[Pkg-chromium-commit] [pkg-chromium] 02/02: release 31.0.1650.57-1

Michael Gilbert mgilbert at moszumanska.debian.org
Sun Nov 24 01:08:45 UTC 2013


This is an automated email from the git hooks/post-receive script.

mgilbert pushed a commit to branch master
in repository pkg-chromium.

commit ecca5ded14c3b8e45e8671caa220c7aedbd7b63f
Author: Michael Gilbert <mgilbert at debian.org>
Date:   Sat Nov 16 23:10:10 2013 +0000

    release 31.0.1650.57-1
---
 debian/changelog                      |  45 +++++++++++++
 debian/chromium-browser.links         |   3 -
 debian/chromium-inspector.install     |   2 +-
 debian/chromium-inspector.links       |   1 +
 debian/chromium.lintian-overrides     |  11 +--
 debian/control                        |   2 +
 debian/copyright                      |  14 +---
 debian/lintian-overrides              |   2 -
 debian/patches/no-promo.patch         |  16 +++++
 debian/patches/series                 |   2 +
 debian/patches/window-placement.patch |  17 +++++
 debian/rules                          |  43 ++----------
 debian/run-test.sh                    | 123 ----------------------------------
 13 files changed, 98 insertions(+), 183 deletions(-)

diff --git a/debian/changelog b/debian/changelog
index 65b42a1..4955687 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,48 @@
+chromium-browser (31.0.1650.57-1) unstable; urgency=medium
+
+  * New upstream stable release:
+    - Medium-Critical CVE-2013-2931: Various fixes from internal audits,
+      fuzzing and other initiatives.
+    - Medium CVE-2013-6621: Use after free related to speech input elements.
+      Credit to Khalil Zhani.
+    - High CVE-2013-6622: Use after free related to media elements. Credit to
+      cloudfuzzer.
+    - High CVE-2013-6623: Out of bounds read in SVG. Credit to miaubiz.
+    - High CVE-2013-6624: Use after free related to “id” attribute strings.
+      Credit to Jon Butler.
+    - High CVE-2013-6625: Use after free in DOM ranges. Credit to cloudfuzzer.
+    - Low CVE-2013-6626: Address bar spoofing related to interstitial warnings.
+      Credit to Chamal de Silva.
+    - High CVE-2013-6627: Out of bounds read in HTTP parsing. Credit to
+      skylined.
+    - Medium CVE-2013-6628: Issue with certificates not being checked during
+      TLS renegotiation. Credit to Antoine Delignat-Lavaud and Karthikeyan
+      Bhargavan from Prosecco of INRIA Paris.
+    - Medium CVE-2013-6629: Read of uninitialized memory in libjpeg and
+      libjpeg-turbo. Credit to Michal Zalewski of Google.
+    - Medium CVE-2013-6630: Read of uninitialized memory in libjpeg-turbo.
+      Credit to Michal Zalewski of Google.
+    - High CVE-2013-6631: Use after free in libjingle. Credit to Patrik Höglund
+      of the Chromium project.
+    - Critical CVE-2013-6632: Multiple memory corruption issues. Credit to
+      Pinkie Pie.
+  * Disable promos by default (closes: #634101).
+  * Set WANT_TESTS=0 if WANT_TESTS=1 fails (closes: #589654).
+  * Maintain window ordering when new tabs are opened (closes: #725350).
+  * Install chromium-inspector files to /usr/share instead of /usr/lib.
+  * Don't remove third party libraries from the upstream tarball.
+  * Remove non-default compression selections from debian/rules.
+  * Build with breakpad crash reporting.
+  * Fix some lintian warnings.
+
+ -- Michael Gilbert <mgilbert at debian.org>  Wed, 13 Nov 2013 07:44:55 +0000
+
+chromium-browser (30.0.1599.101-3) unstable; urgency=medium
+
+  * Fix sandbox installation path (closes: #728823).
+
+ -- Michael Gilbert <mgilbert at debian.org>  Thu, 07 Nov 2013 04:24:55 +0000
+
 chromium-browser (30.0.1599.101-2) unstable; urgency=medium
 
   * Use system zlib.
diff --git a/debian/chromium-browser.links b/debian/chromium-browser.links
deleted file mode 100644
index 6b1b72e..0000000
--- a/debian/chromium-browser.links
+++ /dev/null
@@ -1,3 +0,0 @@
-usr/bin/chromium usr/bin/chromium-browser
-usr/share/pixmaps/chromium.png usr/share/pixmaps/chromium-browser.png
-usr/share/man/man1/chromium.1.gz usr/share/man/man1/chromium-browser.1.gz
diff --git a/debian/chromium-inspector.install b/debian/chromium-inspector.install
index 5ee353a..8df0eeb 100644
--- a/debian/chromium-inspector.install
+++ b/debian/chromium-inspector.install
@@ -1 +1 @@
-debian/tmp/usr/lib/chromium/resources/inspector
+usr/share/chromium-inspector
diff --git a/debian/chromium-inspector.links b/debian/chromium-inspector.links
new file mode 100644
index 0000000..4389291
--- /dev/null
+++ b/debian/chromium-inspector.links
@@ -0,0 +1 @@
+/usr/share/chromium-inspector /usr/lib/chromium/resources/inspector
diff --git a/debian/chromium.lintian-overrides b/debian/chromium.lintian-overrides
index 3868981..ab64bed 100644
--- a/debian/chromium.lintian-overrides
+++ b/debian/chromium.lintian-overrides
@@ -1,5 +1,6 @@
-chromium: embedded-library usr/lib/chromium/chromium: sqlite
-chromium: embedded-library usr/lib/chromium/libffmpegsumo.so: libavcodec
-chromium: embedded-library usr/lib/chromium/libffmpegsumo.so: libavutil
-chromium: setuid-binary usr/lib/chromium/chrome-sandbox 4755 root/root
-chromium: shlib-with-non-pic-code usr/lib/chromium/libffmpegsumo.so
+embedded-library usr/lib/chromium/chromium: libpng
+embedded-library usr/lib/chromium/chromium: sqlite
+embedded-library usr/lib/chromium/libffmpegsumo.so: libavcodec
+embedded-library usr/lib/chromium/libffmpegsumo.so: libavutil
+setuid-binary usr/lib/chromium/chrome-sandbox 4755 root/root
+shlib-with-non-pic-code usr/lib/chromium/libffmpegsumo.so
diff --git a/debian/control b/debian/control
index 9300c9c..4f5fb90 100644
--- a/debian/control
+++ b/debian/control
@@ -153,6 +153,8 @@ Recommends:
  chromium (>= 10),
 Conflicts:
  chromium (<< ${source:Version}),
+Replaces:
+ chromium (<< 31.0.1650.48-1),
 Description: page inspector for the chromium browser
  Chromium is an open-source browser project that aims to build a safer, faster,
  and more stable way for all Internet users to experience the web.
diff --git a/debian/copyright b/debian/copyright
index 1c5e715..3321670 100644
--- a/debian/copyright
+++ b/debian/copyright
@@ -1917,20 +1917,12 @@ Files: src/depot_tools/third_party/__init__.py
 Copyright: Copyright (c) 2010 The Chromium Authors. All rights reserved. Use of this source code is governed by a BSD-style license that can be found in the LICENSE file.:
 License: global BSD-style Chromium
 
-Files: src/depot_tools/third_party/pymox/stubout_test.py
-Copyright: UNKNOWN:
-License: *No copyright* Apache-2.0
-
-Files: src/depot_tools/third_party/pymox/setup.py, src/depot_tools/third_party/pymox/stubout_testee.py
-Copyright: UNKNOWN:
-License: *No copyright* UNKNOWN
-
-Files: src/depot_tools/third_party/pymox/mox.py, src/depot_tools/third_party/pymox/mox_test.py, src/depot_tools/third_party/pymox/mox_test_helper.py, src/depot_tools/third_party/pymox/stubout.py
-Copyright: Copyright: 2008 Google Inc:
+Files: src/depot_tools/third_party/pymox/*
+Copyright: Copyright 2008 Google Inc.
 License: Apache-2.0
 
 Files: src/depot_tools/third_party/repo/progress.py
-Copyright: Copyright: 2009 The Android Open Source Project:
+Copyright: Copyright: 2009 The Android Open Source Project
 License: Apache-2.0
 
 Files: src/depot_tools/third_party/simplejson/__init__.py, src/depot_tools/third_party/simplejson/decoder.py, src/depot_tools/third_party/simplejson/encoder.py, src/depot_tools/third_party/simplejson/ordered_dict.py, src/depot_tools/third_party/simplejson/scanner.py, src/depot_tools/third_party/simplejson/tool.py
diff --git a/debian/lintian-overrides b/debian/lintian-overrides
deleted file mode 100644
index 6c226f7..0000000
--- a/debian/lintian-overrides
+++ /dev/null
@@ -1,2 +0,0 @@
-chromium binary: setuid-binary usr/lib/chromium/chromium-sandbox
-chromium binary: shlib-with-non-pic-code usr/lib/chromium/libffmpegsumo.so
diff --git a/debian/patches/no-promo.patch b/debian/patches/no-promo.patch
new file mode 100644
index 0000000..bc096fe
--- /dev/null
+++ b/debian/patches/no-promo.patch
@@ -0,0 +1,16 @@
+author: Michael Gilbert <mgilbert at debian.org>
+description: disable the ad promo system by default
+bug-debian: http://bugs.debian.org/634101
+Index: chromium/src/apps/prefs.cc
+===================================================================
+--- chromium.orig/src/apps/prefs.cc	2013-11-13 07:52:45.456670563 +0000
++++ chromium/src/apps/prefs.cc	2013-11-13 07:52:45.452670563 +0000
+@@ -34,7 +34,7 @@
+   // Identifies whether we should show the app launcher promo or not.
+   // Now that a field trial also controls the showing, so the promo won't show
+   // unless the pref is set AND the field trial is set to a proper group.
+-  registry->RegisterBooleanPref(prefs::kShowAppLauncherPromo, true);
++  registry->RegisterBooleanPref(prefs::kShowAppLauncherPromo, false);
+ }
+ 
+ void RegisterProfilePrefs(user_prefs::PrefRegistrySyncable* registry) {
diff --git a/debian/patches/series b/debian/patches/series
index 5f5bb11..ac5b58b 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -17,3 +17,5 @@ icon.patch
 gold-linker.patch
 third-party-cookies-off-by-default.patch
 ps-print.patch
+window-placement.patch
+no-promo.patch
diff --git a/debian/patches/window-placement.patch b/debian/patches/window-placement.patch
new file mode 100644
index 0000000..9894b58
--- /dev/null
+++ b/debian/patches/window-placement.patch
@@ -0,0 +1,17 @@
+Subject: Prevent windows from jumping to front for new tabs
+From: Tony Houghton <h at realh.co.uk>
+Bug: https://code.google.com/p/chromium/issues/detail?id=297679
+Bug-Debian: http://bugs.debian.org/725350
+Index: chromium/src/chrome/browser/ui/gtk/browser_window_gtk.cc
+===================================================================
+--- chromium.orig/src/chrome/browser/ui/gtk/browser_window_gtk.cc	2013-11-11 15:16:00.873091406 -0500
++++ chromium/src/chrome/browser/ui/gtk/browser_window_gtk.cc	2013-11-11 15:16:00.873091406 -0500
+@@ -580,7 +580,7 @@
+   // browser instead if we don't explicitly set it here.
+   BrowserList::SetLastActive(browser());
+ 
+-  gtk_window_present(window_);
++  gtk_widget_show(GTK_WIDGET(window_));
+   if (show_state_after_show_ == ui::SHOW_STATE_MAXIMIZED) {
+     gtk_window_maximize(window_);
+     show_state_after_show_ = ui::SHOW_STATE_NORMAL;
diff --git a/debian/rules b/debian/rules
index c636e10..20d6799 100755
--- a/debian/rules
+++ b/debian/rules
@@ -22,9 +22,7 @@ DEB_TAR_SRCDIR := src
 SRC_DIR        := $(CURDIR)/$(DEB_TAR_SRCDIR)
 LIB_DIR        := usr/lib/$(DEBIAN_NAME)
 DEB_BUILDDIR   := $(SRC_DIR)
-#BUILD_ARGS     := --keep-going
 
-WANT_XZ_SRC      ?= 1
 WANT_DEBUG       := 0
 WANT_SYSTEM_LIBS ?= 1
 WANT_SHARED_LIBS ?= 0
@@ -86,9 +84,6 @@ GYP_DEFINES += linux_use_tcmalloc=0
 # This makes breakages easier to detect by revdep-rebuild.
 GYP_DEFINES += linux_link_gsettings=1
 
-# disable breakpad crash reporting
-GYP_DEFINES += linux_breakpad=0
-
 DEB_HOST_ARCH_CPU := $(shell dpkg-architecture -qDEB_HOST_ARCH_CPU)
 DEB_HOST_ARCH := $(shell dpkg-architecture -qDEB_HOST_ARCH)
 
@@ -162,15 +157,6 @@ endif
 # Always ignore compiler warnings
 GYP_DEFINES += werror=$(NULL)
 
-ifeq (1,$(WANT_XZ_SRC))
-TAR_EXT   := xz
-TAR_FLAGS := --xz
-DEB_TARBALL = $(wildcard *.tar.bz2 *.tar.$(TAR_EXT))
-else
-TAR_EXT   := bz2
-TAR_FLAGS := -j
-endif
-
 include /usr/share/cdbs/1/rules/debhelper.mk
 include /usr/share/cdbs/1/class/makefile.mk
 
@@ -348,7 +334,6 @@ TESTS_TARGETS := \
 	wav_ola_test \
 	$(NULL)
 
-ifeq (1,$(WANT_TESTS))
 INSTALL_EXCLUDE_FILES += \
 	$(TESTS_TARGETS) \
 	test_shell.pak \
@@ -358,7 +343,6 @@ INSTALL_EXCLUDE_FILES += \
 INSTALL_EXCLUDE_DIRS += \
 	app_unittests_strings \
 	$(NULL)
-endif
 
 ifeq (1,$(WANT_SANDBOXING))
 GYP_DEFINES += \
@@ -469,6 +453,9 @@ endif
 	rm -f debian/tmp/$(LIB_DIR)/chromium.1
 	strip debian/tmp/usr/lib/chromium/nacl_irt_x86_32.nexe || true
 	strip debian/tmp/usr/lib/chromium/nacl_irt_x86_64.nexe || true
+	# move inspector files into /usr/share
+	mkdir -p $(CURDIR)/debian/tmp/usr/share
+	mv $(CURDIR)/debian/tmp/$(LIB_DIR)/resources/inspector $(CURDIR)/debian/tmp/usr/share/chromium-inspector
 
 binary-install/$(DEBIAN_NAME)::
 	mkdir -p $(CURDIR)/debian/$(DEBIAN_NAME)/usr/share/pixmaps
@@ -496,8 +483,6 @@ ifneq (i386,$(DEB_HOST_ARCH_CPU))
 	# to drop the -l10n files from debian/tmp to make 'compare' happy
 	cd $(CURDIR)/debian/tmp/$(LIB_DIR)/locales && \
 	  rm $(filter-out en-US.pak,$(notdir $(wildcard $(CURDIR)/debian/tmp/$(LIB_DIR)/locales/*)))
-	# same for inspector
-	rm -rf $(CURDIR)/debian/tmp/$(LIB_DIR)/resources/inspector/*
 endif
 ifeq (1,$(USE_SYSTEM_FFMPEG))
 	# Install symlinks to system ffmpeg libs
@@ -600,7 +585,6 @@ USE_GREEN_REV ?= 0
 STRIP_TARBALL ?= 1
 
 STRIPPED_DIRS_FROM_CO := \
-	src/breakpad/src \
 	src/tools/gyp \
 	src/chrome/tools/test/reference_build \
 	src/chrome/tools/test/reference_build/chrome_linux \
@@ -669,19 +653,6 @@ ALMOST_STRIPPED_DIRS := \
 	third_party/gles2_book \
 	$(NULL)
 
-ifeq (1,$(WANT_SYSTEM_LIBS))
-# Directories that will be dropped if the corresponding system lib are enabled in GYP_DEFINES
-# We need to keep some files (like *.gyp) so we can't use STRIPPED_DIRS
-# We can't drop third_party/zlib because we don't have contrib/minizip/*zip.h, and
-# third_party/sqlite because it's a conditional build (see USE_SYSTEM_SQLITE)
-STRIPPED_SYSTEM_LIB_DIRS += \
-	third_party/bzip2 \
-	third_party/libjpeg \
-	third_party/libpng \
-	third_party/libxslt \
-	$(NULL)
-endif
-
 STRIP_SYSTEM_DIRS = \
 	($(foreach DIR,$(1),$(if $(findstring use_system_$(notdir $(DIR))=1,$(GYP_DEFINES)),\
 	  (cd $(2)/$(dir $(DIR)) && \
@@ -786,9 +757,6 @@ ifneq (,$(ALMOST_STRIPPED_DIRS))
 	# Strip listed dirs almost completely (keep *.gyp and README.chromium)
 	$(call ALMOST_STRIP_DIRS,$(ALMOST_STRIPPED_DIRS),$(TMP_DDIR)/src) | grep -vE '/\.svn(/|.$$)' >> $(TMP_DDIR)/src/REMOVED-stripped.txt
 endif
-ifneq (,$(STRIPPED_SYSTEM_LIB_DIRS))
-	$(call STRIP_SYSTEM_DIRS,$(STRIPPED_SYSTEM_LIB_DIRS),$(TMP_DDIR)/src) | grep -vE '/\.svn(/|.$$)' >> $(TMP_DDIR)/src/REMOVED-stripped.txt
-endif
 endif
 	# Remove binaries
 	cd $(TMP_DDIR)/src && find . -type f \( -iname \*.exe -o -iname \*.dll -o -iname \*.pdb -o -name \*.o -o -name \*.a -o -name \*.dylib -o -name \*.so -o -name \*.so.\* \) -ls -delete > REMOVED-bin_only.txt
@@ -828,7 +796,6 @@ gos-pack:
 	mv $(TMP_DIR)/tools/depot_tools $(TMP_DIR)/$(DEB_TAR_SRCDIR)/depot_tools
 	mkdir $(TMP_DIR)/$(SOURCE_NAME)-$(VERSION)
 	mv $(TMP_DIR)/$(DEB_TAR_SRCDIR) $(TMP_DIR)/$(SOURCE_NAME)-$(VERSION)/
-	cd $(TMP_DIR) && tar -c $(TAR_FLAGS) -f ../$(SOURCE_NAME)_$(VERSION).orig.tar.$(TAR_EXT) --exclude=.svn --exclude=.git $(SOURCE_NAME)-$(VERSION)
+	cd $(TMP_DIR) && tar cJf ../../$(SOURCE_NAME)_$(VERSION).orig.tar.xz \
+		--exclude=.svn --exclude=.git $(SOURCE_NAME)-$(VERSION)
 	rm -rf $(TMP_DIR)
-	@echo "# Done (created $(SOURCE_NAME)_$(VERSION).orig.tar.$(TAR_EXT))"
-	@ls -l $(SOURCE_NAME)_$(VERSION).orig.tar.$(TAR_EXT)
diff --git a/debian/run-test.sh b/debian/run-test.sh
deleted file mode 100644
index 7e005ab..0000000
--- a/debian/run-test.sh
+++ /dev/null
@@ -1,123 +0,0 @@
-#!/bin/sh
-
-# Authors:
-#  Fabien Tassin <fta at sofaraway.org>
-# License: GPLv2 or later
-
-usage () {
-  echo "Usage: "`basename $0`" [-x] [-t sec] test_file log_dir [filter]"
-  echo
-  echo "        -x               Run test_file under xvfb"
-  echo "        -t sec           Timeout in seconds after which we kill the test"
-}
-
-timeout=600
-want_x=0
-while [ $# -gt 0 ]; do
-  case "$1" in
-    -h | --help | -help )
-      usage
-      exit 0 ;;
-    -t )
-      shift
-      if [ $# = 0 ] ; then
-        echo Error: -t needs an argument
-        exit 1
-      fi
-      timeout=$1
-      shift ;;
-    -x )
-      want_x=1
-      shift ;;
-    -- ) # Stop option prcessing
-      shift
-      break ;;
-    * )
-      break ;;
-  esac
-done
-
-TEST=$1
-LOGDIR=$2
-FILTER=$3
-
-if [ "Z$TEST" = "Z" ] ; then
-  usage
-  exit 1
-fi
-
-if  [ "Z$LOGDIR" = "Z" ] ; then
-  usage
-  exit 1
-fi
-
-if [ ! -x $TEST ] ; then
-  echo "Error: $TEST must be an executable"
-  exit 1
-fi
-
-if [ ! -d $LOGDIR ] ; then
-  echo "Error: $LOGDIR is not a directory"
-  exit 1
-fi
-
-if [ $want_x -eq 1 ] ; then
-  XVFB="/usr/bin/xvfb-run -a -e $LOGDIR/xvfb.log"
-  RTEST="$XVFB $TEST"
-  rm -f $LOGDIR/xvfb.log
-else
-  XVFB=""
-  RTEST=$TEST
-fi
-
-if [ "Z$FILTER" != Z ] ; then
-  FILTER="--gtest_filter=$FILTER"
-  echo "# Running '$RTEST $FILTER' ..."
-else
-  echo "# Running '$RTEST' ..."
-fi
-
-T1=$(date +%s)
-timeout $timeout $XVFB $TEST $FILTER > $LOGDIR/$TEST.txt 2>&1
-RET=$?
-DELTA=$(expr $(date +%s) - $T1)
-echo "# '$RTEST $FILTER' returned with error code $RET (after $DELTA sec)"
-
-if [ $(grep -c 'Global test environment tear-down' $LOGDIR/$TEST.txt) -eq 1 ] ; then
-  echo "## Results"
-  sed -e '1,/Global test environment tear-down/d' < $LOGDIR/$TEST.txt
-else
-  if [ $(grep -c ' FAILED  ' $LOGDIR/$TEST.txt) -ne 0 ] ; then
-    echo
-    echo "## list of FAILED tests:"
-    grep '  FAILED  ' $LOGDIR/$TEST.txt
-  fi
-fi
-echo
-if [ $RET -ne 0 ] ; then
-  echo "=== Logs ==="
-  cat $LOGDIR/$TEST.txt
-  if [ "Z$XVFB" != Z ] ; then
-    echo "=== xvfb logs ==="
-    cat $LOGDIR/xvfb.log
-  fi
-  echo "==== end of logs ==="
-  # debug in gdb
-  if [ $want_x -eq 1 ] ; then
-    GDB="/usr/bin/xvfb-run -a gdb"
-  else
-    GDB=gdb
-  fi
-  echo "run $FILTER\necho ------------------------------------------------\\\\n\necho (gdb) bt\\\\n\nbt\n" > /tmp/gdb-cmds-$$.txt
-  echo "echo ------------------------------------------------\\\\n\necho (gdb) bt f\\\\n\nbt f\n" >> /tmp/gdb-cmds-$$.txt
-  T2=$(date +%s)
-  timeout $timeout $GDB -n -batch -x /tmp/gdb-cmds-$$.txt $TEST > $LOGDIR/$TEST--gdb.txt 2>&1
-  RET=$?
-  DELTA=$(expr $(date +%s) - $T2)
-  echo "# '$GDB -n -batch -x /tmp/gdb-cmds-$$.txt $TEST' returned with error code $RET (after $DELTA sec)"
-  rm -f /tmp/gdb-cmds-$$.txt
-  echo "---- crash logs ----"
-  grep -E '^Program received signal' < $LOGDIR/$TEST--gdb.txt
-  sed -e '1,/^Program received signal/d' < $LOGDIR/$TEST--gdb.txt
-fi
-killall -q -v -9 $(basename $TEST) Xvfb timeout

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-chromium/pkg-chromium.git



More information about the Pkg-chromium-commit mailing list