Superseded
by chromium-browser - 30.0.1599.114-0ubuntu0.13.04.2
Published
Changelog
chromium-browser (29.0.1547.65-0ubuntu0.13.04.1) raring-security; urgency=low
* New release 29.0.1547.65.
* New release 29.0.1547.62.
* New release 29.0.1547.57: (LP: #1215361)
- CVE-2013-2900: Incomplete path sanitization in file handling.
- CVE-2013-2905: Information leak via overly broad permissions on shared
memory files.
- CVE-2013-2901: Integer overflow in ANGLE.
- CVE-2013-2902: Use after free in XSLT.
- CVE-2013-2903: Use after free in media element.
- CVE-2013-2904: Use after free in document parsing.
- CVE-2013-2887: Various fixes from internal audits, fuzzing and other
initiatives (Chrome 29).
* debian/patches/duckduckgo.patch: Include DuckDuckGo in search-engine
list. [Caine Tighe <~caine>]
* debian/patches/search-credit.patch: Update URLs.
* debian/patches/disable_dlog_and_dcheck_in_release_builds.patch,
debian/patches/wehkit_rev_parser.patch,
No longer necessary. Deleted.
* debian/chromium-browser.sh.in: Include command-line parameters for
registered plugins.
* Since we include remoting locales too, also split its locales info
into the -l10n package correctly.
* debian/rules: Disable arm_neon_optional. Impossible with sandbox, AND
breaks build right now.
* debian/rules: Fix packaging-completeness checker.
* debian/rules: Break long expressions into discrete parts in packaging
completeness checker.
* Update webapps patches.
* debian/rules:
- Make unused-file matches simpler, and install rule more descriptive.
- get-orig-source has to make the directory for the orig contents.
* debian/source/lintian-overrides:
- Add old-fsf-address-in-copyright-file and image-file-in-usr-lib
- Fix setuid-binary to be "source". Seems like it should be "binary". :(
* debian/checkout-orig-source.mk: Remove tests and add unofficialness
marker file to orig tarball when we can't use upstream orig releases.
* debian/chromium-browser.dirs: Add reference to /usr/share/chromium-browser,
expmplary for extension placement.
* debian/patches/extensions-directory.patch: Use a /usr/share/ directory that
is named with our package, not "chromium". Withouth this, we force global
extensions to violate FHS.
chromium-browser (28.0.1500.95-0ubuntu0.13.04.2) raring-security; urgency=low
* debian/control: Set VCS URL to be accurate.
* New release 28.0.1500.95:
- CVE-2013-2881: Origin bypass in frame handling.
- CVE-2013-2882: Type confusion in V8.
- CVE-2013-2883: Use-after-free in MutationObserver.
- CVE-2013-2884: Use-after-free in DOM.
- CVE-2013-2885: Use-after-free in input handling.
- CVE-2013-2886: Various fixes from internal audits, fuzzing and other
initiatives.
* debian/rules:
- Keepalive in tests rule, to keep builder machines from reaping.
- Further exclude a few tests that interact with fakeroot,
ReadOnlyFileUtilTest.
* debian/rules:
- Disable logging calls in chromium binary to save several MB of executable
size.
* debian/patches/linker-asneeded-bug.patch:
- Add patch to work around linker bug.
* debian/keep-alive.sh:
- Treat disappearing /proc as error, and quit.
-- Chad MILLER <email address hidden> Thu, 05 Sep 2013 16:47:55 -0400