Update submodules from pool/chromium#33 and create patchinfo.20260213163213815955.255638743075857/_patchinfo

PR: products/PackageHub!389

.gitmodules

@@ -258,6 +258,10 @@
 	path = OpenShadingLanguage
 	url = ../../pool/OpenShadingLanguage
 	branch = leap-16.0
+[submodule "OpenSMTPD"]
+	path = OpenSMTPD
+	url = ../../pool/OpenSMTPD
+	branch = leap-16.0
 [submodule "OpenSubdiv"]
 	path = OpenSubdiv
 	url = ../../pool/opensubdiv

patchinfo.20260131182523692426.93181000773252/_patchinfo

@@ -0,0 +1,29 @@
+<patchinfo incident="packagehub-127">
+  <packager>eroca</packager>
+  <rating>moderate</rating>
+  <category>recommended</category>
+  <summary>Recommended update for kbuild</summary>
+  <description>This update for kbuild fixes the following issues:
+
+Changes in kbuild:
+
+- Update to snapshot 0.1.9998+svn3686
+  * header.kmk,footer-pass2-compiling-targets.kmk: Added EARLY_LIBS
+    and LATE_LIBS properties to better control the library order
+    when using templates. The libraries are collected from
+    EARLY_LIBS first, then LIBS, and LATE_LIBS last.
+  * header.kmk: Added KB_FN_LOAD_TOOL and KB_FN_LOAD_SDK for
+    explictly loading a tool or an sdk implementation.
+  * kmk: Automatically ascend if no makefile found and a goal was
+    given on the command line. This is to eliminating the need for
+    Makefile.kup-files as far as compiling individual source files
+    from an editor is concerned.
+  * header.kmk: Always zap the IFS variable so it won't confuse
+    kmk_ash.
+  * kmk/job.c: Deal with escape sequences inside double quotes when
+    we're using kmk_ash.
+  * kBuild/header.kmk: drop the .noarch suffix for
+    KBUILD_DEVTOOLS_TRG_NOARCH and KBUILD_DEVTOOLS_HST_NOARCH.
+</description>
+  <package>kbuild</package>
+</patchinfo>

patchinfo.20260203172101250739.93181000773252/_patchinfo

@@ -0,0 +1,56 @@
+<patchinfo incident="packagehub-128">
+  <issue tracker="cve" id="2024-46478"/>
+  <issue tracker="bnc" id="1232380">VUL-0: CVE-2024-46478: htmldoc: buffer overflow when handling tabs through the parse_pre function (ps-pdf.cxx)</issue>
+  <issue tracker="cve" id="2024-45508"/>
+  <packager>pgajdos</packager>
+  <rating>critical</rating>
+  <category>security</category>
+  <summary>Security update for htmldoc</summary>
+  <description>This update for htmldoc fixes the following issues:
+
+Changes in htmldoc:
+
+- CVE-2024-46478: Fixed buffer overflow when handling tabs through the parse_pre function (bsc#1232380).
+
+- version update to 1.9.23:
+  * Fixed a regression in list handling that caused a crash for empty list items
+    (Issue #553)
+  * Fixed a regression in the number of rendered table of contents levels in PDF
+    and PostScript output (Issue #554)
+
+- version update to 1.9.22:
+  * Added a "--without-http" configure option to build without CUPS HTTP/HTTPS
+    support (Issue #547)
+  * Updated HTTP/HTTPS support to work with both CUPS 2.x and 3.x.
+  * Updated the maximum image dimension to prevent integer overflow on 32-bit
+    platforms (Issue #550)
+  * Updated the HTML parser to correctly report the line number of errors in files
+    with more than 2^32-1 lines (Issue #551)
+  * Fixed a crash bug with certain markdown files (Issue #548)
+  * Fixed an unrestricted recursion bug when reading and formatting HTML (Issue #552)
+
+- version update to 1.9.21
+  * Updated HTTP/HTTPS connection error reporting to include the reason.
+  * Updated markdown parser.
+  * Updated the HTTP/HTTPS connection timeout to 5 minutes (Issue #541)
+  * Fixed a bug in the new PDF link code (Issue #536)
+  * Fixed a bug in the number-up code (Issue #539)
+  * Fixed a regression in leading whitespace handling (Issue #540)
+  * Fixed a bug in numbered heading support (Issue #543)
+  * Fixed a bug with setting the header on the first page (Issue #544)
+  * Fixed paths in the HTMLDOC snap (Issue #545)
+
+- update to 1.9.20:
+  * Fix a regression that caused spaces to disappear between some words
+  * Fix resolution of relative links within a document
+
+- includes changes from 1.9.19:
+  * Add support for ‘file’ method in links
+  * Update markdown support code to mmd
+  * Fix hyperlinks to subfolders
+  * Fix export of UTF-8 HTML
+  * Fix handling of whitespace-only nodes
+  * Fix case sensitivity of link targets
+</description>
+  <package>htmldoc</package>
+</patchinfo>

patchinfo.20260211133956922544.255638743075857/_patchinfo

@@ -0,0 +1,11 @@
+<patchinfo incident="packagehub-126">
+  <packager>eroca</packager>
+  <rating>moderate</rating>
+  <category>recommended</category>
+  <summary>Recommended update for OpenSMTPD</summary>
+  <description>This update for OpenSMTPD fixes the following issues:
+
+Introduce OpenSMTPD.
+</description>
+  <package>OpenSMTPD</package>
+</patchinfo>

patchinfo.20260211134802096631.255638743075857/_patchinfo

@@ -0,0 +1,71 @@
+<patchinfo incident="packagehub-124">
+  <packager>oertel</packager>
+  <rating>moderate</rating>
+  <category>recommended</category>
+  <summary>Recommended update for gn</summary>
+  <description>This update for gn fixes the following issues:
+
+Changes in gn:
+
+- Update to version 0.20251217:
+  * Fix sha2 on big endian
+  * [Windows] Reduce the number of worker threads on many-core machines
+  * Add a sha256 hash implementation and use it for string_hash
+  * Opt-in to the Windows SegmentHeap
+  * Add a `module_name` flag to source_set.
+  * Refactor module name to be dynamic.
+  * Optimize vector creation in compile_commands_writer.cc.
+  * Run 'tools/run_formatter.sh'
+  * Implement `string_hash` function.
+  * Support weak_libraries
+  * Do not add .inputdeps paths to --ninja-outputs-file
+  * Make clang modules output -fmodule-file=foo=&lt;pcm&gt;.
+  * infra: Revert CIPD autoconf
+  * infra: Include autoconf bin directory to PATH
+  * infra: Fix autoconf executable path
+  * infra: Use CIPD autoconf
+  * Allow led access in GN via http://go/ciba
+  * Revert "Build non-linkable deps async with Ninja's validaitons"
+  * Upgrade linux bots from ubuntu 22.04 to ubuntu 24.04
+  * Use unordered_map instead of map in HeaderChecker
+  * Add --file_relation to gn refs command
+  * Optimize vector initialization and preallocation in desc_builder.cc.
+  * Add `reserve` statement when vector size is known beforehand.
+  * Refactor container update by preferring the range insert.
+  * Handle symlinked directories correctly during gn clean on Windows.
+  * Fix relative imports from args.gn.
+
+- Update to version 0.20250918:
+  * update reference.md
+  * Include -fmodule-file flags in compile_commands.json
+  * Refactor C++ module dependency logic into a new utility
+  * Gitiles navigation bar
+  * Adds a len() function
+  * Avoid clashes of include_dir in rust-project.json.
+  * Check all targets to find duplicated outputs.
+  * infra/config: Remove luci.recipes.use_python3 experiment
+  * Handle empty outputs in WriteInputDepsStampOrPhonyAndGetDep
+  * build: Propagate module dependencies through group targets
+  * Deduplicate item in 'deps', 'sources' and related lists
+  * infra: Update comment for macOS version used in CQ/CI
+  * [Apple] Allow passing a manifest to the post-processing script
+  * Update link to buganizer in README.md
+  * [Apple] Fix `gn gen` when using swift and no_stamp_files
+  * [Apple] Remove deprecated aliases for `post_processing_$var`
+  * Revert "Allow newline in string literal"
+  * Use std::ranges::all_of in parse_tree_unittest
+  * infra: Correctly use macOS 13 instead of 11
+  * Update Xcode and macOS version in bots
+  * infra: Add shadow buckets to trigger led job
+  * Allow newline in string literal
+  * Revert "Update macOS version to 13 used in CQ/CI"
+  * Update macOS version to 13 used in CQ/CI
+  * Refactor command_format.cc
+  * Shorten targets from //path/to/foo:foo to //path/to/foo
+  * Modernize and improve parse_tree.cc
+  * Auto-format the codebase
+  * Remove hardcoded -fmodules-embed-all-files flag
+  * Reland "Use JSON escaping for JSON string output"
+</description>
+  <package>gn</package>
+</patchinfo>

patchinfo.20260212125825503328.255638743075857/_patchinfo

@@ -1,4 +1,4 @@
-<patchinfo>
+<patchinfo incident="packagehub-125">
   <packager>eroca</packager>
   <rating>moderate</rating>
   <category>recommended</category>
@@ -8,4 +8,4 @@
 Introduce motif.
 </description>
   <package>motif</package>
-</patchinfo>
+</patchinfo>

patchinfo.20260213163213815955.255638743075857/_patchinfo

@@ -0,0 +1,37 @@
+<patchinfo>
+  <issue tracker="cve" id="2026-2321">CVE-2026-2321 chromium-browser: Use after free in Ozone</issue>
+  <issue tracker="cve" id="2026-2317">CVE-2026-2317 chromium-browser: Inappropriate implementation in Animation</issue>
+  <issue tracker="cve" id="2026-2322">CVE-2026-2322 chromium-browser: Inappropriate implementation in File input</issue>
+  <issue tracker="cve" id="2026-2313">VUL-0: chromium: release 145.0.7632.45</issue>
+  <issue tracker="cve" id="2026-2319">CVE-2026-2319 chromium-browser: Race in DevTools</issue>
+  <issue tracker="cve" id="2026-2315">CVE-2026-2315 chromium-browser: Inappropriate implementation in WebGPU</issue>
+  <issue tracker="cve" id="2026-2318">CVE-2026-2318 chromium-browser: Inappropriate implementation in PictureInPicture</issue>
+  <issue tracker="cve" id="2026-2314">CVE-2026-2314 chromium-browser: Heap buffer overflow in Codecs</issue>
+  <issue tracker="cve" id="2026-2323">CVE-2026-2323 chromium-browser: Inappropriate implementation in Downloads</issue>
+  <issue tracker="bnc" id="1258116">VUL-0: chromium: release 145.0.7632.45</issue>
+  <issue tracker="cve" id="2026-2316">CVE-2026-2316 chromium-browser: Insufficient policy enforcement in Frames</issue>
+  <issue tracker="cve" id="2026-2320">CVE-2026-2320 chromium-browser: Inappropriate implementation in File input</issue>
+  <packager>oertel</packager>
+  <rating>important</rating>
+  <category>security</category>
+  <summary>Security update for chromium</summary>
+  <description>This update for chromium fixes the following issues:
+
+Changes in chromium:
+
+- Chromium 145.0.7632.45 (boo#1258116)
+  * jpeg-xl support has been readded
+  * CVE-2026-2313: Use after free in CSS
+  * CVE-2026-2314: Heap buffer overflow in Codecs
+  * CVE-2026-2315: Inappropriate implementation in WebGPU
+  * CVE-2026-2316: Insufficient policy enforcement in Frames
+  * CVE-2026-2317: Inappropriate implementation in Animation
+  * CVE-2026-2318: Inappropriate implementation in PictureInPicture
+  * CVE-2026-2319: Race in DevTools
+  * CVE-2026-2320: Inappropriate implementation in File input
+  * CVE-2026-2321: Use after free in Ozone
+  * CVE-2026-2322: Inappropriate implementation in File input
+  * CVE-2026-2323: Inappropriate implementation in Downloads
+</description>
+  <package>chromium</package>
+</patchinfo>