Project chromium-gost-138.0.7204.157-1.el9.inferit content_copy

Name	chromium-gost
Epoch	0
Version	138.0.7204.157
Release	1.el9.inferit
Website/URL	http://www.chromium.org/Home
License	BSD-3-Clause AND LGPL-2.1-or-later AND Apache-2.0 AND IJG AND MIT AND GPL-2.0-or-later AND ISC AND OpenSSL AND (MPL-1.1 OR GPL-2.0-only OR LGPL-2.0-only)
Build Time	2025-07-22 17:01:21
Build Host	certified-builder01.msvsphere-os.ru
Summary	The web browser from Chromium Gost project
Repositories	Updates
Description	Chromium Gost is an open-source browser based on Chromium code and supports Russian Gost encryption algorithms.
Errata	—

‹

›

×

* Thu Jul 17 2025 Arkady L. Shane <tigro@msvsphere-os.ru> - 138.0.7204.157-1.inferit
- Update to 138.0.7204.157
  * CVE-2025-7656: Integer overflow in V8
  * CVE-2025-7657: Use after free in WebRTC
  * CVE-2025-6558: Incorrect validation of untrusted input in ANGLE and GPU

* Thu Jul 10 2025 Arkady L. Shane <tigro@msvsphere-os.ru> - 138.0.7204.100-1.inferit
- Update to 138.0.7204.100

* Fri Jul 04 2025 Arkady L. Shane <tigro@msvsphere-os.ru> - 138.0.7204.92-1.inferit
- Update to 138.0.7204.92
  * High CVE-2025-6554: Type Confusion in V8

* Fri Jun 27 2025 Arkady L. Shane <tigro@msvsphere-os.ru> - 138.0.7204.49-1.inferit
- Update to 138.0.7204.49
  * CVE-2025-6555: Use after free in Animation
  * CVE-2025-6556: Insufficient policy enforcement in Loader
  * CVE-2025-6557: Insufficient data validation in DevTools

* Fri Jun 20 2025 Arkady L. Shane <tigro@msvsphere-os.ru> - 137.0.7151.119-1.inferit
- Update to 137.0.7151.119
  * CVE-2025-6191: Integer overflow in V8
  * CVE-2025-6192: Use after free in Profiler

* Fri Jun 13 2025 Arkady L. Shane <tigro@msvsphere-os.ru> - 137.0.7151.103-1.inferit
- Update to 137.0.7151.103
  * CVE-2025-5958: Use after free in Media
  * CVE-2025-5959: Type Confusion in V8
- Provide correct version for bundle librarires
- Fix rhbz#2368923, Chromium crash

* Wed Jun 04 2025 Arkady L. Shane <tigro@msvsphere-os.ru> - 137.0.7151.68-1.inferit
- Update to 137.0.7151.68
  * CVE-2025-5419: Out of bounds read and write in V8
  * CVE-2025-5068: Use after free in Blink

* Thu May 29 2025 Arkady L. Shane <tigro@msvsphere-os.ru> - 137.0.7151.55-1.inferit
- Update to 137.0.7151.55
 * CVE-2025-5063: Use after free in Compositing
 * CVE-2025-5280: Out of bounds write in V8
 * CVE-2025-5064: Inappropriate implementation in Background Fetch API
 * CVE-2025-5065: Inappropriate implementation in FileSystemAccess API
 * CVE-2025-5066: Inappropriate implementation in Messages
 * CVE-2025-5281: Inappropriate implementation in BFCache
 * CVE-2025-5283: Use after free in libvpx
 * CVE-2025-5067: Inappropriate implementation in Tab Strip
- Fix FTBFS caused by simdutf and pdfium-png_decoder
- Remove chromium-135-gperf.patch and chromium-135-add-cfi-suppressions-for-pipewire-functions.patch, merged by upstream
- Refresh ppc64le patches
- Enable system simdutf for F43

* Fri May 16 2025 Arkady L. Shane <tigro@msvsphere-os.ru> - 136.0.7103.113-1.inferit
- Update to 136.0.7103.113
  * CVE-2025-4664: Insufficient policy enforcement in Loader
  * CVE-2025-4609: Incorrect handle provided in unspecified circumstances in Mojo

* Thu May 08 2025 Arkady L. Shane <tigro@msvsphere-os.ru> - 136.0.7103.92-1.inferit
- Update to 136.0.7103.92
  * CVE-2025-4372: Use after free in WebAudio