- * High CVE-2026-0628: Insufficient policy enforcement in WebView tag
- Fix rhbz#2425338, Enable control flow integrity support for x86_64/aarch64
- Enable build for epel10.1
- * High CVE-2025-14765: Use after free in WebGPU
- * High CVE-2025-14766: Out of bounds read and write in V8
- Force dark mode when auto dark mode web content is on
- Remove omnibox-next-Improve-cutout-mouse-handling-for-Wayla patch, as it's merged
These BRs are required by Chromium proper, even when built without any toolkits
(e.g. as CEF).
Add a few missing ones (wayland-devel, xkbcommon, pangocairo) and move others
out of the GTK4 conditional, since they aren't actually related to GTK4, they
just happened to be pulled in by gtk3-devel.
[skip changelog]
- * High: Under coordination
- * Medium CVE-2025-14372: Use after free in Password Manager
- * Medium CVE-2025-14373: Inappropriate implementation in Toolbar
- Workaround problem of auto dark mode inverting images and making them unreadable
- Hoshino Lina: Update to cef-143.0.10+g8aed01b (rhbz#2421703)
- Hoshino Lina: Update to cef-143.0.9+ge88e818 (rhbz#2420939)
- * High CVE-2025-13630: Type Confusion in V8
- * High CVE-2025-13631: Inappropriate implementation in Google Updater
- * High CVE-2025-13632: Inappropriate implementation in DevTools
- * High CVE-2025-13633: Use after free in Digital Credentials
- * Medium CVE-2025-13634: Inappropriate implementation in Downloads
- * Medium CVE-2025-13720: Bad cast in Loader
- * Medium CVE-2025-13721: Race in v8
- * Low CVE-2025-13635: Inappropriate implementation in Downloads
- * Low CVE-2025-13636: Inappropriate implementation in Split View
- * Low CVE-2025-13637: Inappropriate implementation in Downloads
- * Low CVE-2025-13638: Use after free in Media Stream
- * Low CVE-2025-13639: Inappropriate implementation in WebRTC
- * Low CVE-2025-13640: Inappropriate implementation in Passwords
- Drop workaround darkmode-image-policy.patch
- Fix build error due to Unresolved dependencies
- Fix swiftshader to compile with llvm-16.0
- Refresh python-3.9-ftbfs patch for el9
- Refresh ppc64le patches
- Refresh chromium.conf
- * High CVE-2025-12725: Out of bounds write in WebGPU
- * High CVE-2025-12726: Inappropriate implementation in Views
- * High CVE-2025-12727: Inappropriate implementation in V8
- * Medium CVE-2025-12728: Inappropriate implementation in Omnibox
- * Medium CVE-2025-12729: Inappropriate implementation in Omnibox
- * High CVE-2025-12428: Type Confusion in V8
- * High CVE-2025-12429: Inappropriate implementation in V8
- * High CVE-2025-12430: Object lifecycle issue in Media
- * High CVE-2025-12431: Inappropriate implementation in Extensions
- * High CVE-2025-12432: Race in V8
- * High CVE-2025-12433: Inappropriate implementation in V8
- * High CVE-2025-12036: Inappropriate implementation in V8
- * Medium CVE-2025-12434: Race in Storage
- * Medium CVE-2025-12435: Incorrect security UI in Omnibox
- * Medium CVE-2025-12436: Policy bypass in Extensions
- * Medium CVE-2025-12437: Use after free in PageInfo
- * Medium CVE-2025-12438: Use after free in Ozone
- * Medium CVE-2025-12439: Inappropriate implementation in App-Bound Encryption
- * Low CVE-2025-12440: Inappropriate implementation in Autofill
- * Medium CVE-2025-12441: Out of bounds read in V8
- * Medium CVE-2025-12443: Out of bounds read in WebXR
- * Low CVE-2025-12444: Incorrect security UI in Fullscreen UI
- * Low CVE-2025-12445: Policy bypass in Extensions
- * Low CVE-2025-12446: Incorrect security UI in SplitView
- * Low CVE-2025-12447: Incorrect security UI in Omnibox
- * High CVE-2025-11458: Heap buffer overflow in Sync
- * High CVE-2025-11460: Use after free in Storage
- * Medium CVE-2025-11211: Out of bounds read in WebCodecs
- remove 0001-Change-use-of-removed-intrinsic.patch as it is included in
141.0.7390.65
- * Update to cef-141.0.11+g7e73ac4 (rhbz#2402447) (Asahi Lina)
- * High CVE-2025-11205: Heap buffer overflow in WebGPU
- * High CVE-2025-11206: Heap buffer overflow in Video
- * Medium CVE-2025-11207: Side-channel information leakage in Storage
- * Medium CVE-2025-11208: Inappropriate implementation in Media
- * Medium CVE-2025-11209: Inappropriate implementation in Omnibox
- * Medium CVE-2025-11210: Side-channel information leakage in Tab
- * Medium CVE-2025-11211: Out of bounds read in Media
- * Medium CVE-2025-11212: Inappropriate implementation in Media
- * Medium CVE-2025-11213: Inappropriate implementation in Omnibox
- * Medium CVE-2025-11215: Off by one error in V8
- * Low CVE-2025-11216: Inappropriate implementation in Storage
- * Low CVE-2025-11219: Use after free in V8
- Refreshed ppc64le patches
- Fixed issue with incorrect display of the links on startpage in Darkmode
- Fixed FTBFS - error: no member named 'bPsnrY' in 'Source_Picture_s'
- Fixed, DebugInfo packages aren't being produced
- Refreshed rust-clanglib patch
- Fixed FTBFS due to old ffmpeg on Epel9
- Fixed FTBFS - error: invalid application of 'sizeof' to an incomplete type 'blink::CSSStyleSheet'
- Fixed FTBFS due to missing header files
- * CVE-2025-10585: Type Confusion in V8
- * CVE-2025-10500: Use after free in Dawn
- * CVE-2025-10501: Use after free in WebRTC
- * CVE-2025-10502: Heap buffer overflow in ANGLE
- * Fix rendering issue on epel9
