lp:~chrisccoulson/chromium-browser/ppa-chromium-browser.quantal.stable

Created by Chris Coulson on 2013-06-26 and last modified on 2013-06-26
Get this branch:
bzr branch lp:~chrisccoulson/chromium-browser/ppa-chromium-browser.quantal.stable
Only Chris Coulson can upload to this branch. If you are Chris Coulson please log in for upload directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Chris Coulson
Project:
Chromium Browser
Status:
Development

Recent revisions

849. By Chris Coulson on 2013-06-26

debian/rules: Disable tcmalloc on all component builds, not just on
arm builds

848. By Chad Miller on 2013-06-21

New stable release 28.0.1500.52

847. By Chad Miller on 2013-06-21

Add new build-dep, "chrpath".

846. By Chad Miller on 2013-06-20

* New stable release 28.0.1500.45
* New stable release 27.0.1453.110:
  - CVE-2013-2855: Memory corruption in dev tools API.
  - CVE-2013-2856: Use-after-free in input handling.
  - CVE-2013-2857: Use-after-free in image handling.
  - CVE-2013-2858: Use-after-free in HTML5 Audio.
  - CVE-2013-2859: Cross-origin namespace pollution.
  - CVE-2013-2860: Use-after-free with workers accessing database APIs.
  - CVE-2013-2861: Use-after-free with SVG.
  - CVE-2013-2862: Memory corruption in Skia GPU handling.
  - CVE-2013-2863: Memory corruption in SSL socket handling.
  - CVE-2013-2864: Bad free in PDF viewer.
    safe-browsing-sigbus.patch
    dont-assume-cross-compile-on-arm.patch
    struct-siginfo.patch
    ld-memory-32bit.patch
    dlopen_sonamed_gl.patch
* Temporarily disable webapps patches.
* Reenable dyn-linking of major components of chromium for 32-bit machines.
  Fix a libdir path bug in debian/chromium-browser.sh.in .
* No longer try to use system libraries. Generally, Security Team would
  hate bundled libraries because they provide a wide liability, but
  Chromium Project is pretty good about maintaining their bundled-source
  libraries. We can not pull cr-required lib versions forward in older
  Ubuntus, and we can't guarantee all the distro versions of libraries work
  with chromium-browser. The default security policy might be worse. Bundled
  libraries is less work overall.
* Exclude included XDG files even if they are built.
* Use NEON instructions on ARM, optionally. This might use run-time checks
  for hardware capability, but even if it doesn't we can add it later.
* Clean up difference checks in debian/rules that make sure that all files
  that the build makes are used in packages, and no longer hide any, and no
  longer consider it an error if some are unused. Treat it as a warning,
  not a fatality.
* Use legible shell instead of make-generated shell in setting the rpath
  in rules.

845. By Chad Miller on 2013-06-01

* New stable release 27.0.1453.93:
  - CVE-2013-2837: Use-after-free in SVG.
  - CVE-2013-2838: Out-of-bounds read in v8.
  - CVE-2013-2839: Bad cast in clipboard handling.
  - CVE-2013-2840: Use-after-free in media loader.
  - CVE-2013-2841: Use-after-free in Pepper resource handling.
  - CVE-2013-2842: Use-after-free in widget handling.
  - CVE-2013-2843: Use-after-free in speech handling.
  - CVE-2013-2844: Use-after-free in style resolution.
  - CVE-2013-2845: Memory safety issues in Web Audio.
  - CVE-2013-2846: Use-after-free in media loader.
  - CVE-2013-2847: Use-after-free race condition with workers.
  - CVE-2013-2848: Possible data extraction with XSS Auditor.
  - CVE-2013-2849: Possible XSS with drag+drop or copy+paste.
* Drop unneeded patches,
  safe-browsing-sigbus.patch
  dont-assume-cross-compile-on-arm.patch
  struct-siginfo.patch
  ld-memory-32bit.patch
* Update webapps patches.
* Update arm-neon patch, format-flag patch, search-credit patch,
  title-bar-system-default patch.
* Make get-orig-source nicer. Package tarball contents from upstream
  correctly.
* Update webapps patches.

844. By Chad Miller on 2013-05-20

Work around SEGV on ARMHF that's caused by tcmalloc.

843. By Chad Miller on 2013-05-10

Null merge.

842. By Chad Miller on 2013-05-10

Set version number correctly.

841. By Chad Miller on 2013-05-10

* Add a lp:app-install-data-ubuntu flag that names the package. Update
  debian/chromium-browser.desktop .
* Remove full path from freedesktop default-apps file. Update
  debian/chromium-browser.xml .

840. By Chad Miller on 2013-05-08

* Use more system libraries, libxml, libjpeg, bzip2, libxslt, v8, flac,
  libevent, protobuf, speex, xdg_utils, yasm, but not a few others -- in
  particular,
    - libpng causes render hangs,
    - sqlite causes link failures.
* GCC doesn't allow -Wno-format with hardening -Werror=format-security .
  Add debian/patches/format-flag.patch .
* Since we're Depending on xdg-settings, don't try to install one from
  upstream. Change debian/chromium-browser.install .
* Invert sense of a quantal+ test so that we don't have to track things
  forever. Name things we know about, instead of things that don't exist
  yet. Update debian/rules .
* Drop old unused sizes of icons to install from debian/rules .
* Always default chromium to using the system title bar. Add
  debian/patches/title-bar-default-system.patch .

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
This branch contains Public information 
Everyone can see this information.

Subscribers