- Chromium 90.0.4430.212 (boo#1185908)
  * CVE-2021-30506: Incorrect security UI in Web App Installs
  * CVE-2021-30507: Inappropriate implementation in Offline
  * CVE-2021-30508: Heap buffer overflow in Media Feeds
  * CVE-2021-30509: Out of bounds write in Tab Strip
  * CVE-2021-30510: Race in Aura
  * CVE-2021-30511: Out of bounds read in Tab Group
  * CVE-2021-30512: Use after free in Notifications
  * CVE-2021-30513: Type Confusion in V8
  * CVE-2021-30514: Use after free in Autofill
  * CVE-2021-30515: Use after free in File API
  * CVE-2021-30516: Heap buffer overflow in History
  * CVE-2021-30517: Type Confusion in V8
  * CVE-2021-30518: Heap buffer overflow in Reader Mode
  * CVE-2021-30519: Use after free in Payments
  * CVE-2021-30520: Use after free in Tab Strip
- FTP support disabled at runtime by default since release 88.
  Chromium 91 will remove support for ftp altogether
  (boo#1185496)

• Files Changed
• Browse Source

- Chromium 90.0.4430.93 (boo#1185398):
  - CVE-2021-21227: Insufficient data validation in V8. 
  - CVE-2021-21232: Use after free in Dev Tools. 
  - CVE-2021-21233: Heap buffer overflow in ANGLE.
  - CVE-2021-21228: Insufficient policy enforcement in extensions.
  - CVE-2021-21229: Incorrect security UI in downloads.
  - CVE-2021-21230: Type Confusion in V8. 
  - CVE-2021-21231: Insufficient data validation in V8.
  - Reference: https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop_26.html
- Chromium 90.0.4430.85 (boo#1185047):
  * CVE-2021-21222: Heap buffer overflow in V8
  * CVE-2021-21223: Integer overflow in Mojo
  * CVE-2021-21224: Type Confusion in V8
  * CVE-2021-21225: Out of bounds memory access in V8
  * CVE-2021-21226: Use after free in navigation
- Chromium 90.0.4430.72 (boo#1184764):
  * CVE-2021-21201: Use after free in permissions
  * CVE-2021-21202: Use after free in extensions
  * CVE-2021-21203: Use after free in Blink
  * CVE-2021-21204: Use after free in Blink
  * CVE-2021-21205: Insufficient policy enforcement in navigation
  * CVE-2021-21221: Insufficient validation of untrusted input in Mojo
  * CVE-2021-21207: Use after free in IndexedDB
  * CVE-2021-21208: Insufficient data validation in QR scanner
  * CVE-2021-21209: Inappropriate implementation in storage
  * CVE-2021-21210: Inappropriate implementation in Network
  * CVE-2021-21211: Inappropriate implementation in Navigatio 
  * CVE-2021-21212: Incorrect security UI in Network Config UI
  * CVE-2021-21213: Use after free in WebMIDI
  * CVE-2021-21214: Use after free in Network API
  * CVE-2021-21215: Inappropriate implementation in Autofill
  * CVE-2021-21216: Inappropriate implementation in Autofill
  * CVE-2021-21217: Uninitialized Use in PDFium
  * CVE-2021-21218: Uninitialized Use in PDFium
  * CVE-2021-21219: Uninitialized Use in PDFiu
  * drop chromium-89-quiche-private.patch
  * drop chromium-89-quiche-dcheck.patch
  * drop chromium-89-skia-CropRect.patch
  * drop chromium-89-dawn-include.patch
  * drop chromium-89-webcodecs-deps.patch
  * drop chromium-89-AXTreeSerializer-include.patch
  * drop libva-2.11.patch
  * drop libva-2.11-nolegacy.patch
  * drop chromium-84-blink-disable-clang-format.patch
- chromium-90-gslang-linkage-fixup.patch: fixed a weird static/nonpic error
- chromium-90-cstdint.patch: some cstd includes added
- chromium-90-fseal.patch: F_SEAL defines added

• Files Changed
• Browse Source

- Chromium 89.0.4389.128 (boo#1184700):
  * CVE-2021-21206: Use after free in blink
  * CVE-2021-21220: Insufficient validation of untrusted input in
    v8 for x86_64

• Files Changed
• Browse Source

bsc#1184256

• Files Changed
• Browse Source

- Update to 89.0.4389.90 bsc#1183515
  - CVE-2021-21191: Use after free in WebRTC.
  - CVE-2021-21192: Heap buffer overflow in tab groups.
  - CVE-2021-21193: Use after free in Blink.

- Update to 89.0.4389.82
- Add x11-ozone-fix-two-edge-cases.patch to fix tab drag errors

• Files Changed
• Browse Source

- Update to 89.0.4389.72 bsc#1182960
  - CVE-2021-21159: Heap buffer overflow in TabStrip.
  - CVE-2021-21160: Heap buffer overflow in WebAudio.
  - CVE-2021-21161: Heap buffer overflow in TabStrip.
  - CVE-2021-21162: Use after free in WebRTC.
  - CVE-2021-21163: Insufficient data validation in Reader Mode.
  - CVE-2021-21164: Insufficient data validation in Chrome for iOS.
  - CVE-2021-21165: Object lifecycle issue in audio.
  - CVE-2021-21166: Object lifecycle issue in audio.
  - CVE-2021-21167: Use after free in bookmarks.
  - CVE-2021-21168: Insufficient policy enforcement in appcache.
  - CVE-2021-21169: Out of bounds memory access in V8.
  - CVE-2021-21170: Incorrect security UI in Loader.
  - CVE-2021-21171: Incorrect security UI in TabStrip and Navigation.
  - CVE-2021-21172: Insufficient policy enforcement in File System API.
  - CVE-2021-21173: Side-channel information leakage in Network Internals.
  - CVE-2021-21174: Inappropriate implementation in Referrer.
  - CVE-2021-21175: Inappropriate implementation in Site isolation.
  - CVE-2021-21176: Inappropriate implementation in full screen mode.
  - CVE-2021-21177: Insufficient policy enforcement in Autofill.
  - CVE-2021-21178: Inappropriate implementation in Compositing.
  - CVE-2021-21179: Use after free in Network Internals.
  - CVE-2021-21180: Use after free in tab search.
  - CVE-2020-27844: Heap buffer overflow in OpenJPEG.
  - CVE-2021-21181: Side-channel information leakage in autofill.
  - CVE-2021-21182: Insufficient policy enforcement in navigations.
  - CVE-2021-21183: Inappropriate implementation in performance APIs.
  - CVE-2021-21184: Inappropriate implementation in performance APIs.
  - CVE-2021-21185: Insufficient policy enforcement in extensions.
  - CVE-2021-21186: Insufficient policy enforcement in QR scanning.

• Files Changed
• Browse Source

revert to old veresion, .182 seems broken per openqa result

• Files Changed
• Browse Source

bsc#1182358

• Files Changed
• Browse Source

- Update to 88.0.4324.150 bsc#1181827
  - CVE-2021-21148: Heap buffer overflow in V8

- Update to 88.0.4324.146 bsc#1181772
  - CVE-2021-21142: Use after free in Payments
  - CVE-2021-21143: Heap buffer overflow in Extensions
  - CVE-2021-21144: Heap buffer overflow in Tab Groups.
  - CVE-2021-21145: Use after free in Fonts
  - CVE-2021-21146: Use after free in Navigation.
  - CVE-2021-21147: Inappropriate implementation in Skia

• Files Changed
• Browse Source

- Update to 88.0.4324.96 bsc#1181137
  - CVE-2021-21117: Insufficient policy enforcement in Cryptohome
  - CVE-2021-21118: Insufficient data validation in V8
  - CVE-2021-21119: Use after free in Media
  - CVE-2021-21120: Use after free in WebSQL
  - CVE-2021-21121: Use after free in Omnibox
  - CVE-2021-21122: Use after free in Blink
  - CVE-2021-21123: Insufficient data validation in File System API
  - CVE-2021-21124: Potential user after free in Speech Recognizer
  - CVE-2021-21125: Insufficient policy enforcement in File System API
  - CVE-2020-16044: Use after free in WebRTC
  - CVE-2021-21126: Insufficient policy enforcement in extensions
  - CVE-2021-21127: Insufficient policy enforcement in extensions
  - CVE-2021-21128: Heap buffer overflow in Blink
  - CVE-2021-21129: Insufficient policy enforcement in File System API
  - CVE-2021-21130: Insufficient policy enforcement in File System API
  - CVE-2021-21131: Insufficient policy enforcement in File System API
  - CVE-2021-21132: Inappropriate implementation in DevTools
  - CVE-2021-21133: Insufficient policy enforcement in Downloads
  - CVE-2021-21134: Incorrect security UI in Page Info
  - CVE-2021-21135: Inappropriate implementation in Performance API
  - CVE-2021-21136: Insufficient policy enforcement in WebView
  - CVE-2021-21137: Inappropriate implementation in DevTools
  - CVE-2021-21138: Use after free in DevTools
  - CVE-2021-21139: Inappropriate implementation in iframe sandbox
  - CVE-2021-21140: Uninitialized Use in USB
  - CVE-2021-21141: Insufficient policy enforcement in File System API
- Added patches:
  - chromium-88-compiler.patch
  - chromium-88-ozone-deps.patch
  - chromium-88-ityp-include.patch
  - chromium-88-AXTreeFormatter-include.patch
  - chromium-88-BookmarkModelObserver-include.patch
  - chromium-88-federated_learning-include.patch
  - chromium-88-ideographicSpaceCharacter.patch
  - chromium-88-StringPool-include.patch
  - chromium-88-dawn-static.patch
  - chromium-88-CompositorFrameReporter-dcheck.patch
- Removed patches:
  - gpu-timeout.patch
  - chromium-87-compiler.patch
  - chromium-87-ServiceWorkerContainerHost-crash.patch
  - chromium-87-ozone-deps.patch
  - chromium-87-v8-icu68.patch
  - chromium-87-icu68.patch

• Files Changed
• Browse Source

- Remove C++ only flags from CFLAGS
- Update chromium-gcc11.patch
- Comply with new Google API key rules for Derivatives

• Files Changed
• Browse Source

- Update to 87.0.4280.141 bsc#1180645
  - CVE-2021-21106: Use after free in autofill
  - CVE-2021-21107: Use after free in drag and drop
  - CVE-2021-21108: Use after free in media
  - CVE-2021-21109: Use after free in payments
  - CVE-2021-21110: Use after free in safe browsing
  - CVE-2021-21111: Insufficient policy enforcement in WebUI
  - CVE-2021-21112: Use after free in Blink
  - CVE-2021-21113: Heap buffer overflow in Skia
  - CVE-2020-16043: Insufficient data validation in networking
  - CVE-2021-21114: Use after free in audio
  - CVE-2020-15995: Out of bounds write in V8
  - CVE-2021-21115: Use after free in safe browsing
  - CVE-2021-21116: Heap buffer overflow in audio 

• Files Changed
• Browse Source

update

• Files Changed
• Browse Source

osc copypac from project:openSUSE:Leap:15.2:Update package:chromium revision:12, using expand

• Files Changed
• Browse Source

osc copypac from project:openSUSE:Leap:15.2 package:chromium revision:107, using expand

• Browse Source