Hello community, here is the log from the commit of package chromium for openSUSE:Factory checked in at 2015-12-14 10:14:10 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/chromium (Old) and /work/SRC/openSUSE:Factory/.chromium.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "chromium" Changes: -------- --- /work/SRC/openSUSE:Factory/chromium/chromium.changes 2015-11-15 12:47:38.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.chromium.new/chromium.changes 2015-12-14 10:14:52.000000000 +0100 @@ -1,0 +2,53 @@ +Thu Dec 10 07:11:29 UTC 2015 - [email protected] + +- Update to Chromium 47.0.2526.80 + * Security fixes + - CVE-2015-6788: Type confusion in extensions + - CVE-2015-6789: Use-after-free in Blink + - CVE-2015-6790: Escaping issue in saved pages + - CVE-2015-6791: Various fixes from internal audits, fuzzing + and other initiatives + +- Drop unused patch fix-clang.diff. +------------------------------------------------------------------- +Sat Dec 5 10:40:00 UTC 2015 - [email protected] + +- Enable the possibility to utilize the Widevine plugin + within chromium. (boo#954103) + * Add patch: fix_building_widevinecdm_with_chromium.patch + +------------------------------------------------------------------- +Wed Dec 2 18:49:23 UTC 2015 - [email protected] + +- Update to Chromium 47.0.2526.73 + * Security fixes (boo#957519) + - CVE-2015-6765: Use-after-free in AppCache + - CVE-2015-6766: Use-after-free in AppCache + - CVE-2015-6767: Use-after-free in AppCache + - CVE-2015-6768: Cross-origin bypass in DOM + - CVE-2015-6769: Cross-origin bypass in core + - CVE-2015-6770: Cross-origin bypass in DOM + - CVE-2015-6771: Out of bounds access in v8 + - CVE-2015-6772: Cross-origin bypass in DOM + - CVE-2015-6764: Out of bounds access in v8 + - CVE-2015-6773: Out of bounds access in Skia + - CVE-2015-6774: Use-after-free in Extensions + - CVE-2015-6775: Type confusion in PDFium + - CVE-2015-6776: Out of bounds access in PDFium + - CVE-2015-6777: Use-after-free in DOM + - CVE-2015-6778: Out of bounds access in PDFium + - CVE-2015-6779: Scheme bypass in PDFium + - CVE-2015-6780: Use-after-free in Infobars + - CVE-2015-6781: Integer overflow in Sfntly + - CVE-2015-6782: Content spoofing in Omnibox + - CVE-2015-6783: Signature validation issue in + Android Crazy Linker. + - CVE-2015-6784: Escaping issue in saved pages + - CVE-2015-6785: Wildcard matching issue in CSP + - CVE-2015-6786: Scheme bypass in CSP + - CVE-2015-6787: Various fixes from internal audits, fuzzing + and other initiatives. + - Multiple vulnerabilities in V8 fixed at the tip of the + 4.7 branch (currently 4.7.80.23) + +------------------------------------------------------------------- Old: ---- chromium-46.0.2490.86.tar.xz New: ---- chromium-47.0.2526.80.tar.xz fix_building_widevinecdm_with_chromium.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ chromium.spec ++++++ --- /var/tmp/diff_new_pack.ITRjx0/_old 2015-12-14 10:15:19.000000000 +0100 +++ /var/tmp/diff_new_pack.ITRjx0/_new 2015-12-14 10:15:19.000000000 +0100 @@ -17,10 +17,10 @@ %define chromium_no_dlopen 1 -%define chromium_system_libs 0 +%define chromium_system_libs 1 Name: chromium -Version: 46.0.2490.86 +Version: 47.0.2526.80 Release: 0 Summary: Google's opens source browser project License: BSD-3-Clause and LGPL-2.1+ @@ -67,6 +67,8 @@ Patch10: gcc50-fixes.diff # PATCH-FIX-OPENSUSE chromium-46.0.2490.71-fix-missing-i18n_process_css_test.patch - file was removed Patch11: chromium-46.0.2490.71-fix-missing-i18n_process_css_test.patch +# PATCH-FIX-OPENSUSE fix_building_widevinecdm_with_chromium.patch - Enable WideVine plugin +Patch12: fix_building_widevinecdm_with_chromium.patch # archlinux arm enhancement patches Patch100: arm-webrtc-fix.patch @@ -95,7 +97,7 @@ BuildRequires: libexpat-devel BuildRequires: libgcrypt-devel BuildRequires: libgnome-keyring-devel -BuildRequires: libicu-devel >= 4.0 +BuildRequires: libopenssl-devel BuildRequires: libpulse-devel %if !0%{?packman_bs} @@ -164,32 +166,32 @@ Requires: update-alternatives Requires: xdg-utils -#Requirements to build a fully functional ffmpeg -# This can only be done on packman OBS -%if 0%{?packman_bs} BuildRequires: SDL-devel BuildRequires: dirac-devel >= 1.0.0 BuildRequires: imlib2-devel BuildRequires: libdc1394 BuildRequires: libdc1394-devel -BuildRequires: libfaac-devel >= 1.28 BuildRequires: libgsm BuildRequires: libgsm-devel BuildRequires: libjack-devel -BuildRequires: libmp3lame-devel BuildRequires: libogg-devel BuildRequires: liboil-devel >= 0.3.15 -BuildRequires: libopencore-amr-devel BuildRequires: libtheora-devel >= 1.1 BuildRequires: libvdpau-devel BuildRequires: libvorbis-devel BuildRequires: libvpx-devel -BuildRequires: libx264-devel -BuildRequires: libxvidcore-devel BuildRequires: ncurses-devel BuildRequires: schroedinger-devel BuildRequires: slang-devel BuildRequires: texinfo +#Requirements to build a fully functional ffmpeg +# This can only be done on packman OBS +%if 0%{?packman_bs} +BuildRequires: libfaac-devel >= 1.28 +BuildRequires: libmp3lame-devel +BuildRequires: libopencore-amr-devel +BuildRequires: libx264-devel +BuildRequires: libxvidcore-devel %endif Requires(pre): permissions @@ -286,6 +288,7 @@ %patch10 -p0 %endif %patch11 -p1 +%patch12 -p1 #Upstream fixes @@ -305,7 +308,6 @@ myconf+="-Dwerror= -Dlinux_sandbox_chrome_path=%{_libdir}/chromium/chromium -Denable_hotwording=0 - -Duse_openssl=0 -Duse_system_ffmpeg=0 -Dbuild_ffmpegsumo=1 -Dproprietary_codecs=1 @@ -314,17 +316,23 @@ -Dlinux_fpic=1 -Ddisable_sse2=1 -Dcomponent=shared_library - -Dclang=0 - -Dtoolkit_uses_gtk=0" + -Dtoolkit_uses_gtk=0 + -Denable_pepper_cdms=1 + -Denable_webrtc=1 + -Denable_widevine=1" %if 0%{?packman_bs} -myconf+=" -Dffmpeg_branding=Chrome" +myconf+=" -Dffmpeg_branding=Chrome + -Dclang=0" %endif myconf+=" -Ddisable_nacl=1" %ifarch x86_64 myconf+=" -Dtarget_arch=x64" +%else +myconf+=" -Dbinutils_dir=third_party/binutils/Linux_ia32/Release/bin + -Ddisable_fatal_linker_warnings=1" %endif %ifarch %arm @@ -336,27 +344,22 @@ myconf+=" -Darm_float_abi=hard" %endif +myconf+=" -Dclang=0" + %if 0%{?chromium_system_libs} myconf+=" -Duse_system_flac=1 -Duse_system_speex=1 -Duse_system_libexif=1 -Duse_system_libevent=1 -Duse_system_libmtp=1 - -Duse_system_opus=1 -Duse_system_bzip2=1 - -Duse_system_harfbuzz=1 -Duse_system_libjpeg=1 -Duse_system_libpng=1 -Duse_system_libxslt=1 -Duse_system_libyuv=1 -Duse_system_nspr=1 - -Duse_system_protobuf=1 -Duse_system_yasm=1" -%if 0%{?suse_version} > 1230 -myconf+=" -Duse_system_icu=1" -%endif - %endif %if 0%{?chromium_no_dlopen} ++++++ chromium-46.0.2490.86.tar.xz -> chromium-47.0.2526.80.tar.xz ++++++ /work/SRC/openSUSE:Factory/chromium/chromium-46.0.2490.86.tar.xz /work/SRC/openSUSE:Factory/.chromium.new/chromium-47.0.2526.80.tar.xz differ: char 26, line 1 ++++++ fix_building_widevinecdm_with_chromium.patch ++++++ Index: beta.wily/chrome/common/chrome_content_client.cc =================================================================== --- beta.wily.orig/chrome/common/chrome_content_client.cc +++ beta.wily/chrome/common/chrome_content_client.cc @@ -158,10 +158,7 @@ void ComputeBuiltInPlugins(std::vector<c widevine_cdm.is_out_of_process = true; widevine_cdm.path = path; widevine_cdm.name = kWidevineCdmDisplayName; - widevine_cdm.description = kWidevineCdmDescription + - std::string(" (version: ") + - WIDEVINE_CDM_VERSION_STRING + ")"; - widevine_cdm.version = WIDEVINE_CDM_VERSION_STRING; + widevine_cdm.description = kWidevineCdmDescription; content::WebPluginMimeType widevine_cdm_mime_type( kWidevineCdmPluginMimeType, kWidevineCdmPluginExtension, ++++++ gcc50-fixes.diff ++++++ --- /var/tmp/diff_new_pack.ITRjx0/_old 2015-12-14 10:15:19.000000000 +0100 +++ /var/tmp/diff_new_pack.ITRjx0/_new 2015-12-14 10:15:19.000000000 +0100 @@ -47,26 +47,3 @@ return result except Exception, e: -Index: third_party/WebKit/Source/core/events/DragEvent.h -diff --git a/third_party/WebKit/Source/core/events/DragEvent.h b/third_party/WebKit/Source/core/events/DragEvent.h -index f4f7ea81dcacc353ec61ac40b0d45c0971127365..66e05a9f154f3584a688933bb5d8adb4e1260454 100644 ---- third_party/WebKit/Source/core/events/DragEvent.h -+++ third_party/WebKit/Source/core/events/DragEvent.h -@@ -5,6 +5,7 @@ - #ifndef DragEvent_h - #define DragEvent_h - -+#include "core/CoreExport.h" - #include "core/events/DragEventInit.h" - #include "core/events/MouseEvent.h" - -@@ -12,7 +13,7 @@ namespace blink { - - class DataTransfer; - --class DragEvent final : public MouseEvent { -+class CORE_EXPORT DragEvent final : public MouseEvent { - DEFINE_WRAPPERTYPEINFO(); - - public: - \ No newline at end of file
