|
|
|
|
@ -82,6 +82,16 @@
|
|
|
|
|
%endif
|
|
|
|
|
%endif
|
|
|
|
|
|
|
|
|
|
# Workaround for https://bugzilla.redhat.com/show_bug.cgi?id=2239523
|
|
|
|
|
# Disable BTI until this is fixed upstream.
|
|
|
|
|
%global disable_bti 0
|
|
|
|
|
%ifarch aarch64
|
|
|
|
|
%if 0%{?fedora}
|
|
|
|
|
%global optflags %(echo %{optflags} | sed 's/-mbranch-protection=standard /-mbranch-protection=pac-ret /')
|
|
|
|
|
%global disable_bti 1
|
|
|
|
|
%endif
|
|
|
|
|
%endif
|
|
|
|
|
|
|
|
|
|
# Seems like we might need this sometimes
|
|
|
|
|
# Practically, no. But it's here in case we do.
|
|
|
|
|
%global use_gold 0
|
|
|
|
|
@ -238,7 +248,7 @@
|
|
|
|
|
%endif
|
|
|
|
|
|
|
|
|
|
Name: chromium%{chromium_channel}
|
|
|
|
|
Version: 117.0.5938.132
|
|
|
|
|
Version: 117.0.5938.149
|
|
|
|
|
Release: 1%{?dist}
|
|
|
|
|
Summary: A WebKit (Blink) powered web browser that Google doesn't want you to use
|
|
|
|
|
Url: http://www.chromium.org/Home
|
|
|
|
|
@ -377,6 +387,11 @@ Patch350: chromium-116-tweak_about_gpu.patch
|
|
|
|
|
# build error
|
|
|
|
|
Patch351: chromium-117-mnemonic-error.patch
|
|
|
|
|
|
|
|
|
|
# Workaround for https://bugzilla.redhat.com/show_bug.cgi?id=2239523
|
|
|
|
|
# https://bugs.chromium.org/p/chromium/issues/detail?id=1145581#c60
|
|
|
|
|
# Disable BTI until this is fixed upstream.
|
|
|
|
|
Patch352: chromium-117-workaround_for_crash_on_BTI_capable_system.patch
|
|
|
|
|
|
|
|
|
|
# upstream patches
|
|
|
|
|
Patch400: chromium-117-memory_leak_in_xserver.patch
|
|
|
|
|
|
|
|
|
|
@ -992,6 +1007,10 @@ udev.
|
|
|
|
|
%patch -P350 -p1 -b .tweak_about_gpu
|
|
|
|
|
%patch -P351 -p1 -b .mnemonic-error
|
|
|
|
|
|
|
|
|
|
%if %{disable_bti}
|
|
|
|
|
%patch -P352 -p1 -b .workaround_for_crash_on_BTI_capable_system
|
|
|
|
|
%endif
|
|
|
|
|
|
|
|
|
|
%patch -P400 -p1 -b .memory_leak_in_xserver
|
|
|
|
|
|
|
|
|
|
# Change shebang in all relevant files in this directory and all subdirectories
|
|
|
|
|
@ -1192,10 +1211,6 @@ CHROMIUM_BROWSER_GN_DEFINES+=' media_use_openh264=false'
|
|
|
|
|
CHROMIUM_BROWSER_GN_DEFINES+=' rtc_use_h264=false'
|
|
|
|
|
CHROMIUM_BROWSER_GN_DEFINES+=' use_kerberos=true'
|
|
|
|
|
|
|
|
|
|
%if 0%{?rhel} == 8
|
|
|
|
|
CHROMIUM_BROWSER_GN_DEFINES+=' use_gnome_keyring=false use_glib=true'
|
|
|
|
|
%endif
|
|
|
|
|
|
|
|
|
|
%if %{use_qt}
|
|
|
|
|
CHROMIUM_BROWSER_GN_DEFINES+=' use_qt=true'
|
|
|
|
|
%else
|
|
|
|
|
@ -1687,6 +1702,13 @@ getent group chrome-remote-desktop >/dev/null || groupadd -r chrome-remote-deskt
|
|
|
|
|
%{chromium_path}/chromedriver
|
|
|
|
|
|
|
|
|
|
%changelog
|
|
|
|
|
* Thu Oct 05 2023 Than Ngo <than@redhat.com> - 117.0.5938.149-1
|
|
|
|
|
- update to 117.0.5938.149
|
|
|
|
|
- fix CVE-2023-5346: Type Confusion in V8
|
|
|
|
|
|
|
|
|
|
* Fri Sep 29 2023 Than Ngo <than@redhat.com> - 117.0.5938.132-2
|
|
|
|
|
- add workaround for the crash on BTI capable system
|
|
|
|
|
|
|
|
|
|
* Thu Sep 28 2023 Than Ngo <than@redhat.com> - 117.0.5938.132-1
|
|
|
|
|
- update to 117.0.5938.132
|
|
|
|
|
- CVE-2023-5217, heap buffer overflow in vp8 encoding in libvpx.
|
|
|
|
|
|
Than Ngo
1 year ago