[rpms/chromium] rawhide: - Update to 149.0.7827.114

public inbox for git-commits@fedoraproject.org
help / color / mirror / Atom feed

From: Than Ngo <than@redhat.com>
To: git-commits@fedoraproject.org
Subject: [rpms/chromium] rawhide: - Update to 149.0.7827.114
Date: Fri, 12 Jun 2026 09:44:22 GMT	[thread overview]
Message-ID: <178125746233.1.13074335196219706548.rpms-chromium-86acda9e7e12@fedoraproject.org> (raw)

            A new commit has been pushed.

            Repo   : rpms/chromium
            Branch : rawhide
            Commit : 86acda9e7e12b9dcf4a16cce09d607eb2f150f13
            Author : Than Ngo <than@redhat.com>
            Date   : 2026-06-12T11:41:58+02:00
            Stats  : +47/-5 in 3 file(s)
            URL    : https://src.fedoraproject.org/rpms/chromium/c/86acda9e7e12b9dcf4a16cce09d607eb2f150f13?branch=rawhide

            Log:
            - Update to 149.0.7827.114

  CVE-2026-12007: Use after free  Core

  CVE-2026-12008: Use after free  DigitalCredentials

  CVE-2026-12009: Insufficient validation of untrusted input  Accessibility

  CVE-2026-12010: Heap buffer overflow  GPU

  CVE-2026-12011: Use after free  WebMIDI

  CVE-2026-12012: Use after free  Network

  CVE-2026-12013: Use after free  Media

  CVE-2026-12014: Use after free  Cast

  CVE-2026-12015: Use after free  Autofill

  CVE-2026-12016: Insufficient validation of untrusted input  DevTools

  CVE-2026-12017: Insufficient validation of untrusted input  Extensions

  CVE-2026-12018: Inappropriate implementation  Mojo

  CVE-2026-12019: Out of bounds write  Codecs

  CVE-2026-12020: Use after free  Autofill

  CVE-2026-12022: Race  Safe Browsing

  CVE-2026-12023: Use after free  GPU

  CVE-2026-12024: Insufficient policy enforcement  DevTools

  CVE-2026-12025: Insufficient validation of untrusted input  Network

  CVE-2026-12026: Out of bounds read  Video

  CVE-2026-12027: Insufficient policy enforcement  Headless

  CVE-2026-12028: Use after free  GPU

  CVE-2026-12029: Use after free  Video

  CVE-2026-12030: Heap buffer overflow  GPU

  CVE-2026-12031: Inappropriate implementation  Views

  CVE-2026-12032: Inappropriate implementation  Passwords

  CVE-2026-12033: Out of bounds read  VideoCapture

  CVE-2026-12034: Insufficient validation of untrusted input  Linux Toolkit Theming

  CVE-2026-12035: Use after free  Views

- Disable AI Mode settings

---
diff --git a/chromium.spec b/chromium.spec
index cb1696f..512918f 100644
--- a/chromium.spec
+++ b/chromium.spec
@@ -268,7 +268,7 @@
 %endif
 
 Name:	chromium
-Version: 149.0.7827.102
+Version: 149.0.7827.114
 Release: 1%{?dist}
 Summary: A WebKit (Blink) powered web browser that Google doesn't want you to use
 Url: http://www.chromium.org/Home
@@ -554,6 +554,8 @@ Source11: master_preferences
 # http://nodejs.org/dist/v${version}/node-${nodejs_version}.tar.gz
 Source12: node-%{nodejs_version}-stripped.tar.gz
 Source13: nodejs-sources.sh
+Source14: disable-ai.json
+
 BuildRequires: openssl-devel
 %endif
 
@@ -1745,6 +1747,9 @@ popd
 mkdir -p %{buildroot}%{_sysconfdir}/chromium/policies/managed
 mkdir -p %{buildroot}%{_sysconfdir}/chromium/policies/recommended
 
+# disable AI
+cp -a %{SOURCE14} %{buildroot}%{_sysconfdir}/chromium/policies/managed/
+
 mkdir -p %{buildroot}%{_datadir}/icons/hicolor/256x256/apps
 cp -a chrome/app/theme/chromium/product_logo_256.png %{buildroot}%{_datadir}/icons/hicolor/256x256/apps/chromium-browser.png
 mkdir -p %{buildroot}%{_datadir}/icons/hicolor/128x128/apps
@@ -1786,11 +1791,12 @@ fi
 %files
 %doc AUTHORS README.fedora
 %license LICENSE
-%config(noreplace) %{_sysconfdir}/%{name}/chromium.conf
-%config %{_sysconfdir}/%{name}/master_preferences
-%config %{_sysconfdir}/%{name}/policies/
+%dir %{_sysconfdir}/%{name}/policies/
 %dir %{chromium_path}/MEIPreload/
 %dir %{chromium_path}/PrivacySandboxAttestationsPreloaded/
+%config(noreplace) %{_sysconfdir}/%{name}/chromium.conf
+%config %{_sysconfdir}/%{name}/master_preferences
+%config %{_sysconfdir}/%{name}/policies/managed/disable-ai.json
 %{_bindir}/chromium-browser
 %{chromium_path}/chrome_*.pak
 %{chromium_path}/chrome_crashpad_handler
@@ -1910,6 +1916,38 @@ fi
 %endif
 
 %changelog
+* Fri Jun 12 2026 Than Ngo <than@redhat.com> - 149.0.7827.114-1
+- Update to 149.0.7827.114
+  * CVE-2026-12007: Use after free  Core
+  * CVE-2026-12008: Use after free  DigitalCredentials
+  * CVE-2026-12009: Insufficient validation of untrusted input  Accessibility
+  * CVE-2026-12010: Heap buffer overflow  GPU
+  * CVE-2026-12011: Use after free  WebMIDI
+  * CVE-2026-12012: Use after free  Network
+  * CVE-2026-12013: Use after free  Media
+  * CVE-2026-12014: Use after free  Cast
+  * CVE-2026-12015: Use after free  Autofill
+  * CVE-2026-12016: Insufficient validation of untrusted input  DevTools
+  * CVE-2026-12017: Insufficient validation of untrusted input  Extensions
+  * CVE-2026-12018: Inappropriate implementation  Mojo
+  * CVE-2026-12019: Out of bounds write  Codecs
+  * CVE-2026-12020: Use after free  Autofill
+  * CVE-2026-12022: Race  Safe Browsing
+  * CVE-2026-12023: Use after free  GPU
+  * CVE-2026-12024: Insufficient policy enforcement  DevTools
+  * CVE-2026-12025: Insufficient validation of untrusted input  Network
+  * CVE-2026-12026: Out of bounds read  Video
+  * CVE-2026-12027: Insufficient policy enforcement  Headless
+  * CVE-2026-12028: Use after free  GPU
+  * CVE-2026-12029: Use after free  Video
+  * CVE-2026-12030: Heap buffer overflow  GPU
+  * CVE-2026-12031: Inappropriate implementation  Views
+  * CVE-2026-12032: Inappropriate implementation  Passwords
+  * CVE-2026-12033: Out of bounds read  VideoCapture
+  * CVE-2026-12034: Insufficient validation of untrusted input  Linux Toolkit Theming
+  * CVE-2026-12035: Use after free  Views
+- Disable AI Mode settings
+
 * Tue Jun 09 2026 Than Ngo <than@redhat.com> - 149.0.7827.102-1
 - Update to 149.0.7827.102
   * CVE-2026-11628: Use after free in Ozone

diff --git a/disable-ai.json b/disable-ai.json
new file mode 100644
index 0000000..b8bf37a
--- /dev/null
+++ b/disable-ai.json
@@ -0,0 +1,4 @@
+{
+  "GenAILocalFoundationalModelSettings": 1,
+  "AIModeSettings": 2
+}

diff --git a/sources b/sources
index 7b789b6..8323441 100644
--- a/sources
+++ b/sources
@@ -1,2 +1,2 @@
 SHA512 (node-v22.22.0-stripped.tar.gz) = f32a8a73063b3c78cbacf941e11dd529ebcf2618b3ba661966312e49ee9870c43a3acf256e8d331a4b0b621b16a501810c02a3ad763c75884cc250addca8e106
-SHA512 (chromium-149.0.7827.102-clean.tar.xz) = 9d97852877cf7c124c3986f6db7e809f519ae685753ed125fcd903c2d26546b34ae8969df2a3a6079183c370d82379c9d0376d3a719b62f60c1fe35831a0d518
+SHA512 (chromium-149.0.7827.114-clean.tar.xz) = f5f92c321ae5a33557d00d23c1a84a5ab688df2429523a1bc8dacd7c8275dee7bb1e5b082bdbaf5807e1b9419c32f092e655190f99a5a8ca7ad8090f24220d92

                 reply	other threads:[~2026-06-12  9:44 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=178125746233.1.13074335196219706548.rpms-chromium-86acda9e7e12@fedoraproject.org \
    --to=than@redhat.com \
    --cc=git-commits@fedoraproject.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox