Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

chromium-73.0.3683.75-lp151.1.2 RPM for aarch64

From OpenSuSE Ports Leap 15.1 for aarch64

Name: chromium Distribution: openSUSE Leap 15.1
Version: 73.0.3683.75 Vendor: openSUSE
Release: lp151.1.2 Build date: Mon Apr 22 15:34:39 2019
Group: Productivity/Networking/Web/Browsers Build host: obs-arm-8
Size: 213639278 Source RPM: chromium-73.0.3683.75-lp151.1.2.src.rpm
Packager: https://bugs.opensuse.org
Url: https://www.chromium.org/
Summary: Google's open source browser project
Chromium is the open-source project behind Google Chrome. We invite you to join us in our effort to help build a safer, faster, and more stable way for all Internet users to experience the web, and to create a powerful platform for developing a new generation of web applications.

Provides

Requires

License

BSD-3-Clause AND LGPL-2.1-or-later

Changelog

* Wed Mar 13 2019 Tomáš Chvátal <tchvatal@suse.com>
  - Update to 73.0.3683.75 bsc#1129059:
    * CVE-2019-5787: Use after free in Canvas.
    * CVE-2019-5788: Use after free in FileAPI.
    * CVE-2019-5789: Use after free in WebMIDI.
    * CVE-2019-5790: Heap buffer overflow in V8.
    * CVE-2019-5791: Type confusion in V8.
    * CVE-2019-5792: Integer overflow in PDFium.
    * CVE-2019-5793: Excessive permissions for private API in Extensions.
    * CVE-2019-5794: Security UI spoofing.
    * CVE-2019-5795: Integer overflow in PDFium.
    * CVE-2019-5796: Race condition in Extensions.
    * CVE-2019-5797: Race condition in DOMStorage.
    * CVE-2019-5798: Out of bounds read in Skia.
    * CVE-2019-5799: CSP bypass with blob URL.
    * CVE-2019-5800: CSP bypass with blob URL.
    * CVE-2019-5801: Incorrect Omnibox display on iOS.
    * CVE-2019-5802: Security UI spoofing.
    * CVE-2019-5803: CSP bypass with Javascript URLs'.
    * CVE-2019-5804: Command line command injection on Windows.
  - Update patches:
    * chromium-buildname.patch
    * chromium-non-void-return.patch
    * chromium-old-glibc.patch
    * chromium-old-libva.patch
    * chromium-vaapi.patch
  - Removed patches:
    * chromium-crashpad-fix_aarch64.patch
    * chromium-webrtc-includes.patch
  - Added patches:
    * chromium-gcc.patch
    * chromium-fix_crashpad.patch
* Mon Mar 04 2019 Tomáš Chvátal <tchvatal@suse.com>
  - Drop direct dependency on libgsm, we just need the devel
* Sat Mar 02 2019 Tomáš Chvátal <tchvatal@suse.com>
  - Update to 72.0.3626.121:
    * fixes bsc#1127602 CVE-2019-5786
* Mon Feb 25 2019 Tomáš Chvátal <tchvatal@suse.com>
  - Update to 72.0.3626.119:
    * Feature fixes update only
* Wed Feb 20 2019 Tomáš Chvátal <tchvatal@suse.com>
  - Update to 72.0.3626.109:
    * This is just feature fixes update
* Mon Feb 11 2019 Tomáš Chvátal <tchvatal@suse.com>
  - Update to 72.0.3626.96 bsc#1124936:
    * CVE-2019-5784: Inappropriate implementation in V8
* Mon Feb 11 2019 Simon Lees <sflees@suse.de>
  - Provide web_browser so chromium can be installed instead of firefox.
* Wed Jan 30 2019 Tomáš Chvátal <tchvatal@suse.com>
  - Update to 72.0.3626.81 bsc#1123641:
    * CVE-2019-5754: Inappropriate implementation in QUIC Networking. Reported by Klzgrad on 2018-12-12
    * CVE-2019-5782:  Inappropriate implementation in V8. Reported by Qixun Zhao of Qihoo 360 Vulcan Team via Tianfu Cup on 2018-11-16
    * CVE-2019-5755: Inappropriate implementation in V8. Reported by Jay Bosamiya on 2018-12-10
    * CVE-2019-5756: Use after free in PDFium. Reported by Anonymous on 2018-10-14
    * CVE-2019-5757: Type Confusion in SVG. Reported by Alexandru Pitis, Microsoft Browser Vulnerability Research on 2018-12-15
    * CVE-2019-5758: Use after free in Blink. Reported by Zhe Jin(金哲),Luyao Liu(刘路遥) from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd on 2018-12-11
    * CVE-2019-5759: Use after free in HTML select elements. Reported by Almog Benin on 2018-12-05
    * CVE-2019-5760: Use after free in WebRTC. Reported by Zhe Jin(金哲),Luyao Liu(刘路遥) from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd on 2018-12-05
    * CVE-2019-5761: Use after free in SwiftShader. Reported by Zhe Jin(金哲),Luyao Liu(刘路遥) from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd on 2018-11-13
    * CVE-2019-5762: Use after free in PDFium. Reported by Anonymous on 2018-10-31
    * CVE-2019-5763: Insufficient validation of untrusted input in V8. Reported by Guang Gong of Alpha Team, Qihoo 360 on 2018-12-13
    * CVE-2019-5764: Use after free in WebRTC. Reported by Eyal Itkin from Check Point Software Technologies on 2018-12-09
    * CVE-2019-5765: Insufficient policy enforcement in the browser. Reported by Sergey Toshin (@bagipro) on 2019-01-16
    * CVE-2019-5766: Insufficient policy enforcement in Canvas. Reported by David Erceg on 2018-11-20
    * CVE-2019-5767: Incorrect security UI in WebAPKs. Reported by Haoran Lu, Yifan Zhang, Luyi Xing, and Xiaojing Liao from Indiana University Bloomington on 2018-11-06
    * CVE-2019-5768: Insufficient policy enforcement in DevTools. Reported by Rob Wu on 2018-01-24
    * CVE-2019-5769: Insufficient validation of untrusted input in Blink. Reported by Guy Eshel on 2018-12-11
    * CVE-2019-5770: Heap buffer overflow in WebGL. Reported by  hemidallt@ on 2018-11-27
    * CVE-2019-5771: Heap buffer overflow in SwiftShader. Reported by Zhe Jin(金哲),Luyao Liu(刘路遥) from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd on 2018-11-12
    * CVE-2019-5772: Use after free in PDFium. Reported by Zhen Zhou of NSFOCUS Security Team on 2018-11-26
    * CVE-2019-5773: Insufficient data validation in IndexedDB. Reported by Yongke Wang of Tencent's Xuanwu Lab (xlab.tencent.com) on 2018-12-24
    * CVE-2019-5774: Insufficient validation of untrusted input in SafeBrowsing. Reported by Junghwan Kang (ultract) and Juno Im on 2018-11-11
    * CVE-2019-5775: Insufficient policy enforcement in Omnibox. Reported by evi1m0 of Bilibili Security Team on 2018-10-18
    * CVE-2019-5776: Insufficient policy enforcement in Omnibox. Reported by Lnyas Zhang on 2018-07-14
    * CVE-2019-5777: Insufficient policy enforcement in Omnibox. Reported by Khalil Zhani on 2018-06-04
    * CVE-2019-5778: Insufficient policy enforcement in Extensions. Reported by David Erceg on 2019-01-02
    * CVE-2019-5779: Insufficient policy enforcement in ServiceWorker. Reported by David Erceg on 2018-11-11
    * CVE-2019-5780: Insufficient policy enforcement. Reported by Andreas Hegenberg (folivora.AI GmbH) on 2018-10-03
    * CVE-2019-5781: Insufficient policy enforcement in Omnibox. Reported by evi1m0 of Bilibili Security Team on 2018-10-18
  - Added patches:
    * chromium-crashpad-fix_aarch64.patch
    * chromium-fix_swiftshader.patch
    * chromium-webrtc-includes.patch
  - Obsoleted patches:
    * chromium-gcc8-alignof.patch
    * chromium-initialize-list.patch
  - Updated patches:
    * chromium-dma-buf.patch
    * chromium-non-void-return.patch
    * chromium-skia-system-fontconfig.patch
    * chromium-system-icu.patch
    * chromium-vaapi.patch
  - Try to reduce constraints to avoid being so much just in
    scheduled state
* Wed Jan 02 2019 Tomáš Chvátal <tchvatal@suse.com>
  - Tweak fix_building_widevinecdm_with_chromium.patch to make it
    work again bsc#1120429
* Fri Dec 14 2018 Guillaume GARDET <guillaume.gardet@opensuse.org>
  - Update %arm build, but keep it disabled for now, as ld requires
    lots of RAM
* Thu Dec 13 2018 Tomáš Chvátal <tchvatal@suse.com>
  - Version update to 71.0.3578.98 bsc#1119364:
    * CVE-2018-17481: Use after free in PDFium
  - Redo chromium-old-libva.patch
* Fri Dec 07 2018 Guillaume GARDET <guillaume.gardet@opensuse.org>
  - Increase %limit_build value to avoid OOM
* Thu Dec 06 2018 Tomáš Chvátal <tchvatal@suse.com>
  - Add patch to build on Leap 42.x:
    * chromium-old-libva.patch
* Thu Dec 06 2018 Tomáš Chvátal <tchvatal@suse.com>
  - Version update to 71.0.3578.80 bsc#1118529:
    - CVE-2018-17480: Out of bounds write in V8
    - CVE-2018-17481: Use after frees in PDFium
    - CVE-2018-18335: Heap buffer overflow in Skia
    - CVE-2018-18336: Use after free in PDFium
    - CVE-2018-18337: Use after free in Blink
    - CVE-2018-18338: Heap buffer overflow in Canvas
    - CVE-2018-18339: Use after free in WebAudio
    - CVE-2018-18340: Use after free in MediaRecorder
    - CVE-2018-18341: Heap buffer overflow in Blink
    - CVE-2018-18342: Out of bounds write in V8
    - CVE-2018-18343: Use after free in Skia
    - CVE-2018-18344: Inappropriate implementation in Extensions
    - Multiple issues in SQLite via WebSQL
    - CVE-2018-18345: Inappropriate implementation in Site Isolation
    - CVE-2018-18346: Incorrect security UI in Blink
    - CVE-2018-18347: Inappropriate implementation in Navigation
    - CVE-2018-18348: Inappropriate implementation in Omnibox
    - CVE-2018-18349: Insufficient policy enforcement in Blink
    - CVE-2018-18350: Insufficient policy enforcement in Blink
    - CVE-2018-18351: Insufficient policy enforcement in Navigation
    - CVE-2018-18352: Inappropriate implementation in Media
    - CVE-2018-18353: Inappropriate implementation in Network Authentication
    - CVE-2018-18354: Insufficient data validation in Shell Integration
    - CVE-2018-18355: Insufficient policy enforcement in URL Formatter
    - CVE-2018-18356: Use after free in Skia
    - CVE-2018-18357: Insufficient policy enforcement in URL Formatter
    - CVE-2018-18358: Insufficient policy enforcement in Proxy.
    - CVE-2018-18359: Out of bounds read in V8
    - Inappropriate implementation in PDFium
    - Use after free in Extensions
    - Inappropriate implementation in Navigation
    - Insufficient policy enforcement in Navigation
    - Insufficient policy enforcement in URL Formatter
    - Various fixes from internal audits, fuzzing and other initiatives
  - Updated/refreshed patches:
    * fix_building_widevinecdm_with_chromium.patch
    * chromium-vaapi.patch
    * chromium-skia-aarch64-buildfix.patch
    * chromium-prop-codecs.patch
    * chromium-non-void-return.patch
  - Removed patches:
    * chromium-gcc8-constexpr.patch
    * chromium-libva1.patch
    * chromium-pdfium-include.patch
    * chromium-warnings.patch
  - Added patches:
    * chromium-initialize-list.patch
* Wed Nov 21 2018 Tomáš Chvátal <tchvatal@suse.com>
  - Version update to 70.0.3538.110 bsc#1116608:
    * CVE-2018-17479: Use-after-free in GPU
* Wed Nov 14 2018 Tomáš Chvátal <tchvatal@suse.com>
  - Version update to 70.0.3538.102 bsc#1115537 CVE-2018-17478
    * CVE-2018-17478: Out of bounds memory access in V8
* Sat Nov 03 2018 Yunhe Guo <i@guoyunhe.me>
  - Remove noto-emoji-fonts recommends. noto-emoji-fonts has been
    inactive for a long time. noto-coloremoji-fonts is the current
    recommended emoji fonts from noto. And noto-emoji-fonts (monochrome)
    disables noto-coloremoji-fonts (colorful).
* Thu Oct 25 2018 Tomáš Chvátal <tchvatal@suse.com>
  - Update to 70.0.3538.77:
    * Few feature fixes only
  - Do not meintion armv6 and armv7 in the constraints
  - Update patch chromium-non-void-return.patch
* Mon Oct 22 2018 Tomáš Chvátal <tchvatal@suse.com>
  - Add patch trying to get the pkg to build with libva 1.x releases:
    * chromium-libva1.patch
  - Update chromium-old-glibc.patch to contain more tweaked locations
* Fri Oct 19 2018 Tomáš Chvátal <tchvatal@suse.com>
  - Add back chromium-old-glibc.patch to make sure we build on 42.3
  - Reduce the merge number on jumbo files to reduce memory usage bit
* Fri Oct 19 2018 astieger@suse.com
  - remove trigger word from spec that trips up legal-auto
* Wed Oct 17 2018 Tomáš Chvátal <tchvatal@suse.com>
  - Update to 70.0.3538.67 bsc#1112111:
    * CVE-2018-17462: Sandbox escape in AppCache
    * CVE-2018-17463: Remote code execution in V8
    * CVE to be assigned: Heap buffer overflow in Little CMS in PDFium
    * CVE-2018-17464: URL spoof in Omnibox
    * CVE-2018-17465: Use after free in V8
    * CVE-2018-17466: Memory corruption in Angle
    * CVE-2018-17467: URL spoof in Omnibox
    * CVE-2018-17468: Cross-origin URL disclosure in Blink
    * CVE-2018-17469: Heap buffer overflow in PDFium
    * CVE-2018-17470: Memory corruption in GPU Internals
    * CVE-2018-17471: Security UI occlusion in full screen mode
    * CVE-2018-17472: iframe sandbox escape on iOS
    * CVE-2018-17473: URL spoof in Omnibox
    * CVE-2018-17474: Use after free in Blink
    * CVE-2018-17475: URL spoof in Omnibox
    * CVE-2018-17476: Security UI occlusion in full screen mode
    * CVE-2018-5179: Lack of limits on update() in ServiceWorker
    * CVE-2018-17477: UI spoof in Extensions
  - Added patches:
    * chromium-gcc8-constexpr.patch
    * chromium-libusb_interrupt_event_handler.patch
    * chromium-pdfium-include.patch
    * chromium-system-libusb.patch
  - Removed patches:
    * chromium-old-glibc.patch
    * chromium-vpx-aarch64.patch
  - Updated patches:
    * chromium-gcc8-alignof.patch
    * chromium-non-void-return.patch
    * chromium-prop-codecs.patch
    * chromium-sandbox-pie.patch
    * chromium-skia-system-fontconfig.patch
    * chromium-vaapi.patch
  - Redo the vaapi patch to be default on as there are no reports of
    issues with it
  - Use system libusb-1.0
  - Use jumbo build to speed things up
  - Use bundled harfbuzz because we need newer than latest release
  - Disable gnome-keyring as it crashes the chromium quite often
* Tue Sep 18 2018 Tomáš Chvátal <tchvatal@suse.com>
  - Keep blank line after autopatch to make SLE12 rpm macros happy
* Tue Sep 18 2018 Tomáš Chvátal <tchvatal@suse.com>
  - Update to 69.0.3497.100 bsc#1108774
    * Fixes from internal audits, fuzzing and other initiatives
* Wed Sep 12 2018 astieger@suse.com
  - Chromium 69.0.3497.92 (boo#1108114), containing 2 security fixes:
    * Function signature mismatch in WebAssembly
    * URL Spoofing in Omnibox
  - the rpm should not provide swiftshader libs boo#1108175
  - make jumbo build configurable, default off
* Sat Sep 08 2018 tchvatal@suse.com
  - Enable jumbo build to speed things up
  - Enable vulkan integration
* Thu Sep 06 2018 tchvatal@suse.com
  - Add patch to fix mojo build on 32bit:
    * chromium-gcc8-alignof.patch
* Thu Sep 06 2018 Tomáš Chvátal <tchvatal@suse.com>
  - Split out the gn from this package, obsoletes patches:
    * fix-gn-bootstrap.patch
    * chromium-last-commit-position-r0.patch
* Thu Sep 06 2018 Tomáš Chvátal <tchvatal@suse.com>
  - Version update to 69.0.3497.81 bsc#1107235:
    * CVE-2018-16065: Out of bounds write in V8
    * CVE-2018-16066:Out of bounds read in Blink
    * CVE-2018-16067: Out of bounds read in WebAudio
    * CVE-2018-16068: Out of bounds write in Mojo
    * CVE-2018-16069:Out of bounds read in SwiftShader
    * CVE-2018-16070: Integer overflow in Skia
    * CVE-2018-16071: Use after free in WebRTC
    * CVE-2018-16073: Site Isolation bypass after tab restore
    * CVE-2018-16074: Site Isolation bypass using Blob URLS
    * Out of bounds read in Little-CMS
    * CVE-2018-16075: Local file access in Blink
    * CVE-2018-16076: Out of bounds read in PDFium
    * CVE-2018-16077: Content security policy bypass in Blink
    * CVE-2018-16078: Credit card information leak in Autofill
    * CVE-2018-16079: URL spoof in permission dialogs
    * CVE-2018-16080: URL spoof in full screen mode
    * CVE-2018-16081: Local file access in DevTools
    * CVE-2018-16082: Stack buffer overflow in SwiftShader
    * CVE-2018-16083: Out of bounds read in WebRTC
    * CVE-2018-16084: User confirmation bypass in external protocol handling
    * CVE-2018-16085: Use after free in Memory Instrumentation
    * CVE-2018-16086: Script injection in New Tab Page.
    * CVE-2018-16087: Multiple download restriction bypass.
    * CVE-2018-16088: User gesture requirement bypass.
  - Added patches:
    * chromium-old-glibc.patch
    * chromium-system-icu.patch
    * chromium-warnings.patch
  - Removed patches:
    * chromium-cors-string.patch
    * chromium-crashpad-aarch64-fix.patch
    * chromium-ffmpeg.patch
    * chromium-gcc.patch
    * chromium-gcc7.patch
    * chromium-libjpeg.patch
    * chromium-libwebp-shim.patch
  - Rebased patches:
    * chromium-last-commit-position-r0.patch
    * chromium-non-void-return.patch
    * chromium-sandbox-pie.patch
    * chromium-skia-system-fontconfig.patch
    * chromium-vaapi.patch
* Wed Aug 08 2018 tchvatal@suse.com
  - Update to chromium-68.0.3440.106:
    * Various feature fixes
* Wed Aug 01 2018 tchvatal@suse.com
  - Version update to 68.0.3440.84:
    * Various small feature fixes only
* Wed Jul 25 2018 guillaume.gardet@opensuse.org
  - Add patch to fix aarch64 build:
    * chromium-vpx-aarch64.patch
* Wed Jul 25 2018 tchvatal@suse.com
  - Add patch trying to build chromium on Leap 42.3:
    * chromium-gcc7.patch
* Wed Jul 25 2018 tchvatal@suse.com
  - Raise libvpx requirement to match what we really need
* Wed Jul 25 2018 tchvatal@suse.com
  - Version update to 68.0.3440.75 bsc#1102530:
    * CVE-2018-6153: Stack buffer overflow in Skia.
    * CVE-2018-6154: Heap buffer overflow in WebGL.
    * CVE-2018-6155: Use after free in WebRTC.
    * CVE-2018-6156: Heap buffer overflow in WebRTC.
    * CVE-2018-6157: Type confusion in WebRTC.
    * CVE-2018-6158: Use after free in Blink.
    * CVE-2018-6159: Same origin policy bypass in ServiceWorker.
    * CVE-2018-6160: URL spoof in Chrome on iOS.
    * CVE-2018-6161: Same origin policy bypass in WebAudio.
    * CVE-2018-6162: Heap buffer overflow in WebGL.
    * CVE-2018-6163: URL spoof in Omnibox.
    * CVE-2018-6164: Same origin policy bypass in ServiceWorker.
    * CVE-2018-6165: URL spoof in Omnibox.
    * CVE-2018-6166: URL spoof in Omnibox.
    * CVE-2018-6167: URL spoof in Omnibox.
    * CVE-2018-6168: CORS bypass in Blink.
    * CVE-2018-6169: Permissions bypass in extension installation.
    * CVE-2018-6170: Type confusion in PDFium.
    * CVE-2018-6171: Use after free in WebBluetooth.
    * CVE-2018-6172: URL spoof in Omnibox.
    * CVE-2018-6173: URL spoof in Omnibox.
    * CVE-2018-6174: Integer overflow in SwiftShader.
    * CVE-2018-6175: URL spoof in Omnibox.
    * CVE-2018-6176: Local user privilege escalation in Extensions.
    * CVE-2018-6177: Cross origin information leak in Blink.
    * CVE-2018-6178: UI spoof in Extensions.
    * CVE-2018-6179: Local file information leak in Extensions.
    * CVE-2018-6044: Request privilege escalation in Extensions.
    * CVE-2018-4117: Cross origin information leak in Blink.
  - Rebase patches:
    * chromium-master-prefs-path.patch
    * chromium-non-void-return.patch
    * chromium-vaapi.patch
  - Add patches:
    * chromium-cors-string.patch
    * chromium-gcc.patch
    * chromium-libjpeg.patch
    * chromium-libwebp-shim.patch
  - Remove patches:
    * chromium-gcc8.patch
* Tue Jul 10 2018 tchvatal@suse.com
  - Version update to 67.0.3396.99:
    * Various small feature fixes, no security
* Fri Jun 15 2018 tchvatal@suse.com
  - Add patch to build under gcc8:
    * chromium-gcc8.patch
* Wed Jun 13 2018 security@suse.com
  - Chromium 67.0.3396.87:
    * CVE-2018-6149: Out of bounds write in V8 (boo#1097452)
* Thu Jun 07 2018 astieger@suse.com
  - Chromium 67.0.3396.79:
    * CVE-2018-6148: Incorrect handling of CSP header (boo#1096508)
* Fri Jun 01 2018 tchvatal@suse.com
  - Require ffmpeg >= 4.0 bsc#1095545
* Wed May 30 2018 tchvatal@suse.com
  - Update to 67.0.3396.62 bsc#1095163
    * CVE-2018-6123: Use after free in Blink.
    * CVE-2018-6124: Type confusion in Blink.
    * CVE-2018-6125: Overly permissive policy in WebUSB.
    * CVE-2018-6126: Heap buffer overflow in Skia.
    * CVE-2018-6127: Use after free in indexedDB.
    * CVE-2018-6128: uXSS in Chrome on iOS.
    * CVE-2018-6129: Out of bounds memory access in WebRTC.
    * CVE-2018-6130: Out of bounds memory access in WebRTC.
    * CVE-2018-6131: Incorrect mutability protection in WebAssembly.
    * CVE-2018-6132: Use of uninitialized memory in WebRTC.
    * CVE-2018-6133: URL spoof in Omnibox.
    * CVE-2018-6134: Referrer Policy bypass in Blink.
    * CVE-2018-6135: UI spoofing in Blink.
    * CVE-2018-6136: Out of bounds memory access in V8.
    * CVE-2018-6137: Leak of visited status of page in Blink.
    * CVE-2018-6138: Overly permissive policy in Extensions.
    * CVE-2018-6139: Restrictions bypass in the debugger extension API.
    * CVE-2018-6140: Restrictions bypass in the debugger extension API.
    * CVE-2018-6141: Heap buffer overflow in Skia.
    * CVE-2018-6142: Out of bounds memory access in V8.
    * CVE-2018-6143: Out of bounds memory access in V8.
    * CVE-2018-6144: Out of bounds memory access in PDFium.
    * CVE-2018-6145: Incorrect escaping of MathML in Blink.
    * CVE-2018-6147: Password fields not taking advantage of OS protections in Views.
  - Add patches to build on aarch and remove obsolete one:
    * chromium-crashpad-aarch64-fix.patch
    * chromium-skia-aarch64-buildfix.patch
    * chromium-65.0.3325.162-skia-aarch64-buildfix.patch
    * chromium-skia-neon.patch
  - Remove no longer needed gcc patch:
    * chromium-gcc7.patch
  - Rebase patches:
    * chromium-non-void-return.patch
    * chromium-vaapi.patch
    * exclude_ymp.patch
    * fix_building_widevinecdm_with_chromium.patch
* Sat May 26 2018 astieger@suse.com
  - on SLE 12 with SUSE PackageHub 12, do not require the SDK for
    libwebpmux1 (bsc#1070421)
* Sat May 26 2018 astieger@suse.com
  - Fix installation issue on SUSE PackageHub 12 with libminizip1
    (bsc#1093031)
* Wed May 16 2018 astieger@suse.com
  - Chromium 66.0.3359.181:
    * Autoplay: Force enable on desktop for Web Audio
* Fri May 11 2018 astieger@suse.com
  - Chromium 66.0.3359.170 (bsc#1092923):
    * Chain leading to sandbox escape:
      CVE-2018-6121: Privilege Escalation in extensions
      CVE-2018-6122: Type confusion in V8
    * CVE-2018-6120: Heap buffer overflow in PDFium
    * Various fixes from internal audits, fuzzing and other
      initiatives
* Wed May 09 2018 tchvatal@suse.com
  - Add patch chromium-skia-system-fontconfig.patch to fix
    bsc#1092272
* Fri May 04 2018 guillaume.gardet@opensuse.org
  - Enable build on AArch64
  - Fix build on AArch64:
    * set target_cpu to arm64
    * disable tcmalloc and swiftshader for aarch64
    * Add new patches:
    - chromium-65.0.3325.162-skia-aarch64-buildfix.patch
    - chromium-skia-neon.patch
* Fri Apr 27 2018 tchvatal@suse.com
  - chromium 66.0.3359.139:
    * CVE-2018-6118: Use after free in Media Cache (bsc#1091288)
    * drop add-missing-blink-tools.patch, now in tarball again
* Wed Apr 18 2018 tchvatal@suse.com
  - Version bump to chromium 66.0.3359.117 bsc#1090000:
    * CVE-2018-6085: Use after free in Disk Cache
    * CVE-2018-6086: Use after free in Disk Cache
    * CVE-2018-6087: Use after free in WebAssembly
    * CVE-2018-6088: Use after free in PDFium
    * CVE-2018-6089: Same origin policy bypass in Service Worker
    * CVE-2018-6090: Heap buffer overflow in Skia
    * CVE-2018-6091: Incorrect handling of plug-ins by Service Worker
    * CVE-2018-6092: Integer overflow in WebAssembly
    * CVE-2018-6093: Same origin bypass in Service Worker
    * CVE-2018-6094: Exploit hardening regression in Oilpan
    * CVE-2018-6095: Lack of meaningful user interaction requirement before file upload
    * CVE-2018-6096: Fullscreen UI spoof
    * CVE-2018-6097: Fullscreen UI spoof
    * CVE-2018-6098: URL spoof in Omnibox
    * CVE-2018-6099: CORS bypass in ServiceWorker
    * CVE-2018-6100: URL spoof in Omnibox
    * CVE-2018-6101: Insufficient protection of remote debugging prototol in DevTools
    * CVE-2018-6102: URL spoof in Omnibox
    * CVE-2018-6103: UI spoof in Permissions
    * CVE-2018-6104: URL spoof in Omnibox
    * CVE-2018-6105: URL spoof in Omnibox
    * CVE-2018-6106: Incorrect handling of promises in V8
    * CVE-2018-6107: URL spoof in Omnibox
    * CVE-2018-6108: URL spoof in Omnibox
    * CVE-2018-6109: Incorrect handling of files by FileAPI
    * CVE-2018-6110: Incorrect handling of plaintext files via file://
    * CVE-2018-6111: Heap-use-after-free in DevTools
    * CVE-2018-6112: Incorrect URL handling in DevTools
    * CVE-2018-6113: URL spoof in Navigation
    * CVE-2018-6114: CSP bypass
    * CVE-2018-6115: SmartScreen bypass in downloads
    * CVE-2018-6116: Incorrect low memory handling in WebAssembly
    * CVE-2018-6117: Confusing autofill settings
    * Various fixes from internal audits, fuzzing and other initiatives
  - Remove obsolete patches:
    * chromium-compiler.patch
    * chromium-glibc-2.27.patch
    * chromium-vaapi-init.patch
    * exclude_ymp.diff
    * fix-gn-bootstrap.diff
    * fix_network_api_crash.patch
    * mojo.patch
  - Add new patches:
    * chromium-ffmpeg.patch
    * chromium-gcc7.patch
    * exclude_ymp.patch
    * fix-gn-bootstrap.patch
  - Rebase patches:
    * chromium-master-prefs-path.patch
    * chromium-non-void-return.patch
    * chromium-sandbox-pie.patch
    * chromium-vaapi.patch
  - Add patch to fix missing folder from tarball:
    * add-missing-blink-tools.patch
* Sun Apr 08 2018 tchvatal@suse.com
  - Add vaapi patches:
    * chromium-vaapi-init.patch
    * chromium-vaapi.patch
* Fri Apr 06 2018 tchvatal@suse.com
  - Use memory-constraints package to limit threads as needed
* Wed Mar 21 2018 astieger@suse.com
  - Update to Chromium 65.0.3325.181:
    * Various security relevant fixes from internal audits, fuzzing
      and other initiatives (boo#1086124)
* Tue Mar 20 2018 tchvatal@suse.com
  - Use both freetype and harfbuzz either bundled or system
* Wed Mar 14 2018 tchvatal@suse.com
  - Version update to 65.0.3325.162:
    * Various stability fixes only
* Wed Mar 14 2018 tchvatal@suse.com
  - Bundle the harfbuzz on < 15.0 release as we would have to
    use requires_ge for the library itself later on otherwise
* Fri Mar 09 2018 tchvatal@suse.com
  - Make sure to require gcc7
  - Add patch chromium-drm.patch to make sure to build with Leap 42.3
    variant of libdrm
* Thu Mar 08 2018 tchvatal@suse.com
  - Version update to 65.0.3325.146 bsc#1084296:
    * High CVE-2017-11215: Use after free in Flash.
    * High CVE-2017-11225: Use after free in Flash.
    * High CVE-2018-6060: Use after free in Blink.
    * High CVE-2018-6061: Race condition in V8.
    * High CVE-2018-6062: Heap buffer overflow in Skia.
    * High CVE-2018-6057: Incorrect permissions on shared memory.
    * High CVE-2018-6063: Incorrect permissions on shared memory.
    * High CVE-2018-6064: Type confusion in V8.
    * High CVE-2018-6065: Integer overflow in V8.
    * Medium CVE-2018-6066: Same Origin Bypass via canvas.
    * Medium CVE-2018-6067: Buffer overflow in Skia.
    * Medium CVE-2018-6068: Object lifecycle issues in Chrome Custom Tab.
    * Medium CVE-2018-6069: Stack buffer overflow in Skia.
    * Medium CVE-2018-6070: CSP bypass through extensions.
    * Medium CVE-2018-6071: Heap bufffer overflow in Skia.
    * Medium CVE-2018-6072: Integer overflow in PDFium.
    * Medium CVE-2018-6073: Heap bufffer overflow in WebGL.
    * Medium CVE-2018-6074: Mark-of-the-Web bypass.
    * Medium CVE-2018-6075: Overly permissive cross origin downloads.
    * Medium CVE-2018-6076: Incorrect handling of URL fragment identifiers in Blink.
    * Medium CVE-2018-6077: Timing attack using SVG filters.
    * Medium CVE-2018-6078: URL Spoof in OmniBox.
    * Medium CVE-2018-6079: Information disclosure via texture data in WebGL.
    * Medium CVE-2018-6080: Information disclosure in IPC call.
    * Low CVE-2018-6081: XSS in interstitials.
    * Low CVE-2018-6082: Circumvention of port blocking.
    * Low CVE-2018-6083: Incorrect processing of AppManifests.
  - Add new patches:
    * chromium-compiler.patch
    * chromium-glibc-2.27.patch
    * mojo.patch
  - Drop patches:
    * chromium-angle.patch
    * chromium-memcpy.patch
  - Update constraints
  - Refresh patch chromium-non-void-return.patch to include more
    fixes
* Sat Feb 24 2018 astieger@suse.com
  - Chromium 64.0.3282.186:
    * Various minor bug fixes
* Wed Feb 14 2018 astieger@suse.com
  - update to 64.0.3282.167 (bsc#1080920):
    * CVE-2018-6056: Incorrect derived class instantiation in V8
* Fri Feb 02 2018 tchvatal@suse.com
  - Version update to 64.0.3282.140 bsc#1079021:
    * Various asan fixes bsc#1078463 CVE-2018-6406
* Fri Feb 02 2018 dimstar@opensuse.org
  - Eliminate build dependency on procps: we only used it to run
    'free', in order to find out how much RAM we have available. We
    can get this information directly from the kernel, from
    /proc/meminfo.
* Mon Jan 29 2018 tchvatal@suse.com
  - Fix default page to not point to 404
* Mon Jan 29 2018 tchvatal@suse.com
  - Install swiftshader objects too as they are needed
* Fri Jan 26 2018 tchvatal@suse.com
  - Disable ozone stuff conditions for now as the headless mode
    breaks up runtime bsc#1077722
* Thu Jan 25 2018 tchvatal@suse.com
  - Switch to gcc7 on Leap builds
* Thu Jan 25 2018 tchvatal@suse.com
  - Version update to 64.0.3282.119 bsc#1077571:
    * High CVE-2018-6031: Use after free in PDFium. Reported by Anonymous on 2017-11-01
    * High CVE-2018-6032: Same origin bypass in Shared Worker. Reported by Jun Kokatsu (@shhnjk) on 2017-11-20
    * High CVE-2018-6033: Race when opening downloaded files. Reported by Juho Nurminen on 2017-12-09
    * Medium CVE-2018-6034: Integer overflow in Blink. Reported by Tobias Klein (www.trapkit.de) on 2017-11-12
    * Medium CVE-2018-6035: Insufficient isolation of devtools from extensions. Reported by Rob Wu on 2017-12-23
    * Medium CVE-2018-6036: Integer underflow in WebAssembly. Reported by The UK's National Cyber Security Centre (NCSC) on 2017-11-30
    * Medium CVE-2018-6037: Insufficient user gesture requirements in autofill. Reported by Paul Stone of Context Information Security on 2017-08-09
    * Medium CVE-2018-6038: Heap buffer overflow in WebGL. Reported by cloudfuzzer on 2017-10-12
    * Medium CVE-2018-6039: XSS in DevTools. Reported by Juho Nurminen on 2017-10-17
    * Medium CVE-2018-6040: Content security policy bypass. Reported by WenXu Wu of Tencent's Xuanwu Lab on 2017-10-26
    * Medium CVE-2018-6041: URL spoof in Navigation. Reported by Luan Herrera on 2017-08-29
    * Medium CVE-2018-6042: URL spoof in OmniBox. Reported by Khalil Zhani on 2017-10-12
    * Medium CVE-2018-6043: Insufficient escaping with external URL handlers. Reported by 0x09AL on 2017-11-16
    * Medium CVE-2018-6045: Insufficient isolation of devtools from extensions. Reported by Rob Wu on 2017-12-23
    * Medium CVE-2018-6046: Insufficient isolation of devtools from extensions. Reported by Rob Wu on 2017-12-31
    * Medium CVE-2018-6047: Cross origin URL leak in WebGL. Reported by Masato Kinugawa on 2018-01-08
    * Low CVE-2018-6048: Referrer policy bypass in Blink. Reported by Jun Kokatsu (@shhnjk) on 2017-09-08
    * Low CVE-2017-15420: URL spoofing in Omnibox. Reported by Drew Springall (@_aaspring_) on 2017-10-05
    * Low CVE-2018-6049: UI spoof in Permissions. Reported by WenXu Wu of Tencent's Xuanwu Lab on 2017-10-13
    * Low CVE-2018-6050: URL spoof in OmniBox. Reported by Jonathan Kew on 2017-10-15
    * Low CVE-2018-6051: Referrer leak in XSS Auditor. Reported by Antonio Sanso (@asanso) on 2014-12-11
    * Low CVE-2018-6052: Incomplete no-referrer policy implementation. Reported by Tanner Emek on 2016-05-28
    * Low CVE-2018-6053: Leak of page thumbnails in New Tab Page. Reported by Asset Kabdenov on 2017-08-23
    * Low CVE-2018-6054: Use after free in WebUI. Reported by Rob Wu on 2017-12-24
  - Add patches:
    * chromium-angle.patch
    * chromium-memcpy.patch
  - Drop patch:
    * chromium-gcc.patch
  - Change desktop file name to fit bellow the icon on ie KDE desktop
* Thu Jan 04 2018 astieger@suse.com
  - Chromium 63.0.3239.132:
    * DevTools: do not report raw headers and cookies for protected
      subresources
    * Various other fixes and updates
* Fri Dec 15 2017 tchvatal@suse.com
  - Version update to 63.0.3239.108 bsc#1072976:
    * CVE-2017-15429: UXSS in V8
    * Various fuzzing fixes
* Thu Dec 07 2017 tchvatal@suse.com
  - Version update to 63.0.3239.84 bsc#1071691:
    * bsc#1106341 CVE-2017-15430 Unsafe navigation in Chromecast
    * Critical CVE-2017-15407: Out of bounds write in QUIC.
    * High CVE-2017-15408: Heap buffer overflow in PDFium.
    * High CVE-2017-15409: Out of bounds write in Skia.
    * High CVE-2017-15410: Use after free in PDFium.
    * High CVE-2017-15411: Use after free in PDFium.
    * High CVE-2017-15412: Use after free in libXML.
    * High CVE-2017-15413: Type confusion in WebAssembly.
    * Medium CVE-2017-15415: Pointer information disclosure in IPC call.
    * Medium CVE-2017-15416: Out of bounds read in Blink.
    * Medium CVE-2017-15417: Cross origin information disclosure in Skia.
    * Medium CVE-2017-15418: Use of uninitialized value in Skia.
    * Medium CVE-2017-15419: Cross origin leak of redirect URL in Blink.
    * Medium CVE-2017-15420: URL spoofing in Omnibox.
    * Medium CVE-2017-15422: Integer overflow in ICU.
    * Low CVE-2017-15423: Issue with SPAKE implementation in BoringSSL.
    * Low CVE-2017-15424: URL Spoof in Omnibox.
    * Low CVE-2017-15425: URL Spoof in Omnibox.
    * Low CVE-2017-15426: URL Spoof in Omnibox.
    * Low CVE-2017-15427: Insufficient blocking of JavaScript in Omnibox.
  - Rebase fix-gn-bootstrap.diff
  - Drop merged patches:
    * chromium-gcc5.patch
    * chromium-60.0.3112.113-breakpad-ucontext.patch
    * chromium-62.0.3202.62-correct-cplusplus-check.patch
  - Add new patches:
    * chromium-non-void-return.patch
    * chromium-gcc.patch
* Wed Nov 22 2017 idonmez@suse.com
  - BuildRequire nodejs8 instead of nodejs6 for suse_version >= 1330
* Wed Nov 15 2017 astieger@suse.com
  - Update to 62.0.3202.94:
    * multiple minor rendering related fixes
  - fix rebuilds in same chroot
* Tue Nov 07 2017 tchvatal@suse.com
  - Version update to 62.0.3202.89 bsc#1066851:
    * CVE-2017-15398: Stack buffer overflow in QUIC
    * CVE-2017-15399: Use after free in V8
  - Drop upstream merged chromium-sandbox.patch
* Fri Nov 03 2017 tchvatal@suse.com
  - Restrict the version on jpeg to not waste build power
* Sun Oct 29 2017 tchvatal@suse.com
  - Add patch to fix sandbox crashes wrt bsc#1064298
    * chromium-sandbox.patch
* Fri Oct 27 2017 tchvatal@suse.com
  - Version update to 62.0.3202.75 bsc#1065405 CVE-2017-15396
    * CVE-2017-15396: Stack overflow in V8
* Thu Oct 26 2017 astieger@suse.com
  - BuildRequire nodejs6 required for polymer-bundler.js
* Thu Oct 26 2017 tchvatal@suse.com
  - Try to export properly CXX/CC variable to fix leap builds
* Wed Oct 25 2017 tchvatal@suse.com
  - Apply patch to fix building crc32 with gcc7:
    * chromium-62.0.3202.62-correct-cplusplus-check.patch
* Thu Oct 19 2017 tchvatal@suse.com
  - Update to 62.0.3202.62 bsc#1064066:
    * CVE-2017-5124: UXSS with MHTML.
    * CVE-2017-5125: Heap overflow in Skia.
    * CVE-2017-5126: Use after free in PDFium.
    * CVE-2017-5127: Use after free in PDFium.
    * CVE-2017-5128: Heap overflow in WebGL.
    * CVE-2017-5129: Use after free in WebAudio.
    * CVE-2017-5132: Incorrect stack manipulation in WebAssembly.
    * CVE-2017-5130: Heap overflow in libxml2.
    * CVE-2017-5131: Out of bounds write in Skia.
    * CVE-2017-5133: Out of bounds write in Skia.
    * CVE-2017-15386: UI spoofing in Blink.
    * CVE-2017-15387: Content security bypass.
    * CVE-2017-15388: Out of bounds read in Skia.
    * CVE-2017-15389: URL spoofing in OmniBox.
    * CVE-2017-15390: URL spoofing in OmniBox.
    * CVE-2017-15391: Extension limitation bypass in Extensions.
    * CVE-2017-15392: Incorrect registry key handling in PlatformIntegration.
    * CVE-2017-15393: Referrer leak in Devtools.
    * CVE-2017-15394: URL spoofing in extensions UI.
    * CVE-2017-15395: Null pointer dereference in ImageCapture.
  - Drop unused patches:
    * arm-webrtc-fix.patch
    * arm_use_right_compiler.patch
    * chromium-46.0.2490.71-fix-missing-i18n_process_css_test.patch
    * chromium-atk.patch
    * chromium-mojo-dep.patch
    * gcc60-fixes.diff
  - Refresh patches:
    * chromium-gcc5.patch
    * chromium-prop-codecs.patch
    * exclude_ymp.diff
    * fix-gn-bootstrap.diff
* Fri Sep 22 2017 astieger@suse.com
  - Update to 61.0.3163.100 (boo#1060019):
    * CVE-2017-5121: Out-of-bounds access in V8
    * CVE-2017-5122: Out-of-bounds access in V8
    * Various fixes from internal audits, fuzzing and other initiatives
* Sat Sep 16 2017 tchvatal@suse.com
  - Update to 61.0.3163.91:
    * Various bugfixes
* Mon Sep 11 2017 tchvatal@suse.com
  - Update to 61.0.3163.79 bsc#1057364:
    * CVE-2017-5111: Use after free in PDFium.
    * CVE-2017-5112: Heap buffer overflow in WebGL.
    * CVE-2017-5113: Heap buffer overflow in Skia.
    * CVE-2017-5114: Memory lifecycle issue in PDFium.
    * CVE-2017-5115: Type confusion in V8.
    * CVE-2017-5116: Type confusion in V8.
    * CVE-2017-5117: Use of uninitialized value in Skia.
    * CVE-2017-5118: Bypass of Content Security Policy in Blink.
    * CVE-2017-5119: Use of uninitialized value in Skia.
    * CVE-2017-5120: Potential HTTPS downgrade during redirect navigation.
  - Rebase patch:
    * fix-gn-bootstrap.diff
  - Remove patches:
    * chromium-gcc7.patch
    * chromium-override.patch
  - Add new patches:
    * chromium-atk.patch
    * chromium-gcc5.patch
    * chromium-mojo-dep.patch
  - Gtk3 is hard required from now on
  - Version some of the required dependencies
* Mon Aug 28 2017 astieger@suse.com
  - fix build with Factory glibc:
    add chromium-60.0.3112.113-breakpad-ucontext.patch
* Fri Aug 25 2017 tchvatal@suse.com
  - Version update to 60.0.3112.113:
    * Various bugfixes
* Tue Aug 15 2017 tchvatal@suse.com
  - Version update to 60.0.3112.101:
    * various usability bugfixes
* Thu Aug 03 2017 tchvatal@suse.com
  - Version update to 60.0.3112.90:
    * Various usability bugfixes
* Wed Jul 26 2017 tchvatal@suse.com
  - Version update to 60.0.3112.78 bsc#1050537:
    * CVE-2017-5091: Use after free in IndexedDB
    * CVE-2017-5092: Use after free in PPAPI
    * CVE-2017-5093: UI spoofing in Blink
    * CVE-2017-5094: Type confusion in extensions
    * CVE-2017-5095: Out-of-bounds write in PDFium
    * CVE-2017-5096: User information leak via Android intents
    * CVE-2017-5097: Out-of-bounds read in Skia
    * CVE-2017-5098: Use after free in V8
    * CVE-2017-5099: Out-of-bounds write in PPAPI
    * CVE-2017-5100: Use after free in Chrome Apps
    * CVE-2017-5101: URL spoofing in OmniBox
    * CVE-2017-5102: Uninitialized use in Skia
    * CVE-2017-5103: Uninitialized use in Skia
    * CVE-2017-5104: UI spoofing in browser
    * CVE-2017-7000: Pointer disclosure in SQLite
    * CVE-2017-5105: URL spoofing in OmniBox
    * CVE-2017-5106: URL spoofing in OmniBox
    * CVE-2017-5107: User information leak via SVG
    * CVE-2017-5108: Type confusion in PDFium
    * CVE-2017-5109: UI spoofing in browser
    * CVE-2017-5110: UI spoofing in payments dialog
    * Various fixes from internal audits, fuzzing and other initiatives
  - Add patch chromium-override.patch
  - Remove patches chromium-fpermissive.patch chromium-system-ffmpeg-r3.patch
  - Rebase patches:
    * chromium-dma-buf.patch
    * chromium-gcc7.patch
    * chromium-last-commit-position-r0.patch
    * fix-gn-bootstrap.diff
* Mon Jul 24 2017 tchvatal@suse.com
  - Recommend emoji fonts to make sure major web chats do not show
    questionmarks
* Wed Jun 28 2017 tchvatal@suse.com
  - Update to 59.0.3071.115:
    * Various small fixes all around
* Fri Jun 23 2017 astieger@suse.com
  - Update to 59.0.3071.109:
    * ozone/drm: Only reuse ScanoutBuffers with compatible modifiers
    * Fixing mouse focus on WebView
    * Remove gtk dependency from gles tests
    * Set build flag when using own FreeType
    * Revert of [scheduler] Move some task types to suspendable task runner
    * Fix an incorrect method name on the chrome://site-engagement WebUI page
    * Linux/Windows: Removing Guest menu item for supervised profile
* Fri Jun 16 2017 astieger@suse.com
  - Update to 59.0.3071.104 (bsc#1044690):
    * CVE-2017-5087: Sandbox Escape in IndexedDB
    * CVE-2017-5088: Out of bounds read in V8
    * CVE-2017-5089: Domain spoofing in Omnibox
    * Various fixes from internal audits, fuzzing and other initiatives
* Thu Jun 08 2017 tchvatal@suse.com
  - Add patch chromium-buildname.patch bsc#1043420
* Tue Jun 06 2017 tchvatal@suse.com
  - Update to 59.0.3071.86 bsc#1042833:
    * CVE-2017-5070: Type confusion in V8. Reported by Zhao Qixun(@S0rryMybad) of Qihoo 360 Vulcan Team on 2017-05-16
    * CVE-2017-5071: Out of bounds read in V8. Reported by Choongwoo Han on 2017-04-26
    * CVE-2017-5072: Address spoofing in Omnibox. Reported by Rayyan Bijoora on 2017-04-07
    * CVE-2017-5073: Use after free in print preview. Reported by Khalil Zhani on 2017-04-28
    * CVE-2017-5074: Use after free in Apps Bluetooth. Reported by anonymous on 2017-03-09
    * CVE-2017-5075: Information leak in CSP reporting. Reported by Emmanuel Gil Peyrot on 2017-01-05
    * CVE-2017-5086: Address spoofing in Omnibox. Reported by Rayyan Bijoora on 2017-05-16
    * CVE-2017-5076: Address spoofing in Omnibox. Reported by Samuel Erb on 2017-05-06
    * CVE-2017-5077: Heap buffer overflow in Skia. Reported by Sweetchip on 2017-04-28
    * CVE-2017-5078: Possible command injection in mailto handling. Reported by Jose Carlos Exposito Bueno on 2017-04-12
    * CVE-2017-5079: UI spoofing in Blink. Reported by Khalil Zhani on 2017-04-20
    * CVE-2017-5080: Use after free in credit card autofill. Reported by Khalil Zhani on 2017-04-05
    * CVE-2017-5081: Extension verification bypass. Reported by Andrey Kovalev (@L1kvID) Yandex Security Team on 2016-12-07
    * CVE-2017-5082: Insufficient hardening in credit card editor. Reported by Nightwatch Cybersecurity Research on 2017-05-11
    * CVE-2017-5083: UI spoofing in Blink. Reported by Khalil Zhani on 2017-04-24
    * CVE-2017-5085: Inappropriate javascript execution on WebUI pages. Reported by Zhiyang Zeng of Tencent security platform department on 2017-02-15
  - Add patch to fix build with system dma:
    * chromium-dma-buf.patch
  - Drop no longer needed patches:
    * chromium-linker-memory.patch
    * chromium-system-jinja-r13.patch
  - Refresh patches:
    * chromium-gcc7.patch
    * chromium-system-ffmpeg-r3.patch
    * fix-gn-bootstrap.diff
  - Use bundled libxml
    * Upstream unfortunately uses git snapshot that is not api/abi compatible
* Mon Jun 05 2017 tchvatal@suse.com
  - Add patch to build with gcc7:
    * chromium-gcc7.patch
  - Add patch for fpermissive build error:
    * chromium-fpermissive.patch
* Wed May 10 2017 tchvatal@suse.com
  - Version update to 58.0.3029.110:
    * Various small bugfixes
* Thu May 04 2017 tchvatal@suse.com
  - Version update to 58.0.3029.96:
    * Fixes bsc#1037594 CVE-2017-5068
* Tue Apr 25 2017 tchvatal@suse.com
  - Use bundled jinja2, system one changed in 2.9 too much to work
    * It is at least used only during build
* Fri Apr 21 2017 tchvatal@suse.com
  - Version update to 58.0.3029.81 bsc#1035103:
    * High CVE-2017-5057: Type confusion in PDFium. Credit to Guang Gong of Alpha Team, Qihoo 360
    * High CVE-2017-5058: Heap use after free in Print Preview. Credit to Khalil Zhani
    * High CVE-2017-5059: Type confusion in Blink. Credit to SkyLined working with Trend Micro's Zero Day Initiative
    * Medium CVE-2017-5060: URL spoofing in Omnibox. Credit to Xudong Zheng
    * Medium CVE-2017-5061: URL spoofing in Omnibox. Credit to Haosheng Wang (@gnehsoah)
    * Medium CVE-2017-5062: Use after free in Chrome Apps. Credit to anonymous
    * Medium CVE-2017-5063: Heap overflow in Skia. Credit to Sweetchip
    * Medium CVE-2017-5064: Use after free in Blink. Credit to Wadih Matar
    * Medium CVE-2017-5065: Incorrect UI in Blink. Credit to Khalil Zhani
    * Medium CVE-2017-5066: Incorrect signature handing in Networking. Credit to chenchu
    * Medium CVE-2017-5067: URL spoofing in Omnibox. Credit to Khalil Zhani
    * Low CVE-2017-5069: Cross-origin bypass in Blink. Credit to Michael Reizelman
  - Refresh patch fix-gn-bootstrap.diff
  - Refresh patch chromium-system-jinja-r13.patch
  - Remove obsolete patch chromium-57-gcc4.patch
* Thu Mar 30 2017 tchvatal@suse.com
  - Version update to 57.0.2987.133 bsc#1031677:
    * Critical CVE-2017-5055: Use after free in printing. Credit to Wadih Matar
    * High CVE-2017-5054: Heap buffer overflow in V8. Credit to Nicolas Trippar of Zimperium zLabs
    * High CVE-2017-5052: Bad cast in Blink. Credit to JeongHoon Shin
    * High CVE-2017-5056: Use after free in Blink. Credit to anonymous
    * High CVE-2017-5053: Out of bounds memory access in V8. Credit to Team Sniper (Keen Lab and PC Mgr) reported through ZDI (ZDI-CAN-4587)
* Fri Mar 24 2017 tchvatal@suse.com
  - Drop the browser(npapi) provide which is not true
* Sun Mar 19 2017 tchvatal@suse.com
  - Add patch to build with gcc4
    * chromium-57-gcc4.patch
* Thu Mar 16 2017 tchvatal@suse.com
  - Do not use gcc5 and newer as the compat was fixed again
  - Update to 57.0.2987.110 with various other small tweaks
* Fri Mar 10 2017 tchvatal@suse.com
  - Version update to 57.0.2987.98 bsc#1028848:
    CVE-2017-5030 CVE-2017-5031 CVE-2017-5032 CVE-2017-5029 CVE-2017-5034
    CVE-2017-5035 CVE-2017-5036 CVE-2017-5037 CVE-2017-5039 CVE-2017-5040
    CVE-2017-5041 CVE-2017-5033 CVE-2017-5042 CVE-2017-5038 CVE-2017-5043
    CVE-2017-5044 CVE-2017-5045 CVE-2017-5046
  - Refresh patches
    * fix-gn-bootstrap.diff
    * chromium-linker-memory.patch
  - Remove obsolete patches:
    * chromium-sandbox.patch
    * chromium-54-ffmpeg2compat.patch
  - Remove vaapi patch which broke rendering on non-intel cards:
    * chromium-enable-vaapi-on-suse.patch
  - From this release onwards i586 build is disabled
* Wed Feb 15 2017 idonmez@suse.com
  - Also add harfbuzz-ng to keeplibs for SLE
* Mon Feb 06 2017 tchvatal@suse.com
  - Add condition for system harfbuzz to be disabled on SLE
* Mon Feb 06 2017 qvoheagbfovvhubzdxfx@posteo.net
  - Fixed a typo in the build requirements for system minizip.
* Fri Feb 03 2017 tchvatal@suse.com
  - Version update to 56.0.2924.87:
    * Various small fixes
    * Disabled option to enable/disable plugins in the chrome://plugins
* Thu Feb 02 2017 qvoheagbfovvhubzdxfx@posteo.net
  - Added the package 'chromium-privacy' with multiple patches
    sourced from the release version on https://github.com/
    u4qo60z73t1c4hurv3ny/privacy_patches-oS_cr, which, when enabled
    with the build option 'privacy', builds a version of Chromium
    with less privacy implications due to Google services
    integration.
* Wed Feb 01 2017 qvoheagbfovvhubzdxfx@posteo.net
  - Changed the build requirement of libavformat to library version
    57.41.100, as included in ffmpeg 3.1.1, as only this version
    properly supports the public AVStream API 'codecpar'.
* Tue Jan 31 2017 tchvatal@suse.com
  - Version update to 56.0.2924.76 bsc#1022049:
    - CVE-2017-5007: Universal XSS in Blink
    - CVE-2017-5006: Universal XSS in Blink
    - CVE-2017-5008: Universal XSS in Blink
    - CVE-2017-5010: Universal XSS in Blink
    - CVE-2017-5011: Unauthorised file access in Devtools
    - CVE-2017-5009: Out of bounds memory access in WebRTC
    - CVE-2017-5012: Heap overflow in V8
    - CVE-2017-5013: Address spoofing in Omnibox
    - CVE-2017-5014: Heap overflow in Skia
    - CVE-2017-5015: Address spoofing in Omnibox
    - CVE-2017-5019: Use after free in Renderer
    - CVE-2017-5016: UI spoofing in Blink
    - CVE-2017-5017: Uninitialised memory access in webm video
    - CVE-2017-5018: Universal XSS in chrome://apps
    - CVE-2017-5020: Universal XSS in chrome://downloads
    - CVE-2017-5021: Use after free in Extensions
    - CVE-2017-5022: Bypass of Content Security Policy in Blink
    - CVE-2017-5023: Type confusion in metrics
    - CVE-2017-5024: Heap overflow in FFmpeg
    - CVE-2017-5025: Heap overflow in FFmpeg
    - CVE-2017-5026: UI spoofing. Credit to Ronni Skansing
  - Add conditional to switch between system and bundled icu
  - Raise dependency on harfbuzz to 1.3.1
  - Also refresh patches:
    chromium-prop-codecs.patch chromium-linker-memory.patch
* Sat Jan 28 2017 qvoheagbfovvhubzdxfx@posteo.net
  - Added patch chromium-enable-vaapi-on-suse.patch to enable
    VAAPI hardware accelerated video decoding.
* Wed Dec 21 2016 astieger@suse.com
  - Chromium 55.0.2883.87:
    * various fixes for crashes and specific wesites
    * update Google pinned certificates
* Wed Dec 21 2016 tchvatal@suse.com
  - Disable system icu on Factory, crashes autofill
* Tue Dec 13 2016 idonmez@suse.com
  - python-html5lib now depends on six, so preserve that too for SLE
    builds.
* Fri Dec 09 2016 astieger@suse.com
  - Obsolete ffmpeg and ffmpegsumo package in addition to conflict
* Mon Dec 05 2016 astieger@suse.com
  - record minimum version for harfbuzz, incuding runtime
    Chromium will crash with harfbuzz < 1.3.0
* Sat Dec 03 2016 tchvatal@suse.com
  - Chromium 55.0.2883.75 bnc#1013236:
    CVE-2016-9651 CVE-2016-5208 CVE-2016-5207 CVE-2016-5206 CVE-2016-5205
    CVE-2016-5204 CVE-2016-5209 CVE-2016-5203 CVE-2016-5210 CVE-2016-5212
    CVE-2016-5211 CVE-2016-5213 CVE-2016-5214 CVE-2016-5216 CVE-2016-5215
    CVE-2016-5217 CVE-2016-5218 CVE-2016-5219 CVE-2016-5221 CVE-2016-5220
    CVE-2016-5222 CVE-2016-9650 CVE-2016-5223 CVE-2016-5226 CVE-2016-5225
    CVE-2016-5224 CVE-2016-9652
  - Switch to system libraries: harfbuzz, zlib, ffmpeg, ...
  - Refreshed patches:
    * chromium-system-ffmpeg-r3.patch
    * chromium-system-jinja-r13.patch
  - Use system ffmpeg unless on 13.2 that didn't include it
    * chromium-54-ffmpeg2compat.patch
    * Remove upstreamed chromium-more-codec-aliases.patch
  - Remove bookmarks override as discussed with artwork simply just set
    homepage to our openSUSE one and that is all
* Sat Nov 12 2016 astieger@suse.com
  - Chromium 54.0.2840.100:
    * CVE-2016-5199: Heap corruption in FFmpeg (boo#1009892)
    * CVE-2016-5200: out of bounds memory access in v8 (boo#1009893)
    * CVE-2016-5201: info leak in extensions (boo#1009894)
    * CVE-2016-5202: various fixes from internal audits (boo#1009895)
* Mon Nov 07 2016 tchvatal@suse.com
  - Add patch chromium-prop-codecs.patch and set properly the codecs
    variable in main scope to allow ffmpeg passthrough
    bnc#1008725
* Wed Nov 02 2016 tchvatal@suse.com
  - Update to 54.0.2840.90:
    * Few fixes and tweaks
    * Fixes CVE-2016-5198 bsc#1008274
* Fri Oct 21 2016 tchvatal@suse.com
  - Update to 54.0.2840.71:
    * Few fixes around
* Thu Oct 13 2016 tchvatal@suse.com
  - Version update to 54.0.2840.59 bnc#1004465:
    - CVE-2016-5181: Universal XSS in Blink (Anonymous)
    - CVE-2016-5182: Heap overflow in Blink (Giwan Go of STEALIEN)
    - CVE-2016-5183: Use after free in PDFium (Anonymous)
    - CVE-2016-5184: Use after free in PDFium (Anonymous)
    - CVE-2016-5185: Use after free in Blink (cloudfuzzer)
    - CVE-2016-5187: URL spoofing (Luan Herrera)
    - CVE-2016-5188: UI spoofing (Luan Herrera)
    - CVE-2016-5192: Cross-origin bypass in Blink (haojunhou at gmail)
    - CVE-2016-5189: URL spoofing (xisigr of Tencent's Xuanwu Lab)
    - CVE-2016-5186: Out of bounds read in DevTools (Abdulrahman Alqabandi)
    - CVE-2016-5191: Universal XSS in Bookmarks (Gareth Hughes)
    - CVE-2016-5190: Use after free in Internals (Atte Kettunen of OUSPG)
    - CVE-2016-5193: Scheme bypass (Yuyang ZHOUmartinzhou96)
  - packaging changes:
    * disable build for chromium-beta on %arm.
    * Make linker use less memory by tweaking its options:
      chromium-linker-memory.patch
    * obsolete desktop subpackages
    * Switch to gold to reduce memory use use during build
    * fix build on 4.5+ kernels with systemlibs:
      chromium-sandbox.patch
    * various compiler and linker flag adjustments
    * enable gtk3 ui, add patch gtk3-missing-define.patch
    * switch from some bundled libraries to the system versions
      chromium-system-ffmpeg-r3.patch
      chromium-system-jinja-r13.patch
      fix-gn-bootstrap.diff
    * remove service file covered by download_files
  - run time bug fixes:
    * Add --ui-disable-partial-swap to the launcher bnc#1000019
    * Use default chromium values from master_preferences on first run
      rather than pseudo-duplicating in shellscript
  - added features:
    * hangouts extension
* Fri Sep 30 2016 tchvatal@suse.com
  - Version update to 53.0.2785.143 bnc#1002140:
    * CVE-2016-5177: Use after free in V8
    * CVE-2016-5178: Various fixes from internal audits
* Mon Sep 26 2016 dimstar@opensuse.org
  - Export GDK_BACKEND=x11 before starting chromium, ensuring that
    it's started as an Xwayland client (boo#1001135).
* Sat Sep 17 2016 tchvatal@suse.com
  - Apply sandbox patch to fix crashers on tumbleweed bnc#999091
    * chromium-sandbox.patch
* Thu Sep 15 2016 tchvatal@suse.com
  - Version update stable channel 53.0.2785.116
    * Just smal bugfixes around
* Wed Sep 14 2016 tchvatal@suse.com
  - Version update to 53.0.2785.113 bnc#998743:
    * CVE-2016-5170 Use after free in Blink
    * CVE-2016-5171 Use after free in Blink
    * CVE-2016-5172 Arbitrary Memory Read in v8
    * CVE-2016-5173 Extension resource access
    * CVE-2016-5174 Popup not correctly suppressed
    * CVE-2016-5175 Various fixes from internal audits
* Mon Sep 12 2016 tchvatal@suse.com
  - Reenable widevine build again bnc#998328
* Sat Sep 10 2016 tchvatal@suse.com
  - Stable channel update to  53.0.2785.101
    * SPDY crasher fixes
    * Disable NV12 DXGI video on AMD
    * Forward --password-store switch to os_crypt
    * Tell the kernel to discard USB requests when they time out.
* Wed Sep 07 2016 astieger@suse.com
  - Update to Chromium 53.0.2785.92:
    * Revert of support relocatable RPM packages
    * disallow WKBackForwardListItem navigations for pushState pages
    * arc: bluetooth: Fix advertised uuid
    * fix conflicting PendingIntent for stop button and swipe away
* Thu Sep 01 2016 tittiatcoke@gmail.com
  - Update to Chromium 53.0.2785.89
    - Improvements to the GN build system (boo#996032, boo#99606, boo#995932)
    - Security fixes (boo#996648)
    * CVE-2016-5147: Universal XSS in Blink.
    * CVE-2016-5148: Universal XSS in Blink.
    * CVE-2016-5149: Script injection in extensions.
    * CVE-2016-5150: Use after free in Blink.
    * CVE-2016-5151: Use after free in PDFium.
    * CVE-2016-5152: Heap overflow in PDFium.
    * CVE-2016-5153: Use after destruction in Blink.
    * CVE-2016-5154: Heap overflow in PDFium.
    * CVE-2016-5155: Address bar spoofing.
    * CVE-2016-5156: Use after free in event bindings.
    * CVE-2016-5157: Heap overflow in PDFium.
    * CVE-2016-5158: Heap overflow in PDFium.
    * CVE-2016-5159: Heap overflow in PDFium.
    * CVE-2016-5161: Type confusion in Blink.
    * CVE-2016-5162: Extensions web accessible resources bypass.
    * CVE-2016-5163: Address bar spoofing.
    * CVE-2016-5164: Universal XSS using DevTools.
    * CVE-2016-5165: Script injection in DevTools.
    * CVE-2016-5166: SMB Relay Attack via Save Page As.
    * CVE-2016-5160: Extensions web accessible resources bypass.
  - Drop patches chromium-snapshot-toolchain-r1.patch
* Sat Aug 27 2016 tittiatcoke@gmail.com
  - Make it build on ARM.
    * Add build patch arm_use_right_compiler.patch
  - Drop unnecessary patches:
    * chromium-arm-r0.patch
* Mon Aug 22 2016 tittiatcoke@gmail.com
  - Change buildsystem to GN, which is the new upstream default
    * Make Ninja only use 4 buildprocesses for building Chromium itself
    * Drop unnecessary patches
    - chromium-gcc-fixes.patch
    - adjust-ldflags-no-keep-memory.patch
    - gcc50-fixes.diff
    * Add patches to ensure correct build
    - chromium-last-commit-position-r0.patch
    - chromium-snapshot-toolchain-r1.patch
    * Drop unnecessary sourcefiles
    - courgette.tar.xz
    - depot_tools.tar.xz
    - gn-binaries.tar.xz
* Fri Aug 12 2016 tittiatcoke@gmail.com
  - Use an explicit number of ninja build processes (-j 4), to
    further reduce the memory used.
* Fri Aug 05 2016 astieger@suse.com
  - Update to Chromium 52.0.2743.116:
    * Security fixes (boo#992305):
      + CVE-2016-5141: Address bar spoofing (boo#992314)
      + CVE-2016-5142: Use-after-free in Blink (boo#992313)
      + CVE-2016-5139: Heap overflow in pdfium (boo#992311)
      + CVE-2016-5140: Heap overflow in pdfium (boo#992310)
      + CVE-2016-5145: Same origin bypass for images in Blink
      (boo#992320)
      + CVE-2016-5143: Parameter sanitization failure in DevTools
      (boo#992319)
      + CVE-2016-5144: Parameter sanitization failure in DevTools
      (boo#992315)
      + CVE-2016-5146: Various fixes from internal audits, fuzzing
      and other initiatives (boo#992309)
* Thu Jul 21 2016 tittiatcoke@gmail.com
  - Temporarily disable fix_network_api_crash.patch. Upstream has
    changed part of their code, so hopefully that resolved the issue
* Thu Jul 21 2016 tittiatcoke@gmail.com
  - Update to Chromium 52.0.2743.82
    * Security fixes (boo#989901):
      + CVE-2016-1706: Sandbox escape in PPAPI
      + CVE-2016-1707: URL spoofing on iOS
      + CVE-2016-1708: Use-after-free in Extensions
      + CVE-2016-1709: Heap-buffer-overflow in sfntly
      + CVE-2016-1710: Same-origin bypass in Blink
      + CVE-2016-1711: Same-origin bypass in Blink
      + CVE-2016-5127: Use-after-free in Blink
      + CVE-2016-5128: Same-origin bypass in V8
      + CVE-2016-5129: Memory corruption in V8
      + CVE-2016-5130: URL spoofing
      + CVE-2016-5131: Use-after-free in libxml
      + CVE-2016-5132: Limited same-origin bypass in Service Workers
      + CVE-2016-5133: Origin confusion in proxy authentication
      + CVE-2016-5134: URL leakage via PAC script
      + CVE-2016-5135: Content-Security-Policy bypass
      + CVE-2016-5136: Use after free in extensions
      + CVE-2016-5137: History sniffing with HSTS and CSP
      + CVE-2016-1705: Various fixes from internal audits, fuzzing
      and other initiatives
* Mon Jul 11 2016 Nick_Levinson@yahoo.com
  - Clarification/correction to chromium-desktop-gnome and
    chromium-desktop-kde software descriptions due to passwords
    preservation reported by Chromium developer
* Fri Jun 24 2016 tittiatcoke@gmail.com
  - Update to Chromium 51.0.2704.106
    * No changelog indicated
* Thu Jun 23 2016 tittiatcoke@gmail.com
  - Add gcc60-fixes.diff to resolve the crashes observed with
    chromium when compiled with GCC6
* Fri Jun 17 2016 astieger@suse.com
  - Update to Chromium 51.0.2704.103
    * Security fixes:
    - CVE-2016-1704: Various fixes from internal audits, fuzzing and
      other initiatives (boo#985397)
* Tue Jun 07 2016 tittiatcoke@gmail.com
  - Update to Chromium 51.0.2704.84
    * No further changelog
* Thu Jun 02 2016 astieger@suse.com
  - Update to Chromium 51.0.2704.79 [boo#982719]
    * Security fixes:
    - CVE-2016-1696: Cross-origin bypass in Extension bindings
    - CVE-2016-1697: Cross-origin bypass in Blink
    - CVE-2016-1698: Information leak in Extension bindings
    - CVE-2016-1699: Parameter sanitization failure in DevTools
    - CVE-2016-1700: Use-after-free in Extensions
    - CVE-2016-1701: Use-after-free in Autofill
    - CVE-2016-1702: Out-of-bounds read in Skia
    - CVE-2016-1703: Various fixes from internal audits, fuzzing
      and other initiatives.
* Thu May 26 2016 tittiatcoke@gmail.com
  - Update to Chromium 51.0.2704.63 [boo#981886]
    * Security fixes:
    - CVE-2016-1672: Cross-origin bypass in extension bindings
    - CVE-2016-1673: Cross-origin bypass in Blink
    - CVE-2016-1674: Cross-origin bypass in extensions
    - CVE-2016-1675: Cross-origin bypass in Blink
    - CVE-2016-1676: Cross-origin bypass in extension bindings
    - CVE-2016-1677: Type confusion in V8
    - CVE-2016-1678: Heap overflow in V8
    - CVE-2016-1679: Heap use-after-free in V8 bindings
    - CVE-2016-1680: Heap use-after-free in Skia
    - CVE-2016-1681: Heap overflow in PDFium
    - CVE-2016-1682: CSP bypass for ServiceWorker
    - CVE-2016-1683: Out-of-bounds access in libxslt
    - CVE-2016-1684: Integer overflow in libxslt
    - CVE-2016-1685: Out-of-bounds read in PDFium
    - CVE-2016-1686: Out-of-bounds read in PDFium
    - CVE-2016-1687: Information leak in extensions
    - CVE-2016-1688: Out-of-bounds read in V8
    - CVE-2016-1689: Heap buffer overflow in media
    - CVE-2016-1690: Heap use-after-free in Autofill
    - CVE-2016-1691: Heap buffer-overflow in Skia
    - CVE-2016-1692: Limited cross-origin bypass in ServiceWorker
    - CVE-2016-1693: HTTP Download of Software Removal Tool
    - CVE-2016-1694: HPKP pins removed on cache clearance
    - CVE-2016-1695: Various fixes from internal audits, fuzzing
      and other initiatives
  - drop chromium-50.0.2661.75-export_blink_Platform_symbols_in_shared_library_builds.patch
    now upstream
* Fri May 13 2016 astieger@suse.com
  - Update to Chromium 50.0.2661.102 (boo#979859)
    * Security fixes:
    - CVE-2016-1667: Same origin bypass in DOM
    - CVE-2016-1668: Same origin bypass in Blink V8 bindings
    - CVE-2016-1669: Buffer overflow in V8
    - CVE-2016-1670: Race condition in loader
* Fri Apr 29 2016 astieger@suse.com
  - Update to Chromium 50.0.2661.94 (boo#977830)
    * Security fixes:
    - CVE-2016-1660: Out-of-bounds write in Blink
    - CVE-2016-1661: Memory corruption in cross-process frames
    - CVE-2016-1662: Use-after-free in extensions
    - CVE-2016-1663: Use-after-free in Blink’s V8 bindings
    - CVE-2016-1664: Address bar spoofing
    - CVE-2016-1665: Information leak in V8
    - CVE-2016-1666: Various fixes from internal audits, fuzzing and other initiatives
* Fri Apr 22 2016 jslaby@suse.com
  - _constraints: increase memory. It takes 1.2G to build some .o, and
    with -j4 this results in OOM.
* Thu Apr 14 2016 tittiatcoke@gmail.com
  - Update to Chromium 50.0.2661.75 (boo#975572)
    * Security Fixes:
    - CVE-2016-1652: Universal XSS in extension bindings
    - CVE-2016-1653: Out-of-bounds write in V8
    - CVE-2016-1651: Out-of-bounds read in Pdfium JPEG2000 decoding
    - CVE-2016-1654: Uninitialized memory read in media
    - CVE-2016-1655: Use-after-free related to extensions
    - CVE-2016-1656: Android downloaded file path restriction bypass
    - CVE-2016-1657: Address bar spoofing
    - CVE-2016-1658: Potential leak of sensitive information to
      malicious extensions
    - CVE-2016-1659: Various fixes from internal audits, fuzzing
      and other initiatives
  - add patch to fix GCC builds with component=shared_library:
    chromium-50.0.2661.75-export_blink_Platform_symbols_in_shared_library_builds.patch
* Fri Apr 08 2016 astieger@suse.com
  - Update to Chromium 49.0.2623.112
    * Block user removal when login attempt is in progress
    * Add the SuppressUnsupportedOSWarning policy setting
    * Fix how Save-Page-As responds to web requests blocked by extensions
    * Fix preferred width calculation for 8bit ltr runs in rtl blocks
* Wed Mar 30 2016 tittiatcoke@gmail.com
  - Update to Chromium 49.0.2623.110
    * No changelog available
* Mon Mar 28 2016 tittiatcoke@gmail.com
  - Update to Chromium 49.0.2623.108
    * Security fixes (boo#972834):
    - CVE-2016-1646: Out-of-bounds read in V8
    - CVE-2016-1647: Use-after-free in Navigation
    - CVE-2016-1648: Use-after-free in Extensions
    - CVE-2016-1649: Buffer overflow in libANGLE
    - CVE-2016-1650: Various fixes from internal audits, fuzzing
      and other initiatives
    - CVE-2016-3679: Multiple vulnerabilities in V8 fixed at the
      tip of the 4.9 branch (currently 4.9.385.33).
* Wed Mar 09 2016 tittiatcoke@gmail.com
  - Update to Chromium 49.0.2623.87
    * Security fixes:
    - CVE-2016-1643: Type confusion in Blink (boo#970514)
    - CVE-2016-1644: Use-after-free in Blink (boo#970509)
    - CVE-2016-1645: Out-of-bounds write in PDFium (boo#970511)
* Tue Mar 08 2016 tittiatcoke@gmail.com
  - Change the build method used on Packman.
    * Drop patch no-clang-on-packman.diff . This is no longer required
      as that ninja is respecting the build flags correctly.
  - Drop unused patch skia.patch
* Fri Mar 04 2016 tittiatcoke@gmail.com
  - Update to Chromium 49.0.2623.75
    * 26 security fixes, with the most important ones being:
    - CVE-2016-1630: Same-origin bypass in Blink
    - CVE-2016-1631: Same-origin bypass in Pepper Plugin
    - CVE-2016-1632: Bad cast in Extensions
    - CVE-2016-1633: Use-after-free in Blink
    - CVE-2016-1634: Use-after-free in Blink
    - CVE-2016-1635: Use-after-free in Blink
    - CVE-2016-1636: SRI Validation Bypass
    - CVE-2015-8126: Out-of-bounds access in libpng
    - CVE-2016-1637: Information Leak in Skia
    - CVE-2016-1638: WebAPI Bypass
    - CVE-2016-1639: Use-after-free in WebRTC
    - CVE-2016-1640: Origin confusion in Extensions UI
    - CVE-2016-1641: Use-after-free in Favicon
    - CVE-2016-1642: Various fixes from internal audits, fuzzing
      and other initiatives
    - Multiple vulnerabilities in V8 fixed at the tip of the 4.9
      branch (currently 4.9.385.26)
      (boo#969333)
* Fri Feb 19 2016 tittiatcoke@gmail.com
  - Update to Chromium 48.0.2564.116
    * Fixes a critical security flaw:
    - CVE-2016-1629: Same-origin bypass in Blink and Sandbox
      escape in Chrome. (boo#967376)
* Mon Feb 15 2016 tittiatcoke@gmail.com
  - Update to Chromium 48.0.2564.109
    * Security fixes (boo#965999)
    - CVE-2016-1622: Same-origin bypass in Extensions
    - CVE-2016-1623: Same-origin bypass in DOM
    - CVE-2016-1624: Buffer overflow in Brotli
    - CVE-2016-1625: Navigation bypass in Chrome Instant
    - CVE-2016-1626: Out-of-bounds read in PDFium
    - CVE-2016-1627: Various fixes from internal audits, fuzzing
      and other initiatives
* Sat Feb 13 2016 tittiatcoke@gmail.com
  - Drop the libva support completely. It seems that this is causing
    more issues than it actually resolves. (boo#965566)
    * Drop chromium-enable-vaapi.patch
* Thu Feb 11 2016 tittiatcoke@gmail.com
  - Don't build with libva support for openSUSE 13.2 and lower
    (boo#966082)
* Tue Feb 09 2016 tittiatcoke@gmail.com
  - Drop completely the option to build with system libraries. This
    could lead to issues (boo#965738)
* Fri Feb 05 2016 tittiatcoke@gmail.com
  - Update to Chromium 48.0.2564.103
    * No chnagelog available
* Sun Jan 31 2016 tittiatcoke@gmail.com
  - Build against the in-source libjpeg to prevent graphical issues
* Sun Jan 31 2016 tchvatal@suse.com
  - Use spec-cleaner
  - Remove buildenv check that is moot for the update-alternatives script
  - Build against the latest libjpeg rather than jpeg6
  - Use update-alternatives as is required by the specification
* Thu Jan 28 2016 tittiatcoke@gmail.com
  - Update to Chromium 48.0.2564.97
    * No changelog available
  - Update the desktop-kde package so that on Leap and TW, the kwallet5
    becomes the default. desktop-kde/gnome packages are no longer
    recommended as that the default is to automatically detect the
    password store. Only for those users that want to change this,
    they can select a different setup.
* Fri Jan 22 2016 tittiatcoke@gmail.com
  - Update to Chromium 48.0.2564.82
    * Security fixes:
    - CVE-2016-1612: Bad cast in V8 (boo#963184)
    - CVE-2016-1613: Use-after-free in PDFium (boo#963185)
    - CVE-2016-1614: Information leak in Blink (boo#963186)
    - CVE-2016-1615: Origin confusion in Omnibox (boo#963187)
    - CVE-2016-1616: URL Spoofing (boo#963188)
    - CVE-2016-1617: History sniffing with HSTS and CSP (boo#963189)
    - CVE-2016-1618: Weak random number generator in Blink (boo#963190)
    - CVE-2016-1619: Out-of-bounds read in PDFium (boo#963191)
    - CVE-2016-1620 chromium-browser: various fixes (boo#963192)
* Thu Jan 14 2016 tittiatcoke@gmail.com
  - Update to Chromium 47.0.2526.111.
    * No changelog available
* Mon Dec 28 2015 stefan.bruens@rwth-aachen.de
  - Enable SSE2 on x86_64
* Sun Dec 27 2015 stefan.bruens@rwth-aachen.de
  - Fix crash when trying to enable chromecast extension
    * Add patch: fix_network_api_crash.patch
      Fix https://code.google.com/p/chromium/issues/detail?id=572539
* Sun Dec 20 2015 astieger@suse.com
  - Update to Chromium 47.0.2525.106, fixing the following security
    issue:
    * CVE-2015-6792: Fixes from internal audits and fuzzing. [boo#959458]
* Mon Dec 14 2015 jimmy@boombatower.com
  - Enable VA-API hardware acceleration in Linux.
    * chromium-enable-vaapi.patch
* Thu Dec 10 2015 tittiatcoke@gmail.com
  - Update to Chromium 47.0.2526.80 [boo#958481]
    * Security fixes
    - CVE-2015-6788: Type confusion in extensions
    - CVE-2015-6789: Use-after-free in Blink
    - CVE-2015-6790: Escaping issue in saved pages
    - CVE-2015-6791: Various fixes from internal audits, fuzzing
      and other initiatives
  - Drop unused patch fix-clang.diff.
* Sat Dec 05 2015 tittiatcoke@gmail.com
  - Enable the possibility to utilize the Widevine plugin
    within chromium. (boo#954103)
    * Add patch: fix_building_widevinecdm_with_chromium.patch
* Wed Dec 02 2015 tittiatcoke@gmail.com
  - Update to Chromium 47.0.2526.73
    * Security fixes (boo#957519)
    - CVE-2015-6765: Use-after-free in AppCache
    - CVE-2015-6766: Use-after-free in AppCache
    - CVE-2015-6767: Use-after-free in AppCache
    - CVE-2015-6768: Cross-origin bypass in DOM
    - CVE-2015-6769: Cross-origin bypass in core
    - CVE-2015-6770: Cross-origin bypass in DOM
    - CVE-2015-6771: Out of bounds access in v8
    - CVE-2015-6772: Cross-origin bypass in DOM
    - CVE-2015-6764: Out of bounds access in v8
    - CVE-2015-6773: Out of bounds access in Skia
    - CVE-2015-6774: Use-after-free in Extensions
    - CVE-2015-6775: Type confusion in PDFium
    - CVE-2015-6776: Out of bounds access in PDFium
    - CVE-2015-6777: Use-after-free in DOM
    - CVE-2015-6778: Out of bounds access in PDFium
    - CVE-2015-6779: Scheme bypass in PDFium
    - CVE-2015-6780: Use-after-free in Infobars
    - CVE-2015-6781: Integer overflow in Sfntly
    - CVE-2015-6782: Content spoofing in Omnibox
    - CVE-2015-6783: Signature validation issue in
      Android Crazy Linker.
    - CVE-2015-6784: Escaping issue in saved pages
    - CVE-2015-6785: Wildcard matching issue in CSP
    - CVE-2015-6786: Scheme bypass in CSP
    - CVE-2015-6787: Various fixes from internal audits, fuzzing
      and other initiatives.
    - Multiple vulnerabilities in V8 fixed at the tip of the
      4.7 branch (currently 4.7.80.23)
* Wed Nov 11 2015 tittiatcoke@gmail.com
  - Update to Chromium 46.0.2490.86
    * Security fixes (boo#954579):
    - CVE-2015-1302: Information leak in PDF viewer
* Fri Oct 23 2015 tittiatcoke@gmail.com
  - Update to Chromium 46.0.2490.80
    * No changelog available
* Mon Oct 19 2015 tittiatcoke@gmail.com
  - Change the default homepage based on the new landingpage
    for the openSUSE Project. (boo#950957)
* Wed Oct 14 2015 tittiatcoke@gmail.com
  - Update to Chromium 46.0.2490.71
    * Security fixes (boo#950290)
    - CVE-2015-6755: Cross-origin bypass in Blink
    - CVE-2015-6756: Use-after-free in PDFium
    - CVE-2015-6757: Use-after-free in ServiceWorker
    - CVE-2015-6758: Bad-cast in PDFium
    - CVE-2015-6759: Information leakage in LocalStorage
    - CVE-2015-6760: Improper error handling in libANGLE
    - CVE-2015-6761: Memory corruption in FFMpeg
    - CVE-2015-6762: CORS bypass via CSS fonts
    - CVE-2015-6763: Various fixes from internal audits, fuzzing
      and other initiatives
    - Multiple vulnerabilities in V8 fixed at the tip of the
      4.6 branch (currently 4.6.85.23) CVE-2015-7834
  - drop upstreamed correct-blacklist.diff
  - add chromium-46.0.2490.71-fix-missing-i18n_process_css_test.patch
    to fix build
  - remove remoting_locales from spec
* Sat Oct 03 2015 tittiatcoke@gmail.com
  - Update to Chromium 45.0.2454.101
    * Security fixes:
    - CVE-2015-1303: Cross-origin bypass in DOM [boo#947504]
    - CVE-2015-1304: Cross-origin bypass in V8 [boo#947507]
* Tue Sep 22 2015 tittiatcoke@gmail.com
  - Update to Chromium 45.0.2454.99
    - No changelog available
  - Add upstream patch correct-blacklist.diff
    * This should restore the correct behavior of the option
    - -ignore-gpu-blacklist.
      https://code.google.com/p/chromium/issues/detail?id=509336
* Wed Sep 16 2015 tittiatcoke@gmail.com
  - Update to Chromium 45.0.2454.93
    - No changelog available
* Fri Sep 11 2015 tittiatcoke@gmail.com
  - Update to Chromium 45.0.2454.85
    Security fixes:
    * CVE-2015-1291: Cross-origin bypass in DOM
    * CVE-2015-1292: Cross-origin bypass in ServiceWorker
    * CVE-2015-1293: Cross-origin bypass in DOM
    * CVE-2015-1294: Use-after-free in Skia
    * CVE-2015-1295: Use-after-free in Printing
    * CVE-2015-1296: Character spoofing in omnibox
    * CVE-2015-1297: Permission scoping error in WebRequest
    * CVE-2015-1298: URL validation error in extensions
    * CVE-2015-1299: Use-after-free in Blink
    * CVE-2015-1300: Information leak in Blink
    * CVE-2015-1301: Various fixes from internal audits, fuzzing and other initiatives.
* Wed Aug 05 2015 tittiatcoke@gmail.com
  - Update to Chromium 44.0.2403.130
    * No changelog available
* Wed Jul 29 2015 tittiatcoke@gmail.com
  - Update to Chromium 44.0.2403.125
    * No changelog available
  - The chromium-ffmpeg package (on Packman) now requires the same
    version for the main chromium package. This should prevent the
    issues arised from the libffmpeg switch that Google did recently
* Sat Jul 25 2015 tittiatcoke@gmail.com
  - Update to Chromium 44.0.2403.107
    * No changelog available
* Tue Jul 21 2015 tittiatcoke@gmail.com
  - Update to Chromium 44.0.2403.89
    * A number of new apps/extension APIs
    * Lots of under the hood changes for stability and performance
    * Security fixes:
    - CVE-2015-1271: Heap-buffer-overflow in pdfium
    - CVE-2015-1273: Heap-buffer-overflow in pdfium
    - CVE-2015-1274: Settings allowed executable files to run
      immediately after download
    - CVE-2015-1275: UXSS in Chrome for Android
    - CVE-2015-1276: Use-after-free in IndexedDB
    - CVE-2015-1279: Heap-buffer-overflow in pdfium
    - CVE-2015-1280: Memory corruption in skia
    - CVE-2015-1281: CSP bypass
    - CVE-2015-1282: Use-after-free in pdfium
    - CVE-2015-1283: Heap-buffer-overflow in expat
    - CVE-2015-1284: Use-after-free in blink
    - CVE-2015-1286: UXSS in blink
    - CVE-2015-1287: SOP bypass with CSS
    - CVE-2015-1270: Uninitialized memory read in ICU
    - CVE-2015-1272: Use-after-free related to unexpected GPU
      process termination
    - CVE-2015-1277: Use-after-free in accessibility
    - CVE-2015-1278: URL spoofing using pdf files
    - CVE-2015-1285: Information leak in XSS auditor
    - CVE-2015-1288: Spell checking dictionaries fetched over HTTP
    - CVE-2015-1289: Various fixes from internal audits, fuzzing
      and other initiatives
* Wed Jul 15 2015 tittiatcoke@gmail.com
  - Update to Chromium 43.0.2357.134
    Update of the Pepper Flash plugin to 18.0.0.209
* Wed Jul 08 2015 tittiatcoke@gmail.com
  - Update to Chromium 43.0.2357.132
    No changelog available
* Tue Jun 23 2015 tittiatcoke@gmail.com
  - Update to Chromium 43.0.2357.130
    - Security fixes (boo#935723)
    * CVE-2015-1266: Scheme validation error in WebUI
    * CVE-2015-1268: Cross-origin bypass in Blink
    * CVE-2015-1267: Cross-origin bypass in Blink
    * CVE-2015-1269: Normalization error in HSTS/HPKP preload list
* Wed Jun 17 2015 tittiatcoke@gmail.com
  - Add the buildflag enable_hotwording=0 to prevent that Chromium
    downloads a binary blob for speechrecognition (boo#935022)
  - Add patch gcc50-fixes.diff to enable building against GCC 5. The
    patch fixes the python regular expression and ensures to return
    a two digit value for the GCC version
* Fri Jun 12 2015 tittiatcoke@gmail.com
  - Update to Chromium 43.0.2357.125
    * Bug-fixes:
    - esolved browser font magnification/scaling issue.
* Wed May 27 2015 tittiatcoke@gmail.com
  - Update to Chromium 43.0.2357.81
    * Bug-fixes:
    - Fixed an issue where sometimes a blank page would print
    - Icons not displaying properly on Linux
* Wed May 20 2015 tittiatcoke@gmail.com
  - Update to Chromium 43.0.2357.65
    * Security fixes:
    - CVE-2015-1252: Sandbox escape in Chrome
    - CVE-2015-1253: Cross-origin bypass in DOM
    - CVE-2015-1254: Cross-origin bypass in Editing
    - CVE-2015-1255: Use-after-free in WebAudio
    - CVE-2015-1256: Use-after-free in SVG
    - CVE-2015-1251: Use-after-free in Speech
    - CVE-2015-1257: Container-overflow in SVG
    - CVE-2015-1258: Negative-size parameter in Libvpx
    - CVE-2015-1259: Uninitialized value in PDFium
    - CVE-2015-1260: Use-after-free in WebRTC
    - CVE-2015-1261: URL bar spoofing
    - CVE-2015-1262: Uninitialized value in Blink
    - CVE-2015-1263: Insecure download of spellcheck dictionary
    - CVE-2015-1264: Cross-site scripting in bookmarks
    - CVE-2015-1265: Various fixes from internal audits, fuzzing and other initiatives
    - Multiple vulnerabilities in V8 fixed at the tip of the 4.3 branch (currently 4.3.61.21)
* Wed Apr 29 2015 tittiatcoke@gmail.com
  - Update to Chromium 42.0.2311.135
    * Security fixes:
    - CVE-2015-1243: Use-after-free in DOM
    - CVE-2015-1250: Various fixes from internal audits, fuzzing and other initiatives
      and 3 more security fixes.
* Mon Apr 27 2015 tittiatcoke@gmail.com
  - Fix for missing Chromium icon in the taskbar.
* Wed Apr 15 2015 tittiatcoke@gmail.com
  - Update to Chromium 42.0.2311.90
    * A number of new apps, extension and Web Platform APIs (including the Push API!)
    * Lots of under the hood changes for stability and performance
    * Security fixes, including:
    - CVE-2015-1235: Cross-origin-bypass in HTML parser
    - CVE-2015-1236: Cross-origin-bypass in Blink
    - CVE-2015-1237: Use-after-free in IPC
    - CVE-2015-1238: Out-of-bounds write in Skia
    - CVE-2015-1240: Out-of-bounds read in WebGL
    - CVE-2015-1241: Tap-Jacking
    - CVE-2015-1242: Type confusion in V8
    - CVE-2015-1244: HSTS bypass in WebSockets
    - CVE-2015-1245: Use-after-free in PDFium
    - CVE-2015-1246: Out-of-bounds read in Blink
    - CVE-2015-1247: Scheme issues in OpenSearch
    - CVE-2015-1248: SafeBrowsing bypass
    - CVE-2015-1249: Various fixes from internal audits, fuzzing and other initiatives
    - Multiple vulnerabilities in V8 fixed
* Thu Apr 02 2015 tittiatcoke@gmail.com
  - Update to Chromium 41.0.2272.118
    Security fixes:
    * CVE-2015-1233: A combination of V8, Gamepad and IPC bugs that
      can lead to remote code execution outside of
      the sandbox
    * CVE-2015-1234: Buffer overflow via race condition in GPU
* Sat Mar 21 2015 tittiatcoke@gmail.com
  - Update to Chromium 41.0.2272.101
    * Bugfixes
* Thu Mar 12 2015 tittiatcoke@gmail.com
  - Update to Chromium 41.0.2272.89
    * Bugfixes
* Wed Mar 04 2015 tittiatcoke@gmail.com
  - Update to Chromium 41.0.2272.76
    Security fixes:
    * CVE-2015-1212: Out-of-bounds write in media
    * CVE-2015-1213: Out-of-bounds write in skia filters
    * CVE-2015-1214: Out-of-bounds write in skia filters
    * CVE-2015-1215: Out-of-bounds write in skia filters
    * CVE-2015-1216: Use-after-free in v8 bindings
    * CVE-2015-1217: Type confusion in v8 bindings
    * CVE-2015-1218: Use-after-free in dom
    * CVE-2015-1219: Integer overflow in webgl
    * CVE-2015-1220: Use-after-free in gif decoder
    * CVE-2015-1221: Use-after-free in web databases
    * CVE-2015-1222: Use-after-free in service workers
    * CVE-2015-1223: Use-after-free in dom
    * CVE-2015-1230: Type confusion in v8
    * CVE-2015-1224: Out-of-bounds read in vpxdecoder
    * CVE-2015-1225: Out-of-bounds read in pdfium
    * CVE-2015-1226: Validation issue in debugger
    * CVE-2015-1227: Uninitialized value in blink
    * CVE-2015-1228: Uninitialized value in rendering
    * CVE-2015-1229: Cookie injection via proxies
    * CVE-2015-1231: Various fixes from internal audits
    * Multiple vulnerabilities in V8 fixed at the tip of the 4.1 branch
* Fri Feb 27 2015 meissner@suse.com
  - regular diskusage is more like 20GB+
* Mon Feb 23 2015 meissner@suse.com
  - uses around 5.8GB for building, assign like 6GB in _constraints
* Fri Feb 20 2015 tittiatcoke@gmail.com
  - Update to Chromium 40.0.2214.115
    * Bugfixes
* Wed Feb 18 2015 tittiatcoke@gmail.com
  - Utilize the _service file to download the chromium tarball
* Sun Feb 08 2015 tittiatcoke@gmail.com
  - Update to Chromium 40.0.2214.111
    * Security Fixes:
    - CVE-2015-1209: Use-after-free in DOM
    - CVE-2015-1210: Cross-origin-bypass in V8 bindings
    - CVE-2015-1211: Privilege escalation using service workers
    - CVE-2015-1212: Various fixes from internal audits, fuzzing
      and other initiatives
* Sat Jan 31 2015 tittiatcoke@gmail.com
  - Update to Chromium 40.0.2214.94
    - Bugfixes
* Wed Jan 28 2015 tittiatcoke@gmail.com
  - Update to Chromium 40.0.2214.93
    - Bugfixes
* Fri Jan 23 2015 tittiatcoke@gmail.com
  - Update to Chromium 40.0.2214.91
    * Security Fixes:
    - CVE-2014-7923: Memory corruption in ICU
    - CVE-2014-7924: Use-after-free in IndexedDB
    - CVE-2014-7925: Use-after-free in WebAudio
    - CVE-2014-7926: Memory corruption in ICU
    - CVE-2014-7927: Memory corruption in V8
    - CVE-2014-7928: Memory corruption in V8
    - CVE-2014-7930: Use-after-free in DOM
    - VE-2014-7931: Memory corruption in V8
    - CVE-2014-7929: Use-after-free in DOM
    - CVE-2014-7932: Use-after-free in DOM
    - CVE-2014-7933: Use-after-free in FFmpeg
    - CVE-2014-7934: Use-after-free in DOM
    - CVE-2014-7935: Use-after-free in Speech
    - CVE-2014-7936: Use-after-free in Views
    - CVE-2014-7937: Use-after-free in FFmpeg
    - CVE-2014-7938: Memory corruption in Fonts
    - CVE-2014-7939: Same-origin-bypass in V8
    - CVE-2014-7940: Uninitialized-value in ICU
    - CVE-2014-7941: Out-of-bounds read in UI
    - CVE-2014-7942: Uninitialized-value in Fonts
    - CVE-2014-7943: Out-of-bounds read in Skia
    - CVE-2014-7944: Out-of-bounds read in PDFium
    - CVE-2014-7945: Out-of-bounds read in PDFium
    - CVE-2014-7946: Out-of-bounds read in Fonts
    - CVE-2014-7947: Out-of-bounds read in PDFium
    - CVE-2014-7948: Caching error in AppCache
    - CVE-2015-1205: Various fixes from internal audits, fuzzing and other initiatives
    - Multiple vulnerabilities in V8 fixed at the tip of the 3.30 branch
* Tue Jan 13 2015 tittiatcoke@gmail.com
  - Update to Chromium 39.0.2171.99
    * Bugfixes
* Wed Dec 10 2014 tittiatcoke@gmail.com
  - Update to Chromium 39.0.2171.95
    * Bugfixes
* Sun Nov 30 2014 Led <ledest@gmail.com>
  - fix using 'echo' command in chromium-browser.sh script
* Wed Nov 26 2014 tittiatcoke@gmail.com
  - Update to Chromium 39.0.2171.71
    * Bugfixes
* Wed Nov 19 2014 tittiatcoke@gmail.com
  - Update to Chromium 39.0.2171.65
    * Security fixes:
    - CVE-2014-7899: Address bar spoofing (boo#906320)
    - CVE-2014-7900: Use-after-free in pdfium (boo#906317)
    - CVE-2014-7901: Integer overflow in pdfium (boo#906322)
    - CVE-2014-7902: Use-after-free in pdfium (boo#906328)
    - CVE-2014-7903: Buffer overflow in pdfium (boo#906318)
    - CVE-2014-7904: Buffer overflow in Skia (boo#906321)
    - CVE-2014-7905: Flaw allowing navigation to intents that do
      not have the BROWSABLE category (boo#906330)
    - CVE-2014-7906: Use-after-free in pepper plugins (boo#906319)
    - CVE-2014-0574: Double-free in Flash
    - CVE-2014-7907: Use-after-free in blink (boo#906323)
    - CVE-2014-7908: Integer overflow in media (boo#906324)
    - CVE-2014-7909: Uninitialized memory read in Skia (boo#906326)
    - CVE-2014-7910: Various fixes from internal audits, fuzzing
      and other initiatives (boo#906327)
* Fri Nov 14 2014 tittiatcoke@gmail.com
  - Update to Chromium 38.0.2125.122
    * Several bugfixes
* Tue Oct 28 2014 tittiatcoke@gmail.com
  - Update to Chromium 38.0.2125.111
    * Several bugfixes
* Wed Oct 15 2014 tittiatcoke@gmail.com
  - Update to Chromium 38.0.2125.104
    * Several bugfixes
  - Updated source url to point to the right location

Files

/etc/chromium
/etc/chromium/master_preferences
/etc/default/chromium
/usr/bin/chromium
/usr/lib/chrome_sandbox
/usr/lib64/chromium
/usr/lib64/chromium/chrome-sandbox
/usr/lib64/chromium/chrome_100_percent.pak
/usr/lib64/chromium/chrome_200_percent.pak
/usr/lib64/chromium/chromium
/usr/lib64/chromium/headless_lib.pak
/usr/lib64/chromium/icudtl.dat
/usr/lib64/chromium/locales
/usr/lib64/chromium/locales/am.pak
/usr/lib64/chromium/locales/am.pak.info
/usr/lib64/chromium/locales/ar.pak
/usr/lib64/chromium/locales/ar.pak.info
/usr/lib64/chromium/locales/bg.pak
/usr/lib64/chromium/locales/bg.pak.info
/usr/lib64/chromium/locales/bn.pak
/usr/lib64/chromium/locales/bn.pak.info
/usr/lib64/chromium/locales/ca.pak
/usr/lib64/chromium/locales/ca.pak.info
/usr/lib64/chromium/locales/cs.pak
/usr/lib64/chromium/locales/cs.pak.info
/usr/lib64/chromium/locales/da.pak
/usr/lib64/chromium/locales/da.pak.info
/usr/lib64/chromium/locales/de.pak
/usr/lib64/chromium/locales/de.pak.info
/usr/lib64/chromium/locales/el.pak
/usr/lib64/chromium/locales/el.pak.info
/usr/lib64/chromium/locales/en-GB.pak
/usr/lib64/chromium/locales/en-GB.pak.info
/usr/lib64/chromium/locales/en-US.pak
/usr/lib64/chromium/locales/en-US.pak.info
/usr/lib64/chromium/locales/es-419.pak
/usr/lib64/chromium/locales/es-419.pak.info
/usr/lib64/chromium/locales/es.pak
/usr/lib64/chromium/locales/es.pak.info
/usr/lib64/chromium/locales/et.pak
/usr/lib64/chromium/locales/et.pak.info
/usr/lib64/chromium/locales/fa.pak
/usr/lib64/chromium/locales/fa.pak.info
/usr/lib64/chromium/locales/fi.pak
/usr/lib64/chromium/locales/fi.pak.info
/usr/lib64/chromium/locales/fil.pak
/usr/lib64/chromium/locales/fil.pak.info
/usr/lib64/chromium/locales/fr.pak
/usr/lib64/chromium/locales/fr.pak.info
/usr/lib64/chromium/locales/gu.pak
/usr/lib64/chromium/locales/gu.pak.info
/usr/lib64/chromium/locales/he.pak
/usr/lib64/chromium/locales/he.pak.info
/usr/lib64/chromium/locales/hi.pak
/usr/lib64/chromium/locales/hi.pak.info
/usr/lib64/chromium/locales/hr.pak
/usr/lib64/chromium/locales/hr.pak.info
/usr/lib64/chromium/locales/hu.pak
/usr/lib64/chromium/locales/hu.pak.info
/usr/lib64/chromium/locales/id.pak
/usr/lib64/chromium/locales/id.pak.info
/usr/lib64/chromium/locales/it.pak
/usr/lib64/chromium/locales/it.pak.info
/usr/lib64/chromium/locales/ja.pak
/usr/lib64/chromium/locales/ja.pak.info
/usr/lib64/chromium/locales/kn.pak
/usr/lib64/chromium/locales/kn.pak.info
/usr/lib64/chromium/locales/ko.pak
/usr/lib64/chromium/locales/ko.pak.info
/usr/lib64/chromium/locales/lt.pak
/usr/lib64/chromium/locales/lt.pak.info
/usr/lib64/chromium/locales/lv.pak
/usr/lib64/chromium/locales/lv.pak.info
/usr/lib64/chromium/locales/ml.pak
/usr/lib64/chromium/locales/ml.pak.info
/usr/lib64/chromium/locales/mr.pak
/usr/lib64/chromium/locales/mr.pak.info
/usr/lib64/chromium/locales/ms.pak
/usr/lib64/chromium/locales/ms.pak.info
/usr/lib64/chromium/locales/nb.pak
/usr/lib64/chromium/locales/nb.pak.info
/usr/lib64/chromium/locales/nl.pak
/usr/lib64/chromium/locales/nl.pak.info
/usr/lib64/chromium/locales/pl.pak
/usr/lib64/chromium/locales/pl.pak.info
/usr/lib64/chromium/locales/pt-BR.pak
/usr/lib64/chromium/locales/pt-BR.pak.info
/usr/lib64/chromium/locales/pt-PT.pak
/usr/lib64/chromium/locales/pt-PT.pak.info
/usr/lib64/chromium/locales/ro.pak
/usr/lib64/chromium/locales/ro.pak.info
/usr/lib64/chromium/locales/ru.pak
/usr/lib64/chromium/locales/ru.pak.info
/usr/lib64/chromium/locales/sk.pak
/usr/lib64/chromium/locales/sk.pak.info
/usr/lib64/chromium/locales/sl.pak
/usr/lib64/chromium/locales/sl.pak.info
/usr/lib64/chromium/locales/sr.pak
/usr/lib64/chromium/locales/sr.pak.info
/usr/lib64/chromium/locales/sv.pak
/usr/lib64/chromium/locales/sv.pak.info
/usr/lib64/chromium/locales/sw.pak
/usr/lib64/chromium/locales/sw.pak.info
/usr/lib64/chromium/locales/ta.pak
/usr/lib64/chromium/locales/ta.pak.info
/usr/lib64/chromium/locales/te.pak
/usr/lib64/chromium/locales/te.pak.info
/usr/lib64/chromium/locales/th.pak
/usr/lib64/chromium/locales/th.pak.info
/usr/lib64/chromium/locales/tr.pak
/usr/lib64/chromium/locales/tr.pak.info
/usr/lib64/chromium/locales/uk.pak
/usr/lib64/chromium/locales/uk.pak.info
/usr/lib64/chromium/locales/vi.pak
/usr/lib64/chromium/locales/vi.pak.info
/usr/lib64/chromium/locales/zh-CN.pak
/usr/lib64/chromium/locales/zh-CN.pak.info
/usr/lib64/chromium/locales/zh-TW.pak
/usr/lib64/chromium/locales/zh-TW.pak.info
/usr/lib64/chromium/natives_blob.bin
/usr/lib64/chromium/plugins
/usr/lib64/chromium/resources.pak
/usr/lib64/chromium/snapshot_blob.bin
/usr/lib64/chromium/v8_context_snapshot.bin
/usr/lib64/chromium/views_mus_resources.pak
/usr/lib64/chromium/xdg-mime
/usr/lib64/chromium/xdg-settings
/usr/share/appdata
/usr/share/appdata/chromium-browser.appdata.xml
/usr/share/applications/chromium-browser.desktop
/usr/share/doc/packages/chromium
/usr/share/doc/packages/chromium/AUTHORS
/usr/share/gnome-control-center
/usr/share/gnome-control-center/default-apps
/usr/share/gnome-control-center/default-apps/chromium-browser.xml
/usr/share/icons/hicolor
/usr/share/icons/hicolor/128x128
/usr/share/icons/hicolor/128x128/apps
/usr/share/icons/hicolor/128x128/apps/chromium-browser.png
/usr/share/icons/hicolor/128x128/apps/chromium.png
/usr/share/icons/hicolor/16x16
/usr/share/icons/hicolor/16x16/apps
/usr/share/icons/hicolor/16x16/apps/chromium-browser.png
/usr/share/icons/hicolor/16x16/apps/chromium.png
/usr/share/icons/hicolor/22x22
/usr/share/icons/hicolor/22x22/apps
/usr/share/icons/hicolor/22x22/apps/chromium-browser.png
/usr/share/icons/hicolor/22x22/apps/chromium.png
/usr/share/icons/hicolor/24x24
/usr/share/icons/hicolor/24x24/apps
/usr/share/icons/hicolor/24x24/apps/chromium-browser.png
/usr/share/icons/hicolor/24x24/apps/chromium.png
/usr/share/icons/hicolor/256x256
/usr/share/icons/hicolor/256x256/apps
/usr/share/icons/hicolor/256x256/apps/chromium-browser.png
/usr/share/icons/hicolor/256x256/apps/chromium.png
/usr/share/icons/hicolor/32x32
/usr/share/icons/hicolor/32x32/apps
/usr/share/icons/hicolor/32x32/apps/chromium-browser.png
/usr/share/icons/hicolor/32x32/apps/chromium.png
/usr/share/icons/hicolor/48x48
/usr/share/icons/hicolor/48x48/apps
/usr/share/icons/hicolor/48x48/apps/chromium-browser.png
/usr/share/icons/hicolor/48x48/apps/chromium.png
/usr/share/icons/hicolor/64x64
/usr/share/icons/hicolor/64x64/apps
/usr/share/icons/hicolor/64x64/apps/chromium-browser.png
/usr/share/icons/hicolor/64x64/apps/chromium.png
/usr/share/icons/hicolor/scalable
/usr/share/icons/hicolor/scalable/apps
/usr/share/icons/hicolor/scalable/apps/chromium-browser.svg
/usr/share/icons/hicolor/scalable/apps/chromium.svg
/usr/share/licenses/chromium
/usr/share/licenses/chromium/LICENSE


Generated by rpm2html 1.8.1

Fabrice Bellet, Tue Sep 10 15:20:18 2019