import chromium-125.0.6422.141-1.el9

i9ce changed/i9ce/chromium-125.0.6422.141-1.el9
MSVSphere Packaging Team 7 months ago
parent 92dc475bdd
commit ae97dda27a

@ -1,3 +1,3 @@
0396fc951cb2fe7b9b4a572d66433ac59e6df24d SOURCES/chromium-125.0.6422.112-clean.tar.xz 6eed516c8166d4a3e9865cb54ab5948d2bbb3a95 SOURCES/chromium-125.0.6422.141-clean.tar.xz
7e5d2c7864c5c83ec789b59c77cd9c20d2594916 SOURCES/linux-arm64-0.19.2.tgz 7e5d2c7864c5c83ec789b59c77cd9c20d2594916 SOURCES/linux-arm64-0.19.2.tgz
dea187019741602d57aaf189a80abba261fbd2aa SOURCES/linux-x64-0.19.2.tgz dea187019741602d57aaf189a80abba261fbd2aa SOURCES/linux-x64-0.19.2.tgz

2
.gitignore vendored

@ -1,3 +1,3 @@
SOURCES/chromium-125.0.6422.112-clean.tar.xz SOURCES/chromium-125.0.6422.141-clean.tar.xz
SOURCES/linux-arm64-0.19.2.tgz SOURCES/linux-arm64-0.19.2.tgz
SOURCES/linux-x64-0.19.2.tgz SOURCES/linux-x64-0.19.2.tgz

@ -1,5 +1,5 @@
#!/usr/bin/python3 #!/usr/bin/python3
# Copyright 2021-2023, Than Ngo <than@redhat.com> # Copyright 2021-2024, Than Ngo <than@redhat.com>
# Copyright 2010,2015-2019 Tom Callaway <tcallawa@redhat.com> # Copyright 2010,2015-2019 Tom Callaway <tcallawa@redhat.com>
# Copyright 2013-2016 Tomas Popela <tpopela@redhat.com> # Copyright 2013-2016 Tomas Popela <tpopela@redhat.com>
# Permission is hereby granted, free of charge, to any person obtaining # Permission is hereby granted, free of charge, to any person obtaining
@ -335,6 +335,8 @@ if __name__ == '__main__':
if (args.ffmpegclean): if (args.ffmpegclean):
print("Cleaning ffmpeg from proprietary things...") print("Cleaning ffmpeg from proprietary things...")
os.system("./clean_ffmpeg.sh %s %d" % (latest_dir, 0 if args.ffmpegarm else 1)) os.system("./clean_ffmpeg.sh %s %d" % (latest_dir, 0 if args.ffmpegarm else 1))
print("Cleaning openh264 from proprietary things...")
os.system("find %s/third_party/openh264/src -type f -not -name '*.h' -delete " % latest_dir)
print("Done!") print("Done!")
if (not args.prep): if (not args.prep):

@ -1,3 +1,48 @@
# system wide chromium flags # system wide chromium flags
# GRAPHIC_DRIVER=[amd|intel|nvidia|default]
GRAPHIC_DRIVER=default
# WEB_DARKMODE=[on|off]
WEB_DARKMODE=off
CHROMIUM_FLAGS="" CHROMIUM_FLAGS=""
CHROMIUM_FLAGS+=" --use-gl=angle --use-angle=gl --enable-features=VaapiVideoEncoder,VaapiVideoDecodeLinuxGL" CHROMIUM_FLAGS+=" --enable-native-gpu-memory-buffers"
CHROMIUM_FLAGS+=" --enable-gpu-memory-buffer-video-frames"
CHROMIUM_FLAGS+=" --enable-zero-copy"
CHROMIUM_FLAGS+=" --ignore-gpu-blocklist --disable-gpu-driver-bug-workaround"
CHROMIUM_FLAGS+=" --enable-chrome-browser-cloud-management"
FEATURES=""
case "$GRAPHIC_DRIVER" in
amd)
# Need new mesa with AMD multi planes support, is not yet supported in fedora
# see https://gitlab.freedesktop.org/mesa/mesa/-/merge_requests/26165
CHROMIUM_FLAGS+=" --use-gl=angle --use-angle=vulkan --enable-accelerated-video-decode"
FEATURES+="Vulkan,VulkanFromANGLE,DefaultANGLEVulkan,VaapiIgnoreDriverChecks,VaapiVideoDecoder,UseMultiPlaneFormatForHardwareVideo"
;;
nvidia)
# The NVIDIA VaAPI drivers are known to not support Chromium
# see https://crbug.com/1492880. This feature switch is
# provided for developers to test VaAPI drivers on NVIDIA GPUs
CHROMIUM_FLAGS+=" --use-gl=angle --use-angle=gl"
FEATURES+="VaapiVideoDecodeLinuxGL,VaapiVideoEncoder,VaapiOnNvidiaGPUs"
;;
intel)
CHROMIUM_FLAGS+=" --use-gl=angle --use-angle=gl"
FEATURES+="VaapiVideoEncoder,VaapiVideoDecodeLinuxGL"
;;
*)
CHROMIUM_FLAGS+=" --use-gl=angle --use-angle=gl"
FEATURES+="VaapiVideoEncoder,VaapiVideoDecodeLinuxGL"
;;
esac
# Web Dark mode
if [ "$WEB_DARKMODE" == "on" ] ; then
darktype="WebContentsForceDark:inversion_method/cielab_based/image_behavior/none/foreground_lightness_threshold/150/background_lightness_threshold/205"
FEATURES+=",$darktype"
fi
CHROMIUM_FLAGS+=" --enable-features=$FEATURES"

@ -99,6 +99,10 @@
%endif %endif
%endif %endif
%if 0%{?fedora} >= 40
%global noopenh264 1
%endif
# Workaround for https://bugzilla.redhat.com/show_bug.cgi?id=2239523 # Workaround for https://bugzilla.redhat.com/show_bug.cgi?id=2239523
# Disable BTI until this is fixed upstream. # Disable BTI until this is fixed upstream.
%global disable_bti 0 %global disable_bti 0
@ -179,6 +183,11 @@
%endif %endif
%endif %endif
%ifarch ppc64le
# workaround for a bug in new llvm on f40/rawhide (ppc64le)
%global cfi 0
%endif
# set correct toolchain # set correct toolchain
%if %{clang} %if %{clang}
%global toolchain clang %global toolchain clang
@ -306,7 +315,7 @@
%endif %endif
Name: chromium%{chromium_channel} Name: chromium%{chromium_channel}
Version: 125.0.6422.112 Version: 125.0.6422.141
Release: 1%{?dist} Release: 1%{?dist}
Summary: A WebKit (Blink) powered web browser that Google doesn't want you to use Summary: A WebKit (Blink) powered web browser that Google doesn't want you to use
Url: http://www.chromium.org/Home Url: http://www.chromium.org/Home
@ -646,6 +655,10 @@ Conflicts: ffmpeg-libs%{_isa} < 6.0.1-2
%endif %endif
%endif %endif
%if 0%{?noopenh264}
BuildRequires: pkgconfig(openh264)
%endif
# build with system libaom # build with system libaom
%if ! %{bundlelibaom} %if ! %{bundlelibaom}
BuildRequires: libaom-devel BuildRequires: libaom-devel
@ -674,9 +687,7 @@ BuildRequires: pkgconfig(Qt6Core)
BuildRequires: pkgconfig(Qt6Widgets) BuildRequires: pkgconfig(Qt6Widgets)
%endif %endif
%if %{cfi}
BuildRequires: compiler-rt BuildRequires: compiler-rt
%endif
%if ! %{bundleharfbuzz} %if ! %{bundleharfbuzz}
BuildRequires: harfbuzz-devel >= 2.4.0 BuildRequires: harfbuzz-devel >= 2.4.0
@ -1471,7 +1482,7 @@ sed -i 's|OFFICIAL_BUILD|GOOGLE_CHROME_BUILD|g' tools/generate_shim_headers/gene
CHROMIUM_CORE_GN_DEFINES+=' chrome_pgo_phase=0' CHROMIUM_CORE_GN_DEFINES+=' chrome_pgo_phase=0'
%if ! %{cfi} %if ! %{cfi}
CHROMIUM_CORE_GN_DEFINES+=' is_cfi=false' CHROMIUM_CORE_GN_DEFINES+=' is_cfi=false use_thin_lto=false'
%endif %endif
%if %{useapikey} %if %{useapikey}
@ -1539,8 +1550,14 @@ CHROMIUM_BROWSER_GN_DEFINES+=' ffmpeg_branding="Chrome" proprietary_codecs=true
%else %else
CHROMIUM_BROWSER_GN_DEFINES+=' ffmpeg_branding="Chromium" proprietary_codecs=false is_component_ffmpeg=false enable_ffmpeg_video_decoders=false media_use_ffmpeg=true' CHROMIUM_BROWSER_GN_DEFINES+=' ffmpeg_branding="Chromium" proprietary_codecs=false is_component_ffmpeg=false enable_ffmpeg_video_decoders=false media_use_ffmpeg=true'
%endif %endif
# link against noopenh264 library
%if 0%{?noopenh264}
CHROMIUM_BROWSER_GN_DEFINES+=' media_use_openh264=true'
CHROMIUM_BROWSER_GN_DEFINES+=' rtc_use_h264=true'
%else
CHROMIUM_BROWSER_GN_DEFINES+=' media_use_openh264=false' CHROMIUM_BROWSER_GN_DEFINES+=' media_use_openh264=false'
CHROMIUM_BROWSER_GN_DEFINES+=' rtc_use_h264=false' CHROMIUM_BROWSER_GN_DEFINES+=' rtc_use_h264=false'
%endif
CHROMIUM_BROWSER_GN_DEFINES+=' use_kerberos=true' CHROMIUM_BROWSER_GN_DEFINES+=' use_kerberos=true'
%if %{use_qt} %if %{use_qt}
@ -1699,6 +1716,9 @@ system_libs=()
%if ! %{bundleflac} %if ! %{bundleflac}
system_libs+=(flac) system_libs+=(flac)
%endif %endif
%if 0%{?noopenh264}
system_libs+=(openh264)
%endif
build/linux/unbundle/replace_gn_files.py --system-libraries ${system_libs[@]} build/linux/unbundle/replace_gn_files.py --system-libraries ${system_libs[@]}
@ -2107,6 +2127,24 @@ getent group chrome-remote-desktop >/dev/null || groupadd -r chrome-remote-deskt
%endif %endif
%changelog %changelog
* Fri May 31 2024 Than Ngo <than@redhat.com> - 125.0.6422.141-1
- update to 125.0.6422.141
* High CVE-2024-5493: Heap buffer overflow in WebRTC
* High CVE-2024-5494: Use after free in Dawn
* High CVE-2024-5495: Use after free in Dawn
* High CVE-2024-5496: Use after free in Media Session
* High CVE-2024-5497: Out of bounds memory access in Keyboard Inputs
* High CVE-2024-5498: Use after free in Presentation API
* High CVE-2024-5499: Out of bounds write in Streams API
- fixed rhbz#2264332 - Chromium is unable to send/receive video on MS Teams
- cleanup chromium.conf
* Wed May 29 2024 Than Ngo <than@redhat.com> - 125.0.6422.112-3
- build against noopenh264
* Tue May 28 2024 Than Ngo <than@redhat.com> - 125.0.6422.112-2
- Workaround for build error on pp64le
* Sun May 26 2024 Than Ngo <than@redhat.com> - 125.0.6422.112-1 * Sun May 26 2024 Than Ngo <than@redhat.com> - 125.0.6422.112-1
- update to 125.0.6422.112 - update to 125.0.6422.112
* High CVE-2024-5274: Type Confusion in V8 * High CVE-2024-5274: Type Confusion in V8

Loading…
Cancel
Save