[Pkg-chromium-commit] [pkg-chromium] 02/02: release 31.0.1650.57-1
Michael Gilbert
mgilbert at moszumanska.debian.org
Sun Nov 24 01:08:45 UTC 2013
This is an automated email from the git hooks/post-receive script.
mgilbert pushed a commit to branch master
in repository pkg-chromium.
commit ecca5ded14c3b8e45e8671caa220c7aedbd7b63f
Author: Michael Gilbert <mgilbert at debian.org>
Date: Sat Nov 16 23:10:10 2013 +0000
release 31.0.1650.57-1
---
debian/changelog | 45 +++++++++++++
debian/chromium-browser.links | 3 -
debian/chromium-inspector.install | 2 +-
debian/chromium-inspector.links | 1 +
debian/chromium.lintian-overrides | 11 +--
debian/control | 2 +
debian/copyright | 14 +---
debian/lintian-overrides | 2 -
debian/patches/no-promo.patch | 16 +++++
debian/patches/series | 2 +
debian/patches/window-placement.patch | 17 +++++
debian/rules | 43 ++----------
debian/run-test.sh | 123 ----------------------------------
13 files changed, 98 insertions(+), 183 deletions(-)
diff --git a/debian/changelog b/debian/changelog
index 65b42a1..4955687 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,48 @@
+chromium-browser (31.0.1650.57-1) unstable; urgency=medium
+
+ * New upstream stable release:
+ - Medium-Critical CVE-2013-2931: Various fixes from internal audits,
+ fuzzing and other initiatives.
+ - Medium CVE-2013-6621: Use after free related to speech input elements.
+ Credit to Khalil Zhani.
+ - High CVE-2013-6622: Use after free related to media elements. Credit to
+ cloudfuzzer.
+ - High CVE-2013-6623: Out of bounds read in SVG. Credit to miaubiz.
+ - High CVE-2013-6624: Use after free related to “id” attribute strings.
+ Credit to Jon Butler.
+ - High CVE-2013-6625: Use after free in DOM ranges. Credit to cloudfuzzer.
+ - Low CVE-2013-6626: Address bar spoofing related to interstitial warnings.
+ Credit to Chamal de Silva.
+ - High CVE-2013-6627: Out of bounds read in HTTP parsing. Credit to
+ skylined.
+ - Medium CVE-2013-6628: Issue with certificates not being checked during
+ TLS renegotiation. Credit to Antoine Delignat-Lavaud and Karthikeyan
+ Bhargavan from Prosecco of INRIA Paris.
+ - Medium CVE-2013-6629: Read of uninitialized memory in libjpeg and
+ libjpeg-turbo. Credit to Michal Zalewski of Google.
+ - Medium CVE-2013-6630: Read of uninitialized memory in libjpeg-turbo.
+ Credit to Michal Zalewski of Google.
+ - High CVE-2013-6631: Use after free in libjingle. Credit to Patrik Höglund
+ of the Chromium project.
+ - Critical CVE-2013-6632: Multiple memory corruption issues. Credit to
+ Pinkie Pie.
+ * Disable promos by default (closes: #634101).
+ * Set WANT_TESTS=0 if WANT_TESTS=1 fails (closes: #589654).
+ * Maintain window ordering when new tabs are opened (closes: #725350).
+ * Install chromium-inspector files to /usr/share instead of /usr/lib.
+ * Don't remove third party libraries from the upstream tarball.
+ * Remove non-default compression selections from debian/rules.
+ * Build with breakpad crash reporting.
+ * Fix some lintian warnings.
+
+ -- Michael Gilbert <mgilbert at debian.org> Wed, 13 Nov 2013 07:44:55 +0000
+
+chromium-browser (30.0.1599.101-3) unstable; urgency=medium
+
+ * Fix sandbox installation path (closes: #728823).
+
+ -- Michael Gilbert <mgilbert at debian.org> Thu, 07 Nov 2013 04:24:55 +0000
+
chromium-browser (30.0.1599.101-2) unstable; urgency=medium
* Use system zlib.
diff --git a/debian/chromium-browser.links b/debian/chromium-browser.links
deleted file mode 100644
index 6b1b72e..0000000
--- a/debian/chromium-browser.links
+++ /dev/null
@@ -1,3 +0,0 @@
-usr/bin/chromium usr/bin/chromium-browser
-usr/share/pixmaps/chromium.png usr/share/pixmaps/chromium-browser.png
-usr/share/man/man1/chromium.1.gz usr/share/man/man1/chromium-browser.1.gz
diff --git a/debian/chromium-inspector.install b/debian/chromium-inspector.install
index 5ee353a..8df0eeb 100644
--- a/debian/chromium-inspector.install
+++ b/debian/chromium-inspector.install
@@ -1 +1 @@
-debian/tmp/usr/lib/chromium/resources/inspector
+usr/share/chromium-inspector
diff --git a/debian/chromium-inspector.links b/debian/chromium-inspector.links
new file mode 100644
index 0000000..4389291
--- /dev/null
+++ b/debian/chromium-inspector.links
@@ -0,0 +1 @@
+/usr/share/chromium-inspector /usr/lib/chromium/resources/inspector
diff --git a/debian/chromium.lintian-overrides b/debian/chromium.lintian-overrides
index 3868981..ab64bed 100644
--- a/debian/chromium.lintian-overrides
+++ b/debian/chromium.lintian-overrides
@@ -1,5 +1,6 @@
-chromium: embedded-library usr/lib/chromium/chromium: sqlite
-chromium: embedded-library usr/lib/chromium/libffmpegsumo.so: libavcodec
-chromium: embedded-library usr/lib/chromium/libffmpegsumo.so: libavutil
-chromium: setuid-binary usr/lib/chromium/chrome-sandbox 4755 root/root
-chromium: shlib-with-non-pic-code usr/lib/chromium/libffmpegsumo.so
+embedded-library usr/lib/chromium/chromium: libpng
+embedded-library usr/lib/chromium/chromium: sqlite
+embedded-library usr/lib/chromium/libffmpegsumo.so: libavcodec
+embedded-library usr/lib/chromium/libffmpegsumo.so: libavutil
+setuid-binary usr/lib/chromium/chrome-sandbox 4755 root/root
+shlib-with-non-pic-code usr/lib/chromium/libffmpegsumo.so
diff --git a/debian/control b/debian/control
index 9300c9c..4f5fb90 100644
--- a/debian/control
+++ b/debian/control
@@ -153,6 +153,8 @@ Recommends:
chromium (>= 10),
Conflicts:
chromium (<< ${source:Version}),
+Replaces:
+ chromium (<< 31.0.1650.48-1),
Description: page inspector for the chromium browser
Chromium is an open-source browser project that aims to build a safer, faster,
and more stable way for all Internet users to experience the web.
diff --git a/debian/copyright b/debian/copyright
index 1c5e715..3321670 100644
--- a/debian/copyright
+++ b/debian/copyright
@@ -1917,20 +1917,12 @@ Files: src/depot_tools/third_party/__init__.py
Copyright: Copyright (c) 2010 The Chromium Authors. All rights reserved. Use of this source code is governed by a BSD-style license that can be found in the LICENSE file.:
License: global BSD-style Chromium
-Files: src/depot_tools/third_party/pymox/stubout_test.py
-Copyright: UNKNOWN:
-License: *No copyright* Apache-2.0
-
-Files: src/depot_tools/third_party/pymox/setup.py, src/depot_tools/third_party/pymox/stubout_testee.py
-Copyright: UNKNOWN:
-License: *No copyright* UNKNOWN
-
-Files: src/depot_tools/third_party/pymox/mox.py, src/depot_tools/third_party/pymox/mox_test.py, src/depot_tools/third_party/pymox/mox_test_helper.py, src/depot_tools/third_party/pymox/stubout.py
-Copyright: Copyright: 2008 Google Inc:
+Files: src/depot_tools/third_party/pymox/*
+Copyright: Copyright 2008 Google Inc.
License: Apache-2.0
Files: src/depot_tools/third_party/repo/progress.py
-Copyright: Copyright: 2009 The Android Open Source Project:
+Copyright: Copyright: 2009 The Android Open Source Project
License: Apache-2.0
Files: src/depot_tools/third_party/simplejson/__init__.py, src/depot_tools/third_party/simplejson/decoder.py, src/depot_tools/third_party/simplejson/encoder.py, src/depot_tools/third_party/simplejson/ordered_dict.py, src/depot_tools/third_party/simplejson/scanner.py, src/depot_tools/third_party/simplejson/tool.py
diff --git a/debian/lintian-overrides b/debian/lintian-overrides
deleted file mode 100644
index 6c226f7..0000000
--- a/debian/lintian-overrides
+++ /dev/null
@@ -1,2 +0,0 @@
-chromium binary: setuid-binary usr/lib/chromium/chromium-sandbox
-chromium binary: shlib-with-non-pic-code usr/lib/chromium/libffmpegsumo.so
diff --git a/debian/patches/no-promo.patch b/debian/patches/no-promo.patch
new file mode 100644
index 0000000..bc096fe
--- /dev/null
+++ b/debian/patches/no-promo.patch
@@ -0,0 +1,16 @@
+author: Michael Gilbert <mgilbert at debian.org>
+description: disable the ad promo system by default
+bug-debian: http://bugs.debian.org/634101
+Index: chromium/src/apps/prefs.cc
+===================================================================
+--- chromium.orig/src/apps/prefs.cc 2013-11-13 07:52:45.456670563 +0000
++++ chromium/src/apps/prefs.cc 2013-11-13 07:52:45.452670563 +0000
+@@ -34,7 +34,7 @@
+ // Identifies whether we should show the app launcher promo or not.
+ // Now that a field trial also controls the showing, so the promo won't show
+ // unless the pref is set AND the field trial is set to a proper group.
+- registry->RegisterBooleanPref(prefs::kShowAppLauncherPromo, true);
++ registry->RegisterBooleanPref(prefs::kShowAppLauncherPromo, false);
+ }
+
+ void RegisterProfilePrefs(user_prefs::PrefRegistrySyncable* registry) {
diff --git a/debian/patches/series b/debian/patches/series
index 5f5bb11..ac5b58b 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -17,3 +17,5 @@ icon.patch
gold-linker.patch
third-party-cookies-off-by-default.patch
ps-print.patch
+window-placement.patch
+no-promo.patch
diff --git a/debian/patches/window-placement.patch b/debian/patches/window-placement.patch
new file mode 100644
index 0000000..9894b58
--- /dev/null
+++ b/debian/patches/window-placement.patch
@@ -0,0 +1,17 @@
+Subject: Prevent windows from jumping to front for new tabs
+From: Tony Houghton <h at realh.co.uk>
+Bug: https://code.google.com/p/chromium/issues/detail?id=297679
+Bug-Debian: http://bugs.debian.org/725350
+Index: chromium/src/chrome/browser/ui/gtk/browser_window_gtk.cc
+===================================================================
+--- chromium.orig/src/chrome/browser/ui/gtk/browser_window_gtk.cc 2013-11-11 15:16:00.873091406 -0500
++++ chromium/src/chrome/browser/ui/gtk/browser_window_gtk.cc 2013-11-11 15:16:00.873091406 -0500
+@@ -580,7 +580,7 @@
+ // browser instead if we don't explicitly set it here.
+ BrowserList::SetLastActive(browser());
+
+- gtk_window_present(window_);
++ gtk_widget_show(GTK_WIDGET(window_));
+ if (show_state_after_show_ == ui::SHOW_STATE_MAXIMIZED) {
+ gtk_window_maximize(window_);
+ show_state_after_show_ = ui::SHOW_STATE_NORMAL;
diff --git a/debian/rules b/debian/rules
index c636e10..20d6799 100755
--- a/debian/rules
+++ b/debian/rules
@@ -22,9 +22,7 @@ DEB_TAR_SRCDIR := src
SRC_DIR := $(CURDIR)/$(DEB_TAR_SRCDIR)
LIB_DIR := usr/lib/$(DEBIAN_NAME)
DEB_BUILDDIR := $(SRC_DIR)
-#BUILD_ARGS := --keep-going
-WANT_XZ_SRC ?= 1
WANT_DEBUG := 0
WANT_SYSTEM_LIBS ?= 1
WANT_SHARED_LIBS ?= 0
@@ -86,9 +84,6 @@ GYP_DEFINES += linux_use_tcmalloc=0
# This makes breakages easier to detect by revdep-rebuild.
GYP_DEFINES += linux_link_gsettings=1
-# disable breakpad crash reporting
-GYP_DEFINES += linux_breakpad=0
-
DEB_HOST_ARCH_CPU := $(shell dpkg-architecture -qDEB_HOST_ARCH_CPU)
DEB_HOST_ARCH := $(shell dpkg-architecture -qDEB_HOST_ARCH)
@@ -162,15 +157,6 @@ endif
# Always ignore compiler warnings
GYP_DEFINES += werror=$(NULL)
-ifeq (1,$(WANT_XZ_SRC))
-TAR_EXT := xz
-TAR_FLAGS := --xz
-DEB_TARBALL = $(wildcard *.tar.bz2 *.tar.$(TAR_EXT))
-else
-TAR_EXT := bz2
-TAR_FLAGS := -j
-endif
-
include /usr/share/cdbs/1/rules/debhelper.mk
include /usr/share/cdbs/1/class/makefile.mk
@@ -348,7 +334,6 @@ TESTS_TARGETS := \
wav_ola_test \
$(NULL)
-ifeq (1,$(WANT_TESTS))
INSTALL_EXCLUDE_FILES += \
$(TESTS_TARGETS) \
test_shell.pak \
@@ -358,7 +343,6 @@ INSTALL_EXCLUDE_FILES += \
INSTALL_EXCLUDE_DIRS += \
app_unittests_strings \
$(NULL)
-endif
ifeq (1,$(WANT_SANDBOXING))
GYP_DEFINES += \
@@ -469,6 +453,9 @@ endif
rm -f debian/tmp/$(LIB_DIR)/chromium.1
strip debian/tmp/usr/lib/chromium/nacl_irt_x86_32.nexe || true
strip debian/tmp/usr/lib/chromium/nacl_irt_x86_64.nexe || true
+ # move inspector files into /usr/share
+ mkdir -p $(CURDIR)/debian/tmp/usr/share
+ mv $(CURDIR)/debian/tmp/$(LIB_DIR)/resources/inspector $(CURDIR)/debian/tmp/usr/share/chromium-inspector
binary-install/$(DEBIAN_NAME)::
mkdir -p $(CURDIR)/debian/$(DEBIAN_NAME)/usr/share/pixmaps
@@ -496,8 +483,6 @@ ifneq (i386,$(DEB_HOST_ARCH_CPU))
# to drop the -l10n files from debian/tmp to make 'compare' happy
cd $(CURDIR)/debian/tmp/$(LIB_DIR)/locales && \
rm $(filter-out en-US.pak,$(notdir $(wildcard $(CURDIR)/debian/tmp/$(LIB_DIR)/locales/*)))
- # same for inspector
- rm -rf $(CURDIR)/debian/tmp/$(LIB_DIR)/resources/inspector/*
endif
ifeq (1,$(USE_SYSTEM_FFMPEG))
# Install symlinks to system ffmpeg libs
@@ -600,7 +585,6 @@ USE_GREEN_REV ?= 0
STRIP_TARBALL ?= 1
STRIPPED_DIRS_FROM_CO := \
- src/breakpad/src \
src/tools/gyp \
src/chrome/tools/test/reference_build \
src/chrome/tools/test/reference_build/chrome_linux \
@@ -669,19 +653,6 @@ ALMOST_STRIPPED_DIRS := \
third_party/gles2_book \
$(NULL)
-ifeq (1,$(WANT_SYSTEM_LIBS))
-# Directories that will be dropped if the corresponding system lib are enabled in GYP_DEFINES
-# We need to keep some files (like *.gyp) so we can't use STRIPPED_DIRS
-# We can't drop third_party/zlib because we don't have contrib/minizip/*zip.h, and
-# third_party/sqlite because it's a conditional build (see USE_SYSTEM_SQLITE)
-STRIPPED_SYSTEM_LIB_DIRS += \
- third_party/bzip2 \
- third_party/libjpeg \
- third_party/libpng \
- third_party/libxslt \
- $(NULL)
-endif
-
STRIP_SYSTEM_DIRS = \
($(foreach DIR,$(1),$(if $(findstring use_system_$(notdir $(DIR))=1,$(GYP_DEFINES)),\
(cd $(2)/$(dir $(DIR)) && \
@@ -786,9 +757,6 @@ ifneq (,$(ALMOST_STRIPPED_DIRS))
# Strip listed dirs almost completely (keep *.gyp and README.chromium)
$(call ALMOST_STRIP_DIRS,$(ALMOST_STRIPPED_DIRS),$(TMP_DDIR)/src) | grep -vE '/\.svn(/|.$$)' >> $(TMP_DDIR)/src/REMOVED-stripped.txt
endif
-ifneq (,$(STRIPPED_SYSTEM_LIB_DIRS))
- $(call STRIP_SYSTEM_DIRS,$(STRIPPED_SYSTEM_LIB_DIRS),$(TMP_DDIR)/src) | grep -vE '/\.svn(/|.$$)' >> $(TMP_DDIR)/src/REMOVED-stripped.txt
-endif
endif
# Remove binaries
cd $(TMP_DDIR)/src && find . -type f \( -iname \*.exe -o -iname \*.dll -o -iname \*.pdb -o -name \*.o -o -name \*.a -o -name \*.dylib -o -name \*.so -o -name \*.so.\* \) -ls -delete > REMOVED-bin_only.txt
@@ -828,7 +796,6 @@ gos-pack:
mv $(TMP_DIR)/tools/depot_tools $(TMP_DIR)/$(DEB_TAR_SRCDIR)/depot_tools
mkdir $(TMP_DIR)/$(SOURCE_NAME)-$(VERSION)
mv $(TMP_DIR)/$(DEB_TAR_SRCDIR) $(TMP_DIR)/$(SOURCE_NAME)-$(VERSION)/
- cd $(TMP_DIR) && tar -c $(TAR_FLAGS) -f ../$(SOURCE_NAME)_$(VERSION).orig.tar.$(TAR_EXT) --exclude=.svn --exclude=.git $(SOURCE_NAME)-$(VERSION)
+ cd $(TMP_DIR) && tar cJf ../../$(SOURCE_NAME)_$(VERSION).orig.tar.xz \
+ --exclude=.svn --exclude=.git $(SOURCE_NAME)-$(VERSION)
rm -rf $(TMP_DIR)
- @echo "# Done (created $(SOURCE_NAME)_$(VERSION).orig.tar.$(TAR_EXT))"
- @ls -l $(SOURCE_NAME)_$(VERSION).orig.tar.$(TAR_EXT)
diff --git a/debian/run-test.sh b/debian/run-test.sh
deleted file mode 100644
index 7e005ab..0000000
--- a/debian/run-test.sh
+++ /dev/null
@@ -1,123 +0,0 @@
-#!/bin/sh
-
-# Authors:
-# Fabien Tassin <fta at sofaraway.org>
-# License: GPLv2 or later
-
-usage () {
- echo "Usage: "`basename $0`" [-x] [-t sec] test_file log_dir [filter]"
- echo
- echo " -x Run test_file under xvfb"
- echo " -t sec Timeout in seconds after which we kill the test"
-}
-
-timeout=600
-want_x=0
-while [ $# -gt 0 ]; do
- case "$1" in
- -h | --help | -help )
- usage
- exit 0 ;;
- -t )
- shift
- if [ $# = 0 ] ; then
- echo Error: -t needs an argument
- exit 1
- fi
- timeout=$1
- shift ;;
- -x )
- want_x=1
- shift ;;
- -- ) # Stop option prcessing
- shift
- break ;;
- * )
- break ;;
- esac
-done
-
-TEST=$1
-LOGDIR=$2
-FILTER=$3
-
-if [ "Z$TEST" = "Z" ] ; then
- usage
- exit 1
-fi
-
-if [ "Z$LOGDIR" = "Z" ] ; then
- usage
- exit 1
-fi
-
-if [ ! -x $TEST ] ; then
- echo "Error: $TEST must be an executable"
- exit 1
-fi
-
-if [ ! -d $LOGDIR ] ; then
- echo "Error: $LOGDIR is not a directory"
- exit 1
-fi
-
-if [ $want_x -eq 1 ] ; then
- XVFB="/usr/bin/xvfb-run -a -e $LOGDIR/xvfb.log"
- RTEST="$XVFB $TEST"
- rm -f $LOGDIR/xvfb.log
-else
- XVFB=""
- RTEST=$TEST
-fi
-
-if [ "Z$FILTER" != Z ] ; then
- FILTER="--gtest_filter=$FILTER"
- echo "# Running '$RTEST $FILTER' ..."
-else
- echo "# Running '$RTEST' ..."
-fi
-
-T1=$(date +%s)
-timeout $timeout $XVFB $TEST $FILTER > $LOGDIR/$TEST.txt 2>&1
-RET=$?
-DELTA=$(expr $(date +%s) - $T1)
-echo "# '$RTEST $FILTER' returned with error code $RET (after $DELTA sec)"
-
-if [ $(grep -c 'Global test environment tear-down' $LOGDIR/$TEST.txt) -eq 1 ] ; then
- echo "## Results"
- sed -e '1,/Global test environment tear-down/d' < $LOGDIR/$TEST.txt
-else
- if [ $(grep -c ' FAILED ' $LOGDIR/$TEST.txt) -ne 0 ] ; then
- echo
- echo "## list of FAILED tests:"
- grep ' FAILED ' $LOGDIR/$TEST.txt
- fi
-fi
-echo
-if [ $RET -ne 0 ] ; then
- echo "=== Logs ==="
- cat $LOGDIR/$TEST.txt
- if [ "Z$XVFB" != Z ] ; then
- echo "=== xvfb logs ==="
- cat $LOGDIR/xvfb.log
- fi
- echo "==== end of logs ==="
- # debug in gdb
- if [ $want_x -eq 1 ] ; then
- GDB="/usr/bin/xvfb-run -a gdb"
- else
- GDB=gdb
- fi
- echo "run $FILTER\necho ------------------------------------------------\\\\n\necho (gdb) bt\\\\n\nbt\n" > /tmp/gdb-cmds-$$.txt
- echo "echo ------------------------------------------------\\\\n\necho (gdb) bt f\\\\n\nbt f\n" >> /tmp/gdb-cmds-$$.txt
- T2=$(date +%s)
- timeout $timeout $GDB -n -batch -x /tmp/gdb-cmds-$$.txt $TEST > $LOGDIR/$TEST--gdb.txt 2>&1
- RET=$?
- DELTA=$(expr $(date +%s) - $T2)
- echo "# '$GDB -n -batch -x /tmp/gdb-cmds-$$.txt $TEST' returned with error code $RET (after $DELTA sec)"
- rm -f /tmp/gdb-cmds-$$.txt
- echo "---- crash logs ----"
- grep -E '^Program received signal' < $LOGDIR/$TEST--gdb.txt
- sed -e '1,/^Program received signal/d' < $LOGDIR/$TEST--gdb.txt
-fi
-killall -q -v -9 $(basename $TEST) Xvfb timeout
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-chromium/pkg-chromium.git
More information about the Pkg-chromium-commit
mailing list