- Update to 118.0.5993.70

- CVE-2023-5218: Use after free in Site Isolation.
    - CVE-2023-5487: Inappropriate implementation in Fullscreen.
    - CVE-2023-5484: Inappropriate implementation in Navigation.
    - CVE-2023-5475: Inappropriate implementation in DevTools.
    - CVE-2023-5483: Inappropriate implementation in Intents.
    - CVE-2023-5481: Inappropriate implementation in Downloads.
    - CVE-2023-5476: Use after free in Blink History.
    - CVE-2023-5474: Heap buffer overflow in PDF.
    - CVE-2023-5479: Inappropriate implementation in Extensions API.
    - CVE-2023-5485: Inappropriate implementation in Autofill.
    - CVE-2023-5478: Inappropriate implementation in Autofill.
    - CVE-2023-5477: Inappropriate implementation in Installer.
    - CVE-2023-5486: Inappropriate implementation in Input.
    - CVE-2023-5473: Use after free in Cast.
- drop use_gnome_keyring as it's removed by upstream
i9e-gost-119.0.6045.159
Arkady L. Shane 1 year ago
parent 7e891dc0ca
commit 95f775917d
Signed by: tigro
GPG Key ID: 9C7900103E1C4F8B

@ -1,4 +1,4 @@
1023932b50c493e0060f28055d64113b67bae8df SOURCES/chromium-117.0.5938.149.tar.xz 2b2119611c4daa377b94bf004ffbd6b7de75a8b8 SOURCES/chromium-118.0.5993.70.tar.xz
dea187019741602d57aaf189a80abba261fbd2aa SOURCES/linux-x64-0.19.2.tgz dea187019741602d57aaf189a80abba261fbd2aa SOURCES/linux-x64-0.19.2.tgz
7e5d2c7864c5c83ec789b59c77cd9c20d2594916 SOURCES/linux-arm64-0.19.2.tgz 7e5d2c7864c5c83ec789b59c77cd9c20d2594916 SOURCES/linux-arm64-0.19.2.tgz
769196d081c6a0ad37f1c63dec56febfff3370de SOURCES/node-v20.6.1-linux-x64.tar.xz 769196d081c6a0ad37f1c63dec56febfff3370de SOURCES/node-v20.6.1-linux-x64.tar.xz

2
.gitignore vendored

@ -1,4 +1,4 @@
SOURCES/chromium-117.0.5938.149.tar.xz SOURCES/chromium-118.0.5993.70.tar.xz
SOURCES/linux-x64-0.19.2.tgz SOURCES/linux-x64-0.19.2.tgz
SOURCES/linux-arm64-0.19.2.tgz SOURCES/linux-arm64-0.19.2.tgz
SOURCES/node-v20.6.1-linux-x64.tar.xz SOURCES/node-v20.6.1-linux-x64.tar.xz

@ -1,14 +0,0 @@
diff -up chromium-116.0.5845.50/base/allocator/partition_allocator/partition_alloc_config.h.me chromium-116.0.5845.50/base/allocator/partition_allocator/partition_alloc_config.h
--- chromium-116.0.5845.50/base/allocator/partition_allocator/partition_alloc_config.h.me 2023-07-30 15:13:45.873427874 +0200
+++ chromium-116.0.5845.50/base/allocator/partition_allocator/partition_alloc_config.h 2023-07-30 15:15:31.393181400 +0200
@@ -150,9 +150,7 @@ static_assert(sizeof(void*) != 8, "");
(!BUILDFLAG(PUT_REF_COUNT_IN_PREVIOUS_SLOT) && \
defined(ARCH_CPU_LITTLE_ENDIAN))
-#define PA_CONFIG_HAS_MEMORY_TAGGING() \
- (defined(ARCH_CPU_ARM64) && defined(__clang__) && \
- (BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_ANDROID)))
+#define PA_CONFIG_HAS_MEMORY_TAGGING() 0
#if PA_CONFIG(HAS_MEMORY_TAGGING)
static_assert(sizeof(void*) == 8);

@ -1,237 +0,0 @@
commit e2f8a1e1b5c0096cb0465a79e4f6c53d0d50e664
Author: Gregg Tavares <gman@chromium.org>
Date: Fri Aug 11 00:32:19 2023 +0000
Tweak about:gpu
* Make it so you can select all the text
As it was, selection only worked on individual top level divs.
Adding an enclosing parent div fixed this issue
* Change "Copy Report to Clipboard" to "Download Report to File"
The data here was almost always too big. Too big to paste into
a chrome bug, too big to paste into chat.
The user can still press Ctrl-A/Cmd-A or pick Select-All
and do a text copy.
* Add dark mode support
Bug: 1470927
Change-Id: I82da29ae5b68106f204d02084e252d3f07373a69
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4764269
Commit-Queue: Gregg Tavares <gman@chromium.org>
Reviewed-by: Kenneth Russell <kbr@chromium.org>
Reviewed-by: Kai Ninomiya <kainino@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1182383}
diff --git a/content/browser/resources/gpu/gpu_internals.html b/content/browser/resources/gpu/gpu_internals.html
index d324f96798fd6..22322bb6ba7d8 100644
--- a/content/browser/resources/gpu/gpu_internals.html
+++ b/content/browser/resources/gpu/gpu_internals.html
@@ -9,13 +9,15 @@ found in the LICENSE file.
<meta name="viewport" content="width=device-width" />
<title>GPU Internals</title>
<style>
+ :root {
+ color-scheme: light dark;
+ }
* {
box-sizing: border-box;
user-select: none;
}
body {
- background-color: white;
cursor: default;
font-family: sans-serif;
margin: 8px;
diff --git a/content/browser/resources/gpu/info_view.html b/content/browser/resources/gpu/info_view.html
index 289691ceb11b3..ce3643da2adb6 100644
--- a/content/browser/resources/gpu/info_view.html
+++ b/content/browser/resources/gpu/info_view.html
@@ -5,12 +5,28 @@ found in the LICENSE file.
-->
<style>
:host {
+ --green: #080;
+ --yellow: #880;
+ --red: #f00;
+ --gray: #888;
+ --bg-yellow: #ff0;
+
display: block;
flex: 1;
overflow: auto;
padding: 10px;
}
+ @media (prefers-color-scheme: dark) {
+ :host {
+ --green: #0F0;
+ --yellow: #FF0;
+ --red: #f00;
+ --gray: #888;
+ --bg-yellow: #880;
+ }
+ }
+
:host * {
user-select: text;
}
@@ -26,77 +42,52 @@ found in the LICENSE file.
margin-top: 0;
}
- :host > div {
+ #content > div {
margin-bottom: 1em;
}
.feature-green {
- color: rgb(0, 128, 0);
+ color: var(--green);
}
.feature-yellow {
- color: rgb(128, 128, 0);
+ color: var(--yellow);
}
.feature-red {
- color: rgb(255, 0, 0);
+ color: var(--red);
}
.feature-gray {
- color: rgb(128, 128, 128);
+ color: var(--gray);
}
.bg-yellow {
- background-color: yellow;
+ background-color: var(--bg-yellow);
}
#vulkan-info-value {
white-space: pre;
}
- #copy-to-clipboard {
- background-image: linear-gradient(#ededed, #ededed 38%, #dedede);
- border: 1px solid rgba(0, 0, 0, .25);
- border-radius: 2px;
- box-shadow: 0 1px 0 rgba(0, 0, 0, 0.08),
- inset 0 1px 2px rgba(255, 255, 255, 0.75);
- color: #444;
+ #download-to-file {
font: inherit;
margin: 0 1px 0 0;
min-height: 2em;
- outline: none;
padding: 1px 10px;
- text-shadow: 0 1px 0 rgb(240, 240, 240);
user-select: none;
}
- #copy-to-clipboard:enabled:hover {
- background-image: linear-gradient(#f0f0f0, #f0f0f0 38%, #e0e0e0);
- border-color: rgba(0, 0, 0, 0.3);
- box-shadow: 0 1px 0 rgba(0, 0, 0, 0.12),
- inset 0 1px 2px rgba(255, 255, 255, 0.95);
- color: black;
- }
-
- #copy-to-clipboard:enabled:active {
- background-image: linear-gradient(#e7e7e7, #e7e7e7 38%, #d7d7d7);
- box-shadow: none;
- text-shadow: none;
- }
-
- #copy-to-clipboard:enabled:focus {
- border-color: rgb(77, 144, 254);
- }
-
h4.dawn-info-header {
- color: rgb(128, 128, 0);
+ color: var(--yellow);
margin-bottom: 2px;
margin-top: 10px;
}
</style>
+<div id="content">
<div>
- <button id="copy-to-clipboard">Copy Report to Clipboard</button>
+ <button id="download-to-file">Download Report to File</button>
</div>
<div>
<h3>Graphics Feature Status</h3>
@@ -193,3 +184,4 @@ found in the LICENSE file.
<h3>Log Messages</h3>
<ul></ul>
</div>
+</div>
\ No newline at end of file
diff --git a/content/browser/resources/gpu/info_view.ts b/content/browser/resources/gpu/info_view.ts
index 0b91cc130f46f..96c08f76e4bc7 100644
--- a/content/browser/resources/gpu/info_view.ts
+++ b/content/browser/resources/gpu/info_view.ts
@@ -12,6 +12,22 @@ import {getTemplate} from './info_view.html.js';
import {ArrayData, Data} from './info_view_table_row.js';
import {VulkanInfo} from './vulkan_info.js';
+/**
+ * Given a blob and a filename, prompts user to
+ * save as a file.
+ */
+const saveData = (function() {
+ const a = document.createElement('a');
+ a.style.display = 'none';
+ document.body.appendChild(a);
+ return function saveData(blob: Blob, fileName: string) {
+ const url = window.URL.createObjectURL(blob);
+ a.href = url;
+ a.download = fileName;
+ a.click();
+ };
+}());
+
/**
* @fileoverview This view displays information on the current GPU
* hardware. Its primary usefulness is to allow users to copy-paste
@@ -33,19 +49,26 @@ export class InfoViewElement extends CustomElement {
}
connectedCallback() {
- // Add handler to 'copy to clipboard' button
- const copyButton =
- this.shadowRoot!.querySelector<HTMLElement>('#copy-to-clipboard');
- assert(copyButton);
- copyButton.onclick = (() => {
+ // Add handler to 'download report to clipboard' button
+ const downloadButton =
+ this.shadowRoot!.querySelector<HTMLElement>('#download-to-file')!;
+ assert(downloadButton);
+ downloadButton.onclick = (() => {
// Make sure nothing is selected
const s = window.getSelection()!;
s.removeAllRanges();
+
+ // Select everything
s.selectAllChildren(this.shadowRoot!);
- document.execCommand('copy');
+ const text = s.toString();
// And deselect everything at the end.
window.getSelection()!.removeAllRanges();
+
+ const blob = new Blob([text], {type: 'text/text'});
+ const filename = `about-gpu-${
+ new Date().toISOString().replace(/[^a-z0-9-]/ig, '-')}.txt`;
+ saveData(blob, filename);
});
}

@ -1,91 +0,0 @@
diff -up chromium-115.0.5790.40/chrome/test/chromedriver/capabilities.cc.me chromium-115.0.5790.40/chrome/test/chromedriver/capabilities.cc
--- chromium-115.0.5790.40/chrome/test/chromedriver/capabilities.cc.me 2023-06-25 10:06:58.445990069 +0200
+++ chromium-115.0.5790.40/chrome/test/chromedriver/capabilities.cc 2023-06-25 10:51:17.640818231 +0200
@@ -355,7 +355,7 @@ Status ParseMobileEmulation(const base::
"'version' field of type string");
}
- brands.emplace_back(*brand, *version);
+ brands.emplace_back() = {*brand, *version};
}
client_hints.brands = std::move(brands);
@@ -392,7 +392,7 @@ Status ParseMobileEmulation(const base::
"a 'version' field of type string");
}
- full_version_list.emplace_back(*brand, *version);
+ full_version_list.emplace_back() = {*brand, *version};
}
client_hints.full_version_list = std::move(full_version_list);
diff -up chromium-116.0.5845.96/chrome/browser/content_settings/one_time_permission_provider.cc.me chromium-116.0.5845.96/chrome/browser/content_settings/one_time_permission_provider.cc
--- chromium-116.0.5845.96/chrome/browser/content_settings/one_time_permission_provider.cc.me 2023-08-15 21:34:58.922855428 +0200
+++ chromium-116.0.5845.96/chrome/browser/content_settings/one_time_permission_provider.cc 2023-08-15 21:39:23.310434237 +0200
@@ -207,8 +207,8 @@ void OneTimePermissionProvider::OnSuspen
while (rule_iterator && rule_iterator->HasNext()) {
auto rule = rule_iterator->Next();
- patterns_to_delete.emplace_back(setting_type, rule->primary_pattern,
- rule->secondary_pattern);
+ patterns_to_delete.emplace_back() = {setting_type, rule->primary_pattern,
+ rule->secondary_pattern};
permissions::PermissionUmaUtil::RecordOneTimePermissionEvent(
setting_type,
permissions::OneTimePermissionEvent::EXPIRED_ON_SUSPEND);
@@ -302,8 +302,8 @@ void OneTimePermissionProvider::DeleteEn
auto rule = rule_iterator->Next();
if (rule->primary_pattern.Matches(origin_gurl) &&
rule->secondary_pattern.Matches(origin_gurl)) {
- patterns_to_delete.emplace_back(
- content_setting_type, rule->primary_pattern, rule->secondary_pattern);
+ patterns_to_delete.emplace_back() = {
+ content_setting_type, rule->primary_pattern, rule->secondary_pattern};
permissions::PermissionUmaUtil::RecordOneTimePermissionEvent(
content_setting_type, trigger_event);
}
diff -up chromium-117.0.5938.62/base/trace_event/trace_log.cc.me chromium-117.0.5938.62/base/trace_event/trace_log.cc
--- chromium-117.0.5938.62/base/trace_event/trace_log.cc.me 2023-09-13 20:14:42.441248781 +0200
+++ chromium-117.0.5938.62/base/trace_event/trace_log.cc 2023-09-13 20:16:12.186638601 +0200
@@ -2187,8 +2187,8 @@ void TraceLog::SetTraceBufferForTesting(
#if BUILDFLAG(USE_PERFETTO_CLIENT_LIBRARY)
void TraceLog::OnSetup(const perfetto::DataSourceBase::SetupArgs& args) {
AutoLock lock(track_event_lock_);
- track_event_sessions_.emplace_back(args.internal_instance_index, *args.config,
- args.backend_type);
+ track_event_sessions_.emplace_back() = {args.internal_instance_index, *args.config,
+ args.backend_type};
}
void TraceLog::OnStart(const perfetto::DataSourceBase::StartArgs&) {
diff -up chromium-117.0.5938.62/content/browser/download/save_package.cc.me chromium-117.0.5938.62/content/browser/download/save_package.cc
--- chromium-117.0.5938.62/content/browser/download/save_package.cc.me 2023-09-15 12:02:43.866622591 +0200
+++ chromium-117.0.5938.62/content/browser/download/save_package.cc 2023-09-15 12:03:58.715984511 +0200
@@ -764,8 +764,8 @@ void SavePackage::Finish() {
if (download_) {
std::vector<download::DownloadSaveItemData::ItemInfo> files;
for (auto& item : saved_success_items_) {
- files.emplace_back(item.second->full_path(), item.second->url(),
- item.second->referrer().url);
+ files.emplace_back() = {item.second->full_path(), item.second->url(),
+ item.second->referrer().url};
}
download::DownloadSaveItemData::AttachItemData(download_, std::move(files));
}
diff -up chromium-117.0.5938.62/ui/gtk/gtk_ui.cc.me chromium-117.0.5938.62/ui/gtk/gtk_ui.cc
--- chromium-117.0.5938.62/ui/gtk/gtk_ui.cc.me 2023-09-15 20:29:42.626502343 +0200
+++ chromium-117.0.5938.62/ui/gtk/gtk_ui.cc 2023-09-15 20:36:18.763091179 +0200
@@ -955,11 +955,11 @@ ui::DisplayConfig GtkUi::GetDisplayConfi
GdkRectangle geometry;
gdk_monitor_get_geometry(monitor, &geometry);
int monitor_scale = std::max(1, gdk_monitor_get_scale_factor(monitor));
- config.display_geometries.emplace_back(
+ config.display_geometries.emplace_back() = {
gfx::Rect(monitor_scale * geometry.x, monitor_scale * geometry.y,
monitor_scale * geometry.width,
monitor_scale * geometry.height),
- monitor_scale * font_scale);
+ static_cast<float>(monitor_scale * font_scale)};
}
return config;
}

@ -0,0 +1,15 @@
diff -up chromium-118.0.5993.32/base/allocator/partition_allocator/partition_alloc_config.h.me chromium-118.0.5993.32/base/allocator/partition_allocator/partition_alloc_config.h
--- chromium-118.0.5993.32/base/allocator/partition_allocator/partition_alloc_config.h.me 2023-10-03 20:25:01.282782425 +0200
+++ chromium-118.0.5993.32/base/allocator/partition_allocator/partition_alloc_config.h 2023-10-03 20:25:27.151236664 +0200
@@ -152,10 +152,7 @@ static_assert(sizeof(void*) != 8, "");
(!BUILDFLAG(PUT_REF_COUNT_IN_PREVIOUS_SLOT) && \
defined(ARCH_CPU_LITTLE_ENDIAN))
-#define PA_CONFIG_HAS_MEMORY_TAGGING() \
- (defined(ARCH_CPU_ARM64) && defined(__clang__) && \
- !defined(ADDRESS_SANITIZER) && \
- (BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_ANDROID)))
+#define PA_CONFIG_HAS_MEMORY_TAGGING() 0
#if PA_CONFIG(HAS_MEMORY_TAGGING)
static_assert(sizeof(void*) == 8);

@ -0,0 +1,12 @@
diff -up chromium-118.0.5993.32/ui/gfx/linux/dmabuf_uapi.h.me chromium-118.0.5993.32/ui/gfx/linux/dmabuf_uapi.h
--- chromium-118.0.5993.32/ui/gfx/linux/dmabuf_uapi.h.me 2023-10-04 22:18:44.259800011 +0200
+++ chromium-118.0.5993.32/ui/gfx/linux/dmabuf_uapi.h 2023-10-04 22:28:17.068756669 +0200
@@ -28,7 +28,7 @@ constexpr unsigned long DMA_BUF_IOCTL_SY
_IOW(DMA_BUF_BASE, 0, struct dma_buf_sync);
#endif
-#if LINUX_VERSION_CODE < KERNEL_VERSION(6, 0, 0)
+#if 0
struct dma_buf_export_sync_file {
__u32 flags;
__s32 fd;

@ -0,0 +1,24 @@
diff -up chromium-118.0.5993.54/media/capture/video/linux/v4l2_capture_delegate.cc.me chromium-118.0.5993.54/media/capture/video/linux/v4l2_capture_delegate.cc
--- chromium-118.0.5993.54/media/capture/video/linux/v4l2_capture_delegate.cc.me 2023-10-07 12:24:51.194618144 +0200
+++ chromium-118.0.5993.54/media/capture/video/linux/v4l2_capture_delegate.cc 2023-10-07 12:26:30.727448581 +0200
@@ -1219,7 +1219,7 @@ void V4L2CaptureDelegate::SetErrorState(
client_->OnError(error, from_here, reason);
}
-#if BUILDFLAG(IS_LINUX)
+#if 0 //BUILDFLAG(IS_LINUX)
gfx::ColorSpace V4L2CaptureDelegate::BuildColorSpaceFromv4l2() {
v4l2_colorspace v4l2_primary = (v4l2_colorspace)video_fmt_.fmt.pix.colorspace;
v4l2_quantization v4l2_range =
diff -up chromium-118.0.5993.54/media/capture/video/linux/v4l2_capture_delegate.h.me chromium-118.0.5993.54/media/capture/video/linux/v4l2_capture_delegate.h
--- chromium-118.0.5993.54/media/capture/video/linux/v4l2_capture_delegate.h.me 2023-10-07 12:29:35.588406023 +0200
+++ chromium-118.0.5993.54/media/capture/video/linux/v4l2_capture_delegate.h 2023-10-07 12:28:42.057036014 +0200
@@ -133,7 +133,7 @@ class CAPTURE_EXPORT V4L2CaptureDelegate
const base::Location& from_here,
const std::string& reason);
-#if BUILDFLAG(IS_LINUX)
+#if 0 //BUILDFLAG(IS_LINUX)
// Systems which describe a "color space" usually map that to one or more of
// {primary, matrix, transfer, range}. BuildColorSpaceFromv4l2() will use the
// matched value as first priority. Otherwise, if there is no best matching

@ -451,7 +451,32 @@ diff -up chromium-117.0.5938.48/third_party/material_color_utilities/src/cpp/pal
* limitations under the License. * limitations under the License.
*/ */
+#include <math.h> +#include <cmath>
#include "cpp/palettes/tones.h" #include "cpp/palettes/tones.h"
#include "cpp/cam/cam.h" #include "cpp/cam/cam.h"
diff -up chromium-118.0.5993.32/services/device/public/cpp/generic_sensor/sensor_reading.h.me chromium-118.0.5993.32/services/device/public/cpp/generic_sensor/sensor_reading.h
--- chromium-118.0.5993.32/services/device/public/cpp/generic_sensor/sensor_reading.h.me 2023-10-01 13:55:01.913193186 +0200
+++ chromium-118.0.5993.32/services/device/public/cpp/generic_sensor/sensor_reading.h 2023-10-01 14:05:38.488038429 +0200
@@ -5,6 +5,9 @@
#ifndef SERVICES_DEVICE_PUBLIC_CPP_GENERIC_SENSOR_SENSOR_READING_H_
#define SERVICES_DEVICE_PUBLIC_CPP_GENERIC_SENSOR_SENSOR_READING_H_
+#include <cstddef>
+#include <cstdint>
+
#include <type_traits>
namespace device {
diff -up chromium-118.0.5993.32/components/gwp_asan/client/lightweight_detector.h.me chromium-118.0.5993.32/components/gwp_asan/client/lightweight_detector.h
--- chromium-118.0.5993.32/components/gwp_asan/client/lightweight_detector.h.me 2023-10-02 13:38:31.217806428 +0200
+++ chromium-118.0.5993.32/components/gwp_asan/client/lightweight_detector.h 2023-10-02 13:39:05.006427168 +0200
@@ -5,6 +5,8 @@
#ifndef COMPONENTS_GWP_ASAN_CLIENT_LIGHTWEIGHT_DETECTOR_H_
#define COMPONENTS_GWP_ASAN_CLIENT_LIGHTWEIGHT_DETECTOR_H_
+#include <atomic>
+
#include "base/gtest_prod_util.h"
#include "components/gwp_asan/client/export.h"
#include "components/gwp_asan/common/lightweight_detector_state.h"

@ -430,3 +430,138 @@ diff -up chromium-117.0.5938.62/chrome/browser/enterprise/profile_management/pro
// Extract domains and attributes from the command line switch. // Extract domains and attributes from the command line switch.
const base::CommandLine& command_line = const base::CommandLine& command_line =
diff -up chromium-115.0.5790.40/chrome/test/chromedriver/capabilities.cc.me chromium-115.0.5790.40/chrome/test/chromedriver/capabilities.cc
--- chromium-115.0.5790.40/chrome/test/chromedriver/capabilities.cc.me 2023-06-25 10:06:58.445990069 +0200
+++ chromium-115.0.5790.40/chrome/test/chromedriver/capabilities.cc 2023-06-25 10:51:17.640818231 +0200
@@ -355,7 +355,7 @@ Status ParseMobileEmulation(const base::
"'version' field of type string");
}
- brands.emplace_back(*brand, *version);
+ brands.emplace_back() = {*brand, *version};
}
client_hints.brands = std::move(brands);
@@ -392,7 +392,7 @@ Status ParseMobileEmulation(const base::
"a 'version' field of type string");
}
- full_version_list.emplace_back(*brand, *version);
+ full_version_list.emplace_back() = {*brand, *version};
}
client_hints.full_version_list = std::move(full_version_list);
diff -up chromium-116.0.5845.96/chrome/browser/content_settings/one_time_permission_provider.cc.me chromium-116.0.5845.96/chrome/browser/content_settings/one_time_permission_provider.cc
--- chromium-116.0.5845.96/chrome/browser/content_settings/one_time_permission_provider.cc.me 2023-08-15 21:34:58.922855428 +0200
+++ chromium-116.0.5845.96/chrome/browser/content_settings/one_time_permission_provider.cc 2023-08-15 21:39:23.310434237 +0200
@@ -207,8 +207,8 @@ void OneTimePermissionProvider::OnSuspen
while (rule_iterator && rule_iterator->HasNext()) {
auto rule = rule_iterator->Next();
- patterns_to_delete.emplace_back(setting_type, rule->primary_pattern,
- rule->secondary_pattern);
+ patterns_to_delete.emplace_back() = {setting_type, rule->primary_pattern,
+ rule->secondary_pattern};
permissions::PermissionUmaUtil::RecordOneTimePermissionEvent(
setting_type,
permissions::OneTimePermissionEvent::EXPIRED_ON_SUSPEND);
@@ -302,8 +302,8 @@ void OneTimePermissionProvider::DeleteEn
auto rule = rule_iterator->Next();
if (rule->primary_pattern.Matches(origin_gurl) &&
rule->secondary_pattern.Matches(origin_gurl)) {
- patterns_to_delete.emplace_back(
- content_setting_type, rule->primary_pattern, rule->secondary_pattern);
+ patterns_to_delete.emplace_back() = {
+ content_setting_type, rule->primary_pattern, rule->secondary_pattern};
permissions::PermissionUmaUtil::RecordOneTimePermissionEvent(
content_setting_type, trigger_event);
}
diff -up chromium-117.0.5938.62/base/trace_event/trace_log.cc.me chromium-117.0.5938.62/base/trace_event/trace_log.cc
--- chromium-117.0.5938.62/base/trace_event/trace_log.cc.me 2023-09-13 20:14:42.441248781 +0200
+++ chromium-117.0.5938.62/base/trace_event/trace_log.cc 2023-09-13 20:16:12.186638601 +0200
@@ -2187,8 +2187,8 @@ void TraceLog::SetTraceBufferForTesting(
#if BUILDFLAG(USE_PERFETTO_CLIENT_LIBRARY)
void TraceLog::OnSetup(const perfetto::DataSourceBase::SetupArgs& args) {
AutoLock lock(track_event_lock_);
- track_event_sessions_.emplace_back(args.internal_instance_index, *args.config,
- args.backend_type);
+ track_event_sessions_.emplace_back() = {args.internal_instance_index, *args.config,
+ args.backend_type};
}
void TraceLog::OnStart(const perfetto::DataSourceBase::StartArgs&) {
diff -up chromium-117.0.5938.62/content/browser/download/save_package.cc.me chromium-117.0.5938.62/content/browser/download/save_package.cc
--- chromium-117.0.5938.62/content/browser/download/save_package.cc.me 2023-09-15 12:02:43.866622591 +0200
+++ chromium-117.0.5938.62/content/browser/download/save_package.cc 2023-09-15 12:03:58.715984511 +0200
@@ -764,8 +764,8 @@ void SavePackage::Finish() {
if (download_) {
std::vector<download::DownloadSaveItemData::ItemInfo> files;
for (auto& item : saved_success_items_) {
- files.emplace_back(item.second->full_path(), item.second->url(),
- item.second->referrer().url);
+ files.emplace_back() = {item.second->full_path(), item.second->url(),
+ item.second->referrer().url};
}
download::DownloadSaveItemData::AttachItemData(download_, std::move(files));
}
diff -up chromium-117.0.5938.62/ui/gtk/gtk_ui.cc.me chromium-117.0.5938.62/ui/gtk/gtk_ui.cc
--- chromium-117.0.5938.62/ui/gtk/gtk_ui.cc.me 2023-09-15 20:29:42.626502343 +0200
+++ chromium-117.0.5938.62/ui/gtk/gtk_ui.cc 2023-09-15 20:36:18.763091179 +0200
@@ -955,11 +955,11 @@ ui::DisplayConfig GtkUi::GetDisplayConfi
GdkRectangle geometry;
gdk_monitor_get_geometry(monitor, &geometry);
int monitor_scale = std::max(1, gdk_monitor_get_scale_factor(monitor));
- config.display_geometries.emplace_back(
+ config.display_geometries.emplace_back() = {
gfx::Rect(monitor_scale * geometry.x, monitor_scale * geometry.y,
monitor_scale * geometry.width,
monitor_scale * geometry.height),
- monitor_scale * font_scale);
+ static_cast<float>(monitor_scale * font_scale)};
}
return config;
}
diff -up chromium-118.0.5993.54/components/autofill/core/browser/contact_info_sync_util.cc.me chromium-118.0.5993.54/components/autofill/core/browser/contact_info_sync_util.cc
--- chromium-118.0.5993.54/components/autofill/core/browser/contact_info_sync_util.cc.me 2023-10-06 10:38:52.473145692 +0200
+++ chromium-118.0.5993.54/components/autofill/core/browser/contact_info_sync_util.cc 2023-10-06 10:37:30.268617169 +0200
@@ -174,9 +174,9 @@ class ContactInfoProfileSetter {
CHECK(observations.empty());
for (const sync_pb::ContactInfoSpecifics::Observation& proto_observation :
proto_observations) {
- observations.emplace_back(proto_observation.type(),
+ observations.emplace_back() = {static_cast<unsigned char>(proto_observation.type()),
ProfileTokenQuality::FormSignatureHash(
- proto_observation.form_hash()));
+ proto_observation.form_hash())};
}
}
diff -up chromium-118.0.5993.54/components/autofill/core/browser/webdata/autofill_sync_bridge_util.cc.me chromium-118.0.5993.54/components/autofill/core/browser/webdata/autofill_sync_bridge_util.cc
--- chromium-118.0.5993.54/components/autofill/core/browser/webdata/autofill_sync_bridge_util.cc.me 2023-10-06 10:41:37.746402215 +0200
+++ chromium-118.0.5993.54/components/autofill/core/browser/webdata/autofill_sync_bridge_util.cc 2023-10-06 10:42:28.469562927 +0200
@@ -553,11 +553,11 @@ ServerCvc AutofillWalletCvcStructDataFro
base::StringToInt64(wallet_credential_specifics.instrument_id(),
&instrument_id);
- return ServerCvc(
+ return ServerCvc{
instrument_id, base::UTF8ToUTF16(wallet_credential_specifics.cvc()),
base::Time::UnixEpoch() +
base::Milliseconds(wallet_credential_specifics
- .last_updated_time_unix_epoch_millis()));
+ .last_updated_time_unix_epoch_millis())};
}
VirtualCardUsageData VirtualCardUsageDataFromUsageSpecifics(
diff -up chromium-118.0.5993.54/content/browser/webid/idp_network_request_manager.cc.me chromium-118.0.5993.54/content/browser/webid/idp_network_request_manager.cc
--- chromium-118.0.5993.54/content/browser/webid/idp_network_request_manager.cc.me 2023-10-06 13:46:57.287089040 +0200
+++ chromium-118.0.5993.54/content/browser/webid/idp_network_request_manager.cc 2023-10-06 13:47:25.450632156 +0200
@@ -604,7 +604,7 @@ void OnTokenRequestParsed(
if (response_error) {
int error_code = response_error->FindInt(kErrorCodeKey).value_or(0);
GURL error_url = ExtractUrl(*response_error, kErrorUrlKey);
- token_result.error = TokenError(error_code, error_url);
+ token_result.error = TokenError{error_code, error_url};
}
}

@ -136,15 +136,3 @@ diff -up chromium-115.0.5790.102/third_party/dawn/generator/generator_lib.py.me
def preprocess(self, source): def preprocess(self, source):
lines = source.split('\n') lines = source.split('\n')
diff -up chromium-115.0.5790.102/third_party/vulkan-deps/vulkan-tools/src/build-gn/generate_vulkan_layers_json.py.me chromium-115.0.5790.102/third_party/vulkan-deps/vulkan-tools/src/build-gn/generate_vulkan_layers_json.py
diff -up chromium-115.0.5790.102/third_party/vulkan-deps/vulkan-validation-layers/src/build-gn/generate_vulkan_layers_json.py.me chromium-115.0.5790.102/third_party/vulkan-deps/vulkan-validation-layers/src/build-gn/generate_vulkan_layers_json.py
--- chromium-115.0.5790.102/third_party/vulkan-deps/vulkan-validation-layers/src/build-gn/generate_vulkan_layers_json.py.me 2023-07-22 16:02:48.330050088 +0200
+++ chromium-115.0.5790.102/third_party/vulkan-deps/vulkan-validation-layers/src/build-gn/generate_vulkan_layers_json.py 2023-07-22 16:03:02.320023617 +0200
@@ -28,7 +28,6 @@ import platform
import sys
def glob_slash(dirname):
- """Like regular glob but replaces \ with / in returned paths."""
return [s.replace('\\', '/') for s in glob.glob(dirname)]
def main():

@ -0,0 +1,91 @@
commit ed354d00aeda84693611b14baa56a287557a26b5
Author: Munira Tursunova <moonira@google.com>
Date: Tue Sep 12 11:54:48 2023 +0000
Add check for use_system_freetype when importing private freetype header
In [0] the include of private freetype header was added, which caused
build breakage when use_system_freetype=true, see [1].
This CL fixes the breakage by introducing USE_SYSTEM_FREETYPE build flag.
[0] https://chromium-review.googlesource.com/c/chromium/src/+/4717485
[1] https://chromium-review.googlesource.com/c/chromium/src/+/4717485/comments/cdfca7b9_8e61b2e0
Bug: 1429581
Change-Id: I7f7de4cdb2dc46092a91a47d766bedb58ddccb7c
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4843428
Commit-Queue: Munira Tursunova <moonira@google.com>
Reviewed-by: Dominik Röttsches <drott@chromium.org>
Reviewed-by: Rick Byers <rbyers@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1195323}
diff --git a/third_party/BUILD.gn b/third_party/BUILD.gn
index 7b086f95413ff..4ce797ebad722 100644
--- a/third_party/BUILD.gn
+++ b/third_party/BUILD.gn
@@ -2,6 +2,7 @@
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
+import("//build/buildflag_header.gni")
import("//build/config/features.gni")
import("//build/config/freetype/freetype.gni")
import("//third_party/harfbuzz-ng/harfbuzz.gni")
@@ -65,3 +66,8 @@ component("freetype_harfbuzz") {
public_deps += [ "//third_party/harfbuzz-ng:harfbuzz_source" ]
}
}
+
+buildflag_header("freetype_buildflags") {
+ header = "freetype_buildflags.h"
+ flags = [ "USE_SYSTEM_FREETYPE=$use_system_freetype" ]
+}
diff --git a/third_party/blink/renderer/platform/BUILD.gn b/third_party/blink/renderer/platform/BUILD.gn
index 591d2f939605b..f6a2cd2168d1e 100644
--- a/third_party/blink/renderer/platform/BUILD.gn
+++ b/third_party/blink/renderer/platform/BUILD.gn
@@ -1717,6 +1717,7 @@ component("platform") {
"//services/viz/public/cpp/gpu",
"//skia",
"//skia:skcms",
+ "//third_party:freetype_buildflags",
"//third_party:freetype_harfbuzz",
"//third_party/abseil-cpp:absl",
"//third_party/blink/public:image_resources",
diff --git a/third_party/blink/renderer/platform/fonts/simple_font_data.cc b/third_party/blink/renderer/platform/fonts/simple_font_data.cc
index abe06f35c14a5..b2bfd88f0d85d 100644
--- a/third_party/blink/renderer/platform/fonts/simple_font_data.cc
+++ b/third_party/blink/renderer/platform/fonts/simple_font_data.cc
@@ -48,7 +48,7 @@
#include "third_party/blink/renderer/platform/wtf/math_extras.h"
#include "third_party/blink/renderer/platform/wtf/text/character_names.h"
#include "third_party/blink/renderer/platform/wtf/text/unicode.h"
-#include "third_party/freetype/src/src/autofit/afws-decl.h"
+#include "third_party/freetype_buildflags.h"
#include "third_party/skia/include/core/SkFontMetrics.h"
#include "third_party/skia/include/core/SkPath.h"
#include "third_party/skia/include/core/SkTypeface.h"
@@ -57,12 +57,22 @@
#include "ui/gfx/geometry/skia_conversions.h"
#include "v8/include/v8.h"
+#if !BUILDFLAG(USE_SYSTEM_FREETYPE)
+#include "third_party/freetype/src/src/autofit/afws-decl.h"
+#endif
+
namespace blink {
constexpr float kSmallCapsFontSizeMultiplier = 0.7f;
constexpr float kEmphasisMarkFontSizeMultiplier = 0.5f;
+
+#if !BUILDFLAG(USE_SYSTEM_FREETYPE)
constexpr int32_t kFontObjectsMemoryConsumption =
std::max(sizeof(AF_LatinMetricsRec), sizeof(AF_CJKMetricsRec));
+#else
+// sizeof(AF_LatinMetricsRec) = 2128
+constexpr int32_t kFontObjectsMemoryConsumption = 2128;
+#endif
SimpleFontData::SimpleFontData(const FontPlatformData& platform_data,
scoped_refptr<CustomFontData> custom_data,

@ -248,7 +248,7 @@
%endif %endif
Name: chromium%{chromium_channel} Name: chromium%{chromium_channel}
Version: 117.0.5938.149 Version: 118.0.5993.70
Release: 1%{?dist}.inferit Release: 1%{?dist}.inferit
Summary: A WebKit (Blink) powered web browser that Google doesn't want you to use Summary: A WebKit (Blink) powered web browser that Google doesn't want you to use
Url: http://www.chromium.org/Home Url: http://www.chromium.org/Home
@ -334,10 +334,14 @@ Patch106: chromium-98.0.4758.80-epel7-erase-fix.patch
# Add additional operator== to make el7 happy. # Add additional operator== to make el7 happy.
Patch107: chromium-99.0.4844.51-el7-extra-operator.patch Patch107: chromium-99.0.4844.51-el7-extra-operator.patch
# old v4l2 on el7
Patch108: chromium-118-el7_v4l2_quantization.patch
# workaround for clang bug on el7 # workaround for clang bug on el7
Patch109: chromium-114-wireless-el7.patch Patch109: chromium-114-wireless-el7.patch
Patch110: chromium-115-buildflag-el7.patch Patch110: chromium-115-buildflag-el7.patch
Patch113: chromium-118-dma_buf_export_sync_file-conflict.patch
# system ffmpeg # system ffmpeg
Patch114: chromium-107-ffmpeg-duration.patch Patch114: chromium-107-ffmpeg-duration.patch
Patch115: chromium-107-proprietary-codecs.patch Patch115: chromium-107-proprietary-codecs.patch
@ -349,38 +353,32 @@ Patch117: chromium-108-ffmpeg-revert-new-channel-layout-api.patch
# revert AV1 VAAPI video encode due to old libva on el9 # revert AV1 VAAPI video encode due to old libva on el9
Patch130: chromium-114-revert-av1enc-el9.patch Patch130: chromium-114-revert-av1enc-el9.patch
# fixes for old clang version in fedora < 38 end epel # fixes for old clang version in fedora < 38 end epel (old clang <= 15)
# compiler build errors, no matching constructor for initialization # compiler build errors, no matching constructor for initialization
Patch300: chromium-117-no_matching_constructor.patch Patch300: chromium-118-no_matching_constructor.patch
Patch301: chromium-115-compiler-SkColor4f.patch Patch301: chromium-115-compiler-SkColor4f.patch
# workaround for clang bug, https://github.com/llvm/llvm-project/issues/57826 # workaround for clang bug, https://github.com/llvm/llvm-project/issues/57826
Patch302: chromium-117-workaround_clang_bug-structured_binding.patch Patch302: chromium-118-workaround_clang_bug-structured_binding.patch
# missing typename # missing typename
Patch303: chromium-117-typename.patch Patch303: chromium-117-typename.patch
# compiler error with c++20
Patch304: chromium-117-emplace_back_on_vector-c++20.patch
# error: invalid operands to binary expression # error: invalid operands to binary expression
Patch305: chromium-117-string-convert.patch Patch304: chromium-117-string-convert.patch
# disable memory tagging for epel8 on aarch64 due to new feature IFUNC-Resolver not supported # disable memory tagging for epel8 on aarch64 due to new feature IFUNC-Resolver not supported
# in old glibc < 2.30, error: fatal error: 'sys/ifunc.h' file not found # in old glibc < 2.30, error: fatal error: 'sys/ifunc.h' file not found
Patch306: chromium-116-arm64-memory_tagging.patch Patch306: chromium-118-arm64-memory_tagging.patch
# missing include header files # missing include header files
Patch310: chromium-117-missing-header-files.patch Patch310: chromium-118-missing-header-files.patch
# clang warnings # clang warnings
Patch311: chromium-115-clang-warnings.patch Patch311: chromium-115-clang-warnings.patch
# imp module is removed in python-3.12 in fedora 39 and newer # imp module is removed in python-3.12 in fedora 39 and newer
Patch312: chromium-117-python-3.12-deprecated.patch Patch312: chromium-118-python-3.12-deprecated.patch
# Tweak about:gpu, Add dark mode support
Patch350: chromium-116-tweak_about_gpu.patch
# build error # build error
Patch351: chromium-117-mnemonic-error.patch Patch351: chromium-117-mnemonic-error.patch
@ -392,6 +390,7 @@ Patch352: chromium-117-workaround_for_crash_on_BTI_capable_system.patch
# upstream patches # upstream patches
Patch400: chromium-117-memory_leak_in_xserver.patch Patch400: chromium-117-memory_leak_in_xserver.patch
Patch401: chromium-118-use_system_freetype.patch
# Yandex Search by default # Yandex Search by default
Patch500: 0001-Yandex-as-default-search-engine.patch Patch500: 0001-Yandex-as-default-search-engine.patch
@ -984,10 +983,15 @@ udev.
%patch -P105 -p1 -b .el7-old-libdrm %patch -P105 -p1 -b .el7-old-libdrm
%patch -P106 -p1 -b .el7-erase-fix %patch -P106 -p1 -b .el7-erase-fix
%patch -P107 -p1 -b .el7-extra-operator-equalequal %patch -P107 -p1 -b .el7-extra-operator-equalequal
%patch -P108 -p1 -b .el7_v4l2_quantization
%patch -P109 -p1 -b .wireless %patch -P109 -p1 -b .wireless
%patch -P110 -p1 -b .buildflag-el7 %patch -P110 -p1 -b .buildflag-el7
%endif %endif
%if 0%{?rhel} == 8 || 0%{?rhel} == 9
%patch -P113 -p1 -b .dma_buf_export_sync_file-conflict
%endif
%if 0%{?rhel} == 9 %if 0%{?rhel} == 9
%patch -P130 -p1 -b .revert-av1enc %patch -P130 -p1 -b .revert-av1enc
%endif %endif
@ -998,8 +1002,7 @@ udev.
%patch -P301 -p1 -b .workaround_clang-SkColor4f %patch -P301 -p1 -b .workaround_clang-SkColor4f
%patch -P302 -p1 -b .workaround_clang_bug-structured_binding %patch -P302 -p1 -b .workaround_clang_bug-structured_binding
%patch -P303 -p1 -b .typename %patch -P303 -p1 -b .typename
%patch -P304 -p1 -b .emplace_back_on_vector-c++20 %patch -P304 -p1 -b .string-convert
%patch -P305 -p1 -b .string-convert
%endif %endif
%endif %endif
@ -1015,7 +1018,6 @@ udev.
%patch -P312 -p1 -b .python-3.12-deprecated %patch -P312 -p1 -b .python-3.12-deprecated
%endif %endif
%patch -P350 -p1 -b .tweak_about_gpu
%patch -P351 -p1 -b .mnemonic-error %patch -P351 -p1 -b .mnemonic-error
%if %{disable_bti} %if %{disable_bti}
@ -1023,6 +1025,7 @@ udev.
%endif %endif
%patch -P400 -p1 -b .memory_leak_in_xserve %patch -P400 -p1 -b .memory_leak_in_xserve
%patch -P401 -p1 -b .use_system_freetype
%patch -P500 -p1 -b .Yandex-as-default-search-engine %patch -P500 -p1 -b .Yandex-as-default-search-engine
%patch -P501 -p1 -b .Added-Russian-description-and-summary-for-gnome-soft %patch -P501 -p1 -b .Added-Russian-description-and-summary-for-gnome-soft
@ -1724,6 +1727,24 @@ getent group chrome-remote-desktop >/dev/null || groupadd -r chrome-remote-deskt
%{chromium_path}/chromedriver %{chromium_path}/chromedriver
%changelog %changelog
* Thu Oct 12 2023 Arkady L. Shane <tigro@msvsphere-os.ru> - 118.0.5993.70-1.inferit
- Update to 118.0.5993.70
- CVE-2023-5218: Use after free in Site Isolation.
- CVE-2023-5487: Inappropriate implementation in Fullscreen.
- CVE-2023-5484: Inappropriate implementation in Navigation.
- CVE-2023-5475: Inappropriate implementation in DevTools.
- CVE-2023-5483: Inappropriate implementation in Intents.
- CVE-2023-5481: Inappropriate implementation in Downloads.
- CVE-2023-5476: Use after free in Blink History.
- CVE-2023-5474: Heap buffer overflow in PDF.
- CVE-2023-5479: Inappropriate implementation in Extensions API.
- CVE-2023-5485: Inappropriate implementation in Autofill.
- CVE-2023-5478: Inappropriate implementation in Autofill.
- CVE-2023-5477: Inappropriate implementation in Installer.
- CVE-2023-5486: Inappropriate implementation in Input.
- CVE-2023-5473: Use after free in Cast.
- drop use_gnome_keyring as it's removed by upstream
* Fri Oct 6 2023 Arkady L. Shane <ashejn@msvsphere.ru> - 117.0.5938.149-1.inferit * Fri Oct 6 2023 Arkady L. Shane <ashejn@msvsphere.ru> - 117.0.5938.149-1.inferit
- Update to 117.0.5938.149 - Update to 117.0.5938.149
- fix CVE-2023-5346: Type Confusion in V8 - fix CVE-2023-5346: Type Confusion in V8

Loading…
Cancel
Save