* CVE-2018-6153: Stack buffer overflow in Skia.
* CVE-2018-6154: Heap buffer overflow in WebGL.
* CVE-2018-6155: Use after free in WebRTC.
* CVE-2018-6156: Heap buffer overflow in WebRTC.
* CVE-2018-6157: Type confusion in WebRTC.
* CVE-2018-6158: Use after free in Blink.
* CVE-2018-6159: Same origin policy bypass in ServiceWorker.
* CVE-2018-6160: URL spoof in Chrome on iOS.
* CVE-2018-6161: Same origin policy bypass in WebAudio.
* CVE-2018-6162: Heap buffer overflow in WebGL.
* CVE-2018-6163: URL spoof in Omnibox.
* CVE-2018-6164: Same origin policy bypass in ServiceWorker.
* CVE-2018-6165: URL spoof in Omnibox.
* CVE-2018-6166: URL spoof in Omnibox.
* CVE-2018-6167: URL spoof in Omnibox.
* CVE-2018-6168: CORS bypass in Blink.
* CVE-2018-6169: Permissions bypass in extension installation.
* CVE-2018-6170: Type confusion in PDFium.
* CVE-2018-6171: Use after free in WebBluetooth.
* CVE-2018-6172: URL spoof in Omnibox.
* CVE-2018-6173: URL spoof in Omnibox.
* CVE-2018-6174: Integer overflow in SwiftShader.
* CVE-2018-6175: URL spoof in Omnibox.
* CVE-2018-6176: Local user privilege escalation in Extensions.
* CVE-2018-6177: Cross origin information leak in Blink.
* CVE-2018-6178: UI spoof in Extensions.
* CVE-2018-6179: Local file information leak in Extensions.
* CVE-2018-6044: Request privilege escalation in Extensions.
* CVE-2018-4117: Cross origin information leak in Blink.
OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1145
- Bump to 68.0.3440.75
- Up to chromium-68.0.3440.68
- Up to 68.0.3440.59
- Up to 68.0.3440.42
- Bump 68.0.3440.33
- Up to 68.0.3440.25
- Up to 68.0.3440.17
- Up to 68.0.3438.3
- Up to 68.0.3432.3
- Fix AArch64 build with chromium-crashpad-aarch64-fix.patch
- Up to 68.0.3423.2
- Refresh patch chromium-master-prefs-path.patch
- Fix AArch64 build with chromium-skia-aarch64-buildfix.patch
- Add patch chromium-skia-system-fontconfig.patch bsc#1092272
- Up to 67.0.3393.30
- Up to chromium-67.0.3396.18
- Up to 67.0.3393.4
- Refresh patch exclude_ymp.patch
- Bump to 67.0.3386.1
- Bump to 67.0.3381.1
- Bump to 67.0.3377.1
- Bump to 67.0.3371.0
- Remove no longer needed chromium-gcc7.patch
OBS-URL: https://build.opensuse.org/request/show/625247
OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1144
* CVE-2018-6123: Use after free in Blink.
* CVE-2018-6124: Type confusion in Blink.
* CVE-2018-6125: Overly permissive policy in WebUSB.
* CVE-2018-6126: Heap buffer overflow in Skia.
* CVE-2018-6127: Use after free in indexedDB.
* CVE-2018-6128: uXSS in Chrome on iOS.
* CVE-2018-6129: Out of bounds memory access in WebRTC.
* CVE-2018-6130: Out of bounds memory access in WebRTC.
* CVE-2018-6131: Incorrect mutability protection in WebAssembly.
* CVE-2018-6132: Use of uninitialized memory in WebRTC.
* CVE-2018-6133: URL spoof in Omnibox.
* CVE-2018-6134: Referrer Policy bypass in Blink.
* CVE-2018-6135: UI spoofing in Blink.
* CVE-2018-6136: Out of bounds memory access in V8.
* CVE-2018-6137: Leak of visited status of page in Blink.
* CVE-2018-6138: Overly permissive policy in Extensions.
* CVE-2018-6139: Restrictions bypass in the debugger extension API.
* CVE-2018-6140: Restrictions bypass in the debugger extension API.
* CVE-2018-6141: Heap buffer overflow in Skia.
* CVE-2018-6142: Out of bounds memory access in V8.
* CVE-2018-6143: Out of bounds memory access in V8.
* CVE-2018-6144: Out of bounds memory access in PDFium.
* CVE-2018-6145: Incorrect escaping of MathML in Blink.
* CVE-2018-6147: Password fields not taking advantage of OS protections in Views.
- Add patches to build on aarch and remove obsolete one:
* chromium-crashpad-aarch64-fix.patch
* chromium-skia-aarch64-buildfix.patch
* chromium-65.0.3325.162-skia-aarch64-buildfix.patch
* chromium-skia-neon.patch
OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1133
- Up to 67.0.3396.62
- Up to chromium-67.0.3396.56
- Fix SLE12 builds again
- Bump to 67.0.3396.48
- Fix AArch64 build with chromium-crashpad-aarch64-fix.patch
- Up to 67.0.3393.40
- Extend patch chromium-non-void-return.patch
- Fix AArch64 build with chromium-skia-aarch64-buildfix.patch
- Add patch chromium-skia-system-fontconfig.patch bsc#1092272
- Up to 67.0.3393.30
- Up to chromium-67.0.3396.18
- Up to 67.0.3393.4
- Refresh patch exclude_ymp.patch
- Bump to 67.0.3386.1
- Bump to 67.0.3381.1
- Bump to 67.0.3377.1
- Bump to 67.0.3371.0
- Remove no longer needed chromium-gcc7.patch
- Rebase fix_building_widevinecdm_with_chromium.patch to allow
widevine builds
- Bump to 66.0.3359.33
- Version bump to 66.0.3359.26
OBS-URL: https://build.opensuse.org/request/show/613035
OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1132
* CVE-2018-6085: Use after free in Disk Cache
* CVE-2018-6086: Use after free in Disk Cache
* CVE-2018-6087: Use after free in WebAssembly
* CVE-2018-6088: Use after free in PDFium
* CVE-2018-6089: Same origin policy bypass in Service Worker
* CVE-2018-6090: Heap buffer overflow in Skia
* CVE-2018-6091: Incorrect handling of plug-ins by Service Worker
* CVE-2018-6092: Integer overflow in WebAssembly
* CVE-2018-6093: Same origin bypass in Service Worker
* CVE-2018-6094: Exploit hardening regression in Oilpan
* CVE-2018-6095: Lack of meaningful user interaction requirement before file upload
* CVE-2018-6096: Fullscreen UI spoof
* CVE-2018-6097: Fullscreen UI spoof
* CVE-2018-6098: URL spoof in Omnibox
* CVE-2018-6099: CORS bypass in ServiceWorker
* CVE-2018-6100: URL spoof in Omnibox
* CVE-2018-6101: Insufficient protection of remote debugging prototol in DevTools
* CVE-2018-6102: URL spoof in Omnibox
* CVE-2018-6103: UI spoof in Permissions
* CVE-2018-6104: URL spoof in Omnibox
* CVE-2018-6105: URL spoof in Omnibox
* CVE-2018-6106: Incorrect handling of promises in V8
* CVE-2018-6107: URL spoof in Omnibox
* CVE-2018-6108: URL spoof in Omnibox
* CVE-2018-6109: Incorrect handling of files by FileAPI
* CVE-2018-6110: Incorrect handling of plaintext files via file://
* CVE-2018-6111: Heap-use-after-free in DevTools
* CVE-2018-6112: Incorrect URL handling in DevTools
* CVE-2018-6113: URL spoof in Navigation
OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1115
- Up to 66.0.3359.81
- Bump to 66.0.3359.66
- Update chromium-gcc7.patch to include more quirks
- Bump to 66.0.3359.45
- Bump to 66.0.3359.33
- Version bump to 66.0.3359.26
- Bump the requirement for the clang version
- Conditionalize harfbuzz switch
- Update to 66.0.3359.22
- Apply patches using %autopatch
- Add patch to build with gcc7 properly chromium-gcc7.patch
- Drop patch chromium-sandbox-pie.patch as we have pie default now
- Add patch to build with leap variant of drm chromium-drm.patch
- Add patch to build ffmpeg from system chromium-ffmpeg.patch
- Up to 66.0.3355.0
- Disable clang by default again
- Up to 66.0.3350.0
- Drop patch fix_network_api_crash.patch
- Bump to 66.0.3343.3
- Bump to 65.0.3325.51
- Disable gconf support
- Bump to 65.0.3325.31
- Update to 65.0.3325.18
- Try to have automatic ozone platform detection
OBS-URL: https://build.opensuse.org/request/show/597716
OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1114
* CVE-2018-16065: Out of bounds write in V8
* CVE-2018-16066:Out of bounds read in Blink
* CVE-2018-16067: Out of bounds read in WebAudio
* CVE-2018-16068: Out of bounds write in Mojo
* CVE-2018-16069:Out of bounds read in SwiftShader
* CVE-2018-16070: Integer overflow in Skia
* CVE-2018-16071: Use after free in WebRTC
* CVE-2018-16073: Site Isolation bypass after tab restore
* CVE-2018-16074: Site Isolation bypass using Blob URLS
* Out of bounds read in Little-CMS
* CVE-2018-16075: Local file access in Blink
* CVE-2018-16076: Out of bounds read in PDFium
* CVE-2018-16077: Content security policy bypass in Blink
* CVE-2018-16078: Credit card information leak in Autofill
* CVE-2018-16079: URL spoof in permission dialogs
* CVE-2018-16080: URL spoof in full screen mode
* CVE-2018-16081: Local file access in DevTools
* CVE-2018-16082: Stack buffer overflow in SwiftShader
* CVE-2018-16083: Out of bounds read in WebRTC
* CVE-2018-16084: User confirmation bypass in external protocol handling
* CVE-2018-16085: Use after free in Memory Instrumentation
- Added patches:
* chromium-old-glibc.patch
* chromium-system-icu.patch
* chromium-warnings.patch
- Removed patches:
* chromium-cors-string.patch
* chromium-crashpad-aarch64-fix.patch
* chromium-ffmpeg.patch
OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1160
* CVE-2018-6153: Stack buffer overflow in Skia.
* CVE-2018-6154: Heap buffer overflow in WebGL.
* CVE-2018-6155: Use after free in WebRTC.
* CVE-2018-6156: Heap buffer overflow in WebRTC.
* CVE-2018-6157: Type confusion in WebRTC.
* CVE-2018-6158: Use after free in Blink.
* CVE-2018-6159: Same origin policy bypass in ServiceWorker.
* CVE-2018-6160: URL spoof in Chrome on iOS.
* CVE-2018-6161: Same origin policy bypass in WebAudio.
* CVE-2018-6162: Heap buffer overflow in WebGL.
* CVE-2018-6163: URL spoof in Omnibox.
* CVE-2018-6164: Same origin policy bypass in ServiceWorker.
* CVE-2018-6165: URL spoof in Omnibox.
* CVE-2018-6166: URL spoof in Omnibox.
* CVE-2018-6167: URL spoof in Omnibox.
* CVE-2018-6168: CORS bypass in Blink.
* CVE-2018-6169: Permissions bypass in extension installation.
* CVE-2018-6170: Type confusion in PDFium.
* CVE-2018-6171: Use after free in WebBluetooth.
* CVE-2018-6172: URL spoof in Omnibox.
* CVE-2018-6173: URL spoof in Omnibox.
* CVE-2018-6174: Integer overflow in SwiftShader.
* CVE-2018-6175: URL spoof in Omnibox.
* CVE-2018-6176: Local user privilege escalation in Extensions.
* CVE-2018-6177: Cross origin information leak in Blink.
* CVE-2018-6178: UI spoof in Extensions.
* CVE-2018-6179: Local file information leak in Extensions.
* CVE-2018-6044: Request privilege escalation in Extensions.
* CVE-2018-4117: Cross origin information leak in Blink.
OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1145
- Bump to 68.0.3440.75
- Up to chromium-68.0.3440.68
- Up to 68.0.3440.59
- Up to 68.0.3440.42
- Bump 68.0.3440.33
- Up to 68.0.3440.25
- Up to 68.0.3440.17
- Up to 68.0.3438.3
- Up to 68.0.3432.3
- Fix AArch64 build with chromium-crashpad-aarch64-fix.patch
- Up to 68.0.3423.2
- Refresh patch chromium-master-prefs-path.patch
- Fix AArch64 build with chromium-skia-aarch64-buildfix.patch
- Add patch chromium-skia-system-fontconfig.patch bsc#1092272
- Up to 67.0.3393.30
- Up to chromium-67.0.3396.18
- Up to 67.0.3393.4
- Refresh patch exclude_ymp.patch
- Bump to 67.0.3386.1
- Bump to 67.0.3381.1
- Bump to 67.0.3377.1
- Bump to 67.0.3371.0
- Remove no longer needed chromium-gcc7.patch
OBS-URL: https://build.opensuse.org/request/show/625247
OBS-URL: https://build.opensuse.org/package/show/network:chromium/chromium?expand=0&rev=1144
