[Pkg-chromium-commit] [pkg-chromium] 02/02: release 62.0.3202.75-1

Michael Gilbert mgilbert at moszumanska.debian.org
Sun Nov 5 02:54:56 UTC 2017 

This is an automated email from the git hooks/post-receive script.

mgilbert pushed a commit to branch master
in repository pkg-chromium.

commit b8ccccd87e48ec462048f18446448652bd9016da
Author: Michael Gilbert <mgilbert at debian.org>
Date:   Sun Nov 5 02:53:23 2017 +0000

    release 62.0.3202.75-1
---
 debian/changelog                                 | 35 +++++++++++++++++++++++-
 debian/patches/disable/google-api-warning.patch  |  1 +
 debian/patches/disable/promo.patch               |  2 +-
 debian/patches/fixes/chromecast.patch            | 15 ++++++++++
 debian/patches/fixes/chromedriver-revision.patch |  1 +
 debian/patches/fixes/connection-message.patch    |  2 +-
 debian/patches/gn/narrowing.patch                | 14 ++++++++++
 debian/patches/manpage.patch                     |  8 +++---
 debian/rules                                     |  2 +-
 9 files changed, 72 insertions(+), 8 deletions(-)

diff --git a/debian/changelog b/debian/changelog
index 8a60df8..461d314 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,36 @@
+chromium-browser (62.0.3202.75-1) unstable; urgency=medium
+
+  * New upstream stable release (closes: #879451).
+    - CVE-2017-5124: UXSS with MHTML. Reported by Anonymous
+    - CVE-2017-5125: Heap overflow in Skia. Reported by Anonymous
+    - CVE-2017-5126: Use after free in PDFium. Reported by Luat Nguyen
+    - CVE-2017-5127: Use after free in PDFium. Reported by Luat Nguyen
+    - CVE-2017-5128: Heap overflow in WebGL. Reported by Omair
+    - CVE-2017-5129: Use after free in WebAudio. Reported by Omair
+    - CVE-2017-5131: Out of bounds write in Skia. Reported by Anonymous
+    - CVE-2017-5132: Incorrect stack manipulation in WebAssembly. Reported by
+      Gaurav Dewan
+    - CVE-2017-5133: Out of bounds write in Skia. Reported by Aleksandar
+      Nikolic
+    - CVE-2017-15386: UI spoofing in Blink. Reported by WenXu Wu
+    - CVE-2017-15387: Content security bypass. Reported by Jun Kokatsu
+    - CVE-2017-15388: Out of bounds read in Skia. Reported by Kushal Arvind
+      Shah
+    - CVE-2017-15389: URL spoofing in OmniBox. Reported by xisigr
+    - CVE-2017-15390: URL spoofing in OmniBox. Reported by Haosheng Wang
+    - CVE-2017-15391: Extension limitation bypass in Extensions. Reported by
+      João Lucas Melo Brasio
+    - CVE-2017-15392: Incorrect registry key handling in PlatformIntegration.
+      Reported by Xiaoyin Liu
+    - CVE-2017-15393: Referrer leak in Devtools. Reported by Svyat Mitin
+    - CVE-2017-15394: URL spoofing in extensions UI. Reported by Sam
+    - CVE-2017-15395: Null pointer dereference in ImageCapture. Reported by
+      Johannes Bergman
+    - CVE-2017-15396: Stack overflow in V8. Reported by Yuan Deng
+  * Enable chromecast feature switch (closes: #878244).
+
+ -- Michael Gilbert <mgilbert at debian.org>  Sat, 04 Nov 2017 19:01:28 +0000
+
 chromium-browser (61.0.3163.100-2) unstable; urgency=medium
 
   * Add liblcms2-dev as a build dependency (closes: #876804).
@@ -8,7 +41,7 @@ chromium-browser (61.0.3163.100-1) unstable; urgency=medium
 
   * New upstream stable release (closes: #876030).
     - CVE-2017-5111: Use after free in PDFium. Reported by Luật Nguyễn
-    - CVE-2017-5112: Heap buffer overflow in WebGL. Reported by Tobias Kleini
+    - CVE-2017-5112: Heap buffer overflow in WebGL. Reported by Tobias Klein
     - CVE-2017-5113: Heap buffer overflow in Skia. Reported by Anonymous
     - CVE-2017-5114: Memory lifecycle issue in PDFium. Reported by Ke Liu
     - CVE-2017-5115: Type confusion in V8. Reported by Marco Giovannini
diff --git a/debian/patches/disable/google-api-warning.patch b/debian/patches/disable/google-api-warning.patch
index 94a1691..697f525 100644
--- a/debian/patches/disable/google-api-warning.patch
+++ b/debian/patches/disable/google-api-warning.patch
@@ -1,4 +1,5 @@
 description: disable the google api key warning when those aren't found
+author: Michael Gilbert <mgilbert at debian.org>
 
 --- a/chrome/browser/ui/startup/startup_browser_creator_impl.cc
 +++ b/chrome/browser/ui/startup/startup_browser_creator_impl.cc
diff --git a/debian/patches/disable/promo.patch b/debian/patches/disable/promo.patch
index df57d01..ee5f017 100644
--- a/debian/patches/disable/promo.patch
+++ b/debian/patches/disable/promo.patch
@@ -1,5 +1,5 @@
-author: Michael Gilbert <mgilbert at debian.org>
 description: disable the ad promo system by default
+author: Michael Gilbert <mgilbert at debian.org>
 bug-debian: http://bugs.debian.org/634101
 
 --- a/chrome/browser/ui/app_list/app_list_service.cc
diff --git a/debian/patches/fixes/chromecast.patch b/debian/patches/fixes/chromecast.patch
new file mode 100644
index 0000000..a73debd
--- /dev/null
+++ b/debian/patches/fixes/chromecast.patch
@@ -0,0 +1,15 @@
+description: enable chromecast feature switch
+author: Olivier Tilloy <olivier.tilloy at canonical.com>
+bug-debian: http://bugs.debian.org/878244
+
+--- a/extensions/common/feature_switch.cc
++++ b/extensions/common/feature_switch.cc
+@@ -52,7 +52,7 @@ class CommonSwitches {
+                          FeatureSwitch::DEFAULT_ENABLED),
+         load_media_router_component_extension(
+             kLoadMediaRouterComponentExtensionFlag,
+-#if defined(GOOGLE_CHROME_BUILD)
++#if 1
+             FeatureSwitch::DEFAULT_ENABLED),
+ #else
+             FeatureSwitch::DEFAULT_DISABLED),
diff --git a/debian/patches/fixes/chromedriver-revision.patch b/debian/patches/fixes/chromedriver-revision.patch
index 0ef12c9..9528f06 100644
--- a/debian/patches/fixes/chromedriver-revision.patch
+++ b/debian/patches/fixes/chromedriver-revision.patch
@@ -1,4 +1,5 @@
 description: set chromedriver version as undefined
+author: Michael Gilbert <mgilbert at debian.org>
 
 --- a/chrome/test/chromedriver/embed_version_in_cpp.py
 +++ b/chrome/test/chromedriver/embed_version_in_cpp.py
diff --git a/debian/patches/fixes/connection-message.patch b/debian/patches/fixes/connection-message.patch
index 9bd595e..630fe4a 100644
--- a/debian/patches/fixes/connection-message.patch
+++ b/debian/patches/fixes/connection-message.patch
@@ -9,7 +9,7 @@ bug-debian: http://bugs.debian.org/864539
    <message name="IDS_ERRORPAGES_SUGGESTION_CHECK_CONNECTION_BODY" desc="When a page fails to load, sometimes we suggest checking the network connections.  This contains details below the suggestion.">
      Check any cables and reboot any routers, modems, or other network
 -    devices you may be using.
-+    devices you may be using. Also that check any proxy server currently in use is reachable and configured correctly.
++    devices you may be using. Also check that any proxy server currently in use is reachable and configured correctly.
    </message>
    <if expr="not is_ios or not is_android">
      <message name="IDS_ERRORPAGES_SUGGESTION_DNS_CONFIG_HEADER" desc="When a page fails to load, sometimes we suggest checking the DNS configuration.  This is a header above above some details.">
diff --git a/debian/patches/gn/narrowing.patch b/debian/patches/gn/narrowing.patch
new file mode 100644
index 0000000..bcd171c
--- /dev/null
+++ b/debian/patches/gn/narrowing.patch
@@ -0,0 +1,14 @@
+description: silence narrowing warnings when bootstrapping gn
+author: Michael Gilbert <mgilbert at debian.org>
+
+--- a/tools/gn/bootstrap/bootstrap.py
++++ b/tools/gn/bootstrap/bootstrap.py
+@@ -351,7 +351,7 @@ def write_gn_ninja(path, root_gen_dir, o
+         '-pipe',
+         '-fno-exceptions'
+     ])
+-    cflags_cc.extend(['-std=c++14', '-Wno-c++11-narrowing'])
++    cflags_cc.extend(['-std=c++14'])
+     if is_aix:
+      cflags.extend(['-maix64'])
+      ldflags.extend([ '-maix64 -Wl,-bbigtoc' ])
diff --git a/debian/patches/manpage.patch b/debian/patches/manpage.patch
index 46f6b2e..128aec6 100644
--- a/debian/patches/manpage.patch
+++ b/debian/patches/manpage.patch
@@ -1,6 +1,6 @@
-Description: manpage updates/fixes
-Forwarded: http://code.google.com/p/chromium/issues/detail?id=73591
-Author: Daniel Echeverry <epsilon77 at gmail.com>
+description: manpage updates/fixes
+author: Daniel Echeverry <epsilon77 at gmail.com>
+forwarded: http://code.google.com/p/chromium/issues/detail?id=73591
 
 --- a/chrome/app/resources/manpage.1.in
 +++ b/chrome/app/resources/manpage.1.in
@@ -36,7 +36,7 @@ Author: Daniel Echeverry <epsilon77 at gmail.com>
  .TP
  \fB\-\-user\-data\-dir\fR=\fIDIR\fR
  Specifies the directory that user data (your "profile") is kept in.
-@@ -110,6 +127,7 @@ as
+@@ -114,6 +131,7 @@ as
  See the GTK documentation for more:
  .IP
  <http://library.gnome.org/devel/gtk/stable/gtk-running.html>
diff --git a/debian/rules b/debian/rules
index 8da3679..c3a3f03 100755
--- a/debian/rules
+++ b/debian/rules
@@ -35,7 +35,6 @@ endif
 defines+=is_debug=false \
          use_gtk3=false \
          use_ozone=false \
-         use_gconf=false \
          use_sysroot=false \
          use_openh264=false \
          use_kerberos=false \
@@ -57,6 +56,7 @@ defines+=is_debug=false \
 
 # enabled features
 defines+=use_gold=true \
+         use_gconf=true \
          use_pulseaudio=true \
          link_pulseaudio=true \
          enable_widevine=true \

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-chromium/pkg-chromium.git

More information about the Pkg-chromium-commit mailing list