Browse files

Merge branch 'upstream'

* upstream:
  Imported Upstream version 18.0.1025.162~r131933
  Imported Upstream version 18.0.1025.142~r129054

Conflicts:
	chromium-browser-17.0.963.46~r119351-source.tar.lzma
	chromium-browser-18.0.1025.162~r131933-source.tar.lzma
	debian/changelog
	debian/chromium-browser.install
	debian/control
	debian/patches/disable_dlog_and_dcheck_in_release_builds.patch
	nickel-browser-17.0.963.46~r119351-source.tar.lzma
  • Loading branch information...
2 parents c684c52 + 2f57ee4 commit f65391e3211ea76883920dea1d33516c77f17d75 Adam McDaniel committed Apr 19, 2012
View
618 debian/changelog
@@ -1,14 +1,599 @@
+chromium-browser (18.0.1025.162~r131933-0ubuntu1~ucd~lucid1) lucid; urgency=low
+
+ * New upstream release from the Stable Channel
+
+ -- Micah Gersten <micahg@ubuntu.com> Tue, 17 Apr 2012 23:28:45 -0500
+
+chromium-browser (18.0.1025.151~r130497-0ubuntu1) precise; urgency=low
+
+ * New upstream release from the Stable Channel (LP: #977502)
+ - black screen on Hybrid Graphics system with GPU accelerated compositing
+ enabled (Issue: 117371)
+ - CSS not applied to <content> element (Issue: 114667)
+ - Regression rendering a div with background gradient and borders
+ (Issue: 113726)
+ - Canvas 2D line drawing bug with GPU acceleration (Issue: 121285)
+ - Multiple crashes (Issues: 72235, 116825 and 92998)
+ - Pop-up dialog is at wrong position (Issue: 116045)
+ - HTML Canvas patterns are broken if you change the transformation matrix
+ (Issue: 112165)
+ - SSL interstitial error "proceed anyway" / "back to safety" buttons don't
+ work (Issue: 119252)
+ This release fixes the following security issues:
+ - [106577] Medium CVE-2011-3066: Out-of-bounds read in Skia clipping.
+ Credit to miaubiz.
+ - [117583] Medium CVE-2011-3067: Cross-origin iframe replacement. Credit to
+ Sergey Glazunov.
+ - [117698] High CVE-2011-3068: Use-after-free in run-in handling. Credit to
+ miaubiz.
+ - [117728] High CVE-2011-3069: Use-after-free in line box handling. Credit
+ to miaubiz.
+ - [118185] High CVE-2011-3070: Use-after-free in v8 bindings. Credit to
+ Google Chrome Security Team (SkyLined).
+ - [118273] High CVE-2011-3071: Use-after-free in HTMLMediaElement. Credit
+ to pa_kt, reporting through HP TippingPoint ZDI (ZDI-CAN-1528).
+ - [118467] Low CVE-2011-3072: Cross-origin violation parenting pop-up
+ window. Credit to Sergey Glazunov.
+ - [118593] High CVE-2011-3073: Use-after-free in SVG resource handling.
+ Credit to Arthur Gerkis.
+ - [119281] Medium CVE-2011-3074: Use-after-free in media handling. Credit
+ to Sławomir Błażek.
+ - [119525] High CVE-2011-3075: Use-after-free applying style command.
+ Credit to miaubiz.
+ - [120037] High CVE-2011-3076: Use-after-free in focus handling. Credit to
+ miaubiz.
+ - [120189] Medium CVE-2011-3077: Read-after-free in script bindings. Credit
+ to Google Chrome Security Team (Inferno).
+
+ -- Micah Gersten <micahg@ubuntu.com> Mon, 09 Apr 2012 16:21:40 -0500
+
+chromium-browser (18.0.1025.142~r129054-0ubuntu1) precise; urgency=low
+
+ * New upstream release from the Stable Channel (LP: #968901)
+ This release fixes the following security issues:
+ - [109574] Medium CVE-2011-3058: Bad interaction possibly leading to XSS in
+ EUC-JP. Credit to Masato Kinugawa.
+ - [112317] Medium CVE-2011-3059: Out-of-bounds read in SVG text handling.
+ Credit to Arthur Gerkis.
+ - [114056] Medium CVE-2011-3060: Out-of-bounds read in text fragment
+ handling. Credit to miaubiz.
+ - [116398] Medium CVE-2011-3061: SPDY proxy certificate checking error.
+ Credit to Leonidas Kontothanassis of Google.
+ - [116524] High CVE-2011-3062: Off-by-one in OpenType Sanitizer. Credit to
+ Mateusz Jurczyk of the Google Security Team.
+ - [117417] Low CVE-2011-3063: Validate navigation requests from the renderer
+ more carefully. Credit to kuzzcc, Sergey Glazunov, PinkiePie and
+ scarybeasts (Google Chrome Security Team).
+ - [117471] High CVE-2011-3064: Use-after-free in SVG clipping. Credit to
+ Atte Kettunen of OUSPG.
+ - [117588] High CVE-2011-3065: Memory corruption in Skia. Credit to Omair.
+ - [117794] Medium CVE-2011-3057: Invalid read in v8. Credit to Christian
+ Holler.
+
+ * Add build dependency on libudev-dev to allow for gamepad detection; see
+ http://code.google.com/p/chromium/issues/detail?id=79050
+ - update debian/control
+ * Drop dlopen_libgnutls patch as it's been implemented upstream
+ - drop debian/patches/dlopen_libgnutls.patch
+ - update debian/patches/series
+ * Start removing *.so and *.so.* from the upstream tarball creation
+ - update debian/rules
+ * Strip almost the entire third_party/openssl directory as it's needed only
+ on android, but is used by the build system
+ - update debian/rules
+ * Use tar's --exclude-vcs flag instead of just excluding .svn
+ - update debian/rules
+
+ -- Micah Gersten <micahg@ubuntu.com> Sun, 01 Apr 2012 22:17:11 -0500
+
+chromium-browser (17.0.963.83~r127885-0ubuntu1) precise; urgency=low
+
+ * New upstream release from the Stable Channel (LP: #961831)
+ This release fixes the following security issues:
+ - [113902] High CVE-2011-3050: Use-after-free with first-letter handling.
+ Credit to miaubiz.
+ - [116162] High CVE-2011-3045: libpng integer issue from upstream. Credit
+ to Glenn Randers-Pehrson of the libpng project.
+ - [116461] High CVE-2011-3051: Use-after-free in CSS cross-fade handling.
+ Credit to Arthur Gerkis.
+ - [116637] High CVE-2011-3052: Memory corruption in WebGL canvas handling.
+ Credit to Ben Vanik of Google.
+ - [116746] High CVE-2011-3053: Use-after-free in block splitting.
+ Credit to miaubiz.
+ - [117418] Low CVE-2011-3054: Apply additional isolations to webui
+ privileges. Credit to Sergey Glazunov.
+ - [117736] Low CVE-2011-3055: Prompt in the browser native UI for unpacked
+ extension installation. Credit to PinkiePie.
+ - [117550] High CVE-2011-3056: Cross-origin violation with “magic iframe”.
+ Credit to Sergey Glazunov.
+ - [117794] Medium CVE-2011-3057: Invalid read in v8. Credit to Christian
+ Holler.
+
+ -- Micah Gersten <micahg@ubuntu.com> Wed, 21 Mar 2012 21:31:34 -0500
+
+chromium-browser (17.0.963.79~r125985-0ubuntu1) precise; urgency=low
+
+ * New upstream release from the Stable Channel (LP: #952711)
+ This release fixes the following security issue:
+ - [117620] [117656] Critical CVE-2011-3047: Errant plug-in load and GPU
+ process memory corruption. Credit to PinkiePie.
+
+ -- Micah Gersten <micahg@ubuntu.com> Mon, 12 Mar 2012 00:01:07 -0500
+
+chromium-browser (17.0.963.78~r125577-0ubuntu1) precise; urgency=low
+
+ * New upstream release from the Stable Channel (LP: #950174)
+ This release fixes the following security issue:
+ - [117226] [117230] Critical CVE-2011-3046: UXSS and bad history navigation.
+ Credit to Sergey Glazunov.
+
+ * Add libgles2-mesa-dev build dependency on armhf as well; Hopefully really
+ fix LP: #943281; Thanks to Christian Dywan for the tip
+ - update debian/control
+
+ -- Micah Gersten <micahg@ubuntu.com> Fri, 09 Mar 2012 00:40:23 -0600
+
+chromium-browser (17.0.963.66~r124982-0ubuntu1) precise; urgency=low
+
+ * New upstream release from the Stable Channel (LP: #948749)
+ - fixes regression in the DOM [116789]
+
+ [ Micah Gersten <micahg@ubuntu.com> ]
+ * Revert manual changes to v8 build system since we're using the gyp flag now
+ - update debian/patches/fix-armhf-ftbfs.patch
+
+ [ Jani Monoses <jani@ubuntu.com> ]
+ * Attempt to fix armhf build again (LP: #943281)
+ - update debian/rules
+
+ -- Micah Gersten <micahg@ubuntu.com> Wed, 07 Mar 2012 02:00:53 -0600
+
+chromium-browser (17.0.963.65~r124586-0ubuntu1) precise; urgency=low
+
+ * New upstream release from the Stable Channel (LP: #946914)
+ - Cursors and backgrounds sometimes do not load [111218]
+ - Plugins not loading on some pages [108228]
+ - Text paste includes trailing spaces [106551]
+ - Websites using touch controls break [110332]
+ This release fixes the following security issues:
+ - [105867] High CVE-2011-3031: Use-after-free in v8 element wrapper. Credit
+ to Chamal de Silva.
+ - [108037] High CVE-2011-3032: Use-after-free in SVG value handling. Credit
+ to Arthur Gerkis.
+ - [108406] [115471] High CVE-2011-3033: Buffer overflow in the Skia drawing
+ library. Credit to Aki Helin of OUSPG.
+ - [111748] High CVE-2011-3034: Use-after-free in SVG document handling.
+ Credit to Arthur Gerkis.
+ - [112212] High CVE-2011-3035: Use-after-free in SVG use handling. Credit to
+ Arthur Gerkis.
+ - [113258] High CVE-2011-3036: Bad cast in line box handling. Credit to
+ miaubiz.
+ - [113439] [114924] [115028] High CVE-2011-3037: Bad casts in anonymous
+ block splitting. Credit to miaubiz.
+ - [113497] High CVE-2011-3038: Use-after-free in multi-column handling.
+ Credit to miaubiz.
+ - [113707] High CVE-2011-3039: Use-after-free in quote handling. Credit to
+ miaubiz.
+ - [114054] High CVE-2011-3040: Out-of-bounds read in text handling. Credit
+ to miaubiz.
+ - [114068] High CVE-2011-3041: Use-after-free in class attribute handling.
+ Credit to miaubiz.
+ - [114219] High CVE-2011-3042: Use-after-free in table section handling.
+ Credit to miaubiz.
+ - [115681] High CVE-2011-3043: Use-after-free in flexbox with floats. Credit
+ to miaubiz.
+ - [116093] High CVE-2011-3044: Use-after-free with SVG animation elements.
+ Credit to Arthur Gerkis.
+
+ [ Jani Monoses <jani@ubuntu.com> ]
+ * Fix FTBFS on armhf (LP: #943281)
+ - add debian/patches/fix-armhf-ftbfs.patch
+ - update debian/patches/series
+
+ -- Micah Gersten <micahg@ubuntu.com> Mon, 05 Mar 2012 03:48:05 -0600
+
+chromium-browser (17.0.963.56~r121963-0ubuntu3) precise; urgency=low
+
+ * Fix arm specific flags again; Use findstring instead of filter as arm
+ isn't the entire build arch name
+ - update debian/rules
+
+ -- Micah Gersten <micahg@ubuntu.com> Mon, 20 Feb 2012 00:59:09 -0600
+
+chromium-browser (17.0.963.56~r121963-0ubuntu2) precise; urgency=low
+
+ * Add arm specific flags for arm*, not just armel; This allows building on
+ armhf successfully (we hope)
+ - update debian/rules
+ * Change chromium-browser-dbg to Priority: extra, Section: debug per lintian
+ - update debian/control
+ * Fix line endings in debian/copyright per lintian
+ - update debian/copyright
+ * Make copyright file UTF-8 per lintian
+ - update debian/copyright
+
+ -- Micah Gersten <micahg@ubuntu.com> Mon, 20 Feb 2012 00:23:47 -0600
+
+chromium-browser (17.0.963.56~r121963-0ubuntu1) precise; urgency=low
+
+ * New upstream release from the Stable Channel (LP: #933262)
+ This release fixes the following security issues:
+ - [105803] High CVE-2011-3015: Integer overflows in PDF codecs. Credit to
+ Google Chrome Security Team (scarybeasts).
+ - [106336] Medium CVE-2011-3016: Read-after-free with counter nodes. Credit
+ to miaubiz.
+ - [108695] High CVE-2011-3017: Possible use-after-free in database handling.
+ Credit to miaubiz.
+ - [110172] High CVE-2011-3018: Heap overflow in path rendering. Credit to
+ Aki Helin of OUSPG.
+ - [110849] High CVE-2011-3019: Heap buffer overflow in MKV handling. Credit
+ to Google Chrome Security Team (scarybeasts) and Mateusz Jurczyk of the
+ Google Security Team.
+ - [111575] Medium CVE-2011-3020: Native client validator error. Credit to
+ Nick Bray of the Chromium development community.
+ - [111779] High CVE-2011-3021: Use-after-free in subframe loading. Credit to
+ Arthur Gerkis.
+ - [112236] Medium CVE-2011-3022: Inappropriate use of http for translation
+ script. Credit to Google Chrome Security Team (Jorge Obes).
+ - [112259] Medium CVE-2011-3023: Use-after-free with drag and drop. Credit
+ to pa_kt.
+ - [112451] Low CVE-2011-3024: Browser crash with empty x509 certificate.
+ Credit to chrometot.
+ - [112670] Medium CVE-2011-3025: Out-of-bounds read in h.264 parsing. Credit
+ to Sławomir Błażek.
+ - [112822] High CVE-2011-3026: Integer overflow / truncation in libpng.
+ Credit to Jüri Aedla.
+ - [112847] High CVE-2011-3027: Bad cast in column handling. Credit to
+ miaubiz.
+
+ -- Micah Gersten <micahg@ubuntu.com> Wed, 15 Feb 2012 22:55:08 -0600
+
nickel-browser (17.0.963.46~r119351-1jolicloud0+0u1) robby-1.2; urgency=low
* Refreshed Jolicloud patches for nickel-browser-17.0.963.46~r119351
* Include content_resources.pak with final DEB package
-- Adam McDaniel <adam@jolicloud.org> Tue, 03 Jan 2012 12:12:16 -0700
-chromium-browser (17.0.963.46~r119351-0ubuntu1~ucd~beta1~lucid) lucid; urgency=low
+chromium-browser (17.0.963.46~r119351-0ubuntu1) precise; urgency=low
+
+ * New upstream release from the Stable Channel (LP: #931905)
+ This release fixes the following security issues:
+ - [73478] Low CVE-2011-3953: Avoid clipboard monitoring after paste event.
+ Credit to Daniel Cheng of the Chromium development community.
+ - [92550] Low CVE-2011-3954: Crash with excessive database usage. Credit to
+ Collin Payne.
+ - [93106] High CVE-2011-3955: Crash aborting an IndexDB transaction. Credit
+ to David Grogan of the Chromium development community.
+ - [103630] Low CVE-2011-3956: Incorrect handling of sandboxed origins inside
+ extensions. Credit to Devdatta Akhawe, UC Berkeley.
+ - [104056] High CVE-2011-3957: Use-after-free in PDF garbage collection.
+ Credit to Aki Helin of OUSPG.
+ - [105459] High CVE-2011-3958: Bad casts with column spans. Credit to
+ miaubiz.
+ - [106441] High CVE-2011-3959: Buffer overflow in locale handling. Credit to
+ Aki Helin of OUSPG.
+ - [108416] Medium CVE-2011-3960: Out-of-bounds read in audio decoding.
+ Credit to Aki Helin of OUSPG.
+ - [108871] Critical CVE-2011-3961: Race condition after crash of utility
+ process. Credit to Shawn Goertzen.
+ - [108901] Medium CVE-2011-3962: Out-of-bounds read in path clipping. Credit
+ to Aki Helin of OUSPG.
+ - [109094] Medium CVE-2011-3963: Out-of-bounds read in PDF fax image
+ handling. Credit to Atte Kettunen of OUSPG.
+ - [109245] Low CVE-2011-3964: URL bar confusion after drag + drop. Credit to
+ Code Audit Labs of VulnHunt.com.
+ - [109664] Low CVE-2011-3965: Crash in signature check. Credit to Sławomir
+ Błażek.
+ - [109716] High CVE-2011-3966: Use-after-free in stylesheet error handling.
+ Credit to Aki Helin of OUSPG.
+ - [109717] Low CVE-2011-3967: Crash with unusual certificate. Credit to Ben
+ Carrillo.
+ - [109743] High CVE-2011-3968: Use-after-free in CSS handling. Credit to
+ Arthur Gerkis.
+ - [110112] High CVE-2011-3969: Use-after-free in SVG layout. Credit to
+ Arthur Gerkis.
+ - [110277] Medium CVE-2011-3970: Out-of-bounds read in libxslt. Credit to
+ Aki Helin of OUSPG.
+ - [110374] High CVE-2011-3971: Use-after-free with mousemove events. Credit
+ to Arthur Gerkis.
+ - [110559] Medium CVE-2011-3972: Out-of-bounds read in shader translator.
+ Credit to Google Chrome Security Team (Inferno).
+
+ * Rebase patch
+ - update debian/patches/disable_dlog_and_dcheck_in_release_builds.patch
+ * Update .install file to just install all .pak files instead of listing them
+ by name
+ - update debian/chromium-browser.install
+
+ -- Micah Gersten <micahg@ubuntu.com> Wed, 15 Feb 2012 01:32:50 -0600
+
+chromium-browser (16.0.912.77~r118311-0ubuntu1) precise; urgency=low
+
+ * New upstream release from the Stable Channel (LP: #923602, #897389)
+ (LP: #914648, #889711)
+ This release fixes the following security issues:
+ - [106484] High CVE-2011-3924: Use-after-free in DOM selections. Credit to
+ Arthur Gerkis.
+ - [107182] Critical CVE-2011-3925: Use-after-free in Safe Browsing
+ navigation. Credit to Chamal de Silva.
+ - [108461] High CVE-2011-3928: Use-after-free in DOM handling. Credit to
+ wushi of team509 reported through ZDI (ZDI-CAN-1415).
+ - [108605] High CVE-2011-3927: Uninitialized value in Skia. Credit to
+ miaubiz.
+ - [109556] High CVE-2011-3926: Heap-buffer-overflow in tree builder.
+ Credit to Arthur Gerkis.
+
+ This upload also includes the following security fixes from 16.0.912.75:
+ - [106672] High CVE-2011-3921: Use-after-free in animation frames. Credit to
+ Boris Zbarsky of Mozilla.
+ - [107128] High CVE-2011-3919: Heap-buffer-overflow in libxml. Credit to
+ Jüri Aedla.
+ - [108006] High CVE-2011-3922: Stack-buffer-overflow in glyph handling.
+ Credit to Google Chrome Security Team (Cris Neckar).
+
+ This upload also includes the following security fixes from 16.0.912.63:
+ - [81753] Medium CVE-2011-3903: Out-of-bounds read in regex matching. Credit
+ to David Holloway of the Chromium development community.
+ - [95465] Low CVE-2011-3905: Out-of-bounds reads in libxml. Credit to Google
+ Chrome Security Team (Inferno).
+ - [98809] Medium CVE-2011-3906: Out-of-bounds read in PDF parser. Credit to
+ Aki Helin of OUSPG.
+ - [99016] High CVE-2011-3907: URL bar spoofing with view-source. Credit to
+ Luka Treiber of ACROS Security.
+ - [100863] Low CVE-2011-3908: Out-of-bounds read in SVG parsing. Credit to
+ Aki Helin of OUSPG.
+ - [101010] Medium CVE-2011-3909: [64-bit only] Memory corruption in CSS
+ property array. Credit to Google Chrome Security Team (scarybeasts) and
+ Chu.
+ - [101494] Medium CVE-2011-3910: Out-of-bounds read in YUV video frame
+ handling. Credit to Google Chrome Security Team (Cris Neckar).
+ - [101779] Medium CVE-2011-3911: Out-of-bounds read in PDF. Credit to Google
+ Chrome Security Team (scarybeasts) and Robert Swiecki of the Google
+ Security Team.
+ - [102359] High CVE-2011-3912: Use-after-free in SVG filters. Credit to
+ Arthur Gerkis.
+ - [103921] High CVE-2011-3913: Use-after-free in Range handling. Credit to
+ Arthur Gerkis.
+ - [104011] High CVE-2011-3914: Out-of-bounds write in v8 i18n handling.
+ Credit to Sławomir Błażek.
+ - [104529] High CVE-2011-3915: Buffer overflow in PDF font handling. Credit
+ to Atte Kettunen of OUSPG.
+ - [104959] Medium CVE-2011-3916: Out-of-bounds reads in PDF cross
+ references. Credit to Atte Kettunen of OUSPG.
+ - [105162] Medium CVE-2011-3917: Stack-buffer-overflow in FileWatcher.
+ Credit to Google Chrome Security Team (Marty Barbella).
+
+ This upload also includes the following fixes from 15.0.874.121:
+ - fix to a regression: SVG in iframe doesn't use specified dimensions
+ - [103259] High CVE-2011-3900: Out-of-bounds write in v8. Credit to
+ Christian Holler
+
+ [ Micah Gersten <micahg@ubuntu.com> ]
+ * Add patch to build with glib 2.31 (single entry header inclusion)
+ - add debian/patches/glib-header-single-entry.patch
+ - update debian/patches/series
+
+ [ Brandon Snider <brandonsnider@ubuntu.com> ]
+ * Refresh user agent patch
+ - update debian/patches/chromium_useragent.patch.in
+
+ -- Micah Gersten <micahg@ubuntu.com> Mon, 30 Jan 2012 14:43:06 -0600
+
+chromium-browser (16.0.912.63~r113337-0ubuntu1~ucd~stable1) UNRELEASED; urgency=low
+
+ * New upstream release from the Stable Channel
+
+ [ Brandon Snider <brandonsnider@ubuntu.com> ]
+ * Refresh patch
+ - update debian/patches/chromium_useragent.patch.in
+
+ -- Micah Gersten <micahg@ubuntu.com> Wed, 14 Dec 2011 22:55:48 -0600
+
+chromium-browser (15.0.874.120~r108895-0ubuntu1) precise; urgency=low
+
+ * New upstream release from the Stable Channel (LP: #889711)
+ This release fixes the following security issues:
+ - [100465] High CVE-2011-3892: Double free in Theora decoder. Credit to Aki
+ Helin of OUSPG.
+ - [100492] [100543] Medium CVE-2011-3893: Out of bounds reads in MKV and
+ Vorbis media handlers. Credit to Aki Helin of OUSPG.
+ - [101172] High CVE-2011-3894: Memory corruption regression in VP8 decoding.
+ Credit to Andrew Scherkus of the Chromium development community.
+ - [101458] High CVE-2011-3895: Heap overflow in Vorbis decoder. Credit to
+ Aki Helin of OUSPG.
+ - [101624] High CVE-2011-3896: Buffer overflow in shader variable mapping.
+ Credit to Ken “strcpy” Russell of the Chromium development community.
+ - [102242] High CVE-2011-3897: Use-after-free in editing. Credit to pa_kt
+ reported through ZDI (ZDI-CAN-1416).
+
+ -- Micah Gersten <micahg@ubuntu.com> Sun, 13 Nov 2011 00:11:03 -0600
+
+chromium-browser (15.0.874.106~r107270-0ubuntu1~ucd~stable1) precise; urgency=low
+
+ * New upstream release from the Stable Channel (LP: #881786)
+ - This release fixes a regression with regard to logging into certain
+ websites
+
+ -- Micah Gersten <micahg@ubuntu.com> Wed, 26 Oct 2011 23:19:00 -0500
+
+chromium-browser (15.0.874.102~r106587-0ubuntu1~ucd~stable1) precise; urgency=low
+
+ * New upstream release from the Stable Channel (LP: #881786)
+ - fix LP: #881607 - Error initializing NSS without a persistent database
+ This release fixes the following security issues:
+ - [86758] High CVE-2011-2845: URL bar spoof in history handling. Credit to
+ Jordi Chancel.
+ - [88949] Medium CVE-2011-3875: URL bar spoof with drag+drop of URLs. Credit
+ to Jordi Chancel.
+ - [90217] Low CVE-2011-3876: Avoid stripping whitespace at the end of
+ download filenames. Credit to Marc Novak.
+ - [91218] Low CVE-2011-3877: XSS in appcache internals page. Credit to
+ Google Chrome Security Team (Tom Sepez) plus independent discovery by
+ Juho Nurminen.
+ - [94487] Medium CVE-2011-3878: Race condition in worker process
+ initialization. Credit to miaubiz.
+ - [95374] Low CVE-2011-3879: Avoid redirect to chrome scheme URIs. Credit to
+ Masato Kinugawa.
+ - [95992] Low CVE-2011-3880: Don’t permit as a HTTP header delimiter. Credit
+ to Vladimir Vorontsov, ONsec company.
+ - [96047] [96885] [98053] [99512] [99750] High CVE-2011-3881: Cross-origin
+ policy violations. Credit to Sergey Glazunov.
+ - [96292] High CVE-2011-3882: Use-after-free in media buffer handling.
+ Credit to Google Chrome Security Team (Inferno).
+ - [96902] High CVE-2011-3883: Use-after-free in counter handling. Credit to
+ miaubiz.
+ - [97148] High CVE-2011-3884: Timing issues in DOM traversal. Credit to
+ Brian Ryner of the Chromium development community.
+ - [97599] [98064] [98556] [99294] [99880] [100059] High CVE-2011-3885: Stale
+ style bugs leading to use-after-free. Credit to miaubiz.
+ - [98773] [99167] High CVE-2011-3886: Out of bounds writes in v8. Credit to
+ Christian Holler.
+ - [98407] Medium CVE-2011-3887: Cookie theft with javascript URIs. Credit to
+ Sergey Glazunov.
+ - [99138] High CVE-2011-3888: Use-after-free with plug-in and editing.
+ Credit to miaubiz.
+ - [99211] High CVE-2011-3889: Heap overflow in Web Audio. Credit to miaubiz.
+ - [99553] High CVE-2011-3890: Use-after-free in video source handling.
+ Credit to Ami Fischman of the Chromium development community.
+ - [100332] High CVE-2011-3891: Exposure of internal v8 functions. Credit to
+ Steven Keuchel of the Chromium development community plus independent
+ discovery by Daniel Divricean.
+
+ [ Chris Coulson <chris.coulson@canonical.com> ]
+ * Refresh patches
+ - update debian/patches/dlopen_sonamed_gl.patch
+ - update debian/patches/webkit_rev_parser.patch
+ * Dropped patches, fixed upstream
+ - remove debian/patches/cups_1.5_build_fix.patch
+ - update debian/patches/series
+ * Don't depend on cdbs being installed to create a tarball
+ - update debian/rules
+ - update debian/cdbs/tarball.mk
+
+ [ Fabien Tassin ]
+ * Disable NaCl until we figure out what to do with the private toolchain
+ - update debian/rules
+ * Do not install the pseudo_locales files in the debs
+ - update debian/rules
+ * Add python-simplejson to Build-depends. This is needed by NaCl even with
+ NaCl disabled, so this is a temporary workaround to unbreak the build, it
+ must be fixed upstream
+ - update debian/control
+
+ -- Micah Gersten <micahg@ubuntu.com> Wed, 26 Oct 2011 02:52:39 -0500
+
+chromium-browser (14.0.835.202~r103287-0ubuntu3) UNRELEASED; urgency=low
+
+ * Don't depend on cdbs being installed to create a tarball
+
+ -- Chris Coulson <chris.coulson@canonical.com> Fri, 21 Oct 2011 22:49:24 +0100
+
+chromium-browser (14.0.835.202~r103287-0ubuntu2) precise; urgency=low
+
+ * Switch maintainer to Ubuntu Developers; Thanks to Fabien Tassin for all
+ his work on this package
+ - update debian/control
+ * Switch to internal libvpx; This makes updating easier after release
+ - update debian/rules
+ * Drop build dependency on libvpx due to the switch to internal libvpx
+ - update debian/control
+ * Switch to default libjpeg
+ - update debian/control
+ * Update Vcs-Bzr for precise
+ - update debian/control
+
+ -- Micah Gersten <micahg@ubuntu.com> Tue, 18 Oct 2011 02:50:27 -0500
+
+chromium-browser (14.0.835.202~r103287-0ubuntu1) oneiric; urgency=low
+
+ * New upstream release from the Stable Channel (LP: #858744)
+ This release fixes the following security issues:
+ + Chromium issues (13.0.782.220):
+ - Trust in Diginotar Intermediate CAs revoked
+ + Chromium issues (14.0.835.163):
+ - [49377] High CVE-2011-2835: Race condition in the certificate cache.
+ Credit to Ryan Sleevi.
+ - [57908] Low CVE-2011-2837: Use PIC / pie compiler flags. Credit to
+ wbrana.
+ - [75070] Low CVE-2011-2838: Treat MIME type more authoritatively when
+ loading plug-ins. Credit to Michal Zalewski.
+ - [78639] High CVE-2011-2841: Garbage collection error in PDF. Credit to
+ Mario Gomes.
+ - [82438] Medium CVE-2011-2843: Out-of-bounds read with media buffers.
+ Credit to Kostya Serebryany.
+ - [85041] Medium CVE-2011-2844: Out-of-bounds read with mp3 files. Credit
+ to Mario Gomes.
+ - [89564] Medium CVE-2011-2848: URL bar spoof with forward button. Credit
+ to Jordi Chancel.
+ - [89795] Low CVE-2011-2849: Browser NULL pointer crash with WebSockets.
+ Credit to Arthur Gerkis.
+ - [90134] Medium CVE-2011-2850: Out-of-bounds read with Khmer characters.
+ Credit to miaubiz.
+ - [90173] Medium CVE-2011-2851: Out-of-bounds read in video handling.
+ Credit to Google Chrome Security Team (Inferno).
+ - [91197] High CVE-2011-2853: Use-after-free in plug-in handling. Credit
+ to Google Chrome Security Team (SkyLined).
+ - [93497] Medium CVE-2011-2859: Incorrect permissions assigned to
+ non-gallery pages. Credit to Bernhard ‘Bruhns’ Brehm
+ - [93596] Medium CVE-2011-2861: Bad string read in PDF. Credit to Aki
+ Helin of OUSPG.
+ - [95563] Medium CVE-2011-2864: Out-of-bounds read with Tibetan
+ characters. Credit to Google Chrome Security Team (Inferno).
+ - [95625] Medium CVE-2011-2858: Out-of-bounds read with triangle arrays.
+ Credit to Google Chrome Security Team (Inferno).
+ - [95917] Low CVE-2011-2874: Failure to pin a self-signed cert for a
+ session. Credit to Nishant Yadant and Craig Chamberlain (@randomuserid).
+ + Chromium issues (14.0.835.202):
+ - [95671] High CVE-2011-2878: Inappropriate cross-origin access to the
+ window prototype. Credit to Sergey Glazunov.
+ - [96150] High CVE-2011-2879: Lifetime and threading issues in audio node
+ handling. Credit to Google Chrome Security Team (Inferno).
+ - [98089] Critical CVE-2011-3873: Memory corruption in shader translator.
+ Credit to Zhenyao Mo.
+ + Webkit issues (14.0.835.163):
+ - [78427] [83031] Low CVE-2011-2840: Possible URL bar spoofs with unusual
+ user interaction. Credit to kuzzcc.
+ - [89219] High CVE-2011-2846: Use-after-free in unload event handling.
+ Credit to Arthur Gerkis.
+ - [89330] High CVE-2011-2847: Use-after-free in document loader. Credit to
+ miaubiz.
+ - [89991] Medium CVE-2011-3234: Out-of-bounds read in box handling. Credit
+ to miaubiz.
+ - [92651] [94800] High CVE-2011-2854: Use-after-free in ruby / table style
+ handing. Credit to Sławomir Błażek, and independent later discoveries by
+ miaubiz and Google Chrome Security Team (Inferno).
+ - [92959] High CVE-2011-2855: Stale node in stylesheet handling. Credit to
+ Arthur Gerkis.
+ - [93420] High CVE-2011-2857: Use-after-free in focus controller. Credit
+ to miaubiz.
+ - [93587] High CVE-2011-2860: Use-after-free in table style handling.
+ Credit to miaubiz.
+ + Webkit issues (14.0.835.202):
+ - [93788] High CVE-2011-2876: Use-after-free in text line box handling.
+ Credit to miaubiz.
+ - [95072] High CVE-2011-2877: Stale font in SVG text handling. Credit to
+ miaubiz.
+ + LibXML issue (14.0.835.163):
+ - [93472] High CVE-2011-2834: Double free in libxml XPath handling. Credit
+ to Yang Dingning
+ + V8 issues (14.0.835.163):
+ - [76771] High CVE-2011-2839: Crash in v8 script object wrappers. Credit
+ to Kostya Serebryany
+ - [91120] High CVE-2011-2852: Off-by-one in v8. Credit to Christian Holler
+ - [93416] High CVE-2011-2856: Cross-origin bypass in v8. Credit to Daniel
+ Divricean.
+ - [93906] High CVE-2011-2862: Unintended access to v8 built-in objects.
+ Credit to Sergey Glazunov.
+ - [95920] High CVE-2011-2875: Type confusion in v8 object sealing. Credit
+ to Christian Holler.
+ + V8 issues (14.0.835.202):
+ - [97451] [97520] [97615] High CVE-2011-2880: Use-after-free in the v8
+ bindings. Credit to Sergey Glazunov.
+ - [97784] High CVE-2011-2881: Memory corruption with v8 hidden objects.
+ Credit to Sergey Glazunov.
[ Fabien Tassin ]
- * New upstream release from the Beta channel
* Add libpulse-dev to Build-Depends, needed for WebRTC
- update debian/control
* Drop the HTML5 video patch, now committed upstream
@@ -22,23 +607,15 @@ chromium-browser (17.0.963.46~r119351-0ubuntu1~ucd~beta1~lucid) lucid; urgency=l
* Build with the default gcc-4.6 on Oneiric
- update debian/control
- update debian/rules
+ * Refresh Patches
- [ Chris Coulson <chris.coulson@canonical.com> ]
- * Refresh patches
- - update debian/patches/dlopen_sonamed_gl.patch
- - update debian/patches/webkit_rev_parser.patch
- * Dropped patches, fixed upstream
- - remove debian/patches/cups_1.5_build_fix.patch
- - update debian/patches/series
- * Don't depend on cdbs being installed to create a tarball
- - update debian/rules
- - update debian/cdbs/tarball.mk
+ -- Micah Gersten <micahg@ubuntu.com> Wed, 05 Oct 2011 04:06:44 -0500
- [ Brandon Snider <brandonsnider@ubuntu.com> ]
- * Refresh patch
- - update debian/patches/chromium_useragent.patch.in
+chromium-browser (13.0.782.215~r97094-0ubuntu2) oneiric; urgency=low
- -- Chris Coulson <chrisccoulson@chinstrap.canonical.com> Tue, 31 Jan 2012 07:24:50 +0000
+ * Enable hardening on armel. LP: #641126.
+
+ -- Matthias Klose <doko@ubuntu.com> Wed, 21 Sep 2011 23:47:00 +0200
nickel-browser (16.0.912.63~r113337-1jolicloud1+0u1) robby-1.2; urgency=low
@@ -300,6 +877,15 @@ nickel-browser (13.0.782.107~r94237-1jolicloud1+0u1) robby-1.2; urgency=low
-- Adam McDaniel <adam@jolicloud.org> Mon, 08 Aug 2011 11:52:41 -0600
+chromium-browser (13.0.782.112~r95650-0ubuntu1) UNRELEASED; urgency=low
+
+ * New upstream release from the Stable Channel
+ * Fix a FTBFS with cups 1.5.0 by including individual cups headers
+ - add debian/patches/cups_1.5_build_fix.patch
+ - update debian/patches/series
+
+ -- Fabien Tassin <fta@ubuntu.com> Tue, 09 Aug 2011 19:55:32 +0200
+
chromium-browser (13.0.782.107~r94237-0ubuntu2) oneiric; urgency=high
* Add libgles2-mesa-dev to Build-deps for Armel (only), fixing a FTBFS
View
14 debian/control
@@ -18,9 +18,7 @@ Build-Depends: cdbs,
bison,
flex,
gperf,
- libelfg0-dev,
- libvpx-dev,
- libjpeg62-dev,
+ libjpeg-dev,
libpng12-dev,
libbz2-dev,
zlib1g-dev,
@@ -37,9 +35,10 @@ Build-Depends: cdbs,
libpam0g-dev,
libgl1-mesa-dri,
mesa-common-dev,
+ python-simplejson,
libgl1-mesa-dev,
libglu1-mesa-dev,
- libgles2-mesa-dev [armel],
+ libgles2-mesa-dev [armel armhf],
libxt-dev,
libxtst-dev,
libxss-dev,
@@ -48,6 +47,7 @@ Build-Depends: cdbs,
libgtk2.0-dev,
libdbus-glib-1-dev,
libgnome-keyring-dev,
+ libudev-dev,
libgconf2-dev
Standards-Version: 3.8.3
@@ -72,10 +72,10 @@ Description: Nickel browser
This package contains the Nickel browser
Package: nickel-browser-dbg
-Architecture: i386 amd64
-Section: devel
-Priority: optional
+Architecture: any
Pre-Depends: lzma
+Priority: extra
+Section: debug
Depends: ${shlibs:Depends}, ${misc:Depends}, nickel-browser (= ${binary:Version})
Description: nickel-browser debug symbols
Debug symbols for the Nickel browser
View
40 debian/copyright
@@ -1120,7 +1120,7 @@ Copyright: Copyright (c) 2006-2009 The Chromium Authors. All rights reserved. Us
License: global BSD-style Chromium
Files: src/chrome/installer/util/{installer_util_unittests_resource.h}
-Copyright: Copyright (c) 2009 The Chromium Authors. All rights reserved. Use of this source code is governed by a BSD-style license that can be found in the LICENSE file. :
+Copyright: Copyright (c) 2009 The Chromium Authors. All rights reserved. Use of this source code is governed by a BSD-style license that can be found in the LICENSE file.:
License: global BSD-style Chromium
Files: src/chrome/installer/util/{browser_distribution_unittest.cc,chrome_frame_distribution.cc,chrome_frame_distribution.h,copy_tree_work_item.cc,copy_tree_work_item.h,copy_tree_work_item_unittest.cc,create_dir_work_item.cc,create_dir_work_item.h,create_dir_work_item_unittest.cc,create_reg_key_work_item.cc,create_reg_key_work_item.h,delete_after_reboot_helper.cc,delete_after_reboot_helper.h,delete_after_reboot_helper_unittest.cc,delete_reg_value_work_item.cc,delete_reg_value_work_item.h,delete_tree_work_item.cc,delete_tree_work_item.h,google_chrome_distribution.cc,google_chrome_distribution_dummy.cc,google_chrome_distribution_unittest.cc,l10n_string_util.cc,lzma_util.cc,lzma_util.h,lzma_util_unittest.cc,master_preferences.cc,master_preferences.h,master_preferences_unittest.cc,move_tree_work_item.cc,move_tree_work_item.h,move_tree_work_item_unittest.cc,set_reg_value_work_item.cc,set_reg_value_work_item.h,shell_util.cc,shell_util.h,shell_util_unittest.cc,version.cc,version_unittest.cc,work_item.cc,work_item.h,work_item_list.cc,work_item_list.h,work_item_list_unittest.cc}
@@ -1564,15 +1564,15 @@ Copyright: Copyright (c) 2006-2009 The Chromium Authors. All rights reserved. Us
License: global BSD-style Chromium
Files: src/chrome_frame/test/perf/*
-Copyright: Copyright (c) 2009 The Chromium Authors. All rights reserved. Use of this source code is governed by a BSD-style license that can be found in the LICENSE file. :
+Copyright: Copyright (c) 2009 The Chromium Authors. All rights reserved. Use of this source code is governed by a BSD-style license that can be found in the LICENSE file.:
License: global BSD-style Chromium
Files: src/chrome_frame/test/reliability/{page_load_test.cc,page_load_test.h,reliability_test_suite.h,run_all_unittests.cc}
Copyright: Copyright (c) 2006-2009 The Chromium Authors. All rights reserved. Use of this source code is governed by a BSD-style license that can be found in the LICENSE file.:
License: global BSD-style Chromium
Files: src/chrome_frame/tools/test/page_cycler/{cf_cycler.py}
-Copyright: Copyright (c) 2009 The Chromium Authors. All rights reserved. Use of this source code is governed by a BSD-style license that can be found in the LICENSE file. :
+Copyright: Copyright (c) 2009 The Chromium Authors. All rights reserved. Use of this source code is governed by a BSD-style license that can be found in the LICENSE file.:
License: global BSD-style Chromium
Files: src/depot_tools/{upload.py}
@@ -2976,7 +2976,7 @@ Copyright: Copyright (c) 2009 The Chromium Authors. All rights reserved. Use of
License: global BSD-style Chromium
Files: src/net/tools/fetch/*
-Copyright: Copyright (c) 2009 The Chromium Authors. All rights reserved. Use of this source code is governed by a BSD-style license that can be found in the LICENSE file. :
+Copyright: Copyright (c) 2009 The Chromium Authors. All rights reserved. Use of this source code is governed by a BSD-style license that can be found in the LICENSE file.:
License: global BSD-style Chromium
Files: src/net/tools/fetch/*
@@ -3276,7 +3276,7 @@ Copyright: Copyright (c) 2006-2009 The Chromium Authors. All rights reserved. Us
License: global BSD-style Chromium
Files: src/skia/ext/{platform_canvas_win.h}
-Copyright: Copyright (c) 2009 The Chromium Authors. All rights reserved. Use of this source code is governed by a BSD-style license that can be found in the LICENSE file. :
+Copyright: Copyright (c) 2009 The Chromium Authors. All rights reserved. Use of this source code is governed by a BSD-style license that can be found in the LICENSE file.:
License: global BSD-style Chromium
Files: src/skia/ext/{SkMemory_new_handler.cpp,SkTypeface_fake.cpp,bitmap_platform_device.h,bitmap_platform_device_linux.cc,bitmap_platform_device_linux.h,canvas_paint.h,canvas_paint_linux.h,canvas_paint_mac.h,canvas_paint_win.h,convolver.cc,convolver.h,convolver_unittest.cc,google_logging.cc,image_operations.cc,image_operations.h,image_operations_unittest.cc,skia_utils.cc,skia_utils.h,skia_utils_gtk.cc,skia_utils_gtk.h,vector_canvas_linux.cc,vector_platform_device.h,vector_platform_device_linux.cc,vector_platform_device_linux.h,vector_platform_device_win.cc,vector_platform_device_win.h}
@@ -4496,15 +4496,15 @@ Copyright: Copyright: 2006, 2008, 2009 Apple Inc. All rights reserved / 2006 Geo
License: LGPL (v2 or later)
Files: src/third_party/WebKit/JavaScriptCore/wtf/unicode/glib/{UnicodeMacrosFromICU.h}
-Copyright: Copyright: !U_IS_SURROGATE / ((&0xfffff800)==0xd800) / 2007 Apple Computer, Inc. All rights reserved / 2008 Jürg Billeter <j@bitron.ch> / U_IS_SURROGATE / ((&0xfffffc00)==0xdc00) / ((&0xfffffc00)==0xd800) / 2006 George Staikos <staikos@kde.org> / ((&0x400)==0) / 2006 Alexey Proskuryakov <ap@nypop.com> / 2008 Dominik Röttsches <dominik.roettsches@access-company.com>:
+Copyright: Copyright: !U_IS_SURROGATE / ((&0xfffff800)==0xd800) / 2007 Apple Computer, Inc. All rights reserved / 2008 Jürg Billeter <j@bitron.ch> / U_IS_SURROGATE / ((&0xfffffc00)==0xdc00) / ((&0xfffffc00)==0xd800) / 2006 George Staikos <staikos@kde.org> / ((&0x400)==0) / 2006 Alexey Proskuryakov <ap@nypop.com> / 2008 Dominik Röttsches <dominik.roettsches@access-company.com>:
License: LGPL (v2 or later)
Files: src/third_party/WebKit/JavaScriptCore/wtf/unicode/glib/{UnicodeGLib.h}
-Copyright: Copyright: 2007 Apple Computer, Inc. All rights reserved / 2008 Jürg Billeter <j@bitron.ch> / 2006 George Staikos <staikos@kde.org> / 2006 Alexey Proskuryakov <ap@nypop.com> / 2008 Dominik Röttsches <dominik.roettsches@access-company.com>:
+Copyright: Copyright: 2007 Apple Computer, Inc. All rights reserved / 2008 Jürg Billeter <j@bitron.ch> / 2006 George Staikos <staikos@kde.org> / 2006 Alexey Proskuryakov <ap@nypop.com> / 2008 Dominik Röttsches <dominik.roettsches@access-company.com>:
License: LGPL (v2 or later)
Files: src/third_party/WebKit/JavaScriptCore/wtf/unicode/glib/{UnicodeGLib.cpp}
-Copyright: Copyright: 2008 Jürg Billeter <j@bitron.ch> / 2008 Dominik Röttsches <dominik.roettsches@access-company.com>:
+Copyright: Copyright: 2008 Jürg Billeter <j@bitron.ch> / 2008 Dominik Röttsches <dominik.roettsches@access-company.com>:
License: LGPL (v2 or later)
Files: src/third_party/WebKit/JavaScriptCore/wtf/unicode/icu/{CollatorICU.cpp}
@@ -9412,7 +9412,7 @@ Copyright: Copyright: 2006, 2007 Apple Inc. All rights reserved:
License: BSD (2 clause)
Files: src/third_party/WebKit/WebCore/platform/text/{TextBoundaries.cpp}
-Copyright: Copyright: 2006, 2007 Apple Inc. All rights reserved / 2009 Dominik Röttsches <dominik.roettsches@access-company.com>:
+Copyright: Copyright: 2006, 2007 Apple Inc. All rights reserved / 2009 Dominik Röttsches <dominik.roettsches@access-company.com>:
License: BSD (2 clause)
Files: src/third_party/WebKit/WebCore/platform/text/{TextCodecUserDefined.h}
@@ -9528,19 +9528,19 @@ Copyright: Copyright: 2007 Apple Inc. All rights reserved / 2008, 2009 Google In
License: LGPL (v2 or later) (with incorrect FSF address)
Files: src/third_party/WebKit/WebCore/platform/text/gtk/*
-Copyright: Copyright: 2008 Jürg Billeter <j@bitron.ch> / 2004, 2006, 2007 Apple Inc. All rights reserved / 2006 Alexey Proskuryakov <ap@nypop.com> / 2009 Dominik Röttsches <dominik.roettsches@access-company.com>:
+Copyright: Copyright: 2008 Jürg Billeter <j@bitron.ch> / 2004, 2006, 2007 Apple Inc. All rights reserved / 2006 Alexey Proskuryakov <ap@nypop.com> / 2009 Dominik Röttsches <dominik.roettsches@access-company.com>:
License: BSD (2 clause)
Files: src/third_party/WebKit/WebCore/platform/text/gtk/*
-Copyright: Copyright: 2008 Jürg Billeter <j@bitron.ch> / 2006 Alexey Proskuryakov <ap@nypop.com> / 2004, 2006, 2007, 2008 Apple Inc. All rights reserved / 2009 Dominik Röttsches <dominik.roettsches@access-company.com>:
+Copyright: Copyright: 2008 Jürg Billeter <j@bitron.ch> / 2006 Alexey Proskuryakov <ap@nypop.com> / 2004, 2006, 2007, 2008 Apple Inc. All rights reserved / 2009 Dominik Röttsches <dominik.roettsches@access-company.com>:
License: BSD (2 clause)
Files: src/third_party/WebKit/WebCore/platform/text/gtk/*
Copyright: Copyright: 2007 Alp Toker <alp@atoker.com>:
License: LGPL (v2 or later)
Files: src/third_party/WebKit/WebCore/platform/text/gtk/*
-Copyright: Copyright: 2007 Apple Inc. All rights reserved / 2008 Jürg Billeter <j@bitron.ch> / 2006 Lars Knoll <lars@trolltech.com> / 2008 Dominik Röttsches <dominik.roettsches@access-company.com>:
+Copyright: Copyright: 2007 Apple Inc. All rights reserved / 2008 Jürg Billeter <j@bitron.ch> / 2006 Lars Knoll <lars@trolltech.com> / 2008 Dominik Röttsches <dominik.roettsches@access-company.com>:
License: LGPL (v2 or later)
Files: src/third_party/WebKit/WebCore/platform/text/haiku/{StringHaiku.cpp}
@@ -11268,7 +11268,7 @@ Copyright: Copyright (c) 2009 The Chromium Authors. All rights reserved. Use of
License: global BSD-style Chromium
Files: src/third_party/cld/base/{string_util.h}
-Copyright: Copyright (c) 2010 The Chromium Authors. All rights reserved. Use of this source code is governed by a BSD-style license that can be found in the LICENSE file. :
+Copyright: Copyright (c) 2010 The Chromium Authors. All rights reserved. Use of this source code is governed by a BSD-style license that can be found in the LICENSE file.:
License: global BSD-style Chromium
Files: src/third_party/cld/base/{basictypes.h}
@@ -11768,7 +11768,7 @@ Copyright: Copyright: 2004 Alex Beregszaszi / 2003 Michael Niedermayer <michaeln
License: LGPL (v2.1 or later)
Files: src/third_party/ffmpeg/source/patched-ffmpeg-mt/libavcodec/{beosthread.c}
-Copyright: Copyright: 2004 François Revol <revol@free.fr>:
+Copyright: Copyright: 2004 François Revol <revol@free.fr>:
License: LGPL (v2.1 or later)
Files: src/third_party/ffmpeg/source/patched-ffmpeg-mt/libavcodec/{dcahuff.h}
@@ -11848,7 +11848,7 @@ Copyright: Copyright: 2005 Michael Niedermayer <michaelni@gmx.at>:
License: LGPL (v2.1 or later)
Files: src/third_party/ffmpeg/source/patched-ffmpeg-mt/libavcodec/{mimic.c}
-Copyright: Copyright: 2005 Ole Andr� Vadla Ravn�s <oleavr@gmail.com> / 2008 Ramiro Polla <ramiro@lisha.ufsc.br>:
+Copyright: Copyright: 2005 Ole André Vadla Ravnås <oleavr@gmail.com> / 2008 Ramiro Polla <ramiro@lisha.ufsc.br>:
License: LGPL (v2.1 or later)
Files: src/third_party/ffmpeg/source/patched-ffmpeg-mt/libavcodec/{fraps.c}
@@ -12048,7 +12048,7 @@ Copyright: Copyright: 2007 Nicholas Tung:
License: LGPL (v2.1 or later)
Files: src/third_party/ffmpeg/source/patched-ffmpeg-mt/libavcodec/{xsubdec.c}
-Copyright: Copyright: 2007 Reimar Döffinger:
+Copyright: Copyright: 2007 Reimar Döffinger:
License: LGPL (v2.1 or later)
Files: src/third_party/ffmpeg/source/patched-ffmpeg-mt/libavcodec/{qcelp_lsp.c,qcelpdata.h,qcelpdec.c}
@@ -12164,7 +12164,7 @@ Copyright: Copyright: 2008 Peter Ross / 2006 Michael Niedermayer <michaelni@gmx.
License: LGPL (v2.1 or later)
Files: src/third_party/ffmpeg/source/patched-ffmpeg-mt/libavcodec/{movsub_bsf.c}
-Copyright: Copyright: 2008 Reimar Döffinger:
+Copyright: Copyright: 2008 Reimar Döffinger:
License: LGPL (v2.1 or later)
Files: src/third_party/ffmpeg/source/patched-ffmpeg-mt/libavcodec/{rl2.c}
@@ -12692,7 +12692,7 @@ Copyright: Copyright: 2005 Matthieu CASTET:
License: LGPL (v2.1 or later)
Files: src/third_party/ffmpeg/source/patched-ffmpeg-mt/libavformat/{daud.c}
-Copyright: Copyright: 2005 Reimar Döffinger:
+Copyright: Copyright: 2005 Reimar Döffinger:
License: LGPL (v2.1 or later)
Files: src/third_party/ffmpeg/source/patched-ffmpeg-mt/libavformat/{mmf.c}
@@ -12976,11 +12976,11 @@ Copyright: Copyright: 2005 Matthieu CASTET, Alex Beregszaszi:
License: MIT/X11 (BSD like)
Files: src/third_party/ffmpeg/source/patched-ffmpeg-mt/libavformat/{oggdec.c,oggdec.h,oggparseogm.c,oggparsevorbis.c}
-Copyright: Copyright: 2005 Michael Ahlberg, Måns Rullgård:
+Copyright: Copyright: 2005 Michael Ahlberg, Måns Rullgård:
License: MIT/X11 (BSD like)
Files: src/third_party/ffmpeg/source/patched-ffmpeg-mt/libavformat/{oggparsespeex.c}
-Copyright: Copyright: 2008 Reimar Döffinger:
+Copyright: Copyright: 2008 Reimar Döffinger:
License: MIT/X11 (BSD like)
Files: src/third_party/ffmpeg/source/patched-ffmpeg-mt/libavutil/{fifo.h,intreadwrite.h,rc4.h,utils.c}
View
5 debian/nickel-browser.install
@@ -1,11 +1,10 @@
debian/tmp/etc
debian/tmp/usr/bin
-debian/tmp/usr/lib/nickel-browser/chrome.pak
debian/tmp/usr/lib/nickel-browser/nickel*
+debian/tmp/usr/lib/nickel-browser/*.pak
debian/tmp/usr/lib/nickel-browser/xdg-settings
debian/tmp/usr/lib/nickel-browser/xdg-mime
-debian/tmp/usr/lib/nickel-browser/resources.pak
-debian/tmp/usr/lib/nickel-browser/content_resources.pak
debian/tmp/usr/lib/nickel-browser/locales/*
debian/nickel-browser.desktop usr/share/applications
debian/nickel-browser.xml usr/share/gnome-control-center/default-apps
+debian/apport/nickel-browser.py usr/share/apport/package-hooks/
View
6 debian/patches/disable_dlog_and_dcheck_in_release_builds.patch
@@ -2,8 +2,10 @@
base/logging.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
---- a/base/logging.h
-+++ b/base/logging.h
+Index: src/base/logging.h
+===================================================================
+--- src.orig/base/logging.h
++++ src/base/logging.h
@@ -451,7 +451,7 @@
// uses OFFICIAL_BUILD and other platforms use the branding flag when NDEBUG is
// defined.
View
41 debian/patches/dlopen_libgnutls.patch
@@ -1,41 +0,0 @@
----
- printing/backend/print_backend_cups.cc | 15 ++++++++++++---
- 1 file changed, 12 insertions(+), 3 deletions(-)
-
-Index: src/printing/backend/print_backend_cups.cc
-===================================================================
---- src.orig/printing/backend/print_backend_cups.cc
-+++ src/printing/backend/print_backend_cups.cc
-@@ -44,20 +44,29 @@
- GcryptInitializer() {
- Init();
- }
-
- private:
- void Init() {
- gcry_control(GCRYCTL_SET_THREAD_CBS, &gcry_threads_pthread);
- const char* kGnuTlsFile = "libgnutls.so";
-- void* gnutls_lib = dlopen(kGnuTlsFile, RTLD_NOW);
-+ const char* kGnuTlsFile26 = "libgnutls.so.26"; // Since Ubuntu Intrepid (8.10)
-+ const char* kGnuTlsFile13 = "libgnutls.so.13"; // Last seen in Ubuntu Hardy (8.04)
-+ void* gnutls_lib = dlopen(kGnuTlsFile26, RTLD_NOW);
- if (!gnutls_lib) {
-- LOG(ERROR) << "Cannot load " << kGnuTlsFile;
-- return;
-+ gnutls_lib = dlopen(kGnuTlsFile13, RTLD_NOW);
-+ if (!gnutls_lib) {
-+ gnutls_lib = dlopen(kGnuTlsFile, RTLD_NOW);
-+ if (!gnutls_lib) {
-+ LOG(ERROR) << "Cannot load any of " << kGnuTlsFile26 << ", "
-+ << kGnuTlsFile13 << " or " << kGnuTlsFile;
-+ return;
-+ }
-+ }
- }
- const char* kGnuTlsInitFuncName = "gnutls_global_init";
- int (*pgnutls_global_init)(void) = reinterpret_cast<int(*)()>(
- dlsym(gnutls_lib, kGnuTlsInitFuncName));
- if (!pgnutls_global_init) {
- LOG(ERROR) << "Could not find " << kGnuTlsInitFuncName
- << " in " << kGnuTlsFile;
- return;
View
40 debian/patches/fix-armhf-ftbfs.patch
@@ -0,0 +1,40 @@
+Author: Jani Monoses <jani@ubuntu.com>
+Subject: Fix FTBFS on armhf
+Bug-Ubuntu: https://bugs.launchpad.net/bugs/943281
+
+Index: src/build/common.gypi
+===================================================================
+--- src.orig/build/common.gypi 2012-03-05 10:39:30.082526500 +0200
++++ src/build/common.gypi 2012-03-05 11:02:24.082526500 +0200
+@@ -1814,7 +1814,6 @@
+ 'cflags': [
+ '-march=armv7-a',
+ '-mtune=cortex-a8',
+- '-mfloat-abi=softfp',
+ ],
+ 'conditions': [
+ ['arm_neon==1', {
+Index: src/native_client/build/common.gypi
+===================================================================
+--- src.orig/native_client/build/common.gypi 2012-02-15 23:35:45.000000000 +0200
++++ src/native_client/build/common.gypi 2012-03-05 11:03:09.160651492 +0200
+@@ -289,7 +289,6 @@
+ '-march=armv7-a',
+ '-mtune=cortex-a8',
+ '-mfpu=neon',
+- '-mfloat-abi=softfp',
+ '-fno-exceptions',
+ '-Wall',
+ '-fPIC',
+Index: src/third_party/ffmpeg/ffmpeg.gyp
+===================================================================
+--- src.orig/third_party/ffmpeg/ffmpeg.gyp 2012-02-15 23:35:36.000000000 +0200
++++ src/third_party/ffmpeg/ffmpeg.gyp 2012-03-05 11:02:34.004401501 +0200
+@@ -170,7 +170,6 @@
+ '-mthumb',
+ '-march=armv7-a',
+ '-mtune=cortex-a8',
+- '-mfloat-abi=softfp',
+ ],
+ 'conditions': [
+ ['arm_neon == 0', {
View
23 debian/patches/glib-header-single-entry.patch
@@ -0,0 +1,23 @@
+Description: glib header single entry point includes
+ since glib 2.24, using a single header include for glib as opposed to including
+ individual headers
+ see: http://git.gnome.org/browse/glib/commit/?id=62a133f55dcd5626e9583aabc2d95926936a8475
+Author: Micah Gersten <micahg@ubuntu.com>
+
+---
+ ui/base/l10n/l10n_util.cc | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+Index: src/ui/base/l10n/l10n_util.cc
+===================================================================
+--- src.orig/ui/base/l10n/l10n_util.cc
++++ src/ui/base/l10n/l10n_util.cc
+@@ -5,7 +5,7 @@
+ #include "ui/base/l10n/l10n_util.h"
+
+ #if defined(USE_X11)
+-#include <glib/gutils.h>
++#include <glib.h>
+ #endif
+
+ #include <algorithm>
View
3 debian/patches/series
@@ -16,5 +16,6 @@ jolicloud_custom_neterror_page.patch
jolicloud_use_default_buttons.patch
jolicloud_fix_maximize_with_newer_metacity.patch
webkit_rev_parser.patch
-dlopen_libgnutls.patch
dlopen_sonamed_gl.patch
+glib-header-single-entry.patch
+fix-armhf-ftbfs.patch
View
21 debian/rules
@@ -38,7 +38,7 @@ endif
# Don't do it on maverick/armel either for now, it fails to link
# Don't do it on lucid/armel either, it crashes: LP #716703
ifeq (armel,$(DEB_BUILD_ARCH))
-ifeq (,$(filter 10.04 10.10 11.04 11.10,$(DEBIAN_DIST_VERSION)))
+ifeq (,$(filter 10.04 10.10 11.04,$(DEBIAN_DIST_VERSION)))
export DEB_BUILD_HARDENING=1
else
$(warning ## Not enabling DEB_BUILD_HARDENING on Ubuntu 10.04+ armel. See LP #641126 and LP #716703)
@@ -69,7 +69,16 @@ ifeq (,$(filter unstable development,$(DEBIAN_DIST)))
GYP_DEFINES += werror=$(NULL)
endif
-ifeq (armel,$(DEB_BUILD_ARCH))
+# Disable NaCl until we figure out what to do with the private toolchain
+GYP_DEFINES += disable_nacl=1
+
+ifneq (,$(findstring armhf,$(DEB_BUILD_ARCH)))
+GYP_DEFINES += \
+ v8_use_arm_eabi_hardfloat=true \
+ $(NULL)
+endif
+
+ifneq (,$(findstring arm,$(DEB_BUILD_ARCH)))
GYP_DEFINES += \
arm_thumb=1 \
arm_neon=0 \
@@ -184,6 +193,7 @@ INSTALL_EXCLUDE_DIRS = \
docs_app \
gmail_app \
pyproto \
+ pseudo_locales \
$(NULL)
INSTALL_EXCLUDE_FILES = \
@@ -220,7 +230,7 @@ BROWSER_GYP_DEFINES += \
build_ffmpegsumo=0 \
$(NULL)
FFMPEG_MT_GYP_DEFINES = \
- use_system_vpx=1 \
+ use_system_vpx=0 \
release_extra_cflags=-g \
$(NULL)
FFMPEG_MT_STD_GYP_DEFINES = $(NULL)
@@ -569,6 +579,7 @@ STRIPPED_DIRS := \
ALMOST_STRIPPED_DIRS := \
courgette \
third_party/gles2_book \
+ third_party/openssl \
$(NULL)
ifeq (1,$(WANT_SYSTEM_LIBS))
@@ -695,7 +706,7 @@ ifneq (,$(STRIPPED_SYSTEM_LIB_DIRS))
endif
endif
# Remove binaries
- cd $(TMP_DDIR)/src && find . -type f \( -iname \*.exe -o -iname \*.dll -o -iname \*.pdb -o -name \*.o -o -name \*.a -o -name \*.dylib \) -exec rm -fv {} \; > REMOVED-bin_only.txt
+ cd $(TMP_DDIR)/src && find . -type f \( -iname \*.exe -o -iname \*.dll -o -iname \*.pdb -o -name \*.o -o -name \*.a -o -name \*.dylib -o -name \*.so -o -name \*.so.\* \) -exec rm -fv {} \; > REMOVED-bin_only.txt
wc -l $(TMP_DDIR)/src/REMOVED-*.txt
gos-pack: TMP_DIR = $(TMP_DDIR)
@@ -724,7 +735,7 @@ endif
if [ src != $(DEB_TAR_SRCDIR) ] ; then mv $(TMP_DIR)/src $(TMP_DIR)/$(DEB_TAR_SRCDIR) ; fi
mv $(TMP_DIR)/tools/depot_tools $(TMP_DIR)/$(DEB_TAR_SRCDIR)/depot_tools
## tar >= 1.23-2 now invokes xz when lzma is called, so we can no longer use --lzma because of the backports
- cd $(TMP_DIR) && tar -cf - --exclude=.svn $(DEB_TAR_SRCDIR) | $(COMPRESS) > $(DEBIAN_NAME)-$(VERSION)-source.tar.$(TAR_EXT)
+ cd $(TMP_DIR) && tar -cf - --exclude-vcs $(DEB_TAR_SRCDIR) | $(COMPRESS) > $(DEBIAN_NAME)-$(VERSION)-source.tar.$(TAR_EXT)
mkdir $(TMP_DIR)/$(DEBIAN_NAME)-$(VERSION)
mv $(TMP_DIR)/$(DEBIAN_NAME)-$(VERSION)-source.tar.$(TAR_EXT) $(TMP_DIR)/$(DEBIAN_NAME)-$(VERSION)
cd $(TMP_DIR) && tar zcf ../$(DEBIAN_NAME)_$(VERSION).orig.tar.gz $(DEBIAN_NAME)-$(VERSION)
View
BIN ...owser-17.0.963.46~r119351-source.tar.lzma → ...ser-18.0.1025.162~r131933-source.tar.lzma
Binary file not shown.

0 comments on commit f65391e

Please sign in to comment.