Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package chromium for openSUSE:Factory checked in at 2026-04-10 17:50:47 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/chromium (Old) and /work/SRC/openSUSE:Factory/.chromium.new.21863 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "chromium" Fri Apr 10 17:50:47 2026 rev:513 rq:1345294 version:147.0.7727.55 Changes: -------- --- /work/SRC/openSUSE:Factory/chromium/chromium.changes 2026-04-05 18:25:09.292375598 +0200 +++ /work/SRC/openSUSE:Factory/.chromium.new.21863/chromium.changes 2026-04-10 17:57:02.059798975 +0200 @@ -1,0 +2,72 @@ +Wed Apr 8 18:51:59 UTC 2026 - Andreas Stieger <[email protected]> + +- Chromium 147.0.7727.55 (boo#1261758): + * CVE-2026-5858: Heap buffer overflow in WebML + * CVE-2026-5859: Integer overflow in WebML + * CVE-2026-5860: Use after free in WebRTC + * CVE-2026-5861: Use after free in V8 + * CVE-2026-5862: Inappropriate implementation in V8 + * CVE-2026-5863: Inappropriate implementation in V8 + * CVE-2026-5864: Heap buffer overflow in WebAudio + * CVE-2026-5865: Type Confusion in V8 + * CVE-2026-5866: Use after free in Media + * CVE-2026-5867: Heap buffer overflow in WebML + * CVE-2026-5868: Heap buffer overflow in ANGLE + * CVE-2026-5869: Heap buffer overflow in WebML + * CVE-2026-5870: Integer overflow in Skia + * CVE-2026-5871: Type Confusion in V8 + * CVE-2026-5872: Use after free in Blink + * CVE-2026-5873: Out of bounds read and write in V8 + * CVE-2026-5874: Use after free in PrivateAI + * CVE-2026-5875: Policy bypass in Blink + * CVE-2026-5876: Side-channel information leakage in Navigation + * CVE-2026-5877: Use after free in Navigation + * CVE-2026-5878: Incorrect security UI in Blink + * CVE-2026-5879: Insufficient validation of untrusted input in ANGLE + * CVE-2026-5880: Incorrect security UI in browser UI + * CVE-2026-5881: Policy bypass in LocalNetworkAccess + * CVE-2026-5882: Incorrect security UI in Fullscreen + * CVE-2026-5883: Use after free in Media + * CVE-2026-5884: Insufficient validation of untrusted input in Media + * CVE-2026-5885: Insufficient validation of untrusted input in WebML + * CVE-2026-5886: Out of bounds read in WebAudio + * CVE-2026-5887: Insufficient validation of untrusted input in Downloads + * CVE-2026-5888: Uninitialized Use in WebCodecs + * CVE-2026-5889: Cryptographic Flaw in PDFium + * CVE-2026-5890: Race in WebCodecs + * CVE-2026-5891: Insufficient policy enforcement in browser UI + * CVE-2026-5892: Insufficient policy enforcement in PWAs + * CVE-2026-5893: Race in V8 + * CVE-2026-5894: Inappropriate implementation in PDF + * CVE-2026-5895: Incorrect security UI in Omnibox + * CVE-2026-5896: Policy bypass in Audio + * CVE-2026-5897: Incorrect security UI in Downloads + * CVE-2026-5898: Incorrect security UI in Omnibox + * CVE-2026-5899: Incorrect security UI in History Navigation + * CVE-2026-5900: Policy bypass in Downloads + * CVE-2026-5901: Policy bypass in DevTools + * CVE-2026-5902: Race in Media + * CVE-2026-5903: Policy bypass in IFrameSandbox + * CVE-2026-5904: Use after free in V8 + * CVE-2026-5905: Incorrect security UI in Permissions + * CVE-2026-5906: Incorrect security UI in Omnibox + * CVE-2026-5907: Insufficient data validation in Media + * CVE-2026-5908: Integer overflow in Media + * CVE-2026-5909: Integer overflow in Media + * CVE-2026-5910: Integer overflow in Media + * CVE-2026-5911: Policy bypass in ServiceWorkers + * CVE-2026-5912: Integer overflow in WebRTC + * CVE-2026-5913: Out of bounds read in Blink + * CVE-2026-5914: Type Confusion in CSS + * CVE-2026-5915: Insufficient validation of untrusted input in WebML + * CVE-2026-5918: Inappropriate implementation in Navigation + * CVE-2026-5919: Insufficient validation of untrusted input in WebSockets + * enforce a num,ber of new Local Area Network (LAN) restrictions + * New Web Printing API + * vertical tabs support (trial) +- new in 147 (for developers): + * Element-scoped view transitions exposes startViewTransition on arbitrary HTML elements. + * CSS contrast-color() helps meet accessibility requirements + * The CSS border-shape property lets you create non-rectangular borders + +------------------------------------------------------------------- Old: ---- chromium-147.0.7727.49-linux.tar.xz New: ---- chromium-147.0.7727.55-linux.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ chromium.spec ++++++ --- /var/tmp/diff_new_pack.5DGccw/_old 2026-04-10 17:57:09.160092391 +0200 +++ /var/tmp/diff_new_pack.5DGccw/_new 2026-04-10 17:57:09.164092556 +0200 @@ -132,7 +132,7 @@ %global official_build 1 Name: chromium%{n_suffix} -Version: 147.0.7727.49 +Version: 147.0.7727.55 Release: 0 Summary: Google's open source browser project License: BSD-3-Clause AND LGPL-2.1-or-later ++++++ _scmsync.obsinfo ++++++ --- /var/tmp/diff_new_pack.5DGccw/_old 2026-04-10 17:57:09.320099003 +0200 +++ /var/tmp/diff_new_pack.5DGccw/_new 2026-04-10 17:57:09.324099169 +0200 @@ -1,6 +1,6 @@ -mtime: 1775150134 -commit: 60d9d4e33e62f60767ecf4a86c5edb05bff70e91c15247f0e2c474a4d2cf1a95 +mtime: 1775685132 +commit: 3530cc7a496a01b277470430ecb35b6e00df449eb98ccb219bee5c8397777241 url: https://src.opensuse.org/chromium/chromium.git -revision: 60d9d4e33e62f60767ecf4a86c5edb05bff70e91c15247f0e2c474a4d2cf1a95 +revision: 3530cc7a496a01b277470430ecb35b6e00df449eb98ccb219bee5c8397777241 projectscmsync: https://src.opensuse.org/chromium/_ObsPrj.git ++++++ build.specials.obscpio ++++++ ++++++ build.specials.obscpio ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/.gitignore new/.gitignore --- old/.gitignore 1970-01-01 01:00:00.000000000 +0100 +++ new/.gitignore 2026-04-08 23:52:35.000000000 +0200 @@ -0,0 +1,4 @@ +.osc +*.patch~ +*-build/ +.*.swp ++++++ chromium-147.0.7727.49-linux.tar.xz -> chromium-147.0.7727.55-linux.tar.xz ++++++ /work/SRC/openSUSE:Factory/chromium/chromium-147.0.7727.49-linux.tar.xz /work/SRC/openSUSE:Factory/.chromium.new.21863/chromium-147.0.7727.55-linux.tar.xz differ: char 15, line 1
