lp://qastaging/~chrisccoulson/chromium-browser/ppa-chromium-browser.precise.stable
- Get this branch:
- bzr branch lp://qastaging/~chrisccoulson/chromium-browser/ppa-chromium-browser.precise.stable
Branch merges
Branch information
Recent revisions
- 836. By Chris Coulson
-
debian/rules: Disable tcmalloc on all component builds, not just on
arm builds - 834. By Chad Miller
-
* New stable release 28.0.1500.45
* New stable release 27.0.1453.110:
- CVE-2013-2855: Memory corruption in dev tools API.
- CVE-2013-2856: Use-after-free in input handling.
- CVE-2013-2857: Use-after-free in image handling.
- CVE-2013-2858: Use-after-free in HTML5 Audio.
- CVE-2013-2859: Cross-origin namespace pollution.
- CVE-2013-2860: Use-after-free with workers accessing database APIs.
- CVE-2013-2861: Use-after-free with SVG.
- CVE-2013-2862: Memory corruption in Skia GPU handling.
- CVE-2013-2863: Memory corruption in SSL socket handling.
- CVE-2013-2864: Bad free in PDF viewer.
safe-browsing- sigbus. patch
dont-assume- cross-compile- on-arm. patch
struct-siginfo. patch
ld-memory- 32bit.patch
dlopen_sonamed_ gl.patch
* Exclude included XDG files even if they are built.
* Use NEON instructions on ARM, optionally. This might use run-time checks
for hardware capability, but even if it doesn't we can add it later.
* Clean up difference checks in debian/rules that make sure that all files
that the build makes are used in packages, and no longer hide any, and no
longer consider it an error if some are unused. Treat it as a warning,
not a fatality.
* Use legible shell instead of make-generated shell in setting the rpath
in rules. - 833. By Chad Miller
-
About 32-bit component libraries, fix a libdir path bug in
debian/chromium- browser. sh.in . No longer try to use system libraries. Generally, Security Team would
hate bundled libraries because they provide a wide liability, but
Chromium Project is pretty good about maintaining their bundled-source
libraries. We can not pull cr-required lib versions forward in older
Ubuntus, and we can't guarantee all the distro versions of libraries work
with chromium-browser. The default security policy might be worse. Bundled
libraries is less work overall. - 831. By Chad Miller
-
* New stable release 27.0.1453.93:
- CVE-2013-2837: Use-after-free in SVG.
- CVE-2013-2838: Out-of-bounds read in v8.
- CVE-2013-2839: Bad cast in clipboard handling.
- CVE-2013-2840: Use-after-free in media loader.
- CVE-2013-2841: Use-after-free in Pepper resource handling.
- CVE-2013-2842: Use-after-free in widget handling.
- CVE-2013-2843: Use-after-free in speech handling.
- CVE-2013-2844: Use-after-free in style resolution.
- CVE-2013-2845: Memory safety issues in Web Audio.
- CVE-2013-2846: Use-after-free in media loader.
- CVE-2013-2847: Use-after-free race condition with workers.
- CVE-2013-2848: Possible data extraction with XSS Auditor.
- CVE-2013-2849: Possible XSS with drag+drop or copy+paste.
* Drop unneeded patches,
safe-browsing- sigbus. patch
dont-assume- cross-compile- on-arm. patch
struct-siginfo. patch
ld-memory-32bit.patch
* Update webapps patches.
* Update arm-neon patch, format-flag patch, search-credit patch,
title-bar-system- default patch.
* Make get-orig-source nicer. Package tarball contents from upstream
correctly. - 829. By Chad Miller
-
* Add a lp:app-install-data-ubuntu flag that names the package. Update
debian/chromium- browser. desktop .
* Remove full path from freedesktop default-apps file. Update
debian/chromium- browser. xml . - 828. By Chad Miller
-
* Use more system libraries, libxml, libjpeg, bzip2, libxslt, v8, flac,
libevent, protobuf, speex, xdg_utils, yasm, but not a few others -- in
particular,
- libpng causes render hangs,
- sqlite causes link failures.
* GCC doesn't allow -Wno-format with hardening -Werror=format- security .
Add debian/patches/ format- flag.patch .
* Since we're Depending on xdg-settings, don't try to install one from
upstream. Change debian/chromium- browser. install .
* Invert sense of a quantal+ test so that we don't have to track things
forever. Name things we know about, instead of things that don't exist
yet. Update debian/rules .
* Drop old unused sizes of icons to install from debian/rules .
* Always default chromium to using the system title bar. Add
debian/patches/ title-bar- default- system. patch . - 827. By Chad Miller
-
* Work arround missing Apparmour feature. Set environment explicitly
to disallow breaking out of apparmor protection. (LP: #1045986)
* Use system libv8.
- Build-depend on specific version or greater. Update debian/control .
* Use more system libraries, libxml, libjpeg, bzip2, libxslt, v8.
but not a few others in particular,
- libpng causes render hangs
- sqlite causes link failures
Updating debian/rules, and dropping the removed ones from debian/control .
* debian/rules:
- Use actual original upstream tarball. No SVN snapshots, no gclient.
- Rip out compiler-targeting. All versions should work.
- Always use sandbox. It shouldn't be an option. Nothing works without it
any more.
* Drop build-dep on subversion. Not required with pristing orig.tar
get-original-source.
* Simpify debian/rules and use the built-in parameter for telling GYP config
to include debug symbols.
* Include upstream patch debian/patches/ ld-memory- 32bit.patch that makes
32 bit machines more likely to use BDF linker and include parameters
that make it more memory efficient.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)