* High CVE-2024-8904: Type Confusion in V8
* Medium CVE-2024-8905: Inappropriate implementation in V8
* Medium CVE-2024-8906: Incorrect security UI in Downloads
* Medium CVE-2024-8907: Insufficient data validation in Omnibox
* Low CVE-2024-8908: Inappropriate implementation in Autofill
* Low CVE-2024-8909: Inappropriate implementation in UI
* High CVE-2024-8636: Heap buffer overflow in Skia
* High CVE-2024-8637: Use after free in Media Router
* High CVE-2024-8638: Type Confusion in V8
* High CVE-2024-8639: Use after free in Autofill
* Critical CVE-2024-7532: Out of bounds memory access in ANGLE
* High CVE-2024-7533: Use after free in Sharing
* High CVE-2024-7550: Type Confusion in V8
* High CVE-2024-7534: Heap buffer overflow in Layout
* High CVE-2024-7535: Inappropriate implementation in V8
* High CVE-2024-7536: Use after free in WebAudio
* CVE-2024-6988: Use after free in Downloads
* CVE-2024-6989: Use after free in Loader
* CVE-2024-6991: Use after free in Dawn
* CVE-2024-6992: Out of bounds memory access in ANGLE
* CVE-2024-6993: Inappropriate implementation in Canvas
* CVE-2024-6994: Heap buffer overflow in Layout
* CVE-2024-6995: Inappropriate implementation in Fullscreen
* CVE-2024-6996: Race in Frames
* CVE-2024-6997: Use after free in Tabs
* CVE-2024-6998: Use after free in User Education
* CVE-2024-6999: Inappropriate implementation in FedCM
* CVE-2024-7000: Use after free in CSS. Reported by Anonymous
* CVE-2024-7001: Inappropriate implementation in HTML
* CVE-2024-7003: Inappropriate implementation in FedCM
* CVE-2024-7004: Insufficient validation of untrusted input in Safe Browsing
* CVE-2024-7005: Insufficient validation of untrusted input in Safe
- remove unsupported use_gold, use_goma
- enable bootstrap for epel as gn is old (need to update gn on epel)
- enable bundleicu and bundledav1d (need to update icu and dav1d)
- apply upstream patches to fix build issues with ninja-1.21.1 (fedora >39)
- pipewire is old on el8, new version is required, disable it temporary
* High CVE-2024-6772: Inappropriate implementation in V8
* High CVE-2024-6773: Type Confusion in V8
* High CVE-2024-6774: Use after free in Screen Capture
* High CVE-2024-6775: Use after free in Media Stream
* High CVE-2024-6776: Use after free in Audio
* High CVE-2024-6777: Use after free in Navigation
* High CVE-2024-6778: Race in DevTools
* High CVE-2024-6779: Out of bounds memory access in V8
* High CVE-2024-6290: Use after free in Dawn
* High CVE-2024-6291: Use after free in Swiftshader
* High CVE-2024-6292: Use after free in Dawn
* High CVE-2024-6293: Use after free in Dawn
* High CVE-2024-6100: Type Confusion in V8
* High CVE-2024-6101: Inappropriate implementation in WebAssembly
* High CVE-2024-6102: Out of bounds memory access in Dawn
* High CVE-2024-6103: Use after free in Dawn
* High CVE-2024-5830: Type Confusion in V8
* High CVE-2024-5831: Use after free in Dawn
* High CVE-2024-5832: Use after free in Dawn
* High CVE-2024-5833: Type Confusion in V8
* High CVE-2024-5834: Inappropriate implementation in Dawn
* High CVE-2024-5835: Heap buffer overflow in Tab Groups
* High CVE-2024-5836: Inappropriate Implementation in DevTools
* High CVE-2024-5837: Type Confusion in V8
* High CVE-2024-5838: Type Confusion in V8
* Medium CVE-2024-5839: Inappropriate Implementation in Memory Allocator
* Medium CVE-2024-5840: Policy Bypass in CORS
* Medium CVE-2024-5841: Use after free in V8
* Medium CVE-2024-5842: Use after free in Browser UI
* Medium CVE-2024-5843: Inappropriate implementation in Downloads
* Medium CVE-2024-5844: Heap buffer overflow in Tab Strip
* Medium CVE-2024-5845: Use after free in Audio
* Medium CVE-2024-5846: Use after free in PDFium
* Medium CVE-2024-5847: Use after free in PDFium
- refreshed patches
- dropped a workaround for a bug in new llvm on f40/rawhide (ppc64le)
- tweaked system build flags