------------------------------------------------------- -Wed Mar 14 14:18:35 UTC 2018 - tchvatal@suse.com - -- Version update to 65.0.3325.162: - * Various stability fixes only - -------------------------------------------------------------------- -Wed Mar 14 09:00:37 UTC 2018 - tchvatal@suse.com - -- Bundle the harfbuzz on < 15.0 release as we would have to - use requires_ge for the library itself later on otherwise - ------------------------------------------------------------------- Fri Mar 9 09:10:01 UTC 2018 - tchvatal@suse.com @@ -544,7 +148,6 @@ Fri Dec 15 09:28:07 UTC 2017 - tchvatal@suse.com Thu Dec 7 09:41:13 UTC 2017 - tchvatal@suse.com - Version update to 63.0.3239.84 bsc#1071691: - * bsc#1106341 CVE-2017-15430 Unsafe navigation in Chromecast * Critical CVE-2017-15407: Out of bounds write in QUIC. * High CVE-2017-15408: Heap buffer overflow in PDFium. * High CVE-2017-15409: Out of bounds write in Skia. diff --git a/chromium.spec b/chromium.spec index c626f40..e591c99 100644 --- a/chromium.spec +++ b/chromium.spec @@ -26,26 +26,19 @@ %if 0%{?suse_version} >= 1500 %bcond_without system_libxml %bcond_without system_icu -%bcond_without system_harfbuzz %else %bcond_with system_icu %bcond_with system_libxml -%bcond_with system_harfbuzz -%endif -%ifarch aarch64 -%bcond_with swiftshader -%else -%bcond_without swiftshader %endif %bcond_with system_vpx %bcond_with clang Name: chromium -Version: 69.0.3497.81 +Version: 65.0.3325.146 Release: 0 Summary: Google's open source browser project License: BSD-3-Clause AND LGPL-2.1-or-later Group: Productivity/Networking/Web/Browsers -URL: http://code.google.com/p/chromium/ +Url: http://code.google.com/p/chromium/ Source0: http://commondatastorage.googleapis.com/chromium-browser-official/%{rname}-%{version}.tar.xz # Toolchain definitions Source1: BUILD.gn @@ -58,31 +51,25 @@ Source104: chromium-icons.tar.bz2 # PATCH-FEATURE-UPSTREAM https://bugs.chromium.org/p/chromium/issues/detail?id=654190 Source105: chromium-browser.appdata.xml # PATCH-FIX-OPENSUSE Make the 1-click-install ymp file always download [bnc#836059] -Patch1: exclude_ymp.patch +Patch1: exclude_ymp.diff # PATCH-FIX-OPENSUSE enables reading of the master preference Patch2: chromium-master-prefs-path.patch +# PATCH-FIX-OPENSUSE Compile the sandbox with -fPIE settings +Patch4: chromium-sandbox-pie.patch # PATCH-FIX-OPENSUSE fix_building_widevinecdm_with_chromium.patch - Enable WideVine plugin -Patch3: fix_building_widevinecdm_with_chromium.patch -Patch4: chromium-dma-buf.patch -Patch5: chromium-buildname.patch -Patch6: chromium-non-void-return.patch -Patch7: chromium-drm.patch -Patch8: chromium-sandbox-pie.patch -Patch9: chromium-warnings.patch -Patch10: chromium-skia-aarch64-buildfix.patch -# PATCH-FIX-UPSTREAM chromium-vpx-aarch64.patch - Fix vpx build on aarch64 (patch edited to match path for -p1) -Patch11: chromium-vpx-aarch64.patch -Patch12: chromium-system-icu.patch -Patch13: chromium-old-glibc.patch -Patch14: chromium-gcc8-alignof.patch -# Google seem not too keen on merging this but GPU accel is quite important -# https://chromium-review.googlesource.com/c/chromium/src/+/532294 -# https://github.com/saiarcot895/chromium-ubuntu-build/tree/master/debian/patches -# NEEDS REBASE QUITE OFTEN -Patch100: chromium-vaapi.patch -# Google does not care much about system libs here -# https://bugs.chromium.org/p/skia/issues/detail?id=6663 -Patch101: chromium-skia-system-fontconfig.patch +Patch6: fix_building_widevinecdm_with_chromium.patch +# PATCH-FIX-OPENSUSE fix_network_api_crash.patch - Fix crash in network API, e.g. when using chromecast extension +Patch7: fix_network_api_crash.patch +Patch8: chromium-glibc-2.27.patch +Patch9: chromium-compiler.patch +Patch10: mojo.patch +Patch12: chromium-dma-buf.patch +Patch14: chromium-buildname.patch +Patch17: chromium-non-void-return.patch +Patch18: chromium-drm.patch +# GN buildsystem related patches +Patch200: chromium-last-commit-position-r0.patch +Patch201: fix-gn-bootstrap.diff # PATCH-FIX-SUSE: allow proprietary codecs to be set with chromium branding Patch202: chromium-prop-codecs.patch BuildRequires: SDL-devel @@ -92,7 +79,6 @@ BuildRequires: cups-devel BuildRequires: desktop-file-utils BuildRequires: fdupes BuildRequires: flex -BuildRequires: gn BuildRequires: gperf BuildRequires: hicolor-icon-theme BuildRequires: libcap-devel @@ -104,7 +90,6 @@ BuildRequires: libgsm-devel BuildRequires: libjpeg-devel >= 8.1 BuildRequires: libpng-devel BuildRequires: libva-devel -BuildRequires: memory-constraints BuildRequires: ncurses-devel BuildRequires: ninja >= 1.7.2 BuildRequires: pam-devel @@ -130,6 +115,7 @@ BuildRequires: pkgconfig(glib-2.0) BuildRequires: pkgconfig(gnome-keyring-1) BuildRequires: pkgconfig(gtk+-2.0) BuildRequires: pkgconfig(gtk+-3.0) +BuildRequires: pkgconfig(harfbuzz) >= 1.7.0 BuildRequires: pkgconfig(hunspell) BuildRequires: pkgconfig(imlib2) BuildRequires: pkgconfig(jack) @@ -138,7 +124,7 @@ BuildRequires: pkgconfig(kdb) BuildRequires: pkgconfig(krb5) BuildRequires: pkgconfig(libavcodec) BuildRequires: pkgconfig(libavfilter) -BuildRequires: pkgconfig(libavformat) >= 58 +BuildRequires: pkgconfig(libavformat) >= 57.41.100 BuildRequires: pkgconfig(libavutil) BuildRequires: pkgconfig(libcrypto) BuildRequires: pkgconfig(libdc1394-2) @@ -150,7 +136,9 @@ BuildRequires: pkgconfig(liboil-0.3) >= 0.3.15 BuildRequires: pkgconfig(libpci) BuildRequires: pkgconfig(libpulse) BuildRequires: pkgconfig(libssl) +BuildRequires: pkgconfig(libtcmalloc) BuildRequires: pkgconfig(libudev) +BuildRequires: pkgconfig(libwebp) BuildRequires: pkgconfig(libxslt) BuildRequires: pkgconfig(minizip) BuildRequires: pkgconfig(nspr) >= 4.9.5 @@ -177,6 +165,7 @@ BuildRequires: pkgconfig(xrender) BuildRequires: pkgconfig(xscrnsaver) BuildRequires: pkgconfig(xt) BuildRequires: pkgconfig(xtst) +BuildRequires: pkgconfig(zlib) Requires: hicolor-icon-theme Requires: xdg-utils Requires(pre): permissions @@ -197,14 +186,7 @@ Obsoletes: chromium-dev-desktop-kde Obsoletes: chromium-ffmpeg Obsoletes: chromium-ffmpegsumo # no 32bit supported and it takes ages to build -ExcludeArch: %{arm} ppc ppc64 ppc64le s390 s390x -%ifnarch aarch64 -# Current tcmalloc does not support AArch64 -BuildRequires: pkgconfig(libtcmalloc) -%endif -%if %{with system_harfbuzz} -BuildRequires: pkgconfig(harfbuzz) >= 1.7.0 -%endif +ExcludeArch: %{arm} aarch64 i586 ppc ppc64 ppc64le %if 0%{?suse_version} >= 1330 BuildRequires: nodejs8 %else @@ -219,8 +201,6 @@ BuildRequires: python-html5lib BuildRequires: python-simplejson BuildRequires: python-xml BuildRequires: yasm-devel -BuildRequires: pkgconfig(libwebp) -BuildRequires: pkgconfig(zlib) %endif %if %{with system_icu} BuildRequires: pkgconfig(icu-i18n) >= 59.0 @@ -229,7 +209,7 @@ BuildRequires: pkgconfig(icu-i18n) >= 59.0 BuildRequires: pkgconfig(vpx) >= 1.6.1 %endif %if %{with clang} -BuildRequires: clang >= 5.0.0 +BuildRequires: clang >= 3.9.0 %else %if %{?suse_version} >= 1330 BuildRequires: gcc >= 7 @@ -254,7 +234,25 @@ WebDriver is an open source tool for automated testing of webapps across many br %prep %setup -q -n %{rname}-%{version} -%autopatch -p1 + +#GN Buildsystem fixes +%patch200 -p1 +%patch201 -p1 +%patch202 -p1 + +#Standard patches +%patch1 +%patch2 +%patch4 +%patch6 -p1 +%patch7 +%patch8 -p1 +%patch9 -p1 +%patch10 -p1 +%patch12 -p1 +%patch14 -p1 +%patch17 -p1 +%patch18 -p1 # Copy the toolchain settings mkdir toolchain @@ -275,33 +273,18 @@ keeplibs=( base/third_party/valgrind base/third_party/xdg_mime base/third_party/xdg_user_dirs - buildtools/third_party/libc++ - buildtools/third_party/libc++abi - buildtools/third_party/libunwind chrome/third_party/mozilla_security_manager courgette/third_party - net/third_party/http2 net/third_party/mozilla_security_manager net/third_party/nss - net/third_party/quic - net/third_party/spdy third_party/WebKit - third_party/abseil-cpp third_party/analytics third_party/angle - third_party/apple_apsl third_party/angle/src/common/third_party/base third_party/angle/src/common/third_party/smhasher third_party/angle/src/third_party/compiler third_party/angle/src/third_party/libXNVCtrl third_party/angle/src/third_party/trace_event - third_party/angle/third_party/glslang - third_party/angle/third_party/spirv-headers - third_party/angle/third_party/spirv-tools - third_party/angle/third_party/vulkan-headers - third_party/angle/third_party/vulkan-loader - third_party/angle/third_party/vulkan-tools - third_party/angle/third_party/vulkan-validation-layers third_party/blink third_party/boringssl third_party/boringssl/src/third_party/fiat @@ -321,8 +304,6 @@ keeplibs=( third_party/catapult/tracing/third_party/pako third_party/ced third_party/cld_3 - third_party/crashpad - third_party/crashpad/crashpad/third_party/zlib third_party/crc32c third_party/cros_system_api third_party/devscripts @@ -350,49 +331,44 @@ keeplibs=( third_party/libphonenumber third_party/libsecret third_party/libsrtp - third_party/libsync third_party/libudev third_party/libusb third_party/libwebm third_party/libxml/chromium third_party/libyuv + third_party/llvm third_party/lss third_party/lzma_sdk third_party/markupsafe third_party/mesa third_party/metrics_proto third_party/modp_b64 + third_party/mt19937ar third_party/node third_party/node/node_modules/polymer-bundler/lib/third_party/UglifyJS2 third_party/openh264 third_party/openmax_dl third_party/ots - third_party/perfetto third_party/pdfium third_party/pdfium/third_party/agg23 third_party/pdfium/third_party/base + third_party/pdfium/third_party/build third_party/pdfium/third_party/bigint - third_party/pdfium/third_party/eu-strip third_party/pdfium/third_party/freetype third_party/pdfium/third_party/lcms third_party/pdfium/third_party/libopenjpeg20 third_party/pdfium/third_party/libpng16 third_party/pdfium/third_party/libtiff - third_party/pdfium/third_party/skia_shared - third_party/perfetto third_party/ply third_party/polymer third_party/protobuf third_party/protobuf/third_party/six - third_party/pyjson5 third_party/qcms - third_party/rnnoise third_party/s2cellid third_party/sfntly third_party/shaderc third_party/skia third_party/skia/third_party/gif - third_party/skia/third_party/skcms third_party/skia/third_party/vulkan third_party/smhasher third_party/spirv-headers @@ -403,7 +379,6 @@ keeplibs=( third_party/swiftshader/third_party/llvm-subzero third_party/swiftshader/third_party/subzero third_party/tcmalloc - third_party/unrar third_party/usrsctp third_party/vulkan third_party/vulkan-validation-layers @@ -418,24 +393,15 @@ keeplibs=( url/third_party/mozilla v8/src/third_party/valgrind v8/src/third_party/utf8-decoder - v8/third_party/antlr4 v8/third_party/inspector_protocol ) %if %{with sle_bundles} keeplibs+=( - third_party/libwebp third_party/yasm third_party/simplejson third_party/catapult/third_party/beautifulsoup4 third_party/catapult/third_party/html5lib-python third_party/catapult/third_party/six - third_party/zlib -) -%endif -%if !%{with system_harfbuzz} -keeplibs+=( - third_party/freetype - third_party/harfbuzz-ng ) %endif %if !%{with system_icu} @@ -468,7 +434,7 @@ export CXX=clang++ %else # REDUCE DEBUG as it gets TOO large ARCH_FLAGS="`echo %{optflags} | sed -e 's/^-g / /g' -e 's/ -g / /g' -e 's/ -g$//g'`" -export CFLAGS="${ARCH_FLAGS} -fpermissive" +export CFLAGS="${ARCH_FLAGS} -std=gnu11 -fpermissive" export CXXFLAGS="${ARCH_FLAGS} -fpermissive" export CC=gcc export CXX=g++ @@ -483,33 +449,38 @@ export PATH="$HOME/bin/:$PATH" %endif %endif # do not eat all memory -%limit_build -m 1600 +ninjaproc="%{?jobs:%{jobs}}" +echo "Available memory:" +cat /proc/meminfo +echo "System limits:" +ulimit -a +if test -n "$ninjaproc" -a "$ninjaproc" -gt 1 ; then + mem_per_process=1600000 + max_mem=$(awk '/MemTotal/ { print $2 }' /proc/meminfo) + max_jobs="$(($max_mem / $mem_per_process))" + test "$ninjaproc" -gt "$max_jobs" && ninjaproc="$max_jobs" && echo "Warning: Reducing number of jobs to $max_jobs because of memory limits" + test "$ninjaproc" -le 0 && ninjaproc=1 && echo "Warning: Do not use the parallel build at all becuse of memory limits" +fi # Set system libraries to be used gn_system_libraries=( ffmpeg flac fontconfig + freetype + harfbuzz-ng libdrm libjpeg libpng + libwebp libxslt opus re2 snappy -) -%if %{with system_harfbuzz} -gn_system_libraries+=( - harfbuzz-ng - freetype -) -%endif -%if !%{with sle_bundles} -gn_system_libraries+=( - libwebp - yasm zlib ) +%if !%{with sle_bundles} +gn_system_libraries+=( yasm ) %endif %if %{with system_icu} gn_system_libraries+=( icu ) @@ -530,9 +501,7 @@ myconf_gn+=" linux_use_bundled_binutils=false" myconf_gn+=" use_custom_libcxx=false" myconf_gn+=" is_debug=false" myconf_gn+=" enable_nacl=false" -%if %{with swiftshader} myconf_gn+=" use_swiftshader_with_subzero=true" -%endif myconf_gn+=" is_component_ffmpeg=true" myconf_gn+=" use_cups=true" myconf_gn+=" use_aura=true" @@ -544,10 +513,7 @@ myconf_gn+=" use_pulseaudio=true link_pulseaudio=true" myconf_gn+=" is_component_build=false" myconf_gn+=" use_sysroot=false" myconf_gn+=" fatal_linker_warnings=false" -%ifnarch aarch64 -# Current tcmalloc does not support AArch64 myconf_gn+=" use_allocator=\"tcmalloc\"" -%endif myconf_gn+=" fieldtrial_testing_like_official_build=true" myconf_gn+=" use_gold=true" myconf_gn+=" use_lld=false" @@ -556,10 +522,7 @@ myconf_gn+=" use_sysroot=false" myconf_gn+=" treat_warnings_as_errors=false" myconf_gn+=" enable_widevine=true" # See dependency logic in third_party/BUILD.gn -%if %{with system_harfbuzz} -myconf_gn+=" use_system_harfbuzz=true" -myconf_gn+=" use_system_freetype=true" -%endif +myconf_gn+=" use_system_harfbuzz=true use_system_freetype=true" myconf_gn+=" enable_hangout_services_extension=true" myconf_gn+=" enable_vulkan=false" # fails to compile now # ozone stuff @@ -584,15 +547,6 @@ myconf_gn+=" arm_optionally_use_neon=false" myconf_gn+=" arm_use_thumb=true" %endif -%ifarch aarch64 -myconf_gn+=" target_cpu=\"arm64\"" -%endif - -%ifarch aarch64 -# We don't need to cross compile while building on an aarch64 system. -sed -i 's|aarch64-linux-gnu-||g' build/toolchain/linux/BUILD.gn -%endif - # Set up Google API keys, see http://www.chromium.org/developers/how-tos/api-keys # Note: these are for the openSUSE Chromium builds ONLY. For your own distribution, # please get your own set of keys. @@ -604,11 +558,12 @@ myconf_gn+=" google_api_key=\"${google_api_key}\"" myconf_gn+=" google_default_client_id=\"${google_default_client_id}\"" myconf_gn+=" google_default_client_secret=\"${google_default_client_secret}\"" +tools/gn/bootstrap/bootstrap.py -s -v --gn-gen-args "${myconf_gn}" # GN does not support passing cflags: # https://bugs.chromium.org/p/chromium/issues/detail?id=642016 -gn gen --args="${myconf_gn}" out/Release +out/Release/gn gen --args="${myconf_gn}" out/Release -ninja -v %{?_smp_mflags} -C out/Release chrome chrome_sandbox chromedriver +ninja -v -j $ninjaproc -C out/Release chrome chrome_sandbox chromedriver %install mkdir -p %{buildroot}%{_libdir}/chromium @@ -635,10 +590,8 @@ cp -a *.bin *.pak locales xdg-mime %{buildroot}%{_libdir}/chromium/ cp -a icudtl.dat %{buildroot}%{_libdir}/chromium/ %endif -%if %{with swiftshader} mkdir -p %{buildroot}%{_libdir}/chromium/swiftshader cp -a swiftshader/*.so %{buildroot}%{_libdir}/chromium/swiftshader/ -%endif # chromedriver cp -a chromedriver %{buildroot}%{_libdir}/chromium/ @@ -678,8 +631,6 @@ install -m 0644 %{SOURCE30} %{buildroot}%{_sysconfdir}/chromium chmod 755 %{buildroot}%{_libdir}/chromium/xdg-settings chmod 755 %{buildroot}%{_libdir}/chromium/xdg-mime -%fdupes %{buildroot} - %verifyscript %verify_permissions -e %{_libexecdir}/chrome_sandbox @@ -696,17 +647,14 @@ chmod 755 %{buildroot}%{_libdir}/chromium/xdg-mime %files %verify(not mode) %{_libexecdir}/chrome_sandbox -%license LICENSE -%doc AUTHORS +%doc AUTHORS LICENSE %config %{_sysconfdir}/chromium %config(noreplace) %{_sysconfdir}/default/chromium %dir %{_datadir}/gnome-control-center %dir %{_datadir}/gnome-control-center/default-apps %{_libdir}/chromium/ -%if %{with swiftshader} %dir %{_libdir}/chromium/swiftshader/ %{_libdir}/chromium/swiftshader/*.so -%endif %{_datadir}/applications/*.desktop %dir %{_datadir}/appdata/ %{_datadir}/appdata/chromium-browser.appdata.xml diff --git a/exclude_ymp.diff b/exclude_ymp.diff new file mode 100644 index 0000000..0528f28 --- /dev/null +++ b/exclude_ymp.diff @@ -0,0 +1,10 @@ +--- third_party/WebKit/common/mime_util/mime_util.cc 2013-08-25 10:12:05.428599992 +0200 ++++ third_party/WebKit/common/mime_util/mime_util.cc 2013-08-25 10:12:05.428599992 +0200 +@@ -79,6 +79,7 @@ + "text/x-csv", + "text/x-vcf", + "text/rtf", ++ "text/x-suse-ymp", + "text/comma-separated-values", + "text/csv", + "text/tab-separated-values", diff --git a/exclude_ymp.patch b/exclude_ymp.patch index 4324ef4..1920197 100644 --- a/exclude_ymp.patch +++ b/exclude_ymp.patch @@ -1,10 +1,10 @@ --- a/third_party/blink/common/mime_util/mime_util.cc 2013-08-25 10:12:05.428599992 +0200 +++ b/third_party/blink/common/mime_util/mime_util.cc 2013-08-25 10:12:05.428599992 +0200 @@ -79,6 +79,7 @@ - "text/x-csv", - "text/x-vcf", - "text/rtf", -+ "text/x-suse-ymp", - "text/comma-separated-values", - "text/csv", - "text/tab-separated-values", + "text/x-csv", + "text/x-vcf", + "text/rtf", ++ "text/x-suse-ymp", + "text/comma-separated-values", + "text/csv", + "text/tab-separated-values", diff --git a/fix-gn-bootstrap.diff b/fix-gn-bootstrap.diff new file mode 100644 index 0000000..473a0f4 diff --git a/fix_building_widevinecdm_with_chromium.patch b/fix_building_widevinecdm_with_chromium.patch index 69ba607..a974244 100644 --- a/fix_building_widevinecdm_with_chromium.patch +++ b/fix_building_widevinecdm_with_chromium.patch @@ -1,22 +1,9 @@ -diff -urN chromium-67.0.3371.0.old/third_party/widevine/cdm/BUILD.gn chromium-67.0.3371.0/third_party/widevine/cdm/BUILD.gn ---- chromium-67.0.3371.0.old/third_party/widevine/cdm/BUILD.gn 2018-03-20 12:06:16.192778982 +0100 -+++ chromium-67.0.3371.0/third_party/widevine/cdm/BUILD.gn 2018-03-20 12:09:54.184846595 +0100 -@@ -10,12 +10,6 @@ - import("//media/media_options.gni") - import("//third_party/widevine/cdm/widevine.gni") - --# Internal Cast builds set enable_widevine=true to bring in Widevine support. --# TODO(xhwang): Support component updated CDM on other platforms and remove this --# assert. --assert(!enable_widevine || is_win || is_mac || is_chromecast, -- "Component updated CDM only supported on Windows and Mac for now.") -- - widevine_arch = current_cpu - if (widevine_arch == "x86") { - widevine_arch = "ia32" -diff -urN chromium-67.0.3371.0.old/third_party/widevine/cdm/stub/widevine_cdm_version.h chromium-67.0.3371.0/third_party/widevine/cdm/stub/widevine_cdm_version.h ---- chromium-67.0.3371.0.old/third_party/widevine/cdm/stub/widevine_cdm_version.h 2018-03-20 12:06:16.192778982 +0100 -+++ chromium-67.0.3371.0/third_party/widevine/cdm/stub/widevine_cdm_version.h 2018-03-20 12:08:24.415172133 +0100 +Minimal patch to get chromium to compile with widevine support + +https://bugs.gentoo.org/show_bug.cgi?id=547630 + +--- a/third_party/widevine/cdm/stub/widevine_cdm_version.h ++++ b/third_party/widevine/cdm/stub/widevine_cdm_version.h @@ -10,6 +10,7 @@ #include "third_party/widevine/cdm/widevine_cdm_common.h" diff --git a/fix_network_api_crash.patch b/fix_network_api_crash.patch new file mode 100644 index 0000000..00526b7 --- /dev/null +++ b/fix_network_api_crash.patch @@ -0,0 +1,77 @@ +Index: extensions/browser/api/networking_private/networking_private_linux.cc +=================================================================== +--- extensions/browser/api/networking_private/networking_private_linux.cc.orig 2016-05-05 03:01:50.000000000 +0200 ++++ extensions/browser/api/networking_private/networking_private_linux.cc 2016-05-10 16:16:42.431052917 +0200 +@@ -215,12 +215,14 @@ void NetworkingPrivateLinux::GetState( + std::unique_ptr network_properties( + new base::DictionaryValue); + ++ std::string* erp = error.get(); ++ base::DictionaryValue* npp = network_properties.get(); + // Runs GetCachedNetworkProperties on |dbus_thread|. + dbus_thread_.task_runner()->PostTaskAndReply( + FROM_HERE, base::Bind(&NetworkingPrivateLinux::GetCachedNetworkProperties, + base::Unretained(this), guid, +- base::Unretained(network_properties.get()), +- base::Unretained(error.get())), ++ base::Unretained(npp), ++ base::Unretained(erp)), + base::Bind(&GetCachedNetworkPropertiesCallback, base::Passed(&error), + base::Passed(&network_properties), success_callback, + failure_callback)); +@@ -301,11 +303,12 @@ void NetworkingPrivateLinux::GetNetworks + + // Runs GetAllWiFiAccessPoints on the dbus_thread and returns the + // results back to OnAccessPointsFound where the callback is fired. ++ NetworkMap* nmp = network_map.get(); + dbus_thread_.task_runner()->PostTaskAndReply( + FROM_HERE, + base::Bind(&NetworkingPrivateLinux::GetAllWiFiAccessPoints, + base::Unretained(this), configured_only, visible_only, limit, +- base::Unretained(network_map.get())), ++ base::Unretained(nmp)), + base::Bind(&NetworkingPrivateLinux::OnAccessPointsFound, + base::Unretained(this), base::Passed(&network_map), + success_callback, failure_callback)); +@@ -321,11 +324,12 @@ bool NetworkingPrivateLinux::GetNetworks + // Runs GetAllWiFiAccessPoints on the dbus_thread and returns the + // results back to SendNetworkListChangedEvent to fire the event. No + // callbacks are used in this case. ++ NetworkMap* nmp = network_map.get(); + dbus_thread_.task_runner()->PostTaskAndReply( + FROM_HERE, base::Bind(&NetworkingPrivateLinux::GetAllWiFiAccessPoints, + base::Unretained(this), false /* configured_only */, + false /* visible_only */, 0 /* limit */, +- base::Unretained(network_map.get())), ++ base::Unretained(nmp)), + base::Bind(&NetworkingPrivateLinux::OnAccessPointsFoundViaScan, + base::Unretained(this), base::Passed(&network_map))); + +@@ -506,11 +510,12 @@ void NetworkingPrivateLinux::StartConnec + + std::unique_ptr error(new std::string); + ++ std::string* erp = error.get(); + // Runs ConnectToNetwork on |dbus_thread|. + dbus_thread_.task_runner()->PostTaskAndReply( + FROM_HERE, + base::Bind(&NetworkingPrivateLinux::ConnectToNetwork, +- base::Unretained(this), guid, base::Unretained(error.get())), ++ base::Unretained(this), guid, base::Unretained(erp)), + base::Bind(&OnNetworkConnectOperationCompleted, base::Passed(&error), + success_callback, failure_callback)); + } +@@ -524,11 +529,12 @@ void NetworkingPrivateLinux::StartDiscon + + std::unique_ptr error(new std::string); + ++ std::string* erp = error.get(); + // Runs DisconnectFromNetwork on |dbus_thread|. + dbus_thread_.task_runner()->PostTaskAndReply( + FROM_HERE, + base::Bind(&NetworkingPrivateLinux::DisconnectFromNetwork, +- base::Unretained(this), guid, base::Unretained(error.get())), ++ base::Unretained(this), guid, base::Unretained(erp)), + base::Bind(&OnNetworkConnectOperationCompleted, base::Passed(&error), + success_callback, failure_callback)); + } diff --git a/mojo.patch b/mojo.patch new file mode 100644 index 0000000..7a287db --- /dev/null +++ b/mojo.patch @@ -0,0 +1,62 @@ +description: fix mojo layout test build error +author: Michael Gilbert + +--- a/content/shell/BUILD.gn ++++ b/content/shell/BUILD.gn +@@ -93,8 +93,6 @@ static_library("content_shell_lib") { + "browser/layout_test/layout_test_resource_dispatcher_host_delegate.h", + "browser/layout_test/layout_test_url_request_context_getter.cc", + "browser/layout_test/layout_test_url_request_context_getter.h", +- "browser/layout_test/mojo_layout_test_helper.cc", +- "browser/layout_test/mojo_layout_test_helper.h", + "browser/layout_test/secondary_test_window_observer.cc", + "browser/layout_test/secondary_test_window_observer.h", + "browser/layout_test/test_info_extractor.cc", +@@ -244,9 +242,7 @@ static_library("content_shell_lib") { + "//content/public/common", + "//content/public/common:service_names", + "//content/shell/test_runner:test_runner", +- "//content/test:content_test_mojo_bindings", + "//content/test:layouttest_support", +- "//content/test:mojo_layouttest_bindings", + "//content/test:test_support", + "//device/bluetooth", + "//device/bluetooth:fake_bluetooth", +--- a/content/shell/browser/layout_test/layout_test_content_browser_client.cc ++++ b/content/shell/browser/layout_test/layout_test_content_browser_client.cc +@@ -19,7 +19,6 @@ + #include "content/shell/browser/layout_test/layout_test_message_filter.h" + #include "content/shell/browser/layout_test/layout_test_notification_manager.h" + #include "content/shell/browser/layout_test/layout_test_resource_dispatcher_host_delegate.h" +-#include "content/shell/browser/layout_test/mojo_layout_test_helper.h" + #include "content/shell/browser/shell_browser_context.h" + #include "content/shell/common/layout_test/layout_test_switches.h" + #include "content/shell/common/shell_messages.h" +@@ -32,11 +31,6 @@ namespace { + + LayoutTestContentBrowserClient* g_layout_test_browser_client; + +-void BindLayoutTestHelper(mojom::MojoLayoutTestHelperRequest request, +- RenderFrameHost* render_frame_host) { +- MojoLayoutTestHelper::Create(std::move(request)); +-} +- + } // namespace + + LayoutTestContentBrowserClient::LayoutTestContentBrowserClient() { +@@ -98,7 +92,6 @@ void LayoutTestContentBrowserClient::Exp + + registry->AddInterface(base::Bind(&bluetooth::FakeBluetooth::Create), + ui_task_runner); +- registry->AddInterface(base::Bind(&MojoLayoutTestHelper::Create)); + } + + void LayoutTestContentBrowserClient::OverrideWebkitPrefs( +@@ -193,7 +186,6 @@ bool LayoutTestContentBrowserClient::Can + void LayoutTestContentBrowserClient::ExposeInterfacesToFrame( + service_manager::BinderRegistryWithArgs* + registry) { +- registry->AddInterface(base::Bind(&BindLayoutTestHelper)); + } + + } // namespace content From f879469e4f7215d3f1b0c0ea35f4bb3ca01301aa6c621b99bc8f719fb135ea53 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Wed, 14 Mar 2018 09:01:19 +0000 Subject: [PATCH 02/52] - Bundle the harfbuzz on < 15.0 release as we would have to use requires_ge for the library itself later on otherwise OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1102 --- chromium.changes | 6 ++++++ chromium.spec | 16 ++++++++++++++-- 2 files changed, 20 insertions(+), 2 deletions(-) diff --git a/chromium.changes b/chromium.changes index 6ce7683..33486d0 100644 --- a/chromium.changes +++ b/chromium.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Wed Mar 14 09:00:37 UTC 2018 - tchvatal@suse.com + +- Bundle the harfbuzz on < 15.0 release as we would have to + use requires_ge for the library itself later on otherwise + ------------------------------------------------------------------- Fri Mar 9 09:10:01 UTC 2018 - tchvatal@suse.com diff --git a/chromium.spec b/chromium.spec index e591c99..a3d29f4 100644 --- a/chromium.spec +++ b/chromium.spec @@ -26,9 +26,11 @@ %if 0%{?suse_version} >= 1500 %bcond_without system_libxml %bcond_without system_icu +%bcond_without system_harfbuzz %else %bcond_with system_icu %bcond_with system_libxml +%bcond_with system_harfbuzz %endif %bcond_with system_vpx %bcond_with clang @@ -115,7 +117,9 @@ BuildRequires: pkgconfig(glib-2.0) BuildRequires: pkgconfig(gnome-keyring-1) BuildRequires: pkgconfig(gtk+-2.0) BuildRequires: pkgconfig(gtk+-3.0) +%if %{with system_harfbuzz} BuildRequires: pkgconfig(harfbuzz) >= 1.7.0 +%endif BuildRequires: pkgconfig(hunspell) BuildRequires: pkgconfig(imlib2) BuildRequires: pkgconfig(jack) @@ -404,6 +408,9 @@ keeplibs+=( third_party/catapult/third_party/six ) %endif +%if !%{with system_harfbuzz} +keeplibs+=( third_party/harfbuzz-ng ) +%endif %if !%{with system_icu} keeplibs+=( third_party/icu ) %endif @@ -468,7 +475,6 @@ gn_system_libraries=( flac fontconfig freetype - harfbuzz-ng libdrm libjpeg libpng @@ -479,6 +485,9 @@ gn_system_libraries=( snappy zlib ) +%if %{with system_harfbuzz} +gn_system_libraries+=( harfubzz-ng ) +%endif %if !%{with sle_bundles} gn_system_libraries+=( yasm ) %endif @@ -522,7 +531,10 @@ myconf_gn+=" use_sysroot=false" myconf_gn+=" treat_warnings_as_errors=false" myconf_gn+=" enable_widevine=true" # See dependency logic in third_party/BUILD.gn -myconf_gn+=" use_system_harfbuzz=true use_system_freetype=true" +%if %{with system_harfbuzz} +myconf_gn+=" use_system_harfbuzz=true" +%endif +myconf_gn+=" use_system_freetype=true" myconf_gn+=" enable_hangout_services_extension=true" myconf_gn+=" enable_vulkan=false" # fails to compile now # ozone stuff From 922568fddbd617a5ac8b6b1079316bd67d1d509b7dec65f595ec3876bed1c85b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Wed, 14 Mar 2018 11:14:59 +0000 Subject: [PATCH 03/52] OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1103 --- chromium.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/chromium.spec b/chromium.spec index a3d29f4..28561ad 100644 --- a/chromium.spec +++ b/chromium.spec @@ -486,7 +486,7 @@ gn_system_libraries=( zlib ) %if %{with system_harfbuzz} -gn_system_libraries+=( harfubzz-ng ) +gn_system_libraries+=( harfbuzz-ng ) %endif %if !%{with sle_bundles} gn_system_libraries+=( yasm ) From abebe4249ecfb5650b04c47563fffaff2b295b5b102434eb4d07065fa0738a35 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Wed, 14 Mar 2018 14:32:05 +0000 Subject: [PATCH 04/52] - Version update to 65.0.3325.162: * Various stability fixes only OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1104 --- chromium-65.0.3325.146.tar.xz | 3 --- chromium-65.0.3325.162.tar.xz | 3 +++ chromium.changes | 6 ++++++ chromium.spec | 2 +- 4 files changed, 10 insertions(+), 4 deletions(-) delete mode 100644 chromium-65.0.3325.146.tar.xz create mode 100644 chromium-65.0.3325.162.tar.xz diff --git a/chromium-65.0.3325.146.tar.xz b/chromium-65.0.3325.146.tar.xz deleted file mode 100644 index be1e8b2..0000000 --- a/chromium-65.0.3325.146.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:cb4f2f3f5a3344f7c452b61f8086d4b4e56af6f5bc34309c3ede8be6b4ab81a3 -size 570305180 diff --git a/chromium-65.0.3325.162.tar.xz b/chromium-65.0.3325.162.tar.xz new file mode 100644 index 0000000..e02b9e6 --- /dev/null +++ b/chromium-65.0.3325.162.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:627e7bfd84795de1553fac305239130d25186acf2d3c77d39d824327cd116cce +size 570398968 diff --git a/chromium.changes b/chromium.changes index 33486d0..90a7cc7 100644 --- a/chromium.changes +++ b/chromium.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Wed Mar 14 14:18:35 UTC 2018 - tchvatal@suse.com + +- Version update to 65.0.3325.162: + * Various stability fixes only + ------------------------------------------------------------------- Wed Mar 14 09:00:37 UTC 2018 - tchvatal@suse.com diff --git a/chromium.spec b/chromium.spec index 28561ad..6dbbc29 100644 --- a/chromium.spec +++ b/chromium.spec @@ -35,7 +35,7 @@ %bcond_with system_vpx %bcond_with clang Name: chromium -Version: 65.0.3325.146 +Version: 65.0.3325.162 Release: 0 Summary: Google's open source browser project License: BSD-3-Clause AND LGPL-2.1-or-later From 0ae1589f4e8b0815ac7fb41f0746efd31a1bb17f72ac9136e9d563ca9177eb9b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Tue, 20 Mar 2018 12:34:27 +0000 Subject: [PATCH 05/52] - Use both freetype and harfbuzz either bundled or system OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1106 --- chromium.changes | 5 +++++ chromium.spec | 11 ++++++++--- 2 files changed, 13 insertions(+), 3 deletions(-) diff --git a/chromium.changes b/chromium.changes index 90a7cc7..dc1d44a 100644 --- a/chromium.changes +++ b/chromium.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Tue Mar 20 12:33:53 UTC 2018 - tchvatal@suse.com + +- Use both freetype and harfbuzz either bundled or system + ------------------------------------------------------------------- Wed Mar 14 14:18:35 UTC 2018 - tchvatal@suse.com diff --git a/chromium.spec b/chromium.spec index 6dbbc29..28b307e 100644 --- a/chromium.spec +++ b/chromium.spec @@ -409,7 +409,10 @@ keeplibs+=( ) %endif %if !%{with system_harfbuzz} -keeplibs+=( third_party/harfbuzz-ng ) +keeplibs+=( + third_party/freetype + third_party/harfbuzz-ng +) %endif %if !%{with system_icu} keeplibs+=( third_party/icu ) @@ -474,7 +477,6 @@ gn_system_libraries=( ffmpeg flac fontconfig - freetype libdrm libjpeg libpng @@ -486,7 +488,10 @@ gn_system_libraries=( zlib ) %if %{with system_harfbuzz} -gn_system_libraries+=( harfbuzz-ng ) +gn_system_libraries+=( + harfbuzz-ng + freetype +) %endif %if !%{with sle_bundles} gn_system_libraries+=( yasm ) From 4896cc9d8e094cd0fb0cce38ff1379d51940b735199234cdaaf32f8ea4122630 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Tue, 20 Mar 2018 12:36:27 +0000 Subject: [PATCH 06/52] OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1107 --- chromium.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/chromium.spec b/chromium.spec index 28b307e..b45ad70 100644 --- a/chromium.spec +++ b/chromium.spec @@ -538,8 +538,8 @@ myconf_gn+=" enable_widevine=true" # See dependency logic in third_party/BUILD.gn %if %{with system_harfbuzz} myconf_gn+=" use_system_harfbuzz=true" -%endif myconf_gn+=" use_system_freetype=true" +%endif myconf_gn+=" enable_hangout_services_extension=true" myconf_gn+=" enable_vulkan=false" # fails to compile now # ozone stuff From b69ddb5e9ed63f7efd0da5566da7832cf7be0095beebc0956977f301f36a4dba Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Wed, 21 Mar 2018 07:51:13 +0000 Subject: [PATCH 07/52] Accepting request 589652 from home:AndreasStieger:branches:network:chromium - Update to Chromium 65.0.3325.181: * Various security relevant fixes from internal audits, fuzzing and other initiatives (boo#1086124) OBS-URL: https://build.opensuse.org/request/show/589652 OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1108 --- chromium-65.0.3325.162.tar.xz | 3 --- chromium-65.0.3325.181.tar.xz | 3 +++ chromium.changes | 7 +++++++ chromium.spec | 2 +- 4 files changed, 11 insertions(+), 4 deletions(-) delete mode 100644 chromium-65.0.3325.162.tar.xz create mode 100644 chromium-65.0.3325.181.tar.xz diff --git a/chromium-65.0.3325.162.tar.xz b/chromium-65.0.3325.162.tar.xz deleted file mode 100644 index e02b9e6..0000000 --- a/chromium-65.0.3325.162.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:627e7bfd84795de1553fac305239130d25186acf2d3c77d39d824327cd116cce -size 570398968 diff --git a/chromium-65.0.3325.181.tar.xz b/chromium-65.0.3325.181.tar.xz new file mode 100644 index 0000000..4d05156 --- /dev/null +++ b/chromium-65.0.3325.181.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:93666448c6b96ec83e6a35a64cff40db4eb92a154fe1db4e7dab4761d0e38687 +size 570386836 diff --git a/chromium.changes b/chromium.changes index dc1d44a..38dad3c 100644 --- a/chromium.changes +++ b/chromium.changes @@ -1,3 +1,10 @@ +------------------------------------------------------------------- +Wed Mar 21 06:31:27 UTC 2018 - astieger@suse.com + +- Update to Chromium 65.0.3325.181: + * Various security relevant fixes from internal audits, fuzzing + and other initiatives (boo#1086124) + ------------------------------------------------------------------- Tue Mar 20 12:33:53 UTC 2018 - tchvatal@suse.com diff --git a/chromium.spec b/chromium.spec index b45ad70..6473f57 100644 --- a/chromium.spec +++ b/chromium.spec @@ -35,7 +35,7 @@ %bcond_with system_vpx %bcond_with clang Name: chromium -Version: 65.0.3325.162 +Version: 65.0.3325.181 Release: 0 Summary: Google's open source browser project License: BSD-3-Clause AND LGPL-2.1-or-later From dbd8e6aa85166631f6f19b83ddc60cd9b1d580f689583748770738652cc4ec2e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Fri, 6 Apr 2018 12:59:51 +0000 Subject: [PATCH 08/52] - Use memory-constraints package to limit threads as needed >>>>>>> ./chromium.changes.r47afdab4f36d0667875ab6cd647e0111 OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1110 --- chromium.changes | 6 ++++++ chromium.spec | 27 +++++++++------------------ 2 files changed, 15 insertions(+), 18 deletions(-) diff --git a/chromium.changes b/chromium.changes index 38dad3c..c6e8347 100644 --- a/chromium.changes +++ b/chromium.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Fri Apr 6 12:54:24 UTC 2018 - tchvatal@suse.com + +- Use memory-constraints package to limit threads as needed + ------------------------------------------------------------------- Wed Mar 21 06:31:27 UTC 2018 - astieger@suse.com @@ -6,6 +11,7 @@ Wed Mar 21 06:31:27 UTC 2018 - astieger@suse.com and other initiatives (boo#1086124) ------------------------------------------------------------------- +>>>>>>> ./chromium.changes.r47afdab4f36d0667875ab6cd647e0111 Tue Mar 20 12:33:53 UTC 2018 - tchvatal@suse.com - Use both freetype and harfbuzz either bundled or system diff --git a/chromium.spec b/chromium.spec index 6473f57..b9e042a 100644 --- a/chromium.spec +++ b/chromium.spec @@ -40,7 +40,7 @@ Release: 0 Summary: Google's open source browser project License: BSD-3-Clause AND LGPL-2.1-or-later Group: Productivity/Networking/Web/Browsers -Url: http://code.google.com/p/chromium/ +URL: http://code.google.com/p/chromium/ Source0: http://commondatastorage.googleapis.com/chromium-browser-official/%{rname}-%{version}.tar.xz # Toolchain definitions Source1: BUILD.gn @@ -92,6 +92,7 @@ BuildRequires: libgsm-devel BuildRequires: libjpeg-devel >= 8.1 BuildRequires: libpng-devel BuildRequires: libva-devel +BuildRequires: memory-constraints BuildRequires: ncurses-devel BuildRequires: ninja >= 1.7.2 BuildRequires: pam-devel @@ -117,9 +118,6 @@ BuildRequires: pkgconfig(glib-2.0) BuildRequires: pkgconfig(gnome-keyring-1) BuildRequires: pkgconfig(gtk+-2.0) BuildRequires: pkgconfig(gtk+-3.0) -%if %{with system_harfbuzz} -BuildRequires: pkgconfig(harfbuzz) >= 1.7.0 -%endif BuildRequires: pkgconfig(hunspell) BuildRequires: pkgconfig(imlib2) BuildRequires: pkgconfig(jack) @@ -191,6 +189,9 @@ Obsoletes: chromium-ffmpeg Obsoletes: chromium-ffmpegsumo # no 32bit supported and it takes ages to build ExcludeArch: %{arm} aarch64 i586 ppc ppc64 ppc64le +%if %{with system_harfbuzz} +BuildRequires: pkgconfig(harfbuzz) >= 1.7.0 +%endif %if 0%{?suse_version} >= 1330 BuildRequires: nodejs8 %else @@ -459,18 +460,7 @@ export PATH="$HOME/bin/:$PATH" %endif %endif # do not eat all memory -ninjaproc="%{?jobs:%{jobs}}" -echo "Available memory:" -cat /proc/meminfo -echo "System limits:" -ulimit -a -if test -n "$ninjaproc" -a "$ninjaproc" -gt 1 ; then - mem_per_process=1600000 - max_mem=$(awk '/MemTotal/ { print $2 }' /proc/meminfo) - max_jobs="$(($max_mem / $mem_per_process))" - test "$ninjaproc" -gt "$max_jobs" && ninjaproc="$max_jobs" && echo "Warning: Reducing number of jobs to $max_jobs because of memory limits" - test "$ninjaproc" -le 0 && ninjaproc=1 && echo "Warning: Do not use the parallel build at all becuse of memory limits" -fi +%limit_build -m 1600 # Set system libraries to be used gn_system_libraries=( @@ -580,7 +570,7 @@ tools/gn/bootstrap/bootstrap.py -s -v --gn-gen-args "${myconf_gn}" # https://bugs.chromium.org/p/chromium/issues/detail?id=642016 out/Release/gn gen --args="${myconf_gn}" out/Release -ninja -v -j $ninjaproc -C out/Release chrome chrome_sandbox chromedriver +ninja -v %{?_smp_mflags} -C out/Release chrome chrome_sandbox chromedriver %install mkdir -p %{buildroot}%{_libdir}/chromium @@ -664,7 +654,8 @@ chmod 755 %{buildroot}%{_libdir}/chromium/xdg-mime %files %verify(not mode) %{_libexecdir}/chrome_sandbox -%doc AUTHORS LICENSE +%license LICENSE +%doc AUTHORS %config %{_sysconfdir}/chromium %config(noreplace) %{_sysconfdir}/default/chromium %dir %{_datadir}/gnome-control-center From 756c2417614992b969087da6464b65a3c53ebcc80ca8914a7c3d480f1f748ff0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Sat, 7 Apr 2018 06:55:21 +0000 Subject: [PATCH 09/52] OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1111 --- chromium.changes | 1 - 1 file changed, 1 deletion(-) diff --git a/chromium.changes b/chromium.changes index c6e8347..a7411b3 100644 --- a/chromium.changes +++ b/chromium.changes @@ -11,7 +11,6 @@ Wed Mar 21 06:31:27 UTC 2018 - astieger@suse.com and other initiatives (boo#1086124) ------------------------------------------------------------------- ->>>>>>> ./chromium.changes.r47afdab4f36d0667875ab6cd647e0111 Tue Mar 20 12:33:53 UTC 2018 - tchvatal@suse.com - Use both freetype and harfbuzz either bundled or system From c5a79f6999d782b5727ea636e8ed3c69afed0a81d98303b90a3de53a50bf82a3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Sun, 8 Apr 2018 10:50:56 +0000 Subject: [PATCH 10/52] - Add vaapi patches: * chromium-vaapi-init.patch * chromium-vaapi.patch OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1112 --- chromium-vaapi-init.patch | 253 ++++++++++++++++++ chromium-vaapi.patch | 544 ++++++++++++++++++++++++++++++++++++++ chromium.changes | 7 + chromium.spec | 8 + 4 files changed, 812 insertions(+) create mode 100644 chromium-vaapi-init.patch create mode 100644 chromium-vaapi.patch diff --git a/chromium-vaapi-init.patch b/chromium-vaapi-init.patch new file mode 100644 index 0000000..76389da --- /dev/null +++ b/chromium-vaapi-init.patch @@ -0,0 +1,253 @@ +From 281edc278272f0650fc190c8539d443ac59157bc Mon Sep 17 00:00:00 2001 +From: Daniel Charles +Date: Thu, 08 Feb 2018 02:36:51 +0000 +Subject: [PATCH] vaapi initialization: move it to vaapi_wrapper + +vaapi loading of libraries happens on the Pre and Post Sandbox +functions. Moving dynamic loading of libaries, i.e. libva,libva-drm +and i965_drv_video shared libraries to vaapi_wrapper. + +When calling PreSandbox function in vaapi_wrapper libva will open +i965_drv_video shared library and both will be available for use + +BUG=785117 +TEST=video initialization of h/w dec/enc, VAVDA/VAVEA/VAJDA subjective + testing and include unittests and autotests + +Cq-Include-Trybots: master.tryserver.chromium.android:android_optional_gpu_tests_rel;master.tryserver.chromium.linux:linux_optional_gpu_tests_rel;master.tryserver.chromium.mac:mac_optional_gpu_tests_rel;master.tryserver.chromium.win:win_optional_gpu_tests_rel +Change-Id: I862bb49f1167d7437e80387882cb9081ad53f54b +Signed-off-by: Daniel Charles +Reviewed-on: https://chromium-review.googlesource.com/666138 +Commit-Queue: Miguel Casas +Reviewed-by: Kenneth Russell +Reviewed-by: Antoine Labour +Reviewed-by: Dongseong Hwang +Reviewed-by: Pawel Osciak +Reviewed-by: Jorge Lucangeli Obes +Cr-Commit-Position: refs/heads/master@{#535274} +--- + +diff --git a/content/gpu/gpu_sandbox_hook_linux.cc b/content/gpu/gpu_sandbox_hook_linux.cc +index e69e23e..5c4013c 100644 +--- a/content/gpu/gpu_sandbox_hook_linux.cc ++++ b/content/gpu/gpu_sandbox_hook_linux.cc +@@ -29,10 +29,6 @@ + #include "services/service_manager/sandbox/linux/bpf_gpu_policy_linux.h" + #include "services/service_manager/sandbox/linux/sandbox_linux.h" + +-#if BUILDFLAG(USE_VAAPI) +-#include +-#endif +- + using sandbox::bpf_dsl::Policy; + using sandbox::syscall_broker::BrokerFilePermission; + using sandbox::syscall_broker::BrokerProcess; +@@ -48,22 +44,6 @@ + #endif + } + +-inline bool IsArchitectureX86_64() { +-#if defined(__x86_64__) +- return true; +-#else +- return false; +-#endif +-} +- +-inline bool IsArchitectureI386() { +-#if defined(__i386__) +- return true; +-#else +- return false; +-#endif +-} +- + inline bool IsArchitectureArm() { + #if defined(ARCH_CPU_ARM_FAMILY) + return true; +@@ -88,14 +68,6 @@ + #endif + } + +-inline bool IsLibVAVersion2() { +-#if BUILDFLAG(USE_VAAPI) && VA_MAJOR_VERSION == 1 +- return true; +-#else +- return false; +-#endif +-} +- + constexpr int dlopen_flag = RTLD_NOW | RTLD_GLOBAL | RTLD_NODELETE; + + void AddV4L2GpuWhitelist( +@@ -270,50 +242,6 @@ + } + } + +-void LoadStandardLibraries( +- const service_manager::SandboxSeccompBPF::Options& options) { +- if (IsArchitectureX86_64() || IsArchitectureI386()) { +- // Accelerated video dlopen()'s some shared objects +- // inside the sandbox, so preload them now. +- if (IsAcceleratedVideoEnabled(options)) { +- if (IsLibVAVersion2()) { +- if (IsArchitectureX86_64()) { +- dlopen("/usr/lib64/va/drivers/i965_drv_video.so", dlopen_flag); +- dlopen("/usr/lib64/va/drivers/hybrid_drv_video.so", dlopen_flag); +- } else if (IsArchitectureI386()) { +- dlopen("/usr/lib/va/drivers/i965_drv_video.so", dlopen_flag); +- } +- dlopen("libva.so.2", dlopen_flag); +-#if defined(USE_OZONE) +- dlopen("libva-drm.so.2", dlopen_flag); +-#endif +- } else { +- // If we are linked against libva 1, we have two cases to handle: +- // - the sysroot includes both libva 1 and 2, in which case the drivers +- // are in /usr/lib{64}/va1/ +- // - the sysroot only includes libva 1, in which case the drivers are +- // are in /usr/lib{64}/va/ +- // This is ugly, but temporary until all builds have switched to libva 2. +- if (IsArchitectureX86_64()) { +- if (!dlopen("/usr/lib64/va1/drivers/i965_drv_video.so", dlopen_flag)) +- dlopen("/usr/lib64/va/drivers/i965_drv_video.so", dlopen_flag); +- if (!dlopen("/usr/lib64/va1/drivers/hybrid_drv_video.so", dlopen_flag)) +- dlopen("/usr/lib64/va/drivers/hybrid_drv_video.so", dlopen_flag); +- } else if (IsArchitectureI386()) { +- if (!dlopen("/usr/lib/va1/drivers/i965_drv_video.so", dlopen_flag)) +- dlopen("/usr/lib/va/drivers/i965_drv_video.so", dlopen_flag); +- } +- dlopen("libva.so.1", dlopen_flag); +-#if defined(USE_OZONE) +- dlopen("libva-drm.so.1", dlopen_flag); +-#elif defined(USE_X11) +- dlopen("libva-x11.so.1", dlopen_flag); +-#endif +- } +- } +- } +-} +- + bool LoadLibrariesForGpu( + const service_manager::SandboxSeccompBPF::Options& options) { + if (IsChromeOS()) { +@@ -326,7 +254,6 @@ + if (options.use_amd_specific_policies) + return LoadAmdGpuLibraries(); + } +- LoadStandardLibraries(options); + return true; + } + +diff --git a/media/gpu/vaapi/vaapi_wrapper.cc b/media/gpu/vaapi/vaapi_wrapper.cc +index bc3d735..7421a74 100644 +--- a/media/gpu/vaapi/vaapi_wrapper.cc ++++ b/media/gpu/vaapi/vaapi_wrapper.cc +@@ -48,6 +48,11 @@ + using media_gpu_vaapi::kModuleVa_x11; + #endif + using media_gpu_vaapi::InitializeStubs; ++using media_gpu_vaapi::IsVaInitialized; ++#if defined(USE_X11) ++using media_gpu_vaapi::IsVa_x11Initialized; ++#endif ++using media_gpu_vaapi::IsVa_drmInitialized; + using media_gpu_vaapi::StubPathMap; + + #define LOG_VA_ERROR_AND_REPORT(va_error, err_msg) \ +@@ -166,9 +171,6 @@ + void SetDrmFd(base::PlatformFile fd) { drm_fd_.reset(HANDLE_EINTR(dup(fd))); } + + private: +- // Returns false on init failure. +- static bool PostSandboxInitialization(); +- + // Protected by |va_lock_|. + int refcount_; + +@@ -203,41 +205,17 @@ + VADisplayState::Get()->SetDrmFd(drm_file.GetPlatformFile()); + } + +-// static +-bool VADisplayState::PostSandboxInitialization() { +- const std::string va_suffix(std::to_string(VA_MAJOR_VERSION + 1)); +- StubPathMap paths; +- +- paths[kModuleVa].push_back(std::string("libva.so.") + va_suffix); +- paths[kModuleVa_drm].push_back(std::string("libva-drm.so.") + va_suffix); +-#if defined(USE_X11) +- // libva-x11 does not exist on libva >= 2 +- if (VA_MAJOR_VERSION == 0) +- paths[kModuleVa_x11].push_back("libva-x11.so.1"); +-#endif +- +- const bool success = InitializeStubs(paths); +- if (!success) { +- static const char kErrorMsg[] = "Failed to initialize VAAPI libs"; +-#if defined(OS_CHROMEOS) +- // When Chrome runs on Linux with target_os="chromeos", do not log error +- // message without VAAPI libraries. +- LOG_IF(ERROR, base::SysInfo::IsRunningOnChromeOS()) << kErrorMsg; +-#else +- DVLOG(1) << kErrorMsg; +-#endif +- } +- return success; +-} +- + VADisplayState::VADisplayState() + : refcount_(0), va_display_(nullptr), va_initialized_(false) {} + + bool VADisplayState::Initialize() { + va_lock_.AssertAcquired(); + +- static bool result = PostSandboxInitialization(); +- if (!result) ++ if (!IsVaInitialized() || ++#if defined(USE_X11) ++ !IsVa_x11Initialized() || ++#endif ++ !IsVa_drmInitialized()) + return false; + + if (refcount_++ > 0) +@@ -1169,6 +1147,38 @@ + // static + void VaapiWrapper::PreSandboxInitialization() { + VADisplayState::PreSandboxInitialization(); ++ ++ const std::string va_suffix(std::to_string(VA_MAJOR_VERSION + 1)); ++ StubPathMap paths; ++ ++ paths[kModuleVa].push_back(std::string("libva.so.") + va_suffix); ++ paths[kModuleVa_drm].push_back(std::string("libva-drm.so.") + va_suffix); ++#if defined(USE_X11) ++ paths[kModuleVa_x11].push_back(std::string("libva-x11.so.") + va_suffix); ++#endif ++ ++ // InitializeStubs dlopen() VA-API libraries ++ // libva.so ++ // libva-x11.so (X11) ++ // libva-drm.so (X11 and Ozone). ++ static bool result = InitializeStubs(paths); ++ if (!result) { ++ static const char kErrorMsg[] = "Failed to initialize VAAPI libs"; ++#if defined(OS_CHROMEOS) ++ // When Chrome runs on Linux with target_os="chromeos", do not log error ++ // message without VAAPI libraries. ++ LOG_IF(ERROR, base::SysInfo::IsRunningOnChromeOS()) << kErrorMsg; ++#else ++ DVLOG(1) << kErrorMsg; ++#endif ++ } ++ ++ // VASupportedProfiles::Get creates VADisplayState and in so doing ++ // driver associated libraries are dlopen(), to know: ++ // i965_drv_video.so ++ // hybrid_drv_video.so (platforms that support it) ++ // libcmrt.so (platforms that support it) ++ VASupportedProfiles::Get(); + } + + VaapiWrapper::VaapiWrapper() diff --git a/chromium-vaapi.patch b/chromium-vaapi.patch new file mode 100644 index 0000000..929373a --- /dev/null +++ b/chromium-vaapi.patch @@ -0,0 +1,544 @@ +From 4bf343ab8c4a538205f9c1e96a661e40620c716b Mon Sep 17 00:00:00 2001 +From: Daniel Charles +Date: Fri, 09 Feb 2018 14:39:27 -0800 +Subject: [PATCH] Enable VAVDA, VAVEA and VAJDA on linux with VAAPI only + +This patch contains all the changes necessary to use VA-API along with +vaapi-driver to run all media use cases supported with hardware acceleration. + +It is intended to remain as experimental accessible from chrome://flags on linux. +It requires libva/intel-vaapi-driver to be installed on the system path where +chrome is executed. Other drivers could be tested if available. Flags are +kept independent for linux, where this feature has to be enabled before +actually using it. This should not change how other OSes use the flags +already, the new flags will show at the buttom on the section of unavailable +experiments + +The changes cover a range of compiler pre-processor flags to enable the stack. +It moves the presandbox operations to the vaapi_wrapper class as the hook function +is available there. vaInit will open driver on the correct installed folder. + +chrome flags consolidtation into only two flags for linux. Mjpeg and accelerated +video are used. The other flags are kept for ChromeOS and other OSes. + +Developer testing was made on skylake hardware, ChromeOS and Ubuntu. + +BUG=NONE +TEST=subjective testing with VAVDA,VAVEA and VAJDA, autotest for encoder + and decoder hardware accelerated + have libva/intel-vaapi-driver installed and not installed in the system + repeat on different hardware families + +Cq-Include-Trybots: master.tryserver.chromium.android:android_optional_gpu_tests_rel;master.tryserver.chromium.linux:linux_optional_gpu_tests_rel;master.tryserver.chromium.mac:mac_optional_gpu_tests_rel;master.tryserver.chromium.win:win_optional_gpu_tests_rel +Change-Id: Ifbbf5c9e5221a8b5733fc6d4d0cf984a1f103171 +Signed-off-by: Daniel Charles +--- + +--- a/chrome/browser/about_flags.cc ++++ b/chrome/browser/about_flags.cc +@@ -1249,12 +1249,14 @@ const FeatureEntry kFeatureEntries[] = { + flag_descriptions::kUiPartialSwapDescription, kOsAll, + SINGLE_DISABLE_VALUE_TYPE(switches::kUIDisablePartialSwap)}, + #if BUILDFLAG(ENABLE_WEBRTC) ++#if defined(OS_CHROMEOS) || defined(OS_ANDROID) + {"disable-webrtc-hw-decoding", flag_descriptions::kWebrtcHwDecodingName, + flag_descriptions::kWebrtcHwDecodingDescription, kOsAndroid | kOsCrOS, + SINGLE_DISABLE_VALUE_TYPE(switches::kDisableWebRtcHWDecoding)}, + {"disable-webrtc-hw-encoding", flag_descriptions::kWebrtcHwEncodingName, + flag_descriptions::kWebrtcHwEncodingDescription, kOsAndroid | kOsCrOS, + SINGLE_DISABLE_VALUE_TYPE(switches::kDisableWebRtcHWEncoding)}, ++#endif + {"enable-webrtc-hw-h264-encoding", + flag_descriptions::kWebrtcHwH264EncodingName, + flag_descriptions::kWebrtcHwH264EncodingDescription, kOsAndroid | kOsCrOS, +@@ -1550,6 +1552,13 @@ const FeatureEntry kFeatureEntries[] = { + flag_descriptions::kShowTouchHudDescription, kOsCrOS, + SINGLE_VALUE_TYPE(ash::switches::kAshTouchHud)}, + #endif // OS_CHROMEOS ++#if defined(OS_LINUX) && !defined(OS_CHROMEOS) && !defined(OS_ANDROID) ++ { ++ "enable-accelerated-video", flag_descriptions::kAcceleratedVideoName, ++ flag_descriptions::kAcceleratedVideoDescription, kOsLinux, ++ SINGLE_VALUE_TYPE(switches::kEnableAcceleratedVideo), ++ }, ++#else + { + "disable-accelerated-video-decode", + flag_descriptions::kAcceleratedVideoDecodeName, +@@ -1557,6 +1566,7 @@ const FeatureEntry kFeatureEntries[] = { + kOsMac | kOsWin | kOsCrOS | kOsAndroid, + SINGLE_DISABLE_VALUE_TYPE(switches::kDisableAcceleratedVideoDecode), + }, ++#endif + #if defined(OS_WIN) + {"enable-hdr", flag_descriptions::kEnableHDRName, + flag_descriptions::kEnableHDRDescription, kOsWin, +@@ -2268,12 +2278,17 @@ const FeatureEntry kFeatureEntries[] = { + FEATURE_VALUE_TYPE(features::kOpenVR)}, + #endif // ENABLE_OPENVR + #endif // ENABLE_VR +-#if defined(OS_CHROMEOS) ++#if defined(OS_LINUX) && !defined(OS_CHROMEOS) && !defined(OS_ANDROID) ++ {"enable-accelerated-mjpeg-decode", ++ flag_descriptions::kAcceleratedMjpegDecodeName, ++ flag_descriptions::kAcceleratedMjpegDecodeDescription, kOsLinux, ++ SINGLE_VALUE_TYPE(switches::kEnableAcceleratedMjpegDecode)}, ++#elif defined(OS_CHROMEOS) + {"disable-accelerated-mjpeg-decode", + flag_descriptions::kAcceleratedMjpegDecodeName, + flag_descriptions::kAcceleratedMjpegDecodeDescription, kOsCrOS, + SINGLE_DISABLE_VALUE_TYPE(switches::kDisableAcceleratedMjpegDecode)}, +-#endif // OS_CHROMEOS ++#endif + {"v8-cache-options", flag_descriptions::kV8CacheOptionsName, + flag_descriptions::kV8CacheOptionsDescription, kOsAll, + MULTI_VALUE_TYPE(kV8CacheOptionsChoices)}, +--- a/chrome/browser/chromeos/login/chrome_restart_request.cc ++++ b/chrome/browser/chromeos/login/chrome_restart_request.cc +@@ -19,6 +19,7 @@ + #include "base/sys_info.h" + #include "base/timer/timer.h" + #include "base/values.h" ++#include "build/build_config.h" + #include "cc/base/switches.h" + #include "chrome/browser/browser_process.h" + #include "chrome/browser/chromeos/boot_times_recorder.h" +@@ -84,9 +85,14 @@ void DeriveCommandLine(const GURL& start + ::switches::kDisable2dCanvasImageChromium, + ::switches::kDisableAccelerated2dCanvas, + ::switches::kDisableAcceleratedJpegDecoding, ++#if defined(OS_LINUX) && !defined(OS_CHROMEOS) && !defined(OS_ANDROID) ++ ::switches::kEnableAcceleratedMjpegDecode, ++ ::switches::kEnableAcceleratedVideo, ++#else + ::switches::kDisableAcceleratedMjpegDecode, + ::switches::kDisableAcceleratedVideoDecode, + ::switches::kDisableAcceleratedVideoEncode, ++#endif + ::switches::kDisableBlinkFeatures, + ::switches::kDisableCastStreamingHWEncoding, + ::switches::kDisableDistanceFieldText, +@@ -164,7 +170,7 @@ void DeriveCommandLine(const GURL& start + ::switches::kDisableWebGLImageChromium, + ::switches::kEnableWebGLImageChromium, + ::switches::kEnableWebVR, +-#if BUILDFLAG(ENABLE_WEBRTC) ++#if BUILDFLAG(ENABLE_WEBRTC) && (defined(OS_CHROMEOS) || defined(OS_ANDROID)) + ::switches::kDisableWebRtcHWDecoding, + ::switches::kDisableWebRtcHWEncoding, + #endif +--- a/chrome/browser/flag_descriptions.cc ++++ b/chrome/browser/flag_descriptions.cc +@@ -14,6 +14,13 @@ const char kAccelerated2dCanvasDescripti + "Enables the use of the GPU to perform 2d canvas rendering instead of " + "using software rendering."; + ++#if defined(OS_LINUX) && !defined(OS_CHROMEOS) && !defined(OS_ANDROID) ++const char kAcceleratedVideoName[] = "Hardware-accelerated video"; ++const char kAcceleratedVideoDescription[] = ++ "Hardware-accelerated video where VA-API driver is installed on the" ++ "system."; ++#endif ++ + const char kAcceleratedVideoDecodeName[] = "Hardware-accelerated video decode"; + const char kAcceleratedVideoDecodeDescription[] = + "Hardware-accelerated video decode where available."; +@@ -1597,6 +1604,7 @@ const char kWebrtcEchoCanceller3Name[] = + const char kWebrtcEchoCanceller3Description[] = + "Experimental WebRTC echo canceller (AEC3)."; + ++#if defined(OS_CHROMEOS) || defined(OS_ANDROID) + const char kWebrtcHwDecodingName[] = "WebRTC hardware video decoding"; + const char kWebrtcHwDecodingDescription[] = + "Support in WebRTC for decoding video streams using platform hardware."; +@@ -1604,6 +1612,7 @@ const char kWebrtcHwDecodingDescription[ + const char kWebrtcHwEncodingName[] = "WebRTC hardware video encoding"; + const char kWebrtcHwEncodingDescription[] = + "Support in WebRTC for encoding video streams using platform hardware."; ++#endif + + const char kWebrtcHwH264EncodingName[] = "WebRTC hardware h264 video encoding"; + const char kWebrtcHwH264EncodingDescription[] = +@@ -2434,14 +2443,16 @@ const char kTranslateNewUxDescription[] + + // Chrome OS ------------------------------------------------------------------- + +-#if defined(OS_CHROMEOS) ++#if defined(OS_CHROMEOS) || (defined(OS_LINUX) && !defined(OS_ANDROID)) + + const char kAcceleratedMjpegDecodeName[] = + "Hardware-accelerated mjpeg decode for captured frame"; + const char kAcceleratedMjpegDecodeDescription[] = + "Enable hardware-accelerated mjpeg decode for captured frame where " + "available."; ++#endif + ++#if defined(OS_CHROMEOS) + const char kAllowTouchpadThreeFingerClickName[] = "Touchpad three-finger-click"; + const char kAllowTouchpadThreeFingerClickDescription[] = + "Enables touchpad three-finger-click as middle button."; +--- a/chrome/browser/flag_descriptions.h ++++ b/chrome/browser/flag_descriptions.h +@@ -37,6 +37,10 @@ namespace flag_descriptions { + extern const char kAccelerated2dCanvasName[]; + extern const char kAccelerated2dCanvasDescription[]; + ++#if defined(OS_LINUX) && !defined(OS_CHROMEOS) && !defined(OS_ANDROID) ++extern const char kAcceleratedVideoName[]; ++extern const char kAcceleratedVideoDescription[]; ++#endif + extern const char kAcceleratedVideoDecodeName[]; + extern const char kAcceleratedVideoDecodeDescription[]; + +@@ -1498,13 +1502,17 @@ extern const char kPermissionPromptPersi + + #endif // defined(OS_MACOSX) + +-// Chrome OS ------------------------------------------------------------------ +- +-#if defined(OS_CHROMEOS) ++#if defined(OS_CHROMEOS) || (defined(OS_LINUX) && !defined(OS_ANDROID)) + + extern const char kAcceleratedMjpegDecodeName[]; + extern const char kAcceleratedMjpegDecodeDescription[]; + ++#endif ++ ++// Chrome OS ------------------------------------------------------------------ ++ ++#if defined(OS_CHROMEOS) ++ + extern const char kAllowTouchpadThreeFingerClickName[]; + extern const char kAllowTouchpadThreeFingerClickDescription[]; + +--- a/content/browser/gpu/compositor_util.cc ++++ b/content/browser/gpu/compositor_util.cc +@@ -98,7 +98,11 @@ const GpuFeatureData GetGpuFeatureData(s + {"video_decode", + manager->GetFeatureStatus( + gpu::GPU_FEATURE_TYPE_ACCELERATED_VIDEO_DECODE), ++#if defined(OS_LINUX) && !defined(OS_CHROMEOS) && !defined(OS_ANDROID) ++ !command_line.HasSwitch(switches::kEnableAcceleratedVideo), ++#else + command_line.HasSwitch(switches::kDisableAcceleratedVideoDecode), ++#endif + "Accelerated video decode has been disabled, either via blacklist," + " about:flags or the command line.", + true}, +--- a/content/browser/gpu/gpu_process_host.cc ++++ b/content/browser/gpu/gpu_process_host.cc +@@ -120,7 +120,7 @@ static const char* const kSwitchNames[] + switches::kDisableGLExtensions, + switches::kDisableLogging, + switches::kDisableShaderNameHashing, +-#if BUILDFLAG(ENABLE_WEBRTC) ++#if BUILDFLAG(ENABLE_WEBRTC) && !defined(OS_LINUX) + switches::kDisableWebRtcHWEncoding, + #endif + #if defined(OS_WIN) +--- a/content/browser/renderer_host/media/video_capture_browsertest.cc ++++ b/content/browser/renderer_host/media/video_capture_browsertest.cc +@@ -164,8 +164,13 @@ class VideoCaptureBrowserTest : public C + base::CommandLine::ForCurrentProcess()->AppendSwitch( + switches::kUseFakeJpegDecodeAccelerator); + } else { ++#if defined(OS_LINUX) && !defined(OS_CHROMEOS) && !defined(OS_ANDROID) ++ base::CommandLine::ForCurrentProcess()->AppendSwitch( ++ switches::kEnableAcceleratedMjpegDecode); ++#else + base::CommandLine::ForCurrentProcess()->AppendSwitch( + switches::kDisableAcceleratedMjpegDecode); ++#endif + } + } + +--- a/content/browser/renderer_host/media/video_capture_gpu_jpeg_decoder.cc ++++ b/content/browser/renderer_host/media/video_capture_gpu_jpeg_decoder.cc +@@ -65,15 +65,21 @@ void VideoCaptureGpuJpegDecoder::Initial + bool is_platform_supported = + base::CommandLine::ForCurrentProcess()->HasSwitch( + switches::kUseFakeJpegDecodeAccelerator); +-#if defined(OS_CHROMEOS) +- // Non-ChromeOS platforms do not support HW JPEG decode now. Do not establish +- // gpu channel to avoid introducing overhead. ++#if !defined(OS_ANDROID) && defined(OS_LINUX) ++ // Non-ChromeOS or Non-Linux platforms do not support HW JPEG decode now. Do ++ // not establish gpu channel to avoid introducing overhead. + is_platform_supported = true; + #endif + + if (!is_platform_supported || ++#if defined(OS_LINUX) && !defined(OS_CHROMEOS) && !defined(OS_ANDROID) ++ !base::CommandLine::ForCurrentProcess()->HasSwitch( ++ switches::kEnableAcceleratedMjpegDecode) ++#else + base::CommandLine::ForCurrentProcess()->HasSwitch( +- switches::kDisableAcceleratedMjpegDecode)) { ++ switches::kDisableAcceleratedMjpegDecode) ++#endif ++ ) { + decoder_status_ = FAILED; + RecordInitDecodeUMA_Locked(); + return; +--- a/content/browser/renderer_host/render_process_host_impl.cc ++++ b/content/browser/renderer_host/render_process_host_impl.cc +@@ -2530,7 +2530,11 @@ void RenderProcessHostImpl::PropagateBro + switches::kDefaultTileHeight, + switches::kDisable2dCanvasImageChromium, + switches::kDisableAcceleratedJpegDecoding, ++#if defined(OS_LINUX) && !defined(OS_CHROMEOS) ++ switches::kEnableAcceleratedVideo, ++#else + switches::kDisableAcceleratedVideoDecode, ++#endif + switches::kDisableBackgroundTimerThrottling, + switches::kDisableBreakpad, + switches::kDisableCompositorUkmForTests, +@@ -2663,8 +2667,10 @@ void RenderProcessHostImpl::PropagateBro + switches::kDisableMojoRenderer, + #endif + #if BUILDFLAG(ENABLE_WEBRTC) ++#if !defined(OS_LINUX) || defined(OS_CHROMEOS) + switches::kDisableWebRtcHWDecoding, + switches::kDisableWebRtcHWEncoding, ++#endif + switches::kEnableWebRtcSrtpAesGcm, + switches::kEnableWebRtcSrtpEncryptedHeaders, + switches::kEnableWebRtcStunOrigin, +--- a/content/browser/webrtc/webrtc_media_recorder_browsertest.cc ++++ b/content/browser/webrtc/webrtc_media_recorder_browsertest.cc +@@ -58,7 +58,12 @@ class WebRtcMediaRecorderTest + return; + // This flag is also used for encoding, https://crbug.com/616640. + base::CommandLine::ForCurrentProcess()->AppendSwitch( +- switches::kDisableAcceleratedVideoDecode); ++#if defined(OS_LINUX) && !defined(OS_CHROMEOS) ++ switches::kEnableAcceleratedVideo ++#else ++ switches::kDisableAcceleratedVideoDecode ++#endif ++ ); + } + + private: +--- a/content/gpu/BUILD.gn ++++ b/content/gpu/BUILD.gn +@@ -125,4 +125,8 @@ target(link_target_type, "gpu_sources") + if (is_desktop_linux && (!is_chromecast || is_cast_desktop_build)) { + configs += [ "//build/config/linux/dri" ] + } ++ ++ if (is_desktop_linux) { ++ public_configs = [ "//media/gpu:libva_config" ] ++ } + } +--- a/content/gpu/gpu_main.cc ++++ b/content/gpu/gpu_main.cc +@@ -273,7 +273,7 @@ int GpuMain(const MainFunctionParams& pa + + base::PlatformThread::SetName("CrGpuMain"); + +-#if defined(OS_ANDROID) || defined(OS_CHROMEOS) ++#if defined(OS_LINUX) + // Set thread priority before sandbox initialization. + base::PlatformThread::SetCurrentThreadPriority(base::ThreadPriority::DISPLAY); + #endif +@@ -302,7 +302,7 @@ int GpuMain(const MainFunctionParams& pa + GetContentClient()->SetGpuInfo(gpu_init->gpu_info()); + + base::ThreadPriority io_thread_priority = base::ThreadPriority::NORMAL; +-#if defined(OS_ANDROID) || defined(OS_CHROMEOS) ++#if defined(OS_LINUX) + io_thread_priority = base::ThreadPriority::DISPLAY; + #endif + +--- a/content/public/browser/gpu_utils.cc ++++ b/content/public/browser/gpu_utils.cc +@@ -7,6 +7,7 @@ + #include "base/command_line.h" + #include "base/single_thread_task_runner.h" + #include "base/strings/string_number_conversions.h" ++#include "build/build_config.h" + #include "content/browser/gpu/gpu_process_host.h" + #include "content/public/common/content_features.h" + #include "content/public/common/content_switches.h" +@@ -55,10 +56,18 @@ const gpu::GpuPreferences GetGpuPreferen + gpu_preferences.in_process_gpu = + command_line->HasSwitch(switches::kInProcessGPU); + gpu_preferences.disable_accelerated_video_decode = ++#if defined(OS_LINUX) && !defined(OS_CHROMEOS) ++ !command_line->HasSwitch(switches::kEnableAcceleratedVideo); ++#else + command_line->HasSwitch(switches::kDisableAcceleratedVideoDecode); ++#endif + gpu_preferences.disable_accelerated_video_encode = ++#if defined(OS_LINUX) && !defined(OS_CHROMEOS) ++ !command_line->HasSwitch(switches::kEnableAcceleratedVideo); ++#else + command_line->HasSwitch(switches::kDisableAcceleratedVideoEncode); +-#if BUILDFLAG(ENABLE_WEBRTC) ++#endif ++#if BUILDFLAG(ENABLE_WEBRTC) && (defined(OS_CHROMEOS) || defined(OS_ANDROID)) + gpu_preferences.disable_web_rtc_hw_encoding = + command_line->HasSwitch(switches::kDisableWebRtcHWEncoding); + #endif +--- a/content/public/common/content_switches.cc ++++ b/content/public/common/content_switches.cc +@@ -78,12 +78,21 @@ const char kDisable3DAPIs[] + + // Disable gpu-accelerated 2d canvas. + const char kDisableAccelerated2dCanvas[] = "disable-accelerated-2d-canvas"; +- ++#if defined(OS_LINUX) && !defined(OS_CHROMEOS) ++// Enable hardware accelerated mjpeg decode on linux ++const char kEnableAcceleratedMjpegDecode[] = "enable-accelerated-mjpeg-decode"; ++#else + // Disable hardware acceleration of mjpeg decode for captured frame, where + // available. + const char kDisableAcceleratedMjpegDecode[] = + "disable-accelerated-mjpeg-decode"; ++#endif + ++#if defined(OS_LINUX) ++// Enables hardware acceleration of video for Linux only. VA-API driver ++// is required to be present on the system installation. ++const char kEnableAcceleratedVideo[] = "enable-accelerated-video"; ++#endif + // Disables hardware acceleration of video decode, where available. + const char kDisableAcceleratedVideoDecode[] = + "disable-accelerated-video-decode"; +@@ -888,11 +897,13 @@ const char kZygoteProcess[] + // ignores this switch on its stable and beta channels. + const char kDisableWebRtcEncryption[] = "disable-webrtc-encryption"; + ++#if defined(OS_CHROMEOS) + // Disables HW decode acceleration for WebRTC. + const char kDisableWebRtcHWDecoding[] = "disable-webrtc-hw-decoding"; + + // Disables HW encode acceleration for WebRTC. + const char kDisableWebRtcHWEncoding[] = "disable-webrtc-hw-encoding"; ++#endif + + // Enables negotiation of GCM cipher suites from RFC 7714 for SRTP in WebRTC. + // See https://tools.ietf.org/html/rfc7714 for further information. +--- a/content/public/common/content_switches.h ++++ b/content/public/common/content_switches.h +@@ -33,7 +33,11 @@ CONTENT_EXPORT extern const char kDisabl + CONTENT_EXPORT extern const char kDisable3DAPIs[]; + CONTENT_EXPORT extern const char kDisableAccelerated2dCanvas[]; + CONTENT_EXPORT extern const char kDisableAcceleratedJpegDecoding[]; ++#if defined(OS_LINUX) && !defined(OS_CHROMEOS) ++CONTENT_EXPORT extern const char kEnableAcceleratedMjpegDecode[]; ++#else + CONTENT_EXPORT extern const char kDisableAcceleratedMjpegDecode[]; ++#endif + CONTENT_EXPORT extern const char kDisableAcceleratedVideoDecode[]; + CONTENT_EXPORT extern const char kDisableAcceleratedVideoEncode[]; + CONTENT_EXPORT extern const char kDisableAudioSupportForDesktopShare[]; +@@ -107,6 +111,9 @@ CONTENT_EXPORT extern const char kDisabl + CONTENT_EXPORT extern const char kDomAutomationController[]; + extern const char kDisable2dCanvasClipAntialiasing[]; + CONTENT_EXPORT extern const char kDumpBlinkRuntimeCallStats[]; ++#if defined(OS_LINUX) && !defined(OS_CHROMEOS) && !defined(OS_ANDROID) ++CONTENT_EXPORT extern const char kEnableAcceleratedVideo[]; ++#endif + CONTENT_EXPORT extern const char kEnableAggressiveDOMStorageFlushing[]; + CONTENT_EXPORT extern const char kEnableAutomation[]; + CONTENT_EXPORT extern const char kEnablePreferCompositingToLCDText[]; +@@ -244,8 +251,10 @@ CONTENT_EXPORT extern const char kZygote + + #if BUILDFLAG(ENABLE_WEBRTC) + CONTENT_EXPORT extern const char kDisableWebRtcEncryption[]; ++#if defined(OS_CHROMEOS) + CONTENT_EXPORT extern const char kDisableWebRtcHWDecoding[]; + CONTENT_EXPORT extern const char kDisableWebRtcHWEncoding[]; ++#endif + CONTENT_EXPORT extern const char kEnableWebRtcSrtpAesGcm[]; + CONTENT_EXPORT extern const char kEnableWebRtcSrtpEncryptedHeaders[]; + CONTENT_EXPORT extern const char kEnableWebRtcStunOrigin[]; +--- a/content/renderer/media/webrtc/peer_connection_dependency_factory.cc ++++ b/content/renderer/media/webrtc/peer_connection_dependency_factory.cc +@@ -245,12 +245,19 @@ void PeerConnectionDependencyFactory::In + + const base::CommandLine* cmd_line = base::CommandLine::ForCurrentProcess(); + if (gpu_factories && gpu_factories->IsGpuVideoAcceleratorEnabled()) { ++#if defined(OS_LINUX) && !defined(OS_CHROMEOS) ++ if (cmd_line->HasSwitch(switches::kEnableAcceleratedVideo)) ++#else + if (!cmd_line->HasSwitch(switches::kDisableWebRtcHWDecoding)) ++#endif + decoder_factory.reset(new RTCVideoDecoderFactory(gpu_factories)); + +- if (!cmd_line->HasSwitch(switches::kDisableWebRtcHWEncoding)) { ++#if defined(OS_LINUX) && !defined(OS_CHROMEOS) ++ if (cmd_line->HasSwitch(switches::kEnableAcceleratedVideo)) ++#else ++ if (!cmd_line->HasSwitch(switches::kDisableWebRtcHWEncoding)) ++#endif + encoder_factory.reset(new RTCVideoEncoderFactory(gpu_factories)); +- } + } + + #if defined(OS_ANDROID) +--- a/content/renderer/render_thread_impl.cc ++++ b/content/renderer/render_thread_impl.cc +@@ -1485,7 +1485,11 @@ media::GpuVideoAcceleratorFactories* Ren + scoped_refptr media_task_runner = + GetMediaThreadTaskRunner(); + const bool enable_video_accelerator = ++#if defined(OS_LINUX) && !defined(OS_CHROMEOS) ++ cmd_line->HasSwitch(switches::kEnableAcceleratedVideo) && ++#else + !cmd_line->HasSwitch(switches::kDisableAcceleratedVideoDecode) && ++#endif + (gpu_channel_host->gpu_feature_info() + .status_values[gpu::GPU_FEATURE_TYPE_ACCELERATED_VIDEO_DECODE] == + gpu::kGpuFeatureStatusEnabled); +--- a/gpu/config/software_rendering_list.json ++++ b/gpu/config/software_rendering_list.json +@@ -373,17 +373,6 @@ + ] + }, + { +- "id": 48, +- "description": "Accelerated video decode is unavailable on Linux", +- "cr_bugs": [137247], +- "os": { +- "type": "linux" +- }, +- "features": [ +- "accelerated_video_decode" +- ] +- }, +- { + "id": 50, + "description": "Disable VMware software renderer on older Mesa", + "cr_bugs": [145531, 332596, 571899, 629434], +--- a/media/gpu/BUILD.gn ++++ b/media/gpu/BUILD.gn +@@ -24,6 +24,14 @@ if (is_mac) { + import("//build/config/mac/mac_sdk.gni") + } + ++if (is_desktop_linux && use_vaapi) { ++ import("//build/config/linux/pkg_config.gni") ++ ++ pkg_config("libva_config") { ++ packages = [ "libva" ] ++ } ++} ++ + if (use_vaapi) { + action("libva_generate_stubs") { + extra_header = "vaapi/va_stub_header.fragment" +@@ -353,6 +361,10 @@ component("gpu") { + if (use_ozone) { + deps += [ "//ui/ozone" ] + } ++ ++ if (is_desktop_linux) { ++ public_configs = [ ":libva_config" ] ++ } + } + + if (is_win) { diff --git a/chromium.changes b/chromium.changes index a7411b3..d3a6a07 100644 --- a/chromium.changes +++ b/chromium.changes @@ -1,3 +1,10 @@ +------------------------------------------------------------------- +Sun Apr 8 10:49:06 UTC 2018 - tchvatal@suse.com + +- Add vaapi patches: + * chromium-vaapi-init.patch + * chromium-vaapi.patch + ------------------------------------------------------------------- Fri Apr 6 12:54:24 UTC 2018 - tchvatal@suse.com diff --git a/chromium.spec b/chromium.spec index b9e042a..cd211ad 100644 --- a/chromium.spec +++ b/chromium.spec @@ -69,6 +69,10 @@ Patch12: chromium-dma-buf.patch Patch14: chromium-buildname.patch Patch17: chromium-non-void-return.patch Patch18: chromium-drm.patch +# Google seem not too keen on merging this but GPU accel is quite important +# https://chromium-review.googlesource.com/c/chromium/src/+/532294 +Patch100: chromium-vaapi-init.patch +Patch101: chromium-vaapi.patch # GN buildsystem related patches Patch200: chromium-last-commit-position-r0.patch Patch201: fix-gn-bootstrap.diff @@ -259,6 +263,10 @@ WebDriver is an open source tool for automated testing of webapps across many br %patch17 -p1 %patch18 -p1 +# vaapi +%patch100 -p1 +%patch101 -p1 + # Copy the toolchain settings mkdir toolchain cp %{SOURCE1} toolchain/BUILD.gn From c863919fda89756f06294b9661085e6ac97337ac3672250b975b957898ab36f0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Wed, 18 Apr 2018 08:59:31 +0000 Subject: [PATCH 11/52] Accepting request 597716 from network:chromium - Up to 66.0.3359.81 - Bump to 66.0.3359.66 - Update chromium-gcc7.patch to include more quirks - Bump to 66.0.3359.45 - Bump to 66.0.3359.33 - Version bump to 66.0.3359.26 - Bump the requirement for the clang version - Conditionalize harfbuzz switch - Update to 66.0.3359.22 - Apply patches using %autopatch - Add patch to build with gcc7 properly chromium-gcc7.patch - Drop patch chromium-sandbox-pie.patch as we have pie default now - Add patch to build with leap variant of drm chromium-drm.patch - Add patch to build ffmpeg from system chromium-ffmpeg.patch - Up to 66.0.3355.0 - Disable clang by default again - Up to 66.0.3350.0 - Drop patch fix_network_api_crash.patch - Bump to 66.0.3343.3 - Bump to 65.0.3325.51 - Disable gconf support - Bump to 65.0.3325.31 - Update to 65.0.3325.18 - Try to have automatic ozone platform detection OBS-URL: https://build.opensuse.org/request/show/597716 OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1114 --- chromium-65.0.3325.181.tar.xz | 3 - chromium-66.0.3359.81.tar.xz | 3 + chromium-compiler.patch | 11 - chromium-ffmpeg.patch | 22 + chromium-gcc7.patch | 177 +++ chromium-glibc-2.27.patch | 50 - chromium-master-prefs-path.patch | 6 +- chromium-non-void-return.patch | 13 - chromium-sandbox-pie.patch | 4 +- chromium-vaapi-init.patch | 253 --- chromium-vaapi.patch | 191 ++- chromium.changes | 1377 ++++++++++------- chromium.spec | 85 +- exclude_ymp.diff | 10 - exclude_ymp.patch | 18 +- ...n-bootstrap.diff => fix-gn-bootstrap.patch | 0 fix_network_api_crash.patch | 77 - mojo.patch | 62 - 18 files changed, 1171 insertions(+), 1191 deletions(-) delete mode 100644 chromium-65.0.3325.181.tar.xz create mode 100644 chromium-66.0.3359.81.tar.xz delete mode 100644 chromium-compiler.patch create mode 100644 chromium-ffmpeg.patch create mode 100644 chromium-gcc7.patch delete mode 100644 chromium-glibc-2.27.patch delete mode 100644 chromium-vaapi-init.patch delete mode 100644 exclude_ymp.diff rename fix-gn-bootstrap.diff => fix-gn-bootstrap.patch (100%) delete mode 100644 fix_network_api_crash.patch delete mode 100644 mojo.patch diff --git a/chromium-65.0.3325.181.tar.xz b/chromium-65.0.3325.181.tar.xz deleted file mode 100644 index 4d05156..0000000 --- a/chromium-65.0.3325.181.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:93666448c6b96ec83e6a35a64cff40db4eb92a154fe1db4e7dab4761d0e38687 -size 570386836 diff --git a/chromium-66.0.3359.81.tar.xz b/chromium-66.0.3359.81.tar.xz new file mode 100644 index 0000000..29e88a5 --- /dev/null +++ b/chromium-66.0.3359.81.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:4a8788a6e89253af3efa85c776c528d6952f8468aff6f793faf46c825ac628c2 +size 583902508 diff --git a/chromium-compiler.patch b/chromium-compiler.patch deleted file mode 100644 index 83c54ef..0000000 --- a/chromium-compiler.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- a/device/u2f/u2f_ble_transaction.cc -+++ b/device/u2f/u2f_ble_transaction.cc -@@ -131,7 +131,7 @@ - - void U2fBleTransaction::OnError() { - request_frame_.reset(); -- request_cont_fragments_ = {}; -+ request_cont_fragments_ = base::queue(); - response_frame_assembler_.reset(); - std::move(callback_).Run(base::nullopt); - } diff --git a/chromium-ffmpeg.patch b/chromium-ffmpeg.patch new file mode 100644 index 0000000..6d51bf4 --- /dev/null +++ b/chromium-ffmpeg.patch @@ -0,0 +1,22 @@ +--- a/build/linux/unbundle/ffmpeg.gn ++++ b/build/linux/unbundle/ffmpeg.gn +@@ -14,8 +14,8 @@ pkg_config("system_ffmpeg") { + ] + } + +-buildflag_header("ffmpeg_buildflags") { +- header = "ffmpeg_buildflags.h" ++buildflag_header("ffmpeg_features") { ++ header = "ffmpeg_features.h" + flags = [ "USE_SYSTEM_FFMPEG=true" ] + } + +@@ -30,7 +30,7 @@ shim_headers("ffmpeg_shim") { + + source_set("ffmpeg") { + deps = [ +- ":ffmpeg_buildflags", ++ ":ffmpeg_features", + ":ffmpeg_shim", + ] + public_configs = [ ":system_ffmpeg" ] diff --git a/chromium-gcc7.patch b/chromium-gcc7.patch new file mode 100644 index 0000000..2acf2fd --- /dev/null +++ b/chromium-gcc7.patch @@ -0,0 +1,177 @@ +--- chromium-66.0.3355.0.orig/device/fido/device_response_converter.cc 2018-03-09 12:04:44.988233476 +0100 ++++ chromium-66.0.3355.0/device/fido/device_response_converter.cc 2018-03-09 13:08:48.566680438 +0100 +@@ -121,7 +121,7 @@ + response.SetNumCredentials(it->second.GetUnsigned()); + } + +- return response; ++ return std::move(response); + } + + base::Optional ReadCTAPGetInfoResponse( +@@ -241,7 +241,7 @@ + response.SetPinProtocols(std::move(supported_pin_protocols)); + } + +- return response; ++ return std::move(response); + } + + } // namespace device +From 4f2b52281ce1649ea8347489443965ad33262ecc Mon Sep 17 00:00:00 2001 +From: Jose Dapena Paz +Date: Thu, 08 Mar 2018 17:46:02 +0000 +Subject: [PATCH] GCC: PlaybackImageProvider::Settings: explicitely set copy constructor. + +GCC fails to resolve the default copy constructor of the flat_map, so +we add an explicit reference to use default copy constructor. + +Bug: 819294 + +Change-Id: Ie2d69bdbe60742e9253251c965cbf0a936037871 +Reviewed-on: https://chromium-review.googlesource.com/944403 +Reviewed-by: David Reveman +Commit-Queue: José Dapena Paz +Cr-Commit-Position: refs/heads/master@{#541827} +--- + +diff --git a/cc/raster/playback_image_provider.cc b/cc/raster/playback_image_provider.cc +index 557b421..b2ace4d 100644 +--- a/cc/raster/playback_image_provider.cc ++++ b/cc/raster/playback_image_provider.cc +@@ -20,7 +20,7 @@ + PlaybackImageProvider::PlaybackImageProvider( + ImageDecodeCache* cache, + const gfx::ColorSpace& target_color_space, +- base::Optional settings) ++ base::Optional&& settings) + : cache_(cache), + target_color_space_(target_color_space), + settings_(std::move(settings)) { +@@ -70,7 +70,10 @@ + } + + PlaybackImageProvider::Settings::Settings() = default; +-PlaybackImageProvider::Settings::Settings(const Settings& other) = default; ++PlaybackImageProvider::Settings::Settings(PlaybackImageProvider::Settings&&) = ++ default; + PlaybackImageProvider::Settings::~Settings() = default; ++PlaybackImageProvider::Settings& PlaybackImageProvider::Settings::operator=( ++ PlaybackImageProvider::Settings&&) = default; + + } // namespace cc +diff --git a/cc/raster/playback_image_provider.h b/cc/raster/playback_image_provider.h +index 67974f3..a33092d 100644 +--- a/cc/raster/playback_image_provider.h ++++ b/cc/raster/playback_image_provider.h +@@ -20,8 +20,10 @@ + public: + struct CC_EXPORT Settings { + Settings(); +- Settings(const Settings& other); ++ Settings(const Settings&) = delete; ++ Settings(Settings&&); + ~Settings(); ++ Settings& operator=(Settings&&); + + // The set of image ids to skip during raster. + PaintImageIdFlatSet images_to_skip; +@@ -34,7 +36,7 @@ + // If no settings are provided, all images are skipped during rasterization. + PlaybackImageProvider(ImageDecodeCache* cache, + const gfx::ColorSpace& target_color_space, +- base::Optional settings); ++ base::Optional&& settings); + ~PlaybackImageProvider() override; + + PlaybackImageProvider(PlaybackImageProvider&& other); +diff --git a/cc/raster/playback_image_provider_unittest.cc b/cc/raster/playback_image_provider_unittest.cc +index 0206999..40036e8 100644 +--- a/cc/raster/playback_image_provider_unittest.cc ++++ b/cc/raster/playback_image_provider_unittest.cc +@@ -85,7 +85,8 @@ + settings.emplace(); + settings->images_to_skip = {skip_image.stable_id()}; + +- PlaybackImageProvider provider(&cache, gfx::ColorSpace(), settings); ++ PlaybackImageProvider provider(&cache, gfx::ColorSpace(), ++ std::move(settings)); + + SkIRect rect = SkIRect::MakeWH(10, 10); + SkMatrix matrix = SkMatrix::I(); +@@ -99,7 +100,8 @@ + + base::Optional settings; + settings.emplace(); +- PlaybackImageProvider provider(&cache, gfx::ColorSpace(), settings); ++ PlaybackImageProvider provider(&cache, gfx::ColorSpace(), ++ std::move(settings)); + + { + SkRect rect = SkRect::MakeWH(10, 10); +@@ -127,7 +129,8 @@ + settings.emplace(); + settings->image_to_current_frame_index = image_to_frame; + +- PlaybackImageProvider provider(&cache, gfx::ColorSpace(), settings); ++ PlaybackImageProvider provider(&cache, gfx::ColorSpace(), ++ std::move(settings)); + + SkIRect rect = SkIRect::MakeWH(10, 10); + SkMatrix matrix = SkMatrix::I(); +@@ -143,7 +146,8 @@ + + base::Optional settings; + settings.emplace(); +- PlaybackImageProvider provider(&cache, gfx::ColorSpace(), settings); ++ PlaybackImageProvider provider(&cache, gfx::ColorSpace(), ++ std::move(settings)); + + { + SkIRect rect = SkIRect::MakeWH(10, 10); +@@ -174,7 +178,8 @@ + MockDecodeCache cache; + base::Optional settings; + settings.emplace(); +- PlaybackImageProvider provider(&cache, gfx::ColorSpace(), settings); ++ PlaybackImageProvider provider(&cache, gfx::ColorSpace(), ++ std::move(settings)); + { + SkIRect rect = SkIRect::MakeWH(10, 10); + SkMatrix matrix = SkMatrix::I(); +diff -urN chromium-66.0.3359.45.orig/chrome/browser/supervised_user/supervised_user_url_filter.cc chromium-66.0.3359.45/chrome/browser/supervised_user/supervised_user_url_filter.cc +--- chromium-66.0.3359.45.orig/chrome/browser/supervised_user/supervised_user_url_filter.cc 2018-03-27 16:26:46.164296894 +0200 ++++ chromium-66.0.3359.45/chrome/browser/supervised_user/supervised_user_url_filter.cc 2018-03-27 16:27:54.889425873 +0200 +@@ -368,7 +368,7 @@ + + // Allow navigations to whitelisted origins (currently families.google.com). + static const base::NoDestructor> kWhitelistedOrigins( +- {GURL(kFamiliesUrl).GetOrigin()}); ++ base::flat_set({GURL(kFamiliesUrl).GetOrigin()})); + if (base::ContainsKey(*kWhitelistedOrigins, effective_url.GetOrigin())) + return ALLOW; + +diff -urN chromium-66.0.3359.45.orig/content/browser/appcache/appcache_request_handler.cc chromium-66.0.3359.45/content/browser/appcache/appcache_request_handler.cc +--- chromium-66.0.3359.45.orig/content/browser/appcache/appcache_request_handler.cc 2018-03-28 14:54:42.714402259 +0200 ++++ chromium-66.0.3359.45/content/browser/appcache/appcache_request_handler.cc 2018-03-28 15:00:14.367868004 +0200 +@@ -639,7 +639,7 @@ + + SubresourceLoaderParams params; + params.loader_factory_info = factory_ptr.PassInterface(); +- return params; ++ return base::Optional(std::move(params)); + } + + void AppCacheRequestHandler::MaybeCreateSubresourceLoader( +diff -urN chromium-66.0.3359.45.orig/content/browser/service_worker/service_worker_controllee_request_handler.cc chromium-66.0.3359.45/content/browser/service_worker/service_worker_controllee_request_handler.cc +--- chromium-66.0.3359.45.orig/content/browser/service_worker/service_worker_controllee_request_handler.cc 2018-03-28 14:54:43.154409514 +0200 ++++ chromium-66.0.3359.45/content/browser/service_worker/service_worker_controllee_request_handler.cc 2018-03-28 15:01:02.384658496 +0200 +@@ -271,7 +271,7 @@ + controller_info->object_info = provider_host_->GetOrCreateServiceWorkerHandle( + provider_host_->controller()); + params.controller_service_worker_info = std::move(controller_info); +- return params; ++ return base::Optional(std::move(params)); + } + + void ServiceWorkerControlleeRequestHandler::PrepareForMainResource( diff --git a/chromium-glibc-2.27.patch b/chromium-glibc-2.27.patch deleted file mode 100644 index c211eee..0000000 --- a/chromium-glibc-2.27.patch +++ /dev/null @@ -1,50 +0,0 @@ -From 9f63f94a11abc34d40ede8b8712fa15b5844a8c0 Mon Sep 17 00:00:00 2001 -From: Tom Anderson -Date: Sat, 27 Jan 2018 20:03:37 +0000 -Subject: [PATCH] Fix build with glibc 2.27 - -BUG=806340 -TBR=hamelphi@chromium.org - -Change-Id: Ib4e5091212d874d9ad88f3e9a1fdfee3ed7e0d5e -Reviewed-on: https://chromium-review.googlesource.com/890059 -Reviewed-by: Thomas Anderson -Reviewed-by: Philippe Hamel -Commit-Queue: Thomas Anderson -Cr-Commit-Position: refs/heads/master@{#532249} ---- - -diff --git a/components/assist_ranker/ranker_example_util.cc b/components/assist_ranker/ranker_example_util.cc -index 54d4dbd..ceedd8f 100644 ---- a/components/assist_ranker/ranker_example_util.cc -+++ b/components/assist_ranker/ranker_example_util.cc -@@ -2,6 +2,8 @@ - // Use of this source code is governed by a BSD-style license that can be - // found in the LICENSE file. - -+#include -+ - #include "components/assist_ranker/ranker_example_util.h" - #include "base/bit_cast.h" - #include "base/format_macros.h" -From 0235c2b657d936f3cdb09053776e5929fc84704b Mon Sep 17 00:00:00 2001 -From: Tomas Popela -Date: Wed, 31 Jan 2018 18:57:07 +0000 -Subject: [PATCH] Add missing stdint include - -diff --git a/chrome/browser/vr/sample_queue.cc b/chrome/browser/vr/sample_queue.cc -index c2ca777ce90c..53cb3aab1576 100644 ---- a/chrome/browser/vr/sample_queue.cc -+++ b/chrome/browser/vr/sample_queue.cc -@@ -2,6 +2,8 @@ - // Use of this source code is governed by a BSD-style license that can be - // found in the LICENSE file. - -+#include -+ - #include "chrome/browser/vr/sample_queue.h" - - namespace vr { --- -2.16.2 - diff --git a/chromium-master-prefs-path.patch b/chromium-master-prefs-path.patch index 12ddb72..e18e4a1 100644 --- a/chromium-master-prefs-path.patch +++ b/chromium-master-prefs-path.patch @@ -1,7 +1,7 @@ -Index: chromium/src/chrome/browser/first_run/first_run_linux.cc +Index: a/chromium/src/chrome/browser/first_run/first_run_linux.cc =================================================================== ---- chrome/browser/first_run/first_run_internal_linux.cc -+++ chrome/browser/first_run/first_run_internal_linux.cc +--- a/chrome/browser/first_run/first_run_internal_linux.cc ++++ b/chrome/browser/first_run/first_run_internal_linux.cc @@ -22,8 +22,7 @@ base::FilePath MasterPrefsPath() { // The standard location of the master prefs is next to the chrome binary. diff --git a/chromium-non-void-return.patch b/chromium-non-void-return.patch index cc18923..40820fc 100644 --- a/chromium-non-void-return.patch +++ b/chromium-non-void-return.patch @@ -1,16 +1,3 @@ -Index: chromium-65.0.3325.146/chrome/browser/ui/libgtkui/app_indicator_icon.cc -=================================================================== ---- chromium-65.0.3325.146.orig/chrome/browser/ui/libgtkui/app_indicator_icon.cc -+++ chromium-65.0.3325.146/chrome/browser/ui/libgtkui/app_indicator_icon.cc -@@ -98,6 +98,8 @@ bool ShouldUseLibAppIndicator() { - case base::nix::DESKTOP_ENVIRONMENT_OTHER: - case base::nix::DESKTOP_ENVIRONMENT_XFCE: - return false; -+ default: -+ return false; - } - } - Index: chromium-65.0.3325.146/media/gpu/vaapi/vaapi_wrapper.cc =================================================================== --- chromium-65.0.3325.146.orig/media/gpu/vaapi/vaapi_wrapper.cc diff --git a/chromium-sandbox-pie.patch b/chromium-sandbox-pie.patch index 5983a6a..e6b68b9 100644 --- a/chromium-sandbox-pie.patch +++ b/chromium-sandbox-pie.patch @@ -1,5 +1,5 @@ ---- sandbox/linux/BUILD.gn 2016-08-03 06:31:07.000000000 +0200 -+++ sandbox/linux/BUILD.gn 2016-08-03 06:31:07.000000000 +0200 +--- a/sandbox/linux/BUILD.gn 2016-08-03 06:31:07.000000000 +0200 ++++ b/sandbox/linux/BUILD.gn 2016-08-03 06:31:07.000000000 +0200 @@ -297,12 +297,17 @@ cflags = [ diff --git a/chromium-vaapi-init.patch b/chromium-vaapi-init.patch deleted file mode 100644 index 76389da..0000000 --- a/chromium-vaapi-init.patch +++ /dev/null @@ -1,253 +0,0 @@ -From 281edc278272f0650fc190c8539d443ac59157bc Mon Sep 17 00:00:00 2001 -From: Daniel Charles -Date: Thu, 08 Feb 2018 02:36:51 +0000 -Subject: [PATCH] vaapi initialization: move it to vaapi_wrapper - -vaapi loading of libraries happens on the Pre and Post Sandbox -functions. Moving dynamic loading of libaries, i.e. libva,libva-drm -and i965_drv_video shared libraries to vaapi_wrapper. - -When calling PreSandbox function in vaapi_wrapper libva will open -i965_drv_video shared library and both will be available for use - -BUG=785117 -TEST=video initialization of h/w dec/enc, VAVDA/VAVEA/VAJDA subjective - testing and include unittests and autotests - -Cq-Include-Trybots: master.tryserver.chromium.android:android_optional_gpu_tests_rel;master.tryserver.chromium.linux:linux_optional_gpu_tests_rel;master.tryserver.chromium.mac:mac_optional_gpu_tests_rel;master.tryserver.chromium.win:win_optional_gpu_tests_rel -Change-Id: I862bb49f1167d7437e80387882cb9081ad53f54b -Signed-off-by: Daniel Charles -Reviewed-on: https://chromium-review.googlesource.com/666138 -Commit-Queue: Miguel Casas -Reviewed-by: Kenneth Russell -Reviewed-by: Antoine Labour -Reviewed-by: Dongseong Hwang -Reviewed-by: Pawel Osciak -Reviewed-by: Jorge Lucangeli Obes -Cr-Commit-Position: refs/heads/master@{#535274} ---- - -diff --git a/content/gpu/gpu_sandbox_hook_linux.cc b/content/gpu/gpu_sandbox_hook_linux.cc -index e69e23e..5c4013c 100644 ---- a/content/gpu/gpu_sandbox_hook_linux.cc -+++ b/content/gpu/gpu_sandbox_hook_linux.cc -@@ -29,10 +29,6 @@ - #include "services/service_manager/sandbox/linux/bpf_gpu_policy_linux.h" - #include "services/service_manager/sandbox/linux/sandbox_linux.h" - --#if BUILDFLAG(USE_VAAPI) --#include --#endif -- - using sandbox::bpf_dsl::Policy; - using sandbox::syscall_broker::BrokerFilePermission; - using sandbox::syscall_broker::BrokerProcess; -@@ -48,22 +44,6 @@ - #endif - } - --inline bool IsArchitectureX86_64() { --#if defined(__x86_64__) -- return true; --#else -- return false; --#endif --} -- --inline bool IsArchitectureI386() { --#if defined(__i386__) -- return true; --#else -- return false; --#endif --} -- - inline bool IsArchitectureArm() { - #if defined(ARCH_CPU_ARM_FAMILY) - return true; -@@ -88,14 +68,6 @@ - #endif - } - --inline bool IsLibVAVersion2() { --#if BUILDFLAG(USE_VAAPI) && VA_MAJOR_VERSION == 1 -- return true; --#else -- return false; --#endif --} -- - constexpr int dlopen_flag = RTLD_NOW | RTLD_GLOBAL | RTLD_NODELETE; - - void AddV4L2GpuWhitelist( -@@ -270,50 +242,6 @@ - } - } - --void LoadStandardLibraries( -- const service_manager::SandboxSeccompBPF::Options& options) { -- if (IsArchitectureX86_64() || IsArchitectureI386()) { -- // Accelerated video dlopen()'s some shared objects -- // inside the sandbox, so preload them now. -- if (IsAcceleratedVideoEnabled(options)) { -- if (IsLibVAVersion2()) { -- if (IsArchitectureX86_64()) { -- dlopen("/usr/lib64/va/drivers/i965_drv_video.so", dlopen_flag); -- dlopen("/usr/lib64/va/drivers/hybrid_drv_video.so", dlopen_flag); -- } else if (IsArchitectureI386()) { -- dlopen("/usr/lib/va/drivers/i965_drv_video.so", dlopen_flag); -- } -- dlopen("libva.so.2", dlopen_flag); --#if defined(USE_OZONE) -- dlopen("libva-drm.so.2", dlopen_flag); --#endif -- } else { -- // If we are linked against libva 1, we have two cases to handle: -- // - the sysroot includes both libva 1 and 2, in which case the drivers -- // are in /usr/lib{64}/va1/ -- // - the sysroot only includes libva 1, in which case the drivers are -- // are in /usr/lib{64}/va/ -- // This is ugly, but temporary until all builds have switched to libva 2. -- if (IsArchitectureX86_64()) { -- if (!dlopen("/usr/lib64/va1/drivers/i965_drv_video.so", dlopen_flag)) -- dlopen("/usr/lib64/va/drivers/i965_drv_video.so", dlopen_flag); -- if (!dlopen("/usr/lib64/va1/drivers/hybrid_drv_video.so", dlopen_flag)) -- dlopen("/usr/lib64/va/drivers/hybrid_drv_video.so", dlopen_flag); -- } else if (IsArchitectureI386()) { -- if (!dlopen("/usr/lib/va1/drivers/i965_drv_video.so", dlopen_flag)) -- dlopen("/usr/lib/va/drivers/i965_drv_video.so", dlopen_flag); -- } -- dlopen("libva.so.1", dlopen_flag); --#if defined(USE_OZONE) -- dlopen("libva-drm.so.1", dlopen_flag); --#elif defined(USE_X11) -- dlopen("libva-x11.so.1", dlopen_flag); --#endif -- } -- } -- } --} -- - bool LoadLibrariesForGpu( - const service_manager::SandboxSeccompBPF::Options& options) { - if (IsChromeOS()) { -@@ -326,7 +254,6 @@ - if (options.use_amd_specific_policies) - return LoadAmdGpuLibraries(); - } -- LoadStandardLibraries(options); - return true; - } - -diff --git a/media/gpu/vaapi/vaapi_wrapper.cc b/media/gpu/vaapi/vaapi_wrapper.cc -index bc3d735..7421a74 100644 ---- a/media/gpu/vaapi/vaapi_wrapper.cc -+++ b/media/gpu/vaapi/vaapi_wrapper.cc -@@ -48,6 +48,11 @@ - using media_gpu_vaapi::kModuleVa_x11; - #endif - using media_gpu_vaapi::InitializeStubs; -+using media_gpu_vaapi::IsVaInitialized; -+#if defined(USE_X11) -+using media_gpu_vaapi::IsVa_x11Initialized; -+#endif -+using media_gpu_vaapi::IsVa_drmInitialized; - using media_gpu_vaapi::StubPathMap; - - #define LOG_VA_ERROR_AND_REPORT(va_error, err_msg) \ -@@ -166,9 +171,6 @@ - void SetDrmFd(base::PlatformFile fd) { drm_fd_.reset(HANDLE_EINTR(dup(fd))); } - - private: -- // Returns false on init failure. -- static bool PostSandboxInitialization(); -- - // Protected by |va_lock_|. - int refcount_; - -@@ -203,41 +205,17 @@ - VADisplayState::Get()->SetDrmFd(drm_file.GetPlatformFile()); - } - --// static --bool VADisplayState::PostSandboxInitialization() { -- const std::string va_suffix(std::to_string(VA_MAJOR_VERSION + 1)); -- StubPathMap paths; -- -- paths[kModuleVa].push_back(std::string("libva.so.") + va_suffix); -- paths[kModuleVa_drm].push_back(std::string("libva-drm.so.") + va_suffix); --#if defined(USE_X11) -- // libva-x11 does not exist on libva >= 2 -- if (VA_MAJOR_VERSION == 0) -- paths[kModuleVa_x11].push_back("libva-x11.so.1"); --#endif -- -- const bool success = InitializeStubs(paths); -- if (!success) { -- static const char kErrorMsg[] = "Failed to initialize VAAPI libs"; --#if defined(OS_CHROMEOS) -- // When Chrome runs on Linux with target_os="chromeos", do not log error -- // message without VAAPI libraries. -- LOG_IF(ERROR, base::SysInfo::IsRunningOnChromeOS()) << kErrorMsg; --#else -- DVLOG(1) << kErrorMsg; --#endif -- } -- return success; --} -- - VADisplayState::VADisplayState() - : refcount_(0), va_display_(nullptr), va_initialized_(false) {} - - bool VADisplayState::Initialize() { - va_lock_.AssertAcquired(); - -- static bool result = PostSandboxInitialization(); -- if (!result) -+ if (!IsVaInitialized() || -+#if defined(USE_X11) -+ !IsVa_x11Initialized() || -+#endif -+ !IsVa_drmInitialized()) - return false; - - if (refcount_++ > 0) -@@ -1169,6 +1147,38 @@ - // static - void VaapiWrapper::PreSandboxInitialization() { - VADisplayState::PreSandboxInitialization(); -+ -+ const std::string va_suffix(std::to_string(VA_MAJOR_VERSION + 1)); -+ StubPathMap paths; -+ -+ paths[kModuleVa].push_back(std::string("libva.so.") + va_suffix); -+ paths[kModuleVa_drm].push_back(std::string("libva-drm.so.") + va_suffix); -+#if defined(USE_X11) -+ paths[kModuleVa_x11].push_back(std::string("libva-x11.so.") + va_suffix); -+#endif -+ -+ // InitializeStubs dlopen() VA-API libraries -+ // libva.so -+ // libva-x11.so (X11) -+ // libva-drm.so (X11 and Ozone). -+ static bool result = InitializeStubs(paths); -+ if (!result) { -+ static const char kErrorMsg[] = "Failed to initialize VAAPI libs"; -+#if defined(OS_CHROMEOS) -+ // When Chrome runs on Linux with target_os="chromeos", do not log error -+ // message without VAAPI libraries. -+ LOG_IF(ERROR, base::SysInfo::IsRunningOnChromeOS()) << kErrorMsg; -+#else -+ DVLOG(1) << kErrorMsg; -+#endif -+ } -+ -+ // VASupportedProfiles::Get creates VADisplayState and in so doing -+ // driver associated libraries are dlopen(), to know: -+ // i965_drv_video.so -+ // hybrid_drv_video.so (platforms that support it) -+ // libcmrt.so (platforms that support it) -+ VASupportedProfiles::Get(); - } - - VaapiWrapper::VaapiWrapper() diff --git a/chromium-vaapi.patch b/chromium-vaapi.patch index 929373a..0b129bd 100644 --- a/chromium-vaapi.patch +++ b/chromium-vaapi.patch @@ -1,4 +1,4 @@ -From 4bf343ab8c4a538205f9c1e96a661e40620c716b Mon Sep 17 00:00:00 2001 +From d9ef948bf4a739f95acbd98ef88b04caa29d8dda Mon Sep 17 00:00:00 2001 From: Daniel Charles Date: Fri, 09 Feb 2018 14:39:27 -0800 Subject: [PATCH] Enable VAVDA, VAVEA and VAJDA on linux with VAAPI only @@ -29,14 +29,16 @@ TEST=subjective testing with VAVDA,VAVEA and VAJDA, autotest for encoder have libva/intel-vaapi-driver installed and not installed in the system repeat on different hardware families -Cq-Include-Trybots: master.tryserver.chromium.android:android_optional_gpu_tests_rel;master.tryserver.chromium.linux:linux_optional_gpu_tests_rel;master.tryserver.chromium.mac:mac_optional_gpu_tests_rel;master.tryserver.chromium.win:win_optional_gpu_tests_rel +Cq-Include-Trybots: luci.chromium.try:android_optional_gpu_tests_rel;luci.chromium.try:linux_optional_gpu_tests_rel;luci.chromium.try:mac_optional_gpu_tests_rel;master.tryserver.chromium.win:win_optional_gpu_tests_rel Change-Id: Ifbbf5c9e5221a8b5733fc6d4d0cf984a1f103171 Signed-off-by: Daniel Charles --- ---- a/chrome/browser/about_flags.cc -+++ b/chrome/browser/about_flags.cc -@@ -1249,12 +1249,14 @@ const FeatureEntry kFeatureEntries[] = { +Index: chromium-66.0.3359.81/chrome/browser/about_flags.cc +=================================================================== +--- chromium-66.0.3359.81.orig/chrome/browser/about_flags.cc ++++ chromium-66.0.3359.81/chrome/browser/about_flags.cc +@@ -1234,12 +1234,14 @@ const FeatureEntry kFeatureEntries[] = { flag_descriptions::kUiPartialSwapDescription, kOsAll, SINGLE_DISABLE_VALUE_TYPE(switches::kUIDisablePartialSwap)}, #if BUILDFLAG(ENABLE_WEBRTC) @@ -51,7 +53,7 @@ Signed-off-by: Daniel Charles {"enable-webrtc-hw-h264-encoding", flag_descriptions::kWebrtcHwH264EncodingName, flag_descriptions::kWebrtcHwH264EncodingDescription, kOsAndroid | kOsCrOS, -@@ -1550,6 +1552,13 @@ const FeatureEntry kFeatureEntries[] = { +@@ -1553,6 +1555,13 @@ const FeatureEntry kFeatureEntries[] = { flag_descriptions::kShowTouchHudDescription, kOsCrOS, SINGLE_VALUE_TYPE(ash::switches::kAshTouchHud)}, #endif // OS_CHROMEOS @@ -65,7 +67,7 @@ Signed-off-by: Daniel Charles { "disable-accelerated-video-decode", flag_descriptions::kAcceleratedVideoDecodeName, -@@ -1557,6 +1566,7 @@ const FeatureEntry kFeatureEntries[] = { +@@ -1560,6 +1569,7 @@ const FeatureEntry kFeatureEntries[] = { kOsMac | kOsWin | kOsCrOS | kOsAndroid, SINGLE_DISABLE_VALUE_TYPE(switches::kDisableAcceleratedVideoDecode), }, @@ -73,7 +75,7 @@ Signed-off-by: Daniel Charles #if defined(OS_WIN) {"enable-hdr", flag_descriptions::kEnableHDRName, flag_descriptions::kEnableHDRDescription, kOsWin, -@@ -2268,12 +2278,17 @@ const FeatureEntry kFeatureEntries[] = { +@@ -2280,12 +2290,17 @@ const FeatureEntry kFeatureEntries[] = { FEATURE_VALUE_TYPE(features::kOpenVR)}, #endif // ENABLE_OPENVR #endif // ENABLE_VR @@ -93,8 +95,10 @@ Signed-off-by: Daniel Charles {"v8-cache-options", flag_descriptions::kV8CacheOptionsName, flag_descriptions::kV8CacheOptionsDescription, kOsAll, MULTI_VALUE_TYPE(kV8CacheOptionsChoices)}, ---- a/chrome/browser/chromeos/login/chrome_restart_request.cc -+++ b/chrome/browser/chromeos/login/chrome_restart_request.cc +Index: chromium-66.0.3359.81/chrome/browser/chromeos/login/chrome_restart_request.cc +=================================================================== +--- chromium-66.0.3359.81.orig/chrome/browser/chromeos/login/chrome_restart_request.cc ++++ chromium-66.0.3359.81/chrome/browser/chromeos/login/chrome_restart_request.cc @@ -19,6 +19,7 @@ #include "base/sys_info.h" #include "base/timer/timer.h" @@ -118,7 +122,7 @@ Signed-off-by: Daniel Charles ::switches::kDisableBlinkFeatures, ::switches::kDisableCastStreamingHWEncoding, ::switches::kDisableDistanceFieldText, -@@ -164,7 +170,7 @@ void DeriveCommandLine(const GURL& start +@@ -163,7 +169,7 @@ void DeriveCommandLine(const GURL& start ::switches::kDisableWebGLImageChromium, ::switches::kEnableWebGLImageChromium, ::switches::kEnableWebVR, @@ -127,8 +131,10 @@ Signed-off-by: Daniel Charles ::switches::kDisableWebRtcHWDecoding, ::switches::kDisableWebRtcHWEncoding, #endif ---- a/chrome/browser/flag_descriptions.cc -+++ b/chrome/browser/flag_descriptions.cc +Index: chromium-66.0.3359.81/chrome/browser/flag_descriptions.cc +=================================================================== +--- chromium-66.0.3359.81.orig/chrome/browser/flag_descriptions.cc ++++ chromium-66.0.3359.81/chrome/browser/flag_descriptions.cc @@ -14,6 +14,13 @@ const char kAccelerated2dCanvasDescripti "Enables the use of the GPU to perform 2d canvas rendering instead of " "using software rendering."; @@ -143,7 +149,7 @@ Signed-off-by: Daniel Charles const char kAcceleratedVideoDecodeName[] = "Hardware-accelerated video decode"; const char kAcceleratedVideoDecodeDescription[] = "Hardware-accelerated video decode where available."; -@@ -1597,6 +1604,7 @@ const char kWebrtcEchoCanceller3Name[] = +@@ -1723,6 +1730,7 @@ const char kWebrtcEchoCanceller3Name[] = const char kWebrtcEchoCanceller3Description[] = "Experimental WebRTC echo canceller (AEC3)."; @@ -151,7 +157,7 @@ Signed-off-by: Daniel Charles const char kWebrtcHwDecodingName[] = "WebRTC hardware video decoding"; const char kWebrtcHwDecodingDescription[] = "Support in WebRTC for decoding video streams using platform hardware."; -@@ -1604,6 +1612,7 @@ const char kWebrtcHwDecodingDescription[ +@@ -1730,6 +1738,7 @@ const char kWebrtcHwDecodingDescription[ const char kWebrtcHwEncodingName[] = "WebRTC hardware video encoding"; const char kWebrtcHwEncodingDescription[] = "Support in WebRTC for encoding video streams using platform hardware."; @@ -159,7 +165,7 @@ Signed-off-by: Daniel Charles const char kWebrtcHwH264EncodingName[] = "WebRTC hardware h264 video encoding"; const char kWebrtcHwH264EncodingDescription[] = -@@ -2434,14 +2443,16 @@ const char kTranslateNewUxDescription[] +@@ -2549,14 +2558,16 @@ const char kTabStripKeyboardFocusDescrip // Chrome OS ------------------------------------------------------------------- @@ -177,8 +183,10 @@ Signed-off-by: Daniel Charles const char kAllowTouchpadThreeFingerClickName[] = "Touchpad three-finger-click"; const char kAllowTouchpadThreeFingerClickDescription[] = "Enables touchpad three-finger-click as middle button."; ---- a/chrome/browser/flag_descriptions.h -+++ b/chrome/browser/flag_descriptions.h +Index: chromium-66.0.3359.81/chrome/browser/flag_descriptions.h +=================================================================== +--- chromium-66.0.3359.81.orig/chrome/browser/flag_descriptions.h ++++ chromium-66.0.3359.81/chrome/browser/flag_descriptions.h @@ -37,6 +37,10 @@ namespace flag_descriptions { extern const char kAccelerated2dCanvasName[]; extern const char kAccelerated2dCanvasDescription[]; @@ -190,7 +198,7 @@ Signed-off-by: Daniel Charles extern const char kAcceleratedVideoDecodeName[]; extern const char kAcceleratedVideoDecodeDescription[]; -@@ -1498,13 +1502,17 @@ extern const char kPermissionPromptPersi +@@ -1561,13 +1565,17 @@ extern const char kPermissionPromptPersi #endif // defined(OS_MACOSX) @@ -211,9 +219,11 @@ Signed-off-by: Daniel Charles extern const char kAllowTouchpadThreeFingerClickName[]; extern const char kAllowTouchpadThreeFingerClickDescription[]; ---- a/content/browser/gpu/compositor_util.cc -+++ b/content/browser/gpu/compositor_util.cc -@@ -98,7 +98,11 @@ const GpuFeatureData GetGpuFeatureData(s +Index: chromium-66.0.3359.81/content/browser/gpu/compositor_util.cc +=================================================================== +--- chromium-66.0.3359.81.orig/content/browser/gpu/compositor_util.cc ++++ chromium-66.0.3359.81/content/browser/gpu/compositor_util.cc +@@ -99,7 +99,11 @@ const GpuFeatureData GetGpuFeatureData(s {"video_decode", manager->GetFeatureStatus( gpu::GPU_FEATURE_TYPE_ACCELERATED_VIDEO_DECODE), @@ -225,9 +235,11 @@ Signed-off-by: Daniel Charles "Accelerated video decode has been disabled, either via blacklist," " about:flags or the command line.", true}, ---- a/content/browser/gpu/gpu_process_host.cc -+++ b/content/browser/gpu/gpu_process_host.cc -@@ -120,7 +120,7 @@ static const char* const kSwitchNames[] +Index: chromium-66.0.3359.81/content/browser/gpu/gpu_process_host.cc +=================================================================== +--- chromium-66.0.3359.81.orig/content/browser/gpu/gpu_process_host.cc ++++ chromium-66.0.3359.81/content/browser/gpu/gpu_process_host.cc +@@ -132,7 +132,7 @@ static const char* const kSwitchNames[] switches::kDisableGLExtensions, switches::kDisableLogging, switches::kDisableShaderNameHashing, @@ -236,9 +248,11 @@ Signed-off-by: Daniel Charles switches::kDisableWebRtcHWEncoding, #endif #if defined(OS_WIN) ---- a/content/browser/renderer_host/media/video_capture_browsertest.cc -+++ b/content/browser/renderer_host/media/video_capture_browsertest.cc -@@ -164,8 +164,13 @@ class VideoCaptureBrowserTest : public C +Index: chromium-66.0.3359.81/content/browser/renderer_host/media/video_capture_browsertest.cc +=================================================================== +--- chromium-66.0.3359.81.orig/content/browser/renderer_host/media/video_capture_browsertest.cc ++++ chromium-66.0.3359.81/content/browser/renderer_host/media/video_capture_browsertest.cc +@@ -163,8 +163,13 @@ class VideoCaptureBrowserTest : public C base::CommandLine::ForCurrentProcess()->AppendSwitch( switches::kUseFakeJpegDecodeAccelerator); } else { @@ -252,8 +266,10 @@ Signed-off-by: Daniel Charles } } ---- a/content/browser/renderer_host/media/video_capture_gpu_jpeg_decoder.cc -+++ b/content/browser/renderer_host/media/video_capture_gpu_jpeg_decoder.cc +Index: chromium-66.0.3359.81/content/browser/renderer_host/media/video_capture_gpu_jpeg_decoder.cc +=================================================================== +--- chromium-66.0.3359.81.orig/content/browser/renderer_host/media/video_capture_gpu_jpeg_decoder.cc ++++ chromium-66.0.3359.81/content/browser/renderer_host/media/video_capture_gpu_jpeg_decoder.cc @@ -65,15 +65,21 @@ void VideoCaptureGpuJpegDecoder::Initial bool is_platform_supported = base::CommandLine::ForCurrentProcess()->HasSwitch( @@ -280,9 +296,11 @@ Signed-off-by: Daniel Charles decoder_status_ = FAILED; RecordInitDecodeUMA_Locked(); return; ---- a/content/browser/renderer_host/render_process_host_impl.cc -+++ b/content/browser/renderer_host/render_process_host_impl.cc -@@ -2530,7 +2530,11 @@ void RenderProcessHostImpl::PropagateBro +Index: chromium-66.0.3359.81/content/browser/renderer_host/render_process_host_impl.cc +=================================================================== +--- chromium-66.0.3359.81.orig/content/browser/renderer_host/render_process_host_impl.cc ++++ chromium-66.0.3359.81/content/browser/renderer_host/render_process_host_impl.cc +@@ -2524,7 +2524,11 @@ void RenderProcessHostImpl::PropagateBro switches::kDefaultTileHeight, switches::kDisable2dCanvasImageChromium, switches::kDisableAcceleratedJpegDecoding, @@ -294,7 +312,7 @@ Signed-off-by: Daniel Charles switches::kDisableBackgroundTimerThrottling, switches::kDisableBreakpad, switches::kDisableCompositorUkmForTests, -@@ -2663,8 +2667,10 @@ void RenderProcessHostImpl::PropagateBro +@@ -2658,8 +2662,10 @@ void RenderProcessHostImpl::PropagateBro switches::kDisableMojoRenderer, #endif #if BUILDFLAG(ENABLE_WEBRTC) @@ -305,8 +323,10 @@ Signed-off-by: Daniel Charles switches::kEnableWebRtcSrtpAesGcm, switches::kEnableWebRtcSrtpEncryptedHeaders, switches::kEnableWebRtcStunOrigin, ---- a/content/browser/webrtc/webrtc_media_recorder_browsertest.cc -+++ b/content/browser/webrtc/webrtc_media_recorder_browsertest.cc +Index: chromium-66.0.3359.81/content/browser/webrtc/webrtc_media_recorder_browsertest.cc +=================================================================== +--- chromium-66.0.3359.81.orig/content/browser/webrtc/webrtc_media_recorder_browsertest.cc ++++ chromium-66.0.3359.81/content/browser/webrtc/webrtc_media_recorder_browsertest.cc @@ -58,7 +58,12 @@ class WebRtcMediaRecorderTest return; // This flag is also used for encoding, https://crbug.com/616640. @@ -321,10 +341,12 @@ Signed-off-by: Daniel Charles } private: ---- a/content/gpu/BUILD.gn -+++ b/content/gpu/BUILD.gn -@@ -125,4 +125,8 @@ target(link_target_type, "gpu_sources") - if (is_desktop_linux && (!is_chromecast || is_cast_desktop_build)) { +Index: chromium-66.0.3359.81/content/gpu/BUILD.gn +=================================================================== +--- chromium-66.0.3359.81.orig/content/gpu/BUILD.gn ++++ chromium-66.0.3359.81/content/gpu/BUILD.gn +@@ -130,4 +130,8 @@ target(link_target_type, "gpu_sources") + (!is_chromecast || is_cast_desktop_build)) { configs += [ "//build/config/linux/dri" ] } + @@ -332,9 +354,11 @@ Signed-off-by: Daniel Charles + public_configs = [ "//media/gpu:libva_config" ] + } } ---- a/content/gpu/gpu_main.cc -+++ b/content/gpu/gpu_main.cc -@@ -273,7 +273,7 @@ int GpuMain(const MainFunctionParams& pa +Index: chromium-66.0.3359.81/content/gpu/gpu_main.cc +=================================================================== +--- chromium-66.0.3359.81.orig/content/gpu/gpu_main.cc ++++ chromium-66.0.3359.81/content/gpu/gpu_main.cc +@@ -286,7 +286,7 @@ int GpuMain(const MainFunctionParams& pa base::PlatformThread::SetName("CrGpuMain"); @@ -343,7 +367,7 @@ Signed-off-by: Daniel Charles // Set thread priority before sandbox initialization. base::PlatformThread::SetCurrentThreadPriority(base::ThreadPriority::DISPLAY); #endif -@@ -302,7 +302,7 @@ int GpuMain(const MainFunctionParams& pa +@@ -315,7 +315,7 @@ int GpuMain(const MainFunctionParams& pa GetContentClient()->SetGpuInfo(gpu_init->gpu_info()); base::ThreadPriority io_thread_priority = base::ThreadPriority::NORMAL; @@ -352,8 +376,10 @@ Signed-off-by: Daniel Charles io_thread_priority = base::ThreadPriority::DISPLAY; #endif ---- a/content/public/browser/gpu_utils.cc -+++ b/content/public/browser/gpu_utils.cc +Index: chromium-66.0.3359.81/content/public/browser/gpu_utils.cc +=================================================================== +--- chromium-66.0.3359.81.orig/content/public/browser/gpu_utils.cc ++++ chromium-66.0.3359.81/content/public/browser/gpu_utils.cc @@ -7,6 +7,7 @@ #include "base/command_line.h" #include "base/single_thread_task_runner.h" @@ -362,7 +388,7 @@ Signed-off-by: Daniel Charles #include "content/browser/gpu/gpu_process_host.h" #include "content/public/common/content_features.h" #include "content/public/common/content_switches.h" -@@ -55,10 +56,18 @@ const gpu::GpuPreferences GetGpuPreferen +@@ -55,9 +56,17 @@ const gpu::GpuPreferences GetGpuPreferen gpu_preferences.in_process_gpu = command_line->HasSwitch(switches::kInProcessGPU); gpu_preferences.disable_accelerated_video_decode = @@ -376,14 +402,14 @@ Signed-off-by: Daniel Charles + !command_line->HasSwitch(switches::kEnableAcceleratedVideo); +#else command_line->HasSwitch(switches::kDisableAcceleratedVideoEncode); --#if BUILDFLAG(ENABLE_WEBRTC) +#endif -+#if BUILDFLAG(ENABLE_WEBRTC) && (defined(OS_CHROMEOS) || defined(OS_ANDROID)) - gpu_preferences.disable_web_rtc_hw_encoding = - command_line->HasSwitch(switches::kDisableWebRtcHWEncoding); - #endif ---- a/content/public/common/content_switches.cc -+++ b/content/public/common/content_switches.cc + #if defined(OS_WIN) + uint32_t enable_accelerated_vpx_decode_val = + gpu::GpuPreferences::VPX_VENDOR_MICROSOFT; +Index: chromium-66.0.3359.81/content/public/common/content_switches.cc +=================================================================== +--- chromium-66.0.3359.81.orig/content/public/common/content_switches.cc ++++ chromium-66.0.3359.81/content/public/common/content_switches.cc @@ -78,12 +78,21 @@ const char kDisable3DAPIs[] // Disable gpu-accelerated 2d canvas. @@ -407,7 +433,7 @@ Signed-off-by: Daniel Charles // Disables hardware acceleration of video decode, where available. const char kDisableAcceleratedVideoDecode[] = "disable-accelerated-video-decode"; -@@ -888,11 +897,13 @@ const char kZygoteProcess[] +@@ -859,11 +868,13 @@ const char kZygoteProcess[] // ignores this switch on its stable and beta channels. const char kDisableWebRtcEncryption[] = "disable-webrtc-encryption"; @@ -421,8 +447,10 @@ Signed-off-by: Daniel Charles // Enables negotiation of GCM cipher suites from RFC 7714 for SRTP in WebRTC. // See https://tools.ietf.org/html/rfc7714 for further information. ---- a/content/public/common/content_switches.h -+++ b/content/public/common/content_switches.h +Index: chromium-66.0.3359.81/content/public/common/content_switches.h +=================================================================== +--- chromium-66.0.3359.81.orig/content/public/common/content_switches.h ++++ chromium-66.0.3359.81/content/public/common/content_switches.h @@ -33,7 +33,11 @@ CONTENT_EXPORT extern const char kDisabl CONTENT_EXPORT extern const char kDisable3DAPIs[]; CONTENT_EXPORT extern const char kDisableAccelerated2dCanvas[]; @@ -435,7 +463,7 @@ Signed-off-by: Daniel Charles CONTENT_EXPORT extern const char kDisableAcceleratedVideoDecode[]; CONTENT_EXPORT extern const char kDisableAcceleratedVideoEncode[]; CONTENT_EXPORT extern const char kDisableAudioSupportForDesktopShare[]; -@@ -107,6 +111,9 @@ CONTENT_EXPORT extern const char kDisabl +@@ -106,6 +110,9 @@ CONTENT_EXPORT extern const char kDisabl CONTENT_EXPORT extern const char kDomAutomationController[]; extern const char kDisable2dCanvasClipAntialiasing[]; CONTENT_EXPORT extern const char kDumpBlinkRuntimeCallStats[]; @@ -445,7 +473,7 @@ Signed-off-by: Daniel Charles CONTENT_EXPORT extern const char kEnableAggressiveDOMStorageFlushing[]; CONTENT_EXPORT extern const char kEnableAutomation[]; CONTENT_EXPORT extern const char kEnablePreferCompositingToLCDText[]; -@@ -244,8 +251,10 @@ CONTENT_EXPORT extern const char kZygote +@@ -240,8 +247,10 @@ CONTENT_EXPORT extern const char kZygote #if BUILDFLAG(ENABLE_WEBRTC) CONTENT_EXPORT extern const char kDisableWebRtcEncryption[]; @@ -456,9 +484,11 @@ Signed-off-by: Daniel Charles CONTENT_EXPORT extern const char kEnableWebRtcSrtpAesGcm[]; CONTENT_EXPORT extern const char kEnableWebRtcSrtpEncryptedHeaders[]; CONTENT_EXPORT extern const char kEnableWebRtcStunOrigin[]; ---- a/content/renderer/media/webrtc/peer_connection_dependency_factory.cc -+++ b/content/renderer/media/webrtc/peer_connection_dependency_factory.cc -@@ -245,12 +245,19 @@ void PeerConnectionDependencyFactory::In +Index: chromium-66.0.3359.81/content/renderer/media/webrtc/peer_connection_dependency_factory.cc +=================================================================== +--- chromium-66.0.3359.81.orig/content/renderer/media/webrtc/peer_connection_dependency_factory.cc ++++ chromium-66.0.3359.81/content/renderer/media/webrtc/peer_connection_dependency_factory.cc +@@ -282,10 +282,18 @@ void PeerConnectionDependencyFactory::In const base::CommandLine* cmd_line = base::CommandLine::ForCurrentProcess(); if (gpu_factories && gpu_factories->IsGpuVideoAcceleratorEnabled()) { @@ -469,20 +499,19 @@ Signed-off-by: Daniel Charles +#endif decoder_factory.reset(new RTCVideoDecoderFactory(gpu_factories)); -- if (!cmd_line->HasSwitch(switches::kDisableWebRtcHWEncoding)) { +#if defined(OS_LINUX) && !defined(OS_CHROMEOS) + if (cmd_line->HasSwitch(switches::kEnableAcceleratedVideo)) +#else -+ if (!cmd_line->HasSwitch(switches::kDisableWebRtcHWEncoding)) + if (!cmd_line->HasSwitch(switches::kDisableWebRtcHWEncoding)) +#endif encoder_factory.reset(new RTCVideoEncoderFactory(gpu_factories)); -- } } - #if defined(OS_ANDROID) ---- a/content/renderer/render_thread_impl.cc -+++ b/content/renderer/render_thread_impl.cc -@@ -1485,7 +1485,11 @@ media::GpuVideoAcceleratorFactories* Ren +Index: chromium-66.0.3359.81/content/renderer/render_thread_impl.cc +=================================================================== +--- chromium-66.0.3359.81.orig/content/renderer/render_thread_impl.cc ++++ chromium-66.0.3359.81/content/renderer/render_thread_impl.cc +@@ -1581,7 +1581,11 @@ media::GpuVideoAcceleratorFactories* Ren scoped_refptr media_task_runner = GetMediaThreadTaskRunner(); const bool enable_video_accelerator = @@ -494,8 +523,10 @@ Signed-off-by: Daniel Charles (gpu_channel_host->gpu_feature_info() .status_values[gpu::GPU_FEATURE_TYPE_ACCELERATED_VIDEO_DECODE] == gpu::kGpuFeatureStatusEnabled); ---- a/gpu/config/software_rendering_list.json -+++ b/gpu/config/software_rendering_list.json +Index: chromium-66.0.3359.81/gpu/config/software_rendering_list.json +=================================================================== +--- chromium-66.0.3359.81.orig/gpu/config/software_rendering_list.json ++++ chromium-66.0.3359.81/gpu/config/software_rendering_list.json @@ -373,17 +373,6 @@ ] }, @@ -514,10 +545,12 @@ Signed-off-by: Daniel Charles "id": 50, "description": "Disable VMware software renderer on older Mesa", "cr_bugs": [145531, 332596, 571899, 629434], ---- a/media/gpu/BUILD.gn -+++ b/media/gpu/BUILD.gn -@@ -24,6 +24,14 @@ if (is_mac) { - import("//build/config/mac/mac_sdk.gni") +Index: chromium-66.0.3359.81/media/gpu/BUILD.gn +=================================================================== +--- chromium-66.0.3359.81.orig/media/gpu/BUILD.gn ++++ chromium-66.0.3359.81/media/gpu/BUILD.gn +@@ -482,6 +482,14 @@ if (use_v4l2_codec || use_vaapi || is_ma + } } +if (is_desktop_linux && use_vaapi) { @@ -529,9 +562,9 @@ Signed-off-by: Daniel Charles +} + if (use_vaapi) { - action("libva_generate_stubs") { - extra_header = "vaapi/va_stub_header.fragment" -@@ -353,6 +361,10 @@ component("gpu") { + test("jpeg_encode_accelerator_unittest") { + deps = [ +@@ -542,6 +550,10 @@ if (use_v4l2_codec || use_vaapi) { if (use_ozone) { deps += [ "//ui/ozone" ] } @@ -540,5 +573,5 @@ Signed-off-by: Daniel Charles + public_configs = [ ":libva_config" ] + } } + } - if (is_win) { diff --git a/chromium.changes b/chromium.changes index d3a6a07..98c8caa 100644 --- a/chromium.changes +++ b/chromium.changes @@ -1,105 +1,91 @@ ------------------------------------------------------------------- -Sun Apr 8 10:49:06 UTC 2018 - tchvatal@suse.com +Thu Apr 5 09:48:59 UTC 2018 - tchvatal@suse.com -- Add vaapi patches: - * chromium-vaapi-init.patch - * chromium-vaapi.patch +- Up to 66.0.3359.81 ------------------------------------------------------------------- -Fri Apr 6 12:54:24 UTC 2018 - tchvatal@suse.com +Thu Mar 29 09:49:15 UTC 2018 - tchvatal@suse.com -- Use memory-constraints package to limit threads as needed +- Bump to 66.0.3359.66 ------------------------------------------------------------------- -Wed Mar 21 06:31:27 UTC 2018 - astieger@suse.com +Tue Mar 27 14:28:38 UTC 2018 - tchvatal@suse.com -- Update to Chromium 65.0.3325.181: - * Various security relevant fixes from internal audits, fuzzing - and other initiatives (boo#1086124) +- Update chromium-gcc7.patch to include more quirks ------------------------------------------------------------------- -Tue Mar 20 12:33:53 UTC 2018 - tchvatal@suse.com +Fri Mar 23 12:01:29 UTC 2018 - tchvatal@suse.com -- Use both freetype and harfbuzz either bundled or system +- Bump to 66.0.3359.45 ------------------------------------------------------------------- -Wed Mar 14 14:18:35 UTC 2018 - tchvatal@suse.com +Tue Mar 20 10:14:15 UTC 2018 - tchvatal@suse.com -- Version update to 65.0.3325.162: - * Various stability fixes only +- Bump to 66.0.3359.33 ------------------------------------------------------------------- -Wed Mar 14 09:00:37 UTC 2018 - tchvatal@suse.com +Wed Mar 14 14:19:21 UTC 2018 - tchvatal@suse.com -- Bundle the harfbuzz on < 15.0 release as we would have to - use requires_ge for the library itself later on otherwise +- Version bump to 66.0.3359.26 ------------------------------------------------------------------- -Fri Mar 9 09:10:01 UTC 2018 - tchvatal@suse.com +Wed Mar 14 13:32:18 UTC 2018 - tchvatal@suse.com -- Make sure to require gcc7 -- Add patch chromium-drm.patch to make sure to build with Leap 42.3 - variant of libdrm +- Bump the requirement for the clang version ------------------------------------------------------------------- -Thu Mar 8 09:00:54 UTC 2018 - tchvatal@suse.com +Wed Mar 14 09:01:33 UTC 2018 - tchvatal@suse.com -- Version update to 65.0.3325.146 bsc#1084296: - * High CVE-2017-11215: Use after free in Flash. - * High CVE-2017-11225: Use after free in Flash. - * High CVE-2018-6060: Use after free in Blink. - * High CVE-2018-6061: Race condition in V8. - * High CVE-2018-6062: Heap buffer overflow in Skia. - * High CVE-2018-6057: Incorrect permissions on shared memory. - * High CVE-2018-6063: Incorrect permissions on shared memory. - * High CVE-2018-6064: Type confusion in V8. - * High CVE-2018-6065: Integer overflow in V8. - * Medium CVE-2018-6066: Same Origin Bypass via canvas. - * Medium CVE-2018-6067: Buffer overflow in Skia. - * Medium CVE-2018-6068: Object lifecycle issues in Chrome Custom Tab. - * Medium CVE-2018-6069: Stack buffer overflow in Skia. - * Medium CVE-2018-6070: CSP bypass through extensions. - * Medium CVE-2018-6071: Heap bufffer overflow in Skia. - * Medium CVE-2018-6072: Integer overflow in PDFium. - * Medium CVE-2018-6073: Heap bufffer overflow in WebGL. - * Medium CVE-2018-6074: Mark-of-the-Web bypass. - * Medium CVE-2018-6075: Overly permissive cross origin downloads. - * Medium CVE-2018-6076: Incorrect handling of URL fragment identifiers in Blink. - * Medium CVE-2018-6077: Timing attack using SVG filters. - * Medium CVE-2018-6078: URL Spoof in OmniBox. - * Medium CVE-2018-6079: Information disclosure via texture data in WebGL. - * Medium CVE-2018-6080: Information disclosure in IPC call. - * Low CVE-2018-6081: XSS in interstitials. - * Low CVE-2018-6082: Circumvention of port blocking. - * Low CVE-2018-6083: Incorrect processing of AppManifests. -- Add new patches: - * chromium-compiler.patch - * chromium-glibc-2.27.patch - * mojo.patch -- Drop patches: - * chromium-angle.patch - * chromium-memcpy.patch -- Update constraints -- Refresh patch chromium-non-void-return.patch to include more - fixes +- Conditionalize harfbuzz switch ------------------------------------------------------------------- -Sat Feb 24 19:02:51 UTC 2018 - astieger@suse.com +Mon Mar 12 10:18:18 UTC 2018 - tchvatal@suse.com -- Chromium 64.0.3282.186: - * Various minor bug fixes +- Update to 66.0.3359.22 ------------------------------------------------------------------- -Wed Feb 14 08:16:34 UTC 2018 - astieger@suse.com +Fri Mar 9 11:20:35 UTC 2018 - tchvatal@suse.com -- update to 64.0.3282.167 (bsc#1080920): - * CVE-2018-6056: Incorrect derived class instantiation in V8 +- Apply patches using %autopatch +- Add patch to build with gcc7 properly chromium-gcc7.patch +- Drop patch chromium-sandbox-pie.patch as we have pie default now +- Add patch to build with leap variant of drm chromium-drm.patch ------------------------------------------------------------------- -Fri Feb 2 11:16:23 UTC 2018 - tchvatal@suse.com +Wed Mar 7 12:11:45 UTC 2018 - tchvatal@suse.com -- Version update to 64.0.3282.140 bsc#1079021: - * Various asan fixes bsc#1078463 CVE-2018-6406 +- Add patch to build ffmpeg from system chromium-ffmpeg.patch + +------------------------------------------------------------------- +Wed Mar 7 10:30:24 UTC 2018 - tchvatal@suse.com + +- Up to 66.0.3355.0 +- Disable clang by default again + +------------------------------------------------------------------- +Tue Feb 27 09:35:21 UTC 2018 - tchvatal@suse.com + +- Up to 66.0.3350.0 + +------------------------------------------------------------------- +Thu Feb 15 09:08:22 UTC 2018 - tchvatal@suse.com + +- Drop patch fix_network_api_crash.patch + +------------------------------------------------------------------- +Mon Feb 12 10:10:58 UTC 2018 - tchvatal@suse.com + +- Bump to 66.0.3343.3 + +------------------------------------------------------------------- +Wed Feb 7 13:58:33 UTC 2018 - tchvatal@suse.com + +- Bump to 65.0.3325.51 + +------------------------------------------------------------------- +Tue Feb 6 12:00:36 UTC 2018 - tchvatal@suse.com + +- Disable gconf support ------------------------------------------------------------------- Fri Feb 2 10:43:48 UTC 2018 - dimstar@opensuse.org @@ -110,9 +96,9 @@ Fri Feb 2 10:43:48 UTC 2018 - dimstar@opensuse.org /proc/meminfo. ------------------------------------------------------------------- -Mon Jan 29 13:07:38 UTC 2018 - tchvatal@suse.com +Wed Jan 31 09:45:45 UTC 2018 - tchvatal@suse.com -- Fix default page to not point to 404 +- Bump to 65.0.3325.31 ------------------------------------------------------------------- Mon Jan 29 12:36:31 UTC 2018 - tchvatal@suse.com @@ -120,318 +106,296 @@ Mon Jan 29 12:36:31 UTC 2018 - tchvatal@suse.com - Install swiftshader objects too as they are needed ------------------------------------------------------------------- -Fri Jan 26 10:11:22 UTC 2018 - tchvatal@suse.com +Fri Jan 26 10:12:22 UTC 2018 - tchvatal@suse.com -- Disable ozone stuff conditions for now as the headless mode - breaks up runtime bsc#1077722 +- Update to 65.0.3325.18 +- Try to have automatic ozone platform detection ------------------------------------------------------------------- -Thu Jan 25 09:51:59 UTC 2018 - tchvatal@suse.com +Wed Jan 17 14:28:37 UTC 2018 - tchvatal@suse.com -- Switch to gcc7 on Leap builds +- Bump to 65.0.3322.3 ------------------------------------------------------------------- -Thu Jan 25 09:42:51 UTC 2018 - tchvatal@suse.com +Mon Jan 8 20:12:43 UTC 2018 - tchvatal@suse.com -- Version update to 64.0.3282.119 bsc#1077571: - * High CVE-2018-6031: Use after free in PDFium. Reported by Anonymous on 2017-11-01 - * High CVE-2018-6032: Same origin bypass in Shared Worker. Reported by Jun Kokatsu (@shhnjk) on 2017-11-20 - * High CVE-2018-6033: Race when opening downloaded files. Reported by Juho Nurminen on 2017-12-09 - * Medium CVE-2018-6034: Integer overflow in Blink. Reported by Tobias Klein (www.trapkit.de) on 2017-11-12 - * Medium CVE-2018-6035: Insufficient isolation of devtools from extensions. Reported by Rob Wu on 2017-12-23 - * Medium CVE-2018-6036: Integer underflow in WebAssembly. Reported by The UK's National Cyber Security Centre (NCSC) on 2017-11-30 - * Medium CVE-2018-6037: Insufficient user gesture requirements in autofill. Reported by Paul Stone of Context Information Security on 2017-08-09 - * Medium CVE-2018-6038: Heap buffer overflow in WebGL. Reported by cloudfuzzer on 2017-10-12 - * Medium CVE-2018-6039: XSS in DevTools. Reported by Juho Nurminen on 2017-10-17 - * Medium CVE-2018-6040: Content security policy bypass. Reported by WenXu Wu of Tencent's Xuanwu Lab on 2017-10-26 - * Medium CVE-2018-6041: URL spoof in Navigation. Reported by Luan Herrera on 2017-08-29 - * Medium CVE-2018-6042: URL spoof in OmniBox. Reported by Khalil Zhani on 2017-10-12 - * Medium CVE-2018-6043: Insufficient escaping with external URL handlers. Reported by 0x09AL on 2017-11-16 - * Medium CVE-2018-6045: Insufficient isolation of devtools from extensions. Reported by Rob Wu on 2017-12-23 - * Medium CVE-2018-6046: Insufficient isolation of devtools from extensions. Reported by Rob Wu on 2017-12-31 - * Medium CVE-2018-6047: Cross origin URL leak in WebGL. Reported by Masato Kinugawa on 2018-01-08 - * Low CVE-2018-6048: Referrer policy bypass in Blink. Reported by Jun Kokatsu (@shhnjk) on 2017-09-08 - * Low CVE-2017-15420: URL spoofing in Omnibox. Reported by Drew Springall (@_aaspring_) on 2017-10-05 - * Low CVE-2018-6049: UI spoof in Permissions. Reported by WenXu Wu of Tencent's Xuanwu Lab on 2017-10-13 - * Low CVE-2018-6050: URL spoof in OmniBox. Reported by Jonathan Kew on 2017-10-15 - * Low CVE-2018-6051: Referrer leak in XSS Auditor. Reported by Antonio Sanso (@asanso) on 2014-12-11 - * Low CVE-2018-6052: Incomplete no-referrer policy implementation. Reported by Tanner Emek on 2016-05-28 - * Low CVE-2018-6053: Leak of page thumbnails in New Tab Page. Reported by Asset Kabdenov on 2017-08-23 - * Low CVE-2018-6054: Use after free in WebUI. Reported by Rob Wu on 2017-12-24 -- Add patches: - * chromium-angle.patch - * chromium-memcpy.patch -- Drop patch: - * chromium-gcc.patch -- Change desktop file name to fit bellow the icon on ie KDE desktop +- Bump to 65.0.3311.3 +- Drop chromium-63.0.3289.84-fix-ft-hb-unbundle.patch ------------------------------------------------------------------- -Thu Jan 4 20:59:31 UTC 2018 - astieger@suse.com +Tue Jan 2 13:14:43 UTC 2018 - tchvatal@suse.com -- Chromium 63.0.3239.132: - * DevTools: do not report raw headers and cookies for protected - subresources - * Various other fixes and updates +- add chromium-63.0.3289.84-fix-ft-hb-unbundle.patch to make sure + we use system freetype/harfbuzz ------------------------------------------------------------------- -Fri Dec 15 09:28:07 UTC 2017 - tchvatal@suse.com +Thu Dec 28 18:00:12 UTC 2017 - tchvatal@suse.com -- Version update to 63.0.3239.108 bsc#1072976: - * CVE-2017-15429: UXSS in V8 - * Various fuzzing fixes +- Make sure to use system freetype too ------------------------------------------------------------------- -Thu Dec 7 09:41:13 UTC 2017 - tchvatal@suse.com +Wed Dec 20 15:38:09 UTC 2017 - tchvatal@suse.com -- Version update to 63.0.3239.84 bsc#1071691: - * Critical CVE-2017-15407: Out of bounds write in QUIC. - * High CVE-2017-15408: Heap buffer overflow in PDFium. - * High CVE-2017-15409: Out of bounds write in Skia. - * High CVE-2017-15410: Use after free in PDFium. - * High CVE-2017-15411: Use after free in PDFium. - * High CVE-2017-15412: Use after free in libXML. - * High CVE-2017-15413: Type confusion in WebAssembly. - * Medium CVE-2017-15415: Pointer information disclosure in IPC call. - * Medium CVE-2017-15416: Out of bounds read in Blink. - * Medium CVE-2017-15417: Cross origin information disclosure in Skia. - * Medium CVE-2017-15418: Use of uninitialized value in Skia. - * Medium CVE-2017-15419: Cross origin leak of redirect URL in Blink. - * Medium CVE-2017-15420: URL spoofing in Omnibox. - * Medium CVE-2017-15422: Integer overflow in ICU. - * Low CVE-2017-15423: Issue with SPAKE implementation in BoringSSL. - * Low CVE-2017-15424: URL Spoof in Omnibox. - * Low CVE-2017-15425: URL Spoof in Omnibox. - * Low CVE-2017-15426: URL Spoof in Omnibox. - * Low CVE-2017-15427: Insufficient blocking of JavaScript in Omnibox. -- Rebase fix-gn-bootstrap.diff -- Drop merged patches: - * chromium-gcc5.patch - * chromium-60.0.3112.113-breakpad-ucontext.patch - * chromium-62.0.3202.62-correct-cplusplus-check.patch -- Add new patches: - * chromium-non-void-return.patch - * chromium-gcc.patch +- Bump 65.0.3298.3 ------------------------------------------------------------------- -Wed Nov 22 11:05:42 UTC 2017 - idonmez@suse.com +Tue Dec 19 09:43:19 UTC 2017 - tchvatal@suse.com + +- Drop chromium-memcpy.patch + +------------------------------------------------------------------- +Mon Dec 18 10:46:25 UTC 2017 - tchvatal@suse.com + +- Drop minizip conditional (was about 42.1) + +------------------------------------------------------------------- +Sun Dec 17 22:52:29 UTC 2017 - tchvatal@suse.com + +- Bump to 65.0.3294.5 + +------------------------------------------------------------------- +Thu Dec 14 14:55:27 UTC 2017 - tchvatal@suse.com + +- Explicitely describe what ozone parts we want + +------------------------------------------------------------------- +Wed Dec 13 09:47:33 UTC 2017 - tchvatal@suse.com + +- Bump to 64.0.3282.24 +- Enable system icu again +- Tweak the deps to match current setup +- Add patch chromium-memcpy.patch + +------------------------------------------------------------------- +Tue Dec 12 12:55:52 UTC 2017 - tchvatal@suse.com + +- Minimize desktop name to not take so much space + +------------------------------------------------------------------- +Sat Dec 9 12:54:27 UTC 2017 - tchvatal@suse.com + +- Bumpyty to 64.0.3282.14 + +------------------------------------------------------------------- +Thu Nov 30 14:32:41 UTC 2017 - tchvatal@suse.com + +- Bumpy to 64.0.3278.0 + +------------------------------------------------------------------- +Wed Nov 22 11:06:47 UTC 2017 - idonmez@suse.com - BuildRequire nodejs8 instead of nodejs6 for suse_version >= 1330 ------------------------------------------------------------------- -Wed Nov 15 14:56:24 UTC 2017 - astieger@suse.com +Sun Nov 19 11:25:52 UTC 2017 - tchvatal@suse.com + +- Drop chromium-64.0.3253.3-gpu_lists_version.h.patch +- Drop chromium-gcc.patch + +------------------------------------------------------------------- +Sun Nov 19 11:20:20 UTC 2017 - tchvatal@suse.com + +- Up to 64.0.3269.3 + +------------------------------------------------------------------- +Wed Nov 15 14:42:55 UTC 2017 - astieger@suse.com -- Update to 62.0.3202.94: - * multiple minor rendering related fixes - fix rebuilds in same chroot ------------------------------------------------------------------- -Tue Nov 7 10:12:28 UTC 2017 - tchvatal@suse.com +Wed Nov 8 21:33:56 UTC 2017 - tchvatal@suse.com -- Version update to 62.0.3202.89 bsc#1066851: - * CVE-2017-15398: Stack buffer overflow in QUIC - * CVE-2017-15399: Use after free in V8 -- Drop upstream merged chromium-sandbox.patch +- Add patch chromium-non-void-return.patch ------------------------------------------------------------------- -Fri Nov 3 12:40:33 UTC 2017 - tchvatal@suse.com +Tue Nov 7 09:41:07 UTC 2017 - tchvatal@suse.com -- Restrict the version on jpeg to not waste build power +- Add patch chromium-64.0.3253.3-gpu_lists_version.h.patch ------------------------------------------------------------------- -Sun Oct 29 08:18:37 UTC 2017 - tchvatal@suse.com +Sat Nov 4 09:38:27 UTC 2017 - tchvatal@suse.com -- Add patch to fix sandbox crashes wrt bsc#1064298 - * chromium-sandbox.patch +- Bump to 64.0.3253.3 ------------------------------------------------------------------- -Fri Oct 27 09:17:02 UTC 2017 - tchvatal@suse.com +Fri Nov 3 11:41:40 UTC 2017 - tchvatal@suse.com -- Version update to 62.0.3202.75 bsc#1065405 CVE-2017-15396 - * CVE-2017-15396: Stack overflow in V8 +- Update to 64.0.3251.0 ------------------------------------------------------------------- -Thu Oct 26 12:09:53 UTC 2017 - astieger@suse.com +Thu Nov 2 20:46:57 UTC 2017 - tchvatal@suse.com -- BuildRequire nodejs6 required for polymer-bundler.js +- Fix the tarball unpacking to unroll all the required content +- Update to 63.0.3239.30 ------------------------------------------------------------------- -Thu Oct 26 09:19:09 UTC 2017 - tchvatal@suse.com +Wed Oct 25 18:24:16 UTC 2017 - tchvatal@suse.com -- Try to export properly CXX/CC variable to fix leap builds +- Drop patch chromium-60.0.3112.113-breakpad-ucontext.patch +- Drop patch chromium-sysroot.patch ------------------------------------------------------------------- -Wed Oct 25 17:52:44 UTC 2017 - tchvatal@suse.com +Wed Oct 11 09:04:46 UTC 2017 - tchvatal@suse.com -- Apply patch to fix building crc32 with gcc7: - * chromium-62.0.3202.62-correct-cplusplus-check.patch +- Bump to 63.0.3236.0 ------------------------------------------------------------------- -Thu Oct 19 03:29:56 UTC 2017 - tchvatal@suse.com +Mon Oct 9 11:42:16 UTC 2017 - tchvatal@suse.com -- Update to 62.0.3202.62 bsc#1064066: - * CVE-2017-5124: UXSS with MHTML. - * CVE-2017-5125: Heap overflow in Skia. - * CVE-2017-5126: Use after free in PDFium. - * CVE-2017-5127: Use after free in PDFium. - * CVE-2017-5128: Heap overflow in WebGL. - * CVE-2017-5129: Use after free in WebAudio. - * CVE-2017-5132: Incorrect stack manipulation in WebAssembly. - * CVE-2017-5130: Heap overflow in libxml2. - * CVE-2017-5131: Out of bounds write in Skia. - * CVE-2017-5133: Out of bounds write in Skia. - * CVE-2017-15386: UI spoofing in Blink. - * CVE-2017-15387: Content security bypass. - * CVE-2017-15388: Out of bounds read in Skia. - * CVE-2017-15389: URL spoofing in OmniBox. - * CVE-2017-15390: URL spoofing in OmniBox. - * CVE-2017-15391: Extension limitation bypass in Extensions. - * CVE-2017-15392: Incorrect registry key handling in PlatformIntegration. - * CVE-2017-15393: Referrer leak in Devtools. - * CVE-2017-15394: URL spoofing in extensions UI. - * CVE-2017-15395: Null pointer dereference in ImageCapture. -- Drop unused patches: +- Bump to 63.0.3230.0 + +------------------------------------------------------------------- +Mon Oct 2 10:10:10 UTC 2017 - tchvatal@suse.com + +- Update to 63.0.3223.8 +- Rebase fix-gn-boostrap.diff +- Remove chromium-gcc5.patch + +------------------------------------------------------------------- +Sat Sep 16 15:51:04 UTC 2017 - tchvatal@suse.com + +- Bump to 63.0.3218.0 +- Rebase fix-gn-bootstrap.diff +- Add chromium-sysroot.patch + +------------------------------------------------------------------- +Wed Sep 13 07:51:50 UTC 2017 - tchvatal@suse.com + +- Version update to 62.0.3202.18 + +------------------------------------------------------------------- +Sun Sep 10 09:46:36 UTC 2017 - tchvatal@suse.com + +- Update to latest +- Switch to system libxml again +- Add more folders to be kept in archive + +------------------------------------------------------------------- +Wed Sep 6 13:16:14 UTC 2017 - tchvatal@suse.com + +- Build with gcc6 on leap as we now require --stdc-14 + +------------------------------------------------------------------- +Wed Sep 6 12:55:30 UTC 2017 - tchvatal@suse.com + +- Add patch to build with new glibc: + * chromium-60.0.3112.113-breakpad-ucontext.patch + +------------------------------------------------------------------- +Mon Sep 4 12:11:32 UTC 2017 - tchvatal@suse.com + +- Bump to 62.0.3198.0: + * fix-gn-bootstrap.diff + +------------------------------------------------------------------- +Wed Aug 23 12:40:57 UTC 2017 - tchvatal@suse.com + +- Bump to 62.0.3192.0 +- Rebase patch chromium-prop-codecs.patch + +------------------------------------------------------------------- +Mon Aug 21 09:29:23 UTC 2017 - tchvatal@suse.com + +- Bump to 62.0.3188.2 +- Rebase fix-gn-bootstrap.diff +- Remove arm patches as we exclude it for now: * arm-webrtc-fix.patch * arm_use_right_compiler.patch - * chromium-46.0.2490.71-fix-missing-i18n_process_css_test.patch - * chromium-atk.patch - * chromium-mojo-dep.patch - * gcc60-fixes.diff +- Add patch chromium-gcc5.patch + +------------------------------------------------------------------- +Fri Aug 11 09:37:10 UTC 2017 - tchvatal@suse.com + +- Bump to 62.0.3178.0 +- Add patch chromium-system-zlib.patch +- Rebase patch fix-gn-bootstrap.diff +- Rebase exclude_ymp.diff +- Drop gcc60-fixes.diff as the toolchain was changed + +------------------------------------------------------------------- +Sun Aug 6 07:18:26 UTC 2017 - tchvatal@suse.com + +- Bump to 62.0.3175.4 + +------------------------------------------------------------------- +Sun Aug 6 07:12:01 UTC 2017 - tchvatal@suse.com + +- Bump to 61.0.3163.31 +- Remove condition for gtk3, hard on from now on +- Bump version requirement on nodejs + +------------------------------------------------------------------- +Thu Jul 27 19:42:42 UTC 2017 - tchvatal@suse.com + +- Bump to 61.0.3163.13 +- Rebase fix-gn-bootstrap.diff + +------------------------------------------------------------------- +Thu Jul 20 12:33:20 UTC 2017 - tchvatal@suse.com + - Refresh patches: - * chromium-gcc5.patch - * chromium-prop-codecs.patch - * exclude_ymp.diff * fix-gn-bootstrap.diff + * gcc60-fixes.diff ------------------------------------------------------------------- -Fri Sep 22 14:50:40 UTC 2017 - astieger@suse.com +Wed Jul 19 15:14:56 UTC 2017 - tchvatal@suse.com -- Update to 61.0.3163.100 (boo#1060019): - * CVE-2017-5121: Out-of-bounds access in V8 - * CVE-2017-5122: Out-of-bounds access in V8 - * Various fixes from internal audits, fuzzing and other initiatives +- Bump to 61.0.3159.5 +- Use system libcxx +- Refresh patch fix-gn-bootstrap.diff ------------------------------------------------------------------- -Sat Sep 16 15:50:19 UTC 2017 - tchvatal@suse.com +Mon Jul 17 07:53:34 UTC 2017 - tchvatal@suse.com -- Update to 61.0.3163.91: - * Various bugfixes - -------------------------------------------------------------------- -Mon Sep 11 08:45:35 UTC 2017 - tchvatal@suse.com - -- Update to 61.0.3163.79 bsc#1057364: - * CVE-2017-5111: Use after free in PDFium. - * CVE-2017-5112: Heap buffer overflow in WebGL. - * CVE-2017-5113: Heap buffer overflow in Skia. - * CVE-2017-5114: Memory lifecycle issue in PDFium. - * CVE-2017-5115: Type confusion in V8. - * CVE-2017-5116: Type confusion in V8. - * CVE-2017-5117: Use of uninitialized value in Skia. - * CVE-2017-5118: Bypass of Content Security Policy in Blink. - * CVE-2017-5119: Use of uninitialized value in Skia. - * CVE-2017-5120: Potential HTTPS downgrade during redirect navigation. -- Rebase patch: - * fix-gn-bootstrap.diff -- Remove patches: - * chromium-gcc7.patch - * chromium-override.patch -- Add new patches: - * chromium-atk.patch - * chromium-gcc5.patch - * chromium-mojo-dep.patch -- Gtk3 is hard required from now on -- Version some of the required dependencies - -------------------------------------------------------------------- -Mon Aug 28 22:57:05 UTC 2017 - astieger@suse.com - -- fix build with Factory glibc: - add chromium-60.0.3112.113-breakpad-ucontext.patch - -------------------------------------------------------------------- -Fri Aug 25 09:17:27 UTC 2017 - tchvatal@suse.com - -- Version update to 60.0.3112.113: - * Various bugfixes - -------------------------------------------------------------------- -Tue Aug 15 15:17:00 UTC 2017 - tchvatal@suse.com - -- Version update to 60.0.3112.101: - * various usability bugfixes - -------------------------------------------------------------------- -Thu Aug 3 13:25:33 UTC 2017 - tchvatal@suse.com - -- Version update to 60.0.3112.90: - * Various usability bugfixes - -------------------------------------------------------------------- -Wed Jul 26 13:27:55 UTC 2017 - tchvatal@suse.com - -- Version update to 60.0.3112.78 bsc#1050537: - * CVE-2017-5091: Use after free in IndexedDB - * CVE-2017-5092: Use after free in PPAPI - * CVE-2017-5093: UI spoofing in Blink - * CVE-2017-5094: Type confusion in extensions - * CVE-2017-5095: Out-of-bounds write in PDFium - * CVE-2017-5096: User information leak via Android intents - * CVE-2017-5097: Out-of-bounds read in Skia - * CVE-2017-5098: Use after free in V8 - * CVE-2017-5099: Out-of-bounds write in PPAPI - * CVE-2017-5100: Use after free in Chrome Apps - * CVE-2017-5101: URL spoofing in OmniBox - * CVE-2017-5102: Uninitialized use in Skia - * CVE-2017-5103: Uninitialized use in Skia - * CVE-2017-5104: UI spoofing in browser - * CVE-2017-7000: Pointer disclosure in SQLite - * CVE-2017-5105: URL spoofing in OmniBox - * CVE-2017-5106: URL spoofing in OmniBox - * CVE-2017-5107: User information leak via SVG - * CVE-2017-5108: Type confusion in PDFium - * CVE-2017-5109: UI spoofing in browser - * CVE-2017-5110: UI spoofing in payments dialog - * Various fixes from internal audits, fuzzing and other initiatives -- Add patch chromium-override.patch -- Remove patches chromium-fpermissive.patch chromium-system-ffmpeg-r3.patch -- Rebase patches: - * chromium-dma-buf.patch - * chromium-gcc7.patch - * chromium-last-commit-position-r0.patch - * fix-gn-bootstrap.diff - -------------------------------------------------------------------- -Mon Jul 24 09:01:07 UTC 2017 - tchvatal@suse.com - -- Recommend emoji fonts to make sure major web chats do not show +- Recommend emoji fonts for various communicators to not display questionmarks ------------------------------------------------------------------- -Wed Jun 28 19:27:55 UTC 2017 - tchvatal@suse.com +------------------------------------------------------------------- +Thu Jul 13 07:52:52 UTC 2017 - tchvatal@suse.com -- Update to 59.0.3071.115: - * Various small fixes all around +- Bump to 61.0.3153.4 +- Refresh patch fix-gn-bootstrap.diff ------------------------------------------------------------------- -Fri Jun 23 07:46:48 UTC 2017 - astieger@suse.com +Thu Jun 29 07:07:53 UTC 2017 - tchvatal@suse.com -- Update to 59.0.3071.109: - * ozone/drm: Only reuse ScanoutBuffers with compatible modifiers - * Fixing mouse focus on WebView - * Remove gtk dependency from gles tests - * Set build flag when using own FreeType - * Revert of [scheduler] Move some task types to suspendable task runner - * Fix an incorrect method name on the chrome://site-engagement WebUI page - * Linux/Windows: Removing Guest menu item for supervised profile +- Remove already applied patch chromium-gcc7.patch ------------------------------------------------------------------- -Fri Jun 16 12:12:56 UTC 2017 - astieger@suse.com +Tue Jun 27 17:59:45 UTC 2017 - tchvatal@suse.com -- Update to 59.0.3071.104 (bsc#1044690): - * CVE-2017-5087: Sandbox Escape in IndexedDB - * CVE-2017-5088: Out of bounds read in V8 - * CVE-2017-5089: Domain spoofing in Omnibox - * Various fixes from internal audits, fuzzing and other initiatives +- require nss >= 3.26 +- Update to 61.0.3141.7 +- Refresh fix-gn-bootstrap.diff + +------------------------------------------------------------------- +Thu Jun 22 08:46:57 UTC 2017 - tchvatal@suse.com + +- Drop merged patch chromium-system-icu.patch +- Refresh patch fix-gn-bootstrap.diff + +------------------------------------------------------------------- +Wed Jun 21 17:06:27 UTC 2017 - tchvatal@suse.com + +- Version update to 61.0.3135.4 + +------------------------------------------------------------------- +Thu Jun 15 08:26:29 UTC 2017 - tchvatal@suse.com + +- Update to 61.0.3128.3 +- Add patch chromium-system-icu.patch + +------------------------------------------------------------------- +Sat Jun 10 14:05:13 UTC 2017 - tchvatal@suse.com + +- Update to 61.0.3124.4 +- Refresh patch fix-gn-bootstrap.diff +- Drop patch chromium-override.patch merged upstream + +------------------------------------------------------------------- +Fri Jun 9 12:11:47 UTC 2017 - tchvatal@suse.com + +- Bump to 60.0.3112.24 ------------------------------------------------------------------- Thu Jun 8 14:56:42 UTC 2017 - tchvatal@suse.com @@ -439,56 +403,104 @@ Thu Jun 8 14:56:42 UTC 2017 - tchvatal@suse.com - Add patch chromium-buildname.patch bsc#1043420 ------------------------------------------------------------------- -Tue Jun 6 07:53:53 UTC 2017 - tchvatal@suse.com +Wed Jun 7 09:10:40 UTC 2017 - tchvatal@suse.com -- Update to 59.0.3071.86 bsc#1042833: - * CVE-2017-5070: Type confusion in V8. Reported by Zhao Qixun(@S0rryMybad) of Qihoo 360 Vulcan Team on 2017-05-16 - * CVE-2017-5071: Out of bounds read in V8. Reported by Choongwoo Han on 2017-04-26 - * CVE-2017-5072: Address spoofing in Omnibox. Reported by Rayyan Bijoora on 2017-04-07 - * CVE-2017-5073: Use after free in print preview. Reported by Khalil Zhani on 2017-04-28 - * CVE-2017-5074: Use after free in Apps Bluetooth. Reported by anonymous on 2017-03-09 - * CVE-2017-5075: Information leak in CSP reporting. Reported by Emmanuel Gil Peyrot on 2017-01-05 - * CVE-2017-5086: Address spoofing in Omnibox. Reported by Rayyan Bijoora on 2017-05-16 - * CVE-2017-5076: Address spoofing in Omnibox. Reported by Samuel Erb on 2017-05-06 - * CVE-2017-5077: Heap buffer overflow in Skia. Reported by Sweetchip on 2017-04-28 - * CVE-2017-5078: Possible command injection in mailto handling. Reported by Jose Carlos Exposito Bueno on 2017-04-12 - * CVE-2017-5079: UI spoofing in Blink. Reported by Khalil Zhani on 2017-04-20 - * CVE-2017-5080: Use after free in credit card autofill. Reported by Khalil Zhani on 2017-04-05 - * CVE-2017-5081: Extension verification bypass. Reported by Andrey Kovalev (@L1kvID) Yandex Security Team on 2016-12-07 - * CVE-2017-5082: Insufficient hardening in credit card editor. Reported by Nightwatch Cybersecurity Research on 2017-05-11 - * CVE-2017-5083: UI spoofing in Blink. Reported by Khalil Zhani on 2017-04-24 - * CVE-2017-5085: Inappropriate javascript execution on WebUI pages. Reported by Zhiyang Zeng of Tencent security platform department on 2017-02-15 -- Add patch to fix build with system dma: - * chromium-dma-buf.patch -- Drop no longer needed patches: - * chromium-linker-memory.patch - * chromium-system-jinja-r13.patch -- Refresh patches: - * chromium-gcc7.patch - * chromium-system-ffmpeg-r3.patch +- Update to 60.0.3112.20 + +------------------------------------------------------------------- +Tue Jun 6 10:56:24 UTC 2017 - tchvatal@suse.com + +- Drop patch chromium-system-icu.patch + * Use bundled icu as system is unbuildable at the moment + +------------------------------------------------------------------- +Mon Jun 5 12:23:26 UTC 2017 - tchvatal@suse.com + +- Bump to 60.0.3112.7 +- Add patch for gcc7 chromium-gcc7.patch +- Add patch to build with gcc chromium-override.patch +- Add patch to build with system icu 59 chromium-system-icu.patch + +------------------------------------------------------------------- +Wed May 31 14:23:42 UTC 2017 - tchvatal@suse.com + +- Update to upstream 60.0.3112.7 + * Refresh patch fix-gn-bootstrap.diff +- Remove upstream merged chromium-system-harfbuzz.patch + +------------------------------------------------------------------- +Wed May 24 12:22:27 UTC 2017 - tchvatal@suse.com + +- Update 60.0.3107.4 +- Refresh patch chromium-last-commit-position-r0.patch +- Remove upstreamed chromium-system-ffmpeg-r3.patch +- Remove upstreamed chromium-system-opus.patch +- Remove upstreamed chromium-system-libpng.patch +- Remove upstreamed chromium-system-libwebp.patch +- Update fix-gn-bootstrap.diff +- Add patch chromium-system-harfbuzz.patch + +------------------------------------------------------------------- +Thu May 18 10:31:53 UTC 2017 - tchvatal@suse.com + +- Version update to 60.0.3100.0 +- Add patches: + * chromium-system-libpng.patch + * chromium-system-libwebp.patch + +------------------------------------------------------------------- +Wed May 17 09:22:27 UTC 2017 - tchvatal@suse.com + +- Export gcc standard version to fix build on older releases + * Needed for vulcan + +------------------------------------------------------------------- +Fri May 12 11:25:49 UTC 2017 - tchvatal@suse.com + +- Update to 60.0.3095.5 +- Update patch: * fix-gn-bootstrap.diff -- Use bundled libxml - * Upstream unfortunately uses git snapshot that is not api/abi compatible ------------------------------------------------------------------- -Mon Jun 5 12:55:22 UTC 2017 - tchvatal@suse.com +Sat May 6 08:50:17 UTC 2017 - tchvatal@suse.com -- Add patch to build with gcc7: - * chromium-gcc7.patch -- Add patch for fpermissive build error: - * chromium-fpermissive.patch +- Switch to system opus and yasm ------------------------------------------------------------------- -Wed May 10 07:43:46 UTC 2017 - tchvatal@suse.com +Fri May 5 12:11:38 UTC 2017 - tchvatal@suse.com -- Version update to 58.0.3029.110: - * Various small bugfixes +- Update to 60.0.3088.3 +- Update patch: + * fix-gn-bootstrap.diff + * chromium-dma-buf.patch ------------------------------------------------------------------- -Thu May 4 12:40:32 UTC 2017 - tchvatal@suse.com +Thu May 4 12:52:01 UTC 2017 - tchvatal@suse.com -- Version update to 58.0.3029.96: - * Fixes bsc#1037594 CVE-2017-5068 +- Version update to 60.0.3080.5 +- Refresh patch: + * chromium-dma-buf.patch + * fix-gn-bootstrap.diff + +------------------------------------------------------------------- +Fri Apr 28 18:40:01 UTC 2017 - tchvatal@suse.com + +- Use bundled libxml (they have git snapshot :/) + +------------------------------------------------------------------- +Fri Apr 28 18:21:44 UTC 2017 - tchvatal@suse.com + +- Add more bundled folders + +------------------------------------------------------------------- +Fri Apr 28 06:03:50 UTC 2017 - tchvatal@suse.com + +- Also drop patch chromium-system-jinja-r13.patch + +------------------------------------------------------------------- +Fri Apr 28 05:55:11 UTC 2017 - tchvatal@suse.com + +- Bump to 59.0.3071.29 ------------------------------------------------------------------- Tue Apr 25 13:24:42 UTC 2017 - tchvatal@suse.com @@ -497,34 +509,56 @@ Tue Apr 25 13:24:42 UTC 2017 - tchvatal@suse.com * It is at least used only during build ------------------------------------------------------------------- -Fri Apr 21 09:57:49 UTC 2017 - tchvatal@suse.com +Fri Apr 21 19:16:32 UTC 2017 - tchvatal@suse.com -- Version update to 58.0.3029.81 bsc#1035103: - * High CVE-2017-5057: Type confusion in PDFium. Credit to Guang Gong of Alpha Team, Qihoo 360 - * High CVE-2017-5058: Heap use after free in Print Preview. Credit to Khalil Zhani - * High CVE-2017-5059: Type confusion in Blink. Credit to SkyLined working with Trend Micro's Zero Day Initiative - * Medium CVE-2017-5060: URL spoofing in Omnibox. Credit to Xudong Zheng - * Medium CVE-2017-5061: URL spoofing in Omnibox. Credit to Haosheng Wang (@gnehsoah) - * Medium CVE-2017-5062: Use after free in Chrome Apps. Credit to anonymous - * Medium CVE-2017-5063: Heap overflow in Skia. Credit to Sweetchip - * Medium CVE-2017-5064: Use after free in Blink. Credit to Wadih Matar - * Medium CVE-2017-5065: Incorrect UI in Blink. Credit to Khalil Zhani - * Medium CVE-2017-5066: Incorrect signature handing in Networking. Credit to chenchu - * Medium CVE-2017-5067: URL spoofing in Omnibox. Credit to Khalil Zhani - * Low CVE-2017-5069: Cross-origin bypass in Blink. Credit to Michael Reizelman -- Refresh patch fix-gn-bootstrap.diff -- Refresh patch chromium-system-jinja-r13.patch -- Remove obsolete patch chromium-57-gcc4.patch +- Refresh patch chromium-system-ffmpeg-r3.patch +- Delete patch chromium-system-libjpeg.patch ------------------------------------------------------------------- -Thu Mar 30 13:07:50 UTC 2017 - tchvatal@suse.com +Fri Apr 21 18:58:53 UTC 2017 - tchvatal@suse.com -- Version update to 57.0.2987.133 bsc#1031677: - * Critical CVE-2017-5055: Use after free in printing. Credit to Wadih Matar - * High CVE-2017-5054: Heap buffer overflow in V8. Credit to Nicolas Trippar of Zimperium zLabs - * High CVE-2017-5052: Bad cast in Blink. Credit to JeongHoon Shin - * High CVE-2017-5056: Use after free in Blink. Credit to anonymous - * High CVE-2017-5053: Out of bounds memory access in V8. Credit to Team Sniper (Keen Lab and PC Mgr) reported through ZDI (ZDI-CAN-4587) +- Update to 59.0.3071.15 + +------------------------------------------------------------------- +Fri Apr 21 09:01:47 UTC 2017 - tchvatal@suse.com + +- Drop exif dep, unused +- Pass no-clean option to bootstrap.py for debugging purposes + +------------------------------------------------------------------- +Wed Apr 19 13:21:37 UTC 2017 - tchvatal@suse.com + +- Version update to 59.0.3071.9 + +------------------------------------------------------------------- +Thu Apr 13 08:22:25 UTC 2017 - tchvatal@suse.com + +- Update to 59.0.3067.0 +- Sort out the harfbuzz bundling conditional to be together with minizip + +------------------------------------------------------------------- +Wed Apr 12 11:20:22 UTC 2017 - tchvatal@suse.com + +- Bump harfbuzz and icu requirements + +------------------------------------------------------------------- +Tue Apr 11 11:52:32 UTC 2017 - tchvatal@suse.com + +- Add patch chromium-dma-buf.patch +- Add patch chromium-system-libjpeg.patch + +------------------------------------------------------------------- +Fri Apr 7 08:49:05 UTC 2017 - tchvatal@suse.com + +- Version update to 59.0.3063.4 +- Refresh patch fix-gn-bootstrap.diff +- Refresh patch chromium-system-ffmpeg-r3.patch + +------------------------------------------------------------------- +Thu Mar 30 13:02:21 UTC 2017 - tchvatal@suse.com + +- Update to 59.0.3053.3 +- Refresh patch fix-gn-bootstrap.diff ------------------------------------------------------------------- Fri Mar 24 15:22:38 UTC 2017 - tchvatal@suse.com @@ -532,167 +566,238 @@ Fri Mar 24 15:22:38 UTC 2017 - tchvatal@suse.com - Drop the browser(npapi) provide which is not true ------------------------------------------------------------------- -Sun Mar 19 11:04:47 UTC 2017 - tchvatal@suse.com +Wed Mar 22 10:57:21 UTC 2017 - tchvatal@suse.com -- Add patch to build with gcc4 - * chromium-57-gcc4.patch +- Drop patch chromium-linker-memory.patch as with i586 dropped it + should not be required +- Update patch fix-gn-bootstrap.diff ------------------------------------------------------------------- -Thu Mar 16 20:45:00 UTC 2017 - tchvatal@suse.com +Wed Mar 22 10:56:09 UTC 2017 - tchvatal@suse.com -- Do not use gcc5 and newer as the compat was fixed again -- Update to 57.0.2987.110 with various other small tweaks +- Version update to chromium-59.0.3047.0 ------------------------------------------------------------------- -Fri Mar 10 10:55:23 UTC 2017 - tchvatal@suse.com +Tue Mar 21 12:41:00 UTC 2017 - tchvatal@suse.com -- Version update to 57.0.2987.98 bsc#1028848: - CVE-2017-5030 CVE-2017-5031 CVE-2017-5032 CVE-2017-5029 CVE-2017-5034 - CVE-2017-5035 CVE-2017-5036 CVE-2017-5037 CVE-2017-5039 CVE-2017-5040 - CVE-2017-5041 CVE-2017-5033 CVE-2017-5042 CVE-2017-5038 CVE-2017-5043 - CVE-2017-5044 CVE-2017-5045 CVE-2017-5046 -- Refresh patches - * fix-gn-bootstrap.diff - * chromium-linker-memory.patch -- Remove obsolete patches: - * chromium-sandbox.patch - * chromium-54-ffmpeg2compat.patch -- Remove vaapi patch which broke rendering on non-intel cards: - * chromium-enable-vaapi-on-suse.patch -- From this release onwards i586 build is disabled +- Few tweaks around clang switch to be viable ------------------------------------------------------------------- -Wed Feb 15 12:02:32 UTC 2017 - idonmez@suse.com +Sat Mar 18 19:13:16 UTC 2017 - tchvatal@suse.com + +- Update to 59.0.3043.0 +- Refresh patch fix-gn-bootstrap.diff + +------------------------------------------------------------------- +Wed Mar 15 10:14:35 UTC 2017 - tchvatal@suse.com + +- Update to 58.0.3029.19 + +------------------------------------------------------------------- +Wed Mar 15 09:34:48 UTC 2017 - tchvatal@suse.com + +- Reduce the requirement on gcc to be 4.8 only again + +------------------------------------------------------------------- +Mon Mar 13 12:20:56 UTC 2017 - tchvatal@suse.com + +- Version update to 58.0.3029.14 + +------------------------------------------------------------------- +Mon Mar 13 11:41:34 UTC 2017 - tchvatal@suse.com + +- Disable system vpx for now, needs symbols that will be in 1.6.2 + +------------------------------------------------------------------- +Fri Mar 10 13:03:15 UTC 2017 - tchvatal@suse.com + +- Update fix-gn-bootstrap.diff to build again + +------------------------------------------------------------------- +Wed Mar 8 11:26:35 UTC 2017 - tchvatal@suse.com + +- Version update to 58.0.3029.6 + +------------------------------------------------------------------- +Thu Mar 2 15:19:25 UTC 2017 - tchvatal@suse.com + +- Update to 58.0.3026.3 +- Empty fix-gn-bootstrap.diff again as it was merged upstream + +------------------------------------------------------------------- +Mon Feb 27 11:22:10 UTC 2017 - tchvatal@suse.com + +- Drop patch chromium-enable-vaapi-on-suse.patch as it breaks on + radeon and nvidia cards + +------------------------------------------------------------------- +Fri Feb 24 07:58:48 UTC 2017 - tchvatal@suse.com + +- Update to 58.0.3018.3 +- Update patch fix-gn-bootstrap.diff to match what is needed now +- Refresh patch chromium-system-jinja-r13.patch + +------------------------------------------------------------------- +Fri Feb 17 12:14:06 UTC 2017 - tchvatal@suse.com + +- Version update to 58.0.3013.3 + +------------------------------------------------------------------- +Wed Feb 15 12:15:52 UTC 2017 - idonmez@suse.com - Also add harfbuzz-ng to keeplibs for SLE +------------------------------------------------------------------- +Wed Feb 8 12:39:54 UTC 2017 - tchvatal@suse.com + +- Update to 58.0.3004.3 + +------------------------------------------------------------------- +Wed Feb 8 12:32:46 UTC 2017 - tchvatal@suse.com + +- Try to properly set up nodejs for build + +------------------------------------------------------------------- +Mon Feb 6 20:39:24 UTC 2017 - tchvatal@suse.com + +- Version update to 58.3000.4 next dev channel +- Drop patch chromium-54-ffmpeg2compat.patch as we require ffmpeg3 now + ------------------------------------------------------------------- Mon Feb 6 20:29:52 UTC 2017 - tchvatal@suse.com - Add condition for system harfbuzz to be disabled on SLE ------------------------------------------------------------------- -Mon Feb 6 12:21:34 UTC 2017 - qvoheagbfovvhubzdxfx@posteo.net - -- Fixed a typo in the build requirements for system minizip. - -------------------------------------------------------------------- -Fri Feb 3 12:23:34 UTC 2017 - tchvatal@suse.com - -- Version update to 56.0.2924.87: - * Various small fixes - * Disabled option to enable/disable plugins in the chrome://plugins - -------------------------------------------------------------------- -Thu Feb 2 20:01:27 UTC 2017 - qvoheagbfovvhubzdxfx@posteo.net - -- Added the package 'chromium-privacy' with multiple patches - sourced from the release version on https://github.com/ - u4qo60z73t1c4hurv3ny/privacy_patches-oS_cr, which, when enabled - with the build option 'privacy', builds a version of Chromium - with less privacy implications due to Google services - integration. - -------------------------------------------------------------------- -Wed Feb 1 09:48:35 UTC 2017 - qvoheagbfovvhubzdxfx@posteo.net +Mon Feb 6 12:16:45 UTC 2017 - qvoheagbfovvhubzdxfx@posteo.net - Changed the build requirement of libavformat to library version 57.41.100, as included in ffmpeg 3.1.1, as only this version properly supports the public AVStream API 'codecpar'. - -------------------------------------------------------------------- -Tue Jan 31 14:08:26 UTC 2017 - tchvatal@suse.com - -- Version update to 56.0.2924.76 bsc#1022049: - - CVE-2017-5007: Universal XSS in Blink - - CVE-2017-5006: Universal XSS in Blink - - CVE-2017-5008: Universal XSS in Blink - - CVE-2017-5010: Universal XSS in Blink - - CVE-2017-5011: Unauthorised file access in Devtools - - CVE-2017-5009: Out of bounds memory access in WebRTC - - CVE-2017-5012: Heap overflow in V8 - - CVE-2017-5013: Address spoofing in Omnibox - - CVE-2017-5014: Heap overflow in Skia - - CVE-2017-5015: Address spoofing in Omnibox - - CVE-2017-5019: Use after free in Renderer - - CVE-2017-5016: UI spoofing in Blink - - CVE-2017-5017: Uninitialised memory access in webm video - - CVE-2017-5018: Universal XSS in chrome://apps - - CVE-2017-5020: Universal XSS in chrome://downloads - - CVE-2017-5021: Use after free in Extensions - - CVE-2017-5022: Bypass of Content Security Policy in Blink - - CVE-2017-5023: Type confusion in metrics - - CVE-2017-5024: Heap overflow in FFmpeg - - CVE-2017-5025: Heap overflow in FFmpeg - - CVE-2017-5026: UI spoofing. Credit to Ronni Skansing -- Add conditional to switch between system and bundled icu -- Raise dependency on harfbuzz to 1.3.1 -- Also refresh patches: - chromium-prop-codecs.patch chromium-linker-memory.patch - -------------------------------------------------------------------- -Sat Jan 28 11:31:18 UTC 2017 - qvoheagbfovvhubzdxfx@posteo.net - - Added patch chromium-enable-vaapi-on-suse.patch to enable VAAPI hardware accelerated video decoding. + * chromium-enable-vaapi-on-suse.patch +- Fixed a typo in the build requirements for system minizip. ------------------------------------------------------------------- -Wed Dec 21 20:19:42 UTC 2016 - astieger@suse.com +Fri Feb 3 10:38:16 UTC 2017 - tchvatal@suse.com -- Chromium 55.0.2883.87: - * various fixes for crashes and specific wesites - * update Google pinned certificates +- Update to 57.0.2987.21 ------------------------------------------------------------------- -Wed Dec 21 10:02:52 UTC 2016 - tchvatal@suse.com +Wed Feb 1 12:44:58 UTC 2017 - tchvatal@suse.com -- Disable system icu on Factory, crashes autofill +- Update to 57.0.2987.19 ------------------------------------------------------------------- -Tue Dec 13 14:38:08 UTC 2016 - idonmez@suse.com +Sun Jan 29 17:58:34 UTC 2017 - tchvatal@suse.com + +- Version update to 57.0.2987.13 + +------------------------------------------------------------------- +Wed Jan 25 13:47:13 UTC 2017 - tchvatal@suse.com + +- Update to 57.0.2987.8 + +------------------------------------------------------------------- +Tue Jan 24 10:43:32 UTC 2017 - tchvatal@suse.com + +- Update to 57.0.2986.0 + +------------------------------------------------------------------- +Thu Jan 19 10:40:36 UTC 2017 - tchvatal@suse.com + +- Version update to 57.0.2984.0 + +------------------------------------------------------------------- +Fri Jan 13 09:13:44 UTC 2017 - tchvatal@suse.com + +- Drop the support code for builtin ffmpeg and rely on the system one always + +------------------------------------------------------------------- +Fri Jan 6 11:53:25 UTC 2017 - tchvatal@suse.com + +- Exclude i586 arch as the resources to build are not there + +------------------------------------------------------------------- +Wed Jan 4 12:36:34 UTC 2017 - tchvatal@suse.com + +- Add toolchain definition hopefully allowing us to build on Leap + with older gcc + * This also exposes more of our suse CFLAGS to the compilation + +------------------------------------------------------------------- +Wed Jan 4 12:07:26 UTC 2017 - tchvatal@suse.com + +- Version update to 57.0.2970.0 +- Refresh patch: + * fix-gn-bootstrap.diff +- Drop patch: + * chromium-sandbox.patch + +------------------------------------------------------------------- +Tue Dec 20 14:55:38 UTC 2016 - tchvatal@suse.com + +- Use gcc5 on leap + +------------------------------------------------------------------- +Mon Dec 19 10:30:45 UTC 2016 - tchvatal@suse.com + +- Update to 57.0.2946.4 + +------------------------------------------------------------------- +Wed Dec 14 10:45:26 UTC 2016 - tchvatal@suse.com + +- Allow building with non-system icu on older systems +- Refresh patch fix-gn-bootstrap.diff +- Disable system icu again, fails to build even on factory + +------------------------------------------------------------------- +Tue Dec 13 14:42:30 UTC 2016 - idonmez@suse.com - python-html5lib now depends on six, so preserve that too for SLE builds. ------------------------------------------------------------------- -Fri Dec 9 12:07:10 UTC 2016 - astieger@suse.com +Sun Dec 11 13:12:44 UTC 2016 - tchvatal@suse.com -- Obsolete ffmpeg and ffmpegsumo package in addition to conflict +- Version update to 57.0.2946.0 ------------------------------------------------------------------- -Mon Dec 5 17:08:45 UTC 2016 - astieger@suse.com +Sun Dec 11 13:04:36 UTC 2016 - tchvatal@suse.com -- record minimum version for harfbuzz, incuding runtime - Chromium will crash with harfbuzz < 1.3.0 +- Version update to 56.0.2924.21 ------------------------------------------------------------------- -Sat Dec 3 09:59:21 UTC 2016 - tchvatal@suse.com +Thu Dec 8 08:33:17 UTC 2016 - tchvatal@suse.com -- Chromium 55.0.2883.75 bnc#1013236: - CVE-2016-9651 CVE-2016-5208 CVE-2016-5207 CVE-2016-5206 CVE-2016-5205 - CVE-2016-5204 CVE-2016-5209 CVE-2016-5203 CVE-2016-5210 CVE-2016-5212 - CVE-2016-5211 CVE-2016-5213 CVE-2016-5214 CVE-2016-5216 CVE-2016-5215 - CVE-2016-5217 CVE-2016-5218 CVE-2016-5219 CVE-2016-5221 CVE-2016-5220 - CVE-2016-5222 CVE-2016-9650 CVE-2016-5223 CVE-2016-5226 CVE-2016-5225 - CVE-2016-5224 CVE-2016-9652 -- Switch to system libraries: harfbuzz, zlib, ffmpeg, ... -- Refreshed patches: - * chromium-system-ffmpeg-r3.patch - * chromium-system-jinja-r13.patch -- Use system ffmpeg unless on 13.2 that didn't include it - * chromium-54-ffmpeg2compat.patch - * Remove upstreamed chromium-more-codec-aliases.patch -- Remove bookmarks override as discussed with artwork simply just set - homepage to our openSUSE one and that is all +- Version update to 56.0.2924.18 ------------------------------------------------------------------- -Sat Nov 12 08:20:05 UTC 2016 - astieger@suse.com +Sat Dec 3 12:03:04 UTC 2016 - tchvatal@suse.com -- Chromium 54.0.2840.100: - * CVE-2016-5199: Heap corruption in FFmpeg (boo#1009892) - * CVE-2016-5200: out of bounds memory access in v8 (boo#1009893) - * CVE-2016-5201: info leak in extensions (boo#1009894) - * CVE-2016-5202: various fixes from internal audits (boo#1009895) +- Version update to 56.0.2924.14 + +------------------------------------------------------------------- +Tue Nov 29 21:13:49 UTC 2016 - tchvatal@suse.com + +- Version update to 56.0.2924.10 + +------------------------------------------------------------------- +Tue Nov 22 07:40:21 UTC 2016 - tchvatal@suse.com + +- Version update to 56.0.2922.1 + +------------------------------------------------------------------- +Fri Nov 18 08:35:30 UTC 2016 - tchvatal@suse.com + +- Version update to 56.0.2920.0 + +------------------------------------------------------------------- +Mon Nov 14 13:13:16 UTC 2016 - tchvatal@suse.com + +- Version update to 56.0.2914.3: + * refresh patch chromium-prop-codecs.patch ------------------------------------------------------------------- Mon Nov 7 20:02:46 UTC 2016 - tchvatal@suse.com @@ -702,63 +807,96 @@ Mon Nov 7 20:02:46 UTC 2016 - tchvatal@suse.com bnc#1008725 ------------------------------------------------------------------- -Wed Nov 2 07:32:27 UTC 2016 - tchvatal@suse.com +Sun Nov 6 09:41:28 UTC 2016 - tchvatal@suse.com -- Update to 54.0.2840.90: - * Few fixes and tweaks - * Fixes CVE-2016-5198 bsc#1008274 +- Put chromium-flags at the end to allow user to override various + variables ------------------------------------------------------------------- -Fri Oct 21 10:27:16 UTC 2016 - tchvatal@suse.com +Wed Nov 2 07:36:15 UTC 2016 - tchvatal@suse.com -- Update to 54.0.2840.71: - * Few fixes around +- Update to 56.0.2906.0 ------------------------------------------------------------------- -Thu Oct 13 10:19:03 UTC 2016 - tchvatal@suse.com +Fri Oct 28 16:59:28 UTC 2016 - tchvatal@suse.com -- Version update to 54.0.2840.59 bnc#1004465: - - CVE-2016-5181: Universal XSS in Blink (Anonymous) - - CVE-2016-5182: Heap overflow in Blink (Giwan Go of STEALIEN) - - CVE-2016-5183: Use after free in PDFium (Anonymous) - - CVE-2016-5184: Use after free in PDFium (Anonymous) - - CVE-2016-5185: Use after free in Blink (cloudfuzzer) - - CVE-2016-5187: URL spoofing (Luan Herrera) - - CVE-2016-5188: UI spoofing (Luan Herrera) - - CVE-2016-5192: Cross-origin bypass in Blink (haojunhou at gmail) - - CVE-2016-5189: URL spoofing (xisigr of Tencent's Xuanwu Lab) - - CVE-2016-5186: Out of bounds read in DevTools (Abdulrahman Alqabandi) - - CVE-2016-5191: Universal XSS in Bookmarks (Gareth Hughes) - - CVE-2016-5190: Use after free in Internals (Atte Kettunen of OUSPG) - - CVE-2016-5193: Scheme bypass (Yuyang ZHOUmartinzhou96) -- packaging changes: - * disable build for chromium-beta on %arm. - * Make linker use less memory by tweaking its options: - chromium-linker-memory.patch - * obsolete desktop subpackages - * Switch to gold to reduce memory use use during build - * fix build on 4.5+ kernels with systemlibs: - chromium-sandbox.patch - * various compiler and linker flag adjustments - * enable gtk3 ui, add patch gtk3-missing-define.patch - * switch from some bundled libraries to the system versions - chromium-system-ffmpeg-r3.patch - chromium-system-jinja-r13.patch - fix-gn-bootstrap.diff - * remove service file covered by download_files -- run time bug fixes: - * Add --ui-disable-partial-swap to the launcher bnc#1000019 - * Use default chromium values from master_preferences on first run - rather than pseudo-duplicating in shellscript -- added features: - * hangouts extension +- Update to 56.0.2902.0 + * Update fix-gn-bootstrap.diff ------------------------------------------------------------------- -Fri Sep 30 08:00:45 UTC 2016 - tchvatal@suse.com +Mon Oct 24 13:06:07 UTC 2016 - tchvatal@suse.com -- Version update to 53.0.2785.143 bnc#1002140: - * CVE-2016-5177: Use after free in V8 - * CVE-2016-5178: Various fixes from internal audits +- Update to 56.0.2897.0 + * Refresh patch chromium-linker-memory.patch + * Update fix-gn-bootstrap.diff + +------------------------------------------------------------------- +Mon Oct 24 11:44:08 UTC 2016 - tchvatal@suse.com + +- Try to make package buildable on SLE12 Backports project + +------------------------------------------------------------------- +Fri Oct 21 10:34:39 UTC 2016 - tchvatal@suse.com + +- Update to 55.0.2883.21 +- Add switch between bundled and system icu as on old distributions + we simply have too old ICU +- Add switch for bundled/system minizip as it is not available on 42.1 + +------------------------------------------------------------------- +Thu Oct 20 07:52:26 UTC 2016 - tchvatal@suse.com + +- Version update to 55.0.2883.18 + +------------------------------------------------------------------- +Mon Oct 17 12:06:03 UTC 2016 - tchvatal@suse.com + +- Version update to 55.0.2883.11 +- Drop chromium-system-zlib.patch +- Add Requires on specified browser for chromedriver wrt bnc#1004839 + +------------------------------------------------------------------- +Sun Oct 9 18:16:49 UTC 2016 - tchvatal@suse.com + +- Version update to 55.0.2882.0: + * Rebase fix-gn-bootstrap.diff + * Remove upstreamed chromium-more-codec-aliases.patch + +------------------------------------------------------------------- +Sat Oct 8 09:51:35 UTC 2016 - mailaender@opensuse.org + +- Add appdata.xml for https://en.opensuse.org/openSUSE:AppStore + +------------------------------------------------------------------- +Fri Sep 30 07:12:16 UTC 2016 - dmueller@suse.com + +- disable build for chromium-beta on %arm. while it does build, + it takes two days, in which we can build roughly 600 other packages, + and I rather build 600 other packages than chromium-beta. + +------------------------------------------------------------------- +Wed Sep 28 17:32:17 UTC 2016 - tchvatal@suse.com + +- Version update to 55.0.2873.0: + * refresh fix-gn-bootstrap.diff + +------------------------------------------------------------------- +Tue Sep 27 08:08:38 UTC 2016 - tchvatal@suse.com + +- Do not install default_bookmarks.html file, just set homepage + and that's it +- Drop chromium-rpmlintrc not really needed + +------------------------------------------------------------------- +Mon Sep 26 14:07:58 UTC 2016 - tchvatal@suse.com + +- Drop chrome-wrapper file it is unused + +------------------------------------------------------------------- +Mon Sep 26 12:29:52 UTC 2016 - tchvatal@suse.com + +- Add --ui-disable-partial-swap to the launcher bnc#1000019 + cr#628168 ------------------------------------------------------------------- Mon Sep 26 12:22:41 UTC 2016 - dimstar@opensuse.org @@ -767,50 +905,153 @@ Mon Sep 26 12:22:41 UTC 2016 - dimstar@opensuse.org it's started as an Xwayland client (boo#1001135). ------------------------------------------------------------------- -Sat Sep 17 11:36:18 UTC 2016 - tchvatal@suse.com +Mon Sep 26 08:18:16 UTC 2016 - tchvatal@suse.com -- Apply sandbox patch to fix crashers on tumbleweed bnc#999091 +- Update to 55.0.2868.3: + * remove patch gtk3-missing-define.patch + * update patch fix-gn-bootstrap.diff + * add patch chromium-system-zlib.patch +- Use system icu, upstream bug was fixed + +------------------------------------------------------------------- +Wed Sep 21 09:50:26 UTC 2016 - tchvatal@suse.com + +- Enable system libs again as it works for now +- Disable system vpx on < Factory as the vpx there is too old +- Now stable -> enable tcmalloc again + +------------------------------------------------------------------- +Tue Sep 20 09:00:29 UTC 2016 - tchvatal@suse.com + +- Make linker use less memory by tweaking its options: + * chromium-linker-memory.patch +- Update constraints for arm a bit to build +- Use system ffmpeg unless on 13.2 that didn't include it + * chromium-54-ffmpeg2compat.patch + +------------------------------------------------------------------- +Fri Sep 16 09:12:17 UTC 2016 - tchvatal@suse.com + +- Fix obsoletes for the desktop thingies + +------------------------------------------------------------------- +Thu Sep 15 12:02:32 UTC 2016 - tchvatal@suse.com + +- Gtk3 is still buggy -> disable +- Remove systemlibs for now except ffmpeg as it causes tons of problems + +------------------------------------------------------------------- +Wed Sep 14 14:57:42 UTC 2016 - tchvatal@suse.com + +- Switch to component build - solves issue with linking and not + enough memory +- Document in defaults how to actually enable debugging +- Remove noop conditions and empty variables from .sh script + launching chromium + +------------------------------------------------------------------- +Wed Sep 14 07:31:47 UTC 2016 - tchvatal@suse.com + +- Enable aarch64 to see how it goes +- Version update to 55.0.2859.0 + +------------------------------------------------------------------- +Tue Sep 13 17:13:47 UTC 2016 - tchvatal@suse.com + +- Do not bother with widevine installation, we need to build the + connectors, but later need to use the one bundled with chrome to + work with drm anyway + +------------------------------------------------------------------- +Tue Sep 13 12:53:23 UTC 2016 - tchvatal@suse.com + +- Switch to gold, we need to use less memory when linking +- Expand constraints for the debug symbols +- Use default chromium values from master_preferences on first run + rather than pseudo-duplicating in shellscript, bugs should be + fixed in the masterprefs +- Add patch to fix build on 4.5+ kernels with systemlibs: * chromium-sandbox.patch ------------------------------------------------------------------- -Thu Sep 15 13:09:21 UTC 2016 - tchvatal@suse.com +Mon Sep 12 17:21:26 UTC 2016 - tchvatal@suse.com -- Version update stable channel 53.0.2785.116 - * Just smal bugfixes around +- Collapse the ninja calls to run only once, no need to start 3x +- Remove g0 from cflags, that is something we never want, at least + some symbols for tracing are useful +- Sync more the options that are available for the build ------------------------------------------------------------------- -Wed Sep 14 07:35:09 UTC 2016 - tchvatal@suse.com +Mon Sep 12 08:55:09 UTC 2016 - tchvatal@suse.com -- Version update to 53.0.2785.113 bnc#998743: - * CVE-2016-5170 Use after free in Blink - * CVE-2016-5171 Use after free in Blink - * CVE-2016-5172 Arbitrary Memory Read in v8 - * CVE-2016-5173 Extension resource access - * CVE-2016-5174 Popup not correctly suppressed - * CVE-2016-5175 Various fixes from internal audits +- Enable more switches that are found in the gn files +- Try to enable gtk3 ui again + * add patch gtk3-missing-define.patch ------------------------------------------------------------------- -Mon Sep 12 08:31:59 UTC 2016 - tchvatal@suse.com +Sun Sep 11 09:14:14 UTC 2016 - tchvatal@suse.com -- Reenable widevine build again bnc#998328 +- Move widevine to subpackage so user have choice between the built + one and the chrome one ------------------------------------------------------------------- -Sat Sep 10 09:13:37 UTC 2016 - tchvatal@suse.com +Sat Sep 10 11:02:42 UTC 2016 - tchvatal@suse.com -- Stable channel update to 53.0.2785.101 - * SPDY crasher fixes - * Disable NV12 DXGI video on AMD - * Forward --password-store switch to os_crypt - * Tell the kernel to discard USB requests when they time out. +- Version update to dev chanel 55.0.2853.0 +- Refresh patches: + * chromium-system-ffmpeg-r3.patch + * chromium-system-jinja-r13.patch +- Correctly detect system ffmpeg and set branding to allow all codecs + that the ffmpeg can work with (eg we simply passover all the data + and do not bother with blacklist/whitelist) ------------------------------------------------------------------- -Wed Sep 7 14:50:44 UTC 2016 - astieger@suse.com +Sat Sep 10 08:58:20 UTC 2016 - tchvatal@suse.com -- Update to Chromium 53.0.2785.92: - * Revert of support relocatable RPM packages - * disallow WKBackForwardListItem navigations for pushState pages - * arc: bluetooth: Fix advertised uuid - * fix conflicting PendingIntent for stop button and swipe away +- Update to 54.0.2840.16 +- Expand provides/obsoletes for the desktop subpackages to remove + them all + +------------------------------------------------------------------- +Thu Sep 8 13:23:30 UTC 2016 - tchvatal@suse.com + +- Enable hangouts extension +- Try to build widevine drm extension instead of using the one from + packman bnc#998328 +- Go back to normal malloc from bundled tcmalloc, switch back when + we can use system one + +------------------------------------------------------------------- +Wed Sep 7 06:36:15 UTC 2016 - tchvatal@suse.com + +- Update to 54.0.2840.14 +- Switch back to gcc on factory +- Switch some bundled libraries off courtesy of gentoo build system +- Try to use system ffmpeg if possible +- Remove useless service file, "osc service localrun download_files" + works fine enough even without it +- Add patches for system jinja and ffmpeg (gentoo): + * chromium-system-ffmpeg-r3.patch + * chromium-system-jinja-r13.patch +- Add back gcc compat patch: + * gcc60-fixes.diff + +------------------------------------------------------------------- +Tue Sep 6 08:32:06 UTC 2016 - tchvatal@suse.com + +- Switch to compile using clang as google has default + * Only for factory on 1320 and older use gcc +- Obsolete kde/gnome subpackages, useless nowdays +- Determine paralelism based on how much memory we have +- Disable gtk3 it seems to be really messy with rendering nowdays + * Stick with gtk2 for time being +- Enable tcmalloc as memory manager +- Sort out with spec-cleaner +- Drop unused patches: + * fix-older-gcc.patch + * gcc60-fixes.diff +- Do not install chromium-generic to libdir just directly go to bindir +- Remove empty pre function ------------------------------------------------------------------- Thu Sep 1 04:04:13 UTC 2016 - tittiatcoke@gmail.com diff --git a/chromium.spec b/chromium.spec index cd211ad..9fdecb5 100644 --- a/chromium.spec +++ b/chromium.spec @@ -34,8 +34,8 @@ %endif %bcond_with system_vpx %bcond_with clang -Name: chromium -Version: 65.0.3325.181 +Name: chromium-beta +Version: 66.0.3359.81 Release: 0 Summary: Google's open source browser project License: BSD-3-Clause AND LGPL-2.1-or-later @@ -53,29 +53,24 @@ Source104: chromium-icons.tar.bz2 # PATCH-FEATURE-UPSTREAM https://bugs.chromium.org/p/chromium/issues/detail?id=654190 Source105: chromium-browser.appdata.xml # PATCH-FIX-OPENSUSE Make the 1-click-install ymp file always download [bnc#836059] -Patch1: exclude_ymp.diff +Patch1: exclude_ymp.patch # PATCH-FIX-OPENSUSE enables reading of the master preference Patch2: chromium-master-prefs-path.patch -# PATCH-FIX-OPENSUSE Compile the sandbox with -fPIE settings -Patch4: chromium-sandbox-pie.patch # PATCH-FIX-OPENSUSE fix_building_widevinecdm_with_chromium.patch - Enable WideVine plugin -Patch6: fix_building_widevinecdm_with_chromium.patch -# PATCH-FIX-OPENSUSE fix_network_api_crash.patch - Fix crash in network API, e.g. when using chromecast extension -Patch7: fix_network_api_crash.patch -Patch8: chromium-glibc-2.27.patch -Patch9: chromium-compiler.patch -Patch10: mojo.patch -Patch12: chromium-dma-buf.patch -Patch14: chromium-buildname.patch -Patch17: chromium-non-void-return.patch -Patch18: chromium-drm.patch +Patch3: fix_building_widevinecdm_with_chromium.patch +Patch4: chromium-dma-buf.patch +Patch5: chromium-buildname.patch +Patch6: chromium-non-void-return.patch +Patch7: chromium-ffmpeg.patch +Patch8: chromium-drm.patch +Patch9: chromium-gcc7.patch +Patch10: chromium-sandbox-pie.patch # Google seem not too keen on merging this but GPU accel is quite important # https://chromium-review.googlesource.com/c/chromium/src/+/532294 -Patch100: chromium-vaapi-init.patch -Patch101: chromium-vaapi.patch +Patch100: chromium-vaapi.patch # GN buildsystem related patches Patch200: chromium-last-commit-position-r0.patch -Patch201: fix-gn-bootstrap.diff +Patch201: fix-gn-bootstrap.patch # PATCH-FIX-SUSE: allow proprietary codecs to be set with chromium branding Patch202: chromium-prop-codecs.patch BuildRequires: SDL-devel @@ -183,12 +178,12 @@ Provides: chromium-browser = %{version} Obsoletes: %{name}-suid-helper < %{version} Obsoletes: chromium-browser < %{version} Provides: %{name}-suid-helper = %{version} -Obsoletes: chromium-beta-desktop-gnome -Obsoletes: chromium-beta-desktop-kde -Obsoletes: chromium-desktop-gnome Obsoletes: chromium-desktop-kde -Obsoletes: chromium-dev-desktop-gnome +Obsoletes: chromium-desktop-gnome +Obsoletes: chromium-beta-desktop-kde +Obsoletes: chromium-beta-desktop-gnome Obsoletes: chromium-dev-desktop-kde +Obsoletes: chromium-dev-desktop-gnome Obsoletes: chromium-ffmpeg Obsoletes: chromium-ffmpegsumo # no 32bit supported and it takes ages to build @@ -218,7 +213,7 @@ BuildRequires: pkgconfig(icu-i18n) >= 59.0 BuildRequires: pkgconfig(vpx) >= 1.6.1 %endif %if %{with clang} -BuildRequires: clang >= 3.9.0 +BuildRequires: clang >= 5.0.0 %else %if %{?suse_version} >= 1330 BuildRequires: gcc >= 7 @@ -243,29 +238,7 @@ WebDriver is an open source tool for automated testing of webapps across many br %prep %setup -q -n %{rname}-%{version} - -#GN Buildsystem fixes -%patch200 -p1 -%patch201 -p1 -%patch202 -p1 - -#Standard patches -%patch1 -%patch2 -%patch4 -%patch6 -p1 -%patch7 -%patch8 -p1 -%patch9 -p1 -%patch10 -p1 -%patch12 -p1 -%patch14 -p1 -%patch17 -p1 -%patch18 -p1 - -# vaapi -%patch100 -p1 -%patch101 -p1 +%autopatch -p1 # Copy the toolchain settings mkdir toolchain @@ -286,6 +259,9 @@ keeplibs=( base/third_party/valgrind base/third_party/xdg_mime base/third_party/xdg_user_dirs + buildtools/third_party/libc++ + buildtools/third_party/libc++abi + buildtools/third_party/libunwind chrome/third_party/mozilla_security_manager courgette/third_party net/third_party/mozilla_security_manager @@ -298,6 +274,10 @@ keeplibs=( third_party/angle/src/third_party/compiler third_party/angle/src/third_party/libXNVCtrl third_party/angle/src/third_party/trace_event + third_party/angle/third_party/glslang + third_party/angle/third_party/spirv-headers + third_party/angle/third_party/spirv-tools + third_party/angle/third_party/vulkan-validation-layers third_party/blink third_party/boringssl third_party/boringssl/src/third_party/fiat @@ -340,6 +320,7 @@ keeplibs=( third_party/libXNVCtrl third_party/libaddressinput third_party/libaom + third_party/libaom/source/libaom/third_party/x86inc third_party/libjingle third_party/libphonenumber third_party/libsecret @@ -349,14 +330,12 @@ keeplibs=( third_party/libwebm third_party/libxml/chromium third_party/libyuv - third_party/llvm third_party/lss third_party/lzma_sdk third_party/markupsafe third_party/mesa third_party/metrics_proto third_party/modp_b64 - third_party/mt19937ar third_party/node third_party/node/node_modules/polymer-bundler/lib/third_party/UglifyJS2 third_party/openh264 @@ -365,13 +344,14 @@ keeplibs=( third_party/pdfium third_party/pdfium/third_party/agg23 third_party/pdfium/third_party/base - third_party/pdfium/third_party/build third_party/pdfium/third_party/bigint + third_party/pdfium/third_party/eu-strip third_party/pdfium/third_party/freetype third_party/pdfium/third_party/lcms third_party/pdfium/third_party/libopenjpeg20 third_party/pdfium/third_party/libpng16 third_party/pdfium/third_party/libtiff + third_party/pdfium/third_party/skia_shared third_party/ply third_party/polymer third_party/protobuf @@ -392,6 +372,7 @@ keeplibs=( third_party/swiftshader/third_party/llvm-subzero third_party/swiftshader/third_party/subzero third_party/tcmalloc + third_party/unrar third_party/usrsctp third_party/vulkan third_party/vulkan-validation-layers @@ -453,7 +434,7 @@ export CXX=clang++ %else # REDUCE DEBUG as it gets TOO large ARCH_FLAGS="`echo %{optflags} | sed -e 's/^-g / /g' -e 's/ -g / /g' -e 's/ -g$//g'`" -export CFLAGS="${ARCH_FLAGS} -std=gnu11 -fpermissive" +export CFLAGS="${ARCH_FLAGS} -fpermissive" export CXXFLAGS="${ARCH_FLAGS} -fpermissive" export CC=gcc export CXX=g++ @@ -578,7 +559,7 @@ tools/gn/bootstrap/bootstrap.py -s -v --gn-gen-args "${myconf_gn}" # https://bugs.chromium.org/p/chromium/issues/detail?id=642016 out/Release/gn gen --args="${myconf_gn}" out/Release -ninja -v %{?_smp_mflags} -C out/Release chrome chrome_sandbox chromedriver +ninja -v %{_smp_mflags} -C out/Release chrome chrome_sandbox chromedriver %install mkdir -p %{buildroot}%{_libdir}/chromium @@ -646,6 +627,8 @@ install -m 0644 %{SOURCE30} %{buildroot}%{_sysconfdir}/chromium chmod 755 %{buildroot}%{_libdir}/chromium/xdg-settings chmod 755 %{buildroot}%{_libdir}/chromium/xdg-mime +%fdupes %{buildroot} + %verifyscript %verify_permissions -e %{_libexecdir}/chrome_sandbox diff --git a/exclude_ymp.diff b/exclude_ymp.diff deleted file mode 100644 index 0528f28..0000000 --- a/exclude_ymp.diff +++ /dev/null @@ -1,10 +0,0 @@ ---- third_party/WebKit/common/mime_util/mime_util.cc 2013-08-25 10:12:05.428599992 +0200 -+++ third_party/WebKit/common/mime_util/mime_util.cc 2013-08-25 10:12:05.428599992 +0200 -@@ -79,6 +79,7 @@ - "text/x-csv", - "text/x-vcf", - "text/rtf", -+ "text/x-suse-ymp", - "text/comma-separated-values", - "text/csv", - "text/tab-separated-values", diff --git a/exclude_ymp.patch b/exclude_ymp.patch index 1920197..bfcb093 100644 --- a/exclude_ymp.patch +++ b/exclude_ymp.patch @@ -1,10 +1,10 @@ ---- a/third_party/blink/common/mime_util/mime_util.cc 2013-08-25 10:12:05.428599992 +0200 -+++ b/third_party/blink/common/mime_util/mime_util.cc 2013-08-25 10:12:05.428599992 +0200 +--- a/third_party/WebKit/common/mime_util/mime_util.cc 2013-08-25 10:12:05.428599992 +0200 ++++ b/third_party/WebKit/common/mime_util/mime_util.cc 2013-08-25 10:12:05.428599992 +0200 @@ -79,6 +79,7 @@ - "text/x-csv", - "text/x-vcf", - "text/rtf", -+ "text/x-suse-ymp", - "text/comma-separated-values", - "text/csv", - "text/tab-separated-values", + "text/x-csv", + "text/x-vcf", + "text/rtf", ++ "text/x-suse-ymp", + "text/comma-separated-values", + "text/csv", + "text/tab-separated-values", diff --git a/fix-gn-bootstrap.diff b/fix-gn-bootstrap.patch similarity index 100% rename from fix-gn-bootstrap.diff rename to fix-gn-bootstrap.patch diff --git a/fix_network_api_crash.patch b/fix_network_api_crash.patch deleted file mode 100644 index 00526b7..0000000 --- a/fix_network_api_crash.patch +++ /dev/null @@ -1,77 +0,0 @@ -Index: extensions/browser/api/networking_private/networking_private_linux.cc -=================================================================== ---- extensions/browser/api/networking_private/networking_private_linux.cc.orig 2016-05-05 03:01:50.000000000 +0200 -+++ extensions/browser/api/networking_private/networking_private_linux.cc 2016-05-10 16:16:42.431052917 +0200 -@@ -215,12 +215,14 @@ void NetworkingPrivateLinux::GetState( - std::unique_ptr network_properties( - new base::DictionaryValue); - -+ std::string* erp = error.get(); -+ base::DictionaryValue* npp = network_properties.get(); - // Runs GetCachedNetworkProperties on |dbus_thread|. - dbus_thread_.task_runner()->PostTaskAndReply( - FROM_HERE, base::Bind(&NetworkingPrivateLinux::GetCachedNetworkProperties, - base::Unretained(this), guid, -- base::Unretained(network_properties.get()), -- base::Unretained(error.get())), -+ base::Unretained(npp), -+ base::Unretained(erp)), - base::Bind(&GetCachedNetworkPropertiesCallback, base::Passed(&error), - base::Passed(&network_properties), success_callback, - failure_callback)); -@@ -301,11 +303,12 @@ void NetworkingPrivateLinux::GetNetworks - - // Runs GetAllWiFiAccessPoints on the dbus_thread and returns the - // results back to OnAccessPointsFound where the callback is fired. -+ NetworkMap* nmp = network_map.get(); - dbus_thread_.task_runner()->PostTaskAndReply( - FROM_HERE, - base::Bind(&NetworkingPrivateLinux::GetAllWiFiAccessPoints, - base::Unretained(this), configured_only, visible_only, limit, -- base::Unretained(network_map.get())), -+ base::Unretained(nmp)), - base::Bind(&NetworkingPrivateLinux::OnAccessPointsFound, - base::Unretained(this), base::Passed(&network_map), - success_callback, failure_callback)); -@@ -321,11 +324,12 @@ bool NetworkingPrivateLinux::GetNetworks - // Runs GetAllWiFiAccessPoints on the dbus_thread and returns the - // results back to SendNetworkListChangedEvent to fire the event. No - // callbacks are used in this case. -+ NetworkMap* nmp = network_map.get(); - dbus_thread_.task_runner()->PostTaskAndReply( - FROM_HERE, base::Bind(&NetworkingPrivateLinux::GetAllWiFiAccessPoints, - base::Unretained(this), false /* configured_only */, - false /* visible_only */, 0 /* limit */, -- base::Unretained(network_map.get())), -+ base::Unretained(nmp)), - base::Bind(&NetworkingPrivateLinux::OnAccessPointsFoundViaScan, - base::Unretained(this), base::Passed(&network_map))); - -@@ -506,11 +510,12 @@ void NetworkingPrivateLinux::StartConnec - - std::unique_ptr error(new std::string); - -+ std::string* erp = error.get(); - // Runs ConnectToNetwork on |dbus_thread|. - dbus_thread_.task_runner()->PostTaskAndReply( - FROM_HERE, - base::Bind(&NetworkingPrivateLinux::ConnectToNetwork, -- base::Unretained(this), guid, base::Unretained(error.get())), -+ base::Unretained(this), guid, base::Unretained(erp)), - base::Bind(&OnNetworkConnectOperationCompleted, base::Passed(&error), - success_callback, failure_callback)); - } -@@ -524,11 +529,12 @@ void NetworkingPrivateLinux::StartDiscon - - std::unique_ptr error(new std::string); - -+ std::string* erp = error.get(); - // Runs DisconnectFromNetwork on |dbus_thread|. - dbus_thread_.task_runner()->PostTaskAndReply( - FROM_HERE, - base::Bind(&NetworkingPrivateLinux::DisconnectFromNetwork, -- base::Unretained(this), guid, base::Unretained(error.get())), -+ base::Unretained(this), guid, base::Unretained(erp)), - base::Bind(&OnNetworkConnectOperationCompleted, base::Passed(&error), - success_callback, failure_callback)); - } diff --git a/mojo.patch b/mojo.patch deleted file mode 100644 index 7a287db..0000000 --- a/mojo.patch +++ /dev/null @@ -1,62 +0,0 @@ -description: fix mojo layout test build error -author: Michael Gilbert - ---- a/content/shell/BUILD.gn -+++ b/content/shell/BUILD.gn -@@ -93,8 +93,6 @@ static_library("content_shell_lib") { - "browser/layout_test/layout_test_resource_dispatcher_host_delegate.h", - "browser/layout_test/layout_test_url_request_context_getter.cc", - "browser/layout_test/layout_test_url_request_context_getter.h", -- "browser/layout_test/mojo_layout_test_helper.cc", -- "browser/layout_test/mojo_layout_test_helper.h", - "browser/layout_test/secondary_test_window_observer.cc", - "browser/layout_test/secondary_test_window_observer.h", - "browser/layout_test/test_info_extractor.cc", -@@ -244,9 +242,7 @@ static_library("content_shell_lib") { - "//content/public/common", - "//content/public/common:service_names", - "//content/shell/test_runner:test_runner", -- "//content/test:content_test_mojo_bindings", - "//content/test:layouttest_support", -- "//content/test:mojo_layouttest_bindings", - "//content/test:test_support", - "//device/bluetooth", - "//device/bluetooth:fake_bluetooth", ---- a/content/shell/browser/layout_test/layout_test_content_browser_client.cc -+++ b/content/shell/browser/layout_test/layout_test_content_browser_client.cc -@@ -19,7 +19,6 @@ - #include "content/shell/browser/layout_test/layout_test_message_filter.h" - #include "content/shell/browser/layout_test/layout_test_notification_manager.h" - #include "content/shell/browser/layout_test/layout_test_resource_dispatcher_host_delegate.h" --#include "content/shell/browser/layout_test/mojo_layout_test_helper.h" - #include "content/shell/browser/shell_browser_context.h" - #include "content/shell/common/layout_test/layout_test_switches.h" - #include "content/shell/common/shell_messages.h" -@@ -32,11 +31,6 @@ namespace { - - LayoutTestContentBrowserClient* g_layout_test_browser_client; - --void BindLayoutTestHelper(mojom::MojoLayoutTestHelperRequest request, -- RenderFrameHost* render_frame_host) { -- MojoLayoutTestHelper::Create(std::move(request)); --} -- - } // namespace - - LayoutTestContentBrowserClient::LayoutTestContentBrowserClient() { -@@ -98,7 +92,6 @@ void LayoutTestContentBrowserClient::Exp - - registry->AddInterface(base::Bind(&bluetooth::FakeBluetooth::Create), - ui_task_runner); -- registry->AddInterface(base::Bind(&MojoLayoutTestHelper::Create)); - } - - void LayoutTestContentBrowserClient::OverrideWebkitPrefs( -@@ -193,7 +186,6 @@ bool LayoutTestContentBrowserClient::Can - void LayoutTestContentBrowserClient::ExposeInterfacesToFrame( - service_manager::BinderRegistryWithArgs* - registry) { -- registry->AddInterface(base::Bind(&BindLayoutTestHelper)); - } - - } // namespace content From 9afc3b4144b32dee125bb89956fc98e9e2d47699b5b9fac8b93c28bc1c4e6b49 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Wed, 18 Apr 2018 09:13:39 +0000 Subject: [PATCH 12/52] - Version bump to chromium 66.0.3359.117 bsc#1090000: * CVE-2018-6085: Use after free in Disk Cache * CVE-2018-6086: Use after free in Disk Cache * CVE-2018-6087: Use after free in WebAssembly * CVE-2018-6088: Use after free in PDFium * CVE-2018-6089: Same origin policy bypass in Service Worker * CVE-2018-6090: Heap buffer overflow in Skia * CVE-2018-6091: Incorrect handling of plug-ins by Service Worker * CVE-2018-6092: Integer overflow in WebAssembly * CVE-2018-6093: Same origin bypass in Service Worker * CVE-2018-6094: Exploit hardening regression in Oilpan * CVE-2018-6095: Lack of meaningful user interaction requirement before file upload * CVE-2018-6096: Fullscreen UI spoof * CVE-2018-6097: Fullscreen UI spoof * CVE-2018-6098: URL spoof in Omnibox * CVE-2018-6099: CORS bypass in ServiceWorker * CVE-2018-6100: URL spoof in Omnibox * CVE-2018-6101: Insufficient protection of remote debugging prototol in DevTools * CVE-2018-6102: URL spoof in Omnibox * CVE-2018-6103: UI spoof in Permissions * CVE-2018-6104: URL spoof in Omnibox * CVE-2018-6105: URL spoof in Omnibox * CVE-2018-6106: Incorrect handling of promises in V8 * CVE-2018-6107: URL spoof in Omnibox * CVE-2018-6108: URL spoof in Omnibox * CVE-2018-6109: Incorrect handling of files by FileAPI * CVE-2018-6110: Incorrect handling of plaintext files via file:// * CVE-2018-6111: Heap-use-after-free in DevTools * CVE-2018-6112: Incorrect URL handling in DevTools * CVE-2018-6113: URL spoof in Navigation OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1115 --- chromium-66.0.3359.117.tar.xz | 3 + chromium-66.0.3359.81.tar.xz | 3 - chromium.changes | 1426 ++++++++++++++------------------- chromium.spec | 6 +- 4 files changed, 627 insertions(+), 811 deletions(-) create mode 100644 chromium-66.0.3359.117.tar.xz delete mode 100644 chromium-66.0.3359.81.tar.xz diff --git a/chromium-66.0.3359.117.tar.xz b/chromium-66.0.3359.117.tar.xz new file mode 100644 index 0000000..6aa79a9 --- /dev/null +++ b/chromium-66.0.3359.117.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:77c5a334644fdc303697b3864c9a6b709cee23ee384f4134308e820af4568ed6 +size 583947452 diff --git a/chromium-66.0.3359.81.tar.xz b/chromium-66.0.3359.81.tar.xz deleted file mode 100644 index 29e88a5..0000000 --- a/chromium-66.0.3359.81.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:4a8788a6e89253af3efa85c776c528d6952f8468aff6f793faf46c825ac628c2 -size 583902508 diff --git a/chromium.changes b/chromium.changes index 98c8caa..a723c86 100644 --- a/chromium.changes +++ b/chromium.changes @@ -1,91 +1,162 @@ ------------------------------------------------------------------- -Thu Apr 5 09:48:59 UTC 2018 - tchvatal@suse.com +Wed Apr 18 09:06:31 UTC 2018 - tchvatal@suse.com -- Up to 66.0.3359.81 +- Version bump to chromium 66.0.3359.117 bsc#1090000: + * CVE-2018-6085: Use after free in Disk Cache + * CVE-2018-6086: Use after free in Disk Cache + * CVE-2018-6087: Use after free in WebAssembly + * CVE-2018-6088: Use after free in PDFium + * CVE-2018-6089: Same origin policy bypass in Service Worker + * CVE-2018-6090: Heap buffer overflow in Skia + * CVE-2018-6091: Incorrect handling of plug-ins by Service Worker + * CVE-2018-6092: Integer overflow in WebAssembly + * CVE-2018-6093: Same origin bypass in Service Worker + * CVE-2018-6094: Exploit hardening regression in Oilpan + * CVE-2018-6095: Lack of meaningful user interaction requirement before file upload + * CVE-2018-6096: Fullscreen UI spoof + * CVE-2018-6097: Fullscreen UI spoof + * CVE-2018-6098: URL spoof in Omnibox + * CVE-2018-6099: CORS bypass in ServiceWorker + * CVE-2018-6100: URL spoof in Omnibox + * CVE-2018-6101: Insufficient protection of remote debugging prototol in DevTools + * CVE-2018-6102: URL spoof in Omnibox + * CVE-2018-6103: UI spoof in Permissions + * CVE-2018-6104: URL spoof in Omnibox + * CVE-2018-6105: URL spoof in Omnibox + * CVE-2018-6106: Incorrect handling of promises in V8 + * CVE-2018-6107: URL spoof in Omnibox + * CVE-2018-6108: URL spoof in Omnibox + * CVE-2018-6109: Incorrect handling of files by FileAPI + * CVE-2018-6110: Incorrect handling of plaintext files via file:// + * CVE-2018-6111: Heap-use-after-free in DevTools + * CVE-2018-6112: Incorrect URL handling in DevTools + * CVE-2018-6113: URL spoof in Navigation + * CVE-2018-6114: CSP bypass + * CVE-2018-6115: SmartScreen bypass in downloads + * CVE-2018-6116: Incorrect low memory handling in WebAssembly + * CVE-2018-6117: Confusing autofill settings + * Various fixes from internal audits, fuzzing and other initiatives +- Remove obsolete patches: + * chromium-compiler.patch + * chromium-glibc-2.27.patch + * chromium-vaapi-init.patch + * exclude_ymp.diff + * fix-gn-bootstrap.diff + * fix_network_api_crash.patch + * mojo.patch +- Add new patches: + * chromium-ffmpeg.patch + * chromium-gcc7.patch + * exclude_ymp.patch + * fix-gn-bootstrap.patch +- Rebase patches: + * chromium-master-prefs-path.patch + * chromium-non-void-return.patch + * chromium-sandbox-pie.patch + * chromium-vaapi.patch ------------------------------------------------------------------- -Thu Mar 29 09:49:15 UTC 2018 - tchvatal@suse.com +Sun Apr 8 10:49:06 UTC 2018 - tchvatal@suse.com -- Bump to 66.0.3359.66 +- Add vaapi patches: + * chromium-vaapi-init.patch + * chromium-vaapi.patch ------------------------------------------------------------------- -Tue Mar 27 14:28:38 UTC 2018 - tchvatal@suse.com +Fri Apr 6 12:54:24 UTC 2018 - tchvatal@suse.com -- Update chromium-gcc7.patch to include more quirks +- Use memory-constraints package to limit threads as needed ------------------------------------------------------------------- -Fri Mar 23 12:01:29 UTC 2018 - tchvatal@suse.com +Wed Mar 21 06:31:27 UTC 2018 - astieger@suse.com -- Bump to 66.0.3359.45 +- Update to Chromium 65.0.3325.181: + * Various security relevant fixes from internal audits, fuzzing + and other initiatives (boo#1086124) ------------------------------------------------------------------- -Tue Mar 20 10:14:15 UTC 2018 - tchvatal@suse.com +Tue Mar 20 12:33:53 UTC 2018 - tchvatal@suse.com -- Bump to 66.0.3359.33 +- Use both freetype and harfbuzz either bundled or system ------------------------------------------------------------------- -Wed Mar 14 14:19:21 UTC 2018 - tchvatal@suse.com +Wed Mar 14 14:18:35 UTC 2018 - tchvatal@suse.com -- Version bump to 66.0.3359.26 +- Version update to 65.0.3325.162: + * Various stability fixes only ------------------------------------------------------------------- -Wed Mar 14 13:32:18 UTC 2018 - tchvatal@suse.com +Wed Mar 14 09:00:37 UTC 2018 - tchvatal@suse.com -- Bump the requirement for the clang version +- Bundle the harfbuzz on < 15.0 release as we would have to + use requires_ge for the library itself later on otherwise ------------------------------------------------------------------- -Wed Mar 14 09:01:33 UTC 2018 - tchvatal@suse.com +Fri Mar 9 09:10:01 UTC 2018 - tchvatal@suse.com -- Conditionalize harfbuzz switch +- Make sure to require gcc7 +- Add patch chromium-drm.patch to make sure to build with Leap 42.3 + variant of libdrm ------------------------------------------------------------------- -Mon Mar 12 10:18:18 UTC 2018 - tchvatal@suse.com +Thu Mar 8 09:00:54 UTC 2018 - tchvatal@suse.com -- Update to 66.0.3359.22 +- Version update to 65.0.3325.146 bsc#1084296: + * High CVE-2017-11215: Use after free in Flash. + * High CVE-2017-11225: Use after free in Flash. + * High CVE-2018-6060: Use after free in Blink. + * High CVE-2018-6061: Race condition in V8. + * High CVE-2018-6062: Heap buffer overflow in Skia. + * High CVE-2018-6057: Incorrect permissions on shared memory. + * High CVE-2018-6063: Incorrect permissions on shared memory. + * High CVE-2018-6064: Type confusion in V8. + * High CVE-2018-6065: Integer overflow in V8. + * Medium CVE-2018-6066: Same Origin Bypass via canvas. + * Medium CVE-2018-6067: Buffer overflow in Skia. + * Medium CVE-2018-6068: Object lifecycle issues in Chrome Custom Tab. + * Medium CVE-2018-6069: Stack buffer overflow in Skia. + * Medium CVE-2018-6070: CSP bypass through extensions. + * Medium CVE-2018-6071: Heap bufffer overflow in Skia. + * Medium CVE-2018-6072: Integer overflow in PDFium. + * Medium CVE-2018-6073: Heap bufffer overflow in WebGL. + * Medium CVE-2018-6074: Mark-of-the-Web bypass. + * Medium CVE-2018-6075: Overly permissive cross origin downloads. + * Medium CVE-2018-6076: Incorrect handling of URL fragment identifiers in Blink. + * Medium CVE-2018-6077: Timing attack using SVG filters. + * Medium CVE-2018-6078: URL Spoof in OmniBox. + * Medium CVE-2018-6079: Information disclosure via texture data in WebGL. + * Medium CVE-2018-6080: Information disclosure in IPC call. + * Low CVE-2018-6081: XSS in interstitials. + * Low CVE-2018-6082: Circumvention of port blocking. + * Low CVE-2018-6083: Incorrect processing of AppManifests. +- Add new patches: + * chromium-compiler.patch + * chromium-glibc-2.27.patch + * mojo.patch +- Drop patches: + * chromium-angle.patch + * chromium-memcpy.patch +- Update constraints +- Refresh patch chromium-non-void-return.patch to include more + fixes ------------------------------------------------------------------- -Fri Mar 9 11:20:35 UTC 2018 - tchvatal@suse.com +Sat Feb 24 19:02:51 UTC 2018 - astieger@suse.com -- Apply patches using %autopatch -- Add patch to build with gcc7 properly chromium-gcc7.patch -- Drop patch chromium-sandbox-pie.patch as we have pie default now -- Add patch to build with leap variant of drm chromium-drm.patch +- Chromium 64.0.3282.186: + * Various minor bug fixes ------------------------------------------------------------------- -Wed Mar 7 12:11:45 UTC 2018 - tchvatal@suse.com +Wed Feb 14 08:16:34 UTC 2018 - astieger@suse.com -- Add patch to build ffmpeg from system chromium-ffmpeg.patch +- update to 64.0.3282.167 (bsc#1080920): + * CVE-2018-6056: Incorrect derived class instantiation in V8 ------------------------------------------------------------------- -Wed Mar 7 10:30:24 UTC 2018 - tchvatal@suse.com +Fri Feb 2 11:16:23 UTC 2018 - tchvatal@suse.com -- Up to 66.0.3355.0 -- Disable clang by default again - -------------------------------------------------------------------- -Tue Feb 27 09:35:21 UTC 2018 - tchvatal@suse.com - -- Up to 66.0.3350.0 - -------------------------------------------------------------------- -Thu Feb 15 09:08:22 UTC 2018 - tchvatal@suse.com - -- Drop patch fix_network_api_crash.patch - -------------------------------------------------------------------- -Mon Feb 12 10:10:58 UTC 2018 - tchvatal@suse.com - -- Bump to 66.0.3343.3 - -------------------------------------------------------------------- -Wed Feb 7 13:58:33 UTC 2018 - tchvatal@suse.com - -- Bump to 65.0.3325.51 - -------------------------------------------------------------------- -Tue Feb 6 12:00:36 UTC 2018 - tchvatal@suse.com - -- Disable gconf support +- Version update to 64.0.3282.140 bsc#1079021: + * Various asan fixes bsc#1078463 CVE-2018-6406 ------------------------------------------------------------------- Fri Feb 2 10:43:48 UTC 2018 - dimstar@opensuse.org @@ -96,9 +167,9 @@ Fri Feb 2 10:43:48 UTC 2018 - dimstar@opensuse.org /proc/meminfo. ------------------------------------------------------------------- -Wed Jan 31 09:45:45 UTC 2018 - tchvatal@suse.com +Mon Jan 29 13:07:38 UTC 2018 - tchvatal@suse.com -- Bump to 65.0.3325.31 +- Fix default page to not point to 404 ------------------------------------------------------------------- Mon Jan 29 12:36:31 UTC 2018 - tchvatal@suse.com @@ -106,296 +177,318 @@ Mon Jan 29 12:36:31 UTC 2018 - tchvatal@suse.com - Install swiftshader objects too as they are needed ------------------------------------------------------------------- -Fri Jan 26 10:12:22 UTC 2018 - tchvatal@suse.com +Fri Jan 26 10:11:22 UTC 2018 - tchvatal@suse.com -- Update to 65.0.3325.18 -- Try to have automatic ozone platform detection +- Disable ozone stuff conditions for now as the headless mode + breaks up runtime bsc#1077722 ------------------------------------------------------------------- -Wed Jan 17 14:28:37 UTC 2018 - tchvatal@suse.com +Thu Jan 25 09:51:59 UTC 2018 - tchvatal@suse.com -- Bump to 65.0.3322.3 +- Switch to gcc7 on Leap builds ------------------------------------------------------------------- -Mon Jan 8 20:12:43 UTC 2018 - tchvatal@suse.com +Thu Jan 25 09:42:51 UTC 2018 - tchvatal@suse.com -- Bump to 65.0.3311.3 -- Drop chromium-63.0.3289.84-fix-ft-hb-unbundle.patch +- Version update to 64.0.3282.119 bsc#1077571: + * High CVE-2018-6031: Use after free in PDFium. Reported by Anonymous on 2017-11-01 + * High CVE-2018-6032: Same origin bypass in Shared Worker. Reported by Jun Kokatsu (@shhnjk) on 2017-11-20 + * High CVE-2018-6033: Race when opening downloaded files. Reported by Juho Nurminen on 2017-12-09 + * Medium CVE-2018-6034: Integer overflow in Blink. Reported by Tobias Klein (www.trapkit.de) on 2017-11-12 + * Medium CVE-2018-6035: Insufficient isolation of devtools from extensions. Reported by Rob Wu on 2017-12-23 + * Medium CVE-2018-6036: Integer underflow in WebAssembly. Reported by The UK's National Cyber Security Centre (NCSC) on 2017-11-30 + * Medium CVE-2018-6037: Insufficient user gesture requirements in autofill. Reported by Paul Stone of Context Information Security on 2017-08-09 + * Medium CVE-2018-6038: Heap buffer overflow in WebGL. Reported by cloudfuzzer on 2017-10-12 + * Medium CVE-2018-6039: XSS in DevTools. Reported by Juho Nurminen on 2017-10-17 + * Medium CVE-2018-6040: Content security policy bypass. Reported by WenXu Wu of Tencent's Xuanwu Lab on 2017-10-26 + * Medium CVE-2018-6041: URL spoof in Navigation. Reported by Luan Herrera on 2017-08-29 + * Medium CVE-2018-6042: URL spoof in OmniBox. Reported by Khalil Zhani on 2017-10-12 + * Medium CVE-2018-6043: Insufficient escaping with external URL handlers. Reported by 0x09AL on 2017-11-16 + * Medium CVE-2018-6045: Insufficient isolation of devtools from extensions. Reported by Rob Wu on 2017-12-23 + * Medium CVE-2018-6046: Insufficient isolation of devtools from extensions. Reported by Rob Wu on 2017-12-31 + * Medium CVE-2018-6047: Cross origin URL leak in WebGL. Reported by Masato Kinugawa on 2018-01-08 + * Low CVE-2018-6048: Referrer policy bypass in Blink. Reported by Jun Kokatsu (@shhnjk) on 2017-09-08 + * Low CVE-2017-15420: URL spoofing in Omnibox. Reported by Drew Springall (@_aaspring_) on 2017-10-05 + * Low CVE-2018-6049: UI spoof in Permissions. Reported by WenXu Wu of Tencent's Xuanwu Lab on 2017-10-13 + * Low CVE-2018-6050: URL spoof in OmniBox. Reported by Jonathan Kew on 2017-10-15 + * Low CVE-2018-6051: Referrer leak in XSS Auditor. Reported by Antonio Sanso (@asanso) on 2014-12-11 + * Low CVE-2018-6052: Incomplete no-referrer policy implementation. Reported by Tanner Emek on 2016-05-28 + * Low CVE-2018-6053: Leak of page thumbnails in New Tab Page. Reported by Asset Kabdenov on 2017-08-23 + * Low CVE-2018-6054: Use after free in WebUI. Reported by Rob Wu on 2017-12-24 +- Add patches: + * chromium-angle.patch + * chromium-memcpy.patch +- Drop patch: + * chromium-gcc.patch +- Change desktop file name to fit bellow the icon on ie KDE desktop ------------------------------------------------------------------- -Tue Jan 2 13:14:43 UTC 2018 - tchvatal@suse.com +Thu Jan 4 20:59:31 UTC 2018 - astieger@suse.com -- add chromium-63.0.3289.84-fix-ft-hb-unbundle.patch to make sure - we use system freetype/harfbuzz +- Chromium 63.0.3239.132: + * DevTools: do not report raw headers and cookies for protected + subresources + * Various other fixes and updates ------------------------------------------------------------------- -Thu Dec 28 18:00:12 UTC 2017 - tchvatal@suse.com +Fri Dec 15 09:28:07 UTC 2017 - tchvatal@suse.com -- Make sure to use system freetype too +- Version update to 63.0.3239.108 bsc#1072976: + * CVE-2017-15429: UXSS in V8 + * Various fuzzing fixes ------------------------------------------------------------------- -Wed Dec 20 15:38:09 UTC 2017 - tchvatal@suse.com +Thu Dec 7 09:41:13 UTC 2017 - tchvatal@suse.com -- Bump 65.0.3298.3 +- Version update to 63.0.3239.84 bsc#1071691: + * Critical CVE-2017-15407: Out of bounds write in QUIC. + * High CVE-2017-15408: Heap buffer overflow in PDFium. + * High CVE-2017-15409: Out of bounds write in Skia. + * High CVE-2017-15410: Use after free in PDFium. + * High CVE-2017-15411: Use after free in PDFium. + * High CVE-2017-15412: Use after free in libXML. + * High CVE-2017-15413: Type confusion in WebAssembly. + * Medium CVE-2017-15415: Pointer information disclosure in IPC call. + * Medium CVE-2017-15416: Out of bounds read in Blink. + * Medium CVE-2017-15417: Cross origin information disclosure in Skia. + * Medium CVE-2017-15418: Use of uninitialized value in Skia. + * Medium CVE-2017-15419: Cross origin leak of redirect URL in Blink. + * Medium CVE-2017-15420: URL spoofing in Omnibox. + * Medium CVE-2017-15422: Integer overflow in ICU. + * Low CVE-2017-15423: Issue with SPAKE implementation in BoringSSL. + * Low CVE-2017-15424: URL Spoof in Omnibox. + * Low CVE-2017-15425: URL Spoof in Omnibox. + * Low CVE-2017-15426: URL Spoof in Omnibox. + * Low CVE-2017-15427: Insufficient blocking of JavaScript in Omnibox. +- Rebase fix-gn-bootstrap.diff +- Drop merged patches: + * chromium-gcc5.patch + * chromium-60.0.3112.113-breakpad-ucontext.patch + * chromium-62.0.3202.62-correct-cplusplus-check.patch +- Add new patches: + * chromium-non-void-return.patch + * chromium-gcc.patch ------------------------------------------------------------------- -Tue Dec 19 09:43:19 UTC 2017 - tchvatal@suse.com - -- Drop chromium-memcpy.patch - -------------------------------------------------------------------- -Mon Dec 18 10:46:25 UTC 2017 - tchvatal@suse.com - -- Drop minizip conditional (was about 42.1) - -------------------------------------------------------------------- -Sun Dec 17 22:52:29 UTC 2017 - tchvatal@suse.com - -- Bump to 65.0.3294.5 - -------------------------------------------------------------------- -Thu Dec 14 14:55:27 UTC 2017 - tchvatal@suse.com - -- Explicitely describe what ozone parts we want - -------------------------------------------------------------------- -Wed Dec 13 09:47:33 UTC 2017 - tchvatal@suse.com - -- Bump to 64.0.3282.24 -- Enable system icu again -- Tweak the deps to match current setup -- Add patch chromium-memcpy.patch - -------------------------------------------------------------------- -Tue Dec 12 12:55:52 UTC 2017 - tchvatal@suse.com - -- Minimize desktop name to not take so much space - -------------------------------------------------------------------- -Sat Dec 9 12:54:27 UTC 2017 - tchvatal@suse.com - -- Bumpyty to 64.0.3282.14 - -------------------------------------------------------------------- -Thu Nov 30 14:32:41 UTC 2017 - tchvatal@suse.com - -- Bumpy to 64.0.3278.0 - -------------------------------------------------------------------- -Wed Nov 22 11:06:47 UTC 2017 - idonmez@suse.com +Wed Nov 22 11:05:42 UTC 2017 - idonmez@suse.com - BuildRequire nodejs8 instead of nodejs6 for suse_version >= 1330 ------------------------------------------------------------------- -Sun Nov 19 11:25:52 UTC 2017 - tchvatal@suse.com - -- Drop chromium-64.0.3253.3-gpu_lists_version.h.patch -- Drop chromium-gcc.patch - -------------------------------------------------------------------- -Sun Nov 19 11:20:20 UTC 2017 - tchvatal@suse.com - -- Up to 64.0.3269.3 - -------------------------------------------------------------------- -Wed Nov 15 14:42:55 UTC 2017 - astieger@suse.com +Wed Nov 15 14:56:24 UTC 2017 - astieger@suse.com +- Update to 62.0.3202.94: + * multiple minor rendering related fixes - fix rebuilds in same chroot ------------------------------------------------------------------- -Wed Nov 8 21:33:56 UTC 2017 - tchvatal@suse.com +Tue Nov 7 10:12:28 UTC 2017 - tchvatal@suse.com -- Add patch chromium-non-void-return.patch +- Version update to 62.0.3202.89 bsc#1066851: + * CVE-2017-15398: Stack buffer overflow in QUIC + * CVE-2017-15399: Use after free in V8 +- Drop upstream merged chromium-sandbox.patch ------------------------------------------------------------------- -Tue Nov 7 09:41:07 UTC 2017 - tchvatal@suse.com +Fri Nov 3 12:40:33 UTC 2017 - tchvatal@suse.com -- Add patch chromium-64.0.3253.3-gpu_lists_version.h.patch +- Restrict the version on jpeg to not waste build power ------------------------------------------------------------------- -Sat Nov 4 09:38:27 UTC 2017 - tchvatal@suse.com +Sun Oct 29 08:18:37 UTC 2017 - tchvatal@suse.com -- Bump to 64.0.3253.3 +- Add patch to fix sandbox crashes wrt bsc#1064298 + * chromium-sandbox.patch ------------------------------------------------------------------- -Fri Nov 3 11:41:40 UTC 2017 - tchvatal@suse.com +Fri Oct 27 09:17:02 UTC 2017 - tchvatal@suse.com -- Update to 64.0.3251.0 +- Version update to 62.0.3202.75 bsc#1065405 CVE-2017-15396 + * CVE-2017-15396: Stack overflow in V8 ------------------------------------------------------------------- -Thu Nov 2 20:46:57 UTC 2017 - tchvatal@suse.com +Thu Oct 26 12:09:53 UTC 2017 - astieger@suse.com -- Fix the tarball unpacking to unroll all the required content -- Update to 63.0.3239.30 +- BuildRequire nodejs6 required for polymer-bundler.js ------------------------------------------------------------------- -Wed Oct 25 18:24:16 UTC 2017 - tchvatal@suse.com +Thu Oct 26 09:19:09 UTC 2017 - tchvatal@suse.com -- Drop patch chromium-60.0.3112.113-breakpad-ucontext.patch -- Drop patch chromium-sysroot.patch +- Try to export properly CXX/CC variable to fix leap builds ------------------------------------------------------------------- -Wed Oct 11 09:04:46 UTC 2017 - tchvatal@suse.com +Wed Oct 25 17:52:44 UTC 2017 - tchvatal@suse.com -- Bump to 63.0.3236.0 +- Apply patch to fix building crc32 with gcc7: + * chromium-62.0.3202.62-correct-cplusplus-check.patch ------------------------------------------------------------------- -Mon Oct 9 11:42:16 UTC 2017 - tchvatal@suse.com +Thu Oct 19 03:29:56 UTC 2017 - tchvatal@suse.com -- Bump to 63.0.3230.0 - -------------------------------------------------------------------- -Mon Oct 2 10:10:10 UTC 2017 - tchvatal@suse.com - -- Update to 63.0.3223.8 -- Rebase fix-gn-boostrap.diff -- Remove chromium-gcc5.patch - -------------------------------------------------------------------- -Sat Sep 16 15:51:04 UTC 2017 - tchvatal@suse.com - -- Bump to 63.0.3218.0 -- Rebase fix-gn-bootstrap.diff -- Add chromium-sysroot.patch - -------------------------------------------------------------------- -Wed Sep 13 07:51:50 UTC 2017 - tchvatal@suse.com - -- Version update to 62.0.3202.18 - -------------------------------------------------------------------- -Sun Sep 10 09:46:36 UTC 2017 - tchvatal@suse.com - -- Update to latest -- Switch to system libxml again -- Add more folders to be kept in archive - -------------------------------------------------------------------- -Wed Sep 6 13:16:14 UTC 2017 - tchvatal@suse.com - -- Build with gcc6 on leap as we now require --stdc-14 - -------------------------------------------------------------------- -Wed Sep 6 12:55:30 UTC 2017 - tchvatal@suse.com - -- Add patch to build with new glibc: - * chromium-60.0.3112.113-breakpad-ucontext.patch - -------------------------------------------------------------------- -Mon Sep 4 12:11:32 UTC 2017 - tchvatal@suse.com - -- Bump to 62.0.3198.0: - * fix-gn-bootstrap.diff - -------------------------------------------------------------------- -Wed Aug 23 12:40:57 UTC 2017 - tchvatal@suse.com - -- Bump to 62.0.3192.0 -- Rebase patch chromium-prop-codecs.patch - -------------------------------------------------------------------- -Mon Aug 21 09:29:23 UTC 2017 - tchvatal@suse.com - -- Bump to 62.0.3188.2 -- Rebase fix-gn-bootstrap.diff -- Remove arm patches as we exclude it for now: +- Update to 62.0.3202.62 bsc#1064066: + * CVE-2017-5124: UXSS with MHTML. + * CVE-2017-5125: Heap overflow in Skia. + * CVE-2017-5126: Use after free in PDFium. + * CVE-2017-5127: Use after free in PDFium. + * CVE-2017-5128: Heap overflow in WebGL. + * CVE-2017-5129: Use after free in WebAudio. + * CVE-2017-5132: Incorrect stack manipulation in WebAssembly. + * CVE-2017-5130: Heap overflow in libxml2. + * CVE-2017-5131: Out of bounds write in Skia. + * CVE-2017-5133: Out of bounds write in Skia. + * CVE-2017-15386: UI spoofing in Blink. + * CVE-2017-15387: Content security bypass. + * CVE-2017-15388: Out of bounds read in Skia. + * CVE-2017-15389: URL spoofing in OmniBox. + * CVE-2017-15390: URL spoofing in OmniBox. + * CVE-2017-15391: Extension limitation bypass in Extensions. + * CVE-2017-15392: Incorrect registry key handling in PlatformIntegration. + * CVE-2017-15393: Referrer leak in Devtools. + * CVE-2017-15394: URL spoofing in extensions UI. + * CVE-2017-15395: Null pointer dereference in ImageCapture. +- Drop unused patches: * arm-webrtc-fix.patch * arm_use_right_compiler.patch -- Add patch chromium-gcc5.patch - -------------------------------------------------------------------- -Fri Aug 11 09:37:10 UTC 2017 - tchvatal@suse.com - -- Bump to 62.0.3178.0 -- Add patch chromium-system-zlib.patch -- Rebase patch fix-gn-bootstrap.diff -- Rebase exclude_ymp.diff -- Drop gcc60-fixes.diff as the toolchain was changed - -------------------------------------------------------------------- -Sun Aug 6 07:18:26 UTC 2017 - tchvatal@suse.com - -- Bump to 62.0.3175.4 - -------------------------------------------------------------------- -Sun Aug 6 07:12:01 UTC 2017 - tchvatal@suse.com - -- Bump to 61.0.3163.31 -- Remove condition for gtk3, hard on from now on -- Bump version requirement on nodejs - -------------------------------------------------------------------- -Thu Jul 27 19:42:42 UTC 2017 - tchvatal@suse.com - -- Bump to 61.0.3163.13 -- Rebase fix-gn-bootstrap.diff - -------------------------------------------------------------------- -Thu Jul 20 12:33:20 UTC 2017 - tchvatal@suse.com - -- Refresh patches: - * fix-gn-bootstrap.diff + * chromium-46.0.2490.71-fix-missing-i18n_process_css_test.patch + * chromium-atk.patch + * chromium-mojo-dep.patch * gcc60-fixes.diff +- Refresh patches: + * chromium-gcc5.patch + * chromium-prop-codecs.patch + * exclude_ymp.diff + * fix-gn-bootstrap.diff ------------------------------------------------------------------- -Wed Jul 19 15:14:56 UTC 2017 - tchvatal@suse.com +Fri Sep 22 14:50:40 UTC 2017 - astieger@suse.com -- Bump to 61.0.3159.5 -- Use system libcxx -- Refresh patch fix-gn-bootstrap.diff +- Update to 61.0.3163.100 (boo#1060019): + * CVE-2017-5121: Out-of-bounds access in V8 + * CVE-2017-5122: Out-of-bounds access in V8 + * Various fixes from internal audits, fuzzing and other initiatives ------------------------------------------------------------------- -Mon Jul 17 07:53:34 UTC 2017 - tchvatal@suse.com +Sat Sep 16 15:50:19 UTC 2017 - tchvatal@suse.com -- Recommend emoji fonts for various communicators to not display +- Update to 61.0.3163.91: + * Various bugfixes + +------------------------------------------------------------------- +Mon Sep 11 08:45:35 UTC 2017 - tchvatal@suse.com + +- Update to 61.0.3163.79 bsc#1057364: + * CVE-2017-5111: Use after free in PDFium. + * CVE-2017-5112: Heap buffer overflow in WebGL. + * CVE-2017-5113: Heap buffer overflow in Skia. + * CVE-2017-5114: Memory lifecycle issue in PDFium. + * CVE-2017-5115: Type confusion in V8. + * CVE-2017-5116: Type confusion in V8. + * CVE-2017-5117: Use of uninitialized value in Skia. + * CVE-2017-5118: Bypass of Content Security Policy in Blink. + * CVE-2017-5119: Use of uninitialized value in Skia. + * CVE-2017-5120: Potential HTTPS downgrade during redirect navigation. +- Rebase patch: + * fix-gn-bootstrap.diff +- Remove patches: + * chromium-gcc7.patch + * chromium-override.patch +- Add new patches: + * chromium-atk.patch + * chromium-gcc5.patch + * chromium-mojo-dep.patch +- Gtk3 is hard required from now on +- Version some of the required dependencies + +------------------------------------------------------------------- +Mon Aug 28 22:57:05 UTC 2017 - astieger@suse.com + +- fix build with Factory glibc: + add chromium-60.0.3112.113-breakpad-ucontext.patch + +------------------------------------------------------------------- +Fri Aug 25 09:17:27 UTC 2017 - tchvatal@suse.com + +- Version update to 60.0.3112.113: + * Various bugfixes + +------------------------------------------------------------------- +Tue Aug 15 15:17:00 UTC 2017 - tchvatal@suse.com + +- Version update to 60.0.3112.101: + * various usability bugfixes + +------------------------------------------------------------------- +Thu Aug 3 13:25:33 UTC 2017 - tchvatal@suse.com + +- Version update to 60.0.3112.90: + * Various usability bugfixes + +------------------------------------------------------------------- +Wed Jul 26 13:27:55 UTC 2017 - tchvatal@suse.com + +- Version update to 60.0.3112.78 bsc#1050537: + * CVE-2017-5091: Use after free in IndexedDB + * CVE-2017-5092: Use after free in PPAPI + * CVE-2017-5093: UI spoofing in Blink + * CVE-2017-5094: Type confusion in extensions + * CVE-2017-5095: Out-of-bounds write in PDFium + * CVE-2017-5096: User information leak via Android intents + * CVE-2017-5097: Out-of-bounds read in Skia + * CVE-2017-5098: Use after free in V8 + * CVE-2017-5099: Out-of-bounds write in PPAPI + * CVE-2017-5100: Use after free in Chrome Apps + * CVE-2017-5101: URL spoofing in OmniBox + * CVE-2017-5102: Uninitialized use in Skia + * CVE-2017-5103: Uninitialized use in Skia + * CVE-2017-5104: UI spoofing in browser + * CVE-2017-7000: Pointer disclosure in SQLite + * CVE-2017-5105: URL spoofing in OmniBox + * CVE-2017-5106: URL spoofing in OmniBox + * CVE-2017-5107: User information leak via SVG + * CVE-2017-5108: Type confusion in PDFium + * CVE-2017-5109: UI spoofing in browser + * CVE-2017-5110: UI spoofing in payments dialog + * Various fixes from internal audits, fuzzing and other initiatives +- Add patch chromium-override.patch +- Remove patches chromium-fpermissive.patch chromium-system-ffmpeg-r3.patch +- Rebase patches: + * chromium-dma-buf.patch + * chromium-gcc7.patch + * chromium-last-commit-position-r0.patch + * fix-gn-bootstrap.diff + +------------------------------------------------------------------- +Mon Jul 24 09:01:07 UTC 2017 - tchvatal@suse.com + +- Recommend emoji fonts to make sure major web chats do not show questionmarks -------------------------------------------------------------------- -Thu Jul 13 07:52:52 UTC 2017 - tchvatal@suse.com +------------------------------------------------------------------ +Wed Jun 28 19:27:55 UTC 2017 - tchvatal@suse.com -- Bump to 61.0.3153.4 -- Refresh patch fix-gn-bootstrap.diff +- Update to 59.0.3071.115: + * Various small fixes all around ------------------------------------------------------------------- -Thu Jun 29 07:07:53 UTC 2017 - tchvatal@suse.com +Fri Jun 23 07:46:48 UTC 2017 - astieger@suse.com -- Remove already applied patch chromium-gcc7.patch +- Update to 59.0.3071.109: + * ozone/drm: Only reuse ScanoutBuffers with compatible modifiers + * Fixing mouse focus on WebView + * Remove gtk dependency from gles tests + * Set build flag when using own FreeType + * Revert of [scheduler] Move some task types to suspendable task runner + * Fix an incorrect method name on the chrome://site-engagement WebUI page + * Linux/Windows: Removing Guest menu item for supervised profile ------------------------------------------------------------------- -Tue Jun 27 17:59:45 UTC 2017 - tchvatal@suse.com +Fri Jun 16 12:12:56 UTC 2017 - astieger@suse.com -- require nss >= 3.26 -- Update to 61.0.3141.7 -- Refresh fix-gn-bootstrap.diff - -------------------------------------------------------------------- -Thu Jun 22 08:46:57 UTC 2017 - tchvatal@suse.com - -- Drop merged patch chromium-system-icu.patch -- Refresh patch fix-gn-bootstrap.diff - -------------------------------------------------------------------- -Wed Jun 21 17:06:27 UTC 2017 - tchvatal@suse.com - -- Version update to 61.0.3135.4 - -------------------------------------------------------------------- -Thu Jun 15 08:26:29 UTC 2017 - tchvatal@suse.com - -- Update to 61.0.3128.3 -- Add patch chromium-system-icu.patch - -------------------------------------------------------------------- -Sat Jun 10 14:05:13 UTC 2017 - tchvatal@suse.com - -- Update to 61.0.3124.4 -- Refresh patch fix-gn-bootstrap.diff -- Drop patch chromium-override.patch merged upstream - -------------------------------------------------------------------- -Fri Jun 9 12:11:47 UTC 2017 - tchvatal@suse.com - -- Bump to 60.0.3112.24 +- Update to 59.0.3071.104 (bsc#1044690): + * CVE-2017-5087: Sandbox Escape in IndexedDB + * CVE-2017-5088: Out of bounds read in V8 + * CVE-2017-5089: Domain spoofing in Omnibox + * Various fixes from internal audits, fuzzing and other initiatives ------------------------------------------------------------------- Thu Jun 8 14:56:42 UTC 2017 - tchvatal@suse.com @@ -403,104 +496,56 @@ Thu Jun 8 14:56:42 UTC 2017 - tchvatal@suse.com - Add patch chromium-buildname.patch bsc#1043420 ------------------------------------------------------------------- -Wed Jun 7 09:10:40 UTC 2017 - tchvatal@suse.com +Tue Jun 6 07:53:53 UTC 2017 - tchvatal@suse.com -- Update to 60.0.3112.20 - -------------------------------------------------------------------- -Tue Jun 6 10:56:24 UTC 2017 - tchvatal@suse.com - -- Drop patch chromium-system-icu.patch - * Use bundled icu as system is unbuildable at the moment - -------------------------------------------------------------------- -Mon Jun 5 12:23:26 UTC 2017 - tchvatal@suse.com - -- Bump to 60.0.3112.7 -- Add patch for gcc7 chromium-gcc7.patch -- Add patch to build with gcc chromium-override.patch -- Add patch to build with system icu 59 chromium-system-icu.patch - -------------------------------------------------------------------- -Wed May 31 14:23:42 UTC 2017 - tchvatal@suse.com - -- Update to upstream 60.0.3112.7 - * Refresh patch fix-gn-bootstrap.diff -- Remove upstream merged chromium-system-harfbuzz.patch - -------------------------------------------------------------------- -Wed May 24 12:22:27 UTC 2017 - tchvatal@suse.com - -- Update 60.0.3107.4 -- Refresh patch chromium-last-commit-position-r0.patch -- Remove upstreamed chromium-system-ffmpeg-r3.patch -- Remove upstreamed chromium-system-opus.patch -- Remove upstreamed chromium-system-libpng.patch -- Remove upstreamed chromium-system-libwebp.patch -- Update fix-gn-bootstrap.diff -- Add patch chromium-system-harfbuzz.patch - -------------------------------------------------------------------- -Thu May 18 10:31:53 UTC 2017 - tchvatal@suse.com - -- Version update to 60.0.3100.0 -- Add patches: - * chromium-system-libpng.patch - * chromium-system-libwebp.patch - -------------------------------------------------------------------- -Wed May 17 09:22:27 UTC 2017 - tchvatal@suse.com - -- Export gcc standard version to fix build on older releases - * Needed for vulcan - -------------------------------------------------------------------- -Fri May 12 11:25:49 UTC 2017 - tchvatal@suse.com - -- Update to 60.0.3095.5 -- Update patch: - * fix-gn-bootstrap.diff - -------------------------------------------------------------------- -Sat May 6 08:50:17 UTC 2017 - tchvatal@suse.com - -- Switch to system opus and yasm - -------------------------------------------------------------------- -Fri May 5 12:11:38 UTC 2017 - tchvatal@suse.com - -- Update to 60.0.3088.3 -- Update patch: - * fix-gn-bootstrap.diff - * chromium-dma-buf.patch - -------------------------------------------------------------------- -Thu May 4 12:52:01 UTC 2017 - tchvatal@suse.com - -- Version update to 60.0.3080.5 -- Refresh patch: +- Update to 59.0.3071.86 bsc#1042833: + * CVE-2017-5070: Type confusion in V8. Reported by Zhao Qixun(@S0rryMybad) of Qihoo 360 Vulcan Team on 2017-05-16 + * CVE-2017-5071: Out of bounds read in V8. Reported by Choongwoo Han on 2017-04-26 + * CVE-2017-5072: Address spoofing in Omnibox. Reported by Rayyan Bijoora on 2017-04-07 + * CVE-2017-5073: Use after free in print preview. Reported by Khalil Zhani on 2017-04-28 + * CVE-2017-5074: Use after free in Apps Bluetooth. Reported by anonymous on 2017-03-09 + * CVE-2017-5075: Information leak in CSP reporting. Reported by Emmanuel Gil Peyrot on 2017-01-05 + * CVE-2017-5086: Address spoofing in Omnibox. Reported by Rayyan Bijoora on 2017-05-16 + * CVE-2017-5076: Address spoofing in Omnibox. Reported by Samuel Erb on 2017-05-06 + * CVE-2017-5077: Heap buffer overflow in Skia. Reported by Sweetchip on 2017-04-28 + * CVE-2017-5078: Possible command injection in mailto handling. Reported by Jose Carlos Exposito Bueno on 2017-04-12 + * CVE-2017-5079: UI spoofing in Blink. Reported by Khalil Zhani on 2017-04-20 + * CVE-2017-5080: Use after free in credit card autofill. Reported by Khalil Zhani on 2017-04-05 + * CVE-2017-5081: Extension verification bypass. Reported by Andrey Kovalev (@L1kvID) Yandex Security Team on 2016-12-07 + * CVE-2017-5082: Insufficient hardening in credit card editor. Reported by Nightwatch Cybersecurity Research on 2017-05-11 + * CVE-2017-5083: UI spoofing in Blink. Reported by Khalil Zhani on 2017-04-24 + * CVE-2017-5085: Inappropriate javascript execution on WebUI pages. Reported by Zhiyang Zeng of Tencent security platform department on 2017-02-15 +- Add patch to fix build with system dma: * chromium-dma-buf.patch +- Drop no longer needed patches: + * chromium-linker-memory.patch + * chromium-system-jinja-r13.patch +- Refresh patches: + * chromium-gcc7.patch + * chromium-system-ffmpeg-r3.patch * fix-gn-bootstrap.diff +- Use bundled libxml + * Upstream unfortunately uses git snapshot that is not api/abi compatible ------------------------------------------------------------------- -Fri Apr 28 18:40:01 UTC 2017 - tchvatal@suse.com +Mon Jun 5 12:55:22 UTC 2017 - tchvatal@suse.com -- Use bundled libxml (they have git snapshot :/) +- Add patch to build with gcc7: + * chromium-gcc7.patch +- Add patch for fpermissive build error: + * chromium-fpermissive.patch ------------------------------------------------------------------- -Fri Apr 28 18:21:44 UTC 2017 - tchvatal@suse.com +Wed May 10 07:43:46 UTC 2017 - tchvatal@suse.com -- Add more bundled folders +- Version update to 58.0.3029.110: + * Various small bugfixes ------------------------------------------------------------------- -Fri Apr 28 06:03:50 UTC 2017 - tchvatal@suse.com +Thu May 4 12:40:32 UTC 2017 - tchvatal@suse.com -- Also drop patch chromium-system-jinja-r13.patch - -------------------------------------------------------------------- -Fri Apr 28 05:55:11 UTC 2017 - tchvatal@suse.com - -- Bump to 59.0.3071.29 +- Version update to 58.0.3029.96: + * Fixes bsc#1037594 CVE-2017-5068 ------------------------------------------------------------------- Tue Apr 25 13:24:42 UTC 2017 - tchvatal@suse.com @@ -509,56 +554,34 @@ Tue Apr 25 13:24:42 UTC 2017 - tchvatal@suse.com * It is at least used only during build ------------------------------------------------------------------- -Fri Apr 21 19:16:32 UTC 2017 - tchvatal@suse.com +Fri Apr 21 09:57:49 UTC 2017 - tchvatal@suse.com -- Refresh patch chromium-system-ffmpeg-r3.patch -- Delete patch chromium-system-libjpeg.patch - -------------------------------------------------------------------- -Fri Apr 21 18:58:53 UTC 2017 - tchvatal@suse.com - -- Update to 59.0.3071.15 - -------------------------------------------------------------------- -Fri Apr 21 09:01:47 UTC 2017 - tchvatal@suse.com - -- Drop exif dep, unused -- Pass no-clean option to bootstrap.py for debugging purposes - -------------------------------------------------------------------- -Wed Apr 19 13:21:37 UTC 2017 - tchvatal@suse.com - -- Version update to 59.0.3071.9 - -------------------------------------------------------------------- -Thu Apr 13 08:22:25 UTC 2017 - tchvatal@suse.com - -- Update to 59.0.3067.0 -- Sort out the harfbuzz bundling conditional to be together with minizip - -------------------------------------------------------------------- -Wed Apr 12 11:20:22 UTC 2017 - tchvatal@suse.com - -- Bump harfbuzz and icu requirements - -------------------------------------------------------------------- -Tue Apr 11 11:52:32 UTC 2017 - tchvatal@suse.com - -- Add patch chromium-dma-buf.patch -- Add patch chromium-system-libjpeg.patch - -------------------------------------------------------------------- -Fri Apr 7 08:49:05 UTC 2017 - tchvatal@suse.com - -- Version update to 59.0.3063.4 +- Version update to 58.0.3029.81 bsc#1035103: + * High CVE-2017-5057: Type confusion in PDFium. Credit to Guang Gong of Alpha Team, Qihoo 360 + * High CVE-2017-5058: Heap use after free in Print Preview. Credit to Khalil Zhani + * High CVE-2017-5059: Type confusion in Blink. Credit to SkyLined working with Trend Micro's Zero Day Initiative + * Medium CVE-2017-5060: URL spoofing in Omnibox. Credit to Xudong Zheng + * Medium CVE-2017-5061: URL spoofing in Omnibox. Credit to Haosheng Wang (@gnehsoah) + * Medium CVE-2017-5062: Use after free in Chrome Apps. Credit to anonymous + * Medium CVE-2017-5063: Heap overflow in Skia. Credit to Sweetchip + * Medium CVE-2017-5064: Use after free in Blink. Credit to Wadih Matar + * Medium CVE-2017-5065: Incorrect UI in Blink. Credit to Khalil Zhani + * Medium CVE-2017-5066: Incorrect signature handing in Networking. Credit to chenchu + * Medium CVE-2017-5067: URL spoofing in Omnibox. Credit to Khalil Zhani + * Low CVE-2017-5069: Cross-origin bypass in Blink. Credit to Michael Reizelman - Refresh patch fix-gn-bootstrap.diff -- Refresh patch chromium-system-ffmpeg-r3.patch +- Refresh patch chromium-system-jinja-r13.patch +- Remove obsolete patch chromium-57-gcc4.patch ------------------------------------------------------------------- -Thu Mar 30 13:02:21 UTC 2017 - tchvatal@suse.com +Thu Mar 30 13:07:50 UTC 2017 - tchvatal@suse.com -- Update to 59.0.3053.3 -- Refresh patch fix-gn-bootstrap.diff +- Version update to 57.0.2987.133 bsc#1031677: + * Critical CVE-2017-5055: Use after free in printing. Credit to Wadih Matar + * High CVE-2017-5054: Heap buffer overflow in V8. Credit to Nicolas Trippar of Zimperium zLabs + * High CVE-2017-5052: Bad cast in Blink. Credit to JeongHoon Shin + * High CVE-2017-5056: Use after free in Blink. Credit to anonymous + * High CVE-2017-5053: Out of bounds memory access in V8. Credit to Team Sniper (Keen Lab and PC Mgr) reported through ZDI (ZDI-CAN-4587) ------------------------------------------------------------------- Fri Mar 24 15:22:38 UTC 2017 - tchvatal@suse.com @@ -566,238 +589,167 @@ Fri Mar 24 15:22:38 UTC 2017 - tchvatal@suse.com - Drop the browser(npapi) provide which is not true ------------------------------------------------------------------- -Wed Mar 22 10:57:21 UTC 2017 - tchvatal@suse.com +Sun Mar 19 11:04:47 UTC 2017 - tchvatal@suse.com -- Drop patch chromium-linker-memory.patch as with i586 dropped it - should not be required -- Update patch fix-gn-bootstrap.diff +- Add patch to build with gcc4 + * chromium-57-gcc4.patch ------------------------------------------------------------------- -Wed Mar 22 10:56:09 UTC 2017 - tchvatal@suse.com +Thu Mar 16 20:45:00 UTC 2017 - tchvatal@suse.com -- Version update to chromium-59.0.3047.0 +- Do not use gcc5 and newer as the compat was fixed again +- Update to 57.0.2987.110 with various other small tweaks ------------------------------------------------------------------- -Tue Mar 21 12:41:00 UTC 2017 - tchvatal@suse.com +Fri Mar 10 10:55:23 UTC 2017 - tchvatal@suse.com -- Few tweaks around clang switch to be viable +- Version update to 57.0.2987.98 bsc#1028848: + CVE-2017-5030 CVE-2017-5031 CVE-2017-5032 CVE-2017-5029 CVE-2017-5034 + CVE-2017-5035 CVE-2017-5036 CVE-2017-5037 CVE-2017-5039 CVE-2017-5040 + CVE-2017-5041 CVE-2017-5033 CVE-2017-5042 CVE-2017-5038 CVE-2017-5043 + CVE-2017-5044 CVE-2017-5045 CVE-2017-5046 +- Refresh patches + * fix-gn-bootstrap.diff + * chromium-linker-memory.patch +- Remove obsolete patches: + * chromium-sandbox.patch + * chromium-54-ffmpeg2compat.patch +- Remove vaapi patch which broke rendering on non-intel cards: + * chromium-enable-vaapi-on-suse.patch +- From this release onwards i586 build is disabled ------------------------------------------------------------------- -Sat Mar 18 19:13:16 UTC 2017 - tchvatal@suse.com - -- Update to 59.0.3043.0 -- Refresh patch fix-gn-bootstrap.diff - -------------------------------------------------------------------- -Wed Mar 15 10:14:35 UTC 2017 - tchvatal@suse.com - -- Update to 58.0.3029.19 - -------------------------------------------------------------------- -Wed Mar 15 09:34:48 UTC 2017 - tchvatal@suse.com - -- Reduce the requirement on gcc to be 4.8 only again - -------------------------------------------------------------------- -Mon Mar 13 12:20:56 UTC 2017 - tchvatal@suse.com - -- Version update to 58.0.3029.14 - -------------------------------------------------------------------- -Mon Mar 13 11:41:34 UTC 2017 - tchvatal@suse.com - -- Disable system vpx for now, needs symbols that will be in 1.6.2 - -------------------------------------------------------------------- -Fri Mar 10 13:03:15 UTC 2017 - tchvatal@suse.com - -- Update fix-gn-bootstrap.diff to build again - -------------------------------------------------------------------- -Wed Mar 8 11:26:35 UTC 2017 - tchvatal@suse.com - -- Version update to 58.0.3029.6 - -------------------------------------------------------------------- -Thu Mar 2 15:19:25 UTC 2017 - tchvatal@suse.com - -- Update to 58.0.3026.3 -- Empty fix-gn-bootstrap.diff again as it was merged upstream - -------------------------------------------------------------------- -Mon Feb 27 11:22:10 UTC 2017 - tchvatal@suse.com - -- Drop patch chromium-enable-vaapi-on-suse.patch as it breaks on - radeon and nvidia cards - -------------------------------------------------------------------- -Fri Feb 24 07:58:48 UTC 2017 - tchvatal@suse.com - -- Update to 58.0.3018.3 -- Update patch fix-gn-bootstrap.diff to match what is needed now -- Refresh patch chromium-system-jinja-r13.patch - -------------------------------------------------------------------- -Fri Feb 17 12:14:06 UTC 2017 - tchvatal@suse.com - -- Version update to 58.0.3013.3 - -------------------------------------------------------------------- -Wed Feb 15 12:15:52 UTC 2017 - idonmez@suse.com +Wed Feb 15 12:02:32 UTC 2017 - idonmez@suse.com - Also add harfbuzz-ng to keeplibs for SLE -------------------------------------------------------------------- -Wed Feb 8 12:39:54 UTC 2017 - tchvatal@suse.com - -- Update to 58.0.3004.3 - -------------------------------------------------------------------- -Wed Feb 8 12:32:46 UTC 2017 - tchvatal@suse.com - -- Try to properly set up nodejs for build - -------------------------------------------------------------------- -Mon Feb 6 20:39:24 UTC 2017 - tchvatal@suse.com - -- Version update to 58.3000.4 next dev channel -- Drop patch chromium-54-ffmpeg2compat.patch as we require ffmpeg3 now - ------------------------------------------------------------------- Mon Feb 6 20:29:52 UTC 2017 - tchvatal@suse.com - Add condition for system harfbuzz to be disabled on SLE ------------------------------------------------------------------- -Mon Feb 6 12:16:45 UTC 2017 - qvoheagbfovvhubzdxfx@posteo.net +Mon Feb 6 12:21:34 UTC 2017 - qvoheagbfovvhubzdxfx@posteo.net + +- Fixed a typo in the build requirements for system minizip. + +------------------------------------------------------------------- +Fri Feb 3 12:23:34 UTC 2017 - tchvatal@suse.com + +- Version update to 56.0.2924.87: + * Various small fixes + * Disabled option to enable/disable plugins in the chrome://plugins + +------------------------------------------------------------------- +Thu Feb 2 20:01:27 UTC 2017 - qvoheagbfovvhubzdxfx@posteo.net + +- Added the package 'chromium-privacy' with multiple patches + sourced from the release version on https://github.com/ + u4qo60z73t1c4hurv3ny/privacy_patches-oS_cr, which, when enabled + with the build option 'privacy', builds a version of Chromium + with less privacy implications due to Google services + integration. + +------------------------------------------------------------------- +Wed Feb 1 09:48:35 UTC 2017 - qvoheagbfovvhubzdxfx@posteo.net - Changed the build requirement of libavformat to library version 57.41.100, as included in ffmpeg 3.1.1, as only this version properly supports the public AVStream API 'codecpar'. + +------------------------------------------------------------------- +Tue Jan 31 14:08:26 UTC 2017 - tchvatal@suse.com + +- Version update to 56.0.2924.76 bsc#1022049: + - CVE-2017-5007: Universal XSS in Blink + - CVE-2017-5006: Universal XSS in Blink + - CVE-2017-5008: Universal XSS in Blink + - CVE-2017-5010: Universal XSS in Blink + - CVE-2017-5011: Unauthorised file access in Devtools + - CVE-2017-5009: Out of bounds memory access in WebRTC + - CVE-2017-5012: Heap overflow in V8 + - CVE-2017-5013: Address spoofing in Omnibox + - CVE-2017-5014: Heap overflow in Skia + - CVE-2017-5015: Address spoofing in Omnibox + - CVE-2017-5019: Use after free in Renderer + - CVE-2017-5016: UI spoofing in Blink + - CVE-2017-5017: Uninitialised memory access in webm video + - CVE-2017-5018: Universal XSS in chrome://apps + - CVE-2017-5020: Universal XSS in chrome://downloads + - CVE-2017-5021: Use after free in Extensions + - CVE-2017-5022: Bypass of Content Security Policy in Blink + - CVE-2017-5023: Type confusion in metrics + - CVE-2017-5024: Heap overflow in FFmpeg + - CVE-2017-5025: Heap overflow in FFmpeg + - CVE-2017-5026: UI spoofing. Credit to Ronni Skansing +- Add conditional to switch between system and bundled icu +- Raise dependency on harfbuzz to 1.3.1 +- Also refresh patches: + chromium-prop-codecs.patch chromium-linker-memory.patch + +------------------------------------------------------------------- +Sat Jan 28 11:31:18 UTC 2017 - qvoheagbfovvhubzdxfx@posteo.net + - Added patch chromium-enable-vaapi-on-suse.patch to enable VAAPI hardware accelerated video decoding. - * chromium-enable-vaapi-on-suse.patch -- Fixed a typo in the build requirements for system minizip. ------------------------------------------------------------------- -Fri Feb 3 10:38:16 UTC 2017 - tchvatal@suse.com +Wed Dec 21 20:19:42 UTC 2016 - astieger@suse.com -- Update to 57.0.2987.21 +- Chromium 55.0.2883.87: + * various fixes for crashes and specific wesites + * update Google pinned certificates ------------------------------------------------------------------- -Wed Feb 1 12:44:58 UTC 2017 - tchvatal@suse.com +Wed Dec 21 10:02:52 UTC 2016 - tchvatal@suse.com -- Update to 57.0.2987.19 +- Disable system icu on Factory, crashes autofill ------------------------------------------------------------------- -Sun Jan 29 17:58:34 UTC 2017 - tchvatal@suse.com - -- Version update to 57.0.2987.13 - -------------------------------------------------------------------- -Wed Jan 25 13:47:13 UTC 2017 - tchvatal@suse.com - -- Update to 57.0.2987.8 - -------------------------------------------------------------------- -Tue Jan 24 10:43:32 UTC 2017 - tchvatal@suse.com - -- Update to 57.0.2986.0 - -------------------------------------------------------------------- -Thu Jan 19 10:40:36 UTC 2017 - tchvatal@suse.com - -- Version update to 57.0.2984.0 - -------------------------------------------------------------------- -Fri Jan 13 09:13:44 UTC 2017 - tchvatal@suse.com - -- Drop the support code for builtin ffmpeg and rely on the system one always - -------------------------------------------------------------------- -Fri Jan 6 11:53:25 UTC 2017 - tchvatal@suse.com - -- Exclude i586 arch as the resources to build are not there - -------------------------------------------------------------------- -Wed Jan 4 12:36:34 UTC 2017 - tchvatal@suse.com - -- Add toolchain definition hopefully allowing us to build on Leap - with older gcc - * This also exposes more of our suse CFLAGS to the compilation - -------------------------------------------------------------------- -Wed Jan 4 12:07:26 UTC 2017 - tchvatal@suse.com - -- Version update to 57.0.2970.0 -- Refresh patch: - * fix-gn-bootstrap.diff -- Drop patch: - * chromium-sandbox.patch - -------------------------------------------------------------------- -Tue Dec 20 14:55:38 UTC 2016 - tchvatal@suse.com - -- Use gcc5 on leap - -------------------------------------------------------------------- -Mon Dec 19 10:30:45 UTC 2016 - tchvatal@suse.com - -- Update to 57.0.2946.4 - -------------------------------------------------------------------- -Wed Dec 14 10:45:26 UTC 2016 - tchvatal@suse.com - -- Allow building with non-system icu on older systems -- Refresh patch fix-gn-bootstrap.diff -- Disable system icu again, fails to build even on factory - -------------------------------------------------------------------- -Tue Dec 13 14:42:30 UTC 2016 - idonmez@suse.com +Tue Dec 13 14:38:08 UTC 2016 - idonmez@suse.com - python-html5lib now depends on six, so preserve that too for SLE builds. ------------------------------------------------------------------- -Sun Dec 11 13:12:44 UTC 2016 - tchvatal@suse.com +Fri Dec 9 12:07:10 UTC 2016 - astieger@suse.com -- Version update to 57.0.2946.0 +- Obsolete ffmpeg and ffmpegsumo package in addition to conflict ------------------------------------------------------------------- -Sun Dec 11 13:04:36 UTC 2016 - tchvatal@suse.com +Mon Dec 5 17:08:45 UTC 2016 - astieger@suse.com -- Version update to 56.0.2924.21 +- record minimum version for harfbuzz, incuding runtime + Chromium will crash with harfbuzz < 1.3.0 ------------------------------------------------------------------- -Thu Dec 8 08:33:17 UTC 2016 - tchvatal@suse.com +Sat Dec 3 09:59:21 UTC 2016 - tchvatal@suse.com -- Version update to 56.0.2924.18 +- Chromium 55.0.2883.75 bnc#1013236: + CVE-2016-9651 CVE-2016-5208 CVE-2016-5207 CVE-2016-5206 CVE-2016-5205 + CVE-2016-5204 CVE-2016-5209 CVE-2016-5203 CVE-2016-5210 CVE-2016-5212 + CVE-2016-5211 CVE-2016-5213 CVE-2016-5214 CVE-2016-5216 CVE-2016-5215 + CVE-2016-5217 CVE-2016-5218 CVE-2016-5219 CVE-2016-5221 CVE-2016-5220 + CVE-2016-5222 CVE-2016-9650 CVE-2016-5223 CVE-2016-5226 CVE-2016-5225 + CVE-2016-5224 CVE-2016-9652 +- Switch to system libraries: harfbuzz, zlib, ffmpeg, ... +- Refreshed patches: + * chromium-system-ffmpeg-r3.patch + * chromium-system-jinja-r13.patch +- Use system ffmpeg unless on 13.2 that didn't include it + * chromium-54-ffmpeg2compat.patch + * Remove upstreamed chromium-more-codec-aliases.patch +- Remove bookmarks override as discussed with artwork simply just set + homepage to our openSUSE one and that is all ------------------------------------------------------------------- -Sat Dec 3 12:03:04 UTC 2016 - tchvatal@suse.com +Sat Nov 12 08:20:05 UTC 2016 - astieger@suse.com -- Version update to 56.0.2924.14 - -------------------------------------------------------------------- -Tue Nov 29 21:13:49 UTC 2016 - tchvatal@suse.com - -- Version update to 56.0.2924.10 - -------------------------------------------------------------------- -Tue Nov 22 07:40:21 UTC 2016 - tchvatal@suse.com - -- Version update to 56.0.2922.1 - -------------------------------------------------------------------- -Fri Nov 18 08:35:30 UTC 2016 - tchvatal@suse.com - -- Version update to 56.0.2920.0 - -------------------------------------------------------------------- -Mon Nov 14 13:13:16 UTC 2016 - tchvatal@suse.com - -- Version update to 56.0.2914.3: - * refresh patch chromium-prop-codecs.patch +- Chromium 54.0.2840.100: + * CVE-2016-5199: Heap corruption in FFmpeg (boo#1009892) + * CVE-2016-5200: out of bounds memory access in v8 (boo#1009893) + * CVE-2016-5201: info leak in extensions (boo#1009894) + * CVE-2016-5202: various fixes from internal audits (boo#1009895) ------------------------------------------------------------------- Mon Nov 7 20:02:46 UTC 2016 - tchvatal@suse.com @@ -807,96 +759,63 @@ Mon Nov 7 20:02:46 UTC 2016 - tchvatal@suse.com bnc#1008725 ------------------------------------------------------------------- -Sun Nov 6 09:41:28 UTC 2016 - tchvatal@suse.com +Wed Nov 2 07:32:27 UTC 2016 - tchvatal@suse.com -- Put chromium-flags at the end to allow user to override various - variables +- Update to 54.0.2840.90: + * Few fixes and tweaks + * Fixes CVE-2016-5198 bsc#1008274 ------------------------------------------------------------------- -Wed Nov 2 07:36:15 UTC 2016 - tchvatal@suse.com +Fri Oct 21 10:27:16 UTC 2016 - tchvatal@suse.com -- Update to 56.0.2906.0 +- Update to 54.0.2840.71: + * Few fixes around ------------------------------------------------------------------- -Fri Oct 28 16:59:28 UTC 2016 - tchvatal@suse.com +Thu Oct 13 10:19:03 UTC 2016 - tchvatal@suse.com -- Update to 56.0.2902.0 - * Update fix-gn-bootstrap.diff +- Version update to 54.0.2840.59 bnc#1004465: + - CVE-2016-5181: Universal XSS in Blink (Anonymous) + - CVE-2016-5182: Heap overflow in Blink (Giwan Go of STEALIEN) + - CVE-2016-5183: Use after free in PDFium (Anonymous) + - CVE-2016-5184: Use after free in PDFium (Anonymous) + - CVE-2016-5185: Use after free in Blink (cloudfuzzer) + - CVE-2016-5187: URL spoofing (Luan Herrera) + - CVE-2016-5188: UI spoofing (Luan Herrera) + - CVE-2016-5192: Cross-origin bypass in Blink (haojunhou at gmail) + - CVE-2016-5189: URL spoofing (xisigr of Tencent's Xuanwu Lab) + - CVE-2016-5186: Out of bounds read in DevTools (Abdulrahman Alqabandi) + - CVE-2016-5191: Universal XSS in Bookmarks (Gareth Hughes) + - CVE-2016-5190: Use after free in Internals (Atte Kettunen of OUSPG) + - CVE-2016-5193: Scheme bypass (Yuyang ZHOUmartinzhou96) +- packaging changes: + * disable build for chromium-beta on %arm. + * Make linker use less memory by tweaking its options: + chromium-linker-memory.patch + * obsolete desktop subpackages + * Switch to gold to reduce memory use use during build + * fix build on 4.5+ kernels with systemlibs: + chromium-sandbox.patch + * various compiler and linker flag adjustments + * enable gtk3 ui, add patch gtk3-missing-define.patch + * switch from some bundled libraries to the system versions + chromium-system-ffmpeg-r3.patch + chromium-system-jinja-r13.patch + fix-gn-bootstrap.diff + * remove service file covered by download_files +- run time bug fixes: + * Add --ui-disable-partial-swap to the launcher bnc#1000019 + * Use default chromium values from master_preferences on first run + rather than pseudo-duplicating in shellscript +- added features: + * hangouts extension ------------------------------------------------------------------- -Mon Oct 24 13:06:07 UTC 2016 - tchvatal@suse.com +Fri Sep 30 08:00:45 UTC 2016 - tchvatal@suse.com -- Update to 56.0.2897.0 - * Refresh patch chromium-linker-memory.patch - * Update fix-gn-bootstrap.diff - -------------------------------------------------------------------- -Mon Oct 24 11:44:08 UTC 2016 - tchvatal@suse.com - -- Try to make package buildable on SLE12 Backports project - -------------------------------------------------------------------- -Fri Oct 21 10:34:39 UTC 2016 - tchvatal@suse.com - -- Update to 55.0.2883.21 -- Add switch between bundled and system icu as on old distributions - we simply have too old ICU -- Add switch for bundled/system minizip as it is not available on 42.1 - -------------------------------------------------------------------- -Thu Oct 20 07:52:26 UTC 2016 - tchvatal@suse.com - -- Version update to 55.0.2883.18 - -------------------------------------------------------------------- -Mon Oct 17 12:06:03 UTC 2016 - tchvatal@suse.com - -- Version update to 55.0.2883.11 -- Drop chromium-system-zlib.patch -- Add Requires on specified browser for chromedriver wrt bnc#1004839 - -------------------------------------------------------------------- -Sun Oct 9 18:16:49 UTC 2016 - tchvatal@suse.com - -- Version update to 55.0.2882.0: - * Rebase fix-gn-bootstrap.diff - * Remove upstreamed chromium-more-codec-aliases.patch - -------------------------------------------------------------------- -Sat Oct 8 09:51:35 UTC 2016 - mailaender@opensuse.org - -- Add appdata.xml for https://en.opensuse.org/openSUSE:AppStore - -------------------------------------------------------------------- -Fri Sep 30 07:12:16 UTC 2016 - dmueller@suse.com - -- disable build for chromium-beta on %arm. while it does build, - it takes two days, in which we can build roughly 600 other packages, - and I rather build 600 other packages than chromium-beta. - -------------------------------------------------------------------- -Wed Sep 28 17:32:17 UTC 2016 - tchvatal@suse.com - -- Version update to 55.0.2873.0: - * refresh fix-gn-bootstrap.diff - -------------------------------------------------------------------- -Tue Sep 27 08:08:38 UTC 2016 - tchvatal@suse.com - -- Do not install default_bookmarks.html file, just set homepage - and that's it -- Drop chromium-rpmlintrc not really needed - -------------------------------------------------------------------- -Mon Sep 26 14:07:58 UTC 2016 - tchvatal@suse.com - -- Drop chrome-wrapper file it is unused - -------------------------------------------------------------------- -Mon Sep 26 12:29:52 UTC 2016 - tchvatal@suse.com - -- Add --ui-disable-partial-swap to the launcher bnc#1000019 - cr#628168 +- Version update to 53.0.2785.143 bnc#1002140: + * CVE-2016-5177: Use after free in V8 + * CVE-2016-5178: Various fixes from internal audits ------------------------------------------------------------------- Mon Sep 26 12:22:41 UTC 2016 - dimstar@opensuse.org @@ -905,153 +824,50 @@ Mon Sep 26 12:22:41 UTC 2016 - dimstar@opensuse.org it's started as an Xwayland client (boo#1001135). ------------------------------------------------------------------- -Mon Sep 26 08:18:16 UTC 2016 - tchvatal@suse.com +Sat Sep 17 11:36:18 UTC 2016 - tchvatal@suse.com -- Update to 55.0.2868.3: - * remove patch gtk3-missing-define.patch - * update patch fix-gn-bootstrap.diff - * add patch chromium-system-zlib.patch -- Use system icu, upstream bug was fixed - -------------------------------------------------------------------- -Wed Sep 21 09:50:26 UTC 2016 - tchvatal@suse.com - -- Enable system libs again as it works for now -- Disable system vpx on < Factory as the vpx there is too old -- Now stable -> enable tcmalloc again - -------------------------------------------------------------------- -Tue Sep 20 09:00:29 UTC 2016 - tchvatal@suse.com - -- Make linker use less memory by tweaking its options: - * chromium-linker-memory.patch -- Update constraints for arm a bit to build -- Use system ffmpeg unless on 13.2 that didn't include it - * chromium-54-ffmpeg2compat.patch - -------------------------------------------------------------------- -Fri Sep 16 09:12:17 UTC 2016 - tchvatal@suse.com - -- Fix obsoletes for the desktop thingies - -------------------------------------------------------------------- -Thu Sep 15 12:02:32 UTC 2016 - tchvatal@suse.com - -- Gtk3 is still buggy -> disable -- Remove systemlibs for now except ffmpeg as it causes tons of problems - -------------------------------------------------------------------- -Wed Sep 14 14:57:42 UTC 2016 - tchvatal@suse.com - -- Switch to component build - solves issue with linking and not - enough memory -- Document in defaults how to actually enable debugging -- Remove noop conditions and empty variables from .sh script - launching chromium - -------------------------------------------------------------------- -Wed Sep 14 07:31:47 UTC 2016 - tchvatal@suse.com - -- Enable aarch64 to see how it goes -- Version update to 55.0.2859.0 - -------------------------------------------------------------------- -Tue Sep 13 17:13:47 UTC 2016 - tchvatal@suse.com - -- Do not bother with widevine installation, we need to build the - connectors, but later need to use the one bundled with chrome to - work with drm anyway - -------------------------------------------------------------------- -Tue Sep 13 12:53:23 UTC 2016 - tchvatal@suse.com - -- Switch to gold, we need to use less memory when linking -- Expand constraints for the debug symbols -- Use default chromium values from master_preferences on first run - rather than pseudo-duplicating in shellscript, bugs should be - fixed in the masterprefs -- Add patch to fix build on 4.5+ kernels with systemlibs: +- Apply sandbox patch to fix crashers on tumbleweed bnc#999091 * chromium-sandbox.patch ------------------------------------------------------------------- -Mon Sep 12 17:21:26 UTC 2016 - tchvatal@suse.com +Thu Sep 15 13:09:21 UTC 2016 - tchvatal@suse.com -- Collapse the ninja calls to run only once, no need to start 3x -- Remove g0 from cflags, that is something we never want, at least - some symbols for tracing are useful -- Sync more the options that are available for the build +- Version update stable channel 53.0.2785.116 + * Just smal bugfixes around ------------------------------------------------------------------- -Mon Sep 12 08:55:09 UTC 2016 - tchvatal@suse.com +Wed Sep 14 07:35:09 UTC 2016 - tchvatal@suse.com -- Enable more switches that are found in the gn files -- Try to enable gtk3 ui again - * add patch gtk3-missing-define.patch +- Version update to 53.0.2785.113 bnc#998743: + * CVE-2016-5170 Use after free in Blink + * CVE-2016-5171 Use after free in Blink + * CVE-2016-5172 Arbitrary Memory Read in v8 + * CVE-2016-5173 Extension resource access + * CVE-2016-5174 Popup not correctly suppressed + * CVE-2016-5175 Various fixes from internal audits ------------------------------------------------------------------- -Sun Sep 11 09:14:14 UTC 2016 - tchvatal@suse.com +Mon Sep 12 08:31:59 UTC 2016 - tchvatal@suse.com -- Move widevine to subpackage so user have choice between the built - one and the chrome one +- Reenable widevine build again bnc#998328 ------------------------------------------------------------------- -Sat Sep 10 11:02:42 UTC 2016 - tchvatal@suse.com +Sat Sep 10 09:13:37 UTC 2016 - tchvatal@suse.com -- Version update to dev chanel 55.0.2853.0 -- Refresh patches: - * chromium-system-ffmpeg-r3.patch - * chromium-system-jinja-r13.patch -- Correctly detect system ffmpeg and set branding to allow all codecs - that the ffmpeg can work with (eg we simply passover all the data - and do not bother with blacklist/whitelist) +- Stable channel update to 53.0.2785.101 + * SPDY crasher fixes + * Disable NV12 DXGI video on AMD + * Forward --password-store switch to os_crypt + * Tell the kernel to discard USB requests when they time out. ------------------------------------------------------------------- -Sat Sep 10 08:58:20 UTC 2016 - tchvatal@suse.com +Wed Sep 7 14:50:44 UTC 2016 - astieger@suse.com -- Update to 54.0.2840.16 -- Expand provides/obsoletes for the desktop subpackages to remove - them all - -------------------------------------------------------------------- -Thu Sep 8 13:23:30 UTC 2016 - tchvatal@suse.com - -- Enable hangouts extension -- Try to build widevine drm extension instead of using the one from - packman bnc#998328 -- Go back to normal malloc from bundled tcmalloc, switch back when - we can use system one - -------------------------------------------------------------------- -Wed Sep 7 06:36:15 UTC 2016 - tchvatal@suse.com - -- Update to 54.0.2840.14 -- Switch back to gcc on factory -- Switch some bundled libraries off courtesy of gentoo build system -- Try to use system ffmpeg if possible -- Remove useless service file, "osc service localrun download_files" - works fine enough even without it -- Add patches for system jinja and ffmpeg (gentoo): - * chromium-system-ffmpeg-r3.patch - * chromium-system-jinja-r13.patch -- Add back gcc compat patch: - * gcc60-fixes.diff - -------------------------------------------------------------------- -Tue Sep 6 08:32:06 UTC 2016 - tchvatal@suse.com - -- Switch to compile using clang as google has default - * Only for factory on 1320 and older use gcc -- Obsolete kde/gnome subpackages, useless nowdays -- Determine paralelism based on how much memory we have -- Disable gtk3 it seems to be really messy with rendering nowdays - * Stick with gtk2 for time being -- Enable tcmalloc as memory manager -- Sort out with spec-cleaner -- Drop unused patches: - * fix-older-gcc.patch - * gcc60-fixes.diff -- Do not install chromium-generic to libdir just directly go to bindir -- Remove empty pre function +- Update to Chromium 53.0.2785.92: + * Revert of support relocatable RPM packages + * disallow WKBackForwardListItem navigations for pushState pages + * arc: bluetooth: Fix advertised uuid + * fix conflicting PendingIntent for stop button and swipe away ------------------------------------------------------------------- Thu Sep 1 04:04:13 UTC 2016 - tittiatcoke@gmail.com diff --git a/chromium.spec b/chromium.spec index 9fdecb5..e0c0940 100644 --- a/chromium.spec +++ b/chromium.spec @@ -34,8 +34,8 @@ %endif %bcond_with system_vpx %bcond_with clang -Name: chromium-beta -Version: 66.0.3359.81 +Name: chromium +Version: 66.0.3359.117 Release: 0 Summary: Google's open source browser project License: BSD-3-Clause AND LGPL-2.1-or-later @@ -559,7 +559,7 @@ tools/gn/bootstrap/bootstrap.py -s -v --gn-gen-args "${myconf_gn}" # https://bugs.chromium.org/p/chromium/issues/detail?id=642016 out/Release/gn gen --args="${myconf_gn}" out/Release -ninja -v %{_smp_mflags} -C out/Release chrome chrome_sandbox chromedriver +ninja -v %{?_smp_mflags} -C out/Release chrome chrome_sandbox chromedriver %install mkdir -p %{buildroot}%{_libdir}/chromium From 0b9c694c1c2549a4ed39c7d36d9ee1fd69b3db2e2dd0579748dc472cd71d36dd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Wed, 18 Apr 2018 09:14:57 +0000 Subject: [PATCH 13/52] - Add patch to fix missing folder from tarball: * add-missing-blink-tools.patch OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1116 --- add-missing-blink-tools.patch | 1071 +++++++++++++++++++++++++++++++++ chromium.changes | 6 + chromium.spec | 1 + 3 files changed, 1078 insertions(+) create mode 100644 add-missing-blink-tools.patch diff --git a/add-missing-blink-tools.patch b/add-missing-blink-tools.patch new file mode 100644 index 0000000..bc846bc --- /dev/null +++ b/add-missing-blink-tools.patch @@ -0,0 +1,1071 @@ +Description: add back contents of third-party/blink/tools that went missing in the source tarball for 66.0.3359.106 +Bug: https://bugs.chromium.org/p/chromium/issues/detail?id=832283 + +--- /dev/null ++++ b/third_party/blink/tools/OWNERS +@@ -0,0 +1 @@ ++file://third_party/WebKit/Tools/OWNERS +--- /dev/null ++++ b/third_party/blink/tools/blinkpy/__init__.py +@@ -0,0 +1,3 @@ ++# Copyright 2017 The Chromium Authors. All rights reserved. ++# Use of this source code is governed by a BSD-style license that can be ++# found in the LICENSE file. +--- /dev/null ++++ b/third_party/blink/tools/blinkpy/common/__init__.py +@@ -0,0 +1,3 @@ ++# Copyright 2017 The Chromium Authors. All rights reserved. ++# Use of this source code is governed by a BSD-style license that can be ++# found in the LICENSE file. +--- /dev/null ++++ b/third_party/blink/tools/blinkpy/common/name_style_converter.py +@@ -0,0 +1,128 @@ ++# Copyright 2017 The Chromium Authors. All rights reserved. ++# Use of this source code is governed by a BSD-style license that can be ++# found in the LICENSE file. ++ ++# pylint: disable=import-error,print-statement,relative-import ++ ++import re ++ ++SPECIAL_TOKENS = [ ++ # This list should be sorted by length. ++ 'CString', ++ 'Float32', ++ 'Float64', ++ 'Base64', ++ 'IFrame', ++ 'Latin1', ++ 'PlugIn', ++ 'SQLite', ++ 'Uint16', ++ 'Uint32', ++ 'WebGL2', ++ 'ASCII', ++ 'CType', ++ 'DList', ++ 'Int16', ++ 'Int32', ++ 'MPath', ++ 'OList', ++ 'TSpan', ++ 'UList', ++ 'UTF16', ++ 'Uint8', ++ 'WebGL', ++ 'XPath', ++ 'ETC1', ++ 'HTML', ++ 'Int8', ++ 'S3TC', ++ 'SPv2', ++ 'UTF8', ++ 'API', ++ 'CSS', ++ 'DOM', ++ 'EXT', ++ 'RTC', ++ 'SVG', ++ '2D', ++ 'AX', ++ 'V0', ++ 'V8', ++] ++ ++MATCHING_EXPRESSION = '((?:[A-Z][a-z]+)|[0-9]D?$)' ++ ++ ++class SmartTokenizer(object): ++ """Detects special cases that are not easily discernible without additional ++ knowledge, such as recognizing that in SVGSVGElement, the first two SVGs ++ are separate tokens, but WebGL is one token.""" ++ ++ def __init__(self, name): ++ self.remaining = name ++ ++ def tokenize(self): ++ name = self.remaining ++ tokens = [] ++ while len(name) > 0: ++ matched_token = None ++ for token in SPECIAL_TOKENS: ++ if name.startswith(token): ++ matched_token = token ++ break ++ if not matched_token: ++ match = re.search(MATCHING_EXPRESSION, name) ++ if not match: ++ matched_token = name ++ elif match.start(0) != 0: ++ matched_token = name[:match.start(0)] ++ else: ++ matched_token = match.group(0) ++ tokens.append(name[:len(matched_token)]) ++ name = name[len(matched_token):] ++ return tokens ++ ++ ++class NameStyleConverter(object): ++ """Converts names from camelCase to various other styles. ++ """ ++ ++ def __init__(self, name): ++ self.tokens = self.tokenize(name) ++ ++ def tokenize(self, name): ++ tokenizer = SmartTokenizer(name) ++ return tokenizer.tokenize() ++ ++ def to_snake_case(self): ++ """Snake case is the file and variable name style per Google C++ Style ++ Guide: ++ https://google.github.io/styleguide/cppguide.html#Variable_Names ++ ++ Also known as the hacker case. ++ https://en.wikipedia.org/wiki/Snake_case ++ """ ++ return '_'.join([token.lower() for token in self.tokens]) ++ ++ def to_upper_camel_case(self): ++ """Upper-camel case is the class and function name style per ++ Google C++ Style Guide: ++ https://google.github.io/styleguide/cppguide.html#Function_Names ++ ++ Also known as the PascalCase. ++ https://en.wikipedia.org/wiki/Camel_case. ++ """ ++ return ''.join([token[0].upper() + token[1:] for token in self.tokens]) ++ ++ def to_macro_case(self): ++ """Macro case is the macro name style per Google C++ Style Guide: ++ https://google.github.io/styleguide/cppguide.html#Macro_Names ++ """ ++ return '_'.join([token.upper() for token in self.tokens]) ++ ++ def to_all_cases(self): ++ return { ++ 'snake_case': self.to_snake_case(), ++ 'upper_camel_case': self.to_upper_camel_case(), ++ 'macro_case': self.to_macro_case(), ++ } +--- /dev/null ++++ b/third_party/blink/tools/blinkpy/common/name_style_converter_test.py +@@ -0,0 +1,178 @@ ++# Copyright 2017 The Chromium Authors. All rights reserved. ++# Use of this source code is governed by a BSD-style license that can be ++# found in the LICENSE file. ++ ++# pylint: disable=import-error,print-statement,relative-import,protected-access ++ ++"""Unit tests for name_style_converter.py.""" ++ ++import unittest ++ ++from name_style_converter import NameStyleConverter ++from name_style_converter import SmartTokenizer ++ ++ ++class SmartTokenizerTest(unittest.TestCase): ++ def test_simple_cases(self): ++ tokenizer = SmartTokenizer('foo') ++ self.assertEqual(tokenizer.tokenize(), ['foo']) ++ ++ tokenizer = SmartTokenizer('fooBar') ++ self.assertEqual(tokenizer.tokenize(), ['foo', 'Bar']) ++ ++ tokenizer = SmartTokenizer('fooBarBaz') ++ self.assertEqual(tokenizer.tokenize(), ['foo', 'Bar', 'Baz']) ++ ++ tokenizer = SmartTokenizer('Baz') ++ self.assertEqual(tokenizer.tokenize(), ['Baz']) ++ ++ tokenizer = SmartTokenizer('') ++ self.assertEqual(tokenizer.tokenize(), []) ++ ++ tokenizer = SmartTokenizer('FOO') ++ self.assertEqual(tokenizer.tokenize(), ['FOO']) ++ ++ tokenizer = SmartTokenizer('foo2') ++ self.assertEqual(tokenizer.tokenize(), ['foo', '2']) ++ ++ def test_tricky_cases(self): ++ tokenizer = SmartTokenizer('XMLHttpRequest') ++ self.assertEqual(tokenizer.tokenize(), ['XML', 'Http', 'Request']) ++ ++ tokenizer = SmartTokenizer('HTMLElement') ++ self.assertEqual(tokenizer.tokenize(), ['HTML', 'Element']) ++ ++ tokenizer = SmartTokenizer('WebGLRenderingContext') ++ self.assertEqual(tokenizer.tokenize(), ++ ['WebGL', 'Rendering', 'Context']) ++ ++ tokenizer = SmartTokenizer('CanvasRenderingContext2D') ++ self.assertEqual(tokenizer.tokenize(), ++ ['Canvas', 'Rendering', 'Context', '2D']) ++ tokenizer = SmartTokenizer('CanvasRenderingContext2DAPITest') ++ self.assertEqual(tokenizer.tokenize(), ++ ['Canvas', 'Rendering', 'Context', '2D', 'API', 'Test']) ++ ++ tokenizer = SmartTokenizer('SVGSVGElement') ++ self.assertEqual(tokenizer.tokenize(), ['SVG', 'SVG', 'Element']) ++ ++ tokenizer = SmartTokenizer('CanvasRenderingContext2D') ++ self.assertEqual(tokenizer.tokenize(), ['Canvas', 'Rendering', 'Context', '2D']) ++ ++ tokenizer = SmartTokenizer('CSSURLImageValue') ++ self.assertEqual(tokenizer.tokenize(), ['CSS', 'URL', 'Image', 'Value']) ++ tokenizer = SmartTokenizer('CSSPropertyAPID') ++ self.assertEqual(tokenizer.tokenize(), ['CSS', 'Property', 'API', 'D']) ++ tokenizer = SmartTokenizer('AXARIAGridCell') ++ self.assertEqual(tokenizer.tokenize(), ['AX', 'ARIA', 'Grid', 'Cell']) ++ ++ tokenizer = SmartTokenizer('CDATASection') ++ self.assertEqual(tokenizer.tokenize(), ['CDATA', 'Section']) ++ ++ tokenizer = SmartTokenizer('ASCIICType') ++ self.assertEqual(tokenizer.tokenize(), ['ASCII', 'CType']) ++ tokenizer = SmartTokenizer('CString') ++ self.assertEqual(tokenizer.tokenize(), ['CString']) ++ ++ tokenizer = SmartTokenizer('HTMLDListElement') ++ self.assertEqual(tokenizer.tokenize(), ['HTML', 'DList', 'Element']) ++ tokenizer = SmartTokenizer('HTMLOListElement') ++ self.assertEqual(tokenizer.tokenize(), ['HTML', 'OList', 'Element']) ++ tokenizer = SmartTokenizer('HTMLIFrameElement') ++ self.assertEqual(tokenizer.tokenize(), ['HTML', 'IFrame', 'Element']) ++ tokenizer = SmartTokenizer('HTMLPlugInElement') ++ self.assertEqual(tokenizer.tokenize(), ['HTML', 'PlugIn', 'Element']) ++ ++ # No special handling for OptGroup, FieldSet, and TextArea. ++ tokenizer = SmartTokenizer('HTMLOptGroupElement') ++ self.assertEqual(tokenizer.tokenize(), ['HTML', 'Opt', 'Group', 'Element']) ++ tokenizer = SmartTokenizer('HTMLFieldSetElement') ++ self.assertEqual(tokenizer.tokenize(), ['HTML', 'Field', 'Set', 'Element']) ++ tokenizer = SmartTokenizer('HTMLTextAreaElement') ++ self.assertEqual(tokenizer.tokenize(), ['HTML', 'Text', 'Area', 'Element']) ++ ++ tokenizer = SmartTokenizer('Path2D') ++ self.assertEqual(tokenizer.tokenize(), ['Path', '2D']) ++ tokenizer = SmartTokenizer('Point2D') ++ self.assertEqual(tokenizer.tokenize(), ['Point', '2D']) ++ tokenizer = SmartTokenizer('CanvasRenderingContext2DState') ++ self.assertEqual(tokenizer.tokenize(), ['Canvas', 'Rendering', 'Context', '2D', 'State']) ++ ++ tokenizer = SmartTokenizer('RTCDTMFSender') ++ self.assertEqual(tokenizer.tokenize(), ['RTC', 'DTMF', 'Sender']) ++ ++ tokenizer = SmartTokenizer('WebGLCompressedTextureS3TCsRGB') ++ self.assertEqual(tokenizer.tokenize(), ['WebGL', 'Compressed', 'Texture', 'S3TC', 'sRGB']) ++ tokenizer = SmartTokenizer('WebGL2CompressedTextureETC1') ++ self.assertEqual(tokenizer.tokenize(), ['WebGL2', 'Compressed', 'Texture', 'ETC1']) ++ tokenizer = SmartTokenizer('EXTsRGB') ++ self.assertEqual(tokenizer.tokenize(), ['EXT', 'sRGB']) ++ ++ tokenizer = SmartTokenizer('SVGFEBlendElement') ++ self.assertEqual(tokenizer.tokenize(), ['SVG', 'FE', 'Blend', 'Element']) ++ tokenizer = SmartTokenizer('SVGMPathElement') ++ self.assertEqual(tokenizer.tokenize(), ['SVG', 'MPath', 'Element']) ++ tokenizer = SmartTokenizer('SVGTSpanElement') ++ self.assertEqual(tokenizer.tokenize(), ['SVG', 'TSpan', 'Element']) ++ tokenizer = SmartTokenizer('SVGURIReference') ++ self.assertEqual(tokenizer.tokenize(), ['SVG', 'URI', 'Reference']) ++ ++ tokenizer = SmartTokenizer('UTF16TextIterator') ++ self.assertEqual(tokenizer.tokenize(), ['UTF16', 'Text', 'Iterator']) ++ tokenizer = SmartTokenizer('UTF8Decoder') ++ self.assertEqual(tokenizer.tokenize(), ['UTF8', 'Decoder']) ++ tokenizer = SmartTokenizer('Uint8Array') ++ self.assertEqual(tokenizer.tokenize(), ['Uint8', 'Array']) ++ tokenizer = SmartTokenizer('DOMWindowBase64') ++ self.assertEqual(tokenizer.tokenize(), ['DOM', 'Window', 'Base64']) ++ tokenizer = SmartTokenizer('TextCodecLatin1') ++ self.assertEqual(tokenizer.tokenize(), ['Text', 'Codec', 'Latin1']) ++ tokenizer = SmartTokenizer('V8BindingForCore') ++ self.assertEqual(tokenizer.tokenize(), ['V8', 'Binding', 'For', 'Core']) ++ tokenizer = SmartTokenizer('V8DOMRect') ++ self.assertEqual(tokenizer.tokenize(), ['V8', 'DOM', 'Rect']) ++ ++ tokenizer = SmartTokenizer('V0InsertionPoint') ++ self.assertEqual(tokenizer.tokenize(), ['V0', 'Insertion', 'Point']) ++ tokenizer = SmartTokenizer('ShadowDOMV0Test') ++ self.assertEqual(tokenizer.tokenize(), ['Shadow', 'DOM', 'V0', 'Test']) ++ tokenizer = SmartTokenizer('ElementShadowV0') ++ self.assertEqual(tokenizer.tokenize(), ['Element', 'Shadow', 'V0']) ++ tokenizer = SmartTokenizer('StubChromeClientForSPv2') ++ self.assertEqual(tokenizer.tokenize(), ['Stub', 'Chrome', 'Client', 'For', 'SPv2']) ++ ++ tokenizer = SmartTokenizer('SQLiteAuthorizer') ++ self.assertEqual(tokenizer.tokenize(), ['SQLite', 'Authorizer']) ++ tokenizer = SmartTokenizer('XPathEvaluator') ++ self.assertEqual(tokenizer.tokenize(), ['XPath', 'Evaluator']) ++ ++ tokenizer = SmartTokenizer('IsXHTMLDocument') ++ self.assertEqual(tokenizer.tokenize(), ['Is', 'XHTML', 'Document']) ++ ++ tokenizer = SmartTokenizer('Animation.idl') ++ self.assertEqual(tokenizer.tokenize(), ['Animation', '.idl']) ++ ++ ++class NameStyleConverterTest(unittest.TestCase): ++ def test_snake_case(self): ++ converter = NameStyleConverter('HTMLElement') ++ self.assertEqual(converter.to_snake_case(), 'html_element') ++ ++ def test_upper_camel_case(self): ++ converter = NameStyleConverter('someSuperThing') ++ self.assertEqual(converter.to_upper_camel_case(), 'SomeSuperThing') ++ ++ converter = NameStyleConverter('SVGElement') ++ self.assertEqual(converter.to_upper_camel_case(), 'SVGElement') ++ ++ def test_macro_case(self): ++ converter = NameStyleConverter('WebGLBaz2D') ++ self.assertEqual(converter.to_macro_case(), 'WEBGL_BAZ_2D') ++ ++ def test_all_cases(self): ++ converter = NameStyleConverter('SVGScriptElement') ++ self.assertEqual(converter.to_all_cases(), { ++ 'snake_case': 'svg_script_element', ++ 'upper_camel_case': 'SVGScriptElement', ++ 'macro_case': 'SVG_SCRIPT_ELEMENT', ++ }) +--- /dev/null ++++ b/third_party/blink/tools/compile_devtools_frontend.py +@@ -0,0 +1,20 @@ ++#!/usr/bin/env vpython ++# Copyright 2017 The Chromium Authors. All rights reserved. ++# Use of this source code is governed by a BSD-style license that can be ++# found in the LICENSE file. ++ ++"""Compile DevTools frontend code with Closure compiler. ++ ++This script wraps devtools/scripts/compile_frontend.py. ++DevTools bot kicks this script. ++""" ++ ++import os ++import sys ++ ++sys.path.append(os.path.join( ++ os.path.dirname(__file__), '..', '..', 'WebKit', 'Source', 'devtools', 'scripts')) ++import compile_frontend ++ ++if __name__ == '__main__': ++ sys.exit(compile_frontend.main()) +--- /dev/null ++++ b/third_party/blink/tools/move_blink_source.py +@@ -0,0 +1,615 @@ ++#!/usr/bin/env vpython ++# Copyright 2017 The Chromium Authors. All rights reserved. ++# Use of this source code is governed by a BSD-style license that can be ++# found in the LICENSE file. ++ ++"""Tool to move Blink source from third_party/WebKit to third_party/blink. ++ ++See https://docs.google.com/document/d/1l3aPv1Wx__SpRkdOhvJz8ciEGigNT3wFKv78XiuW0Tw/edit?usp=sharing#heading=h.o225wrxp242h ++for the details. ++""" ++ ++import argparse ++import logging ++import os ++import re ++import sys ++from functools import partial ++ ++# Without abspath(), PathFinder can't find chromium_base correctly. ++sys.path.append(os.path.abspath( ++ os.path.join(os.path.dirname(__file__), '..', '..', '..', ++ 'third_party', 'WebKit', 'Tools', 'Scripts'))) ++from blinkpy.common.name_style_converter import NameStyleConverter ++from plan_blink_move import plan_blink_move ++from plan_blink_move import relative_dest ++from webkitpy.common.checkout.git import Git ++from webkitpy.common.path_finder import get_chromium_src_dir ++from webkitpy.common.path_finder import get_scripts_dir ++from webkitpy.common.system.executive import Executive ++from webkitpy.common.system.executive import ScriptError ++from webkitpy.common.system.filesystem import FileSystem ++ ++_log = logging.getLogger('move_blink_source') ++ ++ ++class FileType(object): ++ NONE = 0 ++ BUILD = 1 ++ BLINK_BUILD = 2 ++ OWNERS = 3 ++ DEPS = 4 ++ MOJOM = 5 ++ TYPEMAP = 6 ++ BLINK_BUILD_PY = 7 ++ LAYOUT_TESTS_WITH_MOJOM = 8 ++ ++ @staticmethod ++ def detect(path): ++ slash_dir, basename = os.path.split(path) ++ slash_dir = slash_dir.replace(os.path.sep, '/') ++ if basename == 'DEPS': ++ return FileType.DEPS ++ if basename == 'OWNERS': ++ return FileType.OWNERS ++ if basename.endswith('.mojom'): ++ return FileType.MOJOM ++ if basename.endswith('.typemap'): ++ return FileType.TYPEMAP ++ if basename.endswith('.py') and 'third_party/WebKit/Source/build' in slash_dir: ++ return FileType.BLINK_BUILD_PY ++ if basename.endswith(('.gn', '.gni')): ++ if 'third_party/WebKit' in path or 'third_party/blink' in slash_dir: ++ return FileType.BLINK_BUILD ++ if 'third_party' in slash_dir: ++ return FileType.NONE ++ return FileType.BUILD ++ if basename.endswith('.html') and re.search( ++ r'third_party/WebKit/LayoutTests/(geolocation-api|installedapp|' + ++ r'media/mediasession|payments|presentation|webshare)', slash_dir): ++ return FileType.LAYOUT_TESTS_WITH_MOJOM ++ return FileType.NONE ++ ++ ++class MoveBlinkSource(object): ++ ++ def __init__(self, fs, options, repo_root): ++ self._fs = fs ++ self._options = options ++ _log.debug(options) ++ self._repo_root = repo_root ++ ++ # The following fields are initialized in _create_basename_maps. ++ self._basename_map = None ++ self._basename_re = None ++ self._idl_generated_impl_headers = None ++ # _checked_in_header_re is used to distinguish checked-in header files ++ # and generated header files. ++ self._checked_in_header_re = None ++ ++ self._updated_files = [] ++ ++ def update(self, apply_only=None): ++ """Updates contents of files affected by Blink source move. ++ ++ Args: ++ apply_only: If it's None, updates all affected files. Otherwise, ++ it should be a set of file paths and this function updates ++ only the files in |apply_only|. ++ """ ++ _log.info('Planning renaming ...') ++ file_pairs = plan_blink_move(self._fs, []) ++ _log.info('Will move %d files', len(file_pairs)) ++ ++ self._create_basename_maps(file_pairs) ++ dirs = self._update_file_content(apply_only) ++ ++ # Updates #includes in files in directories with updated DEPS + ++ # third_party/WebKit/{Source,common,public}. ++ self._append_unless_upper_dir_exists(dirs, self._fs.join(self._repo_root, 'third_party', 'WebKit', 'Source')) ++ self._append_unless_upper_dir_exists(dirs, self._fs.join(self._repo_root, 'third_party', 'WebKit', 'common')) ++ self._append_unless_upper_dir_exists(dirs, self._fs.join(self._repo_root, 'third_party', 'WebKit', 'public')) ++ self._append_unless_upper_dir_exists(dirs, self._fs.join(self._repo_root, 'mojo', 'public', 'tools', ++ 'bindings', 'generators', 'cpp_templates')) ++ self._update_cpp_includes_in_directories(dirs, apply_only) ++ ++ # Content update for individual files. ++ # The following is a list of tuples. ++ # Tuple: (, [replacement commands]) ++ # Command: a callable object, or ++ # a tuple of (, ). ++ file_replacement_list = [ ++ ('DEPS', ++ [('src/third_party/WebKit/Source/devtools', ++ 'src/third_party/blink/renderer/devtools')]), ++ ('WATCHLISTS', ++ [('third_party/WebKit/Source', 'third_party/blink/renderer'), ++ ('third_party/WebKit/public', 'third_party/blink/renderer/public')]), ++ ('build/check_gn_headers_whitelist.txt', ++ [('third_party/WebKit/Source', 'third_party/blink/renderer'), ++ ('third_party/WebKit/public', 'third_party/blink/renderer/public'), ++ self._update_basename]), ++ ('testing/buildbot/gn_isolate_map.pyl', ++ [('third_party/WebKit/Source', 'third_party/blink/renderer')]), ++ ('third_party/WebKit/Source/BUILD.gn', ++ [('$root_gen_dir/third_party/WebKit', ++ '$root_gen_dir/third_party/blink/renderer')]), ++ ('third_party/WebKit/Source/config.gni', ++ [('snake_case_source_files = false', ++ 'snake_case_source_files = true')]), ++ ('third_party/WebKit/Source/core/css/CSSProperties.json5', ++ [self._update_basename]), ++ ('third_party/WebKit/Source/core/css/ComputedStyleExtraFields.json5', ++ [self._update_basename]), ++ ('third_party/WebKit/Source/core/css/ComputedStyleFieldAliases.json5', ++ [self._update_basename]), ++ ('third_party/WebKit/Source/core/html/parser/create-html-entity-table', ++ [self._update_basename]), ++ ('third_party/WebKit/Source/core/inspector/inspector_protocol_config.json', ++ [self._update_basename]), ++ ('third_party/WebKit/Source/core/probe/CoreProbes.json5', ++ [self._update_basename]), ++ ('third_party/WebKit/Source/core/testing/InternalSettings.h', ++ [('InternalSettingsGenerated.h', 'internal_settings_generated.h')]), ++ ('third_party/WebKit/Source/core/testing/Internals.cpp', ++ [('InternalRuntimeFlags.h', 'internal_runtime_flags.h')]), ++ ('third_party/WebKit/Source/platform/probe/PlatformProbes.json5', ++ [self._update_basename]), ++ ('third_party/WebKit/public/BUILD.gn', ++ [('$root_gen_dir/third_party/WebKit', ++ '$root_gen_dir/third_party/blink/renderer')]), ++ ('third_party/WebKit/public/blink_resources.grd', ++ [('../Source/', '../')]), ++ ('tools/android/eclipse/.classpath', ++ [('third_party/WebKit/public', 'third_party/blink/renderer/public')]), ++ ('tools/android/loading/cloud/backend/deploy.sh', ++ [('third_party/WebKit/Source', 'third_party/blink/renderer')]), ++ ('tools/android/loading/emulation_unittest.py', ++ [('third_party/WebKit/Source', 'third_party/blink/renderer')]), ++ ('tools/android/loading/options.py', ++ [('third_party/WebKit/Source', 'third_party/blink/renderer')]), ++ ('tools/android/loading/request_track.py', ++ [('third_party/WebKit/Source', 'third_party/blink/renderer')]), ++ ('tools/gritsettings/resource_ids', ++ [('third_party/WebKit/public', 'third_party/blink/renderer/public'), ++ ('third_party/WebKit/Source', 'third_party/blink/renderer')]), ++ ('tools/metrics/actions/extract_actions.py', ++ [('third_party/WebKit/Source', 'third_party/blink/renderer')]), ++ ('tools/metrics/histograms/update_editor_commands.py', ++ [('third_party/WebKit/Source/core/editing/EditorCommand.cpp', ++ 'third_party/blink/renderer/core/editing/editor_command.cc')]), ++ ('tools/metrics/histograms/update_use_counter_css.py', ++ [('third_party/WebKit/Source/core/frame/UseCounter.cpp', ++ 'third_party/blink/renderer/core/frame/use_counter.cc')]), ++ ('tools/metrics/histograms/update_use_counter_feature_enum.py', ++ [('third_party/WebKit/public', 'third_party/blink/renderer/public')]), ++ ] ++ for file_path, replacement_list in file_replacement_list: ++ if not apply_only or file_path in apply_only: ++ self._update_single_file_content(file_path, replacement_list, should_write=self._options.run) ++ ++ if self._options.run: ++ _log.info('Formatting updated %d files ...', len(self._updated_files)) ++ git = Git(cwd=self._repo_root) ++ # |git cl format| can't handle too many files at once. ++ while len(self._updated_files) > 0: ++ end_index = 100 ++ if end_index > len(self._updated_files): ++ end_index = len(self._updated_files) ++ git.run(['cl', 'format'] + self._updated_files[:end_index]) ++ self._updated_files = self._updated_files[end_index:] ++ ++ if not apply_only: ++ _log.info('Make a local commit ...') ++ git.commit_locally_with_message("""The Great Blink mv for source files, part 1. ++ ++Update file contents without moving files. ++ ++NOAUTOREVERT=true ++Bug: 768828 ++""") ++ ++ def move(self, apply_only=None): ++ """Move Blink source files. ++ ++ Args: ++ apply_only: If it's None, move all affected files. Otherwise, ++ it should be a set of file paths and this function moves ++ only the files in |apply_only|. ++ """ ++ _log.info('Planning renaming ...') ++ file_pairs = plan_blink_move(self._fs, []) ++ ++ if apply_only: ++ file_pairs = [(src, dest) for (src, dest) in file_pairs ++ if 'third_party/WebKit/' + src.replace('\\', '/') in apply_only] ++ print 'Update file_pairs = ', file_pairs ++ _log.info('Will move %d files', len(file_pairs)) ++ ++ git = Git(cwd=self._repo_root) ++ files_set = self._get_checked_in_files(git) ++ for i, (src, dest) in enumerate(file_pairs): ++ src_from_repo = self._fs.join('third_party', 'WebKit', src) ++ if src_from_repo.replace('\\', '/') not in files_set: ++ _log.info('%s is not in the repository', src) ++ continue ++ dest_from_repo = self._fs.join('third_party', 'blink', dest) ++ self._fs.maybe_make_directory(self._repo_root, 'third_party', 'blink', self._fs.dirname(dest)) ++ if self._options.run_git: ++ git.move(src_from_repo, dest_from_repo) ++ _log.info('[%d/%d] Git moved %s', i + 1, len(file_pairs), src) ++ else: ++ self._fs.move(self._fs.join(self._repo_root, src_from_repo), ++ self._fs.join(self._repo_root, dest_from_repo)) ++ _log.info('[%d/%d] Moved %s', i + 1, len(file_pairs), src) ++ if apply_only: ++ return ++ ++ self._update_single_file_content( ++ 'build/get_landmines.py', ++ [('\ndef main', ' print \'The Great Blink mv for source files (crbug.com/768828)\'\n\ndef main')]) ++ ++ _log.info('Run run-bindings-tests ...') ++ Executive().run_command(['python', ++ self._fs.join(get_scripts_dir(), 'run-bindings-tests'), ++ '--reset-results'], ++ cwd=self._repo_root) ++ ++ if self._options.run_git: ++ _log.info('Make a local commit ...') ++ git.commit_locally_with_message("""The Great Blink mv for source files, part 2. ++ ++Move and rename files. ++ ++NOAUTOREVERT=true ++Bug: 768828 ++""") ++ ++ def fix_branch(self): ++ git = Git(cwd=self._repo_root) ++ status = self._get_local_change_status(git) ++ if len(status) == 0: ++ _log.info('No local changes.') ++ return ++ modified_files = {f for (s, f) in status if s != 'D'} ++ deleted_files = {f for (s, f) in status if s == 'D'} ++ ++ self.update(apply_only=modified_files) ++ self.move(apply_only=modified_files) ++ try: ++ git.commit_locally_with_message('This commit should be squashed.') ++ except ScriptError: ++ _log.info('move_blink_source.py modified nothing.') ++ ++ # TODO(tkent): Show a message about deleted_files. ++ ++ def _get_local_change_status(self, git): ++ """Returns a list of tuples representing local change summary. ++ ++ Each tuple contains two strings. The first one is file change status ++ such as "M", "D". See --diff-filter section of git-diff manual page. ++ The second one is file name relative to the repository top. ++ """ ++ ++ base_commit = git.run(['show-branch', '--merge-base', 'master', 'HEAD']).strip() ++ # Note that file names in the following command result are always ++ # slash-separated, even on Windows. ++ status_lines = git.run(['diff', '--name-status', '--no-renames', base_commit]).split('\n') ++ status_tuple_list = [] ++ for l in status_lines: ++ items = l.split('\t') ++ if len(items) == 2: ++ status_tuple_list.append(tuple(items)) ++ elif len(l) > 0: ++ _log.warning('Unrecognized diff output: "%s"', l) ++ return status_tuple_list ++ ++ def _get_checked_in_files(self, git): ++ files_text = git.run(['ls-files', ++ 'third_party/WebKit/Source', ++ 'third_party/WebKit/common', ++ 'third_party/WebKit/public']) ++ return set(files_text.split('\n')) ++ ++ def _create_basename_maps(self, file_pairs): ++ basename_map = {} ++ # Generated inspector/protocol/* contains a lot of names duplicated with ++ # checked-in core files. We don't want to rename them, and don't want to ++ # replace them in BUILD.gn and #include accidentally. ++ pattern = r'(? => ' ++ for pair in file_pairs: ++ print '%s\t=>\t%s' % pair ++ ++ ++if __name__ == '__main__': ++ main() diff --git a/chromium.changes b/chromium.changes index a723c86..3d66c32 100644 --- a/chromium.changes +++ b/chromium.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Wed Apr 18 09:14:21 UTC 2018 - tchvatal@suse.com + +- Add patch to fix missing folder from tarball: + * add-missing-blink-tools.patch + ------------------------------------------------------------------- Wed Apr 18 09:06:31 UTC 2018 - tchvatal@suse.com diff --git a/chromium.spec b/chromium.spec index e0c0940..3f82a79 100644 --- a/chromium.spec +++ b/chromium.spec @@ -65,6 +65,7 @@ Patch7: chromium-ffmpeg.patch Patch8: chromium-drm.patch Patch9: chromium-gcc7.patch Patch10: chromium-sandbox-pie.patch +Patch11: add-missing-blink-tools.patch # Google seem not too keen on merging this but GPU accel is quite important # https://chromium-review.googlesource.com/c/chromium/src/+/532294 Patch100: chromium-vaapi.patch From b9e710b1f980bee940f7f1524d27a26672a90f86285b3086907d83230318af63 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Thu, 19 Apr 2018 05:59:22 +0000 Subject: [PATCH 14/52] Accepting request 597887 from home:AndreasStieger:branches:network:chromium please license digger OBS-URL: https://build.opensuse.org/request/show/597887 OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1117 --- chromium.changes | 8 ++------ chromium.spec | 12 ++++++------ 2 files changed, 8 insertions(+), 12 deletions(-) diff --git a/chromium.changes b/chromium.changes index 3d66c32..7b577fb 100644 --- a/chromium.changes +++ b/chromium.changes @@ -1,12 +1,6 @@ ------------------------------------------------------------------- Wed Apr 18 09:14:21 UTC 2018 - tchvatal@suse.com -- Add patch to fix missing folder from tarball: - * add-missing-blink-tools.patch - -------------------------------------------------------------------- -Wed Apr 18 09:06:31 UTC 2018 - tchvatal@suse.com - - Version bump to chromium 66.0.3359.117 bsc#1090000: * CVE-2018-6085: Use after free in Disk Cache * CVE-2018-6086: Use after free in Disk Cache @@ -60,6 +54,8 @@ Wed Apr 18 09:06:31 UTC 2018 - tchvatal@suse.com * chromium-non-void-return.patch * chromium-sandbox-pie.patch * chromium-vaapi.patch +- Add patch to fix missing folder from tarball: + * add-missing-blink-tools.patch ------------------------------------------------------------------- Sun Apr 8 10:49:06 UTC 2018 - tchvatal@suse.com diff --git a/chromium.spec b/chromium.spec index 3f82a79..6a4b573 100644 --- a/chromium.spec +++ b/chromium.spec @@ -40,7 +40,7 @@ Release: 0 Summary: Google's open source browser project License: BSD-3-Clause AND LGPL-2.1-or-later Group: Productivity/Networking/Web/Browsers -URL: http://code.google.com/p/chromium/ +Url: http://code.google.com/p/chromium/ Source0: http://commondatastorage.googleapis.com/chromium-browser-official/%{rname}-%{version}.tar.xz # Toolchain definitions Source1: BUILD.gn @@ -72,7 +72,7 @@ Patch100: chromium-vaapi.patch # GN buildsystem related patches Patch200: chromium-last-commit-position-r0.patch Patch201: fix-gn-bootstrap.patch -# PATCH-FIX-SUSE: allow proprietary codecs to be set with chromium branding +# PATCH-FIX-SUSE: allow codecs to be set with chromium branding Patch202: chromium-prop-codecs.patch BuildRequires: SDL-devel BuildRequires: binutils-gold @@ -179,12 +179,12 @@ Provides: chromium-browser = %{version} Obsoletes: %{name}-suid-helper < %{version} Obsoletes: chromium-browser < %{version} Provides: %{name}-suid-helper = %{version} -Obsoletes: chromium-desktop-kde -Obsoletes: chromium-desktop-gnome -Obsoletes: chromium-beta-desktop-kde Obsoletes: chromium-beta-desktop-gnome -Obsoletes: chromium-dev-desktop-kde +Obsoletes: chromium-beta-desktop-kde +Obsoletes: chromium-desktop-gnome +Obsoletes: chromium-desktop-kde Obsoletes: chromium-dev-desktop-gnome +Obsoletes: chromium-dev-desktop-kde Obsoletes: chromium-ffmpeg Obsoletes: chromium-ffmpegsumo # no 32bit supported and it takes ages to build From 9af465b22c4b92e234cac0cc694e56dec0a24ec18c849ee17b7469d8326817f0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Fri, 27 Apr 2018 08:25:54 +0000 Subject: [PATCH 15/52] - Up to chromium-67.0.3396.18 OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1119 --- chromium-66.0.3359.117.tar.xz | 3 --- chromium-66.0.3359.139.tar.xz | 3 +++ chromium.changes | 6 ++++++ chromium.spec | 2 +- 4 files changed, 10 insertions(+), 4 deletions(-) delete mode 100644 chromium-66.0.3359.117.tar.xz create mode 100644 chromium-66.0.3359.139.tar.xz diff --git a/chromium-66.0.3359.117.tar.xz b/chromium-66.0.3359.117.tar.xz deleted file mode 100644 index 6aa79a9..0000000 --- a/chromium-66.0.3359.117.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:77c5a334644fdc303697b3864c9a6b709cee23ee384f4134308e820af4568ed6 -size 583947452 diff --git a/chromium-66.0.3359.139.tar.xz b/chromium-66.0.3359.139.tar.xz new file mode 100644 index 0000000..5391c6e --- /dev/null +++ b/chromium-66.0.3359.139.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:be75a5b5f8c5789d359238f374a43bf52ded49425f13ed68b8021c24e2e264b2 +size 583978636 diff --git a/chromium.changes b/chromium.changes index 7b577fb..2e6e81e 100644 --- a/chromium.changes +++ b/chromium.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Fri Apr 27 08:22:18 UTC 2018 - tchvatal@suse.com + +- Version update to chromium-66.0.3359.139: + * Various small fixes around + ------------------------------------------------------------------- Wed Apr 18 09:14:21 UTC 2018 - tchvatal@suse.com diff --git a/chromium.spec b/chromium.spec index 6a4b573..d76f945 100644 --- a/chromium.spec +++ b/chromium.spec @@ -35,7 +35,7 @@ %bcond_with system_vpx %bcond_with clang Name: chromium -Version: 66.0.3359.117 +Version: 66.0.3359.139 Release: 0 Summary: Google's open source browser project License: BSD-3-Clause AND LGPL-2.1-or-later From 946d8359397fd4d88e55d4f7c08aadab81a1a2458fb4aadec86e5bbb52476714 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Sat, 28 Apr 2018 09:25:41 +0000 Subject: [PATCH 16/52] Accepting request 602239 from home:AndreasStieger:branches:network:chromium CVE-2018-6118: Use after free in Media Cache (bsc#1091288) OBS-URL: https://build.opensuse.org/request/show/602239 OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1120 --- add-missing-blink-tools.patch | 1071 --------------------------------- chromium.changes | 5 +- chromium.spec | 1 - 3 files changed, 3 insertions(+), 1074 deletions(-) delete mode 100644 add-missing-blink-tools.patch diff --git a/add-missing-blink-tools.patch b/add-missing-blink-tools.patch deleted file mode 100644 index bc846bc..0000000 --- a/add-missing-blink-tools.patch +++ /dev/null @@ -1,1071 +0,0 @@ -Description: add back contents of third-party/blink/tools that went missing in the source tarball for 66.0.3359.106 -Bug: https://bugs.chromium.org/p/chromium/issues/detail?id=832283 - ---- /dev/null -+++ b/third_party/blink/tools/OWNERS -@@ -0,0 +1 @@ -+file://third_party/WebKit/Tools/OWNERS ---- /dev/null -+++ b/third_party/blink/tools/blinkpy/__init__.py -@@ -0,0 +1,3 @@ -+# Copyright 2017 The Chromium Authors. All rights reserved. -+# Use of this source code is governed by a BSD-style license that can be -+# found in the LICENSE file. ---- /dev/null -+++ b/third_party/blink/tools/blinkpy/common/__init__.py -@@ -0,0 +1,3 @@ -+# Copyright 2017 The Chromium Authors. All rights reserved. -+# Use of this source code is governed by a BSD-style license that can be -+# found in the LICENSE file. ---- /dev/null -+++ b/third_party/blink/tools/blinkpy/common/name_style_converter.py -@@ -0,0 +1,128 @@ -+# Copyright 2017 The Chromium Authors. All rights reserved. -+# Use of this source code is governed by a BSD-style license that can be -+# found in the LICENSE file. -+ -+# pylint: disable=import-error,print-statement,relative-import -+ -+import re -+ -+SPECIAL_TOKENS = [ -+ # This list should be sorted by length. -+ 'CString', -+ 'Float32', -+ 'Float64', -+ 'Base64', -+ 'IFrame', -+ 'Latin1', -+ 'PlugIn', -+ 'SQLite', -+ 'Uint16', -+ 'Uint32', -+ 'WebGL2', -+ 'ASCII', -+ 'CType', -+ 'DList', -+ 'Int16', -+ 'Int32', -+ 'MPath', -+ 'OList', -+ 'TSpan', -+ 'UList', -+ 'UTF16', -+ 'Uint8', -+ 'WebGL', -+ 'XPath', -+ 'ETC1', -+ 'HTML', -+ 'Int8', -+ 'S3TC', -+ 'SPv2', -+ 'UTF8', -+ 'API', -+ 'CSS', -+ 'DOM', -+ 'EXT', -+ 'RTC', -+ 'SVG', -+ '2D', -+ 'AX', -+ 'V0', -+ 'V8', -+] -+ -+MATCHING_EXPRESSION = '((?:[A-Z][a-z]+)|[0-9]D?$)' -+ -+ -+class SmartTokenizer(object): -+ """Detects special cases that are not easily discernible without additional -+ knowledge, such as recognizing that in SVGSVGElement, the first two SVGs -+ are separate tokens, but WebGL is one token.""" -+ -+ def __init__(self, name): -+ self.remaining = name -+ -+ def tokenize(self): -+ name = self.remaining -+ tokens = [] -+ while len(name) > 0: -+ matched_token = None -+ for token in SPECIAL_TOKENS: -+ if name.startswith(token): -+ matched_token = token -+ break -+ if not matched_token: -+ match = re.search(MATCHING_EXPRESSION, name) -+ if not match: -+ matched_token = name -+ elif match.start(0) != 0: -+ matched_token = name[:match.start(0)] -+ else: -+ matched_token = match.group(0) -+ tokens.append(name[:len(matched_token)]) -+ name = name[len(matched_token):] -+ return tokens -+ -+ -+class NameStyleConverter(object): -+ """Converts names from camelCase to various other styles. -+ """ -+ -+ def __init__(self, name): -+ self.tokens = self.tokenize(name) -+ -+ def tokenize(self, name): -+ tokenizer = SmartTokenizer(name) -+ return tokenizer.tokenize() -+ -+ def to_snake_case(self): -+ """Snake case is the file and variable name style per Google C++ Style -+ Guide: -+ https://google.github.io/styleguide/cppguide.html#Variable_Names -+ -+ Also known as the hacker case. -+ https://en.wikipedia.org/wiki/Snake_case -+ """ -+ return '_'.join([token.lower() for token in self.tokens]) -+ -+ def to_upper_camel_case(self): -+ """Upper-camel case is the class and function name style per -+ Google C++ Style Guide: -+ https://google.github.io/styleguide/cppguide.html#Function_Names -+ -+ Also known as the PascalCase. -+ https://en.wikipedia.org/wiki/Camel_case. -+ """ -+ return ''.join([token[0].upper() + token[1:] for token in self.tokens]) -+ -+ def to_macro_case(self): -+ """Macro case is the macro name style per Google C++ Style Guide: -+ https://google.github.io/styleguide/cppguide.html#Macro_Names -+ """ -+ return '_'.join([token.upper() for token in self.tokens]) -+ -+ def to_all_cases(self): -+ return { -+ 'snake_case': self.to_snake_case(), -+ 'upper_camel_case': self.to_upper_camel_case(), -+ 'macro_case': self.to_macro_case(), -+ } ---- /dev/null -+++ b/third_party/blink/tools/blinkpy/common/name_style_converter_test.py -@@ -0,0 +1,178 @@ -+# Copyright 2017 The Chromium Authors. All rights reserved. -+# Use of this source code is governed by a BSD-style license that can be -+# found in the LICENSE file. -+ -+# pylint: disable=import-error,print-statement,relative-import,protected-access -+ -+"""Unit tests for name_style_converter.py.""" -+ -+import unittest -+ -+from name_style_converter import NameStyleConverter -+from name_style_converter import SmartTokenizer -+ -+ -+class SmartTokenizerTest(unittest.TestCase): -+ def test_simple_cases(self): -+ tokenizer = SmartTokenizer('foo') -+ self.assertEqual(tokenizer.tokenize(), ['foo']) -+ -+ tokenizer = SmartTokenizer('fooBar') -+ self.assertEqual(tokenizer.tokenize(), ['foo', 'Bar']) -+ -+ tokenizer = SmartTokenizer('fooBarBaz') -+ self.assertEqual(tokenizer.tokenize(), ['foo', 'Bar', 'Baz']) -+ -+ tokenizer = SmartTokenizer('Baz') -+ self.assertEqual(tokenizer.tokenize(), ['Baz']) -+ -+ tokenizer = SmartTokenizer('') -+ self.assertEqual(tokenizer.tokenize(), []) -+ -+ tokenizer = SmartTokenizer('FOO') -+ self.assertEqual(tokenizer.tokenize(), ['FOO']) -+ -+ tokenizer = SmartTokenizer('foo2') -+ self.assertEqual(tokenizer.tokenize(), ['foo', '2']) -+ -+ def test_tricky_cases(self): -+ tokenizer = SmartTokenizer('XMLHttpRequest') -+ self.assertEqual(tokenizer.tokenize(), ['XML', 'Http', 'Request']) -+ -+ tokenizer = SmartTokenizer('HTMLElement') -+ self.assertEqual(tokenizer.tokenize(), ['HTML', 'Element']) -+ -+ tokenizer = SmartTokenizer('WebGLRenderingContext') -+ self.assertEqual(tokenizer.tokenize(), -+ ['WebGL', 'Rendering', 'Context']) -+ -+ tokenizer = SmartTokenizer('CanvasRenderingContext2D') -+ self.assertEqual(tokenizer.tokenize(), -+ ['Canvas', 'Rendering', 'Context', '2D']) -+ tokenizer = SmartTokenizer('CanvasRenderingContext2DAPITest') -+ self.assertEqual(tokenizer.tokenize(), -+ ['Canvas', 'Rendering', 'Context', '2D', 'API', 'Test']) -+ -+ tokenizer = SmartTokenizer('SVGSVGElement') -+ self.assertEqual(tokenizer.tokenize(), ['SVG', 'SVG', 'Element']) -+ -+ tokenizer = SmartTokenizer('CanvasRenderingContext2D') -+ self.assertEqual(tokenizer.tokenize(), ['Canvas', 'Rendering', 'Context', '2D']) -+ -+ tokenizer = SmartTokenizer('CSSURLImageValue') -+ self.assertEqual(tokenizer.tokenize(), ['CSS', 'URL', 'Image', 'Value']) -+ tokenizer = SmartTokenizer('CSSPropertyAPID') -+ self.assertEqual(tokenizer.tokenize(), ['CSS', 'Property', 'API', 'D']) -+ tokenizer = SmartTokenizer('AXARIAGridCell') -+ self.assertEqual(tokenizer.tokenize(), ['AX', 'ARIA', 'Grid', 'Cell']) -+ -+ tokenizer = SmartTokenizer('CDATASection') -+ self.assertEqual(tokenizer.tokenize(), ['CDATA', 'Section']) -+ -+ tokenizer = SmartTokenizer('ASCIICType') -+ self.assertEqual(tokenizer.tokenize(), ['ASCII', 'CType']) -+ tokenizer = SmartTokenizer('CString') -+ self.assertEqual(tokenizer.tokenize(), ['CString']) -+ -+ tokenizer = SmartTokenizer('HTMLDListElement') -+ self.assertEqual(tokenizer.tokenize(), ['HTML', 'DList', 'Element']) -+ tokenizer = SmartTokenizer('HTMLOListElement') -+ self.assertEqual(tokenizer.tokenize(), ['HTML', 'OList', 'Element']) -+ tokenizer = SmartTokenizer('HTMLIFrameElement') -+ self.assertEqual(tokenizer.tokenize(), ['HTML', 'IFrame', 'Element']) -+ tokenizer = SmartTokenizer('HTMLPlugInElement') -+ self.assertEqual(tokenizer.tokenize(), ['HTML', 'PlugIn', 'Element']) -+ -+ # No special handling for OptGroup, FieldSet, and TextArea. -+ tokenizer = SmartTokenizer('HTMLOptGroupElement') -+ self.assertEqual(tokenizer.tokenize(), ['HTML', 'Opt', 'Group', 'Element']) -+ tokenizer = SmartTokenizer('HTMLFieldSetElement') -+ self.assertEqual(tokenizer.tokenize(), ['HTML', 'Field', 'Set', 'Element']) -+ tokenizer = SmartTokenizer('HTMLTextAreaElement') -+ self.assertEqual(tokenizer.tokenize(), ['HTML', 'Text', 'Area', 'Element']) -+ -+ tokenizer = SmartTokenizer('Path2D') -+ self.assertEqual(tokenizer.tokenize(), ['Path', '2D']) -+ tokenizer = SmartTokenizer('Point2D') -+ self.assertEqual(tokenizer.tokenize(), ['Point', '2D']) -+ tokenizer = SmartTokenizer('CanvasRenderingContext2DState') -+ self.assertEqual(tokenizer.tokenize(), ['Canvas', 'Rendering', 'Context', '2D', 'State']) -+ -+ tokenizer = SmartTokenizer('RTCDTMFSender') -+ self.assertEqual(tokenizer.tokenize(), ['RTC', 'DTMF', 'Sender']) -+ -+ tokenizer = SmartTokenizer('WebGLCompressedTextureS3TCsRGB') -+ self.assertEqual(tokenizer.tokenize(), ['WebGL', 'Compressed', 'Texture', 'S3TC', 'sRGB']) -+ tokenizer = SmartTokenizer('WebGL2CompressedTextureETC1') -+ self.assertEqual(tokenizer.tokenize(), ['WebGL2', 'Compressed', 'Texture', 'ETC1']) -+ tokenizer = SmartTokenizer('EXTsRGB') -+ self.assertEqual(tokenizer.tokenize(), ['EXT', 'sRGB']) -+ -+ tokenizer = SmartTokenizer('SVGFEBlendElement') -+ self.assertEqual(tokenizer.tokenize(), ['SVG', 'FE', 'Blend', 'Element']) -+ tokenizer = SmartTokenizer('SVGMPathElement') -+ self.assertEqual(tokenizer.tokenize(), ['SVG', 'MPath', 'Element']) -+ tokenizer = SmartTokenizer('SVGTSpanElement') -+ self.assertEqual(tokenizer.tokenize(), ['SVG', 'TSpan', 'Element']) -+ tokenizer = SmartTokenizer('SVGURIReference') -+ self.assertEqual(tokenizer.tokenize(), ['SVG', 'URI', 'Reference']) -+ -+ tokenizer = SmartTokenizer('UTF16TextIterator') -+ self.assertEqual(tokenizer.tokenize(), ['UTF16', 'Text', 'Iterator']) -+ tokenizer = SmartTokenizer('UTF8Decoder') -+ self.assertEqual(tokenizer.tokenize(), ['UTF8', 'Decoder']) -+ tokenizer = SmartTokenizer('Uint8Array') -+ self.assertEqual(tokenizer.tokenize(), ['Uint8', 'Array']) -+ tokenizer = SmartTokenizer('DOMWindowBase64') -+ self.assertEqual(tokenizer.tokenize(), ['DOM', 'Window', 'Base64']) -+ tokenizer = SmartTokenizer('TextCodecLatin1') -+ self.assertEqual(tokenizer.tokenize(), ['Text', 'Codec', 'Latin1']) -+ tokenizer = SmartTokenizer('V8BindingForCore') -+ self.assertEqual(tokenizer.tokenize(), ['V8', 'Binding', 'For', 'Core']) -+ tokenizer = SmartTokenizer('V8DOMRect') -+ self.assertEqual(tokenizer.tokenize(), ['V8', 'DOM', 'Rect']) -+ -+ tokenizer = SmartTokenizer('V0InsertionPoint') -+ self.assertEqual(tokenizer.tokenize(), ['V0', 'Insertion', 'Point']) -+ tokenizer = SmartTokenizer('ShadowDOMV0Test') -+ self.assertEqual(tokenizer.tokenize(), ['Shadow', 'DOM', 'V0', 'Test']) -+ tokenizer = SmartTokenizer('ElementShadowV0') -+ self.assertEqual(tokenizer.tokenize(), ['Element', 'Shadow', 'V0']) -+ tokenizer = SmartTokenizer('StubChromeClientForSPv2') -+ self.assertEqual(tokenizer.tokenize(), ['Stub', 'Chrome', 'Client', 'For', 'SPv2']) -+ -+ tokenizer = SmartTokenizer('SQLiteAuthorizer') -+ self.assertEqual(tokenizer.tokenize(), ['SQLite', 'Authorizer']) -+ tokenizer = SmartTokenizer('XPathEvaluator') -+ self.assertEqual(tokenizer.tokenize(), ['XPath', 'Evaluator']) -+ -+ tokenizer = SmartTokenizer('IsXHTMLDocument') -+ self.assertEqual(tokenizer.tokenize(), ['Is', 'XHTML', 'Document']) -+ -+ tokenizer = SmartTokenizer('Animation.idl') -+ self.assertEqual(tokenizer.tokenize(), ['Animation', '.idl']) -+ -+ -+class NameStyleConverterTest(unittest.TestCase): -+ def test_snake_case(self): -+ converter = NameStyleConverter('HTMLElement') -+ self.assertEqual(converter.to_snake_case(), 'html_element') -+ -+ def test_upper_camel_case(self): -+ converter = NameStyleConverter('someSuperThing') -+ self.assertEqual(converter.to_upper_camel_case(), 'SomeSuperThing') -+ -+ converter = NameStyleConverter('SVGElement') -+ self.assertEqual(converter.to_upper_camel_case(), 'SVGElement') -+ -+ def test_macro_case(self): -+ converter = NameStyleConverter('WebGLBaz2D') -+ self.assertEqual(converter.to_macro_case(), 'WEBGL_BAZ_2D') -+ -+ def test_all_cases(self): -+ converter = NameStyleConverter('SVGScriptElement') -+ self.assertEqual(converter.to_all_cases(), { -+ 'snake_case': 'svg_script_element', -+ 'upper_camel_case': 'SVGScriptElement', -+ 'macro_case': 'SVG_SCRIPT_ELEMENT', -+ }) ---- /dev/null -+++ b/third_party/blink/tools/compile_devtools_frontend.py -@@ -0,0 +1,20 @@ -+#!/usr/bin/env vpython -+# Copyright 2017 The Chromium Authors. All rights reserved. -+# Use of this source code is governed by a BSD-style license that can be -+# found in the LICENSE file. -+ -+"""Compile DevTools frontend code with Closure compiler. -+ -+This script wraps devtools/scripts/compile_frontend.py. -+DevTools bot kicks this script. -+""" -+ -+import os -+import sys -+ -+sys.path.append(os.path.join( -+ os.path.dirname(__file__), '..', '..', 'WebKit', 'Source', 'devtools', 'scripts')) -+import compile_frontend -+ -+if __name__ == '__main__': -+ sys.exit(compile_frontend.main()) ---- /dev/null -+++ b/third_party/blink/tools/move_blink_source.py -@@ -0,0 +1,615 @@ -+#!/usr/bin/env vpython -+# Copyright 2017 The Chromium Authors. All rights reserved. -+# Use of this source code is governed by a BSD-style license that can be -+# found in the LICENSE file. -+ -+"""Tool to move Blink source from third_party/WebKit to third_party/blink. -+ -+See https://docs.google.com/document/d/1l3aPv1Wx__SpRkdOhvJz8ciEGigNT3wFKv78XiuW0Tw/edit?usp=sharing#heading=h.o225wrxp242h -+for the details. -+""" -+ -+import argparse -+import logging -+import os -+import re -+import sys -+from functools import partial -+ -+# Without abspath(), PathFinder can't find chromium_base correctly. -+sys.path.append(os.path.abspath( -+ os.path.join(os.path.dirname(__file__), '..', '..', '..', -+ 'third_party', 'WebKit', 'Tools', 'Scripts'))) -+from blinkpy.common.name_style_converter import NameStyleConverter -+from plan_blink_move import plan_blink_move -+from plan_blink_move import relative_dest -+from webkitpy.common.checkout.git import Git -+from webkitpy.common.path_finder import get_chromium_src_dir -+from webkitpy.common.path_finder import get_scripts_dir -+from webkitpy.common.system.executive import Executive -+from webkitpy.common.system.executive import ScriptError -+from webkitpy.common.system.filesystem import FileSystem -+ -+_log = logging.getLogger('move_blink_source') -+ -+ -+class FileType(object): -+ NONE = 0 -+ BUILD = 1 -+ BLINK_BUILD = 2 -+ OWNERS = 3 -+ DEPS = 4 -+ MOJOM = 5 -+ TYPEMAP = 6 -+ BLINK_BUILD_PY = 7 -+ LAYOUT_TESTS_WITH_MOJOM = 8 -+ -+ @staticmethod -+ def detect(path): -+ slash_dir, basename = os.path.split(path) -+ slash_dir = slash_dir.replace(os.path.sep, '/') -+ if basename == 'DEPS': -+ return FileType.DEPS -+ if basename == 'OWNERS': -+ return FileType.OWNERS -+ if basename.endswith('.mojom'): -+ return FileType.MOJOM -+ if basename.endswith('.typemap'): -+ return FileType.TYPEMAP -+ if basename.endswith('.py') and 'third_party/WebKit/Source/build' in slash_dir: -+ return FileType.BLINK_BUILD_PY -+ if basename.endswith(('.gn', '.gni')): -+ if 'third_party/WebKit' in path or 'third_party/blink' in slash_dir: -+ return FileType.BLINK_BUILD -+ if 'third_party' in slash_dir: -+ return FileType.NONE -+ return FileType.BUILD -+ if basename.endswith('.html') and re.search( -+ r'third_party/WebKit/LayoutTests/(geolocation-api|installedapp|' + -+ r'media/mediasession|payments|presentation|webshare)', slash_dir): -+ return FileType.LAYOUT_TESTS_WITH_MOJOM -+ return FileType.NONE -+ -+ -+class MoveBlinkSource(object): -+ -+ def __init__(self, fs, options, repo_root): -+ self._fs = fs -+ self._options = options -+ _log.debug(options) -+ self._repo_root = repo_root -+ -+ # The following fields are initialized in _create_basename_maps. -+ self._basename_map = None -+ self._basename_re = None -+ self._idl_generated_impl_headers = None -+ # _checked_in_header_re is used to distinguish checked-in header files -+ # and generated header files. -+ self._checked_in_header_re = None -+ -+ self._updated_files = [] -+ -+ def update(self, apply_only=None): -+ """Updates contents of files affected by Blink source move. -+ -+ Args: -+ apply_only: If it's None, updates all affected files. Otherwise, -+ it should be a set of file paths and this function updates -+ only the files in |apply_only|. -+ """ -+ _log.info('Planning renaming ...') -+ file_pairs = plan_blink_move(self._fs, []) -+ _log.info('Will move %d files', len(file_pairs)) -+ -+ self._create_basename_maps(file_pairs) -+ dirs = self._update_file_content(apply_only) -+ -+ # Updates #includes in files in directories with updated DEPS + -+ # third_party/WebKit/{Source,common,public}. -+ self._append_unless_upper_dir_exists(dirs, self._fs.join(self._repo_root, 'third_party', 'WebKit', 'Source')) -+ self._append_unless_upper_dir_exists(dirs, self._fs.join(self._repo_root, 'third_party', 'WebKit', 'common')) -+ self._append_unless_upper_dir_exists(dirs, self._fs.join(self._repo_root, 'third_party', 'WebKit', 'public')) -+ self._append_unless_upper_dir_exists(dirs, self._fs.join(self._repo_root, 'mojo', 'public', 'tools', -+ 'bindings', 'generators', 'cpp_templates')) -+ self._update_cpp_includes_in_directories(dirs, apply_only) -+ -+ # Content update for individual files. -+ # The following is a list of tuples. -+ # Tuple: (, [replacement commands]) -+ # Command: a callable object, or -+ # a tuple of (, ). -+ file_replacement_list = [ -+ ('DEPS', -+ [('src/third_party/WebKit/Source/devtools', -+ 'src/third_party/blink/renderer/devtools')]), -+ ('WATCHLISTS', -+ [('third_party/WebKit/Source', 'third_party/blink/renderer'), -+ ('third_party/WebKit/public', 'third_party/blink/renderer/public')]), -+ ('build/check_gn_headers_whitelist.txt', -+ [('third_party/WebKit/Source', 'third_party/blink/renderer'), -+ ('third_party/WebKit/public', 'third_party/blink/renderer/public'), -+ self._update_basename]), -+ ('testing/buildbot/gn_isolate_map.pyl', -+ [('third_party/WebKit/Source', 'third_party/blink/renderer')]), -+ ('third_party/WebKit/Source/BUILD.gn', -+ [('$root_gen_dir/third_party/WebKit', -+ '$root_gen_dir/third_party/blink/renderer')]), -+ ('third_party/WebKit/Source/config.gni', -+ [('snake_case_source_files = false', -+ 'snake_case_source_files = true')]), -+ ('third_party/WebKit/Source/core/css/CSSProperties.json5', -+ [self._update_basename]), -+ ('third_party/WebKit/Source/core/css/ComputedStyleExtraFields.json5', -+ [self._update_basename]), -+ ('third_party/WebKit/Source/core/css/ComputedStyleFieldAliases.json5', -+ [self._update_basename]), -+ ('third_party/WebKit/Source/core/html/parser/create-html-entity-table', -+ [self._update_basename]), -+ ('third_party/WebKit/Source/core/inspector/inspector_protocol_config.json', -+ [self._update_basename]), -+ ('third_party/WebKit/Source/core/probe/CoreProbes.json5', -+ [self._update_basename]), -+ ('third_party/WebKit/Source/core/testing/InternalSettings.h', -+ [('InternalSettingsGenerated.h', 'internal_settings_generated.h')]), -+ ('third_party/WebKit/Source/core/testing/Internals.cpp', -+ [('InternalRuntimeFlags.h', 'internal_runtime_flags.h')]), -+ ('third_party/WebKit/Source/platform/probe/PlatformProbes.json5', -+ [self._update_basename]), -+ ('third_party/WebKit/public/BUILD.gn', -+ [('$root_gen_dir/third_party/WebKit', -+ '$root_gen_dir/third_party/blink/renderer')]), -+ ('third_party/WebKit/public/blink_resources.grd', -+ [('../Source/', '../')]), -+ ('tools/android/eclipse/.classpath', -+ [('third_party/WebKit/public', 'third_party/blink/renderer/public')]), -+ ('tools/android/loading/cloud/backend/deploy.sh', -+ [('third_party/WebKit/Source', 'third_party/blink/renderer')]), -+ ('tools/android/loading/emulation_unittest.py', -+ [('third_party/WebKit/Source', 'third_party/blink/renderer')]), -+ ('tools/android/loading/options.py', -+ [('third_party/WebKit/Source', 'third_party/blink/renderer')]), -+ ('tools/android/loading/request_track.py', -+ [('third_party/WebKit/Source', 'third_party/blink/renderer')]), -+ ('tools/gritsettings/resource_ids', -+ [('third_party/WebKit/public', 'third_party/blink/renderer/public'), -+ ('third_party/WebKit/Source', 'third_party/blink/renderer')]), -+ ('tools/metrics/actions/extract_actions.py', -+ [('third_party/WebKit/Source', 'third_party/blink/renderer')]), -+ ('tools/metrics/histograms/update_editor_commands.py', -+ [('third_party/WebKit/Source/core/editing/EditorCommand.cpp', -+ 'third_party/blink/renderer/core/editing/editor_command.cc')]), -+ ('tools/metrics/histograms/update_use_counter_css.py', -+ [('third_party/WebKit/Source/core/frame/UseCounter.cpp', -+ 'third_party/blink/renderer/core/frame/use_counter.cc')]), -+ ('tools/metrics/histograms/update_use_counter_feature_enum.py', -+ [('third_party/WebKit/public', 'third_party/blink/renderer/public')]), -+ ] -+ for file_path, replacement_list in file_replacement_list: -+ if not apply_only or file_path in apply_only: -+ self._update_single_file_content(file_path, replacement_list, should_write=self._options.run) -+ -+ if self._options.run: -+ _log.info('Formatting updated %d files ...', len(self._updated_files)) -+ git = Git(cwd=self._repo_root) -+ # |git cl format| can't handle too many files at once. -+ while len(self._updated_files) > 0: -+ end_index = 100 -+ if end_index > len(self._updated_files): -+ end_index = len(self._updated_files) -+ git.run(['cl', 'format'] + self._updated_files[:end_index]) -+ self._updated_files = self._updated_files[end_index:] -+ -+ if not apply_only: -+ _log.info('Make a local commit ...') -+ git.commit_locally_with_message("""The Great Blink mv for source files, part 1. -+ -+Update file contents without moving files. -+ -+NOAUTOREVERT=true -+Bug: 768828 -+""") -+ -+ def move(self, apply_only=None): -+ """Move Blink source files. -+ -+ Args: -+ apply_only: If it's None, move all affected files. Otherwise, -+ it should be a set of file paths and this function moves -+ only the files in |apply_only|. -+ """ -+ _log.info('Planning renaming ...') -+ file_pairs = plan_blink_move(self._fs, []) -+ -+ if apply_only: -+ file_pairs = [(src, dest) for (src, dest) in file_pairs -+ if 'third_party/WebKit/' + src.replace('\\', '/') in apply_only] -+ print 'Update file_pairs = ', file_pairs -+ _log.info('Will move %d files', len(file_pairs)) -+ -+ git = Git(cwd=self._repo_root) -+ files_set = self._get_checked_in_files(git) -+ for i, (src, dest) in enumerate(file_pairs): -+ src_from_repo = self._fs.join('third_party', 'WebKit', src) -+ if src_from_repo.replace('\\', '/') not in files_set: -+ _log.info('%s is not in the repository', src) -+ continue -+ dest_from_repo = self._fs.join('third_party', 'blink', dest) -+ self._fs.maybe_make_directory(self._repo_root, 'third_party', 'blink', self._fs.dirname(dest)) -+ if self._options.run_git: -+ git.move(src_from_repo, dest_from_repo) -+ _log.info('[%d/%d] Git moved %s', i + 1, len(file_pairs), src) -+ else: -+ self._fs.move(self._fs.join(self._repo_root, src_from_repo), -+ self._fs.join(self._repo_root, dest_from_repo)) -+ _log.info('[%d/%d] Moved %s', i + 1, len(file_pairs), src) -+ if apply_only: -+ return -+ -+ self._update_single_file_content( -+ 'build/get_landmines.py', -+ [('\ndef main', ' print \'The Great Blink mv for source files (crbug.com/768828)\'\n\ndef main')]) -+ -+ _log.info('Run run-bindings-tests ...') -+ Executive().run_command(['python', -+ self._fs.join(get_scripts_dir(), 'run-bindings-tests'), -+ '--reset-results'], -+ cwd=self._repo_root) -+ -+ if self._options.run_git: -+ _log.info('Make a local commit ...') -+ git.commit_locally_with_message("""The Great Blink mv for source files, part 2. -+ -+Move and rename files. -+ -+NOAUTOREVERT=true -+Bug: 768828 -+""") -+ -+ def fix_branch(self): -+ git = Git(cwd=self._repo_root) -+ status = self._get_local_change_status(git) -+ if len(status) == 0: -+ _log.info('No local changes.') -+ return -+ modified_files = {f for (s, f) in status if s != 'D'} -+ deleted_files = {f for (s, f) in status if s == 'D'} -+ -+ self.update(apply_only=modified_files) -+ self.move(apply_only=modified_files) -+ try: -+ git.commit_locally_with_message('This commit should be squashed.') -+ except ScriptError: -+ _log.info('move_blink_source.py modified nothing.') -+ -+ # TODO(tkent): Show a message about deleted_files. -+ -+ def _get_local_change_status(self, git): -+ """Returns a list of tuples representing local change summary. -+ -+ Each tuple contains two strings. The first one is file change status -+ such as "M", "D". See --diff-filter section of git-diff manual page. -+ The second one is file name relative to the repository top. -+ """ -+ -+ base_commit = git.run(['show-branch', '--merge-base', 'master', 'HEAD']).strip() -+ # Note that file names in the following command result are always -+ # slash-separated, even on Windows. -+ status_lines = git.run(['diff', '--name-status', '--no-renames', base_commit]).split('\n') -+ status_tuple_list = [] -+ for l in status_lines: -+ items = l.split('\t') -+ if len(items) == 2: -+ status_tuple_list.append(tuple(items)) -+ elif len(l) > 0: -+ _log.warning('Unrecognized diff output: "%s"', l) -+ return status_tuple_list -+ -+ def _get_checked_in_files(self, git): -+ files_text = git.run(['ls-files', -+ 'third_party/WebKit/Source', -+ 'third_party/WebKit/common', -+ 'third_party/WebKit/public']) -+ return set(files_text.split('\n')) -+ -+ def _create_basename_maps(self, file_pairs): -+ basename_map = {} -+ # Generated inspector/protocol/* contains a lot of names duplicated with -+ # checked-in core files. We don't want to rename them, and don't want to -+ # replace them in BUILD.gn and #include accidentally. -+ pattern = r'(? => ' -+ for pair in file_pairs: -+ print '%s\t=>\t%s' % pair -+ -+ -+if __name__ == '__main__': -+ main() diff --git a/chromium.changes b/chromium.changes index 2e6e81e..361d989 100644 --- a/chromium.changes +++ b/chromium.changes @@ -1,8 +1,9 @@ ------------------------------------------------------------------- Fri Apr 27 08:22:18 UTC 2018 - tchvatal@suse.com -- Version update to chromium-66.0.3359.139: - * Various small fixes around +- chromium 66.0.3359.139: + * CVE-2018-6118: Use after free in Media Cache (bsc#1091288) + * drop add-missing-blink-tools.patch, now in tarball again ------------------------------------------------------------------- Wed Apr 18 09:14:21 UTC 2018 - tchvatal@suse.com diff --git a/chromium.spec b/chromium.spec index d76f945..74aecfe 100644 --- a/chromium.spec +++ b/chromium.spec @@ -65,7 +65,6 @@ Patch7: chromium-ffmpeg.patch Patch8: chromium-drm.patch Patch9: chromium-gcc7.patch Patch10: chromium-sandbox-pie.patch -Patch11: add-missing-blink-tools.patch # Google seem not too keen on merging this but GPU accel is quite important # https://chromium-review.googlesource.com/c/chromium/src/+/532294 Patch100: chromium-vaapi.patch From e211b5f933804914a05a561c8145afb9aa59c485dc554dbc5a8998a8c8c7ffd6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Wed, 9 May 2018 08:24:10 +0000 Subject: [PATCH 17/52] Accepting request 605672 from home:Guillaume_G:branches:openSUSE:Factory:ARM - Enable build on AArch64 - Fix build on AArch64: * set target_cpu to arm64 * disable tcmalloc and swiftshader for aarch64 * Add new patches: - chromium-65.0.3325.162-skia-aarch64-buildfix.patch - chromium-skia-neon.patch OBS-URL: https://build.opensuse.org/request/show/605672 OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1122 --- ...-65.0.3325.162-skia-aarch64-buildfix.patch | 21 ++++++++++ chromium-skia-neon.patch | 38 +++++++++++++++++++ chromium.changes | 11 ++++++ chromium.spec | 32 +++++++++++++++- 4 files changed, 101 insertions(+), 1 deletion(-) create mode 100644 chromium-65.0.3325.162-skia-aarch64-buildfix.patch create mode 100644 chromium-skia-neon.patch diff --git a/chromium-65.0.3325.162-skia-aarch64-buildfix.patch b/chromium-65.0.3325.162-skia-aarch64-buildfix.patch new file mode 100644 index 0000000..5cacf4f --- /dev/null +++ b/chromium-65.0.3325.162-skia-aarch64-buildfix.patch @@ -0,0 +1,21 @@ +diff -up chromium-65.0.3325.162/third_party/skia/src/jumper/SkJumper_stages.cpp.aarch64fix chromium-65.0.3325.162/third_party/skia/src/jumper/SkJumper_stages.cpp +--- chromium-65.0.3325.162/third_party/skia/src/jumper/SkJumper_stages.cpp.aarch64fix 2018-03-15 15:27:35.201345844 -0400 ++++ chromium-65.0.3325.162/third_party/skia/src/jumper/SkJumper_stages.cpp 2018-03-15 15:31:30.471777400 -0400 +@@ -666,7 +666,7 @@ SI F approx_powf(F x, F y) { + } + + SI F from_half(U16 h) { +-#if defined(__aarch64__) && !defined(SK_BUILD_FOR_GOOGLE3) // Temporary workaround for some Google3 builds. ++#if defined(JUMPER_IS_NEON) && defined(__aarch64__) && !defined(SK_BUILD_FOR_GOOGLE3) // Temporary workaround for some Google3 builds. + return vcvt_f32_f16(h); + + #elif defined(JUMPER_IS_HSW) || defined(JUMPER_IS_AVX512) +@@ -686,7 +686,7 @@ SI F from_half(U16 h) { + } + + SI U16 to_half(F f) { +-#if defined(__aarch64__) && !defined(SK_BUILD_FOR_GOOGLE3) // Temporary workaround for some Google3 builds. ++#if defined(JUMPER_IS_NEON) && defined(__aarch64__) && !defined(SK_BUILD_FOR_GOOGLE3) // Temporary workaround for some Google3 builds. + return vcvt_f16_f32(f); + + #elif defined(JUMPER_IS_HSW) || defined(JUMPER_IS_AVX512) diff --git a/chromium-skia-neon.patch b/chromium-skia-neon.patch new file mode 100644 index 0000000..bd56355 --- /dev/null +++ b/chromium-skia-neon.patch @@ -0,0 +1,38 @@ +From b84682f31dc99b9c90f5a04947075815697c68d9 Mon Sep 17 00:00:00 2001 +From: Jose Dapena Paz +Date: Wed, 07 Mar 2018 20:07:48 +0000 +Subject: [PATCH] GCC: do not initialize NEON int32x4_t with braces initializer + +GCC does not support int32x4_t loading using braces wrapping 4 ints. +Instead we should use the NEON intrinsic to load from an array of +ints. + +Bug: 819294 +Change-Id: I13b877405273e4ebcc944d50c155ee29ff31cc99 +Reviewed-on: https://chromium-review.googlesource.com/951773 +Commit-Queue: Mike Klein +Reviewed-by: Mike Klein +Cr-Commit-Position: refs/heads/master@{#541544} +--- + +diff --git a/skia/ext/convolver_neon.cc b/skia/ext/convolver_neon.cc +index 26b91b9..cae6bc2 100644 +--- a/skia/ext/convolver_neon.cc ++++ b/skia/ext/convolver_neon.cc +@@ -23,7 +23,7 @@ + remainder[2] += coeff * pixels_left[i * 4 + 2]; + remainder[3] += coeff * pixels_left[i * 4 + 3]; + } +- return {remainder[0], remainder[1], remainder[2], remainder[3]}; ++ return vld1q_s32(remainder); + } + + // Convolves horizontally along a single row. The row data is given in +@@ -336,4 +336,4 @@ + } + } + +-} // namespace skia +\ No newline at end of file ++} // namespace skia + diff --git a/chromium.changes b/chromium.changes index 361d989..f5ea765 100644 --- a/chromium.changes +++ b/chromium.changes @@ -1,3 +1,14 @@ +------------------------------------------------------------------- +Fri May 4 06:53:49 UTC 2018 - guillaume.gardet@opensuse.org + +- Enable build on AArch64 +- Fix build on AArch64: + * set target_cpu to arm64 + * disable tcmalloc and swiftshader for aarch64 + * Add new patches: + - chromium-65.0.3325.162-skia-aarch64-buildfix.patch + - chromium-skia-neon.patch + ------------------------------------------------------------------- Fri Apr 27 08:22:18 UTC 2018 - tchvatal@suse.com diff --git a/chromium.spec b/chromium.spec index 74aecfe..a580708 100644 --- a/chromium.spec +++ b/chromium.spec @@ -34,6 +34,11 @@ %endif %bcond_with system_vpx %bcond_with clang +%ifarch aarch64 +%bcond_with swiftshader +%else +%bcond_without swiftshader +%endif Name: chromium Version: 66.0.3359.139 Release: 0 @@ -73,6 +78,10 @@ Patch200: chromium-last-commit-position-r0.patch Patch201: fix-gn-bootstrap.patch # PATCH-FIX-SUSE: allow codecs to be set with chromium branding Patch202: chromium-prop-codecs.patch +# PATCH-FIX-UPSTREAM fedora patch to fix skia build on aarch64 +Patch300: chromium-65.0.3325.162-skia-aarch64-buildfix.patch +# PATCH-FIX-UPSTREAM backport commit b84682 to fix skia with GCC on aarch64 - https://chromium.googlesource.com/chromium/src/+/b84682f31dc99b9c90f5a04947075815697c68d9 +Patch301: chromium-skia-neon.patch BuildRequires: SDL-devel BuildRequires: binutils-gold BuildRequires: bison @@ -137,7 +146,10 @@ BuildRequires: pkgconfig(liboil-0.3) >= 0.3.15 BuildRequires: pkgconfig(libpci) BuildRequires: pkgconfig(libpulse) BuildRequires: pkgconfig(libssl) +%ifnarch aarch64 +# Current tcmalloc does not support AArch64 BuildRequires: pkgconfig(libtcmalloc) +%endif BuildRequires: pkgconfig(libudev) BuildRequires: pkgconfig(libwebp) BuildRequires: pkgconfig(libxslt) @@ -187,7 +199,7 @@ Obsoletes: chromium-dev-desktop-kde Obsoletes: chromium-ffmpeg Obsoletes: chromium-ffmpegsumo # no 32bit supported and it takes ages to build -ExcludeArch: %{arm} aarch64 i586 ppc ppc64 ppc64le +ExcludeArch: %{arm} i586 ppc ppc64 ppc64le %if %{with system_harfbuzz} BuildRequires: pkgconfig(harfbuzz) >= 1.7.0 %endif @@ -494,7 +506,9 @@ myconf_gn+=" linux_use_bundled_binutils=false" myconf_gn+=" use_custom_libcxx=false" myconf_gn+=" is_debug=false" myconf_gn+=" enable_nacl=false" +%if %{with swiftshader} myconf_gn+=" use_swiftshader_with_subzero=true" +%endif myconf_gn+=" is_component_ffmpeg=true" myconf_gn+=" use_cups=true" myconf_gn+=" use_aura=true" @@ -506,7 +520,10 @@ myconf_gn+=" use_pulseaudio=true link_pulseaudio=true" myconf_gn+=" is_component_build=false" myconf_gn+=" use_sysroot=false" myconf_gn+=" fatal_linker_warnings=false" +%ifnarch aarch64 +# Current tcmalloc does not support AArch64 myconf_gn+=" use_allocator=\"tcmalloc\"" +%endif myconf_gn+=" fieldtrial_testing_like_official_build=true" myconf_gn+=" use_gold=true" myconf_gn+=" use_lld=false" @@ -543,6 +560,15 @@ myconf_gn+=" arm_optionally_use_neon=false" myconf_gn+=" arm_use_thumb=true" %endif +%ifarch aarch64 +myconf_gn+=" target_cpu=\"arm64\"" +%endif + +%ifarch aarch64 +# We don't need to cross compile while building on an aarch64 system. +sed -i 's|aarch64-linux-gnu-||g' build/toolchain/linux/BUILD.gn +%endif + # Set up Google API keys, see http://www.chromium.org/developers/how-tos/api-keys # Note: these are for the openSUSE Chromium builds ONLY. For your own distribution, # please get your own set of keys. @@ -586,8 +612,10 @@ cp -a *.bin *.pak locales xdg-mime %{buildroot}%{_libdir}/chromium/ cp -a icudtl.dat %{buildroot}%{_libdir}/chromium/ %endif +%if %{with swiftshader} mkdir -p %{buildroot}%{_libdir}/chromium/swiftshader cp -a swiftshader/*.so %{buildroot}%{_libdir}/chromium/swiftshader/ +%endif # chromedriver cp -a chromedriver %{buildroot}%{_libdir}/chromium/ @@ -652,8 +680,10 @@ chmod 755 %{buildroot}%{_libdir}/chromium/xdg-mime %dir %{_datadir}/gnome-control-center %dir %{_datadir}/gnome-control-center/default-apps %{_libdir}/chromium/ +%if %{with swiftshader} %dir %{_libdir}/chromium/swiftshader/ %{_libdir}/chromium/swiftshader/*.so +%endif %{_datadir}/applications/*.desktop %dir %{_datadir}/appdata/ %{_datadir}/appdata/chromium-browser.appdata.xml From 47b8d241e9a3a69bb529a3e6456395aa8c2bf2fd65a41e33da4d8f1ee2827440 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Wed, 9 May 2018 08:39:35 +0000 Subject: [PATCH 18/52] - Add patch chromium-skia-system-fontconfig.patch to fix bsc#1092272 OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1123 --- chromium-skia-system-fontconfig.patch | 77 +++++++++++++++++++++++++++ chromium.changes | 6 +++ chromium.spec | 3 ++ 3 files changed, 86 insertions(+) create mode 100644 chromium-skia-system-fontconfig.patch diff --git a/chromium-skia-system-fontconfig.patch b/chromium-skia-system-fontconfig.patch new file mode 100644 index 0000000..e6f85b3 --- /dev/null +++ b/chromium-skia-system-fontconfig.patch @@ -0,0 +1,77 @@ +--- a/third_party/skia/src/ports/SkFontHost_FreeType.cpp 2017-10-10 17:42:06.956950985 +0200 ++++ b/third_party/skia/src/ports/SkFontHost_FreeType.cpp 2017-10-10 17:46:05.824187787 +0200 +@@ -99,8 +99,6 @@ + FreeTypeLibrary() + : fGetVarDesignCoordinates(nullptr) + , fLibrary(nullptr) +- , fIsLCDSupported(false) +- , fLCDExtra(0) + { + if (FT_New_Library(&gFTMemory, &fLibrary)) { + return; +@@ -147,12 +145,7 @@ + } + #endif + +- // Setup LCD filtering. This reduces color fringes for LCD smoothed glyphs. +- // The default has changed over time, so this doesn't mean the same thing to all users. +- if (FT_Library_SetLcdFilter(fLibrary, FT_LCD_FILTER_DEFAULT) == 0) { +- fIsLCDSupported = true; +- fLCDExtra = 2; //Using a filter adds one full pixel to each side. +- } ++ FT_Library_SetLcdFilter(fLibrary, FT_LCD_FILTER_DEFAULT); + } + ~FreeTypeLibrary() { + if (fLibrary) { +@@ -161,8 +153,6 @@ + } + + FT_Library library() { return fLibrary; } +- bool isLCDSupported() { return fIsLCDSupported; } +- int lcdExtra() { return fLCDExtra; } + + // FT_Get_{MM,Var}_{Blend,Design}_Coordinates were added in FreeType 2.7.1. + // Prior to this there was no way to get the coordinates out of the FT_Face. +@@ -173,8 +163,6 @@ + + private: + FT_Library fLibrary; +- bool fIsLCDSupported; +- int fLCDExtra; + + // FT_Library_SetLcdFilterWeights was introduced in FreeType 2.4.0. + // The following platforms provide FreeType of at least 2.4.0. +@@ -704,17 +692,6 @@ + rec->fTextSize = SkIntToScalar(1 << 14); + } + +- if (isLCD(*rec)) { +- // TODO: re-work so that FreeType is set-up and selected by the SkFontMgr. +- SkAutoMutexAcquire ama(gFTMutex); +- ref_ft_library(); +- if (!gFTLibrary->isLCDSupported()) { +- // If the runtime Freetype library doesn't support LCD, disable it here. +- rec->fMaskFormat = SkMask::kA8_Format; +- } +- unref_ft_library(); +- } +- + SkPaint::Hinting h = rec->getHinting(); + if (SkPaint::kFull_Hinting == h && !isLCD(*rec)) { + // collapse full->normal hinting if we're not doing LCD +@@ -1115,11 +1092,11 @@ + void SkScalerContext_FreeType::updateGlyphIfLCD(SkGlyph* glyph) { + if (isLCD(fRec)) { + if (fLCDIsVert) { +- glyph->fHeight += gFTLibrary->lcdExtra(); +- glyph->fTop -= gFTLibrary->lcdExtra() >> 1; ++ glyph->fHeight += 2; ++ glyph->fTop -= 1; + } else { +- glyph->fWidth += gFTLibrary->lcdExtra(); +- glyph->fLeft -= gFTLibrary->lcdExtra() >> 1; ++ glyph->fWidth += 2; ++ glyph->fLeft -= 1; + } + } + } diff --git a/chromium.changes b/chromium.changes index f5ea765..c80b465 100644 --- a/chromium.changes +++ b/chromium.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Wed May 9 08:36:30 UTC 2018 - tchvatal@suse.com + +- Add patch chromium-skia-system-fontconfig.patch to fix + bsc#1092272 + ------------------------------------------------------------------- Fri May 4 06:53:49 UTC 2018 - guillaume.gardet@opensuse.org diff --git a/chromium.spec b/chromium.spec index a580708..1ec05db 100644 --- a/chromium.spec +++ b/chromium.spec @@ -73,6 +73,9 @@ Patch10: chromium-sandbox-pie.patch # Google seem not too keen on merging this but GPU accel is quite important # https://chromium-review.googlesource.com/c/chromium/src/+/532294 Patch100: chromium-vaapi.patch +# Google does not care much about system libs here +# https://bugs.chromium.org/p/skia/issues/detail?id=6663 +Patch101: chromium-skia-system-fontconfig.patch # GN buildsystem related patches Patch200: chromium-last-commit-position-r0.patch Patch201: fix-gn-bootstrap.patch From bdc19e992a6913a497d0b7f6674378e4ff500ba857247b80c93b5316382603a1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Fri, 11 May 2018 12:31:02 +0000 Subject: [PATCH 19/52] Accepting request 606435 from home:AndreasStieger:branches:network:chromium Chromium 66.0.3359.170 (bsc#1092923) OBS-URL: https://build.opensuse.org/request/show/606435 OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1125 --- chromium-66.0.3359.139.tar.xz | 3 --- chromium-66.0.3359.170.tar.xz | 3 +++ chromium.changes | 11 +++++++++++ chromium.spec | 2 +- 4 files changed, 15 insertions(+), 4 deletions(-) delete mode 100644 chromium-66.0.3359.139.tar.xz create mode 100644 chromium-66.0.3359.170.tar.xz diff --git a/chromium-66.0.3359.139.tar.xz b/chromium-66.0.3359.139.tar.xz deleted file mode 100644 index 5391c6e..0000000 --- a/chromium-66.0.3359.139.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:be75a5b5f8c5789d359238f374a43bf52ded49425f13ed68b8021c24e2e264b2 -size 583978636 diff --git a/chromium-66.0.3359.170.tar.xz b/chromium-66.0.3359.170.tar.xz new file mode 100644 index 0000000..aaf5826 --- /dev/null +++ b/chromium-66.0.3359.170.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:864da6649d19387698e3a89321042193708b2d9f56b3a778fb552166374871de +size 583956312 diff --git a/chromium.changes b/chromium.changes index c80b465..4a75154 100644 --- a/chromium.changes +++ b/chromium.changes @@ -1,3 +1,14 @@ +------------------------------------------------------------------- +Fri May 11 12:10:44 UTC 2018 - astieger@suse.com + +- Chromium 66.0.3359.170 (bsc#1092923): + * Chain leading to sandbox escape: + CVE-2018-6121: Privilege Escalation in extensions + CVE-2018-6122: Type confusion in V8 + * CVE-2018-6120: Heap buffer overflow in PDFium + * Various fixes from internal audits, fuzzing and other + initiatives + ------------------------------------------------------------------- Wed May 9 08:36:30 UTC 2018 - tchvatal@suse.com diff --git a/chromium.spec b/chromium.spec index 1ec05db..d278e48 100644 --- a/chromium.spec +++ b/chromium.spec @@ -40,7 +40,7 @@ %bcond_without swiftshader %endif Name: chromium -Version: 66.0.3359.139 +Version: 66.0.3359.170 Release: 0 Summary: Google's open source browser project License: BSD-3-Clause AND LGPL-2.1-or-later From 307d0c5383dbe08e7a8142e85397fb9152606ce78f19c98e8a63b31435c6268f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Wed, 16 May 2018 07:48:41 +0000 Subject: [PATCH 20/52] Accepting request 609001 from home:AndreasStieger:branches:network:chromium Chromium 66.0.3359.181 OBS-URL: https://build.opensuse.org/request/show/609001 OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1127 --- chromium-66.0.3359.170.tar.xz | 3 --- chromium-66.0.3359.181.tar.xz | 3 +++ chromium.changes | 6 ++++++ chromium.spec | 2 +- 4 files changed, 10 insertions(+), 4 deletions(-) delete mode 100644 chromium-66.0.3359.170.tar.xz create mode 100644 chromium-66.0.3359.181.tar.xz diff --git a/chromium-66.0.3359.170.tar.xz b/chromium-66.0.3359.170.tar.xz deleted file mode 100644 index aaf5826..0000000 --- a/chromium-66.0.3359.170.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:864da6649d19387698e3a89321042193708b2d9f56b3a778fb552166374871de -size 583956312 diff --git a/chromium-66.0.3359.181.tar.xz b/chromium-66.0.3359.181.tar.xz new file mode 100644 index 0000000..63ae538 --- /dev/null +++ b/chromium-66.0.3359.181.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:37e6673741b365a25a837217b08f77b24b4f5fc4ad88c8581be6a5dae9a9e919 +size 583985908 diff --git a/chromium.changes b/chromium.changes index 4a75154..89368e1 100644 --- a/chromium.changes +++ b/chromium.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Wed May 16 07:05:32 UTC 2018 - astieger@suse.com + +- Chromium 66.0.3359.181: + * Autoplay: Force enable on desktop for Web Audio + ------------------------------------------------------------------- Fri May 11 12:10:44 UTC 2018 - astieger@suse.com diff --git a/chromium.spec b/chromium.spec index d278e48..b457b5c 100644 --- a/chromium.spec +++ b/chromium.spec @@ -40,7 +40,7 @@ %bcond_without swiftshader %endif Name: chromium -Version: 66.0.3359.170 +Version: 66.0.3359.181 Release: 0 Summary: Google's open source browser project License: BSD-3-Clause AND LGPL-2.1-or-later From 759e478a6701b545160a70194a1dfc269b1f63c9488173da427217187fb997f5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Sat, 26 May 2018 11:09:04 +0000 Subject: [PATCH 21/52] Accepting request 612364 from home:AndreasStieger:branches:network:chromium Fix installation issue on SUSE PackageHub 12 with libminizip1 (bsc#1093031) OBS-URL: https://build.opensuse.org/request/show/612364 OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1129 --- chromium.changes | 6 ++++++ chromium.spec | 5 +++-- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/chromium.changes b/chromium.changes index 89368e1..5252e3b 100644 --- a/chromium.changes +++ b/chromium.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Sat May 26 07:08:04 UTC 2018 - astieger@suse.com + +- Fix installation issue on SUSE PackageHub 12 with libminizip1 + (bsc#1093031) + ------------------------------------------------------------------- Wed May 16 07:05:32 UTC 2018 - astieger@suse.com diff --git a/chromium.spec b/chromium.spec index b457b5c..7b24f7d 100644 --- a/chromium.spec +++ b/chromium.spec @@ -181,7 +181,6 @@ BuildRequires: pkgconfig(xrender) BuildRequires: pkgconfig(xscrnsaver) BuildRequires: pkgconfig(xt) BuildRequires: pkgconfig(xtst) -BuildRequires: pkgconfig(zlib) Requires: hicolor-icon-theme Requires: xdg-utils Requires(pre): permissions @@ -220,6 +219,7 @@ BuildRequires: python-html5lib BuildRequires: python-simplejson BuildRequires: python-xml BuildRequires: yasm-devel +BuildRequires: pkgconfig(zlib) %endif %if %{with system_icu} BuildRequires: pkgconfig(icu-i18n) >= 59.0 @@ -411,6 +411,7 @@ keeplibs+=( third_party/catapult/third_party/beautifulsoup4 third_party/catapult/third_party/html5lib-python third_party/catapult/third_party/six + third_party/zlib ) %endif %if !%{with system_harfbuzz} @@ -479,7 +480,6 @@ gn_system_libraries=( opus re2 snappy - zlib ) %if %{with system_harfbuzz} gn_system_libraries+=( @@ -489,6 +489,7 @@ gn_system_libraries+=( %endif %if !%{with sle_bundles} gn_system_libraries+=( yasm ) +gn_system_libraries+=( zlib ) %endif %if %{with system_icu} gn_system_libraries+=( icu ) From 5461c84d2d16bf02b9b1db7a66c9ffdc5ad837b0e72e4e577e7972a8225d6f92 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Sun, 27 May 2018 05:20:49 +0000 Subject: [PATCH 22/52] Accepting request 612433 from home:AndreasStieger:branches:network:chromium - on SLE 12 with SUSE PackageHub 12, do not require the SDK for libwebpmux1 (bsc#1070421) OBS-URL: https://build.opensuse.org/request/show/612433 OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1130 --- chromium.changes | 6 ++++++ chromium.spec | 8 +++++--- 2 files changed, 11 insertions(+), 3 deletions(-) diff --git a/chromium.changes b/chromium.changes index 5252e3b..0a621dd 100644 --- a/chromium.changes +++ b/chromium.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Sat May 26 23:01:20 UTC 2018 - astieger@suse.com + +- on SLE 12 with SUSE PackageHub 12, do not require the SDK for + libwebpmux1 (bsc#1070421) + ------------------------------------------------------------------- Sat May 26 07:08:04 UTC 2018 - astieger@suse.com diff --git a/chromium.spec b/chromium.spec index 7b24f7d..b6ad709 100644 --- a/chromium.spec +++ b/chromium.spec @@ -154,7 +154,6 @@ BuildRequires: pkgconfig(libssl) BuildRequires: pkgconfig(libtcmalloc) %endif BuildRequires: pkgconfig(libudev) -BuildRequires: pkgconfig(libwebp) BuildRequires: pkgconfig(libxslt) BuildRequires: pkgconfig(minizip) BuildRequires: pkgconfig(nspr) >= 4.9.5 @@ -219,6 +218,7 @@ BuildRequires: python-html5lib BuildRequires: python-simplejson BuildRequires: python-xml BuildRequires: yasm-devel +BuildRequires: pkgconfig(libwebp) BuildRequires: pkgconfig(zlib) %endif %if %{with system_icu} @@ -406,6 +406,7 @@ keeplibs=( ) %if %{with sle_bundles} keeplibs+=( + third_party/libwebp third_party/yasm third_party/simplejson third_party/catapult/third_party/beautifulsoup4 @@ -475,7 +476,6 @@ gn_system_libraries=( libdrm libjpeg libpng - libwebp libxslt opus re2 @@ -488,6 +488,7 @@ gn_system_libraries+=( ) %endif %if !%{with sle_bundles} +gn_system_libraries+=( libwebp ) gn_system_libraries+=( yasm ) gn_system_libraries+=( zlib ) %endif @@ -676,8 +677,8 @@ chmod 755 %{buildroot}%{_libdir}/chromium/xdg-mime /sbin/ldconfig %{_libdir}/chromium %files -%verify(not mode) %{_libexecdir}/chrome_sandbox %license LICENSE +%verify(not mode) %{_libexecdir}/chrome_sandbox %doc AUTHORS %config %{_sysconfdir}/chromium %config(noreplace) %{_sysconfdir}/default/chromium @@ -698,6 +699,7 @@ chmod 755 %{buildroot}%{_libdir}/chromium/xdg-mime %{_bindir}/chromium %files -n chromedriver +%license LICENSE %{_libdir}/chromium/chromedriver %changelog From da5aec187f5543db26b9f56e57624210617c0184829b96ff3c476e97f0241e4b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Wed, 30 May 2018 11:15:30 +0000 Subject: [PATCH 23/52] Accepting request 613035 from network:chromium - Up to 67.0.3396.62 - Up to chromium-67.0.3396.56 - Fix SLE12 builds again - Bump to 67.0.3396.48 - Fix AArch64 build with chromium-crashpad-aarch64-fix.patch - Up to 67.0.3393.40 - Extend patch chromium-non-void-return.patch - Fix AArch64 build with chromium-skia-aarch64-buildfix.patch - Add patch chromium-skia-system-fontconfig.patch bsc#1092272 - Up to 67.0.3393.30 - Up to chromium-67.0.3396.18 - Up to 67.0.3393.4 - Refresh patch exclude_ymp.patch - Bump to 67.0.3386.1 - Bump to 67.0.3381.1 - Bump to 67.0.3377.1 - Bump to 67.0.3371.0 - Remove no longer needed chromium-gcc7.patch - Rebase fix_building_widevinecdm_with_chromium.patch to allow widevine builds - Bump to 66.0.3359.33 - Version bump to 66.0.3359.26 OBS-URL: https://build.opensuse.org/request/show/613035 OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1132 --- chromium-66.0.3359.181.tar.xz | 3 - chromium-67.0.3396.62.tar.xz | 3 + chromium-crashpad-aarch64-fix.patch | 11 + chromium-gcc7.patch | 177 -- chromium-non-void-return.patch | 20 +- ...ch => chromium-skia-aarch64-buildfix.patch | 9 +- chromium-skia-neon.patch | 38 - chromium-vaapi.patch | 172 +- chromium.changes | 1497 ++++++++++------- chromium.spec | 53 +- exclude_ymp.patch | 4 +- fix_building_widevinecdm_with_chromium.patch | 25 +- 12 files changed, 1014 insertions(+), 998 deletions(-) delete mode 100644 chromium-66.0.3359.181.tar.xz create mode 100644 chromium-67.0.3396.62.tar.xz create mode 100644 chromium-crashpad-aarch64-fix.patch delete mode 100644 chromium-gcc7.patch rename chromium-65.0.3325.162-skia-aarch64-buildfix.patch => chromium-skia-aarch64-buildfix.patch (60%) delete mode 100644 chromium-skia-neon.patch diff --git a/chromium-66.0.3359.181.tar.xz b/chromium-66.0.3359.181.tar.xz deleted file mode 100644 index 63ae538..0000000 --- a/chromium-66.0.3359.181.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:37e6673741b365a25a837217b08f77b24b4f5fc4ad88c8581be6a5dae9a9e919 -size 583985908 diff --git a/chromium-67.0.3396.62.tar.xz b/chromium-67.0.3396.62.tar.xz new file mode 100644 index 0000000..6eeb98e --- /dev/null +++ b/chromium-67.0.3396.62.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:d5ee63932ff1c8c4a5f69c834f6577e7127b416681eddd23bc54886caffd770d +size 591452000 diff --git a/chromium-crashpad-aarch64-fix.patch b/chromium-crashpad-aarch64-fix.patch new file mode 100644 index 0000000..0746b6a --- /dev/null +++ b/chromium-crashpad-aarch64-fix.patch @@ -0,0 +1,11 @@ +--- chromium-67.0.3396.40.orig/third_party/crashpad/crashpad/util/misc/capture_context_linux.S 2018-05-14 10:28:12.305409792 +0200 ++++ chromium-67.0.3396.40/third_party/crashpad/crashpad/util/misc/capture_context_linux.S 2018-05-14 10:36:54.547875861 +0200 +@@ -288,7 +288,7 @@ CAPTURECONTEXT_SYMBOL2: + #elif defined(__aarch64__) + + // Zero out fault_address, which is unused. +- str x31, [x0, #0xb0] // context->uc_mcontext.fault_address ++ str XZR, [x0, #0xb0] // context->uc_mcontext.fault_address + + // Save general purpose registers in context->uc_mcontext.regs[i]. + // The original x0 can't be recovered. diff --git a/chromium-gcc7.patch b/chromium-gcc7.patch deleted file mode 100644 index 2acf2fd..0000000 --- a/chromium-gcc7.patch +++ /dev/null @@ -1,177 +0,0 @@ ---- chromium-66.0.3355.0.orig/device/fido/device_response_converter.cc 2018-03-09 12:04:44.988233476 +0100 -+++ chromium-66.0.3355.0/device/fido/device_response_converter.cc 2018-03-09 13:08:48.566680438 +0100 -@@ -121,7 +121,7 @@ - response.SetNumCredentials(it->second.GetUnsigned()); - } - -- return response; -+ return std::move(response); - } - - base::Optional ReadCTAPGetInfoResponse( -@@ -241,7 +241,7 @@ - response.SetPinProtocols(std::move(supported_pin_protocols)); - } - -- return response; -+ return std::move(response); - } - - } // namespace device -From 4f2b52281ce1649ea8347489443965ad33262ecc Mon Sep 17 00:00:00 2001 -From: Jose Dapena Paz -Date: Thu, 08 Mar 2018 17:46:02 +0000 -Subject: [PATCH] GCC: PlaybackImageProvider::Settings: explicitely set copy constructor. - -GCC fails to resolve the default copy constructor of the flat_map, so -we add an explicit reference to use default copy constructor. - -Bug: 819294 - -Change-Id: Ie2d69bdbe60742e9253251c965cbf0a936037871 -Reviewed-on: https://chromium-review.googlesource.com/944403 -Reviewed-by: David Reveman -Commit-Queue: José Dapena Paz -Cr-Commit-Position: refs/heads/master@{#541827} ---- - -diff --git a/cc/raster/playback_image_provider.cc b/cc/raster/playback_image_provider.cc -index 557b421..b2ace4d 100644 ---- a/cc/raster/playback_image_provider.cc -+++ b/cc/raster/playback_image_provider.cc -@@ -20,7 +20,7 @@ - PlaybackImageProvider::PlaybackImageProvider( - ImageDecodeCache* cache, - const gfx::ColorSpace& target_color_space, -- base::Optional settings) -+ base::Optional&& settings) - : cache_(cache), - target_color_space_(target_color_space), - settings_(std::move(settings)) { -@@ -70,7 +70,10 @@ - } - - PlaybackImageProvider::Settings::Settings() = default; --PlaybackImageProvider::Settings::Settings(const Settings& other) = default; -+PlaybackImageProvider::Settings::Settings(PlaybackImageProvider::Settings&&) = -+ default; - PlaybackImageProvider::Settings::~Settings() = default; -+PlaybackImageProvider::Settings& PlaybackImageProvider::Settings::operator=( -+ PlaybackImageProvider::Settings&&) = default; - - } // namespace cc -diff --git a/cc/raster/playback_image_provider.h b/cc/raster/playback_image_provider.h -index 67974f3..a33092d 100644 ---- a/cc/raster/playback_image_provider.h -+++ b/cc/raster/playback_image_provider.h -@@ -20,8 +20,10 @@ - public: - struct CC_EXPORT Settings { - Settings(); -- Settings(const Settings& other); -+ Settings(const Settings&) = delete; -+ Settings(Settings&&); - ~Settings(); -+ Settings& operator=(Settings&&); - - // The set of image ids to skip during raster. - PaintImageIdFlatSet images_to_skip; -@@ -34,7 +36,7 @@ - // If no settings are provided, all images are skipped during rasterization. - PlaybackImageProvider(ImageDecodeCache* cache, - const gfx::ColorSpace& target_color_space, -- base::Optional settings); -+ base::Optional&& settings); - ~PlaybackImageProvider() override; - - PlaybackImageProvider(PlaybackImageProvider&& other); -diff --git a/cc/raster/playback_image_provider_unittest.cc b/cc/raster/playback_image_provider_unittest.cc -index 0206999..40036e8 100644 ---- a/cc/raster/playback_image_provider_unittest.cc -+++ b/cc/raster/playback_image_provider_unittest.cc -@@ -85,7 +85,8 @@ - settings.emplace(); - settings->images_to_skip = {skip_image.stable_id()}; - -- PlaybackImageProvider provider(&cache, gfx::ColorSpace(), settings); -+ PlaybackImageProvider provider(&cache, gfx::ColorSpace(), -+ std::move(settings)); - - SkIRect rect = SkIRect::MakeWH(10, 10); - SkMatrix matrix = SkMatrix::I(); -@@ -99,7 +100,8 @@ - - base::Optional settings; - settings.emplace(); -- PlaybackImageProvider provider(&cache, gfx::ColorSpace(), settings); -+ PlaybackImageProvider provider(&cache, gfx::ColorSpace(), -+ std::move(settings)); - - { - SkRect rect = SkRect::MakeWH(10, 10); -@@ -127,7 +129,8 @@ - settings.emplace(); - settings->image_to_current_frame_index = image_to_frame; - -- PlaybackImageProvider provider(&cache, gfx::ColorSpace(), settings); -+ PlaybackImageProvider provider(&cache, gfx::ColorSpace(), -+ std::move(settings)); - - SkIRect rect = SkIRect::MakeWH(10, 10); - SkMatrix matrix = SkMatrix::I(); -@@ -143,7 +146,8 @@ - - base::Optional settings; - settings.emplace(); -- PlaybackImageProvider provider(&cache, gfx::ColorSpace(), settings); -+ PlaybackImageProvider provider(&cache, gfx::ColorSpace(), -+ std::move(settings)); - - { - SkIRect rect = SkIRect::MakeWH(10, 10); -@@ -174,7 +178,8 @@ - MockDecodeCache cache; - base::Optional settings; - settings.emplace(); -- PlaybackImageProvider provider(&cache, gfx::ColorSpace(), settings); -+ PlaybackImageProvider provider(&cache, gfx::ColorSpace(), -+ std::move(settings)); - { - SkIRect rect = SkIRect::MakeWH(10, 10); - SkMatrix matrix = SkMatrix::I(); -diff -urN chromium-66.0.3359.45.orig/chrome/browser/supervised_user/supervised_user_url_filter.cc chromium-66.0.3359.45/chrome/browser/supervised_user/supervised_user_url_filter.cc ---- chromium-66.0.3359.45.orig/chrome/browser/supervised_user/supervised_user_url_filter.cc 2018-03-27 16:26:46.164296894 +0200 -+++ chromium-66.0.3359.45/chrome/browser/supervised_user/supervised_user_url_filter.cc 2018-03-27 16:27:54.889425873 +0200 -@@ -368,7 +368,7 @@ - - // Allow navigations to whitelisted origins (currently families.google.com). - static const base::NoDestructor> kWhitelistedOrigins( -- {GURL(kFamiliesUrl).GetOrigin()}); -+ base::flat_set({GURL(kFamiliesUrl).GetOrigin()})); - if (base::ContainsKey(*kWhitelistedOrigins, effective_url.GetOrigin())) - return ALLOW; - -diff -urN chromium-66.0.3359.45.orig/content/browser/appcache/appcache_request_handler.cc chromium-66.0.3359.45/content/browser/appcache/appcache_request_handler.cc ---- chromium-66.0.3359.45.orig/content/browser/appcache/appcache_request_handler.cc 2018-03-28 14:54:42.714402259 +0200 -+++ chromium-66.0.3359.45/content/browser/appcache/appcache_request_handler.cc 2018-03-28 15:00:14.367868004 +0200 -@@ -639,7 +639,7 @@ - - SubresourceLoaderParams params; - params.loader_factory_info = factory_ptr.PassInterface(); -- return params; -+ return base::Optional(std::move(params)); - } - - void AppCacheRequestHandler::MaybeCreateSubresourceLoader( -diff -urN chromium-66.0.3359.45.orig/content/browser/service_worker/service_worker_controllee_request_handler.cc chromium-66.0.3359.45/content/browser/service_worker/service_worker_controllee_request_handler.cc ---- chromium-66.0.3359.45.orig/content/browser/service_worker/service_worker_controllee_request_handler.cc 2018-03-28 14:54:43.154409514 +0200 -+++ chromium-66.0.3359.45/content/browser/service_worker/service_worker_controllee_request_handler.cc 2018-03-28 15:01:02.384658496 +0200 -@@ -271,7 +271,7 @@ - controller_info->object_info = provider_host_->GetOrCreateServiceWorkerHandle( - provider_host_->controller()); - params.controller_service_worker_info = std::move(controller_info); -- return params; -+ return base::Optional(std::move(params)); - } - - void ServiceWorkerControlleeRequestHandler::PrepareForMainResource( diff --git a/chromium-non-void-return.patch b/chromium-non-void-return.patch index 40820fc..2a78c56 100644 --- a/chromium-non-void-return.patch +++ b/chromium-non-void-return.patch @@ -1,8 +1,8 @@ -Index: chromium-65.0.3325.146/media/gpu/vaapi/vaapi_wrapper.cc +Index: chromium-67.0.3396.30/media/gpu/vaapi/vaapi_wrapper.cc =================================================================== ---- chromium-65.0.3325.146.orig/media/gpu/vaapi/vaapi_wrapper.cc -+++ chromium-65.0.3325.146/media/gpu/vaapi/vaapi_wrapper.cc -@@ -350,6 +350,8 @@ static VAEntrypoint GetVaEntryPoint(Vaap +--- chromium-67.0.3396.30.orig/media/gpu/vaapi/vaapi_wrapper.cc ++++ chromium-67.0.3396.30/media/gpu/vaapi/vaapi_wrapper.cc +@@ -390,6 +390,8 @@ static VAEntrypoint GetVaEntryPoint(Vaap case VaapiWrapper::kCodecModeMax: NOTREACHED(); return VAEntrypointVLD; @@ -11,3 +11,15 @@ Index: chromium-65.0.3325.146/media/gpu/vaapi/vaapi_wrapper.cc } } +Index: chromium-67.0.3396.30/chrome/browser/ui/webui/discards/discards_ui.cc +=================================================================== +--- chromium-67.0.3396.30.orig/chrome/browser/ui/webui/discards/discards_ui.cc ++++ chromium-67.0.3396.30/chrome/browser/ui/webui/discards/discards_ui.cc +@@ -48,6 +48,7 @@ mojom::LifecycleUnitVisibility GetLifecy + NOTREACHED(); + return mojom::LifecycleUnitVisibility::VISIBLE; + #endif ++ return mojom::LifecycleUnitVisibility::VISIBLE; + } + + class DiscardsDetailsProviderImpl : public mojom::DiscardsDetailsProvider { diff --git a/chromium-65.0.3325.162-skia-aarch64-buildfix.patch b/chromium-skia-aarch64-buildfix.patch similarity index 60% rename from chromium-65.0.3325.162-skia-aarch64-buildfix.patch rename to chromium-skia-aarch64-buildfix.patch index 5cacf4f..657d9c9 100644 --- a/chromium-65.0.3325.162-skia-aarch64-buildfix.patch +++ b/chromium-skia-aarch64-buildfix.patch @@ -1,7 +1,6 @@ -diff -up chromium-65.0.3325.162/third_party/skia/src/jumper/SkJumper_stages.cpp.aarch64fix chromium-65.0.3325.162/third_party/skia/src/jumper/SkJumper_stages.cpp ---- chromium-65.0.3325.162/third_party/skia/src/jumper/SkJumper_stages.cpp.aarch64fix 2018-03-15 15:27:35.201345844 -0400 -+++ chromium-65.0.3325.162/third_party/skia/src/jumper/SkJumper_stages.cpp 2018-03-15 15:31:30.471777400 -0400 -@@ -666,7 +666,7 @@ SI F approx_powf(F x, F y) { +--- chromium-67.0.3396.18.orig/third_party/skia/src/opts/SkRasterPipeline_opts.h 2018-05-09 10:34:03.160808970 +0200 ++++ chromium-67.0.3396.18/third_party/skia/src/opts/SkRasterPipeline_opts.h 2018-05-09 10:34:37.172977879 +0200 +@@ -653,7 +653,7 @@ SI F approx_powf(F x, F y) { } SI F from_half(U16 h) { @@ -10,7 +9,7 @@ diff -up chromium-65.0.3325.162/third_party/skia/src/jumper/SkJumper_stages.cpp. return vcvt_f32_f16(h); #elif defined(JUMPER_IS_HSW) || defined(JUMPER_IS_AVX512) -@@ -686,7 +686,7 @@ SI F from_half(U16 h) { +@@ -673,7 +673,7 @@ SI F from_half(U16 h) { } SI U16 to_half(F f) { diff --git a/chromium-skia-neon.patch b/chromium-skia-neon.patch deleted file mode 100644 index bd56355..0000000 --- a/chromium-skia-neon.patch +++ /dev/null @@ -1,38 +0,0 @@ -From b84682f31dc99b9c90f5a04947075815697c68d9 Mon Sep 17 00:00:00 2001 -From: Jose Dapena Paz -Date: Wed, 07 Mar 2018 20:07:48 +0000 -Subject: [PATCH] GCC: do not initialize NEON int32x4_t with braces initializer - -GCC does not support int32x4_t loading using braces wrapping 4 ints. -Instead we should use the NEON intrinsic to load from an array of -ints. - -Bug: 819294 -Change-Id: I13b877405273e4ebcc944d50c155ee29ff31cc99 -Reviewed-on: https://chromium-review.googlesource.com/951773 -Commit-Queue: Mike Klein -Reviewed-by: Mike Klein -Cr-Commit-Position: refs/heads/master@{#541544} ---- - -diff --git a/skia/ext/convolver_neon.cc b/skia/ext/convolver_neon.cc -index 26b91b9..cae6bc2 100644 ---- a/skia/ext/convolver_neon.cc -+++ b/skia/ext/convolver_neon.cc -@@ -23,7 +23,7 @@ - remainder[2] += coeff * pixels_left[i * 4 + 2]; - remainder[3] += coeff * pixels_left[i * 4 + 3]; - } -- return {remainder[0], remainder[1], remainder[2], remainder[3]}; -+ return vld1q_s32(remainder); - } - - // Convolves horizontally along a single row. The row data is given in -@@ -336,4 +336,4 @@ - } - } - --} // namespace skia -\ No newline at end of file -+} // namespace skia - diff --git a/chromium-vaapi.patch b/chromium-vaapi.patch index 0b129bd..7fa9c94 100644 --- a/chromium-vaapi.patch +++ b/chromium-vaapi.patch @@ -34,11 +34,11 @@ Change-Id: Ifbbf5c9e5221a8b5733fc6d4d0cf984a1f103171 Signed-off-by: Daniel Charles --- -Index: chromium-66.0.3359.81/chrome/browser/about_flags.cc +Index: chromium-67.0.3396.18/chrome/browser/about_flags.cc =================================================================== ---- chromium-66.0.3359.81.orig/chrome/browser/about_flags.cc -+++ chromium-66.0.3359.81/chrome/browser/about_flags.cc -@@ -1234,12 +1234,14 @@ const FeatureEntry kFeatureEntries[] = { +--- chromium-67.0.3396.18.orig/chrome/browser/about_flags.cc ++++ chromium-67.0.3396.18/chrome/browser/about_flags.cc +@@ -1249,12 +1249,14 @@ const FeatureEntry kFeatureEntries[] = { flag_descriptions::kUiPartialSwapDescription, kOsAll, SINGLE_DISABLE_VALUE_TYPE(switches::kUIDisablePartialSwap)}, #if BUILDFLAG(ENABLE_WEBRTC) @@ -53,7 +53,7 @@ Index: chromium-66.0.3359.81/chrome/browser/about_flags.cc {"enable-webrtc-hw-h264-encoding", flag_descriptions::kWebrtcHwH264EncodingName, flag_descriptions::kWebrtcHwH264EncodingDescription, kOsAndroid | kOsCrOS, -@@ -1553,6 +1555,13 @@ const FeatureEntry kFeatureEntries[] = { +@@ -1577,6 +1579,13 @@ const FeatureEntry kFeatureEntries[] = { flag_descriptions::kShowTouchHudDescription, kOsCrOS, SINGLE_VALUE_TYPE(ash::switches::kAshTouchHud)}, #endif // OS_CHROMEOS @@ -67,7 +67,7 @@ Index: chromium-66.0.3359.81/chrome/browser/about_flags.cc { "disable-accelerated-video-decode", flag_descriptions::kAcceleratedVideoDecodeName, -@@ -1560,6 +1569,7 @@ const FeatureEntry kFeatureEntries[] = { +@@ -1584,6 +1593,7 @@ const FeatureEntry kFeatureEntries[] = { kOsMac | kOsWin | kOsCrOS | kOsAndroid, SINGLE_DISABLE_VALUE_TYPE(switches::kDisableAcceleratedVideoDecode), }, @@ -75,7 +75,7 @@ Index: chromium-66.0.3359.81/chrome/browser/about_flags.cc #if defined(OS_WIN) {"enable-hdr", flag_descriptions::kEnableHDRName, flag_descriptions::kEnableHDRDescription, kOsWin, -@@ -2280,12 +2290,17 @@ const FeatureEntry kFeatureEntries[] = { +@@ -2274,12 +2284,17 @@ const FeatureEntry kFeatureEntries[] = { FEATURE_VALUE_TYPE(features::kOpenVR)}, #endif // ENABLE_OPENVR #endif // ENABLE_VR @@ -95,10 +95,10 @@ Index: chromium-66.0.3359.81/chrome/browser/about_flags.cc {"v8-cache-options", flag_descriptions::kV8CacheOptionsName, flag_descriptions::kV8CacheOptionsDescription, kOsAll, MULTI_VALUE_TYPE(kV8CacheOptionsChoices)}, -Index: chromium-66.0.3359.81/chrome/browser/chromeos/login/chrome_restart_request.cc +Index: chromium-67.0.3396.18/chrome/browser/chromeos/login/chrome_restart_request.cc =================================================================== ---- chromium-66.0.3359.81.orig/chrome/browser/chromeos/login/chrome_restart_request.cc -+++ chromium-66.0.3359.81/chrome/browser/chromeos/login/chrome_restart_request.cc +--- chromium-67.0.3396.18.orig/chrome/browser/chromeos/login/chrome_restart_request.cc ++++ chromium-67.0.3396.18/chrome/browser/chromeos/login/chrome_restart_request.cc @@ -19,6 +19,7 @@ #include "base/sys_info.h" #include "base/timer/timer.h" @@ -121,8 +121,8 @@ Index: chromium-66.0.3359.81/chrome/browser/chromeos/login/chrome_restart_reques +#endif ::switches::kDisableBlinkFeatures, ::switches::kDisableCastStreamingHWEncoding, - ::switches::kDisableDistanceFieldText, -@@ -163,7 +169,7 @@ void DeriveCommandLine(const GURL& start + ::switches::kDisableGpu, +@@ -162,7 +168,7 @@ void DeriveCommandLine(const GURL& start ::switches::kDisableWebGLImageChromium, ::switches::kEnableWebGLImageChromium, ::switches::kEnableWebVR, @@ -131,10 +131,10 @@ Index: chromium-66.0.3359.81/chrome/browser/chromeos/login/chrome_restart_reques ::switches::kDisableWebRtcHWDecoding, ::switches::kDisableWebRtcHWEncoding, #endif -Index: chromium-66.0.3359.81/chrome/browser/flag_descriptions.cc +Index: chromium-67.0.3396.18/chrome/browser/flag_descriptions.cc =================================================================== ---- chromium-66.0.3359.81.orig/chrome/browser/flag_descriptions.cc -+++ chromium-66.0.3359.81/chrome/browser/flag_descriptions.cc +--- chromium-67.0.3396.18.orig/chrome/browser/flag_descriptions.cc ++++ chromium-67.0.3396.18/chrome/browser/flag_descriptions.cc @@ -14,6 +14,13 @@ const char kAccelerated2dCanvasDescripti "Enables the use of the GPU to perform 2d canvas rendering instead of " "using software rendering."; @@ -149,7 +149,7 @@ Index: chromium-66.0.3359.81/chrome/browser/flag_descriptions.cc const char kAcceleratedVideoDecodeName[] = "Hardware-accelerated video decode"; const char kAcceleratedVideoDecodeDescription[] = "Hardware-accelerated video decode where available."; -@@ -1723,6 +1730,7 @@ const char kWebrtcEchoCanceller3Name[] = +@@ -1731,6 +1738,7 @@ const char kWebrtcEchoCanceller3Name[] = const char kWebrtcEchoCanceller3Description[] = "Experimental WebRTC echo canceller (AEC3)."; @@ -157,7 +157,7 @@ Index: chromium-66.0.3359.81/chrome/browser/flag_descriptions.cc const char kWebrtcHwDecodingName[] = "WebRTC hardware video decoding"; const char kWebrtcHwDecodingDescription[] = "Support in WebRTC for decoding video streams using platform hardware."; -@@ -1730,6 +1738,7 @@ const char kWebrtcHwDecodingDescription[ +@@ -1738,6 +1746,7 @@ const char kWebrtcHwDecodingDescription[ const char kWebrtcHwEncodingName[] = "WebRTC hardware video encoding"; const char kWebrtcHwEncodingDescription[] = "Support in WebRTC for encoding video streams using platform hardware."; @@ -165,7 +165,7 @@ Index: chromium-66.0.3359.81/chrome/browser/flag_descriptions.cc const char kWebrtcHwH264EncodingName[] = "WebRTC hardware h264 video encoding"; const char kWebrtcHwH264EncodingDescription[] = -@@ -2549,14 +2558,16 @@ const char kTabStripKeyboardFocusDescrip +@@ -2579,14 +2588,16 @@ const char kTabStripKeyboardFocusDescrip // Chrome OS ------------------------------------------------------------------- @@ -183,10 +183,10 @@ Index: chromium-66.0.3359.81/chrome/browser/flag_descriptions.cc const char kAllowTouchpadThreeFingerClickName[] = "Touchpad three-finger-click"; const char kAllowTouchpadThreeFingerClickDescription[] = "Enables touchpad three-finger-click as middle button."; -Index: chromium-66.0.3359.81/chrome/browser/flag_descriptions.h +Index: chromium-67.0.3396.18/chrome/browser/flag_descriptions.h =================================================================== ---- chromium-66.0.3359.81.orig/chrome/browser/flag_descriptions.h -+++ chromium-66.0.3359.81/chrome/browser/flag_descriptions.h +--- chromium-67.0.3396.18.orig/chrome/browser/flag_descriptions.h ++++ chromium-67.0.3396.18/chrome/browser/flag_descriptions.h @@ -37,6 +37,10 @@ namespace flag_descriptions { extern const char kAccelerated2dCanvasName[]; extern const char kAccelerated2dCanvasDescription[]; @@ -198,7 +198,7 @@ Index: chromium-66.0.3359.81/chrome/browser/flag_descriptions.h extern const char kAcceleratedVideoDecodeName[]; extern const char kAcceleratedVideoDecodeDescription[]; -@@ -1561,13 +1565,17 @@ extern const char kPermissionPromptPersi +@@ -1582,13 +1586,17 @@ extern const char kPermissionPromptPersi #endif // defined(OS_MACOSX) @@ -219,14 +219,14 @@ Index: chromium-66.0.3359.81/chrome/browser/flag_descriptions.h extern const char kAllowTouchpadThreeFingerClickName[]; extern const char kAllowTouchpadThreeFingerClickDescription[]; -Index: chromium-66.0.3359.81/content/browser/gpu/compositor_util.cc +Index: chromium-67.0.3396.18/content/browser/gpu/compositor_util.cc =================================================================== ---- chromium-66.0.3359.81.orig/content/browser/gpu/compositor_util.cc -+++ chromium-66.0.3359.81/content/browser/gpu/compositor_util.cc -@@ -99,7 +99,11 @@ const GpuFeatureData GetGpuFeatureData(s +--- chromium-67.0.3396.18.orig/content/browser/gpu/compositor_util.cc ++++ chromium-67.0.3396.18/content/browser/gpu/compositor_util.cc +@@ -124,7 +124,11 @@ const GpuFeatureData GetGpuFeatureData(s {"video_decode", - manager->GetFeatureStatus( - gpu::GPU_FEATURE_TYPE_ACCELERATED_VIDEO_DECODE), + SafeGetFeatureStatus(manager, + gpu::GPU_FEATURE_TYPE_ACCELERATED_VIDEO_DECODE), +#if defined(OS_LINUX) && !defined(OS_CHROMEOS) && !defined(OS_ANDROID) + !command_line.HasSwitch(switches::kEnableAcceleratedVideo), +#else @@ -235,11 +235,11 @@ Index: chromium-66.0.3359.81/content/browser/gpu/compositor_util.cc "Accelerated video decode has been disabled, either via blacklist," " about:flags or the command line.", true}, -Index: chromium-66.0.3359.81/content/browser/gpu/gpu_process_host.cc +Index: chromium-67.0.3396.18/content/browser/gpu/gpu_process_host.cc =================================================================== ---- chromium-66.0.3359.81.orig/content/browser/gpu/gpu_process_host.cc -+++ chromium-66.0.3359.81/content/browser/gpu/gpu_process_host.cc -@@ -132,7 +132,7 @@ static const char* const kSwitchNames[] +--- chromium-67.0.3396.18.orig/content/browser/gpu/gpu_process_host.cc ++++ chromium-67.0.3396.18/content/browser/gpu/gpu_process_host.cc +@@ -134,7 +134,7 @@ static const char* const kSwitchNames[] switches::kDisableGLExtensions, switches::kDisableLogging, switches::kDisableShaderNameHashing, @@ -248,11 +248,11 @@ Index: chromium-66.0.3359.81/content/browser/gpu/gpu_process_host.cc switches::kDisableWebRtcHWEncoding, #endif #if defined(OS_WIN) -Index: chromium-66.0.3359.81/content/browser/renderer_host/media/video_capture_browsertest.cc +Index: chromium-67.0.3396.18/content/browser/renderer_host/media/video_capture_browsertest.cc =================================================================== ---- chromium-66.0.3359.81.orig/content/browser/renderer_host/media/video_capture_browsertest.cc -+++ chromium-66.0.3359.81/content/browser/renderer_host/media/video_capture_browsertest.cc -@@ -163,8 +163,13 @@ class VideoCaptureBrowserTest : public C +--- chromium-67.0.3396.18.orig/content/browser/renderer_host/media/video_capture_browsertest.cc ++++ chromium-67.0.3396.18/content/browser/renderer_host/media/video_capture_browsertest.cc +@@ -164,8 +164,13 @@ class VideoCaptureBrowserTest : public C base::CommandLine::ForCurrentProcess()->AppendSwitch( switches::kUseFakeJpegDecodeAccelerator); } else { @@ -266,10 +266,10 @@ Index: chromium-66.0.3359.81/content/browser/renderer_host/media/video_capture_b } } -Index: chromium-66.0.3359.81/content/browser/renderer_host/media/video_capture_gpu_jpeg_decoder.cc +Index: chromium-67.0.3396.18/content/browser/renderer_host/media/video_capture_gpu_jpeg_decoder.cc =================================================================== ---- chromium-66.0.3359.81.orig/content/browser/renderer_host/media/video_capture_gpu_jpeg_decoder.cc -+++ chromium-66.0.3359.81/content/browser/renderer_host/media/video_capture_gpu_jpeg_decoder.cc +--- chromium-67.0.3396.18.orig/content/browser/renderer_host/media/video_capture_gpu_jpeg_decoder.cc ++++ chromium-67.0.3396.18/content/browser/renderer_host/media/video_capture_gpu_jpeg_decoder.cc @@ -65,15 +65,21 @@ void VideoCaptureGpuJpegDecoder::Initial bool is_platform_supported = base::CommandLine::ForCurrentProcess()->HasSwitch( @@ -296,11 +296,11 @@ Index: chromium-66.0.3359.81/content/browser/renderer_host/media/video_capture_g decoder_status_ = FAILED; RecordInitDecodeUMA_Locked(); return; -Index: chromium-66.0.3359.81/content/browser/renderer_host/render_process_host_impl.cc +Index: chromium-67.0.3396.18/content/browser/renderer_host/render_process_host_impl.cc =================================================================== ---- chromium-66.0.3359.81.orig/content/browser/renderer_host/render_process_host_impl.cc -+++ chromium-66.0.3359.81/content/browser/renderer_host/render_process_host_impl.cc -@@ -2524,7 +2524,11 @@ void RenderProcessHostImpl::PropagateBro +--- chromium-67.0.3396.18.orig/content/browser/renderer_host/render_process_host_impl.cc ++++ chromium-67.0.3396.18/content/browser/renderer_host/render_process_host_impl.cc +@@ -2693,7 +2693,11 @@ void RenderProcessHostImpl::PropagateBro switches::kDefaultTileHeight, switches::kDisable2dCanvasImageChromium, switches::kDisableAcceleratedJpegDecoding, @@ -309,10 +309,10 @@ Index: chromium-66.0.3359.81/content/browser/renderer_host/render_process_host_i +#else switches::kDisableAcceleratedVideoDecode, +#endif + switches::kDisableBackgroundTasks, switches::kDisableBackgroundTimerThrottling, switches::kDisableBreakpad, - switches::kDisableCompositorUkmForTests, -@@ -2658,8 +2662,10 @@ void RenderProcessHostImpl::PropagateBro +@@ -2830,8 +2834,10 @@ void RenderProcessHostImpl::PropagateBro switches::kDisableMojoRenderer, #endif #if BUILDFLAG(ENABLE_WEBRTC) @@ -323,11 +323,11 @@ Index: chromium-66.0.3359.81/content/browser/renderer_host/render_process_host_i switches::kEnableWebRtcSrtpAesGcm, switches::kEnableWebRtcSrtpEncryptedHeaders, switches::kEnableWebRtcStunOrigin, -Index: chromium-66.0.3359.81/content/browser/webrtc/webrtc_media_recorder_browsertest.cc +Index: chromium-67.0.3396.18/content/browser/webrtc/webrtc_media_recorder_browsertest.cc =================================================================== ---- chromium-66.0.3359.81.orig/content/browser/webrtc/webrtc_media_recorder_browsertest.cc -+++ chromium-66.0.3359.81/content/browser/webrtc/webrtc_media_recorder_browsertest.cc -@@ -58,7 +58,12 @@ class WebRtcMediaRecorderTest +--- chromium-67.0.3396.18.orig/content/browser/webrtc/webrtc_media_recorder_browsertest.cc ++++ chromium-67.0.3396.18/content/browser/webrtc/webrtc_media_recorder_browsertest.cc +@@ -66,7 +66,12 @@ class MAYBE_WebRtcMediaRecorderTest return; // This flag is also used for encoding, https://crbug.com/616640. base::CommandLine::ForCurrentProcess()->AppendSwitch( @@ -341,10 +341,10 @@ Index: chromium-66.0.3359.81/content/browser/webrtc/webrtc_media_recorder_browse } private: -Index: chromium-66.0.3359.81/content/gpu/BUILD.gn +Index: chromium-67.0.3396.18/content/gpu/BUILD.gn =================================================================== ---- chromium-66.0.3359.81.orig/content/gpu/BUILD.gn -+++ chromium-66.0.3359.81/content/gpu/BUILD.gn +--- chromium-67.0.3396.18.orig/content/gpu/BUILD.gn ++++ chromium-67.0.3396.18/content/gpu/BUILD.gn @@ -130,4 +130,8 @@ target(link_target_type, "gpu_sources") (!is_chromecast || is_cast_desktop_build)) { configs += [ "//build/config/linux/dri" ] @@ -354,10 +354,10 @@ Index: chromium-66.0.3359.81/content/gpu/BUILD.gn + public_configs = [ "//media/gpu:libva_config" ] + } } -Index: chromium-66.0.3359.81/content/gpu/gpu_main.cc +Index: chromium-67.0.3396.18/content/gpu/gpu_main.cc =================================================================== ---- chromium-66.0.3359.81.orig/content/gpu/gpu_main.cc -+++ chromium-66.0.3359.81/content/gpu/gpu_main.cc +--- chromium-67.0.3396.18.orig/content/gpu/gpu_main.cc ++++ chromium-67.0.3396.18/content/gpu/gpu_main.cc @@ -286,7 +286,7 @@ int GpuMain(const MainFunctionParams& pa base::PlatformThread::SetName("CrGpuMain"); @@ -376,10 +376,10 @@ Index: chromium-66.0.3359.81/content/gpu/gpu_main.cc io_thread_priority = base::ThreadPriority::DISPLAY; #endif -Index: chromium-66.0.3359.81/content/public/browser/gpu_utils.cc +Index: chromium-67.0.3396.18/content/public/browser/gpu_utils.cc =================================================================== ---- chromium-66.0.3359.81.orig/content/public/browser/gpu_utils.cc -+++ chromium-66.0.3359.81/content/public/browser/gpu_utils.cc +--- chromium-67.0.3396.18.orig/content/public/browser/gpu_utils.cc ++++ chromium-67.0.3396.18/content/public/browser/gpu_utils.cc @@ -7,6 +7,7 @@ #include "base/command_line.h" #include "base/single_thread_task_runner.h" @@ -406,10 +406,10 @@ Index: chromium-66.0.3359.81/content/public/browser/gpu_utils.cc #if defined(OS_WIN) uint32_t enable_accelerated_vpx_decode_val = gpu::GpuPreferences::VPX_VENDOR_MICROSOFT; -Index: chromium-66.0.3359.81/content/public/common/content_switches.cc +Index: chromium-67.0.3396.18/content/public/common/content_switches.cc =================================================================== ---- chromium-66.0.3359.81.orig/content/public/common/content_switches.cc -+++ chromium-66.0.3359.81/content/public/common/content_switches.cc +--- chromium-67.0.3396.18.orig/content/public/common/content_switches.cc ++++ chromium-67.0.3396.18/content/public/common/content_switches.cc @@ -78,12 +78,21 @@ const char kDisable3DAPIs[] // Disable gpu-accelerated 2d canvas. @@ -433,7 +433,7 @@ Index: chromium-66.0.3359.81/content/public/common/content_switches.cc // Disables hardware acceleration of video decode, where available. const char kDisableAcceleratedVideoDecode[] = "disable-accelerated-video-decode"; -@@ -859,11 +868,13 @@ const char kZygoteProcess[] +@@ -867,11 +876,13 @@ const char kZygoteProcess[] // ignores this switch on its stable and beta channels. const char kDisableWebRtcEncryption[] = "disable-webrtc-encryption"; @@ -447,10 +447,10 @@ Index: chromium-66.0.3359.81/content/public/common/content_switches.cc // Enables negotiation of GCM cipher suites from RFC 7714 for SRTP in WebRTC. // See https://tools.ietf.org/html/rfc7714 for further information. -Index: chromium-66.0.3359.81/content/public/common/content_switches.h +Index: chromium-67.0.3396.18/content/public/common/content_switches.h =================================================================== ---- chromium-66.0.3359.81.orig/content/public/common/content_switches.h -+++ chromium-66.0.3359.81/content/public/common/content_switches.h +--- chromium-67.0.3396.18.orig/content/public/common/content_switches.h ++++ chromium-67.0.3396.18/content/public/common/content_switches.h @@ -33,7 +33,11 @@ CONTENT_EXPORT extern const char kDisabl CONTENT_EXPORT extern const char kDisable3DAPIs[]; CONTENT_EXPORT extern const char kDisableAccelerated2dCanvas[]; @@ -463,7 +463,7 @@ Index: chromium-66.0.3359.81/content/public/common/content_switches.h CONTENT_EXPORT extern const char kDisableAcceleratedVideoDecode[]; CONTENT_EXPORT extern const char kDisableAcceleratedVideoEncode[]; CONTENT_EXPORT extern const char kDisableAudioSupportForDesktopShare[]; -@@ -106,6 +110,9 @@ CONTENT_EXPORT extern const char kDisabl +@@ -107,6 +111,9 @@ CONTENT_EXPORT extern const char kDisabl CONTENT_EXPORT extern const char kDomAutomationController[]; extern const char kDisable2dCanvasClipAntialiasing[]; CONTENT_EXPORT extern const char kDumpBlinkRuntimeCallStats[]; @@ -473,7 +473,7 @@ Index: chromium-66.0.3359.81/content/public/common/content_switches.h CONTENT_EXPORT extern const char kEnableAggressiveDOMStorageFlushing[]; CONTENT_EXPORT extern const char kEnableAutomation[]; CONTENT_EXPORT extern const char kEnablePreferCompositingToLCDText[]; -@@ -240,8 +247,10 @@ CONTENT_EXPORT extern const char kZygote +@@ -242,8 +249,10 @@ CONTENT_EXPORT extern const char kZygote #if BUILDFLAG(ENABLE_WEBRTC) CONTENT_EXPORT extern const char kDisableWebRtcEncryption[]; @@ -484,11 +484,11 @@ Index: chromium-66.0.3359.81/content/public/common/content_switches.h CONTENT_EXPORT extern const char kEnableWebRtcSrtpAesGcm[]; CONTENT_EXPORT extern const char kEnableWebRtcSrtpEncryptedHeaders[]; CONTENT_EXPORT extern const char kEnableWebRtcStunOrigin[]; -Index: chromium-66.0.3359.81/content/renderer/media/webrtc/peer_connection_dependency_factory.cc +Index: chromium-67.0.3396.18/content/renderer/media/webrtc/peer_connection_dependency_factory.cc =================================================================== ---- chromium-66.0.3359.81.orig/content/renderer/media/webrtc/peer_connection_dependency_factory.cc -+++ chromium-66.0.3359.81/content/renderer/media/webrtc/peer_connection_dependency_factory.cc -@@ -282,10 +282,18 @@ void PeerConnectionDependencyFactory::In +--- chromium-67.0.3396.18.orig/content/renderer/media/webrtc/peer_connection_dependency_factory.cc ++++ chromium-67.0.3396.18/content/renderer/media/webrtc/peer_connection_dependency_factory.cc +@@ -276,10 +276,18 @@ void PeerConnectionDependencyFactory::In const base::CommandLine* cmd_line = base::CommandLine::ForCurrentProcess(); if (gpu_factories && gpu_factories->IsGpuVideoAcceleratorEnabled()) { @@ -507,13 +507,13 @@ Index: chromium-66.0.3359.81/content/renderer/media/webrtc/peer_connection_depen encoder_factory.reset(new RTCVideoEncoderFactory(gpu_factories)); } -Index: chromium-66.0.3359.81/content/renderer/render_thread_impl.cc +Index: chromium-67.0.3396.18/content/renderer/render_thread_impl.cc =================================================================== ---- chromium-66.0.3359.81.orig/content/renderer/render_thread_impl.cc -+++ chromium-66.0.3359.81/content/renderer/render_thread_impl.cc -@@ -1581,7 +1581,11 @@ media::GpuVideoAcceleratorFactories* Ren - scoped_refptr media_task_runner = - GetMediaThreadTaskRunner(); +--- chromium-67.0.3396.18.orig/content/renderer/render_thread_impl.cc ++++ chromium-67.0.3396.18/content/renderer/render_thread_impl.cc +@@ -1578,7 +1578,11 @@ media::GpuVideoAcceleratorFactories* Ren + kGpuStreamIdMedia, kGpuStreamPriorityMedia); + const bool enable_video_accelerator = +#if defined(OS_LINUX) && !defined(OS_CHROMEOS) + cmd_line->HasSwitch(switches::kEnableAcceleratedVideo) && @@ -523,11 +523,11 @@ Index: chromium-66.0.3359.81/content/renderer/render_thread_impl.cc (gpu_channel_host->gpu_feature_info() .status_values[gpu::GPU_FEATURE_TYPE_ACCELERATED_VIDEO_DECODE] == gpu::kGpuFeatureStatusEnabled); -Index: chromium-66.0.3359.81/gpu/config/software_rendering_list.json +Index: chromium-67.0.3396.18/gpu/config/software_rendering_list.json =================================================================== ---- chromium-66.0.3359.81.orig/gpu/config/software_rendering_list.json -+++ chromium-66.0.3359.81/gpu/config/software_rendering_list.json -@@ -373,17 +373,6 @@ +--- chromium-67.0.3396.18.orig/gpu/config/software_rendering_list.json ++++ chromium-67.0.3396.18/gpu/config/software_rendering_list.json +@@ -377,17 +377,6 @@ ] }, { @@ -545,11 +545,11 @@ Index: chromium-66.0.3359.81/gpu/config/software_rendering_list.json "id": 50, "description": "Disable VMware software renderer on older Mesa", "cr_bugs": [145531, 332596, 571899, 629434], -Index: chromium-66.0.3359.81/media/gpu/BUILD.gn +Index: chromium-67.0.3396.18/media/gpu/BUILD.gn =================================================================== ---- chromium-66.0.3359.81.orig/media/gpu/BUILD.gn -+++ chromium-66.0.3359.81/media/gpu/BUILD.gn -@@ -482,6 +482,14 @@ if (use_v4l2_codec || use_vaapi || is_ma +--- chromium-67.0.3396.18.orig/media/gpu/BUILD.gn ++++ chromium-67.0.3396.18/media/gpu/BUILD.gn +@@ -491,6 +491,14 @@ if (use_v4l2_codec || use_vaapi || is_ma } } @@ -564,7 +564,7 @@ Index: chromium-66.0.3359.81/media/gpu/BUILD.gn if (use_vaapi) { test("jpeg_encode_accelerator_unittest") { deps = [ -@@ -542,6 +550,10 @@ if (use_v4l2_codec || use_vaapi) { +@@ -551,6 +559,10 @@ if (use_v4l2_codec || use_vaapi) { if (use_ozone) { deps += [ "//ui/ozone" ] } diff --git a/chromium.changes b/chromium.changes index 0a621dd..09f714c 100644 --- a/chromium.changes +++ b/chromium.changes @@ -1,217 +1,155 @@ ------------------------------------------------------------------- -Sat May 26 23:01:20 UTC 2018 - astieger@suse.com +Wed May 30 11:00:26 UTC 2018 - tchvatal@suse.com -- on SLE 12 with SUSE PackageHub 12, do not require the SDK for - libwebpmux1 (bsc#1070421) +- Up to 67.0.3396.62 ------------------------------------------------------------------- -Sat May 26 07:08:04 UTC 2018 - astieger@suse.com +Mon May 28 10:31:44 UTC 2018 - tchvatal@suse.com -- Fix installation issue on SUSE PackageHub 12 with libminizip1 - (bsc#1093031) +- Up to chromium-67.0.3396.56 ------------------------------------------------------------------- -Wed May 16 07:05:32 UTC 2018 - astieger@suse.com +Mon May 28 10:27:52 UTC 2018 - tchvatal@suse.com -- Chromium 66.0.3359.181: - * Autoplay: Force enable on desktop for Web Audio +- Fix SLE12 builds again ------------------------------------------------------------------- -Fri May 11 12:10:44 UTC 2018 - astieger@suse.com +Thu May 17 09:00:48 UTC 2018 - tchvatal@suse.com -- Chromium 66.0.3359.170 (bsc#1092923): - * Chain leading to sandbox escape: - CVE-2018-6121: Privilege Escalation in extensions - CVE-2018-6122: Type confusion in V8 - * CVE-2018-6120: Heap buffer overflow in PDFium - * Various fixes from internal audits, fuzzing and other - initiatives +- Bump to 67.0.3396.48 ------------------------------------------------------------------- -Wed May 9 08:36:30 UTC 2018 - tchvatal@suse.com +Tue May 15 13:27:58 UTC 2018 - guillaume.gardet@opensuse.org -- Add patch chromium-skia-system-fontconfig.patch to fix - bsc#1092272 +- Fix AArch64 build with chromium-crashpad-aarch64-fix.patch ------------------------------------------------------------------- -Fri May 4 06:53:49 UTC 2018 - guillaume.gardet@opensuse.org +Thu May 10 10:49:12 UTC 2018 - tchvatal@suse.com + +- Up to 67.0.3393.40 +- Extend patch chromium-non-void-return.patch + +------------------------------------------------------------------- +Wed May 9 09:40:41 UTC 2018 - guillaume.gardet@opensuse.org + +- Fix AArch64 build with chromium-skia-aarch64-buildfix.patch + +------------------------------------------------------------------- +Wed May 9 08:34:37 UTC 2018 - tchvatal@suse.com + +- Add patch chromium-skia-system-fontconfig.patch bsc#1092272 +- Up to 67.0.3393.30 + +------------------------------------------------------------------- +Wed May 9 07:53:48 UTC 2018 - guillaume.gardet@opensuse.org - Enable build on AArch64 - Fix build on AArch64: * set target_cpu to arm64 * disable tcmalloc and swiftshader for aarch64 - * Add new patches: - - chromium-65.0.3325.162-skia-aarch64-buildfix.patch - - chromium-skia-neon.patch ------------------------------------------------------------------- -Fri Apr 27 08:22:18 UTC 2018 - tchvatal@suse.com +Wed Apr 25 14:59:25 UTC 2018 - tchvatal@suse.com -- chromium 66.0.3359.139: - * CVE-2018-6118: Use after free in Media Cache (bsc#1091288) - * drop add-missing-blink-tools.patch, now in tarball again +- Up to chromium-67.0.3396.18 ------------------------------------------------------------------- -Wed Apr 18 09:14:21 UTC 2018 - tchvatal@suse.com +Thu Apr 12 09:10:48 UTC 2018 - tchvatal@suse.com -- Version bump to chromium 66.0.3359.117 bsc#1090000: - * CVE-2018-6085: Use after free in Disk Cache - * CVE-2018-6086: Use after free in Disk Cache - * CVE-2018-6087: Use after free in WebAssembly - * CVE-2018-6088: Use after free in PDFium - * CVE-2018-6089: Same origin policy bypass in Service Worker - * CVE-2018-6090: Heap buffer overflow in Skia - * CVE-2018-6091: Incorrect handling of plug-ins by Service Worker - * CVE-2018-6092: Integer overflow in WebAssembly - * CVE-2018-6093: Same origin bypass in Service Worker - * CVE-2018-6094: Exploit hardening regression in Oilpan - * CVE-2018-6095: Lack of meaningful user interaction requirement before file upload - * CVE-2018-6096: Fullscreen UI spoof - * CVE-2018-6097: Fullscreen UI spoof - * CVE-2018-6098: URL spoof in Omnibox - * CVE-2018-6099: CORS bypass in ServiceWorker - * CVE-2018-6100: URL spoof in Omnibox - * CVE-2018-6101: Insufficient protection of remote debugging prototol in DevTools - * CVE-2018-6102: URL spoof in Omnibox - * CVE-2018-6103: UI spoof in Permissions - * CVE-2018-6104: URL spoof in Omnibox - * CVE-2018-6105: URL spoof in Omnibox - * CVE-2018-6106: Incorrect handling of promises in V8 - * CVE-2018-6107: URL spoof in Omnibox - * CVE-2018-6108: URL spoof in Omnibox - * CVE-2018-6109: Incorrect handling of files by FileAPI - * CVE-2018-6110: Incorrect handling of plaintext files via file:// - * CVE-2018-6111: Heap-use-after-free in DevTools - * CVE-2018-6112: Incorrect URL handling in DevTools - * CVE-2018-6113: URL spoof in Navigation - * CVE-2018-6114: CSP bypass - * CVE-2018-6115: SmartScreen bypass in downloads - * CVE-2018-6116: Incorrect low memory handling in WebAssembly - * CVE-2018-6117: Confusing autofill settings - * Various fixes from internal audits, fuzzing and other initiatives -- Remove obsolete patches: - * chromium-compiler.patch - * chromium-glibc-2.27.patch - * chromium-vaapi-init.patch - * exclude_ymp.diff - * fix-gn-bootstrap.diff - * fix_network_api_crash.patch - * mojo.patch -- Add new patches: - * chromium-ffmpeg.patch - * chromium-gcc7.patch - * exclude_ymp.patch - * fix-gn-bootstrap.patch -- Rebase patches: - * chromium-master-prefs-path.patch - * chromium-non-void-return.patch - * chromium-sandbox-pie.patch - * chromium-vaapi.patch -- Add patch to fix missing folder from tarball: - * add-missing-blink-tools.patch +- Up to 67.0.3393.4 +- Refresh patch exclude_ymp.patch ------------------------------------------------------------------- -Sun Apr 8 10:49:06 UTC 2018 - tchvatal@suse.com +Wed Apr 4 11:49:20 UTC 2018 - tchvatal@suse.com -- Add vaapi patches: - * chromium-vaapi-init.patch - * chromium-vaapi.patch +- Bump to 67.0.3386.1 ------------------------------------------------------------------- -Fri Apr 6 12:54:24 UTC 2018 - tchvatal@suse.com +Wed Mar 28 12:37:50 UTC 2018 - tchvatal@suse.com -- Use memory-constraints package to limit threads as needed +- Bump to 67.0.3381.1 ------------------------------------------------------------------- -Wed Mar 21 06:31:27 UTC 2018 - astieger@suse.com +Fri Mar 23 12:01:52 UTC 2018 - tchvatal@suse.com -- Update to Chromium 65.0.3325.181: - * Various security relevant fixes from internal audits, fuzzing - and other initiatives (boo#1086124) +- Bump to 67.0.3377.1 ------------------------------------------------------------------- -Tue Mar 20 12:33:53 UTC 2018 - tchvatal@suse.com +Tue Mar 20 10:19:55 UTC 2018 - tchvatal@suse.com -- Use both freetype and harfbuzz either bundled or system +- Bump to 67.0.3371.0 +- Remove no longer needed chromium-gcc7.patch +- Rebase fix_building_widevinecdm_with_chromium.patch to allow + widevine builds ------------------------------------------------------------------- -Wed Mar 14 14:18:35 UTC 2018 - tchvatal@suse.com +Tue Mar 20 10:14:15 UTC 2018 - tchvatal@suse.com -- Version update to 65.0.3325.162: - * Various stability fixes only +- Bump to 66.0.3359.33 ------------------------------------------------------------------- -Wed Mar 14 09:00:37 UTC 2018 - tchvatal@suse.com +Wed Mar 14 14:19:21 UTC 2018 - tchvatal@suse.com -- Bundle the harfbuzz on < 15.0 release as we would have to - use requires_ge for the library itself later on otherwise +- Version bump to 66.0.3359.26 ------------------------------------------------------------------- -Fri Mar 9 09:10:01 UTC 2018 - tchvatal@suse.com +Wed Mar 14 13:32:18 UTC 2018 - tchvatal@suse.com -- Make sure to require gcc7 -- Add patch chromium-drm.patch to make sure to build with Leap 42.3 - variant of libdrm +- Bump the requirement for the clang version ------------------------------------------------------------------- -Thu Mar 8 09:00:54 UTC 2018 - tchvatal@suse.com +Wed Mar 14 09:01:33 UTC 2018 - tchvatal@suse.com -- Version update to 65.0.3325.146 bsc#1084296: - * High CVE-2017-11215: Use after free in Flash. - * High CVE-2017-11225: Use after free in Flash. - * High CVE-2018-6060: Use after free in Blink. - * High CVE-2018-6061: Race condition in V8. - * High CVE-2018-6062: Heap buffer overflow in Skia. - * High CVE-2018-6057: Incorrect permissions on shared memory. - * High CVE-2018-6063: Incorrect permissions on shared memory. - * High CVE-2018-6064: Type confusion in V8. - * High CVE-2018-6065: Integer overflow in V8. - * Medium CVE-2018-6066: Same Origin Bypass via canvas. - * Medium CVE-2018-6067: Buffer overflow in Skia. - * Medium CVE-2018-6068: Object lifecycle issues in Chrome Custom Tab. - * Medium CVE-2018-6069: Stack buffer overflow in Skia. - * Medium CVE-2018-6070: CSP bypass through extensions. - * Medium CVE-2018-6071: Heap bufffer overflow in Skia. - * Medium CVE-2018-6072: Integer overflow in PDFium. - * Medium CVE-2018-6073: Heap bufffer overflow in WebGL. - * Medium CVE-2018-6074: Mark-of-the-Web bypass. - * Medium CVE-2018-6075: Overly permissive cross origin downloads. - * Medium CVE-2018-6076: Incorrect handling of URL fragment identifiers in Blink. - * Medium CVE-2018-6077: Timing attack using SVG filters. - * Medium CVE-2018-6078: URL Spoof in OmniBox. - * Medium CVE-2018-6079: Information disclosure via texture data in WebGL. - * Medium CVE-2018-6080: Information disclosure in IPC call. - * Low CVE-2018-6081: XSS in interstitials. - * Low CVE-2018-6082: Circumvention of port blocking. - * Low CVE-2018-6083: Incorrect processing of AppManifests. -- Add new patches: - * chromium-compiler.patch - * chromium-glibc-2.27.patch - * mojo.patch -- Drop patches: - * chromium-angle.patch - * chromium-memcpy.patch -- Update constraints -- Refresh patch chromium-non-void-return.patch to include more - fixes +- Conditionalize harfbuzz switch ------------------------------------------------------------------- -Sat Feb 24 19:02:51 UTC 2018 - astieger@suse.com +Mon Mar 12 10:18:18 UTC 2018 - tchvatal@suse.com -- Chromium 64.0.3282.186: - * Various minor bug fixes +- Update to 66.0.3359.22 ------------------------------------------------------------------- -Wed Feb 14 08:16:34 UTC 2018 - astieger@suse.com +Fri Mar 9 11:20:35 UTC 2018 - tchvatal@suse.com -- update to 64.0.3282.167 (bsc#1080920): - * CVE-2018-6056: Incorrect derived class instantiation in V8 +- Apply patches using %autopatch +- Add patch to build with gcc7 properly chromium-gcc7.patch +- Drop patch chromium-sandbox-pie.patch as we have pie default now +- Add patch to build with leap variant of drm chromium-drm.patch ------------------------------------------------------------------- -Fri Feb 2 11:16:23 UTC 2018 - tchvatal@suse.com +Wed Mar 7 12:11:45 UTC 2018 - tchvatal@suse.com -- Version update to 64.0.3282.140 bsc#1079021: - * Various asan fixes bsc#1078463 CVE-2018-6406 +- Add patch to build ffmpeg from system chromium-ffmpeg.patch + +------------------------------------------------------------------- +Wed Mar 7 10:30:24 UTC 2018 - tchvatal@suse.com + +- Up to 66.0.3355.0 +- Disable clang by default again + +------------------------------------------------------------------- +Tue Feb 27 09:35:21 UTC 2018 - tchvatal@suse.com + +- Up to 66.0.3350.0 + +------------------------------------------------------------------- +Thu Feb 15 09:08:22 UTC 2018 - tchvatal@suse.com + +- Drop patch fix_network_api_crash.patch + +------------------------------------------------------------------- +Mon Feb 12 10:10:58 UTC 2018 - tchvatal@suse.com + +- Bump to 66.0.3343.3 + +------------------------------------------------------------------- +Wed Feb 7 13:58:33 UTC 2018 - tchvatal@suse.com + +- Bump to 65.0.3325.51 + +------------------------------------------------------------------- +Tue Feb 6 12:00:36 UTC 2018 - tchvatal@suse.com + +- Disable gconf support ------------------------------------------------------------------- Fri Feb 2 10:43:48 UTC 2018 - dimstar@opensuse.org @@ -222,9 +160,9 @@ Fri Feb 2 10:43:48 UTC 2018 - dimstar@opensuse.org /proc/meminfo. ------------------------------------------------------------------- -Mon Jan 29 13:07:38 UTC 2018 - tchvatal@suse.com +Wed Jan 31 09:45:45 UTC 2018 - tchvatal@suse.com -- Fix default page to not point to 404 +- Bump to 65.0.3325.31 ------------------------------------------------------------------- Mon Jan 29 12:36:31 UTC 2018 - tchvatal@suse.com @@ -232,318 +170,296 @@ Mon Jan 29 12:36:31 UTC 2018 - tchvatal@suse.com - Install swiftshader objects too as they are needed ------------------------------------------------------------------- -Fri Jan 26 10:11:22 UTC 2018 - tchvatal@suse.com +Fri Jan 26 10:12:22 UTC 2018 - tchvatal@suse.com -- Disable ozone stuff conditions for now as the headless mode - breaks up runtime bsc#1077722 +- Update to 65.0.3325.18 +- Try to have automatic ozone platform detection ------------------------------------------------------------------- -Thu Jan 25 09:51:59 UTC 2018 - tchvatal@suse.com +Wed Jan 17 14:28:37 UTC 2018 - tchvatal@suse.com -- Switch to gcc7 on Leap builds +- Bump to 65.0.3322.3 ------------------------------------------------------------------- -Thu Jan 25 09:42:51 UTC 2018 - tchvatal@suse.com +Mon Jan 8 20:12:43 UTC 2018 - tchvatal@suse.com -- Version update to 64.0.3282.119 bsc#1077571: - * High CVE-2018-6031: Use after free in PDFium. Reported by Anonymous on 2017-11-01 - * High CVE-2018-6032: Same origin bypass in Shared Worker. Reported by Jun Kokatsu (@shhnjk) on 2017-11-20 - * High CVE-2018-6033: Race when opening downloaded files. Reported by Juho Nurminen on 2017-12-09 - * Medium CVE-2018-6034: Integer overflow in Blink. Reported by Tobias Klein (www.trapkit.de) on 2017-11-12 - * Medium CVE-2018-6035: Insufficient isolation of devtools from extensions. Reported by Rob Wu on 2017-12-23 - * Medium CVE-2018-6036: Integer underflow in WebAssembly. Reported by The UK's National Cyber Security Centre (NCSC) on 2017-11-30 - * Medium CVE-2018-6037: Insufficient user gesture requirements in autofill. Reported by Paul Stone of Context Information Security on 2017-08-09 - * Medium CVE-2018-6038: Heap buffer overflow in WebGL. Reported by cloudfuzzer on 2017-10-12 - * Medium CVE-2018-6039: XSS in DevTools. Reported by Juho Nurminen on 2017-10-17 - * Medium CVE-2018-6040: Content security policy bypass. Reported by WenXu Wu of Tencent's Xuanwu Lab on 2017-10-26 - * Medium CVE-2018-6041: URL spoof in Navigation. Reported by Luan Herrera on 2017-08-29 - * Medium CVE-2018-6042: URL spoof in OmniBox. Reported by Khalil Zhani on 2017-10-12 - * Medium CVE-2018-6043: Insufficient escaping with external URL handlers. Reported by 0x09AL on 2017-11-16 - * Medium CVE-2018-6045: Insufficient isolation of devtools from extensions. Reported by Rob Wu on 2017-12-23 - * Medium CVE-2018-6046: Insufficient isolation of devtools from extensions. Reported by Rob Wu on 2017-12-31 - * Medium CVE-2018-6047: Cross origin URL leak in WebGL. Reported by Masato Kinugawa on 2018-01-08 - * Low CVE-2018-6048: Referrer policy bypass in Blink. Reported by Jun Kokatsu (@shhnjk) on 2017-09-08 - * Low CVE-2017-15420: URL spoofing in Omnibox. Reported by Drew Springall (@_aaspring_) on 2017-10-05 - * Low CVE-2018-6049: UI spoof in Permissions. Reported by WenXu Wu of Tencent's Xuanwu Lab on 2017-10-13 - * Low CVE-2018-6050: URL spoof in OmniBox. Reported by Jonathan Kew on 2017-10-15 - * Low CVE-2018-6051: Referrer leak in XSS Auditor. Reported by Antonio Sanso (@asanso) on 2014-12-11 - * Low CVE-2018-6052: Incomplete no-referrer policy implementation. Reported by Tanner Emek on 2016-05-28 - * Low CVE-2018-6053: Leak of page thumbnails in New Tab Page. Reported by Asset Kabdenov on 2017-08-23 - * Low CVE-2018-6054: Use after free in WebUI. Reported by Rob Wu on 2017-12-24 -- Add patches: - * chromium-angle.patch - * chromium-memcpy.patch -- Drop patch: - * chromium-gcc.patch -- Change desktop file name to fit bellow the icon on ie KDE desktop +- Bump to 65.0.3311.3 +- Drop chromium-63.0.3289.84-fix-ft-hb-unbundle.patch ------------------------------------------------------------------- -Thu Jan 4 20:59:31 UTC 2018 - astieger@suse.com +Tue Jan 2 13:14:43 UTC 2018 - tchvatal@suse.com -- Chromium 63.0.3239.132: - * DevTools: do not report raw headers and cookies for protected - subresources - * Various other fixes and updates +- add chromium-63.0.3289.84-fix-ft-hb-unbundle.patch to make sure + we use system freetype/harfbuzz ------------------------------------------------------------------- -Fri Dec 15 09:28:07 UTC 2017 - tchvatal@suse.com +Thu Dec 28 18:00:12 UTC 2017 - tchvatal@suse.com -- Version update to 63.0.3239.108 bsc#1072976: - * CVE-2017-15429: UXSS in V8 - * Various fuzzing fixes +- Make sure to use system freetype too ------------------------------------------------------------------- -Thu Dec 7 09:41:13 UTC 2017 - tchvatal@suse.com +Wed Dec 20 15:38:09 UTC 2017 - tchvatal@suse.com -- Version update to 63.0.3239.84 bsc#1071691: - * Critical CVE-2017-15407: Out of bounds write in QUIC. - * High CVE-2017-15408: Heap buffer overflow in PDFium. - * High CVE-2017-15409: Out of bounds write in Skia. - * High CVE-2017-15410: Use after free in PDFium. - * High CVE-2017-15411: Use after free in PDFium. - * High CVE-2017-15412: Use after free in libXML. - * High CVE-2017-15413: Type confusion in WebAssembly. - * Medium CVE-2017-15415: Pointer information disclosure in IPC call. - * Medium CVE-2017-15416: Out of bounds read in Blink. - * Medium CVE-2017-15417: Cross origin information disclosure in Skia. - * Medium CVE-2017-15418: Use of uninitialized value in Skia. - * Medium CVE-2017-15419: Cross origin leak of redirect URL in Blink. - * Medium CVE-2017-15420: URL spoofing in Omnibox. - * Medium CVE-2017-15422: Integer overflow in ICU. - * Low CVE-2017-15423: Issue with SPAKE implementation in BoringSSL. - * Low CVE-2017-15424: URL Spoof in Omnibox. - * Low CVE-2017-15425: URL Spoof in Omnibox. - * Low CVE-2017-15426: URL Spoof in Omnibox. - * Low CVE-2017-15427: Insufficient blocking of JavaScript in Omnibox. -- Rebase fix-gn-bootstrap.diff -- Drop merged patches: - * chromium-gcc5.patch - * chromium-60.0.3112.113-breakpad-ucontext.patch - * chromium-62.0.3202.62-correct-cplusplus-check.patch -- Add new patches: - * chromium-non-void-return.patch - * chromium-gcc.patch +- Bump 65.0.3298.3 ------------------------------------------------------------------- -Wed Nov 22 11:05:42 UTC 2017 - idonmez@suse.com +Tue Dec 19 09:43:19 UTC 2017 - tchvatal@suse.com + +- Drop chromium-memcpy.patch + +------------------------------------------------------------------- +Mon Dec 18 10:46:25 UTC 2017 - tchvatal@suse.com + +- Drop minizip conditional (was about 42.1) + +------------------------------------------------------------------- +Sun Dec 17 22:52:29 UTC 2017 - tchvatal@suse.com + +- Bump to 65.0.3294.5 + +------------------------------------------------------------------- +Thu Dec 14 14:55:27 UTC 2017 - tchvatal@suse.com + +- Explicitely describe what ozone parts we want + +------------------------------------------------------------------- +Wed Dec 13 09:47:33 UTC 2017 - tchvatal@suse.com + +- Bump to 64.0.3282.24 +- Enable system icu again +- Tweak the deps to match current setup +- Add patch chromium-memcpy.patch + +------------------------------------------------------------------- +Tue Dec 12 12:55:52 UTC 2017 - tchvatal@suse.com + +- Minimize desktop name to not take so much space + +------------------------------------------------------------------- +Sat Dec 9 12:54:27 UTC 2017 - tchvatal@suse.com + +- Bumpyty to 64.0.3282.14 + +------------------------------------------------------------------- +Thu Nov 30 14:32:41 UTC 2017 - tchvatal@suse.com + +- Bumpy to 64.0.3278.0 + +------------------------------------------------------------------- +Wed Nov 22 11:06:47 UTC 2017 - idonmez@suse.com - BuildRequire nodejs8 instead of nodejs6 for suse_version >= 1330 ------------------------------------------------------------------- -Wed Nov 15 14:56:24 UTC 2017 - astieger@suse.com +Sun Nov 19 11:25:52 UTC 2017 - tchvatal@suse.com + +- Drop chromium-64.0.3253.3-gpu_lists_version.h.patch +- Drop chromium-gcc.patch + +------------------------------------------------------------------- +Sun Nov 19 11:20:20 UTC 2017 - tchvatal@suse.com + +- Up to 64.0.3269.3 + +------------------------------------------------------------------- +Wed Nov 15 14:42:55 UTC 2017 - astieger@suse.com -- Update to 62.0.3202.94: - * multiple minor rendering related fixes - fix rebuilds in same chroot ------------------------------------------------------------------- -Tue Nov 7 10:12:28 UTC 2017 - tchvatal@suse.com +Wed Nov 8 21:33:56 UTC 2017 - tchvatal@suse.com -- Version update to 62.0.3202.89 bsc#1066851: - * CVE-2017-15398: Stack buffer overflow in QUIC - * CVE-2017-15399: Use after free in V8 -- Drop upstream merged chromium-sandbox.patch +- Add patch chromium-non-void-return.patch ------------------------------------------------------------------- -Fri Nov 3 12:40:33 UTC 2017 - tchvatal@suse.com +Tue Nov 7 09:41:07 UTC 2017 - tchvatal@suse.com -- Restrict the version on jpeg to not waste build power +- Add patch chromium-64.0.3253.3-gpu_lists_version.h.patch ------------------------------------------------------------------- -Sun Oct 29 08:18:37 UTC 2017 - tchvatal@suse.com +Sat Nov 4 09:38:27 UTC 2017 - tchvatal@suse.com -- Add patch to fix sandbox crashes wrt bsc#1064298 - * chromium-sandbox.patch +- Bump to 64.0.3253.3 ------------------------------------------------------------------- -Fri Oct 27 09:17:02 UTC 2017 - tchvatal@suse.com +Fri Nov 3 11:41:40 UTC 2017 - tchvatal@suse.com -- Version update to 62.0.3202.75 bsc#1065405 CVE-2017-15396 - * CVE-2017-15396: Stack overflow in V8 +- Update to 64.0.3251.0 ------------------------------------------------------------------- -Thu Oct 26 12:09:53 UTC 2017 - astieger@suse.com +Thu Nov 2 20:46:57 UTC 2017 - tchvatal@suse.com -- BuildRequire nodejs6 required for polymer-bundler.js +- Fix the tarball unpacking to unroll all the required content +- Update to 63.0.3239.30 ------------------------------------------------------------------- -Thu Oct 26 09:19:09 UTC 2017 - tchvatal@suse.com +Wed Oct 25 18:24:16 UTC 2017 - tchvatal@suse.com -- Try to export properly CXX/CC variable to fix leap builds +- Drop patch chromium-60.0.3112.113-breakpad-ucontext.patch +- Drop patch chromium-sysroot.patch ------------------------------------------------------------------- -Wed Oct 25 17:52:44 UTC 2017 - tchvatal@suse.com +Wed Oct 11 09:04:46 UTC 2017 - tchvatal@suse.com -- Apply patch to fix building crc32 with gcc7: - * chromium-62.0.3202.62-correct-cplusplus-check.patch +- Bump to 63.0.3236.0 ------------------------------------------------------------------- -Thu Oct 19 03:29:56 UTC 2017 - tchvatal@suse.com +Mon Oct 9 11:42:16 UTC 2017 - tchvatal@suse.com -- Update to 62.0.3202.62 bsc#1064066: - * CVE-2017-5124: UXSS with MHTML. - * CVE-2017-5125: Heap overflow in Skia. - * CVE-2017-5126: Use after free in PDFium. - * CVE-2017-5127: Use after free in PDFium. - * CVE-2017-5128: Heap overflow in WebGL. - * CVE-2017-5129: Use after free in WebAudio. - * CVE-2017-5132: Incorrect stack manipulation in WebAssembly. - * CVE-2017-5130: Heap overflow in libxml2. - * CVE-2017-5131: Out of bounds write in Skia. - * CVE-2017-5133: Out of bounds write in Skia. - * CVE-2017-15386: UI spoofing in Blink. - * CVE-2017-15387: Content security bypass. - * CVE-2017-15388: Out of bounds read in Skia. - * CVE-2017-15389: URL spoofing in OmniBox. - * CVE-2017-15390: URL spoofing in OmniBox. - * CVE-2017-15391: Extension limitation bypass in Extensions. - * CVE-2017-15392: Incorrect registry key handling in PlatformIntegration. - * CVE-2017-15393: Referrer leak in Devtools. - * CVE-2017-15394: URL spoofing in extensions UI. - * CVE-2017-15395: Null pointer dereference in ImageCapture. -- Drop unused patches: +- Bump to 63.0.3230.0 + +------------------------------------------------------------------- +Mon Oct 2 10:10:10 UTC 2017 - tchvatal@suse.com + +- Update to 63.0.3223.8 +- Rebase fix-gn-boostrap.diff +- Remove chromium-gcc5.patch + +------------------------------------------------------------------- +Sat Sep 16 15:51:04 UTC 2017 - tchvatal@suse.com + +- Bump to 63.0.3218.0 +- Rebase fix-gn-bootstrap.diff +- Add chromium-sysroot.patch + +------------------------------------------------------------------- +Wed Sep 13 07:51:50 UTC 2017 - tchvatal@suse.com + +- Version update to 62.0.3202.18 + +------------------------------------------------------------------- +Sun Sep 10 09:46:36 UTC 2017 - tchvatal@suse.com + +- Update to latest +- Switch to system libxml again +- Add more folders to be kept in archive + +------------------------------------------------------------------- +Wed Sep 6 13:16:14 UTC 2017 - tchvatal@suse.com + +- Build with gcc6 on leap as we now require --stdc-14 + +------------------------------------------------------------------- +Wed Sep 6 12:55:30 UTC 2017 - tchvatal@suse.com + +- Add patch to build with new glibc: + * chromium-60.0.3112.113-breakpad-ucontext.patch + +------------------------------------------------------------------- +Mon Sep 4 12:11:32 UTC 2017 - tchvatal@suse.com + +- Bump to 62.0.3198.0: + * fix-gn-bootstrap.diff + +------------------------------------------------------------------- +Wed Aug 23 12:40:57 UTC 2017 - tchvatal@suse.com + +- Bump to 62.0.3192.0 +- Rebase patch chromium-prop-codecs.patch + +------------------------------------------------------------------- +Mon Aug 21 09:29:23 UTC 2017 - tchvatal@suse.com + +- Bump to 62.0.3188.2 +- Rebase fix-gn-bootstrap.diff +- Remove arm patches as we exclude it for now: * arm-webrtc-fix.patch * arm_use_right_compiler.patch - * chromium-46.0.2490.71-fix-missing-i18n_process_css_test.patch - * chromium-atk.patch - * chromium-mojo-dep.patch - * gcc60-fixes.diff +- Add patch chromium-gcc5.patch + +------------------------------------------------------------------- +Fri Aug 11 09:37:10 UTC 2017 - tchvatal@suse.com + +- Bump to 62.0.3178.0 +- Add patch chromium-system-zlib.patch +- Rebase patch fix-gn-bootstrap.diff +- Rebase exclude_ymp.diff +- Drop gcc60-fixes.diff as the toolchain was changed + +------------------------------------------------------------------- +Sun Aug 6 07:18:26 UTC 2017 - tchvatal@suse.com + +- Bump to 62.0.3175.4 + +------------------------------------------------------------------- +Sun Aug 6 07:12:01 UTC 2017 - tchvatal@suse.com + +- Bump to 61.0.3163.31 +- Remove condition for gtk3, hard on from now on +- Bump version requirement on nodejs + +------------------------------------------------------------------- +Thu Jul 27 19:42:42 UTC 2017 - tchvatal@suse.com + +- Bump to 61.0.3163.13 +- Rebase fix-gn-bootstrap.diff + +------------------------------------------------------------------- +Thu Jul 20 12:33:20 UTC 2017 - tchvatal@suse.com + - Refresh patches: - * chromium-gcc5.patch - * chromium-prop-codecs.patch - * exclude_ymp.diff * fix-gn-bootstrap.diff + * gcc60-fixes.diff ------------------------------------------------------------------- -Fri Sep 22 14:50:40 UTC 2017 - astieger@suse.com +Wed Jul 19 15:14:56 UTC 2017 - tchvatal@suse.com -- Update to 61.0.3163.100 (boo#1060019): - * CVE-2017-5121: Out-of-bounds access in V8 - * CVE-2017-5122: Out-of-bounds access in V8 - * Various fixes from internal audits, fuzzing and other initiatives +- Bump to 61.0.3159.5 +- Use system libcxx +- Refresh patch fix-gn-bootstrap.diff ------------------------------------------------------------------- -Sat Sep 16 15:50:19 UTC 2017 - tchvatal@suse.com +Mon Jul 17 07:53:34 UTC 2017 - tchvatal@suse.com -- Update to 61.0.3163.91: - * Various bugfixes - -------------------------------------------------------------------- -Mon Sep 11 08:45:35 UTC 2017 - tchvatal@suse.com - -- Update to 61.0.3163.79 bsc#1057364: - * CVE-2017-5111: Use after free in PDFium. - * CVE-2017-5112: Heap buffer overflow in WebGL. - * CVE-2017-5113: Heap buffer overflow in Skia. - * CVE-2017-5114: Memory lifecycle issue in PDFium. - * CVE-2017-5115: Type confusion in V8. - * CVE-2017-5116: Type confusion in V8. - * CVE-2017-5117: Use of uninitialized value in Skia. - * CVE-2017-5118: Bypass of Content Security Policy in Blink. - * CVE-2017-5119: Use of uninitialized value in Skia. - * CVE-2017-5120: Potential HTTPS downgrade during redirect navigation. -- Rebase patch: - * fix-gn-bootstrap.diff -- Remove patches: - * chromium-gcc7.patch - * chromium-override.patch -- Add new patches: - * chromium-atk.patch - * chromium-gcc5.patch - * chromium-mojo-dep.patch -- Gtk3 is hard required from now on -- Version some of the required dependencies - -------------------------------------------------------------------- -Mon Aug 28 22:57:05 UTC 2017 - astieger@suse.com - -- fix build with Factory glibc: - add chromium-60.0.3112.113-breakpad-ucontext.patch - -------------------------------------------------------------------- -Fri Aug 25 09:17:27 UTC 2017 - tchvatal@suse.com - -- Version update to 60.0.3112.113: - * Various bugfixes - -------------------------------------------------------------------- -Tue Aug 15 15:17:00 UTC 2017 - tchvatal@suse.com - -- Version update to 60.0.3112.101: - * various usability bugfixes - -------------------------------------------------------------------- -Thu Aug 3 13:25:33 UTC 2017 - tchvatal@suse.com - -- Version update to 60.0.3112.90: - * Various usability bugfixes - -------------------------------------------------------------------- -Wed Jul 26 13:27:55 UTC 2017 - tchvatal@suse.com - -- Version update to 60.0.3112.78 bsc#1050537: - * CVE-2017-5091: Use after free in IndexedDB - * CVE-2017-5092: Use after free in PPAPI - * CVE-2017-5093: UI spoofing in Blink - * CVE-2017-5094: Type confusion in extensions - * CVE-2017-5095: Out-of-bounds write in PDFium - * CVE-2017-5096: User information leak via Android intents - * CVE-2017-5097: Out-of-bounds read in Skia - * CVE-2017-5098: Use after free in V8 - * CVE-2017-5099: Out-of-bounds write in PPAPI - * CVE-2017-5100: Use after free in Chrome Apps - * CVE-2017-5101: URL spoofing in OmniBox - * CVE-2017-5102: Uninitialized use in Skia - * CVE-2017-5103: Uninitialized use in Skia - * CVE-2017-5104: UI spoofing in browser - * CVE-2017-7000: Pointer disclosure in SQLite - * CVE-2017-5105: URL spoofing in OmniBox - * CVE-2017-5106: URL spoofing in OmniBox - * CVE-2017-5107: User information leak via SVG - * CVE-2017-5108: Type confusion in PDFium - * CVE-2017-5109: UI spoofing in browser - * CVE-2017-5110: UI spoofing in payments dialog - * Various fixes from internal audits, fuzzing and other initiatives -- Add patch chromium-override.patch -- Remove patches chromium-fpermissive.patch chromium-system-ffmpeg-r3.patch -- Rebase patches: - * chromium-dma-buf.patch - * chromium-gcc7.patch - * chromium-last-commit-position-r0.patch - * fix-gn-bootstrap.diff - -------------------------------------------------------------------- -Mon Jul 24 09:01:07 UTC 2017 - tchvatal@suse.com - -- Recommend emoji fonts to make sure major web chats do not show +- Recommend emoji fonts for various communicators to not display questionmarks ------------------------------------------------------------------- -Wed Jun 28 19:27:55 UTC 2017 - tchvatal@suse.com +------------------------------------------------------------------- +Thu Jul 13 07:52:52 UTC 2017 - tchvatal@suse.com -- Update to 59.0.3071.115: - * Various small fixes all around +- Bump to 61.0.3153.4 +- Refresh patch fix-gn-bootstrap.diff ------------------------------------------------------------------- -Fri Jun 23 07:46:48 UTC 2017 - astieger@suse.com +Thu Jun 29 07:07:53 UTC 2017 - tchvatal@suse.com -- Update to 59.0.3071.109: - * ozone/drm: Only reuse ScanoutBuffers with compatible modifiers - * Fixing mouse focus on WebView - * Remove gtk dependency from gles tests - * Set build flag when using own FreeType - * Revert of [scheduler] Move some task types to suspendable task runner - * Fix an incorrect method name on the chrome://site-engagement WebUI page - * Linux/Windows: Removing Guest menu item for supervised profile +- Remove already applied patch chromium-gcc7.patch ------------------------------------------------------------------- -Fri Jun 16 12:12:56 UTC 2017 - astieger@suse.com +Tue Jun 27 17:59:45 UTC 2017 - tchvatal@suse.com -- Update to 59.0.3071.104 (bsc#1044690): - * CVE-2017-5087: Sandbox Escape in IndexedDB - * CVE-2017-5088: Out of bounds read in V8 - * CVE-2017-5089: Domain spoofing in Omnibox - * Various fixes from internal audits, fuzzing and other initiatives +- require nss >= 3.26 +- Update to 61.0.3141.7 +- Refresh fix-gn-bootstrap.diff + +------------------------------------------------------------------- +Thu Jun 22 08:46:57 UTC 2017 - tchvatal@suse.com + +- Drop merged patch chromium-system-icu.patch +- Refresh patch fix-gn-bootstrap.diff + +------------------------------------------------------------------- +Wed Jun 21 17:06:27 UTC 2017 - tchvatal@suse.com + +- Version update to 61.0.3135.4 + +------------------------------------------------------------------- +Thu Jun 15 08:26:29 UTC 2017 - tchvatal@suse.com + +- Update to 61.0.3128.3 +- Add patch chromium-system-icu.patch + +------------------------------------------------------------------- +Sat Jun 10 14:05:13 UTC 2017 - tchvatal@suse.com + +- Update to 61.0.3124.4 +- Refresh patch fix-gn-bootstrap.diff +- Drop patch chromium-override.patch merged upstream + +------------------------------------------------------------------- +Fri Jun 9 12:11:47 UTC 2017 - tchvatal@suse.com + +- Bump to 60.0.3112.24 ------------------------------------------------------------------- Thu Jun 8 14:56:42 UTC 2017 - tchvatal@suse.com @@ -551,56 +467,104 @@ Thu Jun 8 14:56:42 UTC 2017 - tchvatal@suse.com - Add patch chromium-buildname.patch bsc#1043420 ------------------------------------------------------------------- -Tue Jun 6 07:53:53 UTC 2017 - tchvatal@suse.com +Wed Jun 7 09:10:40 UTC 2017 - tchvatal@suse.com -- Update to 59.0.3071.86 bsc#1042833: - * CVE-2017-5070: Type confusion in V8. Reported by Zhao Qixun(@S0rryMybad) of Qihoo 360 Vulcan Team on 2017-05-16 - * CVE-2017-5071: Out of bounds read in V8. Reported by Choongwoo Han on 2017-04-26 - * CVE-2017-5072: Address spoofing in Omnibox. Reported by Rayyan Bijoora on 2017-04-07 - * CVE-2017-5073: Use after free in print preview. Reported by Khalil Zhani on 2017-04-28 - * CVE-2017-5074: Use after free in Apps Bluetooth. Reported by anonymous on 2017-03-09 - * CVE-2017-5075: Information leak in CSP reporting. Reported by Emmanuel Gil Peyrot on 2017-01-05 - * CVE-2017-5086: Address spoofing in Omnibox. Reported by Rayyan Bijoora on 2017-05-16 - * CVE-2017-5076: Address spoofing in Omnibox. Reported by Samuel Erb on 2017-05-06 - * CVE-2017-5077: Heap buffer overflow in Skia. Reported by Sweetchip on 2017-04-28 - * CVE-2017-5078: Possible command injection in mailto handling. Reported by Jose Carlos Exposito Bueno on 2017-04-12 - * CVE-2017-5079: UI spoofing in Blink. Reported by Khalil Zhani on 2017-04-20 - * CVE-2017-5080: Use after free in credit card autofill. Reported by Khalil Zhani on 2017-04-05 - * CVE-2017-5081: Extension verification bypass. Reported by Andrey Kovalev (@L1kvID) Yandex Security Team on 2016-12-07 - * CVE-2017-5082: Insufficient hardening in credit card editor. Reported by Nightwatch Cybersecurity Research on 2017-05-11 - * CVE-2017-5083: UI spoofing in Blink. Reported by Khalil Zhani on 2017-04-24 - * CVE-2017-5085: Inappropriate javascript execution on WebUI pages. Reported by Zhiyang Zeng of Tencent security platform department on 2017-02-15 -- Add patch to fix build with system dma: - * chromium-dma-buf.patch -- Drop no longer needed patches: - * chromium-linker-memory.patch - * chromium-system-jinja-r13.patch -- Refresh patches: - * chromium-gcc7.patch - * chromium-system-ffmpeg-r3.patch +- Update to 60.0.3112.20 + +------------------------------------------------------------------- +Tue Jun 6 10:56:24 UTC 2017 - tchvatal@suse.com + +- Drop patch chromium-system-icu.patch + * Use bundled icu as system is unbuildable at the moment + +------------------------------------------------------------------- +Mon Jun 5 12:23:26 UTC 2017 - tchvatal@suse.com + +- Bump to 60.0.3112.7 +- Add patch for gcc7 chromium-gcc7.patch +- Add patch to build with gcc chromium-override.patch +- Add patch to build with system icu 59 chromium-system-icu.patch + +------------------------------------------------------------------- +Wed May 31 14:23:42 UTC 2017 - tchvatal@suse.com + +- Update to upstream 60.0.3112.7 + * Refresh patch fix-gn-bootstrap.diff +- Remove upstream merged chromium-system-harfbuzz.patch + +------------------------------------------------------------------- +Wed May 24 12:22:27 UTC 2017 - tchvatal@suse.com + +- Update 60.0.3107.4 +- Refresh patch chromium-last-commit-position-r0.patch +- Remove upstreamed chromium-system-ffmpeg-r3.patch +- Remove upstreamed chromium-system-opus.patch +- Remove upstreamed chromium-system-libpng.patch +- Remove upstreamed chromium-system-libwebp.patch +- Update fix-gn-bootstrap.diff +- Add patch chromium-system-harfbuzz.patch + +------------------------------------------------------------------- +Thu May 18 10:31:53 UTC 2017 - tchvatal@suse.com + +- Version update to 60.0.3100.0 +- Add patches: + * chromium-system-libpng.patch + * chromium-system-libwebp.patch + +------------------------------------------------------------------- +Wed May 17 09:22:27 UTC 2017 - tchvatal@suse.com + +- Export gcc standard version to fix build on older releases + * Needed for vulcan + +------------------------------------------------------------------- +Fri May 12 11:25:49 UTC 2017 - tchvatal@suse.com + +- Update to 60.0.3095.5 +- Update patch: * fix-gn-bootstrap.diff -- Use bundled libxml - * Upstream unfortunately uses git snapshot that is not api/abi compatible ------------------------------------------------------------------- -Mon Jun 5 12:55:22 UTC 2017 - tchvatal@suse.com +Sat May 6 08:50:17 UTC 2017 - tchvatal@suse.com -- Add patch to build with gcc7: - * chromium-gcc7.patch -- Add patch for fpermissive build error: - * chromium-fpermissive.patch +- Switch to system opus and yasm ------------------------------------------------------------------- -Wed May 10 07:43:46 UTC 2017 - tchvatal@suse.com +Fri May 5 12:11:38 UTC 2017 - tchvatal@suse.com -- Version update to 58.0.3029.110: - * Various small bugfixes +- Update to 60.0.3088.3 +- Update patch: + * fix-gn-bootstrap.diff + * chromium-dma-buf.patch ------------------------------------------------------------------- -Thu May 4 12:40:32 UTC 2017 - tchvatal@suse.com +Thu May 4 12:52:01 UTC 2017 - tchvatal@suse.com -- Version update to 58.0.3029.96: - * Fixes bsc#1037594 CVE-2017-5068 +- Version update to 60.0.3080.5 +- Refresh patch: + * chromium-dma-buf.patch + * fix-gn-bootstrap.diff + +------------------------------------------------------------------- +Fri Apr 28 18:40:01 UTC 2017 - tchvatal@suse.com + +- Use bundled libxml (they have git snapshot :/) + +------------------------------------------------------------------- +Fri Apr 28 18:21:44 UTC 2017 - tchvatal@suse.com + +- Add more bundled folders + +------------------------------------------------------------------- +Fri Apr 28 06:03:50 UTC 2017 - tchvatal@suse.com + +- Also drop patch chromium-system-jinja-r13.patch + +------------------------------------------------------------------- +Fri Apr 28 05:55:11 UTC 2017 - tchvatal@suse.com + +- Bump to 59.0.3071.29 ------------------------------------------------------------------- Tue Apr 25 13:24:42 UTC 2017 - tchvatal@suse.com @@ -609,34 +573,56 @@ Tue Apr 25 13:24:42 UTC 2017 - tchvatal@suse.com * It is at least used only during build ------------------------------------------------------------------- -Fri Apr 21 09:57:49 UTC 2017 - tchvatal@suse.com +Fri Apr 21 19:16:32 UTC 2017 - tchvatal@suse.com -- Version update to 58.0.3029.81 bsc#1035103: - * High CVE-2017-5057: Type confusion in PDFium. Credit to Guang Gong of Alpha Team, Qihoo 360 - * High CVE-2017-5058: Heap use after free in Print Preview. Credit to Khalil Zhani - * High CVE-2017-5059: Type confusion in Blink. Credit to SkyLined working with Trend Micro's Zero Day Initiative - * Medium CVE-2017-5060: URL spoofing in Omnibox. Credit to Xudong Zheng - * Medium CVE-2017-5061: URL spoofing in Omnibox. Credit to Haosheng Wang (@gnehsoah) - * Medium CVE-2017-5062: Use after free in Chrome Apps. Credit to anonymous - * Medium CVE-2017-5063: Heap overflow in Skia. Credit to Sweetchip - * Medium CVE-2017-5064: Use after free in Blink. Credit to Wadih Matar - * Medium CVE-2017-5065: Incorrect UI in Blink. Credit to Khalil Zhani - * Medium CVE-2017-5066: Incorrect signature handing in Networking. Credit to chenchu - * Medium CVE-2017-5067: URL spoofing in Omnibox. Credit to Khalil Zhani - * Low CVE-2017-5069: Cross-origin bypass in Blink. Credit to Michael Reizelman -- Refresh patch fix-gn-bootstrap.diff -- Refresh patch chromium-system-jinja-r13.patch -- Remove obsolete patch chromium-57-gcc4.patch +- Refresh patch chromium-system-ffmpeg-r3.patch +- Delete patch chromium-system-libjpeg.patch ------------------------------------------------------------------- -Thu Mar 30 13:07:50 UTC 2017 - tchvatal@suse.com +Fri Apr 21 18:58:53 UTC 2017 - tchvatal@suse.com -- Version update to 57.0.2987.133 bsc#1031677: - * Critical CVE-2017-5055: Use after free in printing. Credit to Wadih Matar - * High CVE-2017-5054: Heap buffer overflow in V8. Credit to Nicolas Trippar of Zimperium zLabs - * High CVE-2017-5052: Bad cast in Blink. Credit to JeongHoon Shin - * High CVE-2017-5056: Use after free in Blink. Credit to anonymous - * High CVE-2017-5053: Out of bounds memory access in V8. Credit to Team Sniper (Keen Lab and PC Mgr) reported through ZDI (ZDI-CAN-4587) +- Update to 59.0.3071.15 + +------------------------------------------------------------------- +Fri Apr 21 09:01:47 UTC 2017 - tchvatal@suse.com + +- Drop exif dep, unused +- Pass no-clean option to bootstrap.py for debugging purposes + +------------------------------------------------------------------- +Wed Apr 19 13:21:37 UTC 2017 - tchvatal@suse.com + +- Version update to 59.0.3071.9 + +------------------------------------------------------------------- +Thu Apr 13 08:22:25 UTC 2017 - tchvatal@suse.com + +- Update to 59.0.3067.0 +- Sort out the harfbuzz bundling conditional to be together with minizip + +------------------------------------------------------------------- +Wed Apr 12 11:20:22 UTC 2017 - tchvatal@suse.com + +- Bump harfbuzz and icu requirements + +------------------------------------------------------------------- +Tue Apr 11 11:52:32 UTC 2017 - tchvatal@suse.com + +- Add patch chromium-dma-buf.patch +- Add patch chromium-system-libjpeg.patch + +------------------------------------------------------------------- +Fri Apr 7 08:49:05 UTC 2017 - tchvatal@suse.com + +- Version update to 59.0.3063.4 +- Refresh patch fix-gn-bootstrap.diff +- Refresh patch chromium-system-ffmpeg-r3.patch + +------------------------------------------------------------------- +Thu Mar 30 13:02:21 UTC 2017 - tchvatal@suse.com + +- Update to 59.0.3053.3 +- Refresh patch fix-gn-bootstrap.diff ------------------------------------------------------------------- Fri Mar 24 15:22:38 UTC 2017 - tchvatal@suse.com @@ -644,167 +630,238 @@ Fri Mar 24 15:22:38 UTC 2017 - tchvatal@suse.com - Drop the browser(npapi) provide which is not true ------------------------------------------------------------------- -Sun Mar 19 11:04:47 UTC 2017 - tchvatal@suse.com +Wed Mar 22 10:57:21 UTC 2017 - tchvatal@suse.com -- Add patch to build with gcc4 - * chromium-57-gcc4.patch +- Drop patch chromium-linker-memory.patch as with i586 dropped it + should not be required +- Update patch fix-gn-bootstrap.diff ------------------------------------------------------------------- -Thu Mar 16 20:45:00 UTC 2017 - tchvatal@suse.com +Wed Mar 22 10:56:09 UTC 2017 - tchvatal@suse.com -- Do not use gcc5 and newer as the compat was fixed again -- Update to 57.0.2987.110 with various other small tweaks +- Version update to chromium-59.0.3047.0 ------------------------------------------------------------------- -Fri Mar 10 10:55:23 UTC 2017 - tchvatal@suse.com +Tue Mar 21 12:41:00 UTC 2017 - tchvatal@suse.com -- Version update to 57.0.2987.98 bsc#1028848: - CVE-2017-5030 CVE-2017-5031 CVE-2017-5032 CVE-2017-5029 CVE-2017-5034 - CVE-2017-5035 CVE-2017-5036 CVE-2017-5037 CVE-2017-5039 CVE-2017-5040 - CVE-2017-5041 CVE-2017-5033 CVE-2017-5042 CVE-2017-5038 CVE-2017-5043 - CVE-2017-5044 CVE-2017-5045 CVE-2017-5046 -- Refresh patches - * fix-gn-bootstrap.diff - * chromium-linker-memory.patch -- Remove obsolete patches: - * chromium-sandbox.patch - * chromium-54-ffmpeg2compat.patch -- Remove vaapi patch which broke rendering on non-intel cards: - * chromium-enable-vaapi-on-suse.patch -- From this release onwards i586 build is disabled +- Few tweaks around clang switch to be viable ------------------------------------------------------------------- -Wed Feb 15 12:02:32 UTC 2017 - idonmez@suse.com +Sat Mar 18 19:13:16 UTC 2017 - tchvatal@suse.com + +- Update to 59.0.3043.0 +- Refresh patch fix-gn-bootstrap.diff + +------------------------------------------------------------------- +Wed Mar 15 10:14:35 UTC 2017 - tchvatal@suse.com + +- Update to 58.0.3029.19 + +------------------------------------------------------------------- +Wed Mar 15 09:34:48 UTC 2017 - tchvatal@suse.com + +- Reduce the requirement on gcc to be 4.8 only again + +------------------------------------------------------------------- +Mon Mar 13 12:20:56 UTC 2017 - tchvatal@suse.com + +- Version update to 58.0.3029.14 + +------------------------------------------------------------------- +Mon Mar 13 11:41:34 UTC 2017 - tchvatal@suse.com + +- Disable system vpx for now, needs symbols that will be in 1.6.2 + +------------------------------------------------------------------- +Fri Mar 10 13:03:15 UTC 2017 - tchvatal@suse.com + +- Update fix-gn-bootstrap.diff to build again + +------------------------------------------------------------------- +Wed Mar 8 11:26:35 UTC 2017 - tchvatal@suse.com + +- Version update to 58.0.3029.6 + +------------------------------------------------------------------- +Thu Mar 2 15:19:25 UTC 2017 - tchvatal@suse.com + +- Update to 58.0.3026.3 +- Empty fix-gn-bootstrap.diff again as it was merged upstream + +------------------------------------------------------------------- +Mon Feb 27 11:22:10 UTC 2017 - tchvatal@suse.com + +- Drop patch chromium-enable-vaapi-on-suse.patch as it breaks on + radeon and nvidia cards + +------------------------------------------------------------------- +Fri Feb 24 07:58:48 UTC 2017 - tchvatal@suse.com + +- Update to 58.0.3018.3 +- Update patch fix-gn-bootstrap.diff to match what is needed now +- Refresh patch chromium-system-jinja-r13.patch + +------------------------------------------------------------------- +Fri Feb 17 12:14:06 UTC 2017 - tchvatal@suse.com + +- Version update to 58.0.3013.3 + +------------------------------------------------------------------- +Wed Feb 15 12:15:52 UTC 2017 - idonmez@suse.com - Also add harfbuzz-ng to keeplibs for SLE +------------------------------------------------------------------- +Wed Feb 8 12:39:54 UTC 2017 - tchvatal@suse.com + +- Update to 58.0.3004.3 + +------------------------------------------------------------------- +Wed Feb 8 12:32:46 UTC 2017 - tchvatal@suse.com + +- Try to properly set up nodejs for build + +------------------------------------------------------------------- +Mon Feb 6 20:39:24 UTC 2017 - tchvatal@suse.com + +- Version update to 58.3000.4 next dev channel +- Drop patch chromium-54-ffmpeg2compat.patch as we require ffmpeg3 now + ------------------------------------------------------------------- Mon Feb 6 20:29:52 UTC 2017 - tchvatal@suse.com - Add condition for system harfbuzz to be disabled on SLE ------------------------------------------------------------------- -Mon Feb 6 12:21:34 UTC 2017 - qvoheagbfovvhubzdxfx@posteo.net - -- Fixed a typo in the build requirements for system minizip. - -------------------------------------------------------------------- -Fri Feb 3 12:23:34 UTC 2017 - tchvatal@suse.com - -- Version update to 56.0.2924.87: - * Various small fixes - * Disabled option to enable/disable plugins in the chrome://plugins - -------------------------------------------------------------------- -Thu Feb 2 20:01:27 UTC 2017 - qvoheagbfovvhubzdxfx@posteo.net - -- Added the package 'chromium-privacy' with multiple patches - sourced from the release version on https://github.com/ - u4qo60z73t1c4hurv3ny/privacy_patches-oS_cr, which, when enabled - with the build option 'privacy', builds a version of Chromium - with less privacy implications due to Google services - integration. - -------------------------------------------------------------------- -Wed Feb 1 09:48:35 UTC 2017 - qvoheagbfovvhubzdxfx@posteo.net +Mon Feb 6 12:16:45 UTC 2017 - qvoheagbfovvhubzdxfx@posteo.net - Changed the build requirement of libavformat to library version 57.41.100, as included in ffmpeg 3.1.1, as only this version properly supports the public AVStream API 'codecpar'. - -------------------------------------------------------------------- -Tue Jan 31 14:08:26 UTC 2017 - tchvatal@suse.com - -- Version update to 56.0.2924.76 bsc#1022049: - - CVE-2017-5007: Universal XSS in Blink - - CVE-2017-5006: Universal XSS in Blink - - CVE-2017-5008: Universal XSS in Blink - - CVE-2017-5010: Universal XSS in Blink - - CVE-2017-5011: Unauthorised file access in Devtools - - CVE-2017-5009: Out of bounds memory access in WebRTC - - CVE-2017-5012: Heap overflow in V8 - - CVE-2017-5013: Address spoofing in Omnibox - - CVE-2017-5014: Heap overflow in Skia - - CVE-2017-5015: Address spoofing in Omnibox - - CVE-2017-5019: Use after free in Renderer - - CVE-2017-5016: UI spoofing in Blink - - CVE-2017-5017: Uninitialised memory access in webm video - - CVE-2017-5018: Universal XSS in chrome://apps - - CVE-2017-5020: Universal XSS in chrome://downloads - - CVE-2017-5021: Use after free in Extensions - - CVE-2017-5022: Bypass of Content Security Policy in Blink - - CVE-2017-5023: Type confusion in metrics - - CVE-2017-5024: Heap overflow in FFmpeg - - CVE-2017-5025: Heap overflow in FFmpeg - - CVE-2017-5026: UI spoofing. Credit to Ronni Skansing -- Add conditional to switch between system and bundled icu -- Raise dependency on harfbuzz to 1.3.1 -- Also refresh patches: - chromium-prop-codecs.patch chromium-linker-memory.patch - -------------------------------------------------------------------- -Sat Jan 28 11:31:18 UTC 2017 - qvoheagbfovvhubzdxfx@posteo.net - - Added patch chromium-enable-vaapi-on-suse.patch to enable VAAPI hardware accelerated video decoding. + * chromium-enable-vaapi-on-suse.patch +- Fixed a typo in the build requirements for system minizip. ------------------------------------------------------------------- -Wed Dec 21 20:19:42 UTC 2016 - astieger@suse.com +Fri Feb 3 10:38:16 UTC 2017 - tchvatal@suse.com -- Chromium 55.0.2883.87: - * various fixes for crashes and specific wesites - * update Google pinned certificates +- Update to 57.0.2987.21 ------------------------------------------------------------------- -Wed Dec 21 10:02:52 UTC 2016 - tchvatal@suse.com +Wed Feb 1 12:44:58 UTC 2017 - tchvatal@suse.com -- Disable system icu on Factory, crashes autofill +- Update to 57.0.2987.19 ------------------------------------------------------------------- -Tue Dec 13 14:38:08 UTC 2016 - idonmez@suse.com +Sun Jan 29 17:58:34 UTC 2017 - tchvatal@suse.com + +- Version update to 57.0.2987.13 + +------------------------------------------------------------------- +Wed Jan 25 13:47:13 UTC 2017 - tchvatal@suse.com + +- Update to 57.0.2987.8 + +------------------------------------------------------------------- +Tue Jan 24 10:43:32 UTC 2017 - tchvatal@suse.com + +- Update to 57.0.2986.0 + +------------------------------------------------------------------- +Thu Jan 19 10:40:36 UTC 2017 - tchvatal@suse.com + +- Version update to 57.0.2984.0 + +------------------------------------------------------------------- +Fri Jan 13 09:13:44 UTC 2017 - tchvatal@suse.com + +- Drop the support code for builtin ffmpeg and rely on the system one always + +------------------------------------------------------------------- +Fri Jan 6 11:53:25 UTC 2017 - tchvatal@suse.com + +- Exclude i586 arch as the resources to build are not there + +------------------------------------------------------------------- +Wed Jan 4 12:36:34 UTC 2017 - tchvatal@suse.com + +- Add toolchain definition hopefully allowing us to build on Leap + with older gcc + * This also exposes more of our suse CFLAGS to the compilation + +------------------------------------------------------------------- +Wed Jan 4 12:07:26 UTC 2017 - tchvatal@suse.com + +- Version update to 57.0.2970.0 +- Refresh patch: + * fix-gn-bootstrap.diff +- Drop patch: + * chromium-sandbox.patch + +------------------------------------------------------------------- +Tue Dec 20 14:55:38 UTC 2016 - tchvatal@suse.com + +- Use gcc5 on leap + +------------------------------------------------------------------- +Mon Dec 19 10:30:45 UTC 2016 - tchvatal@suse.com + +- Update to 57.0.2946.4 + +------------------------------------------------------------------- +Wed Dec 14 10:45:26 UTC 2016 - tchvatal@suse.com + +- Allow building with non-system icu on older systems +- Refresh patch fix-gn-bootstrap.diff +- Disable system icu again, fails to build even on factory + +------------------------------------------------------------------- +Tue Dec 13 14:42:30 UTC 2016 - idonmez@suse.com - python-html5lib now depends on six, so preserve that too for SLE builds. ------------------------------------------------------------------- -Fri Dec 9 12:07:10 UTC 2016 - astieger@suse.com +Sun Dec 11 13:12:44 UTC 2016 - tchvatal@suse.com -- Obsolete ffmpeg and ffmpegsumo package in addition to conflict +- Version update to 57.0.2946.0 ------------------------------------------------------------------- -Mon Dec 5 17:08:45 UTC 2016 - astieger@suse.com +Sun Dec 11 13:04:36 UTC 2016 - tchvatal@suse.com -- record minimum version for harfbuzz, incuding runtime - Chromium will crash with harfbuzz < 1.3.0 +- Version update to 56.0.2924.21 ------------------------------------------------------------------- -Sat Dec 3 09:59:21 UTC 2016 - tchvatal@suse.com +Thu Dec 8 08:33:17 UTC 2016 - tchvatal@suse.com -- Chromium 55.0.2883.75 bnc#1013236: - CVE-2016-9651 CVE-2016-5208 CVE-2016-5207 CVE-2016-5206 CVE-2016-5205 - CVE-2016-5204 CVE-2016-5209 CVE-2016-5203 CVE-2016-5210 CVE-2016-5212 - CVE-2016-5211 CVE-2016-5213 CVE-2016-5214 CVE-2016-5216 CVE-2016-5215 - CVE-2016-5217 CVE-2016-5218 CVE-2016-5219 CVE-2016-5221 CVE-2016-5220 - CVE-2016-5222 CVE-2016-9650 CVE-2016-5223 CVE-2016-5226 CVE-2016-5225 - CVE-2016-5224 CVE-2016-9652 -- Switch to system libraries: harfbuzz, zlib, ffmpeg, ... -- Refreshed patches: - * chromium-system-ffmpeg-r3.patch - * chromium-system-jinja-r13.patch -- Use system ffmpeg unless on 13.2 that didn't include it - * chromium-54-ffmpeg2compat.patch - * Remove upstreamed chromium-more-codec-aliases.patch -- Remove bookmarks override as discussed with artwork simply just set - homepage to our openSUSE one and that is all +- Version update to 56.0.2924.18 ------------------------------------------------------------------- -Sat Nov 12 08:20:05 UTC 2016 - astieger@suse.com +Sat Dec 3 12:03:04 UTC 2016 - tchvatal@suse.com -- Chromium 54.0.2840.100: - * CVE-2016-5199: Heap corruption in FFmpeg (boo#1009892) - * CVE-2016-5200: out of bounds memory access in v8 (boo#1009893) - * CVE-2016-5201: info leak in extensions (boo#1009894) - * CVE-2016-5202: various fixes from internal audits (boo#1009895) +- Version update to 56.0.2924.14 + +------------------------------------------------------------------- +Tue Nov 29 21:13:49 UTC 2016 - tchvatal@suse.com + +- Version update to 56.0.2924.10 + +------------------------------------------------------------------- +Tue Nov 22 07:40:21 UTC 2016 - tchvatal@suse.com + +- Version update to 56.0.2922.1 + +------------------------------------------------------------------- +Fri Nov 18 08:35:30 UTC 2016 - tchvatal@suse.com + +- Version update to 56.0.2920.0 + +------------------------------------------------------------------- +Mon Nov 14 13:13:16 UTC 2016 - tchvatal@suse.com + +- Version update to 56.0.2914.3: + * refresh patch chromium-prop-codecs.patch ------------------------------------------------------------------- Mon Nov 7 20:02:46 UTC 2016 - tchvatal@suse.com @@ -814,63 +871,96 @@ Mon Nov 7 20:02:46 UTC 2016 - tchvatal@suse.com bnc#1008725 ------------------------------------------------------------------- -Wed Nov 2 07:32:27 UTC 2016 - tchvatal@suse.com +Sun Nov 6 09:41:28 UTC 2016 - tchvatal@suse.com -- Update to 54.0.2840.90: - * Few fixes and tweaks - * Fixes CVE-2016-5198 bsc#1008274 +- Put chromium-flags at the end to allow user to override various + variables ------------------------------------------------------------------- -Fri Oct 21 10:27:16 UTC 2016 - tchvatal@suse.com +Wed Nov 2 07:36:15 UTC 2016 - tchvatal@suse.com -- Update to 54.0.2840.71: - * Few fixes around +- Update to 56.0.2906.0 ------------------------------------------------------------------- -Thu Oct 13 10:19:03 UTC 2016 - tchvatal@suse.com +Fri Oct 28 16:59:28 UTC 2016 - tchvatal@suse.com -- Version update to 54.0.2840.59 bnc#1004465: - - CVE-2016-5181: Universal XSS in Blink (Anonymous) - - CVE-2016-5182: Heap overflow in Blink (Giwan Go of STEALIEN) - - CVE-2016-5183: Use after free in PDFium (Anonymous) - - CVE-2016-5184: Use after free in PDFium (Anonymous) - - CVE-2016-5185: Use after free in Blink (cloudfuzzer) - - CVE-2016-5187: URL spoofing (Luan Herrera) - - CVE-2016-5188: UI spoofing (Luan Herrera) - - CVE-2016-5192: Cross-origin bypass in Blink (haojunhou at gmail) - - CVE-2016-5189: URL spoofing (xisigr of Tencent's Xuanwu Lab) - - CVE-2016-5186: Out of bounds read in DevTools (Abdulrahman Alqabandi) - - CVE-2016-5191: Universal XSS in Bookmarks (Gareth Hughes) - - CVE-2016-5190: Use after free in Internals (Atte Kettunen of OUSPG) - - CVE-2016-5193: Scheme bypass (Yuyang ZHOUmartinzhou96) -- packaging changes: - * disable build for chromium-beta on %arm. - * Make linker use less memory by tweaking its options: - chromium-linker-memory.patch - * obsolete desktop subpackages - * Switch to gold to reduce memory use use during build - * fix build on 4.5+ kernels with systemlibs: - chromium-sandbox.patch - * various compiler and linker flag adjustments - * enable gtk3 ui, add patch gtk3-missing-define.patch - * switch from some bundled libraries to the system versions - chromium-system-ffmpeg-r3.patch - chromium-system-jinja-r13.patch - fix-gn-bootstrap.diff - * remove service file covered by download_files -- run time bug fixes: - * Add --ui-disable-partial-swap to the launcher bnc#1000019 - * Use default chromium values from master_preferences on first run - rather than pseudo-duplicating in shellscript -- added features: - * hangouts extension +- Update to 56.0.2902.0 + * Update fix-gn-bootstrap.diff ------------------------------------------------------------------- -Fri Sep 30 08:00:45 UTC 2016 - tchvatal@suse.com +Mon Oct 24 13:06:07 UTC 2016 - tchvatal@suse.com -- Version update to 53.0.2785.143 bnc#1002140: - * CVE-2016-5177: Use after free in V8 - * CVE-2016-5178: Various fixes from internal audits +- Update to 56.0.2897.0 + * Refresh patch chromium-linker-memory.patch + * Update fix-gn-bootstrap.diff + +------------------------------------------------------------------- +Mon Oct 24 11:44:08 UTC 2016 - tchvatal@suse.com + +- Try to make package buildable on SLE12 Backports project + +------------------------------------------------------------------- +Fri Oct 21 10:34:39 UTC 2016 - tchvatal@suse.com + +- Update to 55.0.2883.21 +- Add switch between bundled and system icu as on old distributions + we simply have too old ICU +- Add switch for bundled/system minizip as it is not available on 42.1 + +------------------------------------------------------------------- +Thu Oct 20 07:52:26 UTC 2016 - tchvatal@suse.com + +- Version update to 55.0.2883.18 + +------------------------------------------------------------------- +Mon Oct 17 12:06:03 UTC 2016 - tchvatal@suse.com + +- Version update to 55.0.2883.11 +- Drop chromium-system-zlib.patch +- Add Requires on specified browser for chromedriver wrt bnc#1004839 + +------------------------------------------------------------------- +Sun Oct 9 18:16:49 UTC 2016 - tchvatal@suse.com + +- Version update to 55.0.2882.0: + * Rebase fix-gn-bootstrap.diff + * Remove upstreamed chromium-more-codec-aliases.patch + +------------------------------------------------------------------- +Sat Oct 8 09:51:35 UTC 2016 - mailaender@opensuse.org + +- Add appdata.xml for https://en.opensuse.org/openSUSE:AppStore + +------------------------------------------------------------------- +Fri Sep 30 07:12:16 UTC 2016 - dmueller@suse.com + +- disable build for chromium-beta on %arm. while it does build, + it takes two days, in which we can build roughly 600 other packages, + and I rather build 600 other packages than chromium-beta. + +------------------------------------------------------------------- +Wed Sep 28 17:32:17 UTC 2016 - tchvatal@suse.com + +- Version update to 55.0.2873.0: + * refresh fix-gn-bootstrap.diff + +------------------------------------------------------------------- +Tue Sep 27 08:08:38 UTC 2016 - tchvatal@suse.com + +- Do not install default_bookmarks.html file, just set homepage + and that's it +- Drop chromium-rpmlintrc not really needed + +------------------------------------------------------------------- +Mon Sep 26 14:07:58 UTC 2016 - tchvatal@suse.com + +- Drop chrome-wrapper file it is unused + +------------------------------------------------------------------- +Mon Sep 26 12:29:52 UTC 2016 - tchvatal@suse.com + +- Add --ui-disable-partial-swap to the launcher bnc#1000019 + cr#628168 ------------------------------------------------------------------- Mon Sep 26 12:22:41 UTC 2016 - dimstar@opensuse.org @@ -879,50 +969,153 @@ Mon Sep 26 12:22:41 UTC 2016 - dimstar@opensuse.org it's started as an Xwayland client (boo#1001135). ------------------------------------------------------------------- -Sat Sep 17 11:36:18 UTC 2016 - tchvatal@suse.com +Mon Sep 26 08:18:16 UTC 2016 - tchvatal@suse.com -- Apply sandbox patch to fix crashers on tumbleweed bnc#999091 +- Update to 55.0.2868.3: + * remove patch gtk3-missing-define.patch + * update patch fix-gn-bootstrap.diff + * add patch chromium-system-zlib.patch +- Use system icu, upstream bug was fixed + +------------------------------------------------------------------- +Wed Sep 21 09:50:26 UTC 2016 - tchvatal@suse.com + +- Enable system libs again as it works for now +- Disable system vpx on < Factory as the vpx there is too old +- Now stable -> enable tcmalloc again + +------------------------------------------------------------------- +Tue Sep 20 09:00:29 UTC 2016 - tchvatal@suse.com + +- Make linker use less memory by tweaking its options: + * chromium-linker-memory.patch +- Update constraints for arm a bit to build +- Use system ffmpeg unless on 13.2 that didn't include it + * chromium-54-ffmpeg2compat.patch + +------------------------------------------------------------------- +Fri Sep 16 09:12:17 UTC 2016 - tchvatal@suse.com + +- Fix obsoletes for the desktop thingies + +------------------------------------------------------------------- +Thu Sep 15 12:02:32 UTC 2016 - tchvatal@suse.com + +- Gtk3 is still buggy -> disable +- Remove systemlibs for now except ffmpeg as it causes tons of problems + +------------------------------------------------------------------- +Wed Sep 14 14:57:42 UTC 2016 - tchvatal@suse.com + +- Switch to component build - solves issue with linking and not + enough memory +- Document in defaults how to actually enable debugging +- Remove noop conditions and empty variables from .sh script + launching chromium + +------------------------------------------------------------------- +Wed Sep 14 07:31:47 UTC 2016 - tchvatal@suse.com + +- Enable aarch64 to see how it goes +- Version update to 55.0.2859.0 + +------------------------------------------------------------------- +Tue Sep 13 17:13:47 UTC 2016 - tchvatal@suse.com + +- Do not bother with widevine installation, we need to build the + connectors, but later need to use the one bundled with chrome to + work with drm anyway + +------------------------------------------------------------------- +Tue Sep 13 12:53:23 UTC 2016 - tchvatal@suse.com + +- Switch to gold, we need to use less memory when linking +- Expand constraints for the debug symbols +- Use default chromium values from master_preferences on first run + rather than pseudo-duplicating in shellscript, bugs should be + fixed in the masterprefs +- Add patch to fix build on 4.5+ kernels with systemlibs: * chromium-sandbox.patch ------------------------------------------------------------------- -Thu Sep 15 13:09:21 UTC 2016 - tchvatal@suse.com +Mon Sep 12 17:21:26 UTC 2016 - tchvatal@suse.com -- Version update stable channel 53.0.2785.116 - * Just smal bugfixes around +- Collapse the ninja calls to run only once, no need to start 3x +- Remove g0 from cflags, that is something we never want, at least + some symbols for tracing are useful +- Sync more the options that are available for the build ------------------------------------------------------------------- -Wed Sep 14 07:35:09 UTC 2016 - tchvatal@suse.com +Mon Sep 12 08:55:09 UTC 2016 - tchvatal@suse.com -- Version update to 53.0.2785.113 bnc#998743: - * CVE-2016-5170 Use after free in Blink - * CVE-2016-5171 Use after free in Blink - * CVE-2016-5172 Arbitrary Memory Read in v8 - * CVE-2016-5173 Extension resource access - * CVE-2016-5174 Popup not correctly suppressed - * CVE-2016-5175 Various fixes from internal audits +- Enable more switches that are found in the gn files +- Try to enable gtk3 ui again + * add patch gtk3-missing-define.patch ------------------------------------------------------------------- -Mon Sep 12 08:31:59 UTC 2016 - tchvatal@suse.com +Sun Sep 11 09:14:14 UTC 2016 - tchvatal@suse.com -- Reenable widevine build again bnc#998328 +- Move widevine to subpackage so user have choice between the built + one and the chrome one ------------------------------------------------------------------- -Sat Sep 10 09:13:37 UTC 2016 - tchvatal@suse.com +Sat Sep 10 11:02:42 UTC 2016 - tchvatal@suse.com -- Stable channel update to 53.0.2785.101 - * SPDY crasher fixes - * Disable NV12 DXGI video on AMD - * Forward --password-store switch to os_crypt - * Tell the kernel to discard USB requests when they time out. +- Version update to dev chanel 55.0.2853.0 +- Refresh patches: + * chromium-system-ffmpeg-r3.patch + * chromium-system-jinja-r13.patch +- Correctly detect system ffmpeg and set branding to allow all codecs + that the ffmpeg can work with (eg we simply passover all the data + and do not bother with blacklist/whitelist) ------------------------------------------------------------------- -Wed Sep 7 14:50:44 UTC 2016 - astieger@suse.com +Sat Sep 10 08:58:20 UTC 2016 - tchvatal@suse.com -- Update to Chromium 53.0.2785.92: - * Revert of support relocatable RPM packages - * disallow WKBackForwardListItem navigations for pushState pages - * arc: bluetooth: Fix advertised uuid - * fix conflicting PendingIntent for stop button and swipe away +- Update to 54.0.2840.16 +- Expand provides/obsoletes for the desktop subpackages to remove + them all + +------------------------------------------------------------------- +Thu Sep 8 13:23:30 UTC 2016 - tchvatal@suse.com + +- Enable hangouts extension +- Try to build widevine drm extension instead of using the one from + packman bnc#998328 +- Go back to normal malloc from bundled tcmalloc, switch back when + we can use system one + +------------------------------------------------------------------- +Wed Sep 7 06:36:15 UTC 2016 - tchvatal@suse.com + +- Update to 54.0.2840.14 +- Switch back to gcc on factory +- Switch some bundled libraries off courtesy of gentoo build system +- Try to use system ffmpeg if possible +- Remove useless service file, "osc service localrun download_files" + works fine enough even without it +- Add patches for system jinja and ffmpeg (gentoo): + * chromium-system-ffmpeg-r3.patch + * chromium-system-jinja-r13.patch +- Add back gcc compat patch: + * gcc60-fixes.diff + +------------------------------------------------------------------- +Tue Sep 6 08:32:06 UTC 2016 - tchvatal@suse.com + +- Switch to compile using clang as google has default + * Only for factory on 1320 and older use gcc +- Obsolete kde/gnome subpackages, useless nowdays +- Determine paralelism based on how much memory we have +- Disable gtk3 it seems to be really messy with rendering nowdays + * Stick with gtk2 for time being +- Enable tcmalloc as memory manager +- Sort out with spec-cleaner +- Drop unused patches: + * fix-older-gcc.patch + * gcc60-fixes.diff +- Do not install chromium-generic to libdir just directly go to bindir +- Remove empty pre function ------------------------------------------------------------------- Thu Sep 1 04:04:13 UTC 2016 - tittiatcoke@gmail.com diff --git a/chromium.spec b/chromium.spec index b6ad709..850d1d5 100644 --- a/chromium.spec +++ b/chromium.spec @@ -32,20 +32,20 @@ %bcond_with system_libxml %bcond_with system_harfbuzz %endif -%bcond_with system_vpx -%bcond_with clang %ifarch aarch64 %bcond_with swiftshader %else %bcond_without swiftshader %endif -Name: chromium -Version: 66.0.3359.181 +%bcond_with system_vpx +%bcond_with clang +Name: chromium-beta +Version: 67.0.3396.62 Release: 0 Summary: Google's open source browser project License: BSD-3-Clause AND LGPL-2.1-or-later Group: Productivity/Networking/Web/Browsers -Url: http://code.google.com/p/chromium/ +URL: http://code.google.com/p/chromium/ Source0: http://commondatastorage.googleapis.com/chromium-browser-official/%{rname}-%{version}.tar.xz # Toolchain definitions Source1: BUILD.gn @@ -68,8 +68,7 @@ Patch5: chromium-buildname.patch Patch6: chromium-non-void-return.patch Patch7: chromium-ffmpeg.patch Patch8: chromium-drm.patch -Patch9: chromium-gcc7.patch -Patch10: chromium-sandbox-pie.patch +Patch9: chromium-sandbox-pie.patch # Google seem not too keen on merging this but GPU accel is quite important # https://chromium-review.googlesource.com/c/chromium/src/+/532294 Patch100: chromium-vaapi.patch @@ -79,12 +78,12 @@ Patch101: chromium-skia-system-fontconfig.patch # GN buildsystem related patches Patch200: chromium-last-commit-position-r0.patch Patch201: fix-gn-bootstrap.patch -# PATCH-FIX-SUSE: allow codecs to be set with chromium branding +# PATCH-FIX-SUSE: allow proprietary codecs to be set with chromium branding Patch202: chromium-prop-codecs.patch -# PATCH-FIX-UPSTREAM fedora patch to fix skia build on aarch64 -Patch300: chromium-65.0.3325.162-skia-aarch64-buildfix.patch -# PATCH-FIX-UPSTREAM backport commit b84682 to fix skia with GCC on aarch64 - https://chromium.googlesource.com/chromium/src/+/b84682f31dc99b9c90f5a04947075815697c68d9 -Patch301: chromium-skia-neon.patch +# PATCH-FIX-UPSTREAM: fix skia build on aarch64 +Patch300: chromium-skia-aarch64-buildfix.patch +# PATCH-FIX-UPSTREAM: fix crashpad build on aarch64 +Patch301: chromium-crashpad-aarch64-fix.patch BuildRequires: SDL-devel BuildRequires: binutils-gold BuildRequires: bison @@ -149,10 +148,6 @@ BuildRequires: pkgconfig(liboil-0.3) >= 0.3.15 BuildRequires: pkgconfig(libpci) BuildRequires: pkgconfig(libpulse) BuildRequires: pkgconfig(libssl) -%ifnarch aarch64 -# Current tcmalloc does not support AArch64 -BuildRequires: pkgconfig(libtcmalloc) -%endif BuildRequires: pkgconfig(libudev) BuildRequires: pkgconfig(libxslt) BuildRequires: pkgconfig(minizip) @@ -191,16 +186,20 @@ Provides: chromium-browser = %{version} Obsoletes: %{name}-suid-helper < %{version} Obsoletes: chromium-browser < %{version} Provides: %{name}-suid-helper = %{version} -Obsoletes: chromium-beta-desktop-gnome -Obsoletes: chromium-beta-desktop-kde -Obsoletes: chromium-desktop-gnome Obsoletes: chromium-desktop-kde -Obsoletes: chromium-dev-desktop-gnome +Obsoletes: chromium-desktop-gnome +Obsoletes: chromium-beta-desktop-kde +Obsoletes: chromium-beta-desktop-gnome Obsoletes: chromium-dev-desktop-kde +Obsoletes: chromium-dev-desktop-gnome Obsoletes: chromium-ffmpeg Obsoletes: chromium-ffmpegsumo # no 32bit supported and it takes ages to build ExcludeArch: %{arm} i586 ppc ppc64 ppc64le +%ifnarch aarch64 +# Current tcmalloc does not support AArch64 +BuildRequires: pkgconfig(libtcmalloc) +%endif %if %{with system_harfbuzz} BuildRequires: pkgconfig(harfbuzz) >= 1.7.0 %endif @@ -284,6 +283,7 @@ keeplibs=( third_party/WebKit third_party/analytics third_party/angle + third_party/apple_apsl third_party/angle/src/common/third_party/base third_party/angle/src/common/third_party/smhasher third_party/angle/src/third_party/compiler @@ -312,6 +312,8 @@ keeplibs=( third_party/catapult/tracing/third_party/pako third_party/ced third_party/cld_3 + third_party/crashpad + third_party/crashpad/crashpad/third_party/zlib third_party/crc32c third_party/cros_system_api third_party/devscripts @@ -488,9 +490,11 @@ gn_system_libraries+=( ) %endif %if !%{with sle_bundles} -gn_system_libraries+=( libwebp ) -gn_system_libraries+=( yasm ) -gn_system_libraries+=( zlib ) +gn_system_libraries+=( + libwebp + yasm + zlib +) %endif %if %{with system_icu} gn_system_libraries+=( icu ) @@ -677,8 +681,8 @@ chmod 755 %{buildroot}%{_libdir}/chromium/xdg-mime /sbin/ldconfig %{_libdir}/chromium %files -%license LICENSE %verify(not mode) %{_libexecdir}/chrome_sandbox +%license LICENSE %doc AUTHORS %config %{_sysconfdir}/chromium %config(noreplace) %{_sysconfdir}/default/chromium @@ -699,7 +703,6 @@ chmod 755 %{buildroot}%{_libdir}/chromium/xdg-mime %{_bindir}/chromium %files -n chromedriver -%license LICENSE %{_libdir}/chromium/chromedriver %changelog diff --git a/exclude_ymp.patch b/exclude_ymp.patch index bfcb093..4324ef4 100644 --- a/exclude_ymp.patch +++ b/exclude_ymp.patch @@ -1,5 +1,5 @@ ---- a/third_party/WebKit/common/mime_util/mime_util.cc 2013-08-25 10:12:05.428599992 +0200 -+++ b/third_party/WebKit/common/mime_util/mime_util.cc 2013-08-25 10:12:05.428599992 +0200 +--- a/third_party/blink/common/mime_util/mime_util.cc 2013-08-25 10:12:05.428599992 +0200 ++++ b/third_party/blink/common/mime_util/mime_util.cc 2013-08-25 10:12:05.428599992 +0200 @@ -79,6 +79,7 @@ "text/x-csv", "text/x-vcf", diff --git a/fix_building_widevinecdm_with_chromium.patch b/fix_building_widevinecdm_with_chromium.patch index a974244..69ba607 100644 --- a/fix_building_widevinecdm_with_chromium.patch +++ b/fix_building_widevinecdm_with_chromium.patch @@ -1,9 +1,22 @@ -Minimal patch to get chromium to compile with widevine support - -https://bugs.gentoo.org/show_bug.cgi?id=547630 - ---- a/third_party/widevine/cdm/stub/widevine_cdm_version.h -+++ b/third_party/widevine/cdm/stub/widevine_cdm_version.h +diff -urN chromium-67.0.3371.0.old/third_party/widevine/cdm/BUILD.gn chromium-67.0.3371.0/third_party/widevine/cdm/BUILD.gn +--- chromium-67.0.3371.0.old/third_party/widevine/cdm/BUILD.gn 2018-03-20 12:06:16.192778982 +0100 ++++ chromium-67.0.3371.0/third_party/widevine/cdm/BUILD.gn 2018-03-20 12:09:54.184846595 +0100 +@@ -10,12 +10,6 @@ + import("//media/media_options.gni") + import("//third_party/widevine/cdm/widevine.gni") + +-# Internal Cast builds set enable_widevine=true to bring in Widevine support. +-# TODO(xhwang): Support component updated CDM on other platforms and remove this +-# assert. +-assert(!enable_widevine || is_win || is_mac || is_chromecast, +- "Component updated CDM only supported on Windows and Mac for now.") +- + widevine_arch = current_cpu + if (widevine_arch == "x86") { + widevine_arch = "ia32" +diff -urN chromium-67.0.3371.0.old/third_party/widevine/cdm/stub/widevine_cdm_version.h chromium-67.0.3371.0/third_party/widevine/cdm/stub/widevine_cdm_version.h +--- chromium-67.0.3371.0.old/third_party/widevine/cdm/stub/widevine_cdm_version.h 2018-03-20 12:06:16.192778982 +0100 ++++ chromium-67.0.3371.0/third_party/widevine/cdm/stub/widevine_cdm_version.h 2018-03-20 12:08:24.415172133 +0100 @@ -10,6 +10,7 @@ #include "third_party/widevine/cdm/widevine_cdm_common.h" From d9f7443ae90df4b53ce74c3ed88e82672b75dc34e15cd309a24d559223007cf6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Wed, 30 May 2018 11:20:59 +0000 Subject: [PATCH 24/52] - Update to 67.0.3396.62 bsc#1095163 * CVE-2018-6123: Use after free in Blink. * CVE-2018-6124: Type confusion in Blink. * CVE-2018-6125: Overly permissive policy in WebUSB. * CVE-2018-6126: Heap buffer overflow in Skia. * CVE-2018-6127: Use after free in indexedDB. * CVE-2018-6128: uXSS in Chrome on iOS. * CVE-2018-6129: Out of bounds memory access in WebRTC. * CVE-2018-6130: Out of bounds memory access in WebRTC. * CVE-2018-6131: Incorrect mutability protection in WebAssembly. * CVE-2018-6132: Use of uninitialized memory in WebRTC. * CVE-2018-6133: URL spoof in Omnibox. * CVE-2018-6134: Referrer Policy bypass in Blink. * CVE-2018-6135: UI spoofing in Blink. * CVE-2018-6136: Out of bounds memory access in V8. * CVE-2018-6137: Leak of visited status of page in Blink. * CVE-2018-6138: Overly permissive policy in Extensions. * CVE-2018-6139: Restrictions bypass in the debugger extension API. * CVE-2018-6140: Restrictions bypass in the debugger extension API. * CVE-2018-6141: Heap buffer overflow in Skia. * CVE-2018-6142: Out of bounds memory access in V8. * CVE-2018-6143: Out of bounds memory access in V8. * CVE-2018-6144: Out of bounds memory access in PDFium. * CVE-2018-6145: Incorrect escaping of MathML in Blink. * CVE-2018-6147: Password fields not taking advantage of OS protections in Views. - Add patches to build on aarch and remove obsolete one: * chromium-crashpad-aarch64-fix.patch * chromium-skia-aarch64-buildfix.patch * chromium-65.0.3325.162-skia-aarch64-buildfix.patch * chromium-skia-neon.patch OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1133 --- chromium.changes | 1530 +++++++++++++++++++++------------------------- chromium.spec | 10 +- 2 files changed, 694 insertions(+), 846 deletions(-) diff --git a/chromium.changes b/chromium.changes index 09f714c..65b3b10 100644 --- a/chromium.changes +++ b/chromium.changes @@ -1,155 +1,258 @@ ------------------------------------------------------------------- -Wed May 30 11:00:26 UTC 2018 - tchvatal@suse.com +Wed May 30 11:18:13 UTC 2018 - tchvatal@suse.com -- Up to 67.0.3396.62 +- Update to 67.0.3396.62 bsc#1095163 + * CVE-2018-6123: Use after free in Blink. + * CVE-2018-6124: Type confusion in Blink. + * CVE-2018-6125: Overly permissive policy in WebUSB. + * CVE-2018-6126: Heap buffer overflow in Skia. + * CVE-2018-6127: Use after free in indexedDB. + * CVE-2018-6128: uXSS in Chrome on iOS. + * CVE-2018-6129: Out of bounds memory access in WebRTC. + * CVE-2018-6130: Out of bounds memory access in WebRTC. + * CVE-2018-6131: Incorrect mutability protection in WebAssembly. + * CVE-2018-6132: Use of uninitialized memory in WebRTC. + * CVE-2018-6133: URL spoof in Omnibox. + * CVE-2018-6134: Referrer Policy bypass in Blink. + * CVE-2018-6135: UI spoofing in Blink. + * CVE-2018-6136: Out of bounds memory access in V8. + * CVE-2018-6137: Leak of visited status of page in Blink. + * CVE-2018-6138: Overly permissive policy in Extensions. + * CVE-2018-6139: Restrictions bypass in the debugger extension API. + * CVE-2018-6140: Restrictions bypass in the debugger extension API. + * CVE-2018-6141: Heap buffer overflow in Skia. + * CVE-2018-6142: Out of bounds memory access in V8. + * CVE-2018-6143: Out of bounds memory access in V8. + * CVE-2018-6144: Out of bounds memory access in PDFium. + * CVE-2018-6145: Incorrect escaping of MathML in Blink. + * CVE-2018-6147: Password fields not taking advantage of OS protections in Views. +- Add patches to build on aarch and remove obsolete one: + * chromium-crashpad-aarch64-fix.patch + * chromium-skia-aarch64-buildfix.patch + * chromium-65.0.3325.162-skia-aarch64-buildfix.patch + * chromium-skia-neon.patch +- Remove no longer needed gcc patch: + * chromium-gcc7.patch +- Rebase patches: + * chromium-non-void-return.patch + * chromium-vaapi.patch + * exclude_ymp.patch + * fix_building_widevinecdm_with_chromium.patch ------------------------------------------------------------------- -Mon May 28 10:31:44 UTC 2018 - tchvatal@suse.com +Sat May 26 23:01:20 UTC 2018 - astieger@suse.com -- Up to chromium-67.0.3396.56 +- on SLE 12 with SUSE PackageHub 12, do not require the SDK for + libwebpmux1 (bsc#1070421) ------------------------------------------------------------------- -Mon May 28 10:27:52 UTC 2018 - tchvatal@suse.com +Sat May 26 07:08:04 UTC 2018 - astieger@suse.com -- Fix SLE12 builds again +- Fix installation issue on SUSE PackageHub 12 with libminizip1 + (bsc#1093031) ------------------------------------------------------------------- -Thu May 17 09:00:48 UTC 2018 - tchvatal@suse.com +Wed May 16 07:05:32 UTC 2018 - astieger@suse.com -- Bump to 67.0.3396.48 +- Chromium 66.0.3359.181: + * Autoplay: Force enable on desktop for Web Audio ------------------------------------------------------------------- -Tue May 15 13:27:58 UTC 2018 - guillaume.gardet@opensuse.org +Fri May 11 12:10:44 UTC 2018 - astieger@suse.com -- Fix AArch64 build with chromium-crashpad-aarch64-fix.patch +- Chromium 66.0.3359.170 (bsc#1092923): + * Chain leading to sandbox escape: + CVE-2018-6121: Privilege Escalation in extensions + CVE-2018-6122: Type confusion in V8 + * CVE-2018-6120: Heap buffer overflow in PDFium + * Various fixes from internal audits, fuzzing and other + initiatives ------------------------------------------------------------------- -Thu May 10 10:49:12 UTC 2018 - tchvatal@suse.com +Wed May 9 08:36:30 UTC 2018 - tchvatal@suse.com -- Up to 67.0.3393.40 -- Extend patch chromium-non-void-return.patch +- Add patch chromium-skia-system-fontconfig.patch to fix + bsc#1092272 ------------------------------------------------------------------- -Wed May 9 09:40:41 UTC 2018 - guillaume.gardet@opensuse.org - -- Fix AArch64 build with chromium-skia-aarch64-buildfix.patch - -------------------------------------------------------------------- -Wed May 9 08:34:37 UTC 2018 - tchvatal@suse.com - -- Add patch chromium-skia-system-fontconfig.patch bsc#1092272 -- Up to 67.0.3393.30 - -------------------------------------------------------------------- -Wed May 9 07:53:48 UTC 2018 - guillaume.gardet@opensuse.org +Fri May 4 06:53:49 UTC 2018 - guillaume.gardet@opensuse.org - Enable build on AArch64 - Fix build on AArch64: * set target_cpu to arm64 * disable tcmalloc and swiftshader for aarch64 + * Add new patches: + - chromium-65.0.3325.162-skia-aarch64-buildfix.patch + - chromium-skia-neon.patch ------------------------------------------------------------------- -Wed Apr 25 14:59:25 UTC 2018 - tchvatal@suse.com +Fri Apr 27 08:22:18 UTC 2018 - tchvatal@suse.com -- Up to chromium-67.0.3396.18 +- chromium 66.0.3359.139: + * CVE-2018-6118: Use after free in Media Cache (bsc#1091288) + * drop add-missing-blink-tools.patch, now in tarball again ------------------------------------------------------------------- -Thu Apr 12 09:10:48 UTC 2018 - tchvatal@suse.com +Wed Apr 18 09:14:21 UTC 2018 - tchvatal@suse.com -- Up to 67.0.3393.4 -- Refresh patch exclude_ymp.patch +- Version bump to chromium 66.0.3359.117 bsc#1090000: + * CVE-2018-6085: Use after free in Disk Cache + * CVE-2018-6086: Use after free in Disk Cache + * CVE-2018-6087: Use after free in WebAssembly + * CVE-2018-6088: Use after free in PDFium + * CVE-2018-6089: Same origin policy bypass in Service Worker + * CVE-2018-6090: Heap buffer overflow in Skia + * CVE-2018-6091: Incorrect handling of plug-ins by Service Worker + * CVE-2018-6092: Integer overflow in WebAssembly + * CVE-2018-6093: Same origin bypass in Service Worker + * CVE-2018-6094: Exploit hardening regression in Oilpan + * CVE-2018-6095: Lack of meaningful user interaction requirement before file upload + * CVE-2018-6096: Fullscreen UI spoof + * CVE-2018-6097: Fullscreen UI spoof + * CVE-2018-6098: URL spoof in Omnibox + * CVE-2018-6099: CORS bypass in ServiceWorker + * CVE-2018-6100: URL spoof in Omnibox + * CVE-2018-6101: Insufficient protection of remote debugging prototol in DevTools + * CVE-2018-6102: URL spoof in Omnibox + * CVE-2018-6103: UI spoof in Permissions + * CVE-2018-6104: URL spoof in Omnibox + * CVE-2018-6105: URL spoof in Omnibox + * CVE-2018-6106: Incorrect handling of promises in V8 + * CVE-2018-6107: URL spoof in Omnibox + * CVE-2018-6108: URL spoof in Omnibox + * CVE-2018-6109: Incorrect handling of files by FileAPI + * CVE-2018-6110: Incorrect handling of plaintext files via file:// + * CVE-2018-6111: Heap-use-after-free in DevTools + * CVE-2018-6112: Incorrect URL handling in DevTools + * CVE-2018-6113: URL spoof in Navigation + * CVE-2018-6114: CSP bypass + * CVE-2018-6115: SmartScreen bypass in downloads + * CVE-2018-6116: Incorrect low memory handling in WebAssembly + * CVE-2018-6117: Confusing autofill settings + * Various fixes from internal audits, fuzzing and other initiatives +- Remove obsolete patches: + * chromium-compiler.patch + * chromium-glibc-2.27.patch + * chromium-vaapi-init.patch + * exclude_ymp.diff + * fix-gn-bootstrap.diff + * fix_network_api_crash.patch + * mojo.patch +- Add new patches: + * chromium-ffmpeg.patch + * chromium-gcc7.patch + * exclude_ymp.patch + * fix-gn-bootstrap.patch +- Rebase patches: + * chromium-master-prefs-path.patch + * chromium-non-void-return.patch + * chromium-sandbox-pie.patch + * chromium-vaapi.patch +- Add patch to fix missing folder from tarball: + * add-missing-blink-tools.patch ------------------------------------------------------------------- -Wed Apr 4 11:49:20 UTC 2018 - tchvatal@suse.com +Sun Apr 8 10:49:06 UTC 2018 - tchvatal@suse.com -- Bump to 67.0.3386.1 +- Add vaapi patches: + * chromium-vaapi-init.patch + * chromium-vaapi.patch ------------------------------------------------------------------- -Wed Mar 28 12:37:50 UTC 2018 - tchvatal@suse.com +Fri Apr 6 12:54:24 UTC 2018 - tchvatal@suse.com -- Bump to 67.0.3381.1 +- Use memory-constraints package to limit threads as needed ------------------------------------------------------------------- -Fri Mar 23 12:01:52 UTC 2018 - tchvatal@suse.com +Wed Mar 21 06:31:27 UTC 2018 - astieger@suse.com -- Bump to 67.0.3377.1 +- Update to Chromium 65.0.3325.181: + * Various security relevant fixes from internal audits, fuzzing + and other initiatives (boo#1086124) ------------------------------------------------------------------- -Tue Mar 20 10:19:55 UTC 2018 - tchvatal@suse.com +Tue Mar 20 12:33:53 UTC 2018 - tchvatal@suse.com -- Bump to 67.0.3371.0 -- Remove no longer needed chromium-gcc7.patch -- Rebase fix_building_widevinecdm_with_chromium.patch to allow - widevine builds +- Use both freetype and harfbuzz either bundled or system ------------------------------------------------------------------- -Tue Mar 20 10:14:15 UTC 2018 - tchvatal@suse.com +Wed Mar 14 14:18:35 UTC 2018 - tchvatal@suse.com -- Bump to 66.0.3359.33 +- Version update to 65.0.3325.162: + * Various stability fixes only ------------------------------------------------------------------- -Wed Mar 14 14:19:21 UTC 2018 - tchvatal@suse.com +Wed Mar 14 09:00:37 UTC 2018 - tchvatal@suse.com -- Version bump to 66.0.3359.26 +- Bundle the harfbuzz on < 15.0 release as we would have to + use requires_ge for the library itself later on otherwise ------------------------------------------------------------------- -Wed Mar 14 13:32:18 UTC 2018 - tchvatal@suse.com +Fri Mar 9 09:10:01 UTC 2018 - tchvatal@suse.com -- Bump the requirement for the clang version +- Make sure to require gcc7 +- Add patch chromium-drm.patch to make sure to build with Leap 42.3 + variant of libdrm ------------------------------------------------------------------- -Wed Mar 14 09:01:33 UTC 2018 - tchvatal@suse.com +Thu Mar 8 09:00:54 UTC 2018 - tchvatal@suse.com -- Conditionalize harfbuzz switch +- Version update to 65.0.3325.146 bsc#1084296: + * High CVE-2017-11215: Use after free in Flash. + * High CVE-2017-11225: Use after free in Flash. + * High CVE-2018-6060: Use after free in Blink. + * High CVE-2018-6061: Race condition in V8. + * High CVE-2018-6062: Heap buffer overflow in Skia. + * High CVE-2018-6057: Incorrect permissions on shared memory. + * High CVE-2018-6063: Incorrect permissions on shared memory. + * High CVE-2018-6064: Type confusion in V8. + * High CVE-2018-6065: Integer overflow in V8. + * Medium CVE-2018-6066: Same Origin Bypass via canvas. + * Medium CVE-2018-6067: Buffer overflow in Skia. + * Medium CVE-2018-6068: Object lifecycle issues in Chrome Custom Tab. + * Medium CVE-2018-6069: Stack buffer overflow in Skia. + * Medium CVE-2018-6070: CSP bypass through extensions. + * Medium CVE-2018-6071: Heap bufffer overflow in Skia. + * Medium CVE-2018-6072: Integer overflow in PDFium. + * Medium CVE-2018-6073: Heap bufffer overflow in WebGL. + * Medium CVE-2018-6074: Mark-of-the-Web bypass. + * Medium CVE-2018-6075: Overly permissive cross origin downloads. + * Medium CVE-2018-6076: Incorrect handling of URL fragment identifiers in Blink. + * Medium CVE-2018-6077: Timing attack using SVG filters. + * Medium CVE-2018-6078: URL Spoof in OmniBox. + * Medium CVE-2018-6079: Information disclosure via texture data in WebGL. + * Medium CVE-2018-6080: Information disclosure in IPC call. + * Low CVE-2018-6081: XSS in interstitials. + * Low CVE-2018-6082: Circumvention of port blocking. + * Low CVE-2018-6083: Incorrect processing of AppManifests. +- Add new patches: + * chromium-compiler.patch + * chromium-glibc-2.27.patch + * mojo.patch +- Drop patches: + * chromium-angle.patch + * chromium-memcpy.patch +- Update constraints +- Refresh patch chromium-non-void-return.patch to include more + fixes ------------------------------------------------------------------- -Mon Mar 12 10:18:18 UTC 2018 - tchvatal@suse.com +Sat Feb 24 19:02:51 UTC 2018 - astieger@suse.com -- Update to 66.0.3359.22 +- Chromium 64.0.3282.186: + * Various minor bug fixes ------------------------------------------------------------------- -Fri Mar 9 11:20:35 UTC 2018 - tchvatal@suse.com +Wed Feb 14 08:16:34 UTC 2018 - astieger@suse.com -- Apply patches using %autopatch -- Add patch to build with gcc7 properly chromium-gcc7.patch -- Drop patch chromium-sandbox-pie.patch as we have pie default now -- Add patch to build with leap variant of drm chromium-drm.patch +- update to 64.0.3282.167 (bsc#1080920): + * CVE-2018-6056: Incorrect derived class instantiation in V8 ------------------------------------------------------------------- -Wed Mar 7 12:11:45 UTC 2018 - tchvatal@suse.com +Fri Feb 2 11:16:23 UTC 2018 - tchvatal@suse.com -- Add patch to build ffmpeg from system chromium-ffmpeg.patch - -------------------------------------------------------------------- -Wed Mar 7 10:30:24 UTC 2018 - tchvatal@suse.com - -- Up to 66.0.3355.0 -- Disable clang by default again - -------------------------------------------------------------------- -Tue Feb 27 09:35:21 UTC 2018 - tchvatal@suse.com - -- Up to 66.0.3350.0 - -------------------------------------------------------------------- -Thu Feb 15 09:08:22 UTC 2018 - tchvatal@suse.com - -- Drop patch fix_network_api_crash.patch - -------------------------------------------------------------------- -Mon Feb 12 10:10:58 UTC 2018 - tchvatal@suse.com - -- Bump to 66.0.3343.3 - -------------------------------------------------------------------- -Wed Feb 7 13:58:33 UTC 2018 - tchvatal@suse.com - -- Bump to 65.0.3325.51 - -------------------------------------------------------------------- -Tue Feb 6 12:00:36 UTC 2018 - tchvatal@suse.com - -- Disable gconf support +- Version update to 64.0.3282.140 bsc#1079021: + * Various asan fixes bsc#1078463 CVE-2018-6406 ------------------------------------------------------------------- Fri Feb 2 10:43:48 UTC 2018 - dimstar@opensuse.org @@ -160,9 +263,9 @@ Fri Feb 2 10:43:48 UTC 2018 - dimstar@opensuse.org /proc/meminfo. ------------------------------------------------------------------- -Wed Jan 31 09:45:45 UTC 2018 - tchvatal@suse.com +Mon Jan 29 13:07:38 UTC 2018 - tchvatal@suse.com -- Bump to 65.0.3325.31 +- Fix default page to not point to 404 ------------------------------------------------------------------- Mon Jan 29 12:36:31 UTC 2018 - tchvatal@suse.com @@ -170,296 +273,318 @@ Mon Jan 29 12:36:31 UTC 2018 - tchvatal@suse.com - Install swiftshader objects too as they are needed ------------------------------------------------------------------- -Fri Jan 26 10:12:22 UTC 2018 - tchvatal@suse.com +Fri Jan 26 10:11:22 UTC 2018 - tchvatal@suse.com -- Update to 65.0.3325.18 -- Try to have automatic ozone platform detection +- Disable ozone stuff conditions for now as the headless mode + breaks up runtime bsc#1077722 ------------------------------------------------------------------- -Wed Jan 17 14:28:37 UTC 2018 - tchvatal@suse.com +Thu Jan 25 09:51:59 UTC 2018 - tchvatal@suse.com -- Bump to 65.0.3322.3 +- Switch to gcc7 on Leap builds ------------------------------------------------------------------- -Mon Jan 8 20:12:43 UTC 2018 - tchvatal@suse.com +Thu Jan 25 09:42:51 UTC 2018 - tchvatal@suse.com -- Bump to 65.0.3311.3 -- Drop chromium-63.0.3289.84-fix-ft-hb-unbundle.patch +- Version update to 64.0.3282.119 bsc#1077571: + * High CVE-2018-6031: Use after free in PDFium. Reported by Anonymous on 2017-11-01 + * High CVE-2018-6032: Same origin bypass in Shared Worker. Reported by Jun Kokatsu (@shhnjk) on 2017-11-20 + * High CVE-2018-6033: Race when opening downloaded files. Reported by Juho Nurminen on 2017-12-09 + * Medium CVE-2018-6034: Integer overflow in Blink. Reported by Tobias Klein (www.trapkit.de) on 2017-11-12 + * Medium CVE-2018-6035: Insufficient isolation of devtools from extensions. Reported by Rob Wu on 2017-12-23 + * Medium CVE-2018-6036: Integer underflow in WebAssembly. Reported by The UK's National Cyber Security Centre (NCSC) on 2017-11-30 + * Medium CVE-2018-6037: Insufficient user gesture requirements in autofill. Reported by Paul Stone of Context Information Security on 2017-08-09 + * Medium CVE-2018-6038: Heap buffer overflow in WebGL. Reported by cloudfuzzer on 2017-10-12 + * Medium CVE-2018-6039: XSS in DevTools. Reported by Juho Nurminen on 2017-10-17 + * Medium CVE-2018-6040: Content security policy bypass. Reported by WenXu Wu of Tencent's Xuanwu Lab on 2017-10-26 + * Medium CVE-2018-6041: URL spoof in Navigation. Reported by Luan Herrera on 2017-08-29 + * Medium CVE-2018-6042: URL spoof in OmniBox. Reported by Khalil Zhani on 2017-10-12 + * Medium CVE-2018-6043: Insufficient escaping with external URL handlers. Reported by 0x09AL on 2017-11-16 + * Medium CVE-2018-6045: Insufficient isolation of devtools from extensions. Reported by Rob Wu on 2017-12-23 + * Medium CVE-2018-6046: Insufficient isolation of devtools from extensions. Reported by Rob Wu on 2017-12-31 + * Medium CVE-2018-6047: Cross origin URL leak in WebGL. Reported by Masato Kinugawa on 2018-01-08 + * Low CVE-2018-6048: Referrer policy bypass in Blink. Reported by Jun Kokatsu (@shhnjk) on 2017-09-08 + * Low CVE-2017-15420: URL spoofing in Omnibox. Reported by Drew Springall (@_aaspring_) on 2017-10-05 + * Low CVE-2018-6049: UI spoof in Permissions. Reported by WenXu Wu of Tencent's Xuanwu Lab on 2017-10-13 + * Low CVE-2018-6050: URL spoof in OmniBox. Reported by Jonathan Kew on 2017-10-15 + * Low CVE-2018-6051: Referrer leak in XSS Auditor. Reported by Antonio Sanso (@asanso) on 2014-12-11 + * Low CVE-2018-6052: Incomplete no-referrer policy implementation. Reported by Tanner Emek on 2016-05-28 + * Low CVE-2018-6053: Leak of page thumbnails in New Tab Page. Reported by Asset Kabdenov on 2017-08-23 + * Low CVE-2018-6054: Use after free in WebUI. Reported by Rob Wu on 2017-12-24 +- Add patches: + * chromium-angle.patch + * chromium-memcpy.patch +- Drop patch: + * chromium-gcc.patch +- Change desktop file name to fit bellow the icon on ie KDE desktop ------------------------------------------------------------------- -Tue Jan 2 13:14:43 UTC 2018 - tchvatal@suse.com +Thu Jan 4 20:59:31 UTC 2018 - astieger@suse.com -- add chromium-63.0.3289.84-fix-ft-hb-unbundle.patch to make sure - we use system freetype/harfbuzz +- Chromium 63.0.3239.132: + * DevTools: do not report raw headers and cookies for protected + subresources + * Various other fixes and updates ------------------------------------------------------------------- -Thu Dec 28 18:00:12 UTC 2017 - tchvatal@suse.com +Fri Dec 15 09:28:07 UTC 2017 - tchvatal@suse.com -- Make sure to use system freetype too +- Version update to 63.0.3239.108 bsc#1072976: + * CVE-2017-15429: UXSS in V8 + * Various fuzzing fixes ------------------------------------------------------------------- -Wed Dec 20 15:38:09 UTC 2017 - tchvatal@suse.com +Thu Dec 7 09:41:13 UTC 2017 - tchvatal@suse.com -- Bump 65.0.3298.3 +- Version update to 63.0.3239.84 bsc#1071691: + * Critical CVE-2017-15407: Out of bounds write in QUIC. + * High CVE-2017-15408: Heap buffer overflow in PDFium. + * High CVE-2017-15409: Out of bounds write in Skia. + * High CVE-2017-15410: Use after free in PDFium. + * High CVE-2017-15411: Use after free in PDFium. + * High CVE-2017-15412: Use after free in libXML. + * High CVE-2017-15413: Type confusion in WebAssembly. + * Medium CVE-2017-15415: Pointer information disclosure in IPC call. + * Medium CVE-2017-15416: Out of bounds read in Blink. + * Medium CVE-2017-15417: Cross origin information disclosure in Skia. + * Medium CVE-2017-15418: Use of uninitialized value in Skia. + * Medium CVE-2017-15419: Cross origin leak of redirect URL in Blink. + * Medium CVE-2017-15420: URL spoofing in Omnibox. + * Medium CVE-2017-15422: Integer overflow in ICU. + * Low CVE-2017-15423: Issue with SPAKE implementation in BoringSSL. + * Low CVE-2017-15424: URL Spoof in Omnibox. + * Low CVE-2017-15425: URL Spoof in Omnibox. + * Low CVE-2017-15426: URL Spoof in Omnibox. + * Low CVE-2017-15427: Insufficient blocking of JavaScript in Omnibox. +- Rebase fix-gn-bootstrap.diff +- Drop merged patches: + * chromium-gcc5.patch + * chromium-60.0.3112.113-breakpad-ucontext.patch + * chromium-62.0.3202.62-correct-cplusplus-check.patch +- Add new patches: + * chromium-non-void-return.patch + * chromium-gcc.patch ------------------------------------------------------------------- -Tue Dec 19 09:43:19 UTC 2017 - tchvatal@suse.com - -- Drop chromium-memcpy.patch - -------------------------------------------------------------------- -Mon Dec 18 10:46:25 UTC 2017 - tchvatal@suse.com - -- Drop minizip conditional (was about 42.1) - -------------------------------------------------------------------- -Sun Dec 17 22:52:29 UTC 2017 - tchvatal@suse.com - -- Bump to 65.0.3294.5 - -------------------------------------------------------------------- -Thu Dec 14 14:55:27 UTC 2017 - tchvatal@suse.com - -- Explicitely describe what ozone parts we want - -------------------------------------------------------------------- -Wed Dec 13 09:47:33 UTC 2017 - tchvatal@suse.com - -- Bump to 64.0.3282.24 -- Enable system icu again -- Tweak the deps to match current setup -- Add patch chromium-memcpy.patch - -------------------------------------------------------------------- -Tue Dec 12 12:55:52 UTC 2017 - tchvatal@suse.com - -- Minimize desktop name to not take so much space - -------------------------------------------------------------------- -Sat Dec 9 12:54:27 UTC 2017 - tchvatal@suse.com - -- Bumpyty to 64.0.3282.14 - -------------------------------------------------------------------- -Thu Nov 30 14:32:41 UTC 2017 - tchvatal@suse.com - -- Bumpy to 64.0.3278.0 - -------------------------------------------------------------------- -Wed Nov 22 11:06:47 UTC 2017 - idonmez@suse.com +Wed Nov 22 11:05:42 UTC 2017 - idonmez@suse.com - BuildRequire nodejs8 instead of nodejs6 for suse_version >= 1330 ------------------------------------------------------------------- -Sun Nov 19 11:25:52 UTC 2017 - tchvatal@suse.com - -- Drop chromium-64.0.3253.3-gpu_lists_version.h.patch -- Drop chromium-gcc.patch - -------------------------------------------------------------------- -Sun Nov 19 11:20:20 UTC 2017 - tchvatal@suse.com - -- Up to 64.0.3269.3 - -------------------------------------------------------------------- -Wed Nov 15 14:42:55 UTC 2017 - astieger@suse.com +Wed Nov 15 14:56:24 UTC 2017 - astieger@suse.com +- Update to 62.0.3202.94: + * multiple minor rendering related fixes - fix rebuilds in same chroot ------------------------------------------------------------------- -Wed Nov 8 21:33:56 UTC 2017 - tchvatal@suse.com +Tue Nov 7 10:12:28 UTC 2017 - tchvatal@suse.com -- Add patch chromium-non-void-return.patch +- Version update to 62.0.3202.89 bsc#1066851: + * CVE-2017-15398: Stack buffer overflow in QUIC + * CVE-2017-15399: Use after free in V8 +- Drop upstream merged chromium-sandbox.patch ------------------------------------------------------------------- -Tue Nov 7 09:41:07 UTC 2017 - tchvatal@suse.com +Fri Nov 3 12:40:33 UTC 2017 - tchvatal@suse.com -- Add patch chromium-64.0.3253.3-gpu_lists_version.h.patch +- Restrict the version on jpeg to not waste build power ------------------------------------------------------------------- -Sat Nov 4 09:38:27 UTC 2017 - tchvatal@suse.com +Sun Oct 29 08:18:37 UTC 2017 - tchvatal@suse.com -- Bump to 64.0.3253.3 +- Add patch to fix sandbox crashes wrt bsc#1064298 + * chromium-sandbox.patch ------------------------------------------------------------------- -Fri Nov 3 11:41:40 UTC 2017 - tchvatal@suse.com +Fri Oct 27 09:17:02 UTC 2017 - tchvatal@suse.com -- Update to 64.0.3251.0 +- Version update to 62.0.3202.75 bsc#1065405 CVE-2017-15396 + * CVE-2017-15396: Stack overflow in V8 ------------------------------------------------------------------- -Thu Nov 2 20:46:57 UTC 2017 - tchvatal@suse.com +Thu Oct 26 12:09:53 UTC 2017 - astieger@suse.com -- Fix the tarball unpacking to unroll all the required content -- Update to 63.0.3239.30 +- BuildRequire nodejs6 required for polymer-bundler.js ------------------------------------------------------------------- -Wed Oct 25 18:24:16 UTC 2017 - tchvatal@suse.com +Thu Oct 26 09:19:09 UTC 2017 - tchvatal@suse.com -- Drop patch chromium-60.0.3112.113-breakpad-ucontext.patch -- Drop patch chromium-sysroot.patch +- Try to export properly CXX/CC variable to fix leap builds ------------------------------------------------------------------- -Wed Oct 11 09:04:46 UTC 2017 - tchvatal@suse.com +Wed Oct 25 17:52:44 UTC 2017 - tchvatal@suse.com -- Bump to 63.0.3236.0 +- Apply patch to fix building crc32 with gcc7: + * chromium-62.0.3202.62-correct-cplusplus-check.patch ------------------------------------------------------------------- -Mon Oct 9 11:42:16 UTC 2017 - tchvatal@suse.com +Thu Oct 19 03:29:56 UTC 2017 - tchvatal@suse.com -- Bump to 63.0.3230.0 - -------------------------------------------------------------------- -Mon Oct 2 10:10:10 UTC 2017 - tchvatal@suse.com - -- Update to 63.0.3223.8 -- Rebase fix-gn-boostrap.diff -- Remove chromium-gcc5.patch - -------------------------------------------------------------------- -Sat Sep 16 15:51:04 UTC 2017 - tchvatal@suse.com - -- Bump to 63.0.3218.0 -- Rebase fix-gn-bootstrap.diff -- Add chromium-sysroot.patch - -------------------------------------------------------------------- -Wed Sep 13 07:51:50 UTC 2017 - tchvatal@suse.com - -- Version update to 62.0.3202.18 - -------------------------------------------------------------------- -Sun Sep 10 09:46:36 UTC 2017 - tchvatal@suse.com - -- Update to latest -- Switch to system libxml again -- Add more folders to be kept in archive - -------------------------------------------------------------------- -Wed Sep 6 13:16:14 UTC 2017 - tchvatal@suse.com - -- Build with gcc6 on leap as we now require --stdc-14 - -------------------------------------------------------------------- -Wed Sep 6 12:55:30 UTC 2017 - tchvatal@suse.com - -- Add patch to build with new glibc: - * chromium-60.0.3112.113-breakpad-ucontext.patch - -------------------------------------------------------------------- -Mon Sep 4 12:11:32 UTC 2017 - tchvatal@suse.com - -- Bump to 62.0.3198.0: - * fix-gn-bootstrap.diff - -------------------------------------------------------------------- -Wed Aug 23 12:40:57 UTC 2017 - tchvatal@suse.com - -- Bump to 62.0.3192.0 -- Rebase patch chromium-prop-codecs.patch - -------------------------------------------------------------------- -Mon Aug 21 09:29:23 UTC 2017 - tchvatal@suse.com - -- Bump to 62.0.3188.2 -- Rebase fix-gn-bootstrap.diff -- Remove arm patches as we exclude it for now: +- Update to 62.0.3202.62 bsc#1064066: + * CVE-2017-5124: UXSS with MHTML. + * CVE-2017-5125: Heap overflow in Skia. + * CVE-2017-5126: Use after free in PDFium. + * CVE-2017-5127: Use after free in PDFium. + * CVE-2017-5128: Heap overflow in WebGL. + * CVE-2017-5129: Use after free in WebAudio. + * CVE-2017-5132: Incorrect stack manipulation in WebAssembly. + * CVE-2017-5130: Heap overflow in libxml2. + * CVE-2017-5131: Out of bounds write in Skia. + * CVE-2017-5133: Out of bounds write in Skia. + * CVE-2017-15386: UI spoofing in Blink. + * CVE-2017-15387: Content security bypass. + * CVE-2017-15388: Out of bounds read in Skia. + * CVE-2017-15389: URL spoofing in OmniBox. + * CVE-2017-15390: URL spoofing in OmniBox. + * CVE-2017-15391: Extension limitation bypass in Extensions. + * CVE-2017-15392: Incorrect registry key handling in PlatformIntegration. + * CVE-2017-15393: Referrer leak in Devtools. + * CVE-2017-15394: URL spoofing in extensions UI. + * CVE-2017-15395: Null pointer dereference in ImageCapture. +- Drop unused patches: * arm-webrtc-fix.patch * arm_use_right_compiler.patch -- Add patch chromium-gcc5.patch - -------------------------------------------------------------------- -Fri Aug 11 09:37:10 UTC 2017 - tchvatal@suse.com - -- Bump to 62.0.3178.0 -- Add patch chromium-system-zlib.patch -- Rebase patch fix-gn-bootstrap.diff -- Rebase exclude_ymp.diff -- Drop gcc60-fixes.diff as the toolchain was changed - -------------------------------------------------------------------- -Sun Aug 6 07:18:26 UTC 2017 - tchvatal@suse.com - -- Bump to 62.0.3175.4 - -------------------------------------------------------------------- -Sun Aug 6 07:12:01 UTC 2017 - tchvatal@suse.com - -- Bump to 61.0.3163.31 -- Remove condition for gtk3, hard on from now on -- Bump version requirement on nodejs - -------------------------------------------------------------------- -Thu Jul 27 19:42:42 UTC 2017 - tchvatal@suse.com - -- Bump to 61.0.3163.13 -- Rebase fix-gn-bootstrap.diff - -------------------------------------------------------------------- -Thu Jul 20 12:33:20 UTC 2017 - tchvatal@suse.com - -- Refresh patches: - * fix-gn-bootstrap.diff + * chromium-46.0.2490.71-fix-missing-i18n_process_css_test.patch + * chromium-atk.patch + * chromium-mojo-dep.patch * gcc60-fixes.diff +- Refresh patches: + * chromium-gcc5.patch + * chromium-prop-codecs.patch + * exclude_ymp.diff + * fix-gn-bootstrap.diff ------------------------------------------------------------------- -Wed Jul 19 15:14:56 UTC 2017 - tchvatal@suse.com +Fri Sep 22 14:50:40 UTC 2017 - astieger@suse.com -- Bump to 61.0.3159.5 -- Use system libcxx -- Refresh patch fix-gn-bootstrap.diff +- Update to 61.0.3163.100 (boo#1060019): + * CVE-2017-5121: Out-of-bounds access in V8 + * CVE-2017-5122: Out-of-bounds access in V8 + * Various fixes from internal audits, fuzzing and other initiatives ------------------------------------------------------------------- -Mon Jul 17 07:53:34 UTC 2017 - tchvatal@suse.com +Sat Sep 16 15:50:19 UTC 2017 - tchvatal@suse.com -- Recommend emoji fonts for various communicators to not display +- Update to 61.0.3163.91: + * Various bugfixes + +------------------------------------------------------------------- +Mon Sep 11 08:45:35 UTC 2017 - tchvatal@suse.com + +- Update to 61.0.3163.79 bsc#1057364: + * CVE-2017-5111: Use after free in PDFium. + * CVE-2017-5112: Heap buffer overflow in WebGL. + * CVE-2017-5113: Heap buffer overflow in Skia. + * CVE-2017-5114: Memory lifecycle issue in PDFium. + * CVE-2017-5115: Type confusion in V8. + * CVE-2017-5116: Type confusion in V8. + * CVE-2017-5117: Use of uninitialized value in Skia. + * CVE-2017-5118: Bypass of Content Security Policy in Blink. + * CVE-2017-5119: Use of uninitialized value in Skia. + * CVE-2017-5120: Potential HTTPS downgrade during redirect navigation. +- Rebase patch: + * fix-gn-bootstrap.diff +- Remove patches: + * chromium-gcc7.patch + * chromium-override.patch +- Add new patches: + * chromium-atk.patch + * chromium-gcc5.patch + * chromium-mojo-dep.patch +- Gtk3 is hard required from now on +- Version some of the required dependencies + +------------------------------------------------------------------- +Mon Aug 28 22:57:05 UTC 2017 - astieger@suse.com + +- fix build with Factory glibc: + add chromium-60.0.3112.113-breakpad-ucontext.patch + +------------------------------------------------------------------- +Fri Aug 25 09:17:27 UTC 2017 - tchvatal@suse.com + +- Version update to 60.0.3112.113: + * Various bugfixes + +------------------------------------------------------------------- +Tue Aug 15 15:17:00 UTC 2017 - tchvatal@suse.com + +- Version update to 60.0.3112.101: + * various usability bugfixes + +------------------------------------------------------------------- +Thu Aug 3 13:25:33 UTC 2017 - tchvatal@suse.com + +- Version update to 60.0.3112.90: + * Various usability bugfixes + +------------------------------------------------------------------- +Wed Jul 26 13:27:55 UTC 2017 - tchvatal@suse.com + +- Version update to 60.0.3112.78 bsc#1050537: + * CVE-2017-5091: Use after free in IndexedDB + * CVE-2017-5092: Use after free in PPAPI + * CVE-2017-5093: UI spoofing in Blink + * CVE-2017-5094: Type confusion in extensions + * CVE-2017-5095: Out-of-bounds write in PDFium + * CVE-2017-5096: User information leak via Android intents + * CVE-2017-5097: Out-of-bounds read in Skia + * CVE-2017-5098: Use after free in V8 + * CVE-2017-5099: Out-of-bounds write in PPAPI + * CVE-2017-5100: Use after free in Chrome Apps + * CVE-2017-5101: URL spoofing in OmniBox + * CVE-2017-5102: Uninitialized use in Skia + * CVE-2017-5103: Uninitialized use in Skia + * CVE-2017-5104: UI spoofing in browser + * CVE-2017-7000: Pointer disclosure in SQLite + * CVE-2017-5105: URL spoofing in OmniBox + * CVE-2017-5106: URL spoofing in OmniBox + * CVE-2017-5107: User information leak via SVG + * CVE-2017-5108: Type confusion in PDFium + * CVE-2017-5109: UI spoofing in browser + * CVE-2017-5110: UI spoofing in payments dialog + * Various fixes from internal audits, fuzzing and other initiatives +- Add patch chromium-override.patch +- Remove patches chromium-fpermissive.patch chromium-system-ffmpeg-r3.patch +- Rebase patches: + * chromium-dma-buf.patch + * chromium-gcc7.patch + * chromium-last-commit-position-r0.patch + * fix-gn-bootstrap.diff + +------------------------------------------------------------------- +Mon Jul 24 09:01:07 UTC 2017 - tchvatal@suse.com + +- Recommend emoji fonts to make sure major web chats do not show questionmarks -------------------------------------------------------------------- -Thu Jul 13 07:52:52 UTC 2017 - tchvatal@suse.com +------------------------------------------------------------------ +Wed Jun 28 19:27:55 UTC 2017 - tchvatal@suse.com -- Bump to 61.0.3153.4 -- Refresh patch fix-gn-bootstrap.diff +- Update to 59.0.3071.115: + * Various small fixes all around ------------------------------------------------------------------- -Thu Jun 29 07:07:53 UTC 2017 - tchvatal@suse.com +Fri Jun 23 07:46:48 UTC 2017 - astieger@suse.com -- Remove already applied patch chromium-gcc7.patch +- Update to 59.0.3071.109: + * ozone/drm: Only reuse ScanoutBuffers with compatible modifiers + * Fixing mouse focus on WebView + * Remove gtk dependency from gles tests + * Set build flag when using own FreeType + * Revert of [scheduler] Move some task types to suspendable task runner + * Fix an incorrect method name on the chrome://site-engagement WebUI page + * Linux/Windows: Removing Guest menu item for supervised profile ------------------------------------------------------------------- -Tue Jun 27 17:59:45 UTC 2017 - tchvatal@suse.com +Fri Jun 16 12:12:56 UTC 2017 - astieger@suse.com -- require nss >= 3.26 -- Update to 61.0.3141.7 -- Refresh fix-gn-bootstrap.diff - -------------------------------------------------------------------- -Thu Jun 22 08:46:57 UTC 2017 - tchvatal@suse.com - -- Drop merged patch chromium-system-icu.patch -- Refresh patch fix-gn-bootstrap.diff - -------------------------------------------------------------------- -Wed Jun 21 17:06:27 UTC 2017 - tchvatal@suse.com - -- Version update to 61.0.3135.4 - -------------------------------------------------------------------- -Thu Jun 15 08:26:29 UTC 2017 - tchvatal@suse.com - -- Update to 61.0.3128.3 -- Add patch chromium-system-icu.patch - -------------------------------------------------------------------- -Sat Jun 10 14:05:13 UTC 2017 - tchvatal@suse.com - -- Update to 61.0.3124.4 -- Refresh patch fix-gn-bootstrap.diff -- Drop patch chromium-override.patch merged upstream - -------------------------------------------------------------------- -Fri Jun 9 12:11:47 UTC 2017 - tchvatal@suse.com - -- Bump to 60.0.3112.24 +- Update to 59.0.3071.104 (bsc#1044690): + * CVE-2017-5087: Sandbox Escape in IndexedDB + * CVE-2017-5088: Out of bounds read in V8 + * CVE-2017-5089: Domain spoofing in Omnibox + * Various fixes from internal audits, fuzzing and other initiatives ------------------------------------------------------------------- Thu Jun 8 14:56:42 UTC 2017 - tchvatal@suse.com @@ -467,104 +592,56 @@ Thu Jun 8 14:56:42 UTC 2017 - tchvatal@suse.com - Add patch chromium-buildname.patch bsc#1043420 ------------------------------------------------------------------- -Wed Jun 7 09:10:40 UTC 2017 - tchvatal@suse.com +Tue Jun 6 07:53:53 UTC 2017 - tchvatal@suse.com -- Update to 60.0.3112.20 - -------------------------------------------------------------------- -Tue Jun 6 10:56:24 UTC 2017 - tchvatal@suse.com - -- Drop patch chromium-system-icu.patch - * Use bundled icu as system is unbuildable at the moment - -------------------------------------------------------------------- -Mon Jun 5 12:23:26 UTC 2017 - tchvatal@suse.com - -- Bump to 60.0.3112.7 -- Add patch for gcc7 chromium-gcc7.patch -- Add patch to build with gcc chromium-override.patch -- Add patch to build with system icu 59 chromium-system-icu.patch - -------------------------------------------------------------------- -Wed May 31 14:23:42 UTC 2017 - tchvatal@suse.com - -- Update to upstream 60.0.3112.7 - * Refresh patch fix-gn-bootstrap.diff -- Remove upstream merged chromium-system-harfbuzz.patch - -------------------------------------------------------------------- -Wed May 24 12:22:27 UTC 2017 - tchvatal@suse.com - -- Update 60.0.3107.4 -- Refresh patch chromium-last-commit-position-r0.patch -- Remove upstreamed chromium-system-ffmpeg-r3.patch -- Remove upstreamed chromium-system-opus.patch -- Remove upstreamed chromium-system-libpng.patch -- Remove upstreamed chromium-system-libwebp.patch -- Update fix-gn-bootstrap.diff -- Add patch chromium-system-harfbuzz.patch - -------------------------------------------------------------------- -Thu May 18 10:31:53 UTC 2017 - tchvatal@suse.com - -- Version update to 60.0.3100.0 -- Add patches: - * chromium-system-libpng.patch - * chromium-system-libwebp.patch - -------------------------------------------------------------------- -Wed May 17 09:22:27 UTC 2017 - tchvatal@suse.com - -- Export gcc standard version to fix build on older releases - * Needed for vulcan - -------------------------------------------------------------------- -Fri May 12 11:25:49 UTC 2017 - tchvatal@suse.com - -- Update to 60.0.3095.5 -- Update patch: - * fix-gn-bootstrap.diff - -------------------------------------------------------------------- -Sat May 6 08:50:17 UTC 2017 - tchvatal@suse.com - -- Switch to system opus and yasm - -------------------------------------------------------------------- -Fri May 5 12:11:38 UTC 2017 - tchvatal@suse.com - -- Update to 60.0.3088.3 -- Update patch: - * fix-gn-bootstrap.diff - * chromium-dma-buf.patch - -------------------------------------------------------------------- -Thu May 4 12:52:01 UTC 2017 - tchvatal@suse.com - -- Version update to 60.0.3080.5 -- Refresh patch: +- Update to 59.0.3071.86 bsc#1042833: + * CVE-2017-5070: Type confusion in V8. Reported by Zhao Qixun(@S0rryMybad) of Qihoo 360 Vulcan Team on 2017-05-16 + * CVE-2017-5071: Out of bounds read in V8. Reported by Choongwoo Han on 2017-04-26 + * CVE-2017-5072: Address spoofing in Omnibox. Reported by Rayyan Bijoora on 2017-04-07 + * CVE-2017-5073: Use after free in print preview. Reported by Khalil Zhani on 2017-04-28 + * CVE-2017-5074: Use after free in Apps Bluetooth. Reported by anonymous on 2017-03-09 + * CVE-2017-5075: Information leak in CSP reporting. Reported by Emmanuel Gil Peyrot on 2017-01-05 + * CVE-2017-5086: Address spoofing in Omnibox. Reported by Rayyan Bijoora on 2017-05-16 + * CVE-2017-5076: Address spoofing in Omnibox. Reported by Samuel Erb on 2017-05-06 + * CVE-2017-5077: Heap buffer overflow in Skia. Reported by Sweetchip on 2017-04-28 + * CVE-2017-5078: Possible command injection in mailto handling. Reported by Jose Carlos Exposito Bueno on 2017-04-12 + * CVE-2017-5079: UI spoofing in Blink. Reported by Khalil Zhani on 2017-04-20 + * CVE-2017-5080: Use after free in credit card autofill. Reported by Khalil Zhani on 2017-04-05 + * CVE-2017-5081: Extension verification bypass. Reported by Andrey Kovalev (@L1kvID) Yandex Security Team on 2016-12-07 + * CVE-2017-5082: Insufficient hardening in credit card editor. Reported by Nightwatch Cybersecurity Research on 2017-05-11 + * CVE-2017-5083: UI spoofing in Blink. Reported by Khalil Zhani on 2017-04-24 + * CVE-2017-5085: Inappropriate javascript execution on WebUI pages. Reported by Zhiyang Zeng of Tencent security platform department on 2017-02-15 +- Add patch to fix build with system dma: * chromium-dma-buf.patch +- Drop no longer needed patches: + * chromium-linker-memory.patch + * chromium-system-jinja-r13.patch +- Refresh patches: + * chromium-gcc7.patch + * chromium-system-ffmpeg-r3.patch * fix-gn-bootstrap.diff +- Use bundled libxml + * Upstream unfortunately uses git snapshot that is not api/abi compatible ------------------------------------------------------------------- -Fri Apr 28 18:40:01 UTC 2017 - tchvatal@suse.com +Mon Jun 5 12:55:22 UTC 2017 - tchvatal@suse.com -- Use bundled libxml (they have git snapshot :/) +- Add patch to build with gcc7: + * chromium-gcc7.patch +- Add patch for fpermissive build error: + * chromium-fpermissive.patch ------------------------------------------------------------------- -Fri Apr 28 18:21:44 UTC 2017 - tchvatal@suse.com +Wed May 10 07:43:46 UTC 2017 - tchvatal@suse.com -- Add more bundled folders +- Version update to 58.0.3029.110: + * Various small bugfixes ------------------------------------------------------------------- -Fri Apr 28 06:03:50 UTC 2017 - tchvatal@suse.com +Thu May 4 12:40:32 UTC 2017 - tchvatal@suse.com -- Also drop patch chromium-system-jinja-r13.patch - -------------------------------------------------------------------- -Fri Apr 28 05:55:11 UTC 2017 - tchvatal@suse.com - -- Bump to 59.0.3071.29 +- Version update to 58.0.3029.96: + * Fixes bsc#1037594 CVE-2017-5068 ------------------------------------------------------------------- Tue Apr 25 13:24:42 UTC 2017 - tchvatal@suse.com @@ -573,56 +650,34 @@ Tue Apr 25 13:24:42 UTC 2017 - tchvatal@suse.com * It is at least used only during build ------------------------------------------------------------------- -Fri Apr 21 19:16:32 UTC 2017 - tchvatal@suse.com +Fri Apr 21 09:57:49 UTC 2017 - tchvatal@suse.com -- Refresh patch chromium-system-ffmpeg-r3.patch -- Delete patch chromium-system-libjpeg.patch - -------------------------------------------------------------------- -Fri Apr 21 18:58:53 UTC 2017 - tchvatal@suse.com - -- Update to 59.0.3071.15 - -------------------------------------------------------------------- -Fri Apr 21 09:01:47 UTC 2017 - tchvatal@suse.com - -- Drop exif dep, unused -- Pass no-clean option to bootstrap.py for debugging purposes - -------------------------------------------------------------------- -Wed Apr 19 13:21:37 UTC 2017 - tchvatal@suse.com - -- Version update to 59.0.3071.9 - -------------------------------------------------------------------- -Thu Apr 13 08:22:25 UTC 2017 - tchvatal@suse.com - -- Update to 59.0.3067.0 -- Sort out the harfbuzz bundling conditional to be together with minizip - -------------------------------------------------------------------- -Wed Apr 12 11:20:22 UTC 2017 - tchvatal@suse.com - -- Bump harfbuzz and icu requirements - -------------------------------------------------------------------- -Tue Apr 11 11:52:32 UTC 2017 - tchvatal@suse.com - -- Add patch chromium-dma-buf.patch -- Add patch chromium-system-libjpeg.patch - -------------------------------------------------------------------- -Fri Apr 7 08:49:05 UTC 2017 - tchvatal@suse.com - -- Version update to 59.0.3063.4 +- Version update to 58.0.3029.81 bsc#1035103: + * High CVE-2017-5057: Type confusion in PDFium. Credit to Guang Gong of Alpha Team, Qihoo 360 + * High CVE-2017-5058: Heap use after free in Print Preview. Credit to Khalil Zhani + * High CVE-2017-5059: Type confusion in Blink. Credit to SkyLined working with Trend Micro's Zero Day Initiative + * Medium CVE-2017-5060: URL spoofing in Omnibox. Credit to Xudong Zheng + * Medium CVE-2017-5061: URL spoofing in Omnibox. Credit to Haosheng Wang (@gnehsoah) + * Medium CVE-2017-5062: Use after free in Chrome Apps. Credit to anonymous + * Medium CVE-2017-5063: Heap overflow in Skia. Credit to Sweetchip + * Medium CVE-2017-5064: Use after free in Blink. Credit to Wadih Matar + * Medium CVE-2017-5065: Incorrect UI in Blink. Credit to Khalil Zhani + * Medium CVE-2017-5066: Incorrect signature handing in Networking. Credit to chenchu + * Medium CVE-2017-5067: URL spoofing in Omnibox. Credit to Khalil Zhani + * Low CVE-2017-5069: Cross-origin bypass in Blink. Credit to Michael Reizelman - Refresh patch fix-gn-bootstrap.diff -- Refresh patch chromium-system-ffmpeg-r3.patch +- Refresh patch chromium-system-jinja-r13.patch +- Remove obsolete patch chromium-57-gcc4.patch ------------------------------------------------------------------- -Thu Mar 30 13:02:21 UTC 2017 - tchvatal@suse.com +Thu Mar 30 13:07:50 UTC 2017 - tchvatal@suse.com -- Update to 59.0.3053.3 -- Refresh patch fix-gn-bootstrap.diff +- Version update to 57.0.2987.133 bsc#1031677: + * Critical CVE-2017-5055: Use after free in printing. Credit to Wadih Matar + * High CVE-2017-5054: Heap buffer overflow in V8. Credit to Nicolas Trippar of Zimperium zLabs + * High CVE-2017-5052: Bad cast in Blink. Credit to JeongHoon Shin + * High CVE-2017-5056: Use after free in Blink. Credit to anonymous + * High CVE-2017-5053: Out of bounds memory access in V8. Credit to Team Sniper (Keen Lab and PC Mgr) reported through ZDI (ZDI-CAN-4587) ------------------------------------------------------------------- Fri Mar 24 15:22:38 UTC 2017 - tchvatal@suse.com @@ -630,238 +685,167 @@ Fri Mar 24 15:22:38 UTC 2017 - tchvatal@suse.com - Drop the browser(npapi) provide which is not true ------------------------------------------------------------------- -Wed Mar 22 10:57:21 UTC 2017 - tchvatal@suse.com +Sun Mar 19 11:04:47 UTC 2017 - tchvatal@suse.com -- Drop patch chromium-linker-memory.patch as with i586 dropped it - should not be required -- Update patch fix-gn-bootstrap.diff +- Add patch to build with gcc4 + * chromium-57-gcc4.patch ------------------------------------------------------------------- -Wed Mar 22 10:56:09 UTC 2017 - tchvatal@suse.com +Thu Mar 16 20:45:00 UTC 2017 - tchvatal@suse.com -- Version update to chromium-59.0.3047.0 +- Do not use gcc5 and newer as the compat was fixed again +- Update to 57.0.2987.110 with various other small tweaks ------------------------------------------------------------------- -Tue Mar 21 12:41:00 UTC 2017 - tchvatal@suse.com +Fri Mar 10 10:55:23 UTC 2017 - tchvatal@suse.com -- Few tweaks around clang switch to be viable +- Version update to 57.0.2987.98 bsc#1028848: + CVE-2017-5030 CVE-2017-5031 CVE-2017-5032 CVE-2017-5029 CVE-2017-5034 + CVE-2017-5035 CVE-2017-5036 CVE-2017-5037 CVE-2017-5039 CVE-2017-5040 + CVE-2017-5041 CVE-2017-5033 CVE-2017-5042 CVE-2017-5038 CVE-2017-5043 + CVE-2017-5044 CVE-2017-5045 CVE-2017-5046 +- Refresh patches + * fix-gn-bootstrap.diff + * chromium-linker-memory.patch +- Remove obsolete patches: + * chromium-sandbox.patch + * chromium-54-ffmpeg2compat.patch +- Remove vaapi patch which broke rendering on non-intel cards: + * chromium-enable-vaapi-on-suse.patch +- From this release onwards i586 build is disabled ------------------------------------------------------------------- -Sat Mar 18 19:13:16 UTC 2017 - tchvatal@suse.com - -- Update to 59.0.3043.0 -- Refresh patch fix-gn-bootstrap.diff - -------------------------------------------------------------------- -Wed Mar 15 10:14:35 UTC 2017 - tchvatal@suse.com - -- Update to 58.0.3029.19 - -------------------------------------------------------------------- -Wed Mar 15 09:34:48 UTC 2017 - tchvatal@suse.com - -- Reduce the requirement on gcc to be 4.8 only again - -------------------------------------------------------------------- -Mon Mar 13 12:20:56 UTC 2017 - tchvatal@suse.com - -- Version update to 58.0.3029.14 - -------------------------------------------------------------------- -Mon Mar 13 11:41:34 UTC 2017 - tchvatal@suse.com - -- Disable system vpx for now, needs symbols that will be in 1.6.2 - -------------------------------------------------------------------- -Fri Mar 10 13:03:15 UTC 2017 - tchvatal@suse.com - -- Update fix-gn-bootstrap.diff to build again - -------------------------------------------------------------------- -Wed Mar 8 11:26:35 UTC 2017 - tchvatal@suse.com - -- Version update to 58.0.3029.6 - -------------------------------------------------------------------- -Thu Mar 2 15:19:25 UTC 2017 - tchvatal@suse.com - -- Update to 58.0.3026.3 -- Empty fix-gn-bootstrap.diff again as it was merged upstream - -------------------------------------------------------------------- -Mon Feb 27 11:22:10 UTC 2017 - tchvatal@suse.com - -- Drop patch chromium-enable-vaapi-on-suse.patch as it breaks on - radeon and nvidia cards - -------------------------------------------------------------------- -Fri Feb 24 07:58:48 UTC 2017 - tchvatal@suse.com - -- Update to 58.0.3018.3 -- Update patch fix-gn-bootstrap.diff to match what is needed now -- Refresh patch chromium-system-jinja-r13.patch - -------------------------------------------------------------------- -Fri Feb 17 12:14:06 UTC 2017 - tchvatal@suse.com - -- Version update to 58.0.3013.3 - -------------------------------------------------------------------- -Wed Feb 15 12:15:52 UTC 2017 - idonmez@suse.com +Wed Feb 15 12:02:32 UTC 2017 - idonmez@suse.com - Also add harfbuzz-ng to keeplibs for SLE -------------------------------------------------------------------- -Wed Feb 8 12:39:54 UTC 2017 - tchvatal@suse.com - -- Update to 58.0.3004.3 - -------------------------------------------------------------------- -Wed Feb 8 12:32:46 UTC 2017 - tchvatal@suse.com - -- Try to properly set up nodejs for build - -------------------------------------------------------------------- -Mon Feb 6 20:39:24 UTC 2017 - tchvatal@suse.com - -- Version update to 58.3000.4 next dev channel -- Drop patch chromium-54-ffmpeg2compat.patch as we require ffmpeg3 now - ------------------------------------------------------------------- Mon Feb 6 20:29:52 UTC 2017 - tchvatal@suse.com - Add condition for system harfbuzz to be disabled on SLE ------------------------------------------------------------------- -Mon Feb 6 12:16:45 UTC 2017 - qvoheagbfovvhubzdxfx@posteo.net +Mon Feb 6 12:21:34 UTC 2017 - qvoheagbfovvhubzdxfx@posteo.net + +- Fixed a typo in the build requirements for system minizip. + +------------------------------------------------------------------- +Fri Feb 3 12:23:34 UTC 2017 - tchvatal@suse.com + +- Version update to 56.0.2924.87: + * Various small fixes + * Disabled option to enable/disable plugins in the chrome://plugins + +------------------------------------------------------------------- +Thu Feb 2 20:01:27 UTC 2017 - qvoheagbfovvhubzdxfx@posteo.net + +- Added the package 'chromium-privacy' with multiple patches + sourced from the release version on https://github.com/ + u4qo60z73t1c4hurv3ny/privacy_patches-oS_cr, which, when enabled + with the build option 'privacy', builds a version of Chromium + with less privacy implications due to Google services + integration. + +------------------------------------------------------------------- +Wed Feb 1 09:48:35 UTC 2017 - qvoheagbfovvhubzdxfx@posteo.net - Changed the build requirement of libavformat to library version 57.41.100, as included in ffmpeg 3.1.1, as only this version properly supports the public AVStream API 'codecpar'. + +------------------------------------------------------------------- +Tue Jan 31 14:08:26 UTC 2017 - tchvatal@suse.com + +- Version update to 56.0.2924.76 bsc#1022049: + - CVE-2017-5007: Universal XSS in Blink + - CVE-2017-5006: Universal XSS in Blink + - CVE-2017-5008: Universal XSS in Blink + - CVE-2017-5010: Universal XSS in Blink + - CVE-2017-5011: Unauthorised file access in Devtools + - CVE-2017-5009: Out of bounds memory access in WebRTC + - CVE-2017-5012: Heap overflow in V8 + - CVE-2017-5013: Address spoofing in Omnibox + - CVE-2017-5014: Heap overflow in Skia + - CVE-2017-5015: Address spoofing in Omnibox + - CVE-2017-5019: Use after free in Renderer + - CVE-2017-5016: UI spoofing in Blink + - CVE-2017-5017: Uninitialised memory access in webm video + - CVE-2017-5018: Universal XSS in chrome://apps + - CVE-2017-5020: Universal XSS in chrome://downloads + - CVE-2017-5021: Use after free in Extensions + - CVE-2017-5022: Bypass of Content Security Policy in Blink + - CVE-2017-5023: Type confusion in metrics + - CVE-2017-5024: Heap overflow in FFmpeg + - CVE-2017-5025: Heap overflow in FFmpeg + - CVE-2017-5026: UI spoofing. Credit to Ronni Skansing +- Add conditional to switch between system and bundled icu +- Raise dependency on harfbuzz to 1.3.1 +- Also refresh patches: + chromium-prop-codecs.patch chromium-linker-memory.patch + +------------------------------------------------------------------- +Sat Jan 28 11:31:18 UTC 2017 - qvoheagbfovvhubzdxfx@posteo.net + - Added patch chromium-enable-vaapi-on-suse.patch to enable VAAPI hardware accelerated video decoding. - * chromium-enable-vaapi-on-suse.patch -- Fixed a typo in the build requirements for system minizip. ------------------------------------------------------------------- -Fri Feb 3 10:38:16 UTC 2017 - tchvatal@suse.com +Wed Dec 21 20:19:42 UTC 2016 - astieger@suse.com -- Update to 57.0.2987.21 +- Chromium 55.0.2883.87: + * various fixes for crashes and specific wesites + * update Google pinned certificates ------------------------------------------------------------------- -Wed Feb 1 12:44:58 UTC 2017 - tchvatal@suse.com +Wed Dec 21 10:02:52 UTC 2016 - tchvatal@suse.com -- Update to 57.0.2987.19 +- Disable system icu on Factory, crashes autofill ------------------------------------------------------------------- -Sun Jan 29 17:58:34 UTC 2017 - tchvatal@suse.com - -- Version update to 57.0.2987.13 - -------------------------------------------------------------------- -Wed Jan 25 13:47:13 UTC 2017 - tchvatal@suse.com - -- Update to 57.0.2987.8 - -------------------------------------------------------------------- -Tue Jan 24 10:43:32 UTC 2017 - tchvatal@suse.com - -- Update to 57.0.2986.0 - -------------------------------------------------------------------- -Thu Jan 19 10:40:36 UTC 2017 - tchvatal@suse.com - -- Version update to 57.0.2984.0 - -------------------------------------------------------------------- -Fri Jan 13 09:13:44 UTC 2017 - tchvatal@suse.com - -- Drop the support code for builtin ffmpeg and rely on the system one always - -------------------------------------------------------------------- -Fri Jan 6 11:53:25 UTC 2017 - tchvatal@suse.com - -- Exclude i586 arch as the resources to build are not there - -------------------------------------------------------------------- -Wed Jan 4 12:36:34 UTC 2017 - tchvatal@suse.com - -- Add toolchain definition hopefully allowing us to build on Leap - with older gcc - * This also exposes more of our suse CFLAGS to the compilation - -------------------------------------------------------------------- -Wed Jan 4 12:07:26 UTC 2017 - tchvatal@suse.com - -- Version update to 57.0.2970.0 -- Refresh patch: - * fix-gn-bootstrap.diff -- Drop patch: - * chromium-sandbox.patch - -------------------------------------------------------------------- -Tue Dec 20 14:55:38 UTC 2016 - tchvatal@suse.com - -- Use gcc5 on leap - -------------------------------------------------------------------- -Mon Dec 19 10:30:45 UTC 2016 - tchvatal@suse.com - -- Update to 57.0.2946.4 - -------------------------------------------------------------------- -Wed Dec 14 10:45:26 UTC 2016 - tchvatal@suse.com - -- Allow building with non-system icu on older systems -- Refresh patch fix-gn-bootstrap.diff -- Disable system icu again, fails to build even on factory - -------------------------------------------------------------------- -Tue Dec 13 14:42:30 UTC 2016 - idonmez@suse.com +Tue Dec 13 14:38:08 UTC 2016 - idonmez@suse.com - python-html5lib now depends on six, so preserve that too for SLE builds. ------------------------------------------------------------------- -Sun Dec 11 13:12:44 UTC 2016 - tchvatal@suse.com +Fri Dec 9 12:07:10 UTC 2016 - astieger@suse.com -- Version update to 57.0.2946.0 +- Obsolete ffmpeg and ffmpegsumo package in addition to conflict ------------------------------------------------------------------- -Sun Dec 11 13:04:36 UTC 2016 - tchvatal@suse.com +Mon Dec 5 17:08:45 UTC 2016 - astieger@suse.com -- Version update to 56.0.2924.21 +- record minimum version for harfbuzz, incuding runtime + Chromium will crash with harfbuzz < 1.3.0 ------------------------------------------------------------------- -Thu Dec 8 08:33:17 UTC 2016 - tchvatal@suse.com +Sat Dec 3 09:59:21 UTC 2016 - tchvatal@suse.com -- Version update to 56.0.2924.18 +- Chromium 55.0.2883.75 bnc#1013236: + CVE-2016-9651 CVE-2016-5208 CVE-2016-5207 CVE-2016-5206 CVE-2016-5205 + CVE-2016-5204 CVE-2016-5209 CVE-2016-5203 CVE-2016-5210 CVE-2016-5212 + CVE-2016-5211 CVE-2016-5213 CVE-2016-5214 CVE-2016-5216 CVE-2016-5215 + CVE-2016-5217 CVE-2016-5218 CVE-2016-5219 CVE-2016-5221 CVE-2016-5220 + CVE-2016-5222 CVE-2016-9650 CVE-2016-5223 CVE-2016-5226 CVE-2016-5225 + CVE-2016-5224 CVE-2016-9652 +- Switch to system libraries: harfbuzz, zlib, ffmpeg, ... +- Refreshed patches: + * chromium-system-ffmpeg-r3.patch + * chromium-system-jinja-r13.patch +- Use system ffmpeg unless on 13.2 that didn't include it + * chromium-54-ffmpeg2compat.patch + * Remove upstreamed chromium-more-codec-aliases.patch +- Remove bookmarks override as discussed with artwork simply just set + homepage to our openSUSE one and that is all ------------------------------------------------------------------- -Sat Dec 3 12:03:04 UTC 2016 - tchvatal@suse.com +Sat Nov 12 08:20:05 UTC 2016 - astieger@suse.com -- Version update to 56.0.2924.14 - -------------------------------------------------------------------- -Tue Nov 29 21:13:49 UTC 2016 - tchvatal@suse.com - -- Version update to 56.0.2924.10 - -------------------------------------------------------------------- -Tue Nov 22 07:40:21 UTC 2016 - tchvatal@suse.com - -- Version update to 56.0.2922.1 - -------------------------------------------------------------------- -Fri Nov 18 08:35:30 UTC 2016 - tchvatal@suse.com - -- Version update to 56.0.2920.0 - -------------------------------------------------------------------- -Mon Nov 14 13:13:16 UTC 2016 - tchvatal@suse.com - -- Version update to 56.0.2914.3: - * refresh patch chromium-prop-codecs.patch +- Chromium 54.0.2840.100: + * CVE-2016-5199: Heap corruption in FFmpeg (boo#1009892) + * CVE-2016-5200: out of bounds memory access in v8 (boo#1009893) + * CVE-2016-5201: info leak in extensions (boo#1009894) + * CVE-2016-5202: various fixes from internal audits (boo#1009895) ------------------------------------------------------------------- Mon Nov 7 20:02:46 UTC 2016 - tchvatal@suse.com @@ -871,96 +855,63 @@ Mon Nov 7 20:02:46 UTC 2016 - tchvatal@suse.com bnc#1008725 ------------------------------------------------------------------- -Sun Nov 6 09:41:28 UTC 2016 - tchvatal@suse.com +Wed Nov 2 07:32:27 UTC 2016 - tchvatal@suse.com -- Put chromium-flags at the end to allow user to override various - variables +- Update to 54.0.2840.90: + * Few fixes and tweaks + * Fixes CVE-2016-5198 bsc#1008274 ------------------------------------------------------------------- -Wed Nov 2 07:36:15 UTC 2016 - tchvatal@suse.com +Fri Oct 21 10:27:16 UTC 2016 - tchvatal@suse.com -- Update to 56.0.2906.0 +- Update to 54.0.2840.71: + * Few fixes around ------------------------------------------------------------------- -Fri Oct 28 16:59:28 UTC 2016 - tchvatal@suse.com +Thu Oct 13 10:19:03 UTC 2016 - tchvatal@suse.com -- Update to 56.0.2902.0 - * Update fix-gn-bootstrap.diff +- Version update to 54.0.2840.59 bnc#1004465: + - CVE-2016-5181: Universal XSS in Blink (Anonymous) + - CVE-2016-5182: Heap overflow in Blink (Giwan Go of STEALIEN) + - CVE-2016-5183: Use after free in PDFium (Anonymous) + - CVE-2016-5184: Use after free in PDFium (Anonymous) + - CVE-2016-5185: Use after free in Blink (cloudfuzzer) + - CVE-2016-5187: URL spoofing (Luan Herrera) + - CVE-2016-5188: UI spoofing (Luan Herrera) + - CVE-2016-5192: Cross-origin bypass in Blink (haojunhou at gmail) + - CVE-2016-5189: URL spoofing (xisigr of Tencent's Xuanwu Lab) + - CVE-2016-5186: Out of bounds read in DevTools (Abdulrahman Alqabandi) + - CVE-2016-5191: Universal XSS in Bookmarks (Gareth Hughes) + - CVE-2016-5190: Use after free in Internals (Atte Kettunen of OUSPG) + - CVE-2016-5193: Scheme bypass (Yuyang ZHOUmartinzhou96) +- packaging changes: + * disable build for chromium-beta on %arm. + * Make linker use less memory by tweaking its options: + chromium-linker-memory.patch + * obsolete desktop subpackages + * Switch to gold to reduce memory use use during build + * fix build on 4.5+ kernels with systemlibs: + chromium-sandbox.patch + * various compiler and linker flag adjustments + * enable gtk3 ui, add patch gtk3-missing-define.patch + * switch from some bundled libraries to the system versions + chromium-system-ffmpeg-r3.patch + chromium-system-jinja-r13.patch + fix-gn-bootstrap.diff + * remove service file covered by download_files +- run time bug fixes: + * Add --ui-disable-partial-swap to the launcher bnc#1000019 + * Use default chromium values from master_preferences on first run + rather than pseudo-duplicating in shellscript +- added features: + * hangouts extension ------------------------------------------------------------------- -Mon Oct 24 13:06:07 UTC 2016 - tchvatal@suse.com +Fri Sep 30 08:00:45 UTC 2016 - tchvatal@suse.com -- Update to 56.0.2897.0 - * Refresh patch chromium-linker-memory.patch - * Update fix-gn-bootstrap.diff - -------------------------------------------------------------------- -Mon Oct 24 11:44:08 UTC 2016 - tchvatal@suse.com - -- Try to make package buildable on SLE12 Backports project - -------------------------------------------------------------------- -Fri Oct 21 10:34:39 UTC 2016 - tchvatal@suse.com - -- Update to 55.0.2883.21 -- Add switch between bundled and system icu as on old distributions - we simply have too old ICU -- Add switch for bundled/system minizip as it is not available on 42.1 - -------------------------------------------------------------------- -Thu Oct 20 07:52:26 UTC 2016 - tchvatal@suse.com - -- Version update to 55.0.2883.18 - -------------------------------------------------------------------- -Mon Oct 17 12:06:03 UTC 2016 - tchvatal@suse.com - -- Version update to 55.0.2883.11 -- Drop chromium-system-zlib.patch -- Add Requires on specified browser for chromedriver wrt bnc#1004839 - -------------------------------------------------------------------- -Sun Oct 9 18:16:49 UTC 2016 - tchvatal@suse.com - -- Version update to 55.0.2882.0: - * Rebase fix-gn-bootstrap.diff - * Remove upstreamed chromium-more-codec-aliases.patch - -------------------------------------------------------------------- -Sat Oct 8 09:51:35 UTC 2016 - mailaender@opensuse.org - -- Add appdata.xml for https://en.opensuse.org/openSUSE:AppStore - -------------------------------------------------------------------- -Fri Sep 30 07:12:16 UTC 2016 - dmueller@suse.com - -- disable build for chromium-beta on %arm. while it does build, - it takes two days, in which we can build roughly 600 other packages, - and I rather build 600 other packages than chromium-beta. - -------------------------------------------------------------------- -Wed Sep 28 17:32:17 UTC 2016 - tchvatal@suse.com - -- Version update to 55.0.2873.0: - * refresh fix-gn-bootstrap.diff - -------------------------------------------------------------------- -Tue Sep 27 08:08:38 UTC 2016 - tchvatal@suse.com - -- Do not install default_bookmarks.html file, just set homepage - and that's it -- Drop chromium-rpmlintrc not really needed - -------------------------------------------------------------------- -Mon Sep 26 14:07:58 UTC 2016 - tchvatal@suse.com - -- Drop chrome-wrapper file it is unused - -------------------------------------------------------------------- -Mon Sep 26 12:29:52 UTC 2016 - tchvatal@suse.com - -- Add --ui-disable-partial-swap to the launcher bnc#1000019 - cr#628168 +- Version update to 53.0.2785.143 bnc#1002140: + * CVE-2016-5177: Use after free in V8 + * CVE-2016-5178: Various fixes from internal audits ------------------------------------------------------------------- Mon Sep 26 12:22:41 UTC 2016 - dimstar@opensuse.org @@ -969,153 +920,50 @@ Mon Sep 26 12:22:41 UTC 2016 - dimstar@opensuse.org it's started as an Xwayland client (boo#1001135). ------------------------------------------------------------------- -Mon Sep 26 08:18:16 UTC 2016 - tchvatal@suse.com +Sat Sep 17 11:36:18 UTC 2016 - tchvatal@suse.com -- Update to 55.0.2868.3: - * remove patch gtk3-missing-define.patch - * update patch fix-gn-bootstrap.diff - * add patch chromium-system-zlib.patch -- Use system icu, upstream bug was fixed - -------------------------------------------------------------------- -Wed Sep 21 09:50:26 UTC 2016 - tchvatal@suse.com - -- Enable system libs again as it works for now -- Disable system vpx on < Factory as the vpx there is too old -- Now stable -> enable tcmalloc again - -------------------------------------------------------------------- -Tue Sep 20 09:00:29 UTC 2016 - tchvatal@suse.com - -- Make linker use less memory by tweaking its options: - * chromium-linker-memory.patch -- Update constraints for arm a bit to build -- Use system ffmpeg unless on 13.2 that didn't include it - * chromium-54-ffmpeg2compat.patch - -------------------------------------------------------------------- -Fri Sep 16 09:12:17 UTC 2016 - tchvatal@suse.com - -- Fix obsoletes for the desktop thingies - -------------------------------------------------------------------- -Thu Sep 15 12:02:32 UTC 2016 - tchvatal@suse.com - -- Gtk3 is still buggy -> disable -- Remove systemlibs for now except ffmpeg as it causes tons of problems - -------------------------------------------------------------------- -Wed Sep 14 14:57:42 UTC 2016 - tchvatal@suse.com - -- Switch to component build - solves issue with linking and not - enough memory -- Document in defaults how to actually enable debugging -- Remove noop conditions and empty variables from .sh script - launching chromium - -------------------------------------------------------------------- -Wed Sep 14 07:31:47 UTC 2016 - tchvatal@suse.com - -- Enable aarch64 to see how it goes -- Version update to 55.0.2859.0 - -------------------------------------------------------------------- -Tue Sep 13 17:13:47 UTC 2016 - tchvatal@suse.com - -- Do not bother with widevine installation, we need to build the - connectors, but later need to use the one bundled with chrome to - work with drm anyway - -------------------------------------------------------------------- -Tue Sep 13 12:53:23 UTC 2016 - tchvatal@suse.com - -- Switch to gold, we need to use less memory when linking -- Expand constraints for the debug symbols -- Use default chromium values from master_preferences on first run - rather than pseudo-duplicating in shellscript, bugs should be - fixed in the masterprefs -- Add patch to fix build on 4.5+ kernels with systemlibs: +- Apply sandbox patch to fix crashers on tumbleweed bnc#999091 * chromium-sandbox.patch ------------------------------------------------------------------- -Mon Sep 12 17:21:26 UTC 2016 - tchvatal@suse.com +Thu Sep 15 13:09:21 UTC 2016 - tchvatal@suse.com -- Collapse the ninja calls to run only once, no need to start 3x -- Remove g0 from cflags, that is something we never want, at least - some symbols for tracing are useful -- Sync more the options that are available for the build +- Version update stable channel 53.0.2785.116 + * Just smal bugfixes around ------------------------------------------------------------------- -Mon Sep 12 08:55:09 UTC 2016 - tchvatal@suse.com +Wed Sep 14 07:35:09 UTC 2016 - tchvatal@suse.com -- Enable more switches that are found in the gn files -- Try to enable gtk3 ui again - * add patch gtk3-missing-define.patch +- Version update to 53.0.2785.113 bnc#998743: + * CVE-2016-5170 Use after free in Blink + * CVE-2016-5171 Use after free in Blink + * CVE-2016-5172 Arbitrary Memory Read in v8 + * CVE-2016-5173 Extension resource access + * CVE-2016-5174 Popup not correctly suppressed + * CVE-2016-5175 Various fixes from internal audits ------------------------------------------------------------------- -Sun Sep 11 09:14:14 UTC 2016 - tchvatal@suse.com +Mon Sep 12 08:31:59 UTC 2016 - tchvatal@suse.com -- Move widevine to subpackage so user have choice between the built - one and the chrome one +- Reenable widevine build again bnc#998328 ------------------------------------------------------------------- -Sat Sep 10 11:02:42 UTC 2016 - tchvatal@suse.com +Sat Sep 10 09:13:37 UTC 2016 - tchvatal@suse.com -- Version update to dev chanel 55.0.2853.0 -- Refresh patches: - * chromium-system-ffmpeg-r3.patch - * chromium-system-jinja-r13.patch -- Correctly detect system ffmpeg and set branding to allow all codecs - that the ffmpeg can work with (eg we simply passover all the data - and do not bother with blacklist/whitelist) +- Stable channel update to 53.0.2785.101 + * SPDY crasher fixes + * Disable NV12 DXGI video on AMD + * Forward --password-store switch to os_crypt + * Tell the kernel to discard USB requests when they time out. ------------------------------------------------------------------- -Sat Sep 10 08:58:20 UTC 2016 - tchvatal@suse.com +Wed Sep 7 14:50:44 UTC 2016 - astieger@suse.com -- Update to 54.0.2840.16 -- Expand provides/obsoletes for the desktop subpackages to remove - them all - -------------------------------------------------------------------- -Thu Sep 8 13:23:30 UTC 2016 - tchvatal@suse.com - -- Enable hangouts extension -- Try to build widevine drm extension instead of using the one from - packman bnc#998328 -- Go back to normal malloc from bundled tcmalloc, switch back when - we can use system one - -------------------------------------------------------------------- -Wed Sep 7 06:36:15 UTC 2016 - tchvatal@suse.com - -- Update to 54.0.2840.14 -- Switch back to gcc on factory -- Switch some bundled libraries off courtesy of gentoo build system -- Try to use system ffmpeg if possible -- Remove useless service file, "osc service localrun download_files" - works fine enough even without it -- Add patches for system jinja and ffmpeg (gentoo): - * chromium-system-ffmpeg-r3.patch - * chromium-system-jinja-r13.patch -- Add back gcc compat patch: - * gcc60-fixes.diff - -------------------------------------------------------------------- -Tue Sep 6 08:32:06 UTC 2016 - tchvatal@suse.com - -- Switch to compile using clang as google has default - * Only for factory on 1320 and older use gcc -- Obsolete kde/gnome subpackages, useless nowdays -- Determine paralelism based on how much memory we have -- Disable gtk3 it seems to be really messy with rendering nowdays - * Stick with gtk2 for time being -- Enable tcmalloc as memory manager -- Sort out with spec-cleaner -- Drop unused patches: - * fix-older-gcc.patch - * gcc60-fixes.diff -- Do not install chromium-generic to libdir just directly go to bindir -- Remove empty pre function +- Update to Chromium 53.0.2785.92: + * Revert of support relocatable RPM packages + * disallow WKBackForwardListItem navigations for pushState pages + * arc: bluetooth: Fix advertised uuid + * fix conflicting PendingIntent for stop button and swipe away ------------------------------------------------------------------- Thu Sep 1 04:04:13 UTC 2016 - tittiatcoke@gmail.com diff --git a/chromium.spec b/chromium.spec index 850d1d5..49ab8b9 100644 --- a/chromium.spec +++ b/chromium.spec @@ -39,7 +39,7 @@ %endif %bcond_with system_vpx %bcond_with clang -Name: chromium-beta +Name: chromium Version: 67.0.3396.62 Release: 0 Summary: Google's open source browser project @@ -186,12 +186,12 @@ Provides: chromium-browser = %{version} Obsoletes: %{name}-suid-helper < %{version} Obsoletes: chromium-browser < %{version} Provides: %{name}-suid-helper = %{version} -Obsoletes: chromium-desktop-kde -Obsoletes: chromium-desktop-gnome -Obsoletes: chromium-beta-desktop-kde Obsoletes: chromium-beta-desktop-gnome -Obsoletes: chromium-dev-desktop-kde +Obsoletes: chromium-beta-desktop-kde +Obsoletes: chromium-desktop-gnome +Obsoletes: chromium-desktop-kde Obsoletes: chromium-dev-desktop-gnome +Obsoletes: chromium-dev-desktop-kde Obsoletes: chromium-ffmpeg Obsoletes: chromium-ffmpegsumo # no 32bit supported and it takes ages to build From 25c09740ce751d80019fc6836da440882b09bceea9fae2ee8d23db100ae879fd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Fri, 1 Jun 2018 17:46:47 +0000 Subject: [PATCH 25/52] - Require ffmpeg >= 4.0 bsc#1095545 OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1134 --- chromium.changes | 5 +++++ chromium.spec | 2 +- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/chromium.changes b/chromium.changes index 65b3b10..f0ce20b 100644 --- a/chromium.changes +++ b/chromium.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Fri Jun 1 17:45:46 UTC 2018 - tchvatal@suse.com + +- Require ffmpeg >= 4.0 bsc#1095545 + ------------------------------------------------------------------- Wed May 30 11:18:13 UTC 2018 - tchvatal@suse.com diff --git a/chromium.spec b/chromium.spec index 49ab8b9..03672c5 100644 --- a/chromium.spec +++ b/chromium.spec @@ -136,7 +136,7 @@ BuildRequires: pkgconfig(kdb) BuildRequires: pkgconfig(krb5) BuildRequires: pkgconfig(libavcodec) BuildRequires: pkgconfig(libavfilter) -BuildRequires: pkgconfig(libavformat) >= 57.41.100 +BuildRequires: pkgconfig(libavformat) >= 58 BuildRequires: pkgconfig(libavutil) BuildRequires: pkgconfig(libcrypto) BuildRequires: pkgconfig(libdc1394-2) From 3d5e956b2b4c64a95cf8ebcaae2abd8d8074acc3e12fb783b031c021d625f62e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Fri, 8 Jun 2018 04:17:04 +0000 Subject: [PATCH 26/52] Accepting request 615035 from home:AndreasStieger:branches:network:chromium - Chromium 67.0.3396.79: * CVE-2018-6148: Incorrect handling of CSP header (boo#1096508) OBS-URL: https://build.opensuse.org/request/show/615035 OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1135 --- chromium-67.0.3396.62.tar.xz | 3 --- chromium-67.0.3396.79.tar.xz | 3 +++ chromium.changes | 6 ++++++ chromium.spec | 2 +- 4 files changed, 10 insertions(+), 4 deletions(-) delete mode 100644 chromium-67.0.3396.62.tar.xz create mode 100644 chromium-67.0.3396.79.tar.xz diff --git a/chromium-67.0.3396.62.tar.xz b/chromium-67.0.3396.62.tar.xz deleted file mode 100644 index 6eeb98e..0000000 --- a/chromium-67.0.3396.62.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:d5ee63932ff1c8c4a5f69c834f6577e7127b416681eddd23bc54886caffd770d -size 591452000 diff --git a/chromium-67.0.3396.79.tar.xz b/chromium-67.0.3396.79.tar.xz new file mode 100644 index 0000000..21d0e23 --- /dev/null +++ b/chromium-67.0.3396.79.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:f8b1e5319163e378027826b12cf256b97423bb90e10e2013469d96e03bc9db8a +size 591459156 diff --git a/chromium.changes b/chromium.changes index f0ce20b..1c2d022 100644 --- a/chromium.changes +++ b/chromium.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Thu Jun 7 12:23:26 UTC 2018 - astieger@suse.com + +- Chromium 67.0.3396.79: + * CVE-2018-6148: Incorrect handling of CSP header (boo#1096508) + ------------------------------------------------------------------- Fri Jun 1 17:45:46 UTC 2018 - tchvatal@suse.com diff --git a/chromium.spec b/chromium.spec index 03672c5..306dfcb 100644 --- a/chromium.spec +++ b/chromium.spec @@ -40,7 +40,7 @@ %bcond_with system_vpx %bcond_with clang Name: chromium -Version: 67.0.3396.62 +Version: 67.0.3396.79 Release: 0 Summary: Google's open source browser project License: BSD-3-Clause AND LGPL-2.1-or-later From 8b80e7cfc0da5fc9fff0997662a0e99d8a21fd487c51115736f205f4a80e92a4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Wed, 13 Jun 2018 16:02:16 +0000 Subject: [PATCH 27/52] Accepting request 616575 from home:AndreasStieger:branches:network:chromium Chromium 67.0.3396.87: * CVE-2018-6149: Out of bounds write in V8 (boo#1097452) OBS-URL: https://build.opensuse.org/request/show/616575 OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1136 --- chromium-67.0.3396.79.tar.xz | 3 --- chromium-67.0.3396.87.tar.xz | 3 +++ chromium.changes | 6 ++++++ chromium.spec | 2 +- 4 files changed, 10 insertions(+), 4 deletions(-) delete mode 100644 chromium-67.0.3396.79.tar.xz create mode 100644 chromium-67.0.3396.87.tar.xz diff --git a/chromium-67.0.3396.79.tar.xz b/chromium-67.0.3396.79.tar.xz deleted file mode 100644 index 21d0e23..0000000 --- a/chromium-67.0.3396.79.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:f8b1e5319163e378027826b12cf256b97423bb90e10e2013469d96e03bc9db8a -size 591459156 diff --git a/chromium-67.0.3396.87.tar.xz b/chromium-67.0.3396.87.tar.xz new file mode 100644 index 0000000..b2922ce --- /dev/null +++ b/chromium-67.0.3396.87.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:5d27a72f0cb8247343034f63fdd9747ff388c05b9fceb541668dd04fb372db1d +size 591491608 diff --git a/chromium.changes b/chromium.changes index 1c2d022..f35c1de 100644 --- a/chromium.changes +++ b/chromium.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Wed Jun 13 09:26:43 UTC 2018 - security@suse.com + +- Chromium 67.0.3396.87: + * CVE-2018-6149: Out of bounds write in V8 (boo#1097452) + ------------------------------------------------------------------- Thu Jun 7 12:23:26 UTC 2018 - astieger@suse.com diff --git a/chromium.spec b/chromium.spec index 306dfcb..055a9fd 100644 --- a/chromium.spec +++ b/chromium.spec @@ -40,7 +40,7 @@ %bcond_with system_vpx %bcond_with clang Name: chromium -Version: 67.0.3396.79 +Version: 67.0.3396.87 Release: 0 Summary: Google's open source browser project License: BSD-3-Clause AND LGPL-2.1-or-later From 8d0048c04e120b440316541ab237771402cecb1a29f95f14b59593fea961058a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Fri, 15 Jun 2018 19:52:10 +0000 Subject: [PATCH 28/52] - Add patch to build under gcc8: * chromium-gcc8.patch OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1137 --- chromium-gcc8.patch | 36 ++++++++++++++++++++++++++++++++++++ chromium.changes | 6 ++++++ chromium.spec | 1 + 3 files changed, 43 insertions(+) create mode 100644 chromium-gcc8.patch diff --git a/chromium-gcc8.patch b/chromium-gcc8.patch new file mode 100644 index 0000000..f176d86 --- /dev/null +++ b/chromium-gcc8.patch @@ -0,0 +1,36 @@ +diff -up chromium-67.0.3396.62/mojo/public/cpp/bindings/associated_interface_ptr_info.h.boolfix chromium-67.0.3396.62/mojo/public/cpp/bindings/associated_interface_ptr_info.h +--- chromium-67.0.3396.62/mojo/public/cpp/bindings/associated_interface_ptr_info.h.boolfix 2018-05-30 04:43:17.000000000 -0400 ++++ chromium-67.0.3396.62/mojo/public/cpp/bindings/associated_interface_ptr_info.h 2018-05-30 12:33:03.268912315 -0400 +@@ -45,7 +45,7 @@ class AssociatedInterfacePtrInfo { + + bool is_valid() const { return handle_.is_valid(); } + +- explicit operator bool() const { return handle_; } ++ explicit operator bool() const { return (bool) handle_; } + + ScopedInterfaceEndpointHandle PassHandle() { + return std::move(handle_); +diff -up chromium-67.0.3396.62/mojo/public/cpp/bindings/associated_interface_request.h.boolfix chromium-67.0.3396.62/mojo/public/cpp/bindings/associated_interface_request.h +--- chromium-67.0.3396.62/mojo/public/cpp/bindings/associated_interface_request.h.boolfix 2018-05-30 04:43:17.000000000 -0400 ++++ chromium-67.0.3396.62/mojo/public/cpp/bindings/associated_interface_request.h 2018-05-30 12:33:03.269912294 -0400 +@@ -50,7 +50,7 @@ class AssociatedInterfaceRequest { + // handle. + bool is_pending() const { return handle_.is_valid(); } + +- explicit operator bool() const { return handle_; } ++ explicit operator bool() const { return (bool) handle_; } + + ScopedInterfaceEndpointHandle PassHandle() { return std::move(handle_); } + +diff -up chromium-67.0.3396.62/mojo/public/cpp/bindings/interface_request.h.boolfix chromium-67.0.3396.62/mojo/public/cpp/bindings/interface_request.h +--- chromium-67.0.3396.62/mojo/public/cpp/bindings/interface_request.h.boolfix 2018-05-30 12:33:03.270912274 -0400 ++++ chromium-67.0.3396.62/mojo/public/cpp/bindings/interface_request.h 2018-05-30 12:34:05.156637922 -0400 +@@ -54,7 +54,7 @@ class InterfaceRequest { + // Indicates whether the request currently contains a valid message pipe. + bool is_pending() const { return handle_.is_valid(); } + +- explicit operator bool() const { return handle_.is_valid(); } ++ explicit operator bool() const { return (bool) handle_.is_valid(); } + + // Removes the message pipe from the request and returns it. + ScopedMessagePipeHandle PassMessagePipe() { return std::move(handle_); } diff --git a/chromium.changes b/chromium.changes index f35c1de..fc95fc6 100644 --- a/chromium.changes +++ b/chromium.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Fri Jun 15 19:51:32 UTC 2018 - tchvatal@suse.com + +- Add patch to build under gcc8: + * chromium-gcc8.patch + ------------------------------------------------------------------- Wed Jun 13 09:26:43 UTC 2018 - security@suse.com diff --git a/chromium.spec b/chromium.spec index 055a9fd..4c12ece 100644 --- a/chromium.spec +++ b/chromium.spec @@ -69,6 +69,7 @@ Patch6: chromium-non-void-return.patch Patch7: chromium-ffmpeg.patch Patch8: chromium-drm.patch Patch9: chromium-sandbox-pie.patch +Patch10: chromium-gcc8.patch # Google seem not too keen on merging this but GPU accel is quite important # https://chromium-review.googlesource.com/c/chromium/src/+/532294 Patch100: chromium-vaapi.patch From 3c005682b2a2d1e795ef9d05ec5c989e569635170237a44e5155deac4713c67b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Sat, 16 Jun 2018 12:00:23 +0000 Subject: [PATCH 29/52] OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1138 --- chromium-gcc8.patch | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/chromium-gcc8.patch b/chromium-gcc8.patch index f176d86..65a00ce 100644 --- a/chromium-gcc8.patch +++ b/chromium-gcc8.patch @@ -34,3 +34,15 @@ diff -up chromium-67.0.3396.62/mojo/public/cpp/bindings/interface_request.h.bool // Removes the message pipe from the request and returns it. ScopedMessagePipeHandle PassMessagePipe() { return std::move(handle_); } +--- chromium-67.0.3396.87/build/config/compiler/BUILD.gn.orig 2018-06-16 13:57:27.583106343 +0200 ++++ chromium-67.0.3396.87/build/config/compiler/BUILD.gn 2018-06-16 13:58:56.541681557 +0200 +@@ -1325,6 +1325,9 @@ + # comments + # https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61638 + cflags += [ "-Wno-comments" ] ++ ++ # too many warnings ++ cflags = [ "-Wno-class-memaccess" ] + } + } + From 32386c4287867044ac2f0a9c2ad28e6b5391a6a95dc1da9c70abd3565eb507a6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Sat, 16 Jun 2018 12:10:18 +0000 Subject: [PATCH 30/52] OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1139 --- chromium-gcc8.patch | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/chromium-gcc8.patch b/chromium-gcc8.patch index 65a00ce..3b77b67 100644 --- a/chromium-gcc8.patch +++ b/chromium-gcc8.patch @@ -42,7 +42,7 @@ diff -up chromium-67.0.3396.62/mojo/public/cpp/bindings/interface_request.h.bool cflags += [ "-Wno-comments" ] + + # too many warnings -+ cflags = [ "-Wno-class-memaccess" ] ++ cflags += [ "-Wno-class-memaccess" ] } } From 5869ed5e811d629d312bf0b2e495bbdac6bdcff36d2e10b5ebd00f9398813b99 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Sat, 16 Jun 2018 12:25:11 +0000 Subject: [PATCH 31/52] OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1140 --- chromium-gcc8.patch | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/chromium-gcc8.patch b/chromium-gcc8.patch index 3b77b67..00574c1 100644 --- a/chromium-gcc8.patch +++ b/chromium-gcc8.patch @@ -35,14 +35,16 @@ diff -up chromium-67.0.3396.62/mojo/public/cpp/bindings/interface_request.h.bool // Removes the message pipe from the request and returns it. ScopedMessagePipeHandle PassMessagePipe() { return std::move(handle_); } --- chromium-67.0.3396.87/build/config/compiler/BUILD.gn.orig 2018-06-16 13:57:27.583106343 +0200 -+++ chromium-67.0.3396.87/build/config/compiler/BUILD.gn 2018-06-16 13:58:56.541681557 +0200 -@@ -1325,6 +1325,9 @@ ++++ chromium-67.0.3396.87/build/config/compiler/BUILD.gn 2018-06-16 14:24:26.713631391 +0200 +@@ -1325,6 +1325,11 @@ # comments # https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61638 cflags += [ "-Wno-comments" ] + + # too many warnings + cflags += [ "-Wno-class-memaccess" ] ++ cflags += [ "-Wno-packed-not-aligned" ] ++ cflags += [ "-Wno-int-in-bool-context" ] } } From 8ef8612ea0a8ffa4a9ac2a0f4a183324f6368c59912df4f9c07e7e807e8319f8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Tue, 10 Jul 2018 11:42:54 +0000 Subject: [PATCH 32/52] - Version update to 67.0.3396.99: * Various small feature fixes, no security OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1142 --- chromium-67.0.3396.87.tar.xz | 3 --- chromium-67.0.3396.99.tar.xz | 3 +++ chromium.changes | 6 ++++++ chromium.spec | 2 +- 4 files changed, 10 insertions(+), 4 deletions(-) delete mode 100644 chromium-67.0.3396.87.tar.xz create mode 100644 chromium-67.0.3396.99.tar.xz diff --git a/chromium-67.0.3396.87.tar.xz b/chromium-67.0.3396.87.tar.xz deleted file mode 100644 index b2922ce..0000000 --- a/chromium-67.0.3396.87.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:5d27a72f0cb8247343034f63fdd9747ff388c05b9fceb541668dd04fb372db1d -size 591491608 diff --git a/chromium-67.0.3396.99.tar.xz b/chromium-67.0.3396.99.tar.xz new file mode 100644 index 0000000..decdb40 --- /dev/null +++ b/chromium-67.0.3396.99.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:452d6b9d8df6c88600aaeff3fad4c065574fd6dbee804e628b70e73a39c0a02a +size 592170796 diff --git a/chromium.changes b/chromium.changes index fc95fc6..54598ad 100644 --- a/chromium.changes +++ b/chromium.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Tue Jul 10 11:40:21 UTC 2018 - tchvatal@suse.com + +- Version update to 67.0.3396.99: + * Various small feature fixes, no security + ------------------------------------------------------------------- Fri Jun 15 19:51:32 UTC 2018 - tchvatal@suse.com diff --git a/chromium.spec b/chromium.spec index 4c12ece..50aaae2 100644 --- a/chromium.spec +++ b/chromium.spec @@ -40,7 +40,7 @@ %bcond_with system_vpx %bcond_with clang Name: chromium -Version: 67.0.3396.87 +Version: 67.0.3396.99 Release: 0 Summary: Google's open source browser project License: BSD-3-Clause AND LGPL-2.1-or-later From d26ccfabca502efd24c6d68d0eee9bea03beedbefd3169199b8925dc797603ff Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Wed, 25 Jul 2018 09:58:33 +0000 Subject: [PATCH 33/52] Accepting request 625247 from network:chromium - Bump to 68.0.3440.75 - Up to chromium-68.0.3440.68 - Up to 68.0.3440.59 - Up to 68.0.3440.42 - Bump 68.0.3440.33 - Up to 68.0.3440.25 - Up to 68.0.3440.17 - Up to 68.0.3438.3 - Up to 68.0.3432.3 - Fix AArch64 build with chromium-crashpad-aarch64-fix.patch - Up to 68.0.3423.2 - Refresh patch chromium-master-prefs-path.patch - Fix AArch64 build with chromium-skia-aarch64-buildfix.patch - Add patch chromium-skia-system-fontconfig.patch bsc#1092272 - Up to 67.0.3393.30 - Up to chromium-67.0.3396.18 - Up to 67.0.3393.4 - Refresh patch exclude_ymp.patch - Bump to 67.0.3386.1 - Bump to 67.0.3381.1 - Bump to 67.0.3377.1 - Bump to 67.0.3371.0 - Remove no longer needed chromium-gcc7.patch OBS-URL: https://build.opensuse.org/request/show/625247 OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1144 --- chromium-67.0.3396.99.tar.xz | 3 - chromium-68.0.3440.75.tar.xz | 3 + chromium-cors-string.patch | 51 + chromium-gcc.patch | 46 + chromium-gcc8.patch | 50 - chromium-libjpeg.patch | 62 ++ chromium-libwebp-shim.patch | 43 + chromium-master-prefs-path.patch | 12 +- chromium-non-void-return.patch | 182 +++- chromium-vaapi.patch | 410 ++++---- chromium.changes | 1556 ++++++++++++++++-------------- chromium.spec | 31 +- 12 files changed, 1465 insertions(+), 984 deletions(-) delete mode 100644 chromium-67.0.3396.99.tar.xz create mode 100644 chromium-68.0.3440.75.tar.xz create mode 100644 chromium-cors-string.patch create mode 100644 chromium-gcc.patch delete mode 100644 chromium-gcc8.patch create mode 100644 chromium-libjpeg.patch create mode 100644 chromium-libwebp-shim.patch diff --git a/chromium-67.0.3396.99.tar.xz b/chromium-67.0.3396.99.tar.xz deleted file mode 100644 index decdb40..0000000 --- a/chromium-67.0.3396.99.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:452d6b9d8df6c88600aaeff3fad4c065574fd6dbee804e628b70e73a39c0a02a -size 592170796 diff --git a/chromium-68.0.3440.75.tar.xz b/chromium-68.0.3440.75.tar.xz new file mode 100644 index 0000000..d929a8e --- /dev/null +++ b/chromium-68.0.3440.75.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:dc17783267853bdc0fb726363d2b8e30a0bf43b6cc2c768e1f37c92e8eb59541 +size 630277224 diff --git a/chromium-cors-string.patch b/chromium-cors-string.patch new file mode 100644 index 0000000..6450e49 --- /dev/null +++ b/chromium-cors-string.patch @@ -0,0 +1,51 @@ +From 01d891fa0790950549c7bedb34edf869827a372e Mon Sep 17 00:00:00 2001 +From: Jose Dapena Paz +Date: Thu, 31 May 2018 17:03:37 +0000 +Subject: [PATCH] CORS legacy: add missing string include +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +The cors_legacy.h file includes declarations using std::string, but +it is not declared due to missing #include . + +Also drop unneeded declarations in .cpp file. + +Change-Id: I00df799f84a6c3530c2f12f1e52d24c7d9bd6bfd +Reviewed-on: https://chromium-review.googlesource.com/1080707 +Reviewed-by: Tom Sepez +Commit-Queue: José Dapena Paz +Cr-Commit-Position: refs/heads/master@{#563282} +--- + services/network/public/cpp/cors/cors_legacy.cc | 2 -- + services/network/public/cpp/cors/cors_legacy.h | 1 + + 2 files changed, 1 insertion(+), 2 deletions(-) + +diff --git a/services/network/public/cpp/cors/cors_legacy.cc b/services/network/public/cpp/cors/cors_legacy.cc +index 8f32ac3be64e..f01af63619b5 100644 +--- a/services/network/public/cpp/cors/cors_legacy.cc ++++ b/services/network/public/cpp/cors/cors_legacy.cc +@@ -5,8 +5,6 @@ + #include "services/network/public/cpp/cors/cors_legacy.h" + + #include +-#include +-#include + + #include "url/gurl.h" + #include "url/url_util.h" +diff --git a/services/network/public/cpp/cors/cors_legacy.h b/services/network/public/cpp/cors/cors_legacy.h +index d2cdf026ca3a..dc9295a92c47 100644 +--- a/services/network/public/cpp/cors/cors_legacy.h ++++ b/services/network/public/cpp/cors/cors_legacy.h +@@ -5,6 +5,7 @@ + #ifndef SERVICES_NETWORK_PUBLIC_CPP_CORS_CORS_LEGACY_H_ + #define SERVICES_NETWORK_PUBLIC_CPP_CORS_CORS_LEGACY_H_ + ++#include + #include + + #include "base/component_export.h" +-- +2.17.1 + diff --git a/chromium-gcc.patch b/chromium-gcc.patch new file mode 100644 index 0000000..a7480ac --- /dev/null +++ b/chromium-gcc.patch @@ -0,0 +1,46 @@ +Index: chromium-68.0.3440.17/components/bookmarks/browser/bookmark_client.h +=================================================================== +--- chromium-68.0.3440.17.orig/components/bookmarks/browser/bookmark_client.h ++++ chromium-68.0.3440.17/components/bookmarks/browser/bookmark_client.h +@@ -26,6 +26,7 @@ namespace bookmarks { + class BookmarkModel; + class BookmarkNode; + class BookmarkPermanentNode; ++class UrlIndex; + + // This class abstracts operations that depends on the embedder's environment, + // e.g. Chrome. +Index: chromium-68.0.3440.17/components/bookmarks/browser/bookmark_storage.h +=================================================================== +--- chromium-68.0.3440.17.orig/components/bookmarks/browser/bookmark_storage.h ++++ chromium-68.0.3440.17/components/bookmarks/browser/bookmark_storage.h +@@ -19,6 +19,7 @@ + #include "base/memory/weak_ptr.h" + #include "components/bookmarks/browser/bookmark_node.h" + #include "components/bookmarks/browser/titled_url_index.h" ++#include "components/bookmarks/browser/url_index.h" + + namespace base { + class SequencedTaskRunner; +@@ -29,7 +30,6 @@ namespace bookmarks { + class BookmarkClient; + class BookmarkModel; + class BookmarkNode; +-class UrlIndex; + + // A list of BookmarkPermanentNodes that owns them. + using BookmarkPermanentNodeList = +--- chromium-67.0.3396.87/build/config/compiler/BUILD.gn.orig 2018-06-16 13:57:27.583106343 +0200 ++++ chromium-67.0.3396.87/build/config/compiler/BUILD.gn 2018-06-16 14:24:26.713631391 +0200 +@@ -1325,6 +1325,11 @@ + # comments + # https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61638 + cflags += [ "-Wno-comments" ] ++ ++ # too many warnings ++ cflags += [ "-Wno-class-memaccess" ] ++ cflags += [ "-Wno-packed-not-aligned" ] ++ cflags += [ "-Wno-int-in-bool-context" ] + } + } + diff --git a/chromium-gcc8.patch b/chromium-gcc8.patch deleted file mode 100644 index 00574c1..0000000 --- a/chromium-gcc8.patch +++ /dev/null @@ -1,50 +0,0 @@ -diff -up chromium-67.0.3396.62/mojo/public/cpp/bindings/associated_interface_ptr_info.h.boolfix chromium-67.0.3396.62/mojo/public/cpp/bindings/associated_interface_ptr_info.h ---- chromium-67.0.3396.62/mojo/public/cpp/bindings/associated_interface_ptr_info.h.boolfix 2018-05-30 04:43:17.000000000 -0400 -+++ chromium-67.0.3396.62/mojo/public/cpp/bindings/associated_interface_ptr_info.h 2018-05-30 12:33:03.268912315 -0400 -@@ -45,7 +45,7 @@ class AssociatedInterfacePtrInfo { - - bool is_valid() const { return handle_.is_valid(); } - -- explicit operator bool() const { return handle_; } -+ explicit operator bool() const { return (bool) handle_; } - - ScopedInterfaceEndpointHandle PassHandle() { - return std::move(handle_); -diff -up chromium-67.0.3396.62/mojo/public/cpp/bindings/associated_interface_request.h.boolfix chromium-67.0.3396.62/mojo/public/cpp/bindings/associated_interface_request.h ---- chromium-67.0.3396.62/mojo/public/cpp/bindings/associated_interface_request.h.boolfix 2018-05-30 04:43:17.000000000 -0400 -+++ chromium-67.0.3396.62/mojo/public/cpp/bindings/associated_interface_request.h 2018-05-30 12:33:03.269912294 -0400 -@@ -50,7 +50,7 @@ class AssociatedInterfaceRequest { - // handle. - bool is_pending() const { return handle_.is_valid(); } - -- explicit operator bool() const { return handle_; } -+ explicit operator bool() const { return (bool) handle_; } - - ScopedInterfaceEndpointHandle PassHandle() { return std::move(handle_); } - -diff -up chromium-67.0.3396.62/mojo/public/cpp/bindings/interface_request.h.boolfix chromium-67.0.3396.62/mojo/public/cpp/bindings/interface_request.h ---- chromium-67.0.3396.62/mojo/public/cpp/bindings/interface_request.h.boolfix 2018-05-30 12:33:03.270912274 -0400 -+++ chromium-67.0.3396.62/mojo/public/cpp/bindings/interface_request.h 2018-05-30 12:34:05.156637922 -0400 -@@ -54,7 +54,7 @@ class InterfaceRequest { - // Indicates whether the request currently contains a valid message pipe. - bool is_pending() const { return handle_.is_valid(); } - -- explicit operator bool() const { return handle_.is_valid(); } -+ explicit operator bool() const { return (bool) handle_.is_valid(); } - - // Removes the message pipe from the request and returns it. - ScopedMessagePipeHandle PassMessagePipe() { return std::move(handle_); } ---- chromium-67.0.3396.87/build/config/compiler/BUILD.gn.orig 2018-06-16 13:57:27.583106343 +0200 -+++ chromium-67.0.3396.87/build/config/compiler/BUILD.gn 2018-06-16 14:24:26.713631391 +0200 -@@ -1325,6 +1325,11 @@ - # comments - # https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61638 - cflags += [ "-Wno-comments" ] -+ -+ # too many warnings -+ cflags += [ "-Wno-class-memaccess" ] -+ cflags += [ "-Wno-packed-not-aligned" ] -+ cflags += [ "-Wno-int-in-bool-context" ] - } - } - diff --git a/chromium-libjpeg.patch b/chromium-libjpeg.patch new file mode 100644 index 0000000..c41ca5f --- /dev/null +++ b/chromium-libjpeg.patch @@ -0,0 +1,62 @@ +From c6b0194f7a4d9f494b2d51f46d2c332e2e5f4050 Mon Sep 17 00:00:00 2001 +From: Daniel Bratell +Date: Mon, 28 May 2018 13:13:01 +0000 +Subject: [PATCH] Use the same libjpeg in all of blink/platform + +The normal libjpeg renames some symbols with macros so if its +headers are included together with libjpeg-turbo's headers +in the same translation unit, there will be an inconsistent +renaming of libjpeg symbols. This happened in some extreme +jumbo configuration and resulted in confising linker errors. + +This patch changes an include so that jpeglib.h becomes included +the same way everywhere. + +Change-Id: I7f122d0919d58371bb40dc0097a766b857b9815e +Reviewed-on: https://chromium-review.googlesource.com/1073423 +Reviewed-by: Kentaro Hara +Commit-Queue: Daniel Bratell +Cr-Commit-Position: refs/heads/master@{#562243} +--- + .../renderer/platform/image-encoders/image_encoder.cc | 11 +++++++++++ + .../renderer/platform/image-encoders/image_encoder.h | 2 -- + 2 files changed, 11 insertions(+), 2 deletions(-) + +diff --git a/third_party/blink/renderer/platform/image-encoders/image_encoder.cc b/third_party/blink/renderer/platform/image-encoders/image_encoder.cc +index 0c7f14c7c0e4..4c450f5d6783 100644 +--- a/third_party/blink/renderer/platform/image-encoders/image_encoder.cc ++++ b/third_party/blink/renderer/platform/image-encoders/image_encoder.cc +@@ -4,6 +4,17 @@ + + #include "third_party/blink/renderer/platform/image-encoders/image_encoder.h" + ++#include "build/build_config.h" ++ ++#if defined(OS_WIN) ++#include // Included before jpeglib.h because of INT32 clash ++#endif // OS_WIN ++#include // Needed by jpeglib.h ++ ++#include "jpeglib.h" // for JPEG_MAX_DIMENSION ++ ++#include "third_party/libwebp/src/webp/encode.h" // for WEBP_MAX_DIMENSION ++ + namespace blink { + + bool ImageEncoder::Encode(Vector* dst, +diff --git a/third_party/blink/renderer/platform/image-encoders/image_encoder.h b/third_party/blink/renderer/platform/image-encoders/image_encoder.h +index 0d1460f34827..40306097d507 100644 +--- a/third_party/blink/renderer/platform/image-encoders/image_encoder.h ++++ b/third_party/blink/renderer/platform/image-encoders/image_encoder.h +@@ -7,8 +7,6 @@ + + #include "third_party/blink/renderer/platform/platform_export.h" + #include "third_party/blink/renderer/platform/wtf/vector.h" +-#include "third_party/libjpeg/jpeglib.h" // for JPEG_MAX_DIMENSION +-#include "third_party/libwebp/src/webp/encode.h" // for WEBP_MAX_DIMENSION + #include "third_party/skia/include/core/SkStream.h" + #include "third_party/skia/include/encode/SkJpegEncoder.h" + #include "third_party/skia/include/encode/SkPngEncoder.h" +-- +2.17.1 + diff --git a/chromium-libwebp-shim.patch b/chromium-libwebp-shim.patch new file mode 100644 index 0000000..718b31a --- /dev/null +++ b/chromium-libwebp-shim.patch @@ -0,0 +1,43 @@ +diff --git a/build/linux/unbundle/libwebp.gn b/build/linux/unbundle/libwebp.gn +index ab92adecf400..12574d87be58 100644 +--- a/build/linux/unbundle/libwebp.gn ++++ b/build/linux/unbundle/libwebp.gn +@@ -2,12 +2,34 @@ + # Use of this source code is governed by a BSD-style license that can be + # found in the LICENSE file. + ++import("//build/config/linux/pkg_config.gni") ++import("//build/shim_headers.gni") ++ ++pkg_config("system_libwebp") { ++ packages = [ ++ "libwebp", ++ "libwebpdemux", ++ "libwebpmux", ++ ] ++} ++ ++shim_headers("libwebp_shim") { ++ root_path = "src" ++ headers = [ ++ "webp/decode.h", ++ "webp/demux.h", ++ "webp/encode.h", ++ "webp/mux.h", ++ "webp/mux_types.h", ++ "webp/types.h", ++ ] ++} ++ + source_set("libwebp_webp") { +- libs = [ +- "webp", +- "webpdemux", +- "webpmux", ++ deps = [ ++ ":libwebp_shim", + ] ++ public_configs = [ ":system_libwebp" ] + } + + group("libwebp") { diff --git a/chromium-master-prefs-path.patch b/chromium-master-prefs-path.patch index e18e4a1..c4d0edb 100644 --- a/chromium-master-prefs-path.patch +++ b/chromium-master-prefs-path.patch @@ -1,14 +1,14 @@ -Index: a/chromium/src/chrome/browser/first_run/first_run_linux.cc +Index: chromium-68.0.3423.2/chrome/browser/first_run/first_run_internal_linux.cc =================================================================== ---- a/chrome/browser/first_run/first_run_internal_linux.cc -+++ b/chrome/browser/first_run/first_run_internal_linux.cc -@@ -22,8 +22,7 @@ +--- chromium-68.0.3423.2.orig/chrome/browser/first_run/first_run_internal_linux.cc ++++ chromium-68.0.3423.2/chrome/browser/first_run/first_run_internal_linux.cc +@@ -20,8 +20,7 @@ bool IsOrganicFirstRun() { base::FilePath MasterPrefsPath() { // The standard location of the master prefs is next to the chrome binary. base::FilePath master_prefs; -- if (!PathService::Get(base::DIR_EXE, &master_prefs)) +- if (!base::PathService::Get(base::DIR_EXE, &master_prefs)) - return base::FilePath(); + master_prefs = base::FilePath("/etc/chromium"); return master_prefs.AppendASCII(installer::kDefaultMasterPrefs); } - + diff --git a/chromium-non-void-return.patch b/chromium-non-void-return.patch index 2a78c56..4cb4470 100644 --- a/chromium-non-void-return.patch +++ b/chromium-non-void-return.patch @@ -11,15 +11,179 @@ Index: chromium-67.0.3396.30/media/gpu/vaapi/vaapi_wrapper.cc } } -Index: chromium-67.0.3396.30/chrome/browser/ui/webui/discards/discards_ui.cc +Index: chromium-68.0.3440.17/cc/input/snap_fling_controller.cc =================================================================== ---- chromium-67.0.3396.30.orig/chrome/browser/ui/webui/discards/discards_ui.cc -+++ chromium-67.0.3396.30/chrome/browser/ui/webui/discards/discards_ui.cc -@@ -48,6 +48,7 @@ mojom::LifecycleUnitVisibility GetLifecy - NOTREACHED(); - return mojom::LifecycleUnitVisibility::VISIBLE; - #endif -+ return mojom::LifecycleUnitVisibility::VISIBLE; +--- chromium-68.0.3440.17.orig/cc/input/snap_fling_controller.cc ++++ chromium-68.0.3440.17/cc/input/snap_fling_controller.cc +@@ -26,6 +26,8 @@ bool SnapFlingController::FilterEventFor + case GestureScrollType::kEnd: { + return state_ == State::kActive || state_ == State::kFinished; + } ++ default: ++ return false; + } + } + +Index: chromium-68.0.3440.17/chrome/browser/ui/webui/discards/discards_ui.cc +=================================================================== +--- chromium-68.0.3440.17.orig/chrome/browser/ui/webui/discards/discards_ui.cc ++++ chromium-68.0.3440.17/chrome/browser/ui/webui/discards/discards_ui.cc +@@ -44,6 +44,8 @@ mojom::LifecycleUnitVisibility GetLifecy + return mojom::LifecycleUnitVisibility::OCCLUDED; + case content::Visibility::VISIBLE: + return mojom::LifecycleUnitVisibility::VISIBLE; ++ default: ++ return mojom::LifecycleUnitVisibility::VISIBLE; + } + #if defined(COMPILER_MSVC) + NOTREACHED(); +Index: chromium-68.0.3440.17/components/autofill/core/browser/autofill_manager.cc +=================================================================== +--- chromium-68.0.3440.17.orig/components/autofill/core/browser/autofill_manager.cc ++++ chromium-68.0.3440.17/components/autofill/core/browser/autofill_manager.cc +@@ -303,6 +303,7 @@ PopupType AutofillManager::GetPopupType( + + default: + NOTREACHED(); ++ return PopupType::kUnspecified; + } + } + +Index: chromium-68.0.3440.17/components/cast_channel/cast_message_util.cc +=================================================================== +--- chromium-68.0.3440.17.orig/components/cast_channel/cast_message_util.cc ++++ chromium-68.0.3440.17/components/cast_channel/cast_message_util.cc +@@ -368,6 +368,8 @@ const char* GetAppAvailabilityResultToSt + return "unavailable"; + case GetAppAvailabilityResult::kUnknown: + return "unknown"; ++ default: ++ return "unknown"; + } + } + +Index: chromium-68.0.3440.17/components/data_reduction_proxy/core/browser/data_reduction_proxy_util.cc +=================================================================== +--- chromium-68.0.3440.17.orig/components/data_reduction_proxy/core/browser/data_reduction_proxy_util.cc ++++ chromium-68.0.3440.17/components/data_reduction_proxy/core/browser/data_reduction_proxy_util.cc +@@ -329,6 +329,8 @@ PageloadMetrics_ConnectionType ProtoConn + return PageloadMetrics_ConnectionType_CONNECTION_NONE; + case net::NetworkChangeNotifier::CONNECTION_BLUETOOTH: + return PageloadMetrics_ConnectionType_CONNECTION_BLUETOOTH; ++ default: ++ return PageloadMetrics_ConnectionType_CONNECTION_UNKNOWN; + } + } + +Index: chromium-68.0.3440.17/content/browser/cache_storage/cache_storage_quota_client.cc +=================================================================== +--- chromium-68.0.3440.17.orig/content/browser/cache_storage/cache_storage_quota_client.cc ++++ chromium-68.0.3440.17/content/browser/cache_storage/cache_storage_quota_client.cc +@@ -98,6 +98,8 @@ storage::QuotaClient::ID CacheStorageQuo + return kServiceWorkerCache; + case CacheStorageOwner::kBackgroundFetch: + return kBackgroundFetch; ++ default: ++ return kBackgroundFetch; + } + } + +Index: chromium-68.0.3440.17/media/capture/video/video_capture_device_descriptor.cc +=================================================================== +--- chromium-68.0.3440.17.orig/media/capture/video/video_capture_device_descriptor.cc ++++ chromium-68.0.3440.17/media/capture/video/video_capture_device_descriptor.cc +@@ -92,6 +92,8 @@ const char* VideoCaptureDeviceDescriptor + return "Camera API2 Limited"; + case VideoCaptureApi::UNKNOWN: + return "Unknown"; ++ default: ++ return "Unknown"; + } + } + +Index: chromium-68.0.3440.17/net/nqe/network_quality_estimator.cc +=================================================================== +--- chromium-68.0.3440.17.orig/net/nqe/network_quality_estimator.cc ++++ chromium-68.0.3440.17/net/nqe/network_quality_estimator.cc +@@ -1319,6 +1319,8 @@ base::TimeDelta NetworkQualityEstimator: + case nqe::internal::OBSERVATION_CATEGORY_COUNT: + NOTREACHED(); + return base::TimeDelta(); ++ default: ++ return base::TimeDelta(); + } + } + +Index: chromium-68.0.3440.17/services/audio/public/cpp/audio_system_to_service_adapter.cc +=================================================================== +--- chromium-68.0.3440.17.orig/services/audio/public/cpp/audio_system_to_service_adapter.cc ++++ chromium-68.0.3440.17/services/audio/public/cpp/audio_system_to_service_adapter.cc +@@ -66,6 +66,8 @@ const char* GetTraceEvent(Action action) + return "AudioSystemToServiceAdapter::GetAssociatedOutputDeviceID"; + case kGetInputDeviceInfo: + return "AudioSystemToServiceAdapter::GetInputDeviceInfo"; ++ default: ++ return "Unknown"; + } + NOTREACHED(); + } +Index: chromium-68.0.3440.17/services/network/cross_origin_read_blocking.cc +=================================================================== +--- chromium-68.0.3440.17.orig/services/network/cross_origin_read_blocking.cc ++++ chromium-68.0.3440.17/services/network/cross_origin_read_blocking.cc +@@ -786,6 +786,8 @@ bool CrossOriginReadBlocking::ResponseAn + return sniffers_.empty() && !found_blockable_content_; + case kBlock: + return false; ++ default: ++ return true; + } + } + +@@ -797,6 +799,8 @@ bool CrossOriginReadBlocking::ResponseAn + return sniffers_.empty() && found_blockable_content_; + case kBlock: + return true; ++ default: ++ return false; + } + } + +Index: chromium-68.0.3440.17/third_party/blink/renderer/modules/accessibility/ax_layout_object.cc +=================================================================== +--- chromium-68.0.3440.17.orig/third_party/blink/renderer/modules/accessibility/ax_layout_object.cc ++++ chromium-68.0.3440.17/third_party/blink/renderer/modules/accessibility/ax_layout_object.cc +@@ -1139,6 +1139,8 @@ AXTextPosition AXLayoutObject::GetTextPo + return kAXTextPositionSubscript; + case EVerticalAlign::kSuper: + return kAXTextPositionSuperscript; ++ default: ++ return AXNodeObject::GetTextPosition(); + } + } + +Index: chromium-68.0.3440.17/third_party/blink/renderer/modules/webaudio/audio_param.cc +=================================================================== +--- chromium-68.0.3440.17.orig/third_party/blink/renderer/modules/webaudio/audio_param.cc ++++ chromium-68.0.3440.17/third_party/blink/renderer/modules/webaudio/audio_param.cc +@@ -144,6 +144,7 @@ String AudioParamHandler::GetParamName() + return custom_param_name_; + default: + NOTREACHED(); ++ return "Unknown"; + } + } + +Index: chromium-68.0.3440.17/ui/accessibility/platform/ax_platform_node_auralinux.cc +=================================================================== +--- chromium-68.0.3440.17.orig/ui/accessibility/platform/ax_platform_node_auralinux.cc ++++ chromium-68.0.3440.17/ui/accessibility/platform/ax_platform_node_auralinux.cc +@@ -1288,6 +1288,8 @@ AtkRole AXPlatformNodeAuraLinux::GetAtkR + case ax::mojom::Role::kPresentational: + case ax::mojom::Role::kUnknown: + return ATK_ROLE_REDUNDANT_OBJECT; ++ default: ++ return ATK_ROLE_REDUNDANT_OBJECT; + } } - class DiscardsDetailsProviderImpl : public mojom::DiscardsDetailsProvider { diff --git a/chromium-vaapi.patch b/chromium-vaapi.patch index 7fa9c94..de93cc6 100644 --- a/chromium-vaapi.patch +++ b/chromium-vaapi.patch @@ -1,6 +1,6 @@ -From d9ef948bf4a739f95acbd98ef88b04caa29d8dda Mon Sep 17 00:00:00 2001 +From 53b93dfe87fd10cced5d2a2a63072dfc7a2af6e4 Mon Sep 17 00:00:00 2001 From: Daniel Charles -Date: Fri, 09 Feb 2018 14:39:27 -0800 +Date: Fri, 28 Jul 2017 16:31:47 -0700 Subject: [PATCH] Enable VAVDA, VAVEA and VAJDA on linux with VAAPI only This patch contains all the changes necessary to use VA-API along with @@ -24,36 +24,23 @@ video are used. The other flags are kept for ChromeOS and other OSes. Developer testing was made on skylake hardware, ChromeOS and Ubuntu. BUG=NONE -TEST=subjective testing with VAVDA,VAVEA and VAJDA, autotest for encoder - and decoder hardware accelerated - have libva/intel-vaapi-driver installed and not installed in the system - repeat on different hardware families +TEST="subjective testing with VAVDA,VAVEA and VAJDA, autotest for encoder" +TEST="and decoder hardware accelerated" +TEST="have libva/intel-vaapi-driver installed and not installed in the system" +TEST="repeat on different hardware families" +R=posciak@chromium.org +R=kcwu@chromium.org -Cq-Include-Trybots: luci.chromium.try:android_optional_gpu_tests_rel;luci.chromium.try:linux_optional_gpu_tests_rel;luci.chromium.try:mac_optional_gpu_tests_rel;master.tryserver.chromium.win:win_optional_gpu_tests_rel +Cq-Include-Trybots: master.tryserver.chromium.android:android_optional_gpu_tests_rel;master.tryserver.chromium.linux:linux_optional_gpu_tests_rel;master.tryserver.chromium.mac:mac_optional_gpu_tests_rel;master.tryserver.chromium.win:win_optional_gpu_tests_rel Change-Id: Ifbbf5c9e5221a8b5733fc6d4d0cf984a1f103171 Signed-off-by: Daniel Charles --- -Index: chromium-67.0.3396.18/chrome/browser/about_flags.cc +Index: dev/chrome/browser/about_flags.cc =================================================================== ---- chromium-67.0.3396.18.orig/chrome/browser/about_flags.cc -+++ chromium-67.0.3396.18/chrome/browser/about_flags.cc -@@ -1249,12 +1249,14 @@ const FeatureEntry kFeatureEntries[] = { - flag_descriptions::kUiPartialSwapDescription, kOsAll, - SINGLE_DISABLE_VALUE_TYPE(switches::kUIDisablePartialSwap)}, - #if BUILDFLAG(ENABLE_WEBRTC) -+#if defined(OS_CHROMEOS) || defined(OS_ANDROID) - {"disable-webrtc-hw-decoding", flag_descriptions::kWebrtcHwDecodingName, - flag_descriptions::kWebrtcHwDecodingDescription, kOsAndroid | kOsCrOS, - SINGLE_DISABLE_VALUE_TYPE(switches::kDisableWebRtcHWDecoding)}, - {"disable-webrtc-hw-encoding", flag_descriptions::kWebrtcHwEncodingName, - flag_descriptions::kWebrtcHwEncodingDescription, kOsAndroid | kOsCrOS, - SINGLE_DISABLE_VALUE_TYPE(switches::kDisableWebRtcHWEncoding)}, -+#endif - {"enable-webrtc-hw-h264-encoding", - flag_descriptions::kWebrtcHwH264EncodingName, - flag_descriptions::kWebrtcHwH264EncodingDescription, kOsAndroid | kOsCrOS, -@@ -1577,6 +1579,13 @@ const FeatureEntry kFeatureEntries[] = { +--- dev.orig/chrome/browser/about_flags.cc ++++ dev/chrome/browser/about_flags.cc +@@ -1557,6 +1557,13 @@ const FeatureEntry kFeatureEntries[] = { flag_descriptions::kShowTouchHudDescription, kOsCrOS, SINGLE_VALUE_TYPE(ash::switches::kAshTouchHud)}, #endif // OS_CHROMEOS @@ -67,7 +54,7 @@ Index: chromium-67.0.3396.18/chrome/browser/about_flags.cc { "disable-accelerated-video-decode", flag_descriptions::kAcceleratedVideoDecodeName, -@@ -1584,6 +1593,7 @@ const FeatureEntry kFeatureEntries[] = { +@@ -1564,6 +1571,7 @@ const FeatureEntry kFeatureEntries[] = { kOsMac | kOsWin | kOsCrOS | kOsAndroid, SINGLE_DISABLE_VALUE_TYPE(switches::kDisableAcceleratedVideoDecode), }, @@ -75,7 +62,7 @@ Index: chromium-67.0.3396.18/chrome/browser/about_flags.cc #if defined(OS_WIN) {"enable-hdr", flag_descriptions::kEnableHDRName, flag_descriptions::kEnableHDRDescription, kOsWin, -@@ -2274,12 +2284,17 @@ const FeatureEntry kFeatureEntries[] = { +@@ -2234,12 +2242,17 @@ const FeatureEntry kFeatureEntries[] = { FEATURE_VALUE_TYPE(features::kOpenVR)}, #endif // ENABLE_OPENVR #endif // ENABLE_VR @@ -95,10 +82,10 @@ Index: chromium-67.0.3396.18/chrome/browser/about_flags.cc {"v8-cache-options", flag_descriptions::kV8CacheOptionsName, flag_descriptions::kV8CacheOptionsDescription, kOsAll, MULTI_VALUE_TYPE(kV8CacheOptionsChoices)}, -Index: chromium-67.0.3396.18/chrome/browser/chromeos/login/chrome_restart_request.cc +Index: dev/chrome/browser/chromeos/login/chrome_restart_request.cc =================================================================== ---- chromium-67.0.3396.18.orig/chrome/browser/chromeos/login/chrome_restart_request.cc -+++ chromium-67.0.3396.18/chrome/browser/chromeos/login/chrome_restart_request.cc +--- dev.orig/chrome/browser/chromeos/login/chrome_restart_request.cc ++++ dev/chrome/browser/chromeos/login/chrome_restart_request.cc @@ -19,6 +19,7 @@ #include "base/sys_info.h" #include "base/timer/timer.h" @@ -107,7 +94,7 @@ Index: chromium-67.0.3396.18/chrome/browser/chromeos/login/chrome_restart_reques #include "cc/base/switches.h" #include "chrome/browser/browser_process.h" #include "chrome/browser/chromeos/boot_times_recorder.h" -@@ -84,9 +85,14 @@ void DeriveCommandLine(const GURL& start +@@ -84,8 +85,13 @@ void DeriveCommandLine(const GURL& start ::switches::kDisable2dCanvasImageChromium, ::switches::kDisableAccelerated2dCanvas, ::switches::kDisableAcceleratedJpegDecoding, @@ -117,29 +104,19 @@ Index: chromium-67.0.3396.18/chrome/browser/chromeos/login/chrome_restart_reques +#else ::switches::kDisableAcceleratedMjpegDecode, ::switches::kDisableAcceleratedVideoDecode, - ::switches::kDisableAcceleratedVideoEncode, +#endif + ::switches::kDisableAcceleratedVideoEncode, ::switches::kDisableBlinkFeatures, ::switches::kDisableCastStreamingHWEncoding, - ::switches::kDisableGpu, -@@ -162,7 +168,7 @@ void DeriveCommandLine(const GURL& start - ::switches::kDisableWebGLImageChromium, - ::switches::kEnableWebGLImageChromium, - ::switches::kEnableWebVR, --#if BUILDFLAG(ENABLE_WEBRTC) -+#if BUILDFLAG(ENABLE_WEBRTC) && (defined(OS_CHROMEOS) || defined(OS_ANDROID)) - ::switches::kDisableWebRtcHWDecoding, - ::switches::kDisableWebRtcHWEncoding, - #endif -Index: chromium-67.0.3396.18/chrome/browser/flag_descriptions.cc +Index: dev/chrome/browser/flag_descriptions.cc =================================================================== ---- chromium-67.0.3396.18.orig/chrome/browser/flag_descriptions.cc -+++ chromium-67.0.3396.18/chrome/browser/flag_descriptions.cc +--- dev.orig/chrome/browser/flag_descriptions.cc ++++ dev/chrome/browser/flag_descriptions.cc @@ -14,6 +14,13 @@ const char kAccelerated2dCanvasDescripti "Enables the use of the GPU to perform 2d canvas rendering instead of " "using software rendering."; -+#if defined(OS_LINUX) && !defined(OS_CHROMEOS) && !defined(OS_ANDROID) ++#if defined(OS_LINUX) && !defined(OS_CHROMEOS) +const char kAcceleratedVideoName[] = "Hardware-accelerated video"; +const char kAcceleratedVideoDescription[] = + "Hardware-accelerated video where VA-API driver is installed on the" @@ -149,23 +126,7 @@ Index: chromium-67.0.3396.18/chrome/browser/flag_descriptions.cc const char kAcceleratedVideoDecodeName[] = "Hardware-accelerated video decode"; const char kAcceleratedVideoDecodeDescription[] = "Hardware-accelerated video decode where available."; -@@ -1731,6 +1738,7 @@ const char kWebrtcEchoCanceller3Name[] = - const char kWebrtcEchoCanceller3Description[] = - "Experimental WebRTC echo canceller (AEC3)."; - -+#if defined(OS_CHROMEOS) || defined(OS_ANDROID) - const char kWebrtcHwDecodingName[] = "WebRTC hardware video decoding"; - const char kWebrtcHwDecodingDescription[] = - "Support in WebRTC for decoding video streams using platform hardware."; -@@ -1738,6 +1746,7 @@ const char kWebrtcHwDecodingDescription[ - const char kWebrtcHwEncodingName[] = "WebRTC hardware video encoding"; - const char kWebrtcHwEncodingDescription[] = - "Support in WebRTC for encoding video streams using platform hardware."; -+#endif - - const char kWebrtcHwH264EncodingName[] = "WebRTC hardware h264 video encoding"; - const char kWebrtcHwH264EncodingDescription[] = -@@ -2579,14 +2588,16 @@ const char kTabStripKeyboardFocusDescrip +@@ -2647,7 +2654,7 @@ const char kTabStripKeyboardFocusDescrip // Chrome OS ------------------------------------------------------------------- @@ -174,19 +135,19 @@ Index: chromium-67.0.3396.18/chrome/browser/flag_descriptions.cc const char kAcceleratedMjpegDecodeName[] = "Hardware-accelerated mjpeg decode for captured frame"; - const char kAcceleratedMjpegDecodeDescription[] = - "Enable hardware-accelerated mjpeg decode for captured frame where " - "available."; -+#endif +@@ -3110,7 +3117,7 @@ const char kZipArchiverUnpackerName[] = + const char kZipArchiverUnpackerDescription[] = + "Enable or disable the ability to unpack archives in incognito mode"; -+#if defined(OS_CHROMEOS) - const char kAllowTouchpadThreeFingerClickName[] = "Touchpad three-finger-click"; - const char kAllowTouchpadThreeFingerClickDescription[] = - "Enables touchpad three-finger-click as middle button."; -Index: chromium-67.0.3396.18/chrome/browser/flag_descriptions.h +-#endif // defined(OS_CHROMEOS) ++#endif // defined(OS_CHROMEOS) || BUILDFLAG(USE_VAAPI) + + // Random platform combinations ----------------------------------------------- + +Index: dev/chrome/browser/flag_descriptions.h =================================================================== ---- chromium-67.0.3396.18.orig/chrome/browser/flag_descriptions.h -+++ chromium-67.0.3396.18/chrome/browser/flag_descriptions.h +--- dev.orig/chrome/browser/flag_descriptions.h ++++ dev/chrome/browser/flag_descriptions.h @@ -37,6 +37,10 @@ namespace flag_descriptions { extern const char kAccelerated2dCanvasName[]; extern const char kAccelerated2dCanvasDescription[]; @@ -198,7 +159,7 @@ Index: chromium-67.0.3396.18/chrome/browser/flag_descriptions.h extern const char kAcceleratedVideoDecodeName[]; extern const char kAcceleratedVideoDecodeDescription[]; -@@ -1582,13 +1586,17 @@ extern const char kPermissionPromptPersi +@@ -1621,13 +1625,17 @@ extern const char kPermissionPromptPersi #endif // defined(OS_MACOSX) @@ -219,40 +180,27 @@ Index: chromium-67.0.3396.18/chrome/browser/flag_descriptions.h extern const char kAllowTouchpadThreeFingerClickName[]; extern const char kAllowTouchpadThreeFingerClickDescription[]; -Index: chromium-67.0.3396.18/content/browser/gpu/compositor_util.cc +Index: dev/content/browser/gpu/compositor_util.cc =================================================================== ---- chromium-67.0.3396.18.orig/content/browser/gpu/compositor_util.cc -+++ chromium-67.0.3396.18/content/browser/gpu/compositor_util.cc -@@ -124,7 +124,11 @@ const GpuFeatureData GetGpuFeatureData(s +--- dev.orig/content/browser/gpu/compositor_util.cc ++++ dev/content/browser/gpu/compositor_util.cc +@@ -149,7 +149,11 @@ const GpuFeatureData GetGpuFeatureData( {"video_decode", - SafeGetFeatureStatus(manager, + SafeGetFeatureStatus(gpu_feature_info, gpu::GPU_FEATURE_TYPE_ACCELERATED_VIDEO_DECODE), +#if defined(OS_LINUX) && !defined(OS_CHROMEOS) && !defined(OS_ANDROID) + !command_line.HasSwitch(switches::kEnableAcceleratedVideo), +#else command_line.HasSwitch(switches::kDisableAcceleratedVideoDecode), +#endif - "Accelerated video decode has been disabled, either via blacklist," - " about:flags or the command line.", - true}, -Index: chromium-67.0.3396.18/content/browser/gpu/gpu_process_host.cc + "Accelerated video decode has been disabled, either via blacklist, " + "about:flags or the command line.", + true, true}, +Index: dev/content/browser/renderer_host/media/video_capture_browsertest.cc =================================================================== ---- chromium-67.0.3396.18.orig/content/browser/gpu/gpu_process_host.cc -+++ chromium-67.0.3396.18/content/browser/gpu/gpu_process_host.cc -@@ -134,7 +134,7 @@ static const char* const kSwitchNames[] - switches::kDisableGLExtensions, - switches::kDisableLogging, - switches::kDisableShaderNameHashing, --#if BUILDFLAG(ENABLE_WEBRTC) -+#if BUILDFLAG(ENABLE_WEBRTC) && !defined(OS_LINUX) - switches::kDisableWebRtcHWEncoding, - #endif - #if defined(OS_WIN) -Index: chromium-67.0.3396.18/content/browser/renderer_host/media/video_capture_browsertest.cc -=================================================================== ---- chromium-67.0.3396.18.orig/content/browser/renderer_host/media/video_capture_browsertest.cc -+++ chromium-67.0.3396.18/content/browser/renderer_host/media/video_capture_browsertest.cc -@@ -164,8 +164,13 @@ class VideoCaptureBrowserTest : public C +--- dev.orig/content/browser/renderer_host/media/video_capture_browsertest.cc ++++ dev/content/browser/renderer_host/media/video_capture_browsertest.cc +@@ -163,8 +163,13 @@ class VideoCaptureBrowserTest : public C base::CommandLine::ForCurrentProcess()->AppendSwitch( switches::kUseFakeJpegDecodeAccelerator); } else { @@ -266,11 +214,11 @@ Index: chromium-67.0.3396.18/content/browser/renderer_host/media/video_capture_b } } -Index: chromium-67.0.3396.18/content/browser/renderer_host/media/video_capture_gpu_jpeg_decoder.cc +Index: dev/content/browser/renderer_host/media/video_capture_gpu_jpeg_decoder.cc =================================================================== ---- chromium-67.0.3396.18.orig/content/browser/renderer_host/media/video_capture_gpu_jpeg_decoder.cc -+++ chromium-67.0.3396.18/content/browser/renderer_host/media/video_capture_gpu_jpeg_decoder.cc -@@ -65,15 +65,21 @@ void VideoCaptureGpuJpegDecoder::Initial +--- dev.orig/content/browser/renderer_host/media/video_capture_gpu_jpeg_decoder.cc ++++ dev/content/browser/renderer_host/media/video_capture_gpu_jpeg_decoder.cc +@@ -66,15 +66,21 @@ void VideoCaptureGpuJpegDecoder::Initial bool is_platform_supported = base::CommandLine::ForCurrentProcess()->HasSwitch( switches::kUseFakeJpegDecodeAccelerator); @@ -296,11 +244,11 @@ Index: chromium-67.0.3396.18/content/browser/renderer_host/media/video_capture_g decoder_status_ = FAILED; RecordInitDecodeUMA_Locked(); return; -Index: chromium-67.0.3396.18/content/browser/renderer_host/render_process_host_impl.cc +Index: dev/content/browser/renderer_host/render_process_host_impl.cc =================================================================== ---- chromium-67.0.3396.18.orig/content/browser/renderer_host/render_process_host_impl.cc -+++ chromium-67.0.3396.18/content/browser/renderer_host/render_process_host_impl.cc -@@ -2693,7 +2693,11 @@ void RenderProcessHostImpl::PropagateBro +--- dev.orig/content/browser/renderer_host/render_process_host_impl.cc ++++ dev/content/browser/renderer_host/render_process_host_impl.cc +@@ -2659,7 +2659,11 @@ void RenderProcessHostImpl::PropagateBro switches::kDefaultTileHeight, switches::kDisable2dCanvasImageChromium, switches::kDisableAcceleratedJpegDecoding, @@ -312,21 +260,10 @@ Index: chromium-67.0.3396.18/content/browser/renderer_host/render_process_host_i switches::kDisableBackgroundTasks, switches::kDisableBackgroundTimerThrottling, switches::kDisableBreakpad, -@@ -2830,8 +2834,10 @@ void RenderProcessHostImpl::PropagateBro - switches::kDisableMojoRenderer, - #endif - #if BUILDFLAG(ENABLE_WEBRTC) -+#if !defined(OS_LINUX) || defined(OS_CHROMEOS) - switches::kDisableWebRtcHWDecoding, - switches::kDisableWebRtcHWEncoding, -+#endif - switches::kEnableWebRtcSrtpAesGcm, - switches::kEnableWebRtcSrtpEncryptedHeaders, - switches::kEnableWebRtcStunOrigin, -Index: chromium-67.0.3396.18/content/browser/webrtc/webrtc_media_recorder_browsertest.cc +Index: dev/content/browser/webrtc/webrtc_media_recorder_browsertest.cc =================================================================== ---- chromium-67.0.3396.18.orig/content/browser/webrtc/webrtc_media_recorder_browsertest.cc -+++ chromium-67.0.3396.18/content/browser/webrtc/webrtc_media_recorder_browsertest.cc +--- dev.orig/content/browser/webrtc/webrtc_media_recorder_browsertest.cc ++++ dev/content/browser/webrtc/webrtc_media_recorder_browsertest.cc @@ -66,7 +66,12 @@ class MAYBE_WebRtcMediaRecorderTest return; // This flag is also used for encoding, https://crbug.com/616640. @@ -341,23 +278,39 @@ Index: chromium-67.0.3396.18/content/browser/webrtc/webrtc_media_recorder_browse } private: -Index: chromium-67.0.3396.18/content/gpu/BUILD.gn +Index: dev/content/gpu/BUILD.gn =================================================================== ---- chromium-67.0.3396.18.orig/content/gpu/BUILD.gn -+++ chromium-67.0.3396.18/content/gpu/BUILD.gn -@@ -130,4 +130,8 @@ target(link_target_type, "gpu_sources") +--- dev.orig/content/gpu/BUILD.gn ++++ dev/content/gpu/BUILD.gn +@@ -6,6 +6,7 @@ import("//build/config/jumbo.gni") + import("//build/config/ui.gni") + import("//gpu/vulkan/features.gni") + import("//media/media_options.gni") ++import("//media/gpu/args.gni") + import("//ui/ozone/ozone.gni") + + # See //content/BUILD.gn for how this works. +@@ -49,7 +50,6 @@ target(link_target_type, "gpu_sources") + ] + + configs += [ "//content:content_implementation" ] +- + deps = [ + "//base", + "//base/third_party/dynamic_annotations", +@@ -134,4 +134,8 @@ target(link_target_type, "gpu_sources") (!is_chromecast || is_cast_desktop_build)) { configs += [ "//build/config/linux/dri" ] } + -+ if (is_desktop_linux) { ++ if (is_desktop_linux && use_vaapi) { + public_configs = [ "//media/gpu:libva_config" ] + } } -Index: chromium-67.0.3396.18/content/gpu/gpu_main.cc +Index: dev/content/gpu/gpu_main.cc =================================================================== ---- chromium-67.0.3396.18.orig/content/gpu/gpu_main.cc -+++ chromium-67.0.3396.18/content/gpu/gpu_main.cc +--- dev.orig/content/gpu/gpu_main.cc ++++ dev/content/gpu/gpu_main.cc @@ -286,7 +286,7 @@ int GpuMain(const MainFunctionParams& pa base::PlatformThread::SetName("CrGpuMain"); @@ -376,19 +329,11 @@ Index: chromium-67.0.3396.18/content/gpu/gpu_main.cc io_thread_priority = base::ThreadPriority::DISPLAY; #endif -Index: chromium-67.0.3396.18/content/public/browser/gpu_utils.cc +Index: dev/content/public/browser/gpu_utils.cc =================================================================== ---- chromium-67.0.3396.18.orig/content/public/browser/gpu_utils.cc -+++ chromium-67.0.3396.18/content/public/browser/gpu_utils.cc -@@ -7,6 +7,7 @@ - #include "base/command_line.h" - #include "base/single_thread_task_runner.h" - #include "base/strings/string_number_conversions.h" -+#include "build/build_config.h" - #include "content/browser/gpu/gpu_process_host.h" - #include "content/public/common/content_features.h" - #include "content/public/common/content_switches.h" -@@ -55,9 +56,17 @@ const gpu::GpuPreferences GetGpuPreferen +--- dev.orig/content/public/browser/gpu_utils.cc ++++ dev/content/public/browser/gpu_utils.cc +@@ -58,9 +58,17 @@ const gpu::GpuPreferences GetGpuPreferen gpu_preferences.in_process_gpu = command_line->HasSwitch(switches::kInProcessGPU); gpu_preferences.disable_accelerated_video_decode = @@ -399,17 +344,17 @@ Index: chromium-67.0.3396.18/content/public/browser/gpu_utils.cc +#endif gpu_preferences.disable_accelerated_video_encode = +#if defined(OS_LINUX) && !defined(OS_CHROMEOS) -+ !command_line->HasSwitch(switches::kEnableAcceleratedVideo); ++ !command_line->HasSwitch(switches::kEnableAcceleratedVideo); +#else command_line->HasSwitch(switches::kDisableAcceleratedVideoEncode); +#endif #if defined(OS_WIN) uint32_t enable_accelerated_vpx_decode_val = gpu::GpuPreferences::VPX_VENDOR_MICROSOFT; -Index: chromium-67.0.3396.18/content/public/common/content_switches.cc +Index: dev/content/public/common/content_switches.cc =================================================================== ---- chromium-67.0.3396.18.orig/content/public/common/content_switches.cc -+++ chromium-67.0.3396.18/content/public/common/content_switches.cc +--- dev.orig/content/public/common/content_switches.cc ++++ dev/content/public/common/content_switches.cc @@ -78,12 +78,21 @@ const char kDisable3DAPIs[] // Disable gpu-accelerated 2d canvas. @@ -433,24 +378,10 @@ Index: chromium-67.0.3396.18/content/public/common/content_switches.cc // Disables hardware acceleration of video decode, where available. const char kDisableAcceleratedVideoDecode[] = "disable-accelerated-video-decode"; -@@ -867,11 +876,13 @@ const char kZygoteProcess[] - // ignores this switch on its stable and beta channels. - const char kDisableWebRtcEncryption[] = "disable-webrtc-encryption"; - -+#if defined(OS_CHROMEOS) - // Disables HW decode acceleration for WebRTC. - const char kDisableWebRtcHWDecoding[] = "disable-webrtc-hw-decoding"; - - // Disables HW encode acceleration for WebRTC. - const char kDisableWebRtcHWEncoding[] = "disable-webrtc-hw-encoding"; -+#endif - - // Enables negotiation of GCM cipher suites from RFC 7714 for SRTP in WebRTC. - // See https://tools.ietf.org/html/rfc7714 for further information. -Index: chromium-67.0.3396.18/content/public/common/content_switches.h +Index: dev/content/public/common/content_switches.h =================================================================== ---- chromium-67.0.3396.18.orig/content/public/common/content_switches.h -+++ chromium-67.0.3396.18/content/public/common/content_switches.h +--- dev.orig/content/public/common/content_switches.h ++++ dev/content/public/common/content_switches.h @@ -33,7 +33,11 @@ CONTENT_EXPORT extern const char kDisabl CONTENT_EXPORT extern const char kDisable3DAPIs[]; CONTENT_EXPORT extern const char kDisableAccelerated2dCanvas[]; @@ -463,7 +394,7 @@ Index: chromium-67.0.3396.18/content/public/common/content_switches.h CONTENT_EXPORT extern const char kDisableAcceleratedVideoDecode[]; CONTENT_EXPORT extern const char kDisableAcceleratedVideoEncode[]; CONTENT_EXPORT extern const char kDisableAudioSupportForDesktopShare[]; -@@ -107,6 +111,9 @@ CONTENT_EXPORT extern const char kDisabl +@@ -105,6 +109,9 @@ CONTENT_EXPORT extern const char kDisabl CONTENT_EXPORT extern const char kDomAutomationController[]; extern const char kDisable2dCanvasClipAntialiasing[]; CONTENT_EXPORT extern const char kDumpBlinkRuntimeCallStats[]; @@ -473,45 +404,36 @@ Index: chromium-67.0.3396.18/content/public/common/content_switches.h CONTENT_EXPORT extern const char kEnableAggressiveDOMStorageFlushing[]; CONTENT_EXPORT extern const char kEnableAutomation[]; CONTENT_EXPORT extern const char kEnablePreferCompositingToLCDText[]; -@@ -242,8 +249,10 @@ CONTENT_EXPORT extern const char kZygote - - #if BUILDFLAG(ENABLE_WEBRTC) - CONTENT_EXPORT extern const char kDisableWebRtcEncryption[]; -+#if defined(OS_CHROMEOS) - CONTENT_EXPORT extern const char kDisableWebRtcHWDecoding[]; - CONTENT_EXPORT extern const char kDisableWebRtcHWEncoding[]; -+#endif - CONTENT_EXPORT extern const char kEnableWebRtcSrtpAesGcm[]; - CONTENT_EXPORT extern const char kEnableWebRtcSrtpEncryptedHeaders[]; - CONTENT_EXPORT extern const char kEnableWebRtcStunOrigin[]; -Index: chromium-67.0.3396.18/content/renderer/media/webrtc/peer_connection_dependency_factory.cc +Index: dev/content/renderer/media/webrtc/peer_connection_dependency_factory.cc =================================================================== ---- chromium-67.0.3396.18.orig/content/renderer/media/webrtc/peer_connection_dependency_factory.cc -+++ chromium-67.0.3396.18/content/renderer/media/webrtc/peer_connection_dependency_factory.cc -@@ -276,10 +276,18 @@ void PeerConnectionDependencyFactory::In +--- dev.orig/content/renderer/media/webrtc/peer_connection_dependency_factory.cc ++++ dev/content/renderer/media/webrtc/peer_connection_dependency_factory.cc +@@ -276,10 +276,20 @@ void PeerConnectionDependencyFactory::In const base::CommandLine* cmd_line = base::CommandLine::ForCurrentProcess(); if (gpu_factories && gpu_factories->IsGpuVideoAcceleratorEnabled()) { +#if defined(OS_LINUX) && !defined(OS_CHROMEOS) -+ if (cmd_line->HasSwitch(switches::kEnableAcceleratedVideo)) ++ if (!cmd_line->HasSwitch(switches::kDisableWebRtcHWDecoding) && ++ cmd_line->HasSwitch(switches::kEnableAcceleratedVideo)) +#else if (!cmd_line->HasSwitch(switches::kDisableWebRtcHWDecoding)) +#endif decoder_factory.reset(new RTCVideoDecoderFactory(gpu_factories)); +#if defined(OS_LINUX) && !defined(OS_CHROMEOS) -+ if (cmd_line->HasSwitch(switches::kEnableAcceleratedVideo)) ++ if (!cmd_line->HasSwitch(switches::kDisableWebRtcHWEncoding) && ++ cmd_line->HasSwitch(switches::kEnableAcceleratedVideo)) +#else if (!cmd_line->HasSwitch(switches::kDisableWebRtcHWEncoding)) +#endif encoder_factory.reset(new RTCVideoEncoderFactory(gpu_factories)); } -Index: chromium-67.0.3396.18/content/renderer/render_thread_impl.cc +Index: dev/content/renderer/render_thread_impl.cc =================================================================== ---- chromium-67.0.3396.18.orig/content/renderer/render_thread_impl.cc -+++ chromium-67.0.3396.18/content/renderer/render_thread_impl.cc -@@ -1578,7 +1578,11 @@ media::GpuVideoAcceleratorFactories* Ren +--- dev.orig/content/renderer/render_thread_impl.cc ++++ dev/content/renderer/render_thread_impl.cc +@@ -1480,7 +1480,11 @@ media::GpuVideoAcceleratorFactories* Ren kGpuStreamIdMedia, kGpuStreamPriorityMedia); const bool enable_video_accelerator = @@ -523,10 +445,10 @@ Index: chromium-67.0.3396.18/content/renderer/render_thread_impl.cc (gpu_channel_host->gpu_feature_info() .status_values[gpu::GPU_FEATURE_TYPE_ACCELERATED_VIDEO_DECODE] == gpu::kGpuFeatureStatusEnabled); -Index: chromium-67.0.3396.18/gpu/config/software_rendering_list.json +Index: dev/gpu/config/software_rendering_list.json =================================================================== ---- chromium-67.0.3396.18.orig/gpu/config/software_rendering_list.json -+++ chromium-67.0.3396.18/gpu/config/software_rendering_list.json +--- dev.orig/gpu/config/software_rendering_list.json ++++ dev/gpu/config/software_rendering_list.json @@ -377,17 +377,6 @@ ] }, @@ -545,33 +467,115 @@ Index: chromium-67.0.3396.18/gpu/config/software_rendering_list.json "id": 50, "description": "Disable VMware software renderer on older Mesa", "cr_bugs": [145531, 332596, 571899, 629434], -Index: chromium-67.0.3396.18/media/gpu/BUILD.gn +Index: dev/media/filters/BUILD.gn =================================================================== ---- chromium-67.0.3396.18.orig/media/gpu/BUILD.gn -+++ chromium-67.0.3396.18/media/gpu/BUILD.gn -@@ -491,6 +491,14 @@ if (use_v4l2_codec || use_vaapi || is_ma +--- dev.orig/media/filters/BUILD.gn ++++ dev/media/filters/BUILD.gn +@@ -4,6 +4,7 @@ + + import("//media/media_options.gni") + import("//third_party/libaom/options.gni") ++import("//media/gpu/args.gni") + + source_set("filters") { + # Do not expand the visibility here without double-checking with OWNERS, this +@@ -199,7 +200,7 @@ source_set("filters") { + deps += [ "//media/base/android" ] + } + +- if (current_cpu != "arm" && is_linux) { ++ if (use_vaapi) { + sources += [ + "h264_bitstream_buffer.cc", + "h264_bitstream_buffer.h", +Index: dev/media/gpu/BUILD.gn +=================================================================== +--- dev.orig/media/gpu/BUILD.gn ++++ dev/media/gpu/BUILD.gn +@@ -500,6 +500,12 @@ if (use_v4l2_codec || use_vaapi || is_ma } } -+if (is_desktop_linux && use_vaapi) { -+ import("//build/config/linux/pkg_config.gni") ++import("//build/config/linux/pkg_config.gni") + -+ pkg_config("libva_config") { -+ packages = [ "libva" ] -+ } ++pkg_config("libva_config") { ++ packages = [ "libva" ] +} + if (use_vaapi) { test("jpeg_encode_accelerator_unittest") { deps = [ -@@ -551,6 +559,10 @@ if (use_v4l2_codec || use_vaapi) { +@@ -558,6 +564,7 @@ if (use_v4l2_codec || use_vaapi) { if (use_ozone) { deps += [ "//ui/ozone" ] } -+ -+ if (is_desktop_linux) { -+ public_configs = [ ":libva_config" ] -+ } ++ public_configs = [ ":libva_config" ] } } +Index: dev/media/gpu/gpu_video_decode_accelerator_factory.cc +=================================================================== +--- dev.orig/media/gpu/gpu_video_decode_accelerator_factory.cc ++++ dev/media/gpu/gpu_video_decode_accelerator_factory.cc +@@ -88,6 +88,7 @@ GpuVideoDecodeAcceleratorFactory::GetDec + // profile (instead of calculating a superset). + // TODO(posciak,henryhsu): improve this so that we choose a superset of + // resolutions and other supported profile parameters. ++ DVLOG(1) << "Get Supported profiles"; + #if defined(OS_WIN) + capabilities.supported_profiles = + DXVAVideoDecodeAccelerator::GetSupportedProfiles(gpu_preferences, +Index: dev/media/gpu/vaapi/vaapi_wrapper.cc +=================================================================== +--- dev.orig/media/gpu/vaapi/vaapi_wrapper.cc ++++ dev/media/gpu/vaapi/vaapi_wrapper.cc +@@ -861,7 +861,11 @@ scoped_refptr VaapiWrapper::C + } + va_attrib_extbuf.num_planes = num_planes; + ++#if VA_CHECK_VERSION(1, 0, 0) ++ std::vector fds(num_fds); ++#else + std::vector fds(num_fds); ++#endif + for (size_t i = 0; i < num_fds; ++i) { + int dmabuf_fd = pixmap->GetDmaBufFd(i); + if (dmabuf_fd < 0) { +Index: dev/components/viz/service/main/viz_main_impl.cc +=================================================================== +--- dev.orig/components/viz/service/main/viz_main_impl.cc ++++ dev/components/viz/service/main/viz_main_impl.cc +@@ -46,7 +46,7 @@ std::unique_ptr CreateAndS + auto thread = std::make_unique("VizCompositorThread"); + base::Thread::Options thread_options; + thread_options.message_loop_type = base::MessageLoop::TYPE_DEFAULT; +-#if defined(OS_ANDROID) || defined(OS_CHROMEOS) ++#if defined(OS_LINUX) + thread_options.priority = base::ThreadPriority::DISPLAY; + #endif + CHECK(thread->StartWithOptions(thread_options)); +@@ -58,7 +58,7 @@ std::unique_ptr CreateAndS + // It should be possible to use |main_task_runner_| for doing IO tasks. + base::Thread::Options thread_options(base::MessageLoop::TYPE_IO, 0); + thread_options.priority = base::ThreadPriority::NORMAL; +-#if defined(OS_ANDROID) || defined(OS_CHROMEOS) ++#if defined(OS_LINUX) + // TODO(reveman): Remove this in favor of setting it explicitly for each + // type of process. + thread_options.priority = base::ThreadPriority::DISPLAY; +Index: dev/content/browser/renderer_host/render_view_host_impl.cc +=================================================================== +--- dev.orig/content/browser/renderer_host/render_view_host_impl.cc ++++ dev/content/browser/renderer_host/render_view_host_impl.cc +@@ -442,7 +442,11 @@ WebPreferences RenderViewHostImpl::Compu + prefs.save_previous_document_resources = GetSavePreviousDocumentResources(); + + prefs.accelerated_video_decode_enabled = ++#if defined(OS_LINUX) && !defined(OS_CHROMEOS) && !defined(OS_ANDROID) ++ command_line.HasSwitch(switches::kEnableAcceleratedVideo); ++#else + !command_line.HasSwitch(switches::kDisableAcceleratedVideoDecode); ++#endif + + std::string autoplay_policy = media::GetEffectiveAutoplayPolicy(command_line); + if (autoplay_policy == switches::autoplay::kNoUserGestureRequiredPolicy) { diff --git a/chromium.changes b/chromium.changes index 54598ad..39ea0fc 100644 --- a/chromium.changes +++ b/chromium.changes @@ -1,287 +1,180 @@ ------------------------------------------------------------------- -Tue Jul 10 11:40:21 UTC 2018 - tchvatal@suse.com +Wed Jul 25 09:47:13 UTC 2018 - tchvatal@suse.com -- Version update to 67.0.3396.99: - * Various small feature fixes, no security +- Bump to 68.0.3440.75 ------------------------------------------------------------------- -Fri Jun 15 19:51:32 UTC 2018 - tchvatal@suse.com +Mon Jul 23 08:47:34 UTC 2018 - tchvatal@suse.com -- Add patch to build under gcc8: - * chromium-gcc8.patch +- Up to chromium-68.0.3440.68 ------------------------------------------------------------------- -Wed Jun 13 09:26:43 UTC 2018 - security@suse.com +Mon Jul 16 14:47:15 UTC 2018 - tchvatal@suse.com -- Chromium 67.0.3396.87: - * CVE-2018-6149: Out of bounds write in V8 (boo#1097452) +- Up to 68.0.3440.59 ------------------------------------------------------------------- -Thu Jun 7 12:23:26 UTC 2018 - astieger@suse.com +Fri Jun 29 09:04:00 UTC 2018 - tchvatal@suse.com -- Chromium 67.0.3396.79: - * CVE-2018-6148: Incorrect handling of CSP header (boo#1096508) +- Up to 68.0.3440.42 ------------------------------------------------------------------- -Fri Jun 1 17:45:46 UTC 2018 - tchvatal@suse.com +Fri Jun 22 08:01:33 UTC 2018 - tchvatal@suse.com -- Require ffmpeg >= 4.0 bsc#1095545 +- Bump 68.0.3440.33 ------------------------------------------------------------------- -Wed May 30 11:18:13 UTC 2018 - tchvatal@suse.com +Fri Jun 15 08:56:09 UTC 2018 - tchvatal@suse.com -- Update to 67.0.3396.62 bsc#1095163 - * CVE-2018-6123: Use after free in Blink. - * CVE-2018-6124: Type confusion in Blink. - * CVE-2018-6125: Overly permissive policy in WebUSB. - * CVE-2018-6126: Heap buffer overflow in Skia. - * CVE-2018-6127: Use after free in indexedDB. - * CVE-2018-6128: uXSS in Chrome on iOS. - * CVE-2018-6129: Out of bounds memory access in WebRTC. - * CVE-2018-6130: Out of bounds memory access in WebRTC. - * CVE-2018-6131: Incorrect mutability protection in WebAssembly. - * CVE-2018-6132: Use of uninitialized memory in WebRTC. - * CVE-2018-6133: URL spoof in Omnibox. - * CVE-2018-6134: Referrer Policy bypass in Blink. - * CVE-2018-6135: UI spoofing in Blink. - * CVE-2018-6136: Out of bounds memory access in V8. - * CVE-2018-6137: Leak of visited status of page in Blink. - * CVE-2018-6138: Overly permissive policy in Extensions. - * CVE-2018-6139: Restrictions bypass in the debugger extension API. - * CVE-2018-6140: Restrictions bypass in the debugger extension API. - * CVE-2018-6141: Heap buffer overflow in Skia. - * CVE-2018-6142: Out of bounds memory access in V8. - * CVE-2018-6143: Out of bounds memory access in V8. - * CVE-2018-6144: Out of bounds memory access in PDFium. - * CVE-2018-6145: Incorrect escaping of MathML in Blink. - * CVE-2018-6147: Password fields not taking advantage of OS protections in Views. -- Add patches to build on aarch and remove obsolete one: - * chromium-crashpad-aarch64-fix.patch - * chromium-skia-aarch64-buildfix.patch - * chromium-65.0.3325.162-skia-aarch64-buildfix.patch - * chromium-skia-neon.patch -- Remove no longer needed gcc patch: - * chromium-gcc7.patch -- Rebase patches: - * chromium-non-void-return.patch - * chromium-vaapi.patch - * exclude_ymp.patch - * fix_building_widevinecdm_with_chromium.patch +- Up to 68.0.3440.25 ------------------------------------------------------------------- -Sat May 26 23:01:20 UTC 2018 - astieger@suse.com +Sun Jun 10 09:24:57 UTC 2018 - tchvatal@suse.com -- on SLE 12 with SUSE PackageHub 12, do not require the SDK for - libwebpmux1 (bsc#1070421) +- Up to 68.0.3440.17 ------------------------------------------------------------------- -Sat May 26 07:08:04 UTC 2018 - astieger@suse.com +Mon May 28 10:33:56 UTC 2018 - tchvatal@suse.com -- Fix installation issue on SUSE PackageHub 12 with libminizip1 - (bsc#1093031) +- Up to 68.0.3438.3 ------------------------------------------------------------------- -Wed May 16 07:05:32 UTC 2018 - astieger@suse.com +Fri May 18 14:06:56 UTC 2018 - tchvatal@suse.com -- Chromium 66.0.3359.181: - * Autoplay: Force enable on desktop for Web Audio +- Up to 68.0.3432.3 ------------------------------------------------------------------- -Fri May 11 12:10:44 UTC 2018 - astieger@suse.com +Tue May 15 13:53:14 UTC 2018 - guillaume.gardet@opensuse.org -- Chromium 66.0.3359.170 (bsc#1092923): - * Chain leading to sandbox escape: - CVE-2018-6121: Privilege Escalation in extensions - CVE-2018-6122: Type confusion in V8 - * CVE-2018-6120: Heap buffer overflow in PDFium - * Various fixes from internal audits, fuzzing and other - initiatives +- Fix AArch64 build with chromium-crashpad-aarch64-fix.patch ------------------------------------------------------------------- -Wed May 9 08:36:30 UTC 2018 - tchvatal@suse.com +Wed May 9 09:11:46 UTC 2018 - tchvatal@suse.com -- Add patch chromium-skia-system-fontconfig.patch to fix - bsc#1092272 +- Up to 68.0.3423.2 +- Refresh patch chromium-master-prefs-path.patch ------------------------------------------------------------------- -Fri May 4 06:53:49 UTC 2018 - guillaume.gardet@opensuse.org +Wed May 9 08:38:02 UTC 2018 - guillaume.gardet@opensuse.org + +- Fix AArch64 build with chromium-skia-aarch64-buildfix.patch + +------------------------------------------------------------------- +Wed May 9 08:34:37 UTC 2018 - tchvatal@suse.com + +- Add patch chromium-skia-system-fontconfig.patch bsc#1092272 +- Up to 67.0.3393.30 + +------------------------------------------------------------------- +Wed May 9 07:53:48 UTC 2018 - guillaume.gardet@opensuse.org - Enable build on AArch64 - Fix build on AArch64: * set target_cpu to arm64 * disable tcmalloc and swiftshader for aarch64 - * Add new patches: - - chromium-65.0.3325.162-skia-aarch64-buildfix.patch - - chromium-skia-neon.patch ------------------------------------------------------------------- -Fri Apr 27 08:22:18 UTC 2018 - tchvatal@suse.com +Wed Apr 25 14:59:25 UTC 2018 - tchvatal@suse.com -- chromium 66.0.3359.139: - * CVE-2018-6118: Use after free in Media Cache (bsc#1091288) - * drop add-missing-blink-tools.patch, now in tarball again +- Up to chromium-67.0.3396.18 ------------------------------------------------------------------- -Wed Apr 18 09:14:21 UTC 2018 - tchvatal@suse.com +Thu Apr 12 09:10:48 UTC 2018 - tchvatal@suse.com -- Version bump to chromium 66.0.3359.117 bsc#1090000: - * CVE-2018-6085: Use after free in Disk Cache - * CVE-2018-6086: Use after free in Disk Cache - * CVE-2018-6087: Use after free in WebAssembly - * CVE-2018-6088: Use after free in PDFium - * CVE-2018-6089: Same origin policy bypass in Service Worker - * CVE-2018-6090: Heap buffer overflow in Skia - * CVE-2018-6091: Incorrect handling of plug-ins by Service Worker - * CVE-2018-6092: Integer overflow in WebAssembly - * CVE-2018-6093: Same origin bypass in Service Worker - * CVE-2018-6094: Exploit hardening regression in Oilpan - * CVE-2018-6095: Lack of meaningful user interaction requirement before file upload - * CVE-2018-6096: Fullscreen UI spoof - * CVE-2018-6097: Fullscreen UI spoof - * CVE-2018-6098: URL spoof in Omnibox - * CVE-2018-6099: CORS bypass in ServiceWorker - * CVE-2018-6100: URL spoof in Omnibox - * CVE-2018-6101: Insufficient protection of remote debugging prototol in DevTools - * CVE-2018-6102: URL spoof in Omnibox - * CVE-2018-6103: UI spoof in Permissions - * CVE-2018-6104: URL spoof in Omnibox - * CVE-2018-6105: URL spoof in Omnibox - * CVE-2018-6106: Incorrect handling of promises in V8 - * CVE-2018-6107: URL spoof in Omnibox - * CVE-2018-6108: URL spoof in Omnibox - * CVE-2018-6109: Incorrect handling of files by FileAPI - * CVE-2018-6110: Incorrect handling of plaintext files via file:// - * CVE-2018-6111: Heap-use-after-free in DevTools - * CVE-2018-6112: Incorrect URL handling in DevTools - * CVE-2018-6113: URL spoof in Navigation - * CVE-2018-6114: CSP bypass - * CVE-2018-6115: SmartScreen bypass in downloads - * CVE-2018-6116: Incorrect low memory handling in WebAssembly - * CVE-2018-6117: Confusing autofill settings - * Various fixes from internal audits, fuzzing and other initiatives -- Remove obsolete patches: - * chromium-compiler.patch - * chromium-glibc-2.27.patch - * chromium-vaapi-init.patch - * exclude_ymp.diff - * fix-gn-bootstrap.diff - * fix_network_api_crash.patch - * mojo.patch -- Add new patches: - * chromium-ffmpeg.patch - * chromium-gcc7.patch - * exclude_ymp.patch - * fix-gn-bootstrap.patch -- Rebase patches: - * chromium-master-prefs-path.patch - * chromium-non-void-return.patch - * chromium-sandbox-pie.patch - * chromium-vaapi.patch -- Add patch to fix missing folder from tarball: - * add-missing-blink-tools.patch +- Up to 67.0.3393.4 +- Refresh patch exclude_ymp.patch ------------------------------------------------------------------- -Sun Apr 8 10:49:06 UTC 2018 - tchvatal@suse.com +Wed Apr 4 11:49:20 UTC 2018 - tchvatal@suse.com -- Add vaapi patches: - * chromium-vaapi-init.patch - * chromium-vaapi.patch +- Bump to 67.0.3386.1 ------------------------------------------------------------------- -Fri Apr 6 12:54:24 UTC 2018 - tchvatal@suse.com +Wed Mar 28 12:37:50 UTC 2018 - tchvatal@suse.com -- Use memory-constraints package to limit threads as needed +- Bump to 67.0.3381.1 ------------------------------------------------------------------- -Wed Mar 21 06:31:27 UTC 2018 - astieger@suse.com +Fri Mar 23 12:01:52 UTC 2018 - tchvatal@suse.com -- Update to Chromium 65.0.3325.181: - * Various security relevant fixes from internal audits, fuzzing - and other initiatives (boo#1086124) +- Bump to 67.0.3377.1 ------------------------------------------------------------------- -Tue Mar 20 12:33:53 UTC 2018 - tchvatal@suse.com +Tue Mar 20 10:19:55 UTC 2018 - tchvatal@suse.com -- Use both freetype and harfbuzz either bundled or system +- Bump to 67.0.3371.0 +- Remove no longer needed chromium-gcc7.patch +- Rebase fix_building_widevinecdm_with_chromium.patch to allow + widevine builds ------------------------------------------------------------------- -Wed Mar 14 14:18:35 UTC 2018 - tchvatal@suse.com +Tue Mar 20 10:14:15 UTC 2018 - tchvatal@suse.com -- Version update to 65.0.3325.162: - * Various stability fixes only +- Bump to 66.0.3359.33 ------------------------------------------------------------------- -Wed Mar 14 09:00:37 UTC 2018 - tchvatal@suse.com +Wed Mar 14 14:19:21 UTC 2018 - tchvatal@suse.com -- Bundle the harfbuzz on < 15.0 release as we would have to - use requires_ge for the library itself later on otherwise +- Version bump to 66.0.3359.26 ------------------------------------------------------------------- -Fri Mar 9 09:10:01 UTC 2018 - tchvatal@suse.com +Wed Mar 14 13:32:18 UTC 2018 - tchvatal@suse.com -- Make sure to require gcc7 -- Add patch chromium-drm.patch to make sure to build with Leap 42.3 - variant of libdrm +- Bump the requirement for the clang version ------------------------------------------------------------------- -Thu Mar 8 09:00:54 UTC 2018 - tchvatal@suse.com +Wed Mar 14 09:01:33 UTC 2018 - tchvatal@suse.com -- Version update to 65.0.3325.146 bsc#1084296: - * High CVE-2017-11215: Use after free in Flash. - * High CVE-2017-11225: Use after free in Flash. - * High CVE-2018-6060: Use after free in Blink. - * High CVE-2018-6061: Race condition in V8. - * High CVE-2018-6062: Heap buffer overflow in Skia. - * High CVE-2018-6057: Incorrect permissions on shared memory. - * High CVE-2018-6063: Incorrect permissions on shared memory. - * High CVE-2018-6064: Type confusion in V8. - * High CVE-2018-6065: Integer overflow in V8. - * Medium CVE-2018-6066: Same Origin Bypass via canvas. - * Medium CVE-2018-6067: Buffer overflow in Skia. - * Medium CVE-2018-6068: Object lifecycle issues in Chrome Custom Tab. - * Medium CVE-2018-6069: Stack buffer overflow in Skia. - * Medium CVE-2018-6070: CSP bypass through extensions. - * Medium CVE-2018-6071: Heap bufffer overflow in Skia. - * Medium CVE-2018-6072: Integer overflow in PDFium. - * Medium CVE-2018-6073: Heap bufffer overflow in WebGL. - * Medium CVE-2018-6074: Mark-of-the-Web bypass. - * Medium CVE-2018-6075: Overly permissive cross origin downloads. - * Medium CVE-2018-6076: Incorrect handling of URL fragment identifiers in Blink. - * Medium CVE-2018-6077: Timing attack using SVG filters. - * Medium CVE-2018-6078: URL Spoof in OmniBox. - * Medium CVE-2018-6079: Information disclosure via texture data in WebGL. - * Medium CVE-2018-6080: Information disclosure in IPC call. - * Low CVE-2018-6081: XSS in interstitials. - * Low CVE-2018-6082: Circumvention of port blocking. - * Low CVE-2018-6083: Incorrect processing of AppManifests. -- Add new patches: - * chromium-compiler.patch - * chromium-glibc-2.27.patch - * mojo.patch -- Drop patches: - * chromium-angle.patch - * chromium-memcpy.patch -- Update constraints -- Refresh patch chromium-non-void-return.patch to include more - fixes +- Conditionalize harfbuzz switch ------------------------------------------------------------------- -Sat Feb 24 19:02:51 UTC 2018 - astieger@suse.com +Mon Mar 12 10:18:18 UTC 2018 - tchvatal@suse.com -- Chromium 64.0.3282.186: - * Various minor bug fixes +- Update to 66.0.3359.22 ------------------------------------------------------------------- -Wed Feb 14 08:16:34 UTC 2018 - astieger@suse.com +Fri Mar 9 11:20:35 UTC 2018 - tchvatal@suse.com -- update to 64.0.3282.167 (bsc#1080920): - * CVE-2018-6056: Incorrect derived class instantiation in V8 +- Apply patches using %autopatch +- Add patch to build with gcc7 properly chromium-gcc7.patch +- Drop patch chromium-sandbox-pie.patch as we have pie default now +- Add patch to build with leap variant of drm chromium-drm.patch ------------------------------------------------------------------- -Fri Feb 2 11:16:23 UTC 2018 - tchvatal@suse.com +Wed Mar 7 12:11:45 UTC 2018 - tchvatal@suse.com -- Version update to 64.0.3282.140 bsc#1079021: - * Various asan fixes bsc#1078463 CVE-2018-6406 +- Add patch to build ffmpeg from system chromium-ffmpeg.patch + +------------------------------------------------------------------- +Wed Mar 7 10:30:24 UTC 2018 - tchvatal@suse.com + +- Up to 66.0.3355.0 +- Disable clang by default again + +------------------------------------------------------------------- +Tue Feb 27 09:35:21 UTC 2018 - tchvatal@suse.com + +- Up to 66.0.3350.0 + +------------------------------------------------------------------- +Thu Feb 15 09:08:22 UTC 2018 - tchvatal@suse.com + +- Drop patch fix_network_api_crash.patch + +------------------------------------------------------------------- +Mon Feb 12 10:10:58 UTC 2018 - tchvatal@suse.com + +- Bump to 66.0.3343.3 + +------------------------------------------------------------------- +Wed Feb 7 13:58:33 UTC 2018 - tchvatal@suse.com + +- Bump to 65.0.3325.51 + +------------------------------------------------------------------- +Tue Feb 6 12:00:36 UTC 2018 - tchvatal@suse.com + +- Disable gconf support ------------------------------------------------------------------- Fri Feb 2 10:43:48 UTC 2018 - dimstar@opensuse.org @@ -292,9 +185,9 @@ Fri Feb 2 10:43:48 UTC 2018 - dimstar@opensuse.org /proc/meminfo. ------------------------------------------------------------------- -Mon Jan 29 13:07:38 UTC 2018 - tchvatal@suse.com +Wed Jan 31 09:45:45 UTC 2018 - tchvatal@suse.com -- Fix default page to not point to 404 +- Bump to 65.0.3325.31 ------------------------------------------------------------------- Mon Jan 29 12:36:31 UTC 2018 - tchvatal@suse.com @@ -302,318 +195,296 @@ Mon Jan 29 12:36:31 UTC 2018 - tchvatal@suse.com - Install swiftshader objects too as they are needed ------------------------------------------------------------------- -Fri Jan 26 10:11:22 UTC 2018 - tchvatal@suse.com +Fri Jan 26 10:12:22 UTC 2018 - tchvatal@suse.com -- Disable ozone stuff conditions for now as the headless mode - breaks up runtime bsc#1077722 +- Update to 65.0.3325.18 +- Try to have automatic ozone platform detection ------------------------------------------------------------------- -Thu Jan 25 09:51:59 UTC 2018 - tchvatal@suse.com +Wed Jan 17 14:28:37 UTC 2018 - tchvatal@suse.com -- Switch to gcc7 on Leap builds +- Bump to 65.0.3322.3 ------------------------------------------------------------------- -Thu Jan 25 09:42:51 UTC 2018 - tchvatal@suse.com +Mon Jan 8 20:12:43 UTC 2018 - tchvatal@suse.com -- Version update to 64.0.3282.119 bsc#1077571: - * High CVE-2018-6031: Use after free in PDFium. Reported by Anonymous on 2017-11-01 - * High CVE-2018-6032: Same origin bypass in Shared Worker. Reported by Jun Kokatsu (@shhnjk) on 2017-11-20 - * High CVE-2018-6033: Race when opening downloaded files. Reported by Juho Nurminen on 2017-12-09 - * Medium CVE-2018-6034: Integer overflow in Blink. Reported by Tobias Klein (www.trapkit.de) on 2017-11-12 - * Medium CVE-2018-6035: Insufficient isolation of devtools from extensions. Reported by Rob Wu on 2017-12-23 - * Medium CVE-2018-6036: Integer underflow in WebAssembly. Reported by The UK's National Cyber Security Centre (NCSC) on 2017-11-30 - * Medium CVE-2018-6037: Insufficient user gesture requirements in autofill. Reported by Paul Stone of Context Information Security on 2017-08-09 - * Medium CVE-2018-6038: Heap buffer overflow in WebGL. Reported by cloudfuzzer on 2017-10-12 - * Medium CVE-2018-6039: XSS in DevTools. Reported by Juho Nurminen on 2017-10-17 - * Medium CVE-2018-6040: Content security policy bypass. Reported by WenXu Wu of Tencent's Xuanwu Lab on 2017-10-26 - * Medium CVE-2018-6041: URL spoof in Navigation. Reported by Luan Herrera on 2017-08-29 - * Medium CVE-2018-6042: URL spoof in OmniBox. Reported by Khalil Zhani on 2017-10-12 - * Medium CVE-2018-6043: Insufficient escaping with external URL handlers. Reported by 0x09AL on 2017-11-16 - * Medium CVE-2018-6045: Insufficient isolation of devtools from extensions. Reported by Rob Wu on 2017-12-23 - * Medium CVE-2018-6046: Insufficient isolation of devtools from extensions. Reported by Rob Wu on 2017-12-31 - * Medium CVE-2018-6047: Cross origin URL leak in WebGL. Reported by Masato Kinugawa on 2018-01-08 - * Low CVE-2018-6048: Referrer policy bypass in Blink. Reported by Jun Kokatsu (@shhnjk) on 2017-09-08 - * Low CVE-2017-15420: URL spoofing in Omnibox. Reported by Drew Springall (@_aaspring_) on 2017-10-05 - * Low CVE-2018-6049: UI spoof in Permissions. Reported by WenXu Wu of Tencent's Xuanwu Lab on 2017-10-13 - * Low CVE-2018-6050: URL spoof in OmniBox. Reported by Jonathan Kew on 2017-10-15 - * Low CVE-2018-6051: Referrer leak in XSS Auditor. Reported by Antonio Sanso (@asanso) on 2014-12-11 - * Low CVE-2018-6052: Incomplete no-referrer policy implementation. Reported by Tanner Emek on 2016-05-28 - * Low CVE-2018-6053: Leak of page thumbnails in New Tab Page. Reported by Asset Kabdenov on 2017-08-23 - * Low CVE-2018-6054: Use after free in WebUI. Reported by Rob Wu on 2017-12-24 -- Add patches: - * chromium-angle.patch - * chromium-memcpy.patch -- Drop patch: - * chromium-gcc.patch -- Change desktop file name to fit bellow the icon on ie KDE desktop +- Bump to 65.0.3311.3 +- Drop chromium-63.0.3289.84-fix-ft-hb-unbundle.patch ------------------------------------------------------------------- -Thu Jan 4 20:59:31 UTC 2018 - astieger@suse.com +Tue Jan 2 13:14:43 UTC 2018 - tchvatal@suse.com -- Chromium 63.0.3239.132: - * DevTools: do not report raw headers and cookies for protected - subresources - * Various other fixes and updates +- add chromium-63.0.3289.84-fix-ft-hb-unbundle.patch to make sure + we use system freetype/harfbuzz ------------------------------------------------------------------- -Fri Dec 15 09:28:07 UTC 2017 - tchvatal@suse.com +Thu Dec 28 18:00:12 UTC 2017 - tchvatal@suse.com -- Version update to 63.0.3239.108 bsc#1072976: - * CVE-2017-15429: UXSS in V8 - * Various fuzzing fixes +- Make sure to use system freetype too ------------------------------------------------------------------- -Thu Dec 7 09:41:13 UTC 2017 - tchvatal@suse.com +Wed Dec 20 15:38:09 UTC 2017 - tchvatal@suse.com -- Version update to 63.0.3239.84 bsc#1071691: - * Critical CVE-2017-15407: Out of bounds write in QUIC. - * High CVE-2017-15408: Heap buffer overflow in PDFium. - * High CVE-2017-15409: Out of bounds write in Skia. - * High CVE-2017-15410: Use after free in PDFium. - * High CVE-2017-15411: Use after free in PDFium. - * High CVE-2017-15412: Use after free in libXML. - * High CVE-2017-15413: Type confusion in WebAssembly. - * Medium CVE-2017-15415: Pointer information disclosure in IPC call. - * Medium CVE-2017-15416: Out of bounds read in Blink. - * Medium CVE-2017-15417: Cross origin information disclosure in Skia. - * Medium CVE-2017-15418: Use of uninitialized value in Skia. - * Medium CVE-2017-15419: Cross origin leak of redirect URL in Blink. - * Medium CVE-2017-15420: URL spoofing in Omnibox. - * Medium CVE-2017-15422: Integer overflow in ICU. - * Low CVE-2017-15423: Issue with SPAKE implementation in BoringSSL. - * Low CVE-2017-15424: URL Spoof in Omnibox. - * Low CVE-2017-15425: URL Spoof in Omnibox. - * Low CVE-2017-15426: URL Spoof in Omnibox. - * Low CVE-2017-15427: Insufficient blocking of JavaScript in Omnibox. -- Rebase fix-gn-bootstrap.diff -- Drop merged patches: - * chromium-gcc5.patch - * chromium-60.0.3112.113-breakpad-ucontext.patch - * chromium-62.0.3202.62-correct-cplusplus-check.patch -- Add new patches: - * chromium-non-void-return.patch - * chromium-gcc.patch +- Bump 65.0.3298.3 ------------------------------------------------------------------- -Wed Nov 22 11:05:42 UTC 2017 - idonmez@suse.com +Tue Dec 19 09:43:19 UTC 2017 - tchvatal@suse.com + +- Drop chromium-memcpy.patch + +------------------------------------------------------------------- +Mon Dec 18 10:46:25 UTC 2017 - tchvatal@suse.com + +- Drop minizip conditional (was about 42.1) + +------------------------------------------------------------------- +Sun Dec 17 22:52:29 UTC 2017 - tchvatal@suse.com + +- Bump to 65.0.3294.5 + +------------------------------------------------------------------- +Thu Dec 14 14:55:27 UTC 2017 - tchvatal@suse.com + +- Explicitely describe what ozone parts we want + +------------------------------------------------------------------- +Wed Dec 13 09:47:33 UTC 2017 - tchvatal@suse.com + +- Bump to 64.0.3282.24 +- Enable system icu again +- Tweak the deps to match current setup +- Add patch chromium-memcpy.patch + +------------------------------------------------------------------- +Tue Dec 12 12:55:52 UTC 2017 - tchvatal@suse.com + +- Minimize desktop name to not take so much space + +------------------------------------------------------------------- +Sat Dec 9 12:54:27 UTC 2017 - tchvatal@suse.com + +- Bumpyty to 64.0.3282.14 + +------------------------------------------------------------------- +Thu Nov 30 14:32:41 UTC 2017 - tchvatal@suse.com + +- Bumpy to 64.0.3278.0 + +------------------------------------------------------------------- +Wed Nov 22 11:06:47 UTC 2017 - idonmez@suse.com - BuildRequire nodejs8 instead of nodejs6 for suse_version >= 1330 ------------------------------------------------------------------- -Wed Nov 15 14:56:24 UTC 2017 - astieger@suse.com +Sun Nov 19 11:25:52 UTC 2017 - tchvatal@suse.com + +- Drop chromium-64.0.3253.3-gpu_lists_version.h.patch +- Drop chromium-gcc.patch + +------------------------------------------------------------------- +Sun Nov 19 11:20:20 UTC 2017 - tchvatal@suse.com + +- Up to 64.0.3269.3 + +------------------------------------------------------------------- +Wed Nov 15 14:42:55 UTC 2017 - astieger@suse.com -- Update to 62.0.3202.94: - * multiple minor rendering related fixes - fix rebuilds in same chroot ------------------------------------------------------------------- -Tue Nov 7 10:12:28 UTC 2017 - tchvatal@suse.com +Wed Nov 8 21:33:56 UTC 2017 - tchvatal@suse.com -- Version update to 62.0.3202.89 bsc#1066851: - * CVE-2017-15398: Stack buffer overflow in QUIC - * CVE-2017-15399: Use after free in V8 -- Drop upstream merged chromium-sandbox.patch +- Add patch chromium-non-void-return.patch ------------------------------------------------------------------- -Fri Nov 3 12:40:33 UTC 2017 - tchvatal@suse.com +Tue Nov 7 09:41:07 UTC 2017 - tchvatal@suse.com -- Restrict the version on jpeg to not waste build power +- Add patch chromium-64.0.3253.3-gpu_lists_version.h.patch ------------------------------------------------------------------- -Sun Oct 29 08:18:37 UTC 2017 - tchvatal@suse.com +Sat Nov 4 09:38:27 UTC 2017 - tchvatal@suse.com -- Add patch to fix sandbox crashes wrt bsc#1064298 - * chromium-sandbox.patch +- Bump to 64.0.3253.3 ------------------------------------------------------------------- -Fri Oct 27 09:17:02 UTC 2017 - tchvatal@suse.com +Fri Nov 3 11:41:40 UTC 2017 - tchvatal@suse.com -- Version update to 62.0.3202.75 bsc#1065405 CVE-2017-15396 - * CVE-2017-15396: Stack overflow in V8 +- Update to 64.0.3251.0 ------------------------------------------------------------------- -Thu Oct 26 12:09:53 UTC 2017 - astieger@suse.com +Thu Nov 2 20:46:57 UTC 2017 - tchvatal@suse.com -- BuildRequire nodejs6 required for polymer-bundler.js +- Fix the tarball unpacking to unroll all the required content +- Update to 63.0.3239.30 ------------------------------------------------------------------- -Thu Oct 26 09:19:09 UTC 2017 - tchvatal@suse.com +Wed Oct 25 18:24:16 UTC 2017 - tchvatal@suse.com -- Try to export properly CXX/CC variable to fix leap builds +- Drop patch chromium-60.0.3112.113-breakpad-ucontext.patch +- Drop patch chromium-sysroot.patch ------------------------------------------------------------------- -Wed Oct 25 17:52:44 UTC 2017 - tchvatal@suse.com +Wed Oct 11 09:04:46 UTC 2017 - tchvatal@suse.com -- Apply patch to fix building crc32 with gcc7: - * chromium-62.0.3202.62-correct-cplusplus-check.patch +- Bump to 63.0.3236.0 ------------------------------------------------------------------- -Thu Oct 19 03:29:56 UTC 2017 - tchvatal@suse.com +Mon Oct 9 11:42:16 UTC 2017 - tchvatal@suse.com -- Update to 62.0.3202.62 bsc#1064066: - * CVE-2017-5124: UXSS with MHTML. - * CVE-2017-5125: Heap overflow in Skia. - * CVE-2017-5126: Use after free in PDFium. - * CVE-2017-5127: Use after free in PDFium. - * CVE-2017-5128: Heap overflow in WebGL. - * CVE-2017-5129: Use after free in WebAudio. - * CVE-2017-5132: Incorrect stack manipulation in WebAssembly. - * CVE-2017-5130: Heap overflow in libxml2. - * CVE-2017-5131: Out of bounds write in Skia. - * CVE-2017-5133: Out of bounds write in Skia. - * CVE-2017-15386: UI spoofing in Blink. - * CVE-2017-15387: Content security bypass. - * CVE-2017-15388: Out of bounds read in Skia. - * CVE-2017-15389: URL spoofing in OmniBox. - * CVE-2017-15390: URL spoofing in OmniBox. - * CVE-2017-15391: Extension limitation bypass in Extensions. - * CVE-2017-15392: Incorrect registry key handling in PlatformIntegration. - * CVE-2017-15393: Referrer leak in Devtools. - * CVE-2017-15394: URL spoofing in extensions UI. - * CVE-2017-15395: Null pointer dereference in ImageCapture. -- Drop unused patches: +- Bump to 63.0.3230.0 + +------------------------------------------------------------------- +Mon Oct 2 10:10:10 UTC 2017 - tchvatal@suse.com + +- Update to 63.0.3223.8 +- Rebase fix-gn-boostrap.diff +- Remove chromium-gcc5.patch + +------------------------------------------------------------------- +Sat Sep 16 15:51:04 UTC 2017 - tchvatal@suse.com + +- Bump to 63.0.3218.0 +- Rebase fix-gn-bootstrap.diff +- Add chromium-sysroot.patch + +------------------------------------------------------------------- +Wed Sep 13 07:51:50 UTC 2017 - tchvatal@suse.com + +- Version update to 62.0.3202.18 + +------------------------------------------------------------------- +Sun Sep 10 09:46:36 UTC 2017 - tchvatal@suse.com + +- Update to latest +- Switch to system libxml again +- Add more folders to be kept in archive + +------------------------------------------------------------------- +Wed Sep 6 13:16:14 UTC 2017 - tchvatal@suse.com + +- Build with gcc6 on leap as we now require --stdc-14 + +------------------------------------------------------------------- +Wed Sep 6 12:55:30 UTC 2017 - tchvatal@suse.com + +- Add patch to build with new glibc: + * chromium-60.0.3112.113-breakpad-ucontext.patch + +------------------------------------------------------------------- +Mon Sep 4 12:11:32 UTC 2017 - tchvatal@suse.com + +- Bump to 62.0.3198.0: + * fix-gn-bootstrap.diff + +------------------------------------------------------------------- +Wed Aug 23 12:40:57 UTC 2017 - tchvatal@suse.com + +- Bump to 62.0.3192.0 +- Rebase patch chromium-prop-codecs.patch + +------------------------------------------------------------------- +Mon Aug 21 09:29:23 UTC 2017 - tchvatal@suse.com + +- Bump to 62.0.3188.2 +- Rebase fix-gn-bootstrap.diff +- Remove arm patches as we exclude it for now: * arm-webrtc-fix.patch * arm_use_right_compiler.patch - * chromium-46.0.2490.71-fix-missing-i18n_process_css_test.patch - * chromium-atk.patch - * chromium-mojo-dep.patch - * gcc60-fixes.diff +- Add patch chromium-gcc5.patch + +------------------------------------------------------------------- +Fri Aug 11 09:37:10 UTC 2017 - tchvatal@suse.com + +- Bump to 62.0.3178.0 +- Add patch chromium-system-zlib.patch +- Rebase patch fix-gn-bootstrap.diff +- Rebase exclude_ymp.diff +- Drop gcc60-fixes.diff as the toolchain was changed + +------------------------------------------------------------------- +Sun Aug 6 07:18:26 UTC 2017 - tchvatal@suse.com + +- Bump to 62.0.3175.4 + +------------------------------------------------------------------- +Sun Aug 6 07:12:01 UTC 2017 - tchvatal@suse.com + +- Bump to 61.0.3163.31 +- Remove condition for gtk3, hard on from now on +- Bump version requirement on nodejs + +------------------------------------------------------------------- +Thu Jul 27 19:42:42 UTC 2017 - tchvatal@suse.com + +- Bump to 61.0.3163.13 +- Rebase fix-gn-bootstrap.diff + +------------------------------------------------------------------- +Thu Jul 20 12:33:20 UTC 2017 - tchvatal@suse.com + - Refresh patches: - * chromium-gcc5.patch - * chromium-prop-codecs.patch - * exclude_ymp.diff * fix-gn-bootstrap.diff + * gcc60-fixes.diff ------------------------------------------------------------------- -Fri Sep 22 14:50:40 UTC 2017 - astieger@suse.com +Wed Jul 19 15:14:56 UTC 2017 - tchvatal@suse.com -- Update to 61.0.3163.100 (boo#1060019): - * CVE-2017-5121: Out-of-bounds access in V8 - * CVE-2017-5122: Out-of-bounds access in V8 - * Various fixes from internal audits, fuzzing and other initiatives +- Bump to 61.0.3159.5 +- Use system libcxx +- Refresh patch fix-gn-bootstrap.diff ------------------------------------------------------------------- -Sat Sep 16 15:50:19 UTC 2017 - tchvatal@suse.com +Mon Jul 17 07:53:34 UTC 2017 - tchvatal@suse.com -- Update to 61.0.3163.91: - * Various bugfixes - -------------------------------------------------------------------- -Mon Sep 11 08:45:35 UTC 2017 - tchvatal@suse.com - -- Update to 61.0.3163.79 bsc#1057364: - * CVE-2017-5111: Use after free in PDFium. - * CVE-2017-5112: Heap buffer overflow in WebGL. - * CVE-2017-5113: Heap buffer overflow in Skia. - * CVE-2017-5114: Memory lifecycle issue in PDFium. - * CVE-2017-5115: Type confusion in V8. - * CVE-2017-5116: Type confusion in V8. - * CVE-2017-5117: Use of uninitialized value in Skia. - * CVE-2017-5118: Bypass of Content Security Policy in Blink. - * CVE-2017-5119: Use of uninitialized value in Skia. - * CVE-2017-5120: Potential HTTPS downgrade during redirect navigation. -- Rebase patch: - * fix-gn-bootstrap.diff -- Remove patches: - * chromium-gcc7.patch - * chromium-override.patch -- Add new patches: - * chromium-atk.patch - * chromium-gcc5.patch - * chromium-mojo-dep.patch -- Gtk3 is hard required from now on -- Version some of the required dependencies - -------------------------------------------------------------------- -Mon Aug 28 22:57:05 UTC 2017 - astieger@suse.com - -- fix build with Factory glibc: - add chromium-60.0.3112.113-breakpad-ucontext.patch - -------------------------------------------------------------------- -Fri Aug 25 09:17:27 UTC 2017 - tchvatal@suse.com - -- Version update to 60.0.3112.113: - * Various bugfixes - -------------------------------------------------------------------- -Tue Aug 15 15:17:00 UTC 2017 - tchvatal@suse.com - -- Version update to 60.0.3112.101: - * various usability bugfixes - -------------------------------------------------------------------- -Thu Aug 3 13:25:33 UTC 2017 - tchvatal@suse.com - -- Version update to 60.0.3112.90: - * Various usability bugfixes - -------------------------------------------------------------------- -Wed Jul 26 13:27:55 UTC 2017 - tchvatal@suse.com - -- Version update to 60.0.3112.78 bsc#1050537: - * CVE-2017-5091: Use after free in IndexedDB - * CVE-2017-5092: Use after free in PPAPI - * CVE-2017-5093: UI spoofing in Blink - * CVE-2017-5094: Type confusion in extensions - * CVE-2017-5095: Out-of-bounds write in PDFium - * CVE-2017-5096: User information leak via Android intents - * CVE-2017-5097: Out-of-bounds read in Skia - * CVE-2017-5098: Use after free in V8 - * CVE-2017-5099: Out-of-bounds write in PPAPI - * CVE-2017-5100: Use after free in Chrome Apps - * CVE-2017-5101: URL spoofing in OmniBox - * CVE-2017-5102: Uninitialized use in Skia - * CVE-2017-5103: Uninitialized use in Skia - * CVE-2017-5104: UI spoofing in browser - * CVE-2017-7000: Pointer disclosure in SQLite - * CVE-2017-5105: URL spoofing in OmniBox - * CVE-2017-5106: URL spoofing in OmniBox - * CVE-2017-5107: User information leak via SVG - * CVE-2017-5108: Type confusion in PDFium - * CVE-2017-5109: UI spoofing in browser - * CVE-2017-5110: UI spoofing in payments dialog - * Various fixes from internal audits, fuzzing and other initiatives -- Add patch chromium-override.patch -- Remove patches chromium-fpermissive.patch chromium-system-ffmpeg-r3.patch -- Rebase patches: - * chromium-dma-buf.patch - * chromium-gcc7.patch - * chromium-last-commit-position-r0.patch - * fix-gn-bootstrap.diff - -------------------------------------------------------------------- -Mon Jul 24 09:01:07 UTC 2017 - tchvatal@suse.com - -- Recommend emoji fonts to make sure major web chats do not show +- Recommend emoji fonts for various communicators to not display questionmarks ------------------------------------------------------------------- -Wed Jun 28 19:27:55 UTC 2017 - tchvatal@suse.com +------------------------------------------------------------------- +Thu Jul 13 07:52:52 UTC 2017 - tchvatal@suse.com -- Update to 59.0.3071.115: - * Various small fixes all around +- Bump to 61.0.3153.4 +- Refresh patch fix-gn-bootstrap.diff ------------------------------------------------------------------- -Fri Jun 23 07:46:48 UTC 2017 - astieger@suse.com +Thu Jun 29 07:07:53 UTC 2017 - tchvatal@suse.com -- Update to 59.0.3071.109: - * ozone/drm: Only reuse ScanoutBuffers with compatible modifiers - * Fixing mouse focus on WebView - * Remove gtk dependency from gles tests - * Set build flag when using own FreeType - * Revert of [scheduler] Move some task types to suspendable task runner - * Fix an incorrect method name on the chrome://site-engagement WebUI page - * Linux/Windows: Removing Guest menu item for supervised profile +- Remove already applied patch chromium-gcc7.patch ------------------------------------------------------------------- -Fri Jun 16 12:12:56 UTC 2017 - astieger@suse.com +Tue Jun 27 17:59:45 UTC 2017 - tchvatal@suse.com -- Update to 59.0.3071.104 (bsc#1044690): - * CVE-2017-5087: Sandbox Escape in IndexedDB - * CVE-2017-5088: Out of bounds read in V8 - * CVE-2017-5089: Domain spoofing in Omnibox - * Various fixes from internal audits, fuzzing and other initiatives +- require nss >= 3.26 +- Update to 61.0.3141.7 +- Refresh fix-gn-bootstrap.diff + +------------------------------------------------------------------- +Thu Jun 22 08:46:57 UTC 2017 - tchvatal@suse.com + +- Drop merged patch chromium-system-icu.patch +- Refresh patch fix-gn-bootstrap.diff + +------------------------------------------------------------------- +Wed Jun 21 17:06:27 UTC 2017 - tchvatal@suse.com + +- Version update to 61.0.3135.4 + +------------------------------------------------------------------- +Thu Jun 15 08:26:29 UTC 2017 - tchvatal@suse.com + +- Update to 61.0.3128.3 +- Add patch chromium-system-icu.patch + +------------------------------------------------------------------- +Sat Jun 10 14:05:13 UTC 2017 - tchvatal@suse.com + +- Update to 61.0.3124.4 +- Refresh patch fix-gn-bootstrap.diff +- Drop patch chromium-override.patch merged upstream + +------------------------------------------------------------------- +Fri Jun 9 12:11:47 UTC 2017 - tchvatal@suse.com + +- Bump to 60.0.3112.24 ------------------------------------------------------------------- Thu Jun 8 14:56:42 UTC 2017 - tchvatal@suse.com @@ -621,56 +492,104 @@ Thu Jun 8 14:56:42 UTC 2017 - tchvatal@suse.com - Add patch chromium-buildname.patch bsc#1043420 ------------------------------------------------------------------- -Tue Jun 6 07:53:53 UTC 2017 - tchvatal@suse.com +Wed Jun 7 09:10:40 UTC 2017 - tchvatal@suse.com -- Update to 59.0.3071.86 bsc#1042833: - * CVE-2017-5070: Type confusion in V8. Reported by Zhao Qixun(@S0rryMybad) of Qihoo 360 Vulcan Team on 2017-05-16 - * CVE-2017-5071: Out of bounds read in V8. Reported by Choongwoo Han on 2017-04-26 - * CVE-2017-5072: Address spoofing in Omnibox. Reported by Rayyan Bijoora on 2017-04-07 - * CVE-2017-5073: Use after free in print preview. Reported by Khalil Zhani on 2017-04-28 - * CVE-2017-5074: Use after free in Apps Bluetooth. Reported by anonymous on 2017-03-09 - * CVE-2017-5075: Information leak in CSP reporting. Reported by Emmanuel Gil Peyrot on 2017-01-05 - * CVE-2017-5086: Address spoofing in Omnibox. Reported by Rayyan Bijoora on 2017-05-16 - * CVE-2017-5076: Address spoofing in Omnibox. Reported by Samuel Erb on 2017-05-06 - * CVE-2017-5077: Heap buffer overflow in Skia. Reported by Sweetchip on 2017-04-28 - * CVE-2017-5078: Possible command injection in mailto handling. Reported by Jose Carlos Exposito Bueno on 2017-04-12 - * CVE-2017-5079: UI spoofing in Blink. Reported by Khalil Zhani on 2017-04-20 - * CVE-2017-5080: Use after free in credit card autofill. Reported by Khalil Zhani on 2017-04-05 - * CVE-2017-5081: Extension verification bypass. Reported by Andrey Kovalev (@L1kvID) Yandex Security Team on 2016-12-07 - * CVE-2017-5082: Insufficient hardening in credit card editor. Reported by Nightwatch Cybersecurity Research on 2017-05-11 - * CVE-2017-5083: UI spoofing in Blink. Reported by Khalil Zhani on 2017-04-24 - * CVE-2017-5085: Inappropriate javascript execution on WebUI pages. Reported by Zhiyang Zeng of Tencent security platform department on 2017-02-15 -- Add patch to fix build with system dma: - * chromium-dma-buf.patch -- Drop no longer needed patches: - * chromium-linker-memory.patch - * chromium-system-jinja-r13.patch -- Refresh patches: - * chromium-gcc7.patch - * chromium-system-ffmpeg-r3.patch +- Update to 60.0.3112.20 + +------------------------------------------------------------------- +Tue Jun 6 10:56:24 UTC 2017 - tchvatal@suse.com + +- Drop patch chromium-system-icu.patch + * Use bundled icu as system is unbuildable at the moment + +------------------------------------------------------------------- +Mon Jun 5 12:23:26 UTC 2017 - tchvatal@suse.com + +- Bump to 60.0.3112.7 +- Add patch for gcc7 chromium-gcc7.patch +- Add patch to build with gcc chromium-override.patch +- Add patch to build with system icu 59 chromium-system-icu.patch + +------------------------------------------------------------------- +Wed May 31 14:23:42 UTC 2017 - tchvatal@suse.com + +- Update to upstream 60.0.3112.7 + * Refresh patch fix-gn-bootstrap.diff +- Remove upstream merged chromium-system-harfbuzz.patch + +------------------------------------------------------------------- +Wed May 24 12:22:27 UTC 2017 - tchvatal@suse.com + +- Update 60.0.3107.4 +- Refresh patch chromium-last-commit-position-r0.patch +- Remove upstreamed chromium-system-ffmpeg-r3.patch +- Remove upstreamed chromium-system-opus.patch +- Remove upstreamed chromium-system-libpng.patch +- Remove upstreamed chromium-system-libwebp.patch +- Update fix-gn-bootstrap.diff +- Add patch chromium-system-harfbuzz.patch + +------------------------------------------------------------------- +Thu May 18 10:31:53 UTC 2017 - tchvatal@suse.com + +- Version update to 60.0.3100.0 +- Add patches: + * chromium-system-libpng.patch + * chromium-system-libwebp.patch + +------------------------------------------------------------------- +Wed May 17 09:22:27 UTC 2017 - tchvatal@suse.com + +- Export gcc standard version to fix build on older releases + * Needed for vulcan + +------------------------------------------------------------------- +Fri May 12 11:25:49 UTC 2017 - tchvatal@suse.com + +- Update to 60.0.3095.5 +- Update patch: * fix-gn-bootstrap.diff -- Use bundled libxml - * Upstream unfortunately uses git snapshot that is not api/abi compatible ------------------------------------------------------------------- -Mon Jun 5 12:55:22 UTC 2017 - tchvatal@suse.com +Sat May 6 08:50:17 UTC 2017 - tchvatal@suse.com -- Add patch to build with gcc7: - * chromium-gcc7.patch -- Add patch for fpermissive build error: - * chromium-fpermissive.patch +- Switch to system opus and yasm ------------------------------------------------------------------- -Wed May 10 07:43:46 UTC 2017 - tchvatal@suse.com +Fri May 5 12:11:38 UTC 2017 - tchvatal@suse.com -- Version update to 58.0.3029.110: - * Various small bugfixes +- Update to 60.0.3088.3 +- Update patch: + * fix-gn-bootstrap.diff + * chromium-dma-buf.patch ------------------------------------------------------------------- -Thu May 4 12:40:32 UTC 2017 - tchvatal@suse.com +Thu May 4 12:52:01 UTC 2017 - tchvatal@suse.com -- Version update to 58.0.3029.96: - * Fixes bsc#1037594 CVE-2017-5068 +- Version update to 60.0.3080.5 +- Refresh patch: + * chromium-dma-buf.patch + * fix-gn-bootstrap.diff + +------------------------------------------------------------------- +Fri Apr 28 18:40:01 UTC 2017 - tchvatal@suse.com + +- Use bundled libxml (they have git snapshot :/) + +------------------------------------------------------------------- +Fri Apr 28 18:21:44 UTC 2017 - tchvatal@suse.com + +- Add more bundled folders + +------------------------------------------------------------------- +Fri Apr 28 06:03:50 UTC 2017 - tchvatal@suse.com + +- Also drop patch chromium-system-jinja-r13.patch + +------------------------------------------------------------------- +Fri Apr 28 05:55:11 UTC 2017 - tchvatal@suse.com + +- Bump to 59.0.3071.29 ------------------------------------------------------------------- Tue Apr 25 13:24:42 UTC 2017 - tchvatal@suse.com @@ -679,34 +598,56 @@ Tue Apr 25 13:24:42 UTC 2017 - tchvatal@suse.com * It is at least used only during build ------------------------------------------------------------------- -Fri Apr 21 09:57:49 UTC 2017 - tchvatal@suse.com +Fri Apr 21 19:16:32 UTC 2017 - tchvatal@suse.com -- Version update to 58.0.3029.81 bsc#1035103: - * High CVE-2017-5057: Type confusion in PDFium. Credit to Guang Gong of Alpha Team, Qihoo 360 - * High CVE-2017-5058: Heap use after free in Print Preview. Credit to Khalil Zhani - * High CVE-2017-5059: Type confusion in Blink. Credit to SkyLined working with Trend Micro's Zero Day Initiative - * Medium CVE-2017-5060: URL spoofing in Omnibox. Credit to Xudong Zheng - * Medium CVE-2017-5061: URL spoofing in Omnibox. Credit to Haosheng Wang (@gnehsoah) - * Medium CVE-2017-5062: Use after free in Chrome Apps. Credit to anonymous - * Medium CVE-2017-5063: Heap overflow in Skia. Credit to Sweetchip - * Medium CVE-2017-5064: Use after free in Blink. Credit to Wadih Matar - * Medium CVE-2017-5065: Incorrect UI in Blink. Credit to Khalil Zhani - * Medium CVE-2017-5066: Incorrect signature handing in Networking. Credit to chenchu - * Medium CVE-2017-5067: URL spoofing in Omnibox. Credit to Khalil Zhani - * Low CVE-2017-5069: Cross-origin bypass in Blink. Credit to Michael Reizelman -- Refresh patch fix-gn-bootstrap.diff -- Refresh patch chromium-system-jinja-r13.patch -- Remove obsolete patch chromium-57-gcc4.patch +- Refresh patch chromium-system-ffmpeg-r3.patch +- Delete patch chromium-system-libjpeg.patch ------------------------------------------------------------------- -Thu Mar 30 13:07:50 UTC 2017 - tchvatal@suse.com +Fri Apr 21 18:58:53 UTC 2017 - tchvatal@suse.com -- Version update to 57.0.2987.133 bsc#1031677: - * Critical CVE-2017-5055: Use after free in printing. Credit to Wadih Matar - * High CVE-2017-5054: Heap buffer overflow in V8. Credit to Nicolas Trippar of Zimperium zLabs - * High CVE-2017-5052: Bad cast in Blink. Credit to JeongHoon Shin - * High CVE-2017-5056: Use after free in Blink. Credit to anonymous - * High CVE-2017-5053: Out of bounds memory access in V8. Credit to Team Sniper (Keen Lab and PC Mgr) reported through ZDI (ZDI-CAN-4587) +- Update to 59.0.3071.15 + +------------------------------------------------------------------- +Fri Apr 21 09:01:47 UTC 2017 - tchvatal@suse.com + +- Drop exif dep, unused +- Pass no-clean option to bootstrap.py for debugging purposes + +------------------------------------------------------------------- +Wed Apr 19 13:21:37 UTC 2017 - tchvatal@suse.com + +- Version update to 59.0.3071.9 + +------------------------------------------------------------------- +Thu Apr 13 08:22:25 UTC 2017 - tchvatal@suse.com + +- Update to 59.0.3067.0 +- Sort out the harfbuzz bundling conditional to be together with minizip + +------------------------------------------------------------------- +Wed Apr 12 11:20:22 UTC 2017 - tchvatal@suse.com + +- Bump harfbuzz and icu requirements + +------------------------------------------------------------------- +Tue Apr 11 11:52:32 UTC 2017 - tchvatal@suse.com + +- Add patch chromium-dma-buf.patch +- Add patch chromium-system-libjpeg.patch + +------------------------------------------------------------------- +Fri Apr 7 08:49:05 UTC 2017 - tchvatal@suse.com + +- Version update to 59.0.3063.4 +- Refresh patch fix-gn-bootstrap.diff +- Refresh patch chromium-system-ffmpeg-r3.patch + +------------------------------------------------------------------- +Thu Mar 30 13:02:21 UTC 2017 - tchvatal@suse.com + +- Update to 59.0.3053.3 +- Refresh patch fix-gn-bootstrap.diff ------------------------------------------------------------------- Fri Mar 24 15:22:38 UTC 2017 - tchvatal@suse.com @@ -714,167 +655,238 @@ Fri Mar 24 15:22:38 UTC 2017 - tchvatal@suse.com - Drop the browser(npapi) provide which is not true ------------------------------------------------------------------- -Sun Mar 19 11:04:47 UTC 2017 - tchvatal@suse.com +Wed Mar 22 10:57:21 UTC 2017 - tchvatal@suse.com -- Add patch to build with gcc4 - * chromium-57-gcc4.patch +- Drop patch chromium-linker-memory.patch as with i586 dropped it + should not be required +- Update patch fix-gn-bootstrap.diff ------------------------------------------------------------------- -Thu Mar 16 20:45:00 UTC 2017 - tchvatal@suse.com +Wed Mar 22 10:56:09 UTC 2017 - tchvatal@suse.com -- Do not use gcc5 and newer as the compat was fixed again -- Update to 57.0.2987.110 with various other small tweaks +- Version update to chromium-59.0.3047.0 ------------------------------------------------------------------- -Fri Mar 10 10:55:23 UTC 2017 - tchvatal@suse.com +Tue Mar 21 12:41:00 UTC 2017 - tchvatal@suse.com -- Version update to 57.0.2987.98 bsc#1028848: - CVE-2017-5030 CVE-2017-5031 CVE-2017-5032 CVE-2017-5029 CVE-2017-5034 - CVE-2017-5035 CVE-2017-5036 CVE-2017-5037 CVE-2017-5039 CVE-2017-5040 - CVE-2017-5041 CVE-2017-5033 CVE-2017-5042 CVE-2017-5038 CVE-2017-5043 - CVE-2017-5044 CVE-2017-5045 CVE-2017-5046 -- Refresh patches - * fix-gn-bootstrap.diff - * chromium-linker-memory.patch -- Remove obsolete patches: - * chromium-sandbox.patch - * chromium-54-ffmpeg2compat.patch -- Remove vaapi patch which broke rendering on non-intel cards: - * chromium-enable-vaapi-on-suse.patch -- From this release onwards i586 build is disabled +- Few tweaks around clang switch to be viable ------------------------------------------------------------------- -Wed Feb 15 12:02:32 UTC 2017 - idonmez@suse.com +Sat Mar 18 19:13:16 UTC 2017 - tchvatal@suse.com + +- Update to 59.0.3043.0 +- Refresh patch fix-gn-bootstrap.diff + +------------------------------------------------------------------- +Wed Mar 15 10:14:35 UTC 2017 - tchvatal@suse.com + +- Update to 58.0.3029.19 + +------------------------------------------------------------------- +Wed Mar 15 09:34:48 UTC 2017 - tchvatal@suse.com + +- Reduce the requirement on gcc to be 4.8 only again + +------------------------------------------------------------------- +Mon Mar 13 12:20:56 UTC 2017 - tchvatal@suse.com + +- Version update to 58.0.3029.14 + +------------------------------------------------------------------- +Mon Mar 13 11:41:34 UTC 2017 - tchvatal@suse.com + +- Disable system vpx for now, needs symbols that will be in 1.6.2 + +------------------------------------------------------------------- +Fri Mar 10 13:03:15 UTC 2017 - tchvatal@suse.com + +- Update fix-gn-bootstrap.diff to build again + +------------------------------------------------------------------- +Wed Mar 8 11:26:35 UTC 2017 - tchvatal@suse.com + +- Version update to 58.0.3029.6 + +------------------------------------------------------------------- +Thu Mar 2 15:19:25 UTC 2017 - tchvatal@suse.com + +- Update to 58.0.3026.3 +- Empty fix-gn-bootstrap.diff again as it was merged upstream + +------------------------------------------------------------------- +Mon Feb 27 11:22:10 UTC 2017 - tchvatal@suse.com + +- Drop patch chromium-enable-vaapi-on-suse.patch as it breaks on + radeon and nvidia cards + +------------------------------------------------------------------- +Fri Feb 24 07:58:48 UTC 2017 - tchvatal@suse.com + +- Update to 58.0.3018.3 +- Update patch fix-gn-bootstrap.diff to match what is needed now +- Refresh patch chromium-system-jinja-r13.patch + +------------------------------------------------------------------- +Fri Feb 17 12:14:06 UTC 2017 - tchvatal@suse.com + +- Version update to 58.0.3013.3 + +------------------------------------------------------------------- +Wed Feb 15 12:15:52 UTC 2017 - idonmez@suse.com - Also add harfbuzz-ng to keeplibs for SLE +------------------------------------------------------------------- +Wed Feb 8 12:39:54 UTC 2017 - tchvatal@suse.com + +- Update to 58.0.3004.3 + +------------------------------------------------------------------- +Wed Feb 8 12:32:46 UTC 2017 - tchvatal@suse.com + +- Try to properly set up nodejs for build + +------------------------------------------------------------------- +Mon Feb 6 20:39:24 UTC 2017 - tchvatal@suse.com + +- Version update to 58.3000.4 next dev channel +- Drop patch chromium-54-ffmpeg2compat.patch as we require ffmpeg3 now + ------------------------------------------------------------------- Mon Feb 6 20:29:52 UTC 2017 - tchvatal@suse.com - Add condition for system harfbuzz to be disabled on SLE ------------------------------------------------------------------- -Mon Feb 6 12:21:34 UTC 2017 - qvoheagbfovvhubzdxfx@posteo.net - -- Fixed a typo in the build requirements for system minizip. - -------------------------------------------------------------------- -Fri Feb 3 12:23:34 UTC 2017 - tchvatal@suse.com - -- Version update to 56.0.2924.87: - * Various small fixes - * Disabled option to enable/disable plugins in the chrome://plugins - -------------------------------------------------------------------- -Thu Feb 2 20:01:27 UTC 2017 - qvoheagbfovvhubzdxfx@posteo.net - -- Added the package 'chromium-privacy' with multiple patches - sourced from the release version on https://github.com/ - u4qo60z73t1c4hurv3ny/privacy_patches-oS_cr, which, when enabled - with the build option 'privacy', builds a version of Chromium - with less privacy implications due to Google services - integration. - -------------------------------------------------------------------- -Wed Feb 1 09:48:35 UTC 2017 - qvoheagbfovvhubzdxfx@posteo.net +Mon Feb 6 12:16:45 UTC 2017 - qvoheagbfovvhubzdxfx@posteo.net - Changed the build requirement of libavformat to library version 57.41.100, as included in ffmpeg 3.1.1, as only this version properly supports the public AVStream API 'codecpar'. - -------------------------------------------------------------------- -Tue Jan 31 14:08:26 UTC 2017 - tchvatal@suse.com - -- Version update to 56.0.2924.76 bsc#1022049: - - CVE-2017-5007: Universal XSS in Blink - - CVE-2017-5006: Universal XSS in Blink - - CVE-2017-5008: Universal XSS in Blink - - CVE-2017-5010: Universal XSS in Blink - - CVE-2017-5011: Unauthorised file access in Devtools - - CVE-2017-5009: Out of bounds memory access in WebRTC - - CVE-2017-5012: Heap overflow in V8 - - CVE-2017-5013: Address spoofing in Omnibox - - CVE-2017-5014: Heap overflow in Skia - - CVE-2017-5015: Address spoofing in Omnibox - - CVE-2017-5019: Use after free in Renderer - - CVE-2017-5016: UI spoofing in Blink - - CVE-2017-5017: Uninitialised memory access in webm video - - CVE-2017-5018: Universal XSS in chrome://apps - - CVE-2017-5020: Universal XSS in chrome://downloads - - CVE-2017-5021: Use after free in Extensions - - CVE-2017-5022: Bypass of Content Security Policy in Blink - - CVE-2017-5023: Type confusion in metrics - - CVE-2017-5024: Heap overflow in FFmpeg - - CVE-2017-5025: Heap overflow in FFmpeg - - CVE-2017-5026: UI spoofing. Credit to Ronni Skansing -- Add conditional to switch between system and bundled icu -- Raise dependency on harfbuzz to 1.3.1 -- Also refresh patches: - chromium-prop-codecs.patch chromium-linker-memory.patch - -------------------------------------------------------------------- -Sat Jan 28 11:31:18 UTC 2017 - qvoheagbfovvhubzdxfx@posteo.net - - Added patch chromium-enable-vaapi-on-suse.patch to enable VAAPI hardware accelerated video decoding. + * chromium-enable-vaapi-on-suse.patch +- Fixed a typo in the build requirements for system minizip. ------------------------------------------------------------------- -Wed Dec 21 20:19:42 UTC 2016 - astieger@suse.com +Fri Feb 3 10:38:16 UTC 2017 - tchvatal@suse.com -- Chromium 55.0.2883.87: - * various fixes for crashes and specific wesites - * update Google pinned certificates +- Update to 57.0.2987.21 ------------------------------------------------------------------- -Wed Dec 21 10:02:52 UTC 2016 - tchvatal@suse.com +Wed Feb 1 12:44:58 UTC 2017 - tchvatal@suse.com -- Disable system icu on Factory, crashes autofill +- Update to 57.0.2987.19 ------------------------------------------------------------------- -Tue Dec 13 14:38:08 UTC 2016 - idonmez@suse.com +Sun Jan 29 17:58:34 UTC 2017 - tchvatal@suse.com + +- Version update to 57.0.2987.13 + +------------------------------------------------------------------- +Wed Jan 25 13:47:13 UTC 2017 - tchvatal@suse.com + +- Update to 57.0.2987.8 + +------------------------------------------------------------------- +Tue Jan 24 10:43:32 UTC 2017 - tchvatal@suse.com + +- Update to 57.0.2986.0 + +------------------------------------------------------------------- +Thu Jan 19 10:40:36 UTC 2017 - tchvatal@suse.com + +- Version update to 57.0.2984.0 + +------------------------------------------------------------------- +Fri Jan 13 09:13:44 UTC 2017 - tchvatal@suse.com + +- Drop the support code for builtin ffmpeg and rely on the system one always + +------------------------------------------------------------------- +Fri Jan 6 11:53:25 UTC 2017 - tchvatal@suse.com + +- Exclude i586 arch as the resources to build are not there + +------------------------------------------------------------------- +Wed Jan 4 12:36:34 UTC 2017 - tchvatal@suse.com + +- Add toolchain definition hopefully allowing us to build on Leap + with older gcc + * This also exposes more of our suse CFLAGS to the compilation + +------------------------------------------------------------------- +Wed Jan 4 12:07:26 UTC 2017 - tchvatal@suse.com + +- Version update to 57.0.2970.0 +- Refresh patch: + * fix-gn-bootstrap.diff +- Drop patch: + * chromium-sandbox.patch + +------------------------------------------------------------------- +Tue Dec 20 14:55:38 UTC 2016 - tchvatal@suse.com + +- Use gcc5 on leap + +------------------------------------------------------------------- +Mon Dec 19 10:30:45 UTC 2016 - tchvatal@suse.com + +- Update to 57.0.2946.4 + +------------------------------------------------------------------- +Wed Dec 14 10:45:26 UTC 2016 - tchvatal@suse.com + +- Allow building with non-system icu on older systems +- Refresh patch fix-gn-bootstrap.diff +- Disable system icu again, fails to build even on factory + +------------------------------------------------------------------- +Tue Dec 13 14:42:30 UTC 2016 - idonmez@suse.com - python-html5lib now depends on six, so preserve that too for SLE builds. ------------------------------------------------------------------- -Fri Dec 9 12:07:10 UTC 2016 - astieger@suse.com +Sun Dec 11 13:12:44 UTC 2016 - tchvatal@suse.com -- Obsolete ffmpeg and ffmpegsumo package in addition to conflict +- Version update to 57.0.2946.0 ------------------------------------------------------------------- -Mon Dec 5 17:08:45 UTC 2016 - astieger@suse.com +Sun Dec 11 13:04:36 UTC 2016 - tchvatal@suse.com -- record minimum version for harfbuzz, incuding runtime - Chromium will crash with harfbuzz < 1.3.0 +- Version update to 56.0.2924.21 ------------------------------------------------------------------- -Sat Dec 3 09:59:21 UTC 2016 - tchvatal@suse.com +Thu Dec 8 08:33:17 UTC 2016 - tchvatal@suse.com -- Chromium 55.0.2883.75 bnc#1013236: - CVE-2016-9651 CVE-2016-5208 CVE-2016-5207 CVE-2016-5206 CVE-2016-5205 - CVE-2016-5204 CVE-2016-5209 CVE-2016-5203 CVE-2016-5210 CVE-2016-5212 - CVE-2016-5211 CVE-2016-5213 CVE-2016-5214 CVE-2016-5216 CVE-2016-5215 - CVE-2016-5217 CVE-2016-5218 CVE-2016-5219 CVE-2016-5221 CVE-2016-5220 - CVE-2016-5222 CVE-2016-9650 CVE-2016-5223 CVE-2016-5226 CVE-2016-5225 - CVE-2016-5224 CVE-2016-9652 -- Switch to system libraries: harfbuzz, zlib, ffmpeg, ... -- Refreshed patches: - * chromium-system-ffmpeg-r3.patch - * chromium-system-jinja-r13.patch -- Use system ffmpeg unless on 13.2 that didn't include it - * chromium-54-ffmpeg2compat.patch - * Remove upstreamed chromium-more-codec-aliases.patch -- Remove bookmarks override as discussed with artwork simply just set - homepage to our openSUSE one and that is all +- Version update to 56.0.2924.18 ------------------------------------------------------------------- -Sat Nov 12 08:20:05 UTC 2016 - astieger@suse.com +Sat Dec 3 12:03:04 UTC 2016 - tchvatal@suse.com -- Chromium 54.0.2840.100: - * CVE-2016-5199: Heap corruption in FFmpeg (boo#1009892) - * CVE-2016-5200: out of bounds memory access in v8 (boo#1009893) - * CVE-2016-5201: info leak in extensions (boo#1009894) - * CVE-2016-5202: various fixes from internal audits (boo#1009895) +- Version update to 56.0.2924.14 + +------------------------------------------------------------------- +Tue Nov 29 21:13:49 UTC 2016 - tchvatal@suse.com + +- Version update to 56.0.2924.10 + +------------------------------------------------------------------- +Tue Nov 22 07:40:21 UTC 2016 - tchvatal@suse.com + +- Version update to 56.0.2922.1 + +------------------------------------------------------------------- +Fri Nov 18 08:35:30 UTC 2016 - tchvatal@suse.com + +- Version update to 56.0.2920.0 + +------------------------------------------------------------------- +Mon Nov 14 13:13:16 UTC 2016 - tchvatal@suse.com + +- Version update to 56.0.2914.3: + * refresh patch chromium-prop-codecs.patch ------------------------------------------------------------------- Mon Nov 7 20:02:46 UTC 2016 - tchvatal@suse.com @@ -884,63 +896,96 @@ Mon Nov 7 20:02:46 UTC 2016 - tchvatal@suse.com bnc#1008725 ------------------------------------------------------------------- -Wed Nov 2 07:32:27 UTC 2016 - tchvatal@suse.com +Sun Nov 6 09:41:28 UTC 2016 - tchvatal@suse.com -- Update to 54.0.2840.90: - * Few fixes and tweaks - * Fixes CVE-2016-5198 bsc#1008274 +- Put chromium-flags at the end to allow user to override various + variables ------------------------------------------------------------------- -Fri Oct 21 10:27:16 UTC 2016 - tchvatal@suse.com +Wed Nov 2 07:36:15 UTC 2016 - tchvatal@suse.com -- Update to 54.0.2840.71: - * Few fixes around +- Update to 56.0.2906.0 ------------------------------------------------------------------- -Thu Oct 13 10:19:03 UTC 2016 - tchvatal@suse.com +Fri Oct 28 16:59:28 UTC 2016 - tchvatal@suse.com -- Version update to 54.0.2840.59 bnc#1004465: - - CVE-2016-5181: Universal XSS in Blink (Anonymous) - - CVE-2016-5182: Heap overflow in Blink (Giwan Go of STEALIEN) - - CVE-2016-5183: Use after free in PDFium (Anonymous) - - CVE-2016-5184: Use after free in PDFium (Anonymous) - - CVE-2016-5185: Use after free in Blink (cloudfuzzer) - - CVE-2016-5187: URL spoofing (Luan Herrera) - - CVE-2016-5188: UI spoofing (Luan Herrera) - - CVE-2016-5192: Cross-origin bypass in Blink (haojunhou at gmail) - - CVE-2016-5189: URL spoofing (xisigr of Tencent's Xuanwu Lab) - - CVE-2016-5186: Out of bounds read in DevTools (Abdulrahman Alqabandi) - - CVE-2016-5191: Universal XSS in Bookmarks (Gareth Hughes) - - CVE-2016-5190: Use after free in Internals (Atte Kettunen of OUSPG) - - CVE-2016-5193: Scheme bypass (Yuyang ZHOUmartinzhou96) -- packaging changes: - * disable build for chromium-beta on %arm. - * Make linker use less memory by tweaking its options: - chromium-linker-memory.patch - * obsolete desktop subpackages - * Switch to gold to reduce memory use use during build - * fix build on 4.5+ kernels with systemlibs: - chromium-sandbox.patch - * various compiler and linker flag adjustments - * enable gtk3 ui, add patch gtk3-missing-define.patch - * switch from some bundled libraries to the system versions - chromium-system-ffmpeg-r3.patch - chromium-system-jinja-r13.patch - fix-gn-bootstrap.diff - * remove service file covered by download_files -- run time bug fixes: - * Add --ui-disable-partial-swap to the launcher bnc#1000019 - * Use default chromium values from master_preferences on first run - rather than pseudo-duplicating in shellscript -- added features: - * hangouts extension +- Update to 56.0.2902.0 + * Update fix-gn-bootstrap.diff ------------------------------------------------------------------- -Fri Sep 30 08:00:45 UTC 2016 - tchvatal@suse.com +Mon Oct 24 13:06:07 UTC 2016 - tchvatal@suse.com -- Version update to 53.0.2785.143 bnc#1002140: - * CVE-2016-5177: Use after free in V8 - * CVE-2016-5178: Various fixes from internal audits +- Update to 56.0.2897.0 + * Refresh patch chromium-linker-memory.patch + * Update fix-gn-bootstrap.diff + +------------------------------------------------------------------- +Mon Oct 24 11:44:08 UTC 2016 - tchvatal@suse.com + +- Try to make package buildable on SLE12 Backports project + +------------------------------------------------------------------- +Fri Oct 21 10:34:39 UTC 2016 - tchvatal@suse.com + +- Update to 55.0.2883.21 +- Add switch between bundled and system icu as on old distributions + we simply have too old ICU +- Add switch for bundled/system minizip as it is not available on 42.1 + +------------------------------------------------------------------- +Thu Oct 20 07:52:26 UTC 2016 - tchvatal@suse.com + +- Version update to 55.0.2883.18 + +------------------------------------------------------------------- +Mon Oct 17 12:06:03 UTC 2016 - tchvatal@suse.com + +- Version update to 55.0.2883.11 +- Drop chromium-system-zlib.patch +- Add Requires on specified browser for chromedriver wrt bnc#1004839 + +------------------------------------------------------------------- +Sun Oct 9 18:16:49 UTC 2016 - tchvatal@suse.com + +- Version update to 55.0.2882.0: + * Rebase fix-gn-bootstrap.diff + * Remove upstreamed chromium-more-codec-aliases.patch + +------------------------------------------------------------------- +Sat Oct 8 09:51:35 UTC 2016 - mailaender@opensuse.org + +- Add appdata.xml for https://en.opensuse.org/openSUSE:AppStore + +------------------------------------------------------------------- +Fri Sep 30 07:12:16 UTC 2016 - dmueller@suse.com + +- disable build for chromium-beta on %arm. while it does build, + it takes two days, in which we can build roughly 600 other packages, + and I rather build 600 other packages than chromium-beta. + +------------------------------------------------------------------- +Wed Sep 28 17:32:17 UTC 2016 - tchvatal@suse.com + +- Version update to 55.0.2873.0: + * refresh fix-gn-bootstrap.diff + +------------------------------------------------------------------- +Tue Sep 27 08:08:38 UTC 2016 - tchvatal@suse.com + +- Do not install default_bookmarks.html file, just set homepage + and that's it +- Drop chromium-rpmlintrc not really needed + +------------------------------------------------------------------- +Mon Sep 26 14:07:58 UTC 2016 - tchvatal@suse.com + +- Drop chrome-wrapper file it is unused + +------------------------------------------------------------------- +Mon Sep 26 12:29:52 UTC 2016 - tchvatal@suse.com + +- Add --ui-disable-partial-swap to the launcher bnc#1000019 + cr#628168 ------------------------------------------------------------------- Mon Sep 26 12:22:41 UTC 2016 - dimstar@opensuse.org @@ -949,50 +994,153 @@ Mon Sep 26 12:22:41 UTC 2016 - dimstar@opensuse.org it's started as an Xwayland client (boo#1001135). ------------------------------------------------------------------- -Sat Sep 17 11:36:18 UTC 2016 - tchvatal@suse.com +Mon Sep 26 08:18:16 UTC 2016 - tchvatal@suse.com -- Apply sandbox patch to fix crashers on tumbleweed bnc#999091 +- Update to 55.0.2868.3: + * remove patch gtk3-missing-define.patch + * update patch fix-gn-bootstrap.diff + * add patch chromium-system-zlib.patch +- Use system icu, upstream bug was fixed + +------------------------------------------------------------------- +Wed Sep 21 09:50:26 UTC 2016 - tchvatal@suse.com + +- Enable system libs again as it works for now +- Disable system vpx on < Factory as the vpx there is too old +- Now stable -> enable tcmalloc again + +------------------------------------------------------------------- +Tue Sep 20 09:00:29 UTC 2016 - tchvatal@suse.com + +- Make linker use less memory by tweaking its options: + * chromium-linker-memory.patch +- Update constraints for arm a bit to build +- Use system ffmpeg unless on 13.2 that didn't include it + * chromium-54-ffmpeg2compat.patch + +------------------------------------------------------------------- +Fri Sep 16 09:12:17 UTC 2016 - tchvatal@suse.com + +- Fix obsoletes for the desktop thingies + +------------------------------------------------------------------- +Thu Sep 15 12:02:32 UTC 2016 - tchvatal@suse.com + +- Gtk3 is still buggy -> disable +- Remove systemlibs for now except ffmpeg as it causes tons of problems + +------------------------------------------------------------------- +Wed Sep 14 14:57:42 UTC 2016 - tchvatal@suse.com + +- Switch to component build - solves issue with linking and not + enough memory +- Document in defaults how to actually enable debugging +- Remove noop conditions and empty variables from .sh script + launching chromium + +------------------------------------------------------------------- +Wed Sep 14 07:31:47 UTC 2016 - tchvatal@suse.com + +- Enable aarch64 to see how it goes +- Version update to 55.0.2859.0 + +------------------------------------------------------------------- +Tue Sep 13 17:13:47 UTC 2016 - tchvatal@suse.com + +- Do not bother with widevine installation, we need to build the + connectors, but later need to use the one bundled with chrome to + work with drm anyway + +------------------------------------------------------------------- +Tue Sep 13 12:53:23 UTC 2016 - tchvatal@suse.com + +- Switch to gold, we need to use less memory when linking +- Expand constraints for the debug symbols +- Use default chromium values from master_preferences on first run + rather than pseudo-duplicating in shellscript, bugs should be + fixed in the masterprefs +- Add patch to fix build on 4.5+ kernels with systemlibs: * chromium-sandbox.patch ------------------------------------------------------------------- -Thu Sep 15 13:09:21 UTC 2016 - tchvatal@suse.com +Mon Sep 12 17:21:26 UTC 2016 - tchvatal@suse.com -- Version update stable channel 53.0.2785.116 - * Just smal bugfixes around +- Collapse the ninja calls to run only once, no need to start 3x +- Remove g0 from cflags, that is something we never want, at least + some symbols for tracing are useful +- Sync more the options that are available for the build ------------------------------------------------------------------- -Wed Sep 14 07:35:09 UTC 2016 - tchvatal@suse.com +Mon Sep 12 08:55:09 UTC 2016 - tchvatal@suse.com -- Version update to 53.0.2785.113 bnc#998743: - * CVE-2016-5170 Use after free in Blink - * CVE-2016-5171 Use after free in Blink - * CVE-2016-5172 Arbitrary Memory Read in v8 - * CVE-2016-5173 Extension resource access - * CVE-2016-5174 Popup not correctly suppressed - * CVE-2016-5175 Various fixes from internal audits +- Enable more switches that are found in the gn files +- Try to enable gtk3 ui again + * add patch gtk3-missing-define.patch ------------------------------------------------------------------- -Mon Sep 12 08:31:59 UTC 2016 - tchvatal@suse.com +Sun Sep 11 09:14:14 UTC 2016 - tchvatal@suse.com -- Reenable widevine build again bnc#998328 +- Move widevine to subpackage so user have choice between the built + one and the chrome one ------------------------------------------------------------------- -Sat Sep 10 09:13:37 UTC 2016 - tchvatal@suse.com +Sat Sep 10 11:02:42 UTC 2016 - tchvatal@suse.com -- Stable channel update to 53.0.2785.101 - * SPDY crasher fixes - * Disable NV12 DXGI video on AMD - * Forward --password-store switch to os_crypt - * Tell the kernel to discard USB requests when they time out. +- Version update to dev chanel 55.0.2853.0 +- Refresh patches: + * chromium-system-ffmpeg-r3.patch + * chromium-system-jinja-r13.patch +- Correctly detect system ffmpeg and set branding to allow all codecs + that the ffmpeg can work with (eg we simply passover all the data + and do not bother with blacklist/whitelist) ------------------------------------------------------------------- -Wed Sep 7 14:50:44 UTC 2016 - astieger@suse.com +Sat Sep 10 08:58:20 UTC 2016 - tchvatal@suse.com -- Update to Chromium 53.0.2785.92: - * Revert of support relocatable RPM packages - * disallow WKBackForwardListItem navigations for pushState pages - * arc: bluetooth: Fix advertised uuid - * fix conflicting PendingIntent for stop button and swipe away +- Update to 54.0.2840.16 +- Expand provides/obsoletes for the desktop subpackages to remove + them all + +------------------------------------------------------------------- +Thu Sep 8 13:23:30 UTC 2016 - tchvatal@suse.com + +- Enable hangouts extension +- Try to build widevine drm extension instead of using the one from + packman bnc#998328 +- Go back to normal malloc from bundled tcmalloc, switch back when + we can use system one + +------------------------------------------------------------------- +Wed Sep 7 06:36:15 UTC 2016 - tchvatal@suse.com + +- Update to 54.0.2840.14 +- Switch back to gcc on factory +- Switch some bundled libraries off courtesy of gentoo build system +- Try to use system ffmpeg if possible +- Remove useless service file, "osc service localrun download_files" + works fine enough even without it +- Add patches for system jinja and ffmpeg (gentoo): + * chromium-system-ffmpeg-r3.patch + * chromium-system-jinja-r13.patch +- Add back gcc compat patch: + * gcc60-fixes.diff + +------------------------------------------------------------------- +Tue Sep 6 08:32:06 UTC 2016 - tchvatal@suse.com + +- Switch to compile using clang as google has default + * Only for factory on 1320 and older use gcc +- Obsolete kde/gnome subpackages, useless nowdays +- Determine paralelism based on how much memory we have +- Disable gtk3 it seems to be really messy with rendering nowdays + * Stick with gtk2 for time being +- Enable tcmalloc as memory manager +- Sort out with spec-cleaner +- Drop unused patches: + * fix-older-gcc.patch + * gcc60-fixes.diff +- Do not install chromium-generic to libdir just directly go to bindir +- Remove empty pre function ------------------------------------------------------------------- Thu Sep 1 04:04:13 UTC 2016 - tittiatcoke@gmail.com diff --git a/chromium.spec b/chromium.spec index 50aaae2..8415b0e 100644 --- a/chromium.spec +++ b/chromium.spec @@ -39,8 +39,8 @@ %endif %bcond_with system_vpx %bcond_with clang -Name: chromium -Version: 67.0.3396.99 +Name: chromium-beta +Version: 68.0.3440.75 Release: 0 Summary: Google's open source browser project License: BSD-3-Clause AND LGPL-2.1-or-later @@ -69,9 +69,13 @@ Patch6: chromium-non-void-return.patch Patch7: chromium-ffmpeg.patch Patch8: chromium-drm.patch Patch9: chromium-sandbox-pie.patch -Patch10: chromium-gcc8.patch +Patch10: chromium-libwebp-shim.patch +Patch11: chromium-libjpeg.patch +Patch12: chromium-cors-string.patch +Patch13: chromium-gcc.patch # Google seem not too keen on merging this but GPU accel is quite important # https://chromium-review.googlesource.com/c/chromium/src/+/532294 +# https://github.com/saiarcot895/chromium-ubuntu-build/tree/master/debian/patches Patch100: chromium-vaapi.patch # Google does not care much about system libs here # https://bugs.chromium.org/p/skia/issues/detail?id=6663 @@ -187,16 +191,16 @@ Provides: chromium-browser = %{version} Obsoletes: %{name}-suid-helper < %{version} Obsoletes: chromium-browser < %{version} Provides: %{name}-suid-helper = %{version} -Obsoletes: chromium-beta-desktop-gnome -Obsoletes: chromium-beta-desktop-kde -Obsoletes: chromium-desktop-gnome Obsoletes: chromium-desktop-kde -Obsoletes: chromium-dev-desktop-gnome +Obsoletes: chromium-desktop-gnome +Obsoletes: chromium-beta-desktop-kde +Obsoletes: chromium-beta-desktop-gnome Obsoletes: chromium-dev-desktop-kde +Obsoletes: chromium-dev-desktop-gnome Obsoletes: chromium-ffmpeg Obsoletes: chromium-ffmpegsumo # no 32bit supported and it takes ages to build -ExcludeArch: %{arm} i586 ppc ppc64 ppc64le +ExcludeArch: %{arm} i586 ppc ppc64 ppc64le s390 s390x %ifnarch aarch64 # Current tcmalloc does not support AArch64 BuildRequires: pkgconfig(libtcmalloc) @@ -279,8 +283,11 @@ keeplibs=( buildtools/third_party/libunwind chrome/third_party/mozilla_security_manager courgette/third_party + net/third_party/http2 net/third_party/mozilla_security_manager net/third_party/nss + net/third_party/quic + net/third_party/spdy third_party/WebKit third_party/analytics third_party/angle @@ -338,11 +345,11 @@ keeplibs=( third_party/libXNVCtrl third_party/libaddressinput third_party/libaom - third_party/libaom/source/libaom/third_party/x86inc third_party/libjingle third_party/libphonenumber third_party/libsecret third_party/libsrtp + third_party/libsync third_party/libudev third_party/libusb third_party/libwebm @@ -359,6 +366,7 @@ keeplibs=( third_party/openh264 third_party/openmax_dl third_party/ots + third_party/perfetto third_party/pdfium third_party/pdfium/third_party/agg23 third_party/pdfium/third_party/base @@ -370,16 +378,20 @@ keeplibs=( third_party/pdfium/third_party/libpng16 third_party/pdfium/third_party/libtiff third_party/pdfium/third_party/skia_shared + third_party/perfetto third_party/ply third_party/polymer third_party/protobuf third_party/protobuf/third_party/six + third_party/pyjson5 third_party/qcms + third_party/rnnoise third_party/s2cellid third_party/sfntly third_party/shaderc third_party/skia third_party/skia/third_party/gif + third_party/skia/third_party/skcms third_party/skia/third_party/vulkan third_party/smhasher third_party/spirv-headers @@ -405,6 +417,7 @@ keeplibs=( url/third_party/mozilla v8/src/third_party/valgrind v8/src/third_party/utf8-decoder + v8/third_party/antlr4 v8/third_party/inspector_protocol ) %if %{with sle_bundles} From f1bef015343cb0d9a106f8b818d683fc9b2048ffb46f3f71a39808b6c637fc41 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Wed, 25 Jul 2018 10:01:12 +0000 Subject: [PATCH 34/52] - Version update to 68.0.3440.75 bsc#1102530: * CVE-2018-6153: Stack buffer overflow in Skia. * CVE-2018-6154: Heap buffer overflow in WebGL. * CVE-2018-6155: Use after free in WebRTC. * CVE-2018-6156: Heap buffer overflow in WebRTC. * CVE-2018-6157: Type confusion in WebRTC. * CVE-2018-6158: Use after free in Blink. * CVE-2018-6159: Same origin policy bypass in ServiceWorker. * CVE-2018-6160: URL spoof in Chrome on iOS. * CVE-2018-6161: Same origin policy bypass in WebAudio. * CVE-2018-6162: Heap buffer overflow in WebGL. * CVE-2018-6163: URL spoof in Omnibox. * CVE-2018-6164: Same origin policy bypass in ServiceWorker. * CVE-2018-6165: URL spoof in Omnibox. * CVE-2018-6166: URL spoof in Omnibox. * CVE-2018-6167: URL spoof in Omnibox. * CVE-2018-6168: CORS bypass in Blink. * CVE-2018-6169: Permissions bypass in extension installation. * CVE-2018-6170: Type confusion in PDFium. * CVE-2018-6171: Use after free in WebBluetooth. * CVE-2018-6172: URL spoof in Omnibox. * CVE-2018-6173: URL spoof in Omnibox. * CVE-2018-6174: Integer overflow in SwiftShader. * CVE-2018-6175: URL spoof in Omnibox. * CVE-2018-6176: Local user privilege escalation in Extensions. * CVE-2018-6177: Cross origin information leak in Blink. * CVE-2018-6178: UI spoof in Extensions. * CVE-2018-6179: Local file information leak in Extensions. * CVE-2018-6044: Request privilege escalation in Extensions. * CVE-2018-4117: Cross origin information leak in Blink. OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1145 --- chromium.changes | 1582 +++++++++++++++++++++------------------------- chromium.spec | 8 +- 2 files changed, 738 insertions(+), 852 deletions(-) diff --git a/chromium.changes b/chromium.changes index 39ea0fc..f02e124 100644 --- a/chromium.changes +++ b/chromium.changes @@ -1,180 +1,321 @@ ------------------------------------------------------------------- -Wed Jul 25 09:47:13 UTC 2018 - tchvatal@suse.com +Wed Jul 25 09:53:23 UTC 2018 - tchvatal@suse.com -- Bump to 68.0.3440.75 +- Version update to 68.0.3440.75 bsc#1102530: + * CVE-2018-6153: Stack buffer overflow in Skia. + * CVE-2018-6154: Heap buffer overflow in WebGL. + * CVE-2018-6155: Use after free in WebRTC. + * CVE-2018-6156: Heap buffer overflow in WebRTC. + * CVE-2018-6157: Type confusion in WebRTC. + * CVE-2018-6158: Use after free in Blink. + * CVE-2018-6159: Same origin policy bypass in ServiceWorker. + * CVE-2018-6160: URL spoof in Chrome on iOS. + * CVE-2018-6161: Same origin policy bypass in WebAudio. + * CVE-2018-6162: Heap buffer overflow in WebGL. + * CVE-2018-6163: URL spoof in Omnibox. + * CVE-2018-6164: Same origin policy bypass in ServiceWorker. + * CVE-2018-6165: URL spoof in Omnibox. + * CVE-2018-6166: URL spoof in Omnibox. + * CVE-2018-6167: URL spoof in Omnibox. + * CVE-2018-6168: CORS bypass in Blink. + * CVE-2018-6169: Permissions bypass in extension installation. + * CVE-2018-6170: Type confusion in PDFium. + * CVE-2018-6171: Use after free in WebBluetooth. + * CVE-2018-6172: URL spoof in Omnibox. + * CVE-2018-6173: URL spoof in Omnibox. + * CVE-2018-6174: Integer overflow in SwiftShader. + * CVE-2018-6175: URL spoof in Omnibox. + * CVE-2018-6176: Local user privilege escalation in Extensions. + * CVE-2018-6177: Cross origin information leak in Blink. + * CVE-2018-6178: UI spoof in Extensions. + * CVE-2018-6179: Local file information leak in Extensions. + * CVE-2018-6044: Request privilege escalation in Extensions. + * CVE-2018-4117: Cross origin information leak in Blink. ------------------------------------------------------------------- -Mon Jul 23 08:47:34 UTC 2018 - tchvatal@suse.com +Tue Jul 10 11:40:21 UTC 2018 - tchvatal@suse.com -- Up to chromium-68.0.3440.68 +- Version update to 67.0.3396.99: + * Various small feature fixes, no security ------------------------------------------------------------------- -Mon Jul 16 14:47:15 UTC 2018 - tchvatal@suse.com +Fri Jun 15 19:51:32 UTC 2018 - tchvatal@suse.com -- Up to 68.0.3440.59 +- Add patch to build under gcc8: + * chromium-gcc8.patch ------------------------------------------------------------------- -Fri Jun 29 09:04:00 UTC 2018 - tchvatal@suse.com +Wed Jun 13 09:26:43 UTC 2018 - security@suse.com -- Up to 68.0.3440.42 +- Chromium 67.0.3396.87: + * CVE-2018-6149: Out of bounds write in V8 (boo#1097452) ------------------------------------------------------------------- -Fri Jun 22 08:01:33 UTC 2018 - tchvatal@suse.com +Thu Jun 7 12:23:26 UTC 2018 - astieger@suse.com -- Bump 68.0.3440.33 +- Chromium 67.0.3396.79: + * CVE-2018-6148: Incorrect handling of CSP header (boo#1096508) ------------------------------------------------------------------- -Fri Jun 15 08:56:09 UTC 2018 - tchvatal@suse.com +Fri Jun 1 17:45:46 UTC 2018 - tchvatal@suse.com -- Up to 68.0.3440.25 +- Require ffmpeg >= 4.0 bsc#1095545 ------------------------------------------------------------------- -Sun Jun 10 09:24:57 UTC 2018 - tchvatal@suse.com +Wed May 30 11:18:13 UTC 2018 - tchvatal@suse.com -- Up to 68.0.3440.17 +- Update to 67.0.3396.62 bsc#1095163 + * CVE-2018-6123: Use after free in Blink. + * CVE-2018-6124: Type confusion in Blink. + * CVE-2018-6125: Overly permissive policy in WebUSB. + * CVE-2018-6126: Heap buffer overflow in Skia. + * CVE-2018-6127: Use after free in indexedDB. + * CVE-2018-6128: uXSS in Chrome on iOS. + * CVE-2018-6129: Out of bounds memory access in WebRTC. + * CVE-2018-6130: Out of bounds memory access in WebRTC. + * CVE-2018-6131: Incorrect mutability protection in WebAssembly. + * CVE-2018-6132: Use of uninitialized memory in WebRTC. + * CVE-2018-6133: URL spoof in Omnibox. + * CVE-2018-6134: Referrer Policy bypass in Blink. + * CVE-2018-6135: UI spoofing in Blink. + * CVE-2018-6136: Out of bounds memory access in V8. + * CVE-2018-6137: Leak of visited status of page in Blink. + * CVE-2018-6138: Overly permissive policy in Extensions. + * CVE-2018-6139: Restrictions bypass in the debugger extension API. + * CVE-2018-6140: Restrictions bypass in the debugger extension API. + * CVE-2018-6141: Heap buffer overflow in Skia. + * CVE-2018-6142: Out of bounds memory access in V8. + * CVE-2018-6143: Out of bounds memory access in V8. + * CVE-2018-6144: Out of bounds memory access in PDFium. + * CVE-2018-6145: Incorrect escaping of MathML in Blink. + * CVE-2018-6147: Password fields not taking advantage of OS protections in Views. +- Add patches to build on aarch and remove obsolete one: + * chromium-crashpad-aarch64-fix.patch + * chromium-skia-aarch64-buildfix.patch + * chromium-65.0.3325.162-skia-aarch64-buildfix.patch + * chromium-skia-neon.patch +- Remove no longer needed gcc patch: + * chromium-gcc7.patch +- Rebase patches: + * chromium-non-void-return.patch + * chromium-vaapi.patch + * exclude_ymp.patch + * fix_building_widevinecdm_with_chromium.patch ------------------------------------------------------------------- -Mon May 28 10:33:56 UTC 2018 - tchvatal@suse.com +Sat May 26 23:01:20 UTC 2018 - astieger@suse.com -- Up to 68.0.3438.3 +- on SLE 12 with SUSE PackageHub 12, do not require the SDK for + libwebpmux1 (bsc#1070421) ------------------------------------------------------------------- -Fri May 18 14:06:56 UTC 2018 - tchvatal@suse.com +Sat May 26 07:08:04 UTC 2018 - astieger@suse.com -- Up to 68.0.3432.3 +- Fix installation issue on SUSE PackageHub 12 with libminizip1 + (bsc#1093031) ------------------------------------------------------------------- -Tue May 15 13:53:14 UTC 2018 - guillaume.gardet@opensuse.org +Wed May 16 07:05:32 UTC 2018 - astieger@suse.com -- Fix AArch64 build with chromium-crashpad-aarch64-fix.patch +- Chromium 66.0.3359.181: + * Autoplay: Force enable on desktop for Web Audio ------------------------------------------------------------------- -Wed May 9 09:11:46 UTC 2018 - tchvatal@suse.com +Fri May 11 12:10:44 UTC 2018 - astieger@suse.com -- Up to 68.0.3423.2 -- Refresh patch chromium-master-prefs-path.patch +- Chromium 66.0.3359.170 (bsc#1092923): + * Chain leading to sandbox escape: + CVE-2018-6121: Privilege Escalation in extensions + CVE-2018-6122: Type confusion in V8 + * CVE-2018-6120: Heap buffer overflow in PDFium + * Various fixes from internal audits, fuzzing and other + initiatives ------------------------------------------------------------------- -Wed May 9 08:38:02 UTC 2018 - guillaume.gardet@opensuse.org +Wed May 9 08:36:30 UTC 2018 - tchvatal@suse.com -- Fix AArch64 build with chromium-skia-aarch64-buildfix.patch +- Add patch chromium-skia-system-fontconfig.patch to fix + bsc#1092272 ------------------------------------------------------------------- -Wed May 9 08:34:37 UTC 2018 - tchvatal@suse.com - -- Add patch chromium-skia-system-fontconfig.patch bsc#1092272 -- Up to 67.0.3393.30 - -------------------------------------------------------------------- -Wed May 9 07:53:48 UTC 2018 - guillaume.gardet@opensuse.org +Fri May 4 06:53:49 UTC 2018 - guillaume.gardet@opensuse.org - Enable build on AArch64 - Fix build on AArch64: * set target_cpu to arm64 * disable tcmalloc and swiftshader for aarch64 + * Add new patches: + - chromium-65.0.3325.162-skia-aarch64-buildfix.patch + - chromium-skia-neon.patch ------------------------------------------------------------------- -Wed Apr 25 14:59:25 UTC 2018 - tchvatal@suse.com +Fri Apr 27 08:22:18 UTC 2018 - tchvatal@suse.com -- Up to chromium-67.0.3396.18 +- chromium 66.0.3359.139: + * CVE-2018-6118: Use after free in Media Cache (bsc#1091288) + * drop add-missing-blink-tools.patch, now in tarball again ------------------------------------------------------------------- -Thu Apr 12 09:10:48 UTC 2018 - tchvatal@suse.com +Wed Apr 18 09:14:21 UTC 2018 - tchvatal@suse.com -- Up to 67.0.3393.4 -- Refresh patch exclude_ymp.patch +- Version bump to chromium 66.0.3359.117 bsc#1090000: + * CVE-2018-6085: Use after free in Disk Cache + * CVE-2018-6086: Use after free in Disk Cache + * CVE-2018-6087: Use after free in WebAssembly + * CVE-2018-6088: Use after free in PDFium + * CVE-2018-6089: Same origin policy bypass in Service Worker + * CVE-2018-6090: Heap buffer overflow in Skia + * CVE-2018-6091: Incorrect handling of plug-ins by Service Worker + * CVE-2018-6092: Integer overflow in WebAssembly + * CVE-2018-6093: Same origin bypass in Service Worker + * CVE-2018-6094: Exploit hardening regression in Oilpan + * CVE-2018-6095: Lack of meaningful user interaction requirement before file upload + * CVE-2018-6096: Fullscreen UI spoof + * CVE-2018-6097: Fullscreen UI spoof + * CVE-2018-6098: URL spoof in Omnibox + * CVE-2018-6099: CORS bypass in ServiceWorker + * CVE-2018-6100: URL spoof in Omnibox + * CVE-2018-6101: Insufficient protection of remote debugging prototol in DevTools + * CVE-2018-6102: URL spoof in Omnibox + * CVE-2018-6103: UI spoof in Permissions + * CVE-2018-6104: URL spoof in Omnibox + * CVE-2018-6105: URL spoof in Omnibox + * CVE-2018-6106: Incorrect handling of promises in V8 + * CVE-2018-6107: URL spoof in Omnibox + * CVE-2018-6108: URL spoof in Omnibox + * CVE-2018-6109: Incorrect handling of files by FileAPI + * CVE-2018-6110: Incorrect handling of plaintext files via file:// + * CVE-2018-6111: Heap-use-after-free in DevTools + * CVE-2018-6112: Incorrect URL handling in DevTools + * CVE-2018-6113: URL spoof in Navigation + * CVE-2018-6114: CSP bypass + * CVE-2018-6115: SmartScreen bypass in downloads + * CVE-2018-6116: Incorrect low memory handling in WebAssembly + * CVE-2018-6117: Confusing autofill settings + * Various fixes from internal audits, fuzzing and other initiatives +- Remove obsolete patches: + * chromium-compiler.patch + * chromium-glibc-2.27.patch + * chromium-vaapi-init.patch + * exclude_ymp.diff + * fix-gn-bootstrap.diff + * fix_network_api_crash.patch + * mojo.patch +- Add new patches: + * chromium-ffmpeg.patch + * chromium-gcc7.patch + * exclude_ymp.patch + * fix-gn-bootstrap.patch +- Rebase patches: + * chromium-master-prefs-path.patch + * chromium-non-void-return.patch + * chromium-sandbox-pie.patch + * chromium-vaapi.patch +- Add patch to fix missing folder from tarball: + * add-missing-blink-tools.patch ------------------------------------------------------------------- -Wed Apr 4 11:49:20 UTC 2018 - tchvatal@suse.com +Sun Apr 8 10:49:06 UTC 2018 - tchvatal@suse.com -- Bump to 67.0.3386.1 +- Add vaapi patches: + * chromium-vaapi-init.patch + * chromium-vaapi.patch ------------------------------------------------------------------- -Wed Mar 28 12:37:50 UTC 2018 - tchvatal@suse.com +Fri Apr 6 12:54:24 UTC 2018 - tchvatal@suse.com -- Bump to 67.0.3381.1 +- Use memory-constraints package to limit threads as needed ------------------------------------------------------------------- -Fri Mar 23 12:01:52 UTC 2018 - tchvatal@suse.com +Wed Mar 21 06:31:27 UTC 2018 - astieger@suse.com -- Bump to 67.0.3377.1 +- Update to Chromium 65.0.3325.181: + * Various security relevant fixes from internal audits, fuzzing + and other initiatives (boo#1086124) ------------------------------------------------------------------- -Tue Mar 20 10:19:55 UTC 2018 - tchvatal@suse.com +Tue Mar 20 12:33:53 UTC 2018 - tchvatal@suse.com -- Bump to 67.0.3371.0 -- Remove no longer needed chromium-gcc7.patch -- Rebase fix_building_widevinecdm_with_chromium.patch to allow - widevine builds +- Use both freetype and harfbuzz either bundled or system ------------------------------------------------------------------- -Tue Mar 20 10:14:15 UTC 2018 - tchvatal@suse.com +Wed Mar 14 14:18:35 UTC 2018 - tchvatal@suse.com -- Bump to 66.0.3359.33 +- Version update to 65.0.3325.162: + * Various stability fixes only ------------------------------------------------------------------- -Wed Mar 14 14:19:21 UTC 2018 - tchvatal@suse.com +Wed Mar 14 09:00:37 UTC 2018 - tchvatal@suse.com -- Version bump to 66.0.3359.26 +- Bundle the harfbuzz on < 15.0 release as we would have to + use requires_ge for the library itself later on otherwise ------------------------------------------------------------------- -Wed Mar 14 13:32:18 UTC 2018 - tchvatal@suse.com +Fri Mar 9 09:10:01 UTC 2018 - tchvatal@suse.com -- Bump the requirement for the clang version +- Make sure to require gcc7 +- Add patch chromium-drm.patch to make sure to build with Leap 42.3 + variant of libdrm ------------------------------------------------------------------- -Wed Mar 14 09:01:33 UTC 2018 - tchvatal@suse.com +Thu Mar 8 09:00:54 UTC 2018 - tchvatal@suse.com -- Conditionalize harfbuzz switch +- Version update to 65.0.3325.146 bsc#1084296: + * High CVE-2017-11215: Use after free in Flash. + * High CVE-2017-11225: Use after free in Flash. + * High CVE-2018-6060: Use after free in Blink. + * High CVE-2018-6061: Race condition in V8. + * High CVE-2018-6062: Heap buffer overflow in Skia. + * High CVE-2018-6057: Incorrect permissions on shared memory. + * High CVE-2018-6063: Incorrect permissions on shared memory. + * High CVE-2018-6064: Type confusion in V8. + * High CVE-2018-6065: Integer overflow in V8. + * Medium CVE-2018-6066: Same Origin Bypass via canvas. + * Medium CVE-2018-6067: Buffer overflow in Skia. + * Medium CVE-2018-6068: Object lifecycle issues in Chrome Custom Tab. + * Medium CVE-2018-6069: Stack buffer overflow in Skia. + * Medium CVE-2018-6070: CSP bypass through extensions. + * Medium CVE-2018-6071: Heap bufffer overflow in Skia. + * Medium CVE-2018-6072: Integer overflow in PDFium. + * Medium CVE-2018-6073: Heap bufffer overflow in WebGL. + * Medium CVE-2018-6074: Mark-of-the-Web bypass. + * Medium CVE-2018-6075: Overly permissive cross origin downloads. + * Medium CVE-2018-6076: Incorrect handling of URL fragment identifiers in Blink. + * Medium CVE-2018-6077: Timing attack using SVG filters. + * Medium CVE-2018-6078: URL Spoof in OmniBox. + * Medium CVE-2018-6079: Information disclosure via texture data in WebGL. + * Medium CVE-2018-6080: Information disclosure in IPC call. + * Low CVE-2018-6081: XSS in interstitials. + * Low CVE-2018-6082: Circumvention of port blocking. + * Low CVE-2018-6083: Incorrect processing of AppManifests. +- Add new patches: + * chromium-compiler.patch + * chromium-glibc-2.27.patch + * mojo.patch +- Drop patches: + * chromium-angle.patch + * chromium-memcpy.patch +- Update constraints +- Refresh patch chromium-non-void-return.patch to include more + fixes ------------------------------------------------------------------- -Mon Mar 12 10:18:18 UTC 2018 - tchvatal@suse.com +Sat Feb 24 19:02:51 UTC 2018 - astieger@suse.com -- Update to 66.0.3359.22 +- Chromium 64.0.3282.186: + * Various minor bug fixes ------------------------------------------------------------------- -Fri Mar 9 11:20:35 UTC 2018 - tchvatal@suse.com +Wed Feb 14 08:16:34 UTC 2018 - astieger@suse.com -- Apply patches using %autopatch -- Add patch to build with gcc7 properly chromium-gcc7.patch -- Drop patch chromium-sandbox-pie.patch as we have pie default now -- Add patch to build with leap variant of drm chromium-drm.patch +- update to 64.0.3282.167 (bsc#1080920): + * CVE-2018-6056: Incorrect derived class instantiation in V8 ------------------------------------------------------------------- -Wed Mar 7 12:11:45 UTC 2018 - tchvatal@suse.com +Fri Feb 2 11:16:23 UTC 2018 - tchvatal@suse.com -- Add patch to build ffmpeg from system chromium-ffmpeg.patch - -------------------------------------------------------------------- -Wed Mar 7 10:30:24 UTC 2018 - tchvatal@suse.com - -- Up to 66.0.3355.0 -- Disable clang by default again - -------------------------------------------------------------------- -Tue Feb 27 09:35:21 UTC 2018 - tchvatal@suse.com - -- Up to 66.0.3350.0 - -------------------------------------------------------------------- -Thu Feb 15 09:08:22 UTC 2018 - tchvatal@suse.com - -- Drop patch fix_network_api_crash.patch - -------------------------------------------------------------------- -Mon Feb 12 10:10:58 UTC 2018 - tchvatal@suse.com - -- Bump to 66.0.3343.3 - -------------------------------------------------------------------- -Wed Feb 7 13:58:33 UTC 2018 - tchvatal@suse.com - -- Bump to 65.0.3325.51 - -------------------------------------------------------------------- -Tue Feb 6 12:00:36 UTC 2018 - tchvatal@suse.com - -- Disable gconf support +- Version update to 64.0.3282.140 bsc#1079021: + * Various asan fixes bsc#1078463 CVE-2018-6406 ------------------------------------------------------------------- Fri Feb 2 10:43:48 UTC 2018 - dimstar@opensuse.org @@ -185,9 +326,9 @@ Fri Feb 2 10:43:48 UTC 2018 - dimstar@opensuse.org /proc/meminfo. ------------------------------------------------------------------- -Wed Jan 31 09:45:45 UTC 2018 - tchvatal@suse.com +Mon Jan 29 13:07:38 UTC 2018 - tchvatal@suse.com -- Bump to 65.0.3325.31 +- Fix default page to not point to 404 ------------------------------------------------------------------- Mon Jan 29 12:36:31 UTC 2018 - tchvatal@suse.com @@ -195,296 +336,318 @@ Mon Jan 29 12:36:31 UTC 2018 - tchvatal@suse.com - Install swiftshader objects too as they are needed ------------------------------------------------------------------- -Fri Jan 26 10:12:22 UTC 2018 - tchvatal@suse.com +Fri Jan 26 10:11:22 UTC 2018 - tchvatal@suse.com -- Update to 65.0.3325.18 -- Try to have automatic ozone platform detection +- Disable ozone stuff conditions for now as the headless mode + breaks up runtime bsc#1077722 ------------------------------------------------------------------- -Wed Jan 17 14:28:37 UTC 2018 - tchvatal@suse.com +Thu Jan 25 09:51:59 UTC 2018 - tchvatal@suse.com -- Bump to 65.0.3322.3 +- Switch to gcc7 on Leap builds ------------------------------------------------------------------- -Mon Jan 8 20:12:43 UTC 2018 - tchvatal@suse.com +Thu Jan 25 09:42:51 UTC 2018 - tchvatal@suse.com -- Bump to 65.0.3311.3 -- Drop chromium-63.0.3289.84-fix-ft-hb-unbundle.patch +- Version update to 64.0.3282.119 bsc#1077571: + * High CVE-2018-6031: Use after free in PDFium. Reported by Anonymous on 2017-11-01 + * High CVE-2018-6032: Same origin bypass in Shared Worker. Reported by Jun Kokatsu (@shhnjk) on 2017-11-20 + * High CVE-2018-6033: Race when opening downloaded files. Reported by Juho Nurminen on 2017-12-09 + * Medium CVE-2018-6034: Integer overflow in Blink. Reported by Tobias Klein (www.trapkit.de) on 2017-11-12 + * Medium CVE-2018-6035: Insufficient isolation of devtools from extensions. Reported by Rob Wu on 2017-12-23 + * Medium CVE-2018-6036: Integer underflow in WebAssembly. Reported by The UK's National Cyber Security Centre (NCSC) on 2017-11-30 + * Medium CVE-2018-6037: Insufficient user gesture requirements in autofill. Reported by Paul Stone of Context Information Security on 2017-08-09 + * Medium CVE-2018-6038: Heap buffer overflow in WebGL. Reported by cloudfuzzer on 2017-10-12 + * Medium CVE-2018-6039: XSS in DevTools. Reported by Juho Nurminen on 2017-10-17 + * Medium CVE-2018-6040: Content security policy bypass. Reported by WenXu Wu of Tencent's Xuanwu Lab on 2017-10-26 + * Medium CVE-2018-6041: URL spoof in Navigation. Reported by Luan Herrera on 2017-08-29 + * Medium CVE-2018-6042: URL spoof in OmniBox. Reported by Khalil Zhani on 2017-10-12 + * Medium CVE-2018-6043: Insufficient escaping with external URL handlers. Reported by 0x09AL on 2017-11-16 + * Medium CVE-2018-6045: Insufficient isolation of devtools from extensions. Reported by Rob Wu on 2017-12-23 + * Medium CVE-2018-6046: Insufficient isolation of devtools from extensions. Reported by Rob Wu on 2017-12-31 + * Medium CVE-2018-6047: Cross origin URL leak in WebGL. Reported by Masato Kinugawa on 2018-01-08 + * Low CVE-2018-6048: Referrer policy bypass in Blink. Reported by Jun Kokatsu (@shhnjk) on 2017-09-08 + * Low CVE-2017-15420: URL spoofing in Omnibox. Reported by Drew Springall (@_aaspring_) on 2017-10-05 + * Low CVE-2018-6049: UI spoof in Permissions. Reported by WenXu Wu of Tencent's Xuanwu Lab on 2017-10-13 + * Low CVE-2018-6050: URL spoof in OmniBox. Reported by Jonathan Kew on 2017-10-15 + * Low CVE-2018-6051: Referrer leak in XSS Auditor. Reported by Antonio Sanso (@asanso) on 2014-12-11 + * Low CVE-2018-6052: Incomplete no-referrer policy implementation. Reported by Tanner Emek on 2016-05-28 + * Low CVE-2018-6053: Leak of page thumbnails in New Tab Page. Reported by Asset Kabdenov on 2017-08-23 + * Low CVE-2018-6054: Use after free in WebUI. Reported by Rob Wu on 2017-12-24 +- Add patches: + * chromium-angle.patch + * chromium-memcpy.patch +- Drop patch: + * chromium-gcc.patch +- Change desktop file name to fit bellow the icon on ie KDE desktop ------------------------------------------------------------------- -Tue Jan 2 13:14:43 UTC 2018 - tchvatal@suse.com +Thu Jan 4 20:59:31 UTC 2018 - astieger@suse.com -- add chromium-63.0.3289.84-fix-ft-hb-unbundle.patch to make sure - we use system freetype/harfbuzz +- Chromium 63.0.3239.132: + * DevTools: do not report raw headers and cookies for protected + subresources + * Various other fixes and updates ------------------------------------------------------------------- -Thu Dec 28 18:00:12 UTC 2017 - tchvatal@suse.com +Fri Dec 15 09:28:07 UTC 2017 - tchvatal@suse.com -- Make sure to use system freetype too +- Version update to 63.0.3239.108 bsc#1072976: + * CVE-2017-15429: UXSS in V8 + * Various fuzzing fixes ------------------------------------------------------------------- -Wed Dec 20 15:38:09 UTC 2017 - tchvatal@suse.com +Thu Dec 7 09:41:13 UTC 2017 - tchvatal@suse.com -- Bump 65.0.3298.3 +- Version update to 63.0.3239.84 bsc#1071691: + * Critical CVE-2017-15407: Out of bounds write in QUIC. + * High CVE-2017-15408: Heap buffer overflow in PDFium. + * High CVE-2017-15409: Out of bounds write in Skia. + * High CVE-2017-15410: Use after free in PDFium. + * High CVE-2017-15411: Use after free in PDFium. + * High CVE-2017-15412: Use after free in libXML. + * High CVE-2017-15413: Type confusion in WebAssembly. + * Medium CVE-2017-15415: Pointer information disclosure in IPC call. + * Medium CVE-2017-15416: Out of bounds read in Blink. + * Medium CVE-2017-15417: Cross origin information disclosure in Skia. + * Medium CVE-2017-15418: Use of uninitialized value in Skia. + * Medium CVE-2017-15419: Cross origin leak of redirect URL in Blink. + * Medium CVE-2017-15420: URL spoofing in Omnibox. + * Medium CVE-2017-15422: Integer overflow in ICU. + * Low CVE-2017-15423: Issue with SPAKE implementation in BoringSSL. + * Low CVE-2017-15424: URL Spoof in Omnibox. + * Low CVE-2017-15425: URL Spoof in Omnibox. + * Low CVE-2017-15426: URL Spoof in Omnibox. + * Low CVE-2017-15427: Insufficient blocking of JavaScript in Omnibox. +- Rebase fix-gn-bootstrap.diff +- Drop merged patches: + * chromium-gcc5.patch + * chromium-60.0.3112.113-breakpad-ucontext.patch + * chromium-62.0.3202.62-correct-cplusplus-check.patch +- Add new patches: + * chromium-non-void-return.patch + * chromium-gcc.patch ------------------------------------------------------------------- -Tue Dec 19 09:43:19 UTC 2017 - tchvatal@suse.com - -- Drop chromium-memcpy.patch - -------------------------------------------------------------------- -Mon Dec 18 10:46:25 UTC 2017 - tchvatal@suse.com - -- Drop minizip conditional (was about 42.1) - -------------------------------------------------------------------- -Sun Dec 17 22:52:29 UTC 2017 - tchvatal@suse.com - -- Bump to 65.0.3294.5 - -------------------------------------------------------------------- -Thu Dec 14 14:55:27 UTC 2017 - tchvatal@suse.com - -- Explicitely describe what ozone parts we want - -------------------------------------------------------------------- -Wed Dec 13 09:47:33 UTC 2017 - tchvatal@suse.com - -- Bump to 64.0.3282.24 -- Enable system icu again -- Tweak the deps to match current setup -- Add patch chromium-memcpy.patch - -------------------------------------------------------------------- -Tue Dec 12 12:55:52 UTC 2017 - tchvatal@suse.com - -- Minimize desktop name to not take so much space - -------------------------------------------------------------------- -Sat Dec 9 12:54:27 UTC 2017 - tchvatal@suse.com - -- Bumpyty to 64.0.3282.14 - -------------------------------------------------------------------- -Thu Nov 30 14:32:41 UTC 2017 - tchvatal@suse.com - -- Bumpy to 64.0.3278.0 - -------------------------------------------------------------------- -Wed Nov 22 11:06:47 UTC 2017 - idonmez@suse.com +Wed Nov 22 11:05:42 UTC 2017 - idonmez@suse.com - BuildRequire nodejs8 instead of nodejs6 for suse_version >= 1330 ------------------------------------------------------------------- -Sun Nov 19 11:25:52 UTC 2017 - tchvatal@suse.com - -- Drop chromium-64.0.3253.3-gpu_lists_version.h.patch -- Drop chromium-gcc.patch - -------------------------------------------------------------------- -Sun Nov 19 11:20:20 UTC 2017 - tchvatal@suse.com - -- Up to 64.0.3269.3 - -------------------------------------------------------------------- -Wed Nov 15 14:42:55 UTC 2017 - astieger@suse.com +Wed Nov 15 14:56:24 UTC 2017 - astieger@suse.com +- Update to 62.0.3202.94: + * multiple minor rendering related fixes - fix rebuilds in same chroot ------------------------------------------------------------------- -Wed Nov 8 21:33:56 UTC 2017 - tchvatal@suse.com +Tue Nov 7 10:12:28 UTC 2017 - tchvatal@suse.com -- Add patch chromium-non-void-return.patch +- Version update to 62.0.3202.89 bsc#1066851: + * CVE-2017-15398: Stack buffer overflow in QUIC + * CVE-2017-15399: Use after free in V8 +- Drop upstream merged chromium-sandbox.patch ------------------------------------------------------------------- -Tue Nov 7 09:41:07 UTC 2017 - tchvatal@suse.com +Fri Nov 3 12:40:33 UTC 2017 - tchvatal@suse.com -- Add patch chromium-64.0.3253.3-gpu_lists_version.h.patch +- Restrict the version on jpeg to not waste build power ------------------------------------------------------------------- -Sat Nov 4 09:38:27 UTC 2017 - tchvatal@suse.com +Sun Oct 29 08:18:37 UTC 2017 - tchvatal@suse.com -- Bump to 64.0.3253.3 +- Add patch to fix sandbox crashes wrt bsc#1064298 + * chromium-sandbox.patch ------------------------------------------------------------------- -Fri Nov 3 11:41:40 UTC 2017 - tchvatal@suse.com +Fri Oct 27 09:17:02 UTC 2017 - tchvatal@suse.com -- Update to 64.0.3251.0 +- Version update to 62.0.3202.75 bsc#1065405 CVE-2017-15396 + * CVE-2017-15396: Stack overflow in V8 ------------------------------------------------------------------- -Thu Nov 2 20:46:57 UTC 2017 - tchvatal@suse.com +Thu Oct 26 12:09:53 UTC 2017 - astieger@suse.com -- Fix the tarball unpacking to unroll all the required content -- Update to 63.0.3239.30 +- BuildRequire nodejs6 required for polymer-bundler.js ------------------------------------------------------------------- -Wed Oct 25 18:24:16 UTC 2017 - tchvatal@suse.com +Thu Oct 26 09:19:09 UTC 2017 - tchvatal@suse.com -- Drop patch chromium-60.0.3112.113-breakpad-ucontext.patch -- Drop patch chromium-sysroot.patch +- Try to export properly CXX/CC variable to fix leap builds ------------------------------------------------------------------- -Wed Oct 11 09:04:46 UTC 2017 - tchvatal@suse.com +Wed Oct 25 17:52:44 UTC 2017 - tchvatal@suse.com -- Bump to 63.0.3236.0 +- Apply patch to fix building crc32 with gcc7: + * chromium-62.0.3202.62-correct-cplusplus-check.patch ------------------------------------------------------------------- -Mon Oct 9 11:42:16 UTC 2017 - tchvatal@suse.com +Thu Oct 19 03:29:56 UTC 2017 - tchvatal@suse.com -- Bump to 63.0.3230.0 - -------------------------------------------------------------------- -Mon Oct 2 10:10:10 UTC 2017 - tchvatal@suse.com - -- Update to 63.0.3223.8 -- Rebase fix-gn-boostrap.diff -- Remove chromium-gcc5.patch - -------------------------------------------------------------------- -Sat Sep 16 15:51:04 UTC 2017 - tchvatal@suse.com - -- Bump to 63.0.3218.0 -- Rebase fix-gn-bootstrap.diff -- Add chromium-sysroot.patch - -------------------------------------------------------------------- -Wed Sep 13 07:51:50 UTC 2017 - tchvatal@suse.com - -- Version update to 62.0.3202.18 - -------------------------------------------------------------------- -Sun Sep 10 09:46:36 UTC 2017 - tchvatal@suse.com - -- Update to latest -- Switch to system libxml again -- Add more folders to be kept in archive - -------------------------------------------------------------------- -Wed Sep 6 13:16:14 UTC 2017 - tchvatal@suse.com - -- Build with gcc6 on leap as we now require --stdc-14 - -------------------------------------------------------------------- -Wed Sep 6 12:55:30 UTC 2017 - tchvatal@suse.com - -- Add patch to build with new glibc: - * chromium-60.0.3112.113-breakpad-ucontext.patch - -------------------------------------------------------------------- -Mon Sep 4 12:11:32 UTC 2017 - tchvatal@suse.com - -- Bump to 62.0.3198.0: - * fix-gn-bootstrap.diff - -------------------------------------------------------------------- -Wed Aug 23 12:40:57 UTC 2017 - tchvatal@suse.com - -- Bump to 62.0.3192.0 -- Rebase patch chromium-prop-codecs.patch - -------------------------------------------------------------------- -Mon Aug 21 09:29:23 UTC 2017 - tchvatal@suse.com - -- Bump to 62.0.3188.2 -- Rebase fix-gn-bootstrap.diff -- Remove arm patches as we exclude it for now: +- Update to 62.0.3202.62 bsc#1064066: + * CVE-2017-5124: UXSS with MHTML. + * CVE-2017-5125: Heap overflow in Skia. + * CVE-2017-5126: Use after free in PDFium. + * CVE-2017-5127: Use after free in PDFium. + * CVE-2017-5128: Heap overflow in WebGL. + * CVE-2017-5129: Use after free in WebAudio. + * CVE-2017-5132: Incorrect stack manipulation in WebAssembly. + * CVE-2017-5130: Heap overflow in libxml2. + * CVE-2017-5131: Out of bounds write in Skia. + * CVE-2017-5133: Out of bounds write in Skia. + * CVE-2017-15386: UI spoofing in Blink. + * CVE-2017-15387: Content security bypass. + * CVE-2017-15388: Out of bounds read in Skia. + * CVE-2017-15389: URL spoofing in OmniBox. + * CVE-2017-15390: URL spoofing in OmniBox. + * CVE-2017-15391: Extension limitation bypass in Extensions. + * CVE-2017-15392: Incorrect registry key handling in PlatformIntegration. + * CVE-2017-15393: Referrer leak in Devtools. + * CVE-2017-15394: URL spoofing in extensions UI. + * CVE-2017-15395: Null pointer dereference in ImageCapture. +- Drop unused patches: * arm-webrtc-fix.patch * arm_use_right_compiler.patch -- Add patch chromium-gcc5.patch - -------------------------------------------------------------------- -Fri Aug 11 09:37:10 UTC 2017 - tchvatal@suse.com - -- Bump to 62.0.3178.0 -- Add patch chromium-system-zlib.patch -- Rebase patch fix-gn-bootstrap.diff -- Rebase exclude_ymp.diff -- Drop gcc60-fixes.diff as the toolchain was changed - -------------------------------------------------------------------- -Sun Aug 6 07:18:26 UTC 2017 - tchvatal@suse.com - -- Bump to 62.0.3175.4 - -------------------------------------------------------------------- -Sun Aug 6 07:12:01 UTC 2017 - tchvatal@suse.com - -- Bump to 61.0.3163.31 -- Remove condition for gtk3, hard on from now on -- Bump version requirement on nodejs - -------------------------------------------------------------------- -Thu Jul 27 19:42:42 UTC 2017 - tchvatal@suse.com - -- Bump to 61.0.3163.13 -- Rebase fix-gn-bootstrap.diff - -------------------------------------------------------------------- -Thu Jul 20 12:33:20 UTC 2017 - tchvatal@suse.com - -- Refresh patches: - * fix-gn-bootstrap.diff + * chromium-46.0.2490.71-fix-missing-i18n_process_css_test.patch + * chromium-atk.patch + * chromium-mojo-dep.patch * gcc60-fixes.diff +- Refresh patches: + * chromium-gcc5.patch + * chromium-prop-codecs.patch + * exclude_ymp.diff + * fix-gn-bootstrap.diff ------------------------------------------------------------------- -Wed Jul 19 15:14:56 UTC 2017 - tchvatal@suse.com +Fri Sep 22 14:50:40 UTC 2017 - astieger@suse.com -- Bump to 61.0.3159.5 -- Use system libcxx -- Refresh patch fix-gn-bootstrap.diff +- Update to 61.0.3163.100 (boo#1060019): + * CVE-2017-5121: Out-of-bounds access in V8 + * CVE-2017-5122: Out-of-bounds access in V8 + * Various fixes from internal audits, fuzzing and other initiatives ------------------------------------------------------------------- -Mon Jul 17 07:53:34 UTC 2017 - tchvatal@suse.com +Sat Sep 16 15:50:19 UTC 2017 - tchvatal@suse.com -- Recommend emoji fonts for various communicators to not display +- Update to 61.0.3163.91: + * Various bugfixes + +------------------------------------------------------------------- +Mon Sep 11 08:45:35 UTC 2017 - tchvatal@suse.com + +- Update to 61.0.3163.79 bsc#1057364: + * CVE-2017-5111: Use after free in PDFium. + * CVE-2017-5112: Heap buffer overflow in WebGL. + * CVE-2017-5113: Heap buffer overflow in Skia. + * CVE-2017-5114: Memory lifecycle issue in PDFium. + * CVE-2017-5115: Type confusion in V8. + * CVE-2017-5116: Type confusion in V8. + * CVE-2017-5117: Use of uninitialized value in Skia. + * CVE-2017-5118: Bypass of Content Security Policy in Blink. + * CVE-2017-5119: Use of uninitialized value in Skia. + * CVE-2017-5120: Potential HTTPS downgrade during redirect navigation. +- Rebase patch: + * fix-gn-bootstrap.diff +- Remove patches: + * chromium-gcc7.patch + * chromium-override.patch +- Add new patches: + * chromium-atk.patch + * chromium-gcc5.patch + * chromium-mojo-dep.patch +- Gtk3 is hard required from now on +- Version some of the required dependencies + +------------------------------------------------------------------- +Mon Aug 28 22:57:05 UTC 2017 - astieger@suse.com + +- fix build with Factory glibc: + add chromium-60.0.3112.113-breakpad-ucontext.patch + +------------------------------------------------------------------- +Fri Aug 25 09:17:27 UTC 2017 - tchvatal@suse.com + +- Version update to 60.0.3112.113: + * Various bugfixes + +------------------------------------------------------------------- +Tue Aug 15 15:17:00 UTC 2017 - tchvatal@suse.com + +- Version update to 60.0.3112.101: + * various usability bugfixes + +------------------------------------------------------------------- +Thu Aug 3 13:25:33 UTC 2017 - tchvatal@suse.com + +- Version update to 60.0.3112.90: + * Various usability bugfixes + +------------------------------------------------------------------- +Wed Jul 26 13:27:55 UTC 2017 - tchvatal@suse.com + +- Version update to 60.0.3112.78 bsc#1050537: + * CVE-2017-5091: Use after free in IndexedDB + * CVE-2017-5092: Use after free in PPAPI + * CVE-2017-5093: UI spoofing in Blink + * CVE-2017-5094: Type confusion in extensions + * CVE-2017-5095: Out-of-bounds write in PDFium + * CVE-2017-5096: User information leak via Android intents + * CVE-2017-5097: Out-of-bounds read in Skia + * CVE-2017-5098: Use after free in V8 + * CVE-2017-5099: Out-of-bounds write in PPAPI + * CVE-2017-5100: Use after free in Chrome Apps + * CVE-2017-5101: URL spoofing in OmniBox + * CVE-2017-5102: Uninitialized use in Skia + * CVE-2017-5103: Uninitialized use in Skia + * CVE-2017-5104: UI spoofing in browser + * CVE-2017-7000: Pointer disclosure in SQLite + * CVE-2017-5105: URL spoofing in OmniBox + * CVE-2017-5106: URL spoofing in OmniBox + * CVE-2017-5107: User information leak via SVG + * CVE-2017-5108: Type confusion in PDFium + * CVE-2017-5109: UI spoofing in browser + * CVE-2017-5110: UI spoofing in payments dialog + * Various fixes from internal audits, fuzzing and other initiatives +- Add patch chromium-override.patch +- Remove patches chromium-fpermissive.patch chromium-system-ffmpeg-r3.patch +- Rebase patches: + * chromium-dma-buf.patch + * chromium-gcc7.patch + * chromium-last-commit-position-r0.patch + * fix-gn-bootstrap.diff + +------------------------------------------------------------------- +Mon Jul 24 09:01:07 UTC 2017 - tchvatal@suse.com + +- Recommend emoji fonts to make sure major web chats do not show questionmarks -------------------------------------------------------------------- -Thu Jul 13 07:52:52 UTC 2017 - tchvatal@suse.com +------------------------------------------------------------------ +Wed Jun 28 19:27:55 UTC 2017 - tchvatal@suse.com -- Bump to 61.0.3153.4 -- Refresh patch fix-gn-bootstrap.diff +- Update to 59.0.3071.115: + * Various small fixes all around ------------------------------------------------------------------- -Thu Jun 29 07:07:53 UTC 2017 - tchvatal@suse.com +Fri Jun 23 07:46:48 UTC 2017 - astieger@suse.com -- Remove already applied patch chromium-gcc7.patch +- Update to 59.0.3071.109: + * ozone/drm: Only reuse ScanoutBuffers with compatible modifiers + * Fixing mouse focus on WebView + * Remove gtk dependency from gles tests + * Set build flag when using own FreeType + * Revert of [scheduler] Move some task types to suspendable task runner + * Fix an incorrect method name on the chrome://site-engagement WebUI page + * Linux/Windows: Removing Guest menu item for supervised profile ------------------------------------------------------------------- -Tue Jun 27 17:59:45 UTC 2017 - tchvatal@suse.com +Fri Jun 16 12:12:56 UTC 2017 - astieger@suse.com -- require nss >= 3.26 -- Update to 61.0.3141.7 -- Refresh fix-gn-bootstrap.diff - -------------------------------------------------------------------- -Thu Jun 22 08:46:57 UTC 2017 - tchvatal@suse.com - -- Drop merged patch chromium-system-icu.patch -- Refresh patch fix-gn-bootstrap.diff - -------------------------------------------------------------------- -Wed Jun 21 17:06:27 UTC 2017 - tchvatal@suse.com - -- Version update to 61.0.3135.4 - -------------------------------------------------------------------- -Thu Jun 15 08:26:29 UTC 2017 - tchvatal@suse.com - -- Update to 61.0.3128.3 -- Add patch chromium-system-icu.patch - -------------------------------------------------------------------- -Sat Jun 10 14:05:13 UTC 2017 - tchvatal@suse.com - -- Update to 61.0.3124.4 -- Refresh patch fix-gn-bootstrap.diff -- Drop patch chromium-override.patch merged upstream - -------------------------------------------------------------------- -Fri Jun 9 12:11:47 UTC 2017 - tchvatal@suse.com - -- Bump to 60.0.3112.24 +- Update to 59.0.3071.104 (bsc#1044690): + * CVE-2017-5087: Sandbox Escape in IndexedDB + * CVE-2017-5088: Out of bounds read in V8 + * CVE-2017-5089: Domain spoofing in Omnibox + * Various fixes from internal audits, fuzzing and other initiatives ------------------------------------------------------------------- Thu Jun 8 14:56:42 UTC 2017 - tchvatal@suse.com @@ -492,104 +655,56 @@ Thu Jun 8 14:56:42 UTC 2017 - tchvatal@suse.com - Add patch chromium-buildname.patch bsc#1043420 ------------------------------------------------------------------- -Wed Jun 7 09:10:40 UTC 2017 - tchvatal@suse.com +Tue Jun 6 07:53:53 UTC 2017 - tchvatal@suse.com -- Update to 60.0.3112.20 - -------------------------------------------------------------------- -Tue Jun 6 10:56:24 UTC 2017 - tchvatal@suse.com - -- Drop patch chromium-system-icu.patch - * Use bundled icu as system is unbuildable at the moment - -------------------------------------------------------------------- -Mon Jun 5 12:23:26 UTC 2017 - tchvatal@suse.com - -- Bump to 60.0.3112.7 -- Add patch for gcc7 chromium-gcc7.patch -- Add patch to build with gcc chromium-override.patch -- Add patch to build with system icu 59 chromium-system-icu.patch - -------------------------------------------------------------------- -Wed May 31 14:23:42 UTC 2017 - tchvatal@suse.com - -- Update to upstream 60.0.3112.7 - * Refresh patch fix-gn-bootstrap.diff -- Remove upstream merged chromium-system-harfbuzz.patch - -------------------------------------------------------------------- -Wed May 24 12:22:27 UTC 2017 - tchvatal@suse.com - -- Update 60.0.3107.4 -- Refresh patch chromium-last-commit-position-r0.patch -- Remove upstreamed chromium-system-ffmpeg-r3.patch -- Remove upstreamed chromium-system-opus.patch -- Remove upstreamed chromium-system-libpng.patch -- Remove upstreamed chromium-system-libwebp.patch -- Update fix-gn-bootstrap.diff -- Add patch chromium-system-harfbuzz.patch - -------------------------------------------------------------------- -Thu May 18 10:31:53 UTC 2017 - tchvatal@suse.com - -- Version update to 60.0.3100.0 -- Add patches: - * chromium-system-libpng.patch - * chromium-system-libwebp.patch - -------------------------------------------------------------------- -Wed May 17 09:22:27 UTC 2017 - tchvatal@suse.com - -- Export gcc standard version to fix build on older releases - * Needed for vulcan - -------------------------------------------------------------------- -Fri May 12 11:25:49 UTC 2017 - tchvatal@suse.com - -- Update to 60.0.3095.5 -- Update patch: - * fix-gn-bootstrap.diff - -------------------------------------------------------------------- -Sat May 6 08:50:17 UTC 2017 - tchvatal@suse.com - -- Switch to system opus and yasm - -------------------------------------------------------------------- -Fri May 5 12:11:38 UTC 2017 - tchvatal@suse.com - -- Update to 60.0.3088.3 -- Update patch: - * fix-gn-bootstrap.diff - * chromium-dma-buf.patch - -------------------------------------------------------------------- -Thu May 4 12:52:01 UTC 2017 - tchvatal@suse.com - -- Version update to 60.0.3080.5 -- Refresh patch: +- Update to 59.0.3071.86 bsc#1042833: + * CVE-2017-5070: Type confusion in V8. Reported by Zhao Qixun(@S0rryMybad) of Qihoo 360 Vulcan Team on 2017-05-16 + * CVE-2017-5071: Out of bounds read in V8. Reported by Choongwoo Han on 2017-04-26 + * CVE-2017-5072: Address spoofing in Omnibox. Reported by Rayyan Bijoora on 2017-04-07 + * CVE-2017-5073: Use after free in print preview. Reported by Khalil Zhani on 2017-04-28 + * CVE-2017-5074: Use after free in Apps Bluetooth. Reported by anonymous on 2017-03-09 + * CVE-2017-5075: Information leak in CSP reporting. Reported by Emmanuel Gil Peyrot on 2017-01-05 + * CVE-2017-5086: Address spoofing in Omnibox. Reported by Rayyan Bijoora on 2017-05-16 + * CVE-2017-5076: Address spoofing in Omnibox. Reported by Samuel Erb on 2017-05-06 + * CVE-2017-5077: Heap buffer overflow in Skia. Reported by Sweetchip on 2017-04-28 + * CVE-2017-5078: Possible command injection in mailto handling. Reported by Jose Carlos Exposito Bueno on 2017-04-12 + * CVE-2017-5079: UI spoofing in Blink. Reported by Khalil Zhani on 2017-04-20 + * CVE-2017-5080: Use after free in credit card autofill. Reported by Khalil Zhani on 2017-04-05 + * CVE-2017-5081: Extension verification bypass. Reported by Andrey Kovalev (@L1kvID) Yandex Security Team on 2016-12-07 + * CVE-2017-5082: Insufficient hardening in credit card editor. Reported by Nightwatch Cybersecurity Research on 2017-05-11 + * CVE-2017-5083: UI spoofing in Blink. Reported by Khalil Zhani on 2017-04-24 + * CVE-2017-5085: Inappropriate javascript execution on WebUI pages. Reported by Zhiyang Zeng of Tencent security platform department on 2017-02-15 +- Add patch to fix build with system dma: * chromium-dma-buf.patch +- Drop no longer needed patches: + * chromium-linker-memory.patch + * chromium-system-jinja-r13.patch +- Refresh patches: + * chromium-gcc7.patch + * chromium-system-ffmpeg-r3.patch * fix-gn-bootstrap.diff +- Use bundled libxml + * Upstream unfortunately uses git snapshot that is not api/abi compatible ------------------------------------------------------------------- -Fri Apr 28 18:40:01 UTC 2017 - tchvatal@suse.com +Mon Jun 5 12:55:22 UTC 2017 - tchvatal@suse.com -- Use bundled libxml (they have git snapshot :/) +- Add patch to build with gcc7: + * chromium-gcc7.patch +- Add patch for fpermissive build error: + * chromium-fpermissive.patch ------------------------------------------------------------------- -Fri Apr 28 18:21:44 UTC 2017 - tchvatal@suse.com +Wed May 10 07:43:46 UTC 2017 - tchvatal@suse.com -- Add more bundled folders +- Version update to 58.0.3029.110: + * Various small bugfixes ------------------------------------------------------------------- -Fri Apr 28 06:03:50 UTC 2017 - tchvatal@suse.com +Thu May 4 12:40:32 UTC 2017 - tchvatal@suse.com -- Also drop patch chromium-system-jinja-r13.patch - -------------------------------------------------------------------- -Fri Apr 28 05:55:11 UTC 2017 - tchvatal@suse.com - -- Bump to 59.0.3071.29 +- Version update to 58.0.3029.96: + * Fixes bsc#1037594 CVE-2017-5068 ------------------------------------------------------------------- Tue Apr 25 13:24:42 UTC 2017 - tchvatal@suse.com @@ -598,56 +713,34 @@ Tue Apr 25 13:24:42 UTC 2017 - tchvatal@suse.com * It is at least used only during build ------------------------------------------------------------------- -Fri Apr 21 19:16:32 UTC 2017 - tchvatal@suse.com +Fri Apr 21 09:57:49 UTC 2017 - tchvatal@suse.com -- Refresh patch chromium-system-ffmpeg-r3.patch -- Delete patch chromium-system-libjpeg.patch - -------------------------------------------------------------------- -Fri Apr 21 18:58:53 UTC 2017 - tchvatal@suse.com - -- Update to 59.0.3071.15 - -------------------------------------------------------------------- -Fri Apr 21 09:01:47 UTC 2017 - tchvatal@suse.com - -- Drop exif dep, unused -- Pass no-clean option to bootstrap.py for debugging purposes - -------------------------------------------------------------------- -Wed Apr 19 13:21:37 UTC 2017 - tchvatal@suse.com - -- Version update to 59.0.3071.9 - -------------------------------------------------------------------- -Thu Apr 13 08:22:25 UTC 2017 - tchvatal@suse.com - -- Update to 59.0.3067.0 -- Sort out the harfbuzz bundling conditional to be together with minizip - -------------------------------------------------------------------- -Wed Apr 12 11:20:22 UTC 2017 - tchvatal@suse.com - -- Bump harfbuzz and icu requirements - -------------------------------------------------------------------- -Tue Apr 11 11:52:32 UTC 2017 - tchvatal@suse.com - -- Add patch chromium-dma-buf.patch -- Add patch chromium-system-libjpeg.patch - -------------------------------------------------------------------- -Fri Apr 7 08:49:05 UTC 2017 - tchvatal@suse.com - -- Version update to 59.0.3063.4 +- Version update to 58.0.3029.81 bsc#1035103: + * High CVE-2017-5057: Type confusion in PDFium. Credit to Guang Gong of Alpha Team, Qihoo 360 + * High CVE-2017-5058: Heap use after free in Print Preview. Credit to Khalil Zhani + * High CVE-2017-5059: Type confusion in Blink. Credit to SkyLined working with Trend Micro's Zero Day Initiative + * Medium CVE-2017-5060: URL spoofing in Omnibox. Credit to Xudong Zheng + * Medium CVE-2017-5061: URL spoofing in Omnibox. Credit to Haosheng Wang (@gnehsoah) + * Medium CVE-2017-5062: Use after free in Chrome Apps. Credit to anonymous + * Medium CVE-2017-5063: Heap overflow in Skia. Credit to Sweetchip + * Medium CVE-2017-5064: Use after free in Blink. Credit to Wadih Matar + * Medium CVE-2017-5065: Incorrect UI in Blink. Credit to Khalil Zhani + * Medium CVE-2017-5066: Incorrect signature handing in Networking. Credit to chenchu + * Medium CVE-2017-5067: URL spoofing in Omnibox. Credit to Khalil Zhani + * Low CVE-2017-5069: Cross-origin bypass in Blink. Credit to Michael Reizelman - Refresh patch fix-gn-bootstrap.diff -- Refresh patch chromium-system-ffmpeg-r3.patch +- Refresh patch chromium-system-jinja-r13.patch +- Remove obsolete patch chromium-57-gcc4.patch ------------------------------------------------------------------- -Thu Mar 30 13:02:21 UTC 2017 - tchvatal@suse.com +Thu Mar 30 13:07:50 UTC 2017 - tchvatal@suse.com -- Update to 59.0.3053.3 -- Refresh patch fix-gn-bootstrap.diff +- Version update to 57.0.2987.133 bsc#1031677: + * Critical CVE-2017-5055: Use after free in printing. Credit to Wadih Matar + * High CVE-2017-5054: Heap buffer overflow in V8. Credit to Nicolas Trippar of Zimperium zLabs + * High CVE-2017-5052: Bad cast in Blink. Credit to JeongHoon Shin + * High CVE-2017-5056: Use after free in Blink. Credit to anonymous + * High CVE-2017-5053: Out of bounds memory access in V8. Credit to Team Sniper (Keen Lab and PC Mgr) reported through ZDI (ZDI-CAN-4587) ------------------------------------------------------------------- Fri Mar 24 15:22:38 UTC 2017 - tchvatal@suse.com @@ -655,238 +748,167 @@ Fri Mar 24 15:22:38 UTC 2017 - tchvatal@suse.com - Drop the browser(npapi) provide which is not true ------------------------------------------------------------------- -Wed Mar 22 10:57:21 UTC 2017 - tchvatal@suse.com +Sun Mar 19 11:04:47 UTC 2017 - tchvatal@suse.com -- Drop patch chromium-linker-memory.patch as with i586 dropped it - should not be required -- Update patch fix-gn-bootstrap.diff +- Add patch to build with gcc4 + * chromium-57-gcc4.patch ------------------------------------------------------------------- -Wed Mar 22 10:56:09 UTC 2017 - tchvatal@suse.com +Thu Mar 16 20:45:00 UTC 2017 - tchvatal@suse.com -- Version update to chromium-59.0.3047.0 +- Do not use gcc5 and newer as the compat was fixed again +- Update to 57.0.2987.110 with various other small tweaks ------------------------------------------------------------------- -Tue Mar 21 12:41:00 UTC 2017 - tchvatal@suse.com +Fri Mar 10 10:55:23 UTC 2017 - tchvatal@suse.com -- Few tweaks around clang switch to be viable +- Version update to 57.0.2987.98 bsc#1028848: + CVE-2017-5030 CVE-2017-5031 CVE-2017-5032 CVE-2017-5029 CVE-2017-5034 + CVE-2017-5035 CVE-2017-5036 CVE-2017-5037 CVE-2017-5039 CVE-2017-5040 + CVE-2017-5041 CVE-2017-5033 CVE-2017-5042 CVE-2017-5038 CVE-2017-5043 + CVE-2017-5044 CVE-2017-5045 CVE-2017-5046 +- Refresh patches + * fix-gn-bootstrap.diff + * chromium-linker-memory.patch +- Remove obsolete patches: + * chromium-sandbox.patch + * chromium-54-ffmpeg2compat.patch +- Remove vaapi patch which broke rendering on non-intel cards: + * chromium-enable-vaapi-on-suse.patch +- From this release onwards i586 build is disabled ------------------------------------------------------------------- -Sat Mar 18 19:13:16 UTC 2017 - tchvatal@suse.com - -- Update to 59.0.3043.0 -- Refresh patch fix-gn-bootstrap.diff - -------------------------------------------------------------------- -Wed Mar 15 10:14:35 UTC 2017 - tchvatal@suse.com - -- Update to 58.0.3029.19 - -------------------------------------------------------------------- -Wed Mar 15 09:34:48 UTC 2017 - tchvatal@suse.com - -- Reduce the requirement on gcc to be 4.8 only again - -------------------------------------------------------------------- -Mon Mar 13 12:20:56 UTC 2017 - tchvatal@suse.com - -- Version update to 58.0.3029.14 - -------------------------------------------------------------------- -Mon Mar 13 11:41:34 UTC 2017 - tchvatal@suse.com - -- Disable system vpx for now, needs symbols that will be in 1.6.2 - -------------------------------------------------------------------- -Fri Mar 10 13:03:15 UTC 2017 - tchvatal@suse.com - -- Update fix-gn-bootstrap.diff to build again - -------------------------------------------------------------------- -Wed Mar 8 11:26:35 UTC 2017 - tchvatal@suse.com - -- Version update to 58.0.3029.6 - -------------------------------------------------------------------- -Thu Mar 2 15:19:25 UTC 2017 - tchvatal@suse.com - -- Update to 58.0.3026.3 -- Empty fix-gn-bootstrap.diff again as it was merged upstream - -------------------------------------------------------------------- -Mon Feb 27 11:22:10 UTC 2017 - tchvatal@suse.com - -- Drop patch chromium-enable-vaapi-on-suse.patch as it breaks on - radeon and nvidia cards - -------------------------------------------------------------------- -Fri Feb 24 07:58:48 UTC 2017 - tchvatal@suse.com - -- Update to 58.0.3018.3 -- Update patch fix-gn-bootstrap.diff to match what is needed now -- Refresh patch chromium-system-jinja-r13.patch - -------------------------------------------------------------------- -Fri Feb 17 12:14:06 UTC 2017 - tchvatal@suse.com - -- Version update to 58.0.3013.3 - -------------------------------------------------------------------- -Wed Feb 15 12:15:52 UTC 2017 - idonmez@suse.com +Wed Feb 15 12:02:32 UTC 2017 - idonmez@suse.com - Also add harfbuzz-ng to keeplibs for SLE -------------------------------------------------------------------- -Wed Feb 8 12:39:54 UTC 2017 - tchvatal@suse.com - -- Update to 58.0.3004.3 - -------------------------------------------------------------------- -Wed Feb 8 12:32:46 UTC 2017 - tchvatal@suse.com - -- Try to properly set up nodejs for build - -------------------------------------------------------------------- -Mon Feb 6 20:39:24 UTC 2017 - tchvatal@suse.com - -- Version update to 58.3000.4 next dev channel -- Drop patch chromium-54-ffmpeg2compat.patch as we require ffmpeg3 now - ------------------------------------------------------------------- Mon Feb 6 20:29:52 UTC 2017 - tchvatal@suse.com - Add condition for system harfbuzz to be disabled on SLE ------------------------------------------------------------------- -Mon Feb 6 12:16:45 UTC 2017 - qvoheagbfovvhubzdxfx@posteo.net +Mon Feb 6 12:21:34 UTC 2017 - qvoheagbfovvhubzdxfx@posteo.net + +- Fixed a typo in the build requirements for system minizip. + +------------------------------------------------------------------- +Fri Feb 3 12:23:34 UTC 2017 - tchvatal@suse.com + +- Version update to 56.0.2924.87: + * Various small fixes + * Disabled option to enable/disable plugins in the chrome://plugins + +------------------------------------------------------------------- +Thu Feb 2 20:01:27 UTC 2017 - qvoheagbfovvhubzdxfx@posteo.net + +- Added the package 'chromium-privacy' with multiple patches + sourced from the release version on https://github.com/ + u4qo60z73t1c4hurv3ny/privacy_patches-oS_cr, which, when enabled + with the build option 'privacy', builds a version of Chromium + with less privacy implications due to Google services + integration. + +------------------------------------------------------------------- +Wed Feb 1 09:48:35 UTC 2017 - qvoheagbfovvhubzdxfx@posteo.net - Changed the build requirement of libavformat to library version 57.41.100, as included in ffmpeg 3.1.1, as only this version properly supports the public AVStream API 'codecpar'. + +------------------------------------------------------------------- +Tue Jan 31 14:08:26 UTC 2017 - tchvatal@suse.com + +- Version update to 56.0.2924.76 bsc#1022049: + - CVE-2017-5007: Universal XSS in Blink + - CVE-2017-5006: Universal XSS in Blink + - CVE-2017-5008: Universal XSS in Blink + - CVE-2017-5010: Universal XSS in Blink + - CVE-2017-5011: Unauthorised file access in Devtools + - CVE-2017-5009: Out of bounds memory access in WebRTC + - CVE-2017-5012: Heap overflow in V8 + - CVE-2017-5013: Address spoofing in Omnibox + - CVE-2017-5014: Heap overflow in Skia + - CVE-2017-5015: Address spoofing in Omnibox + - CVE-2017-5019: Use after free in Renderer + - CVE-2017-5016: UI spoofing in Blink + - CVE-2017-5017: Uninitialised memory access in webm video + - CVE-2017-5018: Universal XSS in chrome://apps + - CVE-2017-5020: Universal XSS in chrome://downloads + - CVE-2017-5021: Use after free in Extensions + - CVE-2017-5022: Bypass of Content Security Policy in Blink + - CVE-2017-5023: Type confusion in metrics + - CVE-2017-5024: Heap overflow in FFmpeg + - CVE-2017-5025: Heap overflow in FFmpeg + - CVE-2017-5026: UI spoofing. Credit to Ronni Skansing +- Add conditional to switch between system and bundled icu +- Raise dependency on harfbuzz to 1.3.1 +- Also refresh patches: + chromium-prop-codecs.patch chromium-linker-memory.patch + +------------------------------------------------------------------- +Sat Jan 28 11:31:18 UTC 2017 - qvoheagbfovvhubzdxfx@posteo.net + - Added patch chromium-enable-vaapi-on-suse.patch to enable VAAPI hardware accelerated video decoding. - * chromium-enable-vaapi-on-suse.patch -- Fixed a typo in the build requirements for system minizip. ------------------------------------------------------------------- -Fri Feb 3 10:38:16 UTC 2017 - tchvatal@suse.com +Wed Dec 21 20:19:42 UTC 2016 - astieger@suse.com -- Update to 57.0.2987.21 +- Chromium 55.0.2883.87: + * various fixes for crashes and specific wesites + * update Google pinned certificates ------------------------------------------------------------------- -Wed Feb 1 12:44:58 UTC 2017 - tchvatal@suse.com +Wed Dec 21 10:02:52 UTC 2016 - tchvatal@suse.com -- Update to 57.0.2987.19 +- Disable system icu on Factory, crashes autofill ------------------------------------------------------------------- -Sun Jan 29 17:58:34 UTC 2017 - tchvatal@suse.com - -- Version update to 57.0.2987.13 - -------------------------------------------------------------------- -Wed Jan 25 13:47:13 UTC 2017 - tchvatal@suse.com - -- Update to 57.0.2987.8 - -------------------------------------------------------------------- -Tue Jan 24 10:43:32 UTC 2017 - tchvatal@suse.com - -- Update to 57.0.2986.0 - -------------------------------------------------------------------- -Thu Jan 19 10:40:36 UTC 2017 - tchvatal@suse.com - -- Version update to 57.0.2984.0 - -------------------------------------------------------------------- -Fri Jan 13 09:13:44 UTC 2017 - tchvatal@suse.com - -- Drop the support code for builtin ffmpeg and rely on the system one always - -------------------------------------------------------------------- -Fri Jan 6 11:53:25 UTC 2017 - tchvatal@suse.com - -- Exclude i586 arch as the resources to build are not there - -------------------------------------------------------------------- -Wed Jan 4 12:36:34 UTC 2017 - tchvatal@suse.com - -- Add toolchain definition hopefully allowing us to build on Leap - with older gcc - * This also exposes more of our suse CFLAGS to the compilation - -------------------------------------------------------------------- -Wed Jan 4 12:07:26 UTC 2017 - tchvatal@suse.com - -- Version update to 57.0.2970.0 -- Refresh patch: - * fix-gn-bootstrap.diff -- Drop patch: - * chromium-sandbox.patch - -------------------------------------------------------------------- -Tue Dec 20 14:55:38 UTC 2016 - tchvatal@suse.com - -- Use gcc5 on leap - -------------------------------------------------------------------- -Mon Dec 19 10:30:45 UTC 2016 - tchvatal@suse.com - -- Update to 57.0.2946.4 - -------------------------------------------------------------------- -Wed Dec 14 10:45:26 UTC 2016 - tchvatal@suse.com - -- Allow building with non-system icu on older systems -- Refresh patch fix-gn-bootstrap.diff -- Disable system icu again, fails to build even on factory - -------------------------------------------------------------------- -Tue Dec 13 14:42:30 UTC 2016 - idonmez@suse.com +Tue Dec 13 14:38:08 UTC 2016 - idonmez@suse.com - python-html5lib now depends on six, so preserve that too for SLE builds. ------------------------------------------------------------------- -Sun Dec 11 13:12:44 UTC 2016 - tchvatal@suse.com +Fri Dec 9 12:07:10 UTC 2016 - astieger@suse.com -- Version update to 57.0.2946.0 +- Obsolete ffmpeg and ffmpegsumo package in addition to conflict ------------------------------------------------------------------- -Sun Dec 11 13:04:36 UTC 2016 - tchvatal@suse.com +Mon Dec 5 17:08:45 UTC 2016 - astieger@suse.com -- Version update to 56.0.2924.21 +- record minimum version for harfbuzz, incuding runtime + Chromium will crash with harfbuzz < 1.3.0 ------------------------------------------------------------------- -Thu Dec 8 08:33:17 UTC 2016 - tchvatal@suse.com +Sat Dec 3 09:59:21 UTC 2016 - tchvatal@suse.com -- Version update to 56.0.2924.18 +- Chromium 55.0.2883.75 bnc#1013236: + CVE-2016-9651 CVE-2016-5208 CVE-2016-5207 CVE-2016-5206 CVE-2016-5205 + CVE-2016-5204 CVE-2016-5209 CVE-2016-5203 CVE-2016-5210 CVE-2016-5212 + CVE-2016-5211 CVE-2016-5213 CVE-2016-5214 CVE-2016-5216 CVE-2016-5215 + CVE-2016-5217 CVE-2016-5218 CVE-2016-5219 CVE-2016-5221 CVE-2016-5220 + CVE-2016-5222 CVE-2016-9650 CVE-2016-5223 CVE-2016-5226 CVE-2016-5225 + CVE-2016-5224 CVE-2016-9652 +- Switch to system libraries: harfbuzz, zlib, ffmpeg, ... +- Refreshed patches: + * chromium-system-ffmpeg-r3.patch + * chromium-system-jinja-r13.patch +- Use system ffmpeg unless on 13.2 that didn't include it + * chromium-54-ffmpeg2compat.patch + * Remove upstreamed chromium-more-codec-aliases.patch +- Remove bookmarks override as discussed with artwork simply just set + homepage to our openSUSE one and that is all ------------------------------------------------------------------- -Sat Dec 3 12:03:04 UTC 2016 - tchvatal@suse.com +Sat Nov 12 08:20:05 UTC 2016 - astieger@suse.com -- Version update to 56.0.2924.14 - -------------------------------------------------------------------- -Tue Nov 29 21:13:49 UTC 2016 - tchvatal@suse.com - -- Version update to 56.0.2924.10 - -------------------------------------------------------------------- -Tue Nov 22 07:40:21 UTC 2016 - tchvatal@suse.com - -- Version update to 56.0.2922.1 - -------------------------------------------------------------------- -Fri Nov 18 08:35:30 UTC 2016 - tchvatal@suse.com - -- Version update to 56.0.2920.0 - -------------------------------------------------------------------- -Mon Nov 14 13:13:16 UTC 2016 - tchvatal@suse.com - -- Version update to 56.0.2914.3: - * refresh patch chromium-prop-codecs.patch +- Chromium 54.0.2840.100: + * CVE-2016-5199: Heap corruption in FFmpeg (boo#1009892) + * CVE-2016-5200: out of bounds memory access in v8 (boo#1009893) + * CVE-2016-5201: info leak in extensions (boo#1009894) + * CVE-2016-5202: various fixes from internal audits (boo#1009895) ------------------------------------------------------------------- Mon Nov 7 20:02:46 UTC 2016 - tchvatal@suse.com @@ -896,96 +918,63 @@ Mon Nov 7 20:02:46 UTC 2016 - tchvatal@suse.com bnc#1008725 ------------------------------------------------------------------- -Sun Nov 6 09:41:28 UTC 2016 - tchvatal@suse.com +Wed Nov 2 07:32:27 UTC 2016 - tchvatal@suse.com -- Put chromium-flags at the end to allow user to override various - variables +- Update to 54.0.2840.90: + * Few fixes and tweaks + * Fixes CVE-2016-5198 bsc#1008274 ------------------------------------------------------------------- -Wed Nov 2 07:36:15 UTC 2016 - tchvatal@suse.com +Fri Oct 21 10:27:16 UTC 2016 - tchvatal@suse.com -- Update to 56.0.2906.0 +- Update to 54.0.2840.71: + * Few fixes around ------------------------------------------------------------------- -Fri Oct 28 16:59:28 UTC 2016 - tchvatal@suse.com +Thu Oct 13 10:19:03 UTC 2016 - tchvatal@suse.com -- Update to 56.0.2902.0 - * Update fix-gn-bootstrap.diff +- Version update to 54.0.2840.59 bnc#1004465: + - CVE-2016-5181: Universal XSS in Blink (Anonymous) + - CVE-2016-5182: Heap overflow in Blink (Giwan Go of STEALIEN) + - CVE-2016-5183: Use after free in PDFium (Anonymous) + - CVE-2016-5184: Use after free in PDFium (Anonymous) + - CVE-2016-5185: Use after free in Blink (cloudfuzzer) + - CVE-2016-5187: URL spoofing (Luan Herrera) + - CVE-2016-5188: UI spoofing (Luan Herrera) + - CVE-2016-5192: Cross-origin bypass in Blink (haojunhou at gmail) + - CVE-2016-5189: URL spoofing (xisigr of Tencent's Xuanwu Lab) + - CVE-2016-5186: Out of bounds read in DevTools (Abdulrahman Alqabandi) + - CVE-2016-5191: Universal XSS in Bookmarks (Gareth Hughes) + - CVE-2016-5190: Use after free in Internals (Atte Kettunen of OUSPG) + - CVE-2016-5193: Scheme bypass (Yuyang ZHOUmartinzhou96) +- packaging changes: + * disable build for chromium-beta on %arm. + * Make linker use less memory by tweaking its options: + chromium-linker-memory.patch + * obsolete desktop subpackages + * Switch to gold to reduce memory use use during build + * fix build on 4.5+ kernels with systemlibs: + chromium-sandbox.patch + * various compiler and linker flag adjustments + * enable gtk3 ui, add patch gtk3-missing-define.patch + * switch from some bundled libraries to the system versions + chromium-system-ffmpeg-r3.patch + chromium-system-jinja-r13.patch + fix-gn-bootstrap.diff + * remove service file covered by download_files +- run time bug fixes: + * Add --ui-disable-partial-swap to the launcher bnc#1000019 + * Use default chromium values from master_preferences on first run + rather than pseudo-duplicating in shellscript +- added features: + * hangouts extension ------------------------------------------------------------------- -Mon Oct 24 13:06:07 UTC 2016 - tchvatal@suse.com +Fri Sep 30 08:00:45 UTC 2016 - tchvatal@suse.com -- Update to 56.0.2897.0 - * Refresh patch chromium-linker-memory.patch - * Update fix-gn-bootstrap.diff - -------------------------------------------------------------------- -Mon Oct 24 11:44:08 UTC 2016 - tchvatal@suse.com - -- Try to make package buildable on SLE12 Backports project - -------------------------------------------------------------------- -Fri Oct 21 10:34:39 UTC 2016 - tchvatal@suse.com - -- Update to 55.0.2883.21 -- Add switch between bundled and system icu as on old distributions - we simply have too old ICU -- Add switch for bundled/system minizip as it is not available on 42.1 - -------------------------------------------------------------------- -Thu Oct 20 07:52:26 UTC 2016 - tchvatal@suse.com - -- Version update to 55.0.2883.18 - -------------------------------------------------------------------- -Mon Oct 17 12:06:03 UTC 2016 - tchvatal@suse.com - -- Version update to 55.0.2883.11 -- Drop chromium-system-zlib.patch -- Add Requires on specified browser for chromedriver wrt bnc#1004839 - -------------------------------------------------------------------- -Sun Oct 9 18:16:49 UTC 2016 - tchvatal@suse.com - -- Version update to 55.0.2882.0: - * Rebase fix-gn-bootstrap.diff - * Remove upstreamed chromium-more-codec-aliases.patch - -------------------------------------------------------------------- -Sat Oct 8 09:51:35 UTC 2016 - mailaender@opensuse.org - -- Add appdata.xml for https://en.opensuse.org/openSUSE:AppStore - -------------------------------------------------------------------- -Fri Sep 30 07:12:16 UTC 2016 - dmueller@suse.com - -- disable build for chromium-beta on %arm. while it does build, - it takes two days, in which we can build roughly 600 other packages, - and I rather build 600 other packages than chromium-beta. - -------------------------------------------------------------------- -Wed Sep 28 17:32:17 UTC 2016 - tchvatal@suse.com - -- Version update to 55.0.2873.0: - * refresh fix-gn-bootstrap.diff - -------------------------------------------------------------------- -Tue Sep 27 08:08:38 UTC 2016 - tchvatal@suse.com - -- Do not install default_bookmarks.html file, just set homepage - and that's it -- Drop chromium-rpmlintrc not really needed - -------------------------------------------------------------------- -Mon Sep 26 14:07:58 UTC 2016 - tchvatal@suse.com - -- Drop chrome-wrapper file it is unused - -------------------------------------------------------------------- -Mon Sep 26 12:29:52 UTC 2016 - tchvatal@suse.com - -- Add --ui-disable-partial-swap to the launcher bnc#1000019 - cr#628168 +- Version update to 53.0.2785.143 bnc#1002140: + * CVE-2016-5177: Use after free in V8 + * CVE-2016-5178: Various fixes from internal audits ------------------------------------------------------------------- Mon Sep 26 12:22:41 UTC 2016 - dimstar@opensuse.org @@ -994,153 +983,50 @@ Mon Sep 26 12:22:41 UTC 2016 - dimstar@opensuse.org it's started as an Xwayland client (boo#1001135). ------------------------------------------------------------------- -Mon Sep 26 08:18:16 UTC 2016 - tchvatal@suse.com +Sat Sep 17 11:36:18 UTC 2016 - tchvatal@suse.com -- Update to 55.0.2868.3: - * remove patch gtk3-missing-define.patch - * update patch fix-gn-bootstrap.diff - * add patch chromium-system-zlib.patch -- Use system icu, upstream bug was fixed - -------------------------------------------------------------------- -Wed Sep 21 09:50:26 UTC 2016 - tchvatal@suse.com - -- Enable system libs again as it works for now -- Disable system vpx on < Factory as the vpx there is too old -- Now stable -> enable tcmalloc again - -------------------------------------------------------------------- -Tue Sep 20 09:00:29 UTC 2016 - tchvatal@suse.com - -- Make linker use less memory by tweaking its options: - * chromium-linker-memory.patch -- Update constraints for arm a bit to build -- Use system ffmpeg unless on 13.2 that didn't include it - * chromium-54-ffmpeg2compat.patch - -------------------------------------------------------------------- -Fri Sep 16 09:12:17 UTC 2016 - tchvatal@suse.com - -- Fix obsoletes for the desktop thingies - -------------------------------------------------------------------- -Thu Sep 15 12:02:32 UTC 2016 - tchvatal@suse.com - -- Gtk3 is still buggy -> disable -- Remove systemlibs for now except ffmpeg as it causes tons of problems - -------------------------------------------------------------------- -Wed Sep 14 14:57:42 UTC 2016 - tchvatal@suse.com - -- Switch to component build - solves issue with linking and not - enough memory -- Document in defaults how to actually enable debugging -- Remove noop conditions and empty variables from .sh script - launching chromium - -------------------------------------------------------------------- -Wed Sep 14 07:31:47 UTC 2016 - tchvatal@suse.com - -- Enable aarch64 to see how it goes -- Version update to 55.0.2859.0 - -------------------------------------------------------------------- -Tue Sep 13 17:13:47 UTC 2016 - tchvatal@suse.com - -- Do not bother with widevine installation, we need to build the - connectors, but later need to use the one bundled with chrome to - work with drm anyway - -------------------------------------------------------------------- -Tue Sep 13 12:53:23 UTC 2016 - tchvatal@suse.com - -- Switch to gold, we need to use less memory when linking -- Expand constraints for the debug symbols -- Use default chromium values from master_preferences on first run - rather than pseudo-duplicating in shellscript, bugs should be - fixed in the masterprefs -- Add patch to fix build on 4.5+ kernels with systemlibs: +- Apply sandbox patch to fix crashers on tumbleweed bnc#999091 * chromium-sandbox.patch ------------------------------------------------------------------- -Mon Sep 12 17:21:26 UTC 2016 - tchvatal@suse.com +Thu Sep 15 13:09:21 UTC 2016 - tchvatal@suse.com -- Collapse the ninja calls to run only once, no need to start 3x -- Remove g0 from cflags, that is something we never want, at least - some symbols for tracing are useful -- Sync more the options that are available for the build +- Version update stable channel 53.0.2785.116 + * Just smal bugfixes around ------------------------------------------------------------------- -Mon Sep 12 08:55:09 UTC 2016 - tchvatal@suse.com +Wed Sep 14 07:35:09 UTC 2016 - tchvatal@suse.com -- Enable more switches that are found in the gn files -- Try to enable gtk3 ui again - * add patch gtk3-missing-define.patch +- Version update to 53.0.2785.113 bnc#998743: + * CVE-2016-5170 Use after free in Blink + * CVE-2016-5171 Use after free in Blink + * CVE-2016-5172 Arbitrary Memory Read in v8 + * CVE-2016-5173 Extension resource access + * CVE-2016-5174 Popup not correctly suppressed + * CVE-2016-5175 Various fixes from internal audits ------------------------------------------------------------------- -Sun Sep 11 09:14:14 UTC 2016 - tchvatal@suse.com +Mon Sep 12 08:31:59 UTC 2016 - tchvatal@suse.com -- Move widevine to subpackage so user have choice between the built - one and the chrome one +- Reenable widevine build again bnc#998328 ------------------------------------------------------------------- -Sat Sep 10 11:02:42 UTC 2016 - tchvatal@suse.com +Sat Sep 10 09:13:37 UTC 2016 - tchvatal@suse.com -- Version update to dev chanel 55.0.2853.0 -- Refresh patches: - * chromium-system-ffmpeg-r3.patch - * chromium-system-jinja-r13.patch -- Correctly detect system ffmpeg and set branding to allow all codecs - that the ffmpeg can work with (eg we simply passover all the data - and do not bother with blacklist/whitelist) +- Stable channel update to 53.0.2785.101 + * SPDY crasher fixes + * Disable NV12 DXGI video on AMD + * Forward --password-store switch to os_crypt + * Tell the kernel to discard USB requests when they time out. ------------------------------------------------------------------- -Sat Sep 10 08:58:20 UTC 2016 - tchvatal@suse.com +Wed Sep 7 14:50:44 UTC 2016 - astieger@suse.com -- Update to 54.0.2840.16 -- Expand provides/obsoletes for the desktop subpackages to remove - them all - -------------------------------------------------------------------- -Thu Sep 8 13:23:30 UTC 2016 - tchvatal@suse.com - -- Enable hangouts extension -- Try to build widevine drm extension instead of using the one from - packman bnc#998328 -- Go back to normal malloc from bundled tcmalloc, switch back when - we can use system one - -------------------------------------------------------------------- -Wed Sep 7 06:36:15 UTC 2016 - tchvatal@suse.com - -- Update to 54.0.2840.14 -- Switch back to gcc on factory -- Switch some bundled libraries off courtesy of gentoo build system -- Try to use system ffmpeg if possible -- Remove useless service file, "osc service localrun download_files" - works fine enough even without it -- Add patches for system jinja and ffmpeg (gentoo): - * chromium-system-ffmpeg-r3.patch - * chromium-system-jinja-r13.patch -- Add back gcc compat patch: - * gcc60-fixes.diff - -------------------------------------------------------------------- -Tue Sep 6 08:32:06 UTC 2016 - tchvatal@suse.com - -- Switch to compile using clang as google has default - * Only for factory on 1320 and older use gcc -- Obsolete kde/gnome subpackages, useless nowdays -- Determine paralelism based on how much memory we have -- Disable gtk3 it seems to be really messy with rendering nowdays - * Stick with gtk2 for time being -- Enable tcmalloc as memory manager -- Sort out with spec-cleaner -- Drop unused patches: - * fix-older-gcc.patch - * gcc60-fixes.diff -- Do not install chromium-generic to libdir just directly go to bindir -- Remove empty pre function +- Update to Chromium 53.0.2785.92: + * Revert of support relocatable RPM packages + * disallow WKBackForwardListItem navigations for pushState pages + * arc: bluetooth: Fix advertised uuid + * fix conflicting PendingIntent for stop button and swipe away ------------------------------------------------------------------- Thu Sep 1 04:04:13 UTC 2016 - tittiatcoke@gmail.com diff --git a/chromium.spec b/chromium.spec index 8415b0e..2a67da7 100644 --- a/chromium.spec +++ b/chromium.spec @@ -191,12 +191,12 @@ Provides: chromium-browser = %{version} Obsoletes: %{name}-suid-helper < %{version} Obsoletes: chromium-browser < %{version} Provides: %{name}-suid-helper = %{version} -Obsoletes: chromium-desktop-kde -Obsoletes: chromium-desktop-gnome -Obsoletes: chromium-beta-desktop-kde Obsoletes: chromium-beta-desktop-gnome -Obsoletes: chromium-dev-desktop-kde +Obsoletes: chromium-beta-desktop-kde +Obsoletes: chromium-desktop-gnome +Obsoletes: chromium-desktop-kde Obsoletes: chromium-dev-desktop-gnome +Obsoletes: chromium-dev-desktop-kde Obsoletes: chromium-ffmpeg Obsoletes: chromium-ffmpegsumo # no 32bit supported and it takes ages to build From 437f8943ff0efbaa098fb3bc4d8c3ab48a93aa51235674013fdb7f92ccb7c81e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Wed, 25 Jul 2018 10:46:23 +0000 Subject: [PATCH 35/52] - Rebase patches: * chromium-master-prefs-path.patch * chromium-non-void-return.patch * chromium-vaapi.patch - Add patches: * chromium-cors-string.patch * chromium-gcc.patch * chromium-libjpeg.patch * chromium-libwebp-shim.patch - Remove patches: * chromium-gcc8.patch OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1146 --- chromium.changes | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/chromium.changes b/chromium.changes index f02e124..45084d7 100644 --- a/chromium.changes +++ b/chromium.changes @@ -31,6 +31,17 @@ Wed Jul 25 09:53:23 UTC 2018 - tchvatal@suse.com * CVE-2018-6179: Local file information leak in Extensions. * CVE-2018-6044: Request privilege escalation in Extensions. * CVE-2018-4117: Cross origin information leak in Blink. +- Rebase patches: + * chromium-master-prefs-path.patch + * chromium-non-void-return.patch + * chromium-vaapi.patch +- Add patches: + * chromium-cors-string.patch + * chromium-gcc.patch + * chromium-libjpeg.patch + * chromium-libwebp-shim.patch +- Remove patches: + * chromium-gcc8.patch ------------------------------------------------------------------- Tue Jul 10 11:40:21 UTC 2018 - tchvatal@suse.com From 6378e7b447db18f9d8ae489bc992ffabf01b2cf1ded15b73f49e920b482bf64b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Wed, 25 Jul 2018 10:46:51 +0000 Subject: [PATCH 36/52] OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1147 --- chromium.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/chromium.spec b/chromium.spec index 2a67da7..bcd7535 100644 --- a/chromium.spec +++ b/chromium.spec @@ -39,7 +39,7 @@ %endif %bcond_with system_vpx %bcond_with clang -Name: chromium-beta +Name: chromium Version: 68.0.3440.75 Release: 0 Summary: Google's open source browser project From 0f66449607dfa64a00403b90f4791ef0c012c3b09ad44bb3a779a12a3fcd1c1b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Wed, 25 Jul 2018 13:08:42 +0000 Subject: [PATCH 37/52] - Enable system vpx we should have new enough version everywhere now OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1148 --- chromium.changes | 6 ++++++ chromium.spec | 2 +- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/chromium.changes b/chromium.changes index 45084d7..61b7c29 100644 --- a/chromium.changes +++ b/chromium.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Wed Jul 25 13:08:17 UTC 2018 - tchvatal@suse.com + +- Enable system vpx we should have new enough version everywhere + now + ------------------------------------------------------------------- Wed Jul 25 09:53:23 UTC 2018 - tchvatal@suse.com diff --git a/chromium.spec b/chromium.spec index bcd7535..bdd64cd 100644 --- a/chromium.spec +++ b/chromium.spec @@ -37,7 +37,7 @@ %else %bcond_without swiftshader %endif -%bcond_with system_vpx +%bcond_without system_vpx %bcond_with clang Name: chromium Version: 68.0.3440.75 From 20dff1b34686d4cc9f346097d4e05dea5222ebe4db6e3954f43df18fb56cd4a3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Wed, 25 Jul 2018 13:14:13 +0000 Subject: [PATCH 38/52] OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1149 --- chromium.spec | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/chromium.spec b/chromium.spec index bdd64cd..22f8487 100644 --- a/chromium.spec +++ b/chromium.spec @@ -27,17 +27,18 @@ %bcond_without system_libxml %bcond_without system_icu %bcond_without system_harfbuzz +%bcond_without system_libvpx %else %bcond_with system_icu %bcond_with system_libxml %bcond_with system_harfbuzz +%bcond_with system_libvpx %endif %ifarch aarch64 %bcond_with swiftshader %else %bcond_without swiftshader %endif -%bcond_without system_vpx %bcond_with clang Name: chromium Version: 68.0.3440.75 From 19291a5ffab2aa864aef8e5f8960b1539d11f4b92c14f60eda05c9941d734b9a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Wed, 25 Jul 2018 13:22:40 +0000 Subject: [PATCH 39/52] - Raise libvpx requirement to match what we really need OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1150 --- chromium.changes | 3 +-- chromium.spec | 5 ++--- 2 files changed, 3 insertions(+), 5 deletions(-) diff --git a/chromium.changes b/chromium.changes index 61b7c29..27ebbb8 100644 --- a/chromium.changes +++ b/chromium.changes @@ -1,8 +1,7 @@ ------------------------------------------------------------------- Wed Jul 25 13:08:17 UTC 2018 - tchvatal@suse.com -- Enable system vpx we should have new enough version everywhere - now +- Raise libvpx requirement to match what we really need ------------------------------------------------------------------- Wed Jul 25 09:53:23 UTC 2018 - tchvatal@suse.com diff --git a/chromium.spec b/chromium.spec index 22f8487..550421b 100644 --- a/chromium.spec +++ b/chromium.spec @@ -27,18 +27,17 @@ %bcond_without system_libxml %bcond_without system_icu %bcond_without system_harfbuzz -%bcond_without system_libvpx %else %bcond_with system_icu %bcond_with system_libxml %bcond_with system_harfbuzz -%bcond_with system_libvpx %endif %ifarch aarch64 %bcond_with swiftshader %else %bcond_without swiftshader %endif +%bcond_with system_vpx %bcond_with clang Name: chromium Version: 68.0.3440.75 @@ -230,7 +229,7 @@ BuildRequires: pkgconfig(zlib) BuildRequires: pkgconfig(icu-i18n) >= 59.0 %endif %if %{with system_vpx} -BuildRequires: pkgconfig(vpx) >= 1.6.1 +BuildRequires: pkgconfig(vpx) > 1.7.0 %endif %if %{with clang} BuildRequires: clang >= 5.0.0 From 2ec87aff2f93cb4bcdc63e34450bbadd8e41d2c3d3d163a3b475a544f4d0dece Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Wed, 25 Jul 2018 14:29:57 +0000 Subject: [PATCH 40/52] - Add patch trying to build chromium on Leap 42.3: * chromium-gcc7.patch OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1151 --- chromium-gcc7.patch | 63 +++++++++++++++++++++++++++++++++++++++++++++ chromium.changes | 6 +++++ chromium.spec | 1 + 3 files changed, 70 insertions(+) create mode 100644 chromium-gcc7.patch diff --git a/chromium-gcc7.patch b/chromium-gcc7.patch new file mode 100644 index 0000000..bd369a2 --- /dev/null +++ b/chromium-gcc7.patch @@ -0,0 +1,63 @@ +From 122692ccee62223f266a988c575ae687e3f4c056 Mon Sep 17 00:00:00 2001 +From: Wang Qing +Date: Fri, 18 May 2018 11:20:09 +0000 +Subject: [PATCH] Remove noexcept from file + "components/search_provider_logos/logo_common.cc". +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +This fixes the build error with the following message: + + ../../components/search_provider_logos/logo_common.cc:17:15: error: function ‘search_provider_logos::LogoMetadata& search_provider_logos::LogoMetadata::operator=(search_provider_logos::LogoMetadata&&)’ defaulted on its redeclaration with an exception-specification that differs from the implicit exception-specification ‘’ + LogoMetadata& LogoMetadata::operator=(LogoMetadata&&) noexcept = default; + ^ + ../../components/search_provider_logos/logo_common.cc:31:1: error: function ‘search_provider_logos::LogoCallbacks::LogoCallbacks(search_provider_logos::LogoCallbacks&&)’ defaulted on its redeclaration with an exception-specification that differs from the implicit exception-specification ‘’ + LogoCallbacks::LogoCallbacks(LogoCallbacks&&) noexcept = default; + ^ + ../../components/search_provider_logos/logo_common.cc:32:16: error: function ‘search_provider_logos::LogoCallbacks& search_provider_logos::LogoCallbacks::operator=(search_provider_logos::LogoCallbacks&&)’ defaulted on its redeclaration with an exception-specification that differs from the implicit exception-specification ‘’ + LogoCallbacks& LogoCallbacks::operator=(LogoCallbacks&&) noexcept = default; + +BUG= 844355 +R= bauerb@chromium.org + +Change-Id: I084d0d22f8a2cc976f5f8b24a8c623cd38f86876 +Reviewed-on: https://chromium-review.googlesource.com/1065521 +Reviewed-by: Bernhard Bauer +Commit-Queue: 汪 清 +Cr-Commit-Position: refs/heads/master@{#559859} +--- + components/search_provider_logos/logo_common.cc | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/components/search_provider_logos/logo_common.cc b/components/search_provider_logos/logo_common.cc +index 05aae77a8a8d1..f0d2c674c505d 100644 +--- a/components/search_provider_logos/logo_common.cc ++++ b/components/search_provider_logos/logo_common.cc +@@ -14,22 +14,22 @@ LogoMetadata::LogoMetadata() = default; + LogoMetadata::LogoMetadata(const LogoMetadata&) = default; + LogoMetadata::LogoMetadata(LogoMetadata&&) noexcept = default; + LogoMetadata& LogoMetadata::operator=(const LogoMetadata&) = default; +-LogoMetadata& LogoMetadata::operator=(LogoMetadata&&) noexcept = default; ++LogoMetadata& LogoMetadata::operator=(LogoMetadata&&) = default; + LogoMetadata::~LogoMetadata() = default; + + EncodedLogo::EncodedLogo() = default; + EncodedLogo::EncodedLogo(const EncodedLogo&) = default; + EncodedLogo::EncodedLogo(EncodedLogo&&) noexcept = default; + EncodedLogo& EncodedLogo::operator=(const EncodedLogo&) = default; +-EncodedLogo& EncodedLogo::operator=(EncodedLogo&&) noexcept = default; ++EncodedLogo& EncodedLogo::operator=(EncodedLogo&&) = default; + EncodedLogo::~EncodedLogo() = default; + + Logo::Logo() = default; + Logo::~Logo() = default; + + LogoCallbacks::LogoCallbacks() = default; +-LogoCallbacks::LogoCallbacks(LogoCallbacks&&) noexcept = default; +-LogoCallbacks& LogoCallbacks::operator=(LogoCallbacks&&) noexcept = default; ++LogoCallbacks::LogoCallbacks(LogoCallbacks&&) = default; ++LogoCallbacks& LogoCallbacks::operator=(LogoCallbacks&&) = default; + LogoCallbacks::~LogoCallbacks() = default; + + } // namespace search_provider_logos diff --git a/chromium.changes b/chromium.changes index 27ebbb8..e754a30 100644 --- a/chromium.changes +++ b/chromium.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Wed Jul 25 14:29:16 UTC 2018 - tchvatal@suse.com + +- Add patch trying to build chromium on Leap 42.3: + * chromium-gcc7.patch + ------------------------------------------------------------------- Wed Jul 25 13:08:17 UTC 2018 - tchvatal@suse.com diff --git a/chromium.spec b/chromium.spec index 550421b..1468993 100644 --- a/chromium.spec +++ b/chromium.spec @@ -73,6 +73,7 @@ Patch10: chromium-libwebp-shim.patch Patch11: chromium-libjpeg.patch Patch12: chromium-cors-string.patch Patch13: chromium-gcc.patch +Patch14: chromium-gcc7.patch # Google seem not too keen on merging this but GPU accel is quite important # https://chromium-review.googlesource.com/c/chromium/src/+/532294 # https://github.com/saiarcot895/chromium-ubuntu-build/tree/master/debian/patches From 670d7f7ebc5901320bdbf08a425782fd932e55e31242248004d8cacc0643df47 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Thu, 26 Jul 2018 06:44:03 +0000 Subject: [PATCH 41/52] Accepting request 625370 from home:Guillaume_G:branches:network:chromium - Add patch to fix aarch64 build: * chromium-vpx-aarch64.patch OBS-URL: https://build.opensuse.org/request/show/625370 OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1152 --- chromium-vpx-aarch64.patch | 46 ++++++++++++++++++++++++++++++++++++++ chromium.changes | 6 +++++ chromium.spec | 2 ++ 3 files changed, 54 insertions(+) create mode 100644 chromium-vpx-aarch64.patch diff --git a/chromium-vpx-aarch64.patch b/chromium-vpx-aarch64.patch new file mode 100644 index 0000000..9424b6e --- /dev/null +++ b/chromium-vpx-aarch64.patch @@ -0,0 +1,46 @@ +From bc30e6e39c8bde9a31e1c314e6d1003ff47f2f7f Mon Sep 17 00:00:00 2001 +From: Raphael Kubo da Costa +Date: Fri, 13 Jul 2018 14:29:09 +0200 +Subject: [PATCH] vpx_sum_squares_2d_i16_neon(): Make |s2| a uint64x1_t. + +=> PATCH EDITED BY GUILLAUME TO MATCH CHROMIUM PATH + +This fixes the build with at least GCC 7.3, where it was previously failing +with: + +sum_squares_neon.c: In function 'vpx_sum_squares_2d_i16_neon': +sum_squares_neon.c: note: use -flax-vector-conversions to permit conversions between vectors with differing element types or numbers of subparts + s2 = vpaddl_u32(s1); + ^~ +sum_squares_neon.c: incompatible types when assigning to type 'int64x1_t' from type 'uint64x1_t' + s2 = vpaddl_u32(s1); + ^ +sum_squares_neon.c: incompatible types when assigning to type 'int64x1_t' from type 'uint64x1_t' + s2 = vadd_u64(vget_low_u64(s1), vget_high_u64(s1)); + ^ +sum_squares_neon.c: incompatible type for argument 1 of 'vget_lane_u64' + return vget_lane_u64(s2, 0); + ^~ + +The generated assembly was verified to remain identical with both GCC and +LLVM. + +Bug: chromium:819249 +Change-Id: I2778428ee1fee0a674d0d4910347c2a717de21ac +--- + vpx_dsp/arm/sum_squares_neon.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/third_party/libvpx/source/libvpx/vpx_dsp/arm/sum_squares_neon.c b/third_party/libvpx/source/libvpx/vpx_dsp/arm/sum_squares_neon.c +index 8942ba83bc..cfefad9938 100644 +--- a/third_party/libvpx/source/libvpx/vpx_dsp/arm/sum_squares_neon.c ++++ b/third_party/libvpx/source/libvpx/vpx_dsp/arm/sum_squares_neon.c +@@ -14,7 +14,7 @@ + #include "./vpx_dsp_rtcd.h" + + uint64_t vpx_sum_squares_2d_i16_neon(const int16_t *src, int stride, int size) { +- int64x1_t s2; ++ uint64x1_t s2; + + if (size == 4) { + int16x4_t s[4]; diff --git a/chromium.changes b/chromium.changes index e754a30..0eb1ca2 100644 --- a/chromium.changes +++ b/chromium.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Wed Jul 25 15:56:24 UTC 2018 - guillaume.gardet@opensuse.org + +- Add patch to fix aarch64 build: + * chromium-vpx-aarch64.patch + ------------------------------------------------------------------- Wed Jul 25 14:29:16 UTC 2018 - tchvatal@suse.com diff --git a/chromium.spec b/chromium.spec index 1468993..f3cd635 100644 --- a/chromium.spec +++ b/chromium.spec @@ -74,6 +74,8 @@ Patch11: chromium-libjpeg.patch Patch12: chromium-cors-string.patch Patch13: chromium-gcc.patch Patch14: chromium-gcc7.patch +# PATCH-FIX-UPSTREAM chromium-vpx-aarch64.patch - Fix vpx build on aarch64 (patch edited to match path for -p1) +Patch15: chromium-vpx-aarch64.patch # Google seem not too keen on merging this but GPU accel is quite important # https://chromium-review.googlesource.com/c/chromium/src/+/532294 # https://github.com/saiarcot895/chromium-ubuntu-build/tree/master/debian/patches From d59003b046a296c2017afe4d6860a40b7cb06706cf0eb515e89f7c548bdaeaf9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Wed, 1 Aug 2018 10:15:35 +0000 Subject: [PATCH 42/52] - Version update to 68.0.3440.84: * Various small feature fixes only OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1154 --- chromium-68.0.3440.75.tar.xz | 3 --- chromium-68.0.3440.84.tar.xz | 3 +++ chromium.changes | 6 ++++++ chromium.spec | 2 +- 4 files changed, 10 insertions(+), 4 deletions(-) delete mode 100644 chromium-68.0.3440.75.tar.xz create mode 100644 chromium-68.0.3440.84.tar.xz diff --git a/chromium-68.0.3440.75.tar.xz b/chromium-68.0.3440.75.tar.xz deleted file mode 100644 index d929a8e..0000000 --- a/chromium-68.0.3440.75.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:dc17783267853bdc0fb726363d2b8e30a0bf43b6cc2c768e1f37c92e8eb59541 -size 630277224 diff --git a/chromium-68.0.3440.84.tar.xz b/chromium-68.0.3440.84.tar.xz new file mode 100644 index 0000000..11febbb --- /dev/null +++ b/chromium-68.0.3440.84.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:1031d167ae18d8a37f9291ff0e9a3dca2337c0fc1031f2c243d0327b14ecc9d9 +size 630259488 diff --git a/chromium.changes b/chromium.changes index 0eb1ca2..3d29cee 100644 --- a/chromium.changes +++ b/chromium.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Wed Aug 1 10:12:25 UTC 2018 - tchvatal@suse.com + +- Version update to 68.0.3440.84: + * Various small feature fixes only + ------------------------------------------------------------------- Wed Jul 25 15:56:24 UTC 2018 - guillaume.gardet@opensuse.org diff --git a/chromium.spec b/chromium.spec index f3cd635..99e5b40 100644 --- a/chromium.spec +++ b/chromium.spec @@ -40,7 +40,7 @@ %bcond_with system_vpx %bcond_with clang Name: chromium -Version: 68.0.3440.75 +Version: 68.0.3440.84 Release: 0 Summary: Google's open source browser project License: BSD-3-Clause AND LGPL-2.1-or-later From 0d9877aecec9d393fc16cc7fa1eef74a3677e87bea4d7ef7338db56930af6e6e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Wed, 8 Aug 2018 21:17:26 +0000 Subject: [PATCH 43/52] - Update to chromium-68.0.3440.106: * Various feature fixes OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1156 --- chromium-68.0.3440.106.tar.xz | 3 +++ chromium-68.0.3440.84.tar.xz | 3 --- chromium.changes | 6 ++++++ chromium.spec | 2 +- 4 files changed, 10 insertions(+), 4 deletions(-) create mode 100644 chromium-68.0.3440.106.tar.xz delete mode 100644 chromium-68.0.3440.84.tar.xz diff --git a/chromium-68.0.3440.106.tar.xz b/chromium-68.0.3440.106.tar.xz new file mode 100644 index 0000000..64c1ec4 --- /dev/null +++ b/chromium-68.0.3440.106.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:7021040635a0a0d47f699bdb22e3ef5c91482e4f51b428d1de3016da95f0e698 +size 630289544 diff --git a/chromium-68.0.3440.84.tar.xz b/chromium-68.0.3440.84.tar.xz deleted file mode 100644 index 11febbb..0000000 --- a/chromium-68.0.3440.84.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:1031d167ae18d8a37f9291ff0e9a3dca2337c0fc1031f2c243d0327b14ecc9d9 -size 630259488 diff --git a/chromium.changes b/chromium.changes index 3d29cee..115d2b5 100644 --- a/chromium.changes +++ b/chromium.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Wed Aug 8 21:14:43 UTC 2018 - tchvatal@suse.com + +- Update to chromium-68.0.3440.106: + * Various feature fixes + ------------------------------------------------------------------- Wed Aug 1 10:12:25 UTC 2018 - tchvatal@suse.com diff --git a/chromium.spec b/chromium.spec index 99e5b40..4de4a5c 100644 --- a/chromium.spec +++ b/chromium.spec @@ -40,7 +40,7 @@ %bcond_with system_vpx %bcond_with clang Name: chromium -Version: 68.0.3440.84 +Version: 68.0.3440.106 Release: 0 Summary: Google's open source browser project License: BSD-3-Clause AND LGPL-2.1-or-later From d1349a5e64e5241c6219bb5c634667568580b764da47e01deaefb1f85af259b7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Wed, 29 Aug 2018 07:35:30 +0000 Subject: [PATCH 44/52] * bsc#1106341 CVE-2017-15430 Unsafe navigation in Chromecast OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1158 --- chromium.changes | 1 + 1 file changed, 1 insertion(+) diff --git a/chromium.changes b/chromium.changes index 115d2b5..699467c 100644 --- a/chromium.changes +++ b/chromium.changes @@ -440,6 +440,7 @@ Fri Dec 15 09:28:07 UTC 2017 - tchvatal@suse.com Thu Dec 7 09:41:13 UTC 2017 - tchvatal@suse.com - Version update to 63.0.3239.84 bsc#1071691: + * bsc#1106341 CVE-2017-15430 Unsafe navigation in Chromecast * Critical CVE-2017-15407: Out of bounds write in QUIC. * High CVE-2017-15408: Heap buffer overflow in PDFium. * High CVE-2017-15409: Out of bounds write in Skia. From 28c2e827572d1aa1b64c0bc5dbda2103538f508e74b698c5e3772cd8ba0c1116 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Thu, 6 Sep 2018 09:07:00 +0000 Subject: [PATCH 45/52] Accepting request 633585 from network:chromium ok OBS-URL: https://build.opensuse.org/request/show/633585 OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1159 --- chromium-68.0.3440.106.tar.xz | 3 - chromium-69.0.3497.81.tar.xz | 3 + chromium-cors-string.patch | 51 - chromium-crashpad-aarch64-fix.patch | 11 - chromium-ffmpeg.patch | 22 - chromium-gcc.patch | 46 - chromium-gcc7.patch | 63 - chromium-last-commit-position-r0.patch | 16 +- chromium-libjpeg.patch | 62 - chromium-libwebp-shim.patch | 43 - chromium-non-void-return.patch | 424 +++++- chromium-old-glibc.patch | 73 ++ chromium-sandbox-pie.patch | 26 +- chromium-skia-system-fontconfig.patch | 18 +- chromium-system-icu.patch | 11 + chromium-vaapi.patch | 214 ++-- chromium-warnings.patch | 14 + chromium.changes | 1637 +++++++++++++----------- chromium.spec | 48 +- 19 files changed, 1520 insertions(+), 1265 deletions(-) delete mode 100644 chromium-68.0.3440.106.tar.xz create mode 100644 chromium-69.0.3497.81.tar.xz delete mode 100644 chromium-cors-string.patch delete mode 100644 chromium-crashpad-aarch64-fix.patch delete mode 100644 chromium-ffmpeg.patch delete mode 100644 chromium-gcc.patch delete mode 100644 chromium-gcc7.patch delete mode 100644 chromium-libjpeg.patch delete mode 100644 chromium-libwebp-shim.patch create mode 100644 chromium-old-glibc.patch create mode 100644 chromium-system-icu.patch create mode 100644 chromium-warnings.patch diff --git a/chromium-68.0.3440.106.tar.xz b/chromium-68.0.3440.106.tar.xz deleted file mode 100644 index 64c1ec4..0000000 --- a/chromium-68.0.3440.106.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:7021040635a0a0d47f699bdb22e3ef5c91482e4f51b428d1de3016da95f0e698 -size 630289544 diff --git a/chromium-69.0.3497.81.tar.xz b/chromium-69.0.3497.81.tar.xz new file mode 100644 index 0000000..af673ee --- /dev/null +++ b/chromium-69.0.3497.81.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:165ac7d0d4588e6b4a16331e0a9906ed013f2d29a96b54f0ea78fa0298f97144 +size 617333008 diff --git a/chromium-cors-string.patch b/chromium-cors-string.patch deleted file mode 100644 index 6450e49..0000000 --- a/chromium-cors-string.patch +++ /dev/null @@ -1,51 +0,0 @@ -From 01d891fa0790950549c7bedb34edf869827a372e Mon Sep 17 00:00:00 2001 -From: Jose Dapena Paz -Date: Thu, 31 May 2018 17:03:37 +0000 -Subject: [PATCH] CORS legacy: add missing string include -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -The cors_legacy.h file includes declarations using std::string, but -it is not declared due to missing #include . - -Also drop unneeded declarations in .cpp file. - -Change-Id: I00df799f84a6c3530c2f12f1e52d24c7d9bd6bfd -Reviewed-on: https://chromium-review.googlesource.com/1080707 -Reviewed-by: Tom Sepez -Commit-Queue: José Dapena Paz -Cr-Commit-Position: refs/heads/master@{#563282} ---- - services/network/public/cpp/cors/cors_legacy.cc | 2 -- - services/network/public/cpp/cors/cors_legacy.h | 1 + - 2 files changed, 1 insertion(+), 2 deletions(-) - -diff --git a/services/network/public/cpp/cors/cors_legacy.cc b/services/network/public/cpp/cors/cors_legacy.cc -index 8f32ac3be64e..f01af63619b5 100644 ---- a/services/network/public/cpp/cors/cors_legacy.cc -+++ b/services/network/public/cpp/cors/cors_legacy.cc -@@ -5,8 +5,6 @@ - #include "services/network/public/cpp/cors/cors_legacy.h" - - #include --#include --#include - - #include "url/gurl.h" - #include "url/url_util.h" -diff --git a/services/network/public/cpp/cors/cors_legacy.h b/services/network/public/cpp/cors/cors_legacy.h -index d2cdf026ca3a..dc9295a92c47 100644 ---- a/services/network/public/cpp/cors/cors_legacy.h -+++ b/services/network/public/cpp/cors/cors_legacy.h -@@ -5,6 +5,7 @@ - #ifndef SERVICES_NETWORK_PUBLIC_CPP_CORS_CORS_LEGACY_H_ - #define SERVICES_NETWORK_PUBLIC_CPP_CORS_CORS_LEGACY_H_ - -+#include - #include - - #include "base/component_export.h" --- -2.17.1 - diff --git a/chromium-crashpad-aarch64-fix.patch b/chromium-crashpad-aarch64-fix.patch deleted file mode 100644 index 0746b6a..0000000 --- a/chromium-crashpad-aarch64-fix.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- chromium-67.0.3396.40.orig/third_party/crashpad/crashpad/util/misc/capture_context_linux.S 2018-05-14 10:28:12.305409792 +0200 -+++ chromium-67.0.3396.40/third_party/crashpad/crashpad/util/misc/capture_context_linux.S 2018-05-14 10:36:54.547875861 +0200 -@@ -288,7 +288,7 @@ CAPTURECONTEXT_SYMBOL2: - #elif defined(__aarch64__) - - // Zero out fault_address, which is unused. -- str x31, [x0, #0xb0] // context->uc_mcontext.fault_address -+ str XZR, [x0, #0xb0] // context->uc_mcontext.fault_address - - // Save general purpose registers in context->uc_mcontext.regs[i]. - // The original x0 can't be recovered. diff --git a/chromium-ffmpeg.patch b/chromium-ffmpeg.patch deleted file mode 100644 index 6d51bf4..0000000 --- a/chromium-ffmpeg.patch +++ /dev/null @@ -1,22 +0,0 @@ ---- a/build/linux/unbundle/ffmpeg.gn -+++ b/build/linux/unbundle/ffmpeg.gn -@@ -14,8 +14,8 @@ pkg_config("system_ffmpeg") { - ] - } - --buildflag_header("ffmpeg_buildflags") { -- header = "ffmpeg_buildflags.h" -+buildflag_header("ffmpeg_features") { -+ header = "ffmpeg_features.h" - flags = [ "USE_SYSTEM_FFMPEG=true" ] - } - -@@ -30,7 +30,7 @@ shim_headers("ffmpeg_shim") { - - source_set("ffmpeg") { - deps = [ -- ":ffmpeg_buildflags", -+ ":ffmpeg_features", - ":ffmpeg_shim", - ] - public_configs = [ ":system_ffmpeg" ] diff --git a/chromium-gcc.patch b/chromium-gcc.patch deleted file mode 100644 index a7480ac..0000000 --- a/chromium-gcc.patch +++ /dev/null @@ -1,46 +0,0 @@ -Index: chromium-68.0.3440.17/components/bookmarks/browser/bookmark_client.h -=================================================================== ---- chromium-68.0.3440.17.orig/components/bookmarks/browser/bookmark_client.h -+++ chromium-68.0.3440.17/components/bookmarks/browser/bookmark_client.h -@@ -26,6 +26,7 @@ namespace bookmarks { - class BookmarkModel; - class BookmarkNode; - class BookmarkPermanentNode; -+class UrlIndex; - - // This class abstracts operations that depends on the embedder's environment, - // e.g. Chrome. -Index: chromium-68.0.3440.17/components/bookmarks/browser/bookmark_storage.h -=================================================================== ---- chromium-68.0.3440.17.orig/components/bookmarks/browser/bookmark_storage.h -+++ chromium-68.0.3440.17/components/bookmarks/browser/bookmark_storage.h -@@ -19,6 +19,7 @@ - #include "base/memory/weak_ptr.h" - #include "components/bookmarks/browser/bookmark_node.h" - #include "components/bookmarks/browser/titled_url_index.h" -+#include "components/bookmarks/browser/url_index.h" - - namespace base { - class SequencedTaskRunner; -@@ -29,7 +30,6 @@ namespace bookmarks { - class BookmarkClient; - class BookmarkModel; - class BookmarkNode; --class UrlIndex; - - // A list of BookmarkPermanentNodes that owns them. - using BookmarkPermanentNodeList = ---- chromium-67.0.3396.87/build/config/compiler/BUILD.gn.orig 2018-06-16 13:57:27.583106343 +0200 -+++ chromium-67.0.3396.87/build/config/compiler/BUILD.gn 2018-06-16 14:24:26.713631391 +0200 -@@ -1325,6 +1325,11 @@ - # comments - # https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61638 - cflags += [ "-Wno-comments" ] -+ -+ # too many warnings -+ cflags += [ "-Wno-class-memaccess" ] -+ cflags += [ "-Wno-packed-not-aligned" ] -+ cflags += [ "-Wno-int-in-bool-context" ] - } - } - diff --git a/chromium-gcc7.patch b/chromium-gcc7.patch deleted file mode 100644 index bd369a2..0000000 --- a/chromium-gcc7.patch +++ /dev/null @@ -1,63 +0,0 @@ -From 122692ccee62223f266a988c575ae687e3f4c056 Mon Sep 17 00:00:00 2001 -From: Wang Qing -Date: Fri, 18 May 2018 11:20:09 +0000 -Subject: [PATCH] Remove noexcept from file - "components/search_provider_logos/logo_common.cc". -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -This fixes the build error with the following message: - - ../../components/search_provider_logos/logo_common.cc:17:15: error: function ‘search_provider_logos::LogoMetadata& search_provider_logos::LogoMetadata::operator=(search_provider_logos::LogoMetadata&&)’ defaulted on its redeclaration with an exception-specification that differs from the implicit exception-specification ‘’ - LogoMetadata& LogoMetadata::operator=(LogoMetadata&&) noexcept = default; - ^ - ../../components/search_provider_logos/logo_common.cc:31:1: error: function ‘search_provider_logos::LogoCallbacks::LogoCallbacks(search_provider_logos::LogoCallbacks&&)’ defaulted on its redeclaration with an exception-specification that differs from the implicit exception-specification ‘’ - LogoCallbacks::LogoCallbacks(LogoCallbacks&&) noexcept = default; - ^ - ../../components/search_provider_logos/logo_common.cc:32:16: error: function ‘search_provider_logos::LogoCallbacks& search_provider_logos::LogoCallbacks::operator=(search_provider_logos::LogoCallbacks&&)’ defaulted on its redeclaration with an exception-specification that differs from the implicit exception-specification ‘’ - LogoCallbacks& LogoCallbacks::operator=(LogoCallbacks&&) noexcept = default; - -BUG= 844355 -R= bauerb@chromium.org - -Change-Id: I084d0d22f8a2cc976f5f8b24a8c623cd38f86876 -Reviewed-on: https://chromium-review.googlesource.com/1065521 -Reviewed-by: Bernhard Bauer -Commit-Queue: 汪 清 -Cr-Commit-Position: refs/heads/master@{#559859} ---- - components/search_provider_logos/logo_common.cc | 8 ++++---- - 1 file changed, 4 insertions(+), 4 deletions(-) - -diff --git a/components/search_provider_logos/logo_common.cc b/components/search_provider_logos/logo_common.cc -index 05aae77a8a8d1..f0d2c674c505d 100644 ---- a/components/search_provider_logos/logo_common.cc -+++ b/components/search_provider_logos/logo_common.cc -@@ -14,22 +14,22 @@ LogoMetadata::LogoMetadata() = default; - LogoMetadata::LogoMetadata(const LogoMetadata&) = default; - LogoMetadata::LogoMetadata(LogoMetadata&&) noexcept = default; - LogoMetadata& LogoMetadata::operator=(const LogoMetadata&) = default; --LogoMetadata& LogoMetadata::operator=(LogoMetadata&&) noexcept = default; -+LogoMetadata& LogoMetadata::operator=(LogoMetadata&&) = default; - LogoMetadata::~LogoMetadata() = default; - - EncodedLogo::EncodedLogo() = default; - EncodedLogo::EncodedLogo(const EncodedLogo&) = default; - EncodedLogo::EncodedLogo(EncodedLogo&&) noexcept = default; - EncodedLogo& EncodedLogo::operator=(const EncodedLogo&) = default; --EncodedLogo& EncodedLogo::operator=(EncodedLogo&&) noexcept = default; -+EncodedLogo& EncodedLogo::operator=(EncodedLogo&&) = default; - EncodedLogo::~EncodedLogo() = default; - - Logo::Logo() = default; - Logo::~Logo() = default; - - LogoCallbacks::LogoCallbacks() = default; --LogoCallbacks::LogoCallbacks(LogoCallbacks&&) noexcept = default; --LogoCallbacks& LogoCallbacks::operator=(LogoCallbacks&&) noexcept = default; -+LogoCallbacks::LogoCallbacks(LogoCallbacks&&) = default; -+LogoCallbacks& LogoCallbacks::operator=(LogoCallbacks&&) = default; - LogoCallbacks::~LogoCallbacks() = default; - - } // namespace search_provider_logos diff --git a/chromium-last-commit-position-r0.patch b/chromium-last-commit-position-r0.patch index 219e2fd..01e0588 100644 --- a/chromium-last-commit-position-r0.patch +++ b/chromium-last-commit-position-r0.patch @@ -1,8 +1,8 @@ -Index: chromium-60.0.3107.4/tools/gn/gn_main.cc +Index: chromium-69.0.3452.0/tools/gn/gn_main.cc =================================================================== ---- chromium-60.0.3107.4.orig/tools/gn/gn_main.cc -+++ chromium-60.0.3107.4/tools/gn/gn_main.cc -@@ -12,13 +12,7 @@ +--- chromium-69.0.3452.0.orig/tools/gn/gn_main.cc ++++ chromium-69.0.3452.0/tools/gn/gn_main.cc +@@ -19,13 +19,7 @@ #include "tools/gn/standard_out.h" #include "tools/gn/switches.h" @@ -16,15 +16,15 @@ Index: chromium-60.0.3107.4/tools/gn/gn_main.cc namespace { -Index: chromium-60.0.3107.4/tools/gn/BUILD.gn +Index: chromium-69.0.3452.0/tools/gn/BUILD.gn =================================================================== ---- chromium-60.0.3107.4.orig/tools/gn/BUILD.gn -+++ chromium-60.0.3107.4/tools/gn/BUILD.gn +--- chromium-69.0.3452.0.orig/tools/gn/BUILD.gn ++++ chromium-69.0.3452.0/tools/gn/BUILD.gn @@ -268,7 +268,6 @@ executable("gn") { deps = [ ":gn_lib", - ":last_commit_position", "//base", - "//build/config:exe_and_shlib_deps", "//build/win:default_exe_manifest", + ] diff --git a/chromium-libjpeg.patch b/chromium-libjpeg.patch deleted file mode 100644 index c41ca5f..0000000 --- a/chromium-libjpeg.patch +++ /dev/null @@ -1,62 +0,0 @@ -From c6b0194f7a4d9f494b2d51f46d2c332e2e5f4050 Mon Sep 17 00:00:00 2001 -From: Daniel Bratell -Date: Mon, 28 May 2018 13:13:01 +0000 -Subject: [PATCH] Use the same libjpeg in all of blink/platform - -The normal libjpeg renames some symbols with macros so if its -headers are included together with libjpeg-turbo's headers -in the same translation unit, there will be an inconsistent -renaming of libjpeg symbols. This happened in some extreme -jumbo configuration and resulted in confising linker errors. - -This patch changes an include so that jpeglib.h becomes included -the same way everywhere. - -Change-Id: I7f122d0919d58371bb40dc0097a766b857b9815e -Reviewed-on: https://chromium-review.googlesource.com/1073423 -Reviewed-by: Kentaro Hara -Commit-Queue: Daniel Bratell -Cr-Commit-Position: refs/heads/master@{#562243} ---- - .../renderer/platform/image-encoders/image_encoder.cc | 11 +++++++++++ - .../renderer/platform/image-encoders/image_encoder.h | 2 -- - 2 files changed, 11 insertions(+), 2 deletions(-) - -diff --git a/third_party/blink/renderer/platform/image-encoders/image_encoder.cc b/third_party/blink/renderer/platform/image-encoders/image_encoder.cc -index 0c7f14c7c0e4..4c450f5d6783 100644 ---- a/third_party/blink/renderer/platform/image-encoders/image_encoder.cc -+++ b/third_party/blink/renderer/platform/image-encoders/image_encoder.cc -@@ -4,6 +4,17 @@ - - #include "third_party/blink/renderer/platform/image-encoders/image_encoder.h" - -+#include "build/build_config.h" -+ -+#if defined(OS_WIN) -+#include // Included before jpeglib.h because of INT32 clash -+#endif // OS_WIN -+#include // Needed by jpeglib.h -+ -+#include "jpeglib.h" // for JPEG_MAX_DIMENSION -+ -+#include "third_party/libwebp/src/webp/encode.h" // for WEBP_MAX_DIMENSION -+ - namespace blink { - - bool ImageEncoder::Encode(Vector* dst, -diff --git a/third_party/blink/renderer/platform/image-encoders/image_encoder.h b/third_party/blink/renderer/platform/image-encoders/image_encoder.h -index 0d1460f34827..40306097d507 100644 ---- a/third_party/blink/renderer/platform/image-encoders/image_encoder.h -+++ b/third_party/blink/renderer/platform/image-encoders/image_encoder.h -@@ -7,8 +7,6 @@ - - #include "third_party/blink/renderer/platform/platform_export.h" - #include "third_party/blink/renderer/platform/wtf/vector.h" --#include "third_party/libjpeg/jpeglib.h" // for JPEG_MAX_DIMENSION --#include "third_party/libwebp/src/webp/encode.h" // for WEBP_MAX_DIMENSION - #include "third_party/skia/include/core/SkStream.h" - #include "third_party/skia/include/encode/SkJpegEncoder.h" - #include "third_party/skia/include/encode/SkPngEncoder.h" --- -2.17.1 - diff --git a/chromium-libwebp-shim.patch b/chromium-libwebp-shim.patch deleted file mode 100644 index 718b31a..0000000 --- a/chromium-libwebp-shim.patch +++ /dev/null @@ -1,43 +0,0 @@ -diff --git a/build/linux/unbundle/libwebp.gn b/build/linux/unbundle/libwebp.gn -index ab92adecf400..12574d87be58 100644 ---- a/build/linux/unbundle/libwebp.gn -+++ b/build/linux/unbundle/libwebp.gn -@@ -2,12 +2,34 @@ - # Use of this source code is governed by a BSD-style license that can be - # found in the LICENSE file. - -+import("//build/config/linux/pkg_config.gni") -+import("//build/shim_headers.gni") -+ -+pkg_config("system_libwebp") { -+ packages = [ -+ "libwebp", -+ "libwebpdemux", -+ "libwebpmux", -+ ] -+} -+ -+shim_headers("libwebp_shim") { -+ root_path = "src" -+ headers = [ -+ "webp/decode.h", -+ "webp/demux.h", -+ "webp/encode.h", -+ "webp/mux.h", -+ "webp/mux_types.h", -+ "webp/types.h", -+ ] -+} -+ - source_set("libwebp_webp") { -- libs = [ -- "webp", -- "webpdemux", -- "webpmux", -+ deps = [ -+ ":libwebp_shim", - ] -+ public_configs = [ ":system_libwebp" ] - } - - group("libwebp") { diff --git a/chromium-non-void-return.patch b/chromium-non-void-return.patch index 4cb4470..da37e66 100644 --- a/chromium-non-void-return.patch +++ b/chromium-non-void-return.patch @@ -1,8 +1,8 @@ -Index: chromium-67.0.3396.30/media/gpu/vaapi/vaapi_wrapper.cc +Index: chromium-69.0.3497.57/media/gpu/vaapi/vaapi_wrapper.cc =================================================================== ---- chromium-67.0.3396.30.orig/media/gpu/vaapi/vaapi_wrapper.cc -+++ chromium-67.0.3396.30/media/gpu/vaapi/vaapi_wrapper.cc -@@ -390,6 +390,8 @@ static VAEntrypoint GetVaEntryPoint(Vaap +--- chromium-69.0.3497.57.orig/media/gpu/vaapi/vaapi_wrapper.cc ++++ chromium-69.0.3497.57/media/gpu/vaapi/vaapi_wrapper.cc +@@ -400,6 +400,8 @@ static VAEntrypoint GetVaEntryPoint(Vaap case VaapiWrapper::kCodecModeMax: NOTREACHED(); return VAEntrypointVLD; @@ -11,10 +11,10 @@ Index: chromium-67.0.3396.30/media/gpu/vaapi/vaapi_wrapper.cc } } -Index: chromium-68.0.3440.17/cc/input/snap_fling_controller.cc +Index: chromium-69.0.3497.57/cc/input/snap_fling_controller.cc =================================================================== ---- chromium-68.0.3440.17.orig/cc/input/snap_fling_controller.cc -+++ chromium-68.0.3440.17/cc/input/snap_fling_controller.cc +--- chromium-69.0.3497.57.orig/cc/input/snap_fling_controller.cc ++++ chromium-69.0.3497.57/cc/input/snap_fling_controller.cc @@ -26,6 +26,8 @@ bool SnapFlingController::FilterEventFor case GestureScrollType::kEnd: { return state_ == State::kActive || state_ == State::kFinished; @@ -24,11 +24,11 @@ Index: chromium-68.0.3440.17/cc/input/snap_fling_controller.cc } } -Index: chromium-68.0.3440.17/chrome/browser/ui/webui/discards/discards_ui.cc +Index: chromium-69.0.3497.57/chrome/browser/ui/webui/discards/discards_ui.cc =================================================================== ---- chromium-68.0.3440.17.orig/chrome/browser/ui/webui/discards/discards_ui.cc -+++ chromium-68.0.3440.17/chrome/browser/ui/webui/discards/discards_ui.cc -@@ -44,6 +44,8 @@ mojom::LifecycleUnitVisibility GetLifecy +--- chromium-69.0.3497.57.orig/chrome/browser/ui/webui/discards/discards_ui.cc ++++ chromium-69.0.3497.57/chrome/browser/ui/webui/discards/discards_ui.cc +@@ -48,6 +48,8 @@ mojom::LifecycleUnitVisibility GetLifecy return mojom::LifecycleUnitVisibility::OCCLUDED; case content::Visibility::VISIBLE: return mojom::LifecycleUnitVisibility::VISIBLE; @@ -37,11 +37,11 @@ Index: chromium-68.0.3440.17/chrome/browser/ui/webui/discards/discards_ui.cc } #if defined(COMPILER_MSVC) NOTREACHED(); -Index: chromium-68.0.3440.17/components/autofill/core/browser/autofill_manager.cc +Index: chromium-69.0.3497.57/components/autofill/core/browser/autofill_manager.cc =================================================================== ---- chromium-68.0.3440.17.orig/components/autofill/core/browser/autofill_manager.cc -+++ chromium-68.0.3440.17/components/autofill/core/browser/autofill_manager.cc -@@ -303,6 +303,7 @@ PopupType AutofillManager::GetPopupType( +--- chromium-69.0.3497.57.orig/components/autofill/core/browser/autofill_manager.cc ++++ chromium-69.0.3497.57/components/autofill/core/browser/autofill_manager.cc +@@ -285,6 +285,7 @@ PopupType AutofillManager::GetPopupType( default: NOTREACHED(); @@ -49,10 +49,10 @@ Index: chromium-68.0.3440.17/components/autofill/core/browser/autofill_manager.c } } -Index: chromium-68.0.3440.17/components/cast_channel/cast_message_util.cc +Index: chromium-69.0.3497.57/components/cast_channel/cast_message_util.cc =================================================================== ---- chromium-68.0.3440.17.orig/components/cast_channel/cast_message_util.cc -+++ chromium-68.0.3440.17/components/cast_channel/cast_message_util.cc +--- chromium-69.0.3497.57.orig/components/cast_channel/cast_message_util.cc ++++ chromium-69.0.3497.57/components/cast_channel/cast_message_util.cc @@ -368,6 +368,8 @@ const char* GetAppAvailabilityResultToSt return "unavailable"; case GetAppAvailabilityResult::kUnknown: @@ -62,11 +62,11 @@ Index: chromium-68.0.3440.17/components/cast_channel/cast_message_util.cc } } -Index: chromium-68.0.3440.17/components/data_reduction_proxy/core/browser/data_reduction_proxy_util.cc +Index: chromium-69.0.3497.57/components/data_reduction_proxy/core/browser/data_reduction_proxy_util.cc =================================================================== ---- chromium-68.0.3440.17.orig/components/data_reduction_proxy/core/browser/data_reduction_proxy_util.cc -+++ chromium-68.0.3440.17/components/data_reduction_proxy/core/browser/data_reduction_proxy_util.cc -@@ -329,6 +329,8 @@ PageloadMetrics_ConnectionType ProtoConn +--- chromium-69.0.3497.57.orig/components/data_reduction_proxy/core/browser/data_reduction_proxy_util.cc ++++ chromium-69.0.3497.57/components/data_reduction_proxy/core/browser/data_reduction_proxy_util.cc +@@ -337,6 +337,8 @@ PageloadMetrics_ConnectionType ProtoConn return PageloadMetrics_ConnectionType_CONNECTION_NONE; case net::NetworkChangeNotifier::CONNECTION_BLUETOOTH: return PageloadMetrics_ConnectionType_CONNECTION_BLUETOOTH; @@ -75,10 +75,19 @@ Index: chromium-68.0.3440.17/components/data_reduction_proxy/core/browser/data_r } } -Index: chromium-68.0.3440.17/content/browser/cache_storage/cache_storage_quota_client.cc +@@ -351,6 +353,8 @@ RequestInfo_Protocol ProtoRequestInfoPro + return RequestInfo_Protocol_QUIC; + case DataReductionProxyData::RequestInfo::Protocol::UNKNOWN: + return RequestInfo_Protocol_UNKNOWN; ++ default: ++ return RequestInfo_Protocol_UNKNOWN; + } + } + +Index: chromium-69.0.3497.57/content/browser/cache_storage/cache_storage_quota_client.cc =================================================================== ---- chromium-68.0.3440.17.orig/content/browser/cache_storage/cache_storage_quota_client.cc -+++ chromium-68.0.3440.17/content/browser/cache_storage/cache_storage_quota_client.cc +--- chromium-69.0.3497.57.orig/content/browser/cache_storage/cache_storage_quota_client.cc ++++ chromium-69.0.3497.57/content/browser/cache_storage/cache_storage_quota_client.cc @@ -98,6 +98,8 @@ storage::QuotaClient::ID CacheStorageQuo return kServiceWorkerCache; case CacheStorageOwner::kBackgroundFetch: @@ -88,12 +97,12 @@ Index: chromium-68.0.3440.17/content/browser/cache_storage/cache_storage_quota_c } } -Index: chromium-68.0.3440.17/media/capture/video/video_capture_device_descriptor.cc +Index: chromium-69.0.3497.57/media/capture/video/video_capture_device_descriptor.cc =================================================================== ---- chromium-68.0.3440.17.orig/media/capture/video/video_capture_device_descriptor.cc -+++ chromium-68.0.3440.17/media/capture/video/video_capture_device_descriptor.cc -@@ -92,6 +92,8 @@ const char* VideoCaptureDeviceDescriptor - return "Camera API2 Limited"; +--- chromium-69.0.3497.57.orig/media/capture/video/video_capture_device_descriptor.cc ++++ chromium-69.0.3497.57/media/capture/video/video_capture_device_descriptor.cc +@@ -94,6 +94,8 @@ const char* VideoCaptureDeviceDescriptor + return "Virtual Device"; case VideoCaptureApi::UNKNOWN: return "Unknown"; + default: @@ -101,11 +110,11 @@ Index: chromium-68.0.3440.17/media/capture/video/video_capture_device_descriptor } } -Index: chromium-68.0.3440.17/net/nqe/network_quality_estimator.cc +Index: chromium-69.0.3497.57/net/nqe/network_quality_estimator.cc =================================================================== ---- chromium-68.0.3440.17.orig/net/nqe/network_quality_estimator.cc -+++ chromium-68.0.3440.17/net/nqe/network_quality_estimator.cc -@@ -1319,6 +1319,8 @@ base::TimeDelta NetworkQualityEstimator: +--- chromium-69.0.3497.57.orig/net/nqe/network_quality_estimator.cc ++++ chromium-69.0.3497.57/net/nqe/network_quality_estimator.cc +@@ -1342,6 +1342,8 @@ base::TimeDelta NetworkQualityEstimator: case nqe::internal::OBSERVATION_CATEGORY_COUNT: NOTREACHED(); return base::TimeDelta(); @@ -114,10 +123,10 @@ Index: chromium-68.0.3440.17/net/nqe/network_quality_estimator.cc } } -Index: chromium-68.0.3440.17/services/audio/public/cpp/audio_system_to_service_adapter.cc +Index: chromium-69.0.3497.57/services/audio/public/cpp/audio_system_to_service_adapter.cc =================================================================== ---- chromium-68.0.3440.17.orig/services/audio/public/cpp/audio_system_to_service_adapter.cc -+++ chromium-68.0.3440.17/services/audio/public/cpp/audio_system_to_service_adapter.cc +--- chromium-69.0.3497.57.orig/services/audio/public/cpp/audio_system_to_service_adapter.cc ++++ chromium-69.0.3497.57/services/audio/public/cpp/audio_system_to_service_adapter.cc @@ -66,6 +66,8 @@ const char* GetTraceEvent(Action action) return "AudioSystemToServiceAdapter::GetAssociatedOutputDeviceID"; case kGetInputDeviceInfo: @@ -127,11 +136,11 @@ Index: chromium-68.0.3440.17/services/audio/public/cpp/audio_system_to_service_a } NOTREACHED(); } -Index: chromium-68.0.3440.17/services/network/cross_origin_read_blocking.cc +Index: chromium-69.0.3497.57/services/network/cross_origin_read_blocking.cc =================================================================== ---- chromium-68.0.3440.17.orig/services/network/cross_origin_read_blocking.cc -+++ chromium-68.0.3440.17/services/network/cross_origin_read_blocking.cc -@@ -786,6 +786,8 @@ bool CrossOriginReadBlocking::ResponseAn +--- chromium-69.0.3497.57.orig/services/network/cross_origin_read_blocking.cc ++++ chromium-69.0.3497.57/services/network/cross_origin_read_blocking.cc +@@ -800,6 +800,8 @@ bool CrossOriginReadBlocking::ResponseAn return sniffers_.empty() && !found_blockable_content_; case kBlock: return false; @@ -140,7 +149,7 @@ Index: chromium-68.0.3440.17/services/network/cross_origin_read_blocking.cc } } -@@ -797,6 +799,8 @@ bool CrossOriginReadBlocking::ResponseAn +@@ -811,6 +813,8 @@ bool CrossOriginReadBlocking::ResponseAn return sniffers_.empty() && found_blockable_content_; case kBlock: return true; @@ -149,11 +158,11 @@ Index: chromium-68.0.3440.17/services/network/cross_origin_read_blocking.cc } } -Index: chromium-68.0.3440.17/third_party/blink/renderer/modules/accessibility/ax_layout_object.cc +Index: chromium-69.0.3497.57/third_party/blink/renderer/modules/accessibility/ax_layout_object.cc =================================================================== ---- chromium-68.0.3440.17.orig/third_party/blink/renderer/modules/accessibility/ax_layout_object.cc -+++ chromium-68.0.3440.17/third_party/blink/renderer/modules/accessibility/ax_layout_object.cc -@@ -1139,6 +1139,8 @@ AXTextPosition AXLayoutObject::GetTextPo +--- chromium-69.0.3497.57.orig/third_party/blink/renderer/modules/accessibility/ax_layout_object.cc ++++ chromium-69.0.3497.57/third_party/blink/renderer/modules/accessibility/ax_layout_object.cc +@@ -1191,6 +1191,8 @@ AXTextPosition AXLayoutObject::GetTextPo return kAXTextPositionSubscript; case EVerticalAlign::kSuper: return kAXTextPositionSuperscript; @@ -162,10 +171,10 @@ Index: chromium-68.0.3440.17/third_party/blink/renderer/modules/accessibility/ax } } -Index: chromium-68.0.3440.17/third_party/blink/renderer/modules/webaudio/audio_param.cc +Index: chromium-69.0.3497.57/third_party/blink/renderer/modules/webaudio/audio_param.cc =================================================================== ---- chromium-68.0.3440.17.orig/third_party/blink/renderer/modules/webaudio/audio_param.cc -+++ chromium-68.0.3440.17/third_party/blink/renderer/modules/webaudio/audio_param.cc +--- chromium-69.0.3497.57.orig/third_party/blink/renderer/modules/webaudio/audio_param.cc ++++ chromium-69.0.3497.57/third_party/blink/renderer/modules/webaudio/audio_param.cc @@ -144,6 +144,7 @@ String AudioParamHandler::GetParamName() return custom_param_name_; default: @@ -174,11 +183,11 @@ Index: chromium-68.0.3440.17/third_party/blink/renderer/modules/webaudio/audio_p } } -Index: chromium-68.0.3440.17/ui/accessibility/platform/ax_platform_node_auralinux.cc +Index: chromium-69.0.3497.57/ui/accessibility/platform/ax_platform_node_auralinux.cc =================================================================== ---- chromium-68.0.3440.17.orig/ui/accessibility/platform/ax_platform_node_auralinux.cc -+++ chromium-68.0.3440.17/ui/accessibility/platform/ax_platform_node_auralinux.cc -@@ -1288,6 +1288,8 @@ AtkRole AXPlatformNodeAuraLinux::GetAtkR +--- chromium-69.0.3497.57.orig/ui/accessibility/platform/ax_platform_node_auralinux.cc ++++ chromium-69.0.3497.57/ui/accessibility/platform/ax_platform_node_auralinux.cc +@@ -1291,6 +1291,8 @@ AtkRole AXPlatformNodeAuraLinux::GetAtkR case ax::mojom::Role::kPresentational: case ax::mojom::Role::kUnknown: return ATK_ROLE_REDUNDANT_OBJECT; @@ -187,3 +196,312 @@ Index: chromium-68.0.3440.17/ui/accessibility/platform/ax_platform_node_auralinu } } +Index: chromium-69.0.3497.57/chrome/browser/chrome_browser_main.cc +=================================================================== +--- chromium-69.0.3497.57.orig/chrome/browser/chrome_browser_main.cc ++++ chromium-69.0.3497.57/chrome/browser/chrome_browser_main.cc +@@ -769,6 +769,8 @@ bool WaitUntilMachineLevelUserCloudPolic + case RegisterResult::kQuitDueToFailure: + chrome::AttemptExit(); + return false; ++ default: ++ return true; + } + #else + return true; +Index: chromium-69.0.3497.57/chrome/browser/resource_coordinator/tab_lifecycle_unit.cc +=================================================================== +--- chromium-69.0.3497.57.orig/chrome/browser/resource_coordinator/tab_lifecycle_unit.cc ++++ chromium-69.0.3497.57/chrome/browser/resource_coordinator/tab_lifecycle_unit.cc +@@ -161,6 +161,7 @@ bool IsValidStateChange(LifecycleUnitSta + default: { return false; } + } + } ++ default: { return false; } + } + } + +@@ -172,6 +173,8 @@ StateChangeReason DiscardReasonToStateCh + return StateChangeReason::BROWSER_INITIATED; + case DiscardReason::kUrgent: + return StateChangeReason::SYSTEM_MEMORY_PRESSURE; ++ default: ++ return StateChangeReason::BROWSER_INITIATED; + } + } + +Index: chromium-69.0.3497.57/chrome/browser/ui/views/harmony/material_refresh_layout_provider.cc +=================================================================== +--- chromium-69.0.3497.57.orig/chrome/browser/ui/views/harmony/material_refresh_layout_provider.cc ++++ chromium-69.0.3497.57/chrome/browser/ui/views/harmony/material_refresh_layout_provider.cc +@@ -43,6 +43,8 @@ int MaterialRefreshLayoutProvider::GetCo + return 8; + case views::EMPHASIS_MAXIMUM: + return std::min(size.width(), size.height()) / 2; ++ default: ++ return 0; + } + } + +@@ -60,6 +62,8 @@ int MaterialRefreshLayoutProvider::GetSh + return 3; + case views::EMPHASIS_MAXIMUM: + return 16; ++ default: ++ return 0; + } + } + +Index: chromium-69.0.3497.57/components/password_manager/core/browser/browser_save_password_progress_logger.cc +=================================================================== +--- chromium-69.0.3497.57.orig/components/password_manager/core/browser/browser_save_password_progress_logger.cc ++++ chromium-69.0.3497.57/components/password_manager/core/browser/browser_save_password_progress_logger.cc +@@ -86,6 +86,8 @@ std::string VoteTypeToString( + return "HTML classifier"; + case AutofillUploadContents::Field::FIRST_USE: + return "First use"; ++ default: ++ return "No information"; + } + } + +Index: chromium-69.0.3497.57/components/policy/core/common/policy_proto_decoders.cc +=================================================================== +--- chromium-69.0.3497.57.orig/components/policy/core/common/policy_proto_decoders.cc ++++ chromium-69.0.3497.57/components/policy/core/common/policy_proto_decoders.cc +@@ -42,6 +42,8 @@ bool GetPolicyLevel(const AnyPolicyProto + return true; + case em::PolicyOptions::UNSET: + return false; ++ default: ++ return false; + } + } + +@@ -186,4 +188,4 @@ void DecodeProtoFields( + } + } + +-} // namespace policy +\ No newline at end of file ++} // namespace policy +Index: chromium-69.0.3497.57/components/previews/content/previews_hints.cc +=================================================================== +--- chromium-69.0.3497.57.orig/components/previews/content/previews_hints.cc ++++ chromium-69.0.3497.57/components/previews/content/previews_hints.cc +@@ -94,6 +94,8 @@ ConvertProtoOptimizationTypeToPreviewsOp + return PreviewsType::NOSCRIPT; + case optimization_guide::proto::RESOURCE_LOADING: + return PreviewsType::RESOURCE_LOADING_HINTS; ++ default: ++ return base::nullopt; + } + } + +Index: chromium-69.0.3497.57/components/previews/core/previews_black_list.cc +=================================================================== +--- chromium-69.0.3497.57.orig/components/previews/core/previews_black_list.cc ++++ chromium-69.0.3497.57/components/previews/core/previews_black_list.cc +@@ -33,6 +33,9 @@ PreviewsEligibilityReason BlacklistReaso + return PreviewsEligibilityReason::ALLOWED; + case blacklist::BlacklistReason::kAllowed: + return PreviewsEligibilityReason::ALLOWED; ++ default: ++ NOTREACHED() << "Previews does not support type-base blacklisting"; ++ return PreviewsEligibilityReason::ALLOWED; + } + } + +Index: chromium-69.0.3497.57/content/browser/frame_host/frame_tree_node.cc +=================================================================== +--- chromium-69.0.3497.57.orig/content/browser/frame_host/frame_tree_node.cc ++++ chromium-69.0.3497.57/content/browser/frame_host/frame_tree_node.cc +@@ -624,6 +624,7 @@ bool FrameTreeNode::UpdateUserActivation + return NotifyUserActivation(); + } + NOTREACHED() << "Invalid update_type."; ++ return false; + } + + void FrameTreeNode::OnSetHasReceivedUserGestureBeforeNavigation(bool value) { +Index: chromium-69.0.3497.57/content/renderer/input/input_event_prediction.cc +=================================================================== +--- chromium-69.0.3497.57.orig/content/renderer/input/input_event_prediction.cc ++++ chromium-69.0.3497.57/content/renderer/input/input_event_prediction.cc +@@ -76,6 +76,8 @@ std::unique_ptr Inpu + return std::make_unique(); + case PredictorType::kKalman: + return std::make_unique(); ++ default: ++ return std::make_unique(); + } + } + +Index: chromium-69.0.3497.57/content/renderer/media/webrtc/peer_connection_tracker.cc +=================================================================== +--- chromium-69.0.3497.57.orig/content/renderer/media/webrtc/peer_connection_tracker.cc ++++ chromium-69.0.3497.57/content/renderer/media/webrtc/peer_connection_tracker.cc +@@ -112,6 +112,8 @@ static const char* SerializeDirection( + return "'recvonly'"; + case webrtc::RtpTransceiverDirection::kInactive: + return "'inactive'"; ++ default: ++ return "'unknown'"; + } + } + +Index: chromium-69.0.3497.57/device/bluetooth/bluetooth_remote_gatt_characteristic.cc +=================================================================== +--- chromium-69.0.3497.57.orig/device/bluetooth/bluetooth_remote_gatt_characteristic.cc ++++ chromium-69.0.3497.57/device/bluetooth/bluetooth_remote_gatt_characteristic.cc +@@ -397,6 +397,8 @@ bool BluetoothRemoteGattCharacteristic:: + return hasNotify; + case NotificationType::kIndication: + return hasIndicate; ++ default: ++ return false; + } + } + +Index: chromium-69.0.3497.57/media/blink/watch_time_reporter.cc +=================================================================== +--- chromium-69.0.3497.57.orig/media/blink/watch_time_reporter.cc ++++ chromium-69.0.3497.57/media/blink/watch_time_reporter.cc +@@ -571,6 +571,8 @@ WatchTimeKey WatchTimeReporter::GetDispl + return DISPLAY_TYPE_KEY(DisplayFullscreen); + case DisplayType::kPictureInPicture: + return DISPLAY_TYPE_KEY(DisplayPictureInPicture); ++ default: ++ return DISPLAY_TYPE_KEY(DisplayInline); + } + } + +Index: chromium-69.0.3497.57/services/ui/public/cpp/gpu/command_buffer_metrics.cc +=================================================================== +--- chromium-69.0.3497.57.orig/services/ui/public/cpp/gpu/command_buffer_metrics.cc ++++ chromium-69.0.3497.57/services/ui/public/cpp/gpu/command_buffer_metrics.cc +@@ -86,6 +86,8 @@ std::string ContextTypeToString(ContextT + return "Unknown"; + case ContextType::FOR_TESTING: + return "ForTesting"; ++ default: ++ return "Unknown"; + } + } + +Index: chromium-69.0.3497.57/third_party/blink/renderer/core/css/style_environment_variables.cc +=================================================================== +--- chromium-69.0.3497.57.orig/third_party/blink/renderer/core/css/style_environment_variables.cc ++++ chromium-69.0.3497.57/third_party/blink/renderer/core/css/style_environment_variables.cc +@@ -67,6 +67,7 @@ const AtomicString StyleEnvironmentVaria + } + + NOTREACHED(); ++ return "unknown"; + } + + // static +Index: chromium-69.0.3497.57/third_party/blink/renderer/core/html/media/media_controls.cc +=================================================================== +--- chromium-69.0.3497.57.orig/third_party/blink/renderer/core/html/media/media_controls.cc ++++ chromium-69.0.3497.57/third_party/blink/renderer/core/html/media/media_controls.cc +@@ -36,6 +36,9 @@ AtomicString MediaControls::GetSizingCSS + return kMediaControlsSizingMediumCSSClass; + case MediaControlsSizingClass::kLarge: + return kMediaControlsSizingLargeCSSClass; ++ default: ++ NOTREACHED(); ++ return kMediaControlsSizingMediumCSSClass; + } + + NOTREACHED(); +Index: chromium-69.0.3497.57/third_party/blink/renderer/modules/cookie_store/cookie_change_event.cc +=================================================================== +--- chromium-69.0.3497.57.orig/third_party/blink/renderer/modules/cookie_store/cookie_change_event.cc ++++ chromium-69.0.3497.57/third_party/blink/renderer/modules/cookie_store/cookie_change_event.cc +@@ -53,6 +53,9 @@ String ToCookieListItemSameSite(network: + return "lax"; + case network::mojom::CookieSameSite::NO_RESTRICTION: + return "unrestricted"; ++ default: ++ NOTREACHED(); ++ return "unknown"; + } + + NOTREACHED(); +Index: chromium-69.0.3497.57/third_party/blink/renderer/modules/peerconnection/rtc_rtp_transceiver.cc +=================================================================== +--- chromium-69.0.3497.57.orig/third_party/blink/renderer/modules/peerconnection/rtc_rtp_transceiver.cc ++++ chromium-69.0.3497.57/third_party/blink/renderer/modules/peerconnection/rtc_rtp_transceiver.cc +@@ -28,6 +28,8 @@ String TransceiverDirectionToString( + return "recvonly"; + case webrtc::RtpTransceiverDirection::kInactive: + return "inactive"; ++ default: ++ return "unknown"; + } + } + +Index: chromium-69.0.3497.57/third_party/blink/renderer/platform/heap/heap_stats_collector.h +=================================================================== +--- chromium-69.0.3497.57.orig/third_party/blink/renderer/platform/heap/heap_stats_collector.h ++++ chromium-69.0.3497.57/third_party/blink/renderer/platform/heap/heap_stats_collector.h +@@ -94,6 +94,8 @@ class PLATFORM_EXPORT ThreadHeapStatsCol + return "BlinkGC.VisitPersistents"; + case Id::kVisitStackRoots: + return "BlinkGC.VisitStackRoots"; ++ default: ++ return "BlinkGC.Unknown"; + } + } + +Index: chromium-69.0.3497.57/third_party/blink/renderer/platform/scheduler/main_thread/page_scheduler_impl.cc +=================================================================== +--- chromium-69.0.3497.57.orig/third_party/blink/renderer/platform/scheduler/main_thread/page_scheduler_impl.cc ++++ chromium-69.0.3497.57/third_party/blink/renderer/platform/scheduler/main_thread/page_scheduler_impl.cc +@@ -670,6 +670,9 @@ PageSchedulerImpl::PageLifecycleStateTra + NOTREACHED(); + return base::nullopt; + } ++ default: ++ NOTREACHED(); ++ return base::nullopt; + } + } + +Index: chromium-69.0.3497.57/ui/base/mojo/clipboard_struct_traits.h +=================================================================== +--- chromium-69.0.3497.57.orig/ui/base/mojo/clipboard_struct_traits.h ++++ chromium-69.0.3497.57/ui/base/mojo/clipboard_struct_traits.h +@@ -20,6 +20,9 @@ struct EnumTraitsfTextSize = SkIntToScalar(1 << 14); } @@ -59,7 +59,7 @@ SkPaint::Hinting h = rec->getHinting(); if (SkPaint::kFull_Hinting == h && !isLCD(*rec)) { // collapse full->normal hinting if we're not doing LCD -@@ -1115,11 +1092,11 @@ +@@ -1109,11 +1087,11 @@ void SkScalerContext_FreeType::updateGlyphIfLCD(SkGlyph* glyph) { if (isLCD(fRec)) { if (fLCDIsVert) { diff --git a/chromium-system-icu.patch b/chromium-system-icu.patch new file mode 100644 index 0000000..f562f21 --- /dev/null +++ b/chromium-system-icu.patch @@ -0,0 +1,11 @@ +--- chromium-70.0.3521.2.old/third_party/blink/renderer/platform/text/character_property_data_generator.h 2018-08-15 12:41:21.091987662 +0200 ++++ chromium-70.0.3521.2/third_party/blink/renderer/platform/text/character_property_data_generator.h 2018-08-17 12:37:45.459538308 +0200 +@@ -247,7 +247,7 @@ + 0xFFA0, 0xFFDC, + }; + +-static const UChar32 kIsHangulArray[] = {}; ++static const UChar32 kIsHangulArray[] = {0xFFDC,}; + + } // namespace blink + diff --git a/chromium-vaapi.patch b/chromium-vaapi.patch index de93cc6..c576c3e 100644 --- a/chromium-vaapi.patch +++ b/chromium-vaapi.patch @@ -40,7 +40,7 @@ Index: dev/chrome/browser/about_flags.cc =================================================================== --- dev.orig/chrome/browser/about_flags.cc +++ dev/chrome/browser/about_flags.cc -@@ -1557,6 +1557,13 @@ const FeatureEntry kFeatureEntries[] = { +@@ -1612,6 +1612,13 @@ const FeatureEntry kFeatureEntries[] = { flag_descriptions::kShowTouchHudDescription, kOsCrOS, SINGLE_VALUE_TYPE(ash::switches::kAshTouchHud)}, #endif // OS_CHROMEOS @@ -54,7 +54,7 @@ Index: dev/chrome/browser/about_flags.cc { "disable-accelerated-video-decode", flag_descriptions::kAcceleratedVideoDecodeName, -@@ -1564,6 +1571,7 @@ const FeatureEntry kFeatureEntries[] = { +@@ -1619,6 +1626,7 @@ const FeatureEntry kFeatureEntries[] = { kOsMac | kOsWin | kOsCrOS | kOsAndroid, SINGLE_DISABLE_VALUE_TYPE(switches::kDisableAcceleratedVideoDecode), }, @@ -62,7 +62,7 @@ Index: dev/chrome/browser/about_flags.cc #if defined(OS_WIN) {"enable-hdr", flag_descriptions::kEnableHDRName, flag_descriptions::kEnableHDRDescription, kOsWin, -@@ -2234,12 +2242,17 @@ const FeatureEntry kFeatureEntries[] = { +@@ -2291,12 +2299,17 @@ const FeatureEntry kFeatureEntries[] = { FEATURE_VALUE_TYPE(features::kOpenVR)}, #endif // ENABLE_OPENVR #endif // ENABLE_VR @@ -126,7 +126,7 @@ Index: dev/chrome/browser/flag_descriptions.cc const char kAcceleratedVideoDecodeName[] = "Hardware-accelerated video decode"; const char kAcceleratedVideoDecodeDescription[] = "Hardware-accelerated video decode where available."; -@@ -2647,7 +2654,7 @@ const char kTabStripKeyboardFocusDescrip +@@ -2892,7 +2899,7 @@ const char kTabStripKeyboardFocusDescrip // Chrome OS ------------------------------------------------------------------- @@ -135,9 +135,9 @@ Index: dev/chrome/browser/flag_descriptions.cc const char kAcceleratedMjpegDecodeName[] = "Hardware-accelerated mjpeg decode for captured frame"; -@@ -3110,7 +3117,7 @@ const char kZipArchiverUnpackerName[] = - const char kZipArchiverUnpackerDescription[] = - "Enable or disable the ability to unpack archives in incognito mode"; +@@ -3407,7 +3414,7 @@ extern const char kEnableContinueReading + "seamlessly continue reading a web page when they switch devices from " + "phones or tablets to Chromebooks."; -#endif // defined(OS_CHROMEOS) +#endif // defined(OS_CHROMEOS) || BUILDFLAG(USE_VAAPI) @@ -159,7 +159,7 @@ Index: dev/chrome/browser/flag_descriptions.h extern const char kAcceleratedVideoDecodeName[]; extern const char kAcceleratedVideoDecodeDescription[]; -@@ -1621,13 +1625,17 @@ extern const char kPermissionPromptPersi +@@ -1762,13 +1766,17 @@ extern const char kPermissionPromptPersi #endif // defined(OS_MACOSX) @@ -200,7 +200,7 @@ Index: dev/content/browser/renderer_host/media/video_capture_browsertest.cc =================================================================== --- dev.orig/content/browser/renderer_host/media/video_capture_browsertest.cc +++ dev/content/browser/renderer_host/media/video_capture_browsertest.cc -@@ -163,8 +163,13 @@ class VideoCaptureBrowserTest : public C +@@ -165,8 +165,13 @@ class VideoCaptureBrowserTest : public C base::CommandLine::ForCurrentProcess()->AppendSwitch( switches::kUseFakeJpegDecodeAccelerator); } else { @@ -214,41 +214,11 @@ Index: dev/content/browser/renderer_host/media/video_capture_browsertest.cc } } -Index: dev/content/browser/renderer_host/media/video_capture_gpu_jpeg_decoder.cc -=================================================================== ---- dev.orig/content/browser/renderer_host/media/video_capture_gpu_jpeg_decoder.cc -+++ dev/content/browser/renderer_host/media/video_capture_gpu_jpeg_decoder.cc -@@ -66,15 +66,21 @@ void VideoCaptureGpuJpegDecoder::Initial - bool is_platform_supported = - base::CommandLine::ForCurrentProcess()->HasSwitch( - switches::kUseFakeJpegDecodeAccelerator); --#if defined(OS_CHROMEOS) -- // Non-ChromeOS platforms do not support HW JPEG decode now. Do not establish -- // gpu channel to avoid introducing overhead. -+#if !defined(OS_ANDROID) && defined(OS_LINUX) -+ // Non-ChromeOS or Non-Linux platforms do not support HW JPEG decode now. Do -+ // not establish gpu channel to avoid introducing overhead. - is_platform_supported = true; - #endif - - if (!is_platform_supported || -+#if defined(OS_LINUX) && !defined(OS_CHROMEOS) && !defined(OS_ANDROID) -+ !base::CommandLine::ForCurrentProcess()->HasSwitch( -+ switches::kEnableAcceleratedMjpegDecode) -+#else - base::CommandLine::ForCurrentProcess()->HasSwitch( -- switches::kDisableAcceleratedMjpegDecode)) { -+ switches::kDisableAcceleratedMjpegDecode) -+#endif -+ ) { - decoder_status_ = FAILED; - RecordInitDecodeUMA_Locked(); - return; Index: dev/content/browser/renderer_host/render_process_host_impl.cc =================================================================== --- dev.orig/content/browser/renderer_host/render_process_host_impl.cc +++ dev/content/browser/renderer_host/render_process_host_impl.cc -@@ -2659,7 +2659,11 @@ void RenderProcessHostImpl::PropagateBro +@@ -2724,7 +2724,11 @@ void RenderProcessHostImpl::PropagateBro switches::kDefaultTileHeight, switches::kDisable2dCanvasImageChromium, switches::kDisableAcceleratedJpegDecoding, @@ -298,7 +268,7 @@ Index: dev/content/gpu/BUILD.gn deps = [ "//base", "//base/third_party/dynamic_annotations", -@@ -134,4 +134,8 @@ target(link_target_type, "gpu_sources") +@@ -133,4 +133,8 @@ target(link_target_type, "gpu_sources") (!is_chromecast || is_cast_desktop_build)) { configs += [ "//build/config/linux/dri" ] } @@ -311,7 +281,7 @@ Index: dev/content/gpu/gpu_main.cc =================================================================== --- dev.orig/content/gpu/gpu_main.cc +++ dev/content/gpu/gpu_main.cc -@@ -286,7 +286,7 @@ int GpuMain(const MainFunctionParams& pa +@@ -284,7 +284,7 @@ int GpuMain(const MainFunctionParams& pa base::PlatformThread::SetName("CrGpuMain"); @@ -320,7 +290,7 @@ Index: dev/content/gpu/gpu_main.cc // Set thread priority before sandbox initialization. base::PlatformThread::SetCurrentThreadPriority(base::ThreadPriority::DISPLAY); #endif -@@ -315,7 +315,7 @@ int GpuMain(const MainFunctionParams& pa +@@ -317,7 +317,7 @@ int GpuMain(const MainFunctionParams& pa GetContentClient()->SetGpuInfo(gpu_init->gpu_info()); base::ThreadPriority io_thread_priority = base::ThreadPriority::NORMAL; @@ -333,7 +303,7 @@ Index: dev/content/public/browser/gpu_utils.cc =================================================================== --- dev.orig/content/public/browser/gpu_utils.cc +++ dev/content/public/browser/gpu_utils.cc -@@ -58,9 +58,17 @@ const gpu::GpuPreferences GetGpuPreferen +@@ -57,9 +57,17 @@ const gpu::GpuPreferences GetGpuPreferen gpu_preferences.in_process_gpu = command_line->HasSwitch(switches::kInProcessGPU); gpu_preferences.disable_accelerated_video_decode = @@ -355,20 +325,9 @@ Index: dev/content/public/common/content_switches.cc =================================================================== --- dev.orig/content/public/common/content_switches.cc +++ dev/content/public/common/content_switches.cc -@@ -78,12 +78,21 @@ const char kDisable3DAPIs[] - +@@ -79,6 +79,11 @@ const char kDisable3DAPIs[] // Disable gpu-accelerated 2d canvas. const char kDisableAccelerated2dCanvas[] = "disable-accelerated-2d-canvas"; -- -+#if defined(OS_LINUX) && !defined(OS_CHROMEOS) -+// Enable hardware accelerated mjpeg decode on linux -+const char kEnableAcceleratedMjpegDecode[] = "enable-accelerated-mjpeg-decode"; -+#else - // Disable hardware acceleration of mjpeg decode for captured frame, where - // available. - const char kDisableAcceleratedMjpegDecode[] = - "disable-accelerated-mjpeg-decode"; -+#endif +#if defined(OS_LINUX) +// Enables hardware acceleration of video for Linux only. VA-API driver @@ -382,47 +341,33 @@ Index: dev/content/public/common/content_switches.h =================================================================== --- dev.orig/content/public/common/content_switches.h +++ dev/content/public/common/content_switches.h -@@ -33,7 +33,11 @@ CONTENT_EXPORT extern const char kDisabl - CONTENT_EXPORT extern const char kDisable3DAPIs[]; - CONTENT_EXPORT extern const char kDisableAccelerated2dCanvas[]; - CONTENT_EXPORT extern const char kDisableAcceleratedJpegDecoding[]; -+#if defined(OS_LINUX) && !defined(OS_CHROMEOS) -+CONTENT_EXPORT extern const char kEnableAcceleratedMjpegDecode[]; -+#else - CONTENT_EXPORT extern const char kDisableAcceleratedMjpegDecode[]; -+#endif - CONTENT_EXPORT extern const char kDisableAcceleratedVideoDecode[]; - CONTENT_EXPORT extern const char kDisableAcceleratedVideoEncode[]; - CONTENT_EXPORT extern const char kDisableAudioSupportForDesktopShare[]; -@@ -105,6 +109,9 @@ CONTENT_EXPORT extern const char kDisabl +@@ -104,6 +104,9 @@ CONTENT_EXPORT extern const char kDisabl CONTENT_EXPORT extern const char kDomAutomationController[]; extern const char kDisable2dCanvasClipAntialiasing[]; CONTENT_EXPORT extern const char kDumpBlinkRuntimeCallStats[]; +#if defined(OS_LINUX) && !defined(OS_CHROMEOS) && !defined(OS_ANDROID) +CONTENT_EXPORT extern const char kEnableAcceleratedVideo[]; +#endif + CONTENT_EXPORT extern const char kEnableAccessibilityObjectModel[]; CONTENT_EXPORT extern const char kEnableAggressiveDOMStorageFlushing[]; CONTENT_EXPORT extern const char kEnableAutomation[]; - CONTENT_EXPORT extern const char kEnablePreferCompositingToLCDText[]; Index: dev/content/renderer/media/webrtc/peer_connection_dependency_factory.cc =================================================================== --- dev.orig/content/renderer/media/webrtc/peer_connection_dependency_factory.cc +++ dev/content/renderer/media/webrtc/peer_connection_dependency_factory.cc -@@ -276,10 +276,20 @@ void PeerConnectionDependencyFactory::In +@@ -276,10 +276,18 @@ void PeerConnectionDependencyFactory::In const base::CommandLine* cmd_line = base::CommandLine::ForCurrentProcess(); if (gpu_factories && gpu_factories->IsGpuVideoAcceleratorEnabled()) { +#if defined(OS_LINUX) && !defined(OS_CHROMEOS) -+ if (!cmd_line->HasSwitch(switches::kDisableWebRtcHWDecoding) && -+ cmd_line->HasSwitch(switches::kEnableAcceleratedVideo)) ++ if (cmd_line->HasSwitch(switches::kEnableAcceleratedVideo)) +#else if (!cmd_line->HasSwitch(switches::kDisableWebRtcHWDecoding)) +#endif decoder_factory.reset(new RTCVideoDecoderFactory(gpu_factories)); +#if defined(OS_LINUX) && !defined(OS_CHROMEOS) -+ if (!cmd_line->HasSwitch(switches::kDisableWebRtcHWEncoding) && -+ cmd_line->HasSwitch(switches::kEnableAcceleratedVideo)) ++ if (cmd_line->HasSwitch(switches::kEnableAcceleratedVideo)) +#else if (!cmd_line->HasSwitch(switches::kDisableWebRtcHWEncoding)) +#endif @@ -433,7 +378,7 @@ Index: dev/content/renderer/render_thread_impl.cc =================================================================== --- dev.orig/content/renderer/render_thread_impl.cc +++ dev/content/renderer/render_thread_impl.cc -@@ -1480,7 +1480,11 @@ media::GpuVideoAcceleratorFactories* Ren +@@ -1441,7 +1441,11 @@ media::GpuVideoAcceleratorFactories* Ren kGpuStreamIdMedia, kGpuStreamPriorityMedia); const bool enable_video_accelerator = @@ -492,7 +437,7 @@ Index: dev/media/gpu/BUILD.gn =================================================================== --- dev.orig/media/gpu/BUILD.gn +++ dev/media/gpu/BUILD.gn -@@ -500,6 +500,12 @@ if (use_v4l2_codec || use_vaapi || is_ma +@@ -495,6 +495,12 @@ if (use_v4l2_codec || use_vaapi || is_ma } } @@ -505,7 +450,7 @@ Index: dev/media/gpu/BUILD.gn if (use_vaapi) { test("jpeg_encode_accelerator_unittest") { deps = [ -@@ -558,6 +564,7 @@ if (use_v4l2_codec || use_vaapi) { +@@ -559,6 +565,7 @@ if (use_v4l2_codec || use_vaapi) { if (use_ozone) { deps += [ "//ui/ozone" ] } @@ -529,6 +474,15 @@ Index: dev/media/gpu/vaapi/vaapi_wrapper.cc =================================================================== --- dev.orig/media/gpu/vaapi/vaapi_wrapper.cc +++ dev/media/gpu/vaapi/vaapi_wrapper.cc +@@ -332,7 +332,7 @@ bool VADisplayState::InitializeOnce() { + DVLOG(1) << "VAAPI version: " << major_version << "." << minor_version << " " + << va_vendor_string_; + +- if (major_version != VA_MAJOR_VERSION || minor_version != VA_MINOR_VERSION) { ++ if (major_version != VA_MAJOR_VERSION) { + LOG(ERROR) << "This build of Chromium requires VA-API version " + << VA_MAJOR_VERSION << "." << VA_MINOR_VERSION + << ", system version: " << major_version << "." << minor_version; @@ -861,7 +861,11 @@ scoped_refptr VaapiWrapper::C } va_attrib_extbuf.num_planes = num_planes; @@ -545,16 +499,16 @@ Index: dev/components/viz/service/main/viz_main_impl.cc =================================================================== --- dev.orig/components/viz/service/main/viz_main_impl.cc +++ dev/components/viz/service/main/viz_main_impl.cc -@@ -46,7 +46,7 @@ std::unique_ptr CreateAndS - auto thread = std::make_unique("VizCompositorThread"); - base::Thread::Options thread_options; - thread_options.message_loop_type = base::MessageLoop::TYPE_DEFAULT; --#if defined(OS_ANDROID) || defined(OS_CHROMEOS) +@@ -62,7 +62,7 @@ std::unique_ptrStartWithOptions(thread_options)); -@@ -58,7 +58,7 @@ std::unique_ptr CreateAndS +@@ -75,7 +75,7 @@ std::unique_ptr CreateAndS // It should be possible to use |main_task_runner_| for doing IO tasks. base::Thread::Options thread_options(base::MessageLoop::TYPE_IO, 0); thread_options.priority = base::ThreadPriority::NORMAL; @@ -567,7 +521,7 @@ Index: dev/content/browser/renderer_host/render_view_host_impl.cc =================================================================== --- dev.orig/content/browser/renderer_host/render_view_host_impl.cc +++ dev/content/browser/renderer_host/render_view_host_impl.cc -@@ -442,7 +442,11 @@ WebPreferences RenderViewHostImpl::Compu +@@ -463,7 +463,11 @@ WebPreferences RenderViewHostImpl::Compu prefs.save_previous_document_resources = GetSavePreviousDocumentResources(); prefs.accelerated_video_decode_enabled = @@ -579,3 +533,93 @@ Index: dev/content/browser/renderer_host/render_view_host_impl.cc std::string autoplay_policy = media::GetEffectiveAutoplayPolicy(command_line); if (autoplay_policy == switches::autoplay::kNoUserGestureRequiredPolicy) { +Index: dev/media/base/media_switches.cc +=================================================================== +--- dev.orig/media/base/media_switches.cc ++++ dev/media/base/media_switches.cc +@@ -117,10 +117,16 @@ const char kUseFileForFakeAudioCapture[] + // accelerator hardware to be present. + const char kUseFakeJpegDecodeAccelerator[] = "use-fake-jpeg-decode-accelerator"; + ++#if defined(OS_LINUX) && !defined(OS_CHROMEOS) && !defined(OS_ANDROID) ++// Enable hardware acceleration of mjpeg decode on Linux ++const char kEnableAcceleratedMjpegDecode[] = ++ "enable-accelerated-mjpeg-decode"; ++#else + // Disable hardware acceleration of mjpeg decode for captured frame, where + // available. + const char kDisableAcceleratedMjpegDecode[] = + "disable-accelerated-mjpeg-decode"; ++#endif + + // When running tests on a system without the required hardware or libraries, + // this flag will cause the tests to fail. Otherwise, they silently succeed. +@@ -462,15 +468,22 @@ const base::Feature kPreloadMediaEngagem + #endif + + bool IsVideoCaptureAcceleratedJpegDecodingEnabled() { ++#if defined(OS_LINUX) && !defined(OS_CHROMEOS) && !defined(OS_ANDROID) ++ if (!base::CommandLine::ForCurrentProcess()->HasSwitch( ++ switches::kEnableAcceleratedMjpegDecode)) { ++ return false; ++ } ++#else + if (base::CommandLine::ForCurrentProcess()->HasSwitch( + switches::kDisableAcceleratedMjpegDecode)) { + return false; + } ++#endif + if (base::CommandLine::ForCurrentProcess()->HasSwitch( + switches::kUseFakeJpegDecodeAccelerator)) { + return true; + } +-#if defined(OS_CHROMEOS) ++#if defined(OS_LINUX) + return true; + #endif + return false; +Index: dev/media/base/media_switches.h +=================================================================== +--- dev.orig/media/base/media_switches.h ++++ dev/media/base/media_switches.h +@@ -66,7 +66,11 @@ MEDIA_EXPORT extern const char kUseFakeD + MEDIA_EXPORT extern const char kUseFileForFakeVideoCapture[]; + MEDIA_EXPORT extern const char kUseFileForFakeAudioCapture[]; + MEDIA_EXPORT extern const char kUseFakeJpegDecodeAccelerator[]; ++#if defined(OS_LINUX) && !defined(OS_CHROMEOS) && !defined(OS_ANDROID) ++MEDIA_EXPORT extern const char kEnableAcceleratedMjpegDecode[]; ++#else + MEDIA_EXPORT extern const char kDisableAcceleratedMjpegDecode[]; ++#endif + + MEDIA_EXPORT extern const char kRequireAudioHardwareForTesting[]; + MEDIA_EXPORT extern const char kMuteAudio[]; +Index: dev/content/browser/utility_process_host.cc +=================================================================== +--- dev.orig/content/browser/utility_process_host.cc ++++ dev/content/browser/utility_process_host.cc +@@ -296,7 +296,11 @@ bool UtilityProcessHost::StartProcess() + switches::kOverrideUseSoftwareGLForTests, + switches::kOverrideEnabledCdmInterfaceVersion, + switches::kProxyServer, ++#if defined(OS_LINUX) && !defined(OS_CHROMEOS) && !defined(OS_ANDROID) ++ switches::kEnableAcceleratedMjpegDecode, ++#else + switches::kDisableAcceleratedMjpegDecode, ++#endif + switches::kUseFakeDeviceForMediaStream, + switches::kUseFakeJpegDecodeAccelerator, + switches::kUseFileForFakeVideoCapture, +Index: dev/media/gpu/vaapi/vaapi_jpeg_decode_accelerator.cc +=================================================================== +--- dev.orig/media/gpu/vaapi/vaapi_jpeg_decode_accelerator.cc ++++ dev/media/gpu/vaapi/vaapi_jpeg_decode_accelerator.cc +@@ -174,7 +174,7 @@ bool VaapiJpegDecodeAccelerator::OutputP + + VAImage image = {}; + VAImageFormat format = {}; +- format.fourcc = VA_FOURCC_I420; ++ format.fourcc = libyuv::FOURCC_I420; + format.byte_order = VA_LSB_FIRST; + format.bits_per_pixel = 12; // 12 for I420 + diff --git a/chromium-warnings.patch b/chromium-warnings.patch new file mode 100644 index 0000000..04d637f --- /dev/null +++ b/chromium-warnings.patch @@ -0,0 +1,14 @@ +--- chromium-67.0.3396.87/build/config/compiler/BUILD.gn.orig 2018-06-16 13:57:27.583106343 +0200 ++++ chromium-67.0.3396.87/build/config/compiler/BUILD.gn 2018-06-16 14:24:26.713631391 +0200 +@@ -1325,6 +1325,11 @@ + # comments + # https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61638 + cflags += [ "-Wno-comments" ] ++ ++ # too many warnings ++ cflags += [ "-Wno-class-memaccess" ] ++ cflags += [ "-Wno-packed-not-aligned" ] ++ cflags += [ "-Wno-int-in-bool-context" ] + } + } + diff --git a/chromium.changes b/chromium.changes index 699467c..07189c8 100644 --- a/chromium.changes +++ b/chromium.changes @@ -1,361 +1,206 @@ ------------------------------------------------------------------- -Wed Aug 8 21:14:43 UTC 2018 - tchvatal@suse.com +Thu Aug 30 07:42:25 UTC 2018 - tchvatal@suse.com -- Update to chromium-68.0.3440.106: - * Various feature fixes +- Up to 69.0.3497.72 ------------------------------------------------------------------- -Wed Aug 1 10:12:25 UTC 2018 - tchvatal@suse.com +Tue Aug 28 08:12:29 UTC 2018 - tchvatal@suse.com -- Version update to 68.0.3440.84: - * Various small feature fixes only +- Version update to 69.0.3497.57 ------------------------------------------------------------------- -Wed Jul 25 15:56:24 UTC 2018 - guillaume.gardet@opensuse.org +Fri Aug 17 08:08:04 UTC 2018 - tchvatal@suse.com + +- Up to 69.0.3497.42 + +------------------------------------------------------------------- +Fri Aug 10 07:41:44 UTC 2018 - tchvatal@suse.com + +- Up to 69.0.3497.32 + +------------------------------------------------------------------- +Thu Aug 2 09:48:34 UTC 2018 - tchvatal@suse.com + +- Up to 69.0.3497.23 + +------------------------------------------------------------------- +Fri Jul 27 13:11:50 UTC 2018 - tchvatal@suse.com + +- Up to chromium-69.0.3497.12 + +------------------------------------------------------------------- +Thu Jul 26 12:29:53 UTC 2018 - guillaume.gardet@opensuse.org - Add patch to fix aarch64 build: - * chromium-vpx-aarch64.patch + * chromium-vpx-aarch64.patch ------------------------------------------------------------------- -Wed Jul 25 14:29:16 UTC 2018 - tchvatal@suse.com +Wed Jul 25 14:10:47 UTC 2018 - tchvatal@suse.com -- Add patch trying to build chromium on Leap 42.3: - * chromium-gcc7.patch +- Up to 69.0.3493.3 ------------------------------------------------------------------- -Wed Jul 25 13:08:17 UTC 2018 - tchvatal@suse.com +Mon Jul 16 14:47:54 UTC 2018 - tchvatal@suse.com -- Raise libvpx requirement to match what we really need +- Up to 69.0.3486.0 ------------------------------------------------------------------- -Wed Jul 25 09:53:23 UTC 2018 - tchvatal@suse.com +Fri Jun 29 09:03:46 UTC 2018 - tchvatal@suse.com -- Version update to 68.0.3440.75 bsc#1102530: - * CVE-2018-6153: Stack buffer overflow in Skia. - * CVE-2018-6154: Heap buffer overflow in WebGL. - * CVE-2018-6155: Use after free in WebRTC. - * CVE-2018-6156: Heap buffer overflow in WebRTC. - * CVE-2018-6157: Type confusion in WebRTC. - * CVE-2018-6158: Use after free in Blink. - * CVE-2018-6159: Same origin policy bypass in ServiceWorker. - * CVE-2018-6160: URL spoof in Chrome on iOS. - * CVE-2018-6161: Same origin policy bypass in WebAudio. - * CVE-2018-6162: Heap buffer overflow in WebGL. - * CVE-2018-6163: URL spoof in Omnibox. - * CVE-2018-6164: Same origin policy bypass in ServiceWorker. - * CVE-2018-6165: URL spoof in Omnibox. - * CVE-2018-6166: URL spoof in Omnibox. - * CVE-2018-6167: URL spoof in Omnibox. - * CVE-2018-6168: CORS bypass in Blink. - * CVE-2018-6169: Permissions bypass in extension installation. - * CVE-2018-6170: Type confusion in PDFium. - * CVE-2018-6171: Use after free in WebBluetooth. - * CVE-2018-6172: URL spoof in Omnibox. - * CVE-2018-6173: URL spoof in Omnibox. - * CVE-2018-6174: Integer overflow in SwiftShader. - * CVE-2018-6175: URL spoof in Omnibox. - * CVE-2018-6176: Local user privilege escalation in Extensions. - * CVE-2018-6177: Cross origin information leak in Blink. - * CVE-2018-6178: UI spoof in Extensions. - * CVE-2018-6179: Local file information leak in Extensions. - * CVE-2018-6044: Request privilege escalation in Extensions. - * CVE-2018-4117: Cross origin information leak in Blink. -- Rebase patches: - * chromium-master-prefs-path.patch - * chromium-non-void-return.patch - * chromium-vaapi.patch -- Add patches: - * chromium-cors-string.patch - * chromium-gcc.patch - * chromium-libjpeg.patch - * chromium-libwebp-shim.patch -- Remove patches: - * chromium-gcc8.patch +- Up to 69.0.3472.3 ------------------------------------------------------------------- -Tue Jul 10 11:40:21 UTC 2018 - tchvatal@suse.com +Sun Jun 10 09:52:42 UTC 2018 - tchvatal@suse.com -- Version update to 67.0.3396.99: - * Various small feature fixes, no security +- Up to 69.0.3452.0 ------------------------------------------------------------------- -Fri Jun 15 19:51:32 UTC 2018 - tchvatal@suse.com +Sun Jun 10 09:24:57 UTC 2018 - tchvatal@suse.com -- Add patch to build under gcc8: - * chromium-gcc8.patch +- Up to 68.0.3440.17 ------------------------------------------------------------------- -Wed Jun 13 09:26:43 UTC 2018 - security@suse.com +Mon May 28 10:33:56 UTC 2018 - tchvatal@suse.com -- Chromium 67.0.3396.87: - * CVE-2018-6149: Out of bounds write in V8 (boo#1097452) +- Up to 68.0.3438.3 ------------------------------------------------------------------- -Thu Jun 7 12:23:26 UTC 2018 - astieger@suse.com +Fri May 18 14:06:56 UTC 2018 - tchvatal@suse.com -- Chromium 67.0.3396.79: - * CVE-2018-6148: Incorrect handling of CSP header (boo#1096508) +- Up to 68.0.3432.3 ------------------------------------------------------------------- -Fri Jun 1 17:45:46 UTC 2018 - tchvatal@suse.com +Tue May 15 13:53:14 UTC 2018 - guillaume.gardet@opensuse.org -- Require ffmpeg >= 4.0 bsc#1095545 +- Fix AArch64 build with chromium-crashpad-aarch64-fix.patch ------------------------------------------------------------------- -Wed May 30 11:18:13 UTC 2018 - tchvatal@suse.com +Wed May 9 09:11:46 UTC 2018 - tchvatal@suse.com -- Update to 67.0.3396.62 bsc#1095163 - * CVE-2018-6123: Use after free in Blink. - * CVE-2018-6124: Type confusion in Blink. - * CVE-2018-6125: Overly permissive policy in WebUSB. - * CVE-2018-6126: Heap buffer overflow in Skia. - * CVE-2018-6127: Use after free in indexedDB. - * CVE-2018-6128: uXSS in Chrome on iOS. - * CVE-2018-6129: Out of bounds memory access in WebRTC. - * CVE-2018-6130: Out of bounds memory access in WebRTC. - * CVE-2018-6131: Incorrect mutability protection in WebAssembly. - * CVE-2018-6132: Use of uninitialized memory in WebRTC. - * CVE-2018-6133: URL spoof in Omnibox. - * CVE-2018-6134: Referrer Policy bypass in Blink. - * CVE-2018-6135: UI spoofing in Blink. - * CVE-2018-6136: Out of bounds memory access in V8. - * CVE-2018-6137: Leak of visited status of page in Blink. - * CVE-2018-6138: Overly permissive policy in Extensions. - * CVE-2018-6139: Restrictions bypass in the debugger extension API. - * CVE-2018-6140: Restrictions bypass in the debugger extension API. - * CVE-2018-6141: Heap buffer overflow in Skia. - * CVE-2018-6142: Out of bounds memory access in V8. - * CVE-2018-6143: Out of bounds memory access in V8. - * CVE-2018-6144: Out of bounds memory access in PDFium. - * CVE-2018-6145: Incorrect escaping of MathML in Blink. - * CVE-2018-6147: Password fields not taking advantage of OS protections in Views. -- Add patches to build on aarch and remove obsolete one: - * chromium-crashpad-aarch64-fix.patch - * chromium-skia-aarch64-buildfix.patch - * chromium-65.0.3325.162-skia-aarch64-buildfix.patch - * chromium-skia-neon.patch -- Remove no longer needed gcc patch: - * chromium-gcc7.patch -- Rebase patches: - * chromium-non-void-return.patch - * chromium-vaapi.patch - * exclude_ymp.patch - * fix_building_widevinecdm_with_chromium.patch +- Up to 68.0.3423.2 +- Refresh patch chromium-master-prefs-path.patch ------------------------------------------------------------------- -Sat May 26 23:01:20 UTC 2018 - astieger@suse.com +Wed May 9 08:38:02 UTC 2018 - guillaume.gardet@opensuse.org -- on SLE 12 with SUSE PackageHub 12, do not require the SDK for - libwebpmux1 (bsc#1070421) +- Fix AArch64 build with chromium-skia-aarch64-buildfix.patch ------------------------------------------------------------------- -Sat May 26 07:08:04 UTC 2018 - astieger@suse.com +Wed May 9 08:34:37 UTC 2018 - tchvatal@suse.com -- Fix installation issue on SUSE PackageHub 12 with libminizip1 - (bsc#1093031) +- Add patch chromium-skia-system-fontconfig.patch bsc#1092272 +- Up to 67.0.3393.30 ------------------------------------------------------------------- -Wed May 16 07:05:32 UTC 2018 - astieger@suse.com - -- Chromium 66.0.3359.181: - * Autoplay: Force enable on desktop for Web Audio - -------------------------------------------------------------------- -Fri May 11 12:10:44 UTC 2018 - astieger@suse.com - -- Chromium 66.0.3359.170 (bsc#1092923): - * Chain leading to sandbox escape: - CVE-2018-6121: Privilege Escalation in extensions - CVE-2018-6122: Type confusion in V8 - * CVE-2018-6120: Heap buffer overflow in PDFium - * Various fixes from internal audits, fuzzing and other - initiatives - -------------------------------------------------------------------- -Wed May 9 08:36:30 UTC 2018 - tchvatal@suse.com - -- Add patch chromium-skia-system-fontconfig.patch to fix - bsc#1092272 - -------------------------------------------------------------------- -Fri May 4 06:53:49 UTC 2018 - guillaume.gardet@opensuse.org +Wed May 9 07:53:48 UTC 2018 - guillaume.gardet@opensuse.org - Enable build on AArch64 - Fix build on AArch64: * set target_cpu to arm64 * disable tcmalloc and swiftshader for aarch64 - * Add new patches: - - chromium-65.0.3325.162-skia-aarch64-buildfix.patch - - chromium-skia-neon.patch ------------------------------------------------------------------- -Fri Apr 27 08:22:18 UTC 2018 - tchvatal@suse.com +Wed Apr 25 14:59:25 UTC 2018 - tchvatal@suse.com -- chromium 66.0.3359.139: - * CVE-2018-6118: Use after free in Media Cache (bsc#1091288) - * drop add-missing-blink-tools.patch, now in tarball again +- Up to chromium-67.0.3396.18 ------------------------------------------------------------------- -Wed Apr 18 09:14:21 UTC 2018 - tchvatal@suse.com +Thu Apr 12 09:10:48 UTC 2018 - tchvatal@suse.com -- Version bump to chromium 66.0.3359.117 bsc#1090000: - * CVE-2018-6085: Use after free in Disk Cache - * CVE-2018-6086: Use after free in Disk Cache - * CVE-2018-6087: Use after free in WebAssembly - * CVE-2018-6088: Use after free in PDFium - * CVE-2018-6089: Same origin policy bypass in Service Worker - * CVE-2018-6090: Heap buffer overflow in Skia - * CVE-2018-6091: Incorrect handling of plug-ins by Service Worker - * CVE-2018-6092: Integer overflow in WebAssembly - * CVE-2018-6093: Same origin bypass in Service Worker - * CVE-2018-6094: Exploit hardening regression in Oilpan - * CVE-2018-6095: Lack of meaningful user interaction requirement before file upload - * CVE-2018-6096: Fullscreen UI spoof - * CVE-2018-6097: Fullscreen UI spoof - * CVE-2018-6098: URL spoof in Omnibox - * CVE-2018-6099: CORS bypass in ServiceWorker - * CVE-2018-6100: URL spoof in Omnibox - * CVE-2018-6101: Insufficient protection of remote debugging prototol in DevTools - * CVE-2018-6102: URL spoof in Omnibox - * CVE-2018-6103: UI spoof in Permissions - * CVE-2018-6104: URL spoof in Omnibox - * CVE-2018-6105: URL spoof in Omnibox - * CVE-2018-6106: Incorrect handling of promises in V8 - * CVE-2018-6107: URL spoof in Omnibox - * CVE-2018-6108: URL spoof in Omnibox - * CVE-2018-6109: Incorrect handling of files by FileAPI - * CVE-2018-6110: Incorrect handling of plaintext files via file:// - * CVE-2018-6111: Heap-use-after-free in DevTools - * CVE-2018-6112: Incorrect URL handling in DevTools - * CVE-2018-6113: URL spoof in Navigation - * CVE-2018-6114: CSP bypass - * CVE-2018-6115: SmartScreen bypass in downloads - * CVE-2018-6116: Incorrect low memory handling in WebAssembly - * CVE-2018-6117: Confusing autofill settings - * Various fixes from internal audits, fuzzing and other initiatives -- Remove obsolete patches: - * chromium-compiler.patch - * chromium-glibc-2.27.patch - * chromium-vaapi-init.patch - * exclude_ymp.diff - * fix-gn-bootstrap.diff - * fix_network_api_crash.patch - * mojo.patch -- Add new patches: - * chromium-ffmpeg.patch - * chromium-gcc7.patch - * exclude_ymp.patch - * fix-gn-bootstrap.patch -- Rebase patches: - * chromium-master-prefs-path.patch - * chromium-non-void-return.patch - * chromium-sandbox-pie.patch - * chromium-vaapi.patch -- Add patch to fix missing folder from tarball: - * add-missing-blink-tools.patch +- Up to 67.0.3393.4 +- Refresh patch exclude_ymp.patch ------------------------------------------------------------------- -Sun Apr 8 10:49:06 UTC 2018 - tchvatal@suse.com +Wed Apr 4 11:49:20 UTC 2018 - tchvatal@suse.com -- Add vaapi patches: - * chromium-vaapi-init.patch - * chromium-vaapi.patch +- Bump to 67.0.3386.1 ------------------------------------------------------------------- -Fri Apr 6 12:54:24 UTC 2018 - tchvatal@suse.com +Wed Mar 28 12:37:50 UTC 2018 - tchvatal@suse.com -- Use memory-constraints package to limit threads as needed +- Bump to 67.0.3381.1 ------------------------------------------------------------------- -Wed Mar 21 06:31:27 UTC 2018 - astieger@suse.com +Fri Mar 23 12:01:52 UTC 2018 - tchvatal@suse.com -- Update to Chromium 65.0.3325.181: - * Various security relevant fixes from internal audits, fuzzing - and other initiatives (boo#1086124) +- Bump to 67.0.3377.1 ------------------------------------------------------------------- -Tue Mar 20 12:33:53 UTC 2018 - tchvatal@suse.com +Tue Mar 20 10:19:55 UTC 2018 - tchvatal@suse.com -- Use both freetype and harfbuzz either bundled or system +- Bump to 67.0.3371.0 +- Remove no longer needed chromium-gcc7.patch +- Rebase fix_building_widevinecdm_with_chromium.patch to allow + widevine builds ------------------------------------------------------------------- -Wed Mar 14 14:18:35 UTC 2018 - tchvatal@suse.com +Tue Mar 20 10:14:15 UTC 2018 - tchvatal@suse.com -- Version update to 65.0.3325.162: - * Various stability fixes only +- Bump to 66.0.3359.33 ------------------------------------------------------------------- -Wed Mar 14 09:00:37 UTC 2018 - tchvatal@suse.com +Wed Mar 14 14:19:21 UTC 2018 - tchvatal@suse.com -- Bundle the harfbuzz on < 15.0 release as we would have to - use requires_ge for the library itself later on otherwise +- Version bump to 66.0.3359.26 ------------------------------------------------------------------- -Fri Mar 9 09:10:01 UTC 2018 - tchvatal@suse.com +Wed Mar 14 13:32:18 UTC 2018 - tchvatal@suse.com -- Make sure to require gcc7 -- Add patch chromium-drm.patch to make sure to build with Leap 42.3 - variant of libdrm +- Bump the requirement for the clang version ------------------------------------------------------------------- -Thu Mar 8 09:00:54 UTC 2018 - tchvatal@suse.com +Wed Mar 14 09:01:33 UTC 2018 - tchvatal@suse.com -- Version update to 65.0.3325.146 bsc#1084296: - * High CVE-2017-11215: Use after free in Flash. - * High CVE-2017-11225: Use after free in Flash. - * High CVE-2018-6060: Use after free in Blink. - * High CVE-2018-6061: Race condition in V8. - * High CVE-2018-6062: Heap buffer overflow in Skia. - * High CVE-2018-6057: Incorrect permissions on shared memory. - * High CVE-2018-6063: Incorrect permissions on shared memory. - * High CVE-2018-6064: Type confusion in V8. - * High CVE-2018-6065: Integer overflow in V8. - * Medium CVE-2018-6066: Same Origin Bypass via canvas. - * Medium CVE-2018-6067: Buffer overflow in Skia. - * Medium CVE-2018-6068: Object lifecycle issues in Chrome Custom Tab. - * Medium CVE-2018-6069: Stack buffer overflow in Skia. - * Medium CVE-2018-6070: CSP bypass through extensions. - * Medium CVE-2018-6071: Heap bufffer overflow in Skia. - * Medium CVE-2018-6072: Integer overflow in PDFium. - * Medium CVE-2018-6073: Heap bufffer overflow in WebGL. - * Medium CVE-2018-6074: Mark-of-the-Web bypass. - * Medium CVE-2018-6075: Overly permissive cross origin downloads. - * Medium CVE-2018-6076: Incorrect handling of URL fragment identifiers in Blink. - * Medium CVE-2018-6077: Timing attack using SVG filters. - * Medium CVE-2018-6078: URL Spoof in OmniBox. - * Medium CVE-2018-6079: Information disclosure via texture data in WebGL. - * Medium CVE-2018-6080: Information disclosure in IPC call. - * Low CVE-2018-6081: XSS in interstitials. - * Low CVE-2018-6082: Circumvention of port blocking. - * Low CVE-2018-6083: Incorrect processing of AppManifests. -- Add new patches: - * chromium-compiler.patch - * chromium-glibc-2.27.patch - * mojo.patch -- Drop patches: - * chromium-angle.patch - * chromium-memcpy.patch -- Update constraints -- Refresh patch chromium-non-void-return.patch to include more - fixes +- Conditionalize harfbuzz switch ------------------------------------------------------------------- -Sat Feb 24 19:02:51 UTC 2018 - astieger@suse.com +Mon Mar 12 10:18:18 UTC 2018 - tchvatal@suse.com -- Chromium 64.0.3282.186: - * Various minor bug fixes +- Update to 66.0.3359.22 ------------------------------------------------------------------- -Wed Feb 14 08:16:34 UTC 2018 - astieger@suse.com +Fri Mar 9 11:20:35 UTC 2018 - tchvatal@suse.com -- update to 64.0.3282.167 (bsc#1080920): - * CVE-2018-6056: Incorrect derived class instantiation in V8 +- Apply patches using %autopatch +- Add patch to build with gcc7 properly chromium-gcc7.patch +- Drop patch chromium-sandbox-pie.patch as we have pie default now +- Add patch to build with leap variant of drm chromium-drm.patch ------------------------------------------------------------------- -Fri Feb 2 11:16:23 UTC 2018 - tchvatal@suse.com +Wed Mar 7 12:11:45 UTC 2018 - tchvatal@suse.com -- Version update to 64.0.3282.140 bsc#1079021: - * Various asan fixes bsc#1078463 CVE-2018-6406 +- Add patch to build ffmpeg from system chromium-ffmpeg.patch + +------------------------------------------------------------------- +Wed Mar 7 10:30:24 UTC 2018 - tchvatal@suse.com + +- Up to 66.0.3355.0 +- Disable clang by default again + +------------------------------------------------------------------- +Tue Feb 27 09:35:21 UTC 2018 - tchvatal@suse.com + +- Up to 66.0.3350.0 + +------------------------------------------------------------------- +Thu Feb 15 09:08:22 UTC 2018 - tchvatal@suse.com + +- Drop patch fix_network_api_crash.patch + +------------------------------------------------------------------- +Mon Feb 12 10:10:58 UTC 2018 - tchvatal@suse.com + +- Bump to 66.0.3343.3 + +------------------------------------------------------------------- +Wed Feb 7 13:58:33 UTC 2018 - tchvatal@suse.com + +- Bump to 65.0.3325.51 + +------------------------------------------------------------------- +Tue Feb 6 12:00:36 UTC 2018 - tchvatal@suse.com + +- Disable gconf support ------------------------------------------------------------------- Fri Feb 2 10:43:48 UTC 2018 - dimstar@opensuse.org @@ -366,9 +211,9 @@ Fri Feb 2 10:43:48 UTC 2018 - dimstar@opensuse.org /proc/meminfo. ------------------------------------------------------------------- -Mon Jan 29 13:07:38 UTC 2018 - tchvatal@suse.com +Wed Jan 31 09:45:45 UTC 2018 - tchvatal@suse.com -- Fix default page to not point to 404 +- Bump to 65.0.3325.31 ------------------------------------------------------------------- Mon Jan 29 12:36:31 UTC 2018 - tchvatal@suse.com @@ -376,319 +221,296 @@ Mon Jan 29 12:36:31 UTC 2018 - tchvatal@suse.com - Install swiftshader objects too as they are needed ------------------------------------------------------------------- -Fri Jan 26 10:11:22 UTC 2018 - tchvatal@suse.com +Fri Jan 26 10:12:22 UTC 2018 - tchvatal@suse.com -- Disable ozone stuff conditions for now as the headless mode - breaks up runtime bsc#1077722 +- Update to 65.0.3325.18 +- Try to have automatic ozone platform detection ------------------------------------------------------------------- -Thu Jan 25 09:51:59 UTC 2018 - tchvatal@suse.com +Wed Jan 17 14:28:37 UTC 2018 - tchvatal@suse.com -- Switch to gcc7 on Leap builds +- Bump to 65.0.3322.3 ------------------------------------------------------------------- -Thu Jan 25 09:42:51 UTC 2018 - tchvatal@suse.com +Mon Jan 8 20:12:43 UTC 2018 - tchvatal@suse.com -- Version update to 64.0.3282.119 bsc#1077571: - * High CVE-2018-6031: Use after free in PDFium. Reported by Anonymous on 2017-11-01 - * High CVE-2018-6032: Same origin bypass in Shared Worker. Reported by Jun Kokatsu (@shhnjk) on 2017-11-20 - * High CVE-2018-6033: Race when opening downloaded files. Reported by Juho Nurminen on 2017-12-09 - * Medium CVE-2018-6034: Integer overflow in Blink. Reported by Tobias Klein (www.trapkit.de) on 2017-11-12 - * Medium CVE-2018-6035: Insufficient isolation of devtools from extensions. Reported by Rob Wu on 2017-12-23 - * Medium CVE-2018-6036: Integer underflow in WebAssembly. Reported by The UK's National Cyber Security Centre (NCSC) on 2017-11-30 - * Medium CVE-2018-6037: Insufficient user gesture requirements in autofill. Reported by Paul Stone of Context Information Security on 2017-08-09 - * Medium CVE-2018-6038: Heap buffer overflow in WebGL. Reported by cloudfuzzer on 2017-10-12 - * Medium CVE-2018-6039: XSS in DevTools. Reported by Juho Nurminen on 2017-10-17 - * Medium CVE-2018-6040: Content security policy bypass. Reported by WenXu Wu of Tencent's Xuanwu Lab on 2017-10-26 - * Medium CVE-2018-6041: URL spoof in Navigation. Reported by Luan Herrera on 2017-08-29 - * Medium CVE-2018-6042: URL spoof in OmniBox. Reported by Khalil Zhani on 2017-10-12 - * Medium CVE-2018-6043: Insufficient escaping with external URL handlers. Reported by 0x09AL on 2017-11-16 - * Medium CVE-2018-6045: Insufficient isolation of devtools from extensions. Reported by Rob Wu on 2017-12-23 - * Medium CVE-2018-6046: Insufficient isolation of devtools from extensions. Reported by Rob Wu on 2017-12-31 - * Medium CVE-2018-6047: Cross origin URL leak in WebGL. Reported by Masato Kinugawa on 2018-01-08 - * Low CVE-2018-6048: Referrer policy bypass in Blink. Reported by Jun Kokatsu (@shhnjk) on 2017-09-08 - * Low CVE-2017-15420: URL spoofing in Omnibox. Reported by Drew Springall (@_aaspring_) on 2017-10-05 - * Low CVE-2018-6049: UI spoof in Permissions. Reported by WenXu Wu of Tencent's Xuanwu Lab on 2017-10-13 - * Low CVE-2018-6050: URL spoof in OmniBox. Reported by Jonathan Kew on 2017-10-15 - * Low CVE-2018-6051: Referrer leak in XSS Auditor. Reported by Antonio Sanso (@asanso) on 2014-12-11 - * Low CVE-2018-6052: Incomplete no-referrer policy implementation. Reported by Tanner Emek on 2016-05-28 - * Low CVE-2018-6053: Leak of page thumbnails in New Tab Page. Reported by Asset Kabdenov on 2017-08-23 - * Low CVE-2018-6054: Use after free in WebUI. Reported by Rob Wu on 2017-12-24 -- Add patches: - * chromium-angle.patch - * chromium-memcpy.patch -- Drop patch: - * chromium-gcc.patch -- Change desktop file name to fit bellow the icon on ie KDE desktop +- Bump to 65.0.3311.3 +- Drop chromium-63.0.3289.84-fix-ft-hb-unbundle.patch ------------------------------------------------------------------- -Thu Jan 4 20:59:31 UTC 2018 - astieger@suse.com +Tue Jan 2 13:14:43 UTC 2018 - tchvatal@suse.com -- Chromium 63.0.3239.132: - * DevTools: do not report raw headers and cookies for protected - subresources - * Various other fixes and updates +- add chromium-63.0.3289.84-fix-ft-hb-unbundle.patch to make sure + we use system freetype/harfbuzz ------------------------------------------------------------------- -Fri Dec 15 09:28:07 UTC 2017 - tchvatal@suse.com +Thu Dec 28 18:00:12 UTC 2017 - tchvatal@suse.com -- Version update to 63.0.3239.108 bsc#1072976: - * CVE-2017-15429: UXSS in V8 - * Various fuzzing fixes +- Make sure to use system freetype too ------------------------------------------------------------------- -Thu Dec 7 09:41:13 UTC 2017 - tchvatal@suse.com +Wed Dec 20 15:38:09 UTC 2017 - tchvatal@suse.com -- Version update to 63.0.3239.84 bsc#1071691: - * bsc#1106341 CVE-2017-15430 Unsafe navigation in Chromecast - * Critical CVE-2017-15407: Out of bounds write in QUIC. - * High CVE-2017-15408: Heap buffer overflow in PDFium. - * High CVE-2017-15409: Out of bounds write in Skia. - * High CVE-2017-15410: Use after free in PDFium. - * High CVE-2017-15411: Use after free in PDFium. - * High CVE-2017-15412: Use after free in libXML. - * High CVE-2017-15413: Type confusion in WebAssembly. - * Medium CVE-2017-15415: Pointer information disclosure in IPC call. - * Medium CVE-2017-15416: Out of bounds read in Blink. - * Medium CVE-2017-15417: Cross origin information disclosure in Skia. - * Medium CVE-2017-15418: Use of uninitialized value in Skia. - * Medium CVE-2017-15419: Cross origin leak of redirect URL in Blink. - * Medium CVE-2017-15420: URL spoofing in Omnibox. - * Medium CVE-2017-15422: Integer overflow in ICU. - * Low CVE-2017-15423: Issue with SPAKE implementation in BoringSSL. - * Low CVE-2017-15424: URL Spoof in Omnibox. - * Low CVE-2017-15425: URL Spoof in Omnibox. - * Low CVE-2017-15426: URL Spoof in Omnibox. - * Low CVE-2017-15427: Insufficient blocking of JavaScript in Omnibox. -- Rebase fix-gn-bootstrap.diff -- Drop merged patches: - * chromium-gcc5.patch - * chromium-60.0.3112.113-breakpad-ucontext.patch - * chromium-62.0.3202.62-correct-cplusplus-check.patch -- Add new patches: - * chromium-non-void-return.patch - * chromium-gcc.patch +- Bump 65.0.3298.3 ------------------------------------------------------------------- -Wed Nov 22 11:05:42 UTC 2017 - idonmez@suse.com +Tue Dec 19 09:43:19 UTC 2017 - tchvatal@suse.com + +- Drop chromium-memcpy.patch + +------------------------------------------------------------------- +Mon Dec 18 10:46:25 UTC 2017 - tchvatal@suse.com + +- Drop minizip conditional (was about 42.1) + +------------------------------------------------------------------- +Sun Dec 17 22:52:29 UTC 2017 - tchvatal@suse.com + +- Bump to 65.0.3294.5 + +------------------------------------------------------------------- +Thu Dec 14 14:55:27 UTC 2017 - tchvatal@suse.com + +- Explicitely describe what ozone parts we want + +------------------------------------------------------------------- +Wed Dec 13 09:47:33 UTC 2017 - tchvatal@suse.com + +- Bump to 64.0.3282.24 +- Enable system icu again +- Tweak the deps to match current setup +- Add patch chromium-memcpy.patch + +------------------------------------------------------------------- +Tue Dec 12 12:55:52 UTC 2017 - tchvatal@suse.com + +- Minimize desktop name to not take so much space + +------------------------------------------------------------------- +Sat Dec 9 12:54:27 UTC 2017 - tchvatal@suse.com + +- Bumpyty to 64.0.3282.14 + +------------------------------------------------------------------- +Thu Nov 30 14:32:41 UTC 2017 - tchvatal@suse.com + +- Bumpy to 64.0.3278.0 + +------------------------------------------------------------------- +Wed Nov 22 11:06:47 UTC 2017 - idonmez@suse.com - BuildRequire nodejs8 instead of nodejs6 for suse_version >= 1330 ------------------------------------------------------------------- -Wed Nov 15 14:56:24 UTC 2017 - astieger@suse.com +Sun Nov 19 11:25:52 UTC 2017 - tchvatal@suse.com + +- Drop chromium-64.0.3253.3-gpu_lists_version.h.patch +- Drop chromium-gcc.patch + +------------------------------------------------------------------- +Sun Nov 19 11:20:20 UTC 2017 - tchvatal@suse.com + +- Up to 64.0.3269.3 + +------------------------------------------------------------------- +Wed Nov 15 14:42:55 UTC 2017 - astieger@suse.com -- Update to 62.0.3202.94: - * multiple minor rendering related fixes - fix rebuilds in same chroot ------------------------------------------------------------------- -Tue Nov 7 10:12:28 UTC 2017 - tchvatal@suse.com +Wed Nov 8 21:33:56 UTC 2017 - tchvatal@suse.com -- Version update to 62.0.3202.89 bsc#1066851: - * CVE-2017-15398: Stack buffer overflow in QUIC - * CVE-2017-15399: Use after free in V8 -- Drop upstream merged chromium-sandbox.patch +- Add patch chromium-non-void-return.patch ------------------------------------------------------------------- -Fri Nov 3 12:40:33 UTC 2017 - tchvatal@suse.com +Tue Nov 7 09:41:07 UTC 2017 - tchvatal@suse.com -- Restrict the version on jpeg to not waste build power +- Add patch chromium-64.0.3253.3-gpu_lists_version.h.patch ------------------------------------------------------------------- -Sun Oct 29 08:18:37 UTC 2017 - tchvatal@suse.com +Sat Nov 4 09:38:27 UTC 2017 - tchvatal@suse.com -- Add patch to fix sandbox crashes wrt bsc#1064298 - * chromium-sandbox.patch +- Bump to 64.0.3253.3 ------------------------------------------------------------------- -Fri Oct 27 09:17:02 UTC 2017 - tchvatal@suse.com +Fri Nov 3 11:41:40 UTC 2017 - tchvatal@suse.com -- Version update to 62.0.3202.75 bsc#1065405 CVE-2017-15396 - * CVE-2017-15396: Stack overflow in V8 +- Update to 64.0.3251.0 ------------------------------------------------------------------- -Thu Oct 26 12:09:53 UTC 2017 - astieger@suse.com +Thu Nov 2 20:46:57 UTC 2017 - tchvatal@suse.com -- BuildRequire nodejs6 required for polymer-bundler.js +- Fix the tarball unpacking to unroll all the required content +- Update to 63.0.3239.30 ------------------------------------------------------------------- -Thu Oct 26 09:19:09 UTC 2017 - tchvatal@suse.com +Wed Oct 25 18:24:16 UTC 2017 - tchvatal@suse.com -- Try to export properly CXX/CC variable to fix leap builds +- Drop patch chromium-60.0.3112.113-breakpad-ucontext.patch +- Drop patch chromium-sysroot.patch ------------------------------------------------------------------- -Wed Oct 25 17:52:44 UTC 2017 - tchvatal@suse.com +Wed Oct 11 09:04:46 UTC 2017 - tchvatal@suse.com -- Apply patch to fix building crc32 with gcc7: - * chromium-62.0.3202.62-correct-cplusplus-check.patch +- Bump to 63.0.3236.0 ------------------------------------------------------------------- -Thu Oct 19 03:29:56 UTC 2017 - tchvatal@suse.com +Mon Oct 9 11:42:16 UTC 2017 - tchvatal@suse.com -- Update to 62.0.3202.62 bsc#1064066: - * CVE-2017-5124: UXSS with MHTML. - * CVE-2017-5125: Heap overflow in Skia. - * CVE-2017-5126: Use after free in PDFium. - * CVE-2017-5127: Use after free in PDFium. - * CVE-2017-5128: Heap overflow in WebGL. - * CVE-2017-5129: Use after free in WebAudio. - * CVE-2017-5132: Incorrect stack manipulation in WebAssembly. - * CVE-2017-5130: Heap overflow in libxml2. - * CVE-2017-5131: Out of bounds write in Skia. - * CVE-2017-5133: Out of bounds write in Skia. - * CVE-2017-15386: UI spoofing in Blink. - * CVE-2017-15387: Content security bypass. - * CVE-2017-15388: Out of bounds read in Skia. - * CVE-2017-15389: URL spoofing in OmniBox. - * CVE-2017-15390: URL spoofing in OmniBox. - * CVE-2017-15391: Extension limitation bypass in Extensions. - * CVE-2017-15392: Incorrect registry key handling in PlatformIntegration. - * CVE-2017-15393: Referrer leak in Devtools. - * CVE-2017-15394: URL spoofing in extensions UI. - * CVE-2017-15395: Null pointer dereference in ImageCapture. -- Drop unused patches: +- Bump to 63.0.3230.0 + +------------------------------------------------------------------- +Mon Oct 2 10:10:10 UTC 2017 - tchvatal@suse.com + +- Update to 63.0.3223.8 +- Rebase fix-gn-boostrap.diff +- Remove chromium-gcc5.patch + +------------------------------------------------------------------- +Sat Sep 16 15:51:04 UTC 2017 - tchvatal@suse.com + +- Bump to 63.0.3218.0 +- Rebase fix-gn-bootstrap.diff +- Add chromium-sysroot.patch + +------------------------------------------------------------------- +Wed Sep 13 07:51:50 UTC 2017 - tchvatal@suse.com + +- Version update to 62.0.3202.18 + +------------------------------------------------------------------- +Sun Sep 10 09:46:36 UTC 2017 - tchvatal@suse.com + +- Update to latest +- Switch to system libxml again +- Add more folders to be kept in archive + +------------------------------------------------------------------- +Wed Sep 6 13:16:14 UTC 2017 - tchvatal@suse.com + +- Build with gcc6 on leap as we now require --stdc-14 + +------------------------------------------------------------------- +Wed Sep 6 12:55:30 UTC 2017 - tchvatal@suse.com + +- Add patch to build with new glibc: + * chromium-60.0.3112.113-breakpad-ucontext.patch + +------------------------------------------------------------------- +Mon Sep 4 12:11:32 UTC 2017 - tchvatal@suse.com + +- Bump to 62.0.3198.0: + * fix-gn-bootstrap.diff + +------------------------------------------------------------------- +Wed Aug 23 12:40:57 UTC 2017 - tchvatal@suse.com + +- Bump to 62.0.3192.0 +- Rebase patch chromium-prop-codecs.patch + +------------------------------------------------------------------- +Mon Aug 21 09:29:23 UTC 2017 - tchvatal@suse.com + +- Bump to 62.0.3188.2 +- Rebase fix-gn-bootstrap.diff +- Remove arm patches as we exclude it for now: * arm-webrtc-fix.patch * arm_use_right_compiler.patch - * chromium-46.0.2490.71-fix-missing-i18n_process_css_test.patch - * chromium-atk.patch - * chromium-mojo-dep.patch - * gcc60-fixes.diff +- Add patch chromium-gcc5.patch + +------------------------------------------------------------------- +Fri Aug 11 09:37:10 UTC 2017 - tchvatal@suse.com + +- Bump to 62.0.3178.0 +- Add patch chromium-system-zlib.patch +- Rebase patch fix-gn-bootstrap.diff +- Rebase exclude_ymp.diff +- Drop gcc60-fixes.diff as the toolchain was changed + +------------------------------------------------------------------- +Sun Aug 6 07:18:26 UTC 2017 - tchvatal@suse.com + +- Bump to 62.0.3175.4 + +------------------------------------------------------------------- +Sun Aug 6 07:12:01 UTC 2017 - tchvatal@suse.com + +- Bump to 61.0.3163.31 +- Remove condition for gtk3, hard on from now on +- Bump version requirement on nodejs + +------------------------------------------------------------------- +Thu Jul 27 19:42:42 UTC 2017 - tchvatal@suse.com + +- Bump to 61.0.3163.13 +- Rebase fix-gn-bootstrap.diff + +------------------------------------------------------------------- +Thu Jul 20 12:33:20 UTC 2017 - tchvatal@suse.com + - Refresh patches: - * chromium-gcc5.patch - * chromium-prop-codecs.patch - * exclude_ymp.diff * fix-gn-bootstrap.diff + * gcc60-fixes.diff ------------------------------------------------------------------- -Fri Sep 22 14:50:40 UTC 2017 - astieger@suse.com +Wed Jul 19 15:14:56 UTC 2017 - tchvatal@suse.com -- Update to 61.0.3163.100 (boo#1060019): - * CVE-2017-5121: Out-of-bounds access in V8 - * CVE-2017-5122: Out-of-bounds access in V8 - * Various fixes from internal audits, fuzzing and other initiatives +- Bump to 61.0.3159.5 +- Use system libcxx +- Refresh patch fix-gn-bootstrap.diff ------------------------------------------------------------------- -Sat Sep 16 15:50:19 UTC 2017 - tchvatal@suse.com +Mon Jul 17 07:53:34 UTC 2017 - tchvatal@suse.com -- Update to 61.0.3163.91: - * Various bugfixes - -------------------------------------------------------------------- -Mon Sep 11 08:45:35 UTC 2017 - tchvatal@suse.com - -- Update to 61.0.3163.79 bsc#1057364: - * CVE-2017-5111: Use after free in PDFium. - * CVE-2017-5112: Heap buffer overflow in WebGL. - * CVE-2017-5113: Heap buffer overflow in Skia. - * CVE-2017-5114: Memory lifecycle issue in PDFium. - * CVE-2017-5115: Type confusion in V8. - * CVE-2017-5116: Type confusion in V8. - * CVE-2017-5117: Use of uninitialized value in Skia. - * CVE-2017-5118: Bypass of Content Security Policy in Blink. - * CVE-2017-5119: Use of uninitialized value in Skia. - * CVE-2017-5120: Potential HTTPS downgrade during redirect navigation. -- Rebase patch: - * fix-gn-bootstrap.diff -- Remove patches: - * chromium-gcc7.patch - * chromium-override.patch -- Add new patches: - * chromium-atk.patch - * chromium-gcc5.patch - * chromium-mojo-dep.patch -- Gtk3 is hard required from now on -- Version some of the required dependencies - -------------------------------------------------------------------- -Mon Aug 28 22:57:05 UTC 2017 - astieger@suse.com - -- fix build with Factory glibc: - add chromium-60.0.3112.113-breakpad-ucontext.patch - -------------------------------------------------------------------- -Fri Aug 25 09:17:27 UTC 2017 - tchvatal@suse.com - -- Version update to 60.0.3112.113: - * Various bugfixes - -------------------------------------------------------------------- -Tue Aug 15 15:17:00 UTC 2017 - tchvatal@suse.com - -- Version update to 60.0.3112.101: - * various usability bugfixes - -------------------------------------------------------------------- -Thu Aug 3 13:25:33 UTC 2017 - tchvatal@suse.com - -- Version update to 60.0.3112.90: - * Various usability bugfixes - -------------------------------------------------------------------- -Wed Jul 26 13:27:55 UTC 2017 - tchvatal@suse.com - -- Version update to 60.0.3112.78 bsc#1050537: - * CVE-2017-5091: Use after free in IndexedDB - * CVE-2017-5092: Use after free in PPAPI - * CVE-2017-5093: UI spoofing in Blink - * CVE-2017-5094: Type confusion in extensions - * CVE-2017-5095: Out-of-bounds write in PDFium - * CVE-2017-5096: User information leak via Android intents - * CVE-2017-5097: Out-of-bounds read in Skia - * CVE-2017-5098: Use after free in V8 - * CVE-2017-5099: Out-of-bounds write in PPAPI - * CVE-2017-5100: Use after free in Chrome Apps - * CVE-2017-5101: URL spoofing in OmniBox - * CVE-2017-5102: Uninitialized use in Skia - * CVE-2017-5103: Uninitialized use in Skia - * CVE-2017-5104: UI spoofing in browser - * CVE-2017-7000: Pointer disclosure in SQLite - * CVE-2017-5105: URL spoofing in OmniBox - * CVE-2017-5106: URL spoofing in OmniBox - * CVE-2017-5107: User information leak via SVG - * CVE-2017-5108: Type confusion in PDFium - * CVE-2017-5109: UI spoofing in browser - * CVE-2017-5110: UI spoofing in payments dialog - * Various fixes from internal audits, fuzzing and other initiatives -- Add patch chromium-override.patch -- Remove patches chromium-fpermissive.patch chromium-system-ffmpeg-r3.patch -- Rebase patches: - * chromium-dma-buf.patch - * chromium-gcc7.patch - * chromium-last-commit-position-r0.patch - * fix-gn-bootstrap.diff - -------------------------------------------------------------------- -Mon Jul 24 09:01:07 UTC 2017 - tchvatal@suse.com - -- Recommend emoji fonts to make sure major web chats do not show +- Recommend emoji fonts for various communicators to not display questionmarks ------------------------------------------------------------------- -Wed Jun 28 19:27:55 UTC 2017 - tchvatal@suse.com +------------------------------------------------------------------- +Thu Jul 13 07:52:52 UTC 2017 - tchvatal@suse.com -- Update to 59.0.3071.115: - * Various small fixes all around +- Bump to 61.0.3153.4 +- Refresh patch fix-gn-bootstrap.diff ------------------------------------------------------------------- -Fri Jun 23 07:46:48 UTC 2017 - astieger@suse.com +Thu Jun 29 07:07:53 UTC 2017 - tchvatal@suse.com -- Update to 59.0.3071.109: - * ozone/drm: Only reuse ScanoutBuffers with compatible modifiers - * Fixing mouse focus on WebView - * Remove gtk dependency from gles tests - * Set build flag when using own FreeType - * Revert of [scheduler] Move some task types to suspendable task runner - * Fix an incorrect method name on the chrome://site-engagement WebUI page - * Linux/Windows: Removing Guest menu item for supervised profile +- Remove already applied patch chromium-gcc7.patch ------------------------------------------------------------------- -Fri Jun 16 12:12:56 UTC 2017 - astieger@suse.com +Tue Jun 27 17:59:45 UTC 2017 - tchvatal@suse.com -- Update to 59.0.3071.104 (bsc#1044690): - * CVE-2017-5087: Sandbox Escape in IndexedDB - * CVE-2017-5088: Out of bounds read in V8 - * CVE-2017-5089: Domain spoofing in Omnibox - * Various fixes from internal audits, fuzzing and other initiatives +- require nss >= 3.26 +- Update to 61.0.3141.7 +- Refresh fix-gn-bootstrap.diff + +------------------------------------------------------------------- +Thu Jun 22 08:46:57 UTC 2017 - tchvatal@suse.com + +- Drop merged patch chromium-system-icu.patch +- Refresh patch fix-gn-bootstrap.diff + +------------------------------------------------------------------- +Wed Jun 21 17:06:27 UTC 2017 - tchvatal@suse.com + +- Version update to 61.0.3135.4 + +------------------------------------------------------------------- +Thu Jun 15 08:26:29 UTC 2017 - tchvatal@suse.com + +- Update to 61.0.3128.3 +- Add patch chromium-system-icu.patch + +------------------------------------------------------------------- +Sat Jun 10 14:05:13 UTC 2017 - tchvatal@suse.com + +- Update to 61.0.3124.4 +- Refresh patch fix-gn-bootstrap.diff +- Drop patch chromium-override.patch merged upstream + +------------------------------------------------------------------- +Fri Jun 9 12:11:47 UTC 2017 - tchvatal@suse.com + +- Bump to 60.0.3112.24 ------------------------------------------------------------------- Thu Jun 8 14:56:42 UTC 2017 - tchvatal@suse.com @@ -696,56 +518,104 @@ Thu Jun 8 14:56:42 UTC 2017 - tchvatal@suse.com - Add patch chromium-buildname.patch bsc#1043420 ------------------------------------------------------------------- -Tue Jun 6 07:53:53 UTC 2017 - tchvatal@suse.com +Wed Jun 7 09:10:40 UTC 2017 - tchvatal@suse.com -- Update to 59.0.3071.86 bsc#1042833: - * CVE-2017-5070: Type confusion in V8. Reported by Zhao Qixun(@S0rryMybad) of Qihoo 360 Vulcan Team on 2017-05-16 - * CVE-2017-5071: Out of bounds read in V8. Reported by Choongwoo Han on 2017-04-26 - * CVE-2017-5072: Address spoofing in Omnibox. Reported by Rayyan Bijoora on 2017-04-07 - * CVE-2017-5073: Use after free in print preview. Reported by Khalil Zhani on 2017-04-28 - * CVE-2017-5074: Use after free in Apps Bluetooth. Reported by anonymous on 2017-03-09 - * CVE-2017-5075: Information leak in CSP reporting. Reported by Emmanuel Gil Peyrot on 2017-01-05 - * CVE-2017-5086: Address spoofing in Omnibox. Reported by Rayyan Bijoora on 2017-05-16 - * CVE-2017-5076: Address spoofing in Omnibox. Reported by Samuel Erb on 2017-05-06 - * CVE-2017-5077: Heap buffer overflow in Skia. Reported by Sweetchip on 2017-04-28 - * CVE-2017-5078: Possible command injection in mailto handling. Reported by Jose Carlos Exposito Bueno on 2017-04-12 - * CVE-2017-5079: UI spoofing in Blink. Reported by Khalil Zhani on 2017-04-20 - * CVE-2017-5080: Use after free in credit card autofill. Reported by Khalil Zhani on 2017-04-05 - * CVE-2017-5081: Extension verification bypass. Reported by Andrey Kovalev (@L1kvID) Yandex Security Team on 2016-12-07 - * CVE-2017-5082: Insufficient hardening in credit card editor. Reported by Nightwatch Cybersecurity Research on 2017-05-11 - * CVE-2017-5083: UI spoofing in Blink. Reported by Khalil Zhani on 2017-04-24 - * CVE-2017-5085: Inappropriate javascript execution on WebUI pages. Reported by Zhiyang Zeng of Tencent security platform department on 2017-02-15 -- Add patch to fix build with system dma: - * chromium-dma-buf.patch -- Drop no longer needed patches: - * chromium-linker-memory.patch - * chromium-system-jinja-r13.patch -- Refresh patches: - * chromium-gcc7.patch - * chromium-system-ffmpeg-r3.patch +- Update to 60.0.3112.20 + +------------------------------------------------------------------- +Tue Jun 6 10:56:24 UTC 2017 - tchvatal@suse.com + +- Drop patch chromium-system-icu.patch + * Use bundled icu as system is unbuildable at the moment + +------------------------------------------------------------------- +Mon Jun 5 12:23:26 UTC 2017 - tchvatal@suse.com + +- Bump to 60.0.3112.7 +- Add patch for gcc7 chromium-gcc7.patch +- Add patch to build with gcc chromium-override.patch +- Add patch to build with system icu 59 chromium-system-icu.patch + +------------------------------------------------------------------- +Wed May 31 14:23:42 UTC 2017 - tchvatal@suse.com + +- Update to upstream 60.0.3112.7 + * Refresh patch fix-gn-bootstrap.diff +- Remove upstream merged chromium-system-harfbuzz.patch + +------------------------------------------------------------------- +Wed May 24 12:22:27 UTC 2017 - tchvatal@suse.com + +- Update 60.0.3107.4 +- Refresh patch chromium-last-commit-position-r0.patch +- Remove upstreamed chromium-system-ffmpeg-r3.patch +- Remove upstreamed chromium-system-opus.patch +- Remove upstreamed chromium-system-libpng.patch +- Remove upstreamed chromium-system-libwebp.patch +- Update fix-gn-bootstrap.diff +- Add patch chromium-system-harfbuzz.patch + +------------------------------------------------------------------- +Thu May 18 10:31:53 UTC 2017 - tchvatal@suse.com + +- Version update to 60.0.3100.0 +- Add patches: + * chromium-system-libpng.patch + * chromium-system-libwebp.patch + +------------------------------------------------------------------- +Wed May 17 09:22:27 UTC 2017 - tchvatal@suse.com + +- Export gcc standard version to fix build on older releases + * Needed for vulcan + +------------------------------------------------------------------- +Fri May 12 11:25:49 UTC 2017 - tchvatal@suse.com + +- Update to 60.0.3095.5 +- Update patch: * fix-gn-bootstrap.diff -- Use bundled libxml - * Upstream unfortunately uses git snapshot that is not api/abi compatible ------------------------------------------------------------------- -Mon Jun 5 12:55:22 UTC 2017 - tchvatal@suse.com +Sat May 6 08:50:17 UTC 2017 - tchvatal@suse.com -- Add patch to build with gcc7: - * chromium-gcc7.patch -- Add patch for fpermissive build error: - * chromium-fpermissive.patch +- Switch to system opus and yasm ------------------------------------------------------------------- -Wed May 10 07:43:46 UTC 2017 - tchvatal@suse.com +Fri May 5 12:11:38 UTC 2017 - tchvatal@suse.com -- Version update to 58.0.3029.110: - * Various small bugfixes +- Update to 60.0.3088.3 +- Update patch: + * fix-gn-bootstrap.diff + * chromium-dma-buf.patch ------------------------------------------------------------------- -Thu May 4 12:40:32 UTC 2017 - tchvatal@suse.com +Thu May 4 12:52:01 UTC 2017 - tchvatal@suse.com -- Version update to 58.0.3029.96: - * Fixes bsc#1037594 CVE-2017-5068 +- Version update to 60.0.3080.5 +- Refresh patch: + * chromium-dma-buf.patch + * fix-gn-bootstrap.diff + +------------------------------------------------------------------- +Fri Apr 28 18:40:01 UTC 2017 - tchvatal@suse.com + +- Use bundled libxml (they have git snapshot :/) + +------------------------------------------------------------------- +Fri Apr 28 18:21:44 UTC 2017 - tchvatal@suse.com + +- Add more bundled folders + +------------------------------------------------------------------- +Fri Apr 28 06:03:50 UTC 2017 - tchvatal@suse.com + +- Also drop patch chromium-system-jinja-r13.patch + +------------------------------------------------------------------- +Fri Apr 28 05:55:11 UTC 2017 - tchvatal@suse.com + +- Bump to 59.0.3071.29 ------------------------------------------------------------------- Tue Apr 25 13:24:42 UTC 2017 - tchvatal@suse.com @@ -754,34 +624,56 @@ Tue Apr 25 13:24:42 UTC 2017 - tchvatal@suse.com * It is at least used only during build ------------------------------------------------------------------- -Fri Apr 21 09:57:49 UTC 2017 - tchvatal@suse.com +Fri Apr 21 19:16:32 UTC 2017 - tchvatal@suse.com -- Version update to 58.0.3029.81 bsc#1035103: - * High CVE-2017-5057: Type confusion in PDFium. Credit to Guang Gong of Alpha Team, Qihoo 360 - * High CVE-2017-5058: Heap use after free in Print Preview. Credit to Khalil Zhani - * High CVE-2017-5059: Type confusion in Blink. Credit to SkyLined working with Trend Micro's Zero Day Initiative - * Medium CVE-2017-5060: URL spoofing in Omnibox. Credit to Xudong Zheng - * Medium CVE-2017-5061: URL spoofing in Omnibox. Credit to Haosheng Wang (@gnehsoah) - * Medium CVE-2017-5062: Use after free in Chrome Apps. Credit to anonymous - * Medium CVE-2017-5063: Heap overflow in Skia. Credit to Sweetchip - * Medium CVE-2017-5064: Use after free in Blink. Credit to Wadih Matar - * Medium CVE-2017-5065: Incorrect UI in Blink. Credit to Khalil Zhani - * Medium CVE-2017-5066: Incorrect signature handing in Networking. Credit to chenchu - * Medium CVE-2017-5067: URL spoofing in Omnibox. Credit to Khalil Zhani - * Low CVE-2017-5069: Cross-origin bypass in Blink. Credit to Michael Reizelman -- Refresh patch fix-gn-bootstrap.diff -- Refresh patch chromium-system-jinja-r13.patch -- Remove obsolete patch chromium-57-gcc4.patch +- Refresh patch chromium-system-ffmpeg-r3.patch +- Delete patch chromium-system-libjpeg.patch ------------------------------------------------------------------- -Thu Mar 30 13:07:50 UTC 2017 - tchvatal@suse.com +Fri Apr 21 18:58:53 UTC 2017 - tchvatal@suse.com -- Version update to 57.0.2987.133 bsc#1031677: - * Critical CVE-2017-5055: Use after free in printing. Credit to Wadih Matar - * High CVE-2017-5054: Heap buffer overflow in V8. Credit to Nicolas Trippar of Zimperium zLabs - * High CVE-2017-5052: Bad cast in Blink. Credit to JeongHoon Shin - * High CVE-2017-5056: Use after free in Blink. Credit to anonymous - * High CVE-2017-5053: Out of bounds memory access in V8. Credit to Team Sniper (Keen Lab and PC Mgr) reported through ZDI (ZDI-CAN-4587) +- Update to 59.0.3071.15 + +------------------------------------------------------------------- +Fri Apr 21 09:01:47 UTC 2017 - tchvatal@suse.com + +- Drop exif dep, unused +- Pass no-clean option to bootstrap.py for debugging purposes + +------------------------------------------------------------------- +Wed Apr 19 13:21:37 UTC 2017 - tchvatal@suse.com + +- Version update to 59.0.3071.9 + +------------------------------------------------------------------- +Thu Apr 13 08:22:25 UTC 2017 - tchvatal@suse.com + +- Update to 59.0.3067.0 +- Sort out the harfbuzz bundling conditional to be together with minizip + +------------------------------------------------------------------- +Wed Apr 12 11:20:22 UTC 2017 - tchvatal@suse.com + +- Bump harfbuzz and icu requirements + +------------------------------------------------------------------- +Tue Apr 11 11:52:32 UTC 2017 - tchvatal@suse.com + +- Add patch chromium-dma-buf.patch +- Add patch chromium-system-libjpeg.patch + +------------------------------------------------------------------- +Fri Apr 7 08:49:05 UTC 2017 - tchvatal@suse.com + +- Version update to 59.0.3063.4 +- Refresh patch fix-gn-bootstrap.diff +- Refresh patch chromium-system-ffmpeg-r3.patch + +------------------------------------------------------------------- +Thu Mar 30 13:02:21 UTC 2017 - tchvatal@suse.com + +- Update to 59.0.3053.3 +- Refresh patch fix-gn-bootstrap.diff ------------------------------------------------------------------- Fri Mar 24 15:22:38 UTC 2017 - tchvatal@suse.com @@ -789,167 +681,238 @@ Fri Mar 24 15:22:38 UTC 2017 - tchvatal@suse.com - Drop the browser(npapi) provide which is not true ------------------------------------------------------------------- -Sun Mar 19 11:04:47 UTC 2017 - tchvatal@suse.com +Wed Mar 22 10:57:21 UTC 2017 - tchvatal@suse.com -- Add patch to build with gcc4 - * chromium-57-gcc4.patch +- Drop patch chromium-linker-memory.patch as with i586 dropped it + should not be required +- Update patch fix-gn-bootstrap.diff ------------------------------------------------------------------- -Thu Mar 16 20:45:00 UTC 2017 - tchvatal@suse.com +Wed Mar 22 10:56:09 UTC 2017 - tchvatal@suse.com -- Do not use gcc5 and newer as the compat was fixed again -- Update to 57.0.2987.110 with various other small tweaks +- Version update to chromium-59.0.3047.0 ------------------------------------------------------------------- -Fri Mar 10 10:55:23 UTC 2017 - tchvatal@suse.com +Tue Mar 21 12:41:00 UTC 2017 - tchvatal@suse.com -- Version update to 57.0.2987.98 bsc#1028848: - CVE-2017-5030 CVE-2017-5031 CVE-2017-5032 CVE-2017-5029 CVE-2017-5034 - CVE-2017-5035 CVE-2017-5036 CVE-2017-5037 CVE-2017-5039 CVE-2017-5040 - CVE-2017-5041 CVE-2017-5033 CVE-2017-5042 CVE-2017-5038 CVE-2017-5043 - CVE-2017-5044 CVE-2017-5045 CVE-2017-5046 -- Refresh patches - * fix-gn-bootstrap.diff - * chromium-linker-memory.patch -- Remove obsolete patches: - * chromium-sandbox.patch - * chromium-54-ffmpeg2compat.patch -- Remove vaapi patch which broke rendering on non-intel cards: - * chromium-enable-vaapi-on-suse.patch -- From this release onwards i586 build is disabled +- Few tweaks around clang switch to be viable ------------------------------------------------------------------- -Wed Feb 15 12:02:32 UTC 2017 - idonmez@suse.com +Sat Mar 18 19:13:16 UTC 2017 - tchvatal@suse.com + +- Update to 59.0.3043.0 +- Refresh patch fix-gn-bootstrap.diff + +------------------------------------------------------------------- +Wed Mar 15 10:14:35 UTC 2017 - tchvatal@suse.com + +- Update to 58.0.3029.19 + +------------------------------------------------------------------- +Wed Mar 15 09:34:48 UTC 2017 - tchvatal@suse.com + +- Reduce the requirement on gcc to be 4.8 only again + +------------------------------------------------------------------- +Mon Mar 13 12:20:56 UTC 2017 - tchvatal@suse.com + +- Version update to 58.0.3029.14 + +------------------------------------------------------------------- +Mon Mar 13 11:41:34 UTC 2017 - tchvatal@suse.com + +- Disable system vpx for now, needs symbols that will be in 1.6.2 + +------------------------------------------------------------------- +Fri Mar 10 13:03:15 UTC 2017 - tchvatal@suse.com + +- Update fix-gn-bootstrap.diff to build again + +------------------------------------------------------------------- +Wed Mar 8 11:26:35 UTC 2017 - tchvatal@suse.com + +- Version update to 58.0.3029.6 + +------------------------------------------------------------------- +Thu Mar 2 15:19:25 UTC 2017 - tchvatal@suse.com + +- Update to 58.0.3026.3 +- Empty fix-gn-bootstrap.diff again as it was merged upstream + +------------------------------------------------------------------- +Mon Feb 27 11:22:10 UTC 2017 - tchvatal@suse.com + +- Drop patch chromium-enable-vaapi-on-suse.patch as it breaks on + radeon and nvidia cards + +------------------------------------------------------------------- +Fri Feb 24 07:58:48 UTC 2017 - tchvatal@suse.com + +- Update to 58.0.3018.3 +- Update patch fix-gn-bootstrap.diff to match what is needed now +- Refresh patch chromium-system-jinja-r13.patch + +------------------------------------------------------------------- +Fri Feb 17 12:14:06 UTC 2017 - tchvatal@suse.com + +- Version update to 58.0.3013.3 + +------------------------------------------------------------------- +Wed Feb 15 12:15:52 UTC 2017 - idonmez@suse.com - Also add harfbuzz-ng to keeplibs for SLE +------------------------------------------------------------------- +Wed Feb 8 12:39:54 UTC 2017 - tchvatal@suse.com + +- Update to 58.0.3004.3 + +------------------------------------------------------------------- +Wed Feb 8 12:32:46 UTC 2017 - tchvatal@suse.com + +- Try to properly set up nodejs for build + +------------------------------------------------------------------- +Mon Feb 6 20:39:24 UTC 2017 - tchvatal@suse.com + +- Version update to 58.3000.4 next dev channel +- Drop patch chromium-54-ffmpeg2compat.patch as we require ffmpeg3 now + ------------------------------------------------------------------- Mon Feb 6 20:29:52 UTC 2017 - tchvatal@suse.com - Add condition for system harfbuzz to be disabled on SLE ------------------------------------------------------------------- -Mon Feb 6 12:21:34 UTC 2017 - qvoheagbfovvhubzdxfx@posteo.net - -- Fixed a typo in the build requirements for system minizip. - -------------------------------------------------------------------- -Fri Feb 3 12:23:34 UTC 2017 - tchvatal@suse.com - -- Version update to 56.0.2924.87: - * Various small fixes - * Disabled option to enable/disable plugins in the chrome://plugins - -------------------------------------------------------------------- -Thu Feb 2 20:01:27 UTC 2017 - qvoheagbfovvhubzdxfx@posteo.net - -- Added the package 'chromium-privacy' with multiple patches - sourced from the release version on https://github.com/ - u4qo60z73t1c4hurv3ny/privacy_patches-oS_cr, which, when enabled - with the build option 'privacy', builds a version of Chromium - with less privacy implications due to Google services - integration. - -------------------------------------------------------------------- -Wed Feb 1 09:48:35 UTC 2017 - qvoheagbfovvhubzdxfx@posteo.net +Mon Feb 6 12:16:45 UTC 2017 - qvoheagbfovvhubzdxfx@posteo.net - Changed the build requirement of libavformat to library version 57.41.100, as included in ffmpeg 3.1.1, as only this version properly supports the public AVStream API 'codecpar'. - -------------------------------------------------------------------- -Tue Jan 31 14:08:26 UTC 2017 - tchvatal@suse.com - -- Version update to 56.0.2924.76 bsc#1022049: - - CVE-2017-5007: Universal XSS in Blink - - CVE-2017-5006: Universal XSS in Blink - - CVE-2017-5008: Universal XSS in Blink - - CVE-2017-5010: Universal XSS in Blink - - CVE-2017-5011: Unauthorised file access in Devtools - - CVE-2017-5009: Out of bounds memory access in WebRTC - - CVE-2017-5012: Heap overflow in V8 - - CVE-2017-5013: Address spoofing in Omnibox - - CVE-2017-5014: Heap overflow in Skia - - CVE-2017-5015: Address spoofing in Omnibox - - CVE-2017-5019: Use after free in Renderer - - CVE-2017-5016: UI spoofing in Blink - - CVE-2017-5017: Uninitialised memory access in webm video - - CVE-2017-5018: Universal XSS in chrome://apps - - CVE-2017-5020: Universal XSS in chrome://downloads - - CVE-2017-5021: Use after free in Extensions - - CVE-2017-5022: Bypass of Content Security Policy in Blink - - CVE-2017-5023: Type confusion in metrics - - CVE-2017-5024: Heap overflow in FFmpeg - - CVE-2017-5025: Heap overflow in FFmpeg - - CVE-2017-5026: UI spoofing. Credit to Ronni Skansing -- Add conditional to switch between system and bundled icu -- Raise dependency on harfbuzz to 1.3.1 -- Also refresh patches: - chromium-prop-codecs.patch chromium-linker-memory.patch - -------------------------------------------------------------------- -Sat Jan 28 11:31:18 UTC 2017 - qvoheagbfovvhubzdxfx@posteo.net - - Added patch chromium-enable-vaapi-on-suse.patch to enable VAAPI hardware accelerated video decoding. + * chromium-enable-vaapi-on-suse.patch +- Fixed a typo in the build requirements for system minizip. ------------------------------------------------------------------- -Wed Dec 21 20:19:42 UTC 2016 - astieger@suse.com +Fri Feb 3 10:38:16 UTC 2017 - tchvatal@suse.com -- Chromium 55.0.2883.87: - * various fixes for crashes and specific wesites - * update Google pinned certificates +- Update to 57.0.2987.21 ------------------------------------------------------------------- -Wed Dec 21 10:02:52 UTC 2016 - tchvatal@suse.com +Wed Feb 1 12:44:58 UTC 2017 - tchvatal@suse.com -- Disable system icu on Factory, crashes autofill +- Update to 57.0.2987.19 ------------------------------------------------------------------- -Tue Dec 13 14:38:08 UTC 2016 - idonmez@suse.com +Sun Jan 29 17:58:34 UTC 2017 - tchvatal@suse.com + +- Version update to 57.0.2987.13 + +------------------------------------------------------------------- +Wed Jan 25 13:47:13 UTC 2017 - tchvatal@suse.com + +- Update to 57.0.2987.8 + +------------------------------------------------------------------- +Tue Jan 24 10:43:32 UTC 2017 - tchvatal@suse.com + +- Update to 57.0.2986.0 + +------------------------------------------------------------------- +Thu Jan 19 10:40:36 UTC 2017 - tchvatal@suse.com + +- Version update to 57.0.2984.0 + +------------------------------------------------------------------- +Fri Jan 13 09:13:44 UTC 2017 - tchvatal@suse.com + +- Drop the support code for builtin ffmpeg and rely on the system one always + +------------------------------------------------------------------- +Fri Jan 6 11:53:25 UTC 2017 - tchvatal@suse.com + +- Exclude i586 arch as the resources to build are not there + +------------------------------------------------------------------- +Wed Jan 4 12:36:34 UTC 2017 - tchvatal@suse.com + +- Add toolchain definition hopefully allowing us to build on Leap + with older gcc + * This also exposes more of our suse CFLAGS to the compilation + +------------------------------------------------------------------- +Wed Jan 4 12:07:26 UTC 2017 - tchvatal@suse.com + +- Version update to 57.0.2970.0 +- Refresh patch: + * fix-gn-bootstrap.diff +- Drop patch: + * chromium-sandbox.patch + +------------------------------------------------------------------- +Tue Dec 20 14:55:38 UTC 2016 - tchvatal@suse.com + +- Use gcc5 on leap + +------------------------------------------------------------------- +Mon Dec 19 10:30:45 UTC 2016 - tchvatal@suse.com + +- Update to 57.0.2946.4 + +------------------------------------------------------------------- +Wed Dec 14 10:45:26 UTC 2016 - tchvatal@suse.com + +- Allow building with non-system icu on older systems +- Refresh patch fix-gn-bootstrap.diff +- Disable system icu again, fails to build even on factory + +------------------------------------------------------------------- +Tue Dec 13 14:42:30 UTC 2016 - idonmez@suse.com - python-html5lib now depends on six, so preserve that too for SLE builds. ------------------------------------------------------------------- -Fri Dec 9 12:07:10 UTC 2016 - astieger@suse.com +Sun Dec 11 13:12:44 UTC 2016 - tchvatal@suse.com -- Obsolete ffmpeg and ffmpegsumo package in addition to conflict +- Version update to 57.0.2946.0 ------------------------------------------------------------------- -Mon Dec 5 17:08:45 UTC 2016 - astieger@suse.com +Sun Dec 11 13:04:36 UTC 2016 - tchvatal@suse.com -- record minimum version for harfbuzz, incuding runtime - Chromium will crash with harfbuzz < 1.3.0 +- Version update to 56.0.2924.21 ------------------------------------------------------------------- -Sat Dec 3 09:59:21 UTC 2016 - tchvatal@suse.com +Thu Dec 8 08:33:17 UTC 2016 - tchvatal@suse.com -- Chromium 55.0.2883.75 bnc#1013236: - CVE-2016-9651 CVE-2016-5208 CVE-2016-5207 CVE-2016-5206 CVE-2016-5205 - CVE-2016-5204 CVE-2016-5209 CVE-2016-5203 CVE-2016-5210 CVE-2016-5212 - CVE-2016-5211 CVE-2016-5213 CVE-2016-5214 CVE-2016-5216 CVE-2016-5215 - CVE-2016-5217 CVE-2016-5218 CVE-2016-5219 CVE-2016-5221 CVE-2016-5220 - CVE-2016-5222 CVE-2016-9650 CVE-2016-5223 CVE-2016-5226 CVE-2016-5225 - CVE-2016-5224 CVE-2016-9652 -- Switch to system libraries: harfbuzz, zlib, ffmpeg, ... -- Refreshed patches: - * chromium-system-ffmpeg-r3.patch - * chromium-system-jinja-r13.patch -- Use system ffmpeg unless on 13.2 that didn't include it - * chromium-54-ffmpeg2compat.patch - * Remove upstreamed chromium-more-codec-aliases.patch -- Remove bookmarks override as discussed with artwork simply just set - homepage to our openSUSE one and that is all +- Version update to 56.0.2924.18 ------------------------------------------------------------------- -Sat Nov 12 08:20:05 UTC 2016 - astieger@suse.com +Sat Dec 3 12:03:04 UTC 2016 - tchvatal@suse.com -- Chromium 54.0.2840.100: - * CVE-2016-5199: Heap corruption in FFmpeg (boo#1009892) - * CVE-2016-5200: out of bounds memory access in v8 (boo#1009893) - * CVE-2016-5201: info leak in extensions (boo#1009894) - * CVE-2016-5202: various fixes from internal audits (boo#1009895) +- Version update to 56.0.2924.14 + +------------------------------------------------------------------- +Tue Nov 29 21:13:49 UTC 2016 - tchvatal@suse.com + +- Version update to 56.0.2924.10 + +------------------------------------------------------------------- +Tue Nov 22 07:40:21 UTC 2016 - tchvatal@suse.com + +- Version update to 56.0.2922.1 + +------------------------------------------------------------------- +Fri Nov 18 08:35:30 UTC 2016 - tchvatal@suse.com + +- Version update to 56.0.2920.0 + +------------------------------------------------------------------- +Mon Nov 14 13:13:16 UTC 2016 - tchvatal@suse.com + +- Version update to 56.0.2914.3: + * refresh patch chromium-prop-codecs.patch ------------------------------------------------------------------- Mon Nov 7 20:02:46 UTC 2016 - tchvatal@suse.com @@ -959,63 +922,96 @@ Mon Nov 7 20:02:46 UTC 2016 - tchvatal@suse.com bnc#1008725 ------------------------------------------------------------------- -Wed Nov 2 07:32:27 UTC 2016 - tchvatal@suse.com +Sun Nov 6 09:41:28 UTC 2016 - tchvatal@suse.com -- Update to 54.0.2840.90: - * Few fixes and tweaks - * Fixes CVE-2016-5198 bsc#1008274 +- Put chromium-flags at the end to allow user to override various + variables ------------------------------------------------------------------- -Fri Oct 21 10:27:16 UTC 2016 - tchvatal@suse.com +Wed Nov 2 07:36:15 UTC 2016 - tchvatal@suse.com -- Update to 54.0.2840.71: - * Few fixes around +- Update to 56.0.2906.0 ------------------------------------------------------------------- -Thu Oct 13 10:19:03 UTC 2016 - tchvatal@suse.com +Fri Oct 28 16:59:28 UTC 2016 - tchvatal@suse.com -- Version update to 54.0.2840.59 bnc#1004465: - - CVE-2016-5181: Universal XSS in Blink (Anonymous) - - CVE-2016-5182: Heap overflow in Blink (Giwan Go of STEALIEN) - - CVE-2016-5183: Use after free in PDFium (Anonymous) - - CVE-2016-5184: Use after free in PDFium (Anonymous) - - CVE-2016-5185: Use after free in Blink (cloudfuzzer) - - CVE-2016-5187: URL spoofing (Luan Herrera) - - CVE-2016-5188: UI spoofing (Luan Herrera) - - CVE-2016-5192: Cross-origin bypass in Blink (haojunhou at gmail) - - CVE-2016-5189: URL spoofing (xisigr of Tencent's Xuanwu Lab) - - CVE-2016-5186: Out of bounds read in DevTools (Abdulrahman Alqabandi) - - CVE-2016-5191: Universal XSS in Bookmarks (Gareth Hughes) - - CVE-2016-5190: Use after free in Internals (Atte Kettunen of OUSPG) - - CVE-2016-5193: Scheme bypass (Yuyang ZHOUmartinzhou96) -- packaging changes: - * disable build for chromium-beta on %arm. - * Make linker use less memory by tweaking its options: - chromium-linker-memory.patch - * obsolete desktop subpackages - * Switch to gold to reduce memory use use during build - * fix build on 4.5+ kernels with systemlibs: - chromium-sandbox.patch - * various compiler and linker flag adjustments - * enable gtk3 ui, add patch gtk3-missing-define.patch - * switch from some bundled libraries to the system versions - chromium-system-ffmpeg-r3.patch - chromium-system-jinja-r13.patch - fix-gn-bootstrap.diff - * remove service file covered by download_files -- run time bug fixes: - * Add --ui-disable-partial-swap to the launcher bnc#1000019 - * Use default chromium values from master_preferences on first run - rather than pseudo-duplicating in shellscript -- added features: - * hangouts extension +- Update to 56.0.2902.0 + * Update fix-gn-bootstrap.diff ------------------------------------------------------------------- -Fri Sep 30 08:00:45 UTC 2016 - tchvatal@suse.com +Mon Oct 24 13:06:07 UTC 2016 - tchvatal@suse.com -- Version update to 53.0.2785.143 bnc#1002140: - * CVE-2016-5177: Use after free in V8 - * CVE-2016-5178: Various fixes from internal audits +- Update to 56.0.2897.0 + * Refresh patch chromium-linker-memory.patch + * Update fix-gn-bootstrap.diff + +------------------------------------------------------------------- +Mon Oct 24 11:44:08 UTC 2016 - tchvatal@suse.com + +- Try to make package buildable on SLE12 Backports project + +------------------------------------------------------------------- +Fri Oct 21 10:34:39 UTC 2016 - tchvatal@suse.com + +- Update to 55.0.2883.21 +- Add switch between bundled and system icu as on old distributions + we simply have too old ICU +- Add switch for bundled/system minizip as it is not available on 42.1 + +------------------------------------------------------------------- +Thu Oct 20 07:52:26 UTC 2016 - tchvatal@suse.com + +- Version update to 55.0.2883.18 + +------------------------------------------------------------------- +Mon Oct 17 12:06:03 UTC 2016 - tchvatal@suse.com + +- Version update to 55.0.2883.11 +- Drop chromium-system-zlib.patch +- Add Requires on specified browser for chromedriver wrt bnc#1004839 + +------------------------------------------------------------------- +Sun Oct 9 18:16:49 UTC 2016 - tchvatal@suse.com + +- Version update to 55.0.2882.0: + * Rebase fix-gn-bootstrap.diff + * Remove upstreamed chromium-more-codec-aliases.patch + +------------------------------------------------------------------- +Sat Oct 8 09:51:35 UTC 2016 - mailaender@opensuse.org + +- Add appdata.xml for https://en.opensuse.org/openSUSE:AppStore + +------------------------------------------------------------------- +Fri Sep 30 07:12:16 UTC 2016 - dmueller@suse.com + +- disable build for chromium-beta on %arm. while it does build, + it takes two days, in which we can build roughly 600 other packages, + and I rather build 600 other packages than chromium-beta. + +------------------------------------------------------------------- +Wed Sep 28 17:32:17 UTC 2016 - tchvatal@suse.com + +- Version update to 55.0.2873.0: + * refresh fix-gn-bootstrap.diff + +------------------------------------------------------------------- +Tue Sep 27 08:08:38 UTC 2016 - tchvatal@suse.com + +- Do not install default_bookmarks.html file, just set homepage + and that's it +- Drop chromium-rpmlintrc not really needed + +------------------------------------------------------------------- +Mon Sep 26 14:07:58 UTC 2016 - tchvatal@suse.com + +- Drop chrome-wrapper file it is unused + +------------------------------------------------------------------- +Mon Sep 26 12:29:52 UTC 2016 - tchvatal@suse.com + +- Add --ui-disable-partial-swap to the launcher bnc#1000019 + cr#628168 ------------------------------------------------------------------- Mon Sep 26 12:22:41 UTC 2016 - dimstar@opensuse.org @@ -1024,50 +1020,153 @@ Mon Sep 26 12:22:41 UTC 2016 - dimstar@opensuse.org it's started as an Xwayland client (boo#1001135). ------------------------------------------------------------------- -Sat Sep 17 11:36:18 UTC 2016 - tchvatal@suse.com +Mon Sep 26 08:18:16 UTC 2016 - tchvatal@suse.com -- Apply sandbox patch to fix crashers on tumbleweed bnc#999091 +- Update to 55.0.2868.3: + * remove patch gtk3-missing-define.patch + * update patch fix-gn-bootstrap.diff + * add patch chromium-system-zlib.patch +- Use system icu, upstream bug was fixed + +------------------------------------------------------------------- +Wed Sep 21 09:50:26 UTC 2016 - tchvatal@suse.com + +- Enable system libs again as it works for now +- Disable system vpx on < Factory as the vpx there is too old +- Now stable -> enable tcmalloc again + +------------------------------------------------------------------- +Tue Sep 20 09:00:29 UTC 2016 - tchvatal@suse.com + +- Make linker use less memory by tweaking its options: + * chromium-linker-memory.patch +- Update constraints for arm a bit to build +- Use system ffmpeg unless on 13.2 that didn't include it + * chromium-54-ffmpeg2compat.patch + +------------------------------------------------------------------- +Fri Sep 16 09:12:17 UTC 2016 - tchvatal@suse.com + +- Fix obsoletes for the desktop thingies + +------------------------------------------------------------------- +Thu Sep 15 12:02:32 UTC 2016 - tchvatal@suse.com + +- Gtk3 is still buggy -> disable +- Remove systemlibs for now except ffmpeg as it causes tons of problems + +------------------------------------------------------------------- +Wed Sep 14 14:57:42 UTC 2016 - tchvatal@suse.com + +- Switch to component build - solves issue with linking and not + enough memory +- Document in defaults how to actually enable debugging +- Remove noop conditions and empty variables from .sh script + launching chromium + +------------------------------------------------------------------- +Wed Sep 14 07:31:47 UTC 2016 - tchvatal@suse.com + +- Enable aarch64 to see how it goes +- Version update to 55.0.2859.0 + +------------------------------------------------------------------- +Tue Sep 13 17:13:47 UTC 2016 - tchvatal@suse.com + +- Do not bother with widevine installation, we need to build the + connectors, but later need to use the one bundled with chrome to + work with drm anyway + +------------------------------------------------------------------- +Tue Sep 13 12:53:23 UTC 2016 - tchvatal@suse.com + +- Switch to gold, we need to use less memory when linking +- Expand constraints for the debug symbols +- Use default chromium values from master_preferences on first run + rather than pseudo-duplicating in shellscript, bugs should be + fixed in the masterprefs +- Add patch to fix build on 4.5+ kernels with systemlibs: * chromium-sandbox.patch ------------------------------------------------------------------- -Thu Sep 15 13:09:21 UTC 2016 - tchvatal@suse.com +Mon Sep 12 17:21:26 UTC 2016 - tchvatal@suse.com -- Version update stable channel 53.0.2785.116 - * Just smal bugfixes around +- Collapse the ninja calls to run only once, no need to start 3x +- Remove g0 from cflags, that is something we never want, at least + some symbols for tracing are useful +- Sync more the options that are available for the build ------------------------------------------------------------------- -Wed Sep 14 07:35:09 UTC 2016 - tchvatal@suse.com +Mon Sep 12 08:55:09 UTC 2016 - tchvatal@suse.com -- Version update to 53.0.2785.113 bnc#998743: - * CVE-2016-5170 Use after free in Blink - * CVE-2016-5171 Use after free in Blink - * CVE-2016-5172 Arbitrary Memory Read in v8 - * CVE-2016-5173 Extension resource access - * CVE-2016-5174 Popup not correctly suppressed - * CVE-2016-5175 Various fixes from internal audits +- Enable more switches that are found in the gn files +- Try to enable gtk3 ui again + * add patch gtk3-missing-define.patch ------------------------------------------------------------------- -Mon Sep 12 08:31:59 UTC 2016 - tchvatal@suse.com +Sun Sep 11 09:14:14 UTC 2016 - tchvatal@suse.com -- Reenable widevine build again bnc#998328 +- Move widevine to subpackage so user have choice between the built + one and the chrome one ------------------------------------------------------------------- -Sat Sep 10 09:13:37 UTC 2016 - tchvatal@suse.com +Sat Sep 10 11:02:42 UTC 2016 - tchvatal@suse.com -- Stable channel update to 53.0.2785.101 - * SPDY crasher fixes - * Disable NV12 DXGI video on AMD - * Forward --password-store switch to os_crypt - * Tell the kernel to discard USB requests when they time out. +- Version update to dev chanel 55.0.2853.0 +- Refresh patches: + * chromium-system-ffmpeg-r3.patch + * chromium-system-jinja-r13.patch +- Correctly detect system ffmpeg and set branding to allow all codecs + that the ffmpeg can work with (eg we simply passover all the data + and do not bother with blacklist/whitelist) ------------------------------------------------------------------- -Wed Sep 7 14:50:44 UTC 2016 - astieger@suse.com +Sat Sep 10 08:58:20 UTC 2016 - tchvatal@suse.com -- Update to Chromium 53.0.2785.92: - * Revert of support relocatable RPM packages - * disallow WKBackForwardListItem navigations for pushState pages - * arc: bluetooth: Fix advertised uuid - * fix conflicting PendingIntent for stop button and swipe away +- Update to 54.0.2840.16 +- Expand provides/obsoletes for the desktop subpackages to remove + them all + +------------------------------------------------------------------- +Thu Sep 8 13:23:30 UTC 2016 - tchvatal@suse.com + +- Enable hangouts extension +- Try to build widevine drm extension instead of using the one from + packman bnc#998328 +- Go back to normal malloc from bundled tcmalloc, switch back when + we can use system one + +------------------------------------------------------------------- +Wed Sep 7 06:36:15 UTC 2016 - tchvatal@suse.com + +- Update to 54.0.2840.14 +- Switch back to gcc on factory +- Switch some bundled libraries off courtesy of gentoo build system +- Try to use system ffmpeg if possible +- Remove useless service file, "osc service localrun download_files" + works fine enough even without it +- Add patches for system jinja and ffmpeg (gentoo): + * chromium-system-ffmpeg-r3.patch + * chromium-system-jinja-r13.patch +- Add back gcc compat patch: + * gcc60-fixes.diff + +------------------------------------------------------------------- +Tue Sep 6 08:32:06 UTC 2016 - tchvatal@suse.com + +- Switch to compile using clang as google has default + * Only for factory on 1320 and older use gcc +- Obsolete kde/gnome subpackages, useless nowdays +- Determine paralelism based on how much memory we have +- Disable gtk3 it seems to be really messy with rendering nowdays + * Stick with gtk2 for time being +- Enable tcmalloc as memory manager +- Sort out with spec-cleaner +- Drop unused patches: + * fix-older-gcc.patch + * gcc60-fixes.diff +- Do not install chromium-generic to libdir just directly go to bindir +- Remove empty pre function ------------------------------------------------------------------- Thu Sep 1 04:04:13 UTC 2016 - tittiatcoke@gmail.com diff --git a/chromium.spec b/chromium.spec index 4de4a5c..c758f1a 100644 --- a/chromium.spec +++ b/chromium.spec @@ -39,8 +39,8 @@ %endif %bcond_with system_vpx %bcond_with clang -Name: chromium -Version: 68.0.3440.106 +Name: chromium-beta +Version: 69.0.3497.81 Release: 0 Summary: Google's open source browser project License: BSD-3-Clause AND LGPL-2.1-or-later @@ -66,32 +66,24 @@ Patch3: fix_building_widevinecdm_with_chromium.patch Patch4: chromium-dma-buf.patch Patch5: chromium-buildname.patch Patch6: chromium-non-void-return.patch -Patch7: chromium-ffmpeg.patch -Patch8: chromium-drm.patch -Patch9: chromium-sandbox-pie.patch -Patch10: chromium-libwebp-shim.patch -Patch11: chromium-libjpeg.patch -Patch12: chromium-cors-string.patch -Patch13: chromium-gcc.patch -Patch14: chromium-gcc7.patch +Patch7: chromium-drm.patch +Patch8: chromium-sandbox-pie.patch +Patch9: chromium-warnings.patch +Patch10: chromium-skia-aarch64-buildfix.patch # PATCH-FIX-UPSTREAM chromium-vpx-aarch64.patch - Fix vpx build on aarch64 (patch edited to match path for -p1) -Patch15: chromium-vpx-aarch64.patch +Patch11: chromium-vpx-aarch64.patch +Patch12: chromium-system-icu.patch +Patch13: chromium-old-glibc.patch # Google seem not too keen on merging this but GPU accel is quite important # https://chromium-review.googlesource.com/c/chromium/src/+/532294 # https://github.com/saiarcot895/chromium-ubuntu-build/tree/master/debian/patches +# NEEDS REBASE QUITE OFTEN Patch100: chromium-vaapi.patch # Google does not care much about system libs here # https://bugs.chromium.org/p/skia/issues/detail?id=6663 Patch101: chromium-skia-system-fontconfig.patch -# GN buildsystem related patches -Patch200: chromium-last-commit-position-r0.patch -Patch201: fix-gn-bootstrap.patch # PATCH-FIX-SUSE: allow proprietary codecs to be set with chromium branding Patch202: chromium-prop-codecs.patch -# PATCH-FIX-UPSTREAM: fix skia build on aarch64 -Patch300: chromium-skia-aarch64-buildfix.patch -# PATCH-FIX-UPSTREAM: fix crashpad build on aarch64 -Patch301: chromium-crashpad-aarch64-fix.patch BuildRequires: SDL-devel BuildRequires: binutils-gold BuildRequires: bison @@ -99,6 +91,7 @@ BuildRequires: cups-devel BuildRequires: desktop-file-utils BuildRequires: fdupes BuildRequires: flex +BuildRequires: gn BuildRequires: gperf BuildRequires: hicolor-icon-theme BuildRequires: libcap-devel @@ -194,16 +187,16 @@ Provides: chromium-browser = %{version} Obsoletes: %{name}-suid-helper < %{version} Obsoletes: chromium-browser < %{version} Provides: %{name}-suid-helper = %{version} -Obsoletes: chromium-beta-desktop-gnome -Obsoletes: chromium-beta-desktop-kde -Obsoletes: chromium-desktop-gnome Obsoletes: chromium-desktop-kde -Obsoletes: chromium-dev-desktop-gnome +Obsoletes: chromium-desktop-gnome +Obsoletes: chromium-beta-desktop-kde +Obsoletes: chromium-beta-desktop-gnome Obsoletes: chromium-dev-desktop-kde +Obsoletes: chromium-dev-desktop-gnome Obsoletes: chromium-ffmpeg Obsoletes: chromium-ffmpegsumo # no 32bit supported and it takes ages to build -ExcludeArch: %{arm} i586 ppc ppc64 ppc64le s390 s390x +ExcludeArch: %{arm} ppc ppc64 ppc64le s390 s390x %ifnarch aarch64 # Current tcmalloc does not support AArch64 BuildRequires: pkgconfig(libtcmalloc) @@ -232,7 +225,7 @@ BuildRequires: pkgconfig(zlib) BuildRequires: pkgconfig(icu-i18n) >= 59.0 %endif %if %{with system_vpx} -BuildRequires: pkgconfig(vpx) > 1.7.0 +BuildRequires: pkgconfig(vpx) >= 1.6.1 %endif %if %{with clang} BuildRequires: clang >= 5.0.0 @@ -292,6 +285,7 @@ keeplibs=( net/third_party/quic net/third_party/spdy third_party/WebKit + third_party/abseil-cpp third_party/analytics third_party/angle third_party/apple_apsl @@ -303,6 +297,9 @@ keeplibs=( third_party/angle/third_party/glslang third_party/angle/third_party/spirv-headers third_party/angle/third_party/spirv-tools + third_party/angle/third_party/vulkan-headers + third_party/angle/third_party/vulkan-loader + third_party/angle/third_party/vulkan-tools third_party/angle/third_party/vulkan-validation-layers third_party/blink third_party/boringssl @@ -606,10 +603,9 @@ myconf_gn+=" google_api_key=\"${google_api_key}\"" myconf_gn+=" google_default_client_id=\"${google_default_client_id}\"" myconf_gn+=" google_default_client_secret=\"${google_default_client_secret}\"" -tools/gn/bootstrap/bootstrap.py -s -v --gn-gen-args "${myconf_gn}" # GN does not support passing cflags: # https://bugs.chromium.org/p/chromium/issues/detail?id=642016 -out/Release/gn gen --args="${myconf_gn}" out/Release +gn gen --args="${myconf_gn}" out/Release ninja -v %{?_smp_mflags} -C out/Release chrome chrome_sandbox chromedriver From 5adc9ace39a7621e76286d5311adf3b3925b4d60d6f900d34a911f2dfd795d71 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Thu, 6 Sep 2018 09:12:59 +0000 Subject: [PATCH 46/52] - Version update to 69.0.3497.81 bsc#1107235: * CVE-2018-16065: Out of bounds write in V8 * CVE-2018-16066:Out of bounds read in Blink * CVE-2018-16067: Out of bounds read in WebAudio * CVE-2018-16068: Out of bounds write in Mojo * CVE-2018-16069:Out of bounds read in SwiftShader * CVE-2018-16070: Integer overflow in Skia * CVE-2018-16071: Use after free in WebRTC * CVE-2018-16073: Site Isolation bypass after tab restore * CVE-2018-16074: Site Isolation bypass using Blob URLS * Out of bounds read in Little-CMS * CVE-2018-16075: Local file access in Blink * CVE-2018-16076: Out of bounds read in PDFium * CVE-2018-16077: Content security policy bypass in Blink * CVE-2018-16078: Credit card information leak in Autofill * CVE-2018-16079: URL spoof in permission dialogs * CVE-2018-16080: URL spoof in full screen mode * CVE-2018-16081: Local file access in DevTools * CVE-2018-16082: Stack buffer overflow in SwiftShader * CVE-2018-16083: Out of bounds read in WebRTC * CVE-2018-16084: User confirmation bypass in external protocol handling * CVE-2018-16085: Use after free in Memory Instrumentation - Added patches: * chromium-old-glibc.patch * chromium-system-icu.patch * chromium-warnings.patch - Removed patches: * chromium-cors-string.patch * chromium-crashpad-aarch64-fix.patch * chromium-ffmpeg.patch OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1160 --- chromium.changes | 1673 ++++++++++++++++++++++------------------------ chromium.spec | 8 +- 2 files changed, 813 insertions(+), 868 deletions(-) diff --git a/chromium.changes b/chromium.changes index 07189c8..a5147cc 100644 --- a/chromium.changes +++ b/chromium.changes @@ -1,206 +1,405 @@ ------------------------------------------------------------------- -Thu Aug 30 07:42:25 UTC 2018 - tchvatal@suse.com +Thu Sep 6 09:09:57 UTC 2018 - Tomáš Chvátal -- Up to 69.0.3497.72 +- Version update to 69.0.3497.81 bsc#1107235: + * CVE-2018-16065: Out of bounds write in V8 + * CVE-2018-16066:Out of bounds read in Blink + * CVE-2018-16067: Out of bounds read in WebAudio + * CVE-2018-16068: Out of bounds write in Mojo + * CVE-2018-16069:Out of bounds read in SwiftShader + * CVE-2018-16070: Integer overflow in Skia + * CVE-2018-16071: Use after free in WebRTC + * CVE-2018-16073: Site Isolation bypass after tab restore + * CVE-2018-16074: Site Isolation bypass using Blob URLS + * Out of bounds read in Little-CMS + * CVE-2018-16075: Local file access in Blink + * CVE-2018-16076: Out of bounds read in PDFium + * CVE-2018-16077: Content security policy bypass in Blink + * CVE-2018-16078: Credit card information leak in Autofill + * CVE-2018-16079: URL spoof in permission dialogs + * CVE-2018-16080: URL spoof in full screen mode + * CVE-2018-16081: Local file access in DevTools + * CVE-2018-16082: Stack buffer overflow in SwiftShader + * CVE-2018-16083: Out of bounds read in WebRTC + * CVE-2018-16084: User confirmation bypass in external protocol handling + * CVE-2018-16085: Use after free in Memory Instrumentation +- Added patches: + * chromium-old-glibc.patch + * chromium-system-icu.patch + * chromium-warnings.patch +- Removed patches: + * chromium-cors-string.patch + * chromium-crashpad-aarch64-fix.patch + * chromium-ffmpeg.patch + * chromium-gcc.patch + * chromium-gcc7.patch + * chromium-libjpeg.patch + * chromium-libwebp-shim.patch +- Rebased patches: + * chromium-last-commit-position-r0.patch + * chromium-non-void-return.patch + * chromium-sandbox-pie.patch + * chromium-skia-system-fontconfig.patch + * chromium-vaapi.patch ------------------------------------------------------------------- -Tue Aug 28 08:12:29 UTC 2018 - tchvatal@suse.com +Wed Aug 8 21:14:43 UTC 2018 - tchvatal@suse.com -- Version update to 69.0.3497.57 +- Update to chromium-68.0.3440.106: + * Various feature fixes ------------------------------------------------------------------- -Fri Aug 17 08:08:04 UTC 2018 - tchvatal@suse.com +Wed Aug 1 10:12:25 UTC 2018 - tchvatal@suse.com -- Up to 69.0.3497.42 +- Version update to 68.0.3440.84: + * Various small feature fixes only ------------------------------------------------------------------- -Fri Aug 10 07:41:44 UTC 2018 - tchvatal@suse.com - -- Up to 69.0.3497.32 - -------------------------------------------------------------------- -Thu Aug 2 09:48:34 UTC 2018 - tchvatal@suse.com - -- Up to 69.0.3497.23 - -------------------------------------------------------------------- -Fri Jul 27 13:11:50 UTC 2018 - tchvatal@suse.com - -- Up to chromium-69.0.3497.12 - -------------------------------------------------------------------- -Thu Jul 26 12:29:53 UTC 2018 - guillaume.gardet@opensuse.org +Wed Jul 25 15:56:24 UTC 2018 - guillaume.gardet@opensuse.org - Add patch to fix aarch64 build: - * chromium-vpx-aarch64.patch + * chromium-vpx-aarch64.patch ------------------------------------------------------------------- -Wed Jul 25 14:10:47 UTC 2018 - tchvatal@suse.com +Wed Jul 25 14:29:16 UTC 2018 - tchvatal@suse.com -- Up to 69.0.3493.3 +- Add patch trying to build chromium on Leap 42.3: + * chromium-gcc7.patch ------------------------------------------------------------------- -Mon Jul 16 14:47:54 UTC 2018 - tchvatal@suse.com +Wed Jul 25 13:08:17 UTC 2018 - tchvatal@suse.com -- Up to 69.0.3486.0 +- Raise libvpx requirement to match what we really need ------------------------------------------------------------------- -Fri Jun 29 09:03:46 UTC 2018 - tchvatal@suse.com +Wed Jul 25 09:53:23 UTC 2018 - tchvatal@suse.com -- Up to 69.0.3472.3 +- Version update to 68.0.3440.75 bsc#1102530: + * CVE-2018-6153: Stack buffer overflow in Skia. + * CVE-2018-6154: Heap buffer overflow in WebGL. + * CVE-2018-6155: Use after free in WebRTC. + * CVE-2018-6156: Heap buffer overflow in WebRTC. + * CVE-2018-6157: Type confusion in WebRTC. + * CVE-2018-6158: Use after free in Blink. + * CVE-2018-6159: Same origin policy bypass in ServiceWorker. + * CVE-2018-6160: URL spoof in Chrome on iOS. + * CVE-2018-6161: Same origin policy bypass in WebAudio. + * CVE-2018-6162: Heap buffer overflow in WebGL. + * CVE-2018-6163: URL spoof in Omnibox. + * CVE-2018-6164: Same origin policy bypass in ServiceWorker. + * CVE-2018-6165: URL spoof in Omnibox. + * CVE-2018-6166: URL spoof in Omnibox. + * CVE-2018-6167: URL spoof in Omnibox. + * CVE-2018-6168: CORS bypass in Blink. + * CVE-2018-6169: Permissions bypass in extension installation. + * CVE-2018-6170: Type confusion in PDFium. + * CVE-2018-6171: Use after free in WebBluetooth. + * CVE-2018-6172: URL spoof in Omnibox. + * CVE-2018-6173: URL spoof in Omnibox. + * CVE-2018-6174: Integer overflow in SwiftShader. + * CVE-2018-6175: URL spoof in Omnibox. + * CVE-2018-6176: Local user privilege escalation in Extensions. + * CVE-2018-6177: Cross origin information leak in Blink. + * CVE-2018-6178: UI spoof in Extensions. + * CVE-2018-6179: Local file information leak in Extensions. + * CVE-2018-6044: Request privilege escalation in Extensions. + * CVE-2018-4117: Cross origin information leak in Blink. +- Rebase patches: + * chromium-master-prefs-path.patch + * chromium-non-void-return.patch + * chromium-vaapi.patch +- Add patches: + * chromium-cors-string.patch + * chromium-gcc.patch + * chromium-libjpeg.patch + * chromium-libwebp-shim.patch +- Remove patches: + * chromium-gcc8.patch ------------------------------------------------------------------- -Sun Jun 10 09:52:42 UTC 2018 - tchvatal@suse.com +Tue Jul 10 11:40:21 UTC 2018 - tchvatal@suse.com -- Up to 69.0.3452.0 +- Version update to 67.0.3396.99: + * Various small feature fixes, no security ------------------------------------------------------------------- -Sun Jun 10 09:24:57 UTC 2018 - tchvatal@suse.com +Fri Jun 15 19:51:32 UTC 2018 - tchvatal@suse.com -- Up to 68.0.3440.17 +- Add patch to build under gcc8: + * chromium-gcc8.patch ------------------------------------------------------------------- -Mon May 28 10:33:56 UTC 2018 - tchvatal@suse.com +Wed Jun 13 09:26:43 UTC 2018 - security@suse.com -- Up to 68.0.3438.3 +- Chromium 67.0.3396.87: + * CVE-2018-6149: Out of bounds write in V8 (boo#1097452) ------------------------------------------------------------------- -Fri May 18 14:06:56 UTC 2018 - tchvatal@suse.com +Thu Jun 7 12:23:26 UTC 2018 - astieger@suse.com -- Up to 68.0.3432.3 +- Chromium 67.0.3396.79: + * CVE-2018-6148: Incorrect handling of CSP header (boo#1096508) ------------------------------------------------------------------- -Tue May 15 13:53:14 UTC 2018 - guillaume.gardet@opensuse.org +Fri Jun 1 17:45:46 UTC 2018 - tchvatal@suse.com -- Fix AArch64 build with chromium-crashpad-aarch64-fix.patch +- Require ffmpeg >= 4.0 bsc#1095545 ------------------------------------------------------------------- -Wed May 9 09:11:46 UTC 2018 - tchvatal@suse.com +Wed May 30 11:18:13 UTC 2018 - tchvatal@suse.com -- Up to 68.0.3423.2 -- Refresh patch chromium-master-prefs-path.patch +- Update to 67.0.3396.62 bsc#1095163 + * CVE-2018-6123: Use after free in Blink. + * CVE-2018-6124: Type confusion in Blink. + * CVE-2018-6125: Overly permissive policy in WebUSB. + * CVE-2018-6126: Heap buffer overflow in Skia. + * CVE-2018-6127: Use after free in indexedDB. + * CVE-2018-6128: uXSS in Chrome on iOS. + * CVE-2018-6129: Out of bounds memory access in WebRTC. + * CVE-2018-6130: Out of bounds memory access in WebRTC. + * CVE-2018-6131: Incorrect mutability protection in WebAssembly. + * CVE-2018-6132: Use of uninitialized memory in WebRTC. + * CVE-2018-6133: URL spoof in Omnibox. + * CVE-2018-6134: Referrer Policy bypass in Blink. + * CVE-2018-6135: UI spoofing in Blink. + * CVE-2018-6136: Out of bounds memory access in V8. + * CVE-2018-6137: Leak of visited status of page in Blink. + * CVE-2018-6138: Overly permissive policy in Extensions. + * CVE-2018-6139: Restrictions bypass in the debugger extension API. + * CVE-2018-6140: Restrictions bypass in the debugger extension API. + * CVE-2018-6141: Heap buffer overflow in Skia. + * CVE-2018-6142: Out of bounds memory access in V8. + * CVE-2018-6143: Out of bounds memory access in V8. + * CVE-2018-6144: Out of bounds memory access in PDFium. + * CVE-2018-6145: Incorrect escaping of MathML in Blink. + * CVE-2018-6147: Password fields not taking advantage of OS protections in Views. +- Add patches to build on aarch and remove obsolete one: + * chromium-crashpad-aarch64-fix.patch + * chromium-skia-aarch64-buildfix.patch + * chromium-65.0.3325.162-skia-aarch64-buildfix.patch + * chromium-skia-neon.patch +- Remove no longer needed gcc patch: + * chromium-gcc7.patch +- Rebase patches: + * chromium-non-void-return.patch + * chromium-vaapi.patch + * exclude_ymp.patch + * fix_building_widevinecdm_with_chromium.patch ------------------------------------------------------------------- -Wed May 9 08:38:02 UTC 2018 - guillaume.gardet@opensuse.org +Sat May 26 23:01:20 UTC 2018 - astieger@suse.com -- Fix AArch64 build with chromium-skia-aarch64-buildfix.patch +- on SLE 12 with SUSE PackageHub 12, do not require the SDK for + libwebpmux1 (bsc#1070421) ------------------------------------------------------------------- -Wed May 9 08:34:37 UTC 2018 - tchvatal@suse.com +Sat May 26 07:08:04 UTC 2018 - astieger@suse.com -- Add patch chromium-skia-system-fontconfig.patch bsc#1092272 -- Up to 67.0.3393.30 +- Fix installation issue on SUSE PackageHub 12 with libminizip1 + (bsc#1093031) ------------------------------------------------------------------- -Wed May 9 07:53:48 UTC 2018 - guillaume.gardet@opensuse.org +Wed May 16 07:05:32 UTC 2018 - astieger@suse.com + +- Chromium 66.0.3359.181: + * Autoplay: Force enable on desktop for Web Audio + +------------------------------------------------------------------- +Fri May 11 12:10:44 UTC 2018 - astieger@suse.com + +- Chromium 66.0.3359.170 (bsc#1092923): + * Chain leading to sandbox escape: + CVE-2018-6121: Privilege Escalation in extensions + CVE-2018-6122: Type confusion in V8 + * CVE-2018-6120: Heap buffer overflow in PDFium + * Various fixes from internal audits, fuzzing and other + initiatives + +------------------------------------------------------------------- +Wed May 9 08:36:30 UTC 2018 - tchvatal@suse.com + +- Add patch chromium-skia-system-fontconfig.patch to fix + bsc#1092272 + +------------------------------------------------------------------- +Fri May 4 06:53:49 UTC 2018 - guillaume.gardet@opensuse.org - Enable build on AArch64 - Fix build on AArch64: * set target_cpu to arm64 * disable tcmalloc and swiftshader for aarch64 + * Add new patches: + - chromium-65.0.3325.162-skia-aarch64-buildfix.patch + - chromium-skia-neon.patch ------------------------------------------------------------------- -Wed Apr 25 14:59:25 UTC 2018 - tchvatal@suse.com +Fri Apr 27 08:22:18 UTC 2018 - tchvatal@suse.com -- Up to chromium-67.0.3396.18 +- chromium 66.0.3359.139: + * CVE-2018-6118: Use after free in Media Cache (bsc#1091288) + * drop add-missing-blink-tools.patch, now in tarball again ------------------------------------------------------------------- -Thu Apr 12 09:10:48 UTC 2018 - tchvatal@suse.com +Wed Apr 18 09:14:21 UTC 2018 - tchvatal@suse.com -- Up to 67.0.3393.4 -- Refresh patch exclude_ymp.patch +- Version bump to chromium 66.0.3359.117 bsc#1090000: + * CVE-2018-6085: Use after free in Disk Cache + * CVE-2018-6086: Use after free in Disk Cache + * CVE-2018-6087: Use after free in WebAssembly + * CVE-2018-6088: Use after free in PDFium + * CVE-2018-6089: Same origin policy bypass in Service Worker + * CVE-2018-6090: Heap buffer overflow in Skia + * CVE-2018-6091: Incorrect handling of plug-ins by Service Worker + * CVE-2018-6092: Integer overflow in WebAssembly + * CVE-2018-6093: Same origin bypass in Service Worker + * CVE-2018-6094: Exploit hardening regression in Oilpan + * CVE-2018-6095: Lack of meaningful user interaction requirement before file upload + * CVE-2018-6096: Fullscreen UI spoof + * CVE-2018-6097: Fullscreen UI spoof + * CVE-2018-6098: URL spoof in Omnibox + * CVE-2018-6099: CORS bypass in ServiceWorker + * CVE-2018-6100: URL spoof in Omnibox + * CVE-2018-6101: Insufficient protection of remote debugging prototol in DevTools + * CVE-2018-6102: URL spoof in Omnibox + * CVE-2018-6103: UI spoof in Permissions + * CVE-2018-6104: URL spoof in Omnibox + * CVE-2018-6105: URL spoof in Omnibox + * CVE-2018-6106: Incorrect handling of promises in V8 + * CVE-2018-6107: URL spoof in Omnibox + * CVE-2018-6108: URL spoof in Omnibox + * CVE-2018-6109: Incorrect handling of files by FileAPI + * CVE-2018-6110: Incorrect handling of plaintext files via file:// + * CVE-2018-6111: Heap-use-after-free in DevTools + * CVE-2018-6112: Incorrect URL handling in DevTools + * CVE-2018-6113: URL spoof in Navigation + * CVE-2018-6114: CSP bypass + * CVE-2018-6115: SmartScreen bypass in downloads + * CVE-2018-6116: Incorrect low memory handling in WebAssembly + * CVE-2018-6117: Confusing autofill settings + * Various fixes from internal audits, fuzzing and other initiatives +- Remove obsolete patches: + * chromium-compiler.patch + * chromium-glibc-2.27.patch + * chromium-vaapi-init.patch + * exclude_ymp.diff + * fix-gn-bootstrap.diff + * fix_network_api_crash.patch + * mojo.patch +- Add new patches: + * chromium-ffmpeg.patch + * chromium-gcc7.patch + * exclude_ymp.patch + * fix-gn-bootstrap.patch +- Rebase patches: + * chromium-master-prefs-path.patch + * chromium-non-void-return.patch + * chromium-sandbox-pie.patch + * chromium-vaapi.patch +- Add patch to fix missing folder from tarball: + * add-missing-blink-tools.patch ------------------------------------------------------------------- -Wed Apr 4 11:49:20 UTC 2018 - tchvatal@suse.com +Sun Apr 8 10:49:06 UTC 2018 - tchvatal@suse.com -- Bump to 67.0.3386.1 +- Add vaapi patches: + * chromium-vaapi-init.patch + * chromium-vaapi.patch ------------------------------------------------------------------- -Wed Mar 28 12:37:50 UTC 2018 - tchvatal@suse.com +Fri Apr 6 12:54:24 UTC 2018 - tchvatal@suse.com -- Bump to 67.0.3381.1 +- Use memory-constraints package to limit threads as needed ------------------------------------------------------------------- -Fri Mar 23 12:01:52 UTC 2018 - tchvatal@suse.com +Wed Mar 21 06:31:27 UTC 2018 - astieger@suse.com -- Bump to 67.0.3377.1 +- Update to Chromium 65.0.3325.181: + * Various security relevant fixes from internal audits, fuzzing + and other initiatives (boo#1086124) ------------------------------------------------------------------- -Tue Mar 20 10:19:55 UTC 2018 - tchvatal@suse.com +Tue Mar 20 12:33:53 UTC 2018 - tchvatal@suse.com -- Bump to 67.0.3371.0 -- Remove no longer needed chromium-gcc7.patch -- Rebase fix_building_widevinecdm_with_chromium.patch to allow - widevine builds +- Use both freetype and harfbuzz either bundled or system ------------------------------------------------------------------- -Tue Mar 20 10:14:15 UTC 2018 - tchvatal@suse.com +Wed Mar 14 14:18:35 UTC 2018 - tchvatal@suse.com -- Bump to 66.0.3359.33 +- Version update to 65.0.3325.162: + * Various stability fixes only ------------------------------------------------------------------- -Wed Mar 14 14:19:21 UTC 2018 - tchvatal@suse.com +Wed Mar 14 09:00:37 UTC 2018 - tchvatal@suse.com -- Version bump to 66.0.3359.26 +- Bundle the harfbuzz on < 15.0 release as we would have to + use requires_ge for the library itself later on otherwise ------------------------------------------------------------------- -Wed Mar 14 13:32:18 UTC 2018 - tchvatal@suse.com +Fri Mar 9 09:10:01 UTC 2018 - tchvatal@suse.com -- Bump the requirement for the clang version +- Make sure to require gcc7 +- Add patch chromium-drm.patch to make sure to build with Leap 42.3 + variant of libdrm ------------------------------------------------------------------- -Wed Mar 14 09:01:33 UTC 2018 - tchvatal@suse.com +Thu Mar 8 09:00:54 UTC 2018 - tchvatal@suse.com -- Conditionalize harfbuzz switch +- Version update to 65.0.3325.146 bsc#1084296: + * High CVE-2017-11215: Use after free in Flash. + * High CVE-2017-11225: Use after free in Flash. + * High CVE-2018-6060: Use after free in Blink. + * High CVE-2018-6061: Race condition in V8. + * High CVE-2018-6062: Heap buffer overflow in Skia. + * High CVE-2018-6057: Incorrect permissions on shared memory. + * High CVE-2018-6063: Incorrect permissions on shared memory. + * High CVE-2018-6064: Type confusion in V8. + * High CVE-2018-6065: Integer overflow in V8. + * Medium CVE-2018-6066: Same Origin Bypass via canvas. + * Medium CVE-2018-6067: Buffer overflow in Skia. + * Medium CVE-2018-6068: Object lifecycle issues in Chrome Custom Tab. + * Medium CVE-2018-6069: Stack buffer overflow in Skia. + * Medium CVE-2018-6070: CSP bypass through extensions. + * Medium CVE-2018-6071: Heap bufffer overflow in Skia. + * Medium CVE-2018-6072: Integer overflow in PDFium. + * Medium CVE-2018-6073: Heap bufffer overflow in WebGL. + * Medium CVE-2018-6074: Mark-of-the-Web bypass. + * Medium CVE-2018-6075: Overly permissive cross origin downloads. + * Medium CVE-2018-6076: Incorrect handling of URL fragment identifiers in Blink. + * Medium CVE-2018-6077: Timing attack using SVG filters. + * Medium CVE-2018-6078: URL Spoof in OmniBox. + * Medium CVE-2018-6079: Information disclosure via texture data in WebGL. + * Medium CVE-2018-6080: Information disclosure in IPC call. + * Low CVE-2018-6081: XSS in interstitials. + * Low CVE-2018-6082: Circumvention of port blocking. + * Low CVE-2018-6083: Incorrect processing of AppManifests. +- Add new patches: + * chromium-compiler.patch + * chromium-glibc-2.27.patch + * mojo.patch +- Drop patches: + * chromium-angle.patch + * chromium-memcpy.patch +- Update constraints +- Refresh patch chromium-non-void-return.patch to include more + fixes ------------------------------------------------------------------- -Mon Mar 12 10:18:18 UTC 2018 - tchvatal@suse.com +Sat Feb 24 19:02:51 UTC 2018 - astieger@suse.com -- Update to 66.0.3359.22 +- Chromium 64.0.3282.186: + * Various minor bug fixes ------------------------------------------------------------------- -Fri Mar 9 11:20:35 UTC 2018 - tchvatal@suse.com +Wed Feb 14 08:16:34 UTC 2018 - astieger@suse.com -- Apply patches using %autopatch -- Add patch to build with gcc7 properly chromium-gcc7.patch -- Drop patch chromium-sandbox-pie.patch as we have pie default now -- Add patch to build with leap variant of drm chromium-drm.patch +- update to 64.0.3282.167 (bsc#1080920): + * CVE-2018-6056: Incorrect derived class instantiation in V8 ------------------------------------------------------------------- -Wed Mar 7 12:11:45 UTC 2018 - tchvatal@suse.com +Fri Feb 2 11:16:23 UTC 2018 - tchvatal@suse.com -- Add patch to build ffmpeg from system chromium-ffmpeg.patch - -------------------------------------------------------------------- -Wed Mar 7 10:30:24 UTC 2018 - tchvatal@suse.com - -- Up to 66.0.3355.0 -- Disable clang by default again - -------------------------------------------------------------------- -Tue Feb 27 09:35:21 UTC 2018 - tchvatal@suse.com - -- Up to 66.0.3350.0 - -------------------------------------------------------------------- -Thu Feb 15 09:08:22 UTC 2018 - tchvatal@suse.com - -- Drop patch fix_network_api_crash.patch - -------------------------------------------------------------------- -Mon Feb 12 10:10:58 UTC 2018 - tchvatal@suse.com - -- Bump to 66.0.3343.3 - -------------------------------------------------------------------- -Wed Feb 7 13:58:33 UTC 2018 - tchvatal@suse.com - -- Bump to 65.0.3325.51 - -------------------------------------------------------------------- -Tue Feb 6 12:00:36 UTC 2018 - tchvatal@suse.com - -- Disable gconf support +- Version update to 64.0.3282.140 bsc#1079021: + * Various asan fixes bsc#1078463 CVE-2018-6406 ------------------------------------------------------------------- Fri Feb 2 10:43:48 UTC 2018 - dimstar@opensuse.org @@ -211,9 +410,9 @@ Fri Feb 2 10:43:48 UTC 2018 - dimstar@opensuse.org /proc/meminfo. ------------------------------------------------------------------- -Wed Jan 31 09:45:45 UTC 2018 - tchvatal@suse.com +Mon Jan 29 13:07:38 UTC 2018 - tchvatal@suse.com -- Bump to 65.0.3325.31 +- Fix default page to not point to 404 ------------------------------------------------------------------- Mon Jan 29 12:36:31 UTC 2018 - tchvatal@suse.com @@ -221,296 +420,319 @@ Mon Jan 29 12:36:31 UTC 2018 - tchvatal@suse.com - Install swiftshader objects too as they are needed ------------------------------------------------------------------- -Fri Jan 26 10:12:22 UTC 2018 - tchvatal@suse.com +Fri Jan 26 10:11:22 UTC 2018 - tchvatal@suse.com -- Update to 65.0.3325.18 -- Try to have automatic ozone platform detection +- Disable ozone stuff conditions for now as the headless mode + breaks up runtime bsc#1077722 ------------------------------------------------------------------- -Wed Jan 17 14:28:37 UTC 2018 - tchvatal@suse.com +Thu Jan 25 09:51:59 UTC 2018 - tchvatal@suse.com -- Bump to 65.0.3322.3 +- Switch to gcc7 on Leap builds ------------------------------------------------------------------- -Mon Jan 8 20:12:43 UTC 2018 - tchvatal@suse.com +Thu Jan 25 09:42:51 UTC 2018 - tchvatal@suse.com -- Bump to 65.0.3311.3 -- Drop chromium-63.0.3289.84-fix-ft-hb-unbundle.patch +- Version update to 64.0.3282.119 bsc#1077571: + * High CVE-2018-6031: Use after free in PDFium. Reported by Anonymous on 2017-11-01 + * High CVE-2018-6032: Same origin bypass in Shared Worker. Reported by Jun Kokatsu (@shhnjk) on 2017-11-20 + * High CVE-2018-6033: Race when opening downloaded files. Reported by Juho Nurminen on 2017-12-09 + * Medium CVE-2018-6034: Integer overflow in Blink. Reported by Tobias Klein (www.trapkit.de) on 2017-11-12 + * Medium CVE-2018-6035: Insufficient isolation of devtools from extensions. Reported by Rob Wu on 2017-12-23 + * Medium CVE-2018-6036: Integer underflow in WebAssembly. Reported by The UK's National Cyber Security Centre (NCSC) on 2017-11-30 + * Medium CVE-2018-6037: Insufficient user gesture requirements in autofill. Reported by Paul Stone of Context Information Security on 2017-08-09 + * Medium CVE-2018-6038: Heap buffer overflow in WebGL. Reported by cloudfuzzer on 2017-10-12 + * Medium CVE-2018-6039: XSS in DevTools. Reported by Juho Nurminen on 2017-10-17 + * Medium CVE-2018-6040: Content security policy bypass. Reported by WenXu Wu of Tencent's Xuanwu Lab on 2017-10-26 + * Medium CVE-2018-6041: URL spoof in Navigation. Reported by Luan Herrera on 2017-08-29 + * Medium CVE-2018-6042: URL spoof in OmniBox. Reported by Khalil Zhani on 2017-10-12 + * Medium CVE-2018-6043: Insufficient escaping with external URL handlers. Reported by 0x09AL on 2017-11-16 + * Medium CVE-2018-6045: Insufficient isolation of devtools from extensions. Reported by Rob Wu on 2017-12-23 + * Medium CVE-2018-6046: Insufficient isolation of devtools from extensions. Reported by Rob Wu on 2017-12-31 + * Medium CVE-2018-6047: Cross origin URL leak in WebGL. Reported by Masato Kinugawa on 2018-01-08 + * Low CVE-2018-6048: Referrer policy bypass in Blink. Reported by Jun Kokatsu (@shhnjk) on 2017-09-08 + * Low CVE-2017-15420: URL spoofing in Omnibox. Reported by Drew Springall (@_aaspring_) on 2017-10-05 + * Low CVE-2018-6049: UI spoof in Permissions. Reported by WenXu Wu of Tencent's Xuanwu Lab on 2017-10-13 + * Low CVE-2018-6050: URL spoof in OmniBox. Reported by Jonathan Kew on 2017-10-15 + * Low CVE-2018-6051: Referrer leak in XSS Auditor. Reported by Antonio Sanso (@asanso) on 2014-12-11 + * Low CVE-2018-6052: Incomplete no-referrer policy implementation. Reported by Tanner Emek on 2016-05-28 + * Low CVE-2018-6053: Leak of page thumbnails in New Tab Page. Reported by Asset Kabdenov on 2017-08-23 + * Low CVE-2018-6054: Use after free in WebUI. Reported by Rob Wu on 2017-12-24 +- Add patches: + * chromium-angle.patch + * chromium-memcpy.patch +- Drop patch: + * chromium-gcc.patch +- Change desktop file name to fit bellow the icon on ie KDE desktop ------------------------------------------------------------------- -Tue Jan 2 13:14:43 UTC 2018 - tchvatal@suse.com +Thu Jan 4 20:59:31 UTC 2018 - astieger@suse.com -- add chromium-63.0.3289.84-fix-ft-hb-unbundle.patch to make sure - we use system freetype/harfbuzz +- Chromium 63.0.3239.132: + * DevTools: do not report raw headers and cookies for protected + subresources + * Various other fixes and updates ------------------------------------------------------------------- -Thu Dec 28 18:00:12 UTC 2017 - tchvatal@suse.com +Fri Dec 15 09:28:07 UTC 2017 - tchvatal@suse.com -- Make sure to use system freetype too +- Version update to 63.0.3239.108 bsc#1072976: + * CVE-2017-15429: UXSS in V8 + * Various fuzzing fixes ------------------------------------------------------------------- -Wed Dec 20 15:38:09 UTC 2017 - tchvatal@suse.com +Thu Dec 7 09:41:13 UTC 2017 - tchvatal@suse.com -- Bump 65.0.3298.3 +- Version update to 63.0.3239.84 bsc#1071691: + * bsc#1106341 CVE-2017-15430 Unsafe navigation in Chromecast + * Critical CVE-2017-15407: Out of bounds write in QUIC. + * High CVE-2017-15408: Heap buffer overflow in PDFium. + * High CVE-2017-15409: Out of bounds write in Skia. + * High CVE-2017-15410: Use after free in PDFium. + * High CVE-2017-15411: Use after free in PDFium. + * High CVE-2017-15412: Use after free in libXML. + * High CVE-2017-15413: Type confusion in WebAssembly. + * Medium CVE-2017-15415: Pointer information disclosure in IPC call. + * Medium CVE-2017-15416: Out of bounds read in Blink. + * Medium CVE-2017-15417: Cross origin information disclosure in Skia. + * Medium CVE-2017-15418: Use of uninitialized value in Skia. + * Medium CVE-2017-15419: Cross origin leak of redirect URL in Blink. + * Medium CVE-2017-15420: URL spoofing in Omnibox. + * Medium CVE-2017-15422: Integer overflow in ICU. + * Low CVE-2017-15423: Issue with SPAKE implementation in BoringSSL. + * Low CVE-2017-15424: URL Spoof in Omnibox. + * Low CVE-2017-15425: URL Spoof in Omnibox. + * Low CVE-2017-15426: URL Spoof in Omnibox. + * Low CVE-2017-15427: Insufficient blocking of JavaScript in Omnibox. +- Rebase fix-gn-bootstrap.diff +- Drop merged patches: + * chromium-gcc5.patch + * chromium-60.0.3112.113-breakpad-ucontext.patch + * chromium-62.0.3202.62-correct-cplusplus-check.patch +- Add new patches: + * chromium-non-void-return.patch + * chromium-gcc.patch ------------------------------------------------------------------- -Tue Dec 19 09:43:19 UTC 2017 - tchvatal@suse.com - -- Drop chromium-memcpy.patch - -------------------------------------------------------------------- -Mon Dec 18 10:46:25 UTC 2017 - tchvatal@suse.com - -- Drop minizip conditional (was about 42.1) - -------------------------------------------------------------------- -Sun Dec 17 22:52:29 UTC 2017 - tchvatal@suse.com - -- Bump to 65.0.3294.5 - -------------------------------------------------------------------- -Thu Dec 14 14:55:27 UTC 2017 - tchvatal@suse.com - -- Explicitely describe what ozone parts we want - -------------------------------------------------------------------- -Wed Dec 13 09:47:33 UTC 2017 - tchvatal@suse.com - -- Bump to 64.0.3282.24 -- Enable system icu again -- Tweak the deps to match current setup -- Add patch chromium-memcpy.patch - -------------------------------------------------------------------- -Tue Dec 12 12:55:52 UTC 2017 - tchvatal@suse.com - -- Minimize desktop name to not take so much space - -------------------------------------------------------------------- -Sat Dec 9 12:54:27 UTC 2017 - tchvatal@suse.com - -- Bumpyty to 64.0.3282.14 - -------------------------------------------------------------------- -Thu Nov 30 14:32:41 UTC 2017 - tchvatal@suse.com - -- Bumpy to 64.0.3278.0 - -------------------------------------------------------------------- -Wed Nov 22 11:06:47 UTC 2017 - idonmez@suse.com +Wed Nov 22 11:05:42 UTC 2017 - idonmez@suse.com - BuildRequire nodejs8 instead of nodejs6 for suse_version >= 1330 ------------------------------------------------------------------- -Sun Nov 19 11:25:52 UTC 2017 - tchvatal@suse.com - -- Drop chromium-64.0.3253.3-gpu_lists_version.h.patch -- Drop chromium-gcc.patch - -------------------------------------------------------------------- -Sun Nov 19 11:20:20 UTC 2017 - tchvatal@suse.com - -- Up to 64.0.3269.3 - -------------------------------------------------------------------- -Wed Nov 15 14:42:55 UTC 2017 - astieger@suse.com +Wed Nov 15 14:56:24 UTC 2017 - astieger@suse.com +- Update to 62.0.3202.94: + * multiple minor rendering related fixes - fix rebuilds in same chroot ------------------------------------------------------------------- -Wed Nov 8 21:33:56 UTC 2017 - tchvatal@suse.com +Tue Nov 7 10:12:28 UTC 2017 - tchvatal@suse.com -- Add patch chromium-non-void-return.patch +- Version update to 62.0.3202.89 bsc#1066851: + * CVE-2017-15398: Stack buffer overflow in QUIC + * CVE-2017-15399: Use after free in V8 +- Drop upstream merged chromium-sandbox.patch ------------------------------------------------------------------- -Tue Nov 7 09:41:07 UTC 2017 - tchvatal@suse.com +Fri Nov 3 12:40:33 UTC 2017 - tchvatal@suse.com -- Add patch chromium-64.0.3253.3-gpu_lists_version.h.patch +- Restrict the version on jpeg to not waste build power ------------------------------------------------------------------- -Sat Nov 4 09:38:27 UTC 2017 - tchvatal@suse.com +Sun Oct 29 08:18:37 UTC 2017 - tchvatal@suse.com -- Bump to 64.0.3253.3 +- Add patch to fix sandbox crashes wrt bsc#1064298 + * chromium-sandbox.patch ------------------------------------------------------------------- -Fri Nov 3 11:41:40 UTC 2017 - tchvatal@suse.com +Fri Oct 27 09:17:02 UTC 2017 - tchvatal@suse.com -- Update to 64.0.3251.0 +- Version update to 62.0.3202.75 bsc#1065405 CVE-2017-15396 + * CVE-2017-15396: Stack overflow in V8 ------------------------------------------------------------------- -Thu Nov 2 20:46:57 UTC 2017 - tchvatal@suse.com +Thu Oct 26 12:09:53 UTC 2017 - astieger@suse.com -- Fix the tarball unpacking to unroll all the required content -- Update to 63.0.3239.30 +- BuildRequire nodejs6 required for polymer-bundler.js ------------------------------------------------------------------- -Wed Oct 25 18:24:16 UTC 2017 - tchvatal@suse.com +Thu Oct 26 09:19:09 UTC 2017 - tchvatal@suse.com -- Drop patch chromium-60.0.3112.113-breakpad-ucontext.patch -- Drop patch chromium-sysroot.patch +- Try to export properly CXX/CC variable to fix leap builds ------------------------------------------------------------------- -Wed Oct 11 09:04:46 UTC 2017 - tchvatal@suse.com +Wed Oct 25 17:52:44 UTC 2017 - tchvatal@suse.com -- Bump to 63.0.3236.0 +- Apply patch to fix building crc32 with gcc7: + * chromium-62.0.3202.62-correct-cplusplus-check.patch ------------------------------------------------------------------- -Mon Oct 9 11:42:16 UTC 2017 - tchvatal@suse.com +Thu Oct 19 03:29:56 UTC 2017 - tchvatal@suse.com -- Bump to 63.0.3230.0 - -------------------------------------------------------------------- -Mon Oct 2 10:10:10 UTC 2017 - tchvatal@suse.com - -- Update to 63.0.3223.8 -- Rebase fix-gn-boostrap.diff -- Remove chromium-gcc5.patch - -------------------------------------------------------------------- -Sat Sep 16 15:51:04 UTC 2017 - tchvatal@suse.com - -- Bump to 63.0.3218.0 -- Rebase fix-gn-bootstrap.diff -- Add chromium-sysroot.patch - -------------------------------------------------------------------- -Wed Sep 13 07:51:50 UTC 2017 - tchvatal@suse.com - -- Version update to 62.0.3202.18 - -------------------------------------------------------------------- -Sun Sep 10 09:46:36 UTC 2017 - tchvatal@suse.com - -- Update to latest -- Switch to system libxml again -- Add more folders to be kept in archive - -------------------------------------------------------------------- -Wed Sep 6 13:16:14 UTC 2017 - tchvatal@suse.com - -- Build with gcc6 on leap as we now require --stdc-14 - -------------------------------------------------------------------- -Wed Sep 6 12:55:30 UTC 2017 - tchvatal@suse.com - -- Add patch to build with new glibc: - * chromium-60.0.3112.113-breakpad-ucontext.patch - -------------------------------------------------------------------- -Mon Sep 4 12:11:32 UTC 2017 - tchvatal@suse.com - -- Bump to 62.0.3198.0: - * fix-gn-bootstrap.diff - -------------------------------------------------------------------- -Wed Aug 23 12:40:57 UTC 2017 - tchvatal@suse.com - -- Bump to 62.0.3192.0 -- Rebase patch chromium-prop-codecs.patch - -------------------------------------------------------------------- -Mon Aug 21 09:29:23 UTC 2017 - tchvatal@suse.com - -- Bump to 62.0.3188.2 -- Rebase fix-gn-bootstrap.diff -- Remove arm patches as we exclude it for now: +- Update to 62.0.3202.62 bsc#1064066: + * CVE-2017-5124: UXSS with MHTML. + * CVE-2017-5125: Heap overflow in Skia. + * CVE-2017-5126: Use after free in PDFium. + * CVE-2017-5127: Use after free in PDFium. + * CVE-2017-5128: Heap overflow in WebGL. + * CVE-2017-5129: Use after free in WebAudio. + * CVE-2017-5132: Incorrect stack manipulation in WebAssembly. + * CVE-2017-5130: Heap overflow in libxml2. + * CVE-2017-5131: Out of bounds write in Skia. + * CVE-2017-5133: Out of bounds write in Skia. + * CVE-2017-15386: UI spoofing in Blink. + * CVE-2017-15387: Content security bypass. + * CVE-2017-15388: Out of bounds read in Skia. + * CVE-2017-15389: URL spoofing in OmniBox. + * CVE-2017-15390: URL spoofing in OmniBox. + * CVE-2017-15391: Extension limitation bypass in Extensions. + * CVE-2017-15392: Incorrect registry key handling in PlatformIntegration. + * CVE-2017-15393: Referrer leak in Devtools. + * CVE-2017-15394: URL spoofing in extensions UI. + * CVE-2017-15395: Null pointer dereference in ImageCapture. +- Drop unused patches: * arm-webrtc-fix.patch * arm_use_right_compiler.patch -- Add patch chromium-gcc5.patch - -------------------------------------------------------------------- -Fri Aug 11 09:37:10 UTC 2017 - tchvatal@suse.com - -- Bump to 62.0.3178.0 -- Add patch chromium-system-zlib.patch -- Rebase patch fix-gn-bootstrap.diff -- Rebase exclude_ymp.diff -- Drop gcc60-fixes.diff as the toolchain was changed - -------------------------------------------------------------------- -Sun Aug 6 07:18:26 UTC 2017 - tchvatal@suse.com - -- Bump to 62.0.3175.4 - -------------------------------------------------------------------- -Sun Aug 6 07:12:01 UTC 2017 - tchvatal@suse.com - -- Bump to 61.0.3163.31 -- Remove condition for gtk3, hard on from now on -- Bump version requirement on nodejs - -------------------------------------------------------------------- -Thu Jul 27 19:42:42 UTC 2017 - tchvatal@suse.com - -- Bump to 61.0.3163.13 -- Rebase fix-gn-bootstrap.diff - -------------------------------------------------------------------- -Thu Jul 20 12:33:20 UTC 2017 - tchvatal@suse.com - -- Refresh patches: - * fix-gn-bootstrap.diff + * chromium-46.0.2490.71-fix-missing-i18n_process_css_test.patch + * chromium-atk.patch + * chromium-mojo-dep.patch * gcc60-fixes.diff +- Refresh patches: + * chromium-gcc5.patch + * chromium-prop-codecs.patch + * exclude_ymp.diff + * fix-gn-bootstrap.diff ------------------------------------------------------------------- -Wed Jul 19 15:14:56 UTC 2017 - tchvatal@suse.com +Fri Sep 22 14:50:40 UTC 2017 - astieger@suse.com -- Bump to 61.0.3159.5 -- Use system libcxx -- Refresh patch fix-gn-bootstrap.diff +- Update to 61.0.3163.100 (boo#1060019): + * CVE-2017-5121: Out-of-bounds access in V8 + * CVE-2017-5122: Out-of-bounds access in V8 + * Various fixes from internal audits, fuzzing and other initiatives ------------------------------------------------------------------- -Mon Jul 17 07:53:34 UTC 2017 - tchvatal@suse.com +Sat Sep 16 15:50:19 UTC 2017 - tchvatal@suse.com -- Recommend emoji fonts for various communicators to not display +- Update to 61.0.3163.91: + * Various bugfixes + +------------------------------------------------------------------- +Mon Sep 11 08:45:35 UTC 2017 - tchvatal@suse.com + +- Update to 61.0.3163.79 bsc#1057364: + * CVE-2017-5111: Use after free in PDFium. + * CVE-2017-5112: Heap buffer overflow in WebGL. + * CVE-2017-5113: Heap buffer overflow in Skia. + * CVE-2017-5114: Memory lifecycle issue in PDFium. + * CVE-2017-5115: Type confusion in V8. + * CVE-2017-5116: Type confusion in V8. + * CVE-2017-5117: Use of uninitialized value in Skia. + * CVE-2017-5118: Bypass of Content Security Policy in Blink. + * CVE-2017-5119: Use of uninitialized value in Skia. + * CVE-2017-5120: Potential HTTPS downgrade during redirect navigation. +- Rebase patch: + * fix-gn-bootstrap.diff +- Remove patches: + * chromium-gcc7.patch + * chromium-override.patch +- Add new patches: + * chromium-atk.patch + * chromium-gcc5.patch + * chromium-mojo-dep.patch +- Gtk3 is hard required from now on +- Version some of the required dependencies + +------------------------------------------------------------------- +Mon Aug 28 22:57:05 UTC 2017 - astieger@suse.com + +- fix build with Factory glibc: + add chromium-60.0.3112.113-breakpad-ucontext.patch + +------------------------------------------------------------------- +Fri Aug 25 09:17:27 UTC 2017 - tchvatal@suse.com + +- Version update to 60.0.3112.113: + * Various bugfixes + +------------------------------------------------------------------- +Tue Aug 15 15:17:00 UTC 2017 - tchvatal@suse.com + +- Version update to 60.0.3112.101: + * various usability bugfixes + +------------------------------------------------------------------- +Thu Aug 3 13:25:33 UTC 2017 - tchvatal@suse.com + +- Version update to 60.0.3112.90: + * Various usability bugfixes + +------------------------------------------------------------------- +Wed Jul 26 13:27:55 UTC 2017 - tchvatal@suse.com + +- Version update to 60.0.3112.78 bsc#1050537: + * CVE-2017-5091: Use after free in IndexedDB + * CVE-2017-5092: Use after free in PPAPI + * CVE-2017-5093: UI spoofing in Blink + * CVE-2017-5094: Type confusion in extensions + * CVE-2017-5095: Out-of-bounds write in PDFium + * CVE-2017-5096: User information leak via Android intents + * CVE-2017-5097: Out-of-bounds read in Skia + * CVE-2017-5098: Use after free in V8 + * CVE-2017-5099: Out-of-bounds write in PPAPI + * CVE-2017-5100: Use after free in Chrome Apps + * CVE-2017-5101: URL spoofing in OmniBox + * CVE-2017-5102: Uninitialized use in Skia + * CVE-2017-5103: Uninitialized use in Skia + * CVE-2017-5104: UI spoofing in browser + * CVE-2017-7000: Pointer disclosure in SQLite + * CVE-2017-5105: URL spoofing in OmniBox + * CVE-2017-5106: URL spoofing in OmniBox + * CVE-2017-5107: User information leak via SVG + * CVE-2017-5108: Type confusion in PDFium + * CVE-2017-5109: UI spoofing in browser + * CVE-2017-5110: UI spoofing in payments dialog + * Various fixes from internal audits, fuzzing and other initiatives +- Add patch chromium-override.patch +- Remove patches chromium-fpermissive.patch chromium-system-ffmpeg-r3.patch +- Rebase patches: + * chromium-dma-buf.patch + * chromium-gcc7.patch + * chromium-last-commit-position-r0.patch + * fix-gn-bootstrap.diff + +------------------------------------------------------------------- +Mon Jul 24 09:01:07 UTC 2017 - tchvatal@suse.com + +- Recommend emoji fonts to make sure major web chats do not show questionmarks -------------------------------------------------------------------- -Thu Jul 13 07:52:52 UTC 2017 - tchvatal@suse.com +------------------------------------------------------------------ +Wed Jun 28 19:27:55 UTC 2017 - tchvatal@suse.com -- Bump to 61.0.3153.4 -- Refresh patch fix-gn-bootstrap.diff +- Update to 59.0.3071.115: + * Various small fixes all around ------------------------------------------------------------------- -Thu Jun 29 07:07:53 UTC 2017 - tchvatal@suse.com +Fri Jun 23 07:46:48 UTC 2017 - astieger@suse.com -- Remove already applied patch chromium-gcc7.patch +- Update to 59.0.3071.109: + * ozone/drm: Only reuse ScanoutBuffers with compatible modifiers + * Fixing mouse focus on WebView + * Remove gtk dependency from gles tests + * Set build flag when using own FreeType + * Revert of [scheduler] Move some task types to suspendable task runner + * Fix an incorrect method name on the chrome://site-engagement WebUI page + * Linux/Windows: Removing Guest menu item for supervised profile ------------------------------------------------------------------- -Tue Jun 27 17:59:45 UTC 2017 - tchvatal@suse.com +Fri Jun 16 12:12:56 UTC 2017 - astieger@suse.com -- require nss >= 3.26 -- Update to 61.0.3141.7 -- Refresh fix-gn-bootstrap.diff - -------------------------------------------------------------------- -Thu Jun 22 08:46:57 UTC 2017 - tchvatal@suse.com - -- Drop merged patch chromium-system-icu.patch -- Refresh patch fix-gn-bootstrap.diff - -------------------------------------------------------------------- -Wed Jun 21 17:06:27 UTC 2017 - tchvatal@suse.com - -- Version update to 61.0.3135.4 - -------------------------------------------------------------------- -Thu Jun 15 08:26:29 UTC 2017 - tchvatal@suse.com - -- Update to 61.0.3128.3 -- Add patch chromium-system-icu.patch - -------------------------------------------------------------------- -Sat Jun 10 14:05:13 UTC 2017 - tchvatal@suse.com - -- Update to 61.0.3124.4 -- Refresh patch fix-gn-bootstrap.diff -- Drop patch chromium-override.patch merged upstream - -------------------------------------------------------------------- -Fri Jun 9 12:11:47 UTC 2017 - tchvatal@suse.com - -- Bump to 60.0.3112.24 +- Update to 59.0.3071.104 (bsc#1044690): + * CVE-2017-5087: Sandbox Escape in IndexedDB + * CVE-2017-5088: Out of bounds read in V8 + * CVE-2017-5089: Domain spoofing in Omnibox + * Various fixes from internal audits, fuzzing and other initiatives ------------------------------------------------------------------- Thu Jun 8 14:56:42 UTC 2017 - tchvatal@suse.com @@ -518,104 +740,56 @@ Thu Jun 8 14:56:42 UTC 2017 - tchvatal@suse.com - Add patch chromium-buildname.patch bsc#1043420 ------------------------------------------------------------------- -Wed Jun 7 09:10:40 UTC 2017 - tchvatal@suse.com +Tue Jun 6 07:53:53 UTC 2017 - tchvatal@suse.com -- Update to 60.0.3112.20 - -------------------------------------------------------------------- -Tue Jun 6 10:56:24 UTC 2017 - tchvatal@suse.com - -- Drop patch chromium-system-icu.patch - * Use bundled icu as system is unbuildable at the moment - -------------------------------------------------------------------- -Mon Jun 5 12:23:26 UTC 2017 - tchvatal@suse.com - -- Bump to 60.0.3112.7 -- Add patch for gcc7 chromium-gcc7.patch -- Add patch to build with gcc chromium-override.patch -- Add patch to build with system icu 59 chromium-system-icu.patch - -------------------------------------------------------------------- -Wed May 31 14:23:42 UTC 2017 - tchvatal@suse.com - -- Update to upstream 60.0.3112.7 - * Refresh patch fix-gn-bootstrap.diff -- Remove upstream merged chromium-system-harfbuzz.patch - -------------------------------------------------------------------- -Wed May 24 12:22:27 UTC 2017 - tchvatal@suse.com - -- Update 60.0.3107.4 -- Refresh patch chromium-last-commit-position-r0.patch -- Remove upstreamed chromium-system-ffmpeg-r3.patch -- Remove upstreamed chromium-system-opus.patch -- Remove upstreamed chromium-system-libpng.patch -- Remove upstreamed chromium-system-libwebp.patch -- Update fix-gn-bootstrap.diff -- Add patch chromium-system-harfbuzz.patch - -------------------------------------------------------------------- -Thu May 18 10:31:53 UTC 2017 - tchvatal@suse.com - -- Version update to 60.0.3100.0 -- Add patches: - * chromium-system-libpng.patch - * chromium-system-libwebp.patch - -------------------------------------------------------------------- -Wed May 17 09:22:27 UTC 2017 - tchvatal@suse.com - -- Export gcc standard version to fix build on older releases - * Needed for vulcan - -------------------------------------------------------------------- -Fri May 12 11:25:49 UTC 2017 - tchvatal@suse.com - -- Update to 60.0.3095.5 -- Update patch: - * fix-gn-bootstrap.diff - -------------------------------------------------------------------- -Sat May 6 08:50:17 UTC 2017 - tchvatal@suse.com - -- Switch to system opus and yasm - -------------------------------------------------------------------- -Fri May 5 12:11:38 UTC 2017 - tchvatal@suse.com - -- Update to 60.0.3088.3 -- Update patch: - * fix-gn-bootstrap.diff - * chromium-dma-buf.patch - -------------------------------------------------------------------- -Thu May 4 12:52:01 UTC 2017 - tchvatal@suse.com - -- Version update to 60.0.3080.5 -- Refresh patch: +- Update to 59.0.3071.86 bsc#1042833: + * CVE-2017-5070: Type confusion in V8. Reported by Zhao Qixun(@S0rryMybad) of Qihoo 360 Vulcan Team on 2017-05-16 + * CVE-2017-5071: Out of bounds read in V8. Reported by Choongwoo Han on 2017-04-26 + * CVE-2017-5072: Address spoofing in Omnibox. Reported by Rayyan Bijoora on 2017-04-07 + * CVE-2017-5073: Use after free in print preview. Reported by Khalil Zhani on 2017-04-28 + * CVE-2017-5074: Use after free in Apps Bluetooth. Reported by anonymous on 2017-03-09 + * CVE-2017-5075: Information leak in CSP reporting. Reported by Emmanuel Gil Peyrot on 2017-01-05 + * CVE-2017-5086: Address spoofing in Omnibox. Reported by Rayyan Bijoora on 2017-05-16 + * CVE-2017-5076: Address spoofing in Omnibox. Reported by Samuel Erb on 2017-05-06 + * CVE-2017-5077: Heap buffer overflow in Skia. Reported by Sweetchip on 2017-04-28 + * CVE-2017-5078: Possible command injection in mailto handling. Reported by Jose Carlos Exposito Bueno on 2017-04-12 + * CVE-2017-5079: UI spoofing in Blink. Reported by Khalil Zhani on 2017-04-20 + * CVE-2017-5080: Use after free in credit card autofill. Reported by Khalil Zhani on 2017-04-05 + * CVE-2017-5081: Extension verification bypass. Reported by Andrey Kovalev (@L1kvID) Yandex Security Team on 2016-12-07 + * CVE-2017-5082: Insufficient hardening in credit card editor. Reported by Nightwatch Cybersecurity Research on 2017-05-11 + * CVE-2017-5083: UI spoofing in Blink. Reported by Khalil Zhani on 2017-04-24 + * CVE-2017-5085: Inappropriate javascript execution on WebUI pages. Reported by Zhiyang Zeng of Tencent security platform department on 2017-02-15 +- Add patch to fix build with system dma: * chromium-dma-buf.patch +- Drop no longer needed patches: + * chromium-linker-memory.patch + * chromium-system-jinja-r13.patch +- Refresh patches: + * chromium-gcc7.patch + * chromium-system-ffmpeg-r3.patch * fix-gn-bootstrap.diff +- Use bundled libxml + * Upstream unfortunately uses git snapshot that is not api/abi compatible ------------------------------------------------------------------- -Fri Apr 28 18:40:01 UTC 2017 - tchvatal@suse.com +Mon Jun 5 12:55:22 UTC 2017 - tchvatal@suse.com -- Use bundled libxml (they have git snapshot :/) +- Add patch to build with gcc7: + * chromium-gcc7.patch +- Add patch for fpermissive build error: + * chromium-fpermissive.patch ------------------------------------------------------------------- -Fri Apr 28 18:21:44 UTC 2017 - tchvatal@suse.com +Wed May 10 07:43:46 UTC 2017 - tchvatal@suse.com -- Add more bundled folders +- Version update to 58.0.3029.110: + * Various small bugfixes ------------------------------------------------------------------- -Fri Apr 28 06:03:50 UTC 2017 - tchvatal@suse.com +Thu May 4 12:40:32 UTC 2017 - tchvatal@suse.com -- Also drop patch chromium-system-jinja-r13.patch - -------------------------------------------------------------------- -Fri Apr 28 05:55:11 UTC 2017 - tchvatal@suse.com - -- Bump to 59.0.3071.29 +- Version update to 58.0.3029.96: + * Fixes bsc#1037594 CVE-2017-5068 ------------------------------------------------------------------- Tue Apr 25 13:24:42 UTC 2017 - tchvatal@suse.com @@ -624,56 +798,34 @@ Tue Apr 25 13:24:42 UTC 2017 - tchvatal@suse.com * It is at least used only during build ------------------------------------------------------------------- -Fri Apr 21 19:16:32 UTC 2017 - tchvatal@suse.com +Fri Apr 21 09:57:49 UTC 2017 - tchvatal@suse.com -- Refresh patch chromium-system-ffmpeg-r3.patch -- Delete patch chromium-system-libjpeg.patch - -------------------------------------------------------------------- -Fri Apr 21 18:58:53 UTC 2017 - tchvatal@suse.com - -- Update to 59.0.3071.15 - -------------------------------------------------------------------- -Fri Apr 21 09:01:47 UTC 2017 - tchvatal@suse.com - -- Drop exif dep, unused -- Pass no-clean option to bootstrap.py for debugging purposes - -------------------------------------------------------------------- -Wed Apr 19 13:21:37 UTC 2017 - tchvatal@suse.com - -- Version update to 59.0.3071.9 - -------------------------------------------------------------------- -Thu Apr 13 08:22:25 UTC 2017 - tchvatal@suse.com - -- Update to 59.0.3067.0 -- Sort out the harfbuzz bundling conditional to be together with minizip - -------------------------------------------------------------------- -Wed Apr 12 11:20:22 UTC 2017 - tchvatal@suse.com - -- Bump harfbuzz and icu requirements - -------------------------------------------------------------------- -Tue Apr 11 11:52:32 UTC 2017 - tchvatal@suse.com - -- Add patch chromium-dma-buf.patch -- Add patch chromium-system-libjpeg.patch - -------------------------------------------------------------------- -Fri Apr 7 08:49:05 UTC 2017 - tchvatal@suse.com - -- Version update to 59.0.3063.4 +- Version update to 58.0.3029.81 bsc#1035103: + * High CVE-2017-5057: Type confusion in PDFium. Credit to Guang Gong of Alpha Team, Qihoo 360 + * High CVE-2017-5058: Heap use after free in Print Preview. Credit to Khalil Zhani + * High CVE-2017-5059: Type confusion in Blink. Credit to SkyLined working with Trend Micro's Zero Day Initiative + * Medium CVE-2017-5060: URL spoofing in Omnibox. Credit to Xudong Zheng + * Medium CVE-2017-5061: URL spoofing in Omnibox. Credit to Haosheng Wang (@gnehsoah) + * Medium CVE-2017-5062: Use after free in Chrome Apps. Credit to anonymous + * Medium CVE-2017-5063: Heap overflow in Skia. Credit to Sweetchip + * Medium CVE-2017-5064: Use after free in Blink. Credit to Wadih Matar + * Medium CVE-2017-5065: Incorrect UI in Blink. Credit to Khalil Zhani + * Medium CVE-2017-5066: Incorrect signature handing in Networking. Credit to chenchu + * Medium CVE-2017-5067: URL spoofing in Omnibox. Credit to Khalil Zhani + * Low CVE-2017-5069: Cross-origin bypass in Blink. Credit to Michael Reizelman - Refresh patch fix-gn-bootstrap.diff -- Refresh patch chromium-system-ffmpeg-r3.patch +- Refresh patch chromium-system-jinja-r13.patch +- Remove obsolete patch chromium-57-gcc4.patch ------------------------------------------------------------------- -Thu Mar 30 13:02:21 UTC 2017 - tchvatal@suse.com +Thu Mar 30 13:07:50 UTC 2017 - tchvatal@suse.com -- Update to 59.0.3053.3 -- Refresh patch fix-gn-bootstrap.diff +- Version update to 57.0.2987.133 bsc#1031677: + * Critical CVE-2017-5055: Use after free in printing. Credit to Wadih Matar + * High CVE-2017-5054: Heap buffer overflow in V8. Credit to Nicolas Trippar of Zimperium zLabs + * High CVE-2017-5052: Bad cast in Blink. Credit to JeongHoon Shin + * High CVE-2017-5056: Use after free in Blink. Credit to anonymous + * High CVE-2017-5053: Out of bounds memory access in V8. Credit to Team Sniper (Keen Lab and PC Mgr) reported through ZDI (ZDI-CAN-4587) ------------------------------------------------------------------- Fri Mar 24 15:22:38 UTC 2017 - tchvatal@suse.com @@ -681,238 +833,167 @@ Fri Mar 24 15:22:38 UTC 2017 - tchvatal@suse.com - Drop the browser(npapi) provide which is not true ------------------------------------------------------------------- -Wed Mar 22 10:57:21 UTC 2017 - tchvatal@suse.com +Sun Mar 19 11:04:47 UTC 2017 - tchvatal@suse.com -- Drop patch chromium-linker-memory.patch as with i586 dropped it - should not be required -- Update patch fix-gn-bootstrap.diff +- Add patch to build with gcc4 + * chromium-57-gcc4.patch ------------------------------------------------------------------- -Wed Mar 22 10:56:09 UTC 2017 - tchvatal@suse.com +Thu Mar 16 20:45:00 UTC 2017 - tchvatal@suse.com -- Version update to chromium-59.0.3047.0 +- Do not use gcc5 and newer as the compat was fixed again +- Update to 57.0.2987.110 with various other small tweaks ------------------------------------------------------------------- -Tue Mar 21 12:41:00 UTC 2017 - tchvatal@suse.com +Fri Mar 10 10:55:23 UTC 2017 - tchvatal@suse.com -- Few tweaks around clang switch to be viable +- Version update to 57.0.2987.98 bsc#1028848: + CVE-2017-5030 CVE-2017-5031 CVE-2017-5032 CVE-2017-5029 CVE-2017-5034 + CVE-2017-5035 CVE-2017-5036 CVE-2017-5037 CVE-2017-5039 CVE-2017-5040 + CVE-2017-5041 CVE-2017-5033 CVE-2017-5042 CVE-2017-5038 CVE-2017-5043 + CVE-2017-5044 CVE-2017-5045 CVE-2017-5046 +- Refresh patches + * fix-gn-bootstrap.diff + * chromium-linker-memory.patch +- Remove obsolete patches: + * chromium-sandbox.patch + * chromium-54-ffmpeg2compat.patch +- Remove vaapi patch which broke rendering on non-intel cards: + * chromium-enable-vaapi-on-suse.patch +- From this release onwards i586 build is disabled ------------------------------------------------------------------- -Sat Mar 18 19:13:16 UTC 2017 - tchvatal@suse.com - -- Update to 59.0.3043.0 -- Refresh patch fix-gn-bootstrap.diff - -------------------------------------------------------------------- -Wed Mar 15 10:14:35 UTC 2017 - tchvatal@suse.com - -- Update to 58.0.3029.19 - -------------------------------------------------------------------- -Wed Mar 15 09:34:48 UTC 2017 - tchvatal@suse.com - -- Reduce the requirement on gcc to be 4.8 only again - -------------------------------------------------------------------- -Mon Mar 13 12:20:56 UTC 2017 - tchvatal@suse.com - -- Version update to 58.0.3029.14 - -------------------------------------------------------------------- -Mon Mar 13 11:41:34 UTC 2017 - tchvatal@suse.com - -- Disable system vpx for now, needs symbols that will be in 1.6.2 - -------------------------------------------------------------------- -Fri Mar 10 13:03:15 UTC 2017 - tchvatal@suse.com - -- Update fix-gn-bootstrap.diff to build again - -------------------------------------------------------------------- -Wed Mar 8 11:26:35 UTC 2017 - tchvatal@suse.com - -- Version update to 58.0.3029.6 - -------------------------------------------------------------------- -Thu Mar 2 15:19:25 UTC 2017 - tchvatal@suse.com - -- Update to 58.0.3026.3 -- Empty fix-gn-bootstrap.diff again as it was merged upstream - -------------------------------------------------------------------- -Mon Feb 27 11:22:10 UTC 2017 - tchvatal@suse.com - -- Drop patch chromium-enable-vaapi-on-suse.patch as it breaks on - radeon and nvidia cards - -------------------------------------------------------------------- -Fri Feb 24 07:58:48 UTC 2017 - tchvatal@suse.com - -- Update to 58.0.3018.3 -- Update patch fix-gn-bootstrap.diff to match what is needed now -- Refresh patch chromium-system-jinja-r13.patch - -------------------------------------------------------------------- -Fri Feb 17 12:14:06 UTC 2017 - tchvatal@suse.com - -- Version update to 58.0.3013.3 - -------------------------------------------------------------------- -Wed Feb 15 12:15:52 UTC 2017 - idonmez@suse.com +Wed Feb 15 12:02:32 UTC 2017 - idonmez@suse.com - Also add harfbuzz-ng to keeplibs for SLE -------------------------------------------------------------------- -Wed Feb 8 12:39:54 UTC 2017 - tchvatal@suse.com - -- Update to 58.0.3004.3 - -------------------------------------------------------------------- -Wed Feb 8 12:32:46 UTC 2017 - tchvatal@suse.com - -- Try to properly set up nodejs for build - -------------------------------------------------------------------- -Mon Feb 6 20:39:24 UTC 2017 - tchvatal@suse.com - -- Version update to 58.3000.4 next dev channel -- Drop patch chromium-54-ffmpeg2compat.patch as we require ffmpeg3 now - ------------------------------------------------------------------- Mon Feb 6 20:29:52 UTC 2017 - tchvatal@suse.com - Add condition for system harfbuzz to be disabled on SLE ------------------------------------------------------------------- -Mon Feb 6 12:16:45 UTC 2017 - qvoheagbfovvhubzdxfx@posteo.net +Mon Feb 6 12:21:34 UTC 2017 - qvoheagbfovvhubzdxfx@posteo.net + +- Fixed a typo in the build requirements for system minizip. + +------------------------------------------------------------------- +Fri Feb 3 12:23:34 UTC 2017 - tchvatal@suse.com + +- Version update to 56.0.2924.87: + * Various small fixes + * Disabled option to enable/disable plugins in the chrome://plugins + +------------------------------------------------------------------- +Thu Feb 2 20:01:27 UTC 2017 - qvoheagbfovvhubzdxfx@posteo.net + +- Added the package 'chromium-privacy' with multiple patches + sourced from the release version on https://github.com/ + u4qo60z73t1c4hurv3ny/privacy_patches-oS_cr, which, when enabled + with the build option 'privacy', builds a version of Chromium + with less privacy implications due to Google services + integration. + +------------------------------------------------------------------- +Wed Feb 1 09:48:35 UTC 2017 - qvoheagbfovvhubzdxfx@posteo.net - Changed the build requirement of libavformat to library version 57.41.100, as included in ffmpeg 3.1.1, as only this version properly supports the public AVStream API 'codecpar'. + +------------------------------------------------------------------- +Tue Jan 31 14:08:26 UTC 2017 - tchvatal@suse.com + +- Version update to 56.0.2924.76 bsc#1022049: + - CVE-2017-5007: Universal XSS in Blink + - CVE-2017-5006: Universal XSS in Blink + - CVE-2017-5008: Universal XSS in Blink + - CVE-2017-5010: Universal XSS in Blink + - CVE-2017-5011: Unauthorised file access in Devtools + - CVE-2017-5009: Out of bounds memory access in WebRTC + - CVE-2017-5012: Heap overflow in V8 + - CVE-2017-5013: Address spoofing in Omnibox + - CVE-2017-5014: Heap overflow in Skia + - CVE-2017-5015: Address spoofing in Omnibox + - CVE-2017-5019: Use after free in Renderer + - CVE-2017-5016: UI spoofing in Blink + - CVE-2017-5017: Uninitialised memory access in webm video + - CVE-2017-5018: Universal XSS in chrome://apps + - CVE-2017-5020: Universal XSS in chrome://downloads + - CVE-2017-5021: Use after free in Extensions + - CVE-2017-5022: Bypass of Content Security Policy in Blink + - CVE-2017-5023: Type confusion in metrics + - CVE-2017-5024: Heap overflow in FFmpeg + - CVE-2017-5025: Heap overflow in FFmpeg + - CVE-2017-5026: UI spoofing. Credit to Ronni Skansing +- Add conditional to switch between system and bundled icu +- Raise dependency on harfbuzz to 1.3.1 +- Also refresh patches: + chromium-prop-codecs.patch chromium-linker-memory.patch + +------------------------------------------------------------------- +Sat Jan 28 11:31:18 UTC 2017 - qvoheagbfovvhubzdxfx@posteo.net + - Added patch chromium-enable-vaapi-on-suse.patch to enable VAAPI hardware accelerated video decoding. - * chromium-enable-vaapi-on-suse.patch -- Fixed a typo in the build requirements for system minizip. ------------------------------------------------------------------- -Fri Feb 3 10:38:16 UTC 2017 - tchvatal@suse.com +Wed Dec 21 20:19:42 UTC 2016 - astieger@suse.com -- Update to 57.0.2987.21 +- Chromium 55.0.2883.87: + * various fixes for crashes and specific wesites + * update Google pinned certificates ------------------------------------------------------------------- -Wed Feb 1 12:44:58 UTC 2017 - tchvatal@suse.com +Wed Dec 21 10:02:52 UTC 2016 - tchvatal@suse.com -- Update to 57.0.2987.19 +- Disable system icu on Factory, crashes autofill ------------------------------------------------------------------- -Sun Jan 29 17:58:34 UTC 2017 - tchvatal@suse.com - -- Version update to 57.0.2987.13 - -------------------------------------------------------------------- -Wed Jan 25 13:47:13 UTC 2017 - tchvatal@suse.com - -- Update to 57.0.2987.8 - -------------------------------------------------------------------- -Tue Jan 24 10:43:32 UTC 2017 - tchvatal@suse.com - -- Update to 57.0.2986.0 - -------------------------------------------------------------------- -Thu Jan 19 10:40:36 UTC 2017 - tchvatal@suse.com - -- Version update to 57.0.2984.0 - -------------------------------------------------------------------- -Fri Jan 13 09:13:44 UTC 2017 - tchvatal@suse.com - -- Drop the support code for builtin ffmpeg and rely on the system one always - -------------------------------------------------------------------- -Fri Jan 6 11:53:25 UTC 2017 - tchvatal@suse.com - -- Exclude i586 arch as the resources to build are not there - -------------------------------------------------------------------- -Wed Jan 4 12:36:34 UTC 2017 - tchvatal@suse.com - -- Add toolchain definition hopefully allowing us to build on Leap - with older gcc - * This also exposes more of our suse CFLAGS to the compilation - -------------------------------------------------------------------- -Wed Jan 4 12:07:26 UTC 2017 - tchvatal@suse.com - -- Version update to 57.0.2970.0 -- Refresh patch: - * fix-gn-bootstrap.diff -- Drop patch: - * chromium-sandbox.patch - -------------------------------------------------------------------- -Tue Dec 20 14:55:38 UTC 2016 - tchvatal@suse.com - -- Use gcc5 on leap - -------------------------------------------------------------------- -Mon Dec 19 10:30:45 UTC 2016 - tchvatal@suse.com - -- Update to 57.0.2946.4 - -------------------------------------------------------------------- -Wed Dec 14 10:45:26 UTC 2016 - tchvatal@suse.com - -- Allow building with non-system icu on older systems -- Refresh patch fix-gn-bootstrap.diff -- Disable system icu again, fails to build even on factory - -------------------------------------------------------------------- -Tue Dec 13 14:42:30 UTC 2016 - idonmez@suse.com +Tue Dec 13 14:38:08 UTC 2016 - idonmez@suse.com - python-html5lib now depends on six, so preserve that too for SLE builds. ------------------------------------------------------------------- -Sun Dec 11 13:12:44 UTC 2016 - tchvatal@suse.com +Fri Dec 9 12:07:10 UTC 2016 - astieger@suse.com -- Version update to 57.0.2946.0 +- Obsolete ffmpeg and ffmpegsumo package in addition to conflict ------------------------------------------------------------------- -Sun Dec 11 13:04:36 UTC 2016 - tchvatal@suse.com +Mon Dec 5 17:08:45 UTC 2016 - astieger@suse.com -- Version update to 56.0.2924.21 +- record minimum version for harfbuzz, incuding runtime + Chromium will crash with harfbuzz < 1.3.0 ------------------------------------------------------------------- -Thu Dec 8 08:33:17 UTC 2016 - tchvatal@suse.com +Sat Dec 3 09:59:21 UTC 2016 - tchvatal@suse.com -- Version update to 56.0.2924.18 +- Chromium 55.0.2883.75 bnc#1013236: + CVE-2016-9651 CVE-2016-5208 CVE-2016-5207 CVE-2016-5206 CVE-2016-5205 + CVE-2016-5204 CVE-2016-5209 CVE-2016-5203 CVE-2016-5210 CVE-2016-5212 + CVE-2016-5211 CVE-2016-5213 CVE-2016-5214 CVE-2016-5216 CVE-2016-5215 + CVE-2016-5217 CVE-2016-5218 CVE-2016-5219 CVE-2016-5221 CVE-2016-5220 + CVE-2016-5222 CVE-2016-9650 CVE-2016-5223 CVE-2016-5226 CVE-2016-5225 + CVE-2016-5224 CVE-2016-9652 +- Switch to system libraries: harfbuzz, zlib, ffmpeg, ... +- Refreshed patches: + * chromium-system-ffmpeg-r3.patch + * chromium-system-jinja-r13.patch +- Use system ffmpeg unless on 13.2 that didn't include it + * chromium-54-ffmpeg2compat.patch + * Remove upstreamed chromium-more-codec-aliases.patch +- Remove bookmarks override as discussed with artwork simply just set + homepage to our openSUSE one and that is all ------------------------------------------------------------------- -Sat Dec 3 12:03:04 UTC 2016 - tchvatal@suse.com +Sat Nov 12 08:20:05 UTC 2016 - astieger@suse.com -- Version update to 56.0.2924.14 - -------------------------------------------------------------------- -Tue Nov 29 21:13:49 UTC 2016 - tchvatal@suse.com - -- Version update to 56.0.2924.10 - -------------------------------------------------------------------- -Tue Nov 22 07:40:21 UTC 2016 - tchvatal@suse.com - -- Version update to 56.0.2922.1 - -------------------------------------------------------------------- -Fri Nov 18 08:35:30 UTC 2016 - tchvatal@suse.com - -- Version update to 56.0.2920.0 - -------------------------------------------------------------------- -Mon Nov 14 13:13:16 UTC 2016 - tchvatal@suse.com - -- Version update to 56.0.2914.3: - * refresh patch chromium-prop-codecs.patch +- Chromium 54.0.2840.100: + * CVE-2016-5199: Heap corruption in FFmpeg (boo#1009892) + * CVE-2016-5200: out of bounds memory access in v8 (boo#1009893) + * CVE-2016-5201: info leak in extensions (boo#1009894) + * CVE-2016-5202: various fixes from internal audits (boo#1009895) ------------------------------------------------------------------- Mon Nov 7 20:02:46 UTC 2016 - tchvatal@suse.com @@ -922,96 +1003,63 @@ Mon Nov 7 20:02:46 UTC 2016 - tchvatal@suse.com bnc#1008725 ------------------------------------------------------------------- -Sun Nov 6 09:41:28 UTC 2016 - tchvatal@suse.com +Wed Nov 2 07:32:27 UTC 2016 - tchvatal@suse.com -- Put chromium-flags at the end to allow user to override various - variables +- Update to 54.0.2840.90: + * Few fixes and tweaks + * Fixes CVE-2016-5198 bsc#1008274 ------------------------------------------------------------------- -Wed Nov 2 07:36:15 UTC 2016 - tchvatal@suse.com +Fri Oct 21 10:27:16 UTC 2016 - tchvatal@suse.com -- Update to 56.0.2906.0 +- Update to 54.0.2840.71: + * Few fixes around ------------------------------------------------------------------- -Fri Oct 28 16:59:28 UTC 2016 - tchvatal@suse.com +Thu Oct 13 10:19:03 UTC 2016 - tchvatal@suse.com -- Update to 56.0.2902.0 - * Update fix-gn-bootstrap.diff +- Version update to 54.0.2840.59 bnc#1004465: + - CVE-2016-5181: Universal XSS in Blink (Anonymous) + - CVE-2016-5182: Heap overflow in Blink (Giwan Go of STEALIEN) + - CVE-2016-5183: Use after free in PDFium (Anonymous) + - CVE-2016-5184: Use after free in PDFium (Anonymous) + - CVE-2016-5185: Use after free in Blink (cloudfuzzer) + - CVE-2016-5187: URL spoofing (Luan Herrera) + - CVE-2016-5188: UI spoofing (Luan Herrera) + - CVE-2016-5192: Cross-origin bypass in Blink (haojunhou at gmail) + - CVE-2016-5189: URL spoofing (xisigr of Tencent's Xuanwu Lab) + - CVE-2016-5186: Out of bounds read in DevTools (Abdulrahman Alqabandi) + - CVE-2016-5191: Universal XSS in Bookmarks (Gareth Hughes) + - CVE-2016-5190: Use after free in Internals (Atte Kettunen of OUSPG) + - CVE-2016-5193: Scheme bypass (Yuyang ZHOUmartinzhou96) +- packaging changes: + * disable build for chromium-beta on %arm. + * Make linker use less memory by tweaking its options: + chromium-linker-memory.patch + * obsolete desktop subpackages + * Switch to gold to reduce memory use use during build + * fix build on 4.5+ kernels with systemlibs: + chromium-sandbox.patch + * various compiler and linker flag adjustments + * enable gtk3 ui, add patch gtk3-missing-define.patch + * switch from some bundled libraries to the system versions + chromium-system-ffmpeg-r3.patch + chromium-system-jinja-r13.patch + fix-gn-bootstrap.diff + * remove service file covered by download_files +- run time bug fixes: + * Add --ui-disable-partial-swap to the launcher bnc#1000019 + * Use default chromium values from master_preferences on first run + rather than pseudo-duplicating in shellscript +- added features: + * hangouts extension ------------------------------------------------------------------- -Mon Oct 24 13:06:07 UTC 2016 - tchvatal@suse.com +Fri Sep 30 08:00:45 UTC 2016 - tchvatal@suse.com -- Update to 56.0.2897.0 - * Refresh patch chromium-linker-memory.patch - * Update fix-gn-bootstrap.diff - -------------------------------------------------------------------- -Mon Oct 24 11:44:08 UTC 2016 - tchvatal@suse.com - -- Try to make package buildable on SLE12 Backports project - -------------------------------------------------------------------- -Fri Oct 21 10:34:39 UTC 2016 - tchvatal@suse.com - -- Update to 55.0.2883.21 -- Add switch between bundled and system icu as on old distributions - we simply have too old ICU -- Add switch for bundled/system minizip as it is not available on 42.1 - -------------------------------------------------------------------- -Thu Oct 20 07:52:26 UTC 2016 - tchvatal@suse.com - -- Version update to 55.0.2883.18 - -------------------------------------------------------------------- -Mon Oct 17 12:06:03 UTC 2016 - tchvatal@suse.com - -- Version update to 55.0.2883.11 -- Drop chromium-system-zlib.patch -- Add Requires on specified browser for chromedriver wrt bnc#1004839 - -------------------------------------------------------------------- -Sun Oct 9 18:16:49 UTC 2016 - tchvatal@suse.com - -- Version update to 55.0.2882.0: - * Rebase fix-gn-bootstrap.diff - * Remove upstreamed chromium-more-codec-aliases.patch - -------------------------------------------------------------------- -Sat Oct 8 09:51:35 UTC 2016 - mailaender@opensuse.org - -- Add appdata.xml for https://en.opensuse.org/openSUSE:AppStore - -------------------------------------------------------------------- -Fri Sep 30 07:12:16 UTC 2016 - dmueller@suse.com - -- disable build for chromium-beta on %arm. while it does build, - it takes two days, in which we can build roughly 600 other packages, - and I rather build 600 other packages than chromium-beta. - -------------------------------------------------------------------- -Wed Sep 28 17:32:17 UTC 2016 - tchvatal@suse.com - -- Version update to 55.0.2873.0: - * refresh fix-gn-bootstrap.diff - -------------------------------------------------------------------- -Tue Sep 27 08:08:38 UTC 2016 - tchvatal@suse.com - -- Do not install default_bookmarks.html file, just set homepage - and that's it -- Drop chromium-rpmlintrc not really needed - -------------------------------------------------------------------- -Mon Sep 26 14:07:58 UTC 2016 - tchvatal@suse.com - -- Drop chrome-wrapper file it is unused - -------------------------------------------------------------------- -Mon Sep 26 12:29:52 UTC 2016 - tchvatal@suse.com - -- Add --ui-disable-partial-swap to the launcher bnc#1000019 - cr#628168 +- Version update to 53.0.2785.143 bnc#1002140: + * CVE-2016-5177: Use after free in V8 + * CVE-2016-5178: Various fixes from internal audits ------------------------------------------------------------------- Mon Sep 26 12:22:41 UTC 2016 - dimstar@opensuse.org @@ -1020,153 +1068,50 @@ Mon Sep 26 12:22:41 UTC 2016 - dimstar@opensuse.org it's started as an Xwayland client (boo#1001135). ------------------------------------------------------------------- -Mon Sep 26 08:18:16 UTC 2016 - tchvatal@suse.com +Sat Sep 17 11:36:18 UTC 2016 - tchvatal@suse.com -- Update to 55.0.2868.3: - * remove patch gtk3-missing-define.patch - * update patch fix-gn-bootstrap.diff - * add patch chromium-system-zlib.patch -- Use system icu, upstream bug was fixed - -------------------------------------------------------------------- -Wed Sep 21 09:50:26 UTC 2016 - tchvatal@suse.com - -- Enable system libs again as it works for now -- Disable system vpx on < Factory as the vpx there is too old -- Now stable -> enable tcmalloc again - -------------------------------------------------------------------- -Tue Sep 20 09:00:29 UTC 2016 - tchvatal@suse.com - -- Make linker use less memory by tweaking its options: - * chromium-linker-memory.patch -- Update constraints for arm a bit to build -- Use system ffmpeg unless on 13.2 that didn't include it - * chromium-54-ffmpeg2compat.patch - -------------------------------------------------------------------- -Fri Sep 16 09:12:17 UTC 2016 - tchvatal@suse.com - -- Fix obsoletes for the desktop thingies - -------------------------------------------------------------------- -Thu Sep 15 12:02:32 UTC 2016 - tchvatal@suse.com - -- Gtk3 is still buggy -> disable -- Remove systemlibs for now except ffmpeg as it causes tons of problems - -------------------------------------------------------------------- -Wed Sep 14 14:57:42 UTC 2016 - tchvatal@suse.com - -- Switch to component build - solves issue with linking and not - enough memory -- Document in defaults how to actually enable debugging -- Remove noop conditions and empty variables from .sh script - launching chromium - -------------------------------------------------------------------- -Wed Sep 14 07:31:47 UTC 2016 - tchvatal@suse.com - -- Enable aarch64 to see how it goes -- Version update to 55.0.2859.0 - -------------------------------------------------------------------- -Tue Sep 13 17:13:47 UTC 2016 - tchvatal@suse.com - -- Do not bother with widevine installation, we need to build the - connectors, but later need to use the one bundled with chrome to - work with drm anyway - -------------------------------------------------------------------- -Tue Sep 13 12:53:23 UTC 2016 - tchvatal@suse.com - -- Switch to gold, we need to use less memory when linking -- Expand constraints for the debug symbols -- Use default chromium values from master_preferences on first run - rather than pseudo-duplicating in shellscript, bugs should be - fixed in the masterprefs -- Add patch to fix build on 4.5+ kernels with systemlibs: +- Apply sandbox patch to fix crashers on tumbleweed bnc#999091 * chromium-sandbox.patch ------------------------------------------------------------------- -Mon Sep 12 17:21:26 UTC 2016 - tchvatal@suse.com +Thu Sep 15 13:09:21 UTC 2016 - tchvatal@suse.com -- Collapse the ninja calls to run only once, no need to start 3x -- Remove g0 from cflags, that is something we never want, at least - some symbols for tracing are useful -- Sync more the options that are available for the build +- Version update stable channel 53.0.2785.116 + * Just smal bugfixes around ------------------------------------------------------------------- -Mon Sep 12 08:55:09 UTC 2016 - tchvatal@suse.com +Wed Sep 14 07:35:09 UTC 2016 - tchvatal@suse.com -- Enable more switches that are found in the gn files -- Try to enable gtk3 ui again - * add patch gtk3-missing-define.patch +- Version update to 53.0.2785.113 bnc#998743: + * CVE-2016-5170 Use after free in Blink + * CVE-2016-5171 Use after free in Blink + * CVE-2016-5172 Arbitrary Memory Read in v8 + * CVE-2016-5173 Extension resource access + * CVE-2016-5174 Popup not correctly suppressed + * CVE-2016-5175 Various fixes from internal audits ------------------------------------------------------------------- -Sun Sep 11 09:14:14 UTC 2016 - tchvatal@suse.com +Mon Sep 12 08:31:59 UTC 2016 - tchvatal@suse.com -- Move widevine to subpackage so user have choice between the built - one and the chrome one +- Reenable widevine build again bnc#998328 ------------------------------------------------------------------- -Sat Sep 10 11:02:42 UTC 2016 - tchvatal@suse.com +Sat Sep 10 09:13:37 UTC 2016 - tchvatal@suse.com -- Version update to dev chanel 55.0.2853.0 -- Refresh patches: - * chromium-system-ffmpeg-r3.patch - * chromium-system-jinja-r13.patch -- Correctly detect system ffmpeg and set branding to allow all codecs - that the ffmpeg can work with (eg we simply passover all the data - and do not bother with blacklist/whitelist) +- Stable channel update to 53.0.2785.101 + * SPDY crasher fixes + * Disable NV12 DXGI video on AMD + * Forward --password-store switch to os_crypt + * Tell the kernel to discard USB requests when they time out. ------------------------------------------------------------------- -Sat Sep 10 08:58:20 UTC 2016 - tchvatal@suse.com +Wed Sep 7 14:50:44 UTC 2016 - astieger@suse.com -- Update to 54.0.2840.16 -- Expand provides/obsoletes for the desktop subpackages to remove - them all - -------------------------------------------------------------------- -Thu Sep 8 13:23:30 UTC 2016 - tchvatal@suse.com - -- Enable hangouts extension -- Try to build widevine drm extension instead of using the one from - packman bnc#998328 -- Go back to normal malloc from bundled tcmalloc, switch back when - we can use system one - -------------------------------------------------------------------- -Wed Sep 7 06:36:15 UTC 2016 - tchvatal@suse.com - -- Update to 54.0.2840.14 -- Switch back to gcc on factory -- Switch some bundled libraries off courtesy of gentoo build system -- Try to use system ffmpeg if possible -- Remove useless service file, "osc service localrun download_files" - works fine enough even without it -- Add patches for system jinja and ffmpeg (gentoo): - * chromium-system-ffmpeg-r3.patch - * chromium-system-jinja-r13.patch -- Add back gcc compat patch: - * gcc60-fixes.diff - -------------------------------------------------------------------- -Tue Sep 6 08:32:06 UTC 2016 - tchvatal@suse.com - -- Switch to compile using clang as google has default - * Only for factory on 1320 and older use gcc -- Obsolete kde/gnome subpackages, useless nowdays -- Determine paralelism based on how much memory we have -- Disable gtk3 it seems to be really messy with rendering nowdays - * Stick with gtk2 for time being -- Enable tcmalloc as memory manager -- Sort out with spec-cleaner -- Drop unused patches: - * fix-older-gcc.patch - * gcc60-fixes.diff -- Do not install chromium-generic to libdir just directly go to bindir -- Remove empty pre function +- Update to Chromium 53.0.2785.92: + * Revert of support relocatable RPM packages + * disallow WKBackForwardListItem navigations for pushState pages + * arc: bluetooth: Fix advertised uuid + * fix conflicting PendingIntent for stop button and swipe away ------------------------------------------------------------------- Thu Sep 1 04:04:13 UTC 2016 - tittiatcoke@gmail.com diff --git a/chromium.spec b/chromium.spec index c758f1a..c31e7fa 100644 --- a/chromium.spec +++ b/chromium.spec @@ -187,12 +187,12 @@ Provides: chromium-browser = %{version} Obsoletes: %{name}-suid-helper < %{version} Obsoletes: chromium-browser < %{version} Provides: %{name}-suid-helper = %{version} -Obsoletes: chromium-desktop-kde -Obsoletes: chromium-desktop-gnome -Obsoletes: chromium-beta-desktop-kde Obsoletes: chromium-beta-desktop-gnome -Obsoletes: chromium-dev-desktop-kde +Obsoletes: chromium-beta-desktop-kde +Obsoletes: chromium-desktop-gnome +Obsoletes: chromium-desktop-kde Obsoletes: chromium-dev-desktop-gnome +Obsoletes: chromium-dev-desktop-kde Obsoletes: chromium-ffmpeg Obsoletes: chromium-ffmpegsumo # no 32bit supported and it takes ages to build From c6b1b76114f08c648d9283901c00fe4f715232bdcee1046db0f4486af748ca85 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Thu, 6 Sep 2018 09:14:29 +0000 Subject: [PATCH 47/52] - Split out the gn from this package, obsoletes patches: * fix-gn-bootstrap.patch * chromium-last-commit-position-r0.patch OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1161 --- chromium-last-commit-position-r0.patch | 30 -------------------------- chromium.changes | 7 ++++++ fix-gn-bootstrap.patch | 0 3 files changed, 7 insertions(+), 30 deletions(-) delete mode 100644 chromium-last-commit-position-r0.patch delete mode 100644 fix-gn-bootstrap.patch diff --git a/chromium-last-commit-position-r0.patch b/chromium-last-commit-position-r0.patch deleted file mode 100644 index 01e0588..0000000 --- a/chromium-last-commit-position-r0.patch +++ /dev/null @@ -1,30 +0,0 @@ -Index: chromium-69.0.3452.0/tools/gn/gn_main.cc -=================================================================== ---- chromium-69.0.3452.0.orig/tools/gn/gn_main.cc -+++ chromium-69.0.3452.0/tools/gn/gn_main.cc -@@ -19,13 +19,7 @@ - #include "tools/gn/standard_out.h" - #include "tools/gn/switches.h" - --// Only the GN-generated build makes this header for now. --// TODO(brettw) consider adding this if we need it in GYP. --#if defined(GN_BUILD) --#include "tools/gn/last_commit_position.h" --#else - #define LAST_COMMIT_POSITION "UNKNOWN" --#endif - - namespace { - -Index: chromium-69.0.3452.0/tools/gn/BUILD.gn -=================================================================== ---- chromium-69.0.3452.0.orig/tools/gn/BUILD.gn -+++ chromium-69.0.3452.0/tools/gn/BUILD.gn -@@ -268,7 +268,6 @@ executable("gn") { - - deps = [ - ":gn_lib", -- ":last_commit_position", - "//base", - "//build/win:default_exe_manifest", - ] diff --git a/chromium.changes b/chromium.changes index a5147cc..6ba8053 100644 --- a/chromium.changes +++ b/chromium.changes @@ -1,3 +1,10 @@ +------------------------------------------------------------------- +Thu Sep 6 09:13:49 UTC 2018 - Tomáš Chvátal + +- Split out the gn from this package, obsoletes patches: + * fix-gn-bootstrap.patch + * chromium-last-commit-position-r0.patch + ------------------------------------------------------------------- Thu Sep 6 09:09:57 UTC 2018 - Tomáš Chvátal diff --git a/fix-gn-bootstrap.patch b/fix-gn-bootstrap.patch deleted file mode 100644 index 473a0f4..0000000 From f04cb256bb2e2b5d6827419f470053548466e643402d323c61a56c9bf473d6a8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Thu, 6 Sep 2018 09:14:59 +0000 Subject: [PATCH 48/52] OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1162 --- chromium.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/chromium.spec b/chromium.spec index c31e7fa..f6d4f81 100644 --- a/chromium.spec +++ b/chromium.spec @@ -39,7 +39,7 @@ %endif %bcond_with system_vpx %bcond_with clang -Name: chromium-beta +Name: chromium Version: 69.0.3497.81 Release: 0 Summary: Google's open source browser project From d65cd5410c9b52df6fd2eaf57676f340b9547d737559b701500e8c5a27f5abcd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Thu, 6 Sep 2018 13:59:16 +0000 Subject: [PATCH 49/52] - Add patch to fix mojo build on 32bit: * chromium-gcc8-alignof.patch OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1163 --- chromium-gcc8-alignof.patch | 25 +++++++++++++++++++++++++ chromium.changes | 6 ++++++ chromium.spec | 1 + 3 files changed, 32 insertions(+) create mode 100644 chromium-gcc8-alignof.patch diff --git a/chromium-gcc8-alignof.patch b/chromium-gcc8-alignof.patch new file mode 100644 index 0000000..746783e --- /dev/null +++ b/chromium-gcc8-alignof.patch @@ -0,0 +1,25 @@ +From: Fedora +Subject: Fix build for 32-bit platforms + +Apparently not upstream, can't find this anywhere. So I assume Fedora is the actual source? +https://src.fedoraproject.org/cgit/rpms/chromium.git/tree/chromium-66.0.3359.170-gcc8-alignof.patch + +Index: chromium-69.0.3497.81/mojo/public/c/system/macros.h +=================================================================== +--- chromium-69.0.3497.81.orig/mojo/public/c/system/macros.h ++++ chromium-69.0.3497.81/mojo/public/c/system/macros.h +@@ -27,7 +27,13 @@ + (sizeof(void*) == 4 ? 32 : 0) + + // Like the C++11 |alignof| operator. +-#if __cplusplus >= 201103L ++#if defined(__GNUC__) && __GNUC__ >= 8 ++// GCC 8 has changed the alignof operator to return the minimal alignment ++// required by the target ABI, instead of the preferred alignment. ++// This means that on 32-bit x86, it will return 4 instead of 8. ++// Use __alignof__ instead to avoid this. ++#define MOJO_ALIGNOF(type) __alignof__(type) ++#elif __cplusplus >= 201103L + #define MOJO_ALIGNOF(type) alignof(type) + #elif defined(__GNUC__) + #define MOJO_ALIGNOF(type) __alignof__(type) diff --git a/chromium.changes b/chromium.changes index 6ba8053..1e08eee 100644 --- a/chromium.changes +++ b/chromium.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Thu Sep 6 13:27:18 UTC 2018 - tchvatal@suse.com + +- Add patch to fix mojo build on 32bit: + * chromium-gcc8-alignof.patch + ------------------------------------------------------------------- Thu Sep 6 09:13:49 UTC 2018 - Tomáš Chvátal diff --git a/chromium.spec b/chromium.spec index f6d4f81..c626f40 100644 --- a/chromium.spec +++ b/chromium.spec @@ -74,6 +74,7 @@ Patch10: chromium-skia-aarch64-buildfix.patch Patch11: chromium-vpx-aarch64.patch Patch12: chromium-system-icu.patch Patch13: chromium-old-glibc.patch +Patch14: chromium-gcc8-alignof.patch # Google seem not too keen on merging this but GPU accel is quite important # https://chromium-review.googlesource.com/c/chromium/src/+/532294 # https://github.com/saiarcot895/chromium-ubuntu-build/tree/master/debian/patches From 895a9457f7014b4132945a71ec96418ec0e161320bc3d6d68a7745310c6a4d01 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Fri, 7 Sep 2018 07:31:19 +0000 Subject: [PATCH 50/52] * CVE-2018-16086: Script injection in New Tab Page. * CVE-2018-16087: Multiple download restriction bypass. * CVE-2018-16088: User gesture requirement bypass. OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1164 --- _constraints | 2 +- chromium.changes | 3 +++ 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/_constraints b/_constraints index ebd3b8c..05817d9 100644 --- a/_constraints +++ b/_constraints @@ -5,7 +5,7 @@ 20 - 6 + 8 diff --git a/chromium.changes b/chromium.changes index 1e08eee..eff2457 100644 --- a/chromium.changes +++ b/chromium.changes @@ -36,6 +36,9 @@ Thu Sep 6 09:09:57 UTC 2018 - Tomáš Chvátal * CVE-2018-16083: Out of bounds read in WebRTC * CVE-2018-16084: User confirmation bypass in external protocol handling * CVE-2018-16085: Use after free in Memory Instrumentation + * CVE-2018-16086: Script injection in New Tab Page. + * CVE-2018-16087: Multiple download restriction bypass. + * CVE-2018-16088: User gesture requirement bypass. - Added patches: * chromium-old-glibc.patch * chromium-system-icu.patch From 31ab81bb392c3a15065ee7bcf2f30496687bfd7c71b396f169cd508787b10b35 Mon Sep 17 00:00:00 2001 From: OBS User buildservice-autocommit Date: Fri, 7 Sep 2018 13:41:48 +0000 Subject: [PATCH 51/52] Updating link to change in openSUSE:Factory/chromium revision 195.0 OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=67a1925ca098976dc80a430290aabc17 --- chromium.changes | 44 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 44 insertions(+) diff --git a/chromium.changes b/chromium.changes index eff2457..e03d8dc 100644 --- a/chromium.changes +++ b/chromium.changes @@ -14,6 +14,50 @@ Thu Sep 6 09:13:49 UTC 2018 - Tomáš Chvátal ------------------------------------------------------------------- Thu Sep 6 09:09:57 UTC 2018 - Tomáš Chvátal +- Version update to 69.0.3497.81 bsc#1107235: + * CVE-2018-16065: Out of bounds write in V8 + * CVE-2018-16066:Out of bounds read in Blink + * CVE-2018-16067: Out of bounds read in WebAudio + * CVE-2018-16068: Out of bounds write in Mojo + * CVE-2018-16069:Out of bounds read in SwiftShader + * CVE-2018-16070: Integer overflow in Skia + * CVE-2018-16071: Use after free in WebRTC + * CVE-2018-16073: Site Isolation bypass after tab restore + * CVE-2018-16074: Site Isolation bypass using Blob URLS + * Out of bounds read in Little-CMS + * CVE-2018-16075: Local file access in Blink + * CVE-2018-16076: Out of bounds read in PDFium + * CVE-2018-16077: Content security policy bypass in Blink + * CVE-2018-16078: Credit card information leak in Autofill + * CVE-2018-16079: URL spoof in permission dialogs + * CVE-2018-16080: URL spoof in full screen mode + * CVE-2018-16081: Local file access in DevTools + * CVE-2018-16082: Stack buffer overflow in SwiftShader + * CVE-2018-16083: Out of bounds read in WebRTC + * CVE-2018-16084: User confirmation bypass in external protocol handling + * CVE-2018-16085: Use after free in Memory Instrumentation +- Added patches: + * chromium-old-glibc.patch + * chromium-system-icu.patch + * chromium-warnings.patch +- Removed patches: + * chromium-cors-string.patch + * chromium-crashpad-aarch64-fix.patch + * chromium-ffmpeg.patch + * chromium-gcc.patch + * chromium-gcc7.patch + * chromium-libjpeg.patch + * chromium-libwebp-shim.patch +- Rebased patches: + * chromium-last-commit-position-r0.patch + * chromium-non-void-return.patch + * chromium-sandbox-pie.patch + * chromium-skia-system-fontconfig.patch + * chromium-vaapi.patch + +------------------------------------------------------------------- +Thu Sep 6 09:09:57 UTC 2018 - Tomáš Chvátal + - Version update to 69.0.3497.81 bsc#1107235: * CVE-2018-16065: Out of bounds write in V8 * CVE-2018-16066:Out of bounds read in Blink From cb1b0b1d4181e3672f7f7e682f5b82a41ebbf5907fd862c40290c375bded6e79 Mon Sep 17 00:00:00 2001 From: OBS User buildservice-autocommit Date: Fri, 7 Sep 2018 13:41:48 +0000 Subject: [PATCH 52/52] Accepting request 633746 from network:chromium baserev update by copy to link target OBS-URL: https://build.opensuse.org/request/show/633746 OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1165 --- chromium.changes | 44 -------------------------------------------- 1 file changed, 44 deletions(-) diff --git a/chromium.changes b/chromium.changes index e03d8dc..eff2457 100644 --- a/chromium.changes +++ b/chromium.changes @@ -14,50 +14,6 @@ Thu Sep 6 09:13:49 UTC 2018 - Tomáš Chvátal ------------------------------------------------------------------- Thu Sep 6 09:09:57 UTC 2018 - Tomáš Chvátal -- Version update to 69.0.3497.81 bsc#1107235: - * CVE-2018-16065: Out of bounds write in V8 - * CVE-2018-16066:Out of bounds read in Blink - * CVE-2018-16067: Out of bounds read in WebAudio - * CVE-2018-16068: Out of bounds write in Mojo - * CVE-2018-16069:Out of bounds read in SwiftShader - * CVE-2018-16070: Integer overflow in Skia - * CVE-2018-16071: Use after free in WebRTC - * CVE-2018-16073: Site Isolation bypass after tab restore - * CVE-2018-16074: Site Isolation bypass using Blob URLS - * Out of bounds read in Little-CMS - * CVE-2018-16075: Local file access in Blink - * CVE-2018-16076: Out of bounds read in PDFium - * CVE-2018-16077: Content security policy bypass in Blink - * CVE-2018-16078: Credit card information leak in Autofill - * CVE-2018-16079: URL spoof in permission dialogs - * CVE-2018-16080: URL spoof in full screen mode - * CVE-2018-16081: Local file access in DevTools - * CVE-2018-16082: Stack buffer overflow in SwiftShader - * CVE-2018-16083: Out of bounds read in WebRTC - * CVE-2018-16084: User confirmation bypass in external protocol handling - * CVE-2018-16085: Use after free in Memory Instrumentation -- Added patches: - * chromium-old-glibc.patch - * chromium-system-icu.patch - * chromium-warnings.patch -- Removed patches: - * chromium-cors-string.patch - * chromium-crashpad-aarch64-fix.patch - * chromium-ffmpeg.patch - * chromium-gcc.patch - * chromium-gcc7.patch - * chromium-libjpeg.patch - * chromium-libwebp-shim.patch -- Rebased patches: - * chromium-last-commit-position-r0.patch - * chromium-non-void-return.patch - * chromium-sandbox-pie.patch - * chromium-skia-system-fontconfig.patch - * chromium-vaapi.patch - -------------------------------------------------------------------- -Thu Sep 6 09:09:57 UTC 2018 - Tomáš Chvátal - - Version update to 69.0.3497.81 bsc#1107235: * CVE-2018-16065: Out of bounds write in V8 * CVE-2018-16066:Out of bounds read in Blink