Hello community, here is the log from the commit of package chromium for openSUSE:Factory checked in at 2014-09-08 21:28:47 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/chromium (Old) and /work/SRC/openSUSE:Factory/.chromium.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "chromium" Changes: -------- --- /work/SRC/openSUSE:Factory/chromium/chromium.changes 2014-08-21 16:16:05.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.chromium.new/chromium.changes 2014-09-08 21:29:20.000000000 +0200 @@ -1,0 +2,43 @@ +Mon Sep 1 07:33:24 UTC 2014 - tittiatc...@gmail.com + +- Switch to shared libraries as a global default. This hopefully + speeds up the builds a little and prevents out-of-memory on OBS +- Move the chrome sandbox binary to the main package and remove the + sub-package for it. This should resolve build issues when having + the debug flag on. + +------------------------------------------------------------------- +Sun Aug 31 00:39:34 UTC 2014 - josu...@t-online.de + +- add toolchain_linux_arm +- disable NaCl on ARM because it doesn't build +- add arm-webrtc-fix.patch +- add chromium-arm-r0.patch +- add skia.patch +- build components as shared libaries on arm + +------------------------------------------------------------------- +Wed Aug 27 11:53:24 UTC 2014 - tittiatc...@gmail.com + +- Update to Chromium 37.0.2062.94 + Security Fixes (bnc#893720) + * CVE-2014-3176, CVE-2014-3177: A combination of bugs in V8, IPC, + sync, and extensions that can lead to remote code execution + outside of the sandbox. + * CVE-2014-3168: Use-after-free in SVG + * CVE-2014-3169: Use-after-free in DOM + * CVE-2014-3170: Extension permission dialog spoofing + * CVE-2014-3171: Use-after-free in bindings + * CVE-2014-3172: Issue related to extension debugging + * CVE-2014-3173: Uninitialized memory read in WebGL + * CVE-2014-3174: Uninitialized memory read in Web Audio + * CVE-2014-3175: Various fixes from internal audits, fuzzing + and other initiatives + and 41 more security fixes for which no description was given + +- Drop the following patches as they are no longer required: + * chromium-23.0.1245-no-test-sources.patch + * no-download-nacl.diff + * chromium-no-courgette.patch + +------------------------------------------------------------------- Old: ---- chromium-23.0.1245-no-test-sources.patch chromium-36.0.1985.143.tar.xz chromium-no-courgette.patch no-download-nacl.diff New: ---- arm-webrtc-fix.patch chromium-37.0.2062.94.tar.xz chromium-arm-r0.patch skia.patch toolchain_linux_arm.tar ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ chromium.spec ++++++ --- /var/tmp/diff_new_pack.GWy3oh/_old 2014-09-08 21:29:43.000000000 +0200 +++ /var/tmp/diff_new_pack.GWy3oh/_new 2014-09-08 21:29:43.000000000 +0200 @@ -20,7 +20,7 @@ %define chromium_system_libs 0 Name: chromium -Version: 36.0.1985.143 +Version: 37.0.2062.94 Release: 0 Summary: Google's opens source browser project License: BSD-3-Clause and LGPL-2.1+ @@ -28,7 +28,8 @@ Url: http://code.google.com/p/chromium/ Source0: http://gsdview.appspot.com/chromium-browser-official/%{name}-%{version}.tar.xz Source1: toolchain_linux_x86.tar.bz2 -Source2: %{name}-rpmlintrc +Source2: toolchain_linux_arm.tar +Source3: %{name}-rpmlintrc Source30: master_preferences Source31: default_bookmarks.html Source99: chrome-wrapper @@ -46,28 +47,27 @@ Obsoletes: chromium-browser < %{version} Conflicts: otherproviders(chromium-browser) # There is no v8 for ppc and thus chromium won't run on ppc. For aarch64 certain buildrequires are missing (e.g. valgrind) -ExcludeArch: aarch64 ppc ppc64 ppc64le armv7hl +ExcludeArch: aarch64 ppc ppc64 ppc64le ## Start Patches # Many changes to the gyp systems so we can use system libraries -# PATCH-FIX-OPENSUSE Test sources have been removed to shrink the tarball -Patch1: chromium-23.0.1245-no-test-sources.patch # PATCH-FIX-OPENSUSE Make the 1-click-install ymp file always download [bnc#836059] -Patch2: exclude_ymp.diff -# PATCH-FIX-OPENSUSE Disable the download of the NaCl tarballs -Patch3: no-download-nacl.diff -# PATCH-FIX-OPENSUSE removes build part for courgette -Patch13: chromium-no-courgette.patch +Patch1: exclude_ymp.diff # PATCH-FIX-OPENSUSE enables reading of the master preference -Patch14: chromium-master-prefs-path.patch +Patch4: chromium-master-prefs-path.patch # PATCH-FIX-OPENSUSE Fix some includes specifically for the GCC version used -Patch20: chromium-gcc-fixes.patch +Patch5: chromium-gcc-fixes.patch # PATCH-FIX-UPSTREAM Add more charset aliases -Patch64: chromium-more-codec-aliases.patch +Patch6: chromium-more-codec-aliases.patch # PATCH-FIX-OPENSUSE Compile the sandbox with -fPIE settings -Patch66: chromium-sandbox-pie.patch +Patch7: chromium-sandbox-pie.patch # PATCH-FIX-OPENSUSE Adjust ldflags for better building -Patch67: adjust-ldflags-no-keep-memory.patch +Patch8: adjust-ldflags-no-keep-memory.patch + +# archlinux arm enhancement patches +Patch100: arm-webrtc-fix.patch +Patch101: chromium-arm-r0.patch +Patch102: skia.patch BuildRequires: alsa-devel BuildRequires: bison @@ -93,9 +93,11 @@ BuildRequires: libgnome-keyring-devel BuildRequires: libicu-devel >= 4.0 BuildRequires: libpulse-devel + %if !0%{?packman_bs} BuildRequires: ninja %endif +BuildRequires: libdrm-devel BuildRequires: pam-devel BuildRequires: pciutils-devel BuildRequires: pkg-config @@ -113,6 +115,8 @@ BuildRequires: pkgconfig(gconf-2.0) BuildRequires: pkgconfig(glib-2.0) BuildRequires: pkgconfig(gtk+-2.0) +BuildRequires: pkgconfig(libcrypto) +BuildRequires: pkgconfig(libexif) BuildRequires: pkgconfig(libexif) BuildRequires: pkgconfig(libudev) BuildRequires: pkgconfig(libxslt) @@ -193,7 +197,8 @@ Requires(pre): permissions Recommends: Chromium-password = %{version} -Requires: %{name}-suid-helper = %{version} +Obsoletes: %{name}-suid-helper < %{version} +Provides: %{name}-suid-helper = %{version} # Recommends the chromium-ffmpeg library (available from packman) Recommends: chromium-ffmpeg @@ -243,24 +248,6 @@ Gnome's Keyring. Please be aware that by this change the old password are no longer accessible and are also not converted to Gnome's Keyring. -%package suid-helper - -Summary: A suid helper to let a process willingly drop privileges on Linux -License: BSD-3-Clause and LGPL-2.1+ -Group: Productivity/Networking/Web/Browsers -Url: http://code.google.com/p/setuid-sandbox/ -Requires(pre): permissions - -%description suid-helper -t will allow a process to execute a target executable that will be able to drop privileges: - - * The suid sandbox will create a new PID namespace or will switch uid/gid to isolate the process - * a helper process, sharing the filesystem view of the existing process, will be created. It - will accept a request to chroot() the process to an empty directory - -This is convenient because an executable can be launched, load libraries and open files and get -chroot()-ed to an empty directory when it wants to drop filesystem access. - %package -n chromedriver Summary: WebDriver for Google Chrome/Chromium @@ -287,22 +274,24 @@ %prep %if !0%{?packman_bs} -%setup -q -n %{name}-%{version} -a 999 -a 998 -a 1 +%setup -q -n %{name}-%{version} -a 999 -a 998 -a 997 -a 1 -a 2 %else %setup -q -n %{name}-%{version} -a 999 -a 998 -a 997 %endif %patch1 -p0 -%patch2 -p0 -%patch3 -p0 -%patch64 -p0 -%patch13 -p0 -%patch14 -p0 -%patch20 -p0 -%patch66 -p0 -%patch67 -p0 +%patch6 -p0 +%patch4 -p0 +%patch5 -p0 +%patch7 -p0 +%patch8 -p0 #Upstream fixes +# archlinux arm enhancements +%patch100 -p0 +%patch101 -p0 +%patch102 -p0 + export PATH="$PATH":`pwd`/depot_tools %if !0%{?packman_bs} @@ -325,7 +314,9 @@ -Dremove_webcore_debug_symbols=1 -Dlogging_like_official_build=1 -Dlinux_fpic=1 - -Ddisable_sse2=1" + -Ddisable_sse2=1 + -Dcomponent=shared_library + -Dtoolkit_uses_gtk=0" %if 0%{?packman_bs} myconf+=" -Dffmpeg_branding=Chrome" @@ -340,6 +331,15 @@ myconf+=" -Dtarget_arch=x64" %endif +%ifarch %arm +myconf+=" -Dtarget_arch=arm + -Dsysroot= + -Ddisable_nacl=1" +%endif +%ifarch armv6hl armv7hl +myconf+=" -Darm_float_abi=hard" +%endif + %if 0%{?chromium_system_libs} myconf+=" -Duse_system_flac=1 -Duse_system_speex=1 @@ -457,10 +457,16 @@ %fdupes %{buildroot}%{_mandir}/man1/ # NaCl +%ifnarch %arm cp -a nacl_helper %{buildroot}%{_libdir}/chromium/ cp -a nacl_helper_bootstrap %{buildroot}%{_libdir}/chromium/ cp -a nacl_irt_*.nexe %{buildroot}%{_libdir}/chromium/ cp -a libppGoogleNaClPluginChrome.so %{buildroot}%{_libdir}/chromium/ +%endif + + # chromium components + mkdir -p %{buildroot}%{_libdir}/chromium/lib/ + cp -av lib/*.so %{buildroot}%{_libdir}/chromium/lib/ #libffmpegsumo cp -a libffmpegsumo.so %{buildroot}%{_libdir}/chromium/ @@ -508,16 +514,14 @@ # Add snipplets to update the GTK cache on package install. -%verifyscript suid-helper +%verifyscript %verify_permissions -e %{_prefix}/lib/chrome_sandbox -%post suid-helper -%set_permissions %{_prefix}/lib/chrome_sandbox - %post %icon_theme_cache_post %desktop_database_post "%_sbindir/update-alternatives" --install %{_bindir}/chromium chromium %{_libdir}/chromium/chromium-generic 10 +%set_permissions %{_prefix}/lib/chrome_sandbox %postun %icon_theme_cache_postun @@ -563,6 +567,7 @@ %files %defattr(-,root,root,-) +%verify(not mode) %{_prefix}/lib/chrome_sandbox %doc AUTHORS LICENSE %config %{_sysconfdir}/%{name} %config(noreplace) %{_sysconfdir}/default/chromium @@ -573,11 +578,11 @@ %{_datadir}/applications/*.desktop %{_datadir}/gnome-control-center/default-apps/chromium-browser.xml %{_datadir}/icons/hicolor/ +%{_prefix}/lib/chrome_sandbox %exclude %{_libdir}/chromium/libffmpegsumo.so %exclude %{_libdir}/chromium/chromium-kde %exclude %{_libdir}/chromium/chromium-gnome %exclude %{_libdir}/chromium/chromedriver -%exclude %{_libdir}/chromium/chrome-sandbox %_bindir/chromium %ghost %_sysconfdir/alternatives/chromium @@ -591,11 +596,6 @@ %files desktop-gnome %attr(755, root, root) %{_libdir}/chromium/chromium-gnome -%files suid-helper -%defattr(-,root,root,-) -%verify(not mode) %{_prefix}/lib/chrome_sandbox -%{_libdir}/chromium/chrome-sandbox - %files -n chromedriver %defattr(-,root,root,-) %{_libdir}/chromium/chromedriver ++++++ arm-webrtc-fix.patch ++++++ --- third_party/webrtc/system_wrappers/source/cpu_features.cc.orig 2014-01-15 18:38:50.331954791 -0700 +++ third_party/webrtc/system_wrappers/source/cpu_features.cc 2014-01-15 18:38:37.902004379 -0700 @@ -18,6 +18,47 @@ #include "webrtc/typedefs.h" +#include <elf.h> +#ifdef __arm__ +#include <fcntl.h> +#include <unistd.h> +#include <linux/auxvec.h> +#include <asm/hwcap.h> +#endif + +#ifdef __arm__ +uint64_t WebRtc_GetCPUFeaturesARM() { + static bool detected = false; + static uint64_t have_neon = 0; + + int fd; + Elf32_auxv_t auxv; + unsigned int hwcaps; + + if (!detected) { + int fd; + Elf32_auxv_t auxv; + unsigned int hwcaps; + + fd = open("/proc/self/auxv", O_RDONLY); + if (fd >= 0) { + while (read(fd, &auxv, sizeof(Elf32_auxv_t)) == sizeof(Elf32_auxv_t)) { + if (auxv.a_type == AT_HWCAP) { + have_neon = (auxv.a_un.a_val & HWCAP_NEON) ? kCPUFeatureNEON : 0; + break; + } + } + close (fd); + } else { + have_neon = 0; + } + detected = true; + } + + return 0 | have_neon; // others here as we need them +} +#endif + // No CPU feature is available => straight C path. int GetCPUInfoNoASM(CPUFeature feature) { (void)feature; ++++++ chromium-36.0.1985.143.tar.xz -> chromium-37.0.2062.94.tar.xz ++++++ /work/SRC/openSUSE:Factory/chromium/chromium-36.0.1985.143.tar.xz /work/SRC/openSUSE:Factory/.chromium.new/chromium-37.0.2062.94.tar.xz differ: char 26, line 1 ++++++ chromium-arm-r0.patch ++++++ --- third_party/icu/icu.gyp.orig 2014-05-20 19:17:22.879538568 -0600 +++ third_party/icu/icu.gyp 2014-05-20 19:19:42.204032167 -0600 @@ -30,7 +30,7 @@ }], ['(OS=="linux" or OS=="freebsd" or OS=="openbsd" or OS=="solaris" \ or OS=="netbsd" or OS=="mac" or OS=="android" or OS=="qnx") and \ - (target_arch=="arm" or target_arch=="ia32" or \ + (target_arch=="ia32" or \ target_arch=="mipsel")', { 'target_conditions': [ ['_toolset=="host"', { ++++++ skia.patch ++++++ --- skia/skia_library_opts.gyp.orig 2014-04-10 07:06:03.181637221 -0600 +++ skia/skia_library_opts.gyp 2014-04-10 07:06:55.256436603 -0600 @@ -123,6 +123,7 @@ '../third_party/skia/src/opts/SkMorphology_opts_arm.cpp', '../third_party/skia/src/opts/SkUtils_opts_arm.cpp', '../third_party/skia/src/opts/SkXfermode_opts_none.cpp', + '../third_party/skia/src/opts/memset.arm.S', ], }], [ 'target_arch == "mipsel"',{ ++++++ toolchain_linux_x86.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/chromium/toolchain_linux_x86.tar.bz2 /work/SRC/openSUSE:Factory/.chromium.new/toolchain_linux_x86.tar.bz2 differ: char 11, line 1 -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org