import chromium-120.0.6099.216-1.el9

.chromium.metadata

@@ -1,3 +1,3 @@
-8a7f283e235f3a0834a31f5001b84ed3ceeaf5ec  SOURCES/chromium-120.0.6099.129-clean.tar.xz
+73aedb980c8dc432ee33192ee1cf0a402dc5f36f  SOURCES/chromium-120.0.6099.216-clean.tar.xz
 7e5d2c7864c5c83ec789b59c77cd9c20d2594916  SOURCES/linux-arm64-0.19.2.tgz
 dea187019741602d57aaf189a80abba261fbd2aa  SOURCES/linux-x64-0.19.2.tgz

.gitignore

@@ -1,3 +1,3 @@
-SOURCES/chromium-120.0.6099.129-clean.tar.xz
+SOURCES/chromium-120.0.6099.216-clean.tar.xz
 SOURCES/linux-arm64-0.19.2.tgz
 SOURCES/linux-x64-0.19.2.tgz

SPECS/chromium.spec

@@ -22,10 +22,6 @@
 
 # enable|disble bootstrap
 %global bootstrap 0
-# workaround for broken gn on epel 8/9
-%if 0%{?rhel} == 8 || 0%{?rhel} == 9
-%global bootstrap 1
-%endif
 
 # Fancy build status, so we at least know, where we are..
 # %1 where
@@ -289,7 +285,7 @@
 %endif
 
 Name:	chromium%{chromium_channel}
-Version: 120.0.6099.129
+Version: 120.0.6099.216
 Release: 1%{?dist}
 Summary: A WebKit (Blink) powered web browser that Google doesn't want you to use
 Url: http://www.chromium.org/Home
@@ -1770,6 +1766,18 @@ getent group chrome-remote-desktop >/dev/null || groupadd -r chrome-remote-deskt
 %{chromium_path}/chromedriver
 
 %changelog
+* Wed Jan 10 2024 Than Ngo <than@redhat.com> - 120.0.6099.216-1
+- update to 120.0.6099.216
+  * High CVE-2024-0333: Insufficient data validation in Extensions
+
+* Thu Jan 04 2024 Than Ngo <than@redhat.com> - 120.0.6099.199-1
+- new gn update, drop workaround for broken gn on epel 8/9
+- update to 120.0.6099.199
+   * CVE-2024-0222: Use after free in ANGLE
+   * CVE-2024-0223: Heap buffer overflow in ANGLE
+   * CVE-2024-0224: Use after free in WebAudio
+   * CVE-2024-0225: Use after free in WebGPU
+
 * Thu Dec 21 2023 Than Ngo <than@redhat.com> - 120.0.6099.129-1
 - update to 120.0.6099.129
   * High CVE-2023-7024: Heap buffer overflow in WebRTC