chromium-browser 34.0.1847.116-0ubuntu1~pkg1006 source package in Ubuntu
Changelog
chromium-browser (34.0.1847.116-0ubuntu1~pkg1006) trusty; urgency=medium
* Release to stage
chromium-browser (34.0.1847.116-0ubuntu1) UNRELEASED; urgency=low
* New upstream release 34.0.1847.116:
- CVE-2014-1716: UXSS in V8.
- CVE-2014-1717: OOB access in V8.
- CVE-2014-1718: Integer overflow in compositor.
- CVE-2014-1719: Use-after-free in web workers.
- CVE-2014-1720: Use-after-free in DOM.
- CVE-2014-1721: Memory corruption in V8.
- CVE-2014-1722: Use-after-free in rendering.
- CVE-2014-1723: Url confusion with RTL characters.
- CVE-2014-1724: Use-after-free in speech.
- CVE-2014-1725: OOB read with window property.
- CVE-2014-1726: Local cross-origin bypass.
- CVE-2014-1727: Use-after-free in forms.
- CVE-2014-1728: Various fixes from internal audits, fuzzing and other
initiatives.
- CVE-2014-1729: Multiple vulnerabilities in V8 fixed in version
3.24.35.22.
+ Now ignores "autocomplete=off" in web forms. (LP: #1294325)
* debian/rules: Enable high-DPI. Enable touch support. These require
using Aura toolkit.
* debian/patches/gsettings-display-scaling: Get scaling factor from
gsettings.
* debian/patches/touch: Enable touch on XInput2 slave pointer touch devices.
* debian/rules, debian/chromium-browser.sh.in: If lib dir contains a dir
matching our version, then use version dir as the new lib dir. This
is an attempto to mitigate version upgrade hangs.
* debian/chromium-browser.sh.in: Add a command line parameter to diasble
pinch gestures.
* debian/patches/display-scaling-default-value: Set default scaling to 1
on hardware, because hardware often lies, but should be recoverable at 1:1.
* debian/patches/display-scaling-report-hardware-info: Log hardware reports.
* debian/rules: Emit messages on a timer to prevent dumb build-bots from
killing long, silent linker stages.
* debian/control: Add libexif-dev, libgcrypt-dev to build-deps.
* debian/control: Add Recommend pepperflashplugin-nonfree . NPAPI is dying.
* debian/control: Drop Recommend x11-xserver-utils, x11-utils .
* debian/control: Add libexif-dev to build-deps.
* debian/apport/chromium-browser.py: Convert encoded bytes to str before
splitting. Converting these to str at all is wrong, though.
* debian/patches/flash-redirection: Redirect Flash installation through
Ubuntu wiki for better user experience.
* debian/patches/clipboard: Backport a few bug fixes.
* debian/patches/title-bar-default-system.patch-v34: Temporarily disable
system menu default to avoid window initial placement that doesn't take
into consideration the title bar.
chromium-browser (33.0.1750.152-0ubuntu1) trusty; urgency=low
* debian/rules: Enable high-DPI. Enable touch support. May not work on all devices yet.
* debian/rules, debian/chromium-browser.sh.in: If lib dir contains a dir
matching our version, then use version dir as the new lib dir. This
is an attempto to mitigate version upgrade hangs.
* debian/rules: Move log-removal into the section for "release" builds only.
* Upstream release 33.0.1750.152:
- CVE-2014-1713: Code execution outside sandbox. Use-after-free in Blink
bindings.
- CVE-2014-1714: Code execution outside sandbox. Windows clipboard
vulnerability.
- CVE-2014-1705: Code execution outside sandbox. Memory corruption in V8.
- CVE-2014-1715: Code execution outside sandbox. Directory traversal issue.
* Upstream release 33.0.1750.149:
- CVE-2014-1700: Use-after-free in speech.
- CVE-2014-1701: UXSS in events.
- CVE-2014-1702: Use-after-free in web database.
- CVE-2014-1703: Potential sandbox escape due to a use-after-free in web
sockets.
- CVE-2014-1704: Multiple vulnerabilities in V8 fixed in version
3.23.17.18.
* Upstream release 33.0.1750.115.
* Upstream release 33.0.1750.146.
- CVE-2013-6663: Use-after-free in svg images.
- CVE-2013-6664: Use-after-free in speech recognition.
- CVE-2013-6665: Heap buffer overflow in software rendering.
- CVE-2013-6666: Chrome allows requests in flash header request.
- CVE-2013-6667: Various fixes from internal audits, fuzzing and other
initiatives.
- CVE-2013-6668: Multiple vulnerabilities in V8 fixed in version
3.24.35.10.
* Add a token to get search credit at Baidu.
* debian/rules, debian/control: Switch to using ninja instead of make to
build. Switch from CDBS to dh. Remove many old hacks.
* debian/patches/disable_gn.patch: disable broken GN before build. Temporary
hack.
* debian/chromium-browser.{postinst,prerm}, add debhelper token.
* debian/rules: Split compare function into arch-dep and arch-indep versions,
since they check different things.
* debian/rules: Use actual upstream orig tarball.
* debian/control: build-dep on coreutils so we can print the checksums, too.
-- Chad MILLER <email address hidden> Sun, 13 Apr 2014 22:04:02 -0400
Upload details
- Uploaded by:
- Chad Miller
- Uploaded to:
- Trusty
- Original maintainer:
- Ubuntu Developers
- Architectures:
- armhf armel i386 amd64 all
- Section:
- web
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| chromium-browser_34.0.1847.116.orig.tar.xz | 181.4 MiB | dd6579c170eecd8d1f366461575e9754e44200e0b9fefde20941e15cb6729711 |
| chromium-browser_34.0.1847.116-0ubuntu1~pkg1006.debian.tar.gz | 273.4 KiB | 312d2b1572fd6086b394a7d08bab8165a0abdb8d5f4bd6ad3a0e2d641ae88c34 |
| chromium-browser_34.0.1847.116-0ubuntu1~pkg1006.dsc | 2.3 KiB | b14122d82eb9881b6b10cc9afd3f420256820226c4218c7aa7bda7e6593a951f |
Available diffs
Binary packages built by this source
- chromium-browser: Chromium web browser, open-source version of Chrome
An open-source browser project that aims to build a safer, faster, and more
stable way for all Internet users to experience the web.
- chromium-browser-dbg: chromium-browser debug symbols
Debug symbols for the Chromium browser
- chromium-browser-l10n: chromium-browser language packages
An open-source browser project that aims to build a safer, faster, and more
stable way for all Internet users to experience the web.
.
This package contains language packages for 65 languages:
am, ar, ast, bg, bn, bs, ca, ca@valencia, cs, da, de, el, en-AU, en-GB, eo,
es-419, es, et, eu, fa, fil, fi, fr, gl, gu, he, hi, hr, hu, hy, ia, id, it,
ja, ka, kn, ko, ku, kw, lt, lv, ml, mr, ms, nb, nl, pl, pt-BR, pt-PT, ro, ru,
sk, sl, sr, sv, sw, ta, te, th, tr, ug, uk, vi, zh-CN, zh-TW
- chromium-chromedriver: WebDriver driver for the Chromium Browser
Chromedriver serves as a bridge between Chromium Browser and Selenium
WebDriver.
.
See https://sites. google. com/a/chromium. org/chromedrive r/ for details.
- chromium-chromedriver-dbg: chromium-chromedriver debug symbols
Debug symbols for the chromium-
chromedriver package.
- chromium-codecs-ffmpeg: Free ffmpeg codecs for the Chromium Browser
An open-source browser project that aims to build a safer, faster, and more
stable way for all Internet users to experience the web.
.
This package contains the multi-threaded ffmpeg codecs needed for the HTML5
<audio> and <video> tags. Only the free ogg, vorbis and theora codecs are
included. See chromium-codecs- ffmpeg- extra for additional codecs
- chromium-codecs-ffmpeg-dbg: chromium-codecs-ffmpeg debug symbols
Debug symbols for the free ffmpeg-mt codecs
- chromium-codecs-ffmpeg-extra: Extra ffmpeg codecs for the Chromium Browser
An open-source browser project that aims to build a safer, faster, and more
stable way for all Internet users to experience the web.
.
This package contains the multi-threaded ffmpeg codecs needed for the HTML5
<audio> and <video> tags. In addition to the patent-free ogg, vorbis and
theora codecs, aac/ac3/mpeg4audio/ h264/mov/ mp3 are also included. See
chromium-codecs- ffmpeg if you prefer only the patent-free codecs
- chromium-codecs-ffmpeg-extra-dbg: chromium-codecs-ffmpeg-extra debug symbols
Debug symbols for the extra ffmpeg-mt codecs
