chromium-135.0.7049.95-1.el9.inferit | Build Info

Information for build chromium-135.0.7049.95-1.el9.inferit

30026

Package Name

chromium

Version

135.0.7049.95

Release

1.el9.inferit

Epoch

Source

git+http://git.inferitos.ru/rpms/chromium#24c56feac361e69773177663754b5b024200e63f

Summary

A WebKit (Blink) powered web browser that Google doesn't want you to use

Description

Chromium is an open-source web browser, powered by WebKit (Blink).

Built by

tigro

State

complete

Volume

DEFAULT

Started

Mon, 21 Apr 2025 20:36:27 MSK

Completed

Mon, 21 Apr 2025 23:58:51 MSK

Task

build (inferit-9_5-extras, /rpms/chromium:changed/i9e/chromium-135.0.7049.95-1.el9.inferit)

Extra

{'source': {'original_url': 'git+http://git.inferitos.ru/rpms/chromium#changed/i9e/chromium-135.0.7049.95-1.el9.inferit'}}

Tags

inferit-9_5-extras

RPMs

src
	chromium-135.0.7049.95-1.el9.inferit.src.rpm (info) (download)
aarch64
	chromedriver-135.0.7049.95-1.el9.inferit.aarch64.rpm (info) (download)
	chromium-135.0.7049.95-1.el9.inferit.aarch64.rpm (info) (download)
	chromium-common-135.0.7049.95-1.el9.inferit.aarch64.rpm (info) (download)
	chromium-ffmpeg-135.0.7049.95-1.el9.inferit.aarch64.rpm (info) (download)
	chromium-headless-135.0.7049.95-1.el9.inferit.aarch64.rpm (info) (download)
	chromium-qt5-ui-135.0.7049.95-1.el9.inferit.aarch64.rpm (info) (download)
	chromium-common-debuginfo-135.0.7049.95-1.el9.inferit.aarch64.rpm (info) (download)
	chromium-debuginfo-135.0.7049.95-1.el9.inferit.aarch64.rpm (info) (download)
	chromium-ffmpeg-debuginfo-135.0.7049.95-1.el9.inferit.aarch64.rpm (info) (download)
	chromium-headless-debuginfo-135.0.7049.95-1.el9.inferit.aarch64.rpm (info) (download)
	chromium-qt5-ui-debuginfo-135.0.7049.95-1.el9.inferit.aarch64.rpm (info) (download)
x86_64
	chromedriver-135.0.7049.95-1.el9.inferit.x86_64.rpm (info) (download)
	chromium-135.0.7049.95-1.el9.inferit.x86_64.rpm (info) (download)
	chromium-common-135.0.7049.95-1.el9.inferit.x86_64.rpm (info) (download)
	chromium-ffmpeg-135.0.7049.95-1.el9.inferit.x86_64.rpm (info) (download)
	chromium-headless-135.0.7049.95-1.el9.inferit.x86_64.rpm (info) (download)
	chromium-qt5-ui-135.0.7049.95-1.el9.inferit.x86_64.rpm (info) (download)
	chromium-common-debuginfo-135.0.7049.95-1.el9.inferit.x86_64.rpm (info) (download)
	chromium-debuginfo-135.0.7049.95-1.el9.inferit.x86_64.rpm (info) (download)
	chromium-ffmpeg-debuginfo-135.0.7049.95-1.el9.inferit.x86_64.rpm (info) (download)
	chromium-headless-debuginfo-135.0.7049.95-1.el9.inferit.x86_64.rpm (info) (download)
	chromium-qt5-ui-debuginfo-135.0.7049.95-1.el9.inferit.x86_64.rpm (info) (download)

Logs

aarch64
	root.log
	state.log
	mock_output.log
	installed_pkgs.log
	hw_info.log
	build.log
x86_64
	root.log
	state.log
	mock_output.log
	installed_pkgs.log
	hw_info.log
	build.log

Changelog

* Mon Apr 21 2025 Arkady L. Shane <tigro@msvsphere-os.ru> - 135.0.7049.95-1.inferit - Update to 135.0.7049.95 * CVE-2025-3619: Heap buffer overflow in Codecs * CVE-2025-3620: Use after free in USB * Thu Apr 10 2025 Arkady L. Shane <tigro@msvsphere-os.ru> - 135.0.7049.84-1.inferit - Update to 135.0.7049.84 * CVE-2025-3066: Use after free in Site Isolation * Sat Apr 05 2025 Arkady L. Shane <tigro@msvsphere-os.ru> - 135.0.7049.52-2.inferit - Update to 135.0.7049.52 - Add CFI suppressions for inline PipeWire functions * Tue Mar 25 2025 Arkady L. Shane <tigro@msvsphere-os.ru> - 134.0.6998.165-1.inferit - Update to 134.0.6998.165 * Fri Mar 21 2025 Arkady L. Shane <tigro@msvsphere-os.ru> - 134.0.6998.117-1.inferit - Update to 134.0.6998.117 * Critical CVE-2025-2476: Use after free in Lens * Wed Mar 12 2025 Arkady L. Shane <tigro@msvsphere-os.ru> - 134.0.6998.88-1.inferit - Update to 134.0.6998.88 * High CVE-2025-1920: Type Confusion in V8 * High CVE-2025-2135: Type Confusion in V8 * High CVE-TBD: Out of bounds write in GPU * Medium CVE-2025-2136: Use after free in Inspector * Medium CVE-2025-2137: Out of bounds read in V8 * Sat Mar 08 2025 Arkady L. Shane <tigro@msvsphere-os.ru> - 134.0.6998.35-1.inferit - Update to 134.0.6998.35 * CVE-2025-1914: Out of bounds read in V8 * CVE-2025-1915: Improper Limitation of a Pathname to a Restricted Directory in DevTools * CVE-2025-1916: Use after free in Profiles * CVE-2025-1917: Inappropriate Implementation in Browser UI * CVE-2025-1918: Out of bounds read in PDFium * CVE-2025-1919: Out of bounds read in Media * CVE-2025-1921: Inappropriate Implementation in Media Stream * CVE-2025-1922: Inappropriate Implementation in Selection * CVE-2025-1923: Inappropriate Implementation in Permission Prompts * Thu Feb 27 2025 Arkady L. Shane <tigro@msvsphere-os.ru> - 133.0.6943.141-1.inferit - Update to 133.0.6943.141 * Thu Feb 20 2025 Arkady L. Shane <tigro@msvsphere-os.ru> - 133.0.6943.126-1.inferit - Update to 133.0.6943.126 * CVE-2025-0999: Heap buffer overflow in V8 * CVE-2025-1426: Heap buffer overflow in GPU * CVE-2025-1006: Use after free in Network * Fri Feb 14 2025 Arkady L. Shane <tigro@msvsphere-os.ru> - 133.0.6943.98-1.inferit - Update to 133.0.6943.98 * CVE-2025-0995: Use after free in V8 * CVE-2025-0996: Inappropriate implementation in Browser UI * CVE-2025-0997: Use after free in Navigation * CVE-2025-0998: Out of bounds memory access in V8 * Fri Feb 07 2025 Arkady L. Shane <tigro@msvsphere-os.ru> - 133.0.6943.53-1.inferit - Update to 133.0.6943.53 * CVE-2025-0444: Use after free in Skia * CVE-2025-0445: Use after free in V8 * CVE-2025-0451: Inappropriate implementation in Extensions API * Wed Jan 29 2025 Arkady L. Shane <tigro@msvsphere-os.ru> - 132.0.6834.159-1.inferit - Updated to 132.0.6834.159 * Medium CVE-2025-0762: Use after free in DevTools * Fri Jan 24 2025 Arkady L. Shane <tigro@msvsphere-os.ru> - 132.0.6834.110-1.inferit - Update to 132.0.6834.110 * High CVE-2025-0611: Object corruption in V8 * High CVE-2025-0612: Out of bounds memory access in V8 * Fri Jan 17 2025 Arkady L. Shane <tigro@msvsphere-os.ru> - 132.0.6834.83-1.inferit - Update to 132.0.6834.83 * High CVE-2025-0434: Out of bounds memory access in V8 * High CVE-2025-0435: Inappropriate implementation in Navigation * High CVE-2025-0436: Integer overflow in Skia * High CVE-2025-0437: Out of bounds read in Metrics * High CVE-2025-0438: Stack buffer overflow in Tracing * Medium CVE-2025-0439: Race in Frames * Medium CVE-2025-0440: Inappropriate implementation in Fullscreen * Medium CVE-2025-0441: Inappropriate implementation in Fenced * Medium CVE-2025-0442: Inappropriate implementation in Payments * Medium CVE-2025-0443: Insufficient data validation in Extensions * Low CVE-2025-0446: Inappropriate implementation in Extensions * Low CVE-2025-0447: Inappropriate implementation in Navigation * Low CVE-2025-0448: Inappropriate implementation in Compositing * Thu Jan 09 2025 Arkady L. Shane <tigro@msvsphere-os.ru> - 131.0.6778.264-1.inferit - Update to 131.0.6778.264 * High CVE-2025-0291: Type Confusion in V8 * Fri Dec 20 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 131.0.6778.204-1.inferit * High CVE-2024-12692: Type Confusion in V8 * High CVE-2024-12693: Out of bounds memory access in V8 * High CVE-2024-12694: Use after free in Compositing * High CVE-2024-12695: Out of bounds write in V8 * Thu Dec 12 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 131.0.6778.139-1.inferit - Update to 131.0.6778.139 * High CVE-2024-12381: Type Confusion in V8 * High CVE-2024-12382: Use after free in Translate * Thu Dec 05 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 131.0.6778.108-1.inferit - Update to 131.0.6778.108 * High CVE-2024-12053: Type Confusion in V8 - Enable Vulkan for intel graphic driver by default * Thu Nov 28 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 131.0.6778.85-1.inferit.1 - Rebuilt against new dav1d * Wed Nov 20 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 131.0.6778.85-1.inferit - Update to 131.0.6778.85 * High CVE-2024-11395: Type Confusion in V8 * Tue Nov 12 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 131.0.6778.69-1.inferit - Update to 131.0.6778.69 * High CVE-2024-11110: Inappropriate implementation in Blink * Medium CVE-2024-11111: Inappropriate implementation in Autofill * Medium CVE-2024-11112: Use after free in Media * Medium CVE-2024-11113: Use after free in Accessibility * Medium CVE-2024-11114: Inappropriate implementation in Views * Medium CVE-2024-11115: Insufficient policy enforcement in Navigation * Medium CVE-2024-11116: Inappropriate implementation in Paint * Low CVE-2024-11117: Inappropriate implementation in FileSystem * Mon Nov 11 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 130.0.6723.116-1.inferit - Update to 130.0.6723.116 * High CVE-2024-10826: Use after free in Family Experience * High CVE-2024-10827: Use after free in Serial * Thu Oct 31 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 130.0.6723.91-1.inferit - update to 130.0.6723.91 * Critical CVE-2024-10487: Out of bounds write in Dawn * High CVE-2024-10488: Use after free in WebRTC * Wed Oct 23 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 130.0.6723.69-1.inferit - update to 130.0.6723.69 * High CVE-2024-10229: Inappropriate implementation in Extensions * High CVE-2024-10230: Type Confusion in V8 * High CVE-2024-10231: Type Confusion in V8 * Wed Oct 09 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 130.0.6723.58-1.inferit - update to 130.0.6723.58 * High CVE-2024-9954: Use after free in AI * Medium CVE-2024-9955: Use after free in Web Authentication * Medium CVE-2024-9956: Inappropriate implementation in Web Authentication * Medium CVE-2024-9957: Use after free in UI * Medium CVE-2024-9958: Inappropriate implementation in PictureInPicture * Medium CVE-2024-9959: Use after free in DevTools * Medium CVE-2024-9960: Use after free in Dawn * Medium CVE-2024-9961: Use after free in Parcel Tracking * Medium CVE-2024-9962: Inappropriate implementation in Permissions * Medium CVE-2024-9963: Insufficient data validation in Downloads * Low CVE-2024-9964: Inappropriate implementation in Payments * Low CVE-2024-9965: Insufficient data validation in DevTools * Low CVE-2024-9966: Inappropriate implementation in Navigations * Wed Oct 09 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 129.0.6668.100-1.inferit - update to 129.0.6668.100 * High CVE-2024-9602: Type Confusion in V8. * High CVE-2024-9603: Type Confusion in V8. * Thu Oct 03 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 129.0.6668.89-1.inferit - update to 129.0.6668.89 * High CVE -2024-7025: Integer overflow in Layout * High CVE-2024-9369: Insufficient data validation in Mojo * High CVE-2024-9370: Inappropriate implementation in V8 - Added clang 19 support * Wed Sep 25 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 129.0.6668.70-1.inferit - update to 129.0.6668.70 * High CVE-2024-9120: Use after free in Dawn * High CVE-2024-9121: Inappropriate implementation in V8 * High CVE-2024-9122: Type Confusion in V8 * High CVE-2024-9123: Integer overflow in Skia * Thu Sep 19 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 129.0.6668.58-1.inferit - update to 129.0.6668.58 * High CVE-2024-8904: Type Confusion in V8 * Medium CVE-2024-8905: Inappropriate implementation in V8 * Medium CVE-2024-8906: Incorrect security UI in Downloads * Medium CVE-2024-8907: Insufficient data validation in Omnibox * Low CVE-2024-8908: Inappropriate implementation in Autofill * Low CVE-2024-8909: Inappropriate implementation in UI * Wed Sep 11 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 128.0.6613.137-1.inferit - update to 128.0.6613.137 * High CVE-2024-8636: Heap buffer overflow in Skia * High CVE-2024-8637: Use after free in Media Router * High CVE-2024-8638: Type Confusion in V8 * High CVE-2024-8639: Use after free in Autofill * Mon Sep 02 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 128.0.6613.119-1.inferit - update to 128.0.6613.119 * High CVE-2024-8362: Use after free in WebAudio. * High CVE-2024-7970: Out of bounds write in V8. * Thu Aug 29 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 128.0.6613.113-1.inferit - update to 128.0.6613.113 * High CVE-2024-7969: Type Confusion in V8 * High CVE-2024-8193: Heap buffer overflow in Skia * High CVE-2024-8194: Type Confusion in V8 * High CVE-2024-8198: Heap buffer overflow in Skia * Thu Aug 29 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 128.0.6613.84-1.inferit - update to 128.0.6613.84 * High CVE-2024-7964: Use after free in Passwords * High CVE-2024-7965: Inappropriate implementation in V8 * High CVE-2024-7966: Out of bounds memory access in Skia * High CVE-2024-7967: Heap buffer overflow in Fonts * High CVE-2024-7968: Use after free in Autofill * High CVE-2024-7971: Type confusion in V8 * Medium CVE-2024-7972: Inappropriate implementation in V8 * Medium CVE-2024-7973: Heap buffer overflow in PDFium * Medium CVE-2024-7974: Insufficient data validation in V8 API * Medium CVE-2024-7975: Inappropriate implementation in Permissions * Medium CVE-2024-7976: Inappropriate implementation in FedCM * Medium CVE-2024-7977: Insufficient data validation in Installer * Medium CVE-2024-7978: Insufficient policy enforcement in Data Transfer * Medium CVE-2024-7979: Insufficient data validation in Installer * Medium CVE-2024-7980: Insufficient data validation in Installer * Low CVE-2024-7981: Inappropriate implementation in Views * Low CVE-2024-8033: Inappropriate implementation in WebApp Installs * Low CVE-2024-8034: Inappropriate implementation in Custom Tabs * Low CVE-2024-8035: Inappropriate implementation in Extensions * Wed Aug 07 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 127.0.6533.99-1.inferit - update to 127.0.6533.99 * Critical CVE-2024-7532: Out of bounds memory access in ANGLE * High CVE-2024-7533: Use after free in Sharing * High CVE-2024-7550: Type Confusion in V8 * High CVE-2024-7534: Heap buffer overflow in Layout * High CVE-2024-7535: Inappropriate implementation in V8 * High CVE-2024-7536: Use after free in WebAudio * Wed Aug 07 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 127.0.6533.88-3.inferit - fix rhbz#2294773 - Allow enabling vulkan on ozone wayland for AMD vaapi - add ppc64le patch to fix runtime assertion trap on ppc64el systems - refresh ppc64le patch to work around broken 64k allocator code on arm64 * Fri Aug 02 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 127.0.6533.88-2.inferit - update to 127.0.6533.88 * CVE-2024-6990 - refreshed ppc64le patches - workaround for build error on aarch64 F41 - remove old patch that seems to be the cause of a crash when the user set user.max_user_namespaces to 0 * Sat Jul 27 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 127.0.6533.72-1.inferit.1 - Added chromium-ffmpeg package * Thu Jul 25 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 127.0.6533.72-1.inferit - update to 127.0.6533.72 * CVE-2024-6988: Use after free in Downloads * CVE-2024-6989: Use after free in Loader * CVE-2024-6991: Use after free in Dawn * CVE-2024-6992: Out of bounds memory access in ANGLE * CVE-2024-6993: Inappropriate implementation in Canvas * CVE-2024-6994: Heap buffer overflow in Layout * CVE-2024-6995: Inappropriate implementation in Fullscreen * CVE-2024-6996: Race in Frames * CVE-2024-6997: Use after free in Tabs * CVE-2024-6998: Use after free in User Education * CVE-2024-6999: Inappropriate implementation in FedCM * CVE-2024-7000: Use after free in CSS. Reported by Anonymous * CVE-2024-7001: Inappropriate implementation in HTML * CVE-2024-7003: Inappropriate implementation in FedCM * CVE-2024-7004: Insufficient validation of untrusted input in Safe Browsing * CVE-2024-7005: Insufficient validation of untrusted input in Safe - fix condition for is_cfi/use_thin_lto on aarch64/ppc64le - update powerpc patches * Fri Jul 19 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 126.0.6478.182-1.inferit.1 - set mode 755 during install chromium-browser.sh * Thu Jul 18 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 126.0.6478.182-1.inferit - update to 126.0.6478.182 * High CVE-2024-6772: Inappropriate implementation in V8 * High CVE-2024-6773: Type Confusion in V8 * High CVE-2024-6774: Use after free in Screen Capture * High CVE-2024-6775: Use after free in Media Stream * High CVE-2024-6776: Use after free in Audio * High CVE-2024-6777: Use after free in Navigation * High CVE-2024-6778: Race in DevTools * High CVE-2024-6779: Out of bounds memory access in V8 - fixed rhbz#2293202, chromium Wayland UI regression - made qt5-ui and qt6-ui as subpackage * Tue Jul 09 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 126.0.6478.126-1.inferit.1 - Fix openh264 build - build with internal openh264 * Tue Jun 25 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 126.0.6478.126-1.inferit - update to 126.0.6478.126 * High CVE-2024-6290: Use after free in Dawn * High CVE-2024-6291: Use after free in Swiftshader * High CVE-2024-6292: Use after free in Dawn * High CVE-2024-6293: Use after free in Dawn * Wed Jun 19 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 126.0.6478.114-1.inferit - update to 126.0.6478.114 * High CVE-2024-6100: Type Confusion in V8 * High CVE-2024-6101: Inappropriate implementation in WebAssembly * High CVE-2024-6102: Out of bounds memory access in Dawn * High CVE-2024-6103: Use after free in Dawn * Mon Jun 17 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 126.0.6478.61-1.inferit - update to 126.0.6478.61 * Mon Jun 17 2024 Sergey Cherevko <s.cherevko@msvsphere-os.ru> - 126.0.6478.55-1.inferit.1 - Start page has been changed * Fri Jun 14 2024 Sergey Cherevko <s.cherevko@msvsphere-os.ru> - 126.0.6478.55-1.inferit - update to 126.0.6478.55 * High CVE-2024-5830: Type Confusion in V8 * High CVE-2024-5831: Use after free in Dawn * High CVE-2024-5832: Use after free in Dawn * High CVE-2024-5833: Type Confusion in V8 * High CVE-2024-5834: Inappropriate implementation in Dawn * High CVE-2024-5835: Heap buffer overflow in Tab Groups * High CVE-2024-5836: Inappropriate Implementation in DevTools * High CVE-2024-5837: Type Confusion in V8 * High CVE-2024-5838: Type Confusion in V8 * Medium CVE-2024-5839: Inappropriate Implementation in Memory Allocator * Medium CVE-2024-5840: Policy Bypass in CORS * Medium CVE-2024-5841: Use after free in V8 * Medium CVE-2024-5842: Use after free in Browser UI * Medium CVE-2024-5843: Inappropriate implementation in Downloads * Medium CVE-2024-5844: Heap buffer overflow in Tab Strip * Medium CVE-2024-5845: Use after free in Audio * Medium CVE-2024-5846: Use after free in PDFium * Medium CVE-2024-5847: Use after free in PDFium - Update Chromium Gost patches - fix build error on el7 and el8 - fatal error: sys/ifunc.h file not found * Sun Jun 02 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 125.0.6422.141-1.inferit - update to 125.0.6422.141 * High CVE-2024-5493: Heap buffer overflow in WebRTC * High CVE-2024-5494: Use after free in Dawn * High CVE-2024-5495: Use after free in Dawn * High CVE-2024-5496: Use after free in Media Session * High CVE-2024-5497: Out of bounds memory access in Keyboard Inputs * High CVE-2024-5498: Use after free in Presentation API * High CVE-2024-5499: Out of bounds write in Streams API - fixed rhbz#2264332 - Chromium is unable to send/receive video on MS Teams - cleanup chromium.conf * Mon May 27 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 125.0.6422.112-1.inferit - update to 125.0.6422.112 * High CVE-2024-5274: Type Confusion in V8 * Fri May 24 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 125.0.6422.76-1.inferit - fix bz#2282246, update to 125.0.6422.76 * High CVE-2024-5157: Use after free in Scheduling * High CVE-2024-5158: Type Confusion in V8 * High CVE-2024-5159: Heap buffer overflow in ANGLE * High CVE-2024-5160: Heap buffer overflow in Dawn - cleanup - remove unneeded BRs - workarounds for el7 build * Fri May 17 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 125.0.6422.60-1.inferit - update to 125.0.6422.60 * High CVE-2024-4947: Type Confusion in V8 * High CVE-2024-4948: Use after free in Dawn * Medium CVE-2024-4949: Use after free in V8 * Low CVE-2024-4950: Inappropriate implementation in Downloads * Wed May 15 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 124.0.6367.207-1.inferit - update to 124.0.6367.207 - include headless_command_resources.pak for head_shell * Sat May 11 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 124.0.6367.201-1.inferit - update to 124.0.6367.201 * High CVE-2024-4671: Use after free in Visuals * Thu May 09 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 124.0.6367.155-1.inferit - update to 124.0.6367.155 * High CVE-2024-4558: Use after free in ANGLE * High CVE-2024-4559: Heap buffer overflow in WebAudio * Thu May 02 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 124.0.6367.118-1.inferit - update to 124.0.6367.118 * High CVE-2024-4331: Use after free in Picture In Picture * High CVE-2024-4368: Use after free in Dawn - use system highway * Thu May 02 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 124.0.6367.91-1.inferit - update to 124.0.6367.91 - fixed bz#2277228 - chromium wrapper causes library issues (symbol lookup error) - use system dav1d * Thu Apr 25 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 124.0.6367.78-1.inferit - update to 124.0.6367.78 * Critical CVE-2024-4058: Type Confusion in ANGLE * High CVE-2024-4059: Out of bounds read in V8 API * High CVE-2024-4060: Use after free in Dawn * Wed Apr 24 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 124.0.6367.60-2.inferit.1 - Hide microphone from new page * Tue Apr 23 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 124.0.6367.60-2.inferit - update to 124.0.6367.60 - fix waylang regression - update GOST patches - update Yandex patches * Fri Apr 12 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 123.0.6312.122-1.inferit - update to 123.0.6312.122 * High CVE-2024-3157: Out of bounds write in Compositing * High CVE-2024-3516: Heap buffer overflow in ANGLE * High CVE-2024-3515: Use after free in Dawn * Thu Apr 04 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 123.0.6312.105-1.inferit - update to 123.0.6312.105 * High CVE-2024-3156: Inappropriate implementation in V8 * High CVE-2024-3158: Use after free in Bookmarks * High CVE-2024-3159: Out of bounds memory access in V8 * Thu Mar 28 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 123.0.6312.86-1.inferit - update to 123.0.6312.86 * Critical CVE-2024-2883: Use after free in ANGLE * High CVE-2024-2885: Use after free in Daw * High CVE-2024-2886: Use after free in WebCodecs * High CVE-2024-2887: Type Confusion in WebAssembly - fixed bz#2269768 - enable build ppc64le package for F40 - fixed bz#2270321 - VAAPI flags in chromium.conf are out of date - fixed bz#2271183 - disable screen ai service * Thu Mar 21 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 123.0.6312.58-1.inferit - update to 123.0.6312.58 * High CVE-2024-2625: Object lifecycle issue in V8 * Medium CVE-2024-2626: Out of bounds read in Swiftshader * Medium CVE-2024-2627: Use after free in Canvas * Medium CVE-2024-2628: Inappropriate implementation in Downloads * Medium CVE-2024-2629: Incorrect security UI in iOS * Medium CVE-2024-2630: Inappropriate implementation in iOS * Low CVE-2024-2631: Inappropriate implementation in iOS - fixed bz#2270321 - VAAPI flags in chromium.conf are out of date * Thu Mar 14 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 122.0.6261.128-1.inferit - upstream security release 122.0.6261.128 * High CVE-2024-2400: Use after free in Performance Manager * Thu Mar 07 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 122.0.6261.111-1.inferit - upstream security release 122.0.6261.111 * High CVE-2024-2173: Out of bounds memory access in V8 * High CVE-2024-2174: Inappropriate implementation in V8 * High CVE-2024-2176: Use after free in FedCM * Thu Feb 29 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 122.0.6261.94-1.inferit.1 - upstream security release 122.0.6261.94 * High : Type Confusion in V8 - fixed bz#2265957, added correct platform in chromium use agent * Fri Feb 23 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 122.0.6261.69-1.inferit - update to 122.0.6261.69 - fix build error on el8 - bz#2265039, built with -fwrapv for improved memory safety - bz#2265043, built with -ftrivial-auto-var-init=zero for improved security and preditability * Fri Feb 23 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 122.0.6261.57-1.inferit - update to 122.0.6261.57 * High CVE-2024-1669: Out of bounds memory access in Blink * High CVE-2024-1670: Use after free in Mojo * Medium CVE-2024-1671: Inappropriate implementation in Site Isolation * Medium CVE-2024-1672: Inappropriate implementation in Content Security Policy * Medium CVE-2024-1673: Use after free in Accessibility * Medium CVE-2024-1674: Inappropriate implementation in Navigation * Medium CVE-2024-1675: Insufficient policy enforcement in Download * Low CVE-2024-1676: Inappropriate implementation in Navigation. * Wed Feb 14 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 121.0.6167.184-1.inferit - Update to 121.0.6167.184 - reduce the size of relocations * Fri Feb 09 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 121.0.6167.160-1.inferit - update to 121.0.6167.160 * High CVE-2024-1284: Use after free in Mojo * High CVE-2024-1283: Heap buffer overflow in Skia * Sat Feb 03 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 121.0.6167.139-2.inferit - Define missing bundlelibwebp variable - update to 121.0.6167.139 * High CVE-2024-1060: Use after free in Canvas * High CVE-2024-1059: Use after free in WebRTC * High CVE-2024-1077: Use after free in Network - Enable Qt - Support for 64K pages on Linux/AArch64 * Wed Jan 24 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 121.0.6167.85-1.inferit - update to 121.0.6167.85 * High CVE-2024-0807: Use after free in WebAudio * High CVE-2024-0812: Inappropriate implementation in Accessibility * High CVE-2024-0808: Integer underflow in WebUI * Medium CVE-2024-0810: Insufficient policy enforcement in DevTools * Medium CVE-2024-0814: Incorrect security UI in Payments * Medium CVE-2024-0813: Use after free in Reading Mode * Medium CVE-2024-0806: Use after free in Passwords * Medium CVE-2024-0805: Inappropriate implementation in Downloads * Medium CVE-2024-0804: Insufficient policy enforcement in iOS Security UI * Low CVE-2024-0811: Inappropriate implementation in Extensions API * Low CVE-2024-0809: Inappropriate implementation in Autofill * Wed Jan 17 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 120.0.6099.224-1.inferit - update to 120.0.6099.224 * High CVE-2024-0517: Out of bounds write in V8 * High CVE-2024-0518: Type Confusion in V8 * High CVE-2024-0519: Out of bounds memory access in V8 * Thu Jan 11 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 120.0.6099.216-1.inferit - update to 120.0.6099.216 * High CVE-2024-0333: Insufficient data validation in Extensions * Sat Jan 06 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 120.0.6099.199-1.inferit - new gn update, drop workaround for broken gn on epel 8/9 - update to 120.0.6099.199 * CVE-2024-0222: Use after free in ANGLE * CVE-2024-0223: Heap buffer overflow in ANGLE * CVE-2024-0224: Use after free in WebAudio * CVE-2024-0225: Use after free in WebGPU * Tue Dec 26 2023 Arkady L. Shane <tigro@msvsphere-os.ru> - 120.0.6099.129-1.inferit.1 - Use home page from sphere-indexhtml package * Fri Dec 22 2023 Arkady L. Shane <tigro@msvsphere-os.ru> - 120.0.6099.129-1.inferit - update to 120.0.6099.129 * High CVE-2023-7024: Heap buffer overflow in WebRTC * Sun Dec 17 2023 Arkady L. Shane <tigro@msvsphere-os.ru> - 120.0.6099.109-1.inferit - update to 120.0.6099.109 * High CVE-2023-6702: Type Confusion in V8 * High CVE-2023-6703: Use after free in Blink * High CVE-2023-6704: Use after free in libavif * High CVE-2023-6705: Use after free in WebRTC * High CVE-2023-6706: Use after free in FedCM * Medium CVE-2023-6707: Use after free in CSS * Tue Dec 12 2023 Arkady L. Shane <tigro@msvsphere-os.ru> - 120.0.6099.71-1.inferit - Updateo to 20.0.6099.71 * Thu Dec 07 2023 Arkady L. Shane <tigro@msvsphere-os.ru> - 120.0.6099.62-2.inferit - drop unsupported ldflag which caused build failure - update to 120.0.6099.62 - fixed bz#2252874, built with control flow integrity (CFI) support - enable qt6 UI backend - fixed bz#2242271, built with bundleminizip in fedora > 39 - fixed bz#2251884, built with fstack-protector-strong for improved security * Mon Dec 04 2023 Alexey Berezhok <alexey.berezhok@msvsphere-os.ru> - 119.0.6045.199-1.inferit.2 - Added Yandex search bar as default on newtab and new-tab-page * Thu Nov 30 2023 Arkady L. Shane <tigro@msvsphere-os.ru> - 119.0.6045.199-1.inferit - Update to 119.0.6045.199 Fix CVE-2023-6345 * Sat Nov 25 2023 Arkady L. Shane <tigro@msvsphere-os.ru> - 119.0.6045.159-2.inferit - Apply GOST patches * Mon Nov 20 2023 Arkady L. Shane <tigro@msvsphere-os.ru> - 119.0.6045.159-1.inferit - update to 119.0.6045.159 - add Requires/Conflicts for ABI break in fmpeg-free 6.0.1 - drop first_dts patch, reintroduce first_dts patch in ffmpeg-free-6.0.1 - fixed python3 syntaxWarning: invalid escape sequenc - skip clang's patches for epel8 that now gets clang-16 update - fixed bz#2240127, Some h.264 mp4s do not play - fixed python3 syntaxWarning: invalid escape sequence - fix ffmpeg conflicts * Fri Nov 10 2023 Arkady L. Shane <tigro@msvsphere-os.ru> - 119.0.6045.123-1.inferit - update to 119.0.6045.123, include following security fixes: high CVE-2023-5996: Use after free in WebAudio - enable debuginfo - sync patches with upstream * Thu Nov 02 2023 Arkady L. Shane <tigro@msvsphere-os.ru> - 119.0.6045.105-1.inferit - Update to 119.0.6045.105 * Fri Oct 27 2023 Arkady L. Shane <tigro@msvsphere-os.ru> - 118.0.5993.117-2.inferit - Drop Branding from About dialog * Wed Oct 25 2023 Arkady L. Shane <tigro@msvsphere-os.ru> - 118.0.5993.117-1.inferit - Update to 118.0.5993.117 * Sat Oct 21 2023 Arkady L. Shane <tigro@msvsphere-os.ru> - 118.0.5993.88-1.inferit - Update to 118.0.5993.88 - Cleanup the package dependencies * Thu Oct 12 2023 Arkady L. Shane <tigro@msvsphere-os.ru> - 118.0.5993.70-1.inferit - Update to 118.0.5993.70 - CVE-2023-5218: Use after free in Site Isolation. - CVE-2023-5487: Inappropriate implementation in Fullscreen. - CVE-2023-5484: Inappropriate implementation in Navigation. - CVE-2023-5475: Inappropriate implementation in DevTools. - CVE-2023-5483: Inappropriate implementation in Intents. - CVE-2023-5481: Inappropriate implementation in Downloads. - CVE-2023-5476: Use after free in Blink History. - CVE-2023-5474: Heap buffer overflow in PDF. - CVE-2023-5479: Inappropriate implementation in Extensions API. - CVE-2023-5485: Inappropriate implementation in Autofill. - CVE-2023-5478: Inappropriate implementation in Autofill. - CVE-2023-5477: Inappropriate implementation in Installer. - CVE-2023-5486: Inappropriate implementation in Input. - CVE-2023-5473: Use after free in Cast. - drop use_gnome_keyring as it's removed by upstream * Fri Oct 06 2023 Arkady L. Shane <ashejn@msvsphere.ru> - 117.0.5938.149-1.inferit - Update to 117.0.5938.149 - fix CVE-2023-5346: Type Confusion in V8 - add workaround for the crash on BTI capable system * Thu Sep 28 2023 Arkady L. Shane <ashejn@msvsphere.ru> - 117.0.5938.132-1.inferit - Update to 117.0.5938.132 * Mon Sep 25 2023 Arkady L. Shane <ashejn@msvsphere.ru> - 117.0.5938.92-1.inferit - Update to 117.0.5938.92 - backport upstream patch to fix memory leak * Tue Sep 19 2023 Arkady L. Shane <ashejn@msvsphere.ru> - 117.0.5938.88-1.inferit - Update to 117.0.5938.88 - Build with internal libwebp * Fri Sep 15 2023 Arkady L. Shane <ashejn@msvsphere.ru> - 117.0.5938.62-1.inferit - Update to 117.0.5938.62 * Tue Sep 12 2023 Arkady L. Shane <ashejn@msvsphere.ru> - 116.0.5845.187-1.inferit - Update to 116.0.5845.187 - Change url to https://msvsphere-os.ru - Import bookmarks from system-bookmarks package * Thu Sep 07 2023 Arkady L. Shane <ashejn@msvsphere.ru> - 116.0.5845.179-1.inferit - Update to 116.0.5845.179 * Thu Aug 31 2023 Arkady L. Shane <ashejn@msvsphere.ru> - 116.0.5845.140-1.inferit - Update to 116.0.5845.140 * Wed Aug 16 2023 Arkady L. Shane <ashejn@msvsphere.ru> - 116.0.5845.96-1.inferit.1 - Update to 116.0.5845.96 * Fri Aug 11 2023 Sergey Cherevko <s.cherevko@msvsphere.ru> - 115.0.5790.170-1.inferit.1 - Added Russian description and summary for gnome-software - Rebuilt for MSVSphere 9.2 * Fri Aug 04 2023 Arkady L. Shane <ashejn@msvsphere.ru> - 115.0.5790.170-1.inferit - Update to 115.0.5790.170 * Thu Jul 27 2023 Arkady L. Shane <ashejn@msvsphere.ru> - 115.0.5790.110-1.inferit - Update to 115.0.5790.110 - Sync patches with upstream * Fri Jul 21 2023 Arkady L. Shane <ashejn@msvsphere.ru> - 115.0.5790.102-1.inferit - Update to 115.0.5790.102 - Disable rust - Added many fixes * Fri Jul 21 2023 Arkady L. Shane <ashejn@msvsphere.ru> - 114.0.5735.198-1.inferit.1 - Use original tarball - Build with internal FFmpeg * Mon Jul 10 2023 Arkady L. Shane <ashejn@msvsphere.ru> - 114.0.5735.198-1.inferit - Update to 114.0.5735.198 * Mon Jul 10 2023 Alexey Lyubimov <a.lyubimov@msvsphere.ru> - 114.0.5735.133-1.inferit.3 - Debranding about Chromium info * Tue Jul 04 2023 Arkady L. Shane <ashejn@msvsphere.ru> - 114.0.5735.133-1.inferit.2 - resize Yandex logo again * Mon Jul 03 2023 Arkady L. Shane <ashejn@msvsphere.ru> - 114.0.5735.133-1.inferit.1 - resize Yandex logo * Sat Jul 01 2023 Arkady L. Shane <ashejn@msvsphere.ru> - 114.0.5735.133-1.inferit - Rebuilt for MSVSphere 9.2 - set Yandex search engine by default - replace Google logo with Yandex logo - set new home page * Wed Jun 14 2023 Than Ngo <than@redhat.com> - 114.0.5735.133-1 - update to 114.0.5735.133 - Enable AllowQt feature flag - Fix Qt deps - Fix Qt logical scale factor * Wed Jun 07 2023 Than Ngo <than@redhat.com> - 114.0.5735.106-1 - update to 114.0.5735.106 * Sun May 28 2023 Than Ngo <than@redhat.com> - 114.0.5735.45-1 - update to 114.0.5735.45 - add qt6 linuxui backend - backport: handle scale factor changes - backport: fix font double_scaling * Wed May 17 2023 Than Ngo <than@redhat.com> - 113.0.5672.126-1 - drop clang workaround for el8 - update to 113.0.5672.126 * Tue May 09 2023 Than Ngo <than@redhat.com> - 113.0.5672.92-1 - update to 113.0.5672.92 * Wed May 03 2023 Than Ngo <than@redhat.com> - 113.0.5672.63-1 - update to 113.0.5672.63 * Sun Apr 23 2023 Than Ngo <than@redhat.com> - 112.0.5615.165-2 - make --use-gl=egl default for x11/wayland - enable WebUIDarkMode

Main Site Links:

Information for build chromium-135.0.7049.95-1.el9.inferit