Format: 1.8
Date: Thu, 20 Jun 2013 14:54:43 -0400
Source: chromium-browser
Binary: chromium-browser chromium-browser-dbg chromium-browser-l10n chromium-codecs-ffmpeg chromium-codecs-ffmpeg-dbg chromium-codecs-ffmpeg-extra chromium-codecs-ffmpeg-extra-dbg chromium-chromedriver
Architecture: amd64
Version: 28.0.1500.52-0ubuntu1.13.04.2
Distribution: raring
Urgency: low
Maintainer: Ubuntu/amd64 Build Daemon <buildd@komainu.buildd>
Changed-By: Chad MILLER <chad.miller@canonical.com>
Description: 
 chromium-browser - Chromium browser
 chromium-browser-dbg - chromium-browser debug symbols
 chromium-browser-l10n - chromium-browser language packages
 chromium-chromedriver - WebDriver driver for the Chromium Browser
 chromium-codecs-ffmpeg - Free ffmpeg codecs for the Chromium Browser
 chromium-codecs-ffmpeg-dbg - chromium-codecs-ffmpeg debug symbols
 chromium-codecs-ffmpeg-extra - Extra ffmpeg codecs for the Chromium Browser
 chromium-codecs-ffmpeg-extra-dbg - chromium-codecs-ffmpeg-extra debug symbols
Changes: 
 chromium-browser (28.0.1500.52-0ubuntu1.13.04.2) raring-security; urgency=low
 .
   [Chad MILLER]
   * New stable release 28.0.1500.52
   * New stable release 28.0.1500.45
   * New stable release 27.0.1453.110:
     - CVE-2013-2855: Memory corruption in dev tools API.
     - CVE-2013-2856: Use-after-free in input handling.
     - CVE-2013-2857: Use-after-free in image handling.
     - CVE-2013-2858: Use-after-free in HTML5 Audio.
     - CVE-2013-2859: Cross-origin namespace pollution.
     - CVE-2013-2860: Use-after-free with workers accessing database APIs.
     - CVE-2013-2861: Use-after-free with SVG.
     - CVE-2013-2862: Memory corruption in Skia GPU handling.
     - CVE-2013-2863: Memory corruption in SSL socket handling.
     - CVE-2013-2864: Bad free in PDF viewer.
   * New stable release 27.0.1453.93:
     - CVE-2013-2837: Use-after-free in SVG.
     - CVE-2013-2838: Out-of-bounds read in v8.
     - CVE-2013-2839: Bad cast in clipboard handling.
     - CVE-2013-2840: Use-after-free in media loader.
     - CVE-2013-2841: Use-after-free in Pepper resource handling.
     - CVE-2013-2842: Use-after-free in widget handling.
     - CVE-2013-2843: Use-after-free in speech handling.
     - CVE-2013-2844: Use-after-free in style resolution.
     - CVE-2013-2845: Memory safety issues in Web Audio.
     - CVE-2013-2846: Use-after-free in media loader.
     - CVE-2013-2847: Use-after-free race condition with workers.
     - CVE-2013-2848: Possible data extraction with XSS Auditor.
     - CVE-2013-2849: Possible XSS with drag+drop or copy+paste.
   * Drop unneeded patches,
       safe-browsing-sigbus.patch
       dont-assume-cross-compile-on-arm.patch
       struct-siginfo.patch
       ld-memory-32bit.patch
       dlopen_sonamed_gl.patch
   * Temporarily disable webapps patches.
   * Update arm-neon patch, format-flag patch, search-credit patch,
     title-bar-system-default patch.
   * Make get-orig-source nicer.  Package tarball contents from upstream
     correctly.
   * Reenable dyn-linking of major components of chromium for 32-bit machines.
     Fix a libdir path bug in debian/chromium-browser.sh.in .
   * No longer try to use system libraries. Generally, Security Team would
     hate bundled libraries because they provide a wide liability, but
     Chromium Project is pretty good about maintaining their bundled-source
     libraries. We can not pull cr-required lib versions forward in older
     Ubuntus, and we can't guarantee all the distro versions of libraries work
     with chromium-browser. The default security policy might be worse. Bundled
     libraries is less work overall.
   * Exclude included XDG files even if they are built.
   * Use NEON instructions on ARM, optionally. This might use run-time checks
     for hardware capability, but even if it doesn't we can add it later.
   * Clean up difference checks in debian/rules that make sure that all files
     that the build makes are used in packages, and no longer hide any, and no
     longer consider it an error if some are unused.  Treat it as a warning,
     not a fatality.
   * Use legible shell instead of make-generated shell in setting the rpath
     in rules.
   * Add new build-dep, "chrpath".
 .
   [Chris Coulson]
   * debian/rules: Disable tcmalloc on all component builds, not just on
     arm builds.
Checksums-Sha1: 
 b75c2f71a14ce9d4d746771b9c644b42a20e4aa1 28900676 chromium-browser_28.0.1500.52-0ubuntu1.13.04.2_amd64.deb
 0d552e0d80e9a0740ff8063b4e4b49c9ca7331b0 277600808 chromium-browser-dbg_28.0.1500.52-0ubuntu1.13.04.2_amd64.deb
 d96049c1c4d28329b5bf375311a257c69c46dadf 408642 chromium-codecs-ffmpeg_28.0.1500.52-0ubuntu1.13.04.2_amd64.deb
 aa2128a25a79a60221094591b81e491c59b254d9 859190 chromium-codecs-ffmpeg-dbg_28.0.1500.52-0ubuntu1.13.04.2_amd64.deb
 ff03034f548913f09a210669320e250c07a190b3 749402 chromium-codecs-ffmpeg-extra_28.0.1500.52-0ubuntu1.13.04.2_amd64.deb
 c5ba7234284ba3b46a42a7d3b2ebbb3c47556a3a 1819778 chromium-codecs-ffmpeg-extra-dbg_28.0.1500.52-0ubuntu1.13.04.2_amd64.deb
 1d812925073394aeddc7714e22966b473ad86a4e 5400562 chromium-chromedriver_28.0.1500.52-0ubuntu1.13.04.2_amd64.deb
Checksums-Sha256: 
 75eb85173474bde7155d141a9a887aa4aa3c7aa49cc9b649d131b05d513fa62b 28900676 chromium-browser_28.0.1500.52-0ubuntu1.13.04.2_amd64.deb
 0562fafc6c2da7e47257af7f57875e1eac710b7ee6e61bb5d39b0aeec94a005c 277600808 chromium-browser-dbg_28.0.1500.52-0ubuntu1.13.04.2_amd64.deb
 48911a6b290356c78eb20ee86142ca74c5e8a0d759e3da7ecfe902774c602dd7 408642 chromium-codecs-ffmpeg_28.0.1500.52-0ubuntu1.13.04.2_amd64.deb
 a6ba59135ea36f660ff6a74ca020eb52f46dbf1d6e3edbe09e129a2a2b8b8d22 859190 chromium-codecs-ffmpeg-dbg_28.0.1500.52-0ubuntu1.13.04.2_amd64.deb
 324f1081076eb3cc4c1ed8d11aaae23f4a67d460f2b92ccf14b2110750c3549e 749402 chromium-codecs-ffmpeg-extra_28.0.1500.52-0ubuntu1.13.04.2_amd64.deb
 a9f46a285b30da016adb8062bafff77438a6657412930892b44be2ca999bf0de 1819778 chromium-codecs-ffmpeg-extra-dbg_28.0.1500.52-0ubuntu1.13.04.2_amd64.deb
 276c55762f670444f7ea22495f2826bfad4ac32fee4cef259311a6354639b02f 5400562 chromium-chromedriver_28.0.1500.52-0ubuntu1.13.04.2_amd64.deb
Files: 
 203fbb78d492b9884416222622b8bc1e 28900676 web optional chromium-browser_28.0.1500.52-0ubuntu1.13.04.2_amd64.deb
 e6f5c5b0952f6be98a858467e6c454f1 277600808 debug extra chromium-browser-dbg_28.0.1500.52-0ubuntu1.13.04.2_amd64.deb
 ad5e5b1f358a0654f5e851d8854ccaed 408642 web optional chromium-codecs-ffmpeg_28.0.1500.52-0ubuntu1.13.04.2_amd64.deb
 6de4f7c9509406f9a38a194f16b5bc75 859190 debug extra chromium-codecs-ffmpeg-dbg_28.0.1500.52-0ubuntu1.13.04.2_amd64.deb
 20cf311498e38d6ab143b6685a0ac45c 749402 web optional chromium-codecs-ffmpeg-extra_28.0.1500.52-0ubuntu1.13.04.2_amd64.deb
 6f4365fe9f6ccd71bca1f71a38e98d23 1819778 debug extra chromium-codecs-ffmpeg-extra-dbg_28.0.1500.52-0ubuntu1.13.04.2_amd64.deb
 4f18a7ecd3929d0e83b91921e298fd4e 5400562 web optional chromium-chromedriver_28.0.1500.52-0ubuntu1.13.04.2_amd64.deb
Original-Maintainer: Micah Gersten <micahg@ubuntu.com>, Fabien Tassin <fta@ubuntu.com>