Binary files /tmp/0tfhv9Dthz/chromium-browser-17.0.963.79~r125985/chromium-browser-17.0.963.79~r125985-source.tar.lzma and /tmp/ycR5A1oWD2/chromium-browser-18.0.1025.151~r130497/chromium-browser-17.0.963.79~r125985-source.tar.lzma differ
Binary files /tmp/0tfhv9Dthz/chromium-browser-17.0.963.79~r125985/chromium-browser-18.0.1025.151~r130497-source.tar.lzma and /tmp/ycR5A1oWD2/chromium-browser-18.0.1025.151~r130497/chromium-browser-18.0.1025.151~r130497-source.tar.lzma differ
diff -Nru chromium-browser-17.0.963.79~r125985/debian/changelog chromium-browser-18.0.1025.151~r130497/debian/changelog
--- chromium-browser-17.0.963.79~r125985/debian/changelog	2012-04-20 08:02:22.000000000 +0000
+++ chromium-browser-18.0.1025.151~r130497/debian/changelog	2012-04-20 08:02:50.000000000 +0000
@@ -1,3 +1,110 @@
+chromium-browser (18.0.1025.151~r130497-0ubuntu0.10.04.1) lucid-security; urgency=low
+
+  * New upstream release from the Stable Channel (LP: #977502)
+    - black screen on Hybrid Graphics system with GPU accelerated compositing
+      enabled (Issue: 117371)
+    - CSS not applied to <content> element (Issue: 114667)
+    - Regression rendering a div with background gradient and borders
+      (Issue: 113726)
+    - Canvas 2D line drawing bug with GPU acceleration (Issue: 121285)
+    - Multiple crashes (Issues: 72235, 116825 and 92998)
+    - Pop-up dialog is at wrong position (Issue: 116045)
+    - HTML Canvas patterns are broken if you change the transformation matrix
+      (Issue: 112165)
+    - SSL interstitial error "proceed anyway" / "back to safety" buttons don't
+      work (Issue: 119252)
+    This release fixes the following security issues:
+    - [106577] Medium CVE-2011-3066: Out-of-bounds read in Skia clipping.
+      Credit to miaubiz.
+    - [117583] Medium CVE-2011-3067: Cross-origin iframe replacement. Credit to
+      Sergey Glazunov.
+    - [117698] High CVE-2011-3068: Use-after-free in run-in handling. Credit to 
+      miaubiz.
+    - [117728] High CVE-2011-3069: Use-after-free in line box handling. Credit
+      to miaubiz.
+    - [118185] High CVE-2011-3070: Use-after-free in v8 bindings. Credit to
+      Google Chrome Security Team (SkyLined).
+    - [118273] High CVE-2011-3071: Use-after-free in HTMLMediaElement. Credit
+      to pa_kt, reporting through HP TippingPoint ZDI (ZDI-CAN-1528).
+    - [118467] Low CVE-2011-3072: Cross-origin violation parenting pop-up
+      window. Credit to Sergey Glazunov.
+    - [118593] High CVE-2011-3073: Use-after-free in SVG resource handling.
+      Credit to Arthur Gerkis.
+    - [119281] Medium CVE-2011-3074: Use-after-free in media handling. Credit
+      to Sławomir Błażek.
+    - [119525] High CVE-2011-3075: Use-after-free applying style command.
+      Credit to miaubiz.
+    - [120037] High CVE-2011-3076: Use-after-free in focus handling. Credit to
+      miaubiz.
+    - [120189] Medium CVE-2011-3077: Read-after-free in script bindings. Credit
+      to Google Chrome Security Team (Inferno).
+
+ -- Micah Gersten <micahg@ubuntu.com>  Mon, 09 Apr 2012 19:10:03 -0500
+
+chromium-browser (18.0.1025.142~r129054-0ubuntu0.10.04.1) lucid-security; urgency=low
+
+  * New upstream release from the Stable Channel (LP: #968901)
+    This release fixes the following security issues:
+    - [109574] Medium CVE-2011-3058: Bad interaction possibly leading to XSS in
+      EUC-JP. Credit to Masato Kinugawa.
+    - [112317] Medium CVE-2011-3059: Out-of-bounds read in SVG text handling.
+      Credit to Arthur Gerkis.
+    - [114056] Medium CVE-2011-3060: Out-of-bounds read in text fragment
+      handling. Credit to miaubiz.
+    - [116398] Medium CVE-2011-3061: SPDY proxy certificate checking error.
+      Credit to Leonidas Kontothanassis of Google.
+    - [116524] High CVE-2011-3062: Off-by-one in OpenType Sanitizer. Credit to
+      Mateusz Jurczyk of the Google Security Team.
+    - [117417] Low CVE-2011-3063: Validate navigation requests from the renderer
+      more carefully. Credit to kuzzcc, Sergey Glazunov, PinkiePie and
+      scarybeasts (Google Chrome Security Team).
+    - [117471] High CVE-2011-3064: Use-after-free in SVG clipping. Credit to
+      Atte Kettunen of OUSPG.
+    - [117588] High CVE-2011-3065: Memory corruption in Skia. Credit to Omair.
+    - [117794] Medium CVE-2011-3057: Invalid read in v8. Credit to Christian
+      Holler.
+
+  * Add build dependency on libudev-dev to allow for gamepad detection; see
+    http://code.google.com/p/chromium/issues/detail?id=79050
+    - update debian/control
+  * Drop dlopen_libgnutls patch as it's been implemented upstream
+     - drop debian/patches/dlopen_libgnutls.patch
+     - update debian/patches/series
+  * Start removing *.so and *.so.* from the upstream tarball creation
+    - update debian/rules
+  * Strip almost the entire third_party/openssl directory as it's needed only
+    on android, but is used by the build system
+    - update debian/rules
+  * Use tar's --exclude-vcs flag instead of just excluding .svn
+    - update debian/rules
+
+ -- Micah Gersten <micahg@ubuntu.com>  Mon, 02 Apr 2012 02:49:35 -0500
+
+chromium-browser (17.0.963.83~r127885-0ubuntu0.10.04.1) lucid-security; urgency=low
+
+  * New upstream release from the Stable Channel (LP: #961831)
+    This release fixes the following security issues:
+    - [113902] High CVE-2011-3050: Use-after-free with first-letter handling.
+      Credit to miaubiz.
+    - [116162] High CVE-2011-3045: libpng integer issue from upstream. Credit
+      to Glenn Randers-Pehrson of the libpng project.
+    - [116461] High CVE-2011-3051: Use-after-free in CSS cross-fade handling.
+      Credit to Arthur Gerkis.
+    - [116637] High CVE-2011-3052: Memory corruption in WebGL canvas handling.
+      Credit to Ben Vanik of Google.
+    - [116746] High CVE-2011-3053: Use-after-free in block splitting.
+      Credit to miaubiz.
+    - [117418] Low CVE-2011-3054: Apply additional isolations to webui
+      privileges. Credit to Sergey Glazunov.
+    - [117736] Low CVE-2011-3055: Prompt in the browser native UI for unpacked
+      extension installation. Credit to PinkiePie.
+    - [117550] High CVE-2011-3056: Cross-origin violation with “magic iframe”.
+      Credit to Sergey Glazunov.
+    - [117794] Medium CVE-2011-3057: Invalid read in v8. Credit to Christian 
+      Holler.
+
+ -- Micah Gersten <micahg@ubuntu.com>  Wed, 21 Mar 2012 21:42:19 -0500
+
 chromium-browser (17.0.963.79~r125985-0ubuntu0.10.04.1) lucid-security; urgency=low
 
   * New upstream release from the Stable Channel (LP: #952711)
diff -Nru chromium-browser-17.0.963.79~r125985/debian/control chromium-browser-18.0.1025.151~r130497/debian/control
--- chromium-browser-17.0.963.79~r125985/debian/control	2012-04-20 08:02:22.000000000 +0000
+++ chromium-browser-18.0.1025.151~r130497/debian/control	2012-04-20 08:02:50.000000000 +0000
@@ -46,6 +46,7 @@
 	libgtk2.0-dev,
 	libdbus-glib-1-dev,
 	libgnome-keyring-dev,
+	libudev-dev,
 	libgconf2-dev
 Standards-Version: 3.8.3
 
diff -Nru chromium-browser-17.0.963.79~r125985/debian/patches/dlopen_libgnutls.patch chromium-browser-18.0.1025.151~r130497/debian/patches/dlopen_libgnutls.patch
--- chromium-browser-17.0.963.79~r125985/debian/patches/dlopen_libgnutls.patch	2012-04-20 08:02:22.000000000 +0000
+++ chromium-browser-18.0.1025.151~r130497/debian/patches/dlopen_libgnutls.patch	1970-01-01 00:00:00.000000000 +0000
@@ -1,41 +0,0 @@
----
- printing/backend/print_backend_cups.cc |   15 ++++++++++++---
- 1 file changed, 12 insertions(+), 3 deletions(-)
-
-Index: src/printing/backend/print_backend_cups.cc
-===================================================================
---- src.orig/printing/backend/print_backend_cups.cc
-+++ src/printing/backend/print_backend_cups.cc
-@@ -44,20 +44,29 @@
-   GcryptInitializer() {
-     Init();
-   }
- 
-  private:
-   void Init() {
-     gcry_control(GCRYCTL_SET_THREAD_CBS, &gcry_threads_pthread);
-     const char* kGnuTlsFile = "libgnutls.so";
--    void* gnutls_lib = dlopen(kGnuTlsFile, RTLD_NOW);
-+    const char* kGnuTlsFile26 = "libgnutls.so.26"; // Since Ubuntu Intrepid (8.10)
-+    const char* kGnuTlsFile13 = "libgnutls.so.13"; // Last seen in Ubuntu Hardy (8.04)
-+    void* gnutls_lib = dlopen(kGnuTlsFile26, RTLD_NOW);
-     if (!gnutls_lib) {
--      LOG(ERROR) << "Cannot load " << kGnuTlsFile;
--      return;
-+      gnutls_lib = dlopen(kGnuTlsFile13, RTLD_NOW);
-+      if (!gnutls_lib) {
-+        gnutls_lib = dlopen(kGnuTlsFile, RTLD_NOW);
-+        if (!gnutls_lib) {
-+          LOG(ERROR) << "Cannot load any of " << kGnuTlsFile26 << ", "
-+                     << kGnuTlsFile13 << " or " << kGnuTlsFile;
-+          return;
-+        }
-+      }
-     }
-     const char* kGnuTlsInitFuncName = "gnutls_global_init";
-     int (*pgnutls_global_init)(void) = reinterpret_cast<int(*)()>(
-         dlsym(gnutls_lib, kGnuTlsInitFuncName));
-     if (!pgnutls_global_init) {
-       LOG(ERROR) << "Could not find " << kGnuTlsInitFuncName
-                  << " in " << kGnuTlsFile;
-       return;
diff -Nru chromium-browser-17.0.963.79~r125985/debian/patches/series chromium-browser-18.0.1025.151~r130497/debian/patches/series
--- chromium-browser-17.0.963.79~r125985/debian/patches/series	2012-04-20 08:02:22.000000000 +0000
+++ chromium-browser-18.0.1025.151~r130497/debian/patches/series	2012-04-20 08:02:50.000000000 +0000
@@ -3,5 +3,4 @@
 chromium_useragent.patch
 disable_dlog_and_dcheck_in_release_builds.patch
 webkit_rev_parser.patch
-dlopen_libgnutls.patch
 dlopen_sonamed_gl.patch
diff -Nru chromium-browser-17.0.963.79~r125985/debian/rules chromium-browser-18.0.1025.151~r130497/debian/rules
--- chromium-browser-17.0.963.79~r125985/debian/rules	2012-04-20 08:02:22.000000000 +0000
+++ chromium-browser-18.0.1025.151~r130497/debian/rules	2012-04-20 08:02:50.000000000 +0000
@@ -536,6 +536,7 @@
 ALMOST_STRIPPED_DIRS := \
 	courgette \
 	third_party/gles2_book \
+	third_party/openssl \
 	$(NULL)
 
 ifeq (1,$(WANT_SYSTEM_LIBS))
@@ -662,7 +663,7 @@
 endif
 endif
 	# Remove binaries
-	cd $(TMP_DDIR)/src && find . -type f \( -iname \*.exe -o -iname \*.dll -o -iname \*.pdb -o -name \*.o -o -name \*.a -o -name \*.dylib \) -exec rm -fv {} \; > REMOVED-bin_only.txt
+	cd $(TMP_DDIR)/src && find . -type f \( -iname \*.exe -o -iname \*.dll -o -iname \*.pdb -o -name \*.o -o -name \*.a -o -name \*.dylib -o -name \*.so -o -name \*.so.\* \) -exec rm -fv {} \; > REMOVED-bin_only.txt
 	wc -l $(TMP_DDIR)/src/REMOVED-*.txt
 	
 gos-pack: TMP_DIR  = $(TMP_DDIR)
@@ -691,7 +692,7 @@
 	if [ src != $(DEB_TAR_SRCDIR) ] ; then mv $(TMP_DIR)/src $(TMP_DIR)/$(DEB_TAR_SRCDIR) ; fi
 	mv $(TMP_DIR)/tools/depot_tools $(TMP_DIR)/$(DEB_TAR_SRCDIR)/depot_tools
 	## tar >= 1.23-2 now invokes xz when lzma is called, so we can no longer use --lzma because of the backports
-	cd $(TMP_DIR) && tar -cf - --exclude=.svn $(DEB_TAR_SRCDIR) | $(COMPRESS) > $(DEBIAN_NAME)-$(VERSION)-source.tar.$(TAR_EXT)
+	cd $(TMP_DIR) && tar -cf - --exclude-vcs $(DEB_TAR_SRCDIR) | $(COMPRESS) > $(DEBIAN_NAME)-$(VERSION)-source.tar.$(TAR_EXT)
 	mkdir $(TMP_DIR)/$(DEBIAN_NAME)-$(VERSION)
 	mv $(TMP_DIR)/$(DEBIAN_NAME)-$(VERSION)-source.tar.$(TAR_EXT) $(TMP_DIR)/$(DEBIAN_NAME)-$(VERSION)
 	cd $(TMP_DIR) && tar zcf ../$(DEBIAN_NAME)_$(VERSION).orig.tar.gz $(DEBIAN_NAME)-$(VERSION)