Hello community,
here is the log from the commit of package chromium for openSUSE:Factory
checked in at 2020-08-13 10:15:06
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/chromium (Old)
and /work/SRC/openSUSE:Factory/.chromium.new.3399 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "chromium"
Thu Aug 13 10:15:06 2020 rev:262 rq:826031 version:84.0.4147.125
Changes:
--------
--- /work/SRC/openSUSE:Factory/chromium/chromium.changes 2020-07-21
15:44:35.539859006 +0200
+++ /work/SRC/openSUSE:Factory/.chromium.new.3399/chromium.changes
2020-08-13 10:17:34.462742662 +0200
@@ -1,0 +2,48 @@
+Wed Aug 12 12:00:41 UTC 2020 - Martin Liška <mli...@suse.cz>
+
+- Add chromium-disable-parallel-gold.patch in order to disable
+ broken parallel ld.gold with LTO.
+- Enable again LTO for x86_64 and increase memory constraints.
+- Use parallel WPA streaming, we will easily fit into memory constraints.
+- Remove memory_constrain hack for LTO.
+
+-------------------------------------------------------------------
+Mon Aug 10 22:06:22 UTC 2020 - Andreas Stieger <andreas.stie...@gmx.de>
+
+ - Chromium 84.0.4147.125 (boo#1175085)
+ * CVE-2020-6542: Use after free in ANGLE
+ * CVE-2020-6543: Use after free in task scheduling
+ * CVE-2020-6544: Use after free in media
+ * CVE-2020-6545: Use after free in audio
+ * CVE-2020-6546: Inappropriate implementation in installer
+ * CVE-2020-6547: Incorrect security UI in media
+ * CVE-2020-6548: Heap buffer overflow in Skia
+ * CVE-2020-6549: Use after free in media
+ * CVE-2020-6550: Use after free in IndexedDB
+ * CVE-2020-6551: Use after free in WebXR
+ * CVE-2020-6552: Use after free in Blink
+ * CVE-2020-6553: Use after free in offline mode
+ * CVE-2020-6554: Use after free in extensions
+ * CVE-2020-6555: Out of bounds read in WebGL
+ * Various fixes from internal audits, fuzzing and other
+ initiatives
+
+-------------------------------------------------------------------
+Mon Aug 10 10:50:11 UTC 2020 - Tomáš Chvátal <tchva...@suse.com>
+
+- Disable wayland everywhere as it breaks headless and
+ middle mouse copy everywhere:
+ bsc#1174497 bsc#1175044
+
+-------------------------------------------------------------------
+Mon Aug 3 17:48:18 UTC 2020 - Andreas Stieger <andreas.stie...@gmx.de>
+
+- Update to 84.0.4147.105 (boo#1174582):
+ * CVE-2020-6537: Type Confusion in V8
+ * CVE-2020-6538: Inappropriate implementation in WebView
+ * CVE-2020-6532: Use after free in SCTP
+ * CVE-2020-6539: Use after free in CSS
+ * CVE-2020-6540: Heap buffer overflow in Skia
+ * CVE-2020-6541: Use after free in WebUSB
+
+-------------------------------------------------------------------
Old:
----
chromium-84.0.4147.89.tar.xz
New:
----
chromium-84.0.4147.125.tar.xz
chromium-disable-parallel-gold.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ chromium.spec ++++++
--- /var/tmp/diff_new_pack.sii4Zs/_old 2020-08-13 10:17:39.410744694 +0200
+++ /var/tmp/diff_new_pack.sii4Zs/_new 2020-08-13 10:17:39.414744696 +0200
@@ -22,7 +22,7 @@
%if 0%{?suse_version} > 1500
%bcond_without system_icu
%bcond_without system_vpx
-%bcond_without wayland
+%bcond_with wayland
%else
%bcond_with system_icu
%bcond_with system_vpx
@@ -42,7 +42,7 @@
%endif
%ifarch x86_64
%if %{?suse_version} > 1500
-%bcond_with lto
+%bcond_without lto
%else
%bcond_with lto
%endif
@@ -51,7 +51,7 @@
%endif
%bcond_with clang
Name: chromium
-Version: 84.0.4147.89
+Version: 84.0.4147.125
Release: 0
Summary: Google's open source browser project
License: BSD-3-Clause AND LGPL-2.1-or-later
@@ -120,6 +120,7 @@
Patch102: chromium-vaapi-fix.patch
# PATCH-FIX-SUSE: allow prop codecs to be set with chromium branding
Patch200: chromium-prop-codecs.patch
+Patch201: chromium-disable-parallel-gold.patch
BuildRequires: SDL-devel
BuildRequires: binutils-gold
BuildRequires: bison
@@ -410,7 +411,6 @@
third_party/libsrtp
third_party/libsync
third_party/libudev
- third_party/libusb
third_party/libwebm
third_party/libxml/chromium
third_party/libyuv
@@ -528,10 +528,6 @@
)
build/linux/unbundle/remove_bundled_libraries.py "${keeplibs[@]}" --do-remove
-# hack for libusb stuff
-rm -rf third_party/libusb/src/libusb/libusb.h
-cp -a %{_includedir}/libusb-1.0/libusb.h third_party/libusb/src/libusb/libusb.h
-
%build
# GN sets lto on its own and we need just ldflag options, not cflags
%define _lto_cflags %{nil}
@@ -573,12 +569,6 @@
%endif
# do not eat all memory
%limit_build -m 2600
-%if %{with lto}
-# reduce the threads for linking even more due to LTO eating ton of memory
-_link_threads=$(((%{jobs} - 2)))
-test "$_link_threads" -le 0 && _link_threads=1
-export LDFLAGS="-flto=$_link_threads --param lto-max-streaming-parallelism=1"
-%endif
# Set system libraries to be used
gn_system_libraries=(
++++++ _constraints ++++++
--- /var/tmp/diff_new_pack.sii4Zs/_old 2020-08-13 10:17:39.446744709 +0200
+++ /var/tmp/diff_new_pack.sii4Zs/_new 2020-08-13 10:17:39.446744709 +0200
@@ -14,7 +14,7 @@
</conditions>
<hardware>
<memory>
- <size unit="G">16</size>
+ <size unit="G">24</size>
</memory>
</hardware>
</overwrite>
++++++ chromium-84.0.4147.89.tar.xz -> chromium-84.0.4147.125.tar.xz ++++++
/work/SRC/openSUSE:Factory/chromium/chromium-84.0.4147.89.tar.xz
/work/SRC/openSUSE:Factory/.chromium.new.3399/chromium-84.0.4147.125.tar.xz
differ: char 26, line 1
++++++ chromium-disable-parallel-gold.patch ++++++
diff --git a/build/config/compiler/BUILD.gn b/build/config/compiler/BUILD.gn
index 01d97a360..a9a721403 100644
--- a/build/config/compiler/BUILD.gn
+++ b/build/config/compiler/BUILD.gn
@@ -415,8 +415,6 @@ config("compiler") {
#
https://groups.google.com/a/chromium.org/group/chromium-dev/browse_thread/thread/281527606915bb36
# Only apply this to the target linker, since the host
# linker might not be gold, but isn't used much anyway.
- "-Wl,--threads",
- "-Wl,--thread-count=4",
]
}
