Hello community, here is the log from the commit of package chromium for openSUSE:Factory checked in at 2020-08-13 10:15:06 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/chromium (Old) and /work/SRC/openSUSE:Factory/.chromium.new.3399 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "chromium" Thu Aug 13 10:15:06 2020 rev:262 rq:826031 version:84.0.4147.125 Changes: -------- --- /work/SRC/openSUSE:Factory/chromium/chromium.changes 2020-07-21 15:44:35.539859006 +0200 +++ /work/SRC/openSUSE:Factory/.chromium.new.3399/chromium.changes 2020-08-13 10:17:34.462742662 +0200 @@ -1,0 +2,48 @@ +Wed Aug 12 12:00:41 UTC 2020 - Martin Liška <mli...@suse.cz> + +- Add chromium-disable-parallel-gold.patch in order to disable + broken parallel ld.gold with LTO. +- Enable again LTO for x86_64 and increase memory constraints. +- Use parallel WPA streaming, we will easily fit into memory constraints. +- Remove memory_constrain hack for LTO. + +------------------------------------------------------------------- +Mon Aug 10 22:06:22 UTC 2020 - Andreas Stieger <andreas.stie...@gmx.de> + + - Chromium 84.0.4147.125 (boo#1175085) + * CVE-2020-6542: Use after free in ANGLE + * CVE-2020-6543: Use after free in task scheduling + * CVE-2020-6544: Use after free in media + * CVE-2020-6545: Use after free in audio + * CVE-2020-6546: Inappropriate implementation in installer + * CVE-2020-6547: Incorrect security UI in media + * CVE-2020-6548: Heap buffer overflow in Skia + * CVE-2020-6549: Use after free in media + * CVE-2020-6550: Use after free in IndexedDB + * CVE-2020-6551: Use after free in WebXR + * CVE-2020-6552: Use after free in Blink + * CVE-2020-6553: Use after free in offline mode + * CVE-2020-6554: Use after free in extensions + * CVE-2020-6555: Out of bounds read in WebGL + * Various fixes from internal audits, fuzzing and other + initiatives + +------------------------------------------------------------------- +Mon Aug 10 10:50:11 UTC 2020 - Tomáš Chvátal <tchva...@suse.com> + +- Disable wayland everywhere as it breaks headless and + middle mouse copy everywhere: + bsc#1174497 bsc#1175044 + +------------------------------------------------------------------- +Mon Aug 3 17:48:18 UTC 2020 - Andreas Stieger <andreas.stie...@gmx.de> + +- Update to 84.0.4147.105 (boo#1174582): + * CVE-2020-6537: Type Confusion in V8 + * CVE-2020-6538: Inappropriate implementation in WebView + * CVE-2020-6532: Use after free in SCTP + * CVE-2020-6539: Use after free in CSS + * CVE-2020-6540: Heap buffer overflow in Skia + * CVE-2020-6541: Use after free in WebUSB + +------------------------------------------------------------------- Old: ---- chromium-84.0.4147.89.tar.xz New: ---- chromium-84.0.4147.125.tar.xz chromium-disable-parallel-gold.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ chromium.spec ++++++ --- /var/tmp/diff_new_pack.sii4Zs/_old 2020-08-13 10:17:39.410744694 +0200 +++ /var/tmp/diff_new_pack.sii4Zs/_new 2020-08-13 10:17:39.414744696 +0200 @@ -22,7 +22,7 @@ %if 0%{?suse_version} > 1500 %bcond_without system_icu %bcond_without system_vpx -%bcond_without wayland +%bcond_with wayland %else %bcond_with system_icu %bcond_with system_vpx @@ -42,7 +42,7 @@ %endif %ifarch x86_64 %if %{?suse_version} > 1500 -%bcond_with lto +%bcond_without lto %else %bcond_with lto %endif @@ -51,7 +51,7 @@ %endif %bcond_with clang Name: chromium -Version: 84.0.4147.89 +Version: 84.0.4147.125 Release: 0 Summary: Google's open source browser project License: BSD-3-Clause AND LGPL-2.1-or-later @@ -120,6 +120,7 @@ Patch102: chromium-vaapi-fix.patch # PATCH-FIX-SUSE: allow prop codecs to be set with chromium branding Patch200: chromium-prop-codecs.patch +Patch201: chromium-disable-parallel-gold.patch BuildRequires: SDL-devel BuildRequires: binutils-gold BuildRequires: bison @@ -410,7 +411,6 @@ third_party/libsrtp third_party/libsync third_party/libudev - third_party/libusb third_party/libwebm third_party/libxml/chromium third_party/libyuv @@ -528,10 +528,6 @@ ) build/linux/unbundle/remove_bundled_libraries.py "${keeplibs[@]}" --do-remove -# hack for libusb stuff -rm -rf third_party/libusb/src/libusb/libusb.h -cp -a %{_includedir}/libusb-1.0/libusb.h third_party/libusb/src/libusb/libusb.h - %build # GN sets lto on its own and we need just ldflag options, not cflags %define _lto_cflags %{nil} @@ -573,12 +569,6 @@ %endif # do not eat all memory %limit_build -m 2600 -%if %{with lto} -# reduce the threads for linking even more due to LTO eating ton of memory -_link_threads=$(((%{jobs} - 2))) -test "$_link_threads" -le 0 && _link_threads=1 -export LDFLAGS="-flto=$_link_threads --param lto-max-streaming-parallelism=1" -%endif # Set system libraries to be used gn_system_libraries=( ++++++ _constraints ++++++ --- /var/tmp/diff_new_pack.sii4Zs/_old 2020-08-13 10:17:39.446744709 +0200 +++ /var/tmp/diff_new_pack.sii4Zs/_new 2020-08-13 10:17:39.446744709 +0200 @@ -14,7 +14,7 @@ </conditions> <hardware> <memory> - <size unit="G">16</size> + <size unit="G">24</size> </memory> </hardware> </overwrite> ++++++ chromium-84.0.4147.89.tar.xz -> chromium-84.0.4147.125.tar.xz ++++++ /work/SRC/openSUSE:Factory/chromium/chromium-84.0.4147.89.tar.xz /work/SRC/openSUSE:Factory/.chromium.new.3399/chromium-84.0.4147.125.tar.xz differ: char 26, line 1 ++++++ chromium-disable-parallel-gold.patch ++++++ diff --git a/build/config/compiler/BUILD.gn b/build/config/compiler/BUILD.gn index 01d97a360..a9a721403 100644 --- a/build/config/compiler/BUILD.gn +++ b/build/config/compiler/BUILD.gn @@ -415,8 +415,6 @@ config("compiler") { # https://groups.google.com/a/chromium.org/group/chromium-dev/browse_thread/thread/281527606915bb36 # Only apply this to the target linker, since the host # linker might not be gold, but isn't used much anyway. - "-Wl,--threads", - "-Wl,--thread-count=4", ] }