From 056ba2f682503ee03d032c343c500f635a1b71ac Mon Sep 17 00:00:00 2001
From: tigro <tigro@msvsphere-os.ru>
Date: Thu, 18 Jul 2024 13:42:47 +0300
Subject: [PATCH] - update to 126.0.6478.182   * High CVE-2024-6772:
 Inappropriate implementation in V8   * High CVE-2024-6773: Type Confusion in
 V8   * High CVE-2024-6774: Use after free in Screen Capture   * High
 CVE-2024-6775: Use after free in Media Stream   * High CVE-2024-6776: Use
 after free in Audio   * High CVE-2024-6777: Use after free in Navigation   *
 High CVE-2024-6778: Race in DevTools   * High CVE-2024-6779: Out of bounds
 memory access in V8 - fixed rhbz#2293202, chromium Wayland UI regression -
 made qt5-ui and qt6-ui as subpackage

---
 .chromium.metadata          |  4 ++--
 .gitignore                  |  4 ++--
 SOURCES/chromium-browser.sh | 10 --------
 SOURCES/chromium.conf       | 22 +++++++++++++-----
 SPECS/chromium.spec         | 46 ++++++++++++++++++++++++++++++-------
 5 files changed, 58 insertions(+), 28 deletions(-)
 mode change 100755 => 100644 SOURCES/chromium-browser.sh

diff --git a/.chromium.metadata b/.chromium.metadata
index 2cdc53bd..19892f0b 100644
--- a/.chromium.metadata
+++ b/.chromium.metadata
@@ -1,8 +1,8 @@
-d14397bb1b1d31117fe60e2972a726fcacd22927  SOURCES/chromium-126.0.6478.126.tar.xz
+2ddb48a7a9ac3d7bd5a4096c0d29f71ccba563b2  SOURCES/chromium-126.0.6478.182.tar.xz
 dea187019741602d57aaf189a80abba261fbd2aa  SOURCES/linux-x64-0.19.2.tgz
 7e5d2c7864c5c83ec789b59c77cd9c20d2594916  SOURCES/linux-arm64-0.19.2.tgz
 769196d081c6a0ad37f1c63dec56febfff3370de  SOURCES/node-v20.6.1-linux-x64.tar.xz
 3e94bb4f999c636293bc745b02d98e7925da5616  SOURCES/node-v20.6.1-linux-arm64.tar.xz
 8e9bc55cce3899627b2810ecfe87116c5a9147b5  SOURCES/chromium-browser-gost-icons.tar.xz
 a2a9663fa5c46439dafbc1b0f23825b2a8c68acf  SOURCES/msspi-2e626e5a5605cc4c03fa4bfc0145e459864e897a.tar.xz
-331c50296edef889e444e8af0810a18584e418c6  SOURCES/Chromium-Gost-838d51c142d25de55457444e36eb6d14a2b2ac50.tar.xz
+6fa9320397a6393a77152807c6de0306837dcc5f  SOURCES/Chromium-Gost-39c440395462a753a3f064f7e28fdc2bc3173bf2.tar.xz
diff --git a/.gitignore b/.gitignore
index bc9c7395..32655220 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,8 +1,8 @@
-SOURCES/chromium-126.0.6478.126.tar.xz
+SOURCES/chromium-126.0.6478.182.tar.xz
 SOURCES/linux-x64-0.19.2.tgz
 SOURCES/linux-arm64-0.19.2.tgz
 SOURCES/node-v20.6.1-linux-x64.tar.xz
 SOURCES/node-v20.6.1-linux-arm64.tar.xz
 SOURCES/chromium-browser-gost-icons.tar.xz
 SOURCES/msspi-2e626e5a5605cc4c03fa4bfc0145e459864e897a.tar.xz
-SOURCES/Chromium-Gost-838d51c142d25de55457444e36eb6d14a2b2ac50.tar.xz
+SOURCES/Chromium-Gost-39c440395462a753a3f064f7e28fdc2bc3173bf2.tar.xz
diff --git a/SOURCES/chromium-browser.sh b/SOURCES/chromium-browser.sh
old mode 100755
new mode 100644
index 492a4968..4ed62f5b
--- a/SOURCES/chromium-browser.sh
+++ b/SOURCES/chromium-browser.sh
@@ -25,15 +25,6 @@ else
   [ -f "$xdg_app_dir/mimeapps.list" ] || touch "$xdg_app_dir/mimeapps.list"
 fi
 
-# Always use our versions of ffmpeg libs.
-# This also makes RPMs find the compatibly-named library symlinks.
-if [[ -n "$LD_LIBRARY_PATH" ]]; then
-  LD_LIBRARY_PATH="$HERE:$HERE/lib:$LD_LIBRARY_PATH"
-else
-  LD_LIBRARY_PATH="$HERE:$HERE/lib"
-fi
-export LD_LIBRARY_PATH
-
 export CHROME_VERSION_EXTRA="Built from source for @@BUILD_TARGET@@"
 
 # We don't want bug-buddy intercepting our crashes. http://crbug.com/24120
@@ -48,7 +39,6 @@ CHROMIUM_DISTRO_FLAGS=" --enable-plugins \
                         --enable-extensions \
                         --enable-user-scripts \
                         --enable-printing \
-                        --enable-gpu-rasterization \
                         --enable-sync \
                         --auto-ssl-client-auth @@EXTRA_FLAGS@@"
 
diff --git a/SOURCES/chromium.conf b/SOURCES/chromium.conf
index 267f62ee..62cecce8 100644
--- a/SOURCES/chromium.conf
+++ b/SOURCES/chromium.conf
@@ -1,17 +1,25 @@
 # system wide chromium flags
 
+ARCH="$(arch)"
+
 # GRAPHIC_DRIVER=[amd|intel|nvidia|default]
 GRAPHIC_DRIVER=default
 
 # WEB_DARKMODE=[on|off]
 WEB_DARKMODE=off
 
+# NATIVE_WAYLAND=[on|off]
+NATIVE_WAYLAND=off
+
 CHROMIUM_FLAGS=""
-CHROMIUM_FLAGS+=" --enable-native-gpu-memory-buffers"
-CHROMIUM_FLAGS+=" --enable-gpu-memory-buffer-video-frames"
-CHROMIUM_FLAGS+=" --enable-zero-copy"
-CHROMIUM_FLAGS+=" --ignore-gpu-blocklist --disable-gpu-driver-bug-workaround"
-CHROMIUM_FLAGS+=" --enable-chrome-browser-cloud-management"
+if [ "$NATIVE_WAYLAND" == "off" ] ; then
+   CHROMIUM_FLAGS+=" --enable-native-gpu-memory-buffers"
+   CHROMIUM_FLAGS+=" --enable-gpu-memory-buffer-video-frames"
+   CHROMIUM_FLAGS+=" --enable-zero-copy"
+   CHROMIUM_FLAGS+=" --ignore-gpu-blocklist --disable-gpu-driver-bug-workaround"
+   CHROMIUM_FLAGS+=" --enable-chrome-browser-cloud-management"
+   CHROMIUM_FLAGS+=" --enable-gpu-rasterization"
+fi
 
 FEATURES=""
 
@@ -45,4 +53,6 @@ if [ "$WEB_DARKMODE" == "on" ] ; then
    FEATURES+=",$darktype"
 fi
 
-CHROMIUM_FLAGS+=" --enable-features=$FEATURES"
+if [ "$ARCH" == "x86_64" ] ; then
+   CHROMIUM_FLAGS+=" --enable-features=$FEATURES"
+fi
diff --git a/SPECS/chromium.spec b/SPECS/chromium.spec
index 0968d233..98c77b02 100644
--- a/SPECS/chromium.spec
+++ b/SPECS/chromium.spec
@@ -350,8 +350,8 @@
 %endif
 
 Name:	chromium%{chromium_channel}
-Version: 126.0.6478.126
-Release: 1%{?dist}.inferit.1
+Version: 126.0.6478.182
+Release: 1%{?dist}.inferit
 Summary: A WebKit (Blink) powered web browser that Google doesn't want you to use
 Url: http://www.chromium.org/Home
 License: BSD-3-Clause AND LGPL-2.1-or-later AND Apache-2.0 AND IJG AND MIT AND GPL-2.0-or-later AND ISC AND OpenSSL AND (MPL-1.1 OR GPL-2.0-only OR LGPL-2.0-only)
@@ -1204,6 +1204,20 @@ A minimal headless client built from Chromium. headless_shell is built
 without support for alsa, cups, dbus, gconf, gio, kerberos, pulseaudio, or 
 udev.
 
+%package qt5-ui
+Summary: Qt5 UI built from Chromium
+Requires: chromium%{chromium_channel}%{_isa} = %{version}-%{release}
+
+%description qt5-ui
+Qt5 UI for chromium.
+
+%package qt6-ui
+Summary: Qt6 UI built from Chromium
+Requires: chromium%{chromium_channel}%{_isa} = %{version}-%{release}
+
+%description qt6-ui
+Qt6 UI for chromium.
+
 %prep
 %setup -q -n chromium-%{version}
 
@@ -2162,18 +2176,21 @@ getent group chrome-remote-desktop >/dev/null || groupadd -r chrome-remote-deskt
 %{chromium_path}/%{chromium_browser_channel}
 %{chromium_path}/%{chromium_browser_channel}.sh
 %attr(4755, root, root) %{chromium_path}/chrome-sandbox
-%if %{use_qt}
-%{chromium_path}/libqt5_shim.so
-%endif
-%if %{use_qt6}
-%{chromium_path}/libqt6_shim.so
-%endif
 %{_mandir}/man1/%{chromium_browser_channel}.*
 %{_datadir}/icons/hicolor/*/apps/%{chromium_browser_channel}.png
 %{_datadir}/applications/*.desktop
 %{_datadir}/metainfo/*.appdata.xml
 %{_datadir}/gnome-control-center/default-apps/chromium-browser.xml
 
+%if %{use_qt}
+%files qt5-ui
+%{chromium_path}/libqt5_shim.so
+%endif
+
+%if %{use_qt6i}
+%files qt6-ui
+%{chromium_path}/libqt6_shim.so
+%endif
 %files common
 %if %{build_clear_key_cdm}
 %{chromium_path}/libclearkeycdm.so
@@ -2288,6 +2305,19 @@ getent group chrome-remote-desktop >/dev/null || groupadd -r chrome-remote-deskt
 %endif
 
 %changelog
+* Thu Jul 18 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 126.0.6478.182-1.inferit
+- update to 126.0.6478.182
+  * High CVE-2024-6772: Inappropriate implementation in V8
+  * High CVE-2024-6773: Type Confusion in V8
+  * High CVE-2024-6774: Use after free in Screen Capture
+  * High CVE-2024-6775: Use after free in Media Stream
+  * High CVE-2024-6776: Use after free in Audio
+  * High CVE-2024-6777: Use after free in Navigation
+  * High CVE-2024-6778: Race in DevTools
+  * High CVE-2024-6779: Out of bounds memory access in V8
+- fixed rhbz#2293202, chromium Wayland UI regression
+- made qt5-ui and qt6-ui as subpackage
+
 * Tue Jul 09 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 126.0.6478.126-1.inferit.1
 - Fix openh264 build - build with internal openh264