lp://staging/~chromium-team/chromium-browser/quantal-working

Branch merges

Propose for merging

No branches dependent on this one.

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related bugs

Related blueprints

904. By Chad Miller on 2014-04-26

* debian/rules: Disable new feature Notifications Center, as it clutters
  desktop without nicely theming or being killable.
* debian/patches/display-scaling-default-value: Make default scale 1:1
  when no gsettings information is available. (LP: #1302155)
* debian/patches/title-bar-default-system.patch-v34: Make window
  title-bar frame default to system-provided instead of custom. Again.
* New upstream release 34.0.1847.131.

903. By Chad Miller on 2014-04-15

null merge

902. By Chad Miller on 2014-04-14

Un-add suggestions from R+.

901. By Chad Miller on 2014-04-14

Drop Recommend pepperflashplugin-nonfree. It doesn't do what users expect anyway.

900. By Chad Miller on 2014-04-14

Kill patch in arm-neon.patch that prevnts neon compilation.

899. By Chad Miller on 2014-04-13

Fix skia arm bug. no-neon or optional-neon need non-neon memset.

898. By Chad Miller on 2014-04-11

debian/patches/clipboard: Backport a few bug fixes.

897. By Chad Miller on 2014-04-11

Unify cross-compiling.

896. By Chad Miller on 2014-04-09

* New upstream release 34.0.1847.116:
  - CVE-2014-1716: UXSS in V8.
  - CVE-2014-1717: OOB access in V8.
  - CVE-2014-1718: Integer overflow in compositor.
  - CVE-2014-1719: Use-after-free in web workers.
  - CVE-2014-1720: Use-after-free in DOM.
  - CVE-2014-1721: Memory corruption in V8.
  - CVE-2014-1722: Use-after-free in rendering.
  - CVE-2014-1723: Url confusion with RTL characters.
  - CVE-2014-1724: Use-after-free in speech.
  - CVE-2014-1725: OOB read with window property.
  - CVE-2014-1726: Local cross-origin bypass.
  - CVE-2014-1727: Use-after-free in forms.
  - CVE-2014-1728: Various fixes from internal audits, fuzzing and other
    initiatives.
  - CVE-2014-1729: Multiple vulnerabilities in V8 fixed in version
    3.24.35.22.
  + Now ignores "autocomplete=off" in web forms. (LP: #1294325)
* debian/rules: Enable high-DPI. Enable touch support. These require
  using Aura toolkit.
* debian/patches/gsettings-display-scaling: Get scaling factor from
  gsettings.
* debian/patches/touch: Enable touch on XInput2 slave pointer touch devices.
* debian/rules, debian/chromium-browser.sh.in: If lib dir contains a dir
  matching our version, then use version dir as the new lib dir. This
  is an attempto to mitigate version upgrade hangs.
* debian/chromium-browser.sh.in: Add a command line parameter to diasble
  pinch gestures.
* debian/patches/display-scaling-default-value: Set default scaling to 1
  on hardware, because hardware often lies, but should be recoverable at 1:1.
* debian/patches/display-scaling-report-hardware-info: Log hardware reports.
* debian/rules: Emit messages on a timer to prevent dumb build-bots from
  killing long, silent linker stages.
* debian/control: Add libexif-dev, libgcrypt-dev to build-deps.
* debian/control: Add Recommend pepperflashplugin-nonfree . NPAPI is dying.
* debian/control: Drop Recommend x11-xserver-utils, x11-utils .
* debian/control: Add libexif-dev to build-deps.
* debian/apport/chromium-browser.py: Convert encoded bytes to str before
  splitting. Converting these to str at all is wrong, though.

895. By Chad Miller on 2014-03-15

* debian/rules: Move log-removal into the section for "release" builds only.
* Upstream release 33.0.1750.152:
  - CVE-2014-1713: Code execution outside sandbox. Use-after-free in Blink
    bindings.
  - CVE-2014-1714: Code execution outside sandbox. Windows clipboard
    vulnerability.
  - CVE-2014-1705: Code execution outside sandbox. Memory corruption in V8.
  - CVE-2014-1715: Code execution outside sandbox. Directory traversal issue.