[Pkg-chromium-commit] [pkg-chromium] 03/04: release 48.0.2564.82-1~deb8u1
Michael Gilbert
mgilbert at moszumanska.debian.org
Wed Feb 24 04:12:18 UTC 2016
This is an automated email from the git hooks/post-receive script.
mgilbert pushed a commit to branch jessie
in repository pkg-chromium.
commit d1f53976fdf2da4d0e67e018450f591d344808e8
Author: Michael Gilbert <mgilbert at debian.org>
Date: Thu Jan 21 23:27:39 2016 +0000
release 48.0.2564.82-1~deb8u1
---
debian/changelog | 33 +++++++++++++++++++++++++
debian/patches/clang.patch | 2 +-
debian/patches/disable/google-api-warning.patch | 2 +-
debian/patches/manpage.patch | 2 +-
debian/patches/nspr.patch | 2 +-
debian/rules | 4 +++
6 files changed, 41 insertions(+), 4 deletions(-)
diff --git a/debian/changelog b/debian/changelog
index b008750..d6f5331 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,36 @@
+chromium-browser (48.0.2564.82-1~deb8u1) jessie-security; urgency=medium
+
+ * New upstream stable release:
+ - CVE-2016-1612: Bad cast in V8. Credit to cloudfuzzer.
+ - CVE-2016-1613: Use-after-free in PDFium. Credit to anonymous.
+ - CVE-2016-1614: Information leak in Blink. Credit to Christoph Diehl.
+ - CVE-2016-1615: Origin confusion in Omnibox. Credit to Ron Masas.
+ - CVE-2016-1616: URL Spoofing. Credit to Luan Herrera.
+ - CVE-2016-1617: History sniffing with HSTS and CSP. Credit to jenuis.
+ - CVE-2016-1618: Weak random number generator in Blink. Credit to Aaron
+ Toponce.
+ - CVE-2016-1619: Out-of-bounds read in PDFium. Credit to Keve Nagy.
+ - CVE-2016-1620: Various fixes from internal audits, fuzzing and other
+ initiatives.
+ - Multiple vulnerabilities in V8 fixed at the tip of the 4.8 branch
+ (currently 4.8.271.17).
+ * Use ld.gold to avoid memory exhaustion while linking (closes: #812569).
+
+ -- Michael Gilbert <mgilbert at debian.org> Thu, 21 Jan 2016 23:36:50 +0000
+
+chromium-browser (47.0.2526.80-1~deb8u1) jessie-security; urgency=medium
+
+ * New upstream stable release:
+ - Multiple vulnerabilities fixed in libv8 4.7.80.23.
+ - CVE-2015-6788: Type confusion in extensions. Credit to anonymous.
+ - CVE-2015-6789: Use-after-free in Blink. Credit to cloudfuzzer.
+ - CVE-2015-6790: Escaping issue in saved pages. Credit to Inti De
+ Ceukelaire.
+ - CVE-2015-6791: Various fixes from internal audits, fuzzing and other
+ initiatives.
+
+ -- Michael Gilbert <mgilbert at debian.org> Sun, 13 Dec 2015 04:30:55 +0000
+
chromium-browser (47.0.2526.73-1~deb8u1) jessie-security; urgency=medium
* New upstream stable release:
diff --git a/debian/patches/clang.patch b/debian/patches/clang.patch
index cc4c3bf..8536325 100644
--- a/debian/patches/clang.patch
+++ b/debian/patches/clang.patch
@@ -3,7 +3,7 @@ author: Michael Gilbert <mgilbert at debian.org>
--- a/build/common.gypi
+++ b/build/common.gypi
-@@ -5954,8 +5954,8 @@
+@@ -5980,8 +5980,8 @@
['clang==1 and ((OS!="mac" and OS!="ios") or clang_xcode==0) '
'and OS!="win"', {
'make_global_settings': [
diff --git a/debian/patches/disable/google-api-warning.patch b/debian/patches/disable/google-api-warning.patch
index b5a0ffd..ca3944c 100644
--- a/debian/patches/disable/google-api-warning.patch
+++ b/debian/patches/disable/google-api-warning.patch
@@ -2,7 +2,7 @@ description: disable the google api key warning when those aren't found
--- a/chrome/browser/ui/startup/startup_browser_creator_impl.cc
+++ b/chrome/browser/ui/startup/startup_browser_creator_impl.cc
-@@ -815,8 +815,6 @@ void StartupBrowserCreatorImpl::AddInfoB
+@@ -810,8 +810,6 @@ void StartupBrowserCreatorImpl::AddInfoB
if (is_process_startup == chrome::startup::IS_PROCESS_STARTUP &&
!command_line_.HasSwitch(switches::kTestType)) {
chrome::ShowBadFlagsPrompt(browser);
diff --git a/debian/patches/manpage.patch b/debian/patches/manpage.patch
index da4008d..f39b7b9 100644
--- a/debian/patches/manpage.patch
+++ b/debian/patches/manpage.patch
@@ -42,7 +42,7 @@ Author: Daniel Echeverry <epsilon77 at gmail.com>
.SH ENVIRONMENT
--- a/chrome/chrome_exe.gypi
+++ b/chrome/chrome_exe.gypi
-@@ -128,7 +128,7 @@
+@@ -129,7 +129,7 @@
}, { # else branding!="Chrome"
'variables': {
'name': 'Chromium',
diff --git a/debian/patches/nspr.patch b/debian/patches/nspr.patch
index e3ea844..1ee8084 100644
--- a/debian/patches/nspr.patch
+++ b/debian/patches/nspr.patch
@@ -2,7 +2,7 @@ Include system copy of prtime.h
--- a/base/base.gypi
+++ b/base/base.gypi
-@@ -622,8 +622,6 @@
+@@ -627,8 +627,6 @@
'third_party/dmg_fp/g_fmt.cc',
'third_party/icu/icu_utf.cc',
'third_party/icu/icu_utf.h',
diff --git a/debian/rules b/debian/rules
index b3ededa..0eddb2d 100755
--- a/debian/rules
+++ b/debian/rules
@@ -12,6 +12,10 @@ export LDFLAGS+=-Wl,--no-keep-memory -Wl,--reduce-memory-overheads -Wl,--hash-si
# more verbose linker output
export LDFLAGS+=-Wl,--trace -Wl,--stats
+# use the gold linker to avoid memory exhaustion issues at link time
+export CFLAGS+=-fuse-ld=gold
+export CXXFLAGS+=-fuse-ld=gold
+
# treat all warnings as errors
defines=werror=
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-chromium/pkg-chromium.git
More information about the Pkg-chromium-commit
mailing list