diff --git a/0002-third_party-libvpx-Remove-bad-ppc64-config.patch b/0002-third_party-libvpx-Remove-bad-ppc64-config.patch index 6b655bd9..585d4b8f 100644 --- a/0002-third_party-libvpx-Remove-bad-ppc64-config.patch +++ b/0002-third_party-libvpx-Remove-bad-ppc64-config.patch @@ -1,7 +1,6 @@ -Index: chromium-130.0.6723.44/third_party/libvpx/source/config/linux/ppc64/vp8_rtcd.h -=================================================================== ---- chromium-130.0.6723.44.orig/third_party/libvpx/source/config/linux/ppc64/vp8_rtcd.h -+++ /dev/null +diff -Nur chromium-131.0.6778.69.orig/third_party/libvpx/source/config/linux/ppc64/vp8_rtcd.h chromium-131.0.6778.69/third_party/libvpx/source/config/linux/ppc64/vp8_rtcd.h +--- chromium-131.0.6778.69.orig/third_party/libvpx/source/config/linux/ppc64/vp8_rtcd.h 2024-11-12 22:49:02.000000000 +0100 ++++ chromium-131.0.6778.69/third_party/libvpx/source/config/linux/ppc64/vp8_rtcd.h 1970-01-01 01:00:00.000000000 +0100 @@ -1,330 +0,0 @@ -/* - * Copyright (c) 2024 The WebM project authors. All Rights Reserved. @@ -333,11 +332,10 @@ Index: chromium-130.0.6723.44/third_party/libvpx/source/config/linux/ppc64/vp8_r -#endif - -#endif // VP8_RTCD_H_ -Index: chromium-130.0.6723.44/third_party/libvpx/source/config/linux/ppc64/vp9_rtcd.h -=================================================================== ---- chromium-130.0.6723.44.orig/third_party/libvpx/source/config/linux/ppc64/vp9_rtcd.h -+++ /dev/null -@@ -1,203 +0,0 @@ +diff -Nur chromium-131.0.6778.69.orig/third_party/libvpx/source/config/linux/ppc64/vp9_rtcd.h chromium-131.0.6778.69/third_party/libvpx/source/config/linux/ppc64/vp9_rtcd.h +--- chromium-131.0.6778.69.orig/third_party/libvpx/source/config/linux/ppc64/vp9_rtcd.h 2024-11-12 22:49:02.000000000 +0100 ++++ chromium-131.0.6778.69/third_party/libvpx/source/config/linux/ppc64/vp9_rtcd.h 1970-01-01 01:00:00.000000000 +0100 +@@ -1,206 +0,0 @@ -/* - * Copyright (c) 2024 The WebM project authors. All Rights Reserved. - * @@ -366,6 +364,9 @@ Index: chromium-130.0.6723.44/third_party/libvpx/source/config/linux/ppc64/vp9_r -#include "vp9/common/vp9_enums.h" -#include "vp9/common/vp9_filter.h" -#include "vpx/vpx_integer.h" +-#if !CONFIG_REALTIME_ONLY && CONFIG_VP9_ENCODER +-#include "vp9/encoder/vp9_temporal_filter.h" +-#endif - -struct macroblockd; - @@ -541,10 +542,9 @@ Index: chromium-130.0.6723.44/third_party/libvpx/source/config/linux/ppc64/vp9_r -#endif - -#endif // VP9_RTCD_H_ -Index: chromium-130.0.6723.44/third_party/libvpx/source/config/linux/ppc64/vpx_config.asm -=================================================================== ---- chromium-130.0.6723.44.orig/third_party/libvpx/source/config/linux/ppc64/vpx_config.asm -+++ /dev/null +diff -Nur chromium-131.0.6778.69.orig/third_party/libvpx/source/config/linux/ppc64/vpx_config.asm chromium-131.0.6778.69/third_party/libvpx/source/config/linux/ppc64/vpx_config.asm +--- chromium-131.0.6778.69.orig/third_party/libvpx/source/config/linux/ppc64/vpx_config.asm 2024-11-12 22:49:02.000000000 +0100 ++++ chromium-131.0.6778.69/third_party/libvpx/source/config/linux/ppc64/vpx_config.asm 1970-01-01 01:00:00.000000000 +0100 @@ -1,108 +0,0 @@ -@ This file was created from a .asm file -@ using the ads2gas.pl script. @@ -654,10 +654,9 @@ Index: chromium-130.0.6723.44/third_party/libvpx/source/config/linux/ppc64/vpx_c -.equ DECODE_WIDTH_LIMIT , 16384 -.equ DECODE_HEIGHT_LIMIT , 16384 - .section .note.GNU-stack,"",%progbits -Index: chromium-130.0.6723.44/third_party/libvpx/source/config/linux/ppc64/vpx_config.c -=================================================================== ---- chromium-130.0.6723.44.orig/third_party/libvpx/source/config/linux/ppc64/vpx_config.c -+++ /dev/null +diff -Nur chromium-131.0.6778.69.orig/third_party/libvpx/source/config/linux/ppc64/vpx_config.c chromium-131.0.6778.69/third_party/libvpx/source/config/linux/ppc64/vpx_config.c +--- chromium-131.0.6778.69.orig/third_party/libvpx/source/config/linux/ppc64/vpx_config.c 2024-11-12 22:49:02.000000000 +0100 ++++ chromium-131.0.6778.69/third_party/libvpx/source/config/linux/ppc64/vpx_config.c 1970-01-01 01:00:00.000000000 +0100 @@ -1,10 +0,0 @@ -/* Copyright (c) 2011 The WebM project authors. All Rights Reserved. */ -/* */ @@ -669,10 +668,9 @@ Index: chromium-130.0.6723.44/third_party/libvpx/source/config/linux/ppc64/vpx_c -#include "vpx/vpx_codec.h" -static const char* const cfg = "--target=ppc64le-linux-gcc --enable-external-build --enable-postproc --enable-multi-res-encoding --enable-temporal-denoising --enable-vp9-temporal-denoising --enable-vp9-postproc --size-limit=16384x16384 --enable-realtime-only --disable-install-docs --disable-libyuv --enable-unit-tests"; -const char *vpx_codec_build_config(void) {return cfg;} -Index: chromium-130.0.6723.44/third_party/libvpx/source/config/linux/ppc64/vpx_config.h -=================================================================== ---- chromium-130.0.6723.44.orig/third_party/libvpx/source/config/linux/ppc64/vpx_config.h -+++ /dev/null +diff -Nur chromium-131.0.6778.69.orig/third_party/libvpx/source/config/linux/ppc64/vpx_config.h chromium-131.0.6778.69/third_party/libvpx/source/config/linux/ppc64/vpx_config.h +--- chromium-131.0.6778.69.orig/third_party/libvpx/source/config/linux/ppc64/vpx_config.h 2024-11-12 22:49:02.000000000 +0100 ++++ chromium-131.0.6778.69/third_party/libvpx/source/config/linux/ppc64/vpx_config.h 1970-01-01 01:00:00.000000000 +0100 @@ -1,117 +0,0 @@ -/* Copyright (c) 2011 The WebM project authors. All Rights Reserved. */ -/* */ @@ -791,10 +789,9 @@ Index: chromium-130.0.6723.44/third_party/libvpx/source/config/linux/ppc64/vpx_c -#define DECODE_WIDTH_LIMIT 16384 -#define DECODE_HEIGHT_LIMIT 16384 -#endif /* VPX_CONFIG_H */ -Index: chromium-130.0.6723.44/third_party/libvpx/source/config/linux/ppc64/vpx_dsp_rtcd.h -=================================================================== ---- chromium-130.0.6723.44.orig/third_party/libvpx/source/config/linux/ppc64/vpx_dsp_rtcd.h -+++ /dev/null +diff -Nur chromium-131.0.6778.69.orig/third_party/libvpx/source/config/linux/ppc64/vpx_dsp_rtcd.h chromium-131.0.6778.69/third_party/libvpx/source/config/linux/ppc64/vpx_dsp_rtcd.h +--- chromium-131.0.6778.69.orig/third_party/libvpx/source/config/linux/ppc64/vpx_dsp_rtcd.h 2024-11-12 22:49:02.000000000 +0100 ++++ chromium-131.0.6778.69/third_party/libvpx/source/config/linux/ppc64/vpx_dsp_rtcd.h 1970-01-01 01:00:00.000000000 +0100 @@ -1,2138 +0,0 @@ -/* - * Copyright (c) 2024 The WebM project authors. All Rights Reserved. @@ -2934,10 +2931,9 @@ Index: chromium-130.0.6723.44/third_party/libvpx/source/config/linux/ppc64/vpx_d -#endif - -#endif // VPX_DSP_RTCD_H_ -Index: chromium-130.0.6723.44/third_party/libvpx/source/config/linux/ppc64/vpx_scale_rtcd.h -=================================================================== ---- chromium-130.0.6723.44.orig/third_party/libvpx/source/config/linux/ppc64/vpx_scale_rtcd.h -+++ /dev/null +diff -Nur chromium-131.0.6778.69.orig/third_party/libvpx/source/config/linux/ppc64/vpx_scale_rtcd.h chromium-131.0.6778.69/third_party/libvpx/source/config/linux/ppc64/vpx_scale_rtcd.h +--- chromium-131.0.6778.69.orig/third_party/libvpx/source/config/linux/ppc64/vpx_scale_rtcd.h 2024-11-12 22:49:02.000000000 +0100 ++++ chromium-131.0.6778.69/third_party/libvpx/source/config/linux/ppc64/vpx_scale_rtcd.h 1970-01-01 01:00:00.000000000 +0100 @@ -1,110 +0,0 @@ -/* - * Copyright (c) 2024 The WebM project authors. All Rights Reserved. diff --git a/HACK-debian-clang-disable-base-musttail.patch b/HACK-debian-clang-disable-base-musttail.patch index 0b3d3521..0ccc45bc 100644 --- a/HACK-debian-clang-disable-base-musttail.patch +++ b/HACK-debian-clang-disable-base-musttail.patch @@ -1,13 +1,12 @@ -Index: chromium-128.0.6613.113/base/compiler_specific.h -=================================================================== ---- chromium-128.0.6613.113.orig/base/compiler_specific.h -+++ chromium-128.0.6613.113/base/compiler_specific.h -@@ -88,7 +88,7 @@ - // Can be used only on return statements, even for functions returning void. - // Caller and callee must have the same number of arguments and its types must - // be "similar". --#if defined(__clang__) && HAS_ATTRIBUTE(musttail) -+#if defined(__clang__) && HAS_ATTRIBUTE(musttail) && !defined(__powerpc64__) +diff -up chromium-131.0.6778.69/base/compiler_specific.h.me chromium-131.0.6778.69/base/compiler_specific.h +--- chromium-131.0.6778.69/base/compiler_specific.h.me 2024-11-19 20:44:12.404060581 +0100 ++++ chromium-131.0.6778.69/base/compiler_specific.h 2024-11-19 20:44:54.434121935 +0100 +@@ -152,7 +152,7 @@ + // MUSTTAIL return Func1(d + 1); // `Func1()` will be tail-called. + // } + // ``` +-#if __has_cpp_attribute(clang::musttail) ++#if defined(__clang__) && __has_cpp_attribute(clang::musttail) && !defined(__powerpc64__) #define MUSTTAIL [[clang::musttail]] #else #define MUSTTAIL diff --git a/chromium-131-system-freetype.patch b/chromium-131-system-freetype.patch new file mode 100644 index 00000000..2959690b --- /dev/null +++ b/chromium-131-system-freetype.patch @@ -0,0 +1,13 @@ +diff -up chromium-131.0.6778.69/build/linux/unbundle/freetype.gn.me chromium-131.0.6778.69/build/linux/unbundle/freetype.gn +--- chromium-131.0.6778.69/build/linux/unbundle/freetype.gn.me 2024-11-13 08:48:26.212329841 +0100 ++++ chromium-131.0.6778.69/build/linux/unbundle/freetype.gn 2024-11-13 08:49:03.071985611 +0100 +@@ -11,4 +11,9 @@ declare_args() { + # System FreeType configurations other than as described WILL INTRODUCE TEXT + # RENDERING AND SECURITY REGRESSIONS. + use_system_freetype = true ++ ++ # Use FreeType for font rendering. If this is set to false, FreeType is ++ # replaced with the Rust-based Fontations set of libraries plus Skia ++ # path rendering. ++ enable_freetype = true + } diff --git a/chromium.conf b/chromium.conf index d89ba3cc..fd2405df 100644 --- a/chromium.conf +++ b/chromium.conf @@ -34,7 +34,7 @@ case "$GRAPHIC_DRIVER" in # The NVIDIA VaAPI drivers are known to not support Chromium # see https://crbug.com/1492880. This feature switch is # provided for developers to test VaAPI drivers on NVIDIA GPUs - CHROMIUM_FLAGS+=" --use-gl=angle --use-angle=gl --disable-gpu-compositing" + CHROMIUM_FLAGS+=" --use-gl=angle --use-angle=gl" FEATURES+="VaapiVideoDecodeLinuxGL,VaapiVideoEncoder,VaapiOnNvidiaGPUs" ;; intel) @@ -42,7 +42,7 @@ case "$GRAPHIC_DRIVER" in FEATURES+="VaapiVideoEncoder,VaapiVideoDecodeLinuxGL" ;; *) - CHROMIUM_FLAGS+=" --use-gl=angle --use-angle=gl" + CHROMIUM_FLAGS+=" --use-gl=angle --use-angle=gl --disable-gpu-compositing" FEATURES+="VaapiVideoEncoder,VaapiVideoDecodeLinuxGL" ;; esac diff --git a/chromium.spec b/chromium.spec index 0c06ebef..14a769bf 100644 --- a/chromium.spec +++ b/chromium.spec @@ -145,7 +145,7 @@ %global __requires_exclude ^(%{chromium_path}/.*\\.so|%{chromium_path}/.*\\.so.*)$ # enable|disable use_custom_libcxx -%global use_custom_libcxx 1 +%global use_custom_libcxx 0 # enable|disable control flow integrity support %global cfi 0 @@ -154,9 +154,11 @@ %endif # enable qt backend +%global enable_qt 0 %global use_qt6 0 %global use_qt 0 +%if %{enable_qt} %if 0%{?rhel} > 9 || 0%{?fedora} > 39 %global use_qt6 1 %global use_qt 1 @@ -166,6 +168,7 @@ %global use_qt 1 %endif %endif +%endif # bundle re2, jsoncpp, woff2 - build errors with use_custom_libcxx=true %global bundlere2 1 @@ -187,6 +190,7 @@ %global bundlelibdrm 1 %global bundlefontconfig 1 %global bundleffmpegfree 1 +# openjpeg2, need to update to 2.5.x %global bundlelibopenjpeg2 1 %global bundlelibtiff 1 %global bundlelibxml 1 @@ -212,7 +216,7 @@ # disable bundleminizip for epel and Fedora39 due to old minizip version %global bundleminizip 1 -%if 0%{?fedora} || 0%{?rhel} >= 9 +%if 0%{?fedora} || 0%{?rhel} > 8 %global bundlezstd 0 %global bundlefontconfig 0 %global bundledav1d 0 @@ -223,18 +227,17 @@ %global bundlefreetype 0 %global bundlelibtiff 0 %global bundlelibxml 0 -%if 0%{?rhel} == 9 -# old version, need to update openjpeg to 2.5.x -%global bundlelibopenjpeg2 1 -%global bundlecrc32c 1 -%global bundleharfbuzz 1 -%global bundlebrotli 1 -%global bundlelibwebp 1 -%else +%if 0%{?rhel} > 9 +%global bundlelibopenjpeg2 0 +%global bundleharfbuzz 0 +%global bundlebrotli 0 +%global bundlelibwebp 0 +%endif +%if 0%{?fedora} %global bundlelibopenjpeg2 0 %global bundlecrc32c 0 %global bundleharfbuzz 0 -%global bundlebrotli 0 +%global bundlebrotli 0 %global bundlelibwebp 0 %endif %endif @@ -273,7 +276,7 @@ %endif Name: chromium%{chromium_channel} -Version: 130.0.6723.116 +Version: 131.0.6778.85 Release: 1%{?dist} Summary: A WebKit (Blink) powered web browser that Google doesn't want you to use Url: http://www.chromium.org/Home @@ -306,6 +309,9 @@ Patch91: chromium-108-system-opus.patch # python-3,13, Deprecationwarning: 'count' is passed as positionaö argument Patch100: chromium-128.0.6613.137-python-3.13-warning.patch +# fix build error with system freetype +Patch101: chromium-131-system-freetype.patch + # system ffmpeg # need for old ffmpeg 5.x on epel9 Patch129: chromium-125-ffmpeg-5.x-reordered_opaque.patch @@ -1018,6 +1024,8 @@ Qt6 UI for chromium. %patch -P100 -p1 -b .python-3.13-warning %endif +%patch -P101 -p1 -b .chromium-131-system-freetype + %if ! %{bundleffmpegfree} %if 0%{?rhel} == 9 %patch -P129 -p1 -R -b .ffmpeg-5.x-reordered_opaque @@ -1185,10 +1193,6 @@ sed -i 's|/opt/google/chrome-remote-desktop|%{crd_path}|g' remoting/host/setup/d # bz#2265957, add correct platform sed -i "s/Linux x86_64/Linux %{_arch}/" content/common/user_agent.cc -%if ! %{bundledav1d} -cp -a third_party/dav1d/version/version.h third_party/dav1d/libdav1d/include/dav1d/ -%endif - %build # reduce warnings @@ -1917,6 +1921,21 @@ getent group chrome-remote-desktop >/dev/null || groupadd -r chrome-remote-deskt %endif %changelog +* Wed Nov 20 2024 Than Ngo - 131.0.6778.85-1 +- Update to 131.0.6778.85 + * High CVE-2024-11395: Type Confusion in V8 + +* Tue Nov 12 2024 Than Ngo - 131.0.6778.69-1 +- Update to 131.0.6778.69 + * High CVE-2024-11110: Inappropriate implementation in Blink + * Medium CVE-2024-11111: Inappropriate implementation in Autofill + * Medium CVE-2024-11112: Use after free in Media + * Medium CVE-2024-11113: Use after free in Accessibility + * Medium CVE-2024-11114: Inappropriate implementation in Views + * Medium CVE-2024-11115: Insufficient policy enforcement in Navigation + * Medium CVE-2024-11116: Inappropriate implementation in Paint + * Low CVE-2024-11117: Inappropriate implementation in FileSystem + * Sun Nov 10 2024 Than Ngo - 130.0.6723.116-1 - Update to 130.0.6723.116 * High CVE-2024-10826: Use after free in Family Experience diff --git a/clean_ffmpeg.sh b/clean_ffmpeg.sh index 1fb4b804..07460ce6 100755 --- a/clean_ffmpeg.sh +++ b/clean_ffmpeg.sh @@ -99,7 +99,6 @@ header_files=" libavcodec/x86/inline_asm.h \ libavcodec/get_bits.h \ libavcodec/h263dsp.h \ libavcodec/h264chroma.h \ - libavcodec/hevc.h \ libavcodec/hpeldsp.h \ libavcodec/hwaccels.h \ libavcodec/hwaccel_internal.h \ @@ -126,11 +125,6 @@ header_files=" libavcodec/x86/inline_asm.h \ libavcodec/mpegvideodata.h \ libavcodec/mpegvideoencdsp.h \ libavcodec/options_table.h \ - libavcodec/opus.h \ - libavcodec/opusdsp.h \ - libavcodec/opus_celt.h \ - libavcodec/opus_pvq.h \ - libavcodec/opus_rc.h \ libavcodec/packet.h \ libavcodec/packet_internal.h \ libavcodec/pcm_tablegen.h \ @@ -270,7 +264,6 @@ manual_files=" libavcodec/aarch64/h264pred_neon.S \ libavformat/utils.c \ libavformat/version.c \ libavutil/aarch64/asm.S \ - libavutil/aarch64/bswap.h \ libavutil/aarch64/cpu.c \ libavutil/aarch64/float_dsp_init.c \ libavutil/aarch64/float_dsp_neon.S \ diff --git a/fix-rustc.patch b/fix-rustc.patch index 7f955940..5129bed2 100644 --- a/fix-rustc.patch +++ b/fix-rustc.patch @@ -1,15 +1,13 @@ -author: Andres Salomon -description: allow ppc64le to build by using proper rustc target -Index: chromium-128.0.6613.113/build/config/rust.gni -=================================================================== ---- chromium-128.0.6613.113.orig/build/config/rust.gni -+++ chromium-128.0.6613.113/build/config/rust.gni -@@ -186,6 +186,8 @@ rust_abi_target = "" - if (is_linux || is_chromeos) { +diff -up chromium-131.0.6778.69/build/config/rust.gni.fix-rustc chromium-131.0.6778.69/build/config/rust.gni +--- chromium-131.0.6778.69/build/config/rust.gni.fix-rustc 2024-11-12 22:48:45.000000000 +0100 ++++ chromium-131.0.6778.69/build/config/rust.gni 2024-11-19 23:01:25.484436409 +0100 +@@ -200,6 +200,9 @@ if (is_linux || is_chromeos) { if (current_cpu == "arm64") { rust_abi_target = "aarch64-unknown-linux-gnu" + cargo_target_abi = "" + } else if (current_cpu == "ppc64") { + rust_abi_target = "powerpc64le-unknown-linux-gnu" ++ cargo_target_abi = "" } else if (current_cpu == "x86") { rust_abi_target = "i686-unknown-linux-gnu" - } else if (current_cpu == "x64") { + cargo_target_abi = "" diff --git a/get_chromium_from_git.sh b/get_chromium_from_git.sh new file mode 100755 index 00000000..c36e5c05 --- /dev/null +++ b/get_chromium_from_git.sh @@ -0,0 +1,61 @@ +#! /bin/bash + +SRC_DIR=chromium-src +VERSION=$1 +if [[ -z $VERSION ]]; then + echo "Version is missing" + exit 1 +fi + +rm -rf $SRC_DIR && mkdir -p $SRC_DIR +pushd $SRC_DIR +cat >.gclient < chromium-$VERSION-clean.tar.xz +echo "Finished!" + diff --git a/sources b/sources index 2bcb7120..14364b2b 100644 --- a/sources +++ b/sources @@ -2,4 +2,4 @@ SHA512 (node-v20.6.1-linux-arm64.tar.xz) = adfcaf2c22614797fd69fb46d94c1cbf64dea SHA512 (node-v20.6.1-linux-x64.tar.xz) = 7e15c05041a9a50f0046266aadb2e092a5aefbec19be1c7c809471add520cb57c7df3c47d88b1888b29bf2979dca3c92adddfd965370fa2a9da4ea02186464fd SHA512 (linux-arm64-0.19.2.tgz) = 8a0d8fec6786fffcd6954d00820037a55d61e60762c74300df0801f8db27057562c221a063bedfb8df56af9ba80abb366336987e881782c5996e6f871abd3dc6 SHA512 (linux-x64-0.19.2.tgz) = a31cc74c4bfa54f9b75d735a1cfc944d3b5efb7c06bfba9542da9a642ae0b2d235ea00ae84d3ad0572c406405110fe7b61377af0fd15803806ef78d20fc6f05d -SHA512 (chromium-130.0.6723.116-clean.tar.xz) = ea9a84da6dbf90364e52cef81016683a2a6ac06de75df26c0522090dc0ccb8725b40364cf3d8330ca5d5f6d99ded99f2bf0858ac8d581b974f007c5cc887e62a +SHA512 (chromium-131.0.6778.85-clean.tar.xz) = e2adae2de0de3910d8c915d0b7e1922ddaec5d8cc68d5fa6b0e99fa34ad052171e83333262ac3767f86fb32e5f31791b0ffee48ce694150d4bbaf30035e36052