Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

chromium-131.0.6778.108-1.1 RPM for aarch64

From OpenSuSE Ports Tumbleweed for aarch64

Name: chromium Distribution: openSUSE Tumbleweed
Version: 131.0.6778.108 Vendor: openSUSE
Release: 1.1 Build date: Wed Dec 4 10:31:04 2024
Group: Unspecified Build host: reproducible
Size: 373443241 Source RPM: chromium-131.0.6778.108-1.1.src.rpm
Packager: http://bugs.opensuse.org
Url: https://www.chromium.org/
Summary: Google's open source browser project
Chromium is the open-source project behind Google Chrome. We invite you to join us in our effort to help build a safer, faster, and more stable way for all Internet users to experience the web, and to create a powerful platform for developing a new generation of web applications.

Provides

Requires

License

BSD-3-Clause AND LGPL-2.1-or-later

Changelog

* Wed Dec 04 2024 [email protected]
  - Chromium 131.0.6778.108
    (stable released 2024-12-04) (boo#1234118)
    * CVE-2024-12053: Type Confusion in V8
  - update patches:
    chromium-127-constexpr.patch
* Wed Nov 20 2024 [email protected]
  - Chromium 131.0.6778.85
    (stable released 2024-11-19) (boo#1233534)
    * CVE-2024-11395: Type Confusion in V8
* Thu Nov 07 2024 [email protected]
  - Chromium 131.0.6778.69
    (stable released 2024-11-12) (boo#1233311)
    * CVE-2024-11110: Inappropriate implementation in Blink.
    * CVE-2024-11111: Inappropriate implementation in Autofill.
    * CVE-2024-11112: Use after free in Media.
      (n/a for linux)
    * CVE-2024-11113: Use after free in Accessibility.
    * CVE-2024-11114: Inappropriate implementation in Views.
      (n/a for linux)
    * CVE-2024-11115: Insufficient policy enforcement in Navigation.
      (n/a for linux)
    * CVE-2024-11116: Inappropriate implementation in Paint.
    * CVE-2024-11117: Inappropriate implementation in FileSystem.
  - dropped patches:
    * chromium-130-missing-includes.patch (upstream)
    * chromium-125-lp155-typename.patch (not required with llvm)
  - modified patches:
    * chromium-127-bindgen.patch (drop all allowlist changes)
    * chromium-127-constexpr.patch (update from debian patch)
  - added patches:
    * chromium-131-unbundle-enable-freetype.patch
      from git, missing in 131 release
    * chromium-131-clang-stack-protector.patch
      (partial revert of upstream commit
      c3dadb02f611a360fb40fd8844ed3c1ef1e7834e)
  - drop from keeplibs: (deleted upstream)
    third_party/devtools-frontend/src/front_end/third_party/lodash-isequal
  - add to keeplibs:
    third_party/tflite/src/third_party/xla/xla/tsl (drop subdirs)
    third_party/ink
* Wed Nov 06 2024 [email protected]
  - Chromium 130.0.6723.116 (boo#1232843)
    * CVE-2024-10826: Use after free in Family Experiences
    * CVE-2024-10827: Use after free in Serial
* Wed Oct 30 2024 [email protected]
  - Chromium 130.0.6723.91 (boo#1232566)
    * CVE-2024-10487: Out of bounds write in Dawn
    * CVE-2024-10488: Use after free in WebRTC
* Mon Oct 28 2024 [email protected]
  - change BR for rust to require version 1.81
    (1.82 uses a newer llvm)
* Sat Oct 26 2024 Andreas Stieger <[email protected]>
  - Chromium 130.0.6723.69 (boo#1232060)
    * CVE-2024-10229: Inappropriate implementation in Extensions
    * CVE-2024-10230: Type Confusion in V8
    * CVE-2024-10231: Type Confusion in V8
* Sat Oct 12 2024 Andreas Stieger <[email protected]>
  - Chromium 130.0.6723.58 (boo#1231694)
    * CVE-2024-9954: Use after free in AI
    * CVE-2024-9955: Use after free in Web Authentication
    * CVE-2024-9956: Inappropriate implementation in Web Authentication
    * CVE-2024-9957: Use after free in UI
    * CVE-2024-9958: Inappropriate implementation in PictureInPicture
    * CVE-2024-9959: Use after free in DevTools
    * CVE-2024-9960: Use after free in Dawn
    * CVE-2024-9961: Use after free in Parcel Tracking
    * CVE-2024-9962: Inappropriate implementation in Permissions
    * CVE-2024-9963: Insufficient data validation in Downloads
    * CVE-2024-9964: Inappropriate implementation in Payments
    * CVE-2024-9965: Insufficient data validation in DevTools
    * CVE-2024-9966: Inappropriate implementation in Navigations
  - modified patches:
    * exclude_ymp.patch update context
    * chromium-125-compiler.patch update context
    * chromium-125-lp155-typename.patch drop hunks for rewritten
      proto_fetcher.h
    * chromium-127-bindgen.patch update context
  - added patches:
    * chromium-130-missing-includes.patch include optional, stack
    * chromium-130-no-hardware_destructive_interference_size.patch
      workaround for older libcpp
  - drop from keeplibs:
    courgette/third_party dropped upstream
  - add to keepllibs:
    third_party/fast_float needed by v8/src/numbers/conversion.cc
* Sat Oct 12 2024 Andreas Stieger <[email protected]>
  - Chromium 129.0.6668.100 (boo#1231420)
    * CVE-2024-9602: Type Confusion in V8
    * CVE-2024-9603: Type Confusion in V8
* Wed Oct 02 2024 [email protected]
  - Chromium 129.0.6668.89 (stable released 2024-09-24)
    (boo#1231232)
    * CVE-2024-7025: Integer overflow in Layout
    * CVE-2024-9369: Insufficient data validation in Mojo
    * CVE-2024-9370: Inappropriate implementation in V8
* Wed Sep 25 2024 [email protected]
  - Chromium 129.0.6668.70 (stable released 2024-09-24)
    (boo#1230964)
    * CVE-2024-9120: Use after free in Dawn
    * CVE-2024-9121: Inappropriate implementation in V8
    * CVE-2024-9122: Type Confusion in V8
    * CVE-2024-9123: Integer overflow in Skia
* Thu Sep 19 2024 [email protected]
  - bump BR for nodejs to minimal 20.0
  - dropped patches:
    * chromium-disable-GlobalMediaControlsCastStartStop.patch
      it was applied at the wrong place and the crash is gone
* Wed Sep 18 2024 [email protected]
  - Chromium 129.0.6668.58 (stable released 2024-09-17)
    (boo#1230678)
    * CVE-2024-8904: Type Confusion in V8
    * CVE-2024-8905: Inappropriate implementation in V8
    * CVE-2024-8906: Incorrect security UI in Downloads
    * CVE-2024-8907: Insufficient data validation in Omnibox
    * CVE-2024-8908: Inappropriate implementation in Autofill
    * CVE-2024-8909: Inappropriate implementation in UI
  - modified patches:
    * chromium-prop-codecs.patch update context
  - add to keeplibs:
    third_party/rapidhash
  - drop from keeplibs:
    third_party/libudev dropped upstream
    third_party/catapult/third_party/html5lib-python dropped upstream
  - add patches:
    chromium-129-revert-AVFMT_FLAG_NOH264PARSE.patch
    (not in our ffmpeg yet)
* Wed Sep 11 2024 [email protected]
  - Chromium 128.0.6613.137 (released 2024-09-10) (boo#1230391)
    * CVE-2024-8636: Heap buffer overflow in Skia
    * CVE-2024-8637: Use after free in Media Router
    * CVE-2024-8638: Type Confusion in V8
    * CVE-2024-8639: Use after free in Autofill
* Tue Sep 03 2024 [email protected]
  - Chromium 128.0.6613.119 (released 2024-09-02) (boo#1230108)
    * CVE-2024-8362: Use after free in WebAudio
    * CVE-2024-7970: Out of bounds write in V8
* Thu Aug 29 2024 Andreas Stieger <[email protected]>
  - Chromium 128.0.6613.113 (boo#1229897)
    * CVE-2024-7969: Type Confusion in V8
    * CVE-2024-8193: Heap buffer overflow in Skia
    * CVE-2024-8194: Type Confusion in V8
    * CVE-2024-8198: Heap buffer overflow in Skia
* Wed Aug 21 2024 Andreas Stieger <[email protected]>
  - Chromium 128.0.6613.84 (boo#1229591)
    * CVE-2024-7964: Use after free in Passwords
    * CVE-2024-7965: Inappropriate implementation in V8
    * CVE-2024-7966: Out of bounds memory access in Skia
    * CVE-2024-7967: Heap buffer overflow in Fonts
    * CVE-2024-7968: Use after free in Autofill
    * CVE-2024-7969: Type Confusion in V8
    * CVE-2024-7971: Type confusion in V8
    * CVE-2024-7972: Inappropriate implementation in V8
    * CVE-2024-7973: Heap buffer overflow in PDFium
    * CVE-2024-7974: Insufficient data validation in V8 API
    * CVE-2024-7975: Inappropriate implementation in Permissions
    * CVE-2024-7976: Inappropriate implementation in FedCM
    * CVE-2024-7977: Insufficient data validation in Installer
    * CVE-2024-7978: Insufficient policy enforcement in Data Transfer
    * CVE-2024-7979: Insufficient data validation in Installer
    * CVE-2024-7980: Insufficient data validation in Installer
    * CVE-2024-7981: Inappropriate implementation in Views
    * CVE-2024-8033: Inappropriate implementation in WebApp Installs
    * CVE-2024-8034: Inappropriate implementation in Custom Tabs
    * CVE-2024-8035: Inappropriate implementation in Extensions
    * Various fixes from internal audits, fuzzing and other initiatives
* Sun Aug 18 2024 [email protected]
  - Chromium 128.0.6613.36 (boo#1229426)
  - modified patches:
    * chromium-norar.patch drop most hunks,
      upstream has a config for this now
    * gcc-enable-lto.patch update context
    * chromium-125-compiler.patch update context
    * chromium-127-constexpr.patch update context
  - drop patches: (should be obsolete with llvm>17 and libc++)
    chromium-120-emplace.patch
    chromium-125-emplace-struct.patch
  - drop patches: (upstream)
    * chromium-121-nullptr_t-without-namespace-std.patch
    * chromium-123-stats-collector.patch
    * chromium-127-paint-layer-header.patch
    * chromium-127-ninja-1.21.1-deps-part0.patch
    * chromium-127-ninja-1.21.1-deps-part1.patch
    * chromium-127-ninja-1.21.1-deps-part2.patch
    * chromium-127-ninja-1.21.1-deps-part3.patch
  - disable rpmlint only for factory/tw where it is broken because
    of the large archive size of the source here
  - keeplibs add
    third_party/devtools-frontend/src/front_end/third_party/
    puppeteer/package/lib/esm/third_party/parsel-js
    third_party/tflite/src/third_party/xla/xla/tsl/framework
  - buildflags add
    safe_browsing_use_unrar=false
* Thu Aug 15 2024 [email protected]
  - Chromium 127.0.6533.119 (boo#1228941)
    * CVE-2024-7532: Out of bounds memory access in ANGLE
    * CVE-2024-7533: Use after free in Sharing
    * CVE-2024-7550: Type Confusion in V8
    * CVE-2024-7534: Heap buffer overflow in Layout
    * CVE-2024-7535: Inappropriate implementation in V8
    * CVE-2024-7536: Use after free in WebAudio
* Thu Aug 01 2024 [email protected]
  - Chromium 127.0.6533.88 (boo#1228628, boo#1228940, boo#1228942)
    * CVE-2024-6988: Use after free in Downloads
    * CVE-2024-6989: Use after free in Loader
    * CVE-2024-6991: Use after free in Dawn
    * CVE-2024-6992: Out of bounds memory access in ANGLE
    * CVE-2024-6993: Inappropriate implementation in Canvas
    * CVE-2024-6994: Heap buffer overflow in Layout
    * CVE-2024-6995: Inappropriate implementation in Fullscreen
    * CVE-2024-6996: Race in Frames
    * CVE-2024-6997: Use after free in Tabs
    * CVE-2024-6998: Use after free in User Education
    * CVE-2024-6999: Inappropriate implementation in FedCM
    * CVE-2024-7000: Use after free in CSS. Reported by Anonymous
    * CVE-2024-7001: Inappropriate implementation in HTML
    * CVE-2024-7003: Inappropriate implementation in FedCM
    * CVE-2024-7004: Insufficient validation of untrusted input
      in Safe Browsing
    * CVE-2024-7005: Insufficient validation of untrusted input
      in Safe Browsing
    * CVE-2024-6990: Uninitialized Use in Dawn
    * CVE-2024-7255: Out of bounds read in WebTransport
    * CVE-2024-7256: Insufficient data validation in Dawn
  - drop patches:
    * chromium-115-compiler-SkColor4f.patch only for llvm < 16
    * chromium-117-system-zstd.patch upstreamed
    * chromium-122-workaround_clang_bug-structured_binding.patch
    * chromium-125-tabstrip-include.patch upstreamed
    * chromium-126-missing-header-files.patch
    * chromium-126-RealTimeReportingBindings-missing-decl.patch
      upstreamed
    * chromium-126-no_matching_constructor.patch
    * chromium-126-no-format.patch upstreamed
  - switch from libstdc++ to libc++
  - drop patches obsolete when using libc++
    * chromium-126-debian-bad-font-gc00000.patch
    * chromium-126-debian-bad-font-gc2.patch
    * chromium-126-debian-bad-font-gc1.patch
    * chromium-126-debian-bad-font-gc00.patch
    * chromium-126-debian-bad-font-gc000.patch
    * chromium-126-debian-bad-font-gc11.patch
    * chromium-126-debian-bad-font-gc0.patch
    * chromium-126-debian-bad-font-gc0000.patch
    * chromium-126-debian-bad-font-gc3.patch
  - modify patches:
    * chromium-125-lp155-typename.patch
    - drop hunk in model_execution_util.h
    - drop hunk in model_quality_log_entry.h
  - dropping from keeplibs: (does not exist)
    base/third_party/valgrind
    third_party/maldoca
    third_party/maldoca/src/third_party
  - requires updated gn to build (newer than Feb 14 2024)
  - add patches:
    * chromium-127-bindgen.patch (from debian/patches/fixes))
    * chromium-127-rust-clanglib.patch (just first hunk from fedora)
    * chromium-127-clang17-traitors.patch
      workaround for clang < 18 from debiana (only used on 15.6)
    * chromium-127-constexpr.patch (from debian/patches/bookworm)
    * chromium-127-paint-layer-header.patch (from debian/patches/upstream)
    * chromium-127-ninja-1.21.1-deps-part0.patch (from fedora)
    * chromium-127-ninja-1.21.1-deps-part1.patch (from fedora)
    * chromium-127-ninja-1.21.1-deps-part2.patch (from fedora)
    * chromium-127-ninja-1.21.1-deps-part3.patch (from fedora)
  - buildrequire rust-bindgen to get proper binaries per arch
  - use qt5 for factory as well, qt6 fails with:
    ld.lld: error: undefined symbol: QByteArray::toStdString() const
    referenced by qt_shim.cc
    obj/ui/qt/qt6_shim/libqt6_shim.so.lto.qt_shim.o:(qt::QtShim::GetFontDescription() const)
  - drop patches:
    * chromium-125-debian-bad-font-gc11.patch
    * chromium-125-debian-bad-font-gc0000.patch
    * chromium-125-debian-bad-font-gc00.patch
    * chromium-125-debian-bad-font-gc0.patch
    * chromium-125-debian-bad-font-gc000.patch
    * chromium-125-debian-bad-font-gc1.patch
* Wed Jul 17 2024 Andreas Stieger <[email protected]>
  - Chromium 126.0.6478.182 (boo#1227979)
    * CVE-2024-6772: Inappropriate implementation in V8
    * CVE-2024-6773: Type Confusion in V8
    * CVE-2024-6774: Use after free in Screen Capture
    * CVE-2024-6775: Use after free in Media Stream
    * CVE-2024-6776: Use after free in Audio
    * CVE-2024-6777: Use after free in Navigation
    * CVE-2024-6778: Race in DevTools
    * CVE-2024-6779: Out of bounds memory access in V8
* Tue Jul 09 2024 Callum Farmer <[email protected]>
  - Finalize 126
  - Removed patches:
    * chromium-125-debian-bad-font-gc2.patch
    * chromium-125-debian-bad-font-gc3.patch
  - Added patches:
    * chromium-126-RealTimeReportingBindings-missing-decl.patch
    * chromium-126-no-format.patch
* Mon Jul 01 2024 Andreas Stieger <[email protected]>
  - Chromium 126.0.6478.126 (boo#1226504, boo#1226205, boo#1226933)
    * CVE-2024-6290: Use after free in Dawn
    * CVE-2024-6291: Use after free in Swiftshader
    * CVE-2024-6292: Use after free in Dawn
    * CVE-2024-6293: Use after free in Dawn
    * CVE-2024-6100: Type Confusion in V8
    * CVE-2024-6101: Inappropriate implementation in WebAssembly
    * CVE-2024-6102: Out of bounds memory access in Dawn
    * CVE-2024-6103: Use after free in Dawn
    * CVE-2024-5830: Type Confusion in V8
    * CVE-2024-5831: Use after free in Dawn
    * CVE-2024-5832: Use after free in Dawn
    * CVE-2024-5833: Type Confusion in V8
    * CVE-2024-5834: Inappropriate implementation in Dawn
    * CVE-2024-5835: Heap buffer overflow in Tab Groups
    * CVE-2024-5836: Inappropriate Implementation in DevTools
    * CVE-2024-5837: Type Confusion in V8
    * CVE-2024-5838: Type Confusion in V8
    * CVE-2024-5839: Inappropriate Implementation in Memory Allocator
    * CVE-2024-5840: Policy Bypass in CORS
    * CVE-2024-5841: Use after free in V8
    * CVE-2024-5842: Use after free in Browser UI
    * CVE-2024-5843: Inappropriate implementation in Downloads
    * CVE-2024-5844: Heap buffer overflow in Tab Strip
    * CVE-2024-5845: Use after free in Audio
    * CVE-2024-5846: Use after free in PDFium
    * CVE-2024-5847: Use after free in PDFium
  - drop patches:
    * chromium-disable-parallel-gold.patch
    * chromium-125-appservice-include.patch
    * chromium-125-lens-include.patch
    * chromium-125-mojo-bindings-include.patch
    * chromium-125-no-vector-consts.patch
    * chromium-125-vulkan-include.patch
    * chromium-125-ninja.patch
    * chromium-125-no_matching_constructor.patch
    * chromium-125-missing-header-files.patch
  - add patches:
    * chromium-126-missing-header-files.patch
    * chromium-126-quiche-interator.patch
    * chromium-126-no_matching_constructor.patch
* Wed Jun 12 2024 Callum Farmer <[email protected]>
  - Amend fix_building_widevinecdm_with_chromium.patch to allow
    Widevine on ARM64 (bsc#1226170)
* Fri May 31 2024 Andreas Stieger <[email protected]>
  - Chromium 125.0.6422.141 (boo#1225690)
    * CVE-2024-5493: Heap buffer overflow in WebRTC
    * CVE-2024-5494: Use after free in Dawn
    * CVE-2024-5495: Use after free in Dawn
    * CVE-2024-5496: Use after free in Media Session
    * CVE-2024-5497: Out of bounds memory access in Keyboard Inputs
    * CVE-2024-5498: Use after free in Presentation API
    * CVE-2024-5499: Out of bounds write in Streams API
* Fri May 24 2024 Andreas Stieger <[email protected]>
  - Chromium 125.0.6422.112
    * CVE-2024-5274: Type Confusion in V8 (boo#1225199)
* Tue May 21 2024 Andreas Stieger <[email protected]>
  - Chromium 125.0.6422.76 (boo#1224818)
    * CVE-2024-5157: Use after free in Scheduling
    * CVE-2024-5158: Type Confusion in V8
    * CVE-2024-5159: Heap buffer overflow in ANGLE
    * CVE-2024-5160: Heap buffer overflow in Dawn
    * Various fixes from internal audits, fuzzing and other initiatives
* Thu May 16 2024 [email protected]
  - Chromium 125.0.6422.60 (boo#1224341)
    * CVE-2024-4947: Type Confusion in V8
    * CVE-2024-4948: Use after free in Dawn
    * CVE-2024-4949: Use after free in V8
    * CVE-2024-4950: Inappropriate implementation in Downloads
  - Chromium 125.0.6422.41
    * New upstream (early) stable release.
  - drop upstreamed patches:
    * chromium-124-uint-includes.patch
    * chromium-124-fps-optional.patch
    * chromium-124-span-optional.patch
    * chromium-124-extractor-bitset.patch
    * chromium-124-atomic.patch
    * chromium-124-webgpu-optional.patch
    * chromium-124-angle-powf.patch
  - add debian upstream patches added for 125:
    * chromium-125-appservice-include.patch
    * chromium-125-lens-include.patch
    * chromium-125-mojo-bindings-include.patch
    * chromium-125-no-vector-consts.patch
    * chromium-125-vulkan-include.patch
    * chromium-125-tabstrip-include.patch
    * chromium-125-ninja.patch
  - add debian fixes patches to fix font gc crashes:
    * chromium-125-debian-bad-font-gc0000.patch
    * chromium-125-debian-bad-font-gc000.patch
    * chromium-125-debian-bad-font-gc00.patch
    * chromium-125-debian-bad-font-gc0.patch
    * chromium-125-debian-bad-font-gc11.patch
    * chromium-125-debian-bad-font-gc1.patch
    * chromium-125-debian-bad-font-gc2.patch
    * chromium-125-debian-bad-font-gc3.patch
  - add from fedora (reverse applied for older ffmpeg):
    * chromium-125-ffmpeg-5.x-reordered_opaque.patch
  - re-diff and rename:
    * from chromium-110-compiler.patch
      to chromium-125-compiler.patch
    * from chromium-120-emplace-struct.patch
      to chromium-125-emplace-struct.patch
    * from chromium-disable-FFmpegAllowLists.patch
      to chromium-125-disable-FFmpegAllowLists.patch
    * from chromium-122-missing-header-files.patch
      to chromium-125-missing-header-files.patch
    * from chromium-122-no_matching_constructor.patch
      to chromium-125-no_matching_constructor.patch
    * from chromium-122-lp155-typename.patch
      to chromium-125-lp155-typename.patch
  - third_party/zstd
    added to keeplibs for
    third_party/blink/renderer/platform:platform
  - third_party/tflite/src/third_party/xla/xla/tsl/util
    added to keeplibs for
    third_party/tflite/tflite
  - third_party/lens_server_proto
    added to keeplibs for
    gen/third_party/lens_server_proto
* Tue May 14 2024 Andreas Stieger <[email protected]>
  - Chromium 124.0.6367.207 (boo#1224294)
    * CVE-2024-4761: Out of bounds write in V8
* Fri May 10 2024 Andreas Stieger <[email protected]>
  - Chromium 124.0.6367.201 (boo#1224208)
    * CVE-2024-4671: Use after free in Visuals
  - Chromium 124.0.6367.155 (boo#1224045)
    * CVE-2024-4558: Use after free in ANGLE
    * CVE-2024-4559: Heap buffer overflow in WebAudio
* Fri May 03 2024 [email protected]
  - drop patches:
    * chromium-123-WebUI-static_assert.patch
* Thu May 02 2024 Andreas Stieger <[email protected]>
  - Chromium 124.0.6367.118 (boo#1223846)
    * CVE-2024-4331: Use after free in Picture In Picture
    * CVE-2024-4368: Use after free in Dawn
* Wed May 01 2024 Callum Farmer <[email protected]>
  - Add patches:
    * chromium-123-missing-QtGui.patch
  - Restore libxml 2.12 check for chromium-124-system-libxml.patch
    which replaced chromium-121-blink-libxml-const.patch
* Fri Apr 26 2024 [email protected]
  - Chromium 124.0.6367.78 (boo#1223845)
    * CVE-2024-4058: Type Confusion in ANGLE
    * CVE-2024-4059: Out of bounds read in V8 API
    * CVE-2024-4060: Use after free in Dawn
* Wed Apr 17 2024 [email protected]
  - Chromium 124.0.6367.60 (boo#1222958)
    * CVE-2024-3832: Object corruption in V8.
    * CVE-2024-3833: Object corruption in WebAssembly.
    * CVE-2024-3834: Use after free in Downloads. Reported by ChaobinZhang
    * CVE-2024-3837: Use after free in QUIC.
    * CVE-2024-3838: Inappropriate implementation in Autofill.
    * CVE-2024-3839: Out of bounds read in Fonts.
    * CVE-2024-3840: Insufficient policy enforcement in Site Isolation.
    * CVE-2024-3841: Insufficient data validation in Browser Switcher.
    * CVE-2024-3843: Insufficient data validation in Downloads.
    * CVE-2024-3844: Inappropriate implementation in Extensions.
    * CVE-2024-3845: Inappropriate implementation in Network.
    * CVE-2024-3846: Inappropriate implementation in Prompts.
    * CVE-2024-3847: Insufficient policy enforcement in WebUI.
  - drop patches:
    * chromium-123-optional2.patch
    * chromium-122-avoid-SFINAE-TypeConverter.patch
    * chromium-123-PA-InternalAllocator.patch
  - rediff patches:
    * chromium-110-compiler.patch
    * chromium-120-emplace.patch
    * chromium-122-no_matching_constructor.patch
    * chromium-122-lp155-typename.patch
  - add patches: from debian/fixes
    * chromium-123-stats-collector.patch
  - add patches: from debian/upstream
    * chromium-124-angle-powf.patch
    * chromium-124-atomic.patch
    * chromium-124-extractor-bitset.patch
    * chromium-124-fps-optional.patch
    * chromium-124-span-optional.patch
    * chromium-124-uint-includes.patch
    * chromium-124-webgpu-optional.patch
  - add patches:
    * chromium-123-WebUI-static_assert.patch
      workaround for compile issue in webui_contents_wrapper.h
    * chromium-124-system-libxml.patch (from fedora)
* Sun Apr 14 2024 Andreas Stieger <[email protected]>
  - Chromium 123.0.6312.122 (boo#1222707)
    * CVE-2024-3157: Out of bounds write in Compositing
    * CVE-2024-3516: Heap buffer overflow in ANGLE
    * CVE-2024-3515: Use after free in Dawn
  - Chromium 123.0.6312.105 (boo#1222260)
    * CVE-2024-3156: Inappropriate implementation in V8
    * CVE-2024-3158: Use after free in Bookmarks
    * CVE-2024-3159: Out of bounds memory access in V8
  - Chromium 123.0.6312.86 (boo#1222035)
    * CVE-2024-2883: Use after free in ANGLE
    * CVE-2024-2885: Use after free in Dawn
    * CVE-2024-2886: Use after free in WebCodecs
    * CVE-2024-2887: Type Confusion in WebAssembly
  - Chromium 123.0.6312.58 (boo#1221732)
    * CVE-2024-2625: Object lifecycle issue in V8
    * CVE-2024-2626: Out of bounds read in Swiftshader
    * CVE-2024-2627: Use after free in Canvas
    * CVE-2024-2628: Inappropriate implementation in Downloads
  - drop patches:
    * chromium-117-blink-BUILD-mnemonic.patch
    * chromium-121-blink-libxml-const.patch
    * chromium-122-BookmarkNode-missing-operator.patch
    * chromium-122-WebUI-static_assert.patch
    * chromium-122-PA-undo-internal-alloc.patch
* Mon Mar 18 2024 Callum Farmer <[email protected]>
  - Use Python 3.11 on Leap
  - Rename chromium-122-skip_bubble_contents_wrapper_static_assert.patch
    to chromium-122-WebUI-static_assert.patch
  - Rename chromium-122-disable-FFmpegAllowLists.patch to
    chromium-disable-FFmpegAllowLists.patch
  - Rename chromium-122-static-assert.patch to
    chromium-122-BookmarkNode-missing-operator.patch
  - Rename chromium-122-undo-internal-alloc.patch to
    chromium-122-PA-undo-internal-alloc.patch
  - Rename chromium-122-typename.patch to
    chromium-122-lp155-typename.patch
  - Removed patches:
    * chromium-121-v8-c++20-p1.patch
    * chromium-121-v8-c++20.patch
    * chromium-122-unique_ptr.patch
    * chromium-122-python3-assignment-expressions.patch
    * chromium-122-el8-support-64kpage.patch
    * chromium-122-el7-inline-function.patch
    * chromium-122-el7-extra-operator.patch
    * chromium-122-el7-default-constructor-involving-anonymous-union.patch
    * chromium-122-constexpr.patch
    * chromium-122-clang-build-flags.patch
    * chromium-122-clang16-disable-auto-upgrade-debug-info.patch
    * chromium-122-clang16-buildflags.patch
    * chromium-122-arm64-memory_tagging.patch
    * chromium-121-el7-clang-version-warning.patch
    * chromium-116-lp155-url_load_stats-size-t.patch
    * chromium-icu72-2.patch
    * chromium-122-debian-upstream-mojo.patch
  - Patches merged into other patches:
    * chromium-122-debian-upstream-bitset.patch
    * chromium-122-debian-upstream-optional.patch
    * chromium-122-debian-upstream-uniqptr.patch
    * chromium-122-debian-fixes-optional.patch
    * chromium-122-norar.patch
  - Restore time clamper change to
    chromium-122-missing-header-files.patch
  - Fix missing/invalid casting in
    chromium-122-no_matching_constructor.patch
* Wed Mar 13 2024 Andreas Stieger <[email protected]>
  - Chromium 122.0.6261.128 (boo#1221335)
    * CVE-2024-2400: Use after free in Performance Manager
* Fri Mar 08 2024 [email protected]
  - Chromium 122.0.6261.111 (boo#1220131,boo#1220604,boo#1221105)
    * New upstream security release.
    * CVE-2024-2173: Out of bounds memory access in V8.
    * CVE-2024-2174: Inappropriate implementation in V8.
    * CVE-2024-2176: Use after free in FedCM.
  - Chromium 122.0.6261.94
    * CVE-2024-1669: Out of bounds memory access in Blink.
    * CVE-2024-1670: Use after free in Mojo.
    * CVE-2024-1671: Inappropriate implementation in Site Isolation.
    * CVE-2024-1672: Inappropriate implementation in Content Security Policy.
    * CVE-2024-1673: Use after free in Accessibility.
    * CVE-2024-1674: Inappropriate implementation in Navigation.
    * CVE-2024-1675: Insufficient policy enforcement in Download.
    * CVE-2024-1676: Inappropriate implementation in Navigation.
    * Type Confusion in V8
    * rediff chromium-disable-GlobalMediaControlsCastStartStop.patch
    * drop chromium-114-lld-argument.patch
      replaced by chromium-122-clang16-disable-auto-upgrade-debug-info.patch
    * drop chromium-121-no_matching_constructor.patch
      replaced by chromium-122-no_matching_constructor.patch
    * drop chromium-113-webview-namespace.patch (obsolete)
    * reduce chromium-norar.patch
      by the hunks in chromium-122-norar.patch
    * drop chromium-114-revert-av1enc-lp154.patch
      replaced by chromium-122-revert-av1enc-el9.patch
    * drop chromium-115-lp155-typename.patch
      chromium-116-lp155-typenames.patch
      chromium-117-lp155-typename.patch
      chromium-120-lp155-typename.patch
      replaced by chromium-122-typename.patch
    * drop chromium-121-missing-header-files.patch
      replaced by chromium-122-missing-header-files.patch
    * drop chromium-121-workaround_clang_bug-structured_binding.patch
      replaced by chromium-122-workaround_clang_bug-structured_binding.patch
    * drop chromium-121-no_matching_constructor.patch
      replaced by chromium-122-no_matching_constructor.patch
    * drop chromium-121-python3-invalid-escape-sequence.patch (upstream)
    * drop chromium-disable-FFmpegAllowLists.patch
      replaced by chromium-122-disable-FFmpegAllowLists.patch
    * drop chromium-121-avoid-SFINAE-TypeConverter.patch
      replaced by chromium-122-avoid-SFINAE-TypeConverter.patch
    * add buildrequires for rust
    * add patches from fedora package for 121 and 122
    * chromium-121-el7-clang-version-warning.patch
    * chromium-121-v8-c++20-p1.patch
    * chromium-121-v8-c++20.patch
    * chromium-122-arm64-memory_tagging.patch
    * chromium-122-clang16-buildflags.patch
    * chromium-122-clang16-disable-auto-upgrade-debug-info.patch
    * chromium-122-clang-build-flags.patch
    * chromium-122-constexpr.patch
    * chromium-122-disable-FFmpegAllowLists.patch
    * chromium-122-el7-default-constructor-involving-anonymous-union.patch
    * chromium-122-el7-extra-operator.patch
    * chromium-122-el7-inline-function.patch
    * chromium-122-el8-support-64kpage.patch
    * chromium-122-missing-header-files.patch
    * chromium-122-no_matching_constructor.patch
    * chromium-122-norar.patch
    * chromium-122-python3-assignment-expressions.patch
    * chromium-122-revert-av1enc-el9.patch
    * chromium-122-static-assert.patch
    * chromium-122-typename.patch
    * chromium-122-unique_ptr.patch
    * chromium-122-workaround_clang_bug-structured_binding.patch
    * from debian add
    * chromium-122-undo-internal-alloc.patch
    * chromium-122-debian-upstream-bitset.patch
    * chromium-122-debian-upstream-mojo.patch
    * chromium-122-debian-upstream-optional.patch
    * chromium-122-debian-upstream-uniqptr.patch
    * chromium-122-debian-fixes-optional.patch
    * added compile fix needed on code15
      chromium-122-skip_bubble_contents_wrapper_static_assert.patch
      to prevent "static assertion expression is not an integral constant expression"
      "in call to 'operator+(&"."[0], ShoppingInsightsSidePanelUI::GetWebUIName())'"
      in bubble_contents_wrapper.h:153
  - replace Cr121-ffmpeg-new-channel-layout.patch by
    Cr122-ffmpeg-new-channel-layout.patch (rediff against 122)
  - drop chromium-121-system-old-ffmpeg.patch
* Fri Mar 08 2024 Callum Farmer <[email protected]>
  - Add Cr121-ffmpeg-new-channel-layout.patch to rollback more FFmpeg
    changes so that FFmpeg 4 will work on Leap
  - Prepare for libxml 2.12
* Sat Mar 02 2024 Callum Farmer <[email protected]>
  - Chromium 121.0.6167.184 (boo#1219118, boo#1219387, boo#1219661)
    * CVE-2024-1284: Use after free in Mojo
    * CVE-2024-1283: Heap buffer overflow in Skia
    * CVE-2024-1060: Use after free in Canvas
    * CVE-2024-1059: Use after free in WebRTC
    * CVE-2024-1077: Use after free in Network
    * CVE-2024-0807: Use after free in WebAudio
    * CVE-2024-0812: Inappropriate implementation in Accessibility
    * CVE-2024-0808: Integer underflow in WebUI
    * CVE-2024-0810: Insufficient policy enforcement in DevTools
    * CVE-2024-0814: Incorrect security UI in Payments
    * CVE-2024-0813: Use after free in Reading Mode
    * CVE-2024-0806: Use after free in Passwords
    * CVE-2024-0805: Inappropriate implementation in Downloads
    * CVE-2024-0804: Insufficient policy enforcement in iOS Security UI
    * CVE-2024-0811: Inappropriate implementation in Extensions API
    * CVE-2024-0809: Inappropriate implementation in Autofill
  - Removed patches:
    * chromium-117-includes.patch
    * chromium-118-includes.patch
    * chromium-119-dont-redefine-ATSPI-version-macros.patch
    * chromium-120-missing-header-files.patch
    * chromium-120-no_matching_constructor.patch
    * chromium-120-nullptr_t-without-namespace-std.patch
    * chromium-120-workaround_clang_bug-structured_binding.patch
    * gcc13-fix.patch
    * chromium-113-webauth-include-variant.patch
    * chromium-110-system-libffi.patch
  - Added patches:
    * chromium-121-no_matching_constructor.patch
    * chromium-121-nullptr_t-without-namespace-std.patch
    * chromium-121-workaround_clang_bug-structured_binding.patch
    * chromium-121-missing-header-files.patch
    * chromium-121-rust-clang_lib.patch
    * chromium-121-python3-invalid-escape-sequence.patch
    * chromium-121-rust-clang_lib.patch
    * chromium-121-avoid-SFINAE-TypeConverter.patch
    * chromium-121-blink-libxml-const.patch
  - Add patch chromium-disable-FFmpegAllowLists.patch:
    disable codec checker this will always fail (bsc#1219070)
* Wed Jan 17 2024 Andreas Stieger <[email protected]>
  - Chromium 120.0.6099.224 (boo#1218892)
    * CVE-2024-0517: Out of bounds write in V8
    * CVE-2024-0518: Type Confusion in V8
    * CVE-2024-0519: Out of bounds memory access in V8
    * Various fixes from internal audits, fuzzing and other initiatives
* Sun Jan 14 2024 Callum Farmer <[email protected]>
  - Replace chromium-120-lp155-revert-clang-build-failure.patch
    with chromium-120-make_unique-struct.patch - which avoids
    reverting changes and instead provides a stub constructor to fix
    build on Leap
* Sat Jan 13 2024 Andreas Stieger <[email protected]>
  - Chromium 120.0.6099.216 (boo#1217839, boo#1218048, boo#1218302,
    boo#1218533, boo#1218719)
    * CVE-2024-0333: Insufficient data validation in Extensions
    * CVE-2024-0222: Use after free in ANGLE
    * CVE-2024-0223: Heap buffer overflow in ANGLE
    * CVE-2024-0224: Use after free in WebAudio
    * CVE-2024-0225: Use after free in WebGPU
    * CVE-2023-7024: Heap buffer overflow in WebRTC
    * CVE-2023-6702: Type Confusion in V8
    * CVE-2023-6703: Use after free in Blink
    * CVE-2023-6704: Use after free in libavif (boo#1218303)
    * CVE-2023-6705: Use after free in WebRTC
    * CVE-2023-6706: Use after free in FedCM
    * CVE-2023-6707: Use after free in CSS
    * CVE-2023-6508: Use after free in Media Stream
    * CVE-2023-6509: Use after free in Side Panel Search
    * CVE-2023-6510: Use after free in Media Capture
    * CVE-2023-6511: Inappropriate implementation in Autofill
    * CVE-2023-6512: Inappropriate implementation in Web Browser UI
  - drop patches:
    * chromium-system-libusb.patch
    * chromium-119-nullptr_t-without-namespace-std.patch
    * chromium-119-no_matching_constructor.patch
    * chromium-117-workaround_clang_bug-structured_binding.patch
  - add patches:
    * chromium-120-nullptr_t-without-namespace-std.patch
    * chromium-120-emplace.patch
    * chromium-120-lp155-typename.patch
    * chromium-120-no_matching_constructor.patch
    * chromium-120-missing-header-files.patch
    * chromium-120-emplace-struct.patch
    * chromium-120-workaround_clang_bug-structured_binding.patch
  - add patches for Leap that revert braking changes:
    * chromium-120-lp155-revert-clang-build-failure.patch
* Wed Nov 29 2023 Andreas Stieger <[email protected]>
  - Chromium 119.0.6045.199 (boo#1217616)
    * CVE-2023-6348: Type Confusion in Spellcheck
    * CVE-2023-6347: Use after free in Mojo
    * CVE-2023-6346: Use after free in WebAudio
    * CVE-2023-6350: Out of bounds memory access in libavif (boo#1217614)
    * CVE-2023-6351: Use after free in libavif (boo#1217615)
    * CVE-2023-6345: Integer overflow in Skia
    * Various fixes from internal audits, fuzzing and other initiatives
* Wed Nov 15 2023 Andreas Stieger <[email protected]>
  - Chromium 119.0.6045.159 (boo#1217142)
    * CVE-2023-5997: Use after free in Garbage Collection
    * CVE-2023-6112: Use after free in Navigation
    * Various fixes from internal audits, fuzzing and other initiatives
* Fri Nov 10 2023 Andreas Stieger <[email protected]>
  - Chromium 119.0.6045.123 (boo#1216978)
    * CVE-2023-5996: Use after free in WebAudio
  - Chromium 119.0.6045.105 (boo#1216783)
    * CVE-2023-5480: Inappropriate implementation in Payments
    * CVE-2023-5482: Insufficient data validation in USB
    * CVE-2023-5849: Integer overflow in USB
    * CVE-2023-5850: Incorrect security UI in Downloads
    * CVE-2023-5851: Inappropriate implementation in Downloads
    * CVE-2023-5852: Use after free in Printing
    * CVE-2023-5853: Incorrect security UI in Downloads
    * CVE-2023-5854: Use after free in Profiles
    * CVE-2023-5855: Use after free in Reading Mode
    * CVE-2023-5856: Use after free in Side Panel
    * CVE-2023-5857: Inappropriate implementation in Downloads
    * CVE-2023-5858: Inappropriate implementation in WebApp Provider
    * CVE-2023-5859: Incorrect security UI in Picture In Picture
  - dropped patches:
    * chromium-98-gtk4-build.patch
    * chromium-118-system-freetype.patch
    * chromium-118-no_matching_constructor.patch
  - added patches:
    * chromium-119-no_matching_constructor.patch
    * chromium-119-dont-redefine-ATSPI-version-macros.patch
    * chromium-119-nullptr_t-without-namespace-std.patch
    * chromium-119-assert.patch
* Tue Oct 24 2023 Andreas Stieger <[email protected]>
  - Chromium 118.0.5993.117 (boo#1216549)
    * CVE-2023-5472: Use after free in Profiles
    * Various fixes from internal audits, fuzzing and other initiatives
* Wed Oct 18 2023 Andreas Stieger <[email protected]>
  - Chromium 118.0.5993.88:
    * unspecified security fix (boo#1216392)
* Wed Oct 11 2023 Andreas Stieger <[email protected]>
  - refresh chromium-117-emplace_back_on_vector-c++20.patch and
    chromium-117-lp155-constructors.patch to
    chromium-118-no_matching_constructor.patch
* Tue Oct 10 2023 Andreas Stieger <[email protected]>
  - Chromium 118.0.5993.70 (boo#1216111)
    * CVE-2023-5218: Use after free in Site Isolation
    * CVE-2023-5487: Inappropriate implementation in Fullscreen
    * CVE-2023-5484: Inappropriate implementation in Navigation
    * CVE-2023-5475: Inappropriate implementation in DevTools
    * CVE-2023-5483: Inappropriate implementation in Intents
    * CVE-2023-5481: Inappropriate implementation in Downloads
    * CVE-2023-5476: Use after free in Blink History
    * CVE-2023-5474: Heap buffer overflow in PDF
    * CVE-2023-5479: Inappropriate implementation in Extensions API
    * CVE-2023-5485: Inappropriate implementation in Autofill
    * CVE-2023-5478: Inappropriate implementation in Autofill
    * CVE-2023-5477: Inappropriate implementation in Installer
    * CVE-2023-5486: Inappropriate implementation in Input
    * CVE-2023-5473: Use after free in Cast
  - Build with system freetype (again), and zstd
  - add patches:
    * chromium-118-system-freetype.patch
    * chromium-117-system-zstd.patch
* Sat Oct 07 2023 Andreas Stieger <[email protected]>
  - Chromium 118.0.5993.54
  - add patches:
    * chromium-118-includes.patch
* Wed Oct 04 2023 Andreas Stieger <[email protected]>
  - Chromium 117.0.5938.149:
    * CVE-2023-5346: Type Confusion in V8 (boo#1215924)
* Wed Sep 27 2023 Andreas Stieger <[email protected]>
  - Chromium 117.0.5938.132 (boo#1215776):
    * CVE-2023-5217: Heap buffer overflow in vp8 encoding in libvpx (boo#1215778)
    * CVE-2023-5186: Use after free in Passwords
    * CVE-2023-5187: Use after free in Extensions
* Fri Sep 22 2023 Andreas Stieger <[email protected]>
  - Chromium 117.0.5938.92:
    * stability improvements
* Wed Sep 20 2023 Andreas Stieger <[email protected]>
  - Add explicit build dependency on libepoxy for Tumbleweed
* Sun Sep 17 2023 Andreas Stieger <[email protected]>
  - Chromium 117.0.5938.88 (boo#1215279)
    * CVE-2023-4900: Inappropriate implementation in Custom Tabs
    * CVE-2023-4901: Inappropriate implementation in Prompts
    * CVE-2023-4902: Inappropriate implementation in Input
    * CVE-2023-4903: Inappropriate implementation in Custom Mobile Tabs
    * CVE-2023-4904: Insufficient policy enforcement in Downloads
    * CVE-2023-4905: Inappropriate implementation in Prompts
    * CVE-2023-4906: Insufficient policy enforcement in Autofill
    * CVE-2023-4907: Inappropriate implementation in Intents
    * CVE-2023-4908: Inappropriate implementation in Picture in Picture
    * CVE-2023-4909: Inappropriate implementation in Interstitials
  - drop patches:
    * chromium-100-InMilliseconds-constexpr.patch
    * chromium-115-Qt-moc-version.patch
    * chromium-116-profile-view-utils-vector-include.patch
    * chromium-116-blink-variant-include.patch
    * chromium-116-abseil-limits-include.patch
    * chromium-116-lp155-constuctors.patch
    * chromium-115-workaround_clang_bug-structured_binding.patch
    * chromium-115-emplace_back_on_vector-c++20.patch
  - add patches:
    * chromium-117-blink-BUILD-mnemonic.patch
    * chromium-117-includes.patch
    * chromium-117-lp155-constructors.patch
    * chromium-117-string-convert.patch
    * chromium-117-lp155-typename.patch
    * chromium-117-workaround_clang_bug-structured_binding.patch
    * chromium-117-emplace_back_on_vector-c++20.patch
* Wed Sep 13 2023 Andreas Stieger <[email protected]>
  - CVE-2023-4863: build with the bundled library on Leap (boo#1215231)
* Tue Sep 12 2023 Andreas Stieger <[email protected]>
  - Chromium 116.0.5845.187 (boo#1215231):
    * CVE-2023-4863: Heap buffer overflow in WebP
* Wed Sep 06 2023 Andreas Stieger <[email protected]>
  - Chromium 116.0.5845.179 (boo#1215023):
    * CVE-2023-4761: Out of bounds memory access in FedCM
    * CVE-2023-4762: Type Confusion in V8
    * CVE-2023-4763: Use after free in Networks
    * CVE-2023-4764: Incorrect security UI in BFCache
* Wed Aug 30 2023 Andreas Stieger <[email protected]>
  - Chromium 116.0.5845.140 (boo#1214758):
    * CVE-2023-4572: Use after free in MediaStream
* Wed Aug 23 2023 Andreas Stieger <[email protected]>
  - Chromium 116.0.5845.110 (boo#1214487):
    * CVE-2023-4427: Out of bounds memory access in V8
    * CVE-2023-4428: Out of bounds memory access in CSS
    * CVE-2023-4429: Use after free in Loader
    * CVE-2023-4430: Use after free in Vulkan
    * CVE-2023-4431: Out of bounds memory access in Fonts
* Mon Aug 14 2023 Andreas Stieger <[email protected]>
  - Chromium 116.0.5845.96
    * New CSS features: Motion Path, and "display" and
      "content-visibility" animations
    * Web APIs: AbortSignal.any(), BYOB support for Fetch, Back/
      forward cache NotRestoredReason API, Document Picture-in-
      Picture, Expanded Wildcards in Permissions Policy Origins,
      FedCM bundle: Login Hint API, User Info API, and RP Context API,
      Non-composed Mouse and Pointer enter/leave events,
      Remove document.open sandbox inheritance,
      Report Critical-CH caused restart in NavigationTiming
  - fix a number of security issues (boo#1214301):
    * CVE-2023-2312: Use after free in Offline
    * CVE-2023-4349: Use after free in Device Trust Connectors
    * CVE-2023-4350: Inappropriate implementation in Fullscreen
    * CVE-2023-4351: Use after free in Network
    * CVE-2023-4352: Type Confusion in V8
    * CVE-2023-4353: Heap buffer overflow in ANGLE
    * CVE-2023-4354: Heap buffer overflow in Skia
    * CVE-2023-4355: Out of bounds memory access in V8
    * CVE-2023-4356: Use after free in Audio
    * CVE-2023-4357: Insufficient validation of untrusted input in XML
    * CVE-2023-4358: Use after free in DNS
    * CVE-2023-4359: Inappropriate implementation in App Launcher
    * CVE-2023-4360: Inappropriate implementation in Color
    * CVE-2023-4361: Inappropriate implementation in Autofill
    * CVE-2023-4362: Heap buffer overflow in Mojom IDL
    * CVE-2023-4363: Inappropriate implementation in WebShare
    * CVE-2023-4364: Inappropriate implementation in Permission Prompts
    * CVE-2023-4365: Inappropriate implementation in Fullscreen
    * CVE-2023-4366: Use after free in Extensions
    * CVE-2023-4367: Insufficient policy enforcement in Extensions API
    * CVE-2023-4368: Insufficient policy enforcement in Extensions API
  - drop patches:
    * chromium-115-add_BoundSessionRefreshCookieFetcher::Result.patch
    * chromium-115-verify_name_match-include.patch
    * chromium-86-fix-vaapi-on-intel.patch
    * chromium-115-skia-include.patch
    * chromium-115-dont-pass-nullptr-to-construct-re2-StringPiece.patch
  - add patches:
    * chromium-116-profile-view-utils-vector-include.patch
    * chromium-116-blink-variant-include.patch
    * chromium-116-lp155-url_load_stats-size-t.patch
    * chromium-116-abseil-limits-include.patch
    * chromium-116-lp155-typenames.patch
    * chromium-116-lp155-constuctors.patch
  - Build with bundled re2 on Leap
* Wed Aug 09 2023 Andreas Stieger <[email protected]>
  - Fix crash with extensions (boo#1214003)
    chromium-115-dont-pass-nullptr-to-construct-re2-StringPiece.patch
* Thu Aug 03 2023 Andreas Stieger <[email protected]>
  - Chromium 115.0.5790.170 (boo#1213920)
    * CVE-2023-4068: Type Confusion in V8
    * CVE-2023-4069: Type Confusion in V8
    * CVE-2023-4070: Type Confusion in V8
    * CVE-2023-4071: Heap buffer overflow in Visuals
    * CVE-2023-4072: Out of bounds read and write in WebGL
    * CVE-2023-4073: Out of bounds memory access in ANGLE
    * CVE-2023-4074: Use after free in Blink Task Scheduling
    * CVE-2023-4075: Use after free in Cast
    * CVE-2023-4076: Use after free in WebRTC
    * CVE-2023-4077: Insufficient data validation in Extensions
    * CVE-2023-4078: Inappropriate implementation in Extensions
* Fri Jul 28 2023 Andreas Stieger <[email protected]>
  - Specify re2 build dependency in a way that makes Leap packages
    build in devel project and in Maintenance
* Sun Jul 23 2023 Andreas Stieger <[email protected]>
  - Chromium 115.0.5790.102:
    * stability fix
  - Add build fixes on Leap:
    * chromium-115-emplace_back_on_vector-c++20.patch
    * chromium-115-compiler-SkColor4f.patch
    * chromium-115-workaround_clang_bug-structured_binding.patch
    * chromium-115-add_BoundSessionRefreshCookieFetcher::Result.patch
  - adjust chromium-115-lp155-typename.patch
  - drop chromium-114-workaround_clang_bug-structured_binding.patch
* Wed Jul 19 2023 Andreas Stieger <[email protected]>
  - Chromium 115.0.5790.98
    * Security: The Storage, Service Worker, and Communication APIs
      are now partitioned in third-party contexts to prevent certain
      types of side-channel cross-site tracking
    * HTTPS: Automatically and optimistically upgrade all main-frame
      navigations to HTTPS, with fast fallback to HTTP.
    * CSS: accept multiple values of the display property
    * CSS: support boolean context style container queries
    * CSS: support scroll-driven animations
    * Increase the maximum size of a WebAssembly.Module() on the main
      thread to 8 MB
    * FedCM: Support credential management mediation requirements for
      auto re-authentication
    * Deprecate the document.domain setter
    * Deprecate mutation events
    * Security fixes (boo#1213462):
      CVE-2023-3727: Use after free in WebRTC
      CVE-2023-3728: Use after free in WebRTC
      CVE-2023-3730: Use after free in Tab Groups
      CVE-2023-3732: Out of bounds memory access in Mojo
      CVE-2023-3733: Inappropriate implementation in WebApp Installs
      CVE-2023-3734: Inappropriate implementation in Picture In Picture
      CVE-2023-3735: Inappropriate implementation in Web API Permission Prompts
      CVE-2023-3736: Inappropriate implementation in Custom Tabs
      CVE-2023-3737: Inappropriate implementation in Notifications
      CVE-2023-3738: Inappropriate implementation in Autofill
      CVE-2023-3740: Insufficient validation of untrusted input in Themes
      Various fixes from internal audits, fuzzing and other initiatives
  - drop chromium-113-typename.patch
  - add chromium-115-skia-include.patch
  - add chromium-115-verify_name_match-include.patch
  - add chromium-115-lp155-typename.patch
  - Add chromium-115-Qt-moc-version.patch: support Qt5 & Qt6 without
    built-in copy of shim
* Tue Jun 27 2023 Andreas Stieger <[email protected]>
  - Chromium 114.0.5735.198 (boo#1212755):
    * CVE-2023-3420: Type Confusion in V8
    * CVE-2023-3421: Use after free in Media
    * CVE-2023-3422: Use after free in Guest View
* Sun Jun 25 2023 Callum Farmer <[email protected]>
  - Install Qt5 library & prepare for Qt6 in 115
* Wed Jun 14 2023 Andreas Stieger <[email protected]>
  - Chromium 114.0.5735.133 (boo#1212302):
    * CVE-2023-3214: Use after free in Autofill payments
    * CVE-2023-3215: Use after free in WebRTC
    * CVE-2023-3216: Type Confusion in V8
    * CVE-2023-3217: Use after free in WebXR
    * Various fixes from internal audits, fuzzing and other initiatives
* Wed Jun 07 2023 Andreas Stieger <[email protected]>
  - Fix Leap 15.4 build - chromium-114-revert-av1enc-lp154.patch
* Tue Jun 06 2023 Andreas Stieger <[email protected]>
  - Chromium 114.0.5735.106 (boo#1212044):
    * CVE-2023-3079: Type Confusion in V8
* Sun Jun 04 2023 Callum Farmer <[email protected]>
  - Chromium 114.0.5735.90 (boo#1211843):
    * CSS text-wrap: balance is available
    * Cookies partitioned by top level site (CHIPS)
    * New Popover API
  - Security fixes:
    * CVE-2023-2929: Out of bounds write in Swiftshader
    * CVE-2023-2930: Use after free in Extensions
    * CVE-2023-2931: Use after free in PDF
    * CVE-2023-2932: Use after free in PDF
    * CVE-2023-2933: Use after free in PDF
    * CVE-2023-2934: Out of bounds memory access in Mojo
    * CVE-2023-2935: Type Confusion in V8
    * CVE-2023-2936: Type Confusion in V8
    * CVE-2023-2937: Inappropriate implementation in Picture In Picture
    * CVE-2023-2938: Inappropriate implementation in Picture In Picture
    * CVE-2023-2939: Insufficient data validation in Installer
    * CVE-2023-2940: Inappropriate implementation in Downloads
    * CVE-2023-2941: Inappropriate implementation in Extensions API
  - Drop patches:
    * chromium-103-VirtualCursor-std-layout.patch
    * chromium-113-system-zlib.patch
    * chromium-113-workaround_clang_bug-structured_binding.patch
  - Add patches
    * chromium-114-workaround_clang_bug-structured_binding.patch
    * chromium-114-lld-argument.patch
* Tue May 30 2023 Callum Farmer <[email protected]>
  - Un-bundle zlib again
  - Remove un-needed patches:
    * chromium-112-default-comparison-operators.patch
    * chromium-109-clang-lp154.patch
    * chromium-clang-nomerge.patch
    * chromium-ffmpeg-lp152.patch
    * chromium-lp151-old-drm.patch
  - Added patches:
    * chromium-113-system-zlib.patch
* Sun May 28 2023 Andreas Stieger <[email protected]>
  - build with llvm15 on Leap
* Tue May 16 2023 Andreas Stieger <[email protected]>
  - Chromium 113.0.5672.126 (boo#1211442):
    * CVE-2023-2721: Use after free in Navigation
    * CVE-2023-2722: Use after free in Autofill UI
    * CVE-2023-2723: Use after free in DevTools
    * CVE-2023-2724: Type Confusion in V8
    * CVE-2023-2725: Use after free in Guest View
    * CVE-2023-2726: Inappropriate implementation in WebApp Installs
    * Various fixes from internal audits, fuzzing and other initiatives
* Tue May 09 2023 Andreas Stieger <[email protected]>
  - Chromium 113.0.5672.92 (boo#1211211)
  - Multiple security fixes (boo#1211036):
    * CVE-2023-2459: Inappropriate implementation in Prompts
    * CVE-2023-2460: Insufficient validation of untrusted input in Extensions
    * CVE-2023-2461: Use after free in OS Inputs
    * CVE-2023-2462: Inappropriate implementation in Prompts
    * CVE-2023-2463: Inappropriate implementation in Full Screen Mode
    * CVE-2023-2464: Inappropriate implementation in PictureInPicture
    * CVE-2023-2465: Inappropriate implementation in CORS
    * CVE-2023-2466: Inappropriate implementation in Prompts
    * CVE-2023-2467: Inappropriate implementation in Prompts
    * CVE-2023-2468: Inappropriate implementation in PictureInPicture
  - drop chromium-94-sql-no-assert.patch
  - drop no-location-leap151.patch
  - add chromium-113-webview-namespace.patch
  - add chromium-113-webauth-include-variant.patch
  - add chromium-113-typename.patch
  - add chromium-113-workaround_clang_bug-structured_binding.patch
* Wed Apr 19 2023 Andreas Stieger <[email protected]>
  - Chromium 112.0.5615.165 (boo#1210618):
    * CVE-2023-2133: Out of bounds memory access in Service Worker API
    * CVE-2023-2134: Out of bounds memory access in Service Worker API
    * CVE-2023-2135: Use after free in DevTools
    * CVE-2023-2136: Integer overflow in Skia
    * CVE-2023-2137: Heap buffer overflow in sqlite
  - drop chromium-112-feed_protos.patch
* Sun Apr 16 2023 Andreas Stieger <[email protected]>
  - Fix Leap 15.4 build failures from default comparison operators
    defined outside of the class definition, a C++20 feature
    adding chromium-112-default-comparison-operators.patch
* Sat Apr 15 2023 Andreas Stieger <[email protected]>
  - Chromium 112.0.5615.121:
    * CVE-2023-2033: Type Confusion in V8 (boo#1210478)
* Fri Apr 07 2023 Andreas Stieger <[email protected]>
  - Revert a breaking change with chromium-112-feed_protos.patch
* Tue Apr 04 2023 Andreas Stieger <[email protected]>
  - Chromium 112.0.5615.49
    * CSS now supports nesting rules.
    * The algorithm to set the initial focus on <dialog> elements was updated.
    * No-op fetch() handlers on service workers are skipped from now on to make navigations faster
    * The setter for document.domain is now deprecated.
    * The recorder in devtools can now record with pierce selectors.
    * Security fixes (boo#1210126):
    * CVE-2023-1810: Heap buffer overflow in Visuals
    * CVE-2023-1811: Use after free in Frames
    * CVE-2023-1812: Out of bounds memory access in DOM Bindings
    * CVE-2023-1813: Inappropriate implementation in Extensions
    * CVE-2023-1814: Insufficient validation of untrusted input in Safe Browsing
    * CVE-2023-1815: Use after free in Networking APIs
    * CVE-2023-1816: Incorrect security UI in Picture In Picture
    * CVE-2023-1817: Insufficient policy enforcement in Intents
    * CVE-2023-1818: Use after free in Vulkan
    * CVE-2023-1819: Out of bounds read in Accessibility
    * CVE-2023-1820: Heap buffer overflow in Browser History
    * CVE-2023-1821: Inappropriate implementation in WebShare
    * CVE-2023-1822: Incorrect security UI in Navigation
    * CVE-2023-1823: Inappropriate implementation in FedCM
* Mon Mar 27 2023 Andreas Stieger <[email protected]>
  - Chromium 111.0.5563.147:
    * nth-child() validation performance regression for SAP apps
* Thu Mar 23 2023 Guillaume GARDET <[email protected]>
  - Update gcc13-fix.patch with few fixes required for aarch64,
    borrowed from Fedora's gcc13 patch
* Wed Mar 22 2023 Andreas Stieger <[email protected]>
  - Chromium 111.0.5563.110 (boo#1209598)
    * CVE-2023-1528: Use after free in Passwords
    * CVE-2023-1529: Out of bounds memory access in WebHID
    * CVE-2023-1530: Use after free in PDF
    * CVE-2023-1531: Use after free in ANGLE
    * CVE-2023-1532: Out of bounds read in GPU Video
    * CVE-2023-1533: Use after free in WebProtect
    * CVE-2023-1534: Out of bounds read in ANGLE
* Mon Mar 20 2023 Martin Liška <[email protected]>
  - Add gcc13-fix.patch in order to support GCC 13.
* Fri Mar 10 2023 Callum Farmer <[email protected]>
  - Revert back to GCC 11 on 15.4 as Clang 13 doesn't support GCC 12
* Thu Mar 09 2023 Callum Farmer <[email protected]>
  - Bump Leap's GCC to 12 as Chromium really likes newer standards
* Thu Mar 09 2023 Andreas Stieger <[email protected]>
  - Chromium 111.0.5563.64
    * New View Transitions API
    * CSS Color Level 4
    * New developer tools in style panel for color functionality
    * CSS added trigonometric functions, additional root font units
      and extended the n-th child pseudo selector.
    * previousslide and nextslide actions are now part of the Media
      Session API
    * A number of security fixes (boo#1209040)
    * CVE-2023-1213: Use after free in Swiftshader
    * CVE-2023-1214: Type Confusion in V8
    * CVE-2023-1215: Type Confusion in CSS
    * CVE-2023-1216: Use after free in DevTools
    * CVE-2023-1217: Stack buffer overflow in Crash reporting
    * CVE-2023-1218: Use after free in WebRTC
    * CVE-2023-1219: Heap buffer overflow in Metrics
    * CVE-2023-1220: Heap buffer overflow in UMA
    * CVE-2023-1221: Insufficient policy enforcement in Extensions API
    * CVE-2023-1222: Heap buffer overflow in Web Audio API
    * CVE-2023-1223: Insufficient policy enforcement in Autofill
    * CVE-2023-1224: Insufficient policy enforcement in Web Payments API
    * CVE-2023-1225: Insufficient policy enforcement in Navigation
    * CVE-2023-1226: Insufficient policy enforcement in Web Payments API
    * CVE-2023-1227: Use after free in Core
    * CVE-2023-1228: Insufficient policy enforcement in Intents
    * CVE-2023-1229: Inappropriate implementation in Permission prompts
    * CVE-2023-1230: Inappropriate implementation in WebApp Installs
    * CVE-2023-1231: Inappropriate implementation in Autofill
    * CVE-2023-1232: Insufficient policy enforcement in Resource Timing
    * CVE-2023-1233: Insufficient policy enforcement in Resource Timing
    * CVE-2023-1234: Inappropriate implementation in Intents
    * CVE-2023-1235: Type Confusion in DevTools
    * CVE-2023-1236: Inappropriate implementation in Internals
  - drop patches:
    * chromium-86-ImageMemoryBarrierData-init.patch
    * chromium-93-InkDropHost-crash.patch
    * chromium-110-NativeThemeBase-fabs.patch
    * chromium-110-CredentialUIEntry-const.patch
    * chromium-110-DarkModeLABColorSpace-pow.patch
    * v8-move-the-Stack-object-from-ThreadLocalTop.patch
    * chromium-icu72-1.patch
* Thu Feb 23 2023 Andreas Stieger <[email protected]>
  - Chromium 110.0.5481.177 (boo#1208589)
    * CVE-2023-0927: Use after free in Web Payments API
    * CVE-2023-0928: Use after free in SwiftShader
    * CVE-2023-0929: Use after free in Vulkan
    * CVE-2023-0930: Heap buffer overflow in Video
    * CVE-2023-0931: Use after free in Video
    * CVE-2023-0932: Use after free in WebRTC
    * CVE-2023-0933: Integer overflow in PDF
    * CVE-2023-0941: Use after free in Prompts
    * Various fixes from internal audits, fuzzing and other initiatives
* Thu Feb 16 2023 Andreas Stieger <[email protected]>
  - Chromium 110.0.5481.100
    * fix regression on SAP Business Objects web UI
    * fix date formatting behavior change from ICU 72
* Wed Feb 08 2023 Andreas Stieger <[email protected]>
  - Chromium 110.0.5481.77 (boo#1208029):
    * CVE-2023-0696: Type Confusion in V8
    * CVE-2023-0697: Inappropriate implementation in Full screen mode
    * CVE-2023-0698: Out of bounds read in WebRTC
    * CVE-2023-0699: Use after free in GPU
    * CVE-2023-0700: Inappropriate implementation in Download
    * CVE-2023-0701: Heap buffer overflow in WebUI
    * CVE-2023-0702: Type Confusion in Data Transfer
    * CVE-2023-0703: Type Confusion in DevTools
    * CVE-2023-0704: Insufficient policy enforcement in DevTools
    * CVE-2023-0705: Integer overflow in Core
    * Various fixes from internal audits, fuzzing and other initiatives
  - build with bundled libavif
  - dropped patches:
    * chromium-109-compiler.patch
    * chromium-icu72-3.patch
  - added patches:
    * chromium-110-compiler.patch
    * chromium-110-system-libffi.patch
    * chromium-110-NativeThemeBase-fabs.patch
    * chromium-110-CredentialUIEntry-const.patch
    * chromium-110-DarkModeLABColorSpace-pow.patch
    * v8-move-the-Stack-object-from-ThreadLocalTop.patch
* Wed Jan 25 2023 Andreas Stieger <[email protected]>
  - Chromium 109.0.5414.119 (boo#1207512):
    * CVE-2023-0471: Use after free in WebTransport
    * CVE-2023-0472: Use after free in WebRTC
    * CVE-2023-0473: Type Confusion in ServiceWorker API
    * CVE-2023-0474: Use after free in GuestView
    * Various fixes from internal audits, fuzzing and other
      initiatives
* Tue Jan 17 2023 Callum Farmer <[email protected]>
  - Added patches:
    * chromium-icu72-1.patch: ensure TextCodecCJK doesn't conflict
      with system icu (bsc#1207147)
    * chromium-icu72-2.patch: align default characters for old icu
      with that of ICU 72
    * chromium-icu72-3.patch: make V8 aware of space in ICU 72 time
      format
* Tue Jan 10 2023 Andreas Stieger <[email protected]>
  - Chromium 109.0.5414.74:
    * Add support for MathML Core
    * CSS: Auto range support for font descriptors inside @font-face
      rule
    * CSS: Add lh length unit
    * CSS: Add hyphenate-limit-chars property
    * CSS: Snap border, outline and column-rule widths before layout
    * API: Improved screen sharing and web conferencing: hints for
      suppressing local audio playback, and Conditional Focus
    * API: HTTP response status code in the Resource Timing API
    * API: Same-site cross-origin prerendering triggered by the
      speculation rules API
    * Remove Event.path API
    * CVE-2023-0128: Use after free in Overview Mode
    * CVE-2023-0129: Heap buffer overflow in Network Service
    * CVE-2023-0130: Inappropriate implementation in Fullscreen API
    * CVE-2023-0131: Inappropriate implementation in iframe Sandbox
    * CVE-2023-0132: Inappropriate implementation in Permission prompts
    * CVE-2023-0133: Inappropriate implementation in Permission prompts
    * CVE-2023-0134: Use after free in Cart
    * CVE-2023-0135: Use after free in Cart
    * CVE-2023-0136: Inappropriate implementation in Fullscreen API
    * CVE-2023-0137: Heap buffer overflow in Platform Apps
    * CVE-2023-0138: Heap buffer overflow in libphonenumber
    * CVE-2023-0139: Insufficient validation of untrusted input in Downloads
    * CVE-2023-0140: Inappropriate implementation in File System API
    * CVE-2023-0141: Insufficient policy enforcement in CORS
    * Various fixes from internal audits, fuzzing and other initiatives
  - drop patches:
    * chromium-gcc11.patch - not needed
    * chromium-107-system-zlib.patch - upstream
    * chromium-108-compiler.patch
  - add patches:
    * chromium-109-compiler.patch
    * chromium-109-clang-lp154.patch
* Sun Dec 18 2022 Callum Farmer <[email protected]>
  - Add chromium-disable-GlobalMediaControlsCastStartStop.patch:
    disable GlobalMediaControlsCastStartStop to fix crashes
    occurring when interacting with the Media UI (bsc#1198124)
* Wed Dec 14 2022 Andreas Stieger <[email protected]>
  - Chromium 108.0.5359.124 (boo#1206403):
    * CVE-2022-4436: Use after free in Blink Media
    * CVE-2022-4437: Use after free in Mojo IPC
    * CVE-2022-4438: Use after free in Blink Frames
    * CVE-2022-4439: Use after free in Aura
    * CVE-2022-4440: Use after free in Profiles
* Wed Dec 07 2022 Andreas Stieger <[email protected]>
  - Chromium 108.0.5359.98
    * Fix regression in computing <select> visibility
* Sat Dec 03 2022 Andreas Stieger <[email protected]>
  - Chromium 108.0.5359.94:
    * CVE-2022-4262: Type Confusion in V8 (boo#1205999)
* Wed Nov 30 2022 Andreas Stieger <[email protected]>
  - Chromium 108.0.5359.71 (boo#1205871):
    * CVE-2022-4174: Type Confusion in V8
    * CVE-2022-4175: Use after free in Camera Capture
    * CVE-2022-4176: Out of bounds write in Lacros Graphics
    * CVE-2022-4177: Use after free in Extensions
    * CVE-2022-4178: Use after free in Mojo
    * CVE-2022-4179: Use after free in Audio
    * CVE-2022-4180: Use after free in Mojo
    * CVE-2022-4181: Use after free in Forms
    * CVE-2022-4182: Inappropriate implementation in Fenced Frames
    * CVE-2022-4183: Insufficient policy enforcement in Popup Blocker
    * CVE-2022-4184: Insufficient policy enforcement in Autofill
    * CVE-2022-4185: Inappropriate implementation in Navigation
    * CVE-2022-4186: Insufficient validation of untrusted input in Downloads
    * CVE-2022-4187: Insufficient policy enforcement in DevTools
    * CVE-2022-4188: Insufficient validation of untrusted input in CORS
    * CVE-2022-4189: Insufficient policy enforcement in DevTools
    * CVE-2022-4190: Insufficient data validation in Directory
    * CVE-2022-4191: Use after free in Sign-In
    * CVE-2022-4192: Use after free in Live Caption
    * CVE-2022-4193: Insufficient policy enforcement in File System API
    * CVE-2022-4194: Use after free in Accessibility
    * CVE-2022-4195: Insufficient policy enforcement in Safe Browsing
  - drop chromium-105-wayland-1.20.patch, upstream
  - drop chromium-107-compiler.patch
  - add chromium-108-compiler.patch
  - drop chromium-98-EnumTable-crash.patch
* Thu Nov 24 2022 Andreas Stieger <[email protected]>
  - Chromium 107.0.5304.121 (boo#1205736)
    * CVE-2022-4135: Heap buffer overflow in GPU
* Thu Nov 17 2022 Andreas Stieger <[email protected]>
  - Build with llvm15 on openSUSE:Backports:SLE-15-SP5 and up
* Wed Nov 09 2022 Andreas Stieger <[email protected]>
  - Chromium 107.0.5304.110 (boo#1205221)
    * CVE-2022-3885: Use after free in V8
    * CVE-2022-3886: Use after free in Speech Recognition
    * CVE-2022-3887: Use after free in Web Workers
    * CVE-2022-3888: Use after free in WebCodecs
    * CVE-2022-3889: Type Confusion in V8
    * CVE-2022-3890: Heap buffer overflow in Crashpad
* Fri Oct 28 2022 Andreas Stieger <[email protected]>
  - Chromium 107.0.5304.87 (boo#1204819)
    * CVE-2022-3723: Type Confusion in V8
* Thu Oct 27 2022 Callum Farmer <[email protected]>
  - Chromium 107.0.5304.68 (boo#1204732)
    * CVE-2022-3652: Type Confusion in V8
    * CVE-2022-3653: Heap buffer overflow in Vulkan
    * CVE-2022-3654: Use after free in Layout
    * CVE-2022-3655: Heap buffer overflow in Media Galleries
    * CVE-2022-3656: Insufficient data validation in File System
    * CVE-2022-3657: Use after free in Extensions
    * CVE-2022-3658: Use after free in Feedback service on Chrome OS
    * CVE-2022-3659: Use after free in Accessibility
    * CVE-2022-3660: Inappropriate implementation in Full screen mode
    * CVE-2022-3661: Insufficient data validation in Extensions
  - Added patches:
    * chromium-107-compiler.patch
    * chromium-107-system-zlib.patch
  - Removed patches:
    * chromium-105-compiler.patch
    * chromium-105-Bitmap-include.patch
    * chromium-106-AutofillPopupControllerImpl-namespace.patch
  - Unbundle libyuv and libavif on TW
  - Prepare 15.5
  - Use qt on 15.4+ (15.3 too old)
* Wed Oct 12 2022 Andreas Stieger <[email protected]>
  - Chromium 106.0.5249.119 (boo#1204223)
    * CVE-2022-3445: Use after free in Skia
    * CVE-2022-3446: Heap buffer overflow in WebSQL
    * CVE-2022-3447: Inappropriate implementation in Custom Tabs
    * CVE-2022-3448: Use after free in Permissions API
    * CVE-2022-3449: Use after free in Safe Browsing
    * CVE-2022-3450: Use after free in Peer Connection
* Thu Oct 06 2022 Andreas Stieger <[email protected]>
  - Chromium 106.0.5249.103:
    * fix possible cache manager deadlock
    * Fix right-click menu appearing unexpectedly affecting screen
      readers
* Sat Oct 01 2022 Andreas Stieger <[email protected]>
  - Chromium 106.0.5249.91 (boo#1203808):
    * CVE-2022-3370: Use after free in Custom Elements
    * CVE-2022-3373: Out of bounds write in V8
  - includes changes from 106.0.5249.61:
    * CVE-2022-3304: Use after free in CSS
    * CVE-2022-3201: Insufficient validation of untrusted input in Developer Tools
    * CVE-2022-3305: Use after free in Survey
    * CVE-2022-3306: Use after free in Survey
    * CVE-2022-3307: Use after free in Media
    * CVE-2022-3308: Insufficient policy enforcement in Developer Tools
    * CVE-2022-3309: Use after free in Assistant
    * CVE-2022-3310: Insufficient policy enforcement in Custom Tabs
    * CVE-2022-3311: Use after free in Import
    * CVE-2022-3312: Insufficient validation of untrusted input in VPN
    * CVE-2022-3313: Incorrect security UI in Full Screen
    * CVE-2022-3314: Use after free in Logging
    * CVE-2022-3315: Type confusion in Blink
    * CVE-2022-3316: Insufficient validation of untrusted input in Safe Browsing
    * CVE-2022-3317: Insufficient validation of untrusted input in Intents
    * CVE-2022-3318: Use after free in ChromeOS Notifications
  - drop patches:
    * chromium-104-tflite-system-zlib.patch
    * chromium-105-AdjustMaskLayerGeometry-ceilf.patch
    * chromium-105-Trap-raw_ptr.patch
    * chromium-105-browser_finder-include.patch
    * chromium-105-raw_ptr-noexcept.patch
  - add patches
    * chromium-106-ffmpeg-duration.patch
    * chromium-106-AutofillPopupControllerImpl-namespace.patch
* Wed Sep 14 2022 Andreas Stieger <[email protected]>
  - Chromium 105.0.5195.127 (boo#1203419):
    * CVE-2022-3195: Out of bounds write in Storage
    * CVE-2022-3196: Use after free in PDF
    * CVE-2022-3197: Use after free in PDF
    * CVE-2022-3198: Use after free in PDF
    * CVE-2022-3199: Use after free in Frames
    * CVE-2022-3200: Heap buffer overflow in Internals
    * CVE-2022-3201: Insufficient validation of untrusted input in DevTools
    * Various fixes from internal audits, fuzzing and other initiatives
* Thu Sep 08 2022 Callum Farmer <[email protected]>
  - Chromium 105.0.5195.102 (boo#1203102):
    * CVE-2022-3075: Insufficient data validation in Mojo
  - Chromium 105.0.5195.52 (boo#1202964):
    * CVE-2022-3038: Use after free in Network Service
    * CVE-2022-3039: Use after free in WebSQL
    * CVE-2022-3040: Use after free in Layout
    * CVE-2022-3041: Use after free in WebSQL
    * CVE-2022-3042: Use after free in PhoneHub
    * CVE-2022-3043: Heap buffer overflow in Screen Capture
    * CVE-2022-3044: Inappropriate implementation in Site Isolation
    * CVE-2022-3045: Insufficient validation of untrusted input in V8
    * CVE-2022-3046: Use after free in Browser Tag
    * CVE-2022-3071: Use after free in Tab Strip
    * CVE-2022-3047: Insufficient policy enforcement in Extensions API
    * CVE-2022-3048: Inappropriate implementation in Chrome OS lockscreen
    * CVE-2022-3049: Use after free in SplitScreen
    * CVE-2022-3050: Heap buffer overflow in WebUI
    * CVE-2022-3051: Heap buffer overflow in Exosphere
    * CVE-2022-3052: Heap buffer overflow in Window Manager
    * CVE-2022-3053: Inappropriate implementation in Pointer Lock
    * CVE-2022-3054: Insufficient policy enforcement in DevTools
    * CVE-2022-3055: Use after free in Passwords
    * CVE-2022-3056: Insufficient policy enforcement in Content Security Policy
    * CVE-2022-3057: Inappropriate implementation in iframe Sandbox
    * CVE-2022-3058: Use after free in Sign-In Flow
  - Added patches:
    * chromium-105-AdjustMaskLayerGeometry-ceilf.patch
    * chromium-105-Bitmap-include.patch
    * chromium-105-browser_finder-include.patch
    * chromium-105-raw_ptr-noexcept.patch
    * chromium-105-Trap-raw_ptr.patch
    * chromium-105-wayland-1.20.patch
    * chromium-105-compiler.patch
  - Removed patches:
    * chromium-104-compiler.patch
    * chromium-104-ContentRendererClient-type.patch
    * chromium-78-protobuf-RepeatedPtrField-export.patch
* Thu Sep 01 2022 Paolo Stivanin <[email protected]>
  - Update chromium-symbolic.svg: this fixes bsc#1202403.
* Mon Aug 22 2022 Andreas Schwab <[email protected]>
  - Fix quoting in chrome-wrapper, don't put cwd on LD_LIBRARY_PATH
* Thu Aug 18 2022 Andreas Stieger <[email protected]>
  - Chromium 104.0.5112.101 (boo#1202509):
    * CVE-2022-2852: Use after free in FedCM
    * CVE-2022-2854: Use after free in SwiftShader
    * CVE-2022-2855: Use after free in ANGLE
    * CVE-2022-2857: Use after free in Blink
    * CVE-2022-2858: Use after free in Sign-In Flow
    * CVE-2022-2853: Heap buffer overflow in Downloads
    * CVE-2022-2856: Insufficient validation of untrusted input in Intents
    * CVE-2022-2859: Use after free in Chrome OS Shell
    * CVE-2022-2860: Insufficient policy enforcement in Cookies
    * CVE-2022-2861: Inappropriate implementation in Extensions API
* Tue Aug 16 2022 Callum Farmer <[email protected]>
  - Re-enable our version of chrome-wrapper
  - Set no sandbox if root is being used (https://crbug.com/638180)
* Tue Aug 09 2022 Callum Farmer <[email protected]>
  - Chromium 104.0.5112.79 (boo#1202075)
    * CVE-2022-2603: Use after free in Omnibox
    * CVE-2022-2604: Use after free in Safe Browsing
    * CVE-2022-2605: Out of bounds read in Dawn
    * CVE-2022-2606: Use after free in Managed devices API
    * CVE-2022-2607: Use after free in Tab Strip
    * CVE-2022-2608: Use after free in Overview Mode
    * CVE-2022-2609: Use after free in Nearby Share
    * CVE-2022-2610: Insufficient policy enforcement in Background Fetch
    * CVE-2022-2611: Inappropriate implementation in Fullscreen API
    * CVE-2022-2612: Side-channel information leakage in Keyboard input
    * CVE-2022-2613: Use after free in Input
    * CVE-2022-2614: Use after free in Sign-In Flow
    * CVE-2022-2615: Insufficient policy enforcement in Cookies
    * CVE-2022-2616: Inappropriate implementation in Extensions API
    * CVE-2022-2617: Use after free in Extensions API
    * CVE-2022-2618: Insufficient validation of untrusted input in Internals
    * CVE-2022-2619: Insufficient validation of untrusted input in Settings
    * CVE-2022-2620: Use after free in WebUI
    * CVE-2022-2621: Use after free in Extensions
    * CVE-2022-2622: Insufficient validation of untrusted input in Safe Browsing
    * CVE-2022-2623: Use after free in Offline
    * CVE-2022-2624: Heap buffer overflow in PDF
  - Added patches:
    * chromium-104-compiler.patch
    * chromium-104-ContentRendererClient-type.patch
    * chromium-104-tflite-system-zlib.patch
  - Removed patches:
    * chromium-103-SubstringSetMatcher-packed.patch
    * chromium-103-FrameLoadRequest-type.patch
    * chromium-103-compiler.patch
  - Use FFmpeg 5.1 on TW
* Sat Jul 23 2022 Callum Farmer <[email protected]>
  - Switch back to Clang so that we can use BTI on aarch64
    * Gold is too old - doesn't understand BTI
    * LD crashes on aarch64
  - Re-enable LTO
  - Prepare move to FFmpeg 5 for new channel layout
    (requires 5.1+)
* Wed Jul 20 2022 Andreas Stieger <[email protected]>
  - Chromium 103.0.5060.134 (boo#1201679):
    * CVE-2022-2477 : Use after free in Guest View
    * CVE-2022-2478 : Use after free in PDF
    * CVE-2022-2479 : Insufficient validation of untrusted input in File
    * CVE-2022-2480 : Use after free in Service Worker API
    * CVE-2022-2481: Use after free in Views
    * CVE-2022-2163: Use after free in Cast UI and Toolbar
    * Various fixes from internal audits, fuzzing and other initiatives
* Sat Jul 09 2022 Andreas Stieger <[email protected]>
  - Chromium 103.0.5060.114 (boo#1201216)
    * CVE-2022-2294: Heap buffer overflow in WebRTC
    * CVE-2022-2295: Type Confusion in V8
    * CVE-2022-2296: Use after free in Chrome OS Shell
* Thu Jul 07 2022 Andreas Stieger <[email protected]>
  - Chromium 103.0.5060.66
    * no upstream release notes
* Sat Jun 25 2022 Callum Farmer <[email protected]>
  - Chromium 103.0.5060.53 (boo#1200783)
    * CVE-2022-2156: Use after free in Base
    * CVE-2022-2157: Use after free in Interest groups
    * CVE-2022-2158: Type Confusion in V8
    * CVE-2022-2160: Insufficient policy enforcement in DevTools
    * CVE-2022-2161: Use after free in WebApp Provider
    * CVE-2022-2162: Insufficient policy enforcement in File System API
    * CVE-2022-2163: Use after free in Cast UI and Toolbar
    * CVE-2022-2164: Inappropriate implementation in Extensions API
    * CVE-2022-2165: Insufficient data validation in URL formatting
  - Added patches:
    * chromium-103-FrameLoadRequest-type.patch
    * chromium-103-SubstringSetMatcher-packed.patch
    * chromium-103-VirtualCursor-std-layout.patch
    * chromium-103-compiler.patch
  - Removed patches:
    * chromium-102-compiler.patch
    * chromium-91-sql-standard-layout-type.patch
    * chromium-101-libxml-unbundle.patch
    * chromium-102-fenced_frame_utils-include.patch
    * chromium-102-swiftshader-template-instantiation.patch
    * chromium-102-symbolize-include.patch
    * chromium-97-arm-tflite-cast.patch
    * chromium-97-ScrollView-reference.patch
* Fri Jun 10 2022 Andreas Stieger <[email protected]>
  - Chromium 102.0.5005.115 (boo#1200423)
    * CVE-2022-2007: Use after free in WebGPU
    * CVE-2022-2008: Out of bounds memory access in WebGL
    * CVE-2022-2010: Out of bounds read in compositing
    * CVE-2022-2011: Use after free in ANGLE
* Wed Jun 08 2022 Callum Farmer <[email protected]>
  - Switch to GTK4 on TW and Leap 15.4+ (boo#1200139)
* Wed Jun 01 2022 Callum Farmer <[email protected]>
  - Disable ARM control flow integrity, it causes build issues
    at the moment
  - Try a different SVG (black logo on GNOME)
  - Removed patches:
    * chromium-third_party-symbolize-missing-include.patch
    (replaced by chromium-102-symbolize-include.patch)
* Fri May 27 2022 Callum Farmer <[email protected]>
  - Chromium 102.0.5001.61 (boo#1199893)
    * CVE-2022-1853: Use after free in Indexed DB
    * CVE-2022-1854: Use after free in ANGLE
    * CVE-2022-1855: Use after free in Messaging
    * CVE-2022-1856: Use after free in User Education
    * CVE-2022-1857: Insufficient policy enforcement in File System API
    * CVE-2022-1858: Out of bounds read in DevTools
    * CVE-2022-1859: Use after free in Performance Manager
    * CVE-2022-1860: Use after free in UI Foundations
    * CVE-2022-1861: Use after free in Sharing
    * CVE-2022-1862: Inappropriate implementation in Extensions
    * CVE-2022-1863: Use after free in Tab Groups
    * CVE-2022-1864: Use after free in WebApp Installs
    * CVE-2022-1865: Use after free in Bookmarks
    * CVE-2022-1866: Use after free in Tablet Mode
    * CVE-2022-1867: Insufficient validation of untrusted input in Data Transfer
    * CVE-2022-1868: Inappropriate implementation in Extensions API
    * CVE-2022-1869: Type Confusion in V8
    * CVE-2022-1870: Use after free in App Service
    * CVE-2022-1871: Insufficient policy enforcement in File System API
    * CVE-2022-1872: Insufficient policy enforcement in Extensions API
    * CVE-2022-1873: Insufficient policy enforcement in COOP
    * CVE-2022-1874: Insufficient policy enforcement in Safe Browsing
    * CVE-2022-1875: Inappropriate implementation in PDF
    * CVE-2022-1876: Heap buffer overflow in DevTools
  - Added patches:
    * chromium-102-compiler.patch
    * chromium-102-fenced_frame_utils-include.patch
    * chromium-102-regex_pattern-array.patch
    * chromium-102-swiftshader-template-instantiation.patch
    * chromium-102-symbolize-include.patch
    * ffmpeg-new-channel-layout.patch
  - Removed patches:
    * chromium-100-compiler.patch
    * chromium-80-QuicStreamSendBuffer-deleted-move-constructor.patch
    * chromium-95-quiche-include.patch
    * chromium-fix-swiftshader-template.patch
    * chromium-missing-include-tuple.patch
    * chromium-webrtc-stats-missing-vector.patch
    * chromium-101-segmentation_platform-type.patch
* Sun May 15 2022 Andreas Stieger <[email protected]>
  - Chromium 101.0.4951.67
    * fixes for other platforms
* Wed May 11 2022 Andreas Stieger <[email protected]>
  - Chromium 101.0.4951.64 (boo#1199409)
    * CVE-2022-1633: Use after free in Sharesheet
    * CVE-2022-1634: Use after free in Browser UI
    * CVE-2022-1635: Use after free in Permission Prompts
    * CVE-2022-1636: Use after free in Performance APIs
    * CVE-2022-1637: Inappropriate implementation in Web Contents
    * CVE-2022-1638: Heap buffer overflow in V8 Internationalization
    * CVE-2022-1639: Use after free in ANGLE
    * CVE-2022-1640: Use after free in Sharing
    * CVE-2022-1641: Use after free in Web UI Diagnostics
* Wed May 04 2022 Callum Farmer <[email protected]>
  - Chromium 101.0.4951.54 (boo#1199118)
  - Chromium 101.0.4951.41 (boo#1198917)
    * CVE-2022-1477: Use after free in Vulkan
    * CVE-2022-1478: Use after free in SwiftShader
    * CVE-2022-1479: Use after free in ANGLE
    * CVE-2022-1480: Use after free in Device API
    * CVE-2022-1481: Use after free in Sharing
    * CVE-2022-1482: Inappropriate implementation in WebGL
    * CVE-2022-1483: Heap buffer overflow in WebGPU
    * CVE-2022-1484: Heap buffer overflow in Web UI Settings
    * CVE-2022-1485: Use after free in File System API
    * CVE-2022-1486: Type Confusion in V8
    * CVE-2022-1487: Use after free in Ozone
    * CVE-2022-1488: Inappropriate implementation in Extensions API
    * CVE-2022-1489: Out of bounds memory access in UI Shelf
    * CVE-2022-1490: Use after free in Browser Switcher
    * CVE-2022-1491: Use after free in Bookmarks
    * CVE-2022-1492: Insufficient data validation in Blink Editing
    * CVE-2022-1493: Use after free in Dev Tools
    * CVE-2022-1494: Insufficient data validation in Trusted Types
    * CVE-2022-1495: Incorrect security UI in Downloads
    * CVE-2022-1496: Use after free in File Manager
    * CVE-2022-1497: Inappropriate implementation in Input
    * CVE-2022-1498: Inappropriate implementation in HTML Parser
    * CVE-2022-1499: Inappropriate implementation in WebAuthentication
    * CVE-2022-1500: Insufficient data validation in Dev Tools
    * CVE-2022-1501: Inappropriate implementation in iframe
  - Added patches:
    * chromium-101-libxml-unbundle.patch
    * chromium-101-segmentation_platform-type.patch
  - Removed patches:
    * chromium-100-SCTHashdanceMetadata-move.patch
    * chromium-100-GLImplementationParts-constexpr.patch
    * chromium-100-macro-typo.patch
* Thu Apr 21 2022 Callum Farmer <[email protected]>
  - Fixes for go 1.18
* Fri Apr 15 2022 Andreas Stieger <[email protected]>
  - Chromium 100.0.4896.127 (boo#1198509)
    * CVE-2022-1364: Type Confusion in V8
    * Various fixes from internal audits, fuzzing and other initiatives
* Tue Apr 12 2022 Andreas Stieger <[email protected]>
  - Chromium 100.0.4896.88 (boo#1198361)
    * CVE-2022-1305: Use after free in storage
    * CVE-2022-1306: Inappropriate implementation in compositing
    * CVE-2022-1307: Inappropriate implementation in full screen
    * CVE-2022-1308: Use after free in BFCache
    * CVE-2022-1309: Insufficient policy enforcement in developer tools
    * CVE-2022-1310: Use after free in regular expressions
    * CVE-2022-1311: Use after free in Chrome OS shell
    * CVE-2022-1312: Use after free in storage
    * CVE-2022-1313: Use after free in tab groups
    * CVE-2022-1314: Type Confusion in V8
    * Various fixes from internal audits, fuzzing and other initiatives
* Sun Apr 10 2022 Callum Farmer <[email protected]>
  - Patches for GCC 12:
    * chromium-fix-swiftshader-template.patch
    * chromium-missing-include-tuple.patch
    * chromium-webrtc-stats-missing-vector.patch
* Tue Apr 05 2022 Andreas Stieger <[email protected]>
  - Chromium 100.0.4896.75:
    * CVE-2022-1232: Type Confusion in V8 (boo#1198053)
* Wed Mar 30 2022 Callum Farmer <[email protected]>
  - Chromium 100.0.4896.60 (boo#1197680)
    * CVE-2022-1125: Use after free in Portals
    * CVE-2022-1127: Use after free in QR Code Generator
    * CVE-2022-1128: Inappropriate implementation in Web Share API
    * CVE-2022-1129: Inappropriate implementation in Full Screen Mode
    * CVE-2022-1130: Insufficient validation of untrusted input in WebOTP
    * CVE-2022-1131: Use after free in Cast UI
    * CVE-2022-1132: Inappropriate implementation in Virtual Keyboard
    * CVE-2022-1133: Use after free in WebRTC
    * CVE-2022-1134: Type Confusion in V8
    * CVE-2022-1135: Use after free in Shopping Cart
    * CVE-2022-1136: Use after free in Tab Strip
    * CVE-2022-1137: Inappropriate implementation in Extensions
    * CVE-2022-1138: Inappropriate implementation in Web Cursor
    * CVE-2022-1139: Inappropriate implementation in Background Fetch API
    * CVE-2022-1141: Use after free in File Manager
    * CVE-2022-1142: Heap buffer overflow in WebUI
    * CVE-2022-1143: Heap buffer overflow in WebUI
    * CVE-2022-1144: Use after free in WebUI
    * CVE-2022-1145: Use after free in Extensions
    * CVE-2022-1146: Inappropriate implementation in Resource Timing
  - Added patches:
    * chromium-100-compiler.patch
    * chromium-100-GLImplementationParts-constexpr.patch
    * chromium-100-InMilliseconds-constexpr.patch
    * chromium-100-SCTHashdanceMetadata-move.patch
    * chromium-100-macro-typo.patch
  - Removed patches:
    * chromium-98-compiler.patch
    * chromium-86-nearby-explicit.patch
    * chromium-glibc-2.34.patch
    * chromium-v8-missing-utility-include.patch
    * chromium-99-AutofillAssistantModelExecutor-NoDestructor.patch
* Tue Mar 29 2022 Andreas Schwab <[email protected]>
  - Update disk constraints
* Sat Mar 26 2022 Andreas Stieger <[email protected]>
  - Chromium 99.0.4844.84:
    * CVE-2022-1096: Type Confusion in V8 (boo#1197552)
* Mon Mar 21 2022 Andreas Stieger <[email protected]>
  - Chromium 99.0.4844.82:
    * Fix potential problem in Hangouts (boo#1197332)
* Wed Mar 16 2022 Andreas Stieger <[email protected]>
  - Chromium 99.0.4844.74 (boo#1197163)
    * CVE-2022-0971: Use after free in Blink Layout
    * CVE-2022-0972: Use after free in Extensions
    * CVE-2022-0973: Use after free in Safe Browsing
    * CVE-2022-0974: Use after free in Splitscreen
    * CVE-2022-0975: Use after free in ANGLE
    * CVE-2022-0976: Heap buffer overflow in GPU
    * CVE-2022-0977: Use after free in Browser UI
    * CVE-2022-0978: Use after free in ANGLE
    * CVE-2022-0979: Use after free in Safe Browsing
    * CVE-2022-0980: Use after free in New Tab Page
    * Various fixes from internal audits, fuzzing and other initiatives
* Fri Mar 04 2022 Callum Farmer <[email protected]>
  - Chromium 99.0.4844.51 (boo#1196641)
    * CVE-2022-0789: Heap buffer overflow in ANGLE
    * CVE-2022-0790: Use after free in Cast UI
    * CVE-2022-0791: Use after free in Omnibox
    * CVE-2022-0792: Out of bounds read in ANGLE
    * CVE-2022-0793: Use after free in Views
    * CVE-2022-0794: Use after free in WebShare
    * CVE-2022-0795: Type Confusion in Blink Layout
    * CVE-2022-0796: Use after free in Media
    * CVE-2022-0797: Out of bounds memory access in Mojo
    * CVE-2022-0798: Use after free in MediaStream
    * CVE-2022-0799: Insufficient policy enforcement in Installer
    * CVE-2022-0800: Heap buffer overflow in Cast UI
    * CVE-2022-0801: Inappropriate implementation in HTML parser
    * CVE-2022-0802: Inappropriate implementation in Full screen mode
    * CVE-2022-0803: Inappropriate implementation in Permissions
    * CVE-2022-0804: Inappropriate implementation in Full screen mode
    * CVE-2022-0805: Use after free in Browser Switcher
    * CVE-2022-0806: Data leak in Canvas
    * CVE-2022-0807: Inappropriate implementation in Autofill
    * CVE-2022-0808: Use after free in Chrome OS Shell
    * CVE-2022-0809: Out of bounds memory access in WebXR
  - Removed patches:
    * chromium-96-EnumTable-crash.patch
    * chromium-89-missing-cstring-header.patch
    * chromium-95-libyuv-aarch64.patch
    * chromium-95-libyuv-arm.patch
    * chromium-98-MiraclePtr-gcc-ice.patch
    * chromium-98-WaylandFrameManager-check.patch
  - Added patches:
    * chromium-97-arm-tflite-cast.patch
    * chromium-98-gtk4-build.patch
    * chromium-99-AutofillAssistantModelExecutor-NoDestructor.patch
    * chromium-98-EnumTable-crash.patch
    * chromium-third_party-symbolize-missing-include.patch
    * chromium-v8-missing-utility-include.patch
* Tue Feb 15 2022 Andreas Stieger <[email protected]>
  - Chromium 98.0.4758.102 (boo#1195986)
    * CVE-2022-0603: Use after free in File Manager
    * CVE-2022-0604: Heap buffer overflow in Tab Groups
    * CVE-2022-0605: Use after free in Webstore API
    * CVE-2022-0606: Use after free in ANGLE
    * CVE-2022-0607: Use after free in GPU
    * CVE-2022-0608: Integer overflow in Mojo
    * CVE-2022-0609: Use after free in Animation
    * CVE-2022-0610: Inappropriate implementation in Gamepad API
    * Various fixes from internal audits, fuzzing and other initiatives
* Thu Feb 03 2022 Andreas Stieger <[email protected]>
  - Chromium 98.0.4758.80 (boo#1195420)
    * CVE-2022-0452: Use after free in Safe Browsing
    * CVE-2022-0453: Use after free in Reader Mode
    * CVE-2022-0454: Heap buffer overflow in ANGLE
    * CVE-2022-0455: Inappropriate implementation in Full Screen Mode
    * CVE-2022-0456: Use after free in Web Search
    * CVE-2022-0457: Type Confusion in V8
    * CVE-2022-0459: Use after free in Screen Capture
    * CVE-2022-0460: Use after free in Window Dialog
    * CVE-2022-0461: Policy bypass in COOP
    * CVE-2022-0462: Inappropriate implementation in Scroll
    * CVE-2022-0463: Use after free in Accessibility
    * CVE-2022-0464: Use after free in Accessibility
    * CVE-2022-0465: Use after free in Extensions
    * CVE-2022-0466: Inappropriate implementation in Extensions Platform
    * CVE-2022-0467: Inappropriate implementation in Pointer Lock
    * CVE-2022-0468: Use after free in Payments
    * CVE-2022-0469: Use after free in Cast
    * CVE-2022-0470: Out of bounds memory access in V8
    * Various fixes from internal audits, fuzzing and other initiatives
  - drop upstreamed patches:
    * chromium-97-Point-constexpr.patch
  - add patches:
    * chromium-98-MiraclePtr-gcc-ice.patch
    * chromium-98-WaylandFrameManager-check.patch
  - change chromium-97-compiler.patch to chromium-98-compiler.patch
* Fri Jan 21 2022 Andreas Stieger <[email protected]>
  - Chromium 97.0.4692.99 (boo#1194919):
    * CVE-2022-0289: Use after free in Safe browsing
    * CVE-2022-0290: Use after free in Site isolation
    * CVE-2022-0291: Inappropriate implementation in Storage
    * CVE-2022-0292: Inappropriate implementation in Fenced Frames
    * CVE-2022-0293: Use after free in Web packaging
    * CVE-2022-0294: Inappropriate implementation in Push messaging
    * CVE-2022-0295: Use after free in Omnibox
    * CVE-2022-0296: Use after free in Printing
    * CVE-2022-0297: Use after free in Vulkan
    * CVE-2022-0298: Use after free in Scheduling
    * CVE-2022-0300: Use after free in Text Input Method Editor
    * CVE-2022-0301: Heap buffer overflow in DevTools
    * CVE-2022-0302: Use after free in Omnibox
    * CVE-2022-0303: Race in GPU Watchdog
    * CVE-2022-0304: Use after free in Bookmarks
    * CVE-2022-0305: Inappropriate implementation in Service Worker API
    * CVE-2022-0306: Heap buffer overflow in PDFium
    * CVE-2022-0307: Use after free in Optimization Guide
    * CVE-2022-0308: Use after free in Data Transfer
    * CVE-2022-0309: Inappropriate implementation in Autofill
    * CVE-2022-0310: Heap buffer overflow in Task Manager
    * CVE-2022-0311: Heap buffer overflow in Task Manager
    * Various fixes from internal audits, fuzzing and other initiatives
  - drop upstreamed patches:
    * fix-tag-dragging-in-Mutter.patch
    * fix-tag-dragging-in-KWin.patch
* Thu Jan 20 2022 Callum Farmer <[email protected]>
  - Revert chromium-94-ffmpeg-roll.patch on TW: fix moved to
    FFmpeg
* Tue Jan 11 2022 Callum Farmer <[email protected]>
  - Chromium 97.0.4692.71 (boo#1194331):
    * CVE-2022-0096: Use after free in Storage
    * CVE-2022-0097: Inappropriate implementation in DevTools
    * CVE-2022-0098: Use after free in Screen Capture
    * CVE-2022-0099: Use after free in Sign-in
    * CVE-2022-0100: Heap buffer overflow in Media streams API
    * CVE-2022-0101: Heap buffer overflow in Bookmarks
    * CVE-2022-0102: Type Confusion in V8
    * CVE-2022-0103: Use after free in SwiftShader
    * CVE-2022-0104: Heap buffer overflow in ANGLE
    * CVE-2022-0105: Use after free in PDF
    * CVE-2022-0106: Use after free in Autofill
    * CVE-2022-0107: Use after free in File Manager API
    * CVE-2022-0108: Inappropriate implementation in Navigation
    * CVE-2022-0109: Inappropriate implementation in Autofill
    * CVE-2022-0110: Incorrect security UI in Autofill
    * CVE-2022-0111: Inappropriate implementation in Navigation
    * CVE-2022-0112: Incorrect security UI in Browser UI
    * CVE-2022-0113: Inappropriate implementation in Blink
    * CVE-2022-0114: Out of bounds memory access in Web Serial
    * CVE-2022-0115: Uninitialized Use in File API
    * CVE-2022-0116: Inappropriate implementation in Compositing
    * CVE-2022-0117: Policy bypass in Service Workers
    * CVE-2022-0118: Inappropriate implementation in WebShare
    * CVE-2022-0120: Inappropriate implementation in Passwords
  - Removed patches:
    * chromium-96-CommandLine-include.patch
    * chromium-96-RestrictedCookieManager-tuple.patch
    * chromium-96-DrmRenderNodePathFinder-include.patch
    * chromium-96-CouponDB-include.patch
    * chromium-96-freetype-unbundle.patch
    * chromium-96-compiler.patch
    * chromium-vaapi.patch
    * chromium-86-nearby-include.patch
  - Added patches:
    * chromium-97-compiler.patch
    * chromium-97-Point-constexpr.patch
    * chromium-97-ScrollView-reference.patch
    * chromium-95-libyuv-arm.patch
    * fix-tag-dragging-in-KWin.patch
    * fix-tag-dragging-in-Mutter.patch
* Thu Dec 30 2021 Callum Farmer <[email protected]>
  - Revert wayland fixes because it doesn't handle GPU correctly
    (boo#1194182)
* Thu Dec 30 2021 Martin Liška <[email protected]>
  - Use GCC 11, but disable LTO (boo#1194055).
* Wed Dec 29 2021 Callum Farmer <[email protected]>
  - Use our own copy of the wrapper so that we can use the fixes
    for Wayland
* Mon Dec 27 2021 Callum Farmer <[email protected]>
  - Define GNU_SOURCE and fix the below patched issues
  - Removed patches:
    * chromium-86-f_seal.patch
    * chromium-90-fseal.patch
* Fri Dec 24 2021 Callum Farmer <[email protected]>
  - Added patches:
    * chromium-96-freetype-unbundle.patch
    * chromium-96-EnumTable-crash.patch
  - Unbundle freetype on TW
  - Unbundle icu on 15.4
  - Disable lto and update _constraints on aarch64
  - Remove MEIPreload: it gets installed through component updater
* Wed Dec 15 2021 Callum Farmer <[email protected]>
  - Revert to gcc10 on TW: gcc11 is entirely broken
  - No auto thread LTO: linker crash on ARM
* Tue Dec 14 2021 Andreas Stieger <[email protected]>
  - Chromium 96.0.4664.110 (boo#1193713):
    * CVE-2021-4098: Insufficient data validation in Mojo
    * CVE-2021-4099: Use after free in Swiftshader
    * CVE-2021-4100: Object lifecycle issue in ANGLE
    * CVE-2021-4101: Heap buffer overflow in Swiftshader
    * CVE-2021-4102: Use after free in V8
* Thu Dec 09 2021 Callum Farmer <[email protected]>
  - Lord of the Browsers: The Two Compilers:
    * Go back to GCC
    * GCC: LTO removes needed assembly symbols
    * Clang: issues with libstdc++
  - Chromium 96.0.4664.93 (boo#1193519):
    * CVE-2021-4052: Use after free in web apps
    * CVE-2021-4053: Use after free in UI
    * CVE-2021-4079: Out of bounds write in WebRTC
    * CVE-2021-4054: Incorrect security UI in autofill
    * CVE-2021-4078: Type confusion in V8
    * CVE-2021-4055: Heap buffer overflow in extensions
    * CVE-2021-4056: Type Confusion in loader
    * CVE-2021-4057: Use after free in file API
    * CVE-2021-4058: Heap buffer overflow in ANGLE
    * CVE-2021-4059: Insufficient data validation in loader
    * CVE-2021-4061: Type Confusion in V8
    * CVE-2021-4062: Heap buffer overflow in BFCache
    * CVE-2021-4063: Use after free in developer tools
    * CVE-2021-4064: Use after free in screen capture
    * CVE-2021-4065: Use after free in autofill
    * CVE-2021-4066: Integer underflow in ANGLE
    * CVE-2021-4067: Use after free in window manager
    * CVE-2021-4068: Insufficient validation of untrusted input in new tab page
  - Chromium 96.0.4664.45 (boo#1192734):
    * CVE-2021-38007: Type Confusion in V8
    * CVE-2021-38008: Use after free in media
    * CVE-2021-38009: Inappropriate implementation in cache
    * CVE-2021-38006: Use after free in storage foundation
    * CVE-2021-38005: Use after free in loader
    * CVE-2021-38010: Inappropriate implementation in service workers
    * CVE-2021-38011: Use after free in storage foundation
    * CVE-2021-38012: Type Confusion in V8
    * CVE-2021-38013: Heap buffer overflow in fingerprint recognition
    * CVE-2021-38014: Out of bounds write in Swiftshader
    * CVE-2021-38015: Inappropriate implementation in input
    * CVE-2021-38016: Insufficient policy enforcement in background fetch
    * CVE-2021-38017: Insufficient policy enforcement in iframe sandbox
    * CVE-2021-38018: Inappropriate implementation in navigation
    * CVE-2021-38019: Insufficient policy enforcement in CORS
    * CVE-2021-38020: Insufficient policy enforcement in contacts picker
    * CVE-2021-38021: Inappropriate implementation in referrer
    * CVE-2021-38022: Inappropriate implementation in WebAuthentication
  - Removed old patches:
    * chromium-95-compiler.patch
    * chromium-95-BitstreamReader-namespace.patch
    * chromium-95-system-zlib.patch
    * chromium-older-harfbuzz.patch
    * pipewire-do-not-typecheck-the-portal-session_handle.patch
  - Removed build breaking patches:
    * chromium-93-EnumTable-crash.patch
  - Added patches:
    * chromium-96-compiler.patch
    * chromium-96-CommandLine-include.patch
    * chromium-96-RestrictedCookieManager-tuple.patch
    * chromium-96-DrmRenderNodePathFinder-include.patch
    * chromium-96-CouponDB-include.patch
  - Changed patches:
    * gcc-enable-lto.patch: see above
* Fri Nov 19 2021 Callum Farmer <[email protected]>
  - Ensure newer libs and LLVM is used on Leap (boo#1192310)
* Wed Nov 17 2021 Steve Kowalik <[email protected]>
  - Explicitly BuildRequire python3-six.
* Sun Oct 31 2021 Andreas Stieger <[email protected]>
  - Chromium 95.0.4638.69 (boo#1192184):
    * CVE-2021-37997: Use after free in Sign-In
    * CVE-2021-37998: Use after free in Garbage Collection
    * CVE-2021-37999: Insufficient data validation in New Tab Page
    * CVE-2021-38000: Insufficient validation of untrusted input in Intents
    * CVE-2021-38001: Type Confusion in V8
    * CVE-2021-38002: Use after free in Web Transport
    * CVE-2021-38003: Inappropriate implementation in V8
* Sun Oct 24 2021 Callum Farmer <[email protected]>
  - Chromium 95.0.4638.54 (boo#1191844):
    * CVE-2021-37981: Heap buffer overflow in Skia
    * CVE-2021-37982: Use after free in Incognito
    * CVE-2021-37983: Use after free in Dev Tools
    * CVE-2021-37984: Heap buffer overflow in PDFium
    * CVE-2021-37985: Use after free in V8
    * CVE-2021-37986: Heap buffer overflow in Settings
    * CVE-2021-37987: Use after free in Network APIs
    * CVE-2021-37988: Use after free in Profiles
    * CVE-2021-37989: Inappropriate implementation in Blink
    * CVE-2021-37990: Inappropriate implementation in WebView
    * CVE-2021-37991: Race in V8
    * CVE-2021-37992: Out of bounds read in WebAudio
    * CVE-2021-37993: Use after free in PDF Accessibility
    * CVE-2021-37996: Insufficient validation of untrusted input in Downloads
    * CVE-2021-37994: Inappropriate implementation in iFrame Sandbox
    * CVE-2021-37995: Inappropriate implementation in WebApp Installer
  - Added patches:
    * chromium-95-BitstreamReader-namespace.patch
    * chromium-95-compiler.patch
    * chromium-95-libyuv-aarch64.patch
    * chromium-95-quiche-include.patch
    * chromium-95-system-zlib.patch
  - Removed patches:
    * chromium-94-compiler.patch
    * chromium-91-libyuv-aarch64.patch
    * chromium-90-ruy-include.patch
    * chromium-94-CustomSpaces-include.patch
* Sat Oct 16 2021 Callum Farmer <[email protected]>
  - Remove Python 2 requirement
* Sat Oct 09 2021 Callum Farmer <[email protected]>
  - Disable DCHECK(): that's for debug only
* Sat Oct 09 2021 Callum Farmer <[email protected]>
  - Add pipewire-do-not-typecheck-the-portal-session_handle.patch:
    fix WebRTC with xdg-desktop-portal 1.10
* Fri Oct 08 2021 Callum Farmer <[email protected]>
  - Chromium 94.0.4606.81 (boo#1191463):
    * CVE-2021-37977: Use after free in Garbage Collection
    * CVE-2021-37978: Heap buffer overflow in Blink
    * CVE-2021-37979: Heap buffer overflow in WebRTC
    * CVE-2021-37980: Inappropriate implementation in Sandbox
  - Re-add after accidental deletion:
    * chromium-93-InkDropHost-crash.patch
* Sun Oct 03 2021 Callum Farmer <[email protected]>
  - Chromium 94.0.4606.54 (boo#1190765):
    * CVE-2021-37956: Use after free in Offline use
    * CVE-2021-37957: Use after free in WebGPU
    * CVE-2021-37958: Inappropriate implementation in Navigation
    * CVE-2021-37959: Use after free in Task Manager
    * CVE-2021-37960: Inappropriate implementation in Blink graphics
    * CVE-2021-37961: Use after free in Tab Strip
    * CVE-2021-37962: Use after free in Performance Manager
    * CVE-2021-37963: Side-channel information leakage in DevTools
    * CVE-2021-37964: Inappropriate implementation in ChromeOS Networking
    * CVE-2021-37965: Inappropriate implementation in Background Fetch API
    * CVE-2021-37966: Inappropriate implementation in Compositing
    * CVE-2021-37967: Inappropriate implementation in Background Fetch API
    * CVE-2021-37968: Inappropriate implementation in Background Fetch API
    * CVE-2021-37969: Inappropriate implementation in Google Updater
    * CVE-2021-37970: Use after free in File System API
    * CVE-2021-37971: Incorrect security UI in Web Browser UI
    * CVE-2021-37972: Out of bounds read in libjpeg-turbo
  - Chromium 94.0.4606.61 (boo#1191166):
    * CVE-2021-37973: Use after free in Portals
  - Chromium 94.0.4606.71 (boo#1191204):
    * CVE-2021-37974 : Use after free in Safe Browsing
    * CVE-2021-37975 : Use after free in V8
    * CVE-2021-37976 : Information leak in core
  - Added patches:
    * chromium-94-CustomSpaces-include.patch
    * chromium-94-sql-no-assert.patch
    * chromium-older-harfbuzz.patch
    * chromium-94-ffmpeg-roll.patch
    * chromium-94-compiler.patch
  - Removed patches:
    * chromium-freetype-2.11.patch
    * chromium-93-ContextSet-permissive.patch
    * chromium-93-ClassProperty-include.patch
    * chromium-93-BluetoothLowEnergyScanFilter-include.patch
    * chromium-93-HashPasswordManager-include.patch
    * chromium-93-pdfium-include.patch
    * chromium-93-DevToolsEmbedderMessageDispatcher-include.patch
    * chromium-93-FormForest-constexpr.patch
    * chromium-93-ScopedTestDialogAutoConfirm-include.patch
    * chromium-93-InkDropHost-crash.patch
    * chromium-91-compiler.patch
    * chromium-glibc-2.33.patch
    * chromium-shim_headers.patch
* Sat Sep 18 2021 Callum Farmer <[email protected]>
  - Add patch to fix Leap 15.2 build:
    * chromium-ffmpeg-lp152.patch
  - Change system-libdrm.patch: add to unbundle instead of changing
    header path
* Wed Sep 15 2021 Callum Farmer <[email protected]>
  - Chromium 93.0.4577.63 (boo#1190096):
    * CVE-2021-30606: Use after free in Blink
    * CVE-2021-30607: Use after free in Permissions
    * CVE-2021-30608: Use after free in Web Share
    * CVE-2021-30609: Use after free in Sign-In
    * CVE-2021-30610: Use after free in Extensions API
    * CVE-2021-30611: Use after free in WebRTC
    * CVE-2021-30612: Use after free in WebRTC
    * CVE-2021-30613: Use after free in Base internals
    * CVE-2021-30614: Heap buffer overflow in TabStrip
    * CVE-2021-30615: Cross-origin data leak in Navigation
    * CVE-2021-30616: Use after free in Media
    * CVE-2021-30617: Policy bypass in Blink
    * CVE-2021-30618: Inappropriate implementation in DevTools
    * CVE-2021-30619: UI Spoofing in Autofill
    * CVE-2021-30620: Insufficient policy enforcement in Blink
    * CVE-2021-30621: UI Spoofing in Autofill
    * CVE-2021-30622: Use after free in WebApp Installs
    * CVE-2021-30623: Use after free in Bookmarks
    * CVE-2021-30624: Use after free in Autofill
  - Chromium 93.0.4577.82 (boo#1190476):
    * CVE-2021-30625: Use after free in Selection API
    * CVE-2021-30626: Out of bounds memory access in ANGLE
    * CVE-2021-30627: Type Confusion in Blink layout
    * CVE-2021-30628: Stack buffer overflow in ANGLE
    * CVE-2021-30629: Use after free in Permissions
    * CVE-2021-30630: Inappropriate implementation in Blink
    * CVE-2021-30631: Type Confusion in Blink layout
    * CVE-2021-30632: Out of bounds write in V8
    * CVE-2021-30633: Use after free in Indexed DB API
  - Removed patches:
    * chromium-88-gcc-fix-swiftshader-libEGL-visibility.patch
    * chromium-92-v8-constexpr.patch
    * chromium-no-writeprotection.patch
    * chromium-92-EnumTable-crash.patch
  - Added patches:
    * chromium-93-ContextSet-permissive.patch
    * chromium-93-ClassProperty-include.patch
    * chromium-93-BluetoothLowEnergyScanFilter-include.patch
    * chromium-93-HashPasswordManager-include.patch
    * chromium-93-pdfium-include.patch
    * chromium-93-DevToolsEmbedderMessageDispatcher-include.patch
    * chromium-93-FormForest-constexpr.patch
    * chromium-93-ScopedTestDialogAutoConfirm-include.patch
    * chromium-93-InkDropHost-crash.patch
    * chromium-93-ffmpeg-4.4.patch
    * chromium-93-EnumTable-crash.patch
* Sun Aug 29 2021 Callum Farmer <[email protected]>
  - Updated chromium-glibc-2.34.patch: Fix PTHREAD_STACK_MIN errors
    with glibc 2.34
* Tue Aug 17 2021 Andreas Stieger <[email protected]>
  - Chromium 92.0.4515.159 (boo#1189490):
    * CVE-2021-30598: Type Confusion in V8
    * CVE-2021-30599: Type Confusion in V8
    * CVE-2021-30600: Use after free in Printing
    * CVE-2021-30601: Use after free in Extensions API
    * CVE-2021-30602: Use after free in WebRTC
    * CVE-2021-30603: Race in WebAudio
    * CVE-2021-30604: Use after free in ANGLE
    * Various fixes from internal audits, fuzzing and other initiatives
* Sun Aug 15 2021 Callum Farmer <[email protected]>
  - Add missing crashpad_handler (boo#1189254)
* Fri Aug 06 2021 Callum Farmer <[email protected]>
  - Chromium 92.0.4515.131 (boo#1189006)
    * CVE-2021-30590: Heap buffer overflow in Bookmarks
    * CVE-2021-30591: Use after free in File System API
    * CVE-2021-30592: Out of bounds write in Tab Groups
    * CVE-2021-30593: Out of bounds read in Tab Strip
    * CVE-2021-30594: Use after free in Page Info UI
    * CVE-2021-30596: Incorrect security UI in Navigation
    * CVE-2021-30597: Use after free in Browser UI
  - Removed patches:
    * chromium-92-GetUsableSize-nullptr.patch
  - Added patches:
    * chromium-no-writeprotection.patch
    * chromium-glibc-2.34.patch
* Sun Aug 01 2021 Callum Farmer <[email protected]>
  - Chromium 92.0.4515.107 (boo#1188590)
    * CVE-2021-30565: Out of bounds write in Tab Groups
    * CVE-2021-30566: Stack buffer overflow in Printing
    * CVE-2021-30567: Use after free in DevTools
    * CVE-2021-30568: Heap buffer overflow in WebGL
    * CVE-2021-30569: Use after free in sqlite
    * CVE-2021-30571: Insufficient policy enforcement in DevTools
    * CVE-2021-30572: Use after free in Autofill
    * CVE-2021-30573: Use after free in GPU
    * CVE-2021-30574: Use after free in protocol handling
    * CVE-2021-30575: Out of bounds read in Autofill
    * CVE-2021-30576: Use after free in DevTools
    * CVE-2021-30577: Insufficient policy enforcement in Installer
    * CVE-2021-30578: Uninitialized Use in Media
    * CVE-2021-30579: Use after free in UI framework
    * CVE-2021-30581: Use after free in DevTools
    * CVE-2021-30582: Inappropriate implementation in Animation
    * CVE-2021-30584: Incorrect security UI in Downloads
    * CVE-2021-30585: Use after free in sensor handling
    * CVE-2021-30588: Type Confusion in V8
    * CVE-2021-30589: Insufficient validation of untrusted input in Sharing
  - Switched from GCC+LTO to Clang+ThinLTO due to errors
  - Removed patches:
    * chromium-90-compiler.patch
    * chromium-89-EnumTable-crash.patch
    * chromium-86-ConsumeDurationNumber-constexpr.patch
    * chromium-lp152-missing-includes.patch
    * chromium-91-GCC_fix_vector_types_in_pcscan.patch
    * chromium-91-system-icu.patch
    * chromium-91-1190561-boo1186948.patch
  - Added patches:
    * chromium-91-compiler.patch
    * chromium-92-EnumTable-crash.patch
    * chromium-92-v8-constexpr.patch
    * chromium-92-GetUsableSize-nullptr.patch
    * chromium-freetype-2.11.patch
    * chromium-clang-nomerge.patch
* Sat Jul 17 2021 Andreas Stieger <[email protected]>
  - chromium 91.0.4472.164 (boo#1188373)
    * CVE-2021-30559: Out of bounds write in ANGLE
    * CVE-2021-30541: Use after free in V8
    * CVE-2021-30560: Use after free in Blink XSLT
    * CVE-2021-30561: Type Confusion in V8
    * CVE-2021-30562: Use after free in WebSerial
    * CVE-2021-30563: Type Confusion in V8
    * CVE-2021-30564: Heap buffer overflow in WebXR
    * Various fixes from internal audits, fuzzing and other initiatives
* Mon Jul 05 2021 Callum Farmer <[email protected]>
  - Add chromium-91-sql-standard-layout-type.patch: to fix SQL being
    incorrect with libstdc++ 11
* Mon Jun 21 2021 Andreas Stieger <[email protected]>
  - fix crash upon exit boo#1186948
    add chromium-91-1190561-boo1186948.patch
* Fri Jun 18 2021 Andreas Stieger <[email protected]>
  - Chromium 91.0.4472.114 (boo#1187481)
    * CVE-2021-30554: Use after free in WebGL
    * CVE-2021-30555: Use after free in Sharing
    * CVE-2021-30556: Use after free in WebAudio
    * CVE-2021-30557: Use after free in TabGroups
* Wed Jun 16 2021 Andreas Stieger <[email protected]>
  - Chromium 91.0.4472.106
    * Fix use-after-free in SendTabToSelfSubMenuModel
    * Destroy system-token NSSCertDatabase on the IO thread
* Wed Jun 09 2021 Andreas Stieger <[email protected]>
  - Chromium 91.0.4472.101 (boo#1187141)
    * CVE-2021-30544: Use after free in BFCache
    * CVE-2021-30545: Use after free in Extensions
    * CVE-2021-30546: Use after free in Autofill
    * CVE-2021-30547: Out of bounds write in ANGLE
    * CVE-2021-30548: Use after free in Loader
    * CVE-2021-30549: Use after free in Spell check
    * CVE-2021-30550: Use after free in Accessibility
    * CVE-2021-30551: Type Confusion in V8
    * CVE-2021-30552: Use after free in Extensions
    * CVE-2021-30553: Use after free in Network service
    * Various fixes from internal audits, fuzzing and other initiatives
* Thu Jun 03 2021 Callum Farmer <[email protected]>
  - Add README.SUSE
  - Fix aarch64 build:
    * chromium-91-libyuv-aarch64.patch
    * Update highway to 0.12.2 (arm only)
  - Add -flax-vector-conversions to build flags
* Thu May 27 2021 Andreas Stieger <[email protected]>
  - Chromium 91.0.4472.77 (boo#1186458):
    * Support Managed configuration API for Web Applications
    * WebOTP API: cross-origin iframe support
    * CSS custom counter styles
    * Support JSON Modules
    * Clipboard: read-only files support
    * Remove webkitBeforeTextInserted & webkitEditableCOntentChanged
      JS events
    * Honor media HTML attribute for link icon
    * Import Assertions
    * Class static initializer blocks
    * Ergonomic brand checks for private fields
    * Expose WebAssembly SIMD
    * New Feature: WebTransport
    * ES Modules for service workers ('module' type option)
    * Suggested file name and location for the File System Access API
    * adaptivePTime property for RTCRtpEncodingParameters
    * Block HTTP port 10080 - mitigation for NAT Slipstream 2.0 attack
    * Support WebSockets over HTTP/2
    * Support 103 Early Hints for Navigation
    * CVE-2021-30521: Heap buffer overflow in Autofill
    * CVE-2021-30522: Use after free in WebAudio
    * CVE-2021-30523: Use after free in WebRTC
    * CVE-2021-30524: Use after free in TabStrip
    * CVE-2021-30525: Use after free in TabGroups
    * CVE-2021-30526: Out of bounds write in TabStrip
    * CVE-2021-30527: Use after free in WebUI
    * CVE-2021-30528: Use after free in WebAuthentication
    * CVE-2021-30529: Use after free in Bookmarks
    * CVE-2021-30530: Out of bounds memory access in WebAudio
    * CVE-2021-30531: Insufficient policy enforcement in Content Security Policy
    * CVE-2021-30532: Insufficient policy enforcement in Content Security Policy
    * CVE-2021-30533: Insufficient policy enforcement in PopupBlocker
    * CVE-2021-30534: Insufficient policy enforcement in iFrameSandbox
    * CVE-2021-30535: Double free in ICU
    * CVE-2021-21212: Insufficient data validation in networking
    * CVE-2021-30536: Out of bounds read in V8
    * CVE-2021-30537: Insufficient policy enforcement in cookies
    * CVE-2021-30538: Insufficient policy enforcement in content security policy
    * CVE-2021-30539: Insufficient policy enforcement in content security policy
    * CVE-2021-30540: Incorrect security UI in payments
    * Various fixes from internal audits, fuzzing and other initiatives
    * drop chromium-90-TokenizedOutput-include.patch
    * drop chromium-90-CrossThreadCopier-qualification.patch
    * drop chromium-90-quantization_utils-include.patch
    * drop chromium-90-angle-constexpr.patch
    * add chromium-91-java-only-allowed-in-android-builds.patch
    * add chromium-91-GCC_fix_vector_types_in_pcscan.patch
    * add chromium-91-system-icu.patch
* Mon May 17 2021 Marcus Meissner <[email protected]>
  - use asimdrdm CPU flag for aarch64 to select only more powerful buildhosts.
* Tue May 11 2021 Andreas Stieger <[email protected]>
  - Chromium 90.0.4430.212 (boo#1185908)
    * CVE-2021-30506: Incorrect security UI in Web App Installs
    * CVE-2021-30507: Inappropriate implementation in Offline
    * CVE-2021-30508: Heap buffer overflow in Media Feeds
    * CVE-2021-30509: Out of bounds write in Tab Strip
    * CVE-2021-30510: Race in Aura
    * CVE-2021-30511: Out of bounds read in Tab Group
    * CVE-2021-30512: Use after free in Notifications
    * CVE-2021-30513: Type Confusion in V8
    * CVE-2021-30514: Use after free in Autofill
    * CVE-2021-30515: Use after free in File API
    * CVE-2021-30516: Heap buffer overflow in History
    * CVE-2021-30517: Type Confusion in V8
    * CVE-2021-30518: Heap buffer overflow in Reader Mode
    * CVE-2021-30519: Use after free in Payments
    * CVE-2021-30520: Use after free in Tab Strip
  - FTP support disabled at runtime by default since release 88.
    Chromium 91 will remove support for ftp altogether
    (boo#1185496)
* Thu May 06 2021 Callum Farmer <[email protected]>
  * Patch change *
  - Fix build with GCC 11 again (bsc#1185716)
  - Remove chromium-88-compiler.patch
  - Remove chromium-90-cstdint.patch
  - Remove chromium-90-gslang-linkage-fixup.patch
  - Added  chromium-90-compiler.patch
  - Added  chromium-90-angle-constexpr.patch
  - Added  chromium-90-TokenizedOutput-include.patch
  - Added  chromium-90-ruy-include.patch
  - Added  chromium-90-CrossThreadCopier-qualification.patch
  - Added  chromium-90-quantization_utils-include.patch
* Wed Apr 28 2021 Marcus Meissner <[email protected]>
  - Chromium 90.0.4430.93 (boo#1185398):
    - CVE-2021-21227: Insufficient data validation in V8.
    - CVE-2021-21232: Use after free in Dev Tools.
    - CVE-2021-21233: Heap buffer overflow in ANGLE.
    - CVE-2021-21228: Insufficient policy enforcement in extensions.
    - CVE-2021-21229: Incorrect security UI in downloads.
    - CVE-2021-21230: Type Confusion in V8.
    - CVE-2021-21231: Insufficient data validation in V8.
    - Reference: https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop_26.html
* Wed Apr 21 2021 Andreas Stieger <[email protected]>
  - Chromium 90.0.4430.85 (boo#1185047):
    * CVE-2021-21222: Heap buffer overflow in V8
    * CVE-2021-21223: Integer overflow in Mojo
    * CVE-2021-21224: Type Confusion in V8
    * CVE-2021-21225: Out of bounds memory access in V8
    * CVE-2021-21226: Use after free in navigation
  - Chromium 90.0.4430.72 (boo#1184764):
    * CVE-2021-21201: Use after free in permissions
    * CVE-2021-21202: Use after free in extensions
    * CVE-2021-21203: Use after free in Blink
    * CVE-2021-21204: Use after free in Blink
    * CVE-2021-21205: Insufficient policy enforcement in navigation
    * CVE-2021-21221: Insufficient validation of untrusted input in Mojo
    * CVE-2021-21207: Use after free in IndexedDB
    * CVE-2021-21208: Insufficient data validation in QR scanner
    * CVE-2021-21209: Inappropriate implementation in storage
    * CVE-2021-21210: Inappropriate implementation in Network
    * CVE-2021-21211: Inappropriate implementation in Navigatio
    * CVE-2021-21212: Incorrect security UI in Network Config UI
    * CVE-2021-21213: Use after free in WebMIDI
    * CVE-2021-21214: Use after free in Network API
    * CVE-2021-21215: Inappropriate implementation in Autofill
    * CVE-2021-21216: Inappropriate implementation in Autofill
    * CVE-2021-21217: Uninitialized Use in PDFium
    * CVE-2021-21218: Uninitialized Use in PDFium
    * CVE-2021-21219: Uninitialized Use in PDFiu
    * drop chromium-89-quiche-private.patch
    * drop chromium-89-quiche-dcheck.patch
    * drop chromium-89-skia-CropRect.patch
    * drop chromium-89-dawn-include.patch
    * drop chromium-89-webcodecs-deps.patch
    * drop chromium-89-AXTreeSerializer-include.patch
    * drop libva-2.11.patch
    * drop libva-2.11-nolegacy.patch
    * drop chromium-84-blink-disable-clang-format.patch
  - chromium-90-gslang-linkage-fixup.patch: fixed a weird static/nonpic error
  - chromium-90-cstdint.patch: some cstd includes added
  - chromium-90-fseal.patch: F_SEAL defines added
* Wed Apr 14 2021 Andreas Stieger <[email protected]>
  - Chromium 89.0.4389.128 (boo#1184700):
    * CVE-2021-21206: Use after free in blink
    * CVE-2021-21220: Insufficient validation of untrusted input in
      v8 for x86_64
* Sat Apr 03 2021 Callum Farmer <[email protected]>
  - Update to 89.0.4389.114 bsc#1184256
    - CVE-2021-21194: Use after free in screen capture
    - CVE-2021-21195: Use after free in V8
    - CVE-2021-21196: Heap buffer overflow in TabStrip
    - CVE-2021-21197: Heap buffer overflow in TabStrip
    - CVE-2021-21198: Out of bounds read in IPC
    - CVE-2021-21199: Use Use after free in Aura
  - Add libva-2.11.patch to fix build with libva <2.11
  - Add libva-2.11-nolegacy.patch to fix build with libva 2.11
  - Remove x11-ozone-fix-two-edge-cases.patch
* Mon Mar 15 2021 Callum Farmer <[email protected]>
  - Update to 89.0.4389.90 bsc#1183515
    - CVE-2021-21191: Use after free in WebRTC.
    - CVE-2021-21192: Heap buffer overflow in tab groups.
    - CVE-2021-21193: Use after free in Blink.
* Thu Mar 11 2021 Callum Farmer <[email protected]>
  - Update to 89.0.4389.82
  - Add x11-ozone-fix-two-edge-cases.patch to fix tab drag errors
* Fri Mar 05 2021 Callum Farmer <[email protected]>
  - Update to 89.0.4389.72 bsc#1182960
    - CVE-2021-21159: Heap buffer overflow in TabStrip.
    - CVE-2021-21160: Heap buffer overflow in WebAudio.
    - CVE-2021-21161: Heap buffer overflow in TabStrip.
    - CVE-2021-21162: Use after free in WebRTC.
    - CVE-2021-21163: Insufficient data validation in Reader Mode.
    - CVE-2021-21164: Insufficient data validation in Chrome for iOS.
    - CVE-2021-21165: Object lifecycle issue in audio.
    - CVE-2021-21166: Object lifecycle issue in audio.
    - CVE-2021-21167: Use after free in bookmarks.
    - CVE-2021-21168: Insufficient policy enforcement in appcache.
    - CVE-2021-21169: Out of bounds memory access in V8.
    - CVE-2021-21170: Incorrect security UI in Loader.
    - CVE-2021-21171: Incorrect security UI in TabStrip and Navigation.
    - CVE-2021-21172: Insufficient policy enforcement in File System API.
    - CVE-2021-21173: Side-channel information leakage in Network Internals.
    - CVE-2021-21174: Inappropriate implementation in Referrer.
    - CVE-2021-21175: Inappropriate implementation in Site isolation.
    - CVE-2021-21176: Inappropriate implementation in full screen mode.
    - CVE-2021-21177: Insufficient policy enforcement in Autofill.
    - CVE-2021-21178: Inappropriate implementation in Compositing.
    - CVE-2021-21179: Use after free in Network Internals.
    - CVE-2021-21180: Use after free in tab search.
    - CVE-2020-27844: Heap buffer overflow in OpenJPEG.
    - CVE-2021-21181: Side-channel information leakage in autofill.
    - CVE-2021-21182: Insufficient policy enforcement in navigations.
    - CVE-2021-21183: Inappropriate implementation in performance APIs.
    - CVE-2021-21184: Inappropriate implementation in performance APIs.
    - CVE-2021-21185: Insufficient policy enforcement in extensions.
    - CVE-2021-21186: Insufficient policy enforcement in QR scanning.
    - CVE-2021-21187: Insufficient data validation in URL formatting.
    - CVE-2021-21188: Use after free in Blink.
    - CVE-2021-21189: Insufficient policy enforcement in payments.
    - CVE-2021-21190: Uninitialized Use in PDFium.
  - Added patches:
    - chromium-89-quiche-private.patch
    - chromium-89-quiche-dcheck.patch
    - chromium-89-skia-CropRect.patch
    - chromium-89-dawn-include.patch
    - chromium-89-webcodecs-deps.patch
    - chromium-89-EnumTable-crash.patch
    - chromium-shim_headers.patch
    - chromium-89-missing-cstring-header.patch
    - chromium-89-AXTreeSerializer-include.patch
    - chromium-88-gcc-fix-swiftshader-libEGL-visibility.patch
      (bsc#1182775)
  - Removed patches:
    - chromium-fix-char_traits.patch
    - build-with-pipewire-0.3.patch
    - chromium-79-gcc-protobuf-alignas.patch
    - chromium-87-CursorFactory-include.patch
    - chromium-87-openscreen-include.patch
    - chromium-88-vaapi-attribute.patch
    - chromium-88-ozone-deps.patch
    - chromium-87-webcodecs-deps.patch
    - chromium-88-ityp-include.patch
    - chromium-88-AXTreeFormatter-include.patch
    - chromium-88-BookmarkModelObserver-include.patch
    - chromium-88-federated_learning-include.patch
    - chromium-88-ideographicSpaceCharacter.patch
    - chromium-88-StringPool-include.patch
    - chromium-88-dawn-static.patch
    - chromium-88-CompositorFrameReporter-dcheck.patch
* Wed Feb 17 2021 Callum Farmer <[email protected]>
  - Update to 88.0.4324.182 bsc#1182358
    - CVE-2021-21149: Stack overflow in Data Transfer.
    - CVE-2021-21150: Use after free in Downloads.
    - CVE-2021-21151: Use after free in Payments.
    - CVE-2021-21152: Heap buffer overflow in Media.
    - CVE-2021-21153: Stack overflow in GPU Process.
    - CVE-2021-21154: Heap buffer overflow in Tab Strip.
    - CVE-2021-21155: Heap buffer overflow in Tab Strip.
    - CVE-2021-21156: Heap buffer overflow in V8.
    - CVE-2021-21157: Use after free in Web Sockets.
* Mon Feb 15 2021 Callum Farmer <[email protected]>
  - Add chromium-glibc-2.33.patch: fix Sandbox with glibc 2.33
    (bsc#1182233)
* Sat Feb 06 2021 Callum Farmer <[email protected]>
  - Update to 88.0.4324.150 bsc#1181827
    - CVE-2021-21148: Heap buffer overflow in V8
* Thu Feb 04 2021 Callum Farmer <[email protected]>
  - Update to 88.0.4324.146 bsc#1181772
    - CVE-2021-21142: Use after free in Payments
    - CVE-2021-21143: Heap buffer overflow in Extensions
    - CVE-2021-21144: Heap buffer overflow in Tab Groups.
    - CVE-2021-21145: Use after free in Fonts
    - CVE-2021-21146: Use after free in Navigation.
    - CVE-2021-21147: Inappropriate implementation in Skia
* Sat Jan 23 2021 Callum Farmer <[email protected]>
  - Update to 88.0.4324.96 bsc#1181137
    - CVE-2021-21117: Insufficient policy enforcement in Cryptohome
    - CVE-2021-21118: Insufficient data validation in V8
    - CVE-2021-21119: Use after free in Media
    - CVE-2021-21120: Use after free in WebSQL
    - CVE-2021-21121: Use after free in Omnibox
    - CVE-2021-21122: Use after free in Blink
    - CVE-2021-21123: Insufficient data validation in File System API
    - CVE-2021-21124: Potential user after free in Speech Recognizer
    - CVE-2021-21125: Insufficient policy enforcement in File System API
    - CVE-2020-16044: Use after free in WebRTC
    - CVE-2021-21126: Insufficient policy enforcement in extensions
    - CVE-2021-21127: Insufficient policy enforcement in extensions
    - CVE-2021-21128: Heap buffer overflow in Blink
    - CVE-2021-21129: Insufficient policy enforcement in File System API
    - CVE-2021-21130: Insufficient policy enforcement in File System API
    - CVE-2021-21131: Insufficient policy enforcement in File System API
    - CVE-2021-21132: Inappropriate implementation in DevTools
    - CVE-2021-21133: Insufficient policy enforcement in Downloads
    - CVE-2021-21134: Incorrect security UI in Page Info
    - CVE-2021-21135: Inappropriate implementation in Performance API
    - CVE-2021-21136: Insufficient policy enforcement in WebView
    - CVE-2021-21137: Inappropriate implementation in DevTools
    - CVE-2021-21138: Use after free in DevTools
    - CVE-2021-21139: Inappropriate implementation in iframe sandbox
    - CVE-2021-21140: Uninitialized Use in USB
    - CVE-2021-21141: Insufficient policy enforcement in File System API
  - Added patches:
    - chromium-88-compiler.patch
    - chromium-88-ozone-deps.patch
    - chromium-88-ityp-include.patch
    - chromium-88-AXTreeFormatter-include.patch
    - chromium-88-BookmarkModelObserver-include.patch
    - chromium-88-federated_learning-include.patch
    - chromium-88-ideographicSpaceCharacter.patch
    - chromium-88-StringPool-include.patch
    - chromium-88-dawn-static.patch
    - chromium-88-CompositorFrameReporter-dcheck.patch
  - Removed patches:
    - gpu-timeout.patch
    - chromium-87-compiler.patch
    - chromium-87-ServiceWorkerContainerHost-crash.patch
    - chromium-87-ozone-deps.patch
    - chromium-87-v8-icu68.patch
    - chromium-87-icu68.patch
* Sat Jan 16 2021 Callum Farmer <[email protected]>
  - Remove C++ only flags from CFLAGS
  - Update chromium-gcc11.patch
  - Comply with new Google API key rules for Derivatives
* Thu Jan 07 2021 Callum Farmer <[email protected]>
  - Update to 87.0.4280.141 bsc#1180645
    - CVE-2021-21106: Use after free in autofill
    - CVE-2021-21107: Use after free in drag and drop
    - CVE-2021-21108: Use after free in media
    - CVE-2021-21109: Use after free in payments
    - CVE-2021-21110: Use after free in safe browsing
    - CVE-2021-21111: Insufficient policy enforcement in WebUI
    - CVE-2021-21112: Use after free in Blink
    - CVE-2021-21113: Heap buffer overflow in Skia
    - CVE-2020-16043: Insufficient data validation in networking
    - CVE-2021-21114: Use after free in audio
    - CVE-2020-15995: Out of bounds write in V8
    - CVE-2021-21115: Use after free in safe browsing
    - CVE-2021-21116: Heap buffer overflow in audio

Files

/etc/chromium
/etc/chromium/master_preferences
/etc/chromium/native-messaging-hosts
/etc/chromium/policies
/etc/chromium/policies/managed
/etc/chromium/policies/recommended
/usr/bin/chromium
/usr/bin/chromium-browser
/usr/lib64/chromium
/usr/lib64/chromium/chrome
/usr/lib64/chromium/chrome-wrapper
/usr/lib64/chromium/chrome_100_percent.pak
/usr/lib64/chromium/chrome_200_percent.pak
/usr/lib64/chromium/chrome_crashpad_handler
/usr/lib64/chromium/icudtl.dat
/usr/lib64/chromium/libEGL.so
/usr/lib64/chromium/libGLESv2.so
/usr/lib64/chromium/libqt5_shim.so
/usr/lib64/chromium/libvk_swiftshader.so
/usr/lib64/chromium/libvulkan.so.1
/usr/lib64/chromium/locales
/usr/lib64/chromium/locales/af.pak
/usr/lib64/chromium/locales/am.pak
/usr/lib64/chromium/locales/ar-XB.pak
/usr/lib64/chromium/locales/ar.pak
/usr/lib64/chromium/locales/bg.pak
/usr/lib64/chromium/locales/bn.pak
/usr/lib64/chromium/locales/ca.pak
/usr/lib64/chromium/locales/cs.pak
/usr/lib64/chromium/locales/da.pak
/usr/lib64/chromium/locales/de.pak
/usr/lib64/chromium/locales/el.pak
/usr/lib64/chromium/locales/en-GB.pak
/usr/lib64/chromium/locales/en-US.pak
/usr/lib64/chromium/locales/en-XA.pak
/usr/lib64/chromium/locales/es-419.pak
/usr/lib64/chromium/locales/es.pak
/usr/lib64/chromium/locales/et.pak
/usr/lib64/chromium/locales/fa.pak
/usr/lib64/chromium/locales/fi.pak
/usr/lib64/chromium/locales/fil.pak
/usr/lib64/chromium/locales/fr.pak
/usr/lib64/chromium/locales/gu.pak
/usr/lib64/chromium/locales/he.pak
/usr/lib64/chromium/locales/hi.pak
/usr/lib64/chromium/locales/hr.pak
/usr/lib64/chromium/locales/hu.pak
/usr/lib64/chromium/locales/id.pak
/usr/lib64/chromium/locales/it.pak
/usr/lib64/chromium/locales/ja.pak
/usr/lib64/chromium/locales/kn.pak
/usr/lib64/chromium/locales/ko.pak
/usr/lib64/chromium/locales/lt.pak
/usr/lib64/chromium/locales/lv.pak
/usr/lib64/chromium/locales/ml.pak
/usr/lib64/chromium/locales/mr.pak
/usr/lib64/chromium/locales/ms.pak
/usr/lib64/chromium/locales/nb.pak
/usr/lib64/chromium/locales/nl.pak
/usr/lib64/chromium/locales/pl.pak
/usr/lib64/chromium/locales/pt-BR.pak
/usr/lib64/chromium/locales/pt-PT.pak
/usr/lib64/chromium/locales/ro.pak
/usr/lib64/chromium/locales/ru.pak
/usr/lib64/chromium/locales/sk.pak
/usr/lib64/chromium/locales/sl.pak
/usr/lib64/chromium/locales/sr.pak
/usr/lib64/chromium/locales/sv.pak
/usr/lib64/chromium/locales/sw.pak
/usr/lib64/chromium/locales/ta.pak
/usr/lib64/chromium/locales/te.pak
/usr/lib64/chromium/locales/th.pak
/usr/lib64/chromium/locales/tr.pak
/usr/lib64/chromium/locales/uk.pak
/usr/lib64/chromium/locales/ur.pak
/usr/lib64/chromium/locales/vi.pak
/usr/lib64/chromium/locales/zh-CN.pak
/usr/lib64/chromium/locales/zh-TW.pak
/usr/lib64/chromium/plugins
/usr/lib64/chromium/resources.pak
/usr/lib64/chromium/v8_context_snapshot.bin
/usr/lib64/chromium/vk_swiftshader_icd.json
/usr/share/applications/chromium-browser.desktop
/usr/share/chromium
/usr/share/chromium/extensions
/usr/share/doc/packages/chromium
/usr/share/doc/packages/chromium/AUTHORS
/usr/share/icons/hicolor
/usr/share/icons/hicolor/128x128
/usr/share/icons/hicolor/128x128/apps
/usr/share/icons/hicolor/128x128/apps/chromium-browser.png
/usr/share/icons/hicolor/16x16
/usr/share/icons/hicolor/16x16/apps
/usr/share/icons/hicolor/16x16/apps/chromium-browser.png
/usr/share/icons/hicolor/24x24
/usr/share/icons/hicolor/24x24/apps
/usr/share/icons/hicolor/24x24/apps/chromium-browser.png
/usr/share/icons/hicolor/256x256
/usr/share/icons/hicolor/256x256/apps
/usr/share/icons/hicolor/256x256/apps/chromium-browser.png
/usr/share/icons/hicolor/32x32
/usr/share/icons/hicolor/32x32/apps
/usr/share/icons/hicolor/32x32/apps/chromium-browser.png
/usr/share/icons/hicolor/48x48
/usr/share/icons/hicolor/48x48/apps
/usr/share/icons/hicolor/48x48/apps/chromium-browser.png
/usr/share/icons/hicolor/64x64
/usr/share/icons/hicolor/64x64/apps
/usr/share/icons/hicolor/64x64/apps/chromium-browser.png
/usr/share/icons/hicolor/symbolic
/usr/share/icons/hicolor/symbolic/apps
/usr/share/icons/hicolor/symbolic/apps/chromium-browser.svg
/usr/share/licenses/chromium
/usr/share/licenses/chromium/LICENSE
/usr/share/man/man1/chromium-browser.1.gz
/usr/share/man/man1/chromium.1.gz
/usr/share/metainfo/chromium-browser.appdata.xml


Generated by rpm2html 1.8.1

Fabrice Bellet, Thu Dec 12 00:38:55 2024