- update to 121.0.6167.85

* High CVE-2024-0807: Use after free in WebAudio
  * High CVE-2024-0812: Inappropriate implementation in Accessibility
  * High CVE-2024-0808: Integer underflow in WebUI
  * Medium CVE-2024-0810: Insufficient policy enforcement in DevTools
  * Medium CVE-2024-0814: Incorrect security UI in Payments
  * Medium CVE-2024-0813: Use after free in Reading Mode
  * Medium CVE-2024-0806: Use after free in Passwords
  * Medium CVE-2024-0805: Inappropriate implementation in Downloads
  * Medium CVE-2024-0804: Insufficient policy enforcement in iOS Security UI
  * Low CVE-2024-0811: Inappropriate implementation in Extensions API
  * Low CVE-2024-0809: Inappropriate implementation in Autofill

chromium-121-el7-default-constructor-involving-anonymous-union.patch

@@ -10,3 +10,15 @@ diff -up chromium-121.0.6167.57/content/browser/interest_group/header_direct_fro
  
  HeaderDirectFromSellerSignals::Result::Result(
      absl::optional<std::string> seller_signals,
+diff -up chromium-121.0.6167.57/components/variations/service/ui_string_overrider.cc.me chromium-121.0.6167.57/components/variations/service/ui_string_overrider.cc
+--- chromium-121.0.6167.57/components/variations/service/ui_string_overrider.cc.me	2024-01-24 08:07:50.191188397 +0100
++++ chromium-121.0.6167.57/components/variations/service/ui_string_overrider.cc	2024-01-24 08:08:55.905676634 +0100
+@@ -12,7 +12,7 @@
+ 
+ namespace variations {
+ 
+-UIStringOverrider::UIStringOverrider() = default;
++UIStringOverrider::UIStringOverrider() {}
+ 
+ UIStringOverrider::UIStringOverrider(base::span<const uint32_t> resource_hashes,
+                                      base::span<const int> resource_indices)

chromium.spec

@@ -291,7 +291,7 @@
 %endif
 
 Name:	chromium%{chromium_channel}
-Version: 121.0.6167.71
+Version: 121.0.6167.85
 Release: 1%{?dist}
 Summary: A WebKit (Blink) powered web browser that Google doesn't want you to use
 Url: http://www.chromium.org/Home
@@ -1802,6 +1802,20 @@ getent group chrome-remote-desktop >/dev/null || groupadd -r chrome-remote-deskt
 %{chromium_path}/chromedriver
 
 %changelog
+* Wed Jan 24 2024 Than Ngo <than@redhat.com> - 121.0.6167.85-1
+- update to 121.0.6167.85
+  * High CVE-2024-0807: Use after free in WebAudio
+  * High CVE-2024-0812: Inappropriate implementation in Accessibility
+  * High CVE-2024-0808: Integer underflow in WebUI
+  * Medium CVE-2024-0810: Insufficient policy enforcement in DevTools
+  * Medium CVE-2024-0814: Incorrect security UI in Payments
+  * Medium CVE-2024-0813: Use after free in Reading Mode
+  * Medium CVE-2024-0806: Use after free in Passwords
+  * Medium CVE-2024-0805: Inappropriate implementation in Downloads
+  * Medium CVE-2024-0804: Insufficient policy enforcement in iOS Security UI
+  * Low CVE-2024-0811: Inappropriate implementation in Extensions API
+  * Low CVE-2024-0809: Inappropriate implementation in Autofill
+
 * Tue Jan 23 2024 Than Ngo <than@redhat.com> - 121.0.6167.71-1
 - update to 121.0.6167.71
 

sources

@@ -2,4 +2,4 @@ SHA512 (node-v20.6.1-linux-arm64.tar.xz) = adfcaf2c22614797fd69fb46d94c1cbf64dea
 SHA512 (node-v20.6.1-linux-x64.tar.xz) = 7e15c05041a9a50f0046266aadb2e092a5aefbec19be1c7c809471add520cb57c7df3c47d88b1888b29bf2979dca3c92adddfd965370fa2a9da4ea02186464fd
 SHA512 (linux-arm64-0.19.2.tgz) = 8a0d8fec6786fffcd6954d00820037a55d61e60762c74300df0801f8db27057562c221a063bedfb8df56af9ba80abb366336987e881782c5996e6f871abd3dc6
 SHA512 (linux-x64-0.19.2.tgz) = a31cc74c4bfa54f9b75d735a1cfc944d3b5efb7c06bfba9542da9a642ae0b2d235ea00ae84d3ad0572c406405110fe7b61377af0fd15803806ef78d20fc6f05d
-SHA512 (chromium-121.0.6167.71-clean.tar.xz) = be9ef1298b6f45f0b9d04fa2315b7f2bb0af40708143602da46a898426994e03e32ef52135e7ac1dd234fa13a3976baccdf268fb7d5f8134693922f73e5681aa
+SHA512 (chromium-121.0.6167.85-clean.tar.xz) = 9c5a45a51c97d262db0d5a016e2c0432d00465eca1d842cecec0855b8c78afd070b38fff30fd10e14a27a16a52a820175b1098f977ce4fdf2e3e633e5ce7fb49