Hi. The MGA8 build is ready in core/Updates_testing, but I will not flag it ready to QA before the Cauldron build is complete.
For once (I need to buy a lottery ticket :) ), both MGA8 jobs have been assigned to Ecosse and MGA8 wan the race against MGA9 (despite MGA9 started earlier)!

ADVISORY NOTICE PROPOSAL
========================

New chromium-browser-stable 109.0.5414.74 fixes bugs and vulnerabilities


Description
The chromium-browser-stable package has been updated to the 109.0.5414.74 release, fixing 17 vulnerabilities.

Some of the security fixes are:

High CVE-2023-0128: Use after free in Overview Mode. Reported by Khalil Zhani on 2022-08-16
High CVE-2023-0129: Heap buffer overflow in Network Service. Reported by asnine on 2022-11-07
Medium CVE-2023-0130: Inappropriate implementation in Fullscreen API. Reported by Hafiizh on 2022-09-30
Medium CVE-2023-0131: Inappropriate implementation in iframe Sandbox. Reported by NDevTK on 2022-08-28
Medium CVE-2023-0132: Inappropriate implementation in Permission prompts. Reported by Jasper Rebane (popstonia) on 2022-10-05
Medium CVE-2023-0133: Inappropriate implementation in Permission prompts. Reported by Alesandro Ortiz on 2022-10-17
Medium CVE-2023-0134: Use after free in Cart. Reported by Chaoyuan Peng (@ret2happy) on 2022-11-17
Medium CVE-2023-0135: Use after free in Cart. Reported by Chaoyuan Peng (@ret2happy) on 2022-11-18
Medium CVE-2023-0136: Inappropriate implementation in Fullscreen API. Reported by Axel Chong on 2022-08-26
Medium CVE-2023-0137: Heap buffer overflow in Platform Apps. Reported by avaue and Buff3tts at S.S.L. on 2022-12-10
Low CVE-2023-0138: Heap buffer overflow in libphonenumber. Reported by Michael Dau on 2022-07-23
Low CVE-2023-0139: Insufficient validation of untrusted input in Downloads. Reported by Axel Chong on 2022-09-24
Low CVE-2023-0140: Inappropriate implementation in File System API. Reported by harrison.mitchell, cybercx.com.au  on 2022-05-18
Low CVE-2023-0141: Insufficient policy enforcement in CORS. Reported by scarlet on 2022-09-12


References
https://bugs.mageia.org/show_bug.cgi?id=31389
https://chromereleases.googleblog.com/2023/01/stable-channel-update-for-desktop.html
https://www.androidpolice.com/google-chrome-109/



SRPMS
8/core
chromium-browser-stable-109.0.5414.74-1.mga8


PROVIDED PACKAGES
=================
x86_64
chromium-browser-109.0.5414.74-1.mga8.x86_64.rpm
chromium-browser-stable-109.0.5414.74-1.mga8.x86_64.rpm

i586
chromium-browser-109.0.5414.74-1.mga8.i586.rpm
chromium-browser-stable-109.0.5414.74-1.mga8.i586.rpm

Lets hope that kind of luck or more will spread throughout the world this year.

Anyway I tested it because I saw it.

mga8-64 OK for me.

Plasma
CPU: i7-3770, Kernel 5.15.82-desktop-1.mga8
GPU: GM107 [GeForce GTX 750] using nvidia-current; GeForce 635 series and later, 4k display.

Used four sites with video, four banks with three different logins, Nextcloud server login, ...

CC: (none) => fri

Ready for QA!

Assignee: chb0 => qa-bugs

MGA8-64 MATE on Acer Aspire 5253
No installation issues.
Tested with same newspapersite as I do for Firefox updates. Everything I throw at it works OK, but the video rendering was noticeably more sluggish (more and longer interruptions) than Firefox. But that's not a reason to withhold this update.

CC: (none) => herman.viaene

(In reply to Herman Viaene from comment #5)
> throw at it works OK, but the video rendering was noticeably more sluggish
> (more and longer interruptions) than Firefox. But that's not a reason to
> withhold this update.

Hi. Is it the same video performance than with Chromium 108 or is it better with the previous Chromium version?

IMHO Chromium was never excellent at this. It is just now that I paid more attention to it, because I had a test of Chromium and a new version of Firefox within the hour. I don't feel it's necessary to raise an alarm.

MGA8-64, on Xfce, Toshiba Laptop

AMD A6-3420M APU 
Radeon HD 6520G
RTL8188CE 802.11b/g/n WiFi Adapter
 
- chromium-browser-109.0.5414.74-1.mga8.x86_64
- chromium-browser-stable-109.0.5414.74-1.mga8.x86_64
- lib64jsoncpp24-1.9.4-1.mga8.x86_64


Tested video and some web sites.  

Working as expected for me

CC: (none) => brtians1

I normally use Firefox, but I have Chromium around to use as an alternative. Updated with qarepo, with no installation issues.

Went to the U.S. Weather Service Climate Prediction Center https://www.cpc.ncep.noaa.gov/ and looked at long-range forecast, used Google to research how the expected transition from La Nina to an ESLO-neutral condition should affect the weather for the northeastern USA in the Spring, watched this week's edition of U.S. Farm Report https://farmjournaltv.gallery.video/ott/category/videos/u.s.-farm-report

All things that I, as a farmer, might do on any given day, especially during the growing season. Everything worked perfectly. Looks OK for me.

I'm going to give this an OK and Validate, before we bump up against the next version. Advisory in Comment 2.

Keywords: (none) => validated_update
CC: (none) => andrewsfarm, sysadmin-bugs
Whiteboard: (none) => MGA8-64-OK

An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2023-0016.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED