[Desktop-packages] [Bug 1069930] Re: chromium-browser package lacks chromedriver binary

[Launchpad Bug Tracker]

This bug was fixed in the package chromium-browser -
24.0.1312.56-0ubuntu1

---------------
chromium-browser (24.0.1312.56-0ubuntu1) raring-proposed; urgency=low

  * Add comment-markers to debian/patches/series file to make patch import
    easier.
  * debian/patches/gyp-config-root.patch
    - Added. Avoids compilation bug on (at least) ARM.
  * debian/patches/arm-neon.patch
    - Added function to determine NEON functionality in ARM at runtime for
      WebRt library in WebKit.
  * Update README.source to include some of these changes.
  * Set new URL for channel-release info in rules file.
  * debian/chromium-browser.install
    - No longer install demo extension
    - Install remoting locales
  * debian/patches/chromium_useragent.patch.in renamed to drop ".in",
    OS "Ubuntu" hardcoded with no compilation-release name, and patch
    refreshed to follow new location of source.  Also remove it
    from the list of ephemeral files that "clean" rule removes.
  * In debian/rules, use "-delete" flag on find instead of "-exec rm {} \;",
    to be safer and faster.
  * Make most patches follow a common format (no timestamps or Index lines), to
    avoid future churn.
  * Write the "REMOVED" list files to the root of the orig tarball,
    instead of inside the src/ directory, where they could collide.
  * Fix dpkg-source warning: Clean up python cached bytecode files.
  * Also don't include python bytecode or cache files in orig tarball,
    and clean then up on "clean" rule.
  * Fix dpkg-source warning: Remove autoconf cache.
  * Fix lintian warning: fta and micahg to XSBC-Original-Maintainer.
  * Fix lintian error not-binnmuable-all-depends-any.
  * Override lintian complaints ancient-autotools-helper-file and
    unused-build-dependency-on-cdbs.
  * Drop "lzma" from build dependencies.
  * Set default binary and source package compression to xz. If
    building for Ubuntu 10.04, then make binary's compression to bzip2.
  * List explicit architectures that Chromium supports, instead of "any".
    Cr {arm ia32 x64} map into Debian {armhf armel i386 amd64}.
  * debian/patches/arm-neon.patch added to get ARM w/o Neon support.
    (LP: #1084852)
  * Add chromedriver packaging. (LP: #1069930) Thanks to
    John Rigby <john.ri...@linaro.org>
  * In debian/rules, avoid creating invalid subst expression in sed
    of DEBIAN* vars into files.
  * Note localization in package description for support for ast, bs, en-AU,
    eo, hy, ia, ka, ku, kw, ms.
  * No longer include Launchpad-generated translations.  Disable patch
    grd_parse_fix.patch .
  * Set default binary and source package compression to xz. If
    building for Ubuntu 10.04, then make binary's compression to bzip2.
  * No longer expect unpacked tarball to contain "build-tree".
  * Fix build warning about missing debian/source/format.  Set to "3.0
    (quilt)".
  * Remove unnecessary glib-header-single-entry.patch .
  * Manually set DEB_{BUILD,HOST}_ARCH when not already set, like when the
    executing program is not dpkg-buildpackage.
  * Make rules file generate LASTCHANGE file at new location.
  * Change get-sources command to kill script when it fails to disable
    gyp-chromium run from DEPS. Never fail silently again.
  * Add patches/struct-siginfo.patch to work around source bug in dereferencing
    internal stuct instead of public type.
  * Drop SCM revision from the version.
  * Refresh patches from lp:unity-chromium-extension .
  * Make all patches follow a common format, to avoid future churn.
    No timestamps, a/b parent, sorted, no index.
  * New upstream version 24.0.1312.56:
    - CVE-2013-0839: Use-after-free in canvas font handling.
    - CVE-2013-0840: Missing URL validation when opening new windows.
    - CVE-2013-0841: Unchecked array index in content blocking.
    - CVE-2013-0842: Problems with NULL characters embedded in paths.
  * New upstream version 24.0.1312.52:  (LP: #1099075)
    - CVE-2012-5145: Use-after-free in SVG layout. Credit to Atte Kettunen of
      OUSPG.
    - CVE-2012-5146: Same origin policy bypass with malformed URL. Credit to
      Erling A Ellingsen and Subodh Iyengar, both of Facebook.
    - CVE-2012-5147: Use-after-free in DOM handling. Credit to José A. Vázquez.
    - CVE-2012-5148: Missing filename sanitization in hyphenation support.
      Credit to Google Chrome Security Team (Justin Schuh).
    - CVE-2012-5149: Integer overflow in audio IPC handling. Credit to Google
      Chrome Security Team (Chris Evans).
    - CVE-2012-5150: Use-after-free when seeking video. Credit to Google Chrome
      Security Team (Inferno).
    - CVE-2012-5151: Integer overflow in PDF JavaScript. Credit to Mateusz
      Jurczyk, with contribution from Gynvael Coldwind, both of Google Security
      Team.
    - CVE-2012-5152: Out-of-bounds read when seeking video. Credit to Google
      Chrome Security Team (Inferno).
    - CVE-2012-5153: Out-of-bounds stack access in v8. Credit to Andreas
      Rossberg of the Chromium development community.
    - CVE-2012-5156: Use-after-free in PDF fields. Credit to Mateusz Jurczyk,
      with contribution from Gynvael Coldwind, both of Google Security Team.
    - CVE-2012-5157: Out-of-bounds reads in PDF image handling. Credit to
      Mateusz Jurczyk, with contribution from Gynvael Coldwind, both of Google
      Security Team.
    - CVE-2013-0828: Bad cast in PDF root handling. Credit to Mateusz Jurczyk,
      with contribution from Gynvael Coldwind, both of Google Security Team.
    - CVE-2013-0829: Corruption of database metadata leading to incorrect file
      access. Credit to Google Chrome Security Team (Jüri Aedla).
    - CVE-2013-0830: Missing NUL termination in IPC. Credit to Google Chrome
      Security Team (Justin Schuh).
    - CVE-2013-0831: Possible path traversal from extension process. Credit to
      Google Chrome Security Team (Tom Sepez).
    - CVE-2013-0832: Use-after-free with printing. Credit to Google Chrome
      Security Team (Cris Neckar).
    - CVE-2013-0833: Out-of-bounds read with printing. Credit to Google Chrome
      Security Team (Cris Neckar).
    - CVE-2013-0834: Out-of-bounds read with glyph handling. Credit to Google
      Chrome Security Team (Cris Neckar).
    - CVE-2013-0835: Browser crash with geolocation. Credit to Arthur Gerkis.
    - CVE-2013-0836: Crash in v8 garbage collection. Credit to Google Chrome
      Security Team (Cris Neckar).
    - CVE-2013-0837: Crash in extension tab handling. Credit to Tom Nielsen.
    - CVE-2013-0838: Tighten permissions on shared memory segments. Credit to
      Google Chrome Security Team (Chris Palmer).
  * New upstream version 23.0.1271.97
    - CVE-2012-5139: Use-after-free with visibility events.
    - CVE-2012-5140: Use-after-free in URL loader.
    - CVE-2012-5141: Limit Chromoting client plug-in instantiation.
    - CVE-2012-5142: Crash in history navigation.
    - CVE-2012-5143: Integer overflow in PPAPI image buffers.
    - CVE-2012-5144: Stack corruption in AAC decoding.
  * New upstream version 23.0.1271.95
    - CVE-2012-5138: Incorrect file path handling.
    - CVE-2012-5137: Use-after-free in media source handling.
  * New upstream version 23.0.1271.91
    - CVE-2012-5133: Use-after-free in SVG filters.
    - CVE-2012-5130: Out-of-bounds read in Skia.
    - CVE-2012-5132: Browser crash with chunked encoding.
    - CVE-2012-5134: Buffer underflow in libxml.
    - CVE-2012-5135: Use-after-free with printing.
    - CVE-2012-5136: Bad cast in input element handling.
  * Includes CVE fixes for 23.0.1271.64
    - CVE-2012-5127: Integer overflow leading to out-of-bounds read in WebP
      handling.
    - CVE-2012-5120: Out-of-bounds array access in v8.
    - CVE-2012-5116: Use-after-free in SVG filter handling.
    - CVE-2012-5121: Use-after-free in video layout.
    - CVE-2012-5117: Inappropriate load of SVG subresource in img context.
    - CVE-2012-5119: Race condition in Pepper buffer handling.
    - CVE-2012-5122: Bad cast in input handling.
    - CVE-2012-5123: Out-of-bounds reads in Skia.
    - CVE-2012-5124: Memory corruption in texture handling.
    - CVE-2012-5125: Use-after-free in extension tab handling.
    - CVE-2012-5126: Use-after-free in plug-in placeholder handling.
    - CVE-2012-5128: Bad write in v8.
  * Disable lintian warnings about outdated autoconf files in source tree.
 -- Chad Miller <chad.mil...@canonical.com>   Wed, 23 Jan 2013 13:43:34 -0500

** Changed in: chromium-browser (Ubuntu)
       Status: Fix Committed => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-5116

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-5117

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-5119

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-5120

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-5121

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-5122

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-5123

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-5124

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-5125

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-5126

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-5127

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-5128

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-5130

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-5132

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-5133

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-5134

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-5135

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-5136

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-5137

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-5138

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-5139

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-5140

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-5141

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-5142

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-5143

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-5144

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-5145

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-5146

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-5147

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-5148

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-5149

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-5150

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-5151

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-5152

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-5153

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-5156

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-5157

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-0828

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-0829

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-0830

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-0831

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-0832

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-0833

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-0834

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-0835

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-0836

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-0837

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-0838

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-0839

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-0840

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-0841

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-0842

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to chromium-browser in Ubuntu.
https://bugs.launchpad.net/bugs/1069930

Title:
  chromium-browser package lacks chromedriver binary

Status in “chromium-browser” package in Ubuntu:
  Fix Released

Bug description:
  Packaging for chromium-browser does not build the chromedriver binary
  which is needed for remote browser control via Selenium WebDriver.
  Binaries for i386 and amd64 are available for download however there
  is nothing for armel or armhf so adding this to the deb would be very
  useful.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1069930/+subscriptions

-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to     : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp