(dev release 2025-03-13)
- also use nodejs 22 for sle15
- Chromium 134.0.6998.88
(stable released 2025-03-11) (boo#1239216)
* CVE-2025-1920: Type Confusion in V8
* CVE-2025-2135: Type Confusion in V8
* CVE-TBD: Out of bounds write in GPU
* CVE-2025-2136: Use after free in Inspector
* CVE-2025-2137: Out of bounds read in V8
OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium-dev?expand=0&rev=77
system-libdrm.patch (context update)
gcc-enable-lto.patch (context update)
chromium-127-constexpr.patch (context update)
- add to keeplibs:
third_party/protobuf/third_party/utf8_range
- config variable changed from use_qt to use_qt5
- replace patch
chromium-134-specialize-some-to_value_list.patch
by patch
chromium-134-type-mismatch-error.patch (from fedora)
- Chromium 134.0.6998.35
(stable release 2025-03-04) (boo#1238575)
* CVE-2025-1914: Out of bounds read in V8
* CVE-2025-1915: Improper Limitation of a Pathname to a Restricted Directory in DevTools
* CVE-2025-1916: Use after free in Profiles
* CVE-2025-1917: Inappropriate Implementation in Browser UI
* CVE-2025-1918: Out of bounds read in PDFium
* CVE-2025-1919: Out of bounds read in Media
* CVE-2025-1921: Inappropriate Implementation in Media Stream
* CVE-2025-1922: Inappropriate Implementation in Selection
* CVE-2025-1923: Inappropriate Implementation in Permission Prompts
- Chromium 133.0.6943.141 (boo#1237699)
This update includes 1 security fix.
* Various fixes from internal audits, fuzzing and other initiatives
OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium-dev?expand=0&rev=72
(dev release 2025-02-20)
chromium-134-revert-two-to_value_list.patch
- reenable qt6 for TW
- Chromium 133.0.6943.126 (boo#1237343)
* CVE-2025-0999: Heap buffer overflow in V8
* CVE-2025-1426: Heap buffer overflow in GPU
* CVE-2025-1006: Use after free in Network
- add patch chromium-133-bring_back_and_disable_allowlist.patch
trying to fix issues with YT playback (bsc#1237071)
- Chromium 133.0.6943.98
(stable released 2025-02-12) (bsc#1237121)
* CVE-2025-0995: Use after free in V8
* CVE-2025-0996: Inappropriate implementation in Browser UI
* CVE-2025-0997: Use after free in Navigation
* CVE-2025-0998: Out of bounds memory access in V8
OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium-dev?expand=0&rev=61
(dev release 2025-01-31)
- dropped patches: (obsolete with recent llvm)
chromium-130-no-hardware_destructive_interference_size.patch
- Chromium 133.0.6943.35
(beta released 2025-01-29)
- drop chromium-132-old_libdrm.patch
obsolete as we are not building for 15.5 anymore
OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium-dev?expand=0&rev=37
(dev release 2025-01-24)
- Chromium 133.0.6943.27
(beta released 2025-01-23)
- use llvm19 also on 15.6/SLE-15-SP6
chromium-119-assert.patch
(code dropped upstream)
- modified patches
(rest of code is gone upstream, see commit
- update context in
chromium-102-regex_pattern-array.patch
chromium-125-ffmpeg-5.x-reordered_opaque.patch
third_party/wasm_tts_engine (needed by tools/grit)
v8/third_party/siphash (moved inside of v8)
v8/third_party/utf8-decoder (moved inside of v8)
v8/third_party/valgrind (moved inside of v8)
- drop from keeplibs (gone in source):
third_party/jstemplate does not exist
third_party/qcms does not exist
- drop buildreq for libevent and libevent from system libs
as the lib was dropped upstream
- added patches (as revert for llvm17 in sp6):
chromium-add-atomicops.patch
(upstream commit d29b01737a841b5627249d50f007dcdc7e26462b)
(upstream commit 780efe38034cfdc1bdf4c74e82e7ca7c14e8ac5b
does not seem to be in 133 yet)
chromium-133-string_view.patch
(one more place to use string_view, also only llvm17)
- update INSTALL.sh to generate appdata.xml from template
OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium-dev?expand=0&rev=27
(dev release 2024-12-12)
- Chromium 132.0.6834.57
(beta released 2024-12-19)
- Chromium 131.0.6778.204 (boo#1234704)
* CVE-2024-12692: Type Confusion in V8
* CVE-2024-12693: Out of bounds memory access in V8
* CVE-2024-12694: Use after free in Compositing
* CVE-2024-12695: Out of bounds write in V8
* Various fixes from internal audits, fuzzing and other initiatives
- Chromium 131.0.6778.139 (boo#1234361)
* CVE-2024-12381: Type Confusion in V8
* CVE-2024-12382: Use after free in Translate
* Various fixes from internal audits, fuzzing and other initiatives
OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium-dev?expand=0&rev=24
