Project chromium-gost-140.0.7339.185-1.el9.inferit content_copy

Name	chromium-gost
Epoch	0
Version	140.0.7339.185
Release	1.el9.inferit
Website/URL	http://www.chromium.org/Home
License	BSD-3-Clause AND LGPL-2.1-or-later AND Apache-2.0 AND IJG AND MIT AND GPL-2.0-or-later AND ISC AND OpenSSL AND (MPL-1.1 OR GPL-2.0-only OR LGPL-2.0-only)
Build Time	2025-09-19 15:29:05
Build Host	builder-iso-x86-01.inferitos.ru
Summary	The web browser from Chromium Gost project
Repositories	Extras
Description	Chromium Gost is an open-source browser based on Chromium code and supports Russian Gost encryption algorithms.
Errata	—

‹

›

×

* Fri Sep 19 2025 Arkady L. Shane <tigro@msvsphere-os.ru> - 140.0.7339.185-1.inferit
- Update to 140.0.7339.185
  * CVE-2025-10585: Type Confusion in V8
  * CVE-2025-10500: Use after free in Dawn
  * CVE-2025-10501: Use after free in WebRTC
  * CVE-2025-10502: Heap buffer overflow in ANGLE

- Update to 140.0.7339.127
  * CVE-2025-10200: Use after free in Serviceworker
  * CVE-2025-10201: Inappropriate implementation in Mojo

* Thu Sep 04 2025 Arkady L. Shane <tigro@msvsphere-os.ru> - 140.0.7339.80-1.inferit
- Update to 140.0.7339.80
  * CVE-2025-9864: Use after free in V8
  * CVE-2025-9865: Inappropriate implementation in Toolbar
  * CVE-2025-9866: Inappropriate implementation in Extensions
    CVE-2025-9867: Inappropriate implementation in Download

* Fri Aug 29 2025 Arkady L. Shane <tigro@msvsphere-os.ru> - 139.0.7258.154-1.inferit
- Update to 139.0.7258.154
  * CVE-2025-9478: Use after free in ANGLE

* Sat Aug 23 2025 Arkady L. Shane <tigro@msvsphere-os.ru> - 139.0.7258.138-1.inferit
- Updated to 139.0.7258.138
  * CVE-2025-9132: Out of bounds write in V8
- Drop unused yasm build dependency
  https://fedoraproject.org/wiki/Changes/DeprecateYASM

* Thu Aug 14 2025 Arkady L. Shane <tigro@msvsphere-os.ru> - 139.0.7258.127-1.inferit
- Updated to 139.0.7258.127
  * CVE-2025-8879: Heap buffer overflow in libaom
  * CVE-2025-8880: Race in V8
  * CVE-2025-8901: Out of bounds write in ANGLE
  * CVE-2025-8881: Inappropriate implementation in File Picker
  * CVE-2025-8882: Use after free in Aura

* Wed Aug 06 2025 Arkady L. Shane <tigro@msvsphere-os.ru> - 139.0.7258.66-1.inferit
- Updated to 139.0.7258.66
  * CVE-2025-8576: Use after free in Extensions
  * CVE-2025-8578: Use after free in Cast
  * CVE-2025-8579: Inappropriate implementation in Gemini Live in Chrome
  * CVE-2025-8580: Inappropriate implementation in Filesystems
  * CVE-2025-8581: Inappropriate implementation in Extensions
  * CVE-2025-8582: Insufficient validation of untrusted input in DOM
  * CVE-2025-8583: Inappropriate implementation in Permissions

* Fri Aug 01 2025 Arkady L. Shane <tigro@msvsphere-os.ru> - 138.0.7204.183-1.inferit
- Update to 138.0.7204.183
  * CVE-2025-8292: Use after free in Media Stream
- Update chromium.conf - rename vaapi flags

* Thu Jul 24 2025 Arkady L. Shane <tigro@msvsphere-os.ru> - 138.0.7204.168-1.inferit
- Update to 138.0.7204.168
  * CVE-2025-8010: Type Confusion in V8
  * CVE-2025-8011: Type Confusion in V8

* Thu Jul 17 2025 Arkady L. Shane <tigro@msvsphere-os.ru> - 138.0.7204.157-1.inferit
- Update to 138.0.7204.157
  * CVE-2025-7656: Integer overflow in V8
  * CVE-2025-7657: Use after free in WebRTC
  * CVE-2025-6558: Incorrect validation of untrusted input in ANGLE and GPU

* Thu Jul 10 2025 Arkady L. Shane <tigro@msvsphere-os.ru> - 138.0.7204.100-1.inferit
- Update to 138.0.7204.100