From 9a9269b0ec5e373ab7e1edad13c8b4a319db80fb277655d8c3b5633b6d49013f Mon Sep 17 00:00:00 2001
From: Ruediger Oertel <ro@suse.de>
Date: Thu, 7 Aug 2025 15:49:26 +0200
Subject: [PATCH 1/5] add libffmpeg if using bundled version

---
 INSTALL.sh       | 8 ++++++++
 chromium.changes | 5 +++++
 2 files changed, 13 insertions(+)

diff --git a/INSTALL.sh b/INSTALL.sh
index 31c861b..57eb3b2 100644
--- a/INSTALL.sh
+++ b/INSTALL.sh
@@ -120,6 +120,14 @@ if [ -f "${OUTPUTDIR}/libqt6_shim.so" ]; then
   install -m ${SHLIB_PERMS} "${buildfile}" "${STAGEDIR}/${INSTALLDIR}/${file}"
 fi
 
+# FFMPEG (if using the bundled one)
+if [ -f "${OUTPUTDIR}/libffmpeg.so" ]; then
+    file="libffmpeg.so"
+    buildfile="${OUTPUTDIR}/${file}"
+    install -m ${SHLIB_PERMS} "${buildfile}" "${STAGEDIR}/${INSTALLDIR}/${file}"
+fi
+
+
 # default apps
 if [ -d "${OUTPUTDIR}/default_apps" ]; then
     cp -a "${OUTPUTDIR}/default_apps" "${STAGEDIR}/${INSTALLDIR}/"
diff --git a/chromium.changes b/chromium.changes
index 9d5fb12..ad6e0eb 100644
--- a/chromium.changes
+++ b/chromium.changes
@@ -1,3 +1,8 @@
+-------------------------------------------------------------------
+Thu Aug  7 15:48:37 CEST 2025 - ro@suse.de
+
+- really install libffmpeg.so if using the bundled one 
+
 -------------------------------------------------------------------
 Wed Aug  6 12:47:40 CEST 2025 - ro@suse.de
 
-- 
2.51.1


From 265dc0c2c88adc4854b143c88f3385ae05c0503f421c2a4b16976ab9abc3573e Mon Sep 17 00:00:00 2001
From: Ruediger Oertel <ro@suse.de>
Date: Thu, 7 Aug 2025 22:34:03 +0200
Subject: [PATCH 2/5] fix ffmpeg dep issue

---
 chromium.changes | 1 +
 chromium.spec    | 1 +
 2 files changed, 2 insertions(+)

diff --git a/chromium.changes b/chromium.changes
index ad6e0eb..fb5f5a4 100644
--- a/chromium.changes
+++ b/chromium.changes
@@ -2,6 +2,7 @@
 Thu Aug  7 15:48:37 CEST 2025 - ro@suse.de
 
 - really install libffmpeg.so if using the bundled one 
+  and block the extra dependency
 
 -------------------------------------------------------------------
 Wed Aug  6 12:47:40 CEST 2025 - ro@suse.de
diff --git a/chromium.spec b/chromium.spec
index 29a5ec9..ab65f8e 100644
--- a/chromium.spec
+++ b/chromium.spec
@@ -22,6 +22,7 @@
 %define outputdir out
 # bsc#1108175
 %define __provides_exclude ^lib.*\\.so.*$
+%define __requires_exclude ^libffmpeg\\.so.*$
 # suse_version 1500 all of sle code 15, all of leap15
 # suse_version 1600 all of alp, slfo
 # suse_version 1699 tw
-- 
2.51.1


From afa4140dfaaabdb99fabf97b2796f633a0e2cd518b91e92c2bc3c832d5e8bf51 Mon Sep 17 00:00:00 2001
From: Andreas Stieger <Andreas.Stieger@gmx.de>
Date: Wed, 13 Aug 2025 06:22:29 +0200
Subject: [PATCH 3/5] update to 139.0.7258.127

---
 chromium-139.0.7258.127-linux.tar.xz |  3 +++
 chromium-139.0.7258.66-linux.tar.xz  |  3 ---
 chromium.changes                     | 11 +++++++++++
 chromium.spec                        |  2 +-
 4 files changed, 15 insertions(+), 4 deletions(-)
 create mode 100644 chromium-139.0.7258.127-linux.tar.xz
 delete mode 100644 chromium-139.0.7258.66-linux.tar.xz

diff --git a/chromium-139.0.7258.127-linux.tar.xz b/chromium-139.0.7258.127-linux.tar.xz
new file mode 100644
index 0000000..7b1f98e
--- /dev/null
+++ b/chromium-139.0.7258.127-linux.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:140e6a3b5f21f128d807812befdc15bc1eb0b1bf9c9f4445414236272b50646e
+size 1605436988
diff --git a/chromium-139.0.7258.66-linux.tar.xz b/chromium-139.0.7258.66-linux.tar.xz
deleted file mode 100644
index 37029dc..0000000
--- a/chromium-139.0.7258.66-linux.tar.xz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:8cd37b224dba4fc5e3c8ac98cc278d17a713a3b5a2f1dbb241ad94caca83d630
-size 1608741372
diff --git a/chromium.changes b/chromium.changes
index fb5f5a4..db3f460 100644
--- a/chromium.changes
+++ b/chromium.changes
@@ -1,3 +1,14 @@
+-------------------------------------------------------------------
+Wed Aug 13 04:21:07 UTC 2025 - Andreas Stieger <andreas.stieger@gmx.de>
+
+- Chromium 139.0.7258.127 (boo#1247981):
+  * CVE-2025-8879: Heap buffer overflow in libaom
+  * CVE-2025-8880: Race in V8
+  * CVE-2025-8901: Out of bounds write in ANGLE
+  * CVE-2025-8881: Inappropriate implementation in File Picker
+  * CVE-2025-8882: Use after free in Aura
+  * Various fixes from internal audits, fuzzing and other initiatives
+
 -------------------------------------------------------------------
 Thu Aug  7 15:48:37 CEST 2025 - ro@suse.de
 
diff --git a/chromium.spec b/chromium.spec
index ab65f8e..689aa01 100644
--- a/chromium.spec
+++ b/chromium.spec
@@ -112,7 +112,7 @@
 %global official_build 1
 
 Name:           chromium%{n_suffix}
-Version:        139.0.7258.66
+Version:        139.0.7258.127
 Release:        0
 Summary:        Google's open source browser project
 License:        BSD-3-Clause AND LGPL-2.1-or-later
-- 
2.51.1


From e557e90812e01ebf657107ff8f1ed8db7548aaf3b9a7af48706899d5db898080 Mon Sep 17 00:00:00 2001
From: Andreas Stieger <Andreas.Stieger@gmx.de>
Date: Tue, 19 Aug 2025 23:09:27 +0200
Subject: [PATCH 4/5] update to 139.0.7258.138

---
 chromium-139.0.7258.127-linux.tar.xz | 3 ---
 chromium-139.0.7258.138-linux.tar.xz | 3 +++
 chromium.changes                     | 6 ++++++
 chromium.spec                        | 2 +-
 4 files changed, 10 insertions(+), 4 deletions(-)
 delete mode 100644 chromium-139.0.7258.127-linux.tar.xz
 create mode 100644 chromium-139.0.7258.138-linux.tar.xz

diff --git a/chromium-139.0.7258.127-linux.tar.xz b/chromium-139.0.7258.127-linux.tar.xz
deleted file mode 100644
index 7b1f98e..0000000
--- a/chromium-139.0.7258.127-linux.tar.xz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:140e6a3b5f21f128d807812befdc15bc1eb0b1bf9c9f4445414236272b50646e
-size 1605436988
diff --git a/chromium-139.0.7258.138-linux.tar.xz b/chromium-139.0.7258.138-linux.tar.xz
new file mode 100644
index 0000000..85cc418
--- /dev/null
+++ b/chromium-139.0.7258.138-linux.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:3c6d42580e4957d4d116cdd39ef6de99be51b82a927f869941248284932bbafc
+size 1605931036
diff --git a/chromium.changes b/chromium.changes
index db3f460..89c4182 100644
--- a/chromium.changes
+++ b/chromium.changes
@@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Tue Aug 19 21:07:41 UTC 2025 - Andreas Stieger <andreas.stieger@gmx.de>
+
+- Chromium 139.0.7258.138 (boo#1248315):
+  * CVE-2025-9132: Out of bounds write in V8
+
 -------------------------------------------------------------------
 Wed Aug 13 04:21:07 UTC 2025 - Andreas Stieger <andreas.stieger@gmx.de>
 
diff --git a/chromium.spec b/chromium.spec
index 689aa01..f90bc1b 100644
--- a/chromium.spec
+++ b/chromium.spec
@@ -112,7 +112,7 @@
 %global official_build 1
 
 Name:           chromium%{n_suffix}
-Version:        139.0.7258.127
+Version:        139.0.7258.138
 Release:        0
 Summary:        Google's open source browser project
 License:        BSD-3-Clause AND LGPL-2.1-or-later
-- 
2.51.1


From 1e55d20318f68edb1ef98b27fc665a39e5e7983cc1c9eb25b4edf287cae180a0 Mon Sep 17 00:00:00 2001
From: Ruediger Oertel <ro@suse.de>
Date: Wed, 27 Aug 2025 12:14:13 +0200
Subject: [PATCH 5/5] update to 139.0.7258.154

---
 chromium-139.0.7258.138-linux.tar.xz | 3 ---
 chromium-139.0.7258.154-linux.tar.xz | 3 +++
 chromium.changes                     | 6 ++++++
 chromium.spec                        | 2 +-
 4 files changed, 10 insertions(+), 4 deletions(-)
 delete mode 100644 chromium-139.0.7258.138-linux.tar.xz
 create mode 100644 chromium-139.0.7258.154-linux.tar.xz

diff --git a/chromium-139.0.7258.138-linux.tar.xz b/chromium-139.0.7258.138-linux.tar.xz
deleted file mode 100644
index 85cc418..0000000
--- a/chromium-139.0.7258.138-linux.tar.xz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:3c6d42580e4957d4d116cdd39ef6de99be51b82a927f869941248284932bbafc
-size 1605931036
diff --git a/chromium-139.0.7258.154-linux.tar.xz b/chromium-139.0.7258.154-linux.tar.xz
new file mode 100644
index 0000000..62ed2d6
--- /dev/null
+++ b/chromium-139.0.7258.154-linux.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:b8d77d5daaede589a5f77ea79bf3e11ada53ab7ace1ca083cc2e5399d9bc53e8
+size 1605973936
diff --git a/chromium.changes b/chromium.changes
index 89c4182..9dbd6a9 100644
--- a/chromium.changes
+++ b/chromium.changes
@@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Wed Aug 27 12:12:26 CEST 2025 - ro@suse.de
+
+- Chromium 139.0.7258.154 (boo#1248769)
+  * CVE-2025-9478: Use after free in ANGLE
+
 -------------------------------------------------------------------
 Tue Aug 19 21:07:41 UTC 2025 - Andreas Stieger <andreas.stieger@gmx.de>
 
diff --git a/chromium.spec b/chromium.spec
index f90bc1b..b81ab0b 100644
--- a/chromium.spec
+++ b/chromium.spec
@@ -112,7 +112,7 @@
 %global official_build 1
 
 Name:           chromium%{n_suffix}
-Version:        139.0.7258.138
+Version:        139.0.7258.154
 Release:        0
 Summary:        Google's open source browser project
 License:        BSD-3-Clause AND LGPL-2.1-or-later
-- 
2.51.1