From 3dcd21f969015bf077cca6b5c4cd2008eb318c1f Mon Sep 17 00:00:00 2001 From: tigro Date: Thu, 7 Mar 2024 11:04:30 +0300 Subject: [PATCH] - upstream security release 122.0.6261.111 * High CVE-2024-2173: Out of bounds memory access in V8 * High CVE-2024-2174: Inappropriate implementation in V8 * High CVE-2024-2176: Use after free in FedCM --- .chromium.metadata | 2 +- .gitignore | 2 +- ...ang_lib.patch => chromium-122-rust-clang_lib.patch} | 2 +- SPECS/chromium.spec | 10 ++++++++-- 4 files changed, 11 insertions(+), 5 deletions(-) rename SOURCES/{chromium-121-rust-clang_lib.patch => chromium-122-rust-clang_lib.patch} (97%) diff --git a/.chromium.metadata b/.chromium.metadata index c6579362..3352d263 100644 --- a/.chromium.metadata +++ b/.chromium.metadata @@ -1,4 +1,4 @@ -d241e12a875e17ab2595d1bfde7ebe6a82dad5a7 SOURCES/chromium-122.0.6261.94.tar.xz +f821455b00eeac196dea07e378f45505b95c746e SOURCES/chromium-122.0.6261.111.tar.xz dea187019741602d57aaf189a80abba261fbd2aa SOURCES/linux-x64-0.19.2.tgz 7e5d2c7864c5c83ec789b59c77cd9c20d2594916 SOURCES/linux-arm64-0.19.2.tgz 769196d081c6a0ad37f1c63dec56febfff3370de SOURCES/node-v20.6.1-linux-x64.tar.xz diff --git a/.gitignore b/.gitignore index 50799bc2..a4da528d 100644 --- a/.gitignore +++ b/.gitignore @@ -1,4 +1,4 @@ -SOURCES/chromium-122.0.6261.94.tar.xz +SOURCES/chromium-122.0.6261.111.tar.xz SOURCES/linux-x64-0.19.2.tgz SOURCES/linux-arm64-0.19.2.tgz SOURCES/node-v20.6.1-linux-x64.tar.xz diff --git a/SOURCES/chromium-121-rust-clang_lib.patch b/SOURCES/chromium-122-rust-clang_lib.patch similarity index 97% rename from SOURCES/chromium-121-rust-clang_lib.patch rename to SOURCES/chromium-122-rust-clang_lib.patch index 70327eff..12124383 100644 --- a/SOURCES/chromium-121-rust-clang_lib.patch +++ b/SOURCES/chromium-122-rust-clang_lib.patch @@ -34,7 +34,7 @@ diff -up chromium-121.0.6167.57/build/config/clang/BUILD.gn.rust-clang_lib chrom + assert(false) # Unhandled cpu type + } + # different clang lib dir in fedora/epel -+ if (clang_version == "17") { ++ if (clang_version == "17" || clang_version == "18") { + _suffix = "" + } else if (clang_version == "16" || clang_version == "14") { + _libprefix = "64" diff --git a/SPECS/chromium.spec b/SPECS/chromium.spec index d1dbdfd1..b17b813c 100644 --- a/SPECS/chromium.spec +++ b/SPECS/chromium.spec @@ -333,7 +333,7 @@ %endif Name: chromium%{chromium_channel} -Version: 122.0.6261.94 +Version: 122.0.6261.111 Release: 1%{?dist}.inferit Summary: A WebKit (Blink) powered web browser that Google doesn't want you to use Url: http://www.chromium.org/Home @@ -508,7 +508,7 @@ patch356: chromium-122-disable-FFmpegAllowLists.patch Patch357: chromium-122-clang16-disable-auto-upgrade-debug-info.patch # set clang_lib path -Patch358: chromium-121-rust-clang_lib.patch +Patch358: chromium-122-rust-clang_lib.patch # upstream patches Patch400: chromium-122-el8-support-64kpage.patch @@ -2079,6 +2079,12 @@ getent group chrome-remote-desktop >/dev/null || groupadd -r chrome-remote-deskt %endif %changelog +* Thu Mar 07 2024 Arkady L. Shane - 122.0.6261.111-1.inferit +- upstream security release 122.0.6261.111 + * High CVE-2024-2173: Out of bounds memory access in V8 + * High CVE-2024-2174: Inappropriate implementation in V8 + * High CVE-2024-2176: Use after free in FedCM + * Thu Feb 29 2024 Arkady L. Shane - 122.0.6261.94-1.inferit.1 - upstream security release 122.0.6261.94 * High : Type Confusion in V8