[ubuntu/utopic-proposed] chromium-browser 35.0.1916.153-0ubuntu1~pkg1029 (Accepted)
Chad MILLER
chad.miller at canonical.com
Tue Jul 22 17:11:50 UTC 2014
chromium-browser (35.0.1916.153-0ubuntu1~pkg1029) utopic; urgency=medium
* Release to stage
chromium-browser (35.0.1916.153-0ubuntu1) UNRELEASED; urgency=low
* debian/patches/display-scaling-default-value: Make default scale 1:1
when no gsettings information is available. (LP: #1302155)
* debian/patches/title-bar-default-system.patch-v34: Make window
title-bar frame default to system-provided instead of custom. Again.
* debian/patches/fix-gyp-space-in-object-filename-exception.patch: Make
is deprecated, and not well supported, but we still need it.
* debian/chromium-browser.sh.in, debian/chromium-browser.dirs: Speed up
chromium startup by avoiding execution of unnecessary programs for real
this time, and also, add a place in /etc for other packages to hook into
chromium safely.
* debian/chromium-browser-customization-example,
debian/chromium-browser.sh.in: Add support for better customization of
chromium by other packages. Files in /etc/chromium-browser/customizations/
are sourced at startup time.
* debian/patches/notifications-nicer: Make buggy background-mode processes
off by default.
* 7-npapi-permission-not-defaults-to-unauthorized.patch: Fix misapplication.
Put inside linux test, not chromeos test.
* Upstream release 35.0.1916.153.
* Upstream release 34.0.1847.137:
- CVE-2014-1740: Use-after-free in WebSockets.
- CVE-2014-1741: Integer overflow in DOM ranges.
- CVE-2014-1742: Use-after-free in editing.
* Upstream release 35.0.1916.114:
- CVE-2014-1743: Use-after-free in styles.
- CVE-2014-1744: Integer overflow in audio.
- CVE-2014-1745: Use-after-free in SVG.
- CVE-2014-1746: Out-of-bounds read in media filters.
- CVE-2014-1747: UXSS with local MHTML file.
- CVE-2014-1748: UI spoofing with scrollbar.
- CVE-2014-1749: Various fixes from internal audits, fuzzing and other
initiatives.
- CVE-2014-3152: Integer underflow in V8 fixed in version 3.25.28.16.
* debian/rules: Re-enable SSE for x86.
* debian/control: Add build-dep on libkrb5-dev.
* debian/patches/gyp-make-generator-reenabled.
* Reenable webapps patches 3,5,6,7.
* Remove old, unnecessary files, debian/cdbs, debian/cdbs/scons.mk,
debian/cdbs/tarball.mk, debian/enable-dist-patches.pl,
debian/keep-alive.sh
* Remove OS condition in webapps desktop integration patches. We know
the OS.
chromium-browser (34.0.1847.116-0ubuntu2) trusty; urgency=medium
* Don't recommend pepperflashplugin-nonfree, which is in multiverse. (LP:
#1307606)
chromium-browser (34.0.1847.116-0ubuntu1) trusty; urgency=low
* New upstream release 34.0.1847.116:
- CVE-2014-1716: UXSS in V8.
- CVE-2014-1717: OOB access in V8.
- CVE-2014-1718: Integer overflow in compositor.
- CVE-2014-1719: Use-after-free in web workers.
- CVE-2014-1720: Use-after-free in DOM.
- CVE-2014-1721: Memory corruption in V8.
- CVE-2014-1722: Use-after-free in rendering.
- CVE-2014-1723: Url confusion with RTL characters.
- CVE-2014-1724: Use-after-free in speech.
- CVE-2014-1725: OOB read with window property.
- CVE-2014-1726: Local cross-origin bypass.
- CVE-2014-1727: Use-after-free in forms.
- CVE-2014-1728: Various fixes from internal audits, fuzzing and other
initiatives.
- CVE-2014-1729: Multiple vulnerabilities in V8 fixed in version
3.24.35.22.
+ Now ignores "autocomplete=off" in web forms. (LP: #1294325)
* debian/rules: Enable high-DPI. Enable touch support. These require
using Aura toolkit.
* debian/patches/gsettings-display-scaling: Get scaling factor from
gsettings.
* debian/patches/touch: Enable touch on XInput2 slave pointer touch devices.
* debian/rules, debian/chromium-browser.sh.in: If lib dir contains a dir
matching our version, then use version dir as the new lib dir. This
is an attempto to mitigate version upgrade hangs.
* debian/chromium-browser.sh.in: Add a command line parameter to diasble
pinch gestures.
* debian/patches/display-scaling-default-value: Set default scaling to 1
on hardware, because hardware often lies, but should be recoverable at 1:1.
* debian/patches/display-scaling-report-hardware-info: Log hardware reports.
* debian/rules: Emit messages on a timer to prevent dumb build-bots from
killing long, silent linker stages.
* debian/control: Add libexif-dev, libgcrypt-dev to build-deps.
* debian/control: Drop Recommend x11-xserver-utils, x11-utils .
* debian/control: Add libexif-dev to build-deps.
* debian/apport/chromium-browser.py: Convert encoded bytes to str before
splitting. Converting these to str at all is wrong, though.
* debian/patches/flash-redirection: Redirect Flash installation through
Ubuntu wiki for better user experience.
* debian/patches/clipboard: Backport a few bug fixes.
* debian/patches/title-bar-default-system.patch-v34: Temporarily disable
system menu default to avoid window initial placement that doesn't take
into consideration the title bar.
Date: Mon, 14 Jul 2014 14:01:49 -0400
Changed-By: Chad MILLER <chad.miller at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Chris Coulson <chris.coulson at canonical.com>
https://launchpad.net/ubuntu/utopic/+source/chromium-browser/35.0.1916.153-0ubuntu1~pkg1029
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Mon, 14 Jul 2014 14:01:49 -0400
Source: chromium-browser
Binary: chromium-browser chromium-browser-dbg chromium-browser-l10n chromium-codecs-ffmpeg chromium-codecs-ffmpeg-dbg chromium-codecs-ffmpeg-extra chromium-codecs-ffmpeg-extra-dbg chromium-chromedriver chromium-chromedriver-dbg
Architecture: source
Version: 35.0.1916.153-0ubuntu1~pkg1029
Distribution: utopic
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Chad MILLER <chad.miller at canonical.com>
Description:
chromium-browser - Chromium browser
chromium-browser-dbg - chromium-browser debug symbols
chromium-browser-l10n - chromium-browser language packages
chromium-chromedriver - WebDriver driver for the Chromium Browser
chromium-chromedriver-dbg - chromium-chromedriver debug symbols
chromium-codecs-ffmpeg - Free ffmpeg codecs for the Chromium Browser
chromium-codecs-ffmpeg-dbg - chromium-codecs-ffmpeg debug symbols
chromium-codecs-ffmpeg-extra - Extra ffmpeg codecs for the Chromium Browser
chromium-codecs-ffmpeg-extra-dbg - chromium-codecs-ffmpeg-extra debug symbols
Launchpad-Bugs-Fixed: 1294325 1302155 1307606
Changes:
chromium-browser (35.0.1916.153-0ubuntu1~pkg1029) utopic; urgency=medium
.
* Release to stage
.
chromium-browser (35.0.1916.153-0ubuntu1) UNRELEASED; urgency=low
.
* debian/patches/display-scaling-default-value: Make default scale 1:1
when no gsettings information is available. (LP: #1302155)
* debian/patches/title-bar-default-system.patch-v34: Make window
title-bar frame default to system-provided instead of custom. Again.
* debian/patches/fix-gyp-space-in-object-filename-exception.patch: Make
is deprecated, and not well supported, but we still need it.
* debian/chromium-browser.sh.in, debian/chromium-browser.dirs: Speed up
chromium startup by avoiding execution of unnecessary programs for real
this time, and also, add a place in /etc for other packages to hook into
chromium safely.
* debian/chromium-browser-customization-example,
debian/chromium-browser.sh.in: Add support for better customization of
chromium by other packages. Files in /etc/chromium-browser/customizations/
are sourced at startup time.
* debian/patches/notifications-nicer: Make buggy background-mode processes
off by default.
* 7-npapi-permission-not-defaults-to-unauthorized.patch: Fix misapplication.
Put inside linux test, not chromeos test.
* Upstream release 35.0.1916.153.
* Upstream release 34.0.1847.137:
- CVE-2014-1740: Use-after-free in WebSockets.
- CVE-2014-1741: Integer overflow in DOM ranges.
- CVE-2014-1742: Use-after-free in editing.
* Upstream release 35.0.1916.114:
- CVE-2014-1743: Use-after-free in styles.
- CVE-2014-1744: Integer overflow in audio.
- CVE-2014-1745: Use-after-free in SVG.
- CVE-2014-1746: Out-of-bounds read in media filters.
- CVE-2014-1747: UXSS with local MHTML file.
- CVE-2014-1748: UI spoofing with scrollbar.
- CVE-2014-1749: Various fixes from internal audits, fuzzing and other
initiatives.
- CVE-2014-3152: Integer underflow in V8 fixed in version 3.25.28.16.
* debian/rules: Re-enable SSE for x86.
* debian/control: Add build-dep on libkrb5-dev.
* debian/patches/gyp-make-generator-reenabled.
* Reenable webapps patches 3,5,6,7.
* Remove old, unnecessary files, debian/cdbs, debian/cdbs/scons.mk,
debian/cdbs/tarball.mk, debian/enable-dist-patches.pl,
debian/keep-alive.sh
* Remove OS condition in webapps desktop integration patches. We know
the OS.
.
chromium-browser (34.0.1847.116-0ubuntu2) trusty; urgency=medium
.
* Don't recommend pepperflashplugin-nonfree, which is in multiverse. (LP:
#1307606)
.
chromium-browser (34.0.1847.116-0ubuntu1) trusty; urgency=low
.
* New upstream release 34.0.1847.116:
- CVE-2014-1716: UXSS in V8.
- CVE-2014-1717: OOB access in V8.
- CVE-2014-1718: Integer overflow in compositor.
- CVE-2014-1719: Use-after-free in web workers.
- CVE-2014-1720: Use-after-free in DOM.
- CVE-2014-1721: Memory corruption in V8.
- CVE-2014-1722: Use-after-free in rendering.
- CVE-2014-1723: Url confusion with RTL characters.
- CVE-2014-1724: Use-after-free in speech.
- CVE-2014-1725: OOB read with window property.
- CVE-2014-1726: Local cross-origin bypass.
- CVE-2014-1727: Use-after-free in forms.
- CVE-2014-1728: Various fixes from internal audits, fuzzing and other
initiatives.
- CVE-2014-1729: Multiple vulnerabilities in V8 fixed in version
3.24.35.22.
+ Now ignores "autocomplete=off" in web forms. (LP: #1294325)
* debian/rules: Enable high-DPI. Enable touch support. These require
using Aura toolkit.
* debian/patches/gsettings-display-scaling: Get scaling factor from
gsettings.
* debian/patches/touch: Enable touch on XInput2 slave pointer touch devices.
* debian/rules, debian/chromium-browser.sh.in: If lib dir contains a dir
matching our version, then use version dir as the new lib dir. This
is an attempto to mitigate version upgrade hangs.
* debian/chromium-browser.sh.in: Add a command line parameter to diasble
pinch gestures.
* debian/patches/display-scaling-default-value: Set default scaling to 1
on hardware, because hardware often lies, but should be recoverable at 1:1.
* debian/patches/display-scaling-report-hardware-info: Log hardware reports.
* debian/rules: Emit messages on a timer to prevent dumb build-bots from
killing long, silent linker stages.
* debian/control: Add libexif-dev, libgcrypt-dev to build-deps.
* debian/control: Drop Recommend x11-xserver-utils, x11-utils .
* debian/control: Add libexif-dev to build-deps.
* debian/apport/chromium-browser.py: Convert encoded bytes to str before
splitting. Converting these to str at all is wrong, though.
* debian/patches/flash-redirection: Redirect Flash installation through
Ubuntu wiki for better user experience.
* debian/patches/clipboard: Backport a few bug fixes.
* debian/patches/title-bar-default-system.patch-v34: Temporarily disable
system menu default to avoid window initial placement that doesn't take
into consideration the title bar.
Checksums-Sha1:
ccb279274e283c2cac14ebd20b391a9d381a97d8 2621 chromium-browser_35.0.1916.153-0ubuntu1~pkg1029.dsc
b67959f8c2f1e154810e6470825bac2670cf536b 206225052 chromium-browser_35.0.1916.153.orig.tar.xz
67a415ef457aedc248b14ea9d556f2e0512f343a 396460 chromium-browser_35.0.1916.153-0ubuntu1~pkg1029.debian.tar.gz
Checksums-Sha256:
b0a26cf63f219fe4716a8b2310661bb78bc92a07fc1d5a5ddaaa83c0941bf097 2621 chromium-browser_35.0.1916.153-0ubuntu1~pkg1029.dsc
280ceb4307ba334918aacd1c5672e6ce6538bf229f90415245ede5b569e5e70e 206225052 chromium-browser_35.0.1916.153.orig.tar.xz
1d33d7a88395f944719f4ae4dbabf9c3b9e5a2ee7ce75bac73990ce6c3c9de34 396460 chromium-browser_35.0.1916.153-0ubuntu1~pkg1029.debian.tar.gz
Files:
c80b69e5f7e60198bef1f25150a35904 2621 web optional chromium-browser_35.0.1916.153-0ubuntu1~pkg1029.dsc
087498607daf35725b8c8cfc53749cf6 206225052 web optional chromium-browser_35.0.1916.153.orig.tar.xz
57197ca66db58ede3c0a07788157c552 396460 web optional chromium-browser_35.0.1916.153-0ubuntu1~pkg1029.debian.tar.gz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAEBAgAGBQJTzppUAAoJEGEfvezVlG4PM/UIAKvHcwxliElmHxhZ7OSagHIp
WK817EBL6nJCh+A2hiaLUQu3dPYv3uH1epBDpu4LwhUfJLFfYqaPncle5vcFs13t
T+htniS/PjdcrdMu/XBWzHGxTrGJhMWX3qGondF1g+OIZOLJ75klhGd4nqIx4o9N
696WPx9f6W21LaSsxpD+ZjzldVxc+w/TDSXv+5DCHtztiCqXVdA/GiKEI0uIO0cd
pUl+23y4iGgs2Xe4E3gv311gxKr5Vx+Ps9IBogZKZKJPI9L8DEkVMbTqyp4lRAcI
UKJHHWDD7K+VqNA4Avtcc83Ox/rpmEMtI4vbC21XUv2uBYA4iCotkWNDyZUzees=
=LVKP
-----END PGP SIGNATURE-----
More information about the Utopic-changes
mailing list