lp://staging/~pali/chromium-browser/precise-working

Branch merges

Propose for merging

No branches dependent on this one.

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related bugs

Related blueprints

980. By Pali on 2015-09-28

Disable patch ld-memory-32bit.patch

979. By Pali on 2015-09-28

Fix patch ld-memory-32bit.patch

978. By Pali on 2015-09-28

* Upstream release 45.0.2454.85

977. By Pali on 2015-09-28

Fix gcc ABI for precise

976. By Chad Miller on 2015-07-28

* debian/control: codec library packages replace the libffmpeg.so that
  was in chromium packages before now.
* debian/control: codec packages can't reasonably be updated separately
  than chromium. Depend with version specification also.

975. By Chad Miller on 2015-07-28

Re-add accidentally deleted lib copy line.

974. By Chad Miller on 2015-07-28

* Upstream release 44.0.2403.89: (LP: #1477662)
  - CVE-2015-1271: Heap-buffer-overflow in pdfium.
  - CVE-2015-1273: Heap-buffer-overflow in pdfium.
  - CVE-2015-1274: Settings allowed executable files to run immediately
    after download.
  - CVE-2015-1275: UXSS in Chrome for Android.
  - CVE-2015-1276: Use-after-free in IndexedDB.
  - CVE-2015-1279: Heap-buffer-overflow in pdfium.
  - CVE-2015-1280: Memory corruption in skia.
  - CVE-2015-1281: CSP bypass.
  - CVE-2015-1282: Use-after-free in pdfium.
  - CVE-2015-1283: Heap-buffer-overflow in expat.
  - CVE-2015-1284: Use-after-free in blink.
  - CVE-2015-1286: UXSS in blink.
  - CVE-2015-1287: SOP bypass with CSS.
  - CVE-2015-1270: Uninitialized memory read in ICU.
  - CVE-2015-1272: Use-after-free related to unexpected GPU process
    termination.
  - CVE-2015-1277: Use-after-free in accessibility.
  - CVE-2015-1278: URL spoofing using pdf files.
  - CVE-2015-1285: Information leak in XSS auditor.
  - CVE-2015-1288: Spell checking dictionaries fetched over HTTP.
  - CVE-2015-1289: Various fixes from internal audits, fuzzing and other
    initiatives.
* debian/rules, debian/chromium-codecs-ffmpeg{,-extra}.install: ffmpeg is a
  first-class component library now, not a special snowflake. Still, build
  it differently, but build flags are different.
* debian/tests/smoketest-actual: Remove some innocuous mentions of "error"
  before testing for actual errors.
[Chad Miller]
* Upstream release 43.0.2357.130:
  - CVE-2015-1266: Scheme validation error in WebUI.
  - CVE-2015-1268: Cross-origin bypass in Blink.
  - CVE-2015-1267: Cross-origin bypass in Blink.
  - CVE-2015-1269: Normalization error in HSTS/HPKP preload list.
* debian/tests/smoketest-actual: Capture web-server log so we can
  get port and test retreival. Fixes autopkgtest failures.
* debian/patches/widevine-other-locations: Search Chrome install
  location to find widevine plugins.
* Use new Flash plugin name in apport collector.
* debian/patches/gpu_default_disabled: Make GPU activation a (default off)
  preference instead of blacklisting.
[Iain Lane]
* Test fixes.
* debian/tests/control: Add a test-dep on python3-httplib2 and dbus-x11
  which are required by the testsuite.
* debian/tests/smoketest-actual: Redirect webserver-out and webserver-err so
  that the test can read these.

973. By Chad Miller on 2015-07-01

Add Webkit linking to be smarter for bit-starved machines.

972. By Chad Miller on 2015-06-30

Replace patch name.

971. By Chad Miller on 2015-06-30

[Chad Miller]
* Upstream release 43.0.2357.130:
  - CVE-2015-1266: Scheme validation error in WebUI.
  - CVE-2015-1268: Cross-origin bypass in Blink.
  - CVE-2015-1267: Cross-origin bypass in Blink.
  - CVE-2015-1269: Normalization error in HSTS/HPKP preload list.
* debian/tests/smoketest-actual: Capture web-server log so we can
  get port and test retreival. Fixes autopkgtest failures.
* debian/patches/widevine-other-locations: Search Chrome install
  location to find widevine plugins.
* Use new Flash plugin name in apport collector.
* debian/patches/gpu_default_disabled: Make GPU activation a (default off)
  preference instead of blacklisting.
[Iain Lane]
* Test fixes.
* debian/tests/control: Add a test-dep on python3-httplib2 and dbus-x11
  which are required by the testsuite.
* debian/tests/smoketest-actual: Redirect webserver-out and webserver-err so
  that the test can read these.
* Upstream release 43.0.2357.81.
  - "Icons not displaying properly on Linux" (LP: #1449063)
* Upstream release 43.0.2357.65:
  - CVE-2015-1252: Sandbox escape in Chrome.
  - CVE-2015-1253: Cross-origin bypass in DOM.
  - CVE-2015-1254: Cross-origin bypass in Editing.
  - CVE-2015-1255: Use-after-free in WebAudio.
  - CVE-2015-1256: Use-after-free in SVG.
  - CVE-2015-1251: Use-after-free in Speech.
  - CVE-2015-1257: Container-overflow in SVG.
  - CVE-2015-1258: Negative-size parameter in Libvpx.
  - CVE-2015-1259: Uninitialized value in PDFium.
  - CVE-2015-1260: Use-after-free in WebRTC.
  - CVE-2015-1261: URL bar spoofing.
  - CVE-2015-1262: Uninitialized value in Blink.
  - CVE-2015-1263: Insecure download of spellcheck dictionary.
  - CVE-2015-1264: Cross-site scripting in bookmarks.
  - CVE-2015-1265: Various fixes from internal audits, fuzzing and other
    initiatives.
  - Multiple vulnerabilities in V8 fixed at the tip of the 4.3 branch
    (currently 4.3.61.21).
* debian/patches/display-scaling-report-hardware-info: removed, unnecessary.
* debian/patches/coordinate-space-map: removed, unnecessary.
* debian/patches/enable_vaapi_on_linux.diff: Temporarily disable patch until
  ARM works.
* debian/chromium-browser.sh.in: Add --verbose to get logging info.
* debian/patches/{notifications-nicer,mir-support}: disable unnecessary
  patches.
* debian/control, debian/chromium-browser.sh.in: Prompt nothing about
  Flash plugin. Send Help clicks to Wiki instead.
* Upstream release 42.0.2311.135:
  - CVE-2015-1243: Use-after-free in DOM.
  - CVE-2015-1250: Various fixes from internal audits, fuzzing and other
    initiatives.
* Upstream release 42.0.2311.90:
  - CVE-2015-1235: Cross-origin-bypass in HTML parser.
  - CVE-2015-1236: Cross-origin-bypass in Blink.
  - CVE-2015-1237: Use-after-free in IPC.
  - CVE-2015-1238: Out-of-bounds write in Skia.
  - CVE-2015-1240: Out-of-bounds read in WebGL.
  - CVE-2015-1241: Tap-Jacking.
  - CVE-2015-1242: Type confusion in V8.
  - CVE-2015-1244: HSTS bypass in WebSockets.
  - CVE-2015-1245: Use-after-free in PDFium.
  - CVE-2015-1247: Scheme issues in OpenSearch.
  - CVE-2015-1248: SafeBrowsing bypass.
* Upstream release 41.0.2272.118:
  - CVE-2015-1233: A special thanks to Anonymous for a combination of V8,
    Gamepad and IPC bugs that can lead to remote code execution outside of
    the sandbox.
  - CVE-2015-1234: Buffer overflow via race condition in GPU.
* Change assumed X-resource DPI from 108 to 96. That's closer to 100.
* Autopkgtest now depends on x11-apps to get xwd. Make smoketest exit val
  nonzero on failure.
* debian/generate-snappy.mk, debian/rules: Start to generate snap packages
  if available.
* debian/chromium-browser.sh.in: Test for /etc/ dir before listing it.
* debian/chromium-browser.sh.in,
  debian/chromium-browser-etc-customizations-flash-staleness: Ask sudo users
  to update flash player.
* debian/chromium-browser-etc-customizations-flash-staleness: Pass only one
  flash-player start param to chromium. Prefer the new one.
* debian/patches/arm-neon.patch: exclude new armv7=neon assumptions.
* debian/patches/all_gpus_blacklisted: AMD, Intel, and NVIDIA cards all
  contribute to the largest crash report in errors.ubuntu.com. Let's disable
  GPUs for now.
* debian/chromium-browser.sh.in: Presence of old Flash is not a reason
  to suggest new plugin. If new plugin exists, be silent. Do not rely on
  new plugin to Conflicts and remove all the old bad ones.
* debian/patches/enable_vaapi_on_linux.diff: Enable video acceleration
  library.
* debian/patches/fix_building_widevinecdm_with_chromium.patch: If
  exterior-sourced widevine library exists at run-time, use it.