chromium-browser 34.0.1847.116-0ubuntu1~pkg1006 source package in Ubuntu

Changelog

chromium-browser (34.0.1847.116-0ubuntu1~pkg1006) trusty; urgency=medium

  * Release to stage

chromium-browser (34.0.1847.116-0ubuntu1) UNRELEASED; urgency=low

  * New upstream release 34.0.1847.116:
    - CVE-2014-1716: UXSS in V8.
    - CVE-2014-1717: OOB access in V8.
    - CVE-2014-1718: Integer overflow in compositor.
    - CVE-2014-1719: Use-after-free in web workers.
    - CVE-2014-1720: Use-after-free in DOM.
    - CVE-2014-1721: Memory corruption in V8.
    - CVE-2014-1722: Use-after-free in rendering.
    - CVE-2014-1723: Url confusion with RTL characters.
    - CVE-2014-1724: Use-after-free in speech.
    - CVE-2014-1725: OOB read with window property.
    - CVE-2014-1726: Local cross-origin bypass.
    - CVE-2014-1727: Use-after-free in forms.
    - CVE-2014-1728: Various fixes from internal audits, fuzzing and other
      initiatives.
    - CVE-2014-1729: Multiple vulnerabilities in V8 fixed in version
      3.24.35.22.
    + Now ignores "autocomplete=off" in web forms. (LP: #1294325)
  * debian/rules: Enable high-DPI. Enable touch support. These require
    using Aura toolkit.
  * debian/patches/gsettings-display-scaling: Get scaling factor from
    gsettings.
  * debian/patches/touch: Enable touch on XInput2 slave pointer touch devices.
  * debian/rules, debian/chromium-browser.sh.in: If lib dir contains a dir
    matching our version, then use version dir as the new lib dir.  This
    is an attempto to mitigate version upgrade hangs.
  * debian/chromium-browser.sh.in: Add a command line parameter to diasble
    pinch gestures.
  * debian/patches/display-scaling-default-value: Set default scaling to 1
    on hardware, because hardware often lies, but should be recoverable at 1:1.
  * debian/patches/display-scaling-report-hardware-info: Log hardware reports.
  * debian/rules: Emit messages on a timer to prevent dumb build-bots from
    killing long, silent linker stages.
  * debian/control: Add libexif-dev, libgcrypt-dev to build-deps.
  * debian/control: Add Recommend pepperflashplugin-nonfree . NPAPI is dying.
  * debian/control: Drop Recommend x11-xserver-utils, x11-utils .
  * debian/control: Add libexif-dev to build-deps.
  * debian/apport/chromium-browser.py: Convert encoded bytes to str before
    splitting. Converting these to str at all is wrong, though.
  * debian/patches/flash-redirection: Redirect Flash installation through
    Ubuntu wiki for better user experience.
  * debian/patches/clipboard: Backport a few bug fixes.
  * debian/patches/title-bar-default-system.patch-v34: Temporarily disable
    system menu default to avoid window initial placement that doesn't take
    into consideration the title bar.

chromium-browser (33.0.1750.152-0ubuntu1) trusty; urgency=low

  * debian/rules: Enable high-DPI. Enable touch support.  May not work on all devices yet.
  * debian/rules, debian/chromium-browser.sh.in: If lib dir contains a dir
    matching our version, then use version dir as the new lib dir.  This
    is an attempto to mitigate version upgrade hangs.
  * debian/rules: Move log-removal into the section for "release" builds only.
  * Upstream release 33.0.1750.152:
    - CVE-2014-1713: Code execution outside sandbox. Use-after-free in Blink
      bindings.
    - CVE-2014-1714: Code execution outside sandbox. Windows clipboard
      vulnerability.
    - CVE-2014-1705: Code execution outside sandbox. Memory corruption in V8.
    - CVE-2014-1715: Code execution outside sandbox. Directory traversal issue.
  * Upstream release 33.0.1750.149:
    - CVE-2014-1700: Use-after-free in speech.
    - CVE-2014-1701: UXSS in events.
    - CVE-2014-1702: Use-after-free in web database.
    - CVE-2014-1703: Potential sandbox escape due to a use-after-free in web
      sockets.
    - CVE-2014-1704: Multiple vulnerabilities in V8 fixed in version
      3.23.17.18.
  * Upstream release 33.0.1750.115.
  * Upstream release 33.0.1750.146.
    - CVE-2013-6663: Use-after-free in svg images.
    - CVE-2013-6664: Use-after-free in speech recognition.
    - CVE-2013-6665: Heap buffer overflow in software rendering.
    - CVE-2013-6666: Chrome allows requests in flash header request.
    - CVE-2013-6667: Various fixes from internal audits, fuzzing and other
      initiatives.
    - CVE-2013-6668: Multiple vulnerabilities in V8 fixed in version
      3.24.35.10.
  * Add a token to get search credit at Baidu.
  * debian/rules, debian/control: Switch to using ninja instead of make to
    build. Switch from CDBS to dh. Remove many old hacks.
  * debian/patches/disable_gn.patch: disable broken GN before build. Temporary
    hack.
  * debian/chromium-browser.{postinst,prerm}, add debhelper token.
  * debian/rules: Split compare function into arch-dep and arch-indep versions,
    since they check different things.
  * debian/rules: Use actual upstream orig tarball.
  * debian/control: build-dep on coreutils so we can print the checksums, too.
 -- Chad MILLER <email address hidden>   Sun, 13 Apr 2014 22:04:02 -0400

Upload details

Uploaded by:
Chad Miller on 2014-04-14
Uploaded to:
Trusty
Original maintainer:
Ubuntu Developers
Architectures:
armhf armel i386 amd64 all
Section:
web
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
chromium-browser_34.0.1847.116.orig.tar.xz 181.4 MiB dd6579c170eecd8d1f366461575e9754e44200e0b9fefde20941e15cb6729711
chromium-browser_34.0.1847.116-0ubuntu1~pkg1006.debian.tar.gz 273.4 KiB 312d2b1572fd6086b394a7d08bab8165a0abdb8d5f4bd6ad3a0e2d641ae88c34
chromium-browser_34.0.1847.116-0ubuntu1~pkg1006.dsc 2.3 KiB b14122d82eb9881b6b10cc9afd3f420256820226c4218c7aa7bda7e6593a951f

View changes file

Binary packages built by this source

chromium-browser: Chromium web browser, open-source version of Chrome

 An open-source browser project that aims to build a safer, faster, and more
 stable way for all Internet users to experience the web.

chromium-browser-dbg: chromium-browser debug symbols

 Debug symbols for the Chromium browser

chromium-browser-l10n: chromium-browser language packages

 An open-source browser project that aims to build a safer, faster, and more
 stable way for all Internet users to experience the web.
 .
 This package contains language packages for 65 languages:
 am, ar, ast, bg, bn, bs, ca, ca@valencia, cs, da, de, el, en-AU, en-GB, eo,
 es-419, es, et, eu, fa, fil, fi, fr, gl, gu, he, hi, hr, hu, hy, ia, id, it,
 ja, ka, kn, ko, ku, kw, lt, lv, ml, mr, ms, nb, nl, pl, pt-BR, pt-PT, ro, ru,
 sk, sl, sr, sv, sw, ta, te, th, tr, ug, uk, vi, zh-CN, zh-TW

chromium-chromedriver: WebDriver driver for the Chromium Browser

 Chromedriver serves as a bridge between Chromium Browser and Selenium
 WebDriver.
 .
 See https://sites.google.com/a/chromium.org/chromedriver/ for details.

chromium-chromedriver-dbg: chromium-chromedriver debug symbols

 Debug symbols for the chromium-chromedriver package.

chromium-codecs-ffmpeg: Free ffmpeg codecs for the Chromium Browser

 An open-source browser project that aims to build a safer, faster, and more
 stable way for all Internet users to experience the web.
 .
 This package contains the multi-threaded ffmpeg codecs needed for the HTML5
 <audio> and <video> tags. Only the free ogg, vorbis and theora codecs are
 included. See chromium-codecs-ffmpeg-extra for additional codecs

chromium-codecs-ffmpeg-dbg: chromium-codecs-ffmpeg debug symbols

 Debug symbols for the free ffmpeg-mt codecs

chromium-codecs-ffmpeg-extra: Extra ffmpeg codecs for the Chromium Browser

 An open-source browser project that aims to build a safer, faster, and more
 stable way for all Internet users to experience the web.
 .
 This package contains the multi-threaded ffmpeg codecs needed for the HTML5
 <audio> and <video> tags. In addition to the patent-free ogg, vorbis and
 theora codecs, aac/ac3/mpeg4audio/h264/mov/mp3 are also included. See
 chromium-codecs-ffmpeg if you prefer only the patent-free codecs

chromium-codecs-ffmpeg-extra-dbg: chromium-codecs-ffmpeg-extra debug symbols

 Debug symbols for the extra ffmpeg-mt codecs