-
Committer:
Chad Miller
-
Date:
2013-06-20 19:00:11 UTC
-
mfrom:
(792.2.62 p-raring)
-
Revision ID:
chad.miller@canonical.com-20130620190011-s9c86io2u6smtz2m
* New stable release 28.0.1500.45
* New stable release 27.0.1453.110:
- CVE-2013-2855: Memory corruption in dev tools API.
- CVE-2013-2856: Use-after-free in input handling.
- CVE-2013-2857: Use-after-free in image handling.
- CVE-2013-2858: Use-after-free in HTML5 Audio.
- CVE-2013-2859: Cross-origin namespace pollution.
- CVE-2013-2860: Use-after-free with workers accessing database APIs.
- CVE-2013-2861: Use-after-free with SVG.
- CVE-2013-2862: Memory corruption in Skia GPU handling.
- CVE-2013-2863: Memory corruption in SSL socket handling.
- CVE-2013-2864: Bad free in PDF viewer.
safe-browsing-sigbus.patch
dont-assume-cross-compile-on-arm.patch
struct-siginfo.patch
ld-memory-32bit.patch
dlopen_sonamed_gl.patch
* Temporarily disable webapps patches.
* Reenable dyn-linking of major components of chromium for 32-bit machines.
Fix a libdir path bug in debian/chromium-browser.sh.in .
* No longer try to use system libraries. Generally, Security Team would
hate bundled libraries because they provide a wide liability, but
Chromium Project is pretty good about maintaining their bundled-source
libraries. We can not pull cr-required lib versions forward in older
Ubuntus, and we can't guarantee all the distro versions of libraries work
with chromium-browser. The default security policy might be worse. Bundled
libraries is less work overall.
* Exclude included XDG files even if they are built.
* Use NEON instructions on ARM, optionally. This might use run-time checks
for hardware capability, but even if it doesn't we can add it later.
* Clean up difference checks in debian/rules that make sure that all files
that the build makes are used in packages, and no longer hide any, and no
longer consider it an error if some are unused. Treat it as a warning,
not a fatality.
* Use legible shell instead of make-generated shell in setting the rpath
in rules.