commit acfbccac4324b8ee52a60979cca958e984e71163
Author: Elan Ruusamäe <[email protected]>
Date: Tue Mar 5 20:45:17 2013 +0200
up to 25.0.1364.152
Security fixes and rewards:
- [$1000] [176882] High CVE-2013-0902: Use-after-free in frame loader.
Credit to Chamal de Silva.
- [$1000] [176252] High CVE-2013-0903: Use-after-free in browser navigation
handling. Credit to “chromium.khalil”.
- [$2000] [172926] [172331] High CVE-2013-0904: Memory corruption in Web
Audio. Credit to Atte Kettunen of OUSPG.
- [$1000] [168982] High CVE-2013-0905: Use-after-free with SVG animations.
Credit to Atte Kettunen of OUSPG.
- [174895] High CVE-2013-0906: Memory corruption in Indexed DB. Credit to
Google Chrome Security Team (Jüri Aedla).
- [174150] Medium CVE-2013-0907: Race condition in media thread handling.
Credit to Andrew Scherkus of the Chromium development community.
- [174059] Medium CVE-2013-0908: Incorrect handling of bindings for
extension processes.
- [173906] Low CVE-2013-0909: Referer leakage with XSS Auditor. Credit to
Egor Homakov.
- [172573] Medium CVE-2013-0910: Mediate renderer -> browser plug-in loads
more strictly. Credit to Google Chrome Security Team (Chris Evans).
- [172264] High CVE-2013-0911: Possible path traversal in database
handling. Credit to Google Chrome Security Team (Jüri Aedla).
http://googlechromereleases.blogspot.com/2013/03/stable-channel-update_4.html
chromium-browser.spec | 4 ++--
clean-source.sh | 2 ++
2 files changed, 4 insertions(+), 2 deletions(-)
---
diff --git a/chromium-browser.spec b/chromium-browser.spec
index 4c3cebe..b4b582e 100644
--- a/chromium-browser.spec
+++ b/chromium-browser.spec
@@ -58,7 +58,7 @@
%define branch 25.0.1364
%define basever 97
-#define patchver 70
+%define patchver 152
%define gyp_rev 1014
Summary: A WebKit powered web browser
Name: chromium-browser
@@ -74,7 +74,7 @@ Source0:
http://carme.pld-linux.org/~glen/chromium-browser/src/stable/%{name}-%{
# Source0-md5: d005fc9e50c28a2e3c71eee7310417f4
%if "%{?patchver}" != ""
Patch0:
http://carme.pld-linux.org/~glen/chromium-browser/src/stable/%{name}-%{version}.patch.xz
-# Patch0-md5: 37675cd75c578d26d6210259877f3947
+# Patch0-md5: 73f5e92431ee5c080a114a6559386dd0
%endif
Source1: %{name}.default
Source2: %{name}.sh
diff --git a/clean-source.sh b/clean-source.sh
index c75b0bd..4086602 100755
--- a/clean-source.sh
+++ b/clean-source.sh
@@ -432,6 +432,7 @@ remove_nonessential_dirs() {
'!' -path 'base/win/windows_version.h' \
'!' -path 'build/android/cpufeatures.gypi' \
'!' -path 'chrome/browser/chromeos/contacts/contact.proto' \
+ '!' -path 'chrome/browser/chromeos/login/*.h' \
'!' -path 'chrome/browser/chromeos/settings/cros_settings.h' \
'!' -path
'chrome/browser/chromeos/settings/cros_settings_names.h' \
'!' -path
'chrome/browser/chromeos/settings/cros_settings_provider.h' \
@@ -569,6 +570,7 @@ clean_third_party() {
\! -path 'third_party/v8/*' \
\! -path 'third_party/webrtc/*' \
\! -path 'third_party/widevine/*' \
+ \! -path 'third_party/x86inc/*' \
-print -delete
rm -vf third_party/expat/files/lib/expat.h
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/chromium-browser.git/commitdiff/acfbccac4324b8ee52a60979cca958e984e71163
_______________________________________________
pld-cvs-commit mailing list
[email protected]
http://lists.pld-linux.org/mailman/listinfo/pld-cvs-commit
