The stable and even the testing versions of this package consistently lag behind the latest patches. Other chromium based browsers and packages don't have this problem, including flatpak chromium builds, ungoogled-chromium, the chromium package for other distros, and Brave. I understand that some testing is needed for each new build, and chromium releases new patches frequently, but the current model is leaving fedora users vulnerable. Reproducible: Always Steps to Reproduce: 1. Install chromium from the stable fedora repo 2. The version that gets installed lacks security patches Actual Results: (As of 10/26/2023) The installed version is 118.0.5993.70 Expected Results: (As of 10/26/2023) The installed version should be 118.0.5993.117
FEDORA-2023-a9062a0411 has been submitted as an update to Fedora 38. https://bodhi.fedoraproject.org/updates/FEDORA-2023-a9062a0411
FEDORA-EPEL-2023-619e22a8fa has been submitted as an update to Fedora EPEL 8. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-619e22a8fa
FEDORA-2023-0b39dc9302 has been submitted as an update to Fedora 39. https://bodhi.fedoraproject.org/updates/FEDORA-2023-0b39dc9302
FEDORA-2023-7f87c8b975 has been submitted as an update to Fedora 37. https://bodhi.fedoraproject.org/updates/FEDORA-2023-7f87c8b975
FEDORA-EPEL-2023-b475c743aa has been submitted as an update to Fedora EPEL 9. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-b475c743aa
FEDORA-EPEL-2023-7d5cd32373 has been submitted as an update to Fedora EPEL 7. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-7d5cd32373
Please test and add Karma in https://bodhi.fedoraproject.org/updates/FEDORA-2023-0b39dc9302 Thanks
FEDORA-EPEL-2023-b475c743aa has been pushed to the Fedora EPEL 9 testing repository. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-b475c743aa See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-2023-a9062a0411 has been pushed to the Fedora 38 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2023-a9062a0411` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2023-a9062a0411 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-EPEL-2023-619e22a8fa has been pushed to the Fedora EPEL 8 testing repository. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-619e22a8fa See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-2023-0b39dc9302 has been pushed to the Fedora 39 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2023-0b39dc9302` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2023-0b39dc9302 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-EPEL-2023-7d5cd32373 has been pushed to the Fedora EPEL 7 testing repository. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-7d5cd32373 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-2023-7f87c8b975 has been pushed to the Fedora 37 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2023-7f87c8b975` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2023-7f87c8b975 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-2023-a9062a0411 has been pushed to the Fedora 38 stable repository. If problem still persists, please make note of it in this bug report.
This ticket should not have been closed. Fixing this one time does not constitute fixing the underlying issue. The underlying issue is that builds are not automatically kicked off and released for new stable chromium releases. At the very minimum, the rawhide build should automatically do this and so should currently be at 119.0.6045.105.
It looks like this can still be used to get the latest stable version https://omahaproxy.appspot.com/linux
fedora 39 should be ready on Tue 2023-11-07, until then it will not take any new packages update except packages with blockers. Set state back to MODIFIED
FEDORA-2023-7f87c8b975 has been pushed to the Fedora 37 stable repository. If problem still persists, please make note of it in this bug report.
FEDORA-2023-0b39dc9302 has been pushed to the Fedora 39 stable repository. If problem still persists, please make note of it in this bug report.
FEDORA-EPEL-2023-b475c743aa has been pushed to the Fedora EPEL 9 stable repository. If problem still persists, please make note of it in this bug report.
FEDORA-EPEL-2023-619e22a8fa has been pushed to the Fedora EPEL 8 stable repository. If problem still persists, please make note of it in this bug report.
FEDORA-EPEL-2023-7d5cd32373 has been pushed to the Fedora EPEL 7 stable repository. If problem still persists, please make note of it in this bug report.
It's not clear to me why this ticket keeps being closed. The issue is not resolved. If anything it's getting worse, as now even rawhide is behind the latest security release. All other major distributions are able to provide timely security updates for their users. For example: OpenSUSE, already on 119.0.6045.159: https://software.opensuse.org/package/chromium Debian, already on 119.0.6045.159: https://packages.debian.org/bookworm/chromium Arch, already on 119.0.6045.159: https://archlinux.org/packages/extra/x86_64/chromium/ Flatpak, already on 119.0.6045.159: https://flathub.org/apps/org.chromium.Chromium Ubuntu Snap, already on 119.0.6045.159: https://snapcraft.io/chromium This ticket should not be closed until Fedora is pulling in new security patch versions immediately and/or is releasing them at parity with other major distros. Until then this ticket is not resolved and should not be closed.
Reopening per above
FEDORA-2023-9425bb0115 has been submitted as an update to Fedora 39. https://bodhi.fedoraproject.org/updates/FEDORA-2023-9425bb0115
FEDORA-2023-9425bb0115 has been pushed to the Fedora 39 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2023-9425bb0115` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2023-9425bb0115 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
Why was this ticket moved to QA? Again, iterating the build as a one-off doesn't solve the underlying issue. This ticket should be used to track pipeline changes needed to consistently deliver more timely security patches. Individual security patch builds are not related to this ticket and should not be attached to this ticket.
FEDORA-2023-9425bb0115 has been pushed to the Fedora 39 stable repository. If problem still persists, please make note of it in this bug report.
Reopening this once more and reiterating my comment from above: "Why was this ticket moved to QA? Again, iterating the build as a one-off doesn't solve the underlying issue. This ticket should be used to track pipeline changes needed to consistently deliver more timely security patches. Individual security patch builds are not related to this ticket and should not be attached to this ticket."
Unfortunately it is not possible to deliver chromium update in a timely manner. We need at least 1 to 2 days to build the package after chromium source is released. The build for rawhide will be available immediately in rawhide tree while the other builds have to go through fedora update process. The package will be in testing for at least a week before going to stable. It can go to stable faster if the user tests immediately and grants positive karma. Therefore i recommend every user to test the update as soon as possible and to grant positive karma so that it can go stable quickly. It is my intention to close this bug because it makes absolutely no sense. Please do no reopen it again! Thanks