Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

chromium-131.0.6778.204-1.fc42 RPM for x86_64

From Fedora Rawhide for x86_64 / c

Name: chromium Distribution: Fedora Project
Version: 131.0.6778.204 Vendor: Fedora Project
Release: 1.fc42 Build date: Fri Dec 20 13:25:28 2024
Group: Unspecified Build host: buildhw-x86-10.iad2.fedoraproject.org
Size: 275431517 Source RPM: chromium-131.0.6778.204-1.fc42.src.rpm
Packager: Fedora Project
Url: http://www.chromium.org/Home
Summary: A WebKit (Blink) powered web browser that Google doesn't want you to use
Chromium is an open-source web browser, powered by WebKit (Blink).

Provides

Requires

License

BSD-3-Clause AND LGPL-2.1-or-later AND Apache-2.0 AND IJG AND MIT AND GPL-2.0-or-later AND ISC AND OpenSSL AND (MPL-1.1 OR GPL-2.0-only OR LGPL-2.0-only)

Changelog

* Thu Dec 19 2024 Than Ngo <than@redhat.com> - 131.0.6778.204-1
  - Update to 131.0.6778.204
    * High CVE-2024-12692: Type Confusion in V8
    * High CVE-2024-12693: Out of bounds memory access in V8
    * High CVE-2024-12694: Use after free in Compositing
    * High CVE-2024-12695: Out of bounds write in V8
* Wed Dec 11 2024 Than Ngo <than@redhat.com> - 131.0.6778.139-1
  - Update to 131.0.6778.139
    * High CVE-2024-12381: Type Confusion in V8
    * High CVE-2024-12382: Use after free in Translate
* Wed Dec 04 2024 Than Ngo <than@redhat.com> - 131.0.6778.108-1
  - Update to 131.0.6778.108
    * High CVE-2024-12053: Type Confusion in V8
* Sat Nov 23 2024 Than Ngo <than@redhat.com> - 131.0.6778.85-2
  - Enable qt-ui
  - Workaround for random crash
* Wed Nov 20 2024 Than Ngo <than@redhat.com> - 131.0.6778.85-1
  - Update to 131.0.6778.85
    * High CVE-2024-11395: Type Confusion in V8
* Tue Nov 12 2024 Than Ngo <than@redhat.com> - 131.0.6778.69-1
  - Update to 131.0.6778.69
    * High CVE-2024-11110: Inappropriate implementation in Blink
    * Medium CVE-2024-11111: Inappropriate implementation in Autofill
    * Medium CVE-2024-11112: Use after free in Media
    * Medium CVE-2024-11113: Use after free in Accessibility
    * Medium CVE-2024-11114: Inappropriate implementation in Views
    * Medium CVE-2024-11115: Insufficient policy enforcement in Navigation
    * Medium CVE-2024-11116: Inappropriate implementation in Paint
    * Low CVE-2024-11117: Inappropriate implementation in FileSystem
* Sun Nov 10 2024 Than Ngo <than@redhat.com> - 130.0.6723.116-1
  - Update to 130.0.6723.116
    * High CVE-2024-10826: Use after free in Family Experience
    * High CVE-2024-10827: Use after free in Serial
* Wed Oct 30 2024 Than Ngo <than@redhat.com> - 130.0.6723.91-1
  - Update to 130.0.6723.91
    * Critical CVE-2024-10487: Out of bounds write in Dawn
    * High CVE-2024-10488: Use after free in WebRTC
* Sat Oct 26 2024 Than Ngo <than@redhat.com> - 130.0.6723.69-1
  - Update to 130.0.6723.69
    * High CVE-2024-10229: Inappropriate implementation in Extensions
    * High CVE-2024-10230: Type Confusion in V8
    * High CVE-2024-10231: Type Confusion in V8
* Mon Oct 21 2024 Than Ngo <than@redhat.com> - 130.0.6723.58-2
  - Add missing pthread stack size for ppc64 (openpower-patches)
* Wed Oct 16 2024 Than Ngo <than@redhat.com> - 130.0.6723.58-1
  - update to 130.0.6723.58
    * High CVE-2024-9954: Use after free in AI
    * Medium CVE-2024-9955: Use after free in Web Authentication
    * Medium CVE-2024-9956: Inappropriate implementation in Web Authentication
    * Medium CVE-2024-9957: Use after free in UI
    * Medium CVE-2024-9958: Inappropriate implementation in PictureInPicture
    * Medium CVE-2024-9959: Use after free in DevTools
    * Medium CVE-2024-9960: Use after free in Dawn
    * Medium CVE-2024-9961: Use after free in Parcel Tracking
    * Medium CVE-2024-9962: Inappropriate implementation in Permissions
    * Medium CVE-2024-9963: Insufficient data validation in Downloads
    * Low CVE-2024-9964: Inappropriate implementation in Payments
    * Low CVE-2024-9965: Insufficient data validation in DevTools
    * Low CVE-2024-9966: Inappropriate implementation in Navigations
* Wed Oct 09 2024 Than Ngo <than@redhat.com> - 129.0.6668.100-1
  - update to 129.0.6668.100
    * CVE-2024-9602: Type Confusion in V8
    * CVE-2024-9603: Type Confusion in V8
* Wed Oct 02 2024 Than Ngo <than@redhat.com> - 129.0.6668.89-1
  - update to 129.0.6668.89
    * High CVE -2024-7025: Integer overflow in Layout
    * High CVE-2024-9369: Insufficient data validation in Mojo
    * High CVE-2024-9370: Inappropriate implementation in V8
* Mon Sep 30 2024 Than Ngo <than@redhat.com> - 129.0.6668.70-3
  - add clang-19 support
* Fri Sep 27 2024 Dominik Mierzejewski <dominik@greysector.net> - 129.0.6668.70-2
  - Rebuilt for FFmpeg 7
* Wed Sep 25 2024 Than Ngo <than@redhat.com> - 129.0.6668.70-1
  - update to 129.0.6668.70
    * High CVE-2024-9120: Use after free in Dawn
    * High CVE-2024-9121: Inappropriate implementation in V8
    * High CVE-2024-9122: Type Confusion in V8
    * High CVE-2024-9123: Integer overflow in Skia
* Thu Sep 19 2024 Than Ngo <than@redhat.com> - 129.0.6668.58-2
  - clean up
* Tue Sep 17 2024 Than Ngo <than@redhat.com> - 129.0.6668.58-1
  - update to 129.0.6668.58
    * High CVE-2024-8904: Type Confusion in V8
    * Medium CVE-2024-8905: Inappropriate implementation in V8
    * Medium CVE-2024-8906: Incorrect security UI in Downloads
    * Medium CVE-2024-8907: Insufficient data validation in Omnibox
    * Low CVE-2024-8908: Inappropriate implementation in Autofill
    * Low CVE-2024-8909: Inappropriate implementation in UI
* Wed Sep 11 2024 Than Ngo <than@redhat.com> - 128.0.6613.137-1
  - update to 128.0.6613.137
    * High CVE-2024-8636: Heap buffer overflow in Skia
    * High CVE-2024-8637: Use after free in Media Router
    * High CVE-2024-8638: Type Confusion in V8
    * High CVE-2024-8639: Use after free in Autofill
* Thu Sep 05 2024 Than Ngo <than@redhat.com> - 128.0.6613.119-1
  - update to 128.0.6613.119
    * High CVE-2024-8362: Use after free in WebAudio
    * High CVE-2024-7970: Out of bounds write in V8
* Wed Aug 07 2024 Than Ngo <than@redhat.com> - 127.0.6533.99-1
  - update to 127.0.6533.99
    * Critical CVE-2024-7532: Out of bounds memory access in ANGLE
    * High CVE-2024-7533: Use after free in Sharing
    * High CVE-2024-7550: Type Confusion in V8
    * High CVE-2024-7534: Heap buffer overflow in Layout
    * High CVE-2024-7535: Inappropriate implementation in V8
    * High CVE-2024-7536: Use after free in WebAudio
* Tue Aug 06 2024 Than Ngo <than@redhat.com> - 127.0.6533.88-3
  - fix rhbz#2294773 - Allow enabling vulkan on ozone wayland for AMD vaapi
  - add ppc64le patch to fix runtime assertion trap on ppc64el systems
  - refresh ppc64le patch to work around broken 64k allocator code on arm64
* Thu Aug 01 2024 Than Ngo <than@redhat.com> - 127.0.6533.88-2
  - remove old patch that seems to be the cause of a crash
    when the user set user.max_user_namespaces to 0
* Wed Jul 31 2024 Than Ngo <than@redhat.com> - 127.0.6533.88-1
  - update to 127.0.6533.88
* Wed Jul 24 2024 Than Ngo <than@redhat.com> - 127.0.6533.72-1
  - update to 127.0.6533.72
  	* CVE-2024-6988: Use after free in Downloads
  	* CVE-2024-6989: Use after free in Loader
  	* CVE-2024-6991: Use after free in Dawn
  	* CVE-2024-6992: Out of bounds memory access in ANGLE
  	* CVE-2024-6993: Inappropriate implementation in Canvas
  	* CVE-2024-6994: Heap buffer overflow in Layout
  	* CVE-2024-6995: Inappropriate implementation in Fullscreen
  	* CVE-2024-6996: Race in Frames
  	* CVE-2024-6997: Use after free in Tabs
  	* CVE-2024-6998: Use after free in User Education
  	* CVE-2024-6999: Inappropriate implementation in FedCM
  	* CVE-2024-7000: Use after free in CSS. Reported by Anonymous
  	* CVE-2024-7001: Inappropriate implementation in HTML
  	* CVE-2024-7003: Inappropriate implementation in FedCM
  	* CVE-2024-7004: Insufficient validation of untrusted input in Safe Browsing
  	* CVE-2024-7005: Insufficient validation of untrusted input in Safe
* Sat Jul 20 2024 Than Ngo <than@redhat.com> - 126.0.6478.182-2
  - fix condition for is_cfi/use_thin_lto on aarch64/ppc64le
  - update powerpc patches
* Tue Jul 16 2024 Than Ngo <than@redhat.com> - 126.0.6478.182-1
  - update to 126.0.6478.182
    * High CVE-2024-6772: Inappropriate implementation in V8
    * High CVE-2024-6773: Type Confusion in V8
    * High CVE-2024-6774: Use after free in Screen Capture
    * High CVE-2024-6775: Use after free in Media Stream
    * High CVE-2024-6776: Use after free in Audio
    * High CVE-2024-6777: Use after free in Navigation
    * High CVE-2024-6778: Race in DevTools
    * High CVE-2024-6779: Out of bounds memory access in V8
* Sun Jul 07 2024 Than Ngo <than@redhat.com> - 126.0.6478.126-2
  - fixed rhbz#2293202, chromium Wayland UI regression
* Tue Jun 25 2024 Than Ngo <than@redhat.com> - 126.0.6478.126-1
  - update to 126.0.6478.126
    * High CVE-2024-6290: Use after free in Dawn
    * High CVE-2024-6291: Use after free in Swiftshader
    * High CVE-2024-6292: Use after free in Dawn
    * High CVE-2024-6293: Use after free in Dawn
* Wed Jun 19 2024 Than Ngo <than@redhat.com> - 126.0.6478.114-1
  - update to 126.0.6478.114
    * High CVE-2024-6100: Type Confusion in V8
    * High CVE-2024-6101: Inappropriate implementation in WebAssembly
    * High CVE-2024-6102: Out of bounds memory access in Dawn
    * High CVE-2024-6103: Use after free in Dawn
* Wed Jun 12 2024 Than Ngo <than@redhat.com> - 126.0.6478.55-1
  - update to 126.0.6478.55
    * High CVE-2024-5830: Type Confusion in V8
    * High CVE-2024-5831: Use after free in Dawn
    * High CVE-2024-5832: Use after free in Dawn
    * High CVE-2024-5833: Type Confusion in V8
    * High CVE-2024-5834: Inappropriate implementation in Dawn
    * High CVE-2024-5835: Heap buffer overflow in Tab Groups
    * High CVE-2024-5836: Inappropriate Implementation in DevTools
    * High CVE-2024-5837: Type Confusion in V8
    * High CVE-2024-5838: Type Confusion in V8
    * Medium CVE-2024-5839: Inappropriate Implementation in Memory Allocator
    * Medium CVE-2024-5840: Policy Bypass in CORS
    * Medium CVE-2024-5841: Use after free in V8
    * Medium CVE-2024-5842: Use after free in Browser UI
    * Medium CVE-2024-5843: Inappropriate implementation in Downloads
    * Medium CVE-2024-5844: Heap buffer overflow in Tab Strip
    * Medium CVE-2024-5845: Use after free in Audio
    * Medium CVE-2024-5846: Use after free in PDFium
    * Medium CVE-2024-5847: Use after free in PDFium
* Fri May 31 2024 Than Ngo <than@redhat.com> - 125.0.6422.141-1
  - update to 125.0.6422.141
    * High CVE-2024-5493: Heap buffer overflow in WebRTC
    * High CVE-2024-5494: Use after free in Dawn
    * High CVE-2024-5495: Use after free in Dawn
    * High CVE-2024-5496: Use after free in Media Session
    * High CVE-2024-5497: Out of bounds memory access in Keyboard Inputs
    * High CVE-2024-5498: Use after free in Presentation API
    * High CVE-2024-5499: Out of bounds write in Streams API
  - fixed rhbz#2264332 - Chromium is unable to send/receive video on MS Teams
  - cleanup chromium.conf
* Wed May 29 2024 Than Ngo <than@redhat.com> - 125.0.6422.112-3
  - build against noopenh264
* Tue May 28 2024 Than Ngo <than@redhat.com> - 125.0.6422.112-2
  - Workaround for build error on pp64le
* Sun May 26 2024 Than Ngo <than@redhat.com> - 125.0.6422.112-1
  - update to 125.0.6422.112
    * High CVE-2024-5274: Type Confusion in V8
* Wed May 22 2024 Than Ngo <than@redhat.com> - 125.0.6422.76-1
  - fix bz#2282246, update to 125.0.6422.76
    * High CVE-2024-5157: Use after free in Scheduling
    * High CVE-2024-5158: Type Confusion in V8
    * High CVE-2024-5159: Heap buffer overflow in ANGLE
    * High CVE-2024-5160: Heap buffer overflow in Dawn
  - cleanup
* Mon May 20 2024 Than Ngo <than@redhat.com> - 125.0.6422.60-3
  - remove unneeded BRs
  - workarounds for el7 build
* Sun May 19 2024 Than Ngo <than@redhat.com> - 125.0.6422.60-2
  - fix build errors on el7
* Thu May 16 2024 Than Ngo <than@redhat.com> - 125.0.6422.60-1
  - update to 125.0.6422.60
    * High CVE-2024-4947: Type Confusion in V8
    * High CVE-2024-4948: Use after free in Dawn
    * Medium CVE-2024-4949: Use after free in V8
    * Low CVE-2024-4950: Inappropriate implementation in Downloads
* Sun May 12 2024 Than Ngo <than@redhat.com> - 125.0.6422.41-1
  - update to 125.0.6422.41
* Sat May 11 2024 Than Ngo <than@redhat.com> - 124.0.6367.201-2
  - include headless_command_resources.pak for headless_shell
* Fri May 10 2024 Than Ngo <than@redhat.com> - 124.0.6367.201-1
  - update to 124.0.6367.201
    * High CVE-2024-4671: Use after free in Visuals
* Wed May 08 2024 Than Ngo <than@redhat.com> - 124.0.6367.155-1
  - update to 124.0.6367.155
    * High CVE-2024-4558: Use after free in ANGLE
    * High CVE-2024-4559: Heap buffer overflow in WebAudio
* Sun May 05 2024 Than Ngo <than@redhat.com> - 124.0.6367.118-2
  - fixed build errors on el8
  - refreshed clean_ffmpeg.sh
  - added missing files for bundle ffmpeg
* Wed May 01 2024 Than Ngo <than@redhat.com> - 124.0.6367.118-1
  - update to 124.0.6367.118
    * High CVE-2024-4331: Use after free in Picture In Picture
    * High CVE-2024-4368: Use after free in Dawn
  - use system highway
* Sat Apr 27 2024 Than Ngo <than@redhat.com> - 124.0.6367.91-1
  - update to 124.0.6367.91
  - fixed bz#2277228 - chromium wrapper causes library issues (symbol lookup error)
  - use system dav1d
* Wed Apr 24 2024 Than Ngo <than@redhat.com> - 124.0.6367.78-1
  - update to 124.0.6367.78
    * Critical CVE-2024-4058: Type Confusion in ANGLE
    * High CVE-2024-4059: Out of bounds read in V8 API
    * High CVE-2024-4060: Use after free in Dawn
* Sat Apr 20 2024 Than Ngo <than@redhat.com> - 124.0.6367.60-2
  - fix waylang regression
* Tue Apr 16 2024 Than Ngo <than@redhat.com> - 124.0.6367.60-1
  - update to 124.0.6367.60
* Thu Apr 11 2024 Than Ngo <than@redhat.com> - 123.0.6312.122-1
  - update to 123.0.6312.122
    * High CVE-2024-3157: Out of bounds write in Compositing
    * High CVE-2024-3516: Heap buffer overflow in ANGLE
    * High CVE-2024-3515: Use after free in Dawn
* Wed Apr 03 2024 Than Ngo <than@redhat.com> - 123.0.6312.105-1
  - update to 123.0.6312.105
    * High CVE-2024-3156: Inappropriate implementation in V8
    * High CVE-2024-3158: Use after free in Bookmarks
    * High CVE-2024-3159: Out of bounds memory access in V8
* Wed Mar 27 2024 Than Ngo <than@redhat.com> - 123.0.6312.86-2
  - update to 123.0.6312.86
    * Critical CVE-2024-2883: Use after free in ANGLE
    * High CVE-2024-2885: Use after free in Daw
    * High CVE-2024-2886: Use after free in WebCodecs
    * High CVE-2024-2887: Type Confusion in WebAssembly
* Sat Mar 23 2024 Than Ngo <than@redhat.com> - 123.0.6312.58-2
  - fixed bz#2269768 - enable build ppc64le package for F40
  - fixed bz#2270321 - VAAPI flags in chromium.conf are out of date
  - fixed bz#2271183 - disable screen ai service
* Wed Mar 20 2024 Than Ngo <than@redhat.com> - 123.0.6312.58-1
  - update to 123.0.6312.58
     * High CVE-2024-2625: Object lifecycle issue in V8
     * Medium CVE-2024-2626: Out of bounds read in Swiftshader
     * Medium CVE-2024-2627: Use after free in Canvas
     * Medium CVE-2024-2628: Inappropriate implementation in Downloads
     * Medium CVE-2024-2629: Incorrect security UI in iOS
     * Medium CVE-2024-2630: Inappropriate implementation in iOS
     * Low CVE-2024-2631: Inappropriate implementation in iOS
* Fri Mar 15 2024 Than Ngo <than@redhat.com> - 123.0.6312.46-1
  - update to 123.0.6312.46
* Wed Mar 13 2024 Than Ngo <than@redhat.com> - 122.0.6261.128-1
  - upstream security release 122.0.6261.128
     * High CVE-2024-2400: Use after free in Performance Manager
* Mon Mar 11 2024 Than Ngo <than@redhat.com> - 122.0.6261.111-2
  - enable ppc64le build
* Wed Mar 06 2024 Than Ngo <than@redhat.com> - 122.0.6261.111-1
  - upstream security release 122.0.6261.111
     * High CVE-2024-2173: Out of bounds memory access in V8
     * High CVE-2024-2174: Inappropriate implementation in V8
     * High CVE-2024-2176: Use after free in FedCM
* Sat Mar 02 2024 Jiri Vanek <jvanek@redhat.com> - 122.0.6261.94-2
  - Rebuilt for java-21-openjdk as system jdk
* Wed Feb 28 2024 Than Ngo <than@redhat.com> - 122.0.6261.94-1
  - upstream security release 122.0.6261.94
    * High : Type Confusion in V8
  - fixed bz#2265957, added correct platform in chromium use agent
* Tue Feb 27 2024 Łukasz Wojniłowicz <lukasz.wojnilowicz@gmail.com> - 122.0.6261.69-3
  - Make building of chromedriver optional
* Tue Feb 27 2024 Jiri Vanek <jvanek@redhat.com> - 122.0.6261.69-2
  - Rebuilt for java-21-openjdk as system jdk
* Fri Feb 23 2024 Than Ngo <than@redhat.com> - 122.0.6261.69-1
  - update to 122.0.6261.69
  - fix build error on el8
  - bz#2265039, built with -fwrapv for improved memory safety
  - bz#2265043, built with -ftrivial-auto-var-init=zero for improved security and preditability
* Wed Feb 21 2024 Than Ngo <than@redhat.com> - 122.0.6261.57-1
  - update to 122.0.6261.57
     * High CVE-2024-1669: Out of bounds memory access in Blink
     * High CVE-2024-1670: Use after free in Mojo
     * Medium CVE-2024-1671: Inappropriate implementation in Site Isolation
     * Medium CVE-2024-1672: Inappropriate implementation in Content Security Policy
     * Medium CVE-2024-1673: Use after free in Accessibility
     * Medium CVE-2024-1674: Inappropriate implementation in Navigation
     * Medium CVE-2024-1675: Insufficient policy enforcement in Download
     * Low CVE-2024-1676: Inappropriate implementation in Navigation.
* Sun Feb 18 2024 Than Ngo <than@redhat.com> - 122.0.6261.39-1
  - update to 122.0.6261.39
* Wed Feb 14 2024 Than Ngo <than@redhat.com> - 121.0.6167.184-1
  - update to 121.0.6167.184
* Wed Feb 07 2024 Than Ngo <than@redhat.com> - 121.0.6167.160-1
  - update to 121.0.6167.160
    * High CVE-2024-1284: Use after free in Mojo
    * High CVE-2024-1283: Heap buffer overflow in Skia
* Thu Feb 01 2024 Than Ngo <than@redhat.com> - 121.0.6167.139-2
  - Support for 64K pages on Linux/AArch64
* Wed Jan 31 2024 Than Ngo <than@redhat.com> - 121.0.6167.139-1
  - update to 121.0.6167.139
    * High CVE-2024-1060: Use after free in Canvas
    * High CVE-2024-1059: Use after free in WebRTC
    * High CVE-2024-1077: Use after free in Network
* Wed Jan 24 2024 Than Ngo <than@redhat.com> - 121.0.6167.85-1
  - update to 121.0.6167.85
    * High CVE-2024-0807: Use after free in WebAudio
    * High CVE-2024-0812: Inappropriate implementation in Accessibility
    * High CVE-2024-0808: Integer underflow in WebUI
    * Medium CVE-2024-0810: Insufficient policy enforcement in DevTools
    * Medium CVE-2024-0814: Incorrect security UI in Payments
    * Medium CVE-2024-0813: Use after free in Reading Mode
    * Medium CVE-2024-0806: Use after free in Passwords
    * Medium CVE-2024-0805: Inappropriate implementation in Downloads
    * Medium CVE-2024-0804: Insufficient policy enforcement in iOS Security UI
    * Low CVE-2024-0811: Inappropriate implementation in Extensions API
    * Low CVE-2024-0809: Inappropriate implementation in Autofill
* Tue Jan 23 2024 Than Ngo <than@redhat.com> - 121.0.6167.71-1
  - update to 121.0.6167.71
* Tue Jan 23 2024 Fedora Release Engineering <releng@fedoraproject.org> - 120.0.6099.224-2
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Tue Jan 16 2024 Than Ngo <than@redhat.com> - 120.0.6099.224-1
  - update to 120.0.6099.224
    * High CVE-2024-0517: Out of bounds write in V8
    * High CVE-2024-0518: Type Confusion in V8
    * High CVE-2024-0519: Out of bounds memory access in V8
* Wed Jan 10 2024 Than Ngo <than@redhat.com> - 120.0.6099.216-1
  - update to 120.0.6099.216
    * High CVE-2024-0333: Insufficient data validation in Extensions
* Thu Jan 04 2024 Than Ngo <than@redhat.com> - 120.0.6099.199-1
  - new gn update, drop workaround for broken gn on epel 8/9
  - update to 120.0.6099.199
     * CVE-2024-0222: Use after free in ANGLE
     * CVE-2024-0223: Heap buffer overflow in ANGLE
     * CVE-2024-0224: Use after free in WebAudio
     * CVE-2024-0225: Use after free in WebGPU
* Thu Dec 21 2023 Than Ngo <than@redhat.com> - 120.0.6099.129-1
  - update to 120.0.6099.129
    * High CVE-2023-7024: Heap buffer overflow in WebRTC
* Wed Dec 13 2023 Than Ngo <than@redhat.com> - 120.0.6099.109-1
  - update to 120.0.6099.109
     * High CVE-2023-6702: Type Confusion in V8
     * High CVE-2023-6703: Use after free in Blink
     * High CVE-2023-6704: Use after free in libavif
     * High CVE-2023-6705: Use after free in WebRTC
     * High CVE-2023-6706: Use after free in FedCM
     * Medium CVE-2023-6707: Use after free in CSS
* Fri Dec 08 2023 Than Ngo <than@redhat.com> - 120.0.6099.71-1
  - update to 120.0.6099.71
* Wed Dec 06 2023 Than Ngo <than@redhat.com> - 120.0.6099.62-2
  - drop unsupported ldflag which caused build failure
* Tue Dec 05 2023 Than Ngo <than@redhat.com> - 120.0.6099.62-1
  - update to 120.0.6099.62
  - fixed bz#2252874, built with control flow integrity (CFI) support
* Sat Dec 02 2023 Than Ngo <than@redhat.com> - 120.0.6099.56-1
  - update to 120.0.6099.56 
  - enable qt6 UI backend
* Sat Dec 02 2023 Than Ngo <than@redhat.com> - 119.0.6045.199-2
  - fixed bz#2242271, built with bundleminizip in fedora > 39
  - fixed bz#2251884, built with fstack-protector-strong for improved security
* Wed Nov 29 2023 Than Ngo <than@redhat.com> - 119.0.6045.199-1
  - update to 119.0.6045.199
* Sun Nov 19 2023 Than Ngo <than@redhat.com> - 119.0.6045.159-2
  - fix ffmpeg conflicts
* Wed Nov 15 2023 Than Ngo <than@redhat.com> - 119.0.6045.159-1
  - update to 119.0.6045.159, upstream security release
     High CVE-2023-5997, use after free in Garbage Collection
     High CVE-2023-6112, use after free in Navigation
  - add Requires/Conflicts for ABI break in fmpeg-free 6.0.1
  - drop first_dts patch, reintroduce first_dts patch in ffmpeg-free-6.0.1
  - fixed python3 syntaxWarning: invalid escape sequenc
  - skip clang's patches for epel8 that now gets clang-16 update
* Mon Nov 13 2023 Than Ngo <than@redhat.com> - 119.0.6045.123-2
  - fixed bz#2240127, Some h.264 mp4s do not play
* Wed Nov 08 2023 Than Ngo <than@redhat.com> - 119.0.6045.123-1
  - update to 119.0.6045.123, include following security fixes:
    high CVE-2023-5996: Use after free in WebAudio
* Tue Nov 07 2023 Than Ngo <than@redhat.com> - 119.0.6045.105-2
  - enable debuginfo
* Wed Nov 01 2023 Than Ngo <than@redhat.com> - 119.0.6045.105-1
  - update to 119.0.6045.105
* Fri Oct 27 2023 Than Ngo <than@redhat.com> - 119.0.6045.59-1
  - update 119.0.6045.59
* Wed Oct 25 2023 Than Ngo <than@redhat.com> - 118.0.5993.117-1
  - update to 118.0.5993.117
* Wed Oct 18 2023 Than Ngo <than@redhat.com> - 118.0.5993.88-1
  - update to 118.0.5993.88
  - cleanup the package dependencies
* Mon Oct 16 2023 Than Ngo <than@redhat.com> - 118.0.5993.70-2
  - fix tab crash with SIGTRAP when using system ffmpeg
* Wed Oct 11 2023 Than Ngo <than@redhat.com> - 118.0.5993.70-1
  - update to 118.0.5993.70
      - CVE-2023-5218: Use after free in Site Isolation.
      - CVE-2023-5487: Inappropriate implementation in Fullscreen.
      - CVE-2023-5484: Inappropriate implementation in Navigation.
      - CVE-2023-5475: Inappropriate implementation in DevTools.
      - CVE-2023-5483: Inappropriate implementation in Intents.
      - CVE-2023-5481: Inappropriate implementation in Downloads.
      - CVE-2023-5476: Use after free in Blink History.
      - CVE-2023-5474: Heap buffer overflow in PDF.
      - CVE-2023-5479: Inappropriate implementation in Extensions API.
      - CVE-2023-5485: Inappropriate implementation in Autofill.
      - CVE-2023-5478: Inappropriate implementation in Autofill.
      - CVE-2023-5477: Inappropriate implementation in Installer.
      - CVE-2023-5486: Inappropriate implementation in Input.
      - CVE-2023-5473: Use after free in Cast.
* Sat Oct 07 2023 Than Ngo <than@redhat.com> - 118.0.5993.54-1
  - update to 118.0.5993.54
  - drop use_gnome_keyring as it's removed by upstream
* Thu Oct 05 2023 Than Ngo <than@redhat.com> - 117.0.5938.149-1
  - update to 117.0.5938.149
  - fix CVE-2023-5346: Type Confusion in V8
* Fri Sep 29 2023 Than Ngo <than@redhat.com> - 117.0.5938.132-2
  - add workaround for the crash on BTI capable system
* Thu Sep 28 2023 Than Ngo <than@redhat.com> - 117.0.5938.132-1
  - update to 117.0.5938.132
  - CVE-2023-5217, heap buffer overflow in vp8 encoding in libvpx.
  - CVE-2023-5186, use after free in Passwords.
  - CVE-2023-5187, use after free in Extensions.
  
* Sat Sep 23 2023 Than Ngo <than@redhat.com> - 117.0.5938.92-2
  - backport upstream patch to fix memory leak
* Fri Sep 22 2023 Than Ngo <than@redhat.com> - 117.0.5938.92-1
  - update to 117.0.5938.92
* Sun Sep 17 2023 Than Ngo <than@redhat.com> - 117.0.5938.88-1
  - update to 117.0.5938.88
* Wed Sep 13 2023 Than Ngo <than@redhat.com> - 117.0.5938.62-1
  - update to 117.0.5938.62
* Tue Sep 12 2023 Than Ngo <than@redhat.com> - 116.0.5845.187-1
  - update to 116.0.5845.187
* Fri Sep 08 2023 Than Ngo <than@redhat.com> - 116.0.5845.179-1
  - update to 116.0.5845.179
* Tue Aug 15 2023 Than Ngo <than@redhat.com> - 116.0.5845.96-1
  - update to 116.0.5845.96
* Wed Aug 09 2023 Than Ngo <than@redhat.com> - 115.0.5790.170-2
  - set use_all_cpus=1 for aarch64
* Thu Aug 03 2023 Than Ngo <than@redhat.com> - 115.0.5790.170-1
  - update to 115.0.5790.170
* Wed Jul 26 2023 Than Ngo <than@redhat.com> - 115.0.5790.110-1
  - update to 115.0.5790.110
* Sat Jul 22 2023 Than Ngo <than@redhat.com> - 115.0.5790.102-1
  - update to 115.0.5790.102
* Tue Jul 18 2023 Than Ngo <than@redhat.com> - 115.0.5790.98-1
  - update to 115.0.5790.98
* Tue Jun 27 2023 Than Ngo <than@redhat.com> - 114.0.5735.198-1
  - update to 114.0.5735.198
* Wed Jun 14 2023 Than Ngo <than@redhat.com> - 114.0.5735.133-1
  - update to 114.0.5735.133 
  - Enable AllowQt feature flag
  - Fix Qt deps
  - Fix Qt logical scale factor
* Wed Jun 07 2023 Than Ngo <than@redhat.com> - 114.0.5735.106-1
  - update to 114.0.5735.106
* Sun May 28 2023 Than Ngo <than@redhat.com> - 114.0.5735.45-1
  - update to 114.0.5735.45
  - add qt6 linuxui backend
  - backport: handle scale factor changes
  - backport: fix font double_scaling
* Wed May 17 2023 Than Ngo <than@redhat.com> - 113.0.5672.126-1
  - drop clang workaround for el8
  - update to 113.0.5672.126
* Tue May 09 2023 Than Ngo <than@redhat.com> - 113.0.5672.92-1
  - update to 113.0.5672.92
* Wed May 03 2023 Than Ngo <than@redhat.com> - 113.0.5672.63-1
  - update to 113.0.5672.63
* Sun Apr 23 2023 Than Ngo <than@redhat.com> - 112.0.5615.165-2
  - make --use-gl=egl default for x11/wayland
  - enable WebUIDarkMode
* Thu Apr 20 2023 Than Ngo <than@redhat.com> - 112.0.5615.165-1
  - update to 112.0.5615.165
* Mon Apr 17 2023 Than Ngo <than@redhat.com> - 112.0.5615.121-2
  - fix vaapi issue on xwayland
  - fix the build order, chrome_feed_response_metadata.pb.h file not found
  - fix compiler flags and typo
* Sat Apr 15 2023 Than Ngo <than@redhat.com> - 112.0.5615.121-1
  - update to 112.0.5615.121
* Wed Apr 05 2023 Than Ngo <than@redhat.com> - 112.0.5615.49-1
  - update to 112.0.5615.49
  - fix #2184142, Small fonts in menus
* Tue Mar 28 2023 Than Ngo <than@redhat.com> - 111.0.5563.146-1
  - update to 111.0.5563.146
* Sat Mar 25 2023 Neal Gompa <ngompa@fedoraproject.org> - 111.0.5563.110-2
  - Fix ffmpeg note in README.fedora
* Wed Mar 22 2023 Than Ngo <than@redhat.com> - 111.0.5563.110-1
  - update to 111.0.5563.110
* Sun Mar 12 2023 Neal Gompa <ngompa@fedoraproject.org> - 111.0.5563.64-2
  - Rebuild for ffmpeg 6.0
* Tue Mar 07 2023 Than Ngo <than@redhat.com> - 111.0.5563.64-1
  - update to 111.0.5563.64
* Mon Mar 06 2023 Than Ngo <than@redhat.com> - 111.0.5563.50-1
  - update to 111.0.5563.50
  - system freetype on fedora > 36
* Thu Feb 23 2023 Than Ngo <than@redhat.com> - 110.0.5481.177-1
  - update to 110.0.5481.177
  - workaround for crash on aarch64, rhel8
* Wed Feb 22 2023 Jan Grulich <jgrulich@redhat.com> - 110.0.5481.100-3
  - Enable PipeWire screen sharing on RHEL8+
* Tue Feb 21 2023 Than Ngo <than@redhat.com> - 110.0.5481.100-2
  - fixed bz#2036205, failed to load GLES library
* Fri Feb 17 2023 Than Ngo <than@redhat.com> - 110.0.5481.100-1
  - update to 110.0.5481.100
* Thu Feb 16 2023 Than Ngo <than@redhat.com> - 110.0.5481.77-2
  - fix #2071126, enable support V4L2 stateless decoders for aarch64 plattform
  - fix prefers-color-scheme
  - drop snapshot_blob.bin, replace snapshot_blob.bin with v8_context_snapshot.bin
  - move headless_lib*.pak to headless subpackage
* Wed Feb 08 2023 Than Ngo <than@redhat.com> - 110.0.5481.77-1
  - update to 110.0.5481.77
* Sat Feb 04 2023 Than Ngo <than@redhat.com> - 110.0.5481.61-1
  - update to 110.0.5481.61
* Thu Feb 02 2023 Jan Grulich <jgrulich@redhat.com> - 109.0.5414.119-2
  - Use ffmpeg decoders for h264 support
* Wed Jan 25 2023 Than Ngo <than@redhat.com> - 109.0.5414.119-1
  - update to 109.0.5414.119
* Sun Jan 22 2023 Than Ngo <than@redhat.com> - 109.0.5414.74-4
  - clean up
* Wed Jan 18 2023 Fedora Release Engineering <releng@fedoraproject.org> - 109.0.5414.74-3
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Sun Jan 15 2023 Than Ngo <than@redhat.com> - 109.0.5414.74-2
  - conditionalize system_build_flags
  - cleaned up gn defines
  - add BR on python3-importlib-metadata
  - set correct toolchain gcc|clang
  - fix FTBFS with gcc13
* Wed Jan 11 2023 Than Ngo <than@redhat.com> - 109.0.5414.74-1
  - update to 109.0.5414.74
* Tue Jan 10 2023 Than Ngo <than@redhat.com> - 108.0.5359.124-5
  - enable qt backend for el >= 9 and fedora >= 35
  - drop i686
  - conditional BR on java-1.8.0-openjdk-headless
* Sun Jan 08 2023 Than Ngo <than@redhat.com> - 108.0.5359.124-4
  - vaapi support for wayland
* Wed Jan 04 2023 Than Ngo <than@redhat.com> - 108.0.5359.124-3
  - build with system ffmpeg-free and system libaom
  - fix widewine extension issue
  - vaapi, disable UseChromeOSDirectVideoDecoder
  - workaround for linking issue in clang <= 14
* Sun Jan 01 2023 Tom Callaway <spot@fedoraproject.org> - 108.0.5359.124-2
  - turn headless back on (chrome-remote-desktop will stay off, probably forever)
* Wed Dec 28 2022 Than Ngo <than@redhat.com> - 108.0.5359.124-1
  - update to 108.0.5359.124
  - switch to clang

Files

/etc/chromium/chromium.conf
/etc/chromium/master_preferences
/etc/chromium/policies
/etc/chromium/policies/managed
/etc/chromium/policies/recommended
/usr/bin/chromium-browser
/usr/lib64/chromium-browser/chrome-sandbox
/usr/lib64/chromium-browser/chrome_100_percent.pak
/usr/lib64/chromium-browser/chrome_200_percent.pak
/usr/lib64/chromium-browser/chrome_crashpad_handler
/usr/lib64/chromium-browser/chromium-browser
/usr/lib64/chromium-browser/chromium-browser.sh
/usr/lib64/chromium-browser/resources.pak
/usr/lib64/chromium-browser/v8_context_snapshot.bin
/usr/share/applications/chromium-browser.desktop
/usr/share/doc/chromium
/usr/share/doc/chromium/AUTHORS
/usr/share/doc/chromium/README.fedora
/usr/share/doc/chromium/chrome.json
/usr/share/doc/chromium/chrome_policy_list.html
/usr/share/gnome-control-center/default-apps/chromium-browser.xml
/usr/share/icons/hicolor/128x128/apps/chromium-browser.png
/usr/share/icons/hicolor/24x24/apps/chromium-browser.png
/usr/share/icons/hicolor/256x256/apps/chromium-browser.png
/usr/share/icons/hicolor/48x48/apps/chromium-browser.png
/usr/share/icons/hicolor/64x64/apps/chromium-browser.png
/usr/share/licenses/chromium
/usr/share/licenses/chromium/LICENSE
/usr/share/man/man1/chromium-browser.1.gz
/usr/share/metainfo/chromium-browser.appdata.xml


Generated by rpm2html 1.8.1

Fabrice Bellet, Sat Dec 28 23:58:45 2024