[Pkg-chromium-commit] [pkg-chromium] 04/04: release 61.0.3163.100-2

Michael Gilbert mgilbert at moszumanska.debian.org
Wed Sep 27 01:55:21 UTC 2017


This is an automated email from the git hooks/post-receive script.

mgilbert pushed a commit to branch master
in repository pkg-chromium.

commit 794aa1820460727711e534ea1042db7eebc1601d
Author: Michael Gilbert <mgilbert at debian.org>
Date:   Wed Sep 27 01:55:13 2017 +0000

    release 61.0.3163.100-2
---
 debian/README.source                          |  9 ++++++++
 debian/changelog                              | 32 +++++++++++++++++++++++++++
 debian/compat                                 |  2 +-
 debian/control                                |  3 ++-
 debian/patches/fixes/connection-message.patch | 15 +++++++++++++
 debian/patches/series                         |  1 +
 debian/rules                                  | 29 ++++++++++++++++--------
 7 files changed, 80 insertions(+), 11 deletions(-)

diff --git a/debian/README.source b/debian/README.source
new file mode 100644
index 0000000..9121070
--- /dev/null
+++ b/debian/README.source
@@ -0,0 +1,9 @@
+List all of the flags that can be passed to gn
+
+$ ./out/Release/gn args --list out/Release
+
+use_system_sqlite=true
+enable_wayland_server=true
+enable_reporting=false
+
+build/linux/sysroot_scripts
diff --git a/debian/changelog b/debian/changelog
index cb84930..8a60df8 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,35 @@
+chromium-browser (61.0.3163.100-2) unstable; urgency=medium
+
+  * Add liblcms2-dev as a build dependency (closes: #876804).
+
+ -- Michael Gilbert <mgilbert at debian.org>  Tue, 26 Sep 2017 12:54:35 +0000
+
+chromium-browser (61.0.3163.100-1) unstable; urgency=medium
+
+  * New upstream stable release (closes: #876030).
+    - CVE-2017-5111: Use after free in PDFium. Reported by Luật Nguyễn
+    - CVE-2017-5112: Heap buffer overflow in WebGL. Reported by Tobias Kleini
+    - CVE-2017-5113: Heap buffer overflow in Skia. Reported by Anonymous
+    - CVE-2017-5114: Memory lifecycle issue in PDFium. Reported by Ke Liu
+    - CVE-2017-5115: Type confusion in V8. Reported by Marco Giovannini
+    - CVE-2017-5116: Type confusion in V8. Reported by Anonymous
+    - CVE-2017-5117: Use of uninitialized value in Skia. Reported by Tobias
+      Klein
+    - CVE-2017-5118: Bypass of Content Security Policy in Blink. Reported by
+      WenXu Wu
+    - CVE-2017-5119: Use of uninitialized value in Skia. Reported by Anonymous
+    - CVE-2017-5120: Potential HTTPS downgrade during redirect navigation.
+      Reported by Xiaoyin Liu
+    - CVE-2017-5121: Out-of-bounds access in V8. Reported by Jordan Rabet
+    - CVE-2017-5122: Out-of-bounds access in V8. Reported by Choongwoo Han
+    - Adds support for gcc7 (closes: #853347).
+  * Update standards version.
+  * Use system libstdc++ instead of chromium's bundled custom libc++.
+  * Improve error message when network is unreachable (closes: #864539).
+  * Fix a mistake that lead to unstripped binary files (closes: #870531).
+
+ -- Michael Gilbert <mgilbert at debian.org>  Sun, 24 Sep 2017 20:26:02 +0000
+
 chromium-browser (60.0.3112.78-1) unstable; urgency=medium
 
   * New upstream stable release:
diff --git a/debian/compat b/debian/compat
index ec63514..f599e28 100644
--- a/debian/compat
+++ b/debian/compat
@@ -1 +1 @@
-9
+10
diff --git a/debian/control b/debian/control
index 2bbb143..695d483 100644
--- a/debian/control
+++ b/debian/control
@@ -57,6 +57,7 @@ Build-Depends:
  libgtk-3-dev,
  libgtk2.0-dev,
  libxslt1-dev,
+ liblcms2-dev,
  libpulse-dev,
  libpam0g-dev,
  libsnappy-dev,
@@ -84,7 +85,7 @@ Build-Depends:
  libgcrypt20-dev,
  fonts-ipafont-gothic,
  fonts-ipafont-mincho,
-Standards-Version: 4.0.0
+Standards-Version: 4.1.0
 
 Package: chromium
 Architecture: i386 amd64 arm64 armhf
diff --git a/debian/patches/fixes/connection-message.patch b/debian/patches/fixes/connection-message.patch
new file mode 100644
index 0000000..9bd595e
--- /dev/null
+++ b/debian/patches/fixes/connection-message.patch
@@ -0,0 +1,15 @@
+description: suggest proxy misconfiguration when nework is unreachable
+author: Michael Gilbert <mgilbert at debian.org>
+bug-debian: http://bugs.debian.org/864539
+
+--- a/components/error_page_strings.grdp
++++ b/components/error_page_strings.grdp
+@@ -52,7 +52,7 @@
+   </message>
+   <message name="IDS_ERRORPAGES_SUGGESTION_CHECK_CONNECTION_BODY" desc="When a page fails to load, sometimes we suggest checking the network connections.  This contains details below the suggestion.">
+     Check any cables and reboot any routers, modems, or other network
+-    devices you may be using.
++    devices you may be using. Also that check any proxy server currently in use is reachable and configured correctly.
+   </message>
+   <if expr="not is_ios or not is_android">
+     <message name="IDS_ERRORPAGES_SUGGESTION_DNS_CONFIG_HEADER" desc="When a page fails to load, sometimes we suggest checking the DNS configuration.  This is a header above above some details.">
diff --git a/debian/patches/series b/debian/patches/series
index 5358e68..77a85fe 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -17,6 +17,7 @@ fixes/ps-print.patch
 fixes/gpu-timeout.patch
 fixes/declaration.patch
 fixes/widevine-revision.patch
+fixes/connection-message.patch
 fixes/chromedriver-revision.patch
 
 system/icu.patch
diff --git a/debian/rules b/debian/rules
index c3fd58b..8da3679 100755
--- a/debian/rules
+++ b/debian/rules
@@ -37,25 +37,34 @@ defines+=is_debug=false \
          use_ozone=false \
          use_gconf=false \
          use_sysroot=false \
+         use_openh264=false \
+         use_kerberos=false \
          use_vulcanize=false \
+         use_custom_libcxx=false \
          use_gnome_keyring=false \
+         use_unofficial_version_number=false \
          rtc_libvpx_build_vp9=false \
          treat_warnings_as_errors=false \
          enable_nacl=false \
          enable_nacl_nonsfi=false \
          enable_google_now=false \
+         enable_reading_list=false \
          enable_hangout_services_extension=false \
          enable_iterator_debugging=false \
+         goma_dir=\"\" \
          gold_path=\"\" \
          linux_use_bundled_binutils=false \
 
 # enabled features
-defines+=use_gio=true \
-         use_gold=true \
+defines+=use_gold=true \
          use_pulseaudio=true \
          link_pulseaudio=true \
          enable_widevine=true \
-	 use_system_freetype=true \
+         use_jumbo_build=true \
+         use_system_zlib=true \
+         use_system_lcms2=true \
+         use_system_freetype=true \
+         optimize_for_size=true \
          proprietary_codecs=true \
          ffmpeg_branding=\"Chrome\" \
          fieldtrial_testing_like_official_build=true \
@@ -76,6 +85,9 @@ flotpaths=/usr/share/javascript/jquery/*min.js \
 %:
 	dh $@
 
+out/Release/gn:
+	./tools/gn/bootstrap/bootstrap.py -s $(njobs)
+
 override_dh_auto_configure:
 	# output compiler information
 	$(CXX) --version
@@ -86,12 +98,8 @@ override_dh_auto_configure:
 	./debian/scripts/unbundle
 	mkdir -p third_party/freetype/src/src/psnames
 	mv pstables.h third_party/freetype/src/src/psnames
-	# build gn
-	./tools/gn/bootstrap/bootstrap.py -s $(njobs)
-	# configure
-	./out/Release/gn gen out/Release --args="$(defines)"
 
-override_dh_auto_build-arch:
+override_dh_auto_build-arch: out/Release/gn
 	./out/Release/gn gen out/Release --args="$(defines)"
 	ninja $(njobs) -C out/Release chrome chrome_sandbox content_shell chromedriver
 	mv out/Release/chrome out/Release/chromium || true
@@ -101,7 +109,8 @@ override_dh_auto_build-arch:
 	mv out/Release/locales/en-US.pak out/Release/resources || true
 	chmod 4755 out/Release/chrome-sandbox # suid sandbox
 
-override_dh_auto_build-indep:
+override_dh_auto_build-indep: out/Release/gn
+	./out/Release/gn gen out/Release --args="$(defines)"
 	ninja $(njobs) -C out/Release packed_resources
 	rm -f out/Release/locales/en-US.pak
 
@@ -128,6 +137,8 @@ override_dh_fixperms:
 override_dh_strip:
 	# skip dbgsym package for widevine to prevent duplication of the src package
 	dh_strip -pchromium-widevine --no-automatic-dbgsym
+	# execute dh_strip on all of the remaining packages
+	dh_strip --remaining-packages
 
 override_dh_gencontrol:
 	dh_gencontrol -- -VBuilt-Using="$(shell dpkg-query -f '$${source:Package} (= $${source:Version}), ' -W libjs-jquery libjs-jquery-flot)"

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-chromium/pkg-chromium.git



More information about the Pkg-chromium-commit mailing list