diff --git a/.chromium.metadata b/.chromium.metadata index 8c8208ff..185db037 100644 --- a/.chromium.metadata +++ b/.chromium.metadata @@ -1,3 +1,3 @@ -70546b31d97bfc860ac0cce544dbfd79b831ed8f SOURCES/chromium-130.0.6723.91-clean.tar.xz +b2385297941e52614c7f1d3cc7b8acada8257fda SOURCES/chromium-130.0.6723.116-clean.tar.xz 7e5d2c7864c5c83ec789b59c77cd9c20d2594916 SOURCES/linux-arm64-0.19.2.tgz dea187019741602d57aaf189a80abba261fbd2aa SOURCES/linux-x64-0.19.2.tgz diff --git a/.gitignore b/.gitignore index ebec3aee..248844c2 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,3 @@ -SOURCES/chromium-130.0.6723.91-clean.tar.xz +SOURCES/chromium-130.0.6723.116-clean.tar.xz SOURCES/linux-arm64-0.19.2.tgz SOURCES/linux-x64-0.19.2.tgz diff --git a/SOURCES/chromium.conf b/SOURCES/chromium.conf index 62cecce8..d89ba3cc 100644 --- a/SOURCES/chromium.conf +++ b/SOURCES/chromium.conf @@ -34,7 +34,7 @@ case "$GRAPHIC_DRIVER" in # The NVIDIA VaAPI drivers are known to not support Chromium # see https://crbug.com/1492880. This feature switch is # provided for developers to test VaAPI drivers on NVIDIA GPUs - CHROMIUM_FLAGS+=" --use-gl=angle --use-angle=gl" + CHROMIUM_FLAGS+=" --use-gl=angle --use-angle=gl --disable-gpu-compositing" FEATURES+="VaapiVideoDecodeLinuxGL,VaapiVideoEncoder,VaapiOnNvidiaGPUs" ;; intel) diff --git a/SPECS/chromium.spec b/SPECS/chromium.spec index 9ed31430..c094527b 100644 --- a/SPECS/chromium.spec +++ b/SPECS/chromium.spec @@ -273,7 +273,7 @@ %endif Name: chromium%{chromium_channel} -Version: 130.0.6723.91 +Version: 130.0.6723.116 Release: 1%{?dist} Summary: A WebKit (Blink) powered web browser that Google doesn't want you to use Url: http://www.chromium.org/Home @@ -1917,6 +1917,11 @@ getent group chrome-remote-desktop >/dev/null || groupadd -r chrome-remote-deskt %endif %changelog +* Sun Nov 10 2024 Than Ngo - 130.0.6723.116-1 +- Update to 130.0.6723.116 + * High CVE-2024-10826: Use after free in Family Experience + * High CVE-2024-10827: Use after free in Serial + * Wed Oct 30 2024 Than Ngo - 130.0.6723.91-1 - Update to 130.0.6723.91 * Critical CVE-2024-10487: Out of bounds write in Dawn