Thu, 24 Apr 2025 23:17:04 MSK | login

Information for build chromium-gost-131.0.6778.108-1.el9.inferit

ID21247
Package Namechromium-gost
Version131.0.6778.108
Release1.el9.inferit
Epoch
Sourcegit+http://git.inferitos.ru/rpms/chromium#d5885e5cd1bac8bf2219153921551c9bb3efe745
SummaryA WebKit (Blink) powered web browser that Google doesn't want you to use
DescriptionChromium is an open-source web browser, powered by WebKit (Blink). Chromium GOST patches are integrated, this Chromium supports GOST TLS if proprietary CryptoPro is installed.
Built bytigro
State complete
Volume DEFAULT
StartedThu, 05 Dec 2024 14:31:22 MSK
CompletedThu, 05 Dec 2024 17:06:22 MSK
Taskbuild (inferit-9_5-extras-gost, /rpms/chromium:changed/i8e/chromium-131.0.6778.108-1.el8.inferit)
Extra{'source': {'original_url': 'git+http://git.inferitos.ru/rpms/chromium#changed/i8e/chromium-131.0.6778.108-1.el8.inferit'}}
Tags
inferit-9_5-extras
RPMs
src
chromium-gost-131.0.6778.108-1.el9.inferit.src.rpm (info) (download)
aarch64
chromium-gost-131.0.6778.108-1.el9.inferit.aarch64.rpm (info) (download)
chromium-gost-common-131.0.6778.108-1.el9.inferit.aarch64.rpm (info) (download)
chromium-gost-ffmpeg-131.0.6778.108-1.el9.inferit.aarch64.rpm (info) (download)
chromium-gost-qt5-ui-131.0.6778.108-1.el9.inferit.aarch64.rpm (info) (download)
chromium-gost-common-debuginfo-131.0.6778.108-1.el9.inferit.aarch64.rpm (info) (download)
chromium-gost-debuginfo-131.0.6778.108-1.el9.inferit.aarch64.rpm (info) (download)
chromium-gost-ffmpeg-debuginfo-131.0.6778.108-1.el9.inferit.aarch64.rpm (info) (download)
chromium-gost-qt5-ui-debuginfo-131.0.6778.108-1.el9.inferit.aarch64.rpm (info) (download)
x86_64
chromium-gost-131.0.6778.108-1.el9.inferit.x86_64.rpm (info) (download)
chromium-gost-common-131.0.6778.108-1.el9.inferit.x86_64.rpm (info) (download)
chromium-gost-ffmpeg-131.0.6778.108-1.el9.inferit.x86_64.rpm (info) (download)
chromium-gost-qt5-ui-131.0.6778.108-1.el9.inferit.x86_64.rpm (info) (download)
chromium-gost-common-debuginfo-131.0.6778.108-1.el9.inferit.x86_64.rpm (info) (download)
chromium-gost-debuginfo-131.0.6778.108-1.el9.inferit.x86_64.rpm (info) (download)
chromium-gost-ffmpeg-debuginfo-131.0.6778.108-1.el9.inferit.x86_64.rpm (info) (download)
chromium-gost-qt5-ui-debuginfo-131.0.6778.108-1.el9.inferit.x86_64.rpm (info) (download)
Logs
aarch64
root.log
state.log
mock_output.log
installed_pkgs.log
hw_info.log
build.log
x86_64
root.log
state.log
mock_output.log
installed_pkgs.log
hw_info.log
build.log
Changelog * Thu Dec 05 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 131.0.6778.108-1.inferit - Update to 131.0.6778.108 * High CVE-2024-12053: Type Confusion in V8 - Enable Vulkan for intel graphic driver by default * Thu Nov 28 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 131.0.6778.85-1.inferit.1 - Rebuilt against new dav1d * Wed Nov 20 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 131.0.6778.85-1.inferit - Update to 131.0.6778.85 * High CVE-2024-11395: Type Confusion in V8 * Tue Nov 12 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 131.0.6778.69-1.inferit - Update to 131.0.6778.69 * High CVE-2024-11110: Inappropriate implementation in Blink * Medium CVE-2024-11111: Inappropriate implementation in Autofill * Medium CVE-2024-11112: Use after free in Media * Medium CVE-2024-11113: Use after free in Accessibility * Medium CVE-2024-11114: Inappropriate implementation in Views * Medium CVE-2024-11115: Insufficient policy enforcement in Navigation * Medium CVE-2024-11116: Inappropriate implementation in Paint * Low CVE-2024-11117: Inappropriate implementation in FileSystem * Mon Nov 11 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 130.0.6723.116-1.inferit - Update to 130.0.6723.116 * High CVE-2024-10826: Use after free in Family Experience * High CVE-2024-10827: Use after free in Serial * Thu Oct 31 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 130.0.6723.91-1.inferit - update to 130.0.6723.91 * Critical CVE-2024-10487: Out of bounds write in Dawn * High CVE-2024-10488: Use after free in WebRTC * Wed Oct 23 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 130.0.6723.69-1.inferit - update to 130.0.6723.69 * High CVE-2024-10229: Inappropriate implementation in Extensions * High CVE-2024-10230: Type Confusion in V8 * High CVE-2024-10231: Type Confusion in V8 * Wed Oct 09 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 130.0.6723.58-1.inferit - update to 130.0.6723.58 * High CVE-2024-9954: Use after free in AI * Medium CVE-2024-9955: Use after free in Web Authentication * Medium CVE-2024-9956: Inappropriate implementation in Web Authentication * Medium CVE-2024-9957: Use after free in UI * Medium CVE-2024-9958: Inappropriate implementation in PictureInPicture * Medium CVE-2024-9959: Use after free in DevTools * Medium CVE-2024-9960: Use after free in Dawn * Medium CVE-2024-9961: Use after free in Parcel Tracking * Medium CVE-2024-9962: Inappropriate implementation in Permissions * Medium CVE-2024-9963: Insufficient data validation in Downloads * Low CVE-2024-9964: Inappropriate implementation in Payments * Low CVE-2024-9965: Insufficient data validation in DevTools * Low CVE-2024-9966: Inappropriate implementation in Navigations * Wed Oct 09 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 129.0.6668.100-1.inferit - update to 129.0.6668.100 * High CVE-2024-9602: Type Confusion in V8. * High CVE-2024-9603: Type Confusion in V8. * Thu Oct 03 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 129.0.6668.89-1.inferit - update to 129.0.6668.89 * High CVE -2024-7025: Integer overflow in Layout * High CVE-2024-9369: Insufficient data validation in Mojo * High CVE-2024-9370: Inappropriate implementation in V8 - Added clang 19 support * Wed Sep 25 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 129.0.6668.70-1.inferit - update to 129.0.6668.70 * High CVE-2024-9120: Use after free in Dawn * High CVE-2024-9121: Inappropriate implementation in V8 * High CVE-2024-9122: Type Confusion in V8 * High CVE-2024-9123: Integer overflow in Skia * Thu Sep 19 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 129.0.6668.58-1.inferit - update to 129.0.6668.58 * High CVE-2024-8904: Type Confusion in V8 * Medium CVE-2024-8905: Inappropriate implementation in V8 * Medium CVE-2024-8906: Incorrect security UI in Downloads * Medium CVE-2024-8907: Insufficient data validation in Omnibox * Low CVE-2024-8908: Inappropriate implementation in Autofill * Low CVE-2024-8909: Inappropriate implementation in UI * Wed Sep 11 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 128.0.6613.137-1.inferit - update to 128.0.6613.137 * High CVE-2024-8636: Heap buffer overflow in Skia * High CVE-2024-8637: Use after free in Media Router * High CVE-2024-8638: Type Confusion in V8 * High CVE-2024-8639: Use after free in Autofill * Mon Sep 02 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 128.0.6613.119-1.inferit - update to 128.0.6613.119 * High CVE-2024-8362: Use after free in WebAudio. * High CVE-2024-7970: Out of bounds write in V8. * Thu Aug 29 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 128.0.6613.113-1.inferit - update to 128.0.6613.113 * High CVE-2024-7969: Type Confusion in V8 * High CVE-2024-8193: Heap buffer overflow in Skia * High CVE-2024-8194: Type Confusion in V8 * High CVE-2024-8198: Heap buffer overflow in Skia * Thu Aug 29 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 128.0.6613.84-1.inferit - update to 128.0.6613.84 * High CVE-2024-7964: Use after free in Passwords * High CVE-2024-7965: Inappropriate implementation in V8 * High CVE-2024-7966: Out of bounds memory access in Skia * High CVE-2024-7967: Heap buffer overflow in Fonts * High CVE-2024-7968: Use after free in Autofill * High CVE-2024-7971: Type confusion in V8 * Medium CVE-2024-7972: Inappropriate implementation in V8 * Medium CVE-2024-7973: Heap buffer overflow in PDFium * Medium CVE-2024-7974: Insufficient data validation in V8 API * Medium CVE-2024-7975: Inappropriate implementation in Permissions * Medium CVE-2024-7976: Inappropriate implementation in FedCM * Medium CVE-2024-7977: Insufficient data validation in Installer * Medium CVE-2024-7978: Insufficient policy enforcement in Data Transfer * Medium CVE-2024-7979: Insufficient data validation in Installer * Medium CVE-2024-7980: Insufficient data validation in Installer * Low CVE-2024-7981: Inappropriate implementation in Views * Low CVE-2024-8033: Inappropriate implementation in WebApp Installs * Low CVE-2024-8034: Inappropriate implementation in Custom Tabs * Low CVE-2024-8035: Inappropriate implementation in Extensions * Wed Aug 07 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 127.0.6533.99-1.inferit - update to 127.0.6533.99 * Critical CVE-2024-7532: Out of bounds memory access in ANGLE * High CVE-2024-7533: Use after free in Sharing * High CVE-2024-7550: Type Confusion in V8 * High CVE-2024-7534: Heap buffer overflow in Layout * High CVE-2024-7535: Inappropriate implementation in V8 * High CVE-2024-7536: Use after free in WebAudio * Wed Aug 07 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 127.0.6533.88-3.inferit - fix rhbz#2294773 - Allow enabling vulkan on ozone wayland for AMD vaapi - add ppc64le patch to fix runtime assertion trap on ppc64el systems - refresh ppc64le patch to work around broken 64k allocator code on arm64 * Fri Aug 02 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 127.0.6533.88-2.inferit - update to 127.0.6533.88 * CVE-2024-6990 - refreshed ppc64le patches - workaround for build error on aarch64 F41 - remove old patch that seems to be the cause of a crash when the user set user.max_user_namespaces to 0 * Sat Jul 27 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 127.0.6533.72-1.inferit.1 - Added chromium-ffmpeg package * Thu Jul 25 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 127.0.6533.72-1.inferit - update to 127.0.6533.72 * CVE-2024-6988: Use after free in Downloads * CVE-2024-6989: Use after free in Loader * CVE-2024-6991: Use after free in Dawn * CVE-2024-6992: Out of bounds memory access in ANGLE * CVE-2024-6993: Inappropriate implementation in Canvas * CVE-2024-6994: Heap buffer overflow in Layout * CVE-2024-6995: Inappropriate implementation in Fullscreen * CVE-2024-6996: Race in Frames * CVE-2024-6997: Use after free in Tabs * CVE-2024-6998: Use after free in User Education * CVE-2024-6999: Inappropriate implementation in FedCM * CVE-2024-7000: Use after free in CSS. Reported by Anonymous * CVE-2024-7001: Inappropriate implementation in HTML * CVE-2024-7003: Inappropriate implementation in FedCM * CVE-2024-7004: Insufficient validation of untrusted input in Safe Browsing * CVE-2024-7005: Insufficient validation of untrusted input in Safe - fix condition for is_cfi/use_thin_lto on aarch64/ppc64le - update powerpc patches * Fri Jul 19 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 126.0.6478.182-1.inferit.1 - set mode 755 during install chromium-browser.sh * Thu Jul 18 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 126.0.6478.182-1.inferit - update to 126.0.6478.182 * High CVE-2024-6772: Inappropriate implementation in V8 * High CVE-2024-6773: Type Confusion in V8 * High CVE-2024-6774: Use after free in Screen Capture * High CVE-2024-6775: Use after free in Media Stream * High CVE-2024-6776: Use after free in Audio * High CVE-2024-6777: Use after free in Navigation * High CVE-2024-6778: Race in DevTools * High CVE-2024-6779: Out of bounds memory access in V8 - fixed rhbz#2293202, chromium Wayland UI regression - made qt5-ui and qt6-ui as subpackage * Tue Jul 09 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 126.0.6478.126-1.inferit.1 - Fix openh264 build - build with internal openh264 * Tue Jun 25 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 126.0.6478.126-1.inferit - update to 126.0.6478.126 * High CVE-2024-6290: Use after free in Dawn * High CVE-2024-6291: Use after free in Swiftshader * High CVE-2024-6292: Use after free in Dawn * High CVE-2024-6293: Use after free in Dawn * Wed Jun 19 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 126.0.6478.114-1.inferit - update to 126.0.6478.114 * High CVE-2024-6100: Type Confusion in V8 * High CVE-2024-6101: Inappropriate implementation in WebAssembly * High CVE-2024-6102: Out of bounds memory access in Dawn * High CVE-2024-6103: Use after free in Dawn * Mon Jun 17 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 126.0.6478.61-1.inferit - update to 126.0.6478.61 * Mon Jun 17 2024 Sergey Cherevko <s.cherevko@msvsphere-os.ru> - 126.0.6478.55-1.inferit.1 - Start page has been changed * Fri Jun 14 2024 Sergey Cherevko <s.cherevko@msvsphere-os.ru> - 126.0.6478.55-1.inferit - update to 126.0.6478.55 * High CVE-2024-5830: Type Confusion in V8 * High CVE-2024-5831: Use after free in Dawn * High CVE-2024-5832: Use after free in Dawn * High CVE-2024-5833: Type Confusion in V8 * High CVE-2024-5834: Inappropriate implementation in Dawn * High CVE-2024-5835: Heap buffer overflow in Tab Groups * High CVE-2024-5836: Inappropriate Implementation in DevTools * High CVE-2024-5837: Type Confusion in V8 * High CVE-2024-5838: Type Confusion in V8 * Medium CVE-2024-5839: Inappropriate Implementation in Memory Allocator * Medium CVE-2024-5840: Policy Bypass in CORS * Medium CVE-2024-5841: Use after free in V8 * Medium CVE-2024-5842: Use after free in Browser UI * Medium CVE-2024-5843: Inappropriate implementation in Downloads * Medium CVE-2024-5844: Heap buffer overflow in Tab Strip * Medium CVE-2024-5845: Use after free in Audio * Medium CVE-2024-5846: Use after free in PDFium * Medium CVE-2024-5847: Use after free in PDFium - Update Chromium Gost patches - fix build error on el7 and el8 - fatal error: sys/ifunc.h file not found * Sun Jun 02 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 125.0.6422.141-1.inferit - update to 125.0.6422.141 * High CVE-2024-5493: Heap buffer overflow in WebRTC * High CVE-2024-5494: Use after free in Dawn * High CVE-2024-5495: Use after free in Dawn * High CVE-2024-5496: Use after free in Media Session * High CVE-2024-5497: Out of bounds memory access in Keyboard Inputs * High CVE-2024-5498: Use after free in Presentation API * High CVE-2024-5499: Out of bounds write in Streams API - fixed rhbz#2264332 - Chromium is unable to send/receive video on MS Teams - cleanup chromium.conf * Mon May 27 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 125.0.6422.112-1.inferit - update to 125.0.6422.112 * High CVE-2024-5274: Type Confusion in V8 * Fri May 24 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 125.0.6422.76-1.inferit - fix bz#2282246, update to 125.0.6422.76 * High CVE-2024-5157: Use after free in Scheduling * High CVE-2024-5158: Type Confusion in V8 * High CVE-2024-5159: Heap buffer overflow in ANGLE * High CVE-2024-5160: Heap buffer overflow in Dawn - cleanup - remove unneeded BRs - workarounds for el7 build * Fri May 17 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 125.0.6422.60-1.inferit - update to 125.0.6422.60 * High CVE-2024-4947: Type Confusion in V8 * High CVE-2024-4948: Use after free in Dawn * Medium CVE-2024-4949: Use after free in V8 * Low CVE-2024-4950: Inappropriate implementation in Downloads * Wed May 15 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 124.0.6367.207-1.inferit - update to 124.0.6367.207 - include headless_command_resources.pak for head_shell * Sat May 11 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 124.0.6367.201-1.inferit - update to 124.0.6367.201 * High CVE-2024-4671: Use after free in Visuals * Thu May 09 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 124.0.6367.155-1.inferit - update to 124.0.6367.155 * High CVE-2024-4558: Use after free in ANGLE * High CVE-2024-4559: Heap buffer overflow in WebAudio * Thu May 02 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 124.0.6367.118-1.inferit - update to 124.0.6367.118 * High CVE-2024-4331: Use after free in Picture In Picture * High CVE-2024-4368: Use after free in Dawn - use system highway * Thu May 02 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 124.0.6367.91-1.inferit - update to 124.0.6367.91 - fixed bz#2277228 - chromium wrapper causes library issues (symbol lookup error) - use system dav1d * Thu Apr 25 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 124.0.6367.78-1.inferit - update to 124.0.6367.78 * Critical CVE-2024-4058: Type Confusion in ANGLE * High CVE-2024-4059: Out of bounds read in V8 API * High CVE-2024-4060: Use after free in Dawn * Wed Apr 24 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 124.0.6367.60-2.inferit.1 - Hide microphone from new page * Tue Apr 23 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 124.0.6367.60-2.inferit - update to 124.0.6367.60 - fix waylang regression - update GOST patches - update Yandex patches * Fri Apr 12 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 123.0.6312.122-1.inferit - update to 123.0.6312.122 * High CVE-2024-3157: Out of bounds write in Compositing * High CVE-2024-3516: Heap buffer overflow in ANGLE * High CVE-2024-3515: Use after free in Dawn * Thu Apr 04 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 123.0.6312.105-1.inferit - update to 123.0.6312.105 * High CVE-2024-3156: Inappropriate implementation in V8 * High CVE-2024-3158: Use after free in Bookmarks * High CVE-2024-3159: Out of bounds memory access in V8 * Thu Mar 28 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 123.0.6312.86-1.inferit - update to 123.0.6312.86 * Critical CVE-2024-2883: Use after free in ANGLE * High CVE-2024-2885: Use after free in Daw * High CVE-2024-2886: Use after free in WebCodecs * High CVE-2024-2887: Type Confusion in WebAssembly - fixed bz#2269768 - enable build ppc64le package for F40 - fixed bz#2270321 - VAAPI flags in chromium.conf are out of date - fixed bz#2271183 - disable screen ai service * Thu Mar 21 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 123.0.6312.58-1.inferit - update to 123.0.6312.58 * High CVE-2024-2625: Object lifecycle issue in V8 * Medium CVE-2024-2626: Out of bounds read in Swiftshader * Medium CVE-2024-2627: Use after free in Canvas * Medium CVE-2024-2628: Inappropriate implementation in Downloads * Medium CVE-2024-2629: Incorrect security UI in iOS * Medium CVE-2024-2630: Inappropriate implementation in iOS * Low CVE-2024-2631: Inappropriate implementation in iOS - fixed bz#2270321 - VAAPI flags in chromium.conf are out of date * Thu Mar 14 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 122.0.6261.128-1.inferit - upstream security release 122.0.6261.128 * High CVE-2024-2400: Use after free in Performance Manager * Thu Mar 07 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 122.0.6261.111-1.inferit - upstream security release 122.0.6261.111 * High CVE-2024-2173: Out of bounds memory access in V8 * High CVE-2024-2174: Inappropriate implementation in V8 * High CVE-2024-2176: Use after free in FedCM * Thu Feb 29 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 122.0.6261.94-1.inferit.1 - upstream security release 122.0.6261.94 * High : Type Confusion in V8 - fixed bz#2265957, added correct platform in chromium use agent * Fri Feb 23 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 122.0.6261.69-1.inferit - update to 122.0.6261.69 - fix build error on el8 - bz#2265039, built with -fwrapv for improved memory safety - bz#2265043, built with -ftrivial-auto-var-init=zero for improved security and preditability * Fri Feb 23 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 122.0.6261.57-1.inferit - update to 122.0.6261.57 * High CVE-2024-1669: Out of bounds memory access in Blink * High CVE-2024-1670: Use after free in Mojo * Medium CVE-2024-1671: Inappropriate implementation in Site Isolation * Medium CVE-2024-1672: Inappropriate implementation in Content Security Policy * Medium CVE-2024-1673: Use after free in Accessibility * Medium CVE-2024-1674: Inappropriate implementation in Navigation * Medium CVE-2024-1675: Insufficient policy enforcement in Download * Low CVE-2024-1676: Inappropriate implementation in Navigation. * Wed Feb 14 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 121.0.6167.184-1.inferit - Update to 121.0.6167.184 - reduce the size of relocations * Fri Feb 09 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 121.0.6167.160-1.inferit - update to 121.0.6167.160 * High CVE-2024-1284: Use after free in Mojo * High CVE-2024-1283: Heap buffer overflow in Skia * Sat Feb 03 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 121.0.6167.139-2.inferit - Define missing bundlelibwebp variable - update to 121.0.6167.139 * High CVE-2024-1060: Use after free in Canvas * High CVE-2024-1059: Use after free in WebRTC * High CVE-2024-1077: Use after free in Network - Enable Qt - Support for 64K pages on Linux/AArch64 * Wed Jan 24 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 121.0.6167.85-1.inferit - update to 121.0.6167.85 * High CVE-2024-0807: Use after free in WebAudio * High CVE-2024-0812: Inappropriate implementation in Accessibility * High CVE-2024-0808: Integer underflow in WebUI * Medium CVE-2024-0810: Insufficient policy enforcement in DevTools * Medium CVE-2024-0814: Incorrect security UI in Payments * Medium CVE-2024-0813: Use after free in Reading Mode * Medium CVE-2024-0806: Use after free in Passwords * Medium CVE-2024-0805: Inappropriate implementation in Downloads * Medium CVE-2024-0804: Insufficient policy enforcement in iOS Security UI * Low CVE-2024-0811: Inappropriate implementation in Extensions API * Low CVE-2024-0809: Inappropriate implementation in Autofill * Wed Jan 17 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 120.0.6099.224-1.inferit - update to 120.0.6099.224 * High CVE-2024-0517: Out of bounds write in V8 * High CVE-2024-0518: Type Confusion in V8 * High CVE-2024-0519: Out of bounds memory access in V8 * Thu Jan 11 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 120.0.6099.216-1.inferit - update to 120.0.6099.216 * High CVE-2024-0333: Insufficient data validation in Extensions * Sat Jan 06 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 120.0.6099.199-1.inferit - new gn update, drop workaround for broken gn on epel 8/9 - update to 120.0.6099.199 * CVE-2024-0222: Use after free in ANGLE * CVE-2024-0223: Heap buffer overflow in ANGLE * CVE-2024-0224: Use after free in WebAudio * CVE-2024-0225: Use after free in WebGPU * Tue Dec 26 2023 Arkady L. Shane <tigro@msvsphere-os.ru> - 120.0.6099.129-1.inferit.1 - Use home page from sphere-indexhtml package * Fri Dec 22 2023 Arkady L. Shane <tigro@msvsphere-os.ru> - 120.0.6099.129-1.inferit - update to 120.0.6099.129 * High CVE-2023-7024: Heap buffer overflow in WebRTC * Sun Dec 17 2023 Arkady L. Shane <tigro@msvsphere-os.ru> - 120.0.6099.109-1.inferit - update to 120.0.6099.109 * High CVE-2023-6702: Type Confusion in V8 * High CVE-2023-6703: Use after free in Blink * High CVE-2023-6704: Use after free in libavif * High CVE-2023-6705: Use after free in WebRTC * High CVE-2023-6706: Use after free in FedCM * Medium CVE-2023-6707: Use after free in CSS * Tue Dec 12 2023 Arkady L. Shane <tigro@msvsphere-os.ru> - 120.0.6099.71-1.inferit - Updateo to 20.0.6099.71 * Thu Dec 07 2023 Arkady L. Shane <tigro@msvsphere-os.ru> - 120.0.6099.62-2.inferit - drop unsupported ldflag which caused build failure - update to 120.0.6099.62 - fixed bz#2252874, built with control flow integrity (CFI) support - enable qt6 UI backend - fixed bz#2242271, built with bundleminizip in fedora > 39 - fixed bz#2251884, built with fstack-protector-strong for improved security * Mon Dec 04 2023 Alexey Berezhok <alexey.berezhok@msvsphere-os.ru> - 119.0.6045.199-1.inferit.2 - Added Yandex search bar as default on newtab and new-tab-page * Thu Nov 30 2023 Arkady L. Shane <tigro@msvsphere-os.ru> - 119.0.6045.199-1.inferit - Update to 119.0.6045.199 Fix CVE-2023-6345 * Sat Nov 25 2023 Arkady L. Shane <tigro@msvsphere-os.ru> - 119.0.6045.159-2.inferit - Apply GOST patches * Mon Nov 20 2023 Arkady L. Shane <tigro@msvsphere-os.ru> - 119.0.6045.159-1.inferit - update to 119.0.6045.159 - add Requires/Conflicts for ABI break in fmpeg-free 6.0.1 - drop first_dts patch, reintroduce first_dts patch in ffmpeg-free-6.0.1 - fixed python3 syntaxWarning: invalid escape sequenc - skip clang's patches for epel8 that now gets clang-16 update - fixed bz#2240127, Some h.264 mp4s do not play - fixed python3 syntaxWarning: invalid escape sequence - fix ffmpeg conflicts * Fri Nov 10 2023 Arkady L. Shane <tigro@msvsphere-os.ru> - 119.0.6045.123-1.inferit - update to 119.0.6045.123, include following security fixes: high CVE-2023-5996: Use after free in WebAudio - enable debuginfo - sync patches with upstream * Thu Nov 02 2023 Arkady L. Shane <tigro@msvsphere-os.ru> - 119.0.6045.105-1.inferit - Update to 119.0.6045.105 * Fri Oct 27 2023 Arkady L. Shane <tigro@msvsphere-os.ru> - 118.0.5993.117-2.inferit - Drop Branding from About dialog * Wed Oct 25 2023 Arkady L. Shane <tigro@msvsphere-os.ru> - 118.0.5993.117-1.inferit - Update to 118.0.5993.117 * Sat Oct 21 2023 Arkady L. Shane <tigro@msvsphere-os.ru> - 118.0.5993.88-1.inferit - Update to 118.0.5993.88 - Cleanup the package dependencies * Thu Oct 12 2023 Arkady L. Shane <tigro@msvsphere-os.ru> - 118.0.5993.70-1.inferit - Update to 118.0.5993.70 - CVE-2023-5218: Use after free in Site Isolation. - CVE-2023-5487: Inappropriate implementation in Fullscreen. - CVE-2023-5484: Inappropriate implementation in Navigation. - CVE-2023-5475: Inappropriate implementation in DevTools. - CVE-2023-5483: Inappropriate implementation in Intents. - CVE-2023-5481: Inappropriate implementation in Downloads. - CVE-2023-5476: Use after free in Blink History. - CVE-2023-5474: Heap buffer overflow in PDF. - CVE-2023-5479: Inappropriate implementation in Extensions API. - CVE-2023-5485: Inappropriate implementation in Autofill. - CVE-2023-5478: Inappropriate implementation in Autofill. - CVE-2023-5477: Inappropriate implementation in Installer. - CVE-2023-5486: Inappropriate implementation in Input. - CVE-2023-5473: Use after free in Cast. - drop use_gnome_keyring as it's removed by upstream * Fri Oct 06 2023 Arkady L. Shane <ashejn@msvsphere.ru> - 117.0.5938.149-1.inferit - Update to 117.0.5938.149 - fix CVE-2023-5346: Type Confusion in V8 - add workaround for the crash on BTI capable system * Thu Sep 28 2023 Arkady L. Shane <ashejn@msvsphere.ru> - 117.0.5938.132-1.inferit - Update to 117.0.5938.132 * Mon Sep 25 2023 Arkady L. Shane <ashejn@msvsphere.ru> - 117.0.5938.92-1.inferit - Update to 117.0.5938.92 - backport upstream patch to fix memory leak * Tue Sep 19 2023 Arkady L. Shane <ashejn@msvsphere.ru> - 117.0.5938.88-1.inferit - Update to 117.0.5938.88 - Build with internal libwebp * Fri Sep 15 2023 Arkady L. Shane <ashejn@msvsphere.ru> - 117.0.5938.62-1.inferit - Update to 117.0.5938.62 * Tue Sep 12 2023 Arkady L. Shane <ashejn@msvsphere.ru> - 116.0.5845.187-1.inferit - Update to 116.0.5845.187 - Change url to https://msvsphere-os.ru - Import bookmarks from system-bookmarks package * Thu Sep 07 2023 Arkady L. Shane <ashejn@msvsphere.ru> - 116.0.5845.179-1.inferit - Update to 116.0.5845.179 * Thu Aug 31 2023 Arkady L. Shane <ashejn@msvsphere.ru> - 116.0.5845.140-1.inferit - Update to 116.0.5845.140 * Wed Aug 16 2023 Arkady L. Shane <ashejn@msvsphere.ru> - 116.0.5845.96-1.inferit.1 - Update to 116.0.5845.96 * Fri Aug 11 2023 Sergey Cherevko <s.cherevko@msvsphere.ru> - 115.0.5790.170-1.inferit.1 - Added Russian description and summary for gnome-software - Rebuilt for MSVSphere 9.2 * Fri Aug 04 2023 Arkady L. Shane <ashejn@msvsphere.ru> - 115.0.5790.170-1.inferit - Update to 115.0.5790.170 * Thu Jul 27 2023 Arkady L. Shane <ashejn@msvsphere.ru> - 115.0.5790.110-1.inferit - Update to 115.0.5790.110 - Sync patches with upstream * Fri Jul 21 2023 Arkady L. Shane <ashejn@msvsphere.ru> - 115.0.5790.102-1.inferit - Update to 115.0.5790.102 - Disable rust - Added many fixes * Fri Jul 21 2023 Arkady L. Shane <ashejn@msvsphere.ru> - 114.0.5735.198-1.inferit.1 - Use original tarball - Build with internal FFmpeg * Mon Jul 10 2023 Arkady L. Shane <ashejn@msvsphere.ru> - 114.0.5735.198-1.inferit - Update to 114.0.5735.198 * Mon Jul 10 2023 Alexey Lyubimov <a.lyubimov@msvsphere.ru> - 114.0.5735.133-1.inferit.3 - Debranding about Chromium info * Tue Jul 04 2023 Arkady L. Shane <ashejn@msvsphere.ru> - 114.0.5735.133-1.inferit.2 - resize Yandex logo again * Mon Jul 03 2023 Arkady L. Shane <ashejn@msvsphere.ru> - 114.0.5735.133-1.inferit.1 - resize Yandex logo * Sat Jul 01 2023 Arkady L. Shane <ashejn@msvsphere.ru> - 114.0.5735.133-1.inferit - Rebuilt for MSVSphere 9.2 - set Yandex search engine by default - replace Google logo with Yandex logo - set new home page * Wed Jun 14 2023 Than Ngo <than@redhat.com> - 114.0.5735.133-1 - update to 114.0.5735.133 - Enable AllowQt feature flag - Fix Qt deps - Fix Qt logical scale factor * Wed Jun 07 2023 Than Ngo <than@redhat.com> - 114.0.5735.106-1 - update to 114.0.5735.106 * Sun May 28 2023 Than Ngo <than@redhat.com> - 114.0.5735.45-1 - update to 114.0.5735.45 - add qt6 linuxui backend - backport: handle scale factor changes - backport: fix font double_scaling * Wed May 17 2023 Than Ngo <than@redhat.com> - 113.0.5672.126-1 - drop clang workaround for el8 - update to 113.0.5672.126 * Tue May 09 2023 Than Ngo <than@redhat.com> - 113.0.5672.92-1 - update to 113.0.5672.92 * Wed May 03 2023 Than Ngo <than@redhat.com> - 113.0.5672.63-1 - update to 113.0.5672.63 * Sun Apr 23 2023 Than Ngo <than@redhat.com> - 112.0.5615.165-2 - make --use-gl=egl default for x11/wayland - enable WebUIDarkMode * Thu Apr 20 2023 Than Ngo <than@redhat.com> - 112.0.5615.165-1 - update to 112.0.5615.165 * Mon Apr 17 2023 Than Ngo <than@redhat.com> - 112.0.5615.121-2 - fix vaapi issue on xwayland - fix the build order, chrome_feed_response_metadata.pb.h file not found - fix compiler flags and typo * Sat Apr 15 2023 Than Ngo <than@redhat.com> - 112.0.5615.121-1 - update to 112.0.5615.121 * Wed Apr 05 2023 Than Ngo <than@redhat.com> - 112.0.5615.49-1 - update to 112.0.5615.49 - fix #2184142, Small fonts in menus * Tue Mar 28 2023 Than Ngo <than@redhat.com> - 111.0.5563.146-1 - update to 111.0.5563.146 * Sat Mar 25 2023 Neal Gompa <ngompa@fedoraproject.org> - 111.0.5563.110-2 - Fix ffmpeg note in README.fedora * Wed Mar 22 2023 Than Ngo <than@redhat.com> - 111.0.5563.110-1 - update to 111.0.5563.110 * Sun Mar 12 2023 Neal Gompa <ngompa@fedoraproject.org> - 111.0.5563.64-2 - Rebuild for ffmpeg 6.0 * Tue Mar 07 2023 Than Ngo <than@redhat.com> - 111.0.5563.64-1 - update to 111.0.5563.64 * Mon Mar 06 2023 Than Ngo <than@redhat.com> - 111.0.5563.50-1 - update to 111.0.5563.50 - system freetype on fedora > 36 * Thu Feb 23 2023 Than Ngo <than@redhat.com> - 110.0.5481.177-1 - update to 110.0.5481.177 - workaround for crash on aarch64, rhel8 * Wed Feb 22 2023 Jan Grulich <jgrulich@redhat.com> - 110.0.5481.100-3 - Enable PipeWire screen sharing on RHEL8+ * Tue Feb 21 2023 Than Ngo <than@redhat.com> - 110.0.5481.100-2 - fixed bz#2036205, failed to load GLES library * Fri Feb 17 2023 Than Ngo <than@redhat.com> - 110.0.5481.100-1 - update to 110.0.5481.100 * Thu Feb 16 2023 Than Ngo <than@redhat.com> - 110.0.5481.77-2 - fix #2071126, enable support V4L2 stateless decoders for aarch64 plattform - fix prefers-color-scheme - drop snapshot_blob.bin, replace snapshot_blob.bin with v8_context_snapshot.bin - move headless_lib*.pak to headless subpackage * Wed Feb 08 2023 Than Ngo <than@redhat.com> - 110.0.5481.77-1 - update to 110.0.5481.77 * Sat Feb 04 2023 Than Ngo <than@redhat.com> - 110.0.5481.61-1 - update to 110.0.5481.61 * Thu Feb 02 2023 Jan Grulich <jgrulich@redhat.com> - 109.0.5414.119-2 - Use ffmpeg decoders for h264 support * Wed Jan 25 2023 Than Ngo <than@redhat.com> - 109.0.5414.119-1 - update to 109.0.5414.119 * Sun Jan 22 2023 Than Ngo <than@redhat.com> - 109.0.5414.74-4 - clean up * Wed Jan 18 2023 Fedora Release Engineering <releng@fedoraproject.org> - 109.0.5414.74-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild * Sun Jan 15 2023 Than Ngo <than@redhat.com> - 109.0.5414.74-2 - conditionalize system_build_flags - cleaned up gn defines - add BR on python3-importlib-metadata - set correct toolchain gcc|clang - fix FTBFS with gcc13 * Wed Jan 11 2023 Than Ngo <than@redhat.com> - 109.0.5414.74-1 - update to 109.0.5414.74 * Tue Jan 10 2023 Than Ngo <than@redhat.com> - 108.0.5359.124-5 - enable qt backend for el >= 9 and fedora >= 35 - drop i686 - conditional BR on java-1.8.0-openjdk-headless * Sun Jan 08 2023 Than Ngo <than@redhat.com> - 108.0.5359.124-4 - vaapi support for wayland * Wed Jan 04 2023 Than Ngo <than@redhat.com> - 108.0.5359.124-3 - build with system ffmpeg-free and system libaom - fix widewine extension issue - vaapi, disable UseChromeOSDirectVideoDecoder - workaround for linking issue in clang <= 14 * Sun Jan 01 2023 Tom Callaway <spot@fedoraproject.org> - 108.0.5359.124-2 - turn headless back on (chrome-remote-desktop will stay off, probably forever) * Wed Dec 28 2022 Than Ngo <than@redhat.com> - 108.0.5359.124-1 - update to 108.0.5359.124 - switch to clang