import chromium-133.0.6943.98-1.el9

.chromium.metadata

@@ -1,3 +1,3 @@
-3f2e8a759bc5bc45041eefea9ac6bd475598f898  SOURCES/chromium-133.0.6943.53-clean.tar.xz
+23342eb4eb57622d5c2bf3fc13d5cafdd67ace39  SOURCES/chromium-133.0.6943.98-clean.tar.xz
 7e5d2c7864c5c83ec789b59c77cd9c20d2594916  SOURCES/linux-arm64-0.19.2.tgz
 dea187019741602d57aaf189a80abba261fbd2aa  SOURCES/linux-x64-0.19.2.tgz

.gitignore

@@ -1,3 +1,3 @@
-SOURCES/chromium-133.0.6943.53-clean.tar.xz
+SOURCES/chromium-133.0.6943.98-clean.tar.xz
 SOURCES/linux-arm64-0.19.2.tgz
 SOURCES/linux-x64-0.19.2.tgz

SOURCES/chromium-133-pipewire-cast.patch

@@ -0,0 +1,21 @@
+diff -up chromium-133.0.6943.53/third_party/webrtc/modules/video_capture/linux/pipewire_session.cc.me chromium-133.0.6943.53/third_party/webrtc/modules/video_capture/linux/pipewire_session.cc
+--- chromium-133.0.6943.53/third_party/webrtc/modules/video_capture/linux/pipewire_session.cc.me	2025-02-12 19:09:54.742875003 +0100
++++ chromium-133.0.6943.53/third_party/webrtc/modules/video_capture/linux/pipewire_session.cc	2025-02-12 19:12:17.492620559 +0100
+@@ -87,7 +87,7 @@ PipeWireNode::PipeWireNode(PipeWireSessi
+       .param = OnNodeParam,
+   };
+ 
+-  pw_node_add_listener(proxy_, &node_listener_, &node_events, this);
++  pw_node_add_listener((struct pw_node*) proxy_, &node_listener_, &node_events, this);
+ }
+ 
+ // static
+@@ -119,7 +119,7 @@ void PipeWireNode::OnNodeInfo(void* data
+       uint32_t id = info->params[i].id;
+       if (id == SPA_PARAM_EnumFormat &&
+           info->params[i].flags & SPA_PARAM_INFO_READ) {
+-        pw_node_enum_params(that->proxy_, 0, id, 0, UINT32_MAX, nullptr);
++        pw_node_enum_params((struct pw_node*)that->proxy_, 0, id, 0, UINT32_MAX, nullptr);
+         break;
+       }
+     }

SPECS/chromium.spec

@@ -271,7 +271,7 @@
 %endif
 
 Name:	chromium%{chromium_channel}
-Version: 133.0.6943.53
+Version: 133.0.6943.98
 Release: 1%{?dist}
 Summary: A WebKit (Blink) powered web browser that Google doesn't want you to use
 Url: http://www.chromium.org/Home
@@ -357,6 +357,9 @@ Patch353: chromium-127-aarch64-duplicate-case-value.patch
 # remove flag split-threshold-for-reg-with-hint, it's not supported in clang <= 17
 Patch354: chromium-126-split-threshold-for-reg-with-hint.patch
 
+# fix build error with new pipewire in f43
+Patch356: chromium-133-pipewire-cast.patch
+
 # fix build error: no member named 'hardware_destructive_interference_size' in namespace 'std'
 Patch355: chromium-130-hardware_destructive_interference_size.patch
 
@@ -1060,6 +1063,10 @@ Qt6 UI for chromium.
 
 %patch -P355 -p1 -b .hardware_destructive_interference_size
 
+%if 0%{?fedora} > 42
+%patch -P356 -p1 -b .pipewire-cast
+%endif
+
 %patch -P358 -p1 -b .rust-clang_lib
 
 %ifarch ppc64le
@@ -1244,7 +1251,11 @@ rust_sysroot_absolute="$(rustc --print sysroot)"
 
 # set clang version
 clang_version="$(clang --version | sed -n 's/clang version //p' | cut -d. -f1)"
+%if 0%{?fedora} > 42
+clang_base_path="/usr"
+%else
 clang_base_path="$(clang --version | grep InstalledDir | cut -d' ' -f2 | sed 's#/bin##')"
+%endif
 
 # Core defines are flags that are true for both the browser and headless.
 CHROMIUM_CORE_GN_DEFINES=""
@@ -1785,6 +1796,13 @@ fi
 %endif
 
 %changelog
+* Thu Feb 13 2025 Than Ngo <than@redhat.com> - 133.0.6943.98-1
+- Update to 133.0.6943.98
+  * CVE-2025-0995: Use after free in V8
+  * CVE-2025-0996: Inappropriate implementation in Browser UI
+  * CVE-2025-0997: Use after free in Navigation
+  * CVE-2025-0998: Out of bounds memory access in V8
+
 * Tue Feb 04 2025 Than Ngo <than@redhat.com> - 133.0.6943.53-1
 - Update to 133.0.6943.53
   * CVE-2025-0444: Use after free in Skia