Created by James Westby and last modified
Get this branch:
bzr branch lp:ubuntu/precise/chromium-browser
Members of Ubuntu branches can upload to this branch. Log in for directions.

Related bugs

Related blueprints

Branch information

Ubuntu branches

Recent revisions

53. By Micah Gersten

* New upstream release from the Stable Channel (LP: #881786)
  - This release fixes a regression with regard to logging into certain

52. By Micah Gersten

* New upstream release from the Stable Channel (LP: #881786)
  - fix LP: #881607 - Error initializing NSS without a persistent database
  This release fixes the following security issues:
  - [86758] High CVE-2011-2845: URL bar spoof in history handling. Credit to
    Jordi Chancel.
  - [88949] Medium CVE-2011-3875: URL bar spoof with drag+drop of URLs. Credit
    to Jordi Chancel.
  - [90217] Low CVE-2011-3876: Avoid stripping whitespace at the end of
    download filenames. Credit to Marc Novak.
  - [91218] Low CVE-2011-3877: XSS in appcache internals page. Credit to
    Google Chrome Security Team (Tom Sepez) plus independent discovery by
    Juho Nurminen.
  - [94487] Medium CVE-2011-3878: Race condition in worker process
    initialization. Credit to miaubiz.
  - [95374] Low CVE-2011-3879: Avoid redirect to chrome scheme URIs. Credit to
    Masato Kinugawa.
  - [95992] Low CVE-2011-3880: Don’t permit as a HTTP header delimiter. Credit
    to Vladimir Vorontsov, ONsec company.
  - [96047] [96885] [98053] [99512] [99750] High CVE-2011-3881: Cross-origin
    policy violations. Credit to Sergey Glazunov.
  - [96292] High CVE-2011-3882: Use-after-free in media buffer handling.
    Credit to Google Chrome Security Team (Inferno).
  - [96902] High CVE-2011-3883: Use-after-free in counter handling. Credit to
  - [97148] High CVE-2011-3884: Timing issues in DOM traversal. Credit to
    Brian Ryner of the Chromium development community.
  - [97599] [98064] [98556] [99294] [99880] [100059] High CVE-2011-3885: Stale
    style bugs leading to use-after-free. Credit to miaubiz.
  - [98773] [99167] High CVE-2011-3886: Out of bounds writes in v8. Credit to
    Christian Holler.
  - [98407] Medium CVE-2011-3887: Cookie theft with javascript URIs. Credit to
    Sergey Glazunov.
  - [99138] High CVE-2011-3888: Use-after-free with plug-in and editing.
    Credit to miaubiz.
  - [99211] High CVE-2011-3889: Heap overflow in Web Audio. Credit to miaubiz.
  - [99553] High CVE-2011-3890: Use-after-free in video source handling.
    Credit to Ami Fischman of the Chromium development community.
  - [100332] High CVE-2011-3891: Exposure of internal v8 functions. Credit to
    Steven Keuchel of the Chromium development community plus independent
    discovery by Daniel Divricean.

[ Micah Gersten <email address hidden> ]
* Switch to xz debs; Add Pre-Depends on dpkg >= 1.15.6 which is needed
  until after Precise
  - update debian/rules
  - update debian/control

[ Chris Coulson <email address hidden> ]
* Refresh patches
  - update debian/patches/dlopen_sonamed_gl.patch
  - update debian/patches/webkit_rev_parser.patch
* Dropped patches, fixed upstream
  - remove debian/patches/cups_1.5_build_fix.patch
  - update debian/patches/series
* Don't depend on cdbs being installed to create a tarball
  - update debian/rules
  - update debian/cdbs/tarball.mk

[ Fabien Tassin ]
* Disable NaCl until we figure out what to do with the private toolchain
  - update debian/rules
* Do not install the pseudo_locales files in the debs
  - update debian/rules
* Add python-simplejson to Build-depends. This is needed by NaCl even with
  NaCl disabled, so this is a temporary workaround to unbreak the build, it
  must be fixed upstream
  - update debian/control

51. By Micah Gersten

* Switch maintainer to Ubuntu Developers; Thanks to Fabien Tassin for all
  his work on this package
  - update debian/control
* Switch to internal libvpx; This makes updating easier after release
  - update debian/rules
* Drop build dependency on libvpx due to the switch to internal libvpx
  - update debian/control
* Switch to default libjpeg
  - update debian/control
* Update Vcs-Bzr for precise
  - update debian/control

50. By Micah Gersten

* New upstream release from the Stable Channel (LP: #858744)
  This release fixes the following security issues:
  + Chromium issues (13.0.782.220):
    - Trust in Diginotar Intermediate CAs revoked
  + Chromium issues (14.0.835.163):
    - [49377] High CVE-2011-2835: Race condition in the certificate cache.
      Credit to Ryan Sleevi.
    - [57908] Low CVE-2011-2837: Use PIC / pie compiler flags. Credit to
    - [75070] Low CVE-2011-2838: Treat MIME type more authoritatively when
      loading plug-ins. Credit to Michal Zalewski.
    - [78639] High CVE-2011-2841: Garbage collection error in PDF. Credit to
      Mario Gomes.
    - [82438] Medium CVE-2011-2843: Out-of-bounds read with media buffers.
      Credit to Kostya Serebryany.
    - [85041] Medium CVE-2011-2844: Out-of-bounds read with mp3 files. Credit
      to Mario Gomes.
    - [89564] Medium CVE-2011-2848: URL bar spoof with forward button. Credit
      to Jordi Chancel.
    - [89795] Low CVE-2011-2849: Browser NULL pointer crash with WebSockets.
      Credit to Arthur Gerkis.
    - [90134] Medium CVE-2011-2850: Out-of-bounds read with Khmer characters.
      Credit to miaubiz.
    - [90173] Medium CVE-2011-2851: Out-of-bounds read in video handling.
      Credit to Google Chrome Security Team (Inferno).
    - [91197] High CVE-2011-2853: Use-after-free in plug-in handling. Credit
      to Google Chrome Security Team (SkyLined).
    - [93497] Medium CVE-2011-2859: Incorrect permissions assigned to
      non-gallery pages. Credit to Bernhard ‘Bruhns’ Brehm
    - [93596] Medium CVE-2011-2861: Bad string read in PDF. Credit to Aki
      Helin of OUSPG.
    - [95563] Medium CVE-2011-2864: Out-of-bounds read with Tibetan
      characters. Credit to Google Chrome Security Team (Inferno).
    - [95625] Medium CVE-2011-2858: Out-of-bounds read with triangle arrays.
      Credit to Google Chrome Security Team (Inferno).
    - [95917] Low CVE-2011-2874: Failure to pin a self-signed cert for a
      session. Credit to Nishant Yadant and Craig Chamberlain (@randomuserid).
  + Chromium issues (14.0.835.202):
    - [95671] High CVE-2011-2878: Inappropriate cross-origin access to the
      window prototype. Credit to Sergey Glazunov.
    - [96150] High CVE-2011-2879: Lifetime and threading issues in audio node
      handling. Credit to Google Chrome Security Team (Inferno).
    - [98089] Critical CVE-2011-3873: Memory corruption in shader translator.
      Credit to Zhenyao Mo.
  + Webkit issues (14.0.835.163):
    - [78427] [83031] Low CVE-2011-2840: Possible URL bar spoofs with unusual
      user interaction. Credit to kuzzcc.
    - [89219] High CVE-2011-2846: Use-after-free in unload event handling.
      Credit to Arthur Gerkis.
    - [89330] High CVE-2011-2847: Use-after-free in document loader. Credit to
    - [89991] Medium CVE-2011-3234: Out-of-bounds read in box handling. Credit
      to miaubiz.
    - [92651] [94800] High CVE-2011-2854: Use-after-free in ruby / table style
      handing. Credit to Sławomir Błażek, and independent later discoveries by
      miaubiz and Google Chrome Security Team (Inferno).
    - [92959] High CVE-2011-2855: Stale node in stylesheet handling. Credit to
      Arthur Gerkis.
    - [93420] High CVE-2011-2857: Use-after-free in focus controller. Credit
      to miaubiz.
    - [93587] High CVE-2011-2860: Use-after-free in table style handling.
      Credit to miaubiz.
  + Webkit issues (14.0.835.202):
    - [93788] High CVE-2011-2876: Use-after-free in text line box handling.
      Credit to miaubiz.
    - [95072] High CVE-2011-2877: Stale font in SVG text handling. Credit to
  + LibXML issue (14.0.835.163):
    - [93472] High CVE-2011-2834: Double free in libxml XPath handling. Credit
      to Yang Dingning
  + V8 issues (14.0.835.163):
    - [76771] High CVE-2011-2839: Crash in v8 script object wrappers. Credit
      to Kostya Serebryany
    - [91120] High CVE-2011-2852: Off-by-one in v8. Credit to Christian Holler
    - [93416] High CVE-2011-2856: Cross-origin bypass in v8. Credit to Daniel
    - [93906] High CVE-2011-2862: Unintended access to v8 built-in objects.
      Credit to Sergey Glazunov.
    - [95920] High CVE-2011-2875: Type confusion in v8 object sealing. Credit
      to Christian Holler.
  + V8 issues (14.0.835.202):
    - [97451] [97520] [97615] High CVE-2011-2880: Use-after-free in the v8
      bindings. Credit to Sergey Glazunov.
    - [97784] High CVE-2011-2881: Memory corruption with v8 hidden objects.
      Credit to Sergey Glazunov.

[ Fabien Tassin ]
* Add libpulse-dev to Build-Depends, needed for WebRTC
  - update debian/control
* Drop the HTML5 video patch, now committed upstream
  - remove debian/patches/html5-codecs-fix.patch
  - update debian/patches/series
* Rename ui/base/strings/app_strings.grd to ui_strings.grd following
  the upstream rename, and add a mapping flag to the grit converter
  - update debian/rules
* Add a "Conflicts" with -inspector so that it gets removed
  - update debian/control
* Build with the default gcc-4.6 on Oneiric
  - update debian/control
  - update debian/rules
* Refresh Patches

49. By Matthias Klose

Enable hardening on armel. LP: #641126.

48. By Fabien Tassin

* New upstream release from the Stable Channel
  This release fixes the following security issues:
  + Chromium issues:
   - [91517] High, CVE-2011-2828: Out-of-bounds write in v8. Credit to Google
     Chrome Security Team (SkyLined).
  + Webkit issues:
   - [82552] High, CVE-2011-2823: Use-after-free in line box handling. Credit
     to Google Chrome Security Team (SkyLined) and independent later
     discovery by miaubiz.
   - [88216] High, CVE-2011-2824: Use-after-free with counter nodes. Credit
     to miaubiz.
   - [88670] High, CVE-2011-2825: Use-after-free with custom fonts. Credit to
     wushi of team509 reported through ZDI (ZDI-CAN-1283), plus indepdendent
     later discovery by miaubiz.
   - [87453] High, CVE-2011-2826: Cross-origin violation with empty origins.
     Credit to Sergey Glazunov.
   - [90668] High, CVE-2011-2827: Use-after-free in text searching. Credit to
   - [32-bit only] [91598] High, CVE-2011-2829: Integer overflow in uniform
     arrays. Credit to Sergey Glazunov.
  + libxml2 issue:
   - [89402] High, CVE-2011-2821: Double free in libxml XPath handling.
     Credit to Yang Dingning from NCNIPC, Graduate University of Chinese
     Academy of Sciences.
Packaging changes:
* Fix a FTBFS with cups 1.5.0 by including individual cups headers
  - add debian/patches/cups_1.5_build_fix.patch
  - update debian/patches/series

47. By Fabien Tassin

* Add libgles2-mesa-dev to Build-deps for Armel (only), fixing a FTBFS
  - update debian/control

46. By Fabien Tassin

* New Major upstream release from the Stable Channel
  This release fixes the following security issues:
  + Chromium issues:
   - [75821] Medium, CVE-2011-2358: Always confirm an extension install via a
     browser dialog. Credit to Sergey Glazunov.
   - [79266] Low, CVE-2011-2360: Potential bypass of dangerous file prompt.
     Credit to kuzzcc.
   - [79426] Low, CVE-2011-2361: Improve designation of strings in the basic
     auth dialog. Credit to kuzzcc.
   - [81307] Medium, CVE-2011-2782: File permissions error with drag and
     drop. Credit to Evan Martin of the Chromium development community.
   - [83273] Medium, CVE-2011-2783: Always confirm a developer mode NPAPI
     extension install via a browser dialog. Credit to Sergey Glazunov.
   - [84402] Low, CVE-2011-2785: Sanitize the homepage URL in extensions.
     Credit to kuzzcc.
   - [84805] Medium, CVE-2011-2787: Browser crash due to GPU lock re-entrancy
     issue. Credit to kuzzcc.
   - [85808] Medium, CVE-2011-2789: Use after free in Pepper plug-in
     instantiation. Credit to Mario Gomes and kuzzcc.
   - [87815] Low, CVE-2011-2798: Prevent a couple of internal schemes from
     being web accessible. Credit to sirdarckcat of the Google Security Team.
   - [88827] Medium, CVE-2011-2803: Out-of-bounds read in Skia paths. Credit
     to Google Chrome Security Team (Inferno).
  + Webkit issues:
   - [78841] High, CVE-2011-2359: Stale pointer due to bad line box tracking
     in rendering. Credit to miaubiz and Martin Barbella.
   - [83841] Low, CVE-2011-2784: Local file path disclosure via GL program
     log. Credit to kuzzcc.
   - [84600] Low, CVE-2011-2786: Make sure the speech input bubble is always
     on-screen. Credit to Olli Pettay of Mozilla.
   - [85559] Low, CVE-2011-2788: Buffer overflow in inspector serialization.
     Credit to Mikołaj Małecki.
   - [86502] High, CVE-2011-2790: Use-after-free with floating styles. Credit
     to miaubiz.
   - [87148] High, CVE-2011-2792: Use-after-free with float removal. Credit
     to miaubiz.
   - [87227] High, CVE-2011-2793: Use-after-free in media selectors. Credit
     to miaubiz.
   - [87298] Medium, CVE-2011-2794: Out-of-bounds read in text iteration.
     Credit to miaubiz.
   - [87339] Medium, CVE-2011-2795: Cross-frame function leak. Credit to Shih
   - [87548] High, CVE-2011-2796: Use-after-free in Skia. Credit to Google
     Chrome Security Team (Inferno) and Kostya Serebryany of the Chromium
     development community.
   - [87729] High, CVE-2011-2797: Use-after-free in resource caching. Credit
     to miaubiz.
   - [87925] High, CVE-2011-2799: Use-after-free in HTML range handling.
     Credit to miaubiz.
   - [88337] Medium, CVE-2011-2800: Leak of client-side redirect target.
     Credit to Juho Nurminen.
   - [88591] High, CVE-2011-2802: v8 crash with const lookups. Credit to
     Christian Holler.
   - [88846] High, CVE-2011-2801: Use-after-free in frame loader. Credit to
   - [88889] High, CVE-2011-2818: Use-after-free in display box rendering.
     Credit to Martin Barbella.
   - [89520] High, CVE-2011-2805: Cross-origin script injection. Credit to
     Sergey Glazunov.
   - [90222] High, CVE-2011-2819: Cross-origin violation in base URI
     handling. Credit to Sergey Glazunov.
  + ICU 4.6 issue:
   - [86900] High, CVE-2011-2791: Out-of-bounds write in ICU. Credit to Yang
     Dingning from NCNIPC, Graduate University of Chinese Academy of
Packaging changes:
* Add a "Conflicts" with -inspector so that it gets removed
  - update debian/control
* Disable PIE for ARM on Oneiric too
  - update debian/rules
* Run the gclient hooks when creating the source tarball, as we need files
  from the Native Client's integrated runtime (IRT) library.
  Install the NaCL IRT files in the main deb
  - update debian/rules
  - update debian/chromium-browser.install
* Drop obsolete patches
  - remove debian/patches/cups_cleanup_cr6883221.patch
  - update debian/patches/series

45. By Fabien Tassin

* New Minor upstream release from the Stable Channel (LP: #803107)
  This release fixes the following security issues:
  + WebKit issues:
    - [84355] High, CVE-2011-2346: Use-after-free in SVG font handling.
      Credit to miaubiz.
    - [85003] High, CVE-2011-2347: Memory corruption in CSS parsing. Credit
      to miaubiz.
    - [85102] High, CVE-2011-2350: Lifetime and re-entrancy issues in the
      HTML parser. Credit to miaubiz.
    - [85211] High, CVE-2011-2351: Use-after-free with SVG use element.
      Credit to miaubiz.
    - [85418] High, CVE-2011-2349: Use-after-free in text selection. Credit
      to miaubiz.
  + Chromium issues:
    - [77493] Medium, CVE-2011-2345: Out-of-bounds read in NPAPI string
      handling. Credit to Philippe Arteau.
    - [85177] High, CVE-2011-2348: Bad bounds check in v8. Credit to Aki
      Helin of OUSPG.
Packaging changes:
* Add Valencian (ca@valencia) to the list of supported langs for the
  - update debian/rules
  - update debian/control
* Add support for language variants in Grit, backported from trunk.
  This is needed to support lang-codes like ca@valencia
  - add debian/patches/grit_language_variants.patch
  - update debian/patches/series
* Add a WANT_ONLY_WHITELISTED_NEW_LANGS knob to make it easier to
  sync translations of new langs between all the branches
  - update debian/rules
* Properly stop the keep-alive when the build fails
  - update debian/rules
* Fix the HTML5 <video> tag regression in Oneiric by properly linking
  libvpx so it's not being dropped from libffmpegsumo.so (LP: #795171)
  - add debian/patches/html5-codecs-fix.patch
  - update debian/patches/series
* Drop the -inspector package, its content has been merged into the main deb
  in M12 and the deb remained empty since.
  Also drop chromium-codecs-ffmpeg-nonfree, renamed in M5 to -extra
  - update debian/control
  - update debian/rules
* Backport of http://codereview.chromium.org/6883221 from M13 presumably
  fixing the ARM ftbfs from the last update, and set use_cups=0 on armel
  - add debian/patches/cups_cleanup_cr6883221.patch
  - update debian/patches/series
  - update debian/rules

44. By Fabien Tassin

* New upstream release from the Stable Channel (LP: #794197)
  It includes:
  - Hardware accelerated 3D CSS
  - New Safe Browsing protection against downloading malicious files
  - Ability to delete Flash cookies from inside Chrome
  - Launch Apps by name from the Omnibox
  - Integrated Sync into new settings pages
  - Improved screen reader support
  - New warning when hitting Command-Q on Mac
  - Removal of Google Gears
  This release fixes the following security issues:
  + WebKit issues:
    - [73962] [79746] High CVE-2011-1808: Use-after-free due to integer
      issues in float handling. Credit to miaubiz.
    - [75496] Medium CVE-2011-1809: Use-after-free in accessibility support.
      Credit to Google Chrome Security Team (SkyLined).
    - [75643] Low CVE-2011-1810: Visit history information leak in CSS.
      Credit to Jesse Mohrland of Microsoft and Microsoft Vulnerability
      Research (MSVR).
    - [80358] Medium CVE-2011-1816: Use-after-free in developer tools. Credit
      to kuzzcc.
    - [81949] High CVE-2011-1818: Use-after-free in image loader. Credit to
    - [83743] High CVE-2011-2342: Same origin bypass in DOM. Credit to Sergey
  + Chromium issues:
    - [76034] Low CVE-2011-1811: Browser crash with lots of form submissions.
      Credit to “DimitrisV22”.
    - [77026] Medium CVE-2011-1812: Extensions permission bypass. Credit to
    - [78516] High CVE-2011-1813: Stale pointer in extension framework.
      Credit to Google Chrome Security Team (Inferno).
    - [79862] Low CVE-2011-1815: Extension script injection into new tab
      page. Credit to kuzzcc.
    - [81916] Medium CVE-2011-1817: Browser memory corruption in history
      deletion. Credit to Collin Payne.
    - [83010] Medium CVE-2011-1819: Extension injection into chrome:// pages.
      Credit to Vladislavas Jarmalis, plus subsequent independent discovery
      by Sergey Glazunov.
    - [83275] High CVE-2011-2332: Same origin bypass in v8. Credit to Sergey
Packaging changes:
* Provide a batch of translations for the Unity quicklists, and update
  the regular desktop translations
  - update debian/chromium-browser.desktop
* Add a keep-alive script preventing the builders from killing the build
  when it's not echoing anything for too long (useful when linking
  the main binary with ld-bfd)
  - add debian/keep-alive.sh
  - update debian/rules
* Drop the gtk resize patch, now that upstream does it for us
  - remove debian/patches/disable_gtk_resize_grip_on_natty.patch
  - update debian/patches/series
* Drop the xdg-utils patch and use the system xdg tools when we
  detect that xdg-setting is present on the system (ensuring it's a recent
  enough xdg-utils)
  - update debian/chromium-browser.sh.in
  - remove debian/patches/xdg-utils_gnome3_lp670128_for_natty.patch
  - update debian/patches/series
* Drop the stored passwords patch
  - remove debian/patches/stored_passwords_lp743494.patch
  - update debian/patches/series
* Drop the dedicated webapp WMClass patch
  - remove debian/patches/webapps-wm-class-lp692462.patch
  - update debian/patches/series
* When building with a non-default g++, also link with the same version
  - update debian/rules
* Empty the -inspector package now that it has been merged into the main
  resources.pak file (so that the Inspector remains usable after an upgrade
  until the next browser restart). Also remove the resources directory,
  now empty
  - remove debian/chromium-browser-inspector.install
  - update debian/chromium-browser.dirs
  - update debian/rules

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
This branch contains Public information 
Everyone can see this information.