chromium-browser 38.0.2125.111-0ubuntu0.14.04.1.1061 source package in Ubuntu
Changelog
chromium-browser (38.0.2125.111-0ubuntu0.14.04.1.1061) trusty-security; urgency=medium * Upstream release 38.0.2125.111. * Upstream release 38.0.2125.104. * Upstream release 38.0.2125.101: (LP: #1310163) - CVE-2014-3188: A special thanks to Jüri Aedla for a combination of V8 and IPC bugs that can lead to remote code execution outside of the sandbox. - CVE-2014-3189: Out-of-bounds read in PDFium. - CVE-2014-3190: Use-after-free in Events. - CVE-2014-3191: Use-after-free in Rendering. - CVE-2014-3192: Use-after-free in DOM. - CVE-2014-3193: Type confusion in Session Management. - CVE-2014-3194: Use-after-free in Web Workers. - CVE-2014-3195: Information Leak in V8. - CVE-2014-3196: Permissions bypass in Windows Sandbox. - CVE-2014-3197: Information Leak in XSS Auditor. - CVE-2014-3198: Out-of-bounds read in PDFium. - CVE-2014-3199: Release Assert in V8 bindings. - CVE-2014-3200: Various fixes from internal audits, fuzzing and other initiatives (Chrome 38). * debian/rules: Prefer GCC 4.8 when compiling. 4.9 remains buggy. * Make the verification step in clean make more compare-able output. * debian/patches/configuration-directory.patch: Account for new location of policies directory in /etc . Change back. (LP: #1373802) * debian/patches/lp-translations-paths: Map old third_party filenames to new name after processor compiles. * debian/rules: Fix patch-translations rule, workflow. * debian/patches/macro-templates-not-match: Anonymous struct isn't sizable. * debian/chromium-browser.sh.in: Fix broken logic of CHROMIUM_USER_FLAGS, which has never worked. (LP: #1381644) * debian/patches/disable-sse: Disable more SSE #includes. * debian/rules: Omit unnecessary files from packaging. * debian/chromium-browser.sh.in: Fix variable name bug and suggest ~/.chromium-browser.init file over hamfisted CHROMIUM_USER_FLAGS. * debian/patches/5-desktop-integration-settings.patch: Adapt to new settings APIs. chromium-browser (37.0.2062.120-0ubuntu1) utopic; urgency=low * Upstream release 37.0.2062.120: - CVE-2014-3178: Use-after-free in rendering. Credit to miaubiz. - CVE-2014-3179: Various fixes from internal audits, fuzzing and other initiatives. * debian/rules: Simplify and rearrange. * debian/rules, debian/known_gyp_flags: Keep better track of known GYP flags, so we can fail when something changes unexpectedly. * debian/rules: Fix up patch-translations rule. chromium-browser (37.0.2062.94-0ubuntu1) utopic; urgency=low * Upstream release 37.0.2062.94. - CVE-2014-3165: Use-after-free in Blink websockets. - CVE-2014-3176, CVE-2014-3177: A combination of bugs in V8, IPC, sync, and extensions that can lead to remote code execution outside of the sandbox. - CVE-2014-3168: Use-after-free in SVG. - CVE-2014-3169: Use-after-free in DOM. - CVE-2014-3170: Extension permission dialog spoofing. - CVE-2014-3171: Use-after-free in bindings. - CVE-2014-3172: Issue related to extension debugging. - CVE-2014-3173: Uninitialized memory read in WebGL. - CVE-2014-3174: Uninitialized memory read in Web Audio. - CVE-2014-3175: Various fixes from internal audits, fuzzing and other initiatives. - CVE-2014-3176, CVE-2014-3177: Interaction of extensions, IPC, the sync API, and Google V8 to execute arbitrary code. * Fix a shell bug in the binary-wrapper that prevented USER flags from working properly. * debian/control: Suggests chromiumflashplugin . * debian/apport: Significant cleanup. * debian/rules: Disable SSE instructions on x86 to avoid SIGILL on some CPUs. (LP: #1353185) * debian/checkout-orig-source.mk: Don't include src/ prefix in orig tarball. * debian/patches/*: refresh line numbers. * debian/patches/search-credit.patch, debian/patches/additional-search-engines.patch: Track source files moved. * debian/patches/ffmpeg-gyp-config.patch, debian/patches/fix-gyp-space-in-object-filename-exception.patch, debian/patches/gyp-icu-m32-test: Disabled. No longer needs fixing. * debian/control: build-dep on openssl. * debian/patches/disable-sse2: Don't require SSE/SSE2 CPU features on x86. (LP: #1353185) * debian/rules: Use built-in PDF support. (LP: #513745, #1009902) -- Chad MILLER <email address hidden> Wed, 15 Oct 2014 14:22:55 -0400
Upload details
- Uploaded by:
- Chad Miller
- Uploaded to:
- Trusty
- Original maintainer:
- Ubuntu Developers
- Architectures:
- armhf armel i386 amd64 all
- Section:
- web
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
chromium-browser_38.0.2125.111.orig.tar.xz | 236.7 MiB | e6b43c86c0dff8451c532d7411546f973aa94d755fc2ce6574d8eabe55d35a1f |
chromium-browser_38.0.2125.111-0ubuntu0.14.04.1.1061.debian.tar.xz | 281.4 KiB | eb2480f62d2a167adb07917a17c2ee5a8d7dcf7ef86a6fe9e3c69c5068d668c3 |
chromium-browser_38.0.2125.111-0ubuntu0.14.04.1.1061.dsc | 2.6 KiB | 700aed68e4790de9814e190454669114085cea2364f3440591bfb37589827ca7 |
Available diffs
Binary packages built by this source
- chromium-browser: Chromium web browser, open-source version of Chrome
An open-source browser project that aims to build a safer, faster, and more
stable way for all Internet users to experience the web.
- chromium-browser-dbg: chromium-browser debug symbols
Debug symbols for the Chromium browser
- chromium-browser-l10n: chromium-browser language packages
An open-source browser project that aims to build a safer, faster, and more
stable way for all Internet users to experience the web.
.
This package contains language packages for 65 languages:
am, ar, ast, bg, bn, bs, ca, ca@valencia, cs, da, de, el, en-AU, en-GB, eo,
es-419, es, et, eu, fa, fil, fi, fr, gl, gu, he, hi, hr, hu, hy, ia, id, it,
ja, ka, kn, ko, ku, kw, lt, lv, ml, mr, ms, nb, nl, pl, pt-BR, pt-PT, ro, ru,
sk, sl, sr, sv, sw, ta, te, th, tr, ug, uk, vi, zh-CN, zh-TW
- chromium-chromedriver: WebDriver driver for the Chromium Browser
Chromedriver serves as a bridge between Chromium Browser and Selenium
WebDriver.
.
See https://sites. google. com/a/chromium. org/chromedrive r/ for details.
- chromium-chromedriver-dbg: chromium-chromedriver debug symbols
Debug symbols for the chromium-
chromedriver package.
- chromium-codecs-ffmpeg: Free ffmpeg codecs for the Chromium Browser
An open-source browser project that aims to build a safer, faster, and more
stable way for all Internet users to experience the web.
.
This package contains the multi-threaded ffmpeg codecs needed for the HTML5
<audio> and <video> tags. Only the free ogg, vorbis and theora codecs are
included. See chromium-codecs- ffmpeg- extra for additional codecs
- chromium-codecs-ffmpeg-dbg: chromium-codecs-ffmpeg debug symbols
Debug symbols for the free ffmpeg-mt codecs
- chromium-codecs-ffmpeg-extra: Extra ffmpeg codecs for the Chromium Browser
An open-source browser project that aims to build a safer, faster, and more
stable way for all Internet users to experience the web.
.
This package contains the multi-threaded ffmpeg codecs needed for the HTML5
<audio> and <video> tags. In addition to the patent-free ogg, vorbis and
theora codecs, aac/ac3/mpeg4audio/ h264/mov/ mp3 are also included. See
chromium-codecs- ffmpeg if you prefer only the patent-free codecs
- chromium-codecs-ffmpeg-extra-dbg: chromium-codecs-ffmpeg-extra debug symbols
Debug symbols for the extra ffmpeg-mt codecs