[Pkg-chromium-commit] [pkg-chromium] 04/04: release 61.0.3163.100-2
Michael Gilbert
mgilbert at moszumanska.debian.org
Wed Sep 27 01:55:21 UTC 2017
This is an automated email from the git hooks/post-receive script.
mgilbert pushed a commit to branch master
in repository pkg-chromium.
commit 794aa1820460727711e534ea1042db7eebc1601d
Author: Michael Gilbert <mgilbert at debian.org>
Date: Wed Sep 27 01:55:13 2017 +0000
release 61.0.3163.100-2
---
debian/README.source | 9 ++++++++
debian/changelog | 32 +++++++++++++++++++++++++++
debian/compat | 2 +-
debian/control | 3 ++-
debian/patches/fixes/connection-message.patch | 15 +++++++++++++
debian/patches/series | 1 +
debian/rules | 29 ++++++++++++++++--------
7 files changed, 80 insertions(+), 11 deletions(-)
diff --git a/debian/README.source b/debian/README.source
new file mode 100644
index 0000000..9121070
--- /dev/null
+++ b/debian/README.source
@@ -0,0 +1,9 @@
+List all of the flags that can be passed to gn
+
+$ ./out/Release/gn args --list out/Release
+
+use_system_sqlite=true
+enable_wayland_server=true
+enable_reporting=false
+
+build/linux/sysroot_scripts
diff --git a/debian/changelog b/debian/changelog
index cb84930..8a60df8 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,35 @@
+chromium-browser (61.0.3163.100-2) unstable; urgency=medium
+
+ * Add liblcms2-dev as a build dependency (closes: #876804).
+
+ -- Michael Gilbert <mgilbert at debian.org> Tue, 26 Sep 2017 12:54:35 +0000
+
+chromium-browser (61.0.3163.100-1) unstable; urgency=medium
+
+ * New upstream stable release (closes: #876030).
+ - CVE-2017-5111: Use after free in PDFium. Reported by Luật Nguyễn
+ - CVE-2017-5112: Heap buffer overflow in WebGL. Reported by Tobias Kleini
+ - CVE-2017-5113: Heap buffer overflow in Skia. Reported by Anonymous
+ - CVE-2017-5114: Memory lifecycle issue in PDFium. Reported by Ke Liu
+ - CVE-2017-5115: Type confusion in V8. Reported by Marco Giovannini
+ - CVE-2017-5116: Type confusion in V8. Reported by Anonymous
+ - CVE-2017-5117: Use of uninitialized value in Skia. Reported by Tobias
+ Klein
+ - CVE-2017-5118: Bypass of Content Security Policy in Blink. Reported by
+ WenXu Wu
+ - CVE-2017-5119: Use of uninitialized value in Skia. Reported by Anonymous
+ - CVE-2017-5120: Potential HTTPS downgrade during redirect navigation.
+ Reported by Xiaoyin Liu
+ - CVE-2017-5121: Out-of-bounds access in V8. Reported by Jordan Rabet
+ - CVE-2017-5122: Out-of-bounds access in V8. Reported by Choongwoo Han
+ - Adds support for gcc7 (closes: #853347).
+ * Update standards version.
+ * Use system libstdc++ instead of chromium's bundled custom libc++.
+ * Improve error message when network is unreachable (closes: #864539).
+ * Fix a mistake that lead to unstripped binary files (closes: #870531).
+
+ -- Michael Gilbert <mgilbert at debian.org> Sun, 24 Sep 2017 20:26:02 +0000
+
chromium-browser (60.0.3112.78-1) unstable; urgency=medium
* New upstream stable release:
diff --git a/debian/compat b/debian/compat
index ec63514..f599e28 100644
--- a/debian/compat
+++ b/debian/compat
@@ -1 +1 @@
-9
+10
diff --git a/debian/control b/debian/control
index 2bbb143..695d483 100644
--- a/debian/control
+++ b/debian/control
@@ -57,6 +57,7 @@ Build-Depends:
libgtk-3-dev,
libgtk2.0-dev,
libxslt1-dev,
+ liblcms2-dev,
libpulse-dev,
libpam0g-dev,
libsnappy-dev,
@@ -84,7 +85,7 @@ Build-Depends:
libgcrypt20-dev,
fonts-ipafont-gothic,
fonts-ipafont-mincho,
-Standards-Version: 4.0.0
+Standards-Version: 4.1.0
Package: chromium
Architecture: i386 amd64 arm64 armhf
diff --git a/debian/patches/fixes/connection-message.patch b/debian/patches/fixes/connection-message.patch
new file mode 100644
index 0000000..9bd595e
--- /dev/null
+++ b/debian/patches/fixes/connection-message.patch
@@ -0,0 +1,15 @@
+description: suggest proxy misconfiguration when nework is unreachable
+author: Michael Gilbert <mgilbert at debian.org>
+bug-debian: http://bugs.debian.org/864539
+
+--- a/components/error_page_strings.grdp
++++ b/components/error_page_strings.grdp
+@@ -52,7 +52,7 @@
+ </message>
+ <message name="IDS_ERRORPAGES_SUGGESTION_CHECK_CONNECTION_BODY" desc="When a page fails to load, sometimes we suggest checking the network connections. This contains details below the suggestion.">
+ Check any cables and reboot any routers, modems, or other network
+- devices you may be using.
++ devices you may be using. Also that check any proxy server currently in use is reachable and configured correctly.
+ </message>
+ <if expr="not is_ios or not is_android">
+ <message name="IDS_ERRORPAGES_SUGGESTION_DNS_CONFIG_HEADER" desc="When a page fails to load, sometimes we suggest checking the DNS configuration. This is a header above above some details.">
diff --git a/debian/patches/series b/debian/patches/series
index 5358e68..77a85fe 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -17,6 +17,7 @@ fixes/ps-print.patch
fixes/gpu-timeout.patch
fixes/declaration.patch
fixes/widevine-revision.patch
+fixes/connection-message.patch
fixes/chromedriver-revision.patch
system/icu.patch
diff --git a/debian/rules b/debian/rules
index c3fd58b..8da3679 100755
--- a/debian/rules
+++ b/debian/rules
@@ -37,25 +37,34 @@ defines+=is_debug=false \
use_ozone=false \
use_gconf=false \
use_sysroot=false \
+ use_openh264=false \
+ use_kerberos=false \
use_vulcanize=false \
+ use_custom_libcxx=false \
use_gnome_keyring=false \
+ use_unofficial_version_number=false \
rtc_libvpx_build_vp9=false \
treat_warnings_as_errors=false \
enable_nacl=false \
enable_nacl_nonsfi=false \
enable_google_now=false \
+ enable_reading_list=false \
enable_hangout_services_extension=false \
enable_iterator_debugging=false \
+ goma_dir=\"\" \
gold_path=\"\" \
linux_use_bundled_binutils=false \
# enabled features
-defines+=use_gio=true \
- use_gold=true \
+defines+=use_gold=true \
use_pulseaudio=true \
link_pulseaudio=true \
enable_widevine=true \
- use_system_freetype=true \
+ use_jumbo_build=true \
+ use_system_zlib=true \
+ use_system_lcms2=true \
+ use_system_freetype=true \
+ optimize_for_size=true \
proprietary_codecs=true \
ffmpeg_branding=\"Chrome\" \
fieldtrial_testing_like_official_build=true \
@@ -76,6 +85,9 @@ flotpaths=/usr/share/javascript/jquery/*min.js \
%:
dh $@
+out/Release/gn:
+ ./tools/gn/bootstrap/bootstrap.py -s $(njobs)
+
override_dh_auto_configure:
# output compiler information
$(CXX) --version
@@ -86,12 +98,8 @@ override_dh_auto_configure:
./debian/scripts/unbundle
mkdir -p third_party/freetype/src/src/psnames
mv pstables.h third_party/freetype/src/src/psnames
- # build gn
- ./tools/gn/bootstrap/bootstrap.py -s $(njobs)
- # configure
- ./out/Release/gn gen out/Release --args="$(defines)"
-override_dh_auto_build-arch:
+override_dh_auto_build-arch: out/Release/gn
./out/Release/gn gen out/Release --args="$(defines)"
ninja $(njobs) -C out/Release chrome chrome_sandbox content_shell chromedriver
mv out/Release/chrome out/Release/chromium || true
@@ -101,7 +109,8 @@ override_dh_auto_build-arch:
mv out/Release/locales/en-US.pak out/Release/resources || true
chmod 4755 out/Release/chrome-sandbox # suid sandbox
-override_dh_auto_build-indep:
+override_dh_auto_build-indep: out/Release/gn
+ ./out/Release/gn gen out/Release --args="$(defines)"
ninja $(njobs) -C out/Release packed_resources
rm -f out/Release/locales/en-US.pak
@@ -128,6 +137,8 @@ override_dh_fixperms:
override_dh_strip:
# skip dbgsym package for widevine to prevent duplication of the src package
dh_strip -pchromium-widevine --no-automatic-dbgsym
+ # execute dh_strip on all of the remaining packages
+ dh_strip --remaining-packages
override_dh_gencontrol:
dh_gencontrol -- -VBuilt-Using="$(shell dpkg-query -f '$${source:Package} (= $${source:Version}), ' -W libjs-jquery libjs-jquery-flot)"
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-chromium/pkg-chromium.git
More information about the Pkg-chromium-commit
mailing list