- Add patch to fix crashpad build on aarch64:
* chromium-fix_crashpad.patch
- Refresh patch:
* chromium-non-void-return.patch
- Add new patch to fix aarch64 build:
* chromium-fix_swiftshader.patch
- Update %arm build, but keep it disabled for now, as ld requires
lots of RAM
- Up to 72.0.3626.14
- Update chromium-vaapi.patch
- Update chromium-system-icu.patch
- Increase %limit_build value to avoid OOM
- Rework aarch64 build requirements
- Reduce jumbo_file_merge_limit to 8 for aarch64 to avoid OOM
- Fix again aarch64 skia build:
* chromium-skia-aarch64-buildfix.patch
- Up to 71.0.3551.3
- Up to 70.0.3528.4
- Up to chromium-70.0.3521.2
- Add patch trying to build with system icu:
* chromium-system-icu.patch
- Up to chromium-70.0.3510.0
- Up to 69.0.3497.23
- Up to chromium-69.0.3497.12
- Add patch to fix aarch64 build:
* chromium-vpx-aarch64.patch
- Up to 69.0.3493.3
- Up to 69.0.3486.0
- Up to 69.0.3472.3
OBS-URL: https://build.opensuse.org/request/show/684653
OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1231
* CVE-2019-5754: Inappropriate implementation in QUIC Networking. Reported by Klzgrad on 2018-12-12
* CVE-2019-5782: Inappropriate implementation in V8. Reported by Qixun Zhao of Qihoo 360 Vulcan Team via Tianfu Cup on 2018-11-16
* CVE-2019-5755: Inappropriate implementation in V8. Reported by Jay Bosamiya on 2018-12-10
* CVE-2019-5756: Use after free in PDFium. Reported by Anonymous on 2018-10-14
* CVE-2019-5757: Type Confusion in SVG. Reported by Alexandru Pitis, Microsoft Browser Vulnerability Research on 2018-12-15
* CVE-2019-5758: Use after free in Blink. Reported by Zhe Jin(金哲),Luyao Liu(刘路遥) from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd on 2018-12-11
* CVE-2019-5759: Use after free in HTML select elements. Reported by Almog Benin on 2018-12-05
* CVE-2019-5760: Use after free in WebRTC. Reported by Zhe Jin(金哲),Luyao Liu(刘路遥) from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd on 2018-12-05
* CVE-2019-5761: Use after free in SwiftShader. Reported by Zhe Jin(金哲),Luyao Liu(刘路遥) from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd on 2018-11-13
* CVE-2019-5762: Use after free in PDFium. Reported by Anonymous on 2018-10-31
* CVE-2019-5763: Insufficient validation of untrusted input in V8. Reported by Guang Gong of Alpha Team, Qihoo 360 on 2018-12-13
* CVE-2019-5764: Use after free in WebRTC. Reported by Eyal Itkin from Check Point Software Technologies on 2018-12-09
* CVE-2019-5765: Insufficient policy enforcement in the browser. Reported by Sergey Toshin (@bagipro) on 2019-01-16
* CVE-2019-5766: Insufficient policy enforcement in Canvas. Reported by David Erceg on 2018-11-20
* CVE-2019-5767: Incorrect security UI in WebAPKs. Reported by Haoran Lu, Yifan Zhang, Luyi Xing, and Xiaojing Liao from Indiana University Bloomington on 2018-11-06
* CVE-2019-5768: Insufficient policy enforcement in DevTools. Reported by Rob Wu on 2018-01-24
* CVE-2019-5769: Insufficient validation of untrusted input in Blink. Reported by Guy Eshel on 2018-12-11
* CVE-2019-5770: Heap buffer overflow in WebGL. Reported by hemidallt@ on 2018-11-27
* CVE-2019-5771: Heap buffer overflow in SwiftShader. Reported by Zhe Jin(金哲),Luyao Liu(刘路遥) from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd on 2018-11-12
* CVE-2019-5772: Use after free in PDFium. Reported by Zhen Zhou of NSFOCUS Security Team on 2018-11-26
* CVE-2019-5773: Insufficient data validation in IndexedDB. Reported by Yongke Wang of Tencent's Xuanwu Lab (xlab.tencent.com) on 2018-12-24
* CVE-2019-5774: Insufficient validation of untrusted input in SafeBrowsing. Reported by Junghwan Kang (ultract) and Juno Im on 2018-11-11
* CVE-2019-5775: Insufficient policy enforcement in Omnibox. Reported by evi1m0 of Bilibili Security Team on 2018-10-18
* CVE-2019-5776: Insufficient policy enforcement in Omnibox. Reported by Lnyas Zhang on 2018-07-14
* CVE-2019-5777: Insufficient policy enforcement in Omnibox. Reported by Khalil Zhani on 2018-06-04
* CVE-2019-5778: Insufficient policy enforcement in Extensions. Reported by David Erceg on 2019-01-02
* CVE-2019-5779: Insufficient policy enforcement in ServiceWorker. Reported by David Erceg on 2018-11-11
* CVE-2019-5780: Insufficient policy enforcement. Reported by Andreas Hegenberg (folivora.AI GmbH) on 2018-10-03
* CVE-2019-5781: Insufficient policy enforcement in Omnibox. Reported by evi1m0 of Bilibili Security Team on 2018-10-18
OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1218
- Add patch to fix aarch64 build:
* chromium-crashpad-fix_aarch64.patch
- Refresh patch:
* chromium-non-void-return.patch
- Add new patch to fix aarch64 build:
* chromium-fix_swiftshader.patch
- Up to 72.0.3626.14
- Update chromium-vaapi.patch
- Update chromium-system-icu.patch
- Rework aarch64 build requirements
- Reduce jumbo_file_merge_limit to 8 for aarch64 to avoid OOM
- Fix again aarch64 skia build:
- Up to 71.0.3551.3
- Up to 70.0.3528.4
- Up to chromium-70.0.3521.2
- Add patch trying to build with system icu:
* chromium-system-icu.patch
- Up to chromium-70.0.3510.0
- Up to 69.0.3497.23
- Up to chromium-69.0.3497.12
- Add patch to fix aarch64 build:
* chromium-vpx-aarch64.patch
- Up to 69.0.3493.3
- Up to 69.0.3486.0
- Up to 69.0.3472.3
- Up to 69.0.3452.0
- Up to 68.0.3440.17
- Up to 68.0.3438.3
OBS-URL: https://build.opensuse.org/request/show/670066
OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1217
- CVE-2018-17480: Out of bounds write in V8
- CVE-2018-17481: Use after frees in PDFium
- CVE-2018-18335: Heap buffer overflow in Skia
- CVE-2018-18336: Use after free in PDFium
- CVE-2018-18337: Use after free in Blink
- CVE-2018-18338: Heap buffer overflow in Canvas
- CVE-2018-18339: Use after free in WebAudio
- CVE-2018-18340: Use after free in MediaRecorder
- CVE-2018-18341: Heap buffer overflow in Blink
- CVE-2018-18342: Out of bounds write in V8
- CVE-2018-18343: Use after free in Skia
- CVE-2018-18344: Inappropriate implementation in Extensions
- Multiple issues in SQLite via WebSQL
- CVE-2018-18345: Inappropriate implementation in Site Isolation
- CVE-2018-18346: Incorrect security UI in Blink
- CVE-2018-18347: Inappropriate implementation in Navigation
- CVE-2018-18348: Inappropriate implementation in Omnibox
- CVE-2018-18349: Insufficient policy enforcement in Blink
- CVE-2018-18350: Insufficient policy enforcement in Blink
- CVE-2018-18351: Insufficient policy enforcement in Navigation
- CVE-2018-18352: Inappropriate implementation in Media
- CVE-2018-18353: Inappropriate implementation in Network Authentication
- CVE-2018-18354: Insufficient data validation in Shell Integration
- CVE-2018-18355: Insufficient policy enforcement in URL Formatter
- CVE-2018-18356: Use after free in Skia
- CVE-2018-18357: Insufficient policy enforcement in URL Formatter
- CVE-2018-18358: Insufficient policy enforcement in Proxy.
- CVE-2018-18359: Out of bounds read in V8
- Inappropriate implementation in PDFium
OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1201
- Rework aarch64 build requirements
- Reduce jumbo_file_merge_limit to 8 for aarch64 to avoid OOM
- Fix again aarch64 skia build:
* chromium-skia-aarch64-buildfix.patch
- Update chromium-non-void-return.patch and use __builtin_abort
for switch cases of out of enum ranges.
- Up to 71.0.3551.3
- Up to 70.0.3528.4
- Up to chromium-70.0.3521.2
- Add patch trying to build with system icu:
* chromium-system-icu.patch
- Up to chromium-70.0.3510.0
- Up to 69.0.3497.23
- Up to chromium-69.0.3497.12
- Add patch to fix aarch64 build:
* chromium-vpx-aarch64.patch
- Up to 69.0.3493.3
- Up to 69.0.3486.0
- Up to 69.0.3472.3
- Up to 69.0.3452.0
- Up to 68.0.3440.17
- Up to 68.0.3438.3
- Up to 68.0.3432.3
- Fix AArch64 build with chromium-crashpad-aarch64-fix.patch
- Up to 68.0.3423.2
- Refresh patch chromium-master-prefs-path.patch
- Fix AArch64 build with chromium-skia-aarch64-buildfix.patch
- Add patch chromium-skia-system-fontconfig.patch bsc#1092272
- Up to 67.0.3393.30
- Enable build on AArch64
OBS-URL: https://build.opensuse.org/request/show/655505
OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1200
- System harfbuzz disable as we need git variant :(
- Up 70.0.3538.45
- Up 70.0.3538.35
- Bump the nodejs dependency to 10/8
- Up to 70.0.3538.22
- Up to 70.0.3528.4
- Up to chromium-70.0.3521.2
- Add patch trying to build with system icu:
- Up to chromium-70.0.3510.0
- Up to 69.0.3497.23
- Up to chromium-69.0.3497.12
- Add patch to fix aarch64 build:
* chromium-vpx-aarch64.patch
- Up to 69.0.3493.3
- Up to 69.0.3486.0
- Up to 69.0.3472.3
- Up to 69.0.3452.0
- Up to 68.0.3440.17
- Up to 68.0.3438.3
- Up to 68.0.3432.3
- Fix AArch64 build with chromium-crashpad-aarch64-fix.patch
- Up to 68.0.3423.2
- Refresh patch chromium-master-prefs-path.patch
- Fix AArch64 build with chromium-skia-aarch64-buildfix.patch
- Add patch chromium-skia-system-fontconfig.patch bsc#1092272
- Up to 67.0.3393.30
- Up to chromium-67.0.3396.18
- Up to 67.0.3393.4
- Refresh patch exclude_ymp.patch
OBS-URL: https://build.opensuse.org/request/show/642560
OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1178
* CVE-2018-16065: Out of bounds write in V8
* CVE-2018-16066:Out of bounds read in Blink
* CVE-2018-16067: Out of bounds read in WebAudio
* CVE-2018-16068: Out of bounds write in Mojo
* CVE-2018-16069:Out of bounds read in SwiftShader
* CVE-2018-16070: Integer overflow in Skia
* CVE-2018-16071: Use after free in WebRTC
* CVE-2018-16073: Site Isolation bypass after tab restore
* CVE-2018-16074: Site Isolation bypass using Blob URLS
* Out of bounds read in Little-CMS
* CVE-2018-16075: Local file access in Blink
* CVE-2018-16076: Out of bounds read in PDFium
* CVE-2018-16077: Content security policy bypass in Blink
* CVE-2018-16078: Credit card information leak in Autofill
* CVE-2018-16079: URL spoof in permission dialogs
* CVE-2018-16080: URL spoof in full screen mode
* CVE-2018-16081: Local file access in DevTools
* CVE-2018-16082: Stack buffer overflow in SwiftShader
* CVE-2018-16083: Out of bounds read in WebRTC
* CVE-2018-16084: User confirmation bypass in external protocol handling
* CVE-2018-16085: Use after free in Memory Instrumentation
- Added patches:
* chromium-old-glibc.patch
* chromium-system-icu.patch
* chromium-warnings.patch
- Removed patches:
* chromium-cors-string.patch
* chromium-crashpad-aarch64-fix.patch
* chromium-ffmpeg.patch
OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1160
