diff --git a/chromium.spec b/chromium.spec index 81d46f97..ef42c045 100644 --- a/chromium.spec +++ b/chromium.spec @@ -193,17 +193,12 @@ # enable gtk3 by default %global gtk3 1 -# enable|disable system brotli -# disable system brotli due to old system brotli on el and fedora < 38 -%global bundlebrotli 1 -%if 0%{?fedora} > 38 -%global bundlebrotli 0 -%endif - # Chromium's fork of ICU is now something we can't unbundle. # This is left here to ease the change if that ever switches. %global bundleicu 1 +# system libre2.so is not supported with use_custom_libcxx=true +# because the library's interface relies on libstdc++'s std::string and std::vector. %global bundlere2 1 # The libxml_utils code depends on the specific bundled libxml checkout @@ -211,6 +206,8 @@ # 2017-06-08. %global bundlelibxml 1 +%global bundlelibaom 1 + # Fedora's Python 2 stack is being removed, we use the bundled Python libraries # This can be revisited once we upgrade to Python 3 %global bundlepylibs 0 @@ -234,14 +231,19 @@ %global bundlelibdrm 1 %global bundlefontconfig 1 %global bundleffmpegfree 1 -%global bundlelibaom 1 +%global bundlebrotli 1 %else -# Chromium really wants to use its bundled harfbuzz. Sigh. %if 0%{?fedora} > 37 %global bundleharfbuzz 0 %else %global bundleharfbuzz 1 %endif +# disable system brotli due to old system brotli on el and fedora < 38 +%if 0%{?fedora} > 38 +%global bundlebrotli 0 +%else +%global bundlebrotli 1 +%endif %global bundleopus 0 %global bundlelibusbx 0 %global bundlelibwebp 0 @@ -250,13 +252,7 @@ %global bundlelibdrm 0 %global bundlefontconfig 0 %global bundleffmpegfree 0 -%global bundlelibaom 1 -# system freetype on fedora > 36 -%if 0%{?fedora} %global bundlefreetype 0 -%else -%global bundlefreetype 1 -%endif %endif ### From 2013 until early 2021, Google permitted distribution builds of @@ -293,7 +289,7 @@ %endif Name: chromium%{chromium_channel} -Version: 120.0.6099.71 +Version: 120.0.6099.109 Release: 1%{?dist} Summary: A WebKit (Blink) powered web browser that Google doesn't want you to use Url: http://www.chromium.org/Home @@ -1196,10 +1192,14 @@ CHROMIUM_CORE_GN_DEFINES+=' enable_nacl=false' CHROMIUM_CORE_GN_DEFINES+=' system_libdir="%{_lib}"' %if %{official_build} -CHROMIUM_CORE_GN_DEFINES+=' is_official_build=true chrome_pgo_phase=0' +CHROMIUM_CORE_GN_DEFINES+=' is_official_build=true' sed -i 's|OFFICIAL_BUILD|GOOGLE_CHROME_BUILD|g' tools/generate_shim_headers/generate_shim_headers.py %endif +%if 0%{?rhel} || 0%{?fedora} < 39 +CHROMIUM_CORE_GN_DEFINES+=' chrome_pgo_phase=0' +%endif + %if %{cfi} CHROMIUM_CORE_GN_DEFINES+=' is_cfi=true' %else @@ -1770,6 +1770,15 @@ getent group chrome-remote-desktop >/dev/null || groupadd -r chrome-remote-deskt %{chromium_path}/chromedriver %changelog +* Wed Dec 13 2023 Than Ngo - 120.0.6099.109-1 +- update to 120.0.6099.109 + * High CVE-2023-6702: Type Confusion in V8 + * High CVE-2023-6703: Use after free in Blink + * High CVE-2023-6704: Use after free in libavif + * High CVE-2023-6705: Use after free in WebRTC + * High CVE-2023-6706: Use after free in FedCM + * Medium CVE-2023-6707: Use after free in CSS + * Fri Dec 08 2023 Than Ngo - 120.0.6099.71-1 - update to 120.0.6099.71 diff --git a/sources b/sources index 5dba650d..c57ae94e 100644 --- a/sources +++ b/sources @@ -2,4 +2,4 @@ SHA512 (node-v20.6.1-linux-arm64.tar.xz) = adfcaf2c22614797fd69fb46d94c1cbf64dea SHA512 (node-v20.6.1-linux-x64.tar.xz) = 7e15c05041a9a50f0046266aadb2e092a5aefbec19be1c7c809471add520cb57c7df3c47d88b1888b29bf2979dca3c92adddfd965370fa2a9da4ea02186464fd SHA512 (linux-arm64-0.19.2.tgz) = 8a0d8fec6786fffcd6954d00820037a55d61e60762c74300df0801f8db27057562c221a063bedfb8df56af9ba80abb366336987e881782c5996e6f871abd3dc6 SHA512 (linux-x64-0.19.2.tgz) = a31cc74c4bfa54f9b75d735a1cfc944d3b5efb7c06bfba9542da9a642ae0b2d235ea00ae84d3ad0572c406405110fe7b61377af0fd15803806ef78d20fc6f05d -SHA512 (chromium-120.0.6099.71-clean.tar.xz) = a77aaabee117e5e070f3109bd346a0d344ca2d7e25095a1f03963758a5816ed03af8b3a8a6cc2f306b86ddcda84b79882059ec961750873842e2656b5f836f25 +SHA512 (chromium-120.0.6099.109-clean.tar.xz) = 0efbcddce9bdb33db09f7b1021ce3f36b2be9339d23e6bb24f9e2bf7109b42adc3e80df53b7d886969e5685e53f768078c3d939325f9892978fc0ca1578e2be9