- Chromium 129.0.6668.58 (beta released 2024-09-17)
* CVE-2024-8904: Type Confusion in V8
* CVE-2024-8905: Inappropriate implementation in V8
* CVE-2024-8906: Incorrect security UI in Downloads
* CVE-2024-8907: Insufficient data validation in Omnibox
* CVE-2024-8908: Inappropriate implementation in Autofill
* CVE-2024-8909: Inappropriate implementation in UI
- Chromium 128.0.6613.137 (released 2024-09-10) (boo#1230391)
* CVE-2024-8636: Heap buffer overflow in Skia
* CVE-2024-8637: Use after free in Media Router
* CVE-2024-8638: Type Confusion in V8
* CVE-2024-8639: Use after free in Autofill
OBS-URL: https://build.opensuse.org/request/show/1201828
OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium-beta?expand=0&rev=56
- Chromium 129.0.6668.29 (beta released 2024-09-04)
- add to keeplibs:
third_party/rapidhash
- Chromium 128.0.6613.119 (released 2024-09-02) (boo#1230108)
* CVE-2024-8362: Use after free in WebAudio
* CVE-2024-7970: Out of bounds write in V8
- Chromium 128.0.6613.113 (boo#1229897)
* CVE-2024-7969: Type Confusion in V8
* CVE-2024-8193: Heap buffer overflow in Skia
* CVE-2024-8194: Type Confusion in V8
* CVE-2024-8198: Heap buffer overflow in Skia
OBS-URL: https://build.opensuse.org/request/show/1199635
OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium-beta?expand=0&rev=55
- Chromium 128.0.6613.36 (current beta release)
- modified patches:
* chromium-norar.patch drop most hunks,
upstream has a config for this now
* gcc-enable-lto.patch update context
* chromium-125-compiler.patch update context
* chromium-127-constexpr.patch update context
- drop patches: (should be obsolete with llvm>17 and libc++)
chromium-120-emplace.patch
chromium-125-emplace-struct.patch
- drop patches: (upstream)
* chromium-121-nullptr_t-without-namespace-std.patch
* chromium-123-stats-collector.patch
* chromium-127-paint-layer-header.patch
* chromium-127-ninja-1.21.1-deps-part0.patch
* chromium-127-ninja-1.21.1-deps-part1.patch
* chromium-127-ninja-1.21.1-deps-part2.patch
* chromium-127-ninja-1.21.1-deps-part3.patch
- disable rpmlint only for factory/tw where it is broken because
of the large archive size of the source here
- keeplibs add
third_party/devtools-frontend/src/front_end/third_party/
puppeteer/package/lib/esm/third_party/parsel-js
third_party/tflite/src/third_party/xla/xla/tsl/framework
- buildflags add
safe_browsing_use_unrar=false
OBS-URL: https://build.opensuse.org/request/show/1195041
OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium-beta?expand=0&rev=50
- Chromium 127.0.6533.119
* CVE-2024-7532: Out of bounds memory access in ANGLE
* CVE-2024-7533: Use after free in Sharing
* CVE-2024-7550: Type Confusion in V8
* CVE-2024-7534: Heap buffer overflow in Layout
* CVE-2024-7535: Inappropriate implementation in V8
* CVE-2024-7536: Use after free in WebAudio
- Chromium 127.0.6533.88
* CVE-2024-6988: Use after free in Downloads
* CVE-2024-6989: Use after free in Loader
* CVE-2024-6991: Use after free in Dawn
* CVE-2024-6992: Out of bounds memory access in ANGLE
* CVE-2024-6993: Inappropriate implementation in Canvas
* CVE-2024-6994: Heap buffer overflow in Layout
* CVE-2024-6995: Inappropriate implementation in Fullscreen
* CVE-2024-6996: Race in Frames
* CVE-2024-6997: Use after free in Tabs
* CVE-2024-6998: Use after free in User Education
* CVE-2024-6999: Inappropriate implementation in FedCM
* CVE-2024-7000: Use after free in CSS. Reported by Anonymous
* CVE-2024-7001: Inappropriate implementation in HTML
* CVE-2024-7003: Inappropriate implementation in FedCM
* CVE-2024-7004: Insufficient validation of untrusted input
in Safe Browsing
* CVE-2024-7005: Insufficient validation of untrusted input
in Safe Browsing
* CVE-2024-6990: Uninitialized Use in Dawn
* CVE-2024-7255: Out of bounds read in WebTransport
* CVE-2024-7256: Insufficient data validation in Dawn
OBS-URL: https://build.opensuse.org/request/show/1194297
OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium-beta?expand=0&rev=48
* CVE-2024-11110: Inappropriate implementation in Blink.
* CVE-2024-11111: Inappropriate implementation in Autofill.
* CVE-2024-11112: Use after free in Media.
(n/a for linux)
* CVE-2024-11113: Use after free in Accessibility.
* CVE-2024-11114: Inappropriate implementation in Views.
(n/a for linux)
* CVE-2024-11115: Insufficient policy enforcement in Navigation.
(n/a for linux)
* CVE-2024-11116: Inappropriate implementation in Paint.
* CVE-2024-11117: Inappropriate implementation in FileSystem.
OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=2020
