From c026ffc7d8caff95801604c1c6693b8b0d51406f Mon Sep 17 00:00:00 2001 From: tigro Date: Sun, 3 Nov 2024 09:34:11 +0300 Subject: [PATCH] - update to 130.0.6723.91 * Critical CVE-2024-10487: Out of bounds write in Dawn * High CVE-2024-10488: Use after free in WebRTC --- .chromium.metadata | 2 +- .gitignore | 2 +- SPECS/chromium.spec | 7 ++++++- 3 files changed, 8 insertions(+), 3 deletions(-) diff --git a/.chromium.metadata b/.chromium.metadata index f3ec50ce..0b802ecc 100644 --- a/.chromium.metadata +++ b/.chromium.metadata @@ -1,4 +1,4 @@ -7b7d772454e7341c5f8e74587b25ce27025f84a8 SOURCES/chromium-130.0.6723.69.tar.xz +7e8cb77c981b633d158326c6b170ca6e6b93075b SOURCES/chromium-130.0.6723.91.tar.xz ccd15016324e640c40f6fc01ab076dc52196ea54 SOURCES/msspi-e91bd46306cc7044b2903cd07b788c13c36481e3.tar.xz 6445256b9e87e59aeec1f486174a27a15f6caa2c SOURCES/Chromium-Gost-7706f212673c41cdc1df94f95710358598c119f3.tar.xz dea187019741602d57aaf189a80abba261fbd2aa SOURCES/linux-x64-0.19.2.tgz diff --git a/.gitignore b/.gitignore index 904811d1..59b8d3b3 100644 --- a/.gitignore +++ b/.gitignore @@ -1,4 +1,4 @@ -SOURCES/chromium-130.0.6723.69.tar.xz +SOURCES/chromium-130.0.6723.91.tar.xz SOURCES/linux-x64-0.19.2.tgz SOURCES/linux-arm64-0.19.2.tgz SOURCES/node-v20.6.1-linux-x64.tar.xz diff --git a/SPECS/chromium.spec b/SPECS/chromium.spec index 7c912fa0..00e7080b 100644 --- a/SPECS/chromium.spec +++ b/SPECS/chromium.spec @@ -313,7 +313,7 @@ %endif Name: chromium%{chromium_channel} -Version: 130.0.6723.69 +Version: 130.0.6723.91 Release: 1%{?dist}.inferit Summary: A WebKit (Blink) powered web browser that Google doesn't want you to use Url: http://www.chromium.org/Home @@ -2111,6 +2111,11 @@ getent group chrome-remote-desktop >/dev/null || groupadd -r chrome-remote-deskt %endif %changelog +* Thu Oct 31 2024 Arkady L. Shane - 130.0.6723.91-1.inferit +- update to 130.0.6723.91 + * Critical CVE-2024-10487: Out of bounds write in Dawn + * High CVE-2024-10488: Use after free in WebRTC + * Wed Oct 23 2024 Arkady L. Shane - 130.0.6723.69-1.inferit - update to 130.0.6723.69 * High CVE-2024-10229: Inappropriate implementation in Extensions