Update submodules from pool/chromium#11 and create patchinfo.20251010110535882810.90520734224245/_patchinfo

Merge pull request 'Remove unneeded micro patterns from SLES' (#170 ) from bigironman/PackageHub:leap-16.0 into leap-16.0
Reviewed-on: products/PackageHub#170 Reviewed-by: autogits_obs_staging_bot <autogits_obs_staging_bot@noreply.src.opensuse.org>
2025-10-10 13:06:00 +02:00 · 2025-10-10 11:48:06 +02:00 · 2025-10-10 11:46:31 +02:00 · 2025-10-10 10:57:14 +02:00 · 2025-10-10 10:36:11 +02:00 · 2025-10-09 14:22:32 +00:00
6 changed files with 25803 additions and 6 deletions
--- a/0Backports/Backports.changes
+++ b/0Backports/Backports.changes
@@ -1,3 +1,22 @@
+-------------------------------------------------------------------
+Fri Oct 10 07:19:41 UTC 2025 - Wolfgang Engel <wolfgang.engel@suse.com>
+
+- Backports.productcompose:
+  + add to backports_unneeded, not needed 
+    micro patterns that are coming from SLES
+      patterns-micro-alt_onlyDVD                               
+      patterns-micro-cloud                                     
+      patterns-micro-defaults                                  
+      patterns-micro-fips                                      
+      patterns-micro-hardware                                  
+      patterns-micro-ima-evm                                   
+      patterns-micro-kvm_host                                  
+      patterns-micro-onlyDVD                                   
+      patterns-micro-ra-agent                                  
+      patterns-micro-ra-verifier                               
+      patterns-micro-salt_minion                               
+      patterns-micro-sssd-ldap            
+
 -------------------------------------------------------------------
 Mon Oct  6 14:49:27 UTC 2025 - Wolfgang Engel <wolfgang.engel@suse.com>

--- a/0Backports/Backports.productcompose
+++ b/0Backports/Backports.productcompose
@@ -14,7 +14,7 @@ scc:

 build_options:
 ### For maintenance, otherwise only "the best" version of each package is picked:
-# - take_all_available_versions
+- take_all_available_versions
 - hide_flavor_in_product_directory_name

 ### Since the Backports product build is not self-contained in a single repository,
@@ -32,8 +32,8 @@ debug: split
 repodata: all

 # has only an effect during maintenance:
-set_updateinfo_from: maint-coord@suse.de
-# set_updateinfo_id_prefix: openSUSE-Leap-16.0-
+set_updateinfo_from: maintenance@opensuse.org
+set_updateinfo_id_prefix: SUSE-PackageHub-16.0-

 flavors:
  backports_aarch64:
@@ -204,7 +204,20 @@ packagesets:
  - pam-extra-32bit
  - patterns-base-kernel_livepatching
  - patterns-base-transactional_base
+  - patterns-micro-alt_onlyDVD
+  - patterns-micro-cloud
+  - patterns-micro-defaults
  - patterns-micro-elemental_client
+  - patterns-micro-defaults
+  - patterns-micro-fips
+  - patterns-micro-hardware
+  - patterns-micro-ima-evm
+  - patterns-micro-kvm_host
+  - patterns-micro-onlyDVD
+  - patterns-micro-ra-agent
+  - patterns-micro-ra-verifier
+  - patterns-micro-salt_minion
+  - patterns-micro-sssd-ldap
  - patterns-sap-bone
  - patterns-base-update_test
  - plymouth-branding-upstream
--- a/2
+++ b/2
--- a/patchinfo.20251010110535882810.90520734224245/_patchinfo
+++ b/patchinfo.20251010110535882810.90520734224245/_patchinfo
@@ -0,0 +1,66 @@
+<patchinfo>
+  <issue tracker="bnc" id="1251334">VUL-0: chromium: release 141.0.7390.65</issue>
+  <issue tracker="cve" id="2025-11213">VUL-0: chromium: release 141.0.7390.54</issue>
+  <issue tracker="cve" id="2025-11216">VUL-0: chromium: release 141.0.7390.54</issue>
+  <issue tracker="cve" id="2025-11207">VUL-0: chromium: release 141.0.7390.54</issue>
+  <issue tracker="cve" id="2025-11211">VUL-0: chromium: release 141.0.7390.54</issue>
+  <issue tracker="cve" id="2025-11212">VUL-0: chromium: release 141.0.7390.54</issue>
+  <issue tracker="cve" id="2025-11210">VUL-0: chromium: release 141.0.7390.54</issue>
+  <issue tracker="bnc" id="1250780">VUL-0: chromium: release 141.0.7390.54</issue>
+  <issue tracker="cve" id="2025-11208">VUL-0: chromium: release 141.0.7390.54</issue>
+  <issue tracker="cve" id="2025-10890">VUL-0: chromium: release 140.0.7339.207</issue>
+  <issue tracker="cve" id="2025-11206">VUL-0: chromium: release 141.0.7390.54</issue>
+  <issue tracker="cve" id="2025-11460">VUL-0: chromium: release 141.0.7390.65</issue>
+  <issue tracker="cve" id="2025-11219">VUL-0: chromium: release 141.0.7390.54</issue>
+  <issue tracker="bnc" id="1250472">VUL-0: chromium: release 140.0.7339.207</issue>
+  <issue tracker="cve" id="2025-11205">VUL-0: chromium: release 141.0.7390.54</issue>
+  <issue tracker="cve" id="2025-10891">VUL-0: chromium: release 140.0.7339.207</issue>
+  <issue tracker="cve" id="2025-11458"/>
+  <issue tracker="cve" id="2025-11215">VUL-0: chromium: release 141.0.7390.54</issue>
+  <issue tracker="cve" id="2025-11209">VUL-0: chromium: release 141.0.7390.54</issue>
+  <issue tracker="cve" id="2025-10892">VUL-0: chromium: release 140.0.7339.207</issue>
+  <packager>AndreasStieger</packager>
+  <rating>critical</rating>
+  <category>security</category>
+  <summary>Security update for chromium</summary>
+  <description>This update for chromium fixes the following issues:
+
+Chromium 141.0.7390.76:
+
+  * Do not send URLs as AIM input. This is to resolve a privacy
+    concern, around passing urls to AI Mode.
+
+Chromium 141.0.7390.65 (boo#1251334):
+
+  * CVE-2025-11458: Heap buffer overflow in Sync
+  * CVE-2025-11460: Use after free in Storage
+  * CVE-2025-11211: Out of bounds read in WebCodecs
+
+Chromium 141.0.7390.54 (stable released 2025-09-30) (boo#1250780)
+
+  * CVE-2025-11205: Heap buffer overflow in WebGPU
+  * CVE-2025-11206: Heap buffer overflow in Video
+  * CVE-2025-11207: Side-channel information leakage in Storage
+  * CVE-2025-11208: Inappropriate implementation in Media
+  * CVE-2025-11209: Inappropriate implementation in Omnibox
+  * CVE-2025-11210: Side-channel information leakage in Tab
+  * CVE-2025-11211: Out of bounds read in Media
+  * CVE-2025-11212: Inappropriate implementation in Media
+  * CVE-2025-11213: Inappropriate implementation in Omnibox
+  * CVE-2025-11215: Off by one error in V8
+  * CVE-2025-11216: Inappropriate implementation in Storage
+  * CVE-2025-11219: Use after free in V8
+  * Various fixes from internal audits, fuzzing and other initiatives
+
+Chromium 141.0.7390.37 (beta released 2025-09-24)
+
+Chromium 140.0.7339.207 (boo#1250472)
+
+  * CVE-2025-10890: Side-channel information leakage in V8
+  * CVE-2025-10891: Integer overflow in V8
+  * CVE-2025-10892: Integer overflow in V8
+
+</description>
+  <package>chromium</package>
+  <seperate_build_arch/>
+</patchinfo>
--- a/patchinfo.ga/_patchinfo
+++ b/patchinfo.ga/_patchinfo
--- a/workflow.config
+++ b/workflow.config
@@ -7,7 +7,7 @@
  "NoProjectGitPR": true,
  "Reviewers": [
    "*maintenance-release-review",
-    "+opensuse-review",
+    "*opensuse-review",
    "+legaldb",
    "-autogits_obs_staging_bot",
    "-qam-openqa-review"
@@ -64,7 +64,8 @@
        "mimi_vx",
        "mschnitzer",
        "msmeissn",
-        "openqa-maintenance"
+        "openqa-maintenance",
+        "szarate"
        ],
      "Silent": true
    }
Author	SHA256	Message	Date
Marcus Meissner	f250ad0669	Update submodules from pool/chromium#11 and create patchinfo.20251010110535882810.90520734224245/_patchinfo	2025-10-10 13:06:00 +02:00
Nathan Cutler	324825e0b7	Merge pull request 'Remove unneeded micro patterns from SLES' (#170 ) from bigironman/PackageHub:leap-16.0 into leap-16.0 Reviewed-on: products/PackageHub#170 Reviewed-by: autogits_obs_staging_bot <autogits_obs_staging_bot@noreply.src.opensuse.org>	2025-10-10 11:48:06 +02:00
Nathan Cutler	e736273676	Merge pull request 'enable maintenance flags' (#171 ) from msmeissn/PackageHub:adjust-for-maint into leap-16.0 Reviewed-on: products/PackageHub#171 Reviewed-by: autogits_obs_staging_bot <autogits_obs_staging_bot@noreply.src.opensuse.org>	2025-10-10 11:46:31 +02:00
Marcus Meissner	434d04cf96	enable maintenance flags	2025-10-10 10:57:14 +02:00
Wolfgang Engel	a97a485213	Remove unneeded micro patterns	2025-10-10 10:36:11 +02:00
AutoGits PR Review Bot	5d5cfbf4aa	Merging PR: products/PackageHub!168	2025-10-09 14:22:32 +00:00
Elisei Roca	0d97d2916b	Add szarate to qam-openqa-review	2025-10-09 16:04:46 +02:00
Elisei Roca	be9326b949	Enable opensuse-review on both PkgGit and PrjGit	2025-10-09 16:04:01 +02:00
Elisei Roca	da4eebb4e9	Merge pull request 'fix-pi-prefix' (#169 ) from msmeissn/PackageHub:fix-pi-prefix into leap-16.0 Reviewed-on: products/PackageHub#169	2025-10-09 16:00:53 +02:00
Marcus Meissner	68261dc6cd	Merge branch 'leap-16.0' into add-patchinfoga	2025-10-09 13:32:34 +02:00
Marcus Meissner	d29edb21a2	added patchinfo.ga to freeze packages at GA level	2025-10-09 10:36:53 +02:00