[Pkg-chromium-commit] [pkg-chromium] 01/02: release 44.0.2403.89-1
Michael Gilbert
mgilbert at moszumanska.debian.org
Sun Jul 26 04:24:39 UTC 2015
This is an automated email from the git hooks/post-receive script.
mgilbert pushed a commit to branch master
in repository pkg-chromium.
commit 2a6753dd5276792b3df431d9356b5b8cb6480e3d
Author: Michael Gilbert <mgilbert at debian.org>
Date: Thu Jul 23 22:33:41 2015 +0000
release 44.0.2403.89-1
---
debian/changelog | 32 ++++++++++++++++++++++++
debian/chromium.install | 1 -
debian/chromium.lintian-overrides | 6 ++---
debian/copyright | 2 --
debian/patches/clang.patch | 2 +-
debian/patches/disable/external-components.patch | 2 +-
debian/patches/disable/hotword.patch | 13 ----------
debian/patches/disable/promo.patch | 2 +-
debian/patches/manpage.patch | 2 +-
debian/patches/series | 2 --
debian/patches/system/nspr.patch | 2 +-
debian/patches/system/speex.patch | 2 +-
debian/source/lintian-overrides | 2 ++
13 files changed, 42 insertions(+), 28 deletions(-)
diff --git a/debian/changelog b/debian/changelog
index c127c5d..122648c 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,35 @@
+chromium-browser (44.0.2403.89-1) unstable; urgency=medium
+
+ * New upstream stable release:
+ - CVE-2015-1270: Uninitialized memory read in ICU. Credit to Atte Kettunen.
+ - CVE-2015-1271: Heap-buffer-overflow in pdfium. Credit to cloudfuzzer.
+ - CVE-2015-1272: Use-after-free related to unexpected GPU process
+ termination. Credit to Chamal de Silva.
+ - CVE-2015-1273: Heap-buffer-overflow in pdfium. Credit to makosoft.
+ - CVE-2015-1274: Settings allowed executable files to run immediately after
+ download. Credit to andrewm.bpi.
+ - CVE-2015-1275: UXSS in Chrome for Android. Credit to WangTao(neobyte).
+ - CVE-2015-1276: Use-after-free in IndexedDB. Credit to Collin Payne.
+ - CVE-2015-1277: Use-after-free in accessibility. Credit to SkyLined.
+ - CVE-2015-1278: URL spoofing using pdf files. Credit to Chamal de Silva.
+ - CVE-2015-1279: Heap-buffer-overflow in pdfium. Credit to mlafon.
+ - CVE-2015-1280: Memory corruption in skia. Credit to cloudfuzzer.
+ - CVE-2015-1281: CSP bypass. Credit to Masato Kinugawa.
+ - CVE-2015-1282: Use-after-free in pdfium. Credit to Chamal de Silva.
+ - CVE-2015-1283: Heap-buffer-overflow in expat. Credit to Huzaifa
+ Sidhpurwala.
+ - CVE-2015-1284: Use-after-free in blink. Credit to Atte Kettunen.
+ - CVE-2015-1285: Information leak in XSS auditor. Credit to gazheyes.
+ - CVE-2015-1286: UXSS in blink. Credit to anonymous.
+ - CVE-2015-1287: SOP bypass with CSS. Credit to filedescriptor.
+ - CVE-2015-1288: Spell checking dictionaries fetched over HTTP. Credit to
+ Mike Ruddy.
+ - CVE-2015-1289: Various fixes from internal audits, fuzzing and other
+ initiatives.
+ * Remove hotword patch, now disabled by default upstream.
+
+ -- Michael Gilbert <mgilbert at debian.org> Tue, 21 Jul 2015 22:33:06 +0000
+
chromium-browser (43.0.2357.130-1) unstable; urgency=medium
* New upstream security release:
diff --git a/debian/chromium.install b/debian/chromium.install
index e180df9..ccb5e1c 100644
--- a/debian/chromium.install
+++ b/debian/chromium.install
@@ -1,7 +1,6 @@
out/Release/chromium usr/lib/chromium
out/Release/chrome-sandbox usr/lib/chromium
-out/Release/*.so usr/lib/chromium
out/Release/*.bin usr/lib/chromium
out/Release/*.pak usr/lib/chromium
out/Release/icudtl.dat usr/lib/chromium
diff --git a/debian/chromium.lintian-overrides b/debian/chromium.lintian-overrides
index 89dc6ba..097f1d3 100644
--- a/debian/chromium.lintian-overrides
+++ b/debian/chromium.lintian-overrides
@@ -1,10 +1,8 @@
# sandbox is intentionally suid
setuid-binary usr/lib/chromium/chrome-sandbox 4755 root/root
-# ffmpeg doesn't support pic
-shlib-with-non-pic-code usr/lib/chromium/libffmpegsumo.so
# currently unavoidable embedded libraries
-embedded-library usr/lib/chromium/libffmpegsumo.so: libavcodec
-embedded-library usr/lib/chromium/libffmpegsumo.so: libavutil
+embedded-library usr/lib/chromium/chromium: libavcodec
+embedded-library usr/lib/chromium/chromium: libavutil
embedded-library usr/lib/chromium/chromium: sqlite
embedded-library usr/lib/chromium/chromium: libpng
# temporarily accepting these code copies
diff --git a/debian/copyright b/debian/copyright
index 8cc9773..42b6a08 100644
--- a/debian/copyright
+++ b/debian/copyright
@@ -16,7 +16,6 @@ Files-Excluded:
third_party/cld
third_party/android*
third_party/bidichecker
- third_party/swig/linux
third_party/flot/*.js
third_party/yasm/source
third_party/skia/platform_tools
@@ -24,7 +23,6 @@ Files-Excluded:
third_party/webgl/src/other
third_party/expat/files
third_party/libxml/src
- third_party/snappy/src
third_party/libsrtp/srtp/doc/rfc3711.txt
third_party/mesa/src/src/gallium/state_trackers/d3d1x/w32api
base/third_party/nspr
diff --git a/debian/patches/clang.patch b/debian/patches/clang.patch
index 4e1378e..6dcc55d 100644
--- a/debian/patches/clang.patch
+++ b/debian/patches/clang.patch
@@ -3,7 +3,7 @@ author: Michael Gilbert <mgilbert at debian.org>
--- a/build/common.gypi
+++ b/build/common.gypi
-@@ -5772,8 +5772,8 @@
+@@ -5860,8 +5860,8 @@
['clang==1 and ((OS!="mac" and OS!="ios") or clang_xcode==0) '
'and OS!="win"', {
'make_global_settings': [
diff --git a/debian/patches/disable/external-components.patch b/debian/patches/disable/external-components.patch
index dd41ea3..60e04d0 100644
--- a/debian/patches/disable/external-components.patch
+++ b/debian/patches/disable/external-components.patch
@@ -1,6 +1,6 @@
--- a/chrome/browser/extensions/external_component_loader.cc
+++ b/chrome/browser/extensions/external_component_loader.cc
-@@ -49,6 +49,9 @@ bool ExternalComponentLoader::IsModifiab
+@@ -51,6 +51,9 @@ bool ExternalComponentLoader::IsModifiab
void ExternalComponentLoader::StartLoading() {
prefs_.reset(new base::DictionaryValue());
diff --git a/debian/patches/disable/hotword.patch b/debian/patches/disable/hotword.patch
deleted file mode 100644
index ace072e..0000000
--- a/debian/patches/disable/hotword.patch
+++ /dev/null
@@ -1,13 +0,0 @@
-description: disable hotword service, which downloads binary blobs
-bug-debian: http://bugs.debian.org/786909
-
---- a/chrome/browser/search/hotword_service.cc
-+++ b/chrome/browser/search/hotword_service.cc
-@@ -632,6 +632,7 @@ bool HotwordService::IsServiceAvailable(
- }
-
- bool HotwordService::IsHotwordAllowed() {
-+ return false;
- std::string group = base::FieldTrialList::FindFullName(
- hotword_internal::kHotwordFieldTrialName);
- // Allow hotwording by default, and only disable if the field trial has been
diff --git a/debian/patches/disable/promo.patch b/debian/patches/disable/promo.patch
index eb5931f..04a0250 100644
--- a/debian/patches/disable/promo.patch
+++ b/debian/patches/disable/promo.patch
@@ -4,7 +4,7 @@ bug-debian: http://bugs.debian.org/634101
--- a/chrome/browser/ui/app_list/app_list_service.cc
+++ b/chrome/browser/ui/app_list/app_list_service.cc
-@@ -152,7 +152,7 @@ void AppListService::RegisterPrefs(PrefR
+@@ -153,7 +153,7 @@ void AppListService::RegisterPrefs(PrefR
// Identifies whether we should show the app launcher promo or not. This
// becomes false when the user dismisses the promo.
diff --git a/debian/patches/manpage.patch b/debian/patches/manpage.patch
index 796cdd3..499fc88 100644
--- a/debian/patches/manpage.patch
+++ b/debian/patches/manpage.patch
@@ -42,7 +42,7 @@ Author: Daniel Echeverry <epsilon77 at gmail.com>
.SH ENVIRONMENT
--- a/chrome/chrome_exe.gypi
+++ b/chrome/chrome_exe.gypi
-@@ -136,7 +136,7 @@
+@@ -137,7 +137,7 @@
}, { # else branding!="Chrome"
'variables': {
'name': 'Chromium',
diff --git a/debian/patches/series b/debian/patches/series
index 7f25d2c..79ec5c2 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -2,7 +2,6 @@ manpage.patch
clang.patch
disable/promo.patch
-disable/hotword.patch
disable/google-api-warning.patch
disable/third-party-cookies.patch
disable/external-components.patch
@@ -14,4 +13,3 @@ chromedriver-revision.patch
system/nspr.patch
system/speex.patch
-system/snappy.patch
diff --git a/debian/patches/system/nspr.patch b/debian/patches/system/nspr.patch
index f4b5af1..a3f946e 100644
--- a/debian/patches/system/nspr.patch
+++ b/debian/patches/system/nspr.patch
@@ -2,7 +2,7 @@ Include system copy of prtime.h
--- a/base/base.gypi
+++ b/base/base.gypi
-@@ -597,8 +597,6 @@
+@@ -613,8 +613,6 @@
'third_party/dmg_fp/g_fmt.cc',
'third_party/icu/icu_utf.cc',
'third_party/icu/icu_utf.h',
diff --git a/debian/patches/system/speex.patch b/debian/patches/system/speex.patch
index e977e62..e318ad0 100644
--- a/debian/patches/system/speex.patch
+++ b/debian/patches/system/speex.patch
@@ -42,7 +42,7 @@ description: use system speex
namespace {
--- a/content/content_browser.gypi
+++ b/content/content_browser.gypi
-@@ -1987,7 +1987,7 @@
+@@ -2008,7 +2008,7 @@
['enable_web_speech==1', {
'dependencies': [
'../third_party/flac/flac.gyp:libflac',
diff --git a/debian/source/lintian-overrides b/debian/source/lintian-overrides
index ebde826..212489b 100644
--- a/debian/source/lintian-overrides
+++ b/debian/source/lintian-overrides
@@ -1,3 +1,5 @@
# incorrectly flagged
source-is-missing tools/trace/trace_data.js
source-is-missing ui/webui/resources/js/jstemplate_compiled.js
+# temporarily accepting json-licensed files (will remove next upload)
+license-problem-json-evil
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-chromium/pkg-chromium.git
More information about the Pkg-chromium-commit
mailing list