- update to 125.0.6422.141

* High CVE-2024-5493: Heap buffer overflow in WebRTC
  * High CVE-2024-5494: Use after free in Dawn
  * High CVE-2024-5495: Use after free in Dawn
  * High CVE-2024-5496: Use after free in Media Session
  * High CVE-2024-5497: Out of bounds memory access in Keyboard Inputs
  * High CVE-2024-5498: Use after free in Presentation API
  * High CVE-2024-5499: Out of bounds write in Streams API
- fixed rhbz#2264332 - Chromium is unable to send/receive video on MS Teams
- cleanup chromium.conf
i8e changed/i9e/chromium-125.0.6422.141-1.el9.inferit
Arkady L. Shane 7 months ago
parent 114e571134
commit 1f27cca60c
Signed by: tigro
GPG Key ID: 1EC08A25C9DB2503

@ -1,4 +1,4 @@
00af50f76b8a3fdf27f2ba6b1e3c3397fafc0a4f SOURCES/chromium-125.0.6422.112.tar.xz b4d7e98b3c1ced92626341f92503b37b941ddbc1 SOURCES/chromium-125.0.6422.141.tar.xz
dea187019741602d57aaf189a80abba261fbd2aa SOURCES/linux-x64-0.19.2.tgz dea187019741602d57aaf189a80abba261fbd2aa SOURCES/linux-x64-0.19.2.tgz
7e5d2c7864c5c83ec789b59c77cd9c20d2594916 SOURCES/linux-arm64-0.19.2.tgz 7e5d2c7864c5c83ec789b59c77cd9c20d2594916 SOURCES/linux-arm64-0.19.2.tgz
769196d081c6a0ad37f1c63dec56febfff3370de SOURCES/node-v20.6.1-linux-x64.tar.xz 769196d081c6a0ad37f1c63dec56febfff3370de SOURCES/node-v20.6.1-linux-x64.tar.xz

2
.gitignore vendored

@ -1,4 +1,4 @@
SOURCES/chromium-125.0.6422.112.tar.xz SOURCES/chromium-125.0.6422.141.tar.xz
SOURCES/linux-x64-0.19.2.tgz SOURCES/linux-x64-0.19.2.tgz
SOURCES/linux-arm64-0.19.2.tgz SOURCES/linux-arm64-0.19.2.tgz
SOURCES/node-v20.6.1-linux-x64.tar.xz SOURCES/node-v20.6.1-linux-x64.tar.xz

@ -1,3 +1,48 @@
# system wide chromium flags # system wide chromium flags
# GRAPHIC_DRIVER=[amd|intel|nvidia|default]
GRAPHIC_DRIVER=default
# WEB_DARKMODE=[on|off]
WEB_DARKMODE=off
CHROMIUM_FLAGS="" CHROMIUM_FLAGS=""
CHROMIUM_FLAGS+=" --use-gl=angle --use-angle=gl --enable-features=VaapiVideoEncoder,VaapiVideoDecodeLinuxGL" CHROMIUM_FLAGS+=" --enable-native-gpu-memory-buffers"
CHROMIUM_FLAGS+=" --enable-gpu-memory-buffer-video-frames"
CHROMIUM_FLAGS+=" --enable-zero-copy"
CHROMIUM_FLAGS+=" --ignore-gpu-blocklist --disable-gpu-driver-bug-workaround"
CHROMIUM_FLAGS+=" --enable-chrome-browser-cloud-management"
FEATURES=""
case "$GRAPHIC_DRIVER" in
amd)
# Need new mesa with AMD multi planes support, is not yet supported in fedora
# see https://gitlab.freedesktop.org/mesa/mesa/-/merge_requests/26165
CHROMIUM_FLAGS+=" --use-gl=angle --use-angle=vulkan --enable-accelerated-video-decode"
FEATURES+="Vulkan,VulkanFromANGLE,DefaultANGLEVulkan,VaapiIgnoreDriverChecks,VaapiVideoDecoder,UseMultiPlaneFormatForHardwareVideo"
;;
nvidia)
# The NVIDIA VaAPI drivers are known to not support Chromium
# see https://crbug.com/1492880. This feature switch is
# provided for developers to test VaAPI drivers on NVIDIA GPUs
CHROMIUM_FLAGS+=" --use-gl=angle --use-angle=gl"
FEATURES+="VaapiVideoDecodeLinuxGL,VaapiVideoEncoder,VaapiOnNvidiaGPUs"
;;
intel)
CHROMIUM_FLAGS+=" --use-gl=angle --use-angle=gl"
FEATURES+="VaapiVideoEncoder,VaapiVideoDecodeLinuxGL"
;;
*)
CHROMIUM_FLAGS+=" --use-gl=angle --use-angle=gl"
FEATURES+="VaapiVideoEncoder,VaapiVideoDecodeLinuxGL"
;;
esac
# Web Dark mode
if [ "$WEB_DARKMODE" == "on" ] ; then
darktype="WebContentsForceDark:inversion_method/cielab_based/image_behavior/none/foreground_lightness_threshold/150/background_lightness_threshold/205"
FEATURES+=",$darktype"
fi
CHROMIUM_FLAGS+=" --enable-features=$FEATURES"

@ -199,6 +199,11 @@
%endif %endif
%endif %endif
%ifarch ppc64le
# workaround for a bug in new llvm on f40/rawhide (ppc64le)
%global cfi 0
%endif
# set correct toolchain # set correct toolchain
%if %{clang} %if %{clang}
%global toolchain clang %global toolchain clang
@ -337,7 +342,7 @@
%endif %endif
Name: chromium%{chromium_channel} Name: chromium%{chromium_channel}
Version: 125.0.6422.112 Version: 125.0.6422.141
Release: 1%{?dist}.inferit Release: 1%{?dist}.inferit
Summary: A WebKit (Blink) powered web browser that Google doesn't want you to use Summary: A WebKit (Blink) powered web browser that Google doesn't want you to use
Url: http://www.chromium.org/Home Url: http://www.chromium.org/Home
@ -724,7 +729,9 @@ BuildRequires: pkgconfig(Qt6Core)
BuildRequires: pkgconfig(Qt6Widgets) BuildRequires: pkgconfig(Qt6Widgets)
%endif %endif
%if %{cfi} %if 0%{?rhel} == 7
BuildRequires: llvm-toolset-%{llvm_toolset_version}-compiler-rt
%else
BuildRequires: compiler-rt BuildRequires: compiler-rt
%endif %endif
@ -1599,7 +1606,7 @@ sed -i 's|OFFICIAL_BUILD|GOOGLE_CHROME_BUILD|g' tools/generate_shim_headers/gene
CHROMIUM_CORE_GN_DEFINES+=' chrome_pgo_phase=0' CHROMIUM_CORE_GN_DEFINES+=' chrome_pgo_phase=0'
%if ! %{cfi} %if ! %{cfi}
CHROMIUM_CORE_GN_DEFINES+=' is_cfi=false' CHROMIUM_CORE_GN_DEFINES+=' is_cfi=false use_thin_lto=false'
%endif %endif
%if %{useapikey} %if %{useapikey}
@ -2239,6 +2246,18 @@ getent group chrome-remote-desktop >/dev/null || groupadd -r chrome-remote-deskt
%endif %endif
%changelog %changelog
* Sun Jun 2 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 125.0.6422.141-1.inferit
- update to 125.0.6422.141
* High CVE-2024-5493: Heap buffer overflow in WebRTC
* High CVE-2024-5494: Use after free in Dawn
* High CVE-2024-5495: Use after free in Dawn
* High CVE-2024-5496: Use after free in Media Session
* High CVE-2024-5497: Out of bounds memory access in Keyboard Inputs
* High CVE-2024-5498: Use after free in Presentation API
* High CVE-2024-5499: Out of bounds write in Streams API
- fixed rhbz#2264332 - Chromium is unable to send/receive video on MS Teams
- cleanup chromium.conf
* Mon May 27 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 125.0.6422.112-1.inferit * Mon May 27 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 125.0.6422.112-1.inferit
- update to 125.0.6422.112 - update to 125.0.6422.112
* High CVE-2024-5274: Type Confusion in V8 * High CVE-2024-5274: Type Confusion in V8

Loading…
Cancel
Save