From 83da45e12763af7d2ddab8ec726f922831a3c0c6 Mon Sep 17 00:00:00 2001 From: tigro Date: Fri, 12 Apr 2024 17:07:49 +0300 Subject: [PATCH] - update to 123.0.6312.122 * High CVE-2024-3157: Out of bounds write in Compositing * High CVE-2024-3516: Heap buffer overflow in ANGLE * High CVE-2024-3515: Use after free in Dawn --- .chromium.metadata | 2 +- .gitignore | 2 +- SPECS/chromium.spec | 8 +++++++- 3 files changed, 9 insertions(+), 3 deletions(-) diff --git a/.chromium.metadata b/.chromium.metadata index bdbb893f..2846d043 100644 --- a/.chromium.metadata +++ b/.chromium.metadata @@ -1,4 +1,4 @@ -e7f9eb5a2ade30477055b404327a932aa8f755eb SOURCES/chromium-123.0.6312.105.tar.xz +cbc565e94c1af7c031cc1e38dc1c096517be0e66 SOURCES/chromium-123.0.6312.122.tar.xz dea187019741602d57aaf189a80abba261fbd2aa SOURCES/linux-x64-0.19.2.tgz 7e5d2c7864c5c83ec789b59c77cd9c20d2594916 SOURCES/linux-arm64-0.19.2.tgz 769196d081c6a0ad37f1c63dec56febfff3370de SOURCES/node-v20.6.1-linux-x64.tar.xz diff --git a/.gitignore b/.gitignore index c13e1204..b4131eec 100644 --- a/.gitignore +++ b/.gitignore @@ -1,4 +1,4 @@ -SOURCES/chromium-123.0.6312.105.tar.xz +SOURCES/chromium-123.0.6312.122.tar.xz SOURCES/linux-x64-0.19.2.tgz SOURCES/linux-arm64-0.19.2.tgz SOURCES/node-v20.6.1-linux-x64.tar.xz diff --git a/SPECS/chromium.spec b/SPECS/chromium.spec index 162297c6..9bfd89c6 100644 --- a/SPECS/chromium.spec +++ b/SPECS/chromium.spec @@ -336,7 +336,7 @@ %endif Name: chromium%{chromium_channel} -Version: 123.0.6312.105 +Version: 123.0.6312.122 Release: 1%{?dist}.inferit Summary: A WebKit (Blink) powered web browser that Google doesn't want you to use Url: http://www.chromium.org/Home @@ -2254,6 +2254,12 @@ getent group chrome-remote-desktop >/dev/null || groupadd -r chrome-remote-deskt %endif %changelog +* Fri Apr 12 2024 Arkady L. Shane - 123.0.6312.122-1.inferit +- update to 123.0.6312.122 + * High CVE-2024-3157: Out of bounds write in Compositing + * High CVE-2024-3516: Heap buffer overflow in ANGLE + * High CVE-2024-3515: Use after free in Dawn + * Thu Apr 04 2024 Arkady L. Shane - 123.0.6312.105-1.inferit - update to 123.0.6312.105 * High CVE-2024-3156: Inappropriate implementation in V8