[Pkg-chromium-commit] [pkg-chromium] 03/04: release 48.0.2564.82-1~deb8u1

Wed Feb 24 04:12:18 UTC 2016

This is an automated email from the git hooks/post-receive script.

mgilbert pushed a commit to branch jessie
in repository pkg-chromium.

commit d1f53976fdf2da4d0e67e018450f591d344808e8
Author: Michael Gilbert <mgilbert at debian.org>
Date:   Thu Jan 21 23:27:39 2016 +0000

    release 48.0.2564.82-1~deb8u1
---
 debian/changelog                                | 33 +++++++++++++++++++++++++
 debian/patches/clang.patch                      |  2 +-
 debian/patches/disable/google-api-warning.patch |  2 +-
 debian/patches/manpage.patch                    |  2 +-
 debian/patches/nspr.patch                       |  2 +-
 debian/rules                                    |  4 +++
 6 files changed, 41 insertions(+), 4 deletions(-)

diff --git a/debian/changelog b/debian/changelog
index b008750..d6f5331 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,36 @@
+chromium-browser (48.0.2564.82-1~deb8u1) jessie-security; urgency=medium
+
+  * New upstream stable release:
+    - CVE-2016-1612: Bad cast in V8. Credit to cloudfuzzer.
+    - CVE-2016-1613: Use-after-free in PDFium. Credit to anonymous.
+    - CVE-2016-1614: Information leak in Blink. Credit to Christoph Diehl.
+    - CVE-2016-1615: Origin confusion in Omnibox. Credit to Ron Masas.
+    - CVE-2016-1616: URL Spoofing. Credit to Luan Herrera.
+    - CVE-2016-1617: History sniffing with HSTS and CSP. Credit to jenuis.
+    - CVE-2016-1618: Weak random number generator in Blink. Credit to Aaron
+      Toponce.
+    - CVE-2016-1619: Out-of-bounds read in PDFium. Credit to Keve Nagy.
+    - CVE-2016-1620: Various fixes from internal audits, fuzzing and other
+      initiatives.
+    - Multiple vulnerabilities in V8 fixed at the tip of the 4.8 branch
+      (currently 4.8.271.17).
+  * Use ld.gold to avoid memory exhaustion while linking (closes: #812569).
+
+ -- Michael Gilbert <mgilbert at debian.org>  Thu, 21 Jan 2016 23:36:50 +0000
+
+chromium-browser (47.0.2526.80-1~deb8u1) jessie-security; urgency=medium
+
+  * New upstream stable release:
+    - Multiple vulnerabilities fixed in libv8 4.7.80.23.
+    - CVE-2015-6788: Type confusion in extensions. Credit to anonymous.
+    - CVE-2015-6789: Use-after-free in Blink. Credit to cloudfuzzer.
+    - CVE-2015-6790: Escaping issue in saved pages. Credit to Inti De
+      Ceukelaire.
+    - CVE-2015-6791: Various fixes from internal audits, fuzzing and other
+      initiatives.
+
+ -- Michael Gilbert <mgilbert at debian.org>  Sun, 13 Dec 2015 04:30:55 +0000
+
 chromium-browser (47.0.2526.73-1~deb8u1) jessie-security; urgency=medium
 
   * New upstream stable release:
diff --git a/debian/patches/clang.patch b/debian/patches/clang.patch
index cc4c3bf..8536325 100644
--- a/debian/patches/clang.patch
+++ b/debian/patches/clang.patch
@@ -3,7 +3,7 @@ author: Michael Gilbert <mgilbert at debian.org>
 
 --- a/build/common.gypi
 +++ b/build/common.gypi
-@@ -5954,8 +5954,8 @@
+@@ -5980,8 +5980,8 @@
      ['clang==1 and ((OS!="mac" and OS!="ios") or clang_xcode==0) '
          'and OS!="win"', {
        'make_global_settings': [
diff --git a/debian/patches/disable/google-api-warning.patch b/debian/patches/disable/google-api-warning.patch
index b5a0ffd..ca3944c 100644
--- a/debian/patches/disable/google-api-warning.patch
+++ b/debian/patches/disable/google-api-warning.patch
@@ -2,7 +2,7 @@ description: disable the google api key warning when those aren't found
 
 --- a/chrome/browser/ui/startup/startup_browser_creator_impl.cc
 +++ b/chrome/browser/ui/startup/startup_browser_creator_impl.cc
-@@ -815,8 +815,6 @@ void StartupBrowserCreatorImpl::AddInfoB
+@@ -810,8 +810,6 @@ void StartupBrowserCreatorImpl::AddInfoB
    if (is_process_startup == chrome::startup::IS_PROCESS_STARTUP &&
        !command_line_.HasSwitch(switches::kTestType)) {
      chrome::ShowBadFlagsPrompt(browser);
diff --git a/debian/patches/manpage.patch b/debian/patches/manpage.patch
index da4008d..f39b7b9 100644
--- a/debian/patches/manpage.patch
+++ b/debian/patches/manpage.patch
@@ -42,7 +42,7 @@ Author: Daniel Echeverry <epsilon77 at gmail.com>
  .SH ENVIRONMENT
 --- a/chrome/chrome_exe.gypi
 +++ b/chrome/chrome_exe.gypi
-@@ -128,7 +128,7 @@
+@@ -129,7 +129,7 @@
                  }, { # else branding!="Chrome"
                    'variables': {
                      'name': 'Chromium',
diff --git a/debian/patches/nspr.patch b/debian/patches/nspr.patch
index e3ea844..1ee8084 100644
--- a/debian/patches/nspr.patch
+++ b/debian/patches/nspr.patch
@@ -2,7 +2,7 @@ Include system copy of prtime.h
 
 --- a/base/base.gypi
 +++ b/base/base.gypi
-@@ -622,8 +622,6 @@
+@@ -627,8 +627,6 @@
            'third_party/dmg_fp/g_fmt.cc',
            'third_party/icu/icu_utf.cc',
            'third_party/icu/icu_utf.h',
diff --git a/debian/rules b/debian/rules
index b3ededa..0eddb2d 100755
--- a/debian/rules
+++ b/debian/rules
@@ -12,6 +12,10 @@ export LDFLAGS+=-Wl,--no-keep-memory -Wl,--reduce-memory-overheads -Wl,--hash-si
 # more verbose linker output
 export LDFLAGS+=-Wl,--trace -Wl,--stats
 
+# use the gold linker to avoid memory exhaustion issues at link time
+export CFLAGS+=-fuse-ld=gold
+export CXXFLAGS+=-fuse-ld=gold
+
 # treat all warnings as errors
 defines=werror=
 

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-chromium/pkg-chromium.git

