Chromium 120.0.6099.129 for which the source code was released two days ago repairs a zero-day vulnerability.
Zero-day means that the vulnerability is already actively exploited in the wild. Hopefully the last time this year, but it is already the 8th zero-day which was reported and fixed in Chromium. The new zero-day is labeled CVE-2023-7024.
It’s therefore highly recommended to upgrade your chromium and also ungoogled-chromium packages.
Find the updated Slackware 15.0 and -current packages both for chromium and chromium-ungoogled in my repository and its mirrors (like my own US server and in a short while, the UK mirror).
Cheers, Eric
Dank je Eric en fijne kerstdagen gewenst. Marco
Installed libreoffice-7.6.4-x86_64-2alien, chromium-ungoogled-120.0.6099.129-x86_64-1alien and chromium-120.0.6099.129-x86_64-1alien
Each new package is running well as always.
Thanks for all you do Eric !
— kjh
Thanks for keeping on top of the Chromium updates in a year busier than usual with them, especially all the zero days, as well as for all the other packages you provide, but especially the other ones I use: OpenJDK, LibreOffice, Leptonica and Tesseract.
Merry Christmas and Happy New Year 2024 to you and your family, Eric!
TKS
Thank you Eric.
Best wishes for 2024.
Thanks for the Chromium-ungoogled 120.0.6099.199 update!
Strange, this says there’s another release but there’s no blogpost about it yet.
https://chromiumdash.appspot.com/releases?platform=Linux
Hope it’s not another zero day exploit…
There’s a new release indeed: 120.0.6099.216 but the sources have not been released yet. See https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_9.html
Tarring and publishing the sources is an automated process which gets stuck on a regular basis. All we can do is wait.
Ah, I see what happened. I use the shortcut
https://chromereleases.googleblog.com/search/label/Stable%20updates+Desktop%20Update
to check it but they forgot to give it the “Desktop Update” tag, so I didn’t see the post.
Hi Eric,
I’ve been meaning to ask you about building chromium in -current. I’ve been running into these errors for a while and I’m not sure what I’m doing wrong. I’m using “./chromium.SlackBuild” to build and I get the following errors:
ERROR at //build/config/rust.gni:134:24: Script returned non-zero exit code.
rustc_revision = exec_script(“//tools/rust/update_rust.py”,
^———-
Current dir: /tmp/build/tmp-chromium/chromium-120.0.6099.216/out/Release/
Command: python3 /tmp/build/tmp-chromium/chromium-120.0.6099.216/tools/rust/update_rust.py –print-package-version
Returned 1 and printed out:
The expected Rust version is 2e4e2a8f288f642cafcc41fff211955ceddc453d-1-llvmorg-18-init-9505-g10664813 but the actual version is None
Did you run “gclient sync”?
See //BUILD.gn:17:1: whence it was imported.
import(“//build/config/rust.gni”)
^——————————-
Traceback (most recent call last):
File “/tmp/build/tmp-chromium/chromium-120.0.6099.216/tools/gn/bootstrap/bootstrap.py”, line 142, in
sys.exit(main(sys.argv[1:]))
File “/tmp/build/tmp-chromium/chromium-120.0.6099.216/tools/gn/bootstrap/bootstrap.py”, line 135, in main
subprocess.check_call([
File “/usr/lib64/python3.9/subprocess.py”, line 373, in check_call
raise CalledProcessError(retcode, cmd)
subprocess.CalledProcessError: Command ‘[‘/tmp/build/tmp-chromium/chromium-120.0.6099.216/out/Release/gn’, ‘gen’, ‘/tmp/build/tmp-chromium/chromium-120.0.6099.216/out/Release’, ‘–args= is_debug=false’, ‘–root=/tmp/build/tmp-chromium/chromium-120.0.6099.216′]’ returned non-zero exit status 1.
and
ERROR at //build/config/compiler/BUILD.gn:1586:22: Script returned non-zero exit code.
clang_revision = exec_script(“//tools/clang/scripts/update.py”,
^———-
Current dir: /tmp/build/tmp-chromium/chromium-120.0.6099.216/out/Release/
Command: python3 /tmp/build/tmp-chromium/chromium-120.0.6099.216/tools/clang/scripts/update.py –print-revision –verify-version=18
Returned 1 and printed out:
The expected clang version is llvmorg-18-init-9505-g10664813-1 but the actual version is
Did you run “gclient sync”?
See //build/config/BUILDCONFIG.gn:334:3: which caused the file to be included.
“//build/config/compiler:afdo_optimize_size”,
^——————————————-
These are in the gyp-chromium.log. I used to use “BUILD_CLANG=1” which worked, but now that’s not working either. Thanks for any input.
You did nothing wrong. I have seen your error on multiple occasions. Did you keep the setting ‘enable_rust=false’ in my SlackBuild script?
I compile my Chromium packages on Slackware 15, any issues on -current are yours to solve for now. I guess I will get to those once Patrick releases Slackware 15.1.
It is already hard work keeping Chromium compiling successfully on one Slackware release. Just download the package already…
I started having these issues after switching to the 120.x.x series. I am seeing a similar error when trying to compile it for aarch64. Yes, still have enable_rust=false. Thank you for providing a package. I’ll keep poking around to see if I can get some improvement.
Try what happens if you change “CLANG_MIN=16” to “CLANG_MIN=18” in chromium.SlackBuild. I should really remember to update the minimum required version of clang in the script from time to time.
Slackware-current has llvm-17 so the script will not compile its own clang binaries and that may trip your build.
So I looked into this even more closely. I pretty much have to force BUILD_CLANG=1 for the build to make it to building chromium. Changing CLANG_MIN would probably kickstart that without having to force BUILD_CLANG. Anyhow, I encountered one error related to atspi. I looked through Fedora’s chromium.spec file and noticed that they already had a patch for that error (https://src.fedoraproject.org/rpms/chromium/raw/rawhide/f/chromium-120-gn-workaround-atspi.patch). Then, I ended up encountering another failure. After doing some tweaking, I ended up with a successful build for the latest slackware64-current release. In addition to using BUILD_CLANG=1, I also had to set USE_SYSROOT to 0 and change use_system_libffi=false to true.
To make it more simple, a patch file for all my changes looks like this:
— chromium.SlackBuild 2024-01-13 10:49:58.997972302 -0500
+++ chromium.SlackBuild.orig 2024-01-10 02:05:17.000000000 -0500
@@ -640,7 +640,7 @@
# Build Chromium using a debian sysroot for Slackware 14.2 or older;
# FYI, this will actually also just work for Slackware > 14.2:
-USE_SYSROOT=${USE_SYSROOT:-0}
+USE_SYSROOT=${USE_SYSROOT:-1}
# Enable Qt UI on Slackware 15.0 & newer where we do not need a debian sysroot.
# Until Chromium 110, enable Qt5 UI using param ‘–enable-features=AllowQt’:
@@ -973,11 +973,6 @@
2>&1 | tee -a $OUTPUT/patch-${PRGNAM}.log
fi
-# Apply workaround for atspi:
-cat $SRCDIR/patches/chromium-120-gn-workaround-atspi.patch | patch -p1 –verbose \
– | patch -p0 –verbose \
– 2>&1 | tee -a $OUTPUT/patch-${PRGNAM}.log
–
# Prevent an error ‘Looking for xmlReadMemory – not found ‘ building clang:
sed \
-i tools/clang/scripts/build.py \
@@ -1253,7 +1248,7 @@
‘use_lld=true’
‘use_ozone=true’
“use_pulseaudio=${do_pa}”
– ‘use_system_libffi=true’
+ ‘use_system_libffi=false’
‘use_system_minigbm=false’
“use_qt=${do_qt}”
“use_sysroot=${do_sysroot}”
Would also need to drop the chromium-120-gn-workaround-atspi.patch file into the patches directory.
I actually ran the diff command in the wrong order. It should look like this where chromium.SlackBuild.orig is your version and chromium.SlackBuild is mine:
— chromium.SlackBuild.orig 2024-01-10 02:05:17.000000000 -0500
+++ chromium.SlackBuild 2024-01-13 10:49:58.997972302 -0500
@@ -640,7 +640,7 @@
# Build Chromium using a debian sysroot for Slackware 14.2 or older;
# FYI, this will actually also just work for Slackware > 14.2:
-USE_SYSROOT=${USE_SYSROOT:-1}
+USE_SYSROOT=${USE_SYSROOT:-0}
# Enable Qt UI on Slackware 15.0 & newer where we do not need a debian sysroot.
# Until Chromium 110, enable Qt5 UI using param ‘–enable-features=AllowQt’:
@@ -973,6 +973,11 @@
2>&1 | tee -a $OUTPUT/patch-${PRGNAM}.log
fi
+# Apply workaround for atspi:
+cat $SRCDIR/patches/chromium-120-gn-workaround-atspi.patch | patch -p1 –verbose \
+ | patch -p0 –verbose \
+ 2>&1 | tee -a $OUTPUT/patch-${PRGNAM}.log
+
# Prevent an error ‘Looking for xmlReadMemory – not found ‘ building clang:
sed \
-i tools/clang/scripts/build.py \
@@ -1248,7 +1253,7 @@
‘use_lld=true’
‘use_ozone=true’
“use_pulseaudio=${do_pa}”
– ‘use_system_libffi=false’
+ ‘use_system_libffi=true’
‘use_system_minigbm=false’
“use_qt=${do_qt}”
“use_sysroot=${do_sysroot}”
Thanks for finding the solution and documenting it here. It will help others, but I will also look at incorporating it into the SlackBuild so that it enables different configuration for Slackware 15.0 and -current.
chromium: updated 64bit to 120.0.6099.216 (Slackware 15.0 & onwards).
On Ryzen GPU is launch delay about 20 sec, and some errors.
Quote:
ERRORbject_proxy.cc(577)] Failed to call method: org.freedesktop.DBus.Properties.Get: object_path= /org/freedesktop/portal/desktop: org.freedesktop.DBus.Error.InvalidArgs:
ERROR in connection to local password database
And can not see passwords in password manager
Hi bratpit,
I cannot help with your startup issue. Here, Chromium runs fine on multiple machines including one Ryzen CPU but that one does not have an integrated GPU. I have not heard this kind of issue from anyone else either.
You could try posting this on LinuxQuestions and/or create a bug report on the Google Chromium bug tracker.
About the passwords issue, you may be be running Chromium using the deprecated Gnome password backend. If that is the case you need to switch to libsecret.
It probably means that you have “–password-store=gnome” somewhere in the startup parameters which you would have to change to “–password-store=gnome-libsecret”
Thanks for the clue.
Parameters had to changed between 119 and 120 edition, because 119 worked fawlessly for me.
So I deleted old profile and now browser starts without delay.
Thanks for the chromium-ungoogled 120.0.6099.224 update !
Another zero day exploit in Chrome…