commit chromium for openSUSE:Factory

Tue, 08 Mar 2016 01:19:29 -0800 

Hello community,

here is the log from the commit of package chromium for openSUSE:Factory 
checked in at 2016-03-08 09:39:07
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/chromium (Old)
 and      /work/SRC/openSUSE:Factory/.chromium.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "chromium"

Changes:
--------
--- /work/SRC/openSUSE:Factory/chromium/chromium.changes        2016-02-23 
16:58:57.000000000 +0100
+++ /work/SRC/openSUSE:Factory/.chromium.new/chromium.changes   2016-03-08 
10:18:19.000000000 +0100
@@ -1,0 +2,24 @@
+Fri Mar  4 10:49:51 UTC 2016 - tittiatc...@gmail.com
+
+- Update to Chromium 49.0.2623.75
+  * 26 security fixes, with the most important ones being:
+    - CVE-2016-1630: Same-origin bypass in Blink
+    - CVE-2016-1631: Same-origin bypass in Pepper Plugin
+    - CVE-2016-1632: Bad cast in Extensions
+    - CVE-2016-1633: Use-after-free in Blink
+    - CVE-2016-1634: Use-after-free in Blink
+    - CVE-2016-1635: Use-after-free in Blink
+    - CVE-2016-1636: SRI Validation Bypass
+    - CVE-2015-8126: Out-of-bounds access in libpng
+    - CVE-2016-1637: Information Leak in Skia
+    - CVE-2016-1638: WebAPI Bypass
+    - CVE-2016-1639: Use-after-free in WebRTC
+    - CVE-2016-1640: Origin confusion in Extensions UI
+    - CVE-2016-1641: Use-after-free in Favicon
+    - CVE-2016-1642: Various fixes from internal audits, fuzzing 
+                     and other initiatives
+    - Multiple vulnerabilities in V8 fixed at the tip of the 4.9 
+      branch (currently 4.9.385.26)
+     (boo#969333)
+
+-------------------------------------------------------------------

Old:
----
  chromium-48.0.2564.116.tar.xz

New:
----
  chromium-49.0.2623.75.tar.xz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ chromium.spec ++++++
--- /var/tmp/diff_new_pack.Ev35zQ/_old  2016-03-08 10:18:32.000000000 +0100
+++ /var/tmp/diff_new_pack.Ev35zQ/_new  2016-03-08 10:18:32.000000000 +0100
@@ -18,7 +18,7 @@
 
 %define chromium_no_dlopen 1
 Name:           chromium
-Version:        48.0.2564.116
+Version:        49.0.2623.75
 Release:        0
 Summary:        Google's opens source browser project
 License:        BSD-3-Clause and LGPL-2.1+
@@ -94,6 +94,7 @@
 BuildRequires:  libgsm
 BuildRequires:  libgsm-devel
 BuildRequires:  libjack-devel
+BuildRequires:  libjpeg-devel
 BuildRequires:  libogg-devel
 BuildRequires:  liboil-devel >= 0.3.15
 BuildRequires:  libopenssl-devel
@@ -141,6 +142,7 @@
 BuildRequires:  pkgconfig(xscrnsaver)
 BuildRequires:  pkgconfig(xt)
 BuildRequires:  pkgconfig(xtst)
+BuildRequires:  pkgconfig(libffi)
 Requires:       alsa
 Requires:       ffmpegsumo
 Requires:       hicolor-icon-theme
@@ -279,6 +281,7 @@
                      -Denable_hotwording=0
                      -Duse_system_ffmpeg=0
                      -Dbuild_ffmpegsumo=1
+                     -Duse_system_libjpeg=1
                      -Dproprietary_codecs=1
                      -Dremove_webcore_debug_symbols=1
                      -Dlogging_like_official_build=1
@@ -314,7 +317,8 @@
 myconf+=" -Darm_float_abi=hard"
 %endif
 
-myconf+=" -Dclang=0"
+myconf+=" -Dclang=0
+          -Duse_sysroot=0"
 
 %if 0%{?chromium_no_dlopen}
 myconf+=" -Duse_pulseaudio=1


++++++ adjust-ldflags-no-keep-memory.patch ++++++
--- /var/tmp/diff_new_pack.Ev35zQ/_old  2016-03-08 10:18:32.000000000 +0100
+++ /var/tmp/diff_new_pack.Ev35zQ/_new  2016-03-08 10:18:32.000000000 +0100
@@ -1,8 +1,8 @@
 --- chrome/chrome_exe.gypi.ldflags     2012-06-28 09:02:24.000000000 -0400
 +++ chrome/chrome_exe.gypi     2012-07-06 15:46:13.008003437 -0400
-@@ -75,6 +75,14 @@
-         'app/signature_validator_win.cc',
-         'app/signature_validator_win.h',
+@@ -76,6 +76,14 @@
+         'app/main_dll_loader_win.cc',
+         'app/main_dll_loader_win.h',
        ],
 +      # Hey, I know what would be an awesome idea.
 +      # Let us statically compile EVERYTHING into one giant

++++++ chromium-48.0.2564.116.tar.xz -> chromium-49.0.2623.75.tar.xz ++++++
/work/SRC/openSUSE:Factory/chromium/chromium-48.0.2564.116.tar.xz 
/work/SRC/openSUSE:Factory/.chromium.new/chromium-49.0.2623.75.tar.xz differ: 
char 26, line 1


++++++ chromium-gcc-fixes.patch ++++++
--- /var/tmp/diff_new_pack.Ev35zQ/_old  2016-03-08 10:18:32.000000000 +0100
+++ /var/tmp/diff_new_pack.Ev35zQ/_new  2016-03-08 10:18:32.000000000 +0100
@@ -1,20 +1,8 @@
-Index: chromium/src/base/debug/stack_trace.h
-===================================================================
---- base/debug/stack_trace.h
-+++ base/debug/stack_trace.h
-@@ -5,6 +5,7 @@
- #ifndef BASE_DEBUG_STACK_TRACE_H_
- #define BASE_DEBUG_STACK_TRACE_H_
- 
-+#include <stdint.h>
- #include <iosfwd>
- #include <string>
- 
 Index: chromium/src/third_party/skia/src/ports/SkFontHost_fontconfig.cpp
 ===================================================================
 --- third_party/skia/src/ports/SkFontHost_fontconfig.cpp
 +++ third_party/skia/src/ports/SkFontHost_fontconfig.cpp
-@@ -14,6 +14,7 @@
+@@ -11,6 +11,7 @@
  #include "SkStream.h"
  #include "SkTypeface.h"
  #include "SkTypefaceCache.h"

++++++ gcc50-fixes.diff ++++++
--- /var/tmp/diff_new_pack.Ev35zQ/_old  2016-03-08 10:18:32.000000000 +0100
+++ /var/tmp/diff_new_pack.Ev35zQ/_new  2016-03-08 10:18:32.000000000 +0100
@@ -1,49 +1,12 @@
---- build/compiler_version.py  2015-06-17 21:51:42.871082412 +0200
-+++ build/compiler_version.py  2015-06-17 21:51:42.871082412 +0200
-@@ -56,7 +56,7 @@
-     if tool == "compiler":
-       compiler = compiler + " -dumpversion"
-       # 4.6
--      version_re = re.compile(r"(\d+)\.(\d+)")
-+      version_re = re.compile(r"(\d+)")
-     elif tool == "assembler":
-       compiler = compiler + " -Xassembler --version -x assembler -c /dev/null"
-       # Unmodified: GNU assembler (GNU Binutils) 2.24
-@@ -88,7 +88,11 @@
-       raise subprocess.CalledProcessError(pipe.returncode, compiler)
- 
-     parsed_output = version_re.match(tool_output)
--    result = parsed_output.group(1) + parsed_output.group(2)
-+    if tool == "compiler":
-+      result = parsed_output.group(1) + "1"
-+    else:
-+      result = parsed_output.group(1) + parsed_output.group(2)
-+
-     compiler_version_cache[cache_key] = result
-     return result
-   except Exception, e:
---- native_client/build/compiler_version.py    2015-06-17 21:51:42.871082412 
+0200
-+++ native_client/build/compiler_version.py    2015-06-17 21:51:42.871082412 
+0200
-@@ -56,7 +56,7 @@
-     if tool == "compiler":
-       compiler = compiler + " -dumpversion"
-       # 4.6
--      version_re = re.compile(r"(\d+)\.(\d+)")
-+      version_re = re.compile(r"(\d+)")
-     elif tool == "assembler":
-       compiler = compiler + " -Xassembler --version -x assembler -c /dev/null"
-       # Unmodified: GNU assembler (GNU Binutils) 2.24
-@@ -88,7 +88,11 @@
-       raise subprocess.CalledProcessError(pipe.returncode, compiler)
- 
-     parsed_output = version_re.match(tool_output)
--    result = parsed_output.group(1) + parsed_output.group(2)
-+    if tool == "compiler":
-+      result = parsed_output.group(1) + "1"
-+    else:
-+      result = parsed_output.group(1) + parsed_output.group(2)
-+
-     compiler_version_cache[cache_key] = result
-     return result
-   except Exception, e:
+--- base/base.gyp    2016-01-31 14:16:00.093684925 +0100
++++ base/base.gyp    2016-01-31 14:16:00.093684925 +0100
+@@ -123,6 +123,8 @@
+               '-lrt',
+               # For 'native_library_linux.cc'
+               '-ldl',
++              # Required to fix a gcc issue with atomic
++              '-latomic',
+             ],
+           },
+           'conditions': [

Reply via email to