Hello community, here is the log from the commit of package chromium for openSUSE:Factory checked in at 2017-07-27 11:12:51 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/chromium (Old) and /work/SRC/openSUSE:Factory/.chromium.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "chromium" Thu Jul 27 11:12:51 2017 rev:160 rq:512664 version:60.0.3112.78 Changes: -------- --- /work/SRC/openSUSE:Factory/chromium/chromium.changes 2017-06-24 08:35:15.669543395 +0200 +++ /work/SRC/openSUSE:Factory/.chromium.new/chromium.changes 2017-07-27 11:13:22.671863243 +0200 @@ -1,0 +2,46 @@ +Wed Jul 26 13:27:55 UTC 2017 - tchvatal@suse.com + +- Version update to 60.0.3112.78 bsc#1050537: + * CVE-2017-5091: Use after free in IndexedDB + * CVE-2017-5092: Use after free in PPAPI + * CVE-2017-5093: UI spoofing in Blink + * CVE-2017-5094: Type confusion in extensions + * CVE-2017-5095: Out-of-bounds write in PDFium + * CVE-2017-5096: User information leak via Android intents + * CVE-2017-5097: Out-of-bounds read in Skia + * CVE-2017-5098: Use after free in V8 + * CVE-2017-5099: Out-of-bounds write in PPAPI + * CVE-2017-5100: Use after free in Chrome Apps + * CVE-2017-5101: URL spoofing in OmniBox + * CVE-2017-5102: Uninitialized use in Skia + * CVE-2017-5103: Uninitialized use in Skia + * CVE-2017-5104: UI spoofing in browser + * CVE-2017-7000: Pointer disclosure in SQLite + * CVE-2017-5105: URL spoofing in OmniBox + * CVE-2017-5106: URL spoofing in OmniBox + * CVE-2017-5107: User information leak via SVG + * CVE-2017-5108: Type confusion in PDFium + * CVE-2017-5109: UI spoofing in browser + * CVE-2017-5110: UI spoofing in payments dialog + * Various fixes from internal audits, fuzzing and other initiatives +- Add patch chromium-override.patch +- Remove patches chromium-fpermissive.patch chromium-system-ffmpeg-r3.patch +- Rebase patches: + * chromium-dma-buf.patch + * chromium-gcc7.patch + * chromium-last-commit-position-r0.patch + * fix-gn-bootstrap.diff + +------------------------------------------------------------------- +Mon Jul 24 09:01:07 UTC 2017 - tchvatal@suse.com + +- Recommend emoji fonts to make sure major web chats do not show + questionmarks + +------------------------------------------------------------------ +Wed Jun 28 19:27:55 UTC 2017 - tchvatal@suse.com + +- Update to 59.0.3071.115: + * Various small fixes all around + +------------------------------------------------------------------- Old: ---- chromium-59.0.3071.109.tar.xz chromium-fpermissive.patch chromium-system-ffmpeg-r3.patch New: ---- chromium-60.0.3112.78.tar.xz chromium-override.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ chromium.spec ++++++ --- /var/tmp/diff_new_pack.0wU51d/_old 2017-07-27 11:13:39.249521541 +0200 +++ /var/tmp/diff_new_pack.0wU51d/_new 2017-07-27 11:13:39.249521541 +0200 @@ -17,9 +17,6 @@ %define rname chromium -%bcond_with system_vpx -%bcond_with system_icu -%bcond_with system_libxml %if %{?suse_version} >= 1320 || (%{?suse_version} == 1315 && 0%{?leap_version} >= 420200) %bcond_without system_minizip %bcond_without system_harfbuzz @@ -33,9 +30,12 @@ %else %bcond_without sle_bundles %endif +%bcond_with system_icu +%bcond_with system_libxml +%bcond_with system_vpx %bcond_with clang Name: chromium -Version: 59.0.3071.109 +Version: 60.0.3112.78 Release: 0 Summary: Google's open source browser project License: BSD-3-Clause and LGPL-2.1+ @@ -64,13 +64,11 @@ Patch6: fix_building_widevinecdm_with_chromium.patch # PATCH-FIX-OPENSUSE fix_network_api_crash.patch - Fix crash in network API, e.g. when using chromecast extension Patch7: fix_network_api_crash.patch -# System libs -Patch8: chromium-system-ffmpeg-r3.patch # Gcc fix Patch10: gcc60-fixes.diff Patch11: chromium-gcc7.patch Patch12: chromium-dma-buf.patch -Patch13: chromium-fpermissive.patch +Patch13: chromium-override.patch Patch14: chromium-buildname.patch # archlinux arm enhancement patches Patch100: arm-webrtc-fix.patch @@ -110,6 +108,7 @@ BuildRequires: update-desktop-files BuildRequires: util-linux BuildRequires: wdiff +BuildRequires: yasm BuildRequires: perl(Switch) BuildRequires: pkgconfig(alsa) BuildRequires: pkgconfig(bzip2) @@ -130,6 +129,10 @@ BuildRequires: pkgconfig(kadm-client) BuildRequires: pkgconfig(kdb) BuildRequires: pkgconfig(krb5) +BuildRequires: pkgconfig(libavcodec) +BuildRequires: pkgconfig(libavfilter) +BuildRequires: pkgconfig(libavformat) >= 57.41.100 +BuildRequires: pkgconfig(libavutil) BuildRequires: pkgconfig(libcrypto) BuildRequires: pkgconfig(libdc1394-2) BuildRequires: pkgconfig(libdrm) @@ -143,14 +146,12 @@ BuildRequires: pkgconfig(libtcmalloc) BuildRequires: pkgconfig(libudev) BuildRequires: pkgconfig(libwebp) -%if %{with system_libxml} -BuildRequires: pkgconfig(libxml-2.0) -%endif BuildRequires: pkgconfig(libxslt) BuildRequires: pkgconfig(nspr) >= 4.9.5 BuildRequires: pkgconfig(nss) >= 3.14 BuildRequires: pkgconfig(ogg) BuildRequires: pkgconfig(openssl) +BuildRequires: pkgconfig(opus) BuildRequires: pkgconfig(python) BuildRequires: pkgconfig(schroedinger-1.0) BuildRequires: pkgconfig(slang) @@ -175,6 +176,8 @@ Requires: hicolor-icon-theme Requires: xdg-utils Requires(pre): permissions +Recommends: noto-coloremoji-fonts +Recommends: noto-emoji-fonts Conflicts: otherproviders(chromium-browser) Provides: chromium-based-browser = %{version} Provides: chromium-browser = %{version} @@ -187,10 +190,15 @@ Obsoletes: chromium-desktop-kde Obsoletes: chromium-dev-desktop-gnome Obsoletes: chromium-dev-desktop-kde +Obsoletes: chromium-ffmpeg +Obsoletes: chromium-ffmpegsumo # There is no v8 for ppc and thus chromium won't run on ppc. For aarch64 # certain buildrequires are missing (e.g. valgrind) # while it would build for %arm, we exclude it as it takes forever to build ExcludeArch: %{arm} aarch64 i586 ppc ppc64 ppc64le +%if %{with system_libxml} +BuildRequires: pkgconfig(libxml-2.0) +%endif %if !%{with sle_bundles} BuildRequires: python-beautifulsoup4 BuildRequires: python-html5lib @@ -210,14 +218,6 @@ %if %{with system_vpx} BuildRequires: pkgconfig(vpx) >= 1.6.1 %endif -BuildRequires: pkgconfig(libavcodec) -BuildRequires: pkgconfig(libavfilter) -BuildRequires: pkgconfig(libavformat) >= 57.41.100 -BuildRequires: pkgconfig(libavutil) -Conflicts: otherproviders(ffmpegsumo) -Obsoletes: chromium-ffmpeg -Obsoletes: chromium-ffmpegsumo -Provides: ffmpegsumo = %{version} %if %{with clang} BuildRequires: clang >= 3.9.0 %else @@ -253,7 +253,6 @@ %patch5 -p1 %patch6 -p1 %patch7 -%patch8 -p1 %if !%{with clang} %patch10 %patch11 -p1 @@ -310,6 +309,7 @@ third_party/catapult/tracing/third_party/gl-matrix third_party/catapult/tracing/third_party/jszip third_party/catapult/tracing/third_party/mannwhitneyu + third_party/catapult/tracing/third_party/oboe third_party/ced third_party/cld_2 third_party/cld_3 @@ -320,9 +320,11 @@ third_party/flatbuffers third_party/flot third_party/freetype + third_party/glslang-angle third_party/google_input_tools third_party/google_input_tools/third_party/closure_library third_party/google_input_tools/third_party/closure_library/third_party/closure + third_party/googletest third_party/hunspell third_party/iccjpeg third_party/inspector_protocol @@ -352,7 +354,6 @@ third_party/node/node_modules/vulcanize/third_party/UglifyJS2 third_party/openh264 third_party/openmax_dl - third_party/opus third_party/ots third_party/pdfium third_party/pdfium/third_party/agg23 @@ -371,20 +372,23 @@ third_party/qcms third_party/sfntly third_party/skia + third_party/skia/third_party/vulkan third_party/smhasher + third_party/spirv-headers + third_party/spirv-tools-angle third_party/sqlite third_party/swiftshader third_party/swiftshader/third_party/llvm-subzero - third_party/swiftshader/third_party/pnacl-subzero third_party/swiftshader/third_party/subzero third_party/tcmalloc third_party/usrsctp + third_party/vulkan + third_party/vulkan-validation-layers third_party/web-animations-js third_party/webdriver third_party/webrtc third_party/widevine third_party/woff2 - third_party/x86inc third_party/zlib/google url/third_party/mozilla v8/src/third_party/valgrind @@ -436,8 +440,8 @@ %else # REDUCE DEBUG as it gets TOO large ARCH_FLAGS="`echo %{optflags} | sed -e 's/^-g / /g' -e 's/ -g / /g' -e 's/ -g$//g'`" -export CFLAGS="${ARCH_FLAGS}" -export CXXFLAGS="${ARCH_FLAGS}" +export CFLAGS="${ARCH_FLAGS} -std=gnu11 -fpermissive" +export CXXFLAGS="${ARCH_FLAGS} -fpermissive" export CC=gcc export CXX=g++ %endif @@ -464,8 +468,10 @@ libpng libwebp libxslt + opus re2 snappy + yasm ) %if !%{with sle_bundles} gn_system_libraries+=( yasm ) ++++++ chromium-59.0.3071.109.tar.xz -> chromium-60.0.3112.78.tar.xz ++++++ /work/SRC/openSUSE:Factory/chromium/chromium-59.0.3071.109.tar.xz /work/SRC/openSUSE:Factory/.chromium.new/chromium-60.0.3112.78.tar.xz differ: char 26, line 1 ++++++ chromium-dma-buf.patch ++++++ --- /var/tmp/diff_new_pack.0wU51d/_old 2017-07-27 11:13:39.381502898 +0200 +++ /var/tmp/diff_new_pack.0wU51d/_new 2017-07-27 11:13:39.381502898 +0200 @@ -1,21 +1,22 @@ ---- a/ui/gfx/linux/client_native_pixmap_dmabuf.cc.orig 2017-03-29 15:08:58.079790070 +0000 -+++ b/ui/gfx/linux/client_native_pixmap_dmabuf.cc 2017-03-29 15:09:10.068039324 +0000 -@@ -17,7 +17,6 @@ +Index: chromium-60.0.3088.3/ui/gfx/linux/client_native_pixmap_dmabuf.cc +=================================================================== +--- chromium-60.0.3088.3.orig/ui/gfx/linux/client_native_pixmap_dmabuf.cc ++++ chromium-60.0.3088.3/ui/gfx/linux/client_native_pixmap_dmabuf.cc +@@ -19,9 +19,6 @@ #include "base/strings/stringprintf.h" #include "base/trace_event/trace_event.h" --#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 6, 0) +-#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 11, 0) +-#include <linux/dma-buf.h> +-#else #include <linux/types.h> - struct local_dma_buf_sync { -@@ -35,10 +34,6 @@ - #define LOCAL_DMA_BUF_IOCTL_SYNC \ - _IOW(LOCAL_DMA_BUF_BASE, 0, struct local_dma_buf_sync) + struct dma_buf_sync { +@@ -36,7 +33,6 @@ struct dma_buf_sync { --#else --#include <linux/dma-buf.h> + #define DMA_BUF_BASE 'b' + #define DMA_BUF_IOCTL_SYNC _IOW(DMA_BUF_BASE, 0, struct dma_buf_sync) -#endif -- + namespace gfx { - namespace { ++++++ chromium-gcc7.patch ++++++ --- /var/tmp/diff_new_pack.0wU51d/_old 2017-07-27 11:13:39.397500638 +0200 +++ /var/tmp/diff_new_pack.0wU51d/_new 2017-07-27 11:13:39.397500638 +0200 @@ -1,19 +1,7 @@ -Index: chromium-59.0.3071.83/third_party/WebKit/Source/platform/graphics/gpu/SharedGpuContext.h +Index: chromium-60.0.3112.10/v8/src/objects-body-descriptors.h =================================================================== ---- chromium-59.0.3071.83.orig/third_party/WebKit/Source/platform/graphics/gpu/SharedGpuContext.h -+++ chromium-59.0.3071.83/third_party/WebKit/Source/platform/graphics/gpu/SharedGpuContext.h -@@ -5,6 +5,7 @@ - #include "platform/PlatformExport.h" - #include "platform/wtf/ThreadSpecific.h" - -+#include <functional> - #include <memory> - - namespace gpu { -Index: chromium-59.0.3071.83/v8/src/objects-body-descriptors.h -=================================================================== ---- chromium-59.0.3071.83.orig/v8/src/objects-body-descriptors.h -+++ chromium-59.0.3071.83/v8/src/objects-body-descriptors.h +--- chromium-60.0.3112.10.orig/v8/src/objects-body-descriptors.h ++++ chromium-60.0.3112.10/v8/src/objects-body-descriptors.h @@ -99,7 +99,7 @@ class FixedBodyDescriptor final : public template <typename StaticVisitor> @@ -21,5 +9,5 @@ - IterateBody(obj); + IterateBody<StaticVisitor>(obj); } - }; + static inline int SizeOf(Map* map, HeapObject* object) { return kSize; } ++++++ chromium-last-commit-position-r0.patch ++++++ --- /var/tmp/diff_new_pack.0wU51d/_old 2017-07-27 11:13:39.413498378 +0200 +++ /var/tmp/diff_new_pack.0wU51d/_new 2017-07-27 11:13:39.413498378 +0200 @@ -1,5 +1,7 @@ ---- a/tools/gn/gn_main.cc 2015-11-12 11:49:56.260549036 +0000 -+++ b/tools/gn/gn_main.cc 2015-11-12 11:50:14.780931485 +0000 +Index: chromium-60.0.3107.4/tools/gn/gn_main.cc +=================================================================== +--- chromium-60.0.3107.4.orig/tools/gn/gn_main.cc ++++ chromium-60.0.3107.4/tools/gn/gn_main.cc @@ -12,13 +12,7 @@ #include "tools/gn/standard_out.h" #include "tools/gn/switches.h" @@ -14,14 +16,15 @@ namespace { ---- a/tools/gn/BUILD.gn 2015-11-12 11:50:43.513524769 +0000 -+++ b/tools/gn/BUILD.gn 2015-11-12 11:50:57.697817632 +0000 -@@ -263,7 +263,6 @@ +Index: chromium-60.0.3107.4/tools/gn/BUILD.gn +=================================================================== +--- chromium-60.0.3107.4.orig/tools/gn/BUILD.gn ++++ chromium-60.0.3107.4/tools/gn/BUILD.gn +@@ -268,7 +268,6 @@ executable("gn") { deps = [ ":gn_lib", - ":last_commit_position", "//base", - "//build/config/sanitizers:deps", + "//build/config:exe_and_shlib_deps", "//build/win:default_exe_manifest", - ++++++ chromium-override.patch ++++++ ++++ 689 lines (skipped) ++++++ fix-gn-bootstrap.diff ++++++ --- /var/tmp/diff_new_pack.0wU51d/_old 2017-07-27 11:13:39.473489904 +0200 +++ /var/tmp/diff_new_pack.0wU51d/_new 2017-07-27 11:13:39.477489339 +0200 @@ -0,0 +1,13 @@ +Index: tools/gn/bootstrap/bootstrap.py +diff --git a/tools/gn/bootstrap/bootstrap.py b/tools/gn/bootstrap/bootstrap.py +index 6f2f5b1264519ea38cc36fb0b7e2cc24c378ca7a..0b03d2626b358fb90ab39d737679ee47bd60303b 100755 +--- a/tools/gn/bootstrap/bootstrap.py ++++ b/tools/gn/bootstrap/bootstrap.py +@@ -487,6 +487,7 @@ def write_gn_ninja(path, root_gen_dir, options): + 'base/sys_info.cc', + 'base/task_runner.cc', + 'base/task_scheduler/delayed_task_manager.cc', ++ 'base/task_scheduler/environment_config.cc', + 'base/task_scheduler/post_task.cc', + 'base/task_scheduler/priority_queue.cc', + 'base/task_scheduler/scheduler_lock_impl.cc',