Update Chromium

Sumbodule src/3rdparty :

  > [Backport] CVE-2022-3723: Type Confusion in V8
  > [Backport] CVE-2022-3653: Heap buffer overflow in Vulkan
  > [Backport] CVE-2022-3654: Use after free in Layout
  > [Backport] CVE-2022-3652: Type Confusion in V8
  > [Backport] CVE-2022-3445: Use after free in Skia
  > [Backport] CVE-2022-3450: Use after free in Peer Connection
  > [Backport] CVE-2022-3446 and CVE-2022-35737
  > Reland two changes for establishing gpu channel
  > FIXUP: Stop using C++20 initialization
  > FIXUP: Legalize the bloody code
  > [Backport] CVE-2022-3308: Insufficient policy enforcement in Developer Tools (2/2)
  > [Backport] CVE-2022-3308: Insufficient policy enforcement in Developer Tools (1/2)
  > [Backport] Security bug 1360936
  > [Backport] CVE-2022-3313: Incorrect security UI in Full Screen
  > [Backport] CVE-2022-3307: Use after free in Media.
  > [Backport] CVE-2022-3315: Type confusion in Blink
  > [Backport] CVE-2022-3201: Insufficient validation of untrusted input in Developer Tools (2/2)
  > [Backport] CVE-2022-3201: Insufficient validation of untrusted input in Developer Tools (1/2)
  > [Backport] CVE-2022-3304: Use after free in CSS
  > [Backport] CVE-2022-3373: Out of bounds write in V8
  > [Backport] Security bug 1356308
  > [Backport] CVE-2022-3370: Use after free in Custom Elements
  > [Backport] Security bug 1348283
  > [Backport] Security bugs 1346938 and 1338114
  > [Backport] CVE-2022-3200: Heap buffer overflow in Internals
  > Make user agent helpers buildable without unwanted dependencies
  > Adapt DevToolsFileHelper for WebEngine
  > [Backport] CVE-2022-3199: Use after free in Frames.
  > [Backport] CVE-2022-3198: Use after free in PDF
  > [Backport] CVE-2022-3197: Use after free in PDF
  > [Backport] CVE-2022-3196: Use after free in PDF
  > [Backport] Security bug 962815
  > [Backport] Security bug 1352549
  > [Backport] CVE-2022-3056: Insufficient policy enforcement in Content Security Policy.
  > [Backport] CVE-2022-3057: Inappropriate implementation in iframe Sandbox
  > [Backport] CVE-2022-3053: Inappropriate implementation in Pointer Lock
  > [Backport] CVE-2022-3055: Use after free in Passwords
  > Disable less privileged app container
  > Fix debug builds on arm32
  > [Backport] CVE-2022-3040: Use after free in Layout
  > [Backport] CVE-2022-3041: Use after free in WebSQL
  > [Backport] CVE-2022-3038: Use after free in Network Service
  > Merge branch 'upstream-master' into 102-based
  > (origin/upstream-master) BASELINE: Update Chromium to 102.0.5005.177
  > FIXUP: Trim down some dependencies of push messaging
  > Fixup partial application of macOS OpenGL pixel format selection patch

Fixes: QTBUG-108104
Fixes: QTBUG-108105
Task-number: QTBUG-108106
Change-Id: I4f0e4e267288904443f648b544606aa85dcaa16b
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
(cherry picked from commit 00fa0def74e94139019ee7baa73b1099cd53f072)
Reviewed-by: Michal Klocek <michal.klocek@qt.io>

3 files changed, 2 insertions, 2 deletions

diff --git a/CHROMIUM_VERSION b/CHROMIUM_VERSION
index 57dd9c61f..7a0c0d115 100644
--- a/CHROMIUM_VERSION
+++ b/CHROMIUM_VERSION
@@ -1,3 +1,3 @@
 
 Based on Chromium version:                                      102.0.5005.177
-Patched with security patches up to Chromium version:           104.0.5112.102
+Patched with security patches up to Chromium version:           107.0.5304.88
diff --git a/src/3rdparty b/src/3rdparty
-Subproject 1dc53de694e05a192d4757835f66e0797b7d29b
+Subproject 9457651ead9b7034edb37532c2f33a558b1700b
diff --git a/src/core/web_engine_context.cpp b/src/core/web_engine_context.cpp
index d27798d4f..94ff5f7b2 100644
--- a/src/core/web_engine_context.cpp
+++ b/src/core/web_engine_context.cpp
@@ -891,7 +891,7 @@ const char *qWebEngineChromiumVersion() noexcept
 }
 const char *qWebEngineChromiumSecurityPatchVersion() noexcept
 {
-    return "104.0.5112.102"; // FIXME: Remember to update
+    return "107.0.5304.88"; // FIXME: Remember to update
 }
 
 QT_END_NAMESPACE